Make email addresses optional in external auth if email feature is turned off
Before this change, external auth such as Keystone would fail if a user without an email address tried to login, even if the email feature was disabled.
This commit is contained in:
Joseph Schorr
parent
934cdecbd6
commit
d7f56350a4
18 changed files with 206 additions and 93 deletions
|
|
@ -76,7 +76,14 @@ class TestLDAP(unittest.TestCase):
|
|||
})
|
||||
|
||||
self.mockldap.start()
|
||||
self.ldap = self._create_ldap(requires_email=True)
|
||||
|
||||
def tearDown(self):
|
||||
self.mockldap.stop()
|
||||
finished_database_for_testing(self)
|
||||
self.ctx.__exit__(True, None, None)
|
||||
|
||||
def _create_ldap(self, requires_email=True):
|
||||
base_dn = ['dc=quay', 'dc=io']
|
||||
admin_dn = 'uid=testy,ou=employees,dc=quay,dc=io'
|
||||
admin_passwd = 'password'
|
||||
|
|
@ -86,15 +93,9 @@ class TestLDAP(unittest.TestCase):
|
|||
secondary_user_rdns = ['ou=otheremployees']
|
||||
|
||||
ldap = LDAPUsers('ldap://localhost', base_dn, admin_dn, admin_passwd, user_rdn,
|
||||
uid_attr, email_attr, secondary_user_rdns=secondary_user_rdns)
|
||||
|
||||
self.ldap = ldap
|
||||
|
||||
|
||||
def tearDown(self):
|
||||
self.mockldap.stop()
|
||||
finished_database_for_testing(self)
|
||||
self.ctx.__exit__(True, None, None)
|
||||
uid_attr, email_attr, secondary_user_rdns=secondary_user_rdns,
|
||||
requires_email=requires_email)
|
||||
return ldap
|
||||
|
||||
def test_invalid_admin_password(self):
|
||||
base_dn = ['dc=quay', 'dc=io']
|
||||
|
|
@ -144,10 +145,15 @@ class TestLDAP(unittest.TestCase):
|
|||
self.assertEquals(err_msg, 'Invalid user')
|
||||
|
||||
def test_missing_mail(self):
|
||||
(response, err_msg) = self.ldap.verify_and_link_user('nomail', 'somepass')
|
||||
(response, err_msg) = self.ldap.get_user('nomail')
|
||||
self.assertIsNone(response)
|
||||
self.assertEquals('Missing mail field "mail" in user record', err_msg)
|
||||
|
||||
def test_missing_mail_allowed(self):
|
||||
ldap = self._create_ldap(requires_email=False)
|
||||
(response, _) = ldap.get_user('nomail')
|
||||
self.assertEquals(response.username, 'nomail')
|
||||
|
||||
def test_confirm_different_username(self):
|
||||
# Verify that the user is logged in and their username was adjusted.
|
||||
(response, _) = self.ldap.verify_and_link_user('cool.user', 'somepass')
|
||||
|
|
|
|||
Reference in a new issue