You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2014/06/20 17:52:26 UTC
[09/15] git commit: [#7432] ticket:598 Password expiration for LDAP
provider
[#7432] ticket:598 Password expiration for LDAP provider
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/90035805
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/90035805
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/90035805
Branch: refs/heads/master
Commit: 9003580505d40bb68274149b0b6222029373fe32
Parents: 5488d3a
Author: Igor Bondarenko <je...@gmail.com>
Authored: Thu Jun 5 09:21:28 2014 +0300
Committer: Dave Brondsema <db...@slashdotmedia.com>
Committed: Fri Jun 20 15:45:57 2014 +0000
----------------------------------------------------------------------
Allura/allura/lib/plugin.py | 5 ++++
.../tests/unit/test_ldap_auth_provider.py | 30 ++++++++++++++++++++
2 files changed, 35 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/90035805/Allura/allura/lib/plugin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py
index b6b9986..344dc6b 100644
--- a/Allura/allura/lib/plugin.py
+++ b/Allura/allura/lib/plugin.py
@@ -469,6 +469,8 @@ class LdapAuthenticationProvider(AuthenticationProvider):
con.modify_s(
dn, [(ldap.MOD_REPLACE, 'userPassword', new_password)])
con.unbind_s()
+ user.last_password_updated = datetime.utcnow()
+ session(user).flush(user)
except ldap.INVALID_CREDENTIALS:
raise exc.HTTPUnauthorized()
@@ -522,6 +524,9 @@ class LdapAuthenticationProvider(AuthenticationProvider):
def disable_user(self, user):
return LocalAuthenticationProvider(None).disable_user(user)
+ def get_last_password_updated(self, user):
+ return LocalAuthenticationProvider(None).get_last_password_updated(user)
+
class ProjectRegistrationProvider(object):
'''
http://git-wip-us.apache.org/repos/asf/allura/blob/90035805/Allura/allura/tests/unit/test_ldap_auth_provider.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/unit/test_ldap_auth_provider.py b/Allura/allura/tests/unit/test_ldap_auth_provider.py
index e780f59..cc37b53 100644
--- a/Allura/allura/tests/unit/test_ldap_auth_provider.py
+++ b/Allura/allura/tests/unit/test_ldap_auth_provider.py
@@ -17,6 +17,9 @@
# specific language governing permissions and limitations
# under the License.
+import calendar
+from datetime import datetime, timedelta
+from bson import ObjectId
from mock import patch, Mock
from nose.tools import assert_equal, assert_not_equal, assert_true
from webob import Request
@@ -46,6 +49,7 @@ class TestLdapAuthenticationProvider(object):
@patch('allura.lib.plugin.ldap')
def test_set_password(self, ldap):
user = Mock(username='test-user')
+ user.__ming__ = Mock()
self.provider._encode_password = Mock(return_value='new-pass-hash')
ldap.dn.escape_dn_chars = lambda x: x
@@ -100,3 +104,29 @@ class TestLdapAuthenticationProvider(object):
'admin-password')
connection.add_s.assert_called_once_with(dn, modlist.addModlist.return_value)
connection.unbind_s.assert_called_once()
+
+ @patch('allura.lib.plugin.ldap')
+ def test_set_password_sets_last_updated(self, ldap):
+ user = Mock()
+ user.__ming__ = Mock()
+ user.last_password_updated = None
+ now1 = datetime.utcnow()
+ self.provider.set_password(user, None, 'new')
+ now2 = datetime.utcnow()
+ assert_true(user.last_password_updated > now1)
+ assert_true(user.last_password_updated < now2)
+
+ def test_get_last_password_updated_not_set(self):
+ user = Mock()
+ user._id = ObjectId()
+ user.last_password_updated = None
+ upd = self.provider.get_last_password_updated(user)
+ gen_time = datetime.utcfromtimestamp(
+ calendar.timegm(user._id.generation_time.utctimetuple()))
+ assert_equal(upd, gen_time)
+
+ def test_get_last_password_updated(self):
+ user = Mock()
+ user.last_password_updated = datetime(2014, 06, 04, 13, 13, 13)
+ upd = self.provider.get_last_password_updated(user)
+ assert_equal(upd, user.last_password_updated)