2021-10-26 12:35:22 +02:00
|
|
|
from django.test import override_settings
|
2021-10-22 12:38:25 +02:00
|
|
|
from rest_framework import status
|
2021-10-26 12:35:22 +02:00
|
|
|
from rest_framework.exceptions import ErrorDetail
|
2021-10-22 12:38:25 +02:00
|
|
|
|
2021-10-26 12:35:22 +02:00
|
|
|
from userausfall.ldap import LDAPManager
|
|
|
|
|
from userausfall.rest_api.tests.trust_bridges import TrustBridgeMixin
|
2021-10-22 12:38:25 +02:00
|
|
|
from userausfall.rest_api.tests.userausfall import get_url, UserausfallAPITestCase
|
|
|
|
|
|
|
|
|
|
|
2021-10-26 12:35:22 +02:00
|
|
|
@override_settings(USERAUSFALL_LDAP_IS_TEST=True)
|
|
|
|
|
class UserTestCase(TrustBridgeMixin, UserausfallAPITestCase):
|
|
|
|
|
def setUp(self) -> None:
|
|
|
|
|
self.ldap = LDAPManager()
|
2021-10-22 12:38:25 +02:00
|
|
|
|
2021-10-26 12:35:22 +02:00
|
|
|
def tearDown(self) -> None:
|
|
|
|
|
self.ldap.drop_test_connection()
|
2021-10-22 12:38:25 +02:00
|
|
|
|
|
|
|
|
def test_retrieve_user(self):
|
|
|
|
|
"""Retrieve the details of the current user."""
|
|
|
|
|
url = "/users/{pk}/"
|
|
|
|
|
self.authenticate_user()
|
|
|
|
|
response = self.client.get(self.get_api_url(url, pk=self.user.pk))
|
|
|
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
|
|
|
self.assertDictEqual(
|
|
|
|
|
response.data,
|
|
|
|
|
{
|
|
|
|
|
"id": self.user.id,
|
|
|
|
|
"trust_bridge": None,
|
|
|
|
|
"url": get_url(response, "user", self.user),
|
|
|
|
|
},
|
|
|
|
|
)
|
2021-10-26 12:35:22 +02:00
|
|
|
|
|
|
|
|
def test_activate_user(self):
|
|
|
|
|
"""Create the ldap account for the current user."""
|
|
|
|
|
url = "/users/{pk}/activate/"
|
|
|
|
|
self.create_trust_bridge(is_trusted=True)
|
|
|
|
|
self.authenticate_user()
|
|
|
|
|
response = self.client.post(self.get_api_url(url, pk=self.user.pk), {"password": self.password})
|
|
|
|
|
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
|
|
|
|
|
self.assertTrue(self.user.has_ldap_account())
|
|
|
|
|
|
|
|
|
|
def test_activate_user_with_invalid_password(self):
|
|
|
|
|
"""Create the ldap account for the current user with an invalid password."""
|
|
|
|
|
url = "/users/{pk}/activate/"
|
|
|
|
|
self.create_trust_bridge(is_trusted=True)
|
|
|
|
|
self.authenticate_user()
|
|
|
|
|
response = self.client.post(self.get_api_url(url, pk=self.user.pk), {"password": "invalid"})
|
|
|
|
|
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
|
|
|
|
|
self.assertDictEqual(
|
|
|
|
|
response.data, {"password": [ErrorDetail("Password does not match the user's password", code="invalid")]}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
def test_activate_user_without_trust_bridge(self):
|
|
|
|
|
"""Create the ldap account for the current user without a trust bridge."""
|
|
|
|
|
url = "/users/{pk}/activate/"
|
|
|
|
|
self.authenticate_user()
|
|
|
|
|
response = self.client.post(self.get_api_url(url, pk=self.user.pk), {"password": self.password})
|
|
|
|
|
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
|
|
|
|
|
self.assertDictEqual(
|
|
|
|
|
response.data, {"non_field_errors": [ErrorDetail("User has no trusted trust bridge", code="invalid")]}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
def test_activate_user_with_untrusted_trust_bridge(self):
|
|
|
|
|
"""Create the ldap account for the current user with an untrusted trust bridge."""
|
|
|
|
|
url = "/users/{pk}/activate/"
|
|
|
|
|
self.create_trust_bridge(is_trusted=False)
|
|
|
|
|
self.authenticate_user()
|
|
|
|
|
response = self.client.post(self.get_api_url(url, pk=self.user.pk), {"password": self.password})
|
|
|
|
|
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
|
|
|
|
|
self.assertDictEqual(
|
|
|
|
|
response.data, {"non_field_errors": [ErrorDetail("User has no trusted trust bridge", code="invalid")]}
|
|
|
|
|
)
|
