mirror of
https://gitlab.com/allianceauth/allianceauth.git
synced 2025-07-09 20:40:17 +02:00
a33c8c14ee
* Add service access permissions and migration `ENABLE_AUTH_<servicename> = True` will have the new permission applied to the settings configured `DEFAULT_AUTH_GROUP` group or `Member` if none is configured. `ENABLE_BLUE_<servicename> = True` will have the new permission applied to the settings configured `DEFAULT_BLUE_GROUP` group or `Blue` if none is configured. * Move views and hooks to permissions based access * Remove access restriction to services view Hypothetically non-member/blues could be granted permission to access services manually as desired now. A user that has no permissions to access any services will see a blank services list. * Remove obsolete service settings * Remove references to obsolete settings * Adjusted tests to support permissions based access * Fix incorrectly named permissions * Add simple get_services generator function * Added signals for user and groups perm changes * Update validate_services to support permissions deactivate_services removed as its surplus to requirements. * Removed state parameter from validate_services calls * Update tests to support signals changes * Fix incorrect call to validate_services task * Fix validate_services and test * Add validate_user to changed user groups signal * Added tests for new signals * Remove unnecessary post_add signals * Added documentation for service permissions * Added detection for members with service active If there are any service users in the Member or Blue groups active, then the permission will be added to the respective Member or Blue group. This means its no longer necessary to maintain the service enablesettings to migrate to permissions based service. Remove obsolete state based status checking
220 lines
8.5 KiB
Python
220 lines
8.5 KiB
Python
from __future__ import unicode_literals
|
|
|
|
try:
|
|
# Py3
|
|
from unittest import mock
|
|
except ImportError:
|
|
# Py2
|
|
import mock
|
|
|
|
from django.test import TestCase, RequestFactory
|
|
from django.conf import settings
|
|
from django import urls
|
|
from django.contrib.auth.models import User, Group, Permission
|
|
from django.core.exceptions import ObjectDoesNotExist
|
|
|
|
from alliance_auth.tests.auth_utils import AuthUtils
|
|
|
|
from .auth_hooks import SmfService
|
|
from .models import SmfUser
|
|
from .tasks import SmfTasks
|
|
|
|
MODULE_PATH = 'services.modules.smf'
|
|
|
|
|
|
def add_permissions():
|
|
permission = Permission.objects.get(codename='access_smf')
|
|
members = Group.objects.get(name=settings.DEFAULT_AUTH_GROUP)
|
|
blues = Group.objects.get(name=settings.DEFAULT_BLUE_GROUP)
|
|
AuthUtils.add_permissions_to_groups([permission], [members, blues])
|
|
|
|
|
|
class SmfHooksTestCase(TestCase):
|
|
def setUp(self):
|
|
self.member = 'member_user'
|
|
member = AuthUtils.create_member(self.member)
|
|
SmfUser.objects.create(user=member, username=self.member)
|
|
self.blue = 'blue_user'
|
|
blue = AuthUtils.create_blue(self.blue)
|
|
SmfUser.objects.create(user=blue, username=self.blue)
|
|
self.none_user = 'none_user'
|
|
none_user = AuthUtils.create_user(self.none_user)
|
|
self.service = SmfService
|
|
add_permissions()
|
|
|
|
def test_has_account(self):
|
|
member = User.objects.get(username=self.member)
|
|
blue = User.objects.get(username=self.blue)
|
|
none_user = User.objects.get(username=self.none_user)
|
|
self.assertTrue(SmfTasks.has_account(member))
|
|
self.assertTrue(SmfTasks.has_account(blue))
|
|
self.assertFalse(SmfTasks.has_account(none_user))
|
|
|
|
def test_service_enabled(self):
|
|
service = self.service()
|
|
member = User.objects.get(username=self.member)
|
|
blue = User.objects.get(username=self.blue)
|
|
none_user = User.objects.get(username=self.none_user)
|
|
|
|
self.assertTrue(service.service_active_for_user(member))
|
|
self.assertTrue(service.service_active_for_user(blue))
|
|
self.assertFalse(service.service_active_for_user(none_user))
|
|
|
|
@mock.patch(MODULE_PATH + '.tasks.SmfManager')
|
|
def test_update_all_groups(self, manager):
|
|
service = self.service()
|
|
service.update_all_groups()
|
|
# Check member and blue user have groups updated
|
|
self.assertTrue(manager.update_groups.called)
|
|
self.assertEqual(manager.update_groups.call_count, 2)
|
|
|
|
def test_update_groups(self):
|
|
# Check member has Member group updated
|
|
with mock.patch(MODULE_PATH + '.tasks.SmfManager') as manager:
|
|
service = self.service()
|
|
member = User.objects.get(username=self.member)
|
|
service.update_groups(member)
|
|
self.assertTrue(manager.update_groups.called)
|
|
args, kwargs = manager.update_groups.call_args
|
|
user_id, groups = args
|
|
self.assertIn(settings.DEFAULT_AUTH_GROUP, groups)
|
|
self.assertEqual(user_id, member.smf.username)
|
|
|
|
# Check none user does not have groups updated
|
|
with mock.patch(MODULE_PATH + '.tasks.SmfManager') as manager:
|
|
service = self.service()
|
|
none_user = User.objects.get(username=self.none_user)
|
|
service.update_groups(none_user)
|
|
self.assertFalse(manager.update_groups.called)
|
|
|
|
@mock.patch(MODULE_PATH + '.tasks.SmfManager')
|
|
def test_validate_user(self, manager):
|
|
service = self.service()
|
|
# Test member is not deleted
|
|
member = User.objects.get(username=self.member)
|
|
service.validate_user(member)
|
|
self.assertTrue(member.smf)
|
|
|
|
# Test none user is deleted
|
|
none_user = User.objects.get(username=self.none_user)
|
|
SmfUser.objects.create(user=none_user, username='abc123')
|
|
service.validate_user(none_user)
|
|
self.assertTrue(manager.disable_user.called)
|
|
with self.assertRaises(ObjectDoesNotExist):
|
|
none_smf = User.objects.get(username=self.none_user).smf
|
|
|
|
@mock.patch(MODULE_PATH + '.tasks.SmfManager')
|
|
def test_delete_user(self, manager):
|
|
member = User.objects.get(username=self.member)
|
|
|
|
service = self.service()
|
|
result = service.delete_user(member)
|
|
|
|
self.assertTrue(result)
|
|
self.assertTrue(manager.disable_user.called)
|
|
with self.assertRaises(ObjectDoesNotExist):
|
|
smf_user = User.objects.get(username=self.member).smf
|
|
|
|
def test_render_services_ctrl(self):
|
|
service = self.service()
|
|
member = User.objects.get(username=self.member)
|
|
request = RequestFactory().get('/en/services/')
|
|
request.user = member
|
|
|
|
response = service.render_services_ctrl(request)
|
|
self.assertTemplateUsed(service.service_ctrl_template)
|
|
self.assertIn(urls.reverse('auth_deactivate_smf'), response)
|
|
self.assertIn(urls.reverse('auth_reset_smf_password'), response)
|
|
self.assertIn(urls.reverse('auth_set_smf_password'), response)
|
|
|
|
# Test register becomes available
|
|
member.smf.delete()
|
|
member = User.objects.get(username=self.member)
|
|
request.user = member
|
|
response = service.render_services_ctrl(request)
|
|
self.assertIn(urls.reverse('auth_activate_smf'), response)
|
|
|
|
|
|
class SmfViewsTestCase(TestCase):
|
|
def setUp(self):
|
|
self.member = AuthUtils.create_member('auth_member')
|
|
self.member.set_password('password')
|
|
self.member.email = 'auth_member@example.com'
|
|
self.member.save()
|
|
AuthUtils.add_main_character(self.member, 'auth_member', '12345', corp_id='111', corp_name='Test Corporation')
|
|
add_permissions()
|
|
|
|
def login(self):
|
|
self.client.login(username=self.member.username, password='password')
|
|
|
|
@mock.patch(MODULE_PATH + '.tasks.SmfManager')
|
|
@mock.patch(MODULE_PATH + '.views.SmfManager')
|
|
def test_activate(self, manager, tasks_manager):
|
|
self.login()
|
|
expected_username = 'auth_member'
|
|
manager.add_user.return_value = (expected_username, 'abc123')
|
|
|
|
response = self.client.get(urls.reverse('auth_activate_smf'))
|
|
|
|
self.assertTrue(manager.add_user.called)
|
|
self.assertTrue(tasks_manager.update_groups.called)
|
|
self.assertEqual(response.status_code, 200)
|
|
self.assertTemplateUsed('registered/service_credentials.html')
|
|
self.assertContains(response, expected_username)
|
|
smf_user = SmfUser.objects.get(user=self.member)
|
|
self.assertEqual(smf_user.username, expected_username)
|
|
|
|
@mock.patch(MODULE_PATH + '.tasks.SmfManager')
|
|
def test_deactivate(self, manager):
|
|
self.login()
|
|
SmfUser.objects.create(user=self.member, username='some member')
|
|
|
|
response = self.client.get(urls.reverse('auth_deactivate_smf'))
|
|
|
|
self.assertTrue(manager.disable_user.called)
|
|
self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
|
|
with self.assertRaises(ObjectDoesNotExist):
|
|
smf_user = User.objects.get(pk=self.member.pk).smf
|
|
|
|
@mock.patch(MODULE_PATH + '.views.SmfManager')
|
|
def test_set_password(self, manager):
|
|
self.login()
|
|
SmfUser.objects.create(user=self.member, username='some member')
|
|
|
|
response = self.client.post(urls.reverse('auth_set_smf_password'), data={'password': '1234asdf'})
|
|
|
|
self.assertTrue(manager.update_user_password.called)
|
|
args, kwargs = manager.update_user_password.call_args
|
|
self.assertEqual(kwargs['password'], '1234asdf')
|
|
self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
|
|
|
|
@mock.patch(MODULE_PATH + '.views.SmfManager')
|
|
def test_reset_password(self, manager):
|
|
self.login()
|
|
SmfUser.objects.create(user=self.member, username='some member')
|
|
|
|
manager.update_user_password.return_value = 'hunter2'
|
|
|
|
response = self.client.get(urls.reverse('auth_reset_smf_password'))
|
|
|
|
self.assertTemplateUsed(response, 'registered/service_credentials.html')
|
|
self.assertContains(response, 'some member')
|
|
self.assertContains(response, 'hunter2')
|
|
|
|
|
|
class SmfManagerTestCase(TestCase):
|
|
def setUp(self):
|
|
from .manager import SmfManager
|
|
self.manager = SmfManager
|
|
|
|
def test_generate_random_password(self):
|
|
password = self.manager.generate_random_pass()
|
|
|
|
self.assertEqual(len(password), 16)
|
|
self.assertIsInstance(password, type(''))
|
|
|
|
def test_gen_hash(self):
|
|
pwhash = self.manager.gen_hash('username', 'test')
|
|
|
|
self.assertEqual(pwhash, 'b6d21d37de84db76746b1c45696a00f9ce4f86fd')
|