Chris@0: # Redmine - project management software Chris@1295: # Copyright (C) 2006-2013 Jean-Philippe Lang Chris@0: # Chris@0: # This program is free software; you can redistribute it and/or Chris@0: # modify it under the terms of the GNU General Public License Chris@0: # as published by the Free Software Foundation; either version 2 Chris@0: # of the License, or (at your option) any later version. Chris@909: # Chris@0: # This program is distributed in the hope that it will be useful, Chris@0: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@0: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@0: # GNU General Public License for more details. Chris@909: # Chris@0: # You should have received a copy of the GNU General Public License Chris@0: # along with this program; if not, write to the Free Software Chris@0: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@0: Chris@119: require File.expand_path('../../test_helper', __FILE__) Chris@0: Chris@0: class AuthSourceLdapTest < ActiveSupport::TestCase Chris@1115: include Redmine::I18n Chris@0: fixtures :auth_sources Chris@909: Chris@0: def setup Chris@0: end Chris@909: Chris@0: def test_create Chris@0: a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :base_dn => 'dc=example,dc=net', :attr_login => 'sAMAccountName') Chris@0: assert a.save Chris@0: end Chris@909: Chris@0: def test_should_strip_ldap_attributes Chris@0: a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :base_dn => 'dc=example,dc=net', :attr_login => 'sAMAccountName', Chris@0: :attr_firstname => 'givenName ') Chris@0: assert a.save Chris@0: assert_equal 'givenName', a.reload.attr_firstname Chris@0: end Chris@0: Chris@909: def test_replace_port_zero_to_389 Chris@909: a = AuthSourceLdap.new( Chris@909: :name => 'My LDAP', :host => 'ldap.example.net', :port => 0, Chris@909: :base_dn => 'dc=example,dc=net', :attr_login => 'sAMAccountName', Chris@909: :attr_firstname => 'givenName ') Chris@909: assert a.save Chris@909: assert_equal 389, a.port Chris@909: end Chris@909: Chris@1115: def test_filter_should_be_validated Chris@1115: set_language_if_valid 'en' Chris@1115: Chris@1115: a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :attr_login => 'sn') Chris@1115: a.filter = "(mail=*@redmine.org" Chris@1115: assert !a.valid? Chris@1115: assert_include "LDAP filter is invalid", a.errors.full_messages Chris@1115: Chris@1115: a.filter = "(mail=*@redmine.org)" Chris@1115: assert a.valid? Chris@1115: end Chris@1115: Chris@0: if ldap_configured? Chris@1295: test '#authenticate with a valid LDAP user should return the user attributes' do Chris@1295: auth = AuthSourceLdap.find(1) Chris@1295: auth.update_attribute :onthefly_register, true Chris@1295: Chris@1295: attributes = auth.authenticate('example1','123456') Chris@1295: assert attributes.is_a?(Hash), "An hash was not returned" Chris@1295: assert_equal 'Example', attributes[:firstname] Chris@1295: assert_equal 'One', attributes[:lastname] Chris@1295: assert_equal 'example1@redmine.org', attributes[:mail] Chris@1295: assert_equal auth.id, attributes[:auth_source_id] Chris@1295: attributes.keys.each do |attribute| Chris@1295: assert User.new.respond_to?("#{attribute}="), "Unexpected :#{attribute} attribute returned" Chris@0: end Chris@1295: end Chris@0: Chris@1295: test '#authenticate with an invalid LDAP user should return nil' do Chris@1295: auth = AuthSourceLdap.find(1) Chris@1295: assert_equal nil, auth.authenticate('nouser','123456') Chris@1295: end Chris@0: Chris@1295: test '#authenticate without a login should return nil' do Chris@1295: auth = AuthSourceLdap.find(1) Chris@1295: assert_equal nil, auth.authenticate('','123456') Chris@1295: end Chris@0: Chris@1295: test '#authenticate without a password should return nil' do Chris@1295: auth = AuthSourceLdap.find(1) Chris@1295: assert_equal nil, auth.authenticate('edavis','') Chris@1295: end Chris@0: Chris@1295: test '#authenticate without filter should return any user' do Chris@1295: auth = AuthSourceLdap.find(1) Chris@1295: assert auth.authenticate('example1','123456') Chris@1295: assert auth.authenticate('edavis', '123456') Chris@1295: end Chris@909: Chris@1295: test '#authenticate with filter should return user who matches the filter only' do Chris@1295: auth = AuthSourceLdap.find(1) Chris@1295: auth.filter = "(mail=*@redmine.org)" Chris@1115: Chris@1295: assert auth.authenticate('example1','123456') Chris@1295: assert_nil auth.authenticate('edavis', '123456') Chris@1115: end Chris@1115: Chris@1115: def test_authenticate_should_timeout Chris@1115: auth_source = AuthSourceLdap.find(1) Chris@1115: auth_source.timeout = 1 Chris@1115: def auth_source.initialize_ldap_con(*args); sleep(5); end Chris@1115: Chris@1115: assert_raise AuthSourceTimeoutException do Chris@1115: auth_source.authenticate 'example1', '123456' Chris@1115: end Chris@0: end Chris@1295: Chris@1295: def test_search_should_return_matching_entries Chris@1295: results = AuthSource.search("exa") Chris@1295: assert_equal 1, results.size Chris@1295: result = results.first Chris@1295: assert_kind_of Hash, result Chris@1295: assert_equal "example1", result[:login] Chris@1295: assert_equal "Example", result[:firstname] Chris@1295: assert_equal "One", result[:lastname] Chris@1295: assert_equal "example1@redmine.org", result[:mail] Chris@1295: assert_equal 1, result[:auth_source_id] Chris@1295: end Chris@1295: Chris@1295: def test_search_with_no_match_should_return_an_empty_array Chris@1295: results = AuthSource.search("wro") Chris@1295: assert_equal [], results Chris@1295: end Chris@1295: Chris@1295: def test_search_with_exception_should_return_an_empty_array Chris@1295: Net::LDAP.stubs(:new).raises(Net::LDAP::LdapError, 'Cannot connect') Chris@1295: Chris@1295: results = AuthSource.search("exa") Chris@1295: assert_equal [], results Chris@1295: end Chris@0: else Chris@0: puts '(Test LDAP server not configured)' Chris@0: end Chris@0: end