You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

171 lines
6.3 KiB

# -*- coding: utf-8 -*-
# Copyright (C) 2013-2014 GRAP (http://www.grap.coop)
# @author Sylvain LE GAL (https://twitter.com/legalsylvain)
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html
from lxml import html
from werkzeug.test import Client
from werkzeug.wrappers import BaseResponse
from odoo.tests import common
from odoo.service import wsgi_server
@common.post_install(True)
class TestUI(common.HttpCase):
def setUp(self):
super(TestUI, self).setUp()
with self.registry.cursor() as test_cursor:
env = self.env(test_cursor)
self.admin_password = 'AdminPa$$w0rd'
env.ref('base.user_root').password = self.admin_password
self.passkey_password = 'PasskeyPa$$w0rd'
self.passkey_user = env['res.users'].create({
'name': 'passkey',
'login': 'passkey',
'email': 'passkey',
'password': self.passkey_password
})
self.dbname = env.cr.dbname
self.werkzeug_environ = {'REMOTE_ADDR': '127.0.0.1'}
self.test_client = Client(wsgi_server.application, BaseResponse)
self.test_client.get('/web/session/logout')
def html_doc(self, response):
"""Get an HTML LXML document."""
return html.fromstring(response.data)
def csrf_token(self, response):
"""Get a valid CSRF token."""
doc = self.html_doc(response)
return doc.xpath("//input[@name='csrf_token']")[0].get('value')
def get_request(self, url, data=None):
return self.test_client.get(
url, query_string=data, follow_redirects=True)
def post_request(self, url, data=None):
return self.test_client.post(
url, data=data, follow_redirects=True,
environ_base=self.werkzeug_environ)
def test_01_normal_login_admin_succeed(self):
# Our admin user wants to go to backoffice part of Odoo
response = self.get_request('/web/', data={'db': self.dbname})
# He notices that his redirected to login page as not authenticated
self.assertIn('oe_login_form', response.data)
# He needs to enters his credentials and submit the form
data = {
'login': 'admin',
'password': self.admin_password,
'csrf_token': self.csrf_token(response),
'db': self.dbname
}
response = self.post_request('/web/login/', data=data)
# He notices that his redirected to backoffice
self.assertNotIn('oe_login_form', response.data)
def test_02_normal_login_admin_fail(self):
# Our admin user wants to go to backoffice part of Odoo
response = self.get_request('/web/', data={'db': self.dbname})
# He notices that he's redirected to login page as not authenticated
self.assertIn('oe_login_form', response.data)
# He needs to enter his credentials and submit the form
data = {
'login': 'admin',
'password': 'password',
'csrf_token': self.csrf_token(response),
'db': self.dbname
}
response = self.post_request('/web/login/', data=data)
# He mistyped his password so he's redirected to login page again
self.assertIn('Wrong login/password', response.data)
def test_03_normal_login_passkey_succeed(self):
# Our passkey user wants to go to backoffice part of Odoo
response = self.get_request('/web/', data={'db': self.dbname})
# He notices that he's redirected to login page as not authenticated
self.assertIn('oe_login_form', response.data)
# He needs to enter his credentials and submit the form
data = {
'login': self.passkey_user.login,
'password': self.passkey_password,
'csrf_token': self.csrf_token(response),
'db': self.dbname
}
response = self.post_request('/web/login/', data=data)
# He notices that his redirected to backoffice
self.assertNotIn('oe_login_form', response.data)
def test_04_normal_login_passkey_fail(self):
# Our passkey user wants to go to backoffice part of Odoo
response = self.get_request('/web/', data={'db': self.dbname})
# He notices that he's redirected to login page as not authenticated
self.assertIn('oe_login_form', response.data)
# He needs to enter his credentials and submit the form
data = {
'login': self.passkey_user.login,
'password': 'password',
'csrf_token': self.csrf_token(response),
'db': self.dbname
}
response = self.post_request('/web/login/', data=data)
# He mistyped his password so he's redirected to login page again
self.assertIn('Wrong login/password', response.data)
def test_05_passkey_login_with_admin_password_succeed(self):
# Our admin user wants to login as passkey user
response = self.get_request('/web/', data={'db': self.dbname})
# He notices that his redirected to login page as not authenticated
self.assertIn('oe_login_form', response.data)
# He needs to enters its password with passkey user's login
data = {
'login': self.passkey_user.login,
'password': self.admin_password,
'csrf_token': self.csrf_token(response),
'db': self.dbname
}
response = self.post_request('/web/login/', data=data)
# He notices that his redirected to backoffice
self.assertNotIn('oe_login_form', response.data)
def test_06_passkey_login_with_same_password_as_admin(self):
self.passkey_user.password = self.admin_password
# Our passkey user wants to go to backoffice part of Odoo
response = self.get_request('/web/', data={'db': self.dbname})
# He notices that his redirected to login page as not authenticated
self.assertIn('oe_login_form', response.data)
# He needs to enters his credentials and submit the form
data = {
'login': self.passkey_user.login,
'password': self.admin_password,
'csrf_token': self.csrf_token(response),
'db': self.dbname
}
response = self.post_request('/web/login/', data=data)
# He notices that his redirected to backoffice
self.assertNotIn('oe_login_form', response.data)