Merge pull request #50 from buxx/dev/_/41/radicale

.travis.yml

 
 after_success:
 - coveralls
+

install/requirements.txt

 unicode-slugify==0.1.3
 Radicale==1.1.1
 icalendar==3.10
+caldav==0.4.0

tracim/test.ini

 # email_to = you@yourdomain.com
 smtp_server = localhost
 error_email_from = turbogears@localhost
+radicale.server.port = 15232
+radicale.client.port = 15232
+radicale.server.filesystem.folder = /tmp/tracim_tests_radicale_fs
 
 [server:main]
 use = egg:gearbox#wsgiref
 port = 8080
 
 [app:main]
-sqlalchemy.url = postgresql://postgres:dummy@127.0.0.1:5432/tracim_test?client_encoding=utf8
+sqlalchemy.url = mysql+oursql://tracim:tracim@localhost/tracim_test
 use = config:development.ini
 
 [app:main_without_authn]
 skip_authentication = True
 
 [app:ldap]
-sqlalchemy.url = postgresql://postgres:dummy@127.0.0.1:5432/tracim_test?client_encoding=utf8
+sqlalchemy.url = mysql+oursql://tracim:tracim@localhost/tracim_test
 auth_type = ldap
 ldap_url = ldap://localhost:3333
 ldap_base_dn = dc=directory,dc=fsf,dc=org
 ldap_group_enabled = False
 use = config:development.ini
 
+[app:radicale]
+sqlalchemy.url = mysql+oursql://tracim:tracim@localhost/tracim_test
+use = config:development.ini
+
 # Add additional test specific configuration options as necessary.

tracim/tracim/config/app_cfg.py

         ]
 
         self.RADICALE_SERVER_HOST = tg.config.get('radicale.server.host', '0.0.0.0')
-        self.RADICALE_SERVER_PORT = tg.config.get('radicale.server.port', 5232)
+        self.RADICALE_SERVER_PORT = int(
+            tg.config.get('radicale.server.port', 5232)
+        )
         # Note: Other parameters needed to work in SSL (cert file, etc)
         self.RADICALE_SERVER_SSL = asbool(tg.config.get('radicale.server.ssl', False))
         self.RADICALE_SERVER_FILE_SYSTEM_FOLDER = tg.config.get(

tracim/tracim/fixtures/ldap.py

         },
         {
             'objectclass': ['account', 'top'],
-            'dn': 'cn=lawrence-not-real-email@fsf.org,ou=people,dc=directory,dc=fsf,dc=org',
+            'dn': 'cn=lawrence-not-real-email@fsf.local,ou=people,dc=directory,dc=fsf,dc=org',
             'attributes': {
-                'uid': 'lawrence-not-real-email@fsf.org',
+                'uid': 'lawrence-not-real-email@fsf.local',
                 'userPassword': 'foobarbaz',
-                'mail': 'lawrence-not-real-email@fsf.org',
+                'mail': 'lawrence-not-real-email@fsf.local',
                 'pubname': 'Lawrence Lessig',
             }
         },

tracim/tracim/fixtures/users_and_groups.py

 
         lawrence = model.User()
         lawrence.display_name = 'Lawrence L.'
-        lawrence.email = 'lawrence-not-real-email@fsf.org'
+        lawrence.email = 'lawrence-not-real-email@fsf.local'
         lawrence.password = 'foobarbaz'
         self._session.add(lawrence)
         g2.users.append(lawrence)
+
+        bob = model.User()
+        bob.display_name = 'Bob i.'
+        bob.email = 'bob@fsf.local'
+        bob.password = 'foobarbaz'
+        self._session.add(bob)
+        g2.users.append(bob)

tracim/tracim/lib/calendar.py

 CALENDAR_TYPE_USER = UserCalendar
 CALENDAR_TYPE_WORKSPACE = WorkspaceCalendar
 
+CALENDAR_BASE_URL_TEMPLATE = '{proto}://{domain}:{port}'
 CALENDAR_USER_URL_TEMPLATE = \
-    '{proto}://{domain}:{port}/user/{id}.ics#{slug}'
+    CALENDAR_BASE_URL_TEMPLATE + '/user/{id}.ics{extra}/'
 CALENDAR_WORKSPACE_URL_TEMPLATE = \
-    '{proto}://{domain}:{port}/workspace/{id}.ics#{slug}'
+    CALENDAR_BASE_URL_TEMPLATE + '/workspace/{id}.ics{extra}/'
 
 
 class CalendarManager(object):
+    @staticmethod
+    def get_base_url():
+        from tracim.config.app_cfg import CFG
+        cfg = CFG.get_instance()
+
+        return CALENDAR_BASE_URL_TEMPLATE.format(
+            proto='https' if cfg.RADICALE_CLIENT_SSL else 'http',
+            domain=cfg.RADICALE_CLIENT_HOST or '127.0.0.1',
+            port=str(cfg.RADICALE_CLIENT_PORT)
+        )
+
+    @staticmethod
+    def get_user_calendar_url(user_id: int, extra: str=''):
+        from tracim.config.app_cfg import CFG
+        cfg = CFG.get_instance()
+
+        return CALENDAR_USER_URL_TEMPLATE.format(
+            proto='https' if cfg.RADICALE_CLIENT_SSL else 'http',
+            domain=cfg.RADICALE_CLIENT_HOST or '127.0.0.1',
+            port=str(cfg.RADICALE_CLIENT_PORT),
+            id=str(user_id),
+            extra=extra,
+        )
+
+    @staticmethod
+    def get_workspace_calendar_url(workspace_id: int, extra: str=''):
+        from tracim.config.app_cfg import CFG
+        cfg = CFG.get_instance()
+
+        return CALENDAR_WORKSPACE_URL_TEMPLATE.format(
+            proto='https' if cfg.RADICALE_CLIENT_SSL else 'http',
+            domain=cfg.RADICALE_CLIENT_HOST or '127.0.0.1',
+            port=str(cfg.RADICALE_CLIENT_PORT),
+            id=str(workspace_id),
+            extra=extra,
+        )
+
     def __init__(self, user: User):
         self._user = user
 
             content: Content,
             event: iCalendarEvent,
             event_name: str,
-    ) -> Content:
+    ) -> None:
+        """
+        Populate Content content instance from iCalendarEvent event attributes.
+        :param content: content to populate
+        :param event: event with data to insert in content
+        :param event_name: Event name (ID) like
+        20160602T083511Z-18100-1001-1-71_Bastien-20160602T083516Z.ics
+        :return: given content
+        """
         content.label = event.get('summary')
         content.description = event.get('description')
         content.properties = {

tracim/tracim/lib/daemons.py

 import threading
 from wsgiref.simple_server import make_server
-
 import signal
 
+import collections
+import transaction
+
 from radicale import Application as RadicaleApplication
-from radicale import HTTPServer as RadicaleHTTPServer
-from radicale import HTTPSServer as RadicaleHTTPSServer
+from radicale import HTTPServer as BaseRadicaleHTTPServer
+from radicale import HTTPSServer as BaseRadicaleHTTPSServer
 from radicale import RequestHandler as RadicaleRequestHandler
 from radicale import config as radicale_config
-from tg import TGApp
 
 from tracim.lib.base import logger
 from tracim.lib.exceptions import AlreadyRunningDaemon
 
     def stop_all(self, *args, **kwargs) -> None:
         """
-        Stop all started daemons and w<ait for them.
+        Stop all started daemons and wait for them.
         """
         logger.info(self, 'Stopping all daemons')
         for name, daemon in self._running_daemons.items():
 
         self._running_daemons = {}
 
+    def execute_in_thread(self, thread_name, callback):
+        self._running_daemons[thread_name].append_thread_callback(callback)
+
+
+class TracimSocketServerMixin(object):
+    """
+    Mixin to use with socketserver.BaseServer who add _after_serve_actions
+    method executed after end of server execution.
+    """
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self._daemon_execute_callbacks = []
+
+    def append_thread_callback(self, callback: collections.Callable) -> None:
+        """
+        Add callback to self._daemon_execute_callbacks. See service_actions
+        function to their usages.
+        :param callback: callback to execute in daemon
+        """
+        self._daemon_execute_callbacks.append(callback)
+
+    def serve_forever(self, *args, **kwargs):
+        super().serve_forever(*args, **kwargs)
+        # After serving (in case of stop) do following:
+        self._after_serve_actions()
+
+    def _after_serve_actions(self):
+        """
+        Override (and call super if needed) to execute actions when server
+        finish it's job.
+        """
+        pass
+
+    def service_actions(self):
+        if len(self._daemon_execute_callbacks):
+            try:
+                while True:
+                    self._daemon_execute_callbacks.pop()()
+            except IndexError:
+                pass  # Finished to iter
+
 
 class Daemon(threading.Thread):
     """
     Thread who contains daemon. You must implement start and stop methods to
     manage daemon life correctly.
     """
-    def run(self):
+    def run(self) -> None:
+        """
+        Place here code who have to be executed in Daemon.
+        """
         raise NotImplementedError()
 
-    def stop(self):
+    def stop(self) -> None:
+        """
+        Place here code who stop your daemon
+        """
         raise NotImplementedError()
 
+    def append_thread_callback(self, callback: collections.Callable) -> None:
+        """
+        Place here the logic who permit to execute a callback in your daemon.
+        To get an exemple of that, take a look at
+        socketserver.BaseServer#service_actions  and how we use it in
+        tracim.lib.daemons.TracimSocketServerMixin#service_actions .
+        :param callback: callback to execute in your thread.
+        """
+        raise NotImplementedError()
+
+
+class RadicaleHTTPSServer(TracimSocketServerMixin, BaseRadicaleHTTPSServer):
+    pass
+
+
+class RadicaleHTTPServer(TracimSocketServerMixin, BaseRadicaleHTTPServer):
+    pass
+
 
 class RadicaleDaemon(Daemon):
     def __init__(self, *args, **kwargs):
             RadicaleHTTPSServer if cfg.RADICALE_SERVER_SSL else RadicaleHTTPServer,
             RadicaleRequestHandler
         )
+
+    def append_thread_callback(self, callback: collections.Callable) -> None:
+        """
+        Give the callback to running server through
+        tracim.lib.daemons.TracimSocketServerMixin#append_thread_callback
+        :param callback: callback to execute in daemon
+        """
+        self._server.append_thread_callback(callback)

tracim/tracim/model/auth.py

             domain=cfg.RADICALE_CLIENT_HOST or request.domain,
             port=cfg.RADICALE_CLIENT_PORT,
             id=self.user_id,
-            slug=slugify(self.get_display_name(
+            extra='#' + slugify(self.get_display_name(
                 remove_email_part=True
             ), only_ascii=True)
         )

tracim/tracim/model/data.py

             domain=cfg.RADICALE_CLIENT_HOST or tg.request.domain,
             port=cfg.RADICALE_CLIENT_PORT,
             id=self.workspace_id,
-            slug=slugify(self.label)
+            extra='#' + slugify(self.label),
         )
 
     def get_user_role(self, user: User) -> int:

tracim/tracim/tests/__init__.py

 import argparse
 import os
 import time
+
+import shutil
 from os import getcwd
 
 import ldap3
 from gearbox.commands.setup_app import SetupAppCommand
 from ldap_test import LdapServer
 from nose.tools import eq_
+from nose.tools import make_decorator
 from nose.tools import ok_
 from paste.deploy import loadapp
 from sqlalchemy.engine import reflection
 
 from tracim.fixtures import FixturesLoader
 from tracim.fixtures.users_and_groups import Base as BaseFixture
+from tracim.fixtures.users_and_groups import Test as TestFixture
+from tracim.config.app_cfg import daemons
 from tracim.lib.base import logger
 from tracim.lib.content import ContentApi
 from tracim.lib.workspace import WorkspaceApi
 from tracim.model import DBSession, Content
-from tracim.model.data import Workspace, ContentType, ContentRevisionRO
+from tracim.model.data import Workspace
+from tracim.model.data import ContentType
 
 __all__ = ['setup_app', 'setup_db', 'teardown_db', 'TestController']
 
     def tearDown(self):
         """Tear down test fixture for each functional test method."""
         DBSession.close()
+        daemons.execute_in_thread('radicale', lambda: transaction.commit())
         teardown_db()
 
 
                                                parent=folder,
                                                owner=user)
         return thread
+
+
+class TestCalendar(TestController):
+    fixtures = [BaseFixture, TestFixture]
+    application_under_test = 'radicale'
+
+    def setUp(self):
+        super().setUp()
+        self._clear_radicale_fs()
+
+    @staticmethod
+    def _clear_radicale_fs():
+        radicale_fs_path = config.radicale.server.filesystem.folder
+        try:
+            files = os.listdir(radicale_fs_path)
+            for file in files:
+                shutil.rmtree('{0}/{1}'.format(radicale_fs_path, file))
+        except FileNotFoundError:
+            pass  # Dir not exists yet, no need to clear it
+
+
+def not_raises(*exceptions):
+    """
+    Test must not raise one of expected exceptions to pass.
+    """
+    valid = ' or '.join([e.__name__ for e in exceptions])
+
+    def decorate(func):
+        name = func.__name__
+
+        def newfunc(*arg, **kw):
+            try:
+                func(*arg, **kw)
+            except exceptions as exc:
+                message = '{0} raise {1} exception and should be not'\
+                    .format(name, exc)
+                raise AssertionError(message)
+            except:
+                raise
+        newfunc = make_decorator(func)(newfunc)
+        return newfunc
+    return decorate

tracim/tracim/tests/functional/test_calendar.py

+import time
+
+import caldav
+import transaction
+from caldav.lib.error import AuthorizationError
+from nose.tools import eq_
+from nose.tools import ok_
+from nose.tools import raises
+import requests
+from requests.exceptions import ConnectionError
+from sqlalchemy.orm.exc import NoResultFound
+
+from tracim.config.app_cfg import daemons
+from tracim.lib.calendar import CalendarManager
+from tracim.lib.workspace import WorkspaceApi
+from tracim.model import DBSession
+from tracim.tests import TestCalendar as BaseTestCalendar
+from tracim.tests import not_raises
+from tracim.model.auth import User
+from tracim.model.data import Content
+
+
+class TestCalendar(BaseTestCalendar):
+    def setUp(self):
+        super().setUp()
+        time.sleep(3)  # TODO - 20160606 - Bastien: sleep to wait ...
+        # ... radicale daemon started. We should lock something somewhere !
+
+    def test_func__radicale_connectivity__ok__nominal_case(self):
+        radicale_base_url = CalendarManager.get_base_url()
+
+        try:
+            response = requests.get(radicale_base_url)
+            eq_(response.status_code, 401, 'Radicale http response should be '
+                                           '401, its {0}'
+                .format(response.status_code))
+        except ConnectionError as exc:
+            ok_(False, 'Unable to contact radicale on HTTP: {0}'.format(exc))
+
+    @not_raises(AuthorizationError)
+    def test_func__radicale_auth__ok__as_lawrence(self):
+        radicale_base_url = CalendarManager.get_base_url()
+        client = caldav.DAVClient(
+            radicale_base_url,
+            username='lawrence-not-real-email@fsf.local',
+            password='foobarbaz'
+        )
+        client.propfind()
+
+    @raises(AuthorizationError)
+    def test_func__radicale_auth__fail__as_john_doe(self):
+        radicale_base_url = CalendarManager.get_base_url()
+        client = caldav.DAVClient(
+            radicale_base_url,
+            username='john.doe@foo.local',
+            password='nopasswd'
+        )
+        client.propfind()
+
+    @not_raises(AuthorizationError)
+    def test_func__rights_read_user_calendar__ok__as_lawrence(self):
+        radicale_base_url = CalendarManager.get_base_url()
+        client = caldav.DAVClient(
+            radicale_base_url,
+            username='lawrence-not-real-email@fsf.local',
+            password='foobarbaz'
+        )
+        user = DBSession.query(User).filter(
+            User.email == 'lawrence-not-real-email@fsf.local'
+        ).one()
+        user_calendar_url = CalendarManager.get_user_calendar_url(user.user_id)
+        caldav.Calendar(
+            parent=client,
+            client=client,
+            url=user_calendar_url
+        ).events()
+
+    @raises(AuthorizationError)
+    def test_func__rights_read_user_calendar__fail__as_john_doe(self):
+        radicale_base_url = CalendarManager.get_base_url()
+        client = caldav.DAVClient(
+            radicale_base_url,
+            username='john.doe@foo.local',
+            password='nopasswd'
+        )
+        other_user = DBSession.query(User).filter(
+            User.email == 'admin@admin.admin'
+        ).one()
+        user_calendar_url = CalendarManager.get_user_calendar_url(other_user.user_id)
+        caldav.Calendar(
+            parent=client,
+            client=client,
+            url=user_calendar_url
+        ).events()
+
+    @not_raises(AuthorizationError)
+    def test_func__rights_read_workspace_calendar__ok__as_owner(self):
+        lawrence = DBSession.query(User).filter(
+            User.email == 'lawrence-not-real-email@fsf.local'
+        ).one()
+        workspace = WorkspaceApi(lawrence).create_workspace(
+            'workspace_1',
+            save_now=False
+        )
+        workspace.calendar_enabled = True
+        DBSession.flush()
+
+        workspace_calendar_url = CalendarManager.get_workspace_calendar_url(
+            workspace.workspace_id
+        )
+
+        transaction.commit()
+
+        radicale_base_url = CalendarManager.get_base_url()
+        client = caldav.DAVClient(
+            radicale_base_url,
+            username='lawrence-not-real-email@fsf.local',
+            password='foobarbaz'
+        )
+        caldav.Calendar(
+            parent=client,
+            client=client,
+            url=workspace_calendar_url
+        ).events()
+
+    @raises(AuthorizationError)
+    def test_func__rights_read_workspace_calendar__fail__as_unauthorized(self):
+        lawrence = DBSession.query(User).filter(
+            User.email == 'lawrence-not-real-email@fsf.local'
+        ).one()
+        workspace = WorkspaceApi(lawrence).create_workspace(
+            'workspace_1',
+            save_now=False
+        )
+        workspace.calendar_enabled = True
+        DBSession.flush()
+
+        workspace_calendar_url = CalendarManager.get_workspace_calendar_url(
+            workspace.workspace_id
+        )
+
+        transaction.commit()
+
+        radicale_base_url = CalendarManager.get_base_url()
+        client = caldav.DAVClient(
+            radicale_base_url,
+            username='bob@fsf.local',
+            password='foobarbaz'
+        )
+        caldav.Calendar(
+            parent=client,
+            client=client,
+            url=workspace_calendar_url
+        ).events()
+
+    def test_func__event_create__ok__nominal_case(self):
+        lawrence = DBSession.query(User).filter(
+            User.email == 'lawrence-not-real-email@fsf.local'
+        ).one()
+        radicale_base_url = CalendarManager.get_base_url()
+        client = caldav.DAVClient(
+            radicale_base_url,
+            username='lawrence-not-real-email@fsf.local',
+            password='foobarbaz'
+        )
+        user_calendar_url = CalendarManager.get_user_calendar_url(
+            lawrence.user_id
+        )
+        user_calendar = caldav.Calendar(
+            parent=client,
+            client=client,
+            url=user_calendar_url
+        )
+
+        event_ics = """BEGIN:VCALENDAR
+VERSION:2.0
+PRODID:-//Example Corp.//CalDAV Client//EN
+BEGIN:VEVENT
+UID:1234567890
+DTSTAMP:20100510T182145Z
+DTSTART:20100512T170000Z
+DTEND:20100512T180000Z
+SUMMARY:This is an event
+LOCATION:Here
+END:VEVENT
+END:VCALENDAR
+"""
+        user_calendar.add_event(event_ics)
+        user_calendar.save()
+
+        daemons.execute_in_thread('radicale', lambda: transaction.commit())
+        # TODO - 20160606 - Bastien: lock should be better here ?
+        time.sleep(3)  # Wait for be sure transaction commited in daemon
+        transaction.commit()
+        try:
+            event = DBSession.query(Content).filter(
+                Content.label == 'This is an event'
+            ).one()
+        except NoResultFound:
+            ok_(False, 'Content record should exist for '
+                       '"This is an event" label')
+
+        eq_(event.properties['location'], 'Here')
+        eq_(event.properties['start'], '2010-05-12 18:00:00+0000')
+        eq_(event.properties['end'], '2010-05-12 17:00:00+0000')

tracim/tracim/tests/functional/test_ldap_authentication.py

 
     def test_ldap_attributes_sync(self):
         # User is already know in database
-        eq_(1, DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.org').count())
+        eq_(1, DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.local').count())
 
         # His display name is Lawrence L.
-        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.org').one()
+        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.local').one()
         eq_('Lawrence L.', lawrence.display_name)
 
         # After connexion with LDAP, his display_name is updated (see ldap fixtures)
-        self._connect_user('lawrence-not-real-email@fsf.org', 'foobarbaz')
-        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.org').one()
+        self._connect_user('lawrence-not-real-email@fsf.local', 'foobarbaz')
+        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.local').one()
         eq_('Lawrence Lessig', lawrence.display_name)

tracim/tracim/tests/functional/test_ldap_restrictions.py

         Password change is disabled
         :return:
         """
-        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.org').one()
-        self._connect_user('lawrence-not-real-email@fsf.org', 'foobarbaz')
+        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.local').one()
+        self._connect_user('lawrence-not-real-email@fsf.local', 'foobarbaz')
         home = self.app.get('/home/',)
 
         # HTML button is not here
         Some fields (email) are not editable on user interface: they are managed by LDAP
         :return:
         """
-        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.org').one()
-        self._connect_user('lawrence-not-real-email@fsf.org', 'foobarbaz')
+        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.local').one()
+        self._connect_user('lawrence-not-real-email@fsf.local', 'foobarbaz')
 
         edit = self.app.get('/user/5/edit')
 
         ok_('readonly' not in name_input.attrs)
 
         # If we force edit of user, "email" field will be not updated
-        eq_(lawrence.email, 'lawrence-not-real-email@fsf.org')
+        eq_(lawrence.email, 'lawrence-not-real-email@fsf.local')
         eq_(lawrence.display_name, 'Lawrence L.')
 
         try_post_user = self.app.post(
 
         eq_(try_post_user.status_code, 302, "Code should be 302, but is %d" % try_post_user.status_code)
 
-        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.org').one()
-        eq_(lawrence.email, 'lawrence-not-real-email@fsf.org', "email should be unmodified")
+        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.local').one()
+        eq_(lawrence.email, 'lawrence-not-real-email@fsf.local', "email should be unmodified")
         eq_(lawrence.display_name, 'Lawrence Lessig YEAH', "Name should be updated")

tracim/tracim/tests/library/test_helpers.py

 
 from tracim.tests import TestStandard
 
-config = CFG.get_instance()
-
 
 class TestHelpers(TestStandard):
 
     def test_is_item_still_editable(self):
+        config = CFG.get_instance()
         item = DictLikeClass()
 
         config.DATA_UPDATE_ALLOWED_DURATION = 0

tracim/tracim/tests/library/test_ldap_without_ldap_groups.py

         LDAP don't manage groups here: We must retrieve internal groups of tested user
         :return:
         """
-        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.org').one()
+        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.local').one()
         managers = DBSession.query(Group).filter(Group.group_name == 'managers').one()
         lawrence_identity = {'user': lawrence}
 
         # Lawrence is in fixtures: he is in managers group
-        self._check_db_user('lawrence-not-real-email@fsf.org', 1)
+        self._check_db_user('lawrence-not-real-email@fsf.local', 1)
         assert lawrence in managers.users
         assert False is ini_conf_to_bool(config.get('ldap_group_enabled', False))
         assert ['managers'] == config.get('sa_auth').authmetadata.get_groups(
         LDAP don't manage groups here: We must retrieve internal groups permission of tested user
         :return:
         """
-        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.org').one()
+        lawrence = DBSession.query(User).filter(User.email == 'lawrence-not-real-email@fsf.local').one()
         managers = DBSession.query(Group).filter(Group.group_name == 'managers').one()
         lawrence_identity = {'user': lawrence}
 
         # Lawrence is in fixtures: he is in managers group
-        self._check_db_user('lawrence-not-real-email@fsf.org', 1)
+        self._check_db_user('lawrence-not-real-email@fsf.local', 1)
         assert lawrence in managers.users
         assert False is ini_conf_to_bool(config.get('ldap_group_enabled', False))