diff --git a/test/test_cgi.py b/test/test_cgi.py
index 91878e9427582e539a544b9f79dd5bd2fd75e988..c99d9e8cfa51f386e8cd403a7a9e8f8bcf8a3141 100644 (file)
--- a/test/test_cgi.py
+++ b/test/test_cgi.py
':confirm:password': ''}, 'user', nodeid),
({('user', nodeid): {}}, []))
+ def testPasswordMigration(self):
+ chef = self.db.user.lookup('Chef')
+ form = dict(__login_name='Chef', __login_password='foo')
+ cl = self._make_client(form)
+ # assume that the "best" algorithm is the first one and doesn't
+ # need migration, all others should be migrated.
+ for scheme in password.Password.deprecated_schemes:
+ pw1 = password.Password('foo', scheme=scheme)
+ self.assertEqual(pw1.needs_migration(), True)
+ self.db.user.set(chef, password=pw1)
+ self.db.commit()
+ actions.LoginAction(cl).handle()
+ pw = self.db.user.get(chef, 'password')
+ self.assertEqual(pw, 'foo')
+ self.assertEqual(pw.needs_migration(), False)
+ pw1 = pw
+ self.assertEqual(pw1.needs_migration(), False)
+ scheme = password.Password.known_schemes[0]
+ self.assertEqual(scheme, pw1.scheme)
+ actions.LoginAction(cl).handle()
+ pw = self.db.user.get(chef, 'password')
+ self.assertEqual(pw, 'foo')
+ self.assertEqual(pw, pw1)
+
+ def testPasswordConfigOption(self):
+ chef = self.db.user.lookup('Chef')
+ form = dict(__login_name='Chef', __login_password='foo')
+ cl = self._make_client(form)
+ self.db.config.PASSWORD_PBKDF2_DEFAULT_ROUNDS = 1000
+ pw1 = password.Password('foo', scheme='crypt')
+ self.assertEqual(pw1.needs_migration(), True)
+ self.db.user.set(chef, password=pw1)
+ self.db.commit()
+ actions.LoginAction(cl).handle()
+ pw = self.db.user.get(chef, 'password')
+ self.assertEqual('PBKDF2', pw.scheme)
+ self.assertEqual(1000, password.pbkdf2_unpack(pw.password)[0])
+
#
# Boolean
#
p = self.db.security.addPermission(name='View', klass='iss',
properties=("title", "status"), check=lambda x,y,z: True)
self.db.security.addPermissionToRole('User', p)
+ # Allow all relevant roles access to stat
+ p = self.db.security.addPermission(name='View', klass='stat')
+ self.db.security.addPermissionToRole('User', p)
+ self.db.security.addPermissionToRole('Project', p)
# Allow role "Project" access to whole iss
p = self.db.security.addPermission(name='View', klass='iss')
self.db.security.addPermissionToRole('Project', p)
h = HTMLRequest(cl)
self.assertEqual([x.id for x in h.batch()],['1', '2', '3'])
+ def testEditCSV(self):
+ form = dict(rows='id,name\n1,newkey')
+ cl = self._make_client(form, userid='1', classname='keyword')
+ cl.ok_message = []
+ actions.EditCSVAction(cl).handle()
+ self.assertEqual(cl.ok_message, ['Items edited OK'])
+ k = self.db.keyword.getnode('1')
+ self.assertEqual(k.name, 'newkey')
+ form = dict(rows=u'id,name\n1,\xe4\xf6\xfc'.encode('utf-8'))
+ cl = self._make_client(form, userid='1', classname='keyword')
+ cl.ok_message = []
+ actions.EditCSVAction(cl).handle()
+ self.assertEqual(cl.ok_message, ['Items edited OK'])
+ k = self.db.keyword.getnode('1')
+ self.assertEqual(k.name, u'\xe4\xf6\xfc'.encode('utf-8'))
+
def testRoles(self):
cl = self._make_client({})
self.db.user.set('1', roles='aDmin, uSer')