altf4arnold/datatracker
1
0
Fork 0
Code Issues Pull requests Actions 3 Packages Projects Releases Wiki Activity

Control the tests of adding user passwords to the htpasswd file better

Browse source 
fixing a bug in the tests and add separate tests of the Python-based
approach and the htpasswd binary
 - Legacy-Id: 11170
This commit is contained in:
Ole Laursen 2016-05-06 12:11:20 +00:00
parent 793bc3c2fa
commit dedb00b0a5
3 changed files with 29 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ietf/ietfauth/htpasswd.py
View file

@ -2,7 +2,7 @@ import subprocess, hashlib
from django.conf import settings
def save_htpasswd_file(username, password):
def update_htpasswd_file(username, password):
if getattr(settings, 'USE_PYTHON_HTDIGEST', None):
pass_file = settings.HTPASSWD_FILE
realm = settings.HTDIGEST_REALM

26
ietf/ietfauth/tests.py
View file

@ -13,19 +13,25 @@ from ietf.utils.test_data import make_test_data
from ietf.utils.mail import outbox, empty_outbox
from ietf.person.models import Person, Email
from ietf.group.models import Group, Role, RoleName
from ietf.ietfauth.htpasswd import update_htpasswd_file
class IetfAuthTests(TestCase):
def setUp(self):
self.saved_use_python_htdigest = getattr(settings, "USE_PYTHON_HTDIGEST", None)
settings.USE_PYTHON_HTDIGEST = True
self.saved_htpasswd_file = settings.HTPASSWD_FILE
self.htpasswd_dir = os.path.abspath("tmp-htpasswd-dir")
os.mkdir(self.htpasswd_dir)
settings.HTPASSWD_FILE = os.path.join(self.htpasswd_dir, "htpasswd")
open(settings.HTPASSWD_FILE, 'a').close() # create empty file
self.saved_htdigest_realm = getattr(settings, "HTDIGEST_REALM", None)
settings.HTDIGEST_REALM = "test-realm"
def tearDown(self):
shutil.rmtree(self.htpasswd_dir)
settings.USE_PYTHON_HTDIGEST = self.saved_use_python_htdigest
settings.HTPASSWD_FILE = self.saved_htpasswd_file
settings.HTDIGEST_REALM = self.saved_htdigest_realm
@ -71,8 +77,11 @@ class IetfAuthTests(TestCase):
def username_in_htpasswd_file(self, username):
with open(settings.HTPASSWD_FILE) as f:
for l in f:
if l.startswith(username + ":" + settings.HTDIGEST_REALM):
if l.startswith(username + ":"):
return True
with open(settings.HTPASSWD_FILE) as f:
print f.read()
return False
def test_create_account(self):
@ -260,3 +269,18 @@ class IetfAuthTests(TestCase):
q = PyQuery(r.content)
self.assertEqual(len(q("form .has-error")), 0)
self.assertTrue(self.username_in_htpasswd_file(user.username))
def test_htpasswd_file_with_python(self):
# make sure we test both Python and call-out to binary
settings.USE_PYTHON_HTDIGEST = True
update_htpasswd_file("foo", "passwd")
self.assertTrue(self.username_in_htpasswd_file("foo"))
def test_htpasswd_file_with_htpasswd_binary(self):
# make sure we test both Python and call-out to binary
settings.USE_PYTHON_HTDIGEST = False
update_htpasswd_file("foo", "passwd")
self.assertTrue(self.username_in_htpasswd_file("foo"))

6
ietf/ietfauth/views.py
View file

@ -45,7 +45,7 @@ from django.contrib.auth.models import User
from ietf.group.models import Role
from ietf.ietfauth.forms import RegistrationForm, PasswordForm, ResetPasswordForm, TestEmailForm
from ietf.ietfauth.forms import PersonForm, RoleEmailForm, NewEmailForm
from ietf.ietfauth.htpasswd import save_htpasswd_file
from ietf.ietfauth.htpasswd import update_htpasswd_file
from ietf.person.models import Person, Email, Alias
from ietf.utils.mail import send_mail
@ -126,7 +126,7 @@ def confirm_account(request, auth):
user.set_password(password)
user.save()
# password is also stored in htpasswd file
save_htpasswd_file(email, password)
update_htpasswd_file(email, password)
# make sure the rest of the person infrastructure is
# well-connected
@ -317,7 +317,7 @@ def confirm_password_reset(request, auth):
user.set_password(password)
user.save()
# password is also stored in htpasswd file
save_htpasswd_file(user.username, password)
update_htpasswd_file(user.username, password)
success = True
else: