Commit 4cf2d3f6 authored by Vincent Desmares's avatar Vincent Desmares

Add a new unittest for testing the Cookie generation with long login/password

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@23042 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent f958c13a
##############################################################################
#
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
import base64
from cStringIO import StringIO
import unittest
import urllib
from OFS.DTMLMethod import DTMLMethod
from OFS.Folder import Folder
from zExceptions.unauthorized import Unauthorized
from AccessControl.User import UserFolder
from AccessControl.SecurityManagement import noSecurityManager
from ZPublisher.HTTPRequest import HTTPRequest
from ZPublisher.HTTPResponse import HTTPResponse
from Products.CMFCore.CookieCrumbler \
import CookieCrumbler, manage_addCC, Redirect
from Products.CMFCore.tests.testCookieCrumbler import makerequest
from Products.CMFCore.tests.testCookieCrumbler import CookieCrumblerTests
class ERP5CookieCrumblerTests (CookieCrumblerTests):
""" Modify original CMFCore Cookie Crumbler unit test to test long login """
def setUp(self):
root = Folder()
self.root = root
root.isTopLevelPrincipiaApplicationObject = 1 # User folder needs this
root.getPhysicalPath = lambda: () # hack
root._View_Permission = ('Anonymous',)
users = UserFolder()
users._setId('acl_users')
users._doAddUser('abraham', 'pass-w', ('Patriarch',), ())
users._doAddUser('isaac', 'pass-w', ('Son',), ())
users._doAddUser('abrahammmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm',
'pass-wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww',
('Son',), ())
root._setObject(users.id, users)
cc = CookieCrumbler()
cc.id = 'cookie_authentication'
root._setObject(cc.id, cc)
self.cc = getattr(root, cc.id)
index = DTMLMethod()
index.munge('This is the default view')
index._setId('index_html')
root._setObject(index.getId(), index)
login = DTMLMethod()
login.munge('Please log in first.')
login._setId('login_form')
root._setObject(login.getId(), login)
protected = DTMLMethod()
protected._View_Permission = ('Manager',)
protected.munge('This is the protected view')
protected._setId('protected')
root._setObject(protected.getId(), protected)
self.responseOut = StringIO()
self.req = makerequest(root, self.responseOut)
self.credentials = urllib.quote(
base64.encodestring('abraham:pass-w').replace('\012', ''))
def testCookieLongLogin(self):
# verify the user and auth cookie get set
long_name = 'abrahammmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
long_pass = 'pass-wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww'
self.req.cookies['__ac_name'] = long_name
self.req.cookies['__ac_password'] = long_pass
self.req.traverse('/')
self.assert_(self.req.has_key('AUTHENTICATED_USER'))
self.assertEqual(self.req['AUTHENTICATED_USER'].getUserName(),
'abrahammmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm')
resp = self.req.response
self.assert_(resp.cookies.has_key('__ac'))
self.credentials = base64.encodestring('%s:%s' % (long_name, long_pass)).replace('\012', '')
self.assertEqual(resp.cookies['__ac']['value'],
self.credentials)
self.assertEqual(resp.cookies['__ac']['path'], '/')
def test_suite():
return unittest.makeSuite(ERP5CookieCrumblerTests)
if __name__ == '__main__':
unittest.main(defaultTest='test_suite')
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment