Canonical SSO provider

Merge lp:~jaboing/canonical-identity-provider/sso into lp:canonical-identity-provider/release

  1. sso
  2. Merge into trunk
Proposed by Julien Funk
Status: Merged
Approved by: Ricardo Kirkner
Approved revision: no longer in the source branch.
Merged at revision: 392
Proposed branch: lp:~jaboing/canonical-identity-provider/sso
Merge into: lp:canonical-identity-provider/release
Diff against target: 250 lines (+72/-33)
8 files modified
identityprovider/tests/acceptance/devices/add_device.py (+1/-4)
identityprovider/tests/acceptance/devices/add_device_google.py (+8/-5)
identityprovider/tests/acceptance/devices/add_device_yubikey.py (+7/-5)
identityprovider/tests/acceptance/devices/add_two_devices.py (+10/-5)
identityprovider/tests/acceptance/devices/delete_device.py (+2/-6)
identityprovider/tests/acceptance/devices/rename_device.py (+9/-7)
identityprovider/tests/acceptance/shared/devices.py (+11/-1)
identityprovider/tests/acceptance/shared/helpers.py (+24/-0)
To merge this branch: bzr merge lp:~jaboing/canonical-identity-provider/sso
Reviewer Review Type Date Requested Status
Ricardo Kirkner (community) Approve
Review via email: mp+100224@code.launchpad.net

Commit message

Removed TWOFACTOR flags and updated scripts to work for Dev/Production/Staging - added function 'delete_device' to devices.py and function 'login_to_isdqa_account' to helpers.py. All are tested pass and should now run as part of the default acceptance suite.

Description of the change

Removed TWOFACTOR flags and updated scripts to work for Dev/Production/Staging - added function 'delete_device' to devices.py and function 'login_to_isdqa_account' to helpers.py. All are tested pass and should now run as part of the default acceptance suite.

To post a comment you must log in.
Revision history for this message
Ricardo Kirkner (ricardokirkner) wrote :

A few comments and questions

- why not refactor the if statement into the register_account helper? (the register_account helper would then be 'smart' enough to created the account if needed or log in with the sanctified account if not); this also reduces the changes required

- l.141-142: the double call to delete_device is intentional?

- removing the TWOFACTOR flag will make this run everywhere (dev, staging, prod), so are we sure these tests pass against staging/prod?

- in login_to_isdqa_account you create the account if it's missing; but I don't see how this new account gets the necessary twofactor bits enabled (unless register_account does this by default). Why can't we always call login_to_isdqa_account, both on staging/prod and dev, and get rid of the if statement alltogether?

Revision history for this message
Julien Funk (jaboing) wrote :

- I added a new helper login_or_register_account() which is smart enough to create the account or log in with the sanctified account

- the double call is indeed intentional, I clarified this in the comment

- I ahventested all the tests against production/staging/dev already and they all pass happily

- I think you misunderstood the login_to_isdqa_account function, it does not create a new account at all, it simply logs into the existing isdqa account. The reason we cannot call this on dev is because the isdqa account does not exist by default on the developer machines and instead a new account must be created in the local database. On staging and production however the isdqa account exists already.

Will merge shortly.

Revision history for this message
Ricardo Kirkner (ricardokirkner) wrote :

This looks much better, thanks. However a few more small issues:

l. 205-206: this seems oddly indented. is this correct? (looks like this was supposed to be indented one extra level maybe? (inside the delete_device function?)

l. 247: login_to_isdqa_account is calling register_account when on staging when the password doesn't match. Why do we register an account on staging but not on production? Shouldn't both environments be consistent?

review: Needs Fixing
Revision history for this message
Ricardo Kirkner (ricardokirkner) wrote :

LGTM. Thanks!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'identityprovider/tests/acceptance/devices/add_device.py'
2--- identityprovider/tests/acceptance/devices/add_device.py 2012-03-02 10:22:00 +0000
3+++ identityprovider/tests/acceptance/devices/add_device.py 2012-04-09 20:00:32 +0000
4@@ -10,11 +10,8 @@
5
6
7 config.set_base_url_from_env()
8-# TODO: remove once staging / production have two-factor authentication
9-check_flags('TWOFACTOR')
10
11-# Create account and login
12-helpers.register_account()
13+helpers.login_or_register_account()
14
15 # Go to the authentication devices page
16 click_link('devices-link')
17
18=== modified file 'identityprovider/tests/acceptance/devices/add_device_google.py'
19--- identityprovider/tests/acceptance/devices/add_device_google.py 2012-02-22 20:32:44 +0000
20+++ identityprovider/tests/acceptance/devices/add_device_google.py 2012-04-09 20:00:32 +0000
21@@ -4,19 +4,19 @@
22 from canonical.isd.tests.sst import config
23 from oath import hotp
24 from sst.actions import *
25+from django.conf import settings
26
27 import helpers
28 from devices import (
29- click_add_device_button, click_add_new_device_link
30+ click_add_device_button,
31+ click_add_new_device_link,
32+ delete_device,
33 )
34
35
36 config.set_base_url_from_env()
37-# TODO: remove once staging / production have two-factor authentication
38-check_flags('TWOFACTOR')
39
40-# Create account and login
41-email = helpers.register_account()
42+email = helpers.login_or_register_account()
43
44 # Go to the authentication devices page
45 click_link('devices-link')
46@@ -60,3 +60,6 @@
47 assert_table_has_rows('device-list', 1)
48 assert_table_row_contains_text('device-list', 0,
49 ['My Google Device', 'Delete'], regex=True)
50+
51+# clean up afterward, delete device
52+delete_device()
53
54=== modified file 'identityprovider/tests/acceptance/devices/add_device_yubikey.py'
55--- identityprovider/tests/acceptance/devices/add_device_yubikey.py 2012-02-22 20:32:44 +0000
56+++ identityprovider/tests/acceptance/devices/add_device_yubikey.py 2012-04-09 20:00:32 +0000
57@@ -3,18 +3,18 @@
58 from oath import hotp
59 from sst.actions import *
60
61+from django.conf import settings
62 import helpers
63 from devices import (
64- click_add_device_button, click_add_new_device_link
65+ click_add_device_button,
66+ click_add_new_device_link,
67+ delete_device,
68 )
69
70
71 config.set_base_url_from_env()
72-# TODO: remove once staging / production have two-factor authentication
73-check_flags('TWOFACTOR')
74
75-# Create account and login
76-email = helpers.register_account()
77+email = helpers.login_or_register_account()
78
79 # Go to the authentication devices page
80 click_link('devices-link')
81@@ -43,3 +43,5 @@
82 assert_table_row_contains_text('device-list', 0,
83 ['My YubiKey', 'Delete'], regex=True)
84
85+# clean up afterward, delete device
86+delete_device()
87
88=== modified file 'identityprovider/tests/acceptance/devices/add_two_devices.py'
89--- identityprovider/tests/acceptance/devices/add_two_devices.py 2012-03-02 10:22:00 +0000
90+++ identityprovider/tests/acceptance/devices/add_two_devices.py 2012-04-09 20:00:32 +0000
91@@ -5,16 +5,16 @@
92
93 import helpers
94 from devices import (
95- add_device, click_add_device_button, click_add_new_device_link
96+ add_device,
97+ click_add_device_button,
98+ click_add_new_device_link,
99+ delete_device,
100 )
101
102
103 config.set_base_url_from_env()
104-# TODO: remove once staging / production have two-factor authentication
105-check_flags('TWOFACTOR')
106
107-# Create account and login
108-helpers.register_account()
109+helpers.login_or_register_account()
110
111 # Add an authentication device
112 aes_key = add_device('This device')
113@@ -50,3 +50,8 @@
114 assert_table_has_rows('device-list', 2)
115 assert_table_row_contains_text('device-list', 1,
116 ['This device (1)', 'Rename Delete'])
117+
118+# clean up afterward, delete 2 devices
119+delete_device()
120+delete_device()
121+
122
123=== modified file 'identityprovider/tests/acceptance/devices/delete_device.py'
124--- identityprovider/tests/acceptance/devices/delete_device.py 2012-02-22 20:32:44 +0000
125+++ identityprovider/tests/acceptance/devices/delete_device.py 2012-04-09 20:00:32 +0000
126@@ -9,12 +9,8 @@
127
128
129 config.set_base_url_from_env()
130-# TODO: remove once staging / production have two-factor authentication
131-check_flags('TWOFACTOR')
132-
133-
134-# Create account and login
135-helpers.register_account()
136+
137+helpers.login_or_register_account()
138
139 # Add an authentication device
140 aes_key = add_device('This device')
141
142=== modified file 'identityprovider/tests/acceptance/devices/rename_device.py'
143--- identityprovider/tests/acceptance/devices/rename_device.py 2012-02-13 16:12:21 +0000
144+++ identityprovider/tests/acceptance/devices/rename_device.py 2012-04-09 20:00:32 +0000
145@@ -7,19 +7,17 @@
146 assert_device,
147 assert_no_device,
148 rename_device,
149+ delete_device,
150 )
151
152 config.set_base_url_from_env()
153-# TODO: remove once staging / production have two-factor authentication
154-check_flags('TWOFACTOR')
155-
156
157 # happy path
158
159-# create an account and log in
160-helpers.register_account(password='Password1')
161-# add a new device
162-name = 'device'
163+helpers.login_or_register_account()
164+
165+# add a new device with unicode character and white space
166+name = 'device name'
167 add_device(name)
168 # make sure device exists
169 assert_device(name)
170@@ -56,3 +54,7 @@
171 'The name must contain at least one non-whitespace character.')
172 # cancel and go back
173 click_link(get_element(tag='a', text='cancel'))
174+
175+# clean up afterward, delete device
176+delete_device()
177+
178
179=== modified file 'identityprovider/tests/acceptance/shared/devices.py'
180--- identityprovider/tests/acceptance/shared/devices.py 2012-02-22 20:32:44 +0000
181+++ identityprovider/tests/acceptance/shared/devices.py 2012-04-09 20:00:32 +0000
182@@ -15,8 +15,9 @@
183
184
185 def click_delete_button():
186+ # Clicks the first Delete button it finds
187 # this button is actually a link
188- click_link(get_element(tag='a', text_regex='Delete'))
189+ click_link(get_elements(tag='a', text_regex='Delete')[0])
190
191
192 def assert_device(name):
193@@ -47,6 +48,15 @@
194 click_add_device_button()
195 return aes_key
196
197+def delete_device():
198+ # Click on the delete button
199+ click_delete_button()
200+ # Click on ok
201+ click_button(get_element(tag='button', text='Delete this device'))
202+ # Check we are back on the device-list page
203+ assert_url('/device-list')
204+ # Check that our device has been deleted
205+ fails(get_element, 'device-list')
206
207 def rename_device(name, new_name):
208 click_link(get_element(tag='a', text_regex='Rename'))
209
210=== modified file 'identityprovider/tests/acceptance/shared/helpers.py'
211--- identityprovider/tests/acceptance/shared/helpers.py 2012-03-30 16:01:27 +0000
212+++ identityprovider/tests/acceptance/shared/helpers.py 2012-04-09 20:00:32 +0000
213@@ -105,6 +105,15 @@
214 assert_title('Complete email address validation')
215 click_button(get_element(name='continue'))
216
217+def login_or_register_account():
218+ # if developer instance, create an account and log in
219+ if get_base_url() == 'http://localhost:8000/':
220+ email = register_account()
221+ # else use the sanctified QA Account
222+ else:
223+ login_to_isdqa_account()
224+ email = settings.QA_ACCOUNT_EMAIL
225+ return email
226
227 def login(email, password):
228 go_to('/')
229@@ -198,6 +207,21 @@
230 register_account(settings.TEST_ACCOUNT_EMAIL, "Test Account",
231 settings.TEST_ACCOUNT_PASSWORD)
232
233+def login_to_isdqa_account():
234+ from sst import actions
235+
236+ global _LAST_EMAIL, _LAST_PASSWORD
237+
238+ login(settings.QA_ACCOUNT_EMAIL, settings.QA_ACCOUNT_PASSWORD)
239+ # Wait for the reload
240+ wait_for(exists_element, id='ubuntu-header')
241+
242+ if exists_element(tag='span', css_class='error', text="Password didn't match."):
243+ actions._raise("This test requires a test account to be present")
244+
245+ _LAST_EMAIL = settings.QA_ACCOUNT_EMAIL
246+ _LAST_PASSWORD = settings.QA_ACCOUNT_PASSWORD
247+
248
249 def login_from_redirect(email=settings.QA_ACCOUNT_EMAIL,
250 password=settings.QA_ACCOUNT_PASSWORD):