pagure

Clone

#2890 Fix the fas login by importing the config
Merged 6 years ago by pingou. Opened 6 years ago by cverna.
cverna/pagure fix_login  into  master

file modified
+3 -2 
@@ -16,6 +16,7 @@ 
 

  

  import pagure
 

  from pagure.flask_app import logout
 

+ from pagure.config import config as pagure_config
 

  import flask_fas_openid
 

  FAS = flask_fas_openid.FAS()
 

  
@@ -45,11 +46,11 @@ 
 

              fullname=flask.g.fas_user.fullname,
 

              default_email=flask.g.fas_user.email,
 

              ssh_key=flask.g.fas_user.get('ssh_key'),
 

-             keydir=pagure.config.get('GITOLITE_KEYDIR', None),
 

+             keydir=pagure_config.get('GITOLITE_KEYDIR', None),
 

          )
 

  

          # If groups are managed outside pagure, set up the user at login
 

-         if not pagure.config.get('ENABLE_GROUP_MNGT', False):
 

+         if not pagure_config.get('ENABLE_GROUP_MNGT', False):
 

              user = pagure.lib.search_user(
 

                  flask.g.session, username=flask.g.fas_user.username)
 

              groups = set(user.groups)

file modified
+6 -25 
@@ -126,6 +126,7 @@ 
 

          self.assertEqual(3, len(items))
 

  

      @patch.dict('pagure.config.config', {'PAGURE_AUTH': 'local'})
 

+     @patch.dict('pagure.config.config', {'CHECK_SESSION_IP': False})
 

      def test_do_login(self):
 

          """ Test the do_login endpoint. """
 

  
@@ -198,26 +199,6 @@ 
 

              'Invalid user, did you confirm the creation with the url '
 

              'provided by email?', output.data)
 

  

-         # Wrong password submitted
 

-         data['password'] = 'password'
 

-         output = self.app.post('/dologin', data=data, follow_redirects=True)
 

-         self.assertEqual(output.status_code, 200)
 

-         self.assertIn('<title>Login - Pagure</title>', output.data)
 

-         self.assertIn(
 

-             '<form action="/dologin" method="post">', output.data)
 

-         self.assertIn('Username or password invalid.', output.data)
 

- 

-         # When account is not confirmed i.e user_obj != None
 

-         data['password'] = 'barpass'
 

-         output = self.app.post('/dologin', data=data, follow_redirects=True)
 

-         self.assertEqual(output.status_code, 200)
 

-         self.assertIn('<title>Login - Pagure</title>', output.data)
 

-         self.assertIn(
 

-             '<form action="/dologin" method="post">', output.data)
 

-         self.assertIn(
 

-             'Invalid user, did you confirm the creation with the url '
 

-             'provided by email?', output.data)
 

- 

          # Confirm the user so that we can log in
 

          self.session = pagure.lib.create_session(self.dbpath)
 

          item = pagure.lib.search_user(self.session, username='foouser')
 
@@ -303,18 +284,18 @@ 
 

          self.assertTrue(item.password.startswith('$1$'))
 

  

          # Log in with a v1 password
 

-         output = self.app.post('/dologin', data=data, follow_redirects=True)
 

+         output = self.app.post('/dologin', data=data, follow_redirects=True,
 

+                                environ_base={'REMOTE_ADDR': '127.0.0.1'})
 

          self.assertEqual(output.status_code, 200)
 

          self.assertIn('<title>Home - Pagure</title>', output.data)
 

-         self.assertIn(
 

-             '<a class="nav-link btn btn-primary" '
 

-             'href="/login/?next=http://localhost/">', output.data)
 

+         self.assertIn('Welcome foouser', output.data)
 

+         self.assertIn('Activity', output.data)
 

  

          # Check the password got upgraded to version 2
 

          self.session = pagure.lib.create_session(self.dbpath)
 

          item = pagure.lib.search_user(self.session, username='foouser')
 

          self.assertEqual(item.user, 'foouser')
 

-         self.assertTrue(item.password.startswith('$1$'))
 

+         self.assertTrue(item.password.startswith('$2$'))
 

  

          # I'm not sure if the change was in flask or werkzeug, but in older
 

          # version flask.request.remote_addr was returning None, while it

Signed-off-by: Clement Verna cverna@tutanota.com

Thanks :)

Should we add unit-tests for this?

Yes :)

I think this should be catch by https://pagure.io/pagure/blob/master/f/tests/test_pagure_flask_ui_login.py#_216 but it seems that we are able to test successful login :s

While working on tests for the PR fixing local login, I think I found out that
we aren't testing local login as we should, so more changes to come :)

Ok, if you rebase on the top of #2892 tests should work again for the local login :)

rebased onto 814bc33c0273e018898f767ae7835859ab527dee
6 years ago

rebased onto e9e87204e212876f8d82b356a8da4d2b52fecb56
6 years ago

2 new commits added

  • Fix the local login unit test
  • Fix the fas login by importing the config
6 years ago

I have changed the local login test, so that we do a successful login (ie redirect to the user home page).

This will not catch issues with the code executed after the fas login though.

This will not catch issues with the code executed after the fas login though.

Is this changing from the current state of things?

This will not catch issues with the code executed after the fas login though.

Is this changing from the current state of things?

No, currently the test suite does not test the fas login, maybe we could do it by using mock. Not sure.

rebased onto 96db41f348f0e07b95d857d634a5bd9bc8025051
6 years ago

Ok, so if this doesn't change anything on the tests, let's merge :)

+1 :ship: it

rebased onto 3fd9df4
6 years ago

Pull-Request has been merged by pingou
6 years ago
Metadata
None
No Tags
Changes Summary 2
+3 -2
file changed
pagure/ui/fas_login.py
+6 -25
file changed
tests/test_pagure_flask_ui_login.py
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.