From 25b407e24fe21dc46a4f9efa77734d55e0ed4bdd Mon Sep 17 00:00:00 2001
From: Barry Warsaw
Date: Fri, 8 Apr 2011 22:02:49 -0400
Subject: encrypt_password(): New convenience function for ensuring that a
 password is both encrypted according to a scheme, and a bytes object.

add_member(): Use encrypt_password().

cli_members: Give the user a default, user-friendly password.  Of course, this
will be encrypted so it can't be retrieved, but it can be reset.

Passwords are stored as bytes objects, not unicode now.

ConfigLayer: Set the default test password scheme to cleartext.

General test repair.
---
 src/mailman/utilities/tests/test_passwords.py | 34 +++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

(limited to 'src/mailman/utilities/tests')

diff --git a/src/mailman/utilities/tests/test_passwords.py b/src/mailman/utilities/tests/test_passwords.py
index 7b6989779..c9b3d2e91 100644
--- a/src/mailman/utilities/tests/test_passwords.py
+++ b/src/mailman/utilities/tests/test_passwords.py
@@ -170,6 +170,40 @@ class TestPasswordGeneration(unittest.TestCase):
             self.assertTrue(vowel in 'aeiou', vowel)
             self.assertTrue(consonant not in 'aeiou', consonant)
 
+    def test_encrypt_password_plaintext_default_scheme(self):
+        # Test that a plain text password gets encrypted.
+        self.assertEqual(passwords.encrypt_password('abc'),
+                         '{CLEARTEXT}abc')
+
+    def test_encrypt_password_plaintext(self):
+        # Test that a plain text password gets encrypted with the given scheme.
+        scheme = passwords.Schemes.sha
+        self.assertEqual(passwords.encrypt_password('abc', scheme),
+                         '{SHA}qZk-NkcGgWq6PiVxeFDCbJzQ2J0=')
+
+    def test_encrypt_password_plaintext_by_scheme_name(self):
+        # Test that a plain text password gets encrypted with the given
+        # scheme, which is given by name.
+        self.assertEqual(passwords.encrypt_password('abc', 'cleartext'),
+                         '{CLEARTEXT}abc')
+
+    def test_encrypt_password_already_encrypted_default_scheme(self):
+        # Test that a password which is already encrypted is return unchanged.
+        self.assertEqual(passwords.encrypt_password('{SHA}abc'), '{SHA}abc')
+
+    def test_encrypt_password_already_encrypted(self):
+        # Test that a password which is already encrypted is return unchanged,
+        # ignoring any requested scheme.
+        scheme = passwords.Schemes.cleartext
+        self.assertEqual(passwords.encrypt_password('{SHA}abc', scheme),
+                         '{SHA}abc')
+
+    def test_encrypt_password_password_value_error(self):
+        self.assertRaises(ValueError, passwords.encrypt_password, 7)
+
+    def test_encrypt_password_scheme_value_error(self):
+        self.assertRaises(ValueError, passwords.encrypt_password, 'abc', 'foo')
+
 
 
 def test_suite():
-- 
cgit v1.2.3-70-g09d2