nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-02-04 08:13:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/plinth/modules/users/tests/users.feature
Veiko Aasa dfaf009d3c
users: Require admin credentials when creating or editing a user 
This change prevents the plinth user to become a superuser without
knowing an admin password.

Users module and action script:
- User credentials are now required for the subcommands: create-user,
  set-user-password, add-user-to-group (if the group is admin),
  remove-user-from-group (if the group is admin), set-user-status,
  remove-user (if the removed user is the last admin user.
  Note: the web UI doesn't allow to delete last admin user).
- subcommand remove-users requires authentication if the user is last
  admin user. Password must be provided through standard input.
- subcommand remove-group: do not allow to remove group 'admin'
- User credentials must be provided using the argument
  --auth-user and a passsword must be provided through standard input.
- If there are no users in the admin group, no admin password is
  required and if the --auth-user argument is required, it can be an
  empty string.

Users web UI:
- An admin needs to enter current password to create and edit a user
  and to change user's password.
- Show more detailed error text on exceptions when submitting forms.
- Show page title on the edit and create user pages.

Users unit and functional tests:
- Added a configuration parameters to the pytest configuration file
  to set current admin user/password.
- Added a configuration parameter 'ssh_port' to the functional tests.
  You can overwrite this with the FREEDOMBOX_SSH_PORT environment
  variable. Modified HACKING.md accordingly.
- Added an unit test:
     - test changing the password as a non-admin user.
     - test invalid admin password input.
     - test that removing the admin group fails.
- Capture stdout and stderr in the unit tests when calling an action
  script to be able to see more info on exceptions.
- Added functional tests for setting ssh keys and changing passwords
  for admin and non-admin users.
- Added a functional test for setting a user as active/inactive.

Changes during review [sunil]:
- Move uncommon functional step definitions to users module from global. This is
  keep the common functional step definitions to minimal level and promote when
  needed.
- Minor styling changes, flake8 fixes.
- Don't require pampy module when running non-admin tests. This allows tests to
  be run from outside the container on the host machine without python3-pam
  installed.
- Call the confirm password field 'Authorization Password'. This avoid confusion
  with a very common field 'Confirm Password' which essentially means retype
  your password to ensure you didn't get it wrong. Add label explaining why the
  field exists.
- Don't hard-code /tmp path in test_actions.py. Use tmp_path_factory fixture
  provided by pytest.
- Remove unused _get_password_hash() from actions/users.
- Undo splitting ldapgid output before parsing. It does not seem correct and
  could introduce problems when field values contain spaces.

Tests performed:
- No failed unit tests (run with and without sudo).
- All 'users' functional tests pass.
- Creating an admin user during the first boot wizard succeeds.
- Creating a user using the web UI with an empty or wrong admin
  password fails and with the correct admin password succeeds.
- Editing a user using the web UI with an empty or wrong admin
  password fails and with the correct admin password succeeds.
- Changing user's password using the web UI with an empty or wrong
  admin password fails and with the correct admin password succeeds.
- Above mentioned user action script commands can't be run without
  correct credentials.
- Adding the daemon user to the freedombox-share group succeeds when
  installing certain apps (deluge, mldonkey, syncthing, transmission).

Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Move uncommon functional step definitions to users module from global]
[sunil: Minor styling changes, flake8 fixes]
[sunil: Don't require pampy module when running non-admin tests]
[sunil: Call the confirm password field 'Authorization Password']
[sunil: Don't hard-code /tmp path in test_actions.py]
[sunil: Remove unused _get_password_hash() from actions/users]
[sunil: Undo splitting ldapgid output before parsing]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
2020-10-05 00:05:44 -07:00

106 lines
3.6 KiB
Gherkin
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SPDX-License-Identifier: AGPL-3.0-or-later
# TODO Scenario: Add user to wiki group
# TODO Scenario: Remove user from wiki group
@system @essential @users
Feature: Users and Groups
Manage users and groups.
Background:
Given I'm a logged in user
Scenario: Create user
Given the user alice doesn't exist
When I create a user named alice with password secret123secret123
Then alice should be listed as a user
Scenario: Rename user
Given the user alice exists
Given the user bob doesn't exist
When I rename the user alice to bob
Then alice should not be listed as a user
Then bob should be listed as a user
Scenario: Admin users can change their own ssh keys
When I change the ssh keys to somekey123
Then the ssh keys should be somekey123
Scenario: Non-admin users can change their own ssh keys
Given the user alice with password secret123secret123 exists
And I'm logged in as the user alice with password secret123secret123
When I change my ssh keys to somekey456 with password secret123secret123
Then my ssh keys should be somekey456
Scenario: Admin users can change other user's ssh keys
Given the user alice exists
When I change the ssh keys to alicesomekey123 for the user alice
Then the ssh keys should be alicesomekey123 for the user alice
Scenario: Users can remove ssh keys
Given the ssh keys are somekey123
When I remove the ssh keys
Then the ssh keys should be removed
Scenario: Users can connect passwordless over ssh if the keys are set
Given the ssh application is enabled
And the client has a ssh key
When I configure the ssh keys
Then the client should be able to connect passwordless over ssh
Scenario: Users can't connect passwordless over ssh if the keys aren't set
Given the ssh application is enabled
And the client has a ssh key
And the ssh keys are configured
When I remove the ssh keys
Then the client shouldn't be able to connect passwordless over ssh
Scenario Outline: Change language
When I change the language to <language>
Then Plinth language should be <language>
Examples:
| language |
| dansk |
| Deutsch |
| español |
| français |
| norsk (bokmål) |
| Nederlands |
| polski |
| Português |
| Русский |
| svenska |
| |
| Türkçe |
| |
| None |
Scenario: Admin users can set other users an inactive
Given the user alice with password secret789secret789 exists
When I set the user alice as inactive
Then I can't log in as the user alice with password secret789secret789
Scenario: Admin users can change their own password
Given the admin user testadmin with password testingtesting123 exists
And I'm logged in as the user testadmin with password testingtesting123
When I change my password from testingtesting123 to testingtesting456
Then I can log in as the user testadmin with password testingtesting456
Scenario: Admin user can change other user's password
Given the user alice exists
When I change the user alice password to secretsecret567
Then I can log in as the user alice with password secretsecret567
Scenario: Non-admin users can change their own password
Given the user alice with password secret123secret123 exists
And I'm logged in as the user alice with password secret123secret123
When I change my password from secret123secret123 to secret456secret456
Then I can log in as the user alice with password secret456secret456
Scenario: Delete user
Given the user alice exists
When I delete the user alice
Then alice should not be listed as a user
Reference in New Issue View Git Blame Copy Permalink