fix: remove no longer needed htpasswd infrastructure (#7590)

ietf-tools · Jun 26, 2024 · 704f996 · 704f996
1 parent a1902cf
commit 704f996
Show file tree

Hide file tree

Showing 5 changed files with 0 additions and 168 deletions.
diff --git a/ietf/ietfauth/htpasswd.py b/ietf/ietfauth/htpasswd.py
diff --git a/ietf/ietfauth/tests.py b/ietf/ietfauth/tests.py
@@ -3,13 +3,10 @@
 
 
 import datetime
-import io
 import logging                          # pyflakes:ignore
-import os
 import re
 import requests
 import requests_mock
-import shutil
 import time
 import urllib
 
@@ -21,7 +18,6 @@
 from oic.utils.authn.client import CLIENT_AUTHN_METHOD
 from oidc_provider.models import RSAKey
 from pyquery import PyQuery
-from unittest import skipIf
 from urllib.parse import urlsplit
 
 import django.core.signing
@@ -35,7 +31,6 @@
 
 from ietf.group.factories import GroupFactory, RoleFactory
 from ietf.group.models import Group, Role, RoleName
-from ietf.ietfauth.htpasswd import update_htpasswd_file
 from ietf.ietfauth.utils import has_role
 from ietf.meeting.factories import MeetingFactory
 from ietf.nomcom.factories import NomComFactory
@@ -45,41 +40,12 @@
 from ietf.review.factories import ReviewRequestFactory, ReviewAssignmentFactory
 from ietf.review.models import ReviewWish, UnavailablePeriod
 from ietf.stats.models import MeetingRegistration
-from ietf.utils.decorators import skip_coverage
 from ietf.utils.mail import outbox, empty_outbox, get_payload_text
 from ietf.utils.test_utils import TestCase, login_testing_unauthorized
 from ietf.utils.timezone import date_today
 
 
-if os.path.exists(settings.HTPASSWD_COMMAND):
-    skip_htpasswd_command = False
-    skip_message = ""
-else:
-    skip_htpasswd_command = True
-    skip_message = ("Skipping htpasswd test: The binary for htpasswd wasn't found in the\n       "
-                    "location indicated in settings.py.")
-    print("     "+skip_message)
-
 class IetfAuthTests(TestCase):
-    def setUp(self):
-        super().setUp()
-        self.saved_use_python_htdigest = getattr(settings, "USE_PYTHON_HTDIGEST", None)
-        settings.USE_PYTHON_HTDIGEST = True
-
-        self.saved_htpasswd_file = settings.HTPASSWD_FILE
-        self.htpasswd_dir = self.tempdir('htpasswd')
-        settings.HTPASSWD_FILE = os.path.join(self.htpasswd_dir, "htpasswd")
-        io.open(settings.HTPASSWD_FILE, 'a').close() # create empty file
-
-        self.saved_htdigest_realm = getattr(settings, "HTDIGEST_REALM", None)
-        settings.HTDIGEST_REALM = "test-realm"
-
-    def tearDown(self):
-        shutil.rmtree(self.htpasswd_dir)
-        settings.USE_PYTHON_HTDIGEST = self.saved_use_python_htdigest
-        settings.HTPASSWD_FILE = self.saved_htpasswd_file
-        settings.HTDIGEST_REALM = self.saved_htdigest_realm
-        super().tearDown()
 
     def test_index(self):
         self.assertEqual(self.client.get(urlreverse("ietf.ietfauth.views.index")).status_code, 200)
@@ -162,15 +128,6 @@ def extract_confirm_url(self, confirm_email):
 
         return confirm_url
 
-    def username_in_htpasswd_file(self, username):
-        with io.open(settings.HTPASSWD_FILE) as f:
-            for l in f:
-                if l.startswith(username + ":"):
-                    return True
-        with io.open(settings.HTPASSWD_FILE) as f:
-            print(f.read())
-
-        return False
 
 # For the lowered barrier to account creation period, we are disabling this kind of failure
     # def test_create_account_failure(self):
@@ -223,8 +180,6 @@ def register_and_verify(self, email):
         self.assertEqual(Person.objects.filter(user__username=email).count(), 1)
         self.assertEqual(Email.objects.filter(person__user__username=email).count(), 1)
 
-        self.assertTrue(self.username_in_htpasswd_file(email))
-
 
     # This also tests new account creation.
     def test_create_existing_account(self):
@@ -490,7 +445,6 @@ def test_reset_password(self):
         self.assertEqual(r.status_code, 200)
         q = PyQuery(r.content)
         self.assertEqual(len(q("form .is-invalid")), 0)
-        self.assertTrue(self.username_in_htpasswd_file(user.username))
 
         # reuse reset url
         r = self.client.get(confirm_url)
@@ -614,23 +568,6 @@ def test_review_overview(self):
         self.assertEqual(r.status_code, 302)
         self.assertEqual(ReviewWish.objects.filter(doc=doc, team=review_req.team).count(), 0)
 
-    def test_htpasswd_file_with_python(self):
-        # make sure we test both Python and call-out to binary
-        settings.USE_PYTHON_HTDIGEST = True
-
-        update_htpasswd_file("foo", "passwd")
-        self.assertTrue(self.username_in_htpasswd_file("foo"))
-
-    @skipIf(skip_htpasswd_command, skip_message)
-    @skip_coverage
-    def test_htpasswd_file_with_htpasswd_binary(self):
-        # make sure we test both Python and call-out to binary
-        settings.USE_PYTHON_HTDIGEST = False
-
-        update_htpasswd_file("foo", "passwd")
-        self.assertTrue(self.username_in_htpasswd_file("foo"))
-
-
     def test_change_password(self):
         chpw_url = urlreverse("ietf.ietfauth.views.change_password")
         prof_url = urlreverse("ietf.ietfauth.views.profile")

diff --git a/ietf/ietfauth/views.py b/ietf/ietfauth/views.py
@@ -65,7 +65,6 @@
 from ietf.ietfauth.forms import ( RegistrationForm, PasswordForm, ResetPasswordForm, TestEmailForm,
                                 ChangePasswordForm, get_person_form, RoleEmailForm,
                                 NewEmailForm, ChangeUsernameForm, PersonPasswordForm)
-from ietf.ietfauth.htpasswd import update_htpasswd_file
 from ietf.ietfauth.utils import has_role
 from ietf.name.models import ExtResourceName
 from ietf.nomcom.models import NomCom
@@ -222,8 +221,6 @@ def confirm_account(request, auth):
             user = User.objects.create(username=email, email=email)
             user.set_password(password)
             user.save()
-            # password is also stored in htpasswd file
-            update_htpasswd_file(email, password)
 
             # make sure the rest of the person infrastructure is
             # well-connected
@@ -552,8 +549,6 @@ def confirm_password_reset(request, auth):
 
             user.set_password(password)
             user.save()
-            # password is also stored in htpasswd file
-            update_htpasswd_file(user.username, password)
 
             success = True
     else:
@@ -693,8 +688,6 @@ def change_password(request):
 
             user.set_password(new_password)
             user.save()
-            # password is also stored in htpasswd file
-            update_htpasswd_file(user.username, new_password)
             # keep the session
             update_session_auth_hash(request, user)
 
@@ -731,13 +724,10 @@ def change_username(request):
         form = ChangeUsernameForm(user, request.POST)
         if form.is_valid():
             new_username = form.cleaned_data["username"]
-            password = form.cleaned_data["password"]
             assert new_username in emails
 
             user.username = new_username.lower()
             user.save()
-            # password is also stored in htpasswd file
-            update_htpasswd_file(user.username, password)
             # keep the session
             update_session_auth_hash(request, user)
 

diff --git a/ietf/settings.py b/ietf/settings.py
@@ -979,8 +979,6 @@ def skip_unreadable_post(record):
 # Account settings
 DAYS_TO_EXPIRE_REGISTRATION_LINK = 3
 MINUTES_TO_EXPIRE_RESET_PASSWORD_LINK = 60
-HTPASSWD_COMMAND = "/usr/bin/htpasswd"
-HTPASSWD_FILE = "/a/www/htpasswd"
 
 # Generation of pdf files
 GHOSTSCRIPT_COMMAND = "/usr/bin/gs"

diff --git a/ietf/utils/management/commands/import_htpasswd.py b/ietf/utils/management/commands/import_htpasswd.py