2017-03-08 12:03:39 +01:00
|
|
|
|
|
|
|
import ujson
|
|
|
|
|
|
|
|
from django.http import HttpResponse
|
|
|
|
from mock import patch
|
|
|
|
from typing import Any, Dict
|
|
|
|
|
|
|
|
from zerver.lib.test_classes import ZulipTestCase
|
2017-05-23 20:57:59 +02:00
|
|
|
from zerver.models import get_user, get_realm
|
|
|
|
|
2017-03-08 12:03:39 +01:00
|
|
|
|
|
|
|
class ZephyrTest(ZulipTestCase):
|
|
|
|
def test_webathena_kerberos_login(self):
|
|
|
|
# type: () -> None
|
2017-05-23 20:57:59 +02:00
|
|
|
email = self.example_email('hamlet')
|
2017-03-08 12:03:39 +01:00
|
|
|
self.login(email)
|
|
|
|
|
2017-08-26 00:21:54 +02:00
|
|
|
def post(subdomain, **kwargs):
|
2017-03-08 12:03:39 +01:00
|
|
|
# type: (**Any) -> HttpResponse
|
|
|
|
params = {k: ujson.dumps(v) for k, v in kwargs.items()}
|
2017-08-26 00:21:54 +02:00
|
|
|
return self.client_post('/accounts/webathena_kerberos_login/', params,
|
|
|
|
subdomain=subdomain)
|
2017-03-08 12:03:39 +01:00
|
|
|
|
2017-08-26 00:21:54 +02:00
|
|
|
result = post("zulip")
|
2017-03-08 12:03:39 +01:00
|
|
|
self.assert_json_error(result, 'Could not find Kerberos credential')
|
|
|
|
|
2017-08-26 00:21:54 +02:00
|
|
|
result = post("zulip", cred='whatever')
|
2017-03-08 12:03:39 +01:00
|
|
|
self.assert_json_error(result, 'Webathena login not enabled')
|
|
|
|
|
2017-05-24 21:21:35 +02:00
|
|
|
email = str(self.mit_email("starnine"))
|
2017-05-23 20:57:59 +02:00
|
|
|
realm = get_realm('zephyr')
|
2017-11-18 00:11:24 +01:00
|
|
|
self.login(email, realm=realm)
|
2017-03-08 12:03:39 +01:00
|
|
|
|
|
|
|
def ccache_mock(**kwargs):
|
|
|
|
# type: (**Any) -> Any
|
|
|
|
return patch('zerver.views.zephyr.make_ccache', **kwargs)
|
|
|
|
|
|
|
|
def ssh_mock(**kwargs):
|
|
|
|
# type: (**Any) -> Any
|
|
|
|
return patch('zerver.views.zephyr.subprocess.check_call', **kwargs)
|
|
|
|
|
|
|
|
def mirror_mock():
|
|
|
|
# type: () -> Any
|
|
|
|
return self.settings(PERSONAL_ZMIRROR_SERVER='server')
|
|
|
|
|
|
|
|
def logging_mock():
|
|
|
|
# type: () -> Any
|
|
|
|
return patch('logging.exception')
|
|
|
|
|
|
|
|
cred = dict(cname=dict(nameString=['starnine']))
|
|
|
|
|
|
|
|
with ccache_mock(side_effect=KeyError('foo')):
|
2017-08-26 00:21:54 +02:00
|
|
|
result = post("zephyr", cred=cred)
|
2017-03-08 12:03:39 +01:00
|
|
|
self.assert_json_error(result, 'Invalid Kerberos cache')
|
|
|
|
|
|
|
|
with \
|
|
|
|
ccache_mock(return_value=b'1234'), \
|
|
|
|
ssh_mock(side_effect=KeyError('foo')), \
|
|
|
|
logging_mock() as log:
|
2017-08-26 00:21:54 +02:00
|
|
|
result = post("zephyr", cred=cred)
|
2017-03-08 12:03:39 +01:00
|
|
|
|
|
|
|
self.assert_json_error(result, 'We were unable to setup mirroring for you')
|
|
|
|
log.assert_called_with("Error updating the user's ccache")
|
|
|
|
|
|
|
|
with ccache_mock(return_value=b'1234'), mirror_mock(), ssh_mock() as ssh:
|
2017-08-26 00:21:54 +02:00
|
|
|
result = post("zephyr", cred=cred)
|
2017-03-08 12:03:39 +01:00
|
|
|
|
|
|
|
self.assert_json_success(result)
|
|
|
|
ssh.assert_called_with([
|
|
|
|
'ssh',
|
|
|
|
'server',
|
|
|
|
'--',
|
2017-10-05 21:26:54 +02:00
|
|
|
'/home/zulip/python-zulip-api/zulip/integrations/zephyr/process_ccache',
|
2017-03-08 12:03:39 +01:00
|
|
|
'starnine',
|
2017-05-23 20:57:59 +02:00
|
|
|
get_user(email, realm).api_key,
|
2017-03-08 12:03:39 +01:00
|
|
|
'MTIzNA=='])
|
|
|
|
|
|
|
|
# Accounts whose Kerberos usernames are known not to match their
|
|
|
|
# zephyr accounts are hardcoded, and should be handled properly.
|
|
|
|
|
|
|
|
def kerberos_alter_egos_mock():
|
|
|
|
# type: () -> Any
|
|
|
|
return patch(
|
|
|
|
'zerver.views.zephyr.kerberos_alter_egos',
|
|
|
|
{'kerberos_alter_ego': 'starnine'})
|
|
|
|
|
|
|
|
cred = dict(cname=dict(nameString=['kerberos_alter_ego']))
|
|
|
|
with \
|
|
|
|
ccache_mock(return_value=b'1234'), \
|
|
|
|
mirror_mock(), \
|
|
|
|
ssh_mock() as ssh, \
|
|
|
|
kerberos_alter_egos_mock():
|
2017-08-26 00:21:54 +02:00
|
|
|
result = post("zephyr", cred=cred)
|
2017-03-08 12:03:39 +01:00
|
|
|
|
|
|
|
self.assert_json_success(result)
|
|
|
|
ssh.assert_called_with([
|
|
|
|
'ssh',
|
|
|
|
'server',
|
|
|
|
'--',
|
2017-10-05 21:26:54 +02:00
|
|
|
'/home/zulip/python-zulip-api/zulip/integrations/zephyr/process_ccache',
|
2017-03-08 12:03:39 +01:00
|
|
|
'starnine',
|
2017-05-23 20:57:59 +02:00
|
|
|
get_user(email, realm).api_key,
|
2017-03-08 12:03:39 +01:00
|
|
|
'MTIzNA=='])
|