|
39
|
1 from trac.test import EnvironmentStub, Mock
|
|
|
2 from trac.web.auth import LoginModule
|
|
|
3 from trac.web.href import Href
|
|
|
4
|
|
|
5 from Cookie import SimpleCookie as Cookie
|
|
|
6 import unittest
|
|
|
7
|
|
|
8
|
|
|
9 class LoginModuleTestCase(unittest.TestCase):
|
|
|
10
|
|
|
11 def setUp(self):
|
|
|
12 self.env = EnvironmentStub()
|
|
|
13 self.db = self.env.get_db_cnx()
|
|
|
14 self.module = LoginModule(self.env)
|
|
|
15
|
|
|
16 def test_anonymous_access(self):
|
|
|
17 req = Mock(incookie=Cookie(), href=Href('/trac.cgi'),
|
|
|
18 remote_addr='127.0.0.1', remote_user=None)
|
|
|
19 self.assertEqual(None, self.module.authenticate(req))
|
|
|
20
|
|
|
21 def test_unknown_cookie_access(self):
|
|
|
22 incookie = Cookie()
|
|
|
23 incookie['trac_auth'] = '123'
|
|
|
24 req = Mock(cgi_location='/trac', href=Href('/trac.cgi'),
|
|
|
25 incookie=incookie, outcookie=Cookie(),
|
|
|
26 remote_addr='127.0.0.1', remote_user=None)
|
|
|
27 self.assertEqual(None, self.module.authenticate(req))
|
|
|
28
|
|
|
29 def test_known_cookie_access(self):
|
|
|
30 cursor = self.db.cursor()
|
|
|
31 cursor.execute("INSERT INTO auth_cookie (cookie, name, ipnr) "
|
|
|
32 "VALUES ('123', 'john', '127.0.0.1')")
|
|
|
33 incookie = Cookie()
|
|
|
34 incookie['trac_auth'] = '123'
|
|
|
35 outcookie = Cookie()
|
|
|
36 req = Mock(incookie=incookie, outcookie=outcookie,
|
|
|
37 href=Href('/trac.cgi'),
|
|
|
38 remote_addr='127.0.0.1', remote_user=None)
|
|
|
39 self.assertEqual('john', self.module.authenticate(req))
|
|
|
40 self.failIf('auth_cookie' in req.outcookie)
|
|
|
41
|
|
|
42 def test_known_cookie_different_ipnr_access(self):
|
|
|
43 cursor = self.db.cursor()
|
|
|
44 cursor.execute("INSERT INTO auth_cookie (cookie, name, ipnr) "
|
|
|
45 "VALUES ('123', 'john', '127.0.0.1')")
|
|
|
46 incookie = Cookie()
|
|
|
47 incookie['trac_auth'] = '123'
|
|
|
48 outcookie = Cookie()
|
|
|
49 req = Mock(cgi_location='/trac', href=Href('/trac.cgi'),
|
|
|
50 incookie=incookie, outcookie=outcookie,
|
|
|
51 remote_addr='192.168.0.100', remote_user=None)
|
|
|
52 self.assertEqual(None, self.module.authenticate(req))
|
|
|
53 self.failIf('trac_auth' not in req.outcookie)
|
|
|
54
|
|
|
55 def test_known_cookie_ip_check_disabled(self):
|
|
|
56 self.env.config.set('trac', 'check_auth_ip', 'no')
|
|
|
57 cursor = self.db.cursor()
|
|
|
58 cursor.execute("INSERT INTO auth_cookie (cookie, name, ipnr) "
|
|
|
59 "VALUES ('123', 'john', '127.0.0.1')")
|
|
|
60 incookie = Cookie()
|
|
|
61 incookie['trac_auth'] = '123'
|
|
|
62 outcookie = Cookie()
|
|
|
63 req = Mock(incookie=incookie, outcookie=outcookie,
|
|
|
64 href=Href('/trac.cgi'),
|
|
|
65 remote_addr='192.168.0.100', remote_user=None)
|
|
|
66 self.assertEqual('john', self.module.authenticate(req))
|
|
|
67 self.failIf('auth_cookie' in req.outcookie)
|
|
|
68
|
|
|
69 def test_login(self):
|
|
|
70 outcookie = Cookie()
|
|
|
71 # remote_user must be upper case to test that by default, case is
|
|
|
72 # preserved.
|
|
|
73 req = Mock(cgi_location='/trac', href=Href('/trac.cgi'),
|
|
|
74 incookie=Cookie(), outcookie=outcookie,
|
|
|
75 remote_addr='127.0.0.1', remote_user='john', authname='john')
|
|
|
76 self.module._do_login(req)
|
|
|
77
|
|
|
78 assert outcookie.has_key('trac_auth'), '"trac_auth" Cookie not set'
|
|
|
79 auth_cookie = outcookie['trac_auth'].value
|
|
|
80 cursor = self.db.cursor()
|
|
|
81 cursor.execute("SELECT name,ipnr FROM auth_cookie WHERE cookie=%s",
|
|
|
82 (auth_cookie,))
|
|
|
83 row = cursor.fetchone()
|
|
|
84 self.assertEquals('john', row[0])
|
|
|
85 self.assertEquals('127.0.0.1', row[1])
|
|
|
86
|
|
|
87 def test_login_ignore_case(self):
|
|
|
88 """
|
|
|
89 Test that login is succesful when the usernames differ in case, but case
|
|
|
90 is ignored.
|
|
|
91 """
|
|
|
92 self.env.config.set('trac', 'ignore_auth_case', 'yes')
|
|
|
93
|
|
|
94 outcookie = Cookie()
|
|
|
95 req = Mock(cgi_location='/trac', href=Href('/trac.cgi'),
|
|
|
96 incookie=Cookie(), outcookie=outcookie,
|
|
|
97 remote_addr='127.0.0.1', remote_user='John',
|
|
|
98 authname='anonymous')
|
|
|
99 self.module._do_login(req)
|
|
|
100
|
|
|
101 assert outcookie.has_key('trac_auth'), '"trac_auth" Cookie not set'
|
|
|
102 auth_cookie = outcookie['trac_auth'].value
|
|
|
103 cursor = self.db.cursor()
|
|
|
104 cursor.execute("SELECT name,ipnr FROM auth_cookie WHERE cookie=%s",
|
|
|
105 (auth_cookie,))
|
|
|
106 row = cursor.fetchone()
|
|
|
107 self.assertEquals('john', row[0])
|
|
|
108 self.assertEquals('127.0.0.1', row[1])
|
|
|
109
|
|
|
110 def test_login_no_username(self):
|
|
|
111 req = Mock(incookie=Cookie(), href=Href('/trac.cgi'),
|
|
|
112 remote_addr='127.0.0.1', remote_user=None)
|
|
|
113 self.assertRaises(AssertionError, self.module._do_login, req)
|
|
|
114
|
|
|
115 def test_already_logged_in_same_user(self):
|
|
|
116 cursor = self.db.cursor()
|
|
|
117 cursor.execute("INSERT INTO auth_cookie (cookie, name, ipnr) "
|
|
|
118 "VALUES ('123', 'john', '127.0.0.1')")
|
|
|
119 incookie = Cookie()
|
|
|
120 incookie['trac_auth'] = '123'
|
|
|
121 req = Mock(incookie=incookie, outcookie=Cookie(),
|
|
|
122 href=Href('/trac.cgi'),
|
|
|
123 remote_addr='127.0.0.1', remote_user='john', authname='john')
|
|
|
124 self.module._do_login(req) # this shouldn't raise an error
|
|
|
125
|
|
|
126 def test_already_logged_in_different_user(self):
|
|
|
127 cursor = self.db.cursor()
|
|
|
128 cursor.execute("INSERT INTO auth_cookie (cookie, name, ipnr) "
|
|
|
129 "VALUES ('123', 'john', '127.0.0.1')")
|
|
|
130 incookie = Cookie()
|
|
|
131 incookie['trac_auth'] = '123'
|
|
|
132 req = Mock(incookie=incookie, authname='john',
|
|
|
133 href=Href('/trac.cgi'),
|
|
|
134 remote_addr='127.0.0.1', remote_user='tom')
|
|
|
135 self.assertRaises(AssertionError, self.module._do_login, req)
|
|
|
136
|
|
|
137 def test_logout(self):
|
|
|
138 cursor = self.db.cursor()
|
|
|
139 cursor.execute("INSERT INTO auth_cookie (cookie, name, ipnr) "
|
|
|
140 "VALUES ('123', 'john', '127.0.0.1')")
|
|
|
141 incookie = Cookie()
|
|
|
142 incookie['trac_auth'] = '123'
|
|
|
143 outcookie = Cookie()
|
|
|
144 req = Mock(cgi_location='/trac', href=Href('/trac.cgi'),
|
|
|
145 incookie=incookie, outcookie=outcookie,
|
|
|
146 remote_addr='127.0.0.1', remote_user=None, authname='john')
|
|
|
147 self.module._do_logout(req)
|
|
|
148 self.failIf('trac_auth' not in outcookie)
|
|
|
149 cursor.execute("SELECT name,ipnr FROM auth_cookie WHERE name='john'")
|
|
|
150 self.failIf(cursor.fetchone())
|
|
|
151
|
|
|
152 def test_logout_not_logged_in(self):
|
|
|
153 req = Mock(cgi_location='/trac', href=Href('/trac.cgi'),
|
|
|
154 incookie=Cookie(), outcookie=Cookie(),
|
|
|
155 remote_addr='127.0.0.1', remote_user=None,
|
|
|
156 authname='anonymous')
|
|
|
157 self.module._do_logout(req) # this shouldn't raise an error
|
|
|
158
|
|
|
159
|
|
|
160 def suite():
|
|
|
161 return unittest.makeSuite(LoginModuleTestCase, 'test')
|
|
|
162
|
|
|
163 if __name__ == '__main__':
|
|
|
164 unittest.main()
|
