vigiboard / vigiboard / tests / functional / test_authentication.py @ 703bd599
History | View | Annotate | Download (2.68 KB)
1 |
# -*- coding: utf-8 -*-
|
---|---|
2 |
# Copyright (C) 2006-2014 CS-SI
|
3 |
# License: GNU GPL v2 <http://www.gnu.org/licenses/gpl-2.0.html>
|
4 |
|
5 |
"""
|
6 |
Integration tests for the :mod:`repoze.who`-powered authentication sub-system.
|
7 |
|
8 |
As vigiboard grows and the authentication method changes, only these tests
|
9 |
should be updated.
|
10 |
|
11 |
"""
|
12 |
|
13 |
from vigiboard.tests import TestController |
14 |
|
15 |
|
16 |
class TestAuthentication(TestController): |
17 |
"""
|
18 |
Tests for the default authentication setup.
|
19 |
|
20 |
By default in TurboGears 2, :mod:`repoze.who` is configured with the same
|
21 |
plugins specified by repoze.what-quickstart (which are listed in
|
22 |
http://code.gustavonarea.net/repoze.what-quickstart/#repoze.what.plugins.quickstart.setup_sql_auth).
|
23 |
|
24 |
As the settings for those plugins change, or the plugins are replaced,
|
25 |
these tests should be updated.
|
26 |
|
27 |
"""
|
28 |
|
29 |
application_under_test = 'main'
|
30 |
|
31 |
def test_voluntary_login(self): |
32 |
"""Voluntary logins must work correctly"""
|
33 |
# Going to the login form voluntarily:
|
34 |
resp = self.app.get('/login', status=200) |
35 |
form = resp.form |
36 |
# Submitting the login form:
|
37 |
form['login'] = u'manager' |
38 |
form['password'] = u'iddad' |
39 |
post_login = form.submit(status=302)
|
40 |
# Being redirected to the home page:
|
41 |
assert post_login.location.startswith('/post_login') or \ |
42 |
post_login.location.startswith('http://localhost/post_login'), \
|
43 |
"Result: %s" % post_login.location
|
44 |
home_page = post_login.follow(status=302)
|
45 |
assert 'authtkt' in home_page.request.cookies, \ |
46 |
'Session cookie was not defined: %s' % home_page.request.cookies
|
47 |
assert home_page.location == 'http://localhost/' |
48 |
|
49 |
def test_logout(self): |
50 |
"""Logouts must work correctly"""
|
51 |
# Logging in voluntarily the quick way:
|
52 |
resp = self.app.get('/login_handler?login=manager&password=iddad', |
53 |
status=302)
|
54 |
resp = resp.follow(status=302)
|
55 |
assert 'authtkt' in resp.request.cookies, \ |
56 |
'Session cookie was not defined: %s' % resp.request.cookies
|
57 |
# Logging out:
|
58 |
resp = self.app.get('/logout_handler', status=302) |
59 |
assert resp.location.startswith('/post_logout') or \ |
60 |
resp.location.startswith('http://localhost/post_logout'), \
|
61 |
"Result: %s" % resp.location
|
62 |
# Finally, redirected to the home page:
|
63 |
home_page = resp.follow(status=302)
|
64 |
assert home_page.request.cookies.get('authtkt') == '' \ |
65 |
or home_page.request.cookies.get('authtkt') == 'INVALID', \ |
66 |
'Session cookie was not deleted: %s' % home_page.request.cookies
|
67 |
assert home_page.location == 'http://localhost/', home_page.location |