From 8a64e854350939fae17afaa4858abfac64b93f9b Mon Sep 17 00:00:00 2001 From: David Glick Date: Sun, 18 Sep 2022 19:30:04 -0700 Subject: [PATCH 1/3] Use longer passwords for tests --- ...unctional_test_comment_review_workflow.txt | 7 ++++--- .../tests/functional_test_comments.txt | 19 ++++++++++--------- .../discussion/tests/test_comments_viewlet.py | 3 ++- plone/app/discussion/tests/test_workflow.py | 11 ++++++----- 4 files changed, 22 insertions(+), 18 deletions(-) diff --git a/plone/app/discussion/tests/functional_test_comment_review_workflow.txt b/plone/app/discussion/tests/functional_test_comment_review_workflow.txt index 099ce9f..1bcae9b 100644 --- a/plone/app/discussion/tests/functional_test_comment_review_workflow.txt +++ b/plone/app/discussion/tests/functional_test_comment_review_workflow.txt @@ -18,9 +18,10 @@ First we have to set up some things and login. >>> app = layer['app'] >>> from plone.testing.z2 import Browser + >>> from plone.app.testing import TEST_USER_PASSWORD >>> browser = Browser(app) >>> browser.handleErrors = False - >>> browser.addHeader('Authorization', 'Basic admin:secret') + >>> browser.addHeader('Authorization', f'Basic admin:{TEST_USER_PASSWORD}') >>> portal = layer['portal'] >>> portal_url = 'http://nohost/plone' @@ -142,7 +143,7 @@ actions. >>> browser.open(portal_url + '/logout') >>> browser.open(portal_url + '/login_form') >>> browser.getControl(name='__ac_name').value = 'jack' - >>> browser.getControl(name='__ac_password').value = 'secret' + >>> browser.getControl(name='__ac_password').value = TEST_USER_PASSWORD >>> browser.getControl('Log in').click() >>> browser.open(urldoc) @@ -240,7 +241,7 @@ Enable anonymous comment with email. >>> browser.open(portal_url + '/logout') >>> browser.open(portal_url + '/login_form') >>> browser.getControl(name='__ac_name').value = 'admin' - >>> browser.getControl(name='__ac_password').value = 'secret' + >>> browser.getControl(name='__ac_password').value = TEST_USER_PASSWORD >>> browser.getControl('Log in').click() >>> browser.open(portal_url+'/@@discussion-controlpanel') >>> browser.getControl(name='form.widgets.anonymous_comments:list').value = 'selected' diff --git a/plone/app/discussion/tests/functional_test_comments.txt b/plone/app/discussion/tests/functional_test_comments.txt index 939d14d..d6e6036 100644 --- a/plone/app/discussion/tests/functional_test_comments.txt +++ b/plone/app/discussion/tests/functional_test_comments.txt @@ -15,9 +15,10 @@ First we have to set up some things and login. >>> app = layer['app'] >>> from plone.testing.z2 import Browser + >>> from plone.app.testing import TEST_USER_PASSWORD >>> browser = Browser(app) >>> browser.handleErrors = False - >>> browser.addHeader('Authorization', 'Basic admin:secret') + >>> browser.addHeader('Authorization', f'Basic admin:{TEST_USER_PASSWORD}') >>> portal = layer['portal'] >>> portal_url = 'http://nohost/plone' @@ -122,7 +123,7 @@ Login as user (without the 'Member' role). >>> browser_user.open(portal_url + '/login_form') >>> browser_user.getControl(name='__ac_name').value = 'johndoe' - >>> browser_user.getControl(name='__ac_password').value = 'secret' + >>> browser_user.getControl(name='__ac_password').value = TEST_USER_PASSWORD >>> browser_user.getControl('Log in').click() Users without the 'Reply to item' permission will not see the comment form, @@ -142,7 +143,7 @@ Post a comment as member Login as user 'jim'. >>> browser_member.open(portal_url + '/login_form') >>> browser_member.getControl(name='__ac_name').value = 'jim' - >>> browser_member.getControl(name='__ac_password').value = 'secret' + >>> browser_member.getControl(name='__ac_password').value = TEST_USER_PASSWORD >>> browser_member.getControl('Log in').click() Post a comment as user jim. @@ -176,7 +177,7 @@ Enable anonymous comment >>> browser.open(portal_url + '/logout') >>> browser.open(portal_url + '/login_form') >>> browser.getControl(name='__ac_name').value = 'admin' - >>> browser.getControl(name='__ac_password').value = 'secret' + >>> browser.getControl(name='__ac_password').value = TEST_USER_PASSWORD >>> browser.getControl('Log in').click() >>> browser.open(portal_url+'/@@discussion-controlpanel') >>> browser.getControl(name='form.widgets.anonymous_comments:list').value = 'selected' @@ -248,7 +249,7 @@ Log in as admin >>> browser.getLink('Log out').click() >>> browser.open(portal_url + '/login_form') >>> browser.getControl('Login Name').value = 'admin' - >>> browser.getControl('Password').value = 'secret' + >>> browser.getControl('Password').value = TEST_USER_PASSWORD >>> browser.getControl('Log in').click() Use the Plone control panel to enable comment editing. @@ -380,7 +381,7 @@ Now login as user 'reviewer' >>> browser_reviewer.open(portal_url + '/login_form') >>> browser_reviewer.getControl(name='__ac_name').value = 'reviewer' - >>> browser_reviewer.getControl(name='__ac_password').value = 'secret' + >>> browser_reviewer.getControl(name='__ac_password').value = TEST_USER_PASSWORD >>> browser_reviewer.getControl('Log in').click() Admin and who have 'Delete comments' permission (reviewers for example), can delete comments @@ -450,7 +451,7 @@ Login as admin. >>> browser.open(portal_url + '/login_form') >>> browser.getControl(name='__ac_name').value = 'admin' - >>> browser.getControl(name='__ac_password').value = 'secret' + >>> browser.getControl(name='__ac_password').value = TEST_USER_PASSWORD >>> browser.getControl('Log in').click() Edit the content object. @@ -479,7 +480,7 @@ Edit the control panel. >>> browser.open(portal_url + '/logout') >>> browser.open(portal_url + '/login_form') >>> browser.getControl(name='__ac_name').value = 'admin' - >>> browser.getControl(name='__ac_password').value = 'secret' + >>> browser.getControl(name='__ac_password').value = TEST_USER_PASSWORD >>> browser.getControl('Log in').click() >>> browser.open(portal_url+'/@@discussion-controlpanel') >>> browser.getControl(name='form.widgets.anonymous_email_enabled:list').value = 'selected' @@ -531,7 +532,7 @@ Login as user 'jim'. >>> browser_member.open(portal_url + '/login_form') >>> browser_member.getControl(name='__ac_name').value = 'jim' - >>> browser_member.getControl(name='__ac_password').value = 'secret' + >>> browser_member.getControl(name='__ac_password').value = TEST_USER_PASSWORD >>> browser_member.getControl('Log in').click() Post a comment as user jim. diff --git a/plone/app/discussion/tests/test_comments_viewlet.py b/plone/app/discussion/tests/test_comments_viewlet.py index 54a18bd..de325e3 100644 --- a/plone/app/discussion/tests/test_comments_viewlet.py +++ b/plone/app/discussion/tests/test_comments_viewlet.py @@ -13,6 +13,7 @@ from plone.app.testing import logout from plone.app.testing import setRoles from plone.app.testing import TEST_USER_ID from plone.app.testing import TEST_USER_NAME +from plone.app.testing import TEST_USER_PASSWORD from plone.registry.interfaces import IRegistry from Products.CMFCore.utils import getToolByName from z3c.form.interfaces import IFormLayer @@ -515,7 +516,7 @@ class TestCommentsViewlet(unittest.TestCase): # Anonymous has no 'can review' permission self.assertFalse(self.viewlet.can_review()) # The reviewer role has the 'Review comments' permission - self.portal.acl_users._doAddUser("reviewer", "secret", ["Reviewer"], []) + self.portal.acl_users._doAddUser("reviewer", TEST_USER_PASSWORD, ["Reviewer"], []) login(self.portal, "reviewer") self.assertTrue(self.viewlet.can_review()) diff --git a/plone/app/discussion/tests/test_workflow.py b/plone/app/discussion/tests/test_workflow.py index ece7d8a..39fb219 100644 --- a/plone/app/discussion/tests/test_workflow.py +++ b/plone/app/discussion/tests/test_workflow.py @@ -9,6 +9,7 @@ from plone.app.testing import logout from plone.app.testing import setRoles from plone.app.testing import TEST_USER_ID from plone.app.testing import TEST_USER_NAME +from plone.app.testing import TEST_USER_PASSWORD from Products.CMFCore.permissions import View from Products.CMFCore.utils import _checkPermission as checkPerm from zope.component import createObject @@ -128,11 +129,11 @@ class CommentOneStateWorkflowTest(unittest.TestCase): f"++conversation++default/{cid}", ) - self.portal.acl_users._doAddUser("member", "secret", ["Member"], []) - self.portal.acl_users._doAddUser("reviewer", "secret", ["Reviewer"], []) - self.portal.acl_users._doAddUser("manager", "secret", ["Manager"], []) - self.portal.acl_users._doAddUser("editor", " secret", ["Editor"], []) - self.portal.acl_users._doAddUser("reader", "secret", ["Reader"], []) + self.portal.acl_users._doAddUser("member", TEST_USER_PASSWORD, ["Member"], []) + self.portal.acl_users._doAddUser("reviewer", TEST_USER_PASSWORD, ["Reviewer"], []) + self.portal.acl_users._doAddUser("manager", TEST_USER_PASSWORD, ["Manager"], []) + self.portal.acl_users._doAddUser("editor", TEST_USER_PASSWORD, ["Editor"], []) + self.portal.acl_users._doAddUser("reader", TEST_USER_PASSWORD, ["Reader"], []) def test_initial_workflow_state(self): """Make sure the initial workflow state of a comment is 'private'.""" From d7c5d271c43a1fdd5472280e119a33673ff9a37a Mon Sep 17 00:00:00 2001 From: David Glick Date: Sun, 18 Sep 2022 19:31:09 -0700 Subject: [PATCH 2/3] changelog --- news/203.bugfix | 1 + 1 file changed, 1 insertion(+) create mode 100644 news/203.bugfix diff --git a/news/203.bugfix b/news/203.bugfix new file mode 100644 index 0000000..d1b185c --- /dev/null +++ b/news/203.bugfix @@ -0,0 +1 @@ +- Use longer passwords in tests. [davisagli] From cf68b9ece0c38978445b5f7e40a39d9b9723dbe1 Mon Sep 17 00:00:00 2001 From: David Glick Date: Sun, 18 Sep 2022 20:46:04 -0700 Subject: [PATCH 3/3] missed file --- plone/app/discussion/testing.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/plone/app/discussion/testing.py b/plone/app/discussion/testing.py index 01ea305..8d05702 100644 --- a/plone/app/discussion/testing.py +++ b/plone/app/discussion/testing.py @@ -7,6 +7,7 @@ from plone.app.testing import IntegrationTesting from plone.app.testing import PloneSandboxLayer from plone.app.testing import setRoles from plone.app.testing import TEST_USER_ID +from plone.app.testing import TEST_USER_PASSWORD from plone.registry.interfaces import IRegistry from Products.CMFCore.utils import getToolByName from zope.component import queryUtility @@ -25,16 +26,16 @@ class PloneAppDiscussion(PloneSandboxLayer): defaultBases = (PLONE_APP_CONTENTTYPES_FIXTURE,) USER_NAME = "johndoe" - USER_PASSWORD = "secret" + USER_PASSWORD = TEST_USER_PASSWORD MEMBER_NAME = "janedoe" - MEMBER_PASSWORD = "secret" + MEMBER_PASSWORD = TEST_USER_PASSWORD USER_WITH_FULLNAME_NAME = "jim" USER_WITH_FULLNAME_FULLNAME = "Jim Fulton" - USER_WITH_FULLNAME_PASSWORD = "secret" + USER_WITH_FULLNAME_PASSWORD = TEST_USER_PASSWORD MANAGER_USER_NAME = "manager" - MANAGER_USER_PASSWORD = "secret" + MANAGER_USER_PASSWORD = TEST_USER_PASSWORD REVIEWER_NAME = "reviewer" - REVIEWER_PASSWORD = "secret" + REVIEWER_PASSWORD = TEST_USER_PASSWORD def setUpZope(self, app, configurationContext): # Load ZCML