vigiboard / dashboard / tests / functional / test_authentication.py @ 805cc54a
History | View | Annotate | Download (3.44 KB)
1 | 805cc54a | Thomas ANDREJAK | # -*- coding: utf-8 -*-
|
---|---|---|---|
2 | """
|
||
3 | Integration tests for the :mod:`repoze.who`-powered authentication sub-system.
|
||
4 |
|
||
5 | As dashboard grows and the authentication method changes, only these tests
|
||
6 | should be updated.
|
||
7 |
|
||
8 | """
|
||
9 | |||
10 | from dashboard.tests import TestController |
||
11 | |||
12 | |||
13 | class TestAuthentication(TestController): |
||
14 | """
|
||
15 | Tests for the default authentication setup.
|
||
16 |
|
||
17 | By default in TurboGears 2, :mod:`repoze.who` is configured with the same
|
||
18 | plugins specified by repoze.what-quickstart (which are listed in
|
||
19 | http://code.gustavonarea.net/repoze.what-quickstart/#repoze.what.plugins.quickstart.setup_sql_auth).
|
||
20 |
|
||
21 | As the settings for those plugins change, or the plugins are replaced,
|
||
22 | these tests should be updated.
|
||
23 |
|
||
24 | """
|
||
25 | |||
26 | application_under_test = 'main'
|
||
27 | |||
28 | def test_forced_login(self): |
||
29 | """
|
||
30 | Anonymous users must be redirected to the login form when authorization
|
||
31 | is denied.
|
||
32 |
|
||
33 | Next, upon successful login they should be redirected to the initially
|
||
34 | requested page.
|
||
35 |
|
||
36 | """
|
||
37 | # Requesting a protected area
|
||
38 | resp = self.app.get('/secc/', status=302) |
||
39 | assert resp.location.startswith('http://localhost/login') |
||
40 | # Getting the login form:
|
||
41 | resp = resp.follow(status=200)
|
||
42 | form = resp.form |
||
43 | # Submitting the login form:
|
||
44 | form['login'] = u'manager' |
||
45 | form['password'] = 'managepass' |
||
46 | post_login = form.submit(status=302)
|
||
47 | # Being redirected to the initially requested page:
|
||
48 | assert post_login.location.startswith('http://localhost/post_login') |
||
49 | initial_page = post_login.follow(status=302)
|
||
50 | assert 'authtkt' in initial_page.request.cookies, \ |
||
51 | "Session cookie wasn't defined: %s" % initial_page.request.cookies
|
||
52 | assert initial_page.location.startswith('http://localhost/secc/'), \ |
||
53 | initial_page.location |
||
54 | |||
55 | def test_voluntary_login(self): |
||
56 | """Voluntary logins must work correctly"""
|
||
57 | # Going to the login form voluntarily:
|
||
58 | resp = self.app.get('/login', status=200) |
||
59 | form = resp.form |
||
60 | # Submitting the login form:
|
||
61 | form['login'] = u'manager' |
||
62 | form['password'] = 'managepass' |
||
63 | post_login = form.submit(status=302)
|
||
64 | # Being redirected to the home page:
|
||
65 | assert post_login.location.startswith('http://localhost/post_login') |
||
66 | home_page = post_login.follow(status=302)
|
||
67 | assert 'authtkt' in home_page.request.cookies, \ |
||
68 | 'Session cookie was not defined: %s' % home_page.request.cookies
|
||
69 | assert home_page.location == 'http://localhost/' |
||
70 | |||
71 | def test_logout(self): |
||
72 | """Logouts must work correctly"""
|
||
73 | # Logging in voluntarily the quick way:
|
||
74 | resp = self.app.get('/login_handler?login=manager&password=managepass', |
||
75 | status=302)
|
||
76 | resp = resp.follow(status=302)
|
||
77 | assert 'authtkt' in resp.request.cookies, \ |
||
78 | 'Session cookie was not defined: %s' % resp.request.cookies
|
||
79 | # Logging out:
|
||
80 | resp = self.app.get('/logout_handler', status=302) |
||
81 | assert resp.location.startswith('http://localhost/post_logout') |
||
82 | # Finally, redirected to the home page:
|
||
83 | home_page = resp.follow(status=302)
|
||
84 | assert home_page.request.cookies.get('authtkt') == '', \ |
||
85 | 'Session cookie was not deleted: %s' % home_page.request.cookies
|
||
86 | assert home_page.location == 'http://localhost/', home_page.location |