You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

157 lines
5.3 KiB

  1. # -*- coding: utf-8 -*-
  2. # Copyright 2015 LasLabs Inc.
  3. # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
  4. import time
  5. from openerp.tests.common import TransactionCase
  6. from ..exceptions import PassError
  7. class TestResUsers(TransactionCase):
  8. def setUp(self):
  9. super(TestResUsers, self).setUp()
  10. self.main_comp = self.env.ref('base.main_company')
  11. # Modify users as privileged, but non-root user
  12. privileged_user = self.env['res.users'].create({
  13. 'name': 'Privileged User',
  14. 'login': 'privileged_user@example.com',
  15. 'company_id': self.main_comp.id,
  16. 'groups_id': [(4, self.env.ref('base.group_erp_manager').id)],
  17. })
  18. privileged_user.email = privileged_user.login
  19. self.env = self.env(user=privileged_user)
  20. self.login = 'foslabs@example.com'
  21. self.partner_vals = {
  22. 'name': 'Partner',
  23. 'is_company': False,
  24. 'email': self.login,
  25. }
  26. self.password = 'asdQWE123$%^'
  27. self.vals = {
  28. 'name': 'User',
  29. 'login': self.login,
  30. 'password': self.password,
  31. 'company_id': self.main_comp.id
  32. }
  33. self.model_obj = self.env['res.users']
  34. def _new_record(self):
  35. partner_id = self.env['res.partner'].create(self.partner_vals)
  36. self.vals['partner_id'] = partner_id.id
  37. return self.model_obj.create(self.vals)
  38. def test_password_write_date_is_saved_on_create(self):
  39. rec_id = self._new_record()
  40. self.assertTrue(
  41. rec_id.password_write_date,
  42. 'Password write date was not saved to db.',
  43. )
  44. def test_password_write_date_is_updated_on_write(self):
  45. rec_id = self._new_record()
  46. old_write_date = rec_id.password_write_date
  47. time.sleep(2)
  48. rec_id.write({'password': 'asdQWE123$%^2'})
  49. rec_id.refresh()
  50. new_write_date = rec_id.password_write_date
  51. self.assertNotEqual(
  52. old_write_date, new_write_date,
  53. 'Password write date was not updated on write.',
  54. )
  55. def test_does_not_update_write_date_if_password_unchanged(self):
  56. rec_id = self._new_record()
  57. old_write_date = rec_id.password_write_date
  58. time.sleep(2)
  59. rec_id.write({'name': 'Luser'})
  60. rec_id.refresh()
  61. new_write_date = rec_id.password_write_date
  62. self.assertEqual(
  63. old_write_date, new_write_date,
  64. 'Password not changed but write date updated anyway.',
  65. )
  66. def test_check_password_returns_true_for_valid_password(self):
  67. rec_id = self._new_record()
  68. self.assertTrue(
  69. rec_id.check_password('asdQWE123$%^3'),
  70. 'Password is valid but check failed.',
  71. )
  72. def test_check_password_raises_error_for_invalid_password(self):
  73. rec_id = self._new_record()
  74. with self.assertRaises(PassError):
  75. rec_id.check_password('password')
  76. def test_save_password_crypt(self):
  77. rec_id = self._new_record()
  78. self.assertEqual(
  79. 1, len(rec_id.password_history_ids),
  80. )
  81. def test_check_password_crypt(self):
  82. """ It should raise PassError if previously used """
  83. rec_id = self._new_record()
  84. with self.assertRaises(PassError):
  85. rec_id.write({'password': self.password})
  86. def test_password_is_expired_if_record_has_no_write_date(self):
  87. rec_id = self._new_record()
  88. rec_id.write({'password_write_date': None})
  89. rec_id.refresh()
  90. self.assertTrue(
  91. rec_id._password_has_expired(),
  92. 'Record has no password write date but check failed.',
  93. )
  94. def test_an_old_password_is_expired(self):
  95. rec_id = self._new_record()
  96. old_write_date = '1970-01-01 00:00:00'
  97. rec_id.write({'password_write_date': old_write_date})
  98. rec_id.refresh()
  99. self.assertTrue(
  100. rec_id._password_has_expired(),
  101. 'Password is out of date but check failed.',
  102. )
  103. def test_a_new_password_is_not_expired(self):
  104. rec_id = self._new_record()
  105. self.assertFalse(
  106. rec_id._password_has_expired(),
  107. 'Password was just created but has already expired.',
  108. )
  109. def test_expire_password_generates_token(self):
  110. rec_id = self._new_record()
  111. rec_id.sudo().action_expire_password()
  112. rec_id.refresh()
  113. token = rec_id.partner_id.signup_token
  114. self.assertTrue(
  115. token,
  116. 'A token was not generated.',
  117. )
  118. def test_validate_pass_reset_error(self):
  119. """ It should throw PassError on reset inside min threshold """
  120. rec_id = self._new_record()
  121. with self.assertRaises(PassError):
  122. rec_id._validate_pass_reset()
  123. def test_validate_pass_reset_allow(self):
  124. """ It should allow reset pass when outside threshold """
  125. rec_id = self._new_record()
  126. rec_id.password_write_date = '2016-01-01'
  127. self.assertEqual(
  128. True, rec_id._validate_pass_reset(),
  129. )
  130. def test_validate_pass_reset_zero(self):
  131. """ It should allow reset pass when <= 0 """
  132. rec_id = self._new_record()
  133. rec_id.company_id.password_minimum = 0
  134. self.assertEqual(
  135. True, rec_id._validate_pass_reset(),
  136. )