jikimo/test
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

密码策略模块测试

Browse Source
This commit is contained in:
qihao.gong@jikimo.com
2023-07-10 17:33:06 +08:00
parent 1502336286
commit 3544c6a957
98 changed files with 25413 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
password_security/tests/__init__.py Normal file
View File

@@ -0,0 +1,8 @@
# Copyright 2015 LasLabs Inc.
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
from . import (
test_password_security_home,
test_password_security_session,
test_res_users,
)

257
password_security/tests/test_password_security_home.py Normal file
View File

@@ -0,0 +1,257 @@
# Copyright 2016 LasLabs Inc.
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
from contextlib import contextmanager
from datetime import datetime, timedelta
from unittest import mock
from werkzeug.urls import url_parse
from odoo.exceptions import UserError
from odoo.http import Response, _request_stack
from odoo.tests.common import HttpCase, TransactionCase
from ..controllers import main
IMPORT = "odoo.addons.password_security.controllers.main"
class EndTestException(Exception):
"""It allows for isolation of resources by raise"""
class MockResponse(object):
def __new__(cls):
return mock.Mock(spec=Response)
class MockPassError(UserError):
def __init__(self):
super(MockPassError, self).__init__("Message")
class TestPasswordSecurityHome(TransactionCase):
def setUp(self):
super(TestPasswordSecurityHome, self).setUp()
self.PasswordSecurityHome = main.PasswordSecurityHome
self.password_security_home = self.PasswordSecurityHome()
self.passwd = "I am a password!"
self.qcontext = {
"password": self.passwd,
}
_request_stack.push(
mock.Mock(
env=self.env,
)
)
self.addCleanup(_request_stack.pop)
@contextmanager
def mock_assets(self):
"""It mocks and returns assets used by this controller"""
methods = [
"do_signup",
"web_login",
"web_auth_signup",
"web_auth_reset_password",
]
with mock.patch.multiple(
main.AuthSignupHome, **{m: mock.DEFAULT for m in methods}
) as _super:
mocks = {}
for method in methods:
mocks[method] = _super[method]
mocks[method].return_value = MockResponse()
with mock.patch("%s.request" % IMPORT) as request:
with mock.patch("%s.ensure_db" % IMPORT) as ensure:
with mock.patch("%s.http" % IMPORT) as http:
http.request.redirect.return_value = MockResponse()
mocks.update(
{
"request": request,
"ensure_db": ensure,
"http": http,
}
)
yield mocks
def test_do_signup_check(self):
"""It should check password on user"""
with self.mock_assets() as assets:
check_password = assets["request"].env.user._check_password
check_password.side_effect = EndTestException
with self.assertRaises(EndTestException):
self.password_security_home.do_signup(self.qcontext)
check_password.assert_called_once_with(
self.passwd,
)
def test_do_signup_return(self):
"""It should return result of super"""
with self.mock_assets() as assets:
res = self.password_security_home.do_signup(self.qcontext)
self.assertEqual(assets["do_signup"](), res)
def test_web_login_ensure_db(self):
"""It should verify available db"""
with self.mock_assets() as assets:
assets["ensure_db"].side_effect = EndTestException
with self.assertRaises(EndTestException):
self.password_security_home.web_login()
def test_web_login_super(self):
"""It should call superclass w/ proper args"""
expect_list = [1, 2, 3]
expect_dict = {"test1": "good1", "test2": "good2"}
with self.mock_assets() as assets:
assets["web_login"].side_effect = EndTestException
with self.assertRaises(EndTestException):
self.password_security_home.web_login(*expect_list, **expect_dict)
assets["web_login"].assert_called_once_with(*expect_list, **expect_dict)
def test_web_login_log_out_if_expired(self):
"""It should log out user if password expired"""
with self.mock_assets() as assets:
request = assets["request"]
request.httprequest.method = "POST"
user = request.env["res.users"].sudo().browse()
user._password_has_expired.return_value = True
self.password_security_home.web_login()
logout_mock = request.session.logout
logout_mock.assert_called_once_with(keep_db=True)
def test_web_login_redirect(self):
"""It should redirect w/ hash to reset after expiration"""
with self.mock_assets() as assets:
request = assets["request"]
request.httprequest.method = "POST"
user = request.env["res.users"].sudo().browse()
user._password_has_expired.return_value = True
res = self.password_security_home.web_login()
self.assertEqual(
request.redirect(),
res,
)
def test_web_auth_signup_valid(self):
"""It should return super if no errors"""
with self.mock_assets() as assets:
res = self.password_security_home.web_auth_signup()
self.assertEqual(
assets["web_auth_signup"](),
res,
)
def test_web_auth_signup_invalid_qcontext(self):
"""It should catch PassError and get signup qcontext"""
with self.mock_assets() as assets:
with mock.patch.object(
main.AuthSignupHome,
"get_auth_signup_qcontext",
) as qcontext:
assets["web_auth_signup"].side_effect = MockPassError
qcontext.side_effect = EndTestException
with self.assertRaises(EndTestException):
self.password_security_home.web_auth_signup()
def test_web_auth_signup_invalid_render(self):
"""It should render & return signup form on invalid"""
with self.mock_assets() as assets:
with mock.patch.object(
main.AuthSignupHome, "get_auth_signup_qcontext", spec=dict
) as qcontext:
assets["web_auth_signup"].side_effect = MockPassError
res = self.password_security_home.web_auth_signup()
assets["request"].render.assert_called_once_with(
"auth_signup.signup",
qcontext(),
)
self.assertEqual(
assets["request"].render(),
res,
)
def test_web_auth_reset_password_fail_login(self):
"""It should raise from failed _validate_pass_reset by login"""
with self.mock_assets() as assets:
with mock.patch.object(
main.AuthSignupHome, "get_auth_signup_qcontext", spec=dict
) as qcontext:
qcontext["login"] = "login"
search = assets["request"].env.sudo().search
assets["request"].httprequest.method = "POST"
user = mock.MagicMock()
user._validate_pass_reset.side_effect = MockPassError
search.return_value = user
with self.assertRaises(MockPassError):
self.password_security_home.web_auth_reset_password()
def test_web_auth_reset_password_fail_email(self):
"""It should raise from failed _validate_pass_reset by email"""
with self.mock_assets() as assets:
with mock.patch.object(
main.AuthSignupHome, "get_auth_signup_qcontext", spec=dict
) as qcontext:
qcontext["login"] = "login"
search = assets["request"].env.sudo().search
assets["request"].httprequest.method = "POST"
user = mock.MagicMock()
user._validate_pass_reset.side_effect = MockPassError
search.side_effect = [[], user]
with self.assertRaises(MockPassError):
self.password_security_home.web_auth_reset_password()
def test_web_auth_reset_password_success(self):
"""It should return parent response on no validate errors"""
with self.mock_assets() as assets:
with mock.patch.object(
main.AuthSignupHome, "get_auth_signup_qcontext", spec=dict
) as qcontext:
qcontext["login"] = "login"
assets["request"].httprequest.method = "POST"
res = self.password_security_home.web_auth_reset_password()
self.assertEqual(
assets["web_auth_reset_password"](),
res,
)
@mock.patch("odoo.http.WebRequest.validate_csrf", return_value=True)
class LoginCase(HttpCase):
def test_web_login_authenticate(self, *args):
"""It should allow authenticating by login"""
response = self.url_open(
"/web/login",
{"login": "admin", "password": "admin"},
)
# Redirected to /web because it succeeded
path = url_parse(response.url).path
self.assertEqual(path, "/web")
self.assertEqual(response.status_code, 200)
def test_web_login_authenticate_fail(self, *args):
"""It should fail auth"""
response = self.url_open(
"/web/login",
{"login": "admin", "password": "noadmin"},
)
self.assertIn(
"Wrong login/password",
response.text,
)
def test_web_login_expire_pass(self, *args):
"""It should expire password if necessary"""
three_days_ago = datetime.now() - timedelta(days=3)
with self.cursor() as cr:
env = self.env(cr)
user = env["res.users"].search([("login", "=", "admin")])
user.password_write_date = three_days_ago
user.company_id.password_expiration = 1
response = self.url_open(
"/web/login",
{"login": "admin", "password": "admin"},
)
path = url_parse(response.url).path
self.assertEqual(path, "/web/reset_password")

59
password_security/tests/test_password_security_session.py Normal file
View File

@@ -0,0 +1,59 @@
# Copyright 2016 LasLabs Inc.
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
from contextlib import contextmanager
from unittest import mock
from odoo.http import _request_stack
from odoo.tests.common import TransactionCase
from ..controllers import main
IMPORT = "odoo.addons.password_security.controllers.main"
class EndTestException(Exception):
"""It allows for isolation of resources by raise"""
class TestPasswordSecuritySession(TransactionCase):
def setUp(self):
super(TestPasswordSecuritySession, self).setUp()
self.PasswordSecuritySession = main.PasswordSecuritySession
self.password_security_session = self.PasswordSecuritySession()
self.passwd = "I am a password!"
self.fields = [
{"name": "new_password", "value": self.passwd},
]
_request_stack.push(
mock.Mock(
env=self.env,
)
)
self.addCleanup(_request_stack.pop)
@contextmanager
def mock_assets(self):
"""It mocks and returns assets used by this controller"""
with mock.patch("%s.request" % IMPORT) as request:
yield {
"request": request,
}
def test_change_password_check(self):
"""It should check password on request user"""
with self.mock_assets() as assets:
check_password = assets["request"].env.user._check_password
check_password.side_effect = EndTestException
with self.assertRaises(EndTestException):
self.password_security_session.change_password(self.fields)
check_password.assert_called_once_with(
self.passwd,
)
def test_change_password_return(self):
"""It should return result of super"""
with self.mock_assets():
with mock.patch.object(main.Session, "change_password") as chg:
res = self.password_security_session.change_password(self.fields)
self.assertEqual(chg(), res)

147
password_security/tests/test_res_users.py Normal file
View File

@@ -0,0 +1,147 @@
# Copyright 2015 LasLabs Inc.
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
from odoo.exceptions import UserError
from odoo.tests.common import SavepointCase
class TestResUsers(SavepointCase):
@classmethod
def setUpClass(cls):
super(TestResUsers, cls).setUpClass()
cls.login = "foslabs@example.com"
cls.partner_vals = {
"name": "Partner",
"is_company": False,
"email": cls.login,
}
cls.password = "asdQWE123$%^"
cls.main_comp = cls.env.ref("base.main_company")
cls.vals = {
"name": "User",
"login": cls.login,
"password": cls.password,
"company_id": cls.main_comp.id,
}
cls.model_obj = cls.env["res.users"]
cls.rec_id = cls._new_record()
@classmethod
def _new_record(cls):
partner_id = cls.env["res.partner"].create(cls.partner_vals)
cls.vals["partner_id"] = partner_id.id
return cls.model_obj.create(cls.vals)
def test_password_write_date_is_saved_on_create(self):
self.assertTrue(
self.rec_id.password_write_date,
"Password write date was not saved to db.",
)
def test_password_write_date_is_updated_on_write(self):
self.rec_id.write({"password_write_date": "1970-01-01 00:00:00"})
old_write_date = self.rec_id.password_write_date
self.rec_id.write({"password": "asdQWE123$%^2"})
new_write_date = self.rec_id.password_write_date
self.assertNotEqual(
old_write_date,
new_write_date,
"Password write date was not updated on write.",
)
def test_does_not_update_write_date_if_password_unchanged(self):
self.rec_id.write({"password_write_date": "1970-01-01 00:00:00"})
old_write_date = self.rec_id.password_write_date
self.rec_id.write({"name": "Luser"})
new_write_date = self.rec_id.password_write_date
self.assertEqual(
old_write_date,
new_write_date,
"Password not changed but write date updated anyway.",
)
def test_check_password_returns_true_for_valid_password(self):
self.assertTrue(
self.rec_id._check_password("asdQWE123$%^3"),
"Password is valid but check failed.",
)
def test_check_password_raises_error_for_invalid_password(self):
with self.assertRaises(UserError):
self.rec_id._check_password("password")
def test_save_password_crypt(self):
self.assertEqual(
1,
len(self.rec_id.password_history_ids),
)
def test_check_password_crypt(self):
"""It should raise UserError if previously used"""
with self.assertRaises(UserError):
self.rec_id.write({"password": self.password})
def test_password_is_expired_if_record_has_no_write_date(self):
self.rec_id.write({"password_write_date": None})
self.assertTrue(
self.rec_id._password_has_expired(),
"Record has no password write date but check failed.",
)
def test_an_old_password_is_expired(self):
old_write_date = "1970-01-01 00:00:00"
self.rec_id.write({"password_write_date": old_write_date})
self.assertTrue(
self.rec_id._password_has_expired(),
"Password is out of date but check failed.",
)
def test_a_new_password_is_not_expired(self):
self.assertFalse(
self.rec_id._password_has_expired(),
"Password was just created but has already expired.",
)
def test_expire_password_generates_token(self):
self.rec_id.sudo().action_expire_password()
token = self.rec_id.partner_id.signup_token
self.assertTrue(
token,
"A token was not generated.",
)
def test_validate_pass_reset_error(self):
"""It should throw UserError on reset inside min threshold"""
with self.assertRaises(UserError):
self.rec_id._validate_pass_reset()
def test_validate_pass_reset_allow(self):
"""It should allow reset pass when outside threshold"""
self.rec_id.password_write_date = "2016-01-01"
self.assertEqual(
True,
self.rec_id._validate_pass_reset(),
)
def test_validate_pass_reset_zero(self):
"""It should allow reset pass when <= 0"""
self.rec_id.company_id.password_minimum = 0
self.assertEqual(
True,
self.rec_id._validate_pass_reset(),
)
def test_underscore_is_special_character(self):
self.assertTrue(self.main_comp.password_special)
self.rec_id._check_password("asdQWE12345_3")
def test_user_with_admin_rights_can_create_users(self):
demo = self.env.ref("base.user_demo")
demo.groups_id |= self.env.ref("base.group_erp_manager")
test1 = self.model_obj.with_user(demo).create(
{
"login": "test1",
"name": "test1",
}
)
test1.unlink()