New tests for the Message class (Mailman's not mimelib's), the

SafeDict class and the SecurityManager class.

3 files changed, 466 insertions, 0 deletions

diff --git a/tests/test_message.py b/tests/test_message.py
new file mode 100644
index 000000000..4a06b0ad1
--- /dev/null
+++ b/tests/test_message.py
@@ -0,0 +1,102 @@
+# Copyright (C) 2001 by the Free Software Foundation, Inc.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software 
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+"""Unit tests for the various Message class methods.
+"""
+
+import unittest
+import email
+
+from Mailman import Message
+from Mailman import Version
+from Mailman import Errors
+
+from EmailBase import EmailBase
+
+
+
+class TestSentMessage(EmailBase):
+    def test_user_notification(self):
+        eq = self.assertEqual
+        unless = self.failUnless
+        msg = Message.UserNotification(
+            'aperson@dom.ain',
+            '_xtest@dom.ain',
+            'Your Test List',
+            'About your test list')
+        msg.send(self._mlist)
+        qmsg = email.message_from_string(self._readmsg())
+        eq(qmsg['subject'], 'Your Test List')
+        eq(qmsg['from'], '_xtest@dom.ain')
+        eq(qmsg['to'], 'aperson@dom.ain')
+        # The Message-ID: header has some time-variant information
+        msgid = qmsg['message-id']
+        unless(msgid.startswith('<mailman.'))
+        unless(msgid.endswith('._xtest@dom.ain>'))
+        eq(qmsg['sender'], '_xtest-admin@dom.ain')
+        eq(qmsg['errors-to'], '_xtest-admin@dom.ain')
+        eq(qmsg['x-beenthere'], '_xtest@dom.ain')
+        eq(qmsg['x-mailman-version'], Version.VERSION)
+        eq(qmsg['precedence'], 'bulk')
+        eq(qmsg['list-help'], '<mailto:_xtest-request@dom.ain?subject=help>')
+        eq(qmsg['list-post'], '<mailto:_xtest@dom.ain>')
+        eq(qmsg['list-subscribe'], """\
+<http://www.dom.ain/mailman/listinfo/_xtest>,
+	<mailto:_xtest-request@dom.ain?subject=subscribe>""")
+        eq(qmsg['list-id'], '<_xtest.dom.ain>')
+        eq(qmsg['list-unsubscribe'], """\
+<http://www.dom.ain/mailman/listinfo/_xtest>,
+	<mailto:_xtest-request@dom.ain?subject=unsubscribe>""")
+        eq(qmsg['list-archive'], '<http://www.dom.ain/pipermail/_xtest/>')
+        eq(qmsg.get_payload(), 'About your test list')
+
+    def test_bounce_message(self):
+        eq = self.assertEqual
+        unless = self.failUnless
+        msg = email.message_from_string("""\
+To: _xtest@dom.ain
+From: nobody@dom.ain
+Subject: and another thing
+
+yadda yadda yadda
+""", Message.Message)
+        self._mlist.BounceMessage(msg, {})
+        qmsg = email.message_from_string(self._readmsg())
+        unless(qmsg.is_multipart())
+        eq(len(qmsg.get_payload()), 2)
+        # The first payload is the details of the bounce action, and the
+        # second message is the message/rfc822 attachment of the original
+        # message.
+        msg1 = qmsg.get_payload(0)
+        eq(msg1.get_type(), 'text/plain')
+        eq(msg1.get_payload(), '[No bounce details are available]\n')
+        msg2 = qmsg.get_payload(1)
+        eq(msg2.get_type(), 'message/rfc822')
+        unless(not msg2.is_multipart())
+        msg3 = msg2.get_payload()
+        eq(msg3.get_payload(), 'yadda yadda yadda\n')
+
+
+
+def suite():
+    suite = unittest.TestSuite()
+    suite.addTest(unittest.makeSuite(TestSentMessage))
+    return suite
+
+
+
+if __name__ == '__main__':
+    unittest.main(defaultTest='suite')
diff --git a/tests/test_safedict.py b/tests/test_safedict.py
new file mode 100644
index 000000000..ac340918f
--- /dev/null
+++ b/tests/test_safedict.py
@@ -0,0 +1,103 @@
+# Copyright (C) 2001 by the Free Software Foundation, Inc.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software 
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+"""Unit tests for the SafeDict.py module
+"""
+
+import email
+import unittest
+
+from Mailman import SafeDict
+
+
+
+class TestSafeDict(unittest.TestCase):
+    def test_okay(self):
+        sd = SafeDict.SafeDict({'foo': 'bar'})
+        si = '%(foo)s' % sd
+        self.assertEqual(si, 'bar')
+
+    def test_key_error(self):
+        sd = SafeDict.SafeDict({'foo': 'bar'})
+        si = '%(baz)s' % sd
+        self.assertEqual(si, '%(baz)s')
+
+    def test_key_error_not_string(self):
+        key = ()
+        sd = SafeDict.SafeDict({})
+        self.assertEqual(sd[key], '<Missing key: ()>')
+
+
+
+class TestMsgSafeDict(unittest.TestCase):
+    def setUp(self):
+        self._msg = email.message_from_string("""To: foo
+From: bar
+Subject: baz
+Cc: aperson@dom.ain
+Cc: bperson@dom.ain
+
+""")
+
+    def test_normal_key(self):
+        sd = SafeDict.MsgSafeDict(self._msg, {'key': 'value'})
+        si = '%(key)s' % sd
+        self.assertEqual(si, 'value')
+
+    def test_msg_key(self):
+        sd = SafeDict.MsgSafeDict(self._msg, {'to': 'value'})
+        si = '%(msg_to)s' % sd
+        self.assertEqual(si, 'foo')
+
+    def test_allmsg_key(self):
+        sd = SafeDict.MsgSafeDict(self._msg, {'cc': 'value'})
+        si = '%(allmsg_cc)s' % sd
+        self.assertEqual(si, 'aperson@dom.ain, bperson@dom.ain')
+
+    def test_msg_no_key(self):
+        sd = SafeDict.MsgSafeDict(self._msg)
+        si = '%(msg_date)s' % sd
+        self.assertEqual(si, 'n/a')
+
+    def test_allmsg_no_key(self):
+        sd = SafeDict.MsgSafeDict(self._msg)
+        si = '%(allmsg_date)s' % sd
+        self.assertEqual(si, 'n/a')
+
+    def test_copy(self):
+        sd = SafeDict.MsgSafeDict(self._msg, {'foo': 'bar'})
+        copy = sd.copy()
+        items = copy.items()
+        items.sort()
+        self.assertEqual(items, [
+            ('allmsg_cc', 'aperson@dom.ain, bperson@dom.ain'),
+            ('foo', 'bar'),
+            ('msg_from', 'bar'),
+            ('msg_subject', 'baz'),
+            ('msg_to', 'foo'),
+            ])
+
+
+def suite():
+    suite = unittest.TestSuite()
+    suite.addTest(unittest.makeSuite(TestSafeDict))
+    suite.addTest(unittest.makeSuite(TestMsgSafeDict))
+    return suite
+
+
+
+if __name__ == '__main__':
+    unittest.main(defaultTest='suite')
diff --git a/tests/test_security_mgr.py b/tests/test_security_mgr.py
new file mode 100644
index 000000000..451e6bbd8
--- /dev/null
+++ b/tests/test_security_mgr.py
@@ -0,0 +1,261 @@
+# Copyright (C) 2001 by the Free Software Foundation, Inc.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software 
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+"""Unit tests for Mailman/SecurityManager.py
+"""
+
+import os
+import unittest
+import errno
+import md5
+import sha
+import Cookie
+try:
+    import crypt
+except ImportError:
+    crypt = None
+from cStringIO import StringIO
+
+from Mailman import mm_cfg
+from Mailman import Utils
+from Mailman import Errors
+
+from TestBase import TestBase
+
+
+
+def password(plaintext):
+    return sha.new(plaintext).hexdigest()
+
+
+
+class TestSecurityManager(TestBase):
+    def test_init_vars(self):
+        eq = self.assertEqual
+        eq(self._mlist.mod_password, None)
+        eq(self._mlist.passwords, {})
+
+    def test_auth_context_info_authuser(self):
+        mlist = self._mlist
+        self.assertRaises(TypeError, mlist.AuthContextInfo, mm_cfg.AuthUser)
+        # Add a member
+        mlist.addNewMember('aperson@dom.ain', password='xxXXxx')
+        self.assertEqual(
+            mlist.AuthContextInfo(mm_cfg.AuthUser, 'aperson@dom.ain'),
+            ('_xtest+user+aperson--at--dom.ain', 'xxXXxx'))
+
+    def test_auth_context_moderator(self):
+        mlist = self._mlist
+        mlist.mod_password = 'yyYYyy'
+        self.assertEqual(
+            mlist.AuthContextInfo(mm_cfg.AuthListModerator),
+            ('_xtest+moderator', 'yyYYyy'))
+
+    def test_auth_context_admin(self):
+        mlist = self._mlist
+        mlist.password = 'zzZZzz'
+        self.assertEqual(
+            mlist.AuthContextInfo(mm_cfg.AuthListAdmin),
+            ('_xtest+admin', 'zzZZzz'))
+
+    def test_auth_context_site(self):
+        mlist = self._mlist
+        mlist.password = 'aaAAaa'
+        self.assertEqual(
+            mlist.AuthContextInfo(mm_cfg.AuthSiteAdmin),
+            ('_xtest+admin', 'aaAAaa'))
+
+    def test_auth_context_huh(self):
+        self.assertEqual(
+            self._mlist.AuthContextInfo('foo'),
+            (None, None))
+
+
+
+class TestAuthenticate(TestBase):
+    def setUp(self):
+        TestBase.setUp(self)
+        Utils.set_global_password('bbBBbb', siteadmin=1)
+        Utils.set_global_password('ccCCcc', siteadmin=0)
+
+    def tearDown(self):
+        try:
+            os.unlink(mm_cfg.SITE_PW_FILE)
+        except OSError, e:
+            if e.errno <> errno.ENOENT: raise
+        try:
+            os.unlink(mm_cfg.LISTCREATOR_PW_FILE)
+        except OSError, e:
+            if e.errno <> errno.ENOENT: raise
+        TestBase.tearDown(self)
+        
+    def test_auth_creator(self):
+        self.assertEqual(self._mlist.Authenticate(
+            [mm_cfg.AuthCreator], 'ccCCcc'), mm_cfg.AuthCreator)
+
+    def test_auth_creator_unauth(self):
+        self.assertEqual(self._mlist.Authenticate(
+            [mm_cfg.AuthCreator], 'xxxxxx'), mm_cfg.UnAuthorized)
+
+    def test_auth_site_admin(self):
+        self.assertEqual(self._mlist.Authenticate(
+            [mm_cfg.AuthSiteAdmin], 'bbBBbb'), mm_cfg.AuthSiteAdmin)
+
+    def test_auth_site_admin_unauth(self):
+        self.assertEqual(self._mlist.Authenticate(
+            [mm_cfg.AuthSiteAdmin], 'xxxxxx'), mm_cfg.UnAuthorized)
+
+    def test_list_admin(self):
+        self._mlist.password = password('ttTTtt')
+        self.assertEqual(self._mlist.Authenticate(
+            [mm_cfg.AuthListAdmin], 'ttTTtt'), mm_cfg.AuthListAdmin)
+
+    def test_list_admin_unauth(self):
+        self._mlist.password = password('ttTTtt')
+        self.assertEqual(self._mlist.Authenticate(
+            [mm_cfg.AuthListAdmin], 'xxxxxx'), mm_cfg.UnAuthorized)
+
+    def test_list_admin_upgrade(self):
+        eq = self.assertEqual
+        mlist = self._mlist
+        mlist.password = md5.new('ssSSss').digest()
+        eq(mlist.Authenticate(
+            [mm_cfg.AuthListAdmin], 'ssSSss'), mm_cfg.AuthListAdmin)
+        eq(mlist.password, password('ssSSss'))
+        # Test crypt upgrades if crypt is supported
+        if crypt:
+            mlist.password = crypt.crypt('rrRRrr', 'zc')
+            eq(self._mlist.Authenticate(
+                [mm_cfg.AuthListAdmin], 'rrRRrr'), mm_cfg.AuthListAdmin)
+            eq(mlist.password, password('rrRRrr'))
+
+    def test_list_admin_oldstyle_unauth(self):
+        eq = self.assertEqual
+        mlist = self._mlist
+        mlist.password = md5.new('ssSSss').digest()
+        eq(mlist.Authenticate(
+            [mm_cfg.AuthListAdmin], 'xxxxxx'), mm_cfg.UnAuthorized)
+        eq(mlist.password, md5.new('ssSSss').digest())
+        # Test crypt upgrades if crypt is supported
+        if crypt:
+            mlist.password = crypted = crypt.crypt('rrRRrr', 'zc')
+            eq(self._mlist.Authenticate(
+                [mm_cfg.AuthListAdmin], 'xxxxxx'), mm_cfg.UnAuthorized)
+            eq(mlist.password, crypted)
+
+    def test_list_moderator(self):
+        self._mlist.mod_password = password('mmMMmm')
+        self.assertEqual(self._mlist.Authenticate(
+            [mm_cfg.AuthListModerator], 'mmMMmm'), mm_cfg.AuthListModerator)
+
+    def test_user(self):
+        mlist = self._mlist
+        mlist.addNewMember('aperson@dom.ain', password='nosrepa')
+        self.assertEqual(mlist.Authenticate(
+            [mm_cfg.AuthUser], 'nosrepa', 'aperson@dom.ain'), mm_cfg.AuthUser)
+
+    def test_wrong_user(self):
+        mlist = self._mlist
+        mlist.addNewMember('aperson@dom.ain', password='nosrepa')
+        self.assertRaises(Errors.NotAMemberError, mlist.Authenticate,
+                          [mm_cfg.AuthUser], 'nosrepa', 'bperson@dom.ain')
+
+    def test_no_user(self):
+        mlist = self._mlist
+        mlist.addNewMember('aperson@dom.ain', password='nosrepa')
+        self.assertRaises(TypeError, mlist.Authenticate,
+                          [mm_cfg.AuthUser], 'nosrepa')
+
+    def test_user_unauth(self):
+        mlist = self._mlist
+        mlist.addNewMember('aperson@dom.ain', password='nosrepa')
+        self.assertEqual(mlist.Authenticate(
+            [mm_cfg.AuthUser], 'xxxxxx', 'aperson@dom.ain'),
+                         mm_cfg.UnAuthorized)
+
+    def test_value_error(self):
+        self.assertRaises(ValueError, self._mlist.Authenticate,
+                          ['spooge'], 'xxxxxx', 'zperson@dom.ain')
+
+
+
+class TestWebAuthenticate(TestBase):
+    def setUp(self):
+        TestBase.setUp(self)
+        Utils.set_global_password('bbBBbb', siteadmin=1)
+        Utils.set_global_password('ccCCcc', siteadmin=0)
+        mlist = self._mlist
+        mlist.mod_password = password('abcdefg')
+        mlist.addNewMember('aperson@dom.ain', password='qqQQqq')
+        # Set up the cookie data
+        sfp = StringIO()
+        print >> sfp, mlist.MakeCookie(mm_cfg.AuthSiteAdmin)
+        # AuthCreator isn't handled in AuthContextInfo()
+        print >> sfp, mlist.MakeCookie(mm_cfg.AuthListAdmin)
+        print >> sfp, mlist.MakeCookie(mm_cfg.AuthListModerator)
+        print >> sfp, mlist.MakeCookie(mm_cfg.AuthUser, 'aperson@dom.ain')
+        os.environ['HTTP_COOKIE'] = sfp.getvalue()
+
+    def tearDown(self):
+        try:
+            os.unlink(mm_cfg.SITE_PW_FILE)
+        except OSError, e:
+            if e.errno <> errno.ENOENT: raise
+        try:
+            os.unlink(mm_cfg.LISTCREATOR_PW_FILE)
+        except OSError, e:
+            if e.errno <> errno.ENOENT: raise
+        TestBase.tearDown(self)
+
+    def test_auth_site_admin(self):
+        self.assertEqual(self._mlist.WebAuthenticate(
+            [mm_cfg.AuthSiteAdmin], 'xxxxxx'), 1)
+
+    def test_list_admin(self):
+        self.assertEqual(self._mlist.WebAuthenticate(
+            [mm_cfg.AuthListAdmin], 'xxxxxx'), 1)
+
+    def test_list_moderator(self):
+        self.assertEqual(self._mlist.WebAuthenticate(
+            [mm_cfg.AuthListModerator], 'xxxxxx'), 1)
+
+    def test_user(self):
+        self.assertEqual(self._mlist.WebAuthenticate(
+            [mm_cfg.AuthUser], 'xxxxxx'), 1)
+
+    def test_not_a_user(self):
+        self._mlist.removeMember('aperson@dom.ain')
+        self.assertEqual(self._mlist.WebAuthenticate(
+            [mm_cfg.AuthUser], 'xxxxxx', 'aperson@dom.ain'), 0)
+
+
+
+# TBD: Tests for MakeCookie(), ZapCookie(), CheckCookie() -- although the
+# latter is implicitly tested by testing WebAuthenticate() above.
+
+
+
+def suite():
+    suite = unittest.TestSuite()
+    suite.addTest(unittest.makeSuite(TestSecurityManager))
+    suite.addTest(unittest.makeSuite(TestAuthenticate))
+    suite.addTest(unittest.makeSuite(TestWebAuthenticate))
+    return suite
+
+
+
+if __name__ == '__main__':
+    unittest.main(defaultTest='suite')