From 065996e0df98556bc2199466a4aaeb2268e5cfd2 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Sat, 7 Jun 2008 14:48:52 +0000 Subject: [PATCH] Unit tests and password validation code * provide nose based unit test infrastructure (fixes #20) * create unit tests for gnuviechadmin.util.passwordutils * add password validation function to gnuviechadmin.util.passwordutils (fixes #19) * make new files PEP8 clean (addresses #18) git-svn-id: file:///home/www/usr01/svn/gnuviechadmin/trunk@258 a67ec6bc-e5d5-0310-a910-815c51eb3124 --- gnuviechadmin/tests/__init__.py | 42 +++++++++++ gnuviechadmin/tests/functional/__init__.py | 23 ++++++ .../functional/test_util_passwordutils.py | 72 +++++++++++++++++++ gnuviechadmin/util/passwordutils.py | 11 ++- setup.py | 26 +++---- 5 files changed, 156 insertions(+), 18 deletions(-) create mode 100644 gnuviechadmin/tests/__init__.py create mode 100644 gnuviechadmin/tests/functional/__init__.py create mode 100644 gnuviechadmin/tests/functional/test_util_passwordutils.py diff --git a/gnuviechadmin/tests/__init__.py b/gnuviechadmin/tests/__init__.py new file mode 100644 index 0000000..091c595 --- /dev/null +++ b/gnuviechadmin/tests/__init__.py @@ -0,0 +1,42 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2008 by Jan Dittberner. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, +# USA. +# +# Version: $Id$ +"""Gnuviechadmin application test package + +When the test runner finds and executes test within this directory, +this file will be loaded to setup the test environment. + +It registers the root directory of the project in sys.path and +pkg_resources, in case the project hasn't been installed with +setuptools. +""" +import os +import sys +from unittest import TestCase + +import pkg_resources + +here_dir = os.path.dirname(os.path.abspath(__file__)) +conf_dir = os.path.dirname(os.path.dirname(here_dir)) + +sys.path.insert(0, conf_dir) +pkg_resources.working_set.add_entry(conf_dir) + +test_file = os.path.join(conf_dir, 'test.ini') diff --git a/gnuviechadmin/tests/functional/__init__.py b/gnuviechadmin/tests/functional/__init__.py new file mode 100644 index 0000000..24d3c45 --- /dev/null +++ b/gnuviechadmin/tests/functional/__init__.py @@ -0,0 +1,23 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2007, 2008 by Jan Dittberner. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, +# USA. +# +# Version: $Id$ +"""This package provides functional unit tests for gnuviechadmin. + +""" diff --git a/gnuviechadmin/tests/functional/test_util_passwordutils.py b/gnuviechadmin/tests/functional/test_util_passwordutils.py new file mode 100644 index 0000000..ae43958 --- /dev/null +++ b/gnuviechadmin/tests/functional/test_util_passwordutils.py @@ -0,0 +1,72 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2008 by Jan Dittberner. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, +# USA. +# +# Version: $Id$ +"""Unit tests for gnuviechadmin.util.passwordutils. + +""" +from gnuviechadmin.util import passwordutils +from unittest import TestCase +import crypt + + +class TestPasswordUtils(TestCase): + weakpw = "test" + strongpw = "Str0ng#l33tP4assword" + + def test_generatepassword(self): + password = passwordutils.generatepassword() + self.assert_(password is not None) + + def test_checkpassword(self): + weakcheck = passwordutils.checkpassword(self.weakpw) + self.assertEqual(weakcheck, None, + "checking a weak password should return ''None''." + \ + "%s was returned." % weakcheck) + strongcheck = passwordutils.checkpassword(self.strongpw) + self.assertEqual(self.strongpw, strongcheck, + 'checking a strong password should return the ' + \ + ' the password. %s was returned.' % strongcheck) + + def test_md5_crypt_password(self): + encrypted = passwordutils.md5_crypt_password(self.strongpw) + self.assertNotEqual(self.strongpw, encrypted) + self.assertEqual(encrypted, crypt.crypt(self.strongpw, encrypted)) + + def test_get_pw_tuple(self): + + def check_tuple(pwtuple): + self.assertEqual(len(pwtuple), 2) + self.assertNotEqual(pwtuple[0], None) + self.assert_(len(pwtuple[0]) >= 8) + self.assertEqual(pwtuple[1], crypt.crypt(pwtuple[0], pwtuple[1])) + check_tuple(passwordutils.get_pw_tuple()) + weakpwtuple = passwordutils.get_pw_tuple(self.weakpw) + check_tuple(weakpwtuple) + self.assertNotEqual(self.weakpw, weakpwtuple[0]) + strongpwtuple = passwordutils.get_pw_tuple(self.strongpw) + check_tuple(strongpwtuple) + self.assertEqual(self.strongpw, strongpwtuple[0]) + + def test_validate_password(self): + hashed = passwordutils.md5_crypt_password(self.strongpw) + self.assertEqual(passwordutils.validate_password(hashed, + self.strongpw), True) + self.assertEqual(passwordutils.validate_password(self.weakpw, + self.strongpw), False) diff --git a/gnuviechadmin/util/passwordutils.py b/gnuviechadmin/util/passwordutils.py index cde79ff..a952de4 100644 --- a/gnuviechadmin/util/passwordutils.py +++ b/gnuviechadmin/util/passwordutils.py @@ -23,6 +23,9 @@ import crypt import crack import random +import logging + +log = logging.getLogger(__name__) _pwchars = [] for _pair in (('0', '9'), ('A', 'Z'), ('a', 'z')): @@ -59,7 +62,7 @@ def checkpassword(password): try: return crack.VeryFascistCheck(password) except ValueError, ve: - print "Weak password:", ve + log.info("Weak password: %s", ve) return None @@ -89,4 +92,8 @@ def get_pw_tuple(password = None): return (password, md5_crypt_password(password)) -# TODO: implement a is_password_valid(hash, password) function +def validate_password(hash, password): + """Validates whether the given clear text password matches the + given hash value. + """ + return hash == crypt.crypt(password, hash) diff --git a/setup.py b/setup.py index c61c625..1c2a3b9 100644 --- a/setup.py +++ b/setup.py @@ -24,26 +24,20 @@ from setuptools import setup, find_packages setup( name = 'gnuviechadmin', version = '0.1', - packages = find_packages(), - scripts = ['bin/gva'], - - install_requires = ['sqlalchemy >= 0.4', - 'sqlalchemy-migrate >= 0.4', -# 'pyme >= 0.7', -# 'python-crack >= 0.5' - ], - setup_requires = [], - - include_package_data = True, - exclude_package_data = {'': ['gva.cfg']}, - + description = 'gnuviechadmin server administration suite', author = 'Jan Dittberner', author_email = 'jan@dittberner.info', - description = 'gnuviechadmin server administration suite', + url = 'http://www.gnuviech-server.de/projects/gnuviechadmin', + install_requires = ['SQLAlchemy>=0.4', 'sqlalchemy-migrate>=0.4', + 'AuthKit>=0.4'], + packages = find_packages(), + include_package_data = True, + exclude_package_data = {'': ['gva.cfg']}, + test_suite='nose.collector', + scripts = ['bin/gva', 'bin/gvaserver'], long_description = """this is a suite of tools for administering a server it contains tools for maintaining e.g. clients, domains, users, mail accounts""", license = 'GPL', keywords = 'administration backend frontend', - url = 'http://www.gnuviech-server.de/projects/gnuviechadmin', - ) +)