Remove new groups attribute of user in tests
This commit is contained in:
parent
b823a404da
commit
7fdce12603
|
@ -1,212 +1,213 @@
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import shutil
|
import shutil
|
||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
|
|
||||||
from click.testing import CliRunner
|
from click.testing import CliRunner
|
||||||
import ldap3
|
import ldap3
|
||||||
|
|
||||||
from ceo.cli import cli
|
from ceo.cli import cli
|
||||||
from ceo_common.model import Term
|
from ceo_common.model import Term
|
||||||
from tests.utils import set_datetime_in_app_process, restore_datetime_in_app_process
|
from tests.utils import set_datetime_in_app_process, restore_datetime_in_app_process
|
||||||
|
|
||||||
|
|
||||||
def test_members_get(cli_setup, ldap_user):
|
def test_members_get(cli_setup, ldap_user):
|
||||||
runner = CliRunner()
|
runner = CliRunner()
|
||||||
result = runner.invoke(cli, ['members', 'get', ldap_user.uid])
|
result = runner.invoke(cli, ['members', 'get', ldap_user.uid])
|
||||||
expected = (
|
expected = (
|
||||||
f"uid: {ldap_user.uid}\n"
|
f"uid: {ldap_user.uid}\n"
|
||||||
f"full name: {ldap_user.cn}\n"
|
f"full name: {ldap_user.cn}\n"
|
||||||
f"first name: {ldap_user.given_name}\n"
|
f"first name: {ldap_user.given_name}\n"
|
||||||
f"last name: {ldap_user.sn}\n"
|
f"last name: {ldap_user.sn}\n"
|
||||||
f"program: {ldap_user.program}\n"
|
f"program: {ldap_user.program}\n"
|
||||||
f"UID number: {ldap_user.uid_number}\n"
|
f"UID number: {ldap_user.uid_number}\n"
|
||||||
f"GID number: {ldap_user.gid_number}\n"
|
f"GID number: {ldap_user.gid_number}\n"
|
||||||
f"login shell: {ldap_user.login_shell}\n"
|
f"login shell: {ldap_user.login_shell}\n"
|
||||||
f"home directory: {ldap_user.home_directory}\n"
|
f"home directory: {ldap_user.home_directory}\n"
|
||||||
f"is a club: {ldap_user.is_club()}\n"
|
f"is a club: {ldap_user.is_club()}\n"
|
||||||
f"is a club rep: {ldap_user.is_club_rep}\n"
|
f"is a club rep: {ldap_user.is_club_rep}\n"
|
||||||
"forwarding addresses: \n"
|
f"forwarding addresses: \n"
|
||||||
f"member terms: {','.join(ldap_user.terms)}\n"
|
f"member terms: {','.join(ldap_user.terms)}\n"
|
||||||
)
|
f"groups: \n"
|
||||||
assert result.exit_code == 0
|
)
|
||||||
assert result.output == expected
|
assert result.exit_code == 0
|
||||||
|
assert result.output == expected
|
||||||
|
|
||||||
def test_members_add(cli_setup):
|
|
||||||
runner = CliRunner()
|
def test_members_add(cli_setup):
|
||||||
result = runner.invoke(cli, [
|
runner = CliRunner()
|
||||||
'members', 'add', 'test_1', '--cn', 'Test One', '--given-name', 'Test',
|
result = runner.invoke(cli, [
|
||||||
'--sn', 'One', '--program', 'Math', '--terms', '1',
|
'members', 'add', 'test_1', '--cn', 'Test One', '--given-name', 'Test',
|
||||||
], input='y\n')
|
'--sn', 'One', '--program', 'Math', '--terms', '1',
|
||||||
expected_pat = re.compile((
|
], input='y\n')
|
||||||
"^The following user will be created:\n"
|
expected_pat = re.compile((
|
||||||
"uid: test_1\n"
|
"^The following user will be created:\n"
|
||||||
"full name: Test One\n"
|
"uid: test_1\n"
|
||||||
"first name: Test\n"
|
"full name: Test One\n"
|
||||||
"last name: One\n"
|
"first name: Test\n"
|
||||||
"program: Math\n"
|
"last name: One\n"
|
||||||
"forwarding addresses: test_1@uwaterloo.internal\n"
|
"program: Math\n"
|
||||||
"member terms: [sfw]\\d{4}\n"
|
"forwarding addresses: test_1@uwaterloo.internal\n"
|
||||||
"Do you want to continue\\? \\[y/N\\]: y\n"
|
"member terms: [sfw]\\d{4}\n"
|
||||||
"Add user to LDAP... Done\n"
|
"Do you want to continue\\? \\[y/N\\]: y\n"
|
||||||
"Add group to LDAP... Done\n"
|
"Add user to LDAP... Done\n"
|
||||||
"Add user to Kerberos... Done\n"
|
"Add group to LDAP... Done\n"
|
||||||
"Create home directory... Done\n"
|
"Add user to Kerberos... Done\n"
|
||||||
"Set forwarding addresses... Done\n"
|
"Create home directory... Done\n"
|
||||||
"Send welcome message... Done\n"
|
"Set forwarding addresses... Done\n"
|
||||||
"Subscribe to mailing list... Done\n"
|
"Send welcome message... Done\n"
|
||||||
"Announce new user to mailing list... Done\n"
|
"Subscribe to mailing list... Done\n"
|
||||||
"Transaction successfully completed.\n"
|
"Announce new user to mailing list... Done\n"
|
||||||
"uid: test_1\n"
|
"Transaction successfully completed.\n"
|
||||||
"full name: Test One\n"
|
"uid: test_1\n"
|
||||||
"first name: Test\n"
|
"full name: Test One\n"
|
||||||
"last name: One\n"
|
"first name: Test\n"
|
||||||
"program: Math\n"
|
"last name: One\n"
|
||||||
"UID number: \\d{5}\n"
|
"program: Math\n"
|
||||||
"GID number: \\d{5}\n"
|
"UID number: \\d{5}\n"
|
||||||
"login shell: /bin/bash\n"
|
"GID number: \\d{5}\n"
|
||||||
"home directory: [a-z0-9/_-]+/test_1\n"
|
"login shell: /bin/bash\n"
|
||||||
"is a club: False\n"
|
"home directory: [a-z0-9/_-]+/test_1\n"
|
||||||
"is a club rep: False\n"
|
"is a club: False\n"
|
||||||
"forwarding addresses: test_1@uwaterloo\\.internal\n"
|
"is a club rep: False\n"
|
||||||
"member terms: [sfw]\\d{4}\n"
|
"forwarding addresses: test_1@uwaterloo\\.internal\n"
|
||||||
"password: \\S+\n$"
|
"member terms: [sfw]\\d{4}\n"
|
||||||
), re.MULTILINE)
|
"password: \\S+\n$"
|
||||||
assert result.exit_code == 0
|
), re.MULTILINE)
|
||||||
assert expected_pat.match(result.output) is not None
|
assert result.exit_code == 0
|
||||||
|
assert expected_pat.match(result.output) is not None
|
||||||
result = runner.invoke(cli, ['members', 'delete', 'test_1'], input='y\n')
|
|
||||||
assert result.exit_code == 0
|
result = runner.invoke(cli, ['members', 'delete', 'test_1'], input='y\n')
|
||||||
|
assert result.exit_code == 0
|
||||||
|
|
||||||
def test_members_modify(cli_setup, ldap_user):
|
|
||||||
# The homedir needs to exist so the API can write to ~/.forward
|
def test_members_modify(cli_setup, ldap_user):
|
||||||
os.makedirs(ldap_user.home_directory)
|
# The homedir needs to exist so the API can write to ~/.forward
|
||||||
try:
|
os.makedirs(ldap_user.home_directory)
|
||||||
runner = CliRunner()
|
try:
|
||||||
result = runner.invoke(cli, [
|
runner = CliRunner()
|
||||||
'members', 'modify', ldap_user.uid, '--login-shell', '/bin/sh',
|
result = runner.invoke(cli, [
|
||||||
'--forwarding-addresses', 'jdoe@test1.internal,jdoe@test2.internal',
|
'members', 'modify', ldap_user.uid, '--login-shell', '/bin/sh',
|
||||||
], input='y\n')
|
'--forwarding-addresses', 'jdoe@test1.internal,jdoe@test2.internal',
|
||||||
expected = (
|
], input='y\n')
|
||||||
"Login shell will be set to: /bin/sh\n"
|
expected = (
|
||||||
"~/.forward will be set to: jdoe@test1.internal\n"
|
"Login shell will be set to: /bin/sh\n"
|
||||||
" jdoe@test2.internal\n"
|
"~/.forward will be set to: jdoe@test1.internal\n"
|
||||||
"Do you want to continue? [y/N]: y\n"
|
" jdoe@test2.internal\n"
|
||||||
"Replace login shell... Done\n"
|
"Do you want to continue? [y/N]: y\n"
|
||||||
"Replace forwarding addresses... Done\n"
|
"Replace login shell... Done\n"
|
||||||
"Transaction successfully completed.\n"
|
"Replace forwarding addresses... Done\n"
|
||||||
)
|
"Transaction successfully completed.\n"
|
||||||
assert result.exit_code == 0
|
)
|
||||||
assert result.output == expected
|
assert result.exit_code == 0
|
||||||
finally:
|
assert result.output == expected
|
||||||
shutil.rmtree(ldap_user.home_directory)
|
finally:
|
||||||
|
shutil.rmtree(ldap_user.home_directory)
|
||||||
|
|
||||||
def test_members_renew(cli_setup, ldap_user, g_admin_ctx):
|
|
||||||
# set the user's last term to something really old
|
def test_members_renew(cli_setup, ldap_user, g_admin_ctx):
|
||||||
with g_admin_ctx(), ldap_user.ldap_srv.entry_ctx_for_user(ldap_user) as entry:
|
# set the user's last term to something really old
|
||||||
entry.term = ['s1999', 'f1999']
|
with g_admin_ctx(), ldap_user.ldap_srv.entry_ctx_for_user(ldap_user) as entry:
|
||||||
current_term = Term.current()
|
entry.term = ['s1999', 'f1999']
|
||||||
|
current_term = Term.current()
|
||||||
runner = CliRunner()
|
|
||||||
result = runner.invoke(cli, [
|
runner = CliRunner()
|
||||||
'members', 'renew', ldap_user.uid, '--terms', '1',
|
result = runner.invoke(cli, [
|
||||||
], input='y\n')
|
'members', 'renew', ldap_user.uid, '--terms', '1',
|
||||||
expected = (
|
], input='y\n')
|
||||||
f"The following member terms will be added: {current_term}\n"
|
expected = (
|
||||||
"Do you want to continue? [y/N]: y\n"
|
f"The following member terms will be added: {current_term}\n"
|
||||||
"Done.\n"
|
"Do you want to continue? [y/N]: y\n"
|
||||||
)
|
"Done.\n"
|
||||||
assert result.exit_code == 0
|
)
|
||||||
assert result.output == expected
|
assert result.exit_code == 0
|
||||||
|
assert result.output == expected
|
||||||
runner = CliRunner()
|
|
||||||
result = runner.invoke(cli, [
|
runner = CliRunner()
|
||||||
'members', 'renew', ldap_user.uid, '--terms', '2',
|
result = runner.invoke(cli, [
|
||||||
], input='y\n')
|
'members', 'renew', ldap_user.uid, '--terms', '2',
|
||||||
expected = (
|
], input='y\n')
|
||||||
f"The following member terms will be added: {current_term+1},{current_term+2}\n"
|
expected = (
|
||||||
"Do you want to continue? [y/N]: y\n"
|
f"The following member terms will be added: {current_term+1},{current_term+2}\n"
|
||||||
"Done.\n"
|
"Do you want to continue? [y/N]: y\n"
|
||||||
)
|
"Done.\n"
|
||||||
assert result.exit_code == 0
|
)
|
||||||
assert result.output == expected
|
assert result.exit_code == 0
|
||||||
|
assert result.output == expected
|
||||||
|
|
||||||
def test_members_pwreset(cli_setup, ldap_user, krb_user):
|
|
||||||
runner = CliRunner()
|
def test_members_pwreset(cli_setup, ldap_user, krb_user):
|
||||||
result = runner.invoke(
|
runner = CliRunner()
|
||||||
cli, ['members', 'pwreset', ldap_user.uid], input='y\n')
|
result = runner.invoke(
|
||||||
expected_pat = re.compile((
|
cli, ['members', 'pwreset', ldap_user.uid], input='y\n')
|
||||||
f"^Are you sure you want to reset {ldap_user.uid}'s password\\? \\[y/N\\]: y\n"
|
expected_pat = re.compile((
|
||||||
"New password: \\S+\n$"
|
f"^Are you sure you want to reset {ldap_user.uid}'s password\\? \\[y/N\\]: y\n"
|
||||||
), re.MULTILINE)
|
"New password: \\S+\n$"
|
||||||
assert result.exit_code == 0
|
), re.MULTILINE)
|
||||||
assert expected_pat.match(result.output) is not None
|
assert result.exit_code == 0
|
||||||
|
assert expected_pat.match(result.output) is not None
|
||||||
|
|
||||||
def test_members_expire(cli_setup, app_process, ldap_user):
|
|
||||||
runner = CliRunner()
|
def test_members_expire(cli_setup, app_process, ldap_user):
|
||||||
|
runner = CliRunner()
|
||||||
try:
|
|
||||||
# use a time that we know for sure will expire
|
try:
|
||||||
test_date = datetime(4000, 4, 1)
|
# use a time that we know for sure will expire
|
||||||
set_datetime_in_app_process(app_process, test_date)
|
test_date = datetime(4000, 4, 1)
|
||||||
|
set_datetime_in_app_process(app_process, test_date)
|
||||||
result = runner.invoke(cli, ['members', 'expire', '--dry-run'])
|
|
||||||
assert result.exit_code == 0
|
result = runner.invoke(cli, ['members', 'expire', '--dry-run'])
|
||||||
assert result.output == f"The following members will be marked as expired:\n{ldap_user.uid}\n"
|
assert result.exit_code == 0
|
||||||
|
assert result.output == f"The following members will be marked as expired:\n{ldap_user.uid}\n"
|
||||||
result = runner.invoke(cli, ['members', 'expire'])
|
|
||||||
assert result.exit_code == 0
|
result = runner.invoke(cli, ['members', 'expire'])
|
||||||
assert result.output == f"The following members has been marked as expired:\n{ldap_user.uid}\n"
|
assert result.exit_code == 0
|
||||||
|
assert result.output == f"The following members has been marked as expired:\n{ldap_user.uid}\n"
|
||||||
runner.invoke(cli, ['members', 'renew', ldap_user.uid, '--terms', '1'])
|
|
||||||
assert result.exit_code == 0
|
runner.invoke(cli, ['members', 'renew', ldap_user.uid, '--terms', '1'])
|
||||||
|
assert result.exit_code == 0
|
||||||
result = runner.invoke(cli, ['members', 'expire', '--dry-run'])
|
|
||||||
assert result.exit_code == 0
|
result = runner.invoke(cli, ['members', 'expire', '--dry-run'])
|
||||||
assert result.output == ''
|
assert result.exit_code == 0
|
||||||
finally:
|
assert result.output == ''
|
||||||
restore_datetime_in_app_process(app_process)
|
finally:
|
||||||
|
restore_datetime_in_app_process(app_process)
|
||||||
|
|
||||||
def test_members_remindexpire(cfg, cli_setup, app_process, ldap_conn, ldap_user):
|
|
||||||
runner = CliRunner()
|
def test_members_remindexpire(cfg, cli_setup, app_process, ldap_conn, ldap_user):
|
||||||
term = Term(ldap_user.terms[0])
|
runner = CliRunner()
|
||||||
test_date = (term + 1).to_datetime()
|
term = Term(ldap_user.terms[0])
|
||||||
# Add a term to ctdalek so that he doesn't show up in the results
|
test_date = (term + 1).to_datetime()
|
||||||
base_dn = cfg.get('ldap_users_base')
|
# Add a term to ctdalek so that he doesn't show up in the results
|
||||||
ldap_conn.modify(
|
base_dn = cfg.get('ldap_users_base')
|
||||||
f'uid=ctdalek,{base_dn}',
|
ldap_conn.modify(
|
||||||
{'term': [(ldap3.MODIFY_ADD, [str(term + 1)])]})
|
f'uid=ctdalek,{base_dn}',
|
||||||
|
{'term': [(ldap3.MODIFY_ADD, [str(term + 1)])]})
|
||||||
try:
|
|
||||||
set_datetime_in_app_process(app_process, test_date)
|
try:
|
||||||
result = runner.invoke(cli, ['members', 'remindexpire', '--dry-run'])
|
set_datetime_in_app_process(app_process, test_date)
|
||||||
assert result.exit_code == 0
|
result = runner.invoke(cli, ['members', 'remindexpire', '--dry-run'])
|
||||||
assert result.output == (
|
assert result.exit_code == 0
|
||||||
"The following members will be sent membership renewal reminders:\n"
|
assert result.output == (
|
||||||
f"{ldap_user.uid}\n"
|
"The following members will be sent membership renewal reminders:\n"
|
||||||
)
|
f"{ldap_user.uid}\n"
|
||||||
|
)
|
||||||
result = runner.invoke(cli, ['members', 'remindexpire'])
|
|
||||||
assert result.exit_code == 0
|
result = runner.invoke(cli, ['members', 'remindexpire'])
|
||||||
assert result.output == (
|
assert result.exit_code == 0
|
||||||
"The following members were sent membership renewal reminders:\n"
|
assert result.output == (
|
||||||
f"{ldap_user.uid}\n"
|
"The following members were sent membership renewal reminders:\n"
|
||||||
)
|
f"{ldap_user.uid}\n"
|
||||||
|
)
|
||||||
test_date = (term + 1).to_datetime() + timedelta(days=40)
|
|
||||||
set_datetime_in_app_process(app_process, test_date)
|
test_date = (term + 1).to_datetime() + timedelta(days=40)
|
||||||
result = runner.invoke(cli, ['members', 'remindexpire'])
|
set_datetime_in_app_process(app_process, test_date)
|
||||||
assert result.exit_code == 0
|
result = runner.invoke(cli, ['members', 'remindexpire'])
|
||||||
assert result.output == "No members are pending expiration.\n"
|
assert result.exit_code == 0
|
||||||
finally:
|
assert result.output == "No members are pending expiration.\n"
|
||||||
restore_datetime_in_app_process(app_process)
|
finally:
|
||||||
|
restore_datetime_in_app_process(app_process)
|
||||||
ldap_conn.modify(
|
|
||||||
f'uid=ctdalek,{base_dn}',
|
ldap_conn.modify(
|
||||||
{'term': [(ldap3.MODIFY_DELETE, [str(term + 1)])]})
|
f'uid=ctdalek,{base_dn}',
|
||||||
|
{'term': [(ldap3.MODIFY_DELETE, [str(term + 1)])]})
|
||||||
|
|
|
@ -127,6 +127,7 @@ def test_api_get_user(cfg, client, create_user_result):
|
||||||
del old_data['password']
|
del old_data['password']
|
||||||
|
|
||||||
status, data = client.get(f'/api/members/{uid}')
|
status, data = client.get(f'/api/members/{uid}')
|
||||||
|
del data['groups']
|
||||||
assert status == 200
|
assert status == 200
|
||||||
assert data == old_data
|
assert data == old_data
|
||||||
|
|
||||||
|
@ -262,6 +263,7 @@ def test_authz_check(client, create_user_result):
|
||||||
del old_data['password']
|
del old_data['password']
|
||||||
del old_data['forwarding_addresses']
|
del old_data['forwarding_addresses']
|
||||||
_, data = client.get(f'/api/members/{uid}', principal='regular1')
|
_, data = client.get(f'/api/members/{uid}', principal='regular1')
|
||||||
|
del data['groups']
|
||||||
assert data == old_data
|
assert data == old_data
|
||||||
|
|
||||||
# If we're syscom but we don't pass credentials, the request should fail
|
# If we're syscom but we don't pass credentials, the request should fail
|
||||||
|
|
Loading…
Reference in New Issue