summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJens Vagelpohl <jens@netz.ooo>2005-09-13 21:27:27 +0000
committerJens Vagelpohl <jens@netz.ooo>2005-09-13 21:27:27 +0000
commit9d755ca0e820cfb565f85f0d0237ce75bc0b5451 (patch)
treeeddaf811387b5ec30b29ed2a6c6cf9570b8cad1c
parent4fe6ec4e2f558568325c871ead178f4ed4912f6a (diff)
downloadCMFLDAP-9d755ca0e820cfb565f85f0d0237ce75bc0b5451.zip
CMFLDAP-9d755ca0e820cfb565f85f0d0237ce75bc0b5451.tar.gz
checkpoint checkin:
- tests run - created todo list
-rw-r--r--LDAPMemberDataTool.py121
-rw-r--r--LDAPMembershipTool.py117
-rw-r--r--TODO.txt15
-rw-r--r--tests/__init__.py1
-rw-r--r--tests/base/__init__.py1
-rw-r--r--tests/base/dummy.py125
-rw-r--r--tests/test_LDAPMemberDataTool.py118
-rw-r--r--tests/test_LDAPMembershipTool.py191
-rw-r--r--tests/test_join.py100
9 files changed, 690 insertions, 99 deletions
diff --git a/LDAPMemberDataTool.py b/LDAPMemberDataTool.py
index 07fdd49..634316a 100644
--- a/LDAPMemberDataTool.py
+++ b/LDAPMemberDataTool.py
@@ -29,9 +29,9 @@ class LDAPMemberDataTool(MemberDataTool):
manage_showContents = DTMLFile('dtml/memberdataContents', globals())
- def __init__(self, id='portal_memberdata'):
- self.id = id
- MemberDataTool.__init__(self)
+ #def __init__(self, id='portal_memberdata'):
+ # self.id = id
+ # MemberDataTool.__init__(self)
def wrapUser(self, u):
@@ -51,7 +51,7 @@ class LDAPMemberDataTool(MemberDataTool):
m = temps[id]
else:
base = aq_base(self)
- m = LDAPMemberData(base, id)
+ m = LDAPMemberData(base, id)
if temps is None:
self._v_temps = { id : m }
@@ -61,6 +61,7 @@ class LDAPMemberDataTool(MemberDataTool):
m = members[id]
wrapper = m.__of__(self).__of__(u)
+
# We set the MemberData global options if we found values
# in the UserData. (for instance the 'email')
try:
@@ -90,49 +91,46 @@ class LDAPMemberDataTool(MemberDataTool):
return wrapper
- def getMemberDataContents(self):
- """
- Return the number of members stored in the _members
- BTree and some other useful info
- """
- membertool = getToolByName(self, 'portal_membership')
- members = self._members
- temps = self._v_temps
- user_list = membertool.listMemberIds()
- member_list = members.keys()
- member_count = len(members)
- orphan_count = 0
- member_temp_count = 0
+ #def getMemberDataContents(self):
+ # """ Return the number of members stored in the _members
+ # BTree and some other useful info
+ # """
+ # membertool = getToolByName(self, 'portal_membership')
+ # members = self._members
+ # temps = self._v_temps
+ # user_list = membertool.listMemberIds()
+ # member_list = members.keys()
+ # member_count = len(members)
+ # orphan_count = 0
+ # member_temp_count = 0
- if (len(user_list) == 1):
- # Possible LDAP Error?
- res_str = user_list[0].lower()
- if res_str.find('error') != -1:
- msg = 'No or too many results returned from LDAP'
-
- return [ { 'member_count' : member_count
- , 'orphan_count' : msg
- } ]
-
- for member in member_list:
- if member not in user_list:
- orphan_count = orphan_count + 1
+ # if (len(user_list) == 1):
+ # # Possible LDAP Error?
+ # res_str = user_list[0].lower()
+ # if res_str.find('error') != -1:
+ # msg = 'No or too many results returned from LDAP'
+
+ # return [ { 'member_count' : member_count
+ # , 'orphan_count' : msg
+ # } ]
+
+ # for member in member_list:
+ # if member not in user_list:
+ # orphan_count = orphan_count + 1
- if temps is not None:
- member_temp_count=len(temps.keys())
+ # if temps is not None:
+ # member_temp_count=len(temps.keys())
- return [ { 'member_count' : member_count
- , 'orphan_count' : orphan_count
- , 'member_temp_count' : member_temp_count
- } ]
+ # return [ { 'member_count' : member_count
+ # , 'orphan_count' : orphan_count
+ # , 'member_temp_count' : member_temp_count
+ # } ]
security.declareProtected(View, 'getMemberProps')
def getMemberProps(self):
- """
- Return a list of tuples with the property and a "friendly"
- name for it for any property that can be set on a user
- object.
+ """ Return a list of tuples with the property and a "friendly"
+ name for it for any property that can be set on a user object.
"""
return self.acl_users.getLDAPSchema()
@@ -146,15 +144,15 @@ class LDAPMemberDataTool(MemberDataTool):
InitializeClass(LDAPMemberDataTool)
-class LDAPMemberData (MemberData):
+class LDAPMemberData(MemberData):
""" Member Data wrapper for the LDAP-driven Member Data Tool """
- def __init__(self, tool, id):
- """ class constructor """
- self.id = id
- # Make a temporary reference to the tool.
- # The reference will be removed by notifyModified().
- self._tool = tool
+ #def __init__(self, tool, id):
+ # """ class constructor """
+ # self.id = id
+ # # Make a temporary reference to the tool.
+ # # The reference will be removed by notifyModified().
+ # self._tool = tool
def setMemberProperties(self, mapping):
@@ -180,7 +178,6 @@ class LDAPMemberData (MemberData):
try:
if change_vals:
user_obj = self.getUser()
- dn = user_obj.getUserDN()
rdn_attr = acl.getProperty('_rdnattr')
if not mapping.has_key(rdn_attr):
@@ -188,8 +185,8 @@ class LDAPMemberData (MemberData):
, user_obj.getUserName()
)
- acl.manage_editUser(dn, kwargs=mapping)
- user_obj._expire()
+ acl.manage_editUser(user_obj.getUserDN(), kwargs=mapping)
+ acl._expireUser(user_obj)
except:
pass
@@ -230,10 +227,9 @@ class LDAPMemberData (MemberData):
def getPassword(self):
- """
- Retrieve the user's password if there is a valid record in the
- user folder cache, otherwise create a new one and set it
- on the user object and in LDAP
+ """ Retrieve the user's password if there is a valid record in the
+ user folder cache, otherwise create a new one and set it on the user
+ object and in LDAP
"""
user_obj = self.getUser()
pwd = user_obj._getPassword()
@@ -249,12 +245,11 @@ class LDAPMemberData (MemberData):
InitializeClass(LDAPMemberData)
-def manage_addLDAPMemberDataTool(self, REQUEST=None):
- """ Add an LDAP-based MemberDataTool """
- tool_obj = LDAPMemberDataTool()
- self._setObject(tool_obj.id, tool_obj)
-
- if REQUEST is not None:
- return self.manage_main(self, REQUEST)
-
-
+#def manage_addLDAPMemberDataTool(self, REQUEST=None):
+# """ Add an LDAP-based MemberDataTool """
+# tool_obj = LDAPMemberDataTool()
+# self._setObject(tool_obj.id, tool_obj)
+#
+# if REQUEST is not None:
+# return self.manage_main(self, REQUEST)
+#
diff --git a/LDAPMembershipTool.py b/LDAPMembershipTool.py
index 26e4300..78129a3 100644
--- a/LDAPMembershipTool.py
+++ b/LDAPMembershipTool.py
@@ -10,10 +10,11 @@ __version__='$Revision$'[11:-2]
from zLOG import LOG, ERROR, INFO, PROBLEM, DEBUG
-import string
-import DateTime
from AccessControl import ClassSecurityInfo
from Products.CMFCore.permissions import View
+from Products.CMFCore.permissions import ManageUsers
+from Products.CMFCore.utils import _checkPermission
+from Products.CMFCore.utils import getToolByName
from Globals import InitializeClass
from Products.CMFDefault.MembershipTool import MembershipTool
@@ -25,21 +26,20 @@ class LDAPMembershipTool(MembershipTool):
title = 'LDAP Membership Tool'
- def __init__(self, id='portal_membership'):
- self.id = id
+ #def __init__(self, id='portal_membership'):
+ # self.id = id
- def addMember(self, id, password, roles, domains, properties):
- """
- Adds a new member to the user folder. Security checks will have
- already been performed. Called by portal_registration.
+ security.declarePrivate('addMember')
+ def addMember(self, id, password, roles, domains, properties=None):
+ """ Adds a new member to the user folder. Security checks will have
+ already been performed. Called by portal_registration.
"""
args = {}
acl = self.acl_users
- login_attr = acl.getProperty('_login_attr')
args['user_pw'] = args['confirm_pw'] = password
- args[login_attr] = id
+ args[acl.getProperty('_login_attr')] = id
args['user_roles'] = roles
acl.manage_addUser(REQUEST=None, kwargs=args)
@@ -49,36 +49,81 @@ class LDAPMembershipTool(MembershipTool):
member = self.getMemberById(id)
member.setMemberProperties(properties)
+ security.declareProtected(ManageUsers, 'deleteMembers')
+ def deleteMembers(self, member_ids, delete_memberareas=1,
+ delete_localroles=1):
+ """ Delete members specified by member_ids.
+ """
- security.declareProtected(View, 'memberExists')
- def memberExists(self, properties):
- """ Does the incoming set of data collide with an existing member? """
- acl = self.acl_users
- rdn_attr = acl.getProperty('_rdnattr')
- login_attr = acl.getProperty('_login_attr')
-
- my_rdn = properties.get(rdn_attr, None)
- my_login = properties.get('username')
-
- if not acl.isUnique(login_attr, my_login):
- return 'Login name'
-
- if not acl.isUnique(rdn_attr, my_rdn):
- return 'Name'
-
- return 0
+ # Delete members in acl_users.
+ acl_users = self.acl_users
+ if _checkPermission(ManageUsers, acl_users):
+ if isinstance(member_ids, basestring):
+ member_ids = (member_ids,)
+ member_ids = list(member_ids)
+ member_dns = []
+ for member_id in member_ids[:]:
+ user = acl_users.getUserById(member_id)
+ if user is None:
+ member_ids.remove(member_id)
+ else:
+ member_dns.append(user.getUserDN())
+
+ acl_users.manage_deleteUsers(dns=member_dns)
+
+ else:
+ raise AccessControl_Unauthorized('You need the \'Manage users\' '
+ 'permission for the underlying User Folder.')
+
+ # Delete member data in portal_memberdata.
+ mdtool = getToolByName(self, 'portal_memberdata', None)
+ if mdtool is not None:
+ for member_id in member_ids:
+ mdtool.deleteMemberData(member_id)
+
+ # Delete members' home folders including all content items.
+ if delete_memberareas:
+ for member_id in member_ids:
+ self.deleteMemberArea(member_id)
+
+ # Delete members' local roles.
+ if delete_localroles:
+ utool = getToolByName(self, 'portal_url', None)
+ self.deleteLocalRoles( utool.getPortalObject(), member_ids,
+ reindex=1, recursive=1 )
+
+ return tuple(member_ids)
+
+
+ #security.declareProtected(View, 'memberExists')
+ #def memberExists(self, properties):
+ # """ Does the incoming set of data collide with an existing member? """
+ # acl = self.acl_users
+ # rdn_attr = acl.getProperty('_rdnattr')
+ # login_attr = acl.getProperty('_login_attr')
+
+ # my_rdn = properties.get(rdn_attr, None)
+ # my_login = properties.get('username')
+
+ # if not acl.isUnique(login_attr, my_login):
+ # return 'Login name'
+
+ # if not acl.isUnique(rdn_attr, my_rdn):
+ # return 'Name'
+
+ # return 0
InitializeClass(LDAPMembershipTool)
-def manage_addLDAPMembershipTool(self, REQUEST=None):
- """ Add an LDAP-based Membership Tool """
-
- tool_obj = LDAPMembershipTool()
- self._setObject(tool_obj.id, tool_obj)
-
- if REQUEST is not None:
- return self.manage_main(self, REQUEST)
-
+#def manage_addLDAPMembershipTool(self, REQUEST=None):
+# """ Add an LDAP-based Membership Tool """
+#
+# tool_obj = LDAPMembershipTool()
+# self._setObject(tool_obj.id, tool_obj)
+#
+# if REQUEST is not None:
+# return self.manage_main(self, REQUEST)
+#
diff --git a/TODO.txt b/TODO.txt
new file mode 100644
index 0000000..e442dae
--- /dev/null
+++ b/TODO.txt
@@ -0,0 +1,15 @@
+- remove join_form and related skins and use CMF-provided form. Creates
+ "naked" records which can be edited using personalize_form.
+ addMember should map the login to _rdnattr/_login_attr and "cn"
+
+- Copy personalize_form.pt from CMF. Change to display a sorted list of
+ properties. personalize.py from CMF hands through the full REQUEST
+ to member.setProperties.
+
+- register.py can be deleted, it is unused (now: members_add_control.py)
+
+- mail_password_form needs reimplementing, CMF handler simply does
+ getMemberByID and gets the pw from there. Needs its own handler
+ for CMFLDAP.
+
+- fold CMFLDAP into LDAPUserFolder
diff --git a/tests/__init__.py b/tests/__init__.py
new file mode 100644
index 0000000..344dde4
--- /dev/null
+++ b/tests/__init__.py
@@ -0,0 +1 @@
+""" CMFLDAP test package """
diff --git a/tests/base/__init__.py b/tests/base/__init__.py
new file mode 100644
index 0000000..7308868
--- /dev/null
+++ b/tests/base/__init__.py
@@ -0,0 +1 @@
+""" Helper classes for the CMFLDAP test package """
diff --git a/tests/base/dummy.py b/tests/base/dummy.py
new file mode 100644
index 0000000..1d5f66e
--- /dev/null
+++ b/tests/base/dummy.py
@@ -0,0 +1,125 @@
+#####################################################################
+#
+# dummy Dummy objects with a LDAP twist
+#
+# This software is governed by a license. See
+# LICENSE.txt for the terms of this license.
+#
+#####################################################################
+
+from Acquisition import Implicit
+
+from Products.CMFCore.tests.base.dummy import DummyUser
+from Products.CMFCore.tests.base.dummy import DummyUserFolder
+
+DN_BASE = 'dc=example,dc=com'
+
+
+class LDAPDummyUser(Implicit, DummyUser):
+ """ LDAP-enabled dummy user """
+
+ def __init__(self, name, password='', roles=(), domains=()):
+ self.name = name
+ self.__ = password
+ self.roles = tuple(roles)
+ self.domains = tuple(domains)
+
+ def getId(self):
+ return self.name
+
+ def getUserName(self):
+ return self.name
+
+ def getRoles(self):
+ return self.roles + ('Authenticated',)
+
+ def getRolesInContext(self, context):
+ return self.roles
+
+ def getDomains(self):
+ return self.domains
+
+ def getUserDN(self):
+ return 'cn=%s,%s' % (self.getId(), DN_BASE)
+
+ def _getPassword(self):
+ return self.__
+
+
+class LDAPDummyUserFolder(DummyUserFolder):
+ """ LDAP-enabled dummy user folder """
+
+ _rdnattr = 'cn'
+ _login_attr = 'cn'
+
+ def __init__(self):
+ self.id = 'acl_users'
+ user_foo = LDAPDummyUser( 'user_foo'
+ , roles=['Dummy']
+ )
+ setattr(self, 'user_foo', user_foo)
+ setattr(self, 'user_bar', LDAPDummyUser('user_bar'))
+ omnipotent = LDAPDummyUser( 'all_powerful_Oz'
+ , roles=['Manager']
+ )
+ setattr(self, 'all_powerful_Oz', omnipotent)
+
+ def getId(self):
+ return self.id
+
+ def getProperty(self, property_name):
+ return getattr(self, property_name, None)
+
+ def getGroups(self):
+ return ( ('Role', 'cn=Role,ou=groups,%s' % DN_BASE)
+ , ('NewRole', 'cn=NewRole,ou=groups,%s' % DN_BASE)
+ )
+
+ def manage_addUser(self, REQUEST, kwargs={}):
+ user_id = kwargs.get(self._login_attr)
+ setattr(self, user_id, LDAPDummyUser(user_id))
+
+ def manage_editUser(self, dn, properties={}):
+ user = self.getUserByDN(dn)
+
+ if user is not None:
+ # XXX Change user here
+ pass
+
+ def manage_editUserPassword(self, dn, password):
+ user = self.getUserByDN(dn)
+
+ if user is not None:
+ user.__ = password
+
+ def manage_editUserRoles(self, dn, role_dns):
+ user = self.getUserByDN(dn)
+
+ if user is not None:
+ user.roles = [x[0] for x in self.getGroups() if x[1] in role_dns]
+
+ def manage_deleteUsers(self, dns=[]):
+ for dn in dns:
+ user = self.getUserByDN(dn)
+
+ if user is not None:
+ delattr(self, user.getId())
+
+ def getMappedUserAttrs(self):
+ return []
+
+
+ def getLDAPSchema(self):
+ return []
+
+ def _expireUser(self, user_ob):
+ pass
+
+ def _addUser(self, user_ob):
+ setattr(self, user_ob.getId(), user_ob)
+
+ def getUserByDN(self, dn):
+ rdn = dn.split(',')[0]
+ user_id = rdn.split('=')[1]
+
+ return getattr(self, user_id, None)
diff --git a/tests/test_LDAPMemberDataTool.py b/tests/test_LDAPMemberDataTool.py
new file mode 100644
index 0000000..c081042
--- /dev/null
+++ b/tests/test_LDAPMemberDataTool.py
@@ -0,0 +1,118 @@
+#####################################################################
+#
+# test_LDAPMemberDataTool - Tests for the LDAPMemberData tool
+#
+# This software is governed by a license. See
+# LICENSE.txt for the terms of this license.
+#
+#####################################################################
+""" Unit tests for LDAPMemberDataTool module.
+
+$Id: test_LDAPMemberDataTool.py 37061 2005-06-15 14:17:41Z tseaver $
+"""
+
+from unittest import TestCase, TestSuite, makeSuite, main
+import Testing
+import Zope2
+Zope2.startup()
+
+import Acquisition
+
+from OFS.Folder import Folder
+from Products.CMFLDAP.tests.base.dummy import LDAPDummyUserFolder
+from Products.CMFLDAP.tests.base.dummy import LDAPDummyUser
+
+
+class DummyMemberDataTool(Acquisition.Implicit):
+ pass
+
+
+class LDAPMemberDataToolTests(TestCase):
+
+ def _makeOne(self, *args, **kw):
+ from Products.CMFLDAP.LDAPMemberDataTool import LDAPMemberDataTool
+
+ return LDAPMemberDataTool(*args, **kw)
+
+ def test_z2interfaces(self):
+ from Interface.Verify import verifyClass
+ from Products.CMFCore.interfaces.portal_actions \
+ import ActionProvider as IActionProvider
+ from Products.CMFCore.interfaces.portal_memberdata \
+ import portal_memberdata as IMemberDataTool
+ from Products.CMFLDAP.LDAPMemberDataTool import LDAPMemberDataTool
+
+ verifyClass(IActionProvider, LDAPMemberDataTool)
+ verifyClass(IMemberDataTool, LDAPMemberDataTool)
+
+ def test_z3interfaces(self):
+ from zope.interface.verify import verifyClass
+ from Products.CMFCore.interfaces import IActionProvider
+ from Products.CMFCore.interfaces import IMemberDataTool
+ from Products.CMFLDAP.LDAPMemberDataTool import LDAPMemberDataTool
+
+ verifyClass(IActionProvider, LDAPMemberDataTool)
+ verifyClass(IMemberDataTool, LDAPMemberDataTool)
+
+ def test_deleteMemberData(self):
+ tool = self._makeOne()
+ tool.registerMemberData('Dummy', 'user_foo')
+ self.failUnless( tool._members.has_key('user_foo') )
+ self.failUnless( tool.deleteMemberData('user_foo') )
+ self.failIf( tool._members.has_key('user_foo') )
+ self.failIf( tool.deleteMemberData('user_foo') )
+
+
+class LDAPMemberDataTests(TestCase):
+
+ def _makeOne(self, *args, **kw):
+ from Products.CMFLDAP.LDAPMemberDataTool import LDAPMemberData
+
+ return LDAPMemberData(*args, **kw)
+
+ def test_z2interfaces(self):
+ from Interface.Verify import verifyClass
+ from Products.CMFCore.interfaces.portal_memberdata \
+ import MemberData as IMemberData
+ from Products.CMFLDAP.LDAPMemberDataTool import LDAPMemberData
+
+ verifyClass(IMemberData, LDAPMemberData)
+
+ def test_z3interfaces(self):
+ from zope.interface.verify import verifyClass
+ from Products.CMFCore.interfaces import IMemberData
+ from Products.CMFLDAP.LDAPMemberDataTool import LDAPMemberData
+
+ verifyClass(IMemberData, LDAPMemberData)
+
+ def test_setSecurityProfile(self):
+ from Products.CMFLDAP.LDAPMemberDataTool import LDAPMemberDataTool
+ folder = Folder('test')
+ folder._setOb('portal_memberdata', LDAPMemberDataTool())
+ folder._setOb('acl_users', LDAPDummyUserFolder())
+ user = LDAPDummyUser('bob', 'pw', ['Role'], ['domain'])
+ folder.acl_users._addUser(user)
+ user = folder.acl_users.getUser(user.getId())
+ member = folder.portal_memberdata.wrapUser(user)
+ member.setSecurityProfile(password='newpw')
+ self.assertEqual(user.__, 'newpw')
+ self.assertEqual(list(user.roles), ['Role'])
+ self.assertEqual(list(user.domains), ['domain'])
+ member.setSecurityProfile(roles=['NewRole'])
+ self.assertEqual(user.__, 'newpw')
+ self.assertEqual(list(user.roles), ['NewRole'])
+ self.assertEqual(list(user.domains), ['domain'])
+ member.setSecurityProfile(domains=['newdomain'])
+ self.assertEqual(user.__, 'newpw')
+ self.assertEqual(list(user.roles), ['NewRole'])
+ self.assertEqual(list(user.domains), ['newdomain'])
+
+
+def test_suite():
+ return TestSuite((
+ makeSuite( LDAPMemberDataToolTests ),
+ makeSuite( LDAPMemberDataTests ),
+ ))
+
+if __name__ == '__main__':
+ main(defaultTest='test_suite')
diff --git a/tests/test_LDAPMembershipTool.py b/tests/test_LDAPMembershipTool.py
new file mode 100644
index 0000000..855a8d1
--- /dev/null
+++ b/tests/test_LDAPMembershipTool.py
@@ -0,0 +1,191 @@
+#####################################################################
+#
+# test_LDAPMembershipTool - Tests for the LDAPMembership tool
+#
+# This software is governed by a license. See
+# LICENSE.txt for the terms of this license.
+#
+#####################################################################
+""" Unit tests for LDAPMembershipTool module.
+
+$Id: test_LDAPMembershipTool.py 37127 2005-07-07 18:27:46Z tseaver $
+"""
+
+from unittest import TestCase, TestSuite, makeSuite, main
+import Testing
+import Zope2
+Zope2.startup()
+
+from AccessControl.SecurityManagement import newSecurityManager
+from OFS.Folder import Folder
+
+from Products.CMFCore.PortalFolder import PortalFolder
+from Products.CMFCore.tests.base.dummy import DummySite
+from Products.CMFCore.tests.base.dummy import DummyTool
+from Products.CMFCore.tests.base.testcase import SecurityTest
+
+from Products.CMFLDAP.LDAPMemberDataTool import LDAPMemberDataTool
+from Products.CMFLDAP.tests.base.dummy import LDAPDummyUserFolder
+
+class LDAPMembershipToolTests(TestCase):
+
+ def test_z2interfaces(self):
+ from Interface.Verify import verifyClass
+ from Products.CMFCore.interfaces.portal_actions \
+ import ActionProvider as IActionProvider
+ from Products.CMFCore.interfaces.portal_membership \
+ import portal_membership as IMembershipTool
+ from Products.CMFLDAP.LDAPMembershipTool import LDAPMembershipTool
+
+ verifyClass(IActionProvider, LDAPMembershipTool)
+ verifyClass(IMembershipTool, LDAPMembershipTool)
+
+ def test_z3interfaces(self):
+ from zope.interface.verify import verifyClass
+ from Products.CMFCore.interfaces import IActionProvider
+ from Products.CMFCore.interfaces import IMembershipTool
+ from Products.CMFLDAP.LDAPMembershipTool import LDAPMembershipTool
+
+ verifyClass(IActionProvider, LDAPMembershipTool)
+ verifyClass(IMembershipTool, LDAPMembershipTool)
+
+
+class LDAPMembershipToolSecurityTests(SecurityTest):
+
+ def _makeOne(self, *args, **kw):
+ from Products.CMFLDAP.LDAPMembershipTool import LDAPMembershipTool
+
+ return LDAPMembershipTool(*args, **kw)
+
+ def _makeSite(self, parent=None):
+ if parent is None:
+ parent = self.root
+ site = DummySite( 'site' ).__of__( parent )
+ site._setObject( 'portal_membership', self._makeOne() )
+ return site
+
+ def test_getCandidateLocalRoles(self):
+ site = self._makeSite()
+ mtool = site.portal_membership
+ acl_users = site._setObject( 'acl_users', LDAPDummyUserFolder() )
+
+ newSecurityManager(None, acl_users.user_foo)
+ rval = mtool.getCandidateLocalRoles(mtool)
+ self.assertEqual( rval, ('Dummy',) )
+ newSecurityManager(None, acl_users.all_powerful_Oz)
+ rval = mtool.getCandidateLocalRoles(mtool)
+ self.assertEqual( rval, ('Manager', 'Member', 'Owner', 'Reviewer') )
+
+ def test_createMemberArea(self):
+ site = self._makeSite()
+ mtool = site.portal_membership
+ members = site._setObject( 'Members', PortalFolder('Members') )
+ acl_users = site._setObject( 'acl_users', LDAPDummyUserFolder() )
+ wtool = site._setObject( 'portal_workflow', DummyTool() )
+
+ # permission
+ mtool.createMemberArea('user_foo')
+ self.failIf( hasattr(members.aq_self, 'user_foo') )
+ newSecurityManager(None, acl_users.user_bar)
+ mtool.createMemberArea('user_foo')
+ self.failIf( hasattr(members.aq_self, 'user_foo') )
+ newSecurityManager(None, acl_users.user_foo)
+ mtool.setMemberareaCreationFlag()
+ mtool.createMemberArea('user_foo')
+ self.failIf( hasattr(members.aq_self, 'user_foo') )
+ newSecurityManager(None, acl_users.all_powerful_Oz)
+ mtool.setMemberareaCreationFlag()
+ mtool.createMemberArea('user_foo')
+ self.failUnless( hasattr(members.aq_self, 'user_foo') )
+
+ # default content
+ f = members.user_foo
+ ownership = acl_users.user_foo
+ localroles = ( ( 'user_foo', ('Owner',) ), )
+ self.assertEqual( f.getOwner(), ownership )
+ self.assertEqual( f.get_local_roles(), localroles,
+ 'CMF Collector issue #162 (LocalRoles broken): %s'
+ % str( f.get_local_roles() ) )
+
+ def test_deleteMembers(self):
+ site = self._makeSite()
+ mtool = site.portal_membership
+ members = site._setObject( 'Members', PortalFolder('Members') )
+ acl_users = site._setObject( 'acl_users', LDAPDummyUserFolder() )
+ utool = site._setObject( 'portal_url', DummyTool() )
+ wtool = site._setObject( 'portal_workflow', DummyTool() )
+ mdtool = site._setObject( 'portal_memberdata', LDAPMemberDataTool() )
+ newSecurityManager(None, acl_users.all_powerful_Oz)
+
+ self.assertEqual( acl_users.getUserById('user_foo'),
+ acl_users.user_foo )
+ mtool.createMemberArea('user_foo')
+ self.failUnless( hasattr(members.aq_self, 'user_foo') )
+ mdtool.registerMemberData('Dummy', 'user_foo')
+ self.failUnless( mdtool._members.has_key('user_foo') )
+
+ rval = mtool.deleteMembers( ('user_foo', 'user_baz') )
+ self.assertEqual( rval, ('user_foo',) )
+ self.failIf( acl_users.getUserById('user_foo', None) )
+ self.failIf( mdtool._members.has_key('user_foo') )
+ self.failIf( hasattr(members.aq_self, 'user_foo') )
+
+ def test_getMemberById_nonesuch(self):
+ INVALID_USER_ID = 'nonesuch'
+
+ self.root._setObject( 'folder', Folder( 'folder' ) )
+ site = self._makeSite( self.root.folder )
+ tool = site.portal_membership
+ site.acl_users = LDAPDummyUserFolder()
+ self.assertEqual( None, tool.getMemberById( INVALID_USER_ID ) )
+
+ def test_getMemberById_local(self):
+ LOCAL_USER_ID = 'user_foo'
+
+ self.root._setObject( 'folder', Folder('folder') )
+ site = self._makeSite( self.root.folder )
+ site._setObject( 'acl_users', LDAPDummyUserFolder() )
+ tool = site.portal_membership
+ member = tool.getMemberById( LOCAL_USER_ID)
+ self.assertEqual( member.getId(), LOCAL_USER_ID )
+
+ def test_getMemberById_nonlocal(self):
+ NONLOCAL_USER_ID = 'user_bar'
+
+ self.root._setObject( 'folder', Folder( 'folder' ) )
+ site = self._makeSite( self.root.folder )
+ self.root.folder._setObject( 'acl_users', LDAPDummyUserFolder() )
+ tool = site.portal_membership
+ member = tool.getMemberById( NONLOCAL_USER_ID )
+ self.assertEqual( member.getId(), NONLOCAL_USER_ID )
+
+ def test_getMemberById_chained(self):
+ LOCAL_USER_ID = 'user_foo'
+ NONLOCAL_USER_ID = 'user_bar'
+
+ self.root._setObject( 'folder', Folder( 'folder' ) )
+ site = self._makeSite( self.root.folder )
+ tool = site.portal_membership
+
+ local_uf = LDAPDummyUserFolder()
+ delattr( local_uf, NONLOCAL_USER_ID )
+ site._setObject('acl_users', local_uf)
+
+ nonlocal_uf = LDAPDummyUserFolder()
+ delattr( nonlocal_uf, LOCAL_USER_ID )
+ self.root.folder._setObject('acl_users', nonlocal_uf)
+
+ local_member = tool.getMemberById(LOCAL_USER_ID)
+ self.assertEqual(local_member.getId(), LOCAL_USER_ID)
+
+ nonlocal_member = tool.getMemberById(NONLOCAL_USER_ID)
+ self.assertEqual(nonlocal_member.getId(), NONLOCAL_USER_ID)
+
+def test_suite():
+ return TestSuite((
+ makeSuite( LDAPMembershipToolTests ),
+ makeSuite( LDAPMembershipToolSecurityTests )
+ ))
+
+if __name__ == '__main__':
+ main(defaultTest='test_suite')
diff --git a/tests/test_join.py b/tests/test_join.py
new file mode 100644
index 0000000..7cb9cbb
--- /dev/null
+++ b/tests/test_join.py
@@ -0,0 +1,100 @@
+##############################################################################
+#
+# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+""" Unit tests for adding members.
+
+$Id: test_join.py 37761 2005-08-06 14:52:28Z jens $
+"""
+
+from unittest import TestSuite, makeSuite, main
+import Testing
+import Zope2
+Zope2.startup()
+
+from Products.CMFCore.tests.base.testcase import TransactionalTest
+
+
+class MembershipTests( TransactionalTest ):
+
+ def _makePortal(self):
+ from Products.CMFLDAP.tests.base.dummy import LDAPDummyUserFolder
+ factory = self.root.manage_addProduct['CMFDefault'].addConfiguredSite
+ factory( 'site'
+ , 'CMFDefault:default'
+ , snapshot=False
+ , extension_ids=('CMFLDAP:default',)
+ )
+
+ # Remove the "standard" user folder and replace it with a
+ # LDAPDummyUserFolder
+ self.root.site.manage_delObjects(['acl_users'])
+ self.root.site._setObject('acl_users', LDAPDummyUserFolder())
+
+ def test_join( self ):
+ self._makePortal()
+ site = self.root.site
+ member_id = 'test_user'
+ site.portal_registration.addMember( member_id
+ , 'zzyyzz'
+ , properties={ 'username': member_id
+ , 'email' : 'foo@bar.com'
+ }
+ )
+ u = site.acl_users.getUser(member_id)
+ self.failUnless(u)
+
+ def test_join_without_email( self ):
+ self._makePortal()
+ site = self.root.site
+ self.assertRaises(ValueError,
+ site.portal_registration.addMember,
+ 'test_user',
+ 'zzyyzz',
+ properties={'username':'test_user', 'email': ''}
+ )
+
+ def test_join_with_variable_id_policies( self ):
+ self._makePortal()
+ site = self.root.site
+ member_id = 'test.user'
+
+ # Test with the default policy: Names with "." should fail
+ self.assertRaises(ValueError,
+ site.portal_registration.addMember,
+ member_id,
+ 'zzyyzz',
+ properties={ 'username':'Test User'
+ , 'email': 'foo@bar.com'
+ }
+ )
+
+ # Now change the policy to allow "."
+ #import pdb; pdb.set_trace()
+ new_pattern = "^[A-Za-z][A-Za-z0-9_\.]*$"
+ site.portal_registration.manage_editIDPattern(new_pattern)
+ site.portal_registration.addMember( member_id
+ , 'zzyyzz'
+ , properties={ 'username': 'TestUser2'
+ , 'email' : 'foo@bar.com'
+ }
+ )
+ u = site.acl_users.getUser(member_id)
+ self.failUnless(u)
+
+
+def test_suite():
+ return TestSuite((
+ makeSuite(MembershipTests),
+ ))
+
+if __name__ == '__main__':
+ main(defaultTest='test_suite')