Commit Graph

87 Commits

Author SHA1 Message Date
Tim Abbott 84b18f865a users: Verify full names explicitly in account registration.
I believe this completes the project of ensuring that our recent work
on limiting what characters can appears in users' full names covers
the entire codebase.
2017-02-07 20:20:32 -08:00
Harshit Bansal 8c428dc130 Fix `ZulipLDAPAuthBackend` not to rely on user's email domain.
In case realms have subdomains and the user hasn't been populated
yet in the Django User model, `ZulipLDAPAuthBackend` should not
rely on user's email domain to determine in which realm it should
be created in.

Fixes: #2227.
2017-01-25 15:24:49 -08:00
Tim Abbott 4e171ce787 lint: Clean up E126 PEP-8 rule. 2017-01-23 22:06:13 -08:00
sinwar b0efa58eb4 requirements: Upgrade python-social-auth to latest version
Fixes #3403
2017-01-21 21:22:59 +05:30
Rishi Gupta 494c1a2b55 Remove unnecessary uses of Realm.domain in zerver/tests. 2017-01-09 11:26:08 -08:00
Tim Abbott f3b5683e77 views: Rename __init__.py to zerver.views.registration.
This completes the cleanup process of eliminating functions in the
root zerver/views/__init__.py module.
2017-01-08 16:21:15 -08:00
Rishi Gupta 2b0a7fd0ba Rename models.get_realm_by_string_id to get_realm.
Finishes the refactoring started in c1bbd8d. The goal of the refactoring is
to change the argument to get_realm from a Realm.domain to a
Realm.string_id. The steps were

* Add a new function, get_realm_by_string_id.

* Change all calls to get_realm to use get_realm_by_string_id instead.

* Remove get_realm.

* (This commit) Rename get_realm_by_string_id to get_realm.

Part of a larger migration to remove the Realm.domain field entirely.
2017-01-04 17:12:23 -08:00
Umair Khan b6cb6a4f0c ldap: Inherit FakeLdap exceptions from ldap. 2016-12-30 16:55:06 -08:00
Rishi Gupta d6e7014f06 Refactor views.create_homepage_form into its callers.
The indirection is no longer that useful, and obscures Django's conventional
style for calling a form.
2016-12-26 17:50:23 -08:00
Tim Abbott 66bce06a5a lint: Fix E127 vilations due to recent assertEquals migration. 2016-12-15 20:51:27 -08:00
Tim Abbott bf80873d4f tests: s/assertRaisesRegexp/assertRaisesRegex/ due to deprecation. 2016-12-15 17:11:42 -08:00
Tim Abbott a116c86f62 tests: s/assertEquals/assertEqual/ due to deprecation.
Fixes #2730.
2016-12-15 17:02:03 -08:00
Igor Tokarev f154a3b742 tests: Improve test coverage of templates.
Addresses part of #1677.
2016-12-14 13:08:33 -08:00
Umair Khan 8e30530cc5 subdomains: Make GitHub login work with subdomains.
Fixes #2501.
2016-12-14 11:09:39 -08:00
bulat22101 9f68efa47b mypy: Convert zerver/tests/ to use typing.Text. 2016-12-04 14:47:21 -08:00
nikolay abc2ff4a06 pep8: Fix many rule E128 violations.
[Tweaked by tabbott to adjust some approaches used in wrapping]
2016-12-03 13:33:31 -08:00
Sidhant Bhavnani 8c0c12c1d9 pep8: Fix E303 violations. 2016-12-02 15:34:11 -08:00
AZtheAsian 1ba150fa85 pep8: Fix E203 violations 2016-12-01 20:37:57 -08:00
Rafid Aslam c5316b4002 lint: Fix E127 pep8 violations.
Fix pep8: E127 continuation line over-indented for visual indent
style issue.
2016-12-01 10:23:55 -08:00
Rafid Aslam 41bd88d5ed pep8: Fix E301 pep8 violations.
Fix "E301: expected (1 or 2) blank line" pep8 violations.
2016-11-29 08:51:44 -08:00
Rafid Aslam 7a2282986a pep8: Fix E225 pep8 violations. 2016-11-28 15:21:15 -08:00
reyha 9f8630fed8 tests: Access realms by string_id.
Replaces get_realm() function by get_realm_by_string_id() function
in zerver/tests.

Fixes #2226.
2016-11-15 13:32:20 -08:00
sinwar 4582a98c09 tests: Split out ZulipTestCase and WebhookTestCase to a separate file.
Fixes #1671.
2016-11-10 19:29:43 -08:00
Umair Khan ee3ec96f38 Django 1.10: Suppress logs. 2016-11-10 16:20:03 +05:00
Umair Khan 1e91b946d9 Django 1.10: Sign google oauth requests using csrf token.
In Django 1.10, the get_token function returns a salted version of
csrf token which changes whenever get_token is called. This gives
us wrong result when we compare the state after returning from
Google authentication servers. The solution is to unsalt the token
and use that token to find the HMAC so that we get the same value
as long as t he token is same.
2016-11-10 16:20:03 +05:00
Rishi Gupta 1e6ae537bd Remove special flow for open realm sign-up when realms have subdomains.
Redirects /register/<domain> to /accounts/register when
REALMS_HAVE_SUBDOMAINS.
2016-11-09 16:31:48 -08:00
Rishi Gupta ff2fe0cf92 forms.HomepageForm: Improve error messages.
No change to behavior.
2016-11-09 16:31:48 -08:00
Rishi Gupta 01526677c4 forms.HomepageForm: Use string_id to determine intended signup realm.
If the user comes in to HomepageForm with a set subdomain, use that to
determine the signup realm instead of the email address.

In the non-REALMS_HAVE_SUBDOMAINS case, still allow using the email address
if no subdomain is passed.
2016-11-09 16:31:48 -08:00
Umair Khan f78752466c Django 1.10: URLs in response contain just the path.
The response object of the Django test client only contains the
path of the url.
2016-11-09 15:26:07 -08:00
umkay ab2fd4ef3a TestAdminSetBackends: Supply dev_auth_enabled() with realm argument.
This fixes the fact that these tests were not correctly running
against the actual realm.
2016-11-07 17:07:05 -08:00
Tim Abbott 11518d9fb3 Remove test_ldap_auth_email_auth_disabled_failure for now.
This test was having order-dependent failures when run after
`test_signup`.
2016-11-06 18:34:22 -08:00
Tim Abbott bb17e575c8 auth: Add SocialAuthMixinTest. 2016-11-06 18:07:52 -08:00
Tim Abbott c856e56afc test_auth_backend: Add missing LDAP tests in FetchAPIKeyTest. 2016-11-06 18:07:52 -08:00
Tim Abbott c94fe5bdef test_ldap: Fix spelling of tearDown method. 2016-11-06 16:33:20 -08:00
umkay f4c621ffe3 admin: Enable admins to toggle supported auth methods via UI.
Add a table to the administration page that will allow realm admins to
activate and deactivate the supported authentication methods for that
realm.
2016-11-06 16:29:35 -08:00
umkay 21c024fc29 auth: Make supported authentication backends a bitfield on realm.
This makes it possible to configure only certain authentication
methods to be enabled on a per-realm basis.

Note that the authentication_methods_dict function (which checks what
backends are supported on the realm) requires an in function import
due to a circular dependency.
2016-11-06 16:16:24 -08:00
Tim Abbott b41c15fa05 auth: Reject authentication if auth backends are disabled. 2016-11-06 16:16:22 -08:00
Tim Abbott 3a3cee411d auth: Remove old password_auth_enabled hack.
This was used by an old configuration for zulip.com, which is no
longer in production use.
2016-11-06 14:50:15 -08:00
Umair Khan 4502872e8e subdomain: Test user registration through Google OAuth. 2016-11-03 10:09:24 -07:00
Rishi Gupta 64bcd71d6e models.Realm: Rename subdomain to string_id.
Does a database migration to rename Realm.subdomain to
Realm.string_id, and makes Realm.subdomain a property.  Eventually,
Realm.string_id will replace Realm.domain as the handle by which we
retrieve Realm objects.
2016-11-02 22:46:34 -07:00
umkay 0e0a11bb5e Refactor GitHub authentication backend tests. 2016-11-02 21:06:17 -07:00
Umair Khan 2dabfc562c subdomains: Add tests for single domain OAuth2. 2016-10-28 11:04:08 -07:00
Umair Khan 26646abe8c Authenticate subdomains using single Google OAuth entry.
Previously, we used to create one Google OAuth callback url entry
per subdomain. This commit allows us to authenticate subdomain users
against a single Google OAuth callback url entry.
2016-10-28 11:04:08 -07:00
Umair Khan d139c9cb71 Add tests for maybe_send_to_registration function. 2016-10-28 09:27:56 -07:00
Umair Khan 8064ed1c0b Add test for ZulipRemoteUserBackend. 2016-10-28 09:27:56 -07:00
Umair Khan 839cab3434 Add tests for GitHubAuthBackend. 2016-10-28 09:27:56 -07:00
Umair Khan b6046bc77e Add tests for password_auth_enabled function. 2016-10-28 09:27:56 -07:00
Umair Khan d9e1975d2c Add ZulipAuthMixin tests. 2016-10-28 09:27:56 -07:00
Umair Khan 6dbe425675 Add Google OAuth2 backend tests. 2016-10-28 09:27:56 -07:00
Umair Khan 088d8eebad Add ZulipLDAPUserPopulator test. 2016-10-28 09:27:56 -07:00