|
Chris@0
|
1 # Redmine - project management software
|
|
Chris@1494
|
2 # Copyright (C) 2006-2014 Jean-Philippe Lang
|
|
Chris@0
|
3 #
|
|
Chris@0
|
4 # This program is free software; you can redistribute it and/or
|
|
Chris@0
|
5 # modify it under the terms of the GNU General Public License
|
|
Chris@0
|
6 # as published by the Free Software Foundation; either version 2
|
|
Chris@0
|
7 # of the License, or (at your option) any later version.
|
|
Chris@909
|
8 #
|
|
Chris@0
|
9 # This program is distributed in the hope that it will be useful,
|
|
Chris@0
|
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Chris@0
|
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
Chris@0
|
12 # GNU General Public License for more details.
|
|
Chris@909
|
13 #
|
|
Chris@0
|
14 # You should have received a copy of the GNU General Public License
|
|
Chris@0
|
15 # along with this program; if not, write to the Free Software
|
|
Chris@0
|
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
Chris@0
|
17
|
|
Chris@119
|
18 require File.expand_path('../../test_helper', __FILE__)
|
|
Chris@0
|
19
|
|
Chris@0
|
20 class AuthSourceLdapTest < ActiveSupport::TestCase
|
|
Chris@1115
|
21 include Redmine::I18n
|
|
Chris@0
|
22 fixtures :auth_sources
|
|
Chris@909
|
23
|
|
Chris@0
|
24 def setup
|
|
Chris@0
|
25 end
|
|
Chris@909
|
26
|
|
Chris@0
|
27 def test_create
|
|
Chris@0
|
28 a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :base_dn => 'dc=example,dc=net', :attr_login => 'sAMAccountName')
|
|
Chris@0
|
29 assert a.save
|
|
Chris@0
|
30 end
|
|
Chris@909
|
31
|
|
Chris@0
|
32 def test_should_strip_ldap_attributes
|
|
Chris@0
|
33 a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :base_dn => 'dc=example,dc=net', :attr_login => 'sAMAccountName',
|
|
Chris@0
|
34 :attr_firstname => 'givenName ')
|
|
Chris@0
|
35 assert a.save
|
|
Chris@0
|
36 assert_equal 'givenName', a.reload.attr_firstname
|
|
Chris@0
|
37 end
|
|
Chris@0
|
38
|
|
Chris@909
|
39 def test_replace_port_zero_to_389
|
|
Chris@909
|
40 a = AuthSourceLdap.new(
|
|
Chris@909
|
41 :name => 'My LDAP', :host => 'ldap.example.net', :port => 0,
|
|
Chris@909
|
42 :base_dn => 'dc=example,dc=net', :attr_login => 'sAMAccountName',
|
|
Chris@909
|
43 :attr_firstname => 'givenName ')
|
|
Chris@909
|
44 assert a.save
|
|
Chris@909
|
45 assert_equal 389, a.port
|
|
Chris@909
|
46 end
|
|
Chris@909
|
47
|
|
Chris@1115
|
48 def test_filter_should_be_validated
|
|
Chris@1115
|
49 set_language_if_valid 'en'
|
|
Chris@1115
|
50
|
|
Chris@1115
|
51 a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :attr_login => 'sn')
|
|
Chris@1115
|
52 a.filter = "(mail=*@redmine.org"
|
|
Chris@1115
|
53 assert !a.valid?
|
|
Chris@1115
|
54 assert_include "LDAP filter is invalid", a.errors.full_messages
|
|
Chris@1115
|
55
|
|
Chris@1115
|
56 a.filter = "(mail=*@redmine.org)"
|
|
Chris@1115
|
57 assert a.valid?
|
|
Chris@1115
|
58 end
|
|
Chris@1115
|
59
|
|
Chris@0
|
60 if ldap_configured?
|
|
Chris@1464
|
61 test '#authenticate with a valid LDAP user should return the user attributes' do
|
|
Chris@1464
|
62 auth = AuthSourceLdap.find(1)
|
|
Chris@1464
|
63 auth.update_attribute :onthefly_register, true
|
|
Chris@1464
|
64
|
|
Chris@1464
|
65 attributes = auth.authenticate('example1','123456')
|
|
Chris@1464
|
66 assert attributes.is_a?(Hash), "An hash was not returned"
|
|
Chris@1464
|
67 assert_equal 'Example', attributes[:firstname]
|
|
Chris@1464
|
68 assert_equal 'One', attributes[:lastname]
|
|
Chris@1464
|
69 assert_equal 'example1@redmine.org', attributes[:mail]
|
|
Chris@1464
|
70 assert_equal auth.id, attributes[:auth_source_id]
|
|
Chris@1464
|
71 attributes.keys.each do |attribute|
|
|
Chris@1464
|
72 assert User.new.respond_to?("#{attribute}="), "Unexpected :#{attribute} attribute returned"
|
|
Chris@0
|
73 end
|
|
Chris@1464
|
74 end
|
|
Chris@0
|
75
|
|
Chris@1464
|
76 test '#authenticate with an invalid LDAP user should return nil' do
|
|
Chris@1464
|
77 auth = AuthSourceLdap.find(1)
|
|
Chris@1464
|
78 assert_equal nil, auth.authenticate('nouser','123456')
|
|
Chris@1464
|
79 end
|
|
Chris@0
|
80
|
|
Chris@1464
|
81 test '#authenticate without a login should return nil' do
|
|
Chris@1464
|
82 auth = AuthSourceLdap.find(1)
|
|
Chris@1464
|
83 assert_equal nil, auth.authenticate('','123456')
|
|
Chris@1464
|
84 end
|
|
Chris@0
|
85
|
|
Chris@1464
|
86 test '#authenticate without a password should return nil' do
|
|
Chris@1464
|
87 auth = AuthSourceLdap.find(1)
|
|
Chris@1464
|
88 assert_equal nil, auth.authenticate('edavis','')
|
|
Chris@1464
|
89 end
|
|
Chris@0
|
90
|
|
Chris@1464
|
91 test '#authenticate without filter should return any user' do
|
|
Chris@1464
|
92 auth = AuthSourceLdap.find(1)
|
|
Chris@1464
|
93 assert auth.authenticate('example1','123456')
|
|
Chris@1464
|
94 assert auth.authenticate('edavis', '123456')
|
|
Chris@1464
|
95 end
|
|
Chris@909
|
96
|
|
Chris@1464
|
97 test '#authenticate with filter should return user who matches the filter only' do
|
|
Chris@1464
|
98 auth = AuthSourceLdap.find(1)
|
|
Chris@1464
|
99 auth.filter = "(mail=*@redmine.org)"
|
|
Chris@1115
|
100
|
|
Chris@1464
|
101 assert auth.authenticate('example1','123456')
|
|
Chris@1464
|
102 assert_nil auth.authenticate('edavis', '123456')
|
|
Chris@1115
|
103 end
|
|
Chris@1115
|
104
|
|
Chris@1115
|
105 def test_authenticate_should_timeout
|
|
Chris@1115
|
106 auth_source = AuthSourceLdap.find(1)
|
|
Chris@1115
|
107 auth_source.timeout = 1
|
|
Chris@1115
|
108 def auth_source.initialize_ldap_con(*args); sleep(5); end
|
|
Chris@1115
|
109
|
|
Chris@1115
|
110 assert_raise AuthSourceTimeoutException do
|
|
Chris@1115
|
111 auth_source.authenticate 'example1', '123456'
|
|
Chris@1115
|
112 end
|
|
Chris@0
|
113 end
|
|
Chris@1464
|
114
|
|
Chris@1464
|
115 def test_search_should_return_matching_entries
|
|
Chris@1464
|
116 results = AuthSource.search("exa")
|
|
Chris@1464
|
117 assert_equal 1, results.size
|
|
Chris@1464
|
118 result = results.first
|
|
Chris@1464
|
119 assert_kind_of Hash, result
|
|
Chris@1464
|
120 assert_equal "example1", result[:login]
|
|
Chris@1464
|
121 assert_equal "Example", result[:firstname]
|
|
Chris@1464
|
122 assert_equal "One", result[:lastname]
|
|
Chris@1464
|
123 assert_equal "example1@redmine.org", result[:mail]
|
|
Chris@1464
|
124 assert_equal 1, result[:auth_source_id]
|
|
Chris@1464
|
125 end
|
|
Chris@1464
|
126
|
|
Chris@1464
|
127 def test_search_with_no_match_should_return_an_empty_array
|
|
Chris@1464
|
128 results = AuthSource.search("wro")
|
|
Chris@1464
|
129 assert_equal [], results
|
|
Chris@1464
|
130 end
|
|
Chris@1464
|
131
|
|
Chris@1464
|
132 def test_search_with_exception_should_return_an_empty_array
|
|
Chris@1464
|
133 Net::LDAP.stubs(:new).raises(Net::LDAP::LdapError, 'Cannot connect')
|
|
Chris@1464
|
134
|
|
Chris@1464
|
135 results = AuthSource.search("exa")
|
|
Chris@1464
|
136 assert_equal [], results
|
|
Chris@1464
|
137 end
|
|
Chris@0
|
138 else
|
|
Chris@0
|
139 puts '(Test LDAP server not configured)'
|
|
Chris@0
|
140 end
|
|
Chris@0
|
141 end
|
