registration: Add LDAP tests.

2017-09-29 11:43:18 +05:00 · 2017-09-29 11:43:18 +05:00 · c14e9f3ae8
parent 3d6715445a
commit c14e9f3ae8
1 changed files with 146 additions and 0 deletions
--- a/zerver/tests/test_signup.py
+++ b/zerver/tests/test_signup.py
@ -1582,6 +1582,152 @@ class UserSignUpTest(ZulipTestCase):
                                             "newuser@zulip.com"],
                                            result)

+    def test_ldap_registration_end_to_end(self):
+        # type: () -> None
+        password = "testing"
+        email = "newuser@zulip.com"
+        subdomain = "zulip"
+
+        ldap_user_attr_map = {'full_name': 'fn', 'short_name': 'sn'}
+
+        ldap_patcher = patch('django_auth_ldap.config.ldap.initialize')
+        mock_initialize = ldap_patcher.start()
+        mock_ldap = MockLDAP()
+        mock_initialize.return_value = mock_ldap
+
+        full_name = 'New LDAP fullname'
+        mock_ldap.directory = {
+            'uid=newuser,ou=users,dc=zulip,dc=com': {
+                'userPassword': 'testing',
+                'fn': [full_name]
+            }
+        }
+
+        with patch('zerver.views.registration.get_subdomain', return_value=subdomain):
+            result = self.client_post('/register/', {'email': email})
+
+        self.assertEqual(result.status_code, 302)
+        self.assertTrue(result["Location"].endswith(
+            "/accounts/send_confirm/%s" % (email,)))
+        result = self.client_get(result["Location"])
+        self.assert_in_response("Check your email so we can get started.", result)
+
+        with self.settings(
+                POPULATE_PROFILE_VIA_LDAP=True,
+                LDAP_APPEND_DOMAIN='zulip.com',
+                AUTH_LDAP_BIND_PASSWORD='',
+                AUTH_LDAP_USER_ATTR_MAP=ldap_user_attr_map,
+                AUTHENTICATION_BACKENDS=('zproject.backends.ZulipLDAPAuthBackend',),
+                AUTH_LDAP_USER_DN_TEMPLATE='uid=%(user)s,ou=users,dc=zulip,dc=com'):
+
+            # Click confirmation link
+            result = self.submit_reg_form_for_user(email,
+                                                   password,
+                                                   full_name="Ignore",
+                                                   from_confirmation="1",
+                                                   # Pass HTTP_HOST for the target subdomain
+                                                   HTTP_HOST=subdomain + ".testserver")
+
+            # Full name should be set from LDAP
+            self.assert_in_success_response(["You're almost there.",
+                                             full_name,
+                                             "newuser@zulip.com"],
+                                            result)
+
+        # Submit the final form.
+        result = self.submit_reg_form_for_user(email,
+                                               password,
+                                               full_name=full_name,
+                                               # Pass HTTP_HOST for the target subdomain
+                                               HTTP_HOST=subdomain + ".testserver")
+        user_profile = UserProfile.objects.get(email=email)
+        # Name comes from form which was set by LDAP.
+        self.assertEqual(user_profile.full_name, full_name)
+
+    def test_ldap_registration_when_names_changes_are_disabled(self):
+        # type: () -> None
+        password = "testing"
+        email = "newuser@zulip.com"
+        subdomain = "zulip"
+
+        ldap_user_attr_map = {'full_name': 'fn', 'short_name': 'sn'}
+
+        ldap_patcher = patch('django_auth_ldap.config.ldap.initialize')
+        mock_initialize = ldap_patcher.start()
+        mock_ldap = MockLDAP()
+        mock_initialize.return_value = mock_ldap
+
+        mock_ldap.directory = {
+            'uid=newuser,ou=users,dc=zulip,dc=com': {
+                'userPassword': 'testing',
+                'fn': ['New LDAP fullname']
+            }
+        }
+
+        with patch('zerver.views.registration.get_subdomain', return_value=subdomain):
+            result = self.client_post('/register/', {'email': email})
+
+        self.assertEqual(result.status_code, 302)
+        self.assertTrue(result["Location"].endswith(
+            "/accounts/send_confirm/%s" % (email,)))
+        result = self.client_get(result["Location"])
+        self.assert_in_response("Check your email so we can get started.", result)
+
+        with self.settings(
+                POPULATE_PROFILE_VIA_LDAP=True,
+                LDAP_APPEND_DOMAIN='zulip.com',
+                AUTH_LDAP_BIND_PASSWORD='',
+                AUTH_LDAP_USER_ATTR_MAP=ldap_user_attr_map,
+                AUTHENTICATION_BACKENDS=('zproject.backends.ZulipLDAPAuthBackend',),
+                AUTH_LDAP_USER_DN_TEMPLATE='uid=%(user)s,ou=users,dc=zulip,dc=com'):
+
+            # Click confirmation link. This will 'authenticated_full_name'
+            # session variable which will be used to set the fullname of
+            # the user.
+            result = self.submit_reg_form_for_user(email,
+                                                   password,
+                                                   full_name="Ignore",
+                                                   from_confirmation="1",
+                                                   # Pass HTTP_HOST for the target subdomain
+                                                   HTTP_HOST=subdomain + ".testserver")
+
+        with patch('zerver.views.registration.name_changes_disabled', return_value=True):
+            result = self.submit_reg_form_for_user(email,
+                                                   password,
+                                                   # Pass HTTP_HOST for the target subdomain
+                                                   HTTP_HOST=subdomain + ".testserver")
+            user_profile = UserProfile.objects.get(email=email)
+            # Name comes from LDAP session.
+            self.assertEqual(user_profile.full_name, 'New LDAP fullname')
+
+    def test_registration_when_name_changes_are_disabled(self):
+        # type: () -> None
+        """
+        Test `name_changes_disabled` when we are not running under LDAP.
+        """
+        password = "testing"
+        email = "newuser@zulip.com"
+        subdomain = "zulip"
+
+        with patch('zerver.views.registration.get_subdomain', return_value=subdomain):
+            result = self.client_post('/register/', {'email': email})
+
+        self.assertEqual(result.status_code, 302)
+        self.assertTrue(result["Location"].endswith(
+            "/accounts/send_confirm/%s" % (email,)))
+        result = self.client_get(result["Location"])
+        self.assert_in_response("Check your email so we can get started.", result)
+
+        with patch('zerver.views.registration.name_changes_disabled', return_value=True):
+            result = self.submit_reg_form_for_user(email,
+                                                   password,
+                                                   full_name="New Name",
+                                                   # Pass HTTP_HOST for the target subdomain
+                                                   HTTP_HOST=subdomain + ".testserver")
+            user_profile = UserProfile.objects.get(email=email)
+            # 'New Name' comes from POST data; not from LDAP session.
+            self.assertEqual(user_profile.full_name, 'New Name')
+
    def test_realm_creation_through_ldap(self):
        # type: () -> None
        password = "testing"