To check out this repository please hg clone the following URL, or open the URL using EasyMercurial or your preferred Mercurial client.
root / .svn / pristine / 86 / 863064fb5000e258cd2d7b4e4e73c65dd4fbbfc5.svn-base @ 1297:0a574315af3e
History | View | Annotate | Download (4.96 KB)
| 1 |
# $Id: testldap.rb 65 2006-04-23 01:17:49Z blackhedd $ |
|---|---|
| 2 |
# |
| 3 |
# |
| 4 |
|
| 5 |
|
| 6 |
$:.unshift "lib" |
| 7 |
|
| 8 |
require 'test/unit' |
| 9 |
|
| 10 |
require 'net/ldap' |
| 11 |
require 'stringio' |
| 12 |
|
| 13 |
|
| 14 |
class TestLdapClient < Test::Unit::TestCase |
| 15 |
|
| 16 |
# TODO: these tests crash and burn if the associated |
| 17 |
# LDAP testserver isn't up and running. |
| 18 |
# We rely on being able to read a file with test data |
| 19 |
# in LDIF format. |
| 20 |
# TODO, WARNING: for the moment, this data is in a file |
| 21 |
# whose name and location are HARDCODED into the |
| 22 |
# instance method load_test_data. |
| 23 |
|
| 24 |
def setup |
| 25 |
@host = "127.0.0.1" |
| 26 |
@port = 3890 |
| 27 |
@auth = {
|
| 28 |
:method => :simple, |
| 29 |
:username => "cn=bigshot,dc=bayshorenetworks,dc=com", |
| 30 |
:password => "opensesame" |
| 31 |
} |
| 32 |
|
| 33 |
@ldif = load_test_data |
| 34 |
end |
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
# Get some test data which will be used to validate |
| 39 |
# the responses from the test LDAP server we will |
| 40 |
# connect to. |
| 41 |
# TODO, Bogus: we are HARDCODING the location of the file for now. |
| 42 |
# |
| 43 |
def load_test_data |
| 44 |
ary = File.readlines( "tests/testdata.ldif" ) |
| 45 |
hash = {}
|
| 46 |
while line = ary.shift and line.chomp! |
| 47 |
if line =~ /^dn:[\s]*/i |
| 48 |
dn = $' |
| 49 |
hash[dn] = {}
|
| 50 |
while attr = ary.shift and attr.chomp! and attr =~ /^([\w]+)[\s]*:[\s]*/ |
| 51 |
hash[dn][$1.downcase.intern] ||= [] |
| 52 |
hash[dn][$1.downcase.intern] << $' |
| 53 |
end |
| 54 |
end |
| 55 |
end |
| 56 |
hash |
| 57 |
end |
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
# Binding tests. |
| 62 |
# Need tests for all kinds of network failures and incorrect auth. |
| 63 |
# TODO: Implement a class-level timeout for operations like bind. |
| 64 |
# Search has a timeout defined at the protocol level, other ops do not. |
| 65 |
# TODO, use constants for the LDAP result codes, rather than hardcoding them. |
| 66 |
def test_bind |
| 67 |
ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth |
| 68 |
assert_equal( true, ldap.bind ) |
| 69 |
assert_equal( 0, ldap.get_operation_result.code ) |
| 70 |
assert_equal( "Success", ldap.get_operation_result.message ) |
| 71 |
|
| 72 |
bad_username = @auth.merge( {:username => "cn=badguy,dc=imposters,dc=com"} )
|
| 73 |
ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_username |
| 74 |
assert_equal( false, ldap.bind ) |
| 75 |
assert_equal( 48, ldap.get_operation_result.code ) |
| 76 |
assert_equal( "Inappropriate Authentication", ldap.get_operation_result.message ) |
| 77 |
|
| 78 |
bad_password = @auth.merge( {:password => "cornhusk"} )
|
| 79 |
ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_password |
| 80 |
assert_equal( false, ldap.bind ) |
| 81 |
assert_equal( 49, ldap.get_operation_result.code ) |
| 82 |
assert_equal( "Invalid Credentials", ldap.get_operation_result.message ) |
| 83 |
end |
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
def test_search |
| 88 |
ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth |
| 89 |
|
| 90 |
search = {:base => "dc=smalldomain,dc=com"}
|
| 91 |
assert_equal( false, ldap.search( search )) |
| 92 |
assert_equal( 32, ldap.get_operation_result.code ) |
| 93 |
|
| 94 |
search = {:base => "dc=bayshorenetworks,dc=com"}
|
| 95 |
assert_equal( true, ldap.search( search )) |
| 96 |
assert_equal( 0, ldap.get_operation_result.code ) |
| 97 |
|
| 98 |
ldap.search( search ) {|res|
|
| 99 |
assert_equal( res, @ldif ) |
| 100 |
} |
| 101 |
end |
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
# This is a helper routine for test_search_attributes. |
| 107 |
def internal_test_search_attributes attrs_to_search |
| 108 |
ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth |
| 109 |
assert( ldap.bind ) |
| 110 |
|
| 111 |
search = {
|
| 112 |
:base => "dc=bayshorenetworks,dc=com", |
| 113 |
:attributes => attrs_to_search |
| 114 |
} |
| 115 |
|
| 116 |
ldif = @ldif |
| 117 |
ldif.each {|dn,entry|
|
| 118 |
entry.delete_if {|attr,value|
|
| 119 |
! attrs_to_search.include?(attr) |
| 120 |
} |
| 121 |
} |
| 122 |
|
| 123 |
assert_equal( true, ldap.search( search )) |
| 124 |
ldap.search( search ) {|res|
|
| 125 |
res_keys = res.keys.sort |
| 126 |
ldif_keys = ldif.keys.sort |
| 127 |
assert( res_keys, ldif_keys ) |
| 128 |
res.keys.each {|rk|
|
| 129 |
assert( res[rk], ldif[rk] ) |
| 130 |
} |
| 131 |
} |
| 132 |
end |
| 133 |
|
| 134 |
|
| 135 |
def test_search_attributes |
| 136 |
internal_test_search_attributes [:mail] |
| 137 |
internal_test_search_attributes [:cn] |
| 138 |
internal_test_search_attributes [:ou] |
| 139 |
internal_test_search_attributes [:hasaccessprivilege] |
| 140 |
internal_test_search_attributes ["mail"] |
| 141 |
internal_test_search_attributes ["cn"] |
| 142 |
internal_test_search_attributes ["ou"] |
| 143 |
internal_test_search_attributes ["hasaccessrole"] |
| 144 |
|
| 145 |
internal_test_search_attributes [:mail, :cn, :ou, :hasaccessrole] |
| 146 |
internal_test_search_attributes [:mail, "cn", :ou, "hasaccessrole"] |
| 147 |
end |
| 148 |
|
| 149 |
|
| 150 |
def test_search_filters |
| 151 |
ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth |
| 152 |
search = {
|
| 153 |
:base => "dc=bayshorenetworks,dc=com", |
| 154 |
:filter => Net::LDAP::Filter.eq( "sn", "Fosse" ) |
| 155 |
} |
| 156 |
|
| 157 |
ldap.search( search ) {|res|
|
| 158 |
p res |
| 159 |
} |
| 160 |
end |
| 161 |
|
| 162 |
|
| 163 |
|
| 164 |
def test_open |
| 165 |
ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth |
| 166 |
ldap.open {|ldap|
|
| 167 |
10.times {
|
| 168 |
rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" ) |
| 169 |
assert_equal( true, rc ) |
| 170 |
} |
| 171 |
} |
| 172 |
end |
| 173 |
|
| 174 |
|
| 175 |
def test_ldap_open |
| 176 |
Net::LDAP.open( :host => @host, :port => @port, :auth => @auth ) {|ldap|
|
| 177 |
10.times {
|
| 178 |
rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" ) |
| 179 |
assert_equal( true, rc ) |
| 180 |
} |
| 181 |
} |
| 182 |
end |
| 183 |
|
| 184 |
|
| 185 |
|
| 186 |
|
| 187 |
|
| 188 |
end |
| 189 |
|
| 190 |
|