Chris@909: # $Id: testldap.rb 65 2006-04-23 01:17:49Z blackhedd $ Chris@909: # Chris@909: # Chris@909: Chris@909: Chris@909: $:.unshift "lib" Chris@909: Chris@909: require 'test/unit' Chris@909: Chris@909: require 'net/ldap' Chris@909: require 'stringio' Chris@909: Chris@909: Chris@909: class TestLdapClient < Test::Unit::TestCase Chris@909: Chris@909: # TODO: these tests crash and burn if the associated Chris@909: # LDAP testserver isn't up and running. Chris@909: # We rely on being able to read a file with test data Chris@909: # in LDIF format. Chris@909: # TODO, WARNING: for the moment, this data is in a file Chris@909: # whose name and location are HARDCODED into the Chris@909: # instance method load_test_data. Chris@909: Chris@909: def setup Chris@909: @host = "127.0.0.1" Chris@909: @port = 3890 Chris@909: @auth = { Chris@909: :method => :simple, Chris@909: :username => "cn=bigshot,dc=bayshorenetworks,dc=com", Chris@909: :password => "opensesame" Chris@909: } Chris@909: Chris@909: @ldif = load_test_data Chris@909: end Chris@909: Chris@909: Chris@909: Chris@909: # Get some test data which will be used to validate Chris@909: # the responses from the test LDAP server we will Chris@909: # connect to. Chris@909: # TODO, Bogus: we are HARDCODING the location of the file for now. Chris@909: # Chris@909: def load_test_data Chris@909: ary = File.readlines( "tests/testdata.ldif" ) Chris@909: hash = {} Chris@909: while line = ary.shift and line.chomp! Chris@909: if line =~ /^dn:[\s]*/i Chris@909: dn = $' Chris@909: hash[dn] = {} Chris@909: while attr = ary.shift and attr.chomp! and attr =~ /^([\w]+)[\s]*:[\s]*/ Chris@909: hash[dn][$1.downcase.intern] ||= [] Chris@909: hash[dn][$1.downcase.intern] << $' Chris@909: end Chris@909: end Chris@909: end Chris@909: hash Chris@909: end Chris@909: Chris@909: Chris@909: Chris@909: # Binding tests. Chris@909: # Need tests for all kinds of network failures and incorrect auth. Chris@909: # TODO: Implement a class-level timeout for operations like bind. Chris@909: # Search has a timeout defined at the protocol level, other ops do not. Chris@909: # TODO, use constants for the LDAP result codes, rather than hardcoding them. Chris@909: def test_bind Chris@909: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@909: assert_equal( true, ldap.bind ) Chris@909: assert_equal( 0, ldap.get_operation_result.code ) Chris@909: assert_equal( "Success", ldap.get_operation_result.message ) Chris@909: Chris@909: bad_username = @auth.merge( {:username => "cn=badguy,dc=imposters,dc=com"} ) Chris@909: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_username Chris@909: assert_equal( false, ldap.bind ) Chris@909: assert_equal( 48, ldap.get_operation_result.code ) Chris@909: assert_equal( "Inappropriate Authentication", ldap.get_operation_result.message ) Chris@909: Chris@909: bad_password = @auth.merge( {:password => "cornhusk"} ) Chris@909: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_password Chris@909: assert_equal( false, ldap.bind ) Chris@909: assert_equal( 49, ldap.get_operation_result.code ) Chris@909: assert_equal( "Invalid Credentials", ldap.get_operation_result.message ) Chris@909: end Chris@909: Chris@909: Chris@909: Chris@909: def test_search Chris@909: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@909: Chris@909: search = {:base => "dc=smalldomain,dc=com"} Chris@909: assert_equal( false, ldap.search( search )) Chris@909: assert_equal( 32, ldap.get_operation_result.code ) Chris@909: Chris@909: search = {:base => "dc=bayshorenetworks,dc=com"} Chris@909: assert_equal( true, ldap.search( search )) Chris@909: assert_equal( 0, ldap.get_operation_result.code ) Chris@909: Chris@909: ldap.search( search ) {|res| Chris@909: assert_equal( res, @ldif ) Chris@909: } Chris@909: end Chris@909: Chris@909: Chris@909: Chris@909: Chris@909: # This is a helper routine for test_search_attributes. Chris@909: def internal_test_search_attributes attrs_to_search Chris@909: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@909: assert( ldap.bind ) Chris@909: Chris@909: search = { Chris@909: :base => "dc=bayshorenetworks,dc=com", Chris@909: :attributes => attrs_to_search Chris@909: } Chris@909: Chris@909: ldif = @ldif Chris@909: ldif.each {|dn,entry| Chris@909: entry.delete_if {|attr,value| Chris@909: ! attrs_to_search.include?(attr) Chris@909: } Chris@909: } Chris@909: Chris@909: assert_equal( true, ldap.search( search )) Chris@909: ldap.search( search ) {|res| Chris@909: res_keys = res.keys.sort Chris@909: ldif_keys = ldif.keys.sort Chris@909: assert( res_keys, ldif_keys ) Chris@909: res.keys.each {|rk| Chris@909: assert( res[rk], ldif[rk] ) Chris@909: } Chris@909: } Chris@909: end Chris@909: Chris@909: Chris@909: def test_search_attributes Chris@909: internal_test_search_attributes [:mail] Chris@909: internal_test_search_attributes [:cn] Chris@909: internal_test_search_attributes [:ou] Chris@909: internal_test_search_attributes [:hasaccessprivilege] Chris@909: internal_test_search_attributes ["mail"] Chris@909: internal_test_search_attributes ["cn"] Chris@909: internal_test_search_attributes ["ou"] Chris@909: internal_test_search_attributes ["hasaccessrole"] Chris@909: Chris@909: internal_test_search_attributes [:mail, :cn, :ou, :hasaccessrole] Chris@909: internal_test_search_attributes [:mail, "cn", :ou, "hasaccessrole"] Chris@909: end Chris@909: Chris@909: Chris@909: def test_search_filters Chris@909: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@909: search = { Chris@909: :base => "dc=bayshorenetworks,dc=com", Chris@909: :filter => Net::LDAP::Filter.eq( "sn", "Fosse" ) Chris@909: } Chris@909: Chris@909: ldap.search( search ) {|res| Chris@909: p res Chris@909: } Chris@909: end Chris@909: Chris@909: Chris@909: Chris@909: def test_open Chris@909: ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth Chris@909: ldap.open {|ldap| Chris@909: 10.times { Chris@909: rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" ) Chris@909: assert_equal( true, rc ) Chris@909: } Chris@909: } Chris@909: end Chris@909: Chris@909: Chris@909: def test_ldap_open Chris@909: Net::LDAP.open( :host => @host, :port => @port, :auth => @auth ) {|ldap| Chris@909: 10.times { Chris@909: rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" ) Chris@909: assert_equal( true, rc ) Chris@909: } Chris@909: } Chris@909: end Chris@909: Chris@909: Chris@909: Chris@909: Chris@909: Chris@909: end Chris@909: Chris@909: