| changeset | 9c3ec0a5c7fc |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | chore: remove __future print_funcion from code. Not needed as of Python 3. |
| files |
| changeset | 98011edc6c60 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | refactor: remove duplicate code block Had the same code inside two different if statements. Replaced with 'if X in [ a, b ] ' and only one copy of the code. |
| files |
| changeset | 5b1b876054ef |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Add test for misc functions; addl. testing check Password.__str__ method. Verify that passwords with under 1000 rounds get upgraded. test bchr, bord, h64encode and h64decode. Add fuzzing for h64* functions. |
| files |
| changeset | 01c1f357363f |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | flake8 fixes Test some unused variables, formatting fixes. |
| files |
| changeset | 19db61be18e0 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | more tests for password.py Test error conditions for: empty passwords and verify setPassword inherits default scheme pbkdf2(), pbkdf2_sha512(), encodePassword() |
| files |
| changeset | b124c38930ed |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | renname test to test_pbkdf2_unpack_errors |
| files |
| changeset | cbeac604d9d5 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Test pbkdf2_unpack error conditions |
| files |
| changeset | 8b2287d850c8 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fix round check/settings in needs_migration Support test rounds in needs_migration Two test were missing os.environ seting to have them use config setting. |
| files |
| changeset | f6b24a8524cd |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Modify code to reduce runtime when testing The prior change to set default number of PBKDF2 rounds to 2000000 (2M) raised runtime in CI from 12 minutes to an hour. This commit checks to see if we are invoked from a pytest test using: if ("pytest" in sys.modules and "PYTEST_CURRENT_TEST" in os.environ): when no config object is present. I assume that the number of times we have a full config object is less than with a missing config object. See if this brings CI runtimes back down. It reduces runtimes on my local box, but.... Code adapted from https://stackoverflow.com/questions/25188119/test-if-code-is-executed-from-within-a-py-test-session/44595269# |
| files |
| changeset | 970cd6d2b8ea |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | issue2551251 - migrate pbkdf2 passwords if more rounds configured migrate/re-encrypt PBKDF2 password if stored password used a smaller number of rounds than set in password_pbkdf2_default_rounds. Also increase fallback number of rounds (when not set in config) to 2,000,000. |
| files |
| changeset | 0b52ee664580 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | tests are breaking with last commit. Restore a hopefully working tree while I figure out what's going on |
| files |
| changeset | cfdcaf8b5936 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | issue2551251 - migrate pbkdf2 passwords if more rounds configured migrate/re-encrypt PBKDF2 password if stored password used a smaller number of rounds than set in password_pbkdf2_default_rounds. Also increase fallback number of rounds (when not set in config) to 2,000,000. |
| files |
| changeset | 120b0bb05b6e |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | issue2551191 - Module deprication PEP 594. crypt Handle missing crypt module "better" by raising an exception rather than just silently failing to log in the user when a crypt encoded password can't be checked. Update tests and upgrading.txt too. |
| files |
| changeset | bdcccd2b2141 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Replace http:....roundup-tracker.org with https. |
| files |
| changeset | d2805ea1a2c3 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | replace assertEquals with assertEqual. |
| files |
| changeset | 10747e4e4ec4 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | replace assertNotEquals with assertNotEqual |
| files |
| changeset | 95a366d46065 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Replace deprecated assertEquals with assertEqual and failUnlessRaises with assertRaises. |
| files |
| changeset | f8893e1cde0d |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | assert_ is depricated. Replacing with assertTrue to reduce logs in travisci. |
| files |
| changeset | d26921b851c3 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Joseph Myers <jsm@polyomino.org.uk> |
| description | Python 3 preparation: make relative imports explicit. Tool-generated patch. |
| files |
| changeset | 64b05e24dbd8 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Joseph Myers <jsm@polyomino.org.uk> |
| description | Python 3 preparation: convert print to a function. Tool-assisted patch. It is possible that some "from __future__ import print_function" are not in fact needed, if a file only uses print() with a single string as an argument and so would work fine in Python 2 without that import. |
| files |
| changeset | c94fd717e28c |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fix http://issues.roundup-tracker.org/issue2550952 make __call__ method of a class usable as a check function. |
| files |
| changeset | 16a8a3f0772c |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Reset state of: self.db.security.set_props_only_default(False) at end of testGetPermission. I thought each test_X module had a fresh environment an load of all modules. I guess that is not the case as not resetting the props_only default to false seemed to bleed into the testAuthFilter in text_xmlrpc.py. However the funny part is it only caused problem in travis ci. Not in my manual running of the full test suite on two platforms. However I am pulling errors because the framework is not skipping the postgres tests for text_xmlrpc. Maybe that failure is hiding something?? If I run just the test_xmlrpc module I would not expect an issue since the security test suite won't be invoked. I am using different versions of the test harness and python so maybe..... |
| files |
| changeset | e0732fd6a6c7 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | rouilj@uland |
| description | Implement props_only feature for permissions. |
| files |
| changeset | 36630a062fb5 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Check in enhanced form for check command used by addPermission. New form can include a **context dictionary that allows access to the name of the property, class, and permission being checked. This should make designing more complex permission requirements easier. |
| files |
| changeset | 364c54991861 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Kristensen <john@jerrykan.com> |
| description | Remove unneeded TestSuite code from tests The TestSuite code is no longer needed now that we are using py.test which can automatically discover tests |
| files |
| changeset | 63c79c0992ae |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Kristensen <john@jerrykan.com> |
| description | Update tests to work with py.test py.test searches for any class that looks like a TestCase in the test directory and tries to run them as tests. Some of the classes that inherit TestCase are not meant to be run and are only intended to be "helper classes". Only the tests of the classes that inherit the "helper classes" should be run. If we convert these "helper classes" to be "mixins" py.test should not pick them up. |
| files |
| changeset | 6e3e4f24c753 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Eric S. Raymond <esr@thyrsus.com> |
| description | Remove keyword expansions from CVS. All regression tests passed afterwards. |
| files |
| changeset | 1613754d2646 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net> |
| description | Fix first part of Password handling security issue2550688 (thanks Joseph Myers for reporting and Eli Collins for fixing) Small change against original patch: We still accept plaintext passwords (in known_schemes) when parsing encrypted password (e.g. from database). This way existing databases with plaintext passwords continue to work (I don't know of any, this would need patching on the users side) and all regression tests pass. |
| files |
| changeset | 8137456a86f3 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net> |
| description | more fixes to search permissions: - require that for links and multilinks the searching user has access to at least the orderprop, labelprop, and ID of the linked class - allow combinations of roles: we previosly required that for transitive properties all elements where searchable by the same role. We now allow that the roles can be different for each property. This allows assigning different roles to different sub-systems and allowing users having all required roles to search across subsystems. - regression test updated - fix doc/upgrading example for new signature of roleHasSearchPermission |
| files |
| changeset | 222efa59ee6c |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net> |
| description | search permissions must allow transitive properties |
| files |
| changeset | 75dc225613cc |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | fix security check for hasPermission(Permission, None) add hasRole to HTMLUser |
| files |
| changeset | ac1803a09920 |
|---|---|
| branch | maint-0.8 |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | far more merging from HEAD than is good |
| files |
| changeset | c26f2ba69c78 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | some bits I missed, and the next release will be beta ;) |
| files |
| changeset | 460eb0209a9e |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | Permissions improvements. - have Permissions only test the check function if itemid is suppled - modify index templates to check for row-level Permission - more documentation of security mechanisms - better unit tests for security mechanisms |
| files |
| changeset | 79f91a6dbc7f |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Alexander Smishlajev <a1s@users.sourceforge.net> |
| description | use new backends interface; fix vim modeline |
| files |
| changeset | f63aa57386b0 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | Backend improvements. - using Zope3's test runner now, allowing GC checks, nicer controls and coverage analysis - all RDMBS backends now have indexes on several columns - added testing of schema mutation, fixed rdbms backends handling of a couple of cases - !BETA! added postgresql backend, needs work !BETA! |
| files |
| changeset | bd3b57859c37 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | On second thought, that last checkin was dumb. The old, nasty, for-purely-historical-reasons journaltag-as-username has gone away now. The code should handle existing journaltag-as-username entries, but will use userid from now on. |
| files |
| changeset | 9b910e8d987d |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | removed Log |
| files |
| changeset | ef9c759c243e |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | Fix to hasPermission, thanks Stefan Seefeld. |
| files |
| changeset | 502a5ae11cc5 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | Very close now. The cgi and mailgw now use the new security API. The two templates have been migrated to that setup. Lots of unit tests. Still some issue in the web form for editing Roles assigned to users. |
| files |
| changeset | b0d3d3535998 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Richard Jones <richard@users.sourceforge.net> |
| description | Bugger it. Here's the current shape of the new security implementation. Still to do: . call the security funcs from cgi and mailgw . change shipped templates to include correct initialisation and remove the old config vars ... that seems like a lot. The bulk of the work has been done though. Honest :) |
| files |