diff --git a/ietf/doc/tests.py b/ietf/doc/tests.py index a9b3ccbad..0ba892e1d 100644 --- a/ietf/doc/tests.py +++ b/ietf/doc/tests.py @@ -349,7 +349,7 @@ class AddCommentTestCase(TestCase): self.assertTrue(draft.name in outbox[-1]['Subject']) # Make sure we can also do it as IANA - self.client.login(remote_user="iana") + self.client.login(username="iana", password="iana+password") # normal get r = self.client.get(url) diff --git a/ietf/doc/tests_draft.py b/ietf/doc/tests_draft.py index a2d03e527..85f63cf8f 100644 --- a/ietf/doc/tests_draft.py +++ b/ietf/doc/tests_draft.py @@ -141,7 +141,7 @@ class ChangeStateTests(TestCase): draft = make_test_data() draft.set_state(State.objects.get(used=True, type="draft-iesg", slug="ad-eval")) - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") url = urlreverse('doc_change_state', kwargs=dict(name=draft.name)) mailbox_before = len(outbox) @@ -820,7 +820,7 @@ class IndividualInfoFormsTests(TestCase): url = urlreverse('doc_shepherd_writeup',kwargs=dict(name=self.docname)) # get as a shepherd - self.client.login(remote_user="plain") + self.client.login(username="plain", password="plain+password") r = self.client.get(url) self.assertEqual(r.status_code,200) @@ -874,14 +874,14 @@ class IndividualInfoFormsTests(TestCase): class SubmitToIesgTests(TestCase): def verify_permissions(self): - def verify_fail(remote_user): - if remote_user: - self.client.login(remote_user=remote_user) + def verify_fail(username): + if username: + self.client.login(username=username, password=username+"+password") r = self.client.get(url) self.assertEqual(r.status_code,404) - def verify_can_see(remote_user): - self.client.login(remote_user=remote_user) + def verify_can_see(username): + self.client.login(username=username, password=username+"+password") r = self.client.get(url) self.assertEqual(r.status_code,200) q = PyQuery(r.content) @@ -897,7 +897,7 @@ class SubmitToIesgTests(TestCase): def cancel_submission(self): url = urlreverse('doc_to_iesg', kwargs=dict(name=self.docname)) - self.client.login(remote_user='marschairman') + self.client.login(username="marschairman", password="marschairman+password") r = self.client.post(url, dict(cancel="1")) self.assertEqual(r.status_code, 302) @@ -907,7 +907,7 @@ class SubmitToIesgTests(TestCase): def confirm_submission(self): url = urlreverse('doc_to_iesg', kwargs=dict(name=self.docname)) - self.client.login(remote_user='marschairman') + self.client.login(username="marschairman", password="marschairman+password") docevent_count_pre = self.doc.docevent_set.count() mailbox_before = len(outbox) diff --git a/ietf/iesg/tests.py b/ietf/iesg/tests.py index ea7544999..be64c6553 100644 --- a/ietf/iesg/tests.py +++ b/ietf/iesg/tests.py @@ -410,7 +410,7 @@ class RescheduleOnAgendaTests(TestCase): url = urlreverse('ietf.iesg.views.agenda_documents') - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") # normal get r = self.client.get(url) diff --git a/ietf/ietfauth/tests.py b/ietf/ietfauth/tests.py index 683238909..15c212458 100644 --- a/ietf/ietfauth/tests.py +++ b/ietf/ietfauth/tests.py @@ -44,25 +44,34 @@ class IetfAuthTests(TestCase): def test_login(self): make_test_data() - # try logging in with a next - r = self.client.get('/accounts/login/?next=/foobar', REMOTE_USER="plain") - self.assertEqual(r.status_code, 302) - self.assertEqual(urlsplit(r["Location"])[2], "/accounts/loggedin/") + # try logging in without a next + r = self.client.get('/accounts/login/') + self.assertEqual(r.status_code, 200) - r = self.client.get('/accounts/loggedin/?next=/foobar', REMOTE_USER="plain") - self.assertEqual(r.status_code, 302) - self.assertEqual(urlsplit(r["Location"])[2], "/foobar") - - # try again without a next - r = self.client.get('/accounts/login/', REMOTE_USER="plain") - r = self.client.get('/accounts/loggedin/', REMOTE_USER="plain") + r = self.client.post('/accounts/login/', {"username":"plain", "password":"plain+password"}) self.assertEqual(r.status_code, 302) self.assertEqual(urlsplit(r["Location"])[2], "/accounts/profile/") + # try logging out + r = self.client.get('/accounts/logout/') + self.assertEqual(r.status_code, 200) + + r = self.client.get('/accounts/profile/') + self.assertEqual(r.status_code, 302) + self.assertEqual(urlsplit(r["Location"])[2], "/accounts/login/") + + # try logging in with a next + r = self.client.post('/accounts/login/?next=/foobar', {"username":"plain", "password":"plain+password"}) + self.assertEqual(r.status_code, 302) + self.assertEqual(urlsplit(r["Location"])[2], "/foobar") + + def test_profile(self): + make_test_data() + url = urlreverse('ietf.ietfauth.views.profile') login_testing_unauthorized(self, "plain", url) - + # get r = self.client.get(url) self.assertEqual(r.status_code, 200) diff --git a/ietf/ietfauth/urls.py b/ietf/ietfauth/urls.py index 6fd020807..cbbe6c1f4 100644 --- a/ietf/ietfauth/urls.py +++ b/ietf/ietfauth/urls.py @@ -1,11 +1,15 @@ # Copyright The IETF Trust 2007, 2009, All Rights Reserved from django.conf.urls import patterns, url +from django.contrib.auth.views import login, logout urlpatterns = patterns('ietf.ietfauth.views', url(r'^$', 'index', name='account_index'), - url(r'^login/$', 'ietf_login'), - url(r'^loggedin/$', 'ietf_loggedin'), +# url(r'^login/$', 'ietf_login'), + url(r'^login/$', login), + url(r'^logout/$', logout), +# url(r'^loggedin/$', 'ietf_loggedin'), +# url(r'^loggedout/$', 'logged_out'), url(r'^profile/$', 'profile'), # (r'^login/(?P[a-z0-9.@]+)/(?P.+)$', 'url_login'), url(r'^testemail/$', 'test_email'), diff --git a/ietf/ietfauth/views.py b/ietf/ietfauth/views.py index 69805b73f..e656cc8c3 100644 --- a/ietf/ietfauth/views.py +++ b/ietf/ietfauth/views.py @@ -63,6 +63,7 @@ def url_login(request, user, passwd): return HttpResponseRedirect('/accounts/loggedin/?%s=%s' % (REDIRECT_FIELD_NAME, urlquote(redirect_to))) return HttpResponse("Not authenticated?", status=500) +@login_required def ietf_login(request): if not request.user.is_authenticated(): return HttpResponse("Not authenticated?", status=500) @@ -258,4 +259,3 @@ def test_email(request): r.set_cookie("testmailcc", cookie) return r - diff --git a/ietf/liaisons/tests.py b/ietf/liaisons/tests.py index a447dd14d..274b2d559 100644 --- a/ietf/liaisons/tests.py +++ b/ietf/liaisons/tests.py @@ -158,7 +158,7 @@ class LiaisonManagementTests(TestCase): self.assertEqual(len(q('form input[name=do_action_taken]')), 0) # log in and get - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.get(url) self.assertEqual(r.status_code, 200) diff --git a/ietf/meeting/tests_api.py b/ietf/meeting/tests_api.py index 4706f19e6..8fae59093 100644 --- a/ietf/meeting/tests_api.py +++ b/ietf/meeting/tests_api.py @@ -44,7 +44,7 @@ class ApiTests(TestCase): self.assertEqual(ScheduledSession.objects.get(pk=mars_scheduled.pk).session, session) # faulty post - logged in as non-owner - self.client.login(remote_user="ad") + self.client.login(username="ad", password="ad+password") r = do_post(to=ames_scheduled) self.assertEqual(r.status_code, 200) self.assertTrue("error" in json.loads(r.content)) @@ -58,7 +58,7 @@ class ApiTests(TestCase): test_schedule.save() # move to ames - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = do_post(to=ames_scheduled) self.assertEqual(r.status_code, 200) self.assertTrue("error" not in json.loads(r.content)) @@ -67,7 +67,7 @@ class ApiTests(TestCase): self.assertEqual(ScheduledSession.objects.get(pk=ames_scheduled.pk).session, session) # unschedule - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = do_post(to=None) self.assertEqual(r.status_code, 200) self.assertTrue("error" not in json.loads(r.content)) @@ -121,7 +121,7 @@ class ApiTests(TestCase): self.assertTrue(not meeting.room_set.filter(name="new room")) # create room - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.post(url, post_data) self.assertTrue(meeting.room_set.filter(name="new room")) @@ -141,7 +141,7 @@ class ApiTests(TestCase): self.assertTrue(meeting.room_set.filter(pk=room.pk)) # delete - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.delete(url) self.assertTrue(not meeting.room_set.filter(pk=room.pk)) self.assertTrue(not TimeSlot.objects.filter(pk__in=timeslots_before)) @@ -189,12 +189,12 @@ class ApiTests(TestCase): } # unauthorized post - self.client.login(remote_user="ad") + self.client.login(username="ad", password="ad+password") r = self.client.post(url, post_data) self.assertEqual(r.status_code, 403) # create room - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.post(url, post_data) self.assertEqual(r.status_code, 302) self.assertTrue(meeting.timeslot_set.filter(time=slot_time)) @@ -207,12 +207,12 @@ class ApiTests(TestCase): kwargs=dict(num=meeting.number, slotid=slot.pk)) # unauthorized delete - self.client.login(remote_user="ad") + self.client.login(username="ad", password="ad+password") r = self.client.delete(url) self.assertEqual(r.status_code, 403) # delete - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") self.client.delete(url) self.assertTrue(not meeting.timeslot_set.filter(pk=slot.pk)) @@ -236,13 +236,13 @@ class ApiTests(TestCase): } # unauthorized post - self.client.login(remote_user="plain") + self.client.login(username="plain", password="plain+password") r = self.client.post(url, post_data) self.assertEqual(r.status_code, 403) self.assertTrue(not meeting.schedule_set.filter(name='new-agenda')) # create new agenda - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.post(url, post_data) self.assertEqual(r.status_code, 302) self.assertTrue(meeting.schedule_set.filter(name='new-agenda')) @@ -262,12 +262,12 @@ class ApiTests(TestCase): } # unauthorized post - self.client.login(remote_user="plain") + self.client.login(username="plain", password="plain+password") r = self.client.post(url, post_data) self.assertEqual(r.status_code, 403) # change agenda - self.client.login(remote_user="ad") + self.client.login(username="ad", password="ad+password") r = self.client.post(url, post_data) self.assertEqual(r.status_code, 302) changed_schedule = Schedule.objects.get(pk=meeting.agenda.pk) @@ -281,12 +281,12 @@ class ApiTests(TestCase): kwargs=dict(num=meeting.number, schedule_name=meeting.agenda.name)) # unauthorized delete - self.client.login(remote_user="plain") + self.client.login(username="plain", password="plain+password") r = self.client.delete(url) self.assertEqual(r.status_code, 403) # delete - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.delete(url) self.assertEqual(r.status_code, 200) self.assertTrue(not Schedule.objects.filter(pk=meeting.agenda.pk)) @@ -301,12 +301,12 @@ class ApiTests(TestCase): "agenda": "", } # unauthorized post - self.client.login(remote_user="ad") + self.client.login(username="ad", password="ad+password") r = self.client.post(url, post_data) self.assertEqual(r.status_code, 403) # clear - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.post(url, post_data) self.assertEqual(r.status_code, 200) self.assertTrue(not Meeting.objects.get(pk=meeting.pk).agenda) @@ -340,7 +340,7 @@ class ApiTests(TestCase): })} # Secretariat - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.post('/dajaxice/ietf.meeting.readonly/', data) self.assertEqual(r.status_code, 200) @@ -351,7 +351,8 @@ class ApiTests(TestCase): self.assertEqual(info['write_perm'], True) # owner - self.client.login(remote_user=meeting.agenda.owner.user.username) + self.client.login(username=meeting.agenda.owner.user.username, + password=meeting.agenda.owner.user.username+"+password") r = self.client.post('/dajaxice/ietf.meeting.readonly/', data) self.assertEqual(r.status_code, 200) @@ -383,7 +384,7 @@ class ApiTests(TestCase): # set pinned meeting.agenda.owner = Person.objects.get(user__username="secretary") meeting.agenda.save() - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.post(url, post_data) self.assertEqual(r.status_code, 200) self.assertTrue(ScheduledSession.objects.get(pk=scheduled.pk).pinned) diff --git a/ietf/meeting/tests_views.py b/ietf/meeting/tests_views.py index 582a6f5d2..aea59c33c 100644 --- a/ietf/meeting/tests_views.py +++ b/ietf/meeting/tests_views.py @@ -154,7 +154,7 @@ class EditTests(TestCase): def test_edit_agenda(self): meeting = make_meeting_test_data() - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.get(urlreverse("ietf.meeting.views.edit_agenda", kwargs=dict(num=meeting.number))) self.assertEqual(r.status_code, 200) self.assertTrue("session_obj" in r.content) @@ -164,7 +164,7 @@ class EditTests(TestCase): url = urlreverse("ietf.meeting.views.edit_agenda", kwargs=dict(num=meeting.number)) # save as - self.client.login(remote_user="ad") + self.client.login(username="ad", password="ad+password") r = self.client.post(url, { 'savename': "foo", 'saveas': "saveas", @@ -196,14 +196,14 @@ class EditTests(TestCase): schedule.visible = False schedule.public = False schedule.save() - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.get(url) self.assertEqual(r.status_code, 200) def test_edit_timeslots(self): meeting = make_meeting_test_data() - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.get(urlreverse("ietf.meeting.views.edit_timeslots", kwargs=dict(num=meeting.number))) self.assertEqual(r.status_code, 200) self.assertTrue(meeting.room_set.all().first().name in r.content) diff --git a/ietf/nomcom/test_data.py b/ietf/nomcom/test_data.py index 321df73ad..20397c00b 100644 --- a/ietf/nomcom/test_data.py +++ b/ietf/nomcom/test_data.py @@ -113,7 +113,10 @@ def nomcom_test_data(): create_person(group, "member", username=MEMBER_USER) # nominee - u, _ = User.objects.get_or_create(username=COMMUNITY_USER) + u, created = User.objects.get_or_create(username=COMMUNITY_USER) + if created: + u.set_password(COMMUNITY_USER+"+password") + u.save() plainman, _ = Person.objects.get_or_create(name="Plain Man", ascii="Plain Man", user=u) email, _ = Email.objects.get_or_create(address="plain@example.com", person=plainman) nominee, _ = Nominee.objects.get_or_create(email=email, nomcom=nomcom) diff --git a/ietf/nomcom/tests.py b/ietf/nomcom/tests.py index 562f49730..f18cf57bf 100644 --- a/ietf/nomcom/tests.py +++ b/ietf/nomcom/tests.py @@ -305,15 +305,17 @@ class NomcomViewsTest(TestCase): self.change_members([CHAIR_USER, COMMUNITY_USER]) # check member actions - self.client.login(remote_user=COMMUNITY_USER) + self.client.login(username=COMMUNITY_USER,password=COMMUNITY_USER+"+password") self.check_url_status(self.private_index_url, 200) + self.client.logout() # revert edit nomcom members login_testing_unauthorized(self, CHAIR_USER, self.edit_members_url) self.change_members([CHAIR_USER]) - self.client.login(remote_user=COMMUNITY_USER) - self.check_url_status(self.private_index_url, 403) + self.client.logout() + self.client.login(username=COMMUNITY_USER,password=COMMUNITY_USER+"+password") + self.check_url_status(self.private_index_url, 403) self.client.logout() def change_chair(self, user): @@ -333,9 +335,10 @@ class NomcomViewsTest(TestCase): self.change_chair(COMMUNITY_USER) # check chair actions - self.client.login(remote_user=COMMUNITY_USER) + self.client.login(username=COMMUNITY_USER,password=COMMUNITY_USER+"+password") self.check_url_status(self.edit_members_url, 200) self.check_url_status(self.edit_nomcom_url, 200) + self.client.logout() # revert edit nomcom chair login_testing_unauthorized(self, SECRETARIAT_USER, self.edit_chair_url) diff --git a/ietf/secr/announcement/tests.py b/ietf/secr/announcement/tests.py index adc032f11..7eafc86c8 100644 --- a/ietf/secr/announcement/tests.py +++ b/ietf/secr/announcement/tests.py @@ -18,7 +18,8 @@ class MainTestCase(TestCase): "Main Test" make_test_data() url = reverse('announcement') - r = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + r = self.client.get(url) self.assertEqual(r.status_code, 200) class DummyCase(TestCase): @@ -30,7 +31,8 @@ class UnauthorizedCase(TestCase): make_test_data() url = reverse('announcement') person = Person.objects.filter(role__group__acronym='mars')[0] - r = self.client.get(url,REMOTE_USER=person.user) + self.client.login(username=person.user.username, password=person.user.username+"+password") + r = self.client.get(url) self.assertEqual(r.status_code, 403) class SubmitCase(TestCase): @@ -39,8 +41,9 @@ class SubmitCase(TestCase): make_test_data() url = reverse('announcement') post_data = {'id_subject':''} - #self.client.login(remote_user='rcross') - r = self.client.post(url,post_data, REMOTE_USER=SECR_USER) + #self.client.login(username='rcross', password='rcross+password") + self.client.login(username="secretary", password="secretary+password") + r = self.client.post(url,post_data) self.assertEqual(r.status_code, 200) q = PyQuery(r.content) self.assertTrue(len(q('form ul.errorlist')) > 0) @@ -56,7 +59,8 @@ class SubmitCase(TestCase): 'frm':'IETF Secretariat <ietf-secretariat@ietf.org>', 'subject':'Test Subject', 'body':'This is a test.'} - r = self.client.post(url,post_data,follow=True, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + r = self.client.post(url,post_data,follow=True) self.assertRedirects(r, redirect) # good enough if we get to confirm page #self.assertEqual(len(outbox), 1) diff --git a/ietf/secr/areas/tests.py b/ietf/secr/areas/tests.py index e1fcdc300..d9b64ea9f 100644 --- a/ietf/secr/areas/tests.py +++ b/ietf/secr/areas/tests.py @@ -20,7 +20,8 @@ class MainTestCase(TestCase): "Main Test" make_test_data() url = reverse('areas') - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) def test_view(self): @@ -29,5 +30,6 @@ class MainTestCase(TestCase): augment_data() areas = Group.objects.filter(type='area',state='active') url = reverse('areas_view', kwargs={'name':areas[0].acronym}) - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) diff --git a/ietf/secr/drafts/tests.py b/ietf/secr/drafts/tests.py index 69d393c1a..6fbcaeb50 100644 --- a/ietf/secr/drafts/tests.py +++ b/ietf/secr/drafts/tests.py @@ -12,7 +12,8 @@ class MainTestCase(TestCase): "Main Test" make_test_data() url = reverse('drafts') - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) def test_view(self): @@ -20,5 +21,6 @@ class MainTestCase(TestCase): make_test_data() drafts = Document.objects.filter(type='draft') url = reverse('drafts_view', kwargs={'id':drafts[0].name}) - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) diff --git a/ietf/secr/groups/tests.py b/ietf/secr/groups/tests.py index 2974e3da4..c7849428b 100644 --- a/ietf/secr/groups/tests.py +++ b/ietf/secr/groups/tests.py @@ -5,8 +5,6 @@ from ietf.person.models import Person from ietf.utils.test_data import make_test_data import debug # pyflakes:ignore -SECR_USER='secretary' - class GroupsTest(TestCase): # ------- Test Search -------- # def test_search(self): @@ -15,7 +13,8 @@ class GroupsTest(TestCase): group = Group.objects.all()[0] url = reverse('groups_search') post_data = {'group_acronym':group.acronym,'submit':'Search'} - response = self.client.post(url,post_data,follow=True, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.post(url,post_data,follow=True) #assert False, response.content self.assertEqual(response.status_code, 200) self.failUnless(group.acronym in response.content) @@ -25,7 +24,8 @@ class GroupsTest(TestCase): url = reverse('groups_search') target = reverse('groups_add') post_data = {'submit':'Add'} - response = self.client.post(url,post_data,follow=True, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.post(url,post_data,follow=True) self.assertRedirects(response, target) def test_add_group_invalid(self): @@ -35,7 +35,8 @@ class GroupsTest(TestCase): 'awp-TOTAL_FORMS':'2', 'awp-INITIAL_FORMS':'0', 'submit':'Save'} - response = self.client.post(url,post_data, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.post(url,post_data) self.assertEqual(response.status_code, 200) self.failUnless('This field is required' in response.content) @@ -52,7 +53,8 @@ class GroupsTest(TestCase): 'awp-TOTAL_FORMS':'2', 'awp-INITIAL_FORMS':'0', 'submit':'Save'} - response = self.client.post(url,post_data, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.post(url,post_data) #print response.content self.assertEqual(response.status_code, 200) self.failUnless('Group with this Acronym already exists' in response.content) @@ -69,7 +71,8 @@ class GroupsTest(TestCase): 'awp-TOTAL_FORMS':'2', 'awp-INITIAL_FORMS':'0', 'submit':'Save'} - response = self.client.post(url,post_data, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.post(url,post_data) self.assertEqual(response.status_code, 200) # ------- Test View -------- # @@ -77,7 +80,8 @@ class GroupsTest(TestCase): make_test_data() group = Group.objects.all()[0] url = reverse('groups_view', kwargs={'acronym':group.acronym}) - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) # ------- Test Edit -------- # @@ -97,7 +101,8 @@ class GroupsTest(TestCase): 'groupurl_set-TOTAL_FORMS':'2', 'groupurl_set-INITIAL_FORMS':'0', 'submit':'Save'} - response = self.client.post(url,post_data,follow=True, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.post(url,post_data,follow=True) self.assertRedirects(response, target) self.failUnless('changed successfully' in response.content) @@ -108,7 +113,8 @@ class GroupsTest(TestCase): role = group.role_set.all()[0] url = reverse('groups_delete_role', kwargs={'acronym':group.acronym,'id':role.id}) target = reverse('groups_people', kwargs={'acronym':group.acronym}) - response = self.client.get(url,follow=True, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url,follow=True) self.assertRedirects(response, target) self.failUnless('deleted successfully' in response.content) @@ -121,6 +127,7 @@ class GroupsTest(TestCase): 'person':'Joe Smith - (%s)' % person.id, 'email':person.email_set.all()[0].address, 'submit':'Add'} - response = self.client.post(url,post_data,follow=True, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.post(url,post_data,follow=True) self.assertRedirects(response, url) self.failUnless('added successfully' in response.content) diff --git a/ietf/secr/ipradmin/tests.py b/ietf/secr/ipradmin/tests.py index d9db3e7b4..7d541b291 100644 --- a/ietf/secr/ipradmin/tests.py +++ b/ietf/secr/ipradmin/tests.py @@ -11,7 +11,8 @@ class MainTestCase(TestCase): "Main Test" make_test_data() url = reverse('ipradmin') - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 301) """ def test_view(self): @@ -19,6 +20,7 @@ class MainTestCase(TestCase): draft = make_test_data() drafts = Document.objects.filter(type='draft') url = reverse('drafts_view', kwargs={'id':drafts[0].name}) - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) """ diff --git a/ietf/secr/meetings/tests.py b/ietf/secr/meetings/tests.py index b381add98..20124d96e 100644 --- a/ietf/secr/meetings/tests.py +++ b/ietf/secr/meetings/tests.py @@ -11,7 +11,8 @@ class MainTestCase(TestCase): def test_main(self): "Main Test" url = reverse('meetings') - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) def test_view(self): @@ -19,5 +20,6 @@ class MainTestCase(TestCase): make_test_data() meeting = Meeting.objects.all()[0] url = reverse('meetings_view', kwargs={'meeting_id':meeting.number}) - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) diff --git a/ietf/secr/proceedings/tests.py b/ietf/secr/proceedings/tests.py index 55ee27e06..ea8abf73c 100644 --- a/ietf/secr/proceedings/tests.py +++ b/ietf/secr/proceedings/tests.py @@ -14,7 +14,8 @@ class MainTestCase(TestCase): "Main Test" make_test_data() url = reverse('proceedings') - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) def test_view(self): @@ -22,5 +23,6 @@ class MainTestCase(TestCase): make_test_data() meeting = Meeting.objects.all()[0] url = reverse('meetings_view', kwargs={'meeting_id':meeting.number}) - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) diff --git a/ietf/secr/roles/tests.py b/ietf/secr/roles/tests.py index ac2f411eb..698da7d5e 100644 --- a/ietf/secr/roles/tests.py +++ b/ietf/secr/roles/tests.py @@ -18,7 +18,8 @@ class MainTestCase(TestCase): "Main Test" augment_data() url = reverse('roles') - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) def test_roles_delete(self): @@ -28,7 +29,8 @@ class MainTestCase(TestCase): role = group.role_set.all()[0] url = reverse('roles_delete_role', kwargs={'acronym':group.acronym,'id':role.id}) target = reverse('roles') + '?group=%s' % group.acronym - response = self.client.get(url,follow=True, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url,follow=True) self.assertRedirects(response, target) self.failUnless('deleted successfully' in response.content) @@ -44,7 +46,8 @@ class MainTestCase(TestCase): 'person':'Joe Smith - (%s)' % person.id, 'email':person.email_set.all()[0].address, 'submit':'Add'} - response = self.client.post(url,post_data,follow=True, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.post(url,post_data,follow=True) self.assertRedirects(response, target) self.failUnless('added successfully' in response.content) diff --git a/ietf/secr/rolodex/tests.py b/ietf/secr/rolodex/tests.py index a27e38db1..ea84a6ad7 100644 --- a/ietf/secr/rolodex/tests.py +++ b/ietf/secr/rolodex/tests.py @@ -11,7 +11,8 @@ class MainTestCase(TestCase): def test_main(self): "Main Test" url = reverse('rolodex') - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) def test_view(self): @@ -19,7 +20,8 @@ class MainTestCase(TestCase): make_test_data() person = Person.objects.all()[0] url = reverse('rolodex_view', kwargs={'id':person.id}) - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) diff --git a/ietf/secr/sreq/tests.py b/ietf/secr/sreq/tests.py index 21278fdc9..dedd48de7 100644 --- a/ietf/secr/sreq/tests.py +++ b/ietf/secr/sreq/tests.py @@ -12,20 +12,23 @@ class SreqUrlTests(TestCase): def test_urls(self): draft = make_test_data() - r = self.client.get("/secr/",REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + + r = self.client.get("/secr/") self.assertEqual(r.status_code, 200) - r = self.client.get("/secr/sreq/",REMOTE_USER=SECR_USER) + r = self.client.get("/secr/sreq/") self.assertEqual(r.status_code, 200) - r = self.client.get("/secr/sreq/%s/new/" % draft.group.acronym, REMOTE_USER=SECR_USER) + r = self.client.get("/secr/sreq/%s/new/" % draft.group.acronym) self.assertEqual(r.status_code, 200) class MainTestCase(TestCase): def test_main(self): make_test_data() url = reverse('sessions') - r = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + r = self.client.get(url) self.assertEqual(r.status_code, 200) sched = r.context['scheduled_groups'] unsched = r.context['unscheduled_groups'] @@ -42,8 +45,8 @@ class SubmitRequestCase(TestCase): 'id_attendees':'10', 'id_conflict1':'', 'id_comments':'need projector'} - self.client.login(REMOTE_USER=SECR_USER) - r = self.client.post(url,post_data,REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + r = self.client.post(url,post_data) self.assertEqual(r.status_code, 200) """ #assert False, self.client.session..__dict__ diff --git a/ietf/secr/telechat/tests.py b/ietf/secr/telechat/tests.py index e72e8b21c..38784a353 100644 --- a/ietf/secr/telechat/tests.py +++ b/ietf/secr/telechat/tests.py @@ -16,7 +16,8 @@ class MainTestCase(TestCase): "Main Test" augment_data() url = reverse('telechat') - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) def test_doc(self): @@ -25,6 +26,7 @@ class MainTestCase(TestCase): d = TelechatDate.objects.all()[0] date = d.date.strftime('%Y-%m-%d') url = reverse('telechat_doc', kwargs={'date':date}) - response = self.client.get(url, REMOTE_USER=SECR_USER) + self.client.login(username="secretary", password="secretary+password") + response = self.client.get(url) self.assertEqual(response.status_code, 200) diff --git a/ietf/secr/templates/base_site.html b/ietf/secr/templates/base_site.html index d3ca28f7e..6564bc8e9 100644 --- a/ietf/secr/templates/base_site.html +++ b/ietf/secr/templates/base_site.html @@ -11,7 +11,7 @@
- + diff --git a/ietf/settings.py b/ietf/settings.py index 7d17ddeeb..8f6240931 100644 --- a/ietf/settings.py +++ b/ietf/settings.py @@ -96,7 +96,7 @@ WSGI_APPLICATION = "ietf.wsgi.application" DAJAXICE_MEDIA_PREFIX = "dajaxice" -AUTHENTICATION_BACKENDS = ( 'django.contrib.auth.backends.RemoteUserBackend', ) +AUTHENTICATION_BACKENDS = ( 'django.contrib.auth.backends.ModelBackend', ) #DATABASE_ROUTERS = ["ietf.legacy_router.LegacyRouter"] @@ -142,14 +142,12 @@ MIDDLEWARE_CLASSES = ( 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'ietf.middleware.FillInRemoteUserIfLoggedInMiddleware', - 'django.contrib.auth.middleware.RemoteUserMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.http.ConditionalGetMiddleware', 'ietf.middleware.SQLLogMiddleware', 'ietf.middleware.SMTPExceptionMiddleware', 'ietf.middleware.RedirectTrailingPeriod', 'django.middleware.clickjacking.XFrameOptionsMiddleware', - 'django.middleware.transaction.TransactionMiddleware', 'ietf.middleware.UnicodeNfkcNormalization', 'ietf.secr.middleware.secauth.SecAuthMiddleware' ) diff --git a/ietf/submit/tests.py b/ietf/submit/tests.py index 63207e137..222a976f8 100644 --- a/ietf/submit/tests.py +++ b/ietf/submit/tests.py @@ -137,7 +137,7 @@ class SubmitTests(TestCase): self.assertTrue(name in outbox[-1]["Subject"]) # as chair of WG, we should see approval button - self.client.login(remote_user="marschairman") + self.client.login(username="marschairman", password="marschairman+password") r = self.client.get(status_url) self.assertEqual(r.status_code, 200) @@ -436,7 +436,7 @@ class SubmitTests(TestCase): self.assertTrue(name in outbox[-1]["Subject"]) # as Secretariat, we should see the force post button - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.get(status_url) self.assertEqual(r.status_code, 200) @@ -482,7 +482,7 @@ class SubmitTests(TestCase): self.assertEqual(len(adjust_button), 0) # as Secretariat, we should get edit button - self.client.login(remote_user="secretary") + self.client.login(username="secretary", password="secretary+password") r = self.client.get(unprivileged_status_url) q = PyQuery(r.content) adjust_button = q('input[type=submit][value*="Adjust"]') @@ -607,7 +607,7 @@ class ApprovalsTestCase(TestCase): make_test_data() url = urlreverse('submit_approvals') - self.client.login(remote_user="marschairman") + self.client.login(username="marschairman", password="marschairman+password") Preapproval.objects.create(name="draft-ietf-mars-foo", by=Person.objects.get(user__username="marschairman")) Preapproval.objects.create(name="draft-ietf-mars-baz", by=Person.objects.get(user__username="marschairman")) diff --git a/ietf/templates/base.html b/ietf/templates/base.html index f9025f31f..5ac5ac695 100644 --- a/ietf/templates/base.html +++ b/ietf/templates/base.html @@ -58,11 +58,17 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. {% if user %} -
{% if user.is_authenticated %} -{{ user }} -{% else %} -Sign In -{% endif %}
+
+ {% if request.get_full_path == "/accounts/logout/" %} + + {% else %} + {% if user.is_authenticated %} + {{ user }} | + {% else %} + + {% endif %} + {% endif %} +
{% endif %} {% block start_content_table %} diff --git a/ietf/templates/registration/change_password.html b/ietf/templates/registration/change_password.html index 736bd01f6..10fa5bd73 100644 --- a/ietf/templates/registration/change_password.html +++ b/ietf/templates/registration/change_password.html @@ -7,7 +7,7 @@

Change password

{% if success %}

Your password has been updated.

-

Now you can sign in

+

Now you can sign in

{% else %}

Hello, you can select a new password below for your user {{ username }}.

{% csrf_token %} diff --git a/ietf/templates/registration/confirm.html b/ietf/templates/registration/confirm.html index 70045d5f3..57a094587 100644 --- a/ietf/templates/registration/confirm.html +++ b/ietf/templates/registration/confirm.html @@ -7,7 +7,7 @@

Confirm account creation

{% if success %}

Your account with login name '{{ email }}' has been created, using the password you have selected.

-

Now you can sign in

+

Now you can sign in

{% else %}

In order to complete the setup of your account with login name '{{ email }}', please set a password:

{% csrf_token %} diff --git a/ietf/templates/registration/logged_out.html b/ietf/templates/registration/logged_out.html new file mode 100644 index 000000000..7dc2f82ea --- /dev/null +++ b/ietf/templates/registration/logged_out.html @@ -0,0 +1,11 @@ +{% extends "registration/base.html" %} + +{% block title %}Signed Out{% endblock %} + +{% block content %} +
+
+

You have been signed out

+
+
+{% endblock %} diff --git a/ietf/templates/registration/login.html b/ietf/templates/registration/login.html new file mode 100644 index 000000000..bfeb01603 --- /dev/null +++ b/ietf/templates/registration/login.html @@ -0,0 +1,19 @@ +{% extends "registration/base.html" %} + +{% block title %}Sign in{% endblock %} + +{% block content %} +
+
+

Sign In

+{% csrf_token %} + + {{ form }} + +
+ +
+ +
+
+{% endblock %} diff --git a/ietf/utils/management/commands/import_htpasswd.py b/ietf/utils/management/commands/import_htpasswd.py new file mode 100644 index 000000000..304cd9e5b --- /dev/null +++ b/ietf/utils/management/commands/import_htpasswd.py @@ -0,0 +1,60 @@ +import sys + +from optparse import make_option +from textwrap import dedent + +from django.contrib.auth.models import User +from django.core.management.base import BaseCommand + +class Command(BaseCommand): + """ + Import passwords from one or more htpasswd files to Django's auth_user table. + + This command only imports passwords; it does not import usernames, as that + would leave usernames without associated Person records in the database, + something which is undesirable. + + By default the command won't overwrite existing password entries, but + given the --force switch, it will overwrite existing entries too. Without + the --force switch, the command is safe to run repeatedly. + """ + + help = dedent(__doc__).strip() + + option_list = BaseCommand.option_list + ( + make_option('--force', + action='store_true', dest='overwrite', default=False, + help='Overwrite existing passwords in the auth_user table.'), + ) + + args = '[path [path [...]]]' + + def handle(self, *filenames, **options): + overwrite = options.get('overwrite', False) + verbosity = int(options.get('verbosity')) + for fn in filenames: + with open(fn) as file: + for line in file: + if not ':' in line: + raise ValueError('Found a line without colon separator in the htpassword file %s:'+ + ' "%s"' % (file.name, line)) + username, password = line.strip().split(':', 1) + try: + user = User.objects.get(username=username) + if overwrite == True or not user.password: + if password.startswith('{SHA}'): + user.password = "sha1$$%s" % password[len('{SHA}'):] + elif password.startswith('$apr1$'): + user.password = "md5$%s" % password[len('$apr1$'):] + else: # Assume crypt + user.password = "crypt$$%s" % password + user.save() + if verbosity > 0: + sys.stderr.write('.') + if verbosity > 1: + sys.stderr.write(' %s\n' % username) + except User.DoesNotExist: + if verbosity > 1: + sys.stderr.write('\nNo such user: %s\n' % username) + + \ No newline at end of file diff --git a/ietf/utils/test_data.py b/ietf/utils/test_data.py index 62ebaf700..e85521ba2 100644 --- a/ietf/utils/test_data.py +++ b/ietf/utils/test_data.py @@ -13,7 +13,7 @@ from ietf.meeting.models import Meeting from ietf.name.models import StreamName from ietf.person.models import Person, Alias, Email -def create_person(group, role_name, name=None, username=None, email_address=None): +def create_person(group, role_name, name=None, username=None, email_address=None, password=None): """Add person/user/email and role.""" if not name: name = group.acronym.capitalize() + " " + role_name.capitalize() @@ -21,8 +21,12 @@ def create_person(group, role_name, name=None, username=None, email_address=None username = group.acronym + "-" + role_name if not email_address: email_address = username + "@ietf.org" + if not password: + password = username + "+password" user = User.objects.create(username=username) + user.set_password(password) + user.save() person = Person.objects.create(name=name, ascii=name, user=user) Alias.objects.create(name=name, person=person) email = Email.objects.create(address=email_address, person=person) @@ -165,6 +169,8 @@ def make_test_data(): # plain IETF'er u = User.objects.create(username="plain") + u.set_password("plain+password") + u.save() plainman = Person.objects.create(name="Plain Man", ascii="Plain Man", user=u) email = Email.objects.create(address="plain@example.com", person=plainman) # pyflakes:ignore diff --git a/ietf/utils/test_utils.py b/ietf/utils/test_utils.py index 909ee4f32..745c60ac7 100644 --- a/ietf/utils/test_utils.py +++ b/ietf/utils/test_utils.py @@ -254,12 +254,14 @@ def canonicalize_sitemap(s): s = re.sub("\n*\s*(<[a-zA-Z])", "\n\g<1>", s) return s -def login_testing_unauthorized(test_case, remote_user, url): +def login_testing_unauthorized(test_case, username, url, password=None): r = test_case.client.get(url) test_case.assertTrue(r.status_code in (302, 403)) if r.status_code == 302: test_case.assertTrue("/accounts/login" in r['Location']) - test_case.client.login(remote_user=remote_user) + if not password: + password = username + "+password" + return test_case.client.login(username=username, password=password) class ReverseLazyTest(django.test.TestCase): def test_redirect_with_lazy_reverse(self): diff --git a/static/css/base2.css b/static/css/base2.css index 80e850c1a..14f7eb49f 100644 --- a/static/css/base2.css +++ b/static/css/base2.css @@ -404,3 +404,23 @@ span.fieldRequired { margin: 1em 0; } + +#login-pane { + width: 100%; + height: 100%; + // background: rgba(196,196,196,.5); +} + + +#login-form { + width: 24em; + padding: 2em; + margin-right: auto; + margin-left: auto; + margin-top: 10em; + background: white; +} + +.login { + font-style: italic; +} \ No newline at end of file