diff --git a/tests/test_selfservice.py b/tests/test_selfservice.py
index 916443d29d408debd12d6ec82971c44602257c3f..1d6ab94be099dc98da7a2927370fe38b3b3b1b39 100644
--- a/tests/test_selfservice.py
+++ b/tests/test_selfservice.py
@@ -140,7 +140,7 @@ class TestSelfservice(UffdTestCase):
def test_forgot_password(self):
if self.use_userconnection:
- self.skipTest('Password Reset not possible in user mode')
+ self.skipTest('Password Reset is not possible in user mode')
user = User.query.get('uid=testuser,ou=users,dc=example,dc=com')
r = self.client.get(path=url_for('selfservice.forgot_password'))
dump('forgot_password', r)
@@ -155,7 +155,7 @@ class TestSelfservice(UffdTestCase):
def test_forgot_password_wrong_user(self):
if self.use_userconnection:
- self.skipTest('Password Reset not possible in user mode')
+ self.skipTest('Password Reset is not possible in user mode')
user = User.query.get('uid=testuser,ou=users,dc=example,dc=com')
r = self.client.get(path=url_for('selfservice.forgot_password'))
self.assertEqual(r.status_code, 200)
@@ -168,7 +168,7 @@ class TestSelfservice(UffdTestCase):
def test_forgot_password_wrong_email(self):
if self.use_userconnection:
- self.skipTest('Password Reset not possible in user mode')
+ self.skipTest('Password Reset is not possible in user mode')
user = User.query.get('uid=testuser,ou=users,dc=example,dc=com')
r = self.client.get(path=url_for('selfservice.forgot_password'), follow_redirects=True)
self.assertEqual(r.status_code, 200)
@@ -182,7 +182,7 @@ class TestSelfservice(UffdTestCase):
# Regression test for #31
def test_forgot_password_invalid_user(self):
if self.use_userconnection:
- self.skipTest('Password Reset not possible in user mode')
+ self.skipTest('Password Reset is not possible in user mode')
r = self.client.post(path=url_for('selfservice.forgot_password'),
data={'loginname': '=', 'mail': 'test@example.com'}, follow_redirects=True)
dump('forgot_password_submit_invalid_user', r)
@@ -192,7 +192,7 @@ class TestSelfservice(UffdTestCase):
def test_token_password(self):
if self.use_userconnection:
- self.login()
+ self.skipTest('Password Token is not possible in user mode')
user = get_user()
token = PasswordToken(loginname=user.loginname)
db.session.add(token)
@@ -208,7 +208,7 @@ class TestSelfservice(UffdTestCase):
def test_token_password_emptydb(self):
if self.use_userconnection:
- self.login()
+ self.skipTest('Password Token is not possible in user mode')
user = get_user()
r = self.client.get(path=url_for('selfservice.token_password', token='A'*128), follow_redirects=True)
dump('token_password_emptydb', r)
@@ -223,7 +223,7 @@ class TestSelfservice(UffdTestCase):
def test_token_password_invalid(self):
if self.use_userconnection:
- self.login()
+ self.skipTest('Password Token is not possible in user mode')
user = get_user()
token = PasswordToken(loginname=user.loginname)
db.session.add(token)
@@ -241,7 +241,7 @@ class TestSelfservice(UffdTestCase):
def test_token_password_expired(self):
if self.use_userconnection:
- self.login()
+ self.skipTest('Password Token is not possible in user mode')
user = get_user()
token = PasswordToken(loginname=user.loginname,
created=(datetime.datetime.now() - datetime.timedelta(days=10)))
@@ -260,7 +260,7 @@ class TestSelfservice(UffdTestCase):
def test_token_password_different_passwords(self):
if self.use_userconnection:
- self.login()
+ self.skipTest('Password Token is not possible in user mode')
user = get_user()
token = PasswordToken(loginname=user.loginname)
db.session.add(token)
diff --git a/tests/test_user.py b/tests/test_user.py
index efc98383056d2313665b26bd8ab5b5a5864e6bea..8fae44db05a0e630086d97f0cb88aaa96b635e01 100644
--- a/tests/test_user.py
+++ b/tests/test_user.py
@@ -259,72 +259,72 @@ newuser12,newuser12@example.com,{role1.id};{role1.id}
dump('user_csvimport', r)
self.assertEqual(r.status_code, 200)
user = User.query.get('uid=newuser1,ou=users,dc=example,dc=com')
- roles = sorted([r.name for r in user.roles])
self.assertIsNotNone(user)
self.assertEqual(user.loginname, 'newuser1')
self.assertEqual(user.displayname, 'newuser1')
self.assertEqual(user.mail, 'newuser1@example.com')
+ roles = sorted([r.name for r in user.roles])
self.assertEqual(roles, ['base'])
user = User.query.get('uid=newuser2,ou=users,dc=example,dc=com')
- roles = sorted([r.name for r in user.roles])
self.assertIsNotNone(user)
self.assertEqual(user.loginname, 'newuser2')
self.assertEqual(user.displayname, 'newuser2')
self.assertEqual(user.mail, 'newuser2@example.com')
+ roles = sorted([r.name for r in user.roles])
self.assertEqual(roles, ['base', 'role1'])
user = User.query.get('uid=newuser3,ou=users,dc=example,dc=com')
- roles = sorted([r.name for r in user.roles])
self.assertIsNotNone(user)
self.assertEqual(user.loginname, 'newuser3')
self.assertEqual(user.displayname, 'newuser3')
self.assertEqual(user.mail, 'newuser3@example.com')
+ roles = sorted([r.name for r in user.roles])
self.assertEqual(roles, ['base', 'role1', 'role2'])
user = User.query.get('uid=newuser4,ou=users,dc=example,dc=com')
- roles = sorted([r.name for r in user.roles])
self.assertIsNotNone(user)
self.assertEqual(user.loginname, 'newuser4')
self.assertEqual(user.displayname, 'newuser4')
self.assertEqual(user.mail, 'newuser4@example.com')
+ roles = sorted([r.name for r in user.roles])
self.assertEqual(roles, ['base'])
user = User.query.get('uid=newuser5,ou=users,dc=example,dc=com')
- roles = sorted([r.name for r in user.roles])
self.assertIsNotNone(user)
self.assertEqual(user.loginname, 'newuser5')
self.assertEqual(user.displayname, 'newuser5')
self.assertEqual(user.mail, 'newuser5@example.com')
+ roles = sorted([r.name for r in user.roles])
self.assertEqual(roles, ['base'])
user = User.query.get('uid=newuser6,ou=users,dc=example,dc=com')
- roles = sorted([r.name for r in user.roles])
self.assertIsNotNone(user)
self.assertEqual(user.loginname, 'newuser6')
self.assertEqual(user.displayname, 'newuser6')
self.assertEqual(user.mail, 'newuser6@example.com')
+ roles = sorted([r.name for r in user.roles])
self.assertEqual(roles, ['base', 'role1', 'role2'])
self.assertIsNone(User.query.get('uid=newuser7,ou=users,dc=example,dc=com'))
self.assertIsNone(User.query.get('uid=newuser8,ou=users,dc=example,dc=com'))
self.assertIsNone(User.query.get('uid=newuser9,ou=users,dc=example,dc=com'))
user = User.query.get('uid=newuser10,ou=users,dc=example,dc=com')
- roles = sorted([r.name for r in user.roles])
self.assertIsNotNone(user)
self.assertEqual(user.loginname, 'newuser10')
self.assertEqual(user.displayname, 'newuser10')
self.assertEqual(user.mail, 'newuser10@example.com')
+ roles = sorted([r.name for r in user.roles])
self.assertEqual(roles, ['base'])
user = User.query.get('uid=newuser11,ou=users,dc=example,dc=com')
- roles = sorted([r.name for r in user.roles])
self.assertIsNotNone(user)
self.assertEqual(user.loginname, 'newuser11')
self.assertEqual(user.displayname, 'newuser11')
self.assertEqual(user.mail, 'newuser11@example.com')
# Currently the csv import is not very robust, imho newuser11 should have role1 and role2!
+ roles = sorted([r.name for r in user.roles])
#self.assertEqual(roles, ['base', 'role1', 'role2'])
self.assertEqual(roles, ['base', 'role2'])
user = User.query.get('uid=newuser12,ou=users,dc=example,dc=com')
- roles = sorted([r.name for r in user.roles])
self.assertIsNotNone(user)
self.assertEqual(user.loginname, 'newuser12')
self.assertEqual(user.displayname, 'newuser12')
self.assertEqual(user.mail, 'newuser12@example.com')
+ roles = sorted([r.name for r in user.roles])
self.assertEqual(roles, ['base', 'role1'])
class TestUserViewsOL(TestUserViews):
diff --git a/uffd/ldap.py b/uffd/ldap.py
index 28996ee844491de5c2c1a1c063a1cbfacc570332..eed9ca89fc07a60cc8d7675e4cb586c90fe3a5ac 100644
--- a/uffd/ldap.py
+++ b/uffd/ldap.py
@@ -32,7 +32,7 @@ def check_hashed(password_hash, password):
if algorithm in algorithms:
ctx = hashlib.new(algorithms[algorithm], password)
return data == ctx.digest()
- elif algorithm.startswith(b's') and algorithm[1:] in algorithms:
+ if algorithm.startswith(b's') and algorithm[1:] in algorithms:
ctx = hashlib.new(algorithms[algorithm[1:]], password)
salt = data[ctx.digest_size:]
ctx.update(salt)
@@ -69,11 +69,11 @@ def test_user_bind(bind_dn, bind_pw):
if not conn.response[0]['attributes'].get('userPassword'):
return False
return check_hashed(conn.response[0]['attributes']['userPassword'][0], bind_pw.encode())
- else:
- server = ldap3.Server(current_app.config["LDAP_SERVICE_URL"])
- conn = connect_and_bind_to_ldap(server, bind_dn, bind_pw)
- if not conn:
- return False
+
+ server = ldap3.Server(current_app.config["LDAP_SERVICE_URL"])
+ conn = connect_and_bind_to_ldap(server, bind_dn, bind_pw)
+ if not conn:
+ return False
except (LDAPBindError, LDAPPasswordIsMandatoryError, LDAPInvalidDnError):
return False
diff --git a/uffd/navbar.py b/uffd/navbar.py
index f5e244bea0dd6e2eb69c0cbc392dc288025eaec2..59198cc6f8bf643ee05c2d0ccdc15ffde3b64097 100644
--- a/uffd/navbar.py
+++ b/uffd/navbar.py
@@ -35,9 +35,11 @@ def register_navbar(name, iconlib='fa', icon=None, group=None, endpoint=None, bl
class StateMock:
def __init__(self, app):
self.app = app
+ # pylint: disable=C0415
from flask import current_app
+ # pylint: enable=C0415
deferred_call(StateMock(current_app))
return func
- return wrapper
\ No newline at end of file
+ return wrapper
diff --git a/uffd/session/views.py b/uffd/session/views.py
index d27eb43a2489ef50e2581acdb2fe3d34d1639c0d..039f525dfb0be11f3fe1987557d168bbec5e84c3 100644
--- a/uffd/session/views.py
+++ b/uffd/session/views.py
@@ -27,13 +27,14 @@ def login_get_user(loginname, password):
if not ldap.get_connection():
session.clear()
return None
-
+
try:
user = User.query.get(dn)
if user:
return user
except LDAPInvalidDnError:
- return None
+ pass
+ return None
@bp.route("/logout")
def logout():