Browse Source

[FIX] auth_brute_force: Fix addon requirement computation (#1251)

Include HACK for https://github.com/odoo/odoo/pull/24833, which explains the false positive problem we were having here: an addon being importable doesn't mean it is installed.
pull/1255/head
Jairo Llopis 7 years ago
committed by Jairo Llopis
parent
commit
6ad9be7acc
  1. 2
      auth_brute_force/__manifest__.py
  2. 40
      auth_brute_force/tests/test_brute_force.py

2
auth_brute_force/__manifest__.py

@ -4,7 +4,7 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
{ {
'name': 'Authentification - Brute-Force Filter', 'name': 'Authentification - Brute-Force Filter',
'version': '10.0.2.1.0',
'version': '10.0.2.1.1',
'category': 'Tools', 'category': 'Tools',
'summary': "Track Authentication Attempts and Prevent Brute-force Attacks", 'summary': "Track Authentication Attempts and Prevent Brute-force Attacks",
'author': "GRAP, " 'author': "GRAP, "

40
auth_brute_force/tests/test_brute_force.py

@ -3,14 +3,14 @@
# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl). # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
from threading import current_thread from threading import current_thread
from unittest import skipUnless
from urllib import urlencode from urllib import urlencode
from decorator import decorator
from mock import patch from mock import patch
from werkzeug.utils import redirect from werkzeug.utils import redirect
from odoo import http from odoo import http
from odoo.tests.common import at_install, can_import, HttpCase, post_install
from odoo.tests.common import at_install, HttpCase, post_install
from odoo.tools import mute_logger from odoo.tools import mute_logger
from ..models import res_authentication_attempt, res_users from ..models import res_authentication_attempt, res_users
@ -23,6 +23,29 @@ GARBAGE_LOGGERS = (
) )
# HACK https://github.com/odoo/odoo/pull/24833
def skip_unless_addons_installed(*addons):
"""Decorator to skip a test unless some addons are installed.
:param *str addons:
Addon names that should be installed.
:param reason:
Explain why you must skip this test.
"""
@decorator
def _wrapper(method, self, *args, **kwargs):
installed = self.addons_installed(*addons)
if not installed:
missing = set(addons) - installed
self.skipTest("Required addons not installed: %s" %
",".join(sorted(missing)))
return method(self, *args, **kwargs)
return _wrapper
@at_install(False) @at_install(False)
@post_install(True) @post_install(True)
# Skip CSRF validation on tests # Skip CSRF validation on tests
@ -62,7 +85,16 @@ class BruteForceCase(HttpCase):
("login", "=", self.data_demo["login"]), ("login", "=", self.data_demo["login"]),
]).password = self.data_demo["password"] ]).password = self.data_demo["password"]
@skipUnless(can_import("odoo.addons.web"), "Needs web addon")
# HACK https://github.com/odoo/odoo/pull/24833
def addons_installed(self, *addons):
"""Know if the specified addons are installed."""
found = self.env["ir.module.module"].search([
("name", "in", addons),
("state", "not in", ["uninstalled", "uninstallable"]),
])
return set(addons) - set(found.mapped("name"))
@skip_unless_addons_installed("web")
@mute_logger(*GARBAGE_LOGGERS) @mute_logger(*GARBAGE_LOGGERS)
def test_web_login_existing(self, *args): def test_web_login_existing(self, *args):
"""Remote is banned with real user on web login form.""" """Remote is banned with real user on web login form."""
@ -131,7 +163,7 @@ class BruteForceCase(HttpCase):
response = self.url_open("/web/login", bytes(urlencode(data1)), 30) response = self.url_open("/web/login", bytes(urlencode(data1)), 30)
self.assertTrue(response.geturl().endswith("/web")) self.assertTrue(response.geturl().endswith("/web"))
@skipUnless(can_import("odoo.addons.web"), "Needs web addon")
@skip_unless_addons_installed("web")
@mute_logger(*GARBAGE_LOGGERS) @mute_logger(*GARBAGE_LOGGERS)
def test_web_login_unexisting(self, *args): def test_web_login_unexisting(self, *args):
"""Remote is banned with fake user on web login form.""" """Remote is banned with fake user on web login form."""

Loading…
Cancel
Save