def _iter_patch_candidates(cls):
"""helper to scan for monkeypatches.
returns tuple containing:
* object (module or class)
* attribute of object
* value of attribute
* whether it should or should not be patched
"""
# XXX: this and assert_unpatched() could probably be refactored to use
# the PatchManager class to do the heavy lifting.
from django.contrib.auth import models, hashers
user_attrs = ["check_password", "set_password"]
model_attrs = ["check_password", "make_password"]
hasher_attrs = ["check_password", "make_password", "get_hasher", "identify_hasher",
"get_hashers"]
objs = [(models, model_attrs),
(models.User, user_attrs),
(hashers, hasher_attrs),
]
for obj, patched in objs:
for attr in dir(obj):
if attr.startswith("_"):
continue
value = obj.__dict__.get(attr, UNSET) # can't use getattr() due to GAE
if value is UNSET and attr not in patched:
continue
value = get_method_function(value)
source = getattr(value, "__module__", None)
if source:
yield obj, attr, source, (attr in patched)
#===================================================================
# verify current patch state
#===================================================================
python类check_password()的实例源码
def test_01_overwrite_detection(self):
"""test detection of foreign monkeypatching"""
# NOTE: this sets things up, and spot checks two methods,
# this should be enough to verify patch manager is working.
# TODO: test unpatch behavior honors flag.
# configure plugin to use sample context
config = "[passlib]\nschemes=des_crypt\n"
self.load_extension(PASSLIB_CONFIG=config)
# setup helpers
import django.contrib.auth.models as models
from passlib.ext.django.models import adapter
def dummy():
pass
# mess with User.set_password, make sure it's detected
orig = models.User.set_password
models.User.set_password = dummy
with self.assertWarningList("another library has patched.*User\.set_password"):
adapter._manager.check_all()
models.User.set_password = orig
# mess with models.check_password, make sure it's detected
orig = models.check_password
models.check_password = dummy
with self.assertWarningList("another library has patched.*models:check_password"):
adapter._manager.check_all()
models.check_password = orig
def _iter_patch_candidates(cls):
"""helper to scan for monkeypatches.
returns tuple containing:
* object (module or class)
* attribute of object
* value of attribute
* whether it should or should not be patched
"""
# XXX: this and assert_unpatched() could probably be refactored to use
# the PatchManager class to do the heavy lifting.
from django.contrib.auth import models
user_attrs = ["check_password", "set_password"]
model_attrs = ["check_password"]
objs = [(models, model_attrs), (models.User, user_attrs)]
if has_django14:
from django.contrib.auth import hashers
model_attrs.append("make_password")
objs.append((hashers, ["check_password", "make_password",
"get_hasher", "identify_hasher"]))
if has_django0:
user_attrs.extend(["has_usable_password", "set_unusable_password"])
for obj, patched in objs:
for attr in dir(obj):
if attr.startswith("_"):
continue
value = obj.__dict__.get(attr, UNSET) # can't use getattr() due to GAE
if value is UNSET and attr not in patched:
continue
value = get_method_function(value)
source = getattr(value, "__module__", None)
if source:
yield obj, attr, source, (attr in patched)
#===================================================================
# verify current patch state
#===================================================================
def test_01_overwrite_detection(self):
"test detection of foreign monkeypatching"
# NOTE: this sets things up, and spot checks two methods,
# this should be enough to verify patch manager is working.
# TODO: test unpatch behavior honors flag.
# configure plugin to use sample context
config = "[passlib]\nschemes=des_crypt\n"
self.load_extension(PASSLIB_CONFIG=config)
# setup helpers
import django.contrib.auth.models as models
from passlib.ext.django.models import _manager
def dummy():
pass
# mess with User.set_password, make sure it's detected
orig = models.User.set_password
models.User.set_password = dummy
with self.assertWarningList("another library has patched.*User\.set_password"):
_manager.check_all()
models.User.set_password = orig
# mess with models.check_password, make sure it's detected
orig = models.check_password
models.check_password = dummy
with self.assertWarningList("another library has patched.*models:check_password"):
_manager.check_all()
models.check_password = orig
def setUp(self):
# NOTE: omitted orig setup, want to install our extension,
# and load hashers through it instead.
self.load_extension(PASSLIB_CONTEXT=stock_config, check=False)
from passlib.ext.django.models import password_context
# update test module to use our versions of some hasher funcs
from django.contrib.auth import hashers
for attr in ["make_password",
"check_password",
"identify_hasher",
"get_hasher"]:
patchAttr(self, _thmod, attr, getattr(hashers, attr))
# django 1.5 tests expect empty django_des_crypt salt field
if DJANGO_VERSION > (1,4):
from passlib.hash import django_des_crypt
patchAttr(self, django_des_crypt, "use_duplicate_salt", False)
# hack: need password_context to keep up to date with hasher.iterations
if DJANGO_VERSION >= (1,6):
def update_hook(self):
rounds = _thmod.get_hasher("pbkdf2_sha256").iterations
self.update(
django_pbkdf2_sha256__min_rounds=rounds,
django_pbkdf2_sha256__default_rounds=rounds,
django_pbkdf2_sha256__max_rounds=rounds,
)
patchAttr(self, password_context, "__class__", ContextWithHook)
patchAttr(self, password_context, "update_hook", update_hook)
# omitting this test, since it depends on updated to django hasher settings
def _iter_patch_candidates(cls):
"""helper to scan for monkeypatches.
returns tuple containing:
* object (module or class)
* attribute of object
* value of attribute
* whether it should or should not be patched
"""
# XXX: this and assert_unpatched() could probably be refactored to use
# the PatchManager class to do the heavy lifting.
from django.contrib.auth import models
user_attrs = ["check_password", "set_password"]
model_attrs = ["check_password"]
objs = [(models, model_attrs), (models.User, user_attrs)]
if has_django14:
from django.contrib.auth import hashers
model_attrs.append("make_password")
objs.append((hashers, ["check_password", "make_password",
"get_hasher", "identify_hasher"]))
if has_django0:
user_attrs.extend(["has_usable_password", "set_unusable_password"])
for obj, patched in objs:
for attr in dir(obj):
if attr.startswith("_"):
continue
value = obj.__dict__.get(attr, UNSET) # can't use getattr() due to GAE
if value is UNSET and attr not in patched:
continue
value = get_method_function(value)
source = getattr(value, "__module__", None)
if source:
yield obj, attr, source, (attr in patched)
#===================================================================
# verify current patch state
#===================================================================
def test_01_overwrite_detection(self):
"""test detection of foreign monkeypatching"""
# NOTE: this sets things up, and spot checks two methods,
# this should be enough to verify patch manager is working.
# TODO: test unpatch behavior honors flag.
# configure plugin to use sample context
config = "[passlib]\nschemes=des_crypt\n"
self.load_extension(PASSLIB_CONFIG=config)
# setup helpers
import django.contrib.auth.models as models
from passlib.ext.django.models import _manager
def dummy():
pass
# mess with User.set_password, make sure it's detected
orig = models.User.set_password
models.User.set_password = dummy
with self.assertWarningList("another library has patched.*User\.set_password"):
_manager.check_all()
models.User.set_password = orig
# mess with models.check_password, make sure it's detected
orig = models.check_password
models.check_password = dummy
with self.assertWarningList("another library has patched.*models:check_password"):
_manager.check_all()
models.check_password = orig
def setUp(self):
# NOTE: omitted orig setup, want to install our extension,
# and load hashers through it instead.
self.load_extension(PASSLIB_CONTEXT=stock_config, check=False)
from passlib.ext.django.models import password_context
# update test module to use our versions of some hasher funcs
from django.contrib.auth import hashers
for attr in ["make_password",
"check_password",
"identify_hasher",
"get_hasher"]:
patchAttr(self, test_hashers_mod, attr, getattr(hashers, attr))
# django 1.4 tests expect empty django_des_crypt salt field
if DJANGO_VERSION >= (1,4):
from passlib.hash import django_des_crypt
patchAttr(self, django_des_crypt, "use_duplicate_salt", False)
# hack: need password_context to keep up to date with hasher.iterations
if DJANGO_VERSION >= (1,6):
def update_hook(self):
rounds = test_hashers_mod.get_hasher("pbkdf2_sha256").iterations
self.update(
django_pbkdf2_sha256__min_rounds=rounds,
django_pbkdf2_sha256__default_rounds=rounds,
django_pbkdf2_sha256__max_rounds=rounds,
)
patchAttr(self, password_context, "__class__", ContextWithHook)
patchAttr(self, password_context, "update_hook", update_hook)
# omitting this test, since it depends on updated to django hasher settings
def _iter_patch_candidates(cls):
"""helper to scan for monkeypatches.
returns tuple containing:
* object (module or class)
* attribute of object
* value of attribute
* whether it should or should not be patched
"""
# XXX: this and assert_unpatched() could probably be refactored to use
# the PatchManager class to do the heavy lifting.
from django.contrib.auth import models, hashers
user_attrs = ["check_password", "set_password"]
model_attrs = ["check_password", "make_password"]
hasher_attrs = ["check_password", "make_password", "get_hasher", "identify_hasher",
"get_hashers"]
objs = [(models, model_attrs),
(models.User, user_attrs),
(hashers, hasher_attrs),
]
for obj, patched in objs:
for attr in dir(obj):
if attr.startswith("_"):
continue
value = obj.__dict__.get(attr, UNSET) # can't use getattr() due to GAE
if value is UNSET and attr not in patched:
continue
value = get_method_function(value)
source = getattr(value, "__module__", None)
if source:
yield obj, attr, source, (attr in patched)
#===================================================================
# verify current patch state
#===================================================================
def test_01_overwrite_detection(self):
"""test detection of foreign monkeypatching"""
# NOTE: this sets things up, and spot checks two methods,
# this should be enough to verify patch manager is working.
# TODO: test unpatch behavior honors flag.
# configure plugin to use sample context
config = "[passlib]\nschemes=des_crypt\n"
self.load_extension(PASSLIB_CONFIG=config)
# setup helpers
import django.contrib.auth.models as models
from passlib.ext.django.models import adapter
def dummy():
pass
# mess with User.set_password, make sure it's detected
orig = models.User.set_password
models.User.set_password = dummy
with self.assertWarningList("another library has patched.*User\.set_password"):
adapter._manager.check_all()
models.User.set_password = orig
# mess with models.check_password, make sure it's detected
orig = models.check_password
models.check_password = dummy
with self.assertWarningList("another library has patched.*models:check_password"):
adapter._manager.check_all()
models.check_password = orig
def _iter_patch_candidates(cls):
"""helper to scan for monkeypatches.
returns tuple containing:
* object (module or class)
* attribute of object
* value of attribute
* whether it should or should not be patched
"""
# XXX: this and assert_unpatched() could probably be refactored to use
# the PatchManager class to do the heavy lifting.
from django.contrib.auth import models
user_attrs = ["check_password", "set_password"]
model_attrs = ["check_password"]
objs = [(models, model_attrs), (models.User, user_attrs)]
if has_django14:
from django.contrib.auth import hashers
model_attrs.append("make_password")
objs.append((hashers, ["check_password", "make_password",
"get_hasher", "identify_hasher"]))
if has_django0:
user_attrs.extend(["has_usable_password", "set_unusable_password"])
for obj, patched in objs:
for attr in dir(obj):
if attr.startswith("_"):
continue
value = obj.__dict__.get(attr, UNSET) # can't use getattr() due to GAE
if value is UNSET and attr not in patched:
continue
value = get_method_function(value)
source = getattr(value, "__module__", None)
if source:
yield obj, attr, source, (attr in patched)
#===================================================================
# verify current patch state
#===================================================================
def test_01_overwrite_detection(self):
"test detection of foreign monkeypatching"
# NOTE: this sets things up, and spot checks two methods,
# this should be enough to verify patch manager is working.
# TODO: test unpatch behavior honors flag.
# configure plugin to use sample context
config = "[passlib]\nschemes=des_crypt\n"
self.load_extension(PASSLIB_CONFIG=config)
# setup helpers
import django.contrib.auth.models as models
from passlib.ext.django.models import _manager
def dummy():
pass
# mess with User.set_password, make sure it's detected
orig = models.User.set_password
models.User.set_password = dummy
with self.assertWarningList("another library has patched.*User\.set_password"):
_manager.check_all()
models.User.set_password = orig
# mess with models.check_password, make sure it's detected
orig = models.check_password
models.check_password = dummy
with self.assertWarningList("another library has patched.*models:check_password"):
_manager.check_all()
models.check_password = orig
def setUp(self):
# NOTE: omitted orig setup, want to install our extension,
# and load hashers through it instead.
self.load_extension(PASSLIB_CONTEXT=stock_config, check=False)
from passlib.ext.django.models import password_context
# update test module to use our versions of some hasher funcs
from django.contrib.auth import hashers
for attr in ["make_password",
"check_password",
"identify_hasher",
"get_hasher"]:
patchAttr(self, _thmod, attr, getattr(hashers, attr))
# django 1.5 tests expect empty django_des_crypt salt field
if DJANGO_VERSION > (1,4):
from passlib.hash import django_des_crypt
patchAttr(self, django_des_crypt, "use_duplicate_salt", False)
# hack: need password_context to keep up to date with hasher.iterations
if DJANGO_VERSION >= (1,6):
def update_hook(self):
rounds = _thmod.get_hasher("pbkdf2_sha256").iterations
self.update(
django_pbkdf2_sha256__min_rounds=rounds,
django_pbkdf2_sha256__default_rounds=rounds,
django_pbkdf2_sha256__max_rounds=rounds,
)
patchAttr(self, password_context, "__class__", ContextWithHook)
patchAttr(self, password_context, "update_hook", update_hook)
# omitting this test, since it depends on updated to django hasher settings
def _iter_patch_candidates(cls):
"""helper to scan for monkeypatches.
returns tuple containing:
* object (module or class)
* attribute of object
* value of attribute
* whether it should or should not be patched
"""
# XXX: this and assert_unpatched() could probably be refactored to use
# the PatchManager class to do the heavy lifting.
from django.contrib.auth import models
user_attrs = ["check_password", "set_password"]
model_attrs = ["check_password"]
objs = [(models, model_attrs), (models.User, user_attrs)]
if has_django14:
from django.contrib.auth import hashers
model_attrs.append("make_password")
objs.append((hashers, ["check_password", "make_password",
"get_hasher", "identify_hasher"]))
if has_django0:
user_attrs.extend(["has_usable_password", "set_unusable_password"])
for obj, patched in objs:
for attr in dir(obj):
if attr.startswith("_"):
continue
value = obj.__dict__.get(attr, UNSET) # can't use getattr() due to GAE
if value is UNSET and attr not in patched:
continue
value = get_method_function(value)
source = getattr(value, "__module__", None)
if source:
yield obj, attr, source, (attr in patched)
#===================================================================
# verify current patch state
#===================================================================
def test_01_overwrite_detection(self):
"""test detection of foreign monkeypatching"""
# NOTE: this sets things up, and spot checks two methods,
# this should be enough to verify patch manager is working.
# TODO: test unpatch behavior honors flag.
# configure plugin to use sample context
config = "[passlib]\nschemes=des_crypt\n"
self.load_extension(PASSLIB_CONFIG=config)
# setup helpers
import django.contrib.auth.models as models
from passlib.ext.django.models import _manager
def dummy():
pass
# mess with User.set_password, make sure it's detected
orig = models.User.set_password
models.User.set_password = dummy
with self.assertWarningList("another library has patched.*User\.set_password"):
_manager.check_all()
models.User.set_password = orig
# mess with models.check_password, make sure it's detected
orig = models.check_password
models.check_password = dummy
with self.assertWarningList("another library has patched.*models:check_password"):
_manager.check_all()
models.check_password = orig
def setUp(self):
# NOTE: omitted orig setup, want to install our extension,
# and load hashers through it instead.
self.load_extension(PASSLIB_CONTEXT=stock_config, check=False)
from passlib.ext.django.models import password_context
# update test module to use our versions of some hasher funcs
from django.contrib.auth import hashers
for attr in ["make_password",
"check_password",
"identify_hasher",
"get_hasher"]:
patchAttr(self, test_hashers_mod, attr, getattr(hashers, attr))
# django 1.4 tests expect empty django_des_crypt salt field
if DJANGO_VERSION >= (1,4):
from passlib.hash import django_des_crypt
patchAttr(self, django_des_crypt, "use_duplicate_salt", False)
# hack: need password_context to keep up to date with hasher.iterations
if DJANGO_VERSION >= (1,6):
def update_hook(self):
rounds = test_hashers_mod.get_hasher("pbkdf2_sha256").iterations
self.update(
django_pbkdf2_sha256__min_rounds=rounds,
django_pbkdf2_sha256__default_rounds=rounds,
django_pbkdf2_sha256__max_rounds=rounds,
)
patchAttr(self, password_context, "__class__", ContextWithHook)
patchAttr(self, password_context, "update_hook", update_hook)
# omitting this test, since it depends on updated to django hasher settings
