diff options
author | Michał Górny <mgorny@gentoo.org> | 2013-09-06 23:42:37 +0200 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2013-09-12 15:39:07 +0200 |
commit | a54332c523c8025c2a92199f609d84aa034a8905 (patch) | |
tree | f3b819e494a2cebac9d5ee5a14f909c984ee044a /okupy/tests/unit/test_ldapuser.py | |
parent | Merge pull request #88 from tampakrap/templates (diff) | |
download | identity.gentoo.org-a54332c523c8025c2a92199f609d84aa034a8905.tar.gz identity.gentoo.org-a54332c523c8025c2a92199f609d84aa034a8905.tar.bz2 identity.gentoo.org-a54332c523c8025c2a92199f609d84aa034a8905.zip |
Use session identifiers for unique LDAP db aliases.
Since user binding is done per session, this should be both safer and
cleaner.
Diffstat (limited to 'okupy/tests/unit/test_ldapuser.py')
-rw-r--r-- | okupy/tests/unit/test_ldapuser.py | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/okupy/tests/unit/test_ldapuser.py b/okupy/tests/unit/test_ldapuser.py index f793009..a160571 100644 --- a/okupy/tests/unit/test_ldapuser.py +++ b/okupy/tests/unit/test_ldapuser.py @@ -57,13 +57,15 @@ class LDAPUserUnitTests(TestCase): request.session['secondary_password'] = cipher.encrypt( secondary_password) get_bound_ldapuser(request) - self.assertEqual(settings.DATABASES['ldap_alice']['PASSWORD'], + db_alias = 'ldap_%s' % request.session.cache_key + self.assertEqual(settings.DATABASES[db_alias]['PASSWORD'], b64encode(secondary_password)) def test_get_bound_ldapuser_bind_as_is_properly_set_from_password(self): request = set_request('/', user=vars.USER_ALICE) get_bound_ldapuser(request, password='ldaptest') - self.assertTrue(ldap_md5_crypt.verify(settings.DATABASES['ldap_alice'][ + db_alias = 'ldap_%s' % request.session.cache_key + self.assertTrue(ldap_md5_crypt.verify(settings.DATABASES[db_alias][ 'PASSWORD'], ldap_users('alice')[1]['userPassword'][0])) def test_get_bound_ldapuser_password_set(self): |