Chris@0: # $Id: testldap.rb 65 2006-04-23 01:17:49Z blackhedd $ Chris@0: # Chris@0: # Chris@0: Chris@0: Chris@0: $:.unshift "lib" Chris@0: Chris@0: require 'test/unit' Chris@0: Chris@0: require 'net/ldap' Chris@0: require 'stringio' Chris@0: Chris@0: Chris@0: class TestLdapClient < Test::Unit::TestCase Chris@0: Chris@0: # TODO: these tests crash and burn if the associated Chris@0: # LDAP testserver isn't up and running. Chris@0: # We rely on being able to read a file with test data Chris@0: # in LDIF format. Chris@0: # TODO, WARNING: for the moment, this data is in a file Chris@0: # whose name and location are HARDCODED into the Chris@0: # instance method load_test_data. Chris@0: Chris@0: def setup Chris@0: @host = "127.0.0.1" Chris@0: @port = 3890 Chris@0: @auth = { Chris@0: :method => :simple, Chris@0: :username => "cn=bigshot,dc=bayshorenetworks,dc=com", Chris@0: :password => "opensesame" Chris@0: } Chris@0: Chris@0: @ldif = load_test_data Chris@0: end Chris@0: Chris@0: Chris@0: Chris@0: # Get some test data which will be used to validate Chris@0: # the responses from the test LDAP server we will Chris@0: # connect to. Chris@0: # TODO, Bogus: we are HARDCODING the location of the file for now. Chris@0: # Chris@0: def load_test_data Chris@0: ary = File.readlines( "tests/testdata.ldif" ) Chris@0: hash = {} Chris@0: while line = ary.shift and line.chomp! Chris@0: if line =~ /^dn:[\s]*/i Chris@0: dn = $' Chris@0: hash[dn] = {} Chris@0: while attr = ary.shift and attr.chomp! and attr =~ /^([\w]+)[\s]*:[\s]*/ Chris@0: hash[dn][$1.downcase.intern] ||= [] Chris@0: hash[dn][$1.downcase.intern] << $' Chris@0: end Chris@0: end Chris@0: end Chris@0: hash Chris@0: end Chris@0: Chris@0: Chris@0: Chris@0: # Binding tests. Chris@0: # Need tests for all kinds of network failures and incorrect auth. Chris@0: # TODO: Implement a class-level timeout for operations like bind. Chris@0: # Search has a timeout defined at the protocol level, other ops do not. Chris@0: # TODO, use constants for the LDAP result codes, rather than hardcoding them. Chris@0: def test_bind Chris@0: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@0: assert_equal( true, ldap.bind ) Chris@0: assert_equal( 0, ldap.get_operation_result.code ) Chris@0: assert_equal( "Success", ldap.get_operation_result.message ) Chris@0: Chris@0: bad_username = @auth.merge( {:username => "cn=badguy,dc=imposters,dc=com"} ) Chris@0: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_username Chris@0: assert_equal( false, ldap.bind ) Chris@0: assert_equal( 48, ldap.get_operation_result.code ) Chris@0: assert_equal( "Inappropriate Authentication", ldap.get_operation_result.message ) Chris@0: Chris@0: bad_password = @auth.merge( {:password => "cornhusk"} ) Chris@0: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_password Chris@0: assert_equal( false, ldap.bind ) Chris@0: assert_equal( 49, ldap.get_operation_result.code ) Chris@0: assert_equal( "Invalid Credentials", ldap.get_operation_result.message ) Chris@0: end Chris@0: Chris@0: Chris@0: Chris@0: def test_search Chris@0: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@0: Chris@0: search = {:base => "dc=smalldomain,dc=com"} Chris@0: assert_equal( false, ldap.search( search )) Chris@0: assert_equal( 32, ldap.get_operation_result.code ) Chris@0: Chris@0: search = {:base => "dc=bayshorenetworks,dc=com"} Chris@0: assert_equal( true, ldap.search( search )) Chris@0: assert_equal( 0, ldap.get_operation_result.code ) Chris@0: Chris@0: ldap.search( search ) {|res| Chris@0: assert_equal( res, @ldif ) Chris@0: } Chris@0: end Chris@0: Chris@0: Chris@0: Chris@0: Chris@0: # This is a helper routine for test_search_attributes. Chris@0: def internal_test_search_attributes attrs_to_search Chris@0: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@0: assert( ldap.bind ) Chris@0: Chris@0: search = { Chris@0: :base => "dc=bayshorenetworks,dc=com", Chris@0: :attributes => attrs_to_search Chris@0: } Chris@0: Chris@0: ldif = @ldif Chris@0: ldif.each {|dn,entry| Chris@0: entry.delete_if {|attr,value| Chris@0: ! attrs_to_search.include?(attr) Chris@0: } Chris@0: } Chris@0: Chris@0: assert_equal( true, ldap.search( search )) Chris@0: ldap.search( search ) {|res| Chris@0: res_keys = res.keys.sort Chris@0: ldif_keys = ldif.keys.sort Chris@0: assert( res_keys, ldif_keys ) Chris@0: res.keys.each {|rk| Chris@0: assert( res[rk], ldif[rk] ) Chris@0: } Chris@0: } Chris@0: end Chris@0: Chris@0: Chris@0: def test_search_attributes Chris@0: internal_test_search_attributes [:mail] Chris@0: internal_test_search_attributes [:cn] Chris@0: internal_test_search_attributes [:ou] Chris@0: internal_test_search_attributes [:hasaccessprivilege] Chris@0: internal_test_search_attributes ["mail"] Chris@0: internal_test_search_attributes ["cn"] Chris@0: internal_test_search_attributes ["ou"] Chris@0: internal_test_search_attributes ["hasaccessrole"] Chris@0: Chris@0: internal_test_search_attributes [:mail, :cn, :ou, :hasaccessrole] Chris@0: internal_test_search_attributes [:mail, "cn", :ou, "hasaccessrole"] Chris@0: end Chris@0: Chris@0: Chris@0: def test_search_filters Chris@0: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@0: search = { Chris@0: :base => "dc=bayshorenetworks,dc=com", Chris@0: :filter => Net::LDAP::Filter.eq( "sn", "Fosse" ) Chris@0: } Chris@0: Chris@0: ldap.search( search ) {|res| Chris@0: p res Chris@0: } Chris@0: end Chris@0: Chris@0: Chris@0: Chris@0: def test_open Chris@0: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@0: ldap.open {|ldap| Chris@0: 10.times { Chris@0: rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" ) Chris@0: assert_equal( true, rc ) Chris@0: } Chris@0: } Chris@0: end Chris@0: Chris@0: Chris@0: def test_ldap_open Chris@0: Net::LDAP.open( :host => @host, :port => @port, :auth => @auth ) {|ldap| Chris@0: 10.times { Chris@0: rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" ) Chris@0: assert_equal( true, rc ) Chris@0: } Chris@0: } Chris@0: end Chris@0: Chris@0: Chris@0: Chris@0: Chris@0: Chris@0: end Chris@0: Chris@0: