1 files changed, 69 insertions, 0 deletions

diff --git a/src/mailman/utilities/tests/test_passwords.py b/src/mailman/utilities/tests/test_passwords.py
index 60c201a5a..c9b3d2e91 100644
--- a/src/mailman/utilities/tests/test_passwords.py
+++ b/src/mailman/utilities/tests/test_passwords.py
@@ -27,7 +27,11 @@ __all__ = [
 
 import unittest
 
+from itertools import izip_longest
+
+from mailman.config import config
 from mailman.core import errors
+from mailman.testing.layers import ConfigLayer
 from mailman.utilities import passwords
 
 
@@ -138,6 +142,70 @@ class TestSchemeLookup(unittest.TestCase):
 
 
 
+# See itertools doc page examples.
+def _grouper(seq):
+    args = [iter(seq)] * 2
+    return list(izip_longest(*args))
+
+
+class TestPasswordGeneration(unittest.TestCase):
+    layer = ConfigLayer
+
+    def test_default_user_friendly_password_length(self):
+        self.assertEqual(len(passwords.make_user_friendly_password()),
+                         int(config.passwords.password_length))
+
+    def test_provided_user_friendly_password_length(self):
+        self.assertEqual(len(passwords.make_user_friendly_password(12)), 12)
+
+    def test_provided_odd_user_friendly_password_length(self):
+        self.assertEqual(len(passwords.make_user_friendly_password(15)), 15)
+
+    def test_user_friendly_password(self):
+        password = passwords.make_user_friendly_password()
+        for pair in _grouper(password):
+            # There will always be one vowel and one non-vowel.
+            vowel = (pair[0] if pair[0] in 'aeiou' else pair[1])
+            consonant = (pair[0] if pair[0] not in 'aeiou' else pair[1])
+            self.assertTrue(vowel in 'aeiou', vowel)
+            self.assertTrue(consonant not in 'aeiou', consonant)
+
+    def test_encrypt_password_plaintext_default_scheme(self):
+        # Test that a plain text password gets encrypted.
+        self.assertEqual(passwords.encrypt_password('abc'),
+                         '{CLEARTEXT}abc')
+
+    def test_encrypt_password_plaintext(self):
+        # Test that a plain text password gets encrypted with the given scheme.
+        scheme = passwords.Schemes.sha
+        self.assertEqual(passwords.encrypt_password('abc', scheme),
+                         '{SHA}qZk-NkcGgWq6PiVxeFDCbJzQ2J0=')
+
+    def test_encrypt_password_plaintext_by_scheme_name(self):
+        # Test that a plain text password gets encrypted with the given
+        # scheme, which is given by name.
+        self.assertEqual(passwords.encrypt_password('abc', 'cleartext'),
+                         '{CLEARTEXT}abc')
+
+    def test_encrypt_password_already_encrypted_default_scheme(self):
+        # Test that a password which is already encrypted is return unchanged.
+        self.assertEqual(passwords.encrypt_password('{SHA}abc'), '{SHA}abc')
+
+    def test_encrypt_password_already_encrypted(self):
+        # Test that a password which is already encrypted is return unchanged,
+        # ignoring any requested scheme.
+        scheme = passwords.Schemes.cleartext
+        self.assertEqual(passwords.encrypt_password('{SHA}abc', scheme),
+                         '{SHA}abc')
+
+    def test_encrypt_password_password_value_error(self):
+        self.assertRaises(ValueError, passwords.encrypt_password, 7)
+
+    def test_encrypt_password_scheme_value_error(self):
+        self.assertRaises(ValueError, passwords.encrypt_password, 'abc', 'foo')
+
+
+
 def test_suite():
     suite = unittest.TestSuite()
     suite.addTest(unittest.makeSuite(TestBogusPasswords))
@@ -147,4 +215,5 @@ def test_suite():
     suite.addTest(unittest.makeSuite(TestSSHAPasswords))
     suite.addTest(unittest.makeSuite(TestPBKDF2Passwords))
     suite.addTest(unittest.makeSuite(TestSchemeLookup))
+    suite.addTest(unittest.makeSuite(TestPasswordGeneration))
     return suite