Select Git revision
test_transformers.py
-
Daniel Hornung authoredDaniel Hornung authored
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
test_authentication.py 4.14 KiB
# encoding: utf-8
#
# ** header v3.0
# This file is a part of the CaosDB Project.
#
# Copyright (C) 2018 Research Group Biomedical Physics,
# Max-Planck-Institute for Dynamics and Self-Organization Göttingen
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
# ** end header
#
"""Created on 20.01.2015.
@author: tf
"""
import os
from sys import hexversion
from urllib.parse import urlparse
from http.client import HTTPSConnection
import ssl
from subprocess import call, check_output
from lxml import etree
from pytest import skip
from caosdb.exceptions import LoginFailedException
import caosdb as h
from nose.tools import (assert_false, assert_true, assert_is_none,
assert_raises, assert_equal, assert_is_not_none,
nottest, with_setup)
from caosdb.connection.connection import _Connection
def setup():
try:
h.execute_query("FIND Test*").delete()
except Exception as e:
print(e)
def test_pass():
if not h.get_config().has_option("Connection", "password_method") or not h.get_config().get("Connection", "password_method") == "pass":
skip()
assert call(["pass", h.get_config().get("Connection",
"password_identifier")]) == 0
def test_https_support():
if 0x02999999 < hexversion < 0x03020000:
raise Exception("version " + str(hex(hexversion)))
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
context.verify_mode = ssl.CERT_REQUIRED
if hasattr(context, "check_hostname"):
context.check_hostname = True
context.load_verify_locations(h.get_config().get("Connection", "cacert"))
url = h.get_config().get("Connection", "url")
fullurl = urlparse(url)
http_con = HTTPSConnection(
str(fullurl.netloc), timeout=200, context=context)
http_con.request(method="GET", headers={}, url=str(fullurl.path) + "Info")
r = http_con.getresponse()
print(r.read())
def test_login_via_post_form_data_failure():
with assert_raises(LoginFailedException) as cm:
h.get_connection().post_form_data(
"login", {
"username": h.get_config().get("Connection", "username"),
"password": "wrongpassphrase"
})
def test_anonymous_setter():
""" this test verifies that the "test_login_while_anonymous_is_active" is
effective."""
# activate anonymous user
h.administration.set_server_property("AUTH_OPTIONAL", "TRUE")
# connect without auth-token
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
context.verify_mode = ssl.CERT_REQUIRED
context.load_verify_locations(h.get_config().get("Connection", "cacert"))
url = h.get_config().get("Connection", "url")
fullurl = urlparse(url)
http_con = HTTPSConnection(
str(fullurl.netloc), timeout=200, context=context)
http_con.request(method="GET", headers={}, url=str(fullurl.path) + "Info")
body = http_con.getresponse().read()
xml = etree.fromstring(body)
# verify unauthenticated
assert xml.xpath("/Response/UserInfo/Roles/Role")[0].text == "anonymous"
@with_setup(setup, setup)
def test_login_while_anonymous_is_active():
# activate anonymous user
h.administration.set_server_property("AUTH_OPTIONAL", "TRUE")
# logout
h.get_connection()._logout()
body = h.get_connection().retrieve(
entity_uri_segments=["Entity"],
reconnect=True).read()
xml = etree.fromstring(body)
# pylib did the login even though the anonymous user is active
assert xml.xpath(
"/Response/UserInfo/Roles/Role")[0].text == "administration"