Download as
Browse Code »

Commit d711beb1d642c8ea42243dcae263e0a4d0944f1f

Authored by Leandro Nunes dos Santos
1 parent 18ea9ebe
Exists in master and in 22 other branches angular_poc, api-article-archived, article-readonly, backup-7-jan-2016, captcha_serpro_plugin, content-manager-hostspot, export-comment-paragraph, fix_event_date_issue, login-captcha, master_rails3, new_video_plugin, pg_search_rank, production, refactor_with_role, refactor_with_role_scope, remove_profile_cat_icons, resend_confirmation_email, staging, staging_rails3, tasks_keep_filter_params, theme-brasil-digital-from-staging, travis

adding plugin to give ldap support for noosfero

Showing 13 changed files with 1193 additions and 0 deletions   Show diff stats
plugins/ldap/README 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,71 @@
  1 +README - LDAP (LDAP Plugin)
  2 +================================
  3 +
  4 +LDAP is a plugin to allow ldap authentication to noosfero
  5 +
  6 +
  7 +INSTALL
  8 +=======
  9 +
  10 +Dependences
  11 +-----------
  12 +
  13 +See the Noosfero install file. After install Noosfero, install Mezuro dependences:
  14 +
  15 +$ gem install net-ldap -v 0.3.1
  16 +
  17 +Enable Plugin
  18 +-------------
  19 +
  20 +Also, you need to enable LDAP Plugin at you Noosfero:
  21 +
  22 +cd <your_noosfero_dir>
  23 +./script/noosfero-plugins enable ldap
  24 +
  25 +Active Plugin
  26 +-------------
  27 +
  28 +As a Noosfero administrator user, go to administrator panel:
  29 +
  30 +- Click on "Enable/disable plugins" option
  31 +- Click on "LDAP Plugin" check-box
  32 +
  33 +
  34 +DEVELOPMENT
  35 +===========
  36 +
  37 +Get the LDAP (Noosfero with LDAP Plugin) development repository:
  38 +
  39 +$ git clone https://gitorious.org/+noosfero/noosfero/ldap
  40 +
  41 +Running Mezuro tests
  42 +--------------------
  43 +
  44 +Configure the ldap server creating the file 'plugins/ldap/fixtures/ldap.yml'.
  45 +A sample file is offered in 'plugins/ldap/fixtures/ldap.yml.dist'
  46 +
  47 +$ rake test:noosfero_plugins:ldap
  48 +
  49 +
  50 +Get Involved
  51 +============
  52 +
  53 +If you found any bug and/or want to collaborate, please send an e-mail to leandronunes@gmail.com
  54 +
  55 +LICENSE
  56 +=======
  57 +
  58 +Copyright (c) The Author developers.
  59 +
  60 +See Noosfero license.
  61 +
  62 +
  63 +AUTHORS
  64 +=======
  65 +
  66 + Leandro Nunes dos Santos (leandronunes at gmail.com)
  67 +
  68 +ACKNOWLEDGMENTS
  69 +===============
  70 +
  71 +The author have been supported by Serpro
... ...
plugins/ldap/controllers/ldap_plugin_admin_controller.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,18 @@
  1 +class LdapPluginAdminController < AdminController
  2 +
  3 + append_view_path File.join(File.dirname(__FILE__) + '/../views')
  4 +
  5 + def index
  6 + end
  7 +
  8 + def update
  9 + if @environment.update_attributes(params[:environment])
  10 + session[:notice] = _('Ldap configuration updated successfully.')
  11 + else
  12 + session[:notice] = _('Ldap configuration could not be saved.')
  13 + end
  14 + render :action => 'index'
  15 + end
  16 +
  17 +end
  18 +
... ...
plugins/ldap/fixtures/ldap.yml.dist 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,15 @@
  1 +server:
  2 + host: "127.0.0.1"
  3 + port: 389
  4 + account: "uid=ldap_user,,ou=person,dc=noosfero,dc=org"
  5 + account_password: "ldap_pass"
  6 + base_dn: "dc=noosfero,dc=org"
  7 + attr_login: "uid"
  8 + attr_fullname: "cn"
  9 + attr_mail: "mail"
  10 + onthefly_register: true
  11 + filter: ""
  12 + tls: false
  13 +user:
  14 + login: 'valid_ldap_login'
  15 + password: 'valid_ldap_password'
... ...
plugins/ldap/lib/ext/environment.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,114 @@
  1 +require_dependency 'environment'
  2 +
  3 +class Environment
  4 +
  5 + settings_items :ldap_plugin, :type => :hash, :default => {}
  6 +
  7 + validates_presence_of :ldap_plugin_host, :if => lambda {|env| !env.ldap_plugin.blank? }
  8 +
  9 + def ldap_plugin_attributes
  10 + self.ldap_plugin || {}
  11 + end
  12 +
  13 + def ldap_plugin_host= host
  14 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  15 + self.ldap_plugin['host'] = host
  16 + end
  17 +
  18 + def ldap_plugin_host
  19 + self.ldap_plugin['host']
  20 + end
  21 +
  22 + def ldap_plugin_port= port
  23 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  24 + self.ldap_plugin['port'] = port
  25 + end
  26 +
  27 + def ldap_plugin_port
  28 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  29 + self.ldap_plugin['port'] ||= 389
  30 + self.ldap_plugin['port']
  31 + end
  32 +
  33 + def ldap_plugin_account
  34 + self.ldap_plugin['account']
  35 + end
  36 +
  37 + def ldap_plugin_account= account
  38 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  39 + self.ldap_plugin['account'] = account
  40 + end
  41 +
  42 + def ldap_plugin_account_password
  43 + self.ldap_plugin['account_password']
  44 + end
  45 +
  46 + def ldap_plugin_account_password= password
  47 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  48 + self.ldap_plugin['account_password'] = password
  49 + end
  50 +
  51 + def ldap_plugin_base_dn
  52 + self.ldap_plugin['base_dn']
  53 + end
  54 +
  55 + def ldap_plugin_base_dn= base_dn
  56 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  57 + self.ldap_plugin['base_dn'] = base_dn
  58 + end
  59 +
  60 + def ldap_plugin_attr_login
  61 + self.ldap_plugin['attr_login']
  62 + end
  63 +
  64 + def ldap_plugin_attr_login= login
  65 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  66 + self.ldap_plugin['attr_login'] = login
  67 + end
  68 +
  69 + def ldap_plugin_attr_fullname
  70 + self.ldap_plugin['attr_fullname']
  71 + end
  72 +
  73 + def ldap_plugin_attr_fullname= fullname
  74 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  75 + self.ldap_plugin['attr_fullname'] = fullname
  76 + end
  77 +
  78 + def ldap_plugin_attr_mail
  79 + self.ldap_plugin['attr_mail']
  80 + end
  81 +
  82 + def ldap_plugin_attr_mail= mail
  83 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  84 + self.ldap_plugin['attr_mail'] = mail
  85 + end
  86 +
  87 + def ldap_plugin_onthefly_register
  88 + self.ldap_plugin['onthefly_register'].to_s == 'true'
  89 + end
  90 +
  91 + def ldap_plugin_onthefly_register= value
  92 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  93 + self.ldap_plugin['onthefly_register'] = (value.to_s == '1') ? true : false
  94 + end
  95 +
  96 + def ldap_plugin_filter
  97 + self.ldap_plugin['filter']
  98 + end
  99 +
  100 + def ldap_plugin_filter= filter
  101 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  102 + self.ldap_plugin['filter'] = filter
  103 + end
  104 +
  105 + def ldap_plugin_tls
  106 + self.ldap_plugin['tls'] ||= false
  107 + end
  108 +
  109 + def ldap_plugin_tls= value
  110 + self.ldap_plugin = {} if self.ldap_plugin.blank?
  111 + self.ldap_plugin['tls'] = (value.to_s == '1') ? true : false
  112 + end
  113 +
  114 +end
... ...
plugins/ldap/lib/ldap_authentication.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,137 @@
  1 +# Redmine - project management software
  2 +# Copyright (C) 2006-2011 Jean-Philippe Lang
  3 +#
  4 +# This program is free software; you can redistribute it and/or
  5 +# modify it under the terms of the GNU General Public License
  6 +# as published by the Free Software Foundation; either version 2
  7 +# of the License, or (at your option) any later version.
  8 +#
  9 +# This program is distributed in the hope that it will be useful,
  10 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12 +# GNU General Public License for more details.
  13 +#
  14 +# You should have received a copy of the GNU General Public License
  15 +# along with this program; if not, write to the Free Software
  16 +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  17 +
  18 +require 'rubygems'
  19 +require 'iconv'
  20 +require 'net/ldap'
  21 +require 'net/ldap/dn'
  22 +
  23 +class LdapAuthentication
  24 +
  25 + attr_accessor :host, :port, :account, :account_password, :base_dn, :attr_login, :attr_fullname, :attr_mail, :onthefly_register, :filter, :tls
  26 +
  27 + def initialize(attrs = {})
  28 + self.host = attrs['host']
  29 + self.port = attrs['port'].blank? ? 389 : attrs['port']
  30 + self.account = attrs['account']
  31 + self.account_password = attrs['account_password']
  32 + self.base_dn = attrs['base_dn']
  33 + self.attr_login = attrs['attr_login']
  34 + self.attr_fullname = attrs['attr_fullname']
  35 + self.attr_mail = attrs['attr_mail']
  36 + self.onthefly_register = attrs['onthefly_register']
  37 + self.filter = attrs['filter']
  38 + self.tls = attrs['tls']
  39 + end
  40 +
  41 + def onthefly_register?
  42 + self.onthefly_register == true
  43 + end
  44 +
  45 + def authenticate(login, password)
  46 + return nil if login.blank? || password.blank?
  47 + attrs = get_user_dn(login, password)
  48 +
  49 + if attrs && attrs[:dn] && authenticate_dn(attrs[:dn], password)
  50 + return attrs.except(:dn)
  51 + end
  52 + end
  53 +
  54 + private
  55 +
  56 + def ldap_filter
  57 + if filter.present?
  58 + Net::LDAP::Filter.construct(filter)
  59 + end
  60 + rescue Net::LDAP::LdapError
  61 + nil
  62 + end
  63 +
  64 + def validate_filter
  65 + if filter.present? && ldap_filter.nil?
  66 + errors.add(:filter, :invalid)
  67 + end
  68 + end
  69 +
  70 + def initialize_ldap_con(ldap_user, ldap_password)
  71 + options = { :host => self.host,
  72 + :port => self.port,
  73 + :encryption => (self.tls ? :simple_tls : nil)
  74 + }
  75 + options.merge!(:auth => { :method => :simple, :username => ldap_user, :password => ldap_password }) unless ldap_user.blank? && ldap_password.blank?
  76 + Net::LDAP.new options
  77 + end
  78 +
  79 + def get_user_attributes_from_ldap_entry(entry)
  80 + {
  81 + :dn => entry.dn,
  82 + :fullname => LdapAuthentication.get_attr(entry, self.attr_fullname),
  83 + :mail => LdapAuthentication.get_attr(entry, self.attr_mail),
  84 + }
  85 + end
  86 +
  87 + # Return the attributes needed for the LDAP search. It will only
  88 + # include the user attributes if on-the-fly registration is enabled
  89 + def search_attributes
  90 + if onthefly_register?
  91 + ['dn', self.attr_fullname, self.attr_mail]
  92 + else
  93 + ['dn']
  94 + end
  95 + end
  96 +
  97 + # Check if a DN (user record) authenticates with the password
  98 + def authenticate_dn(dn, password)
  99 + if dn.present? && password.present?
  100 + initialize_ldap_con(dn, password).bind
  101 + end
  102 + end
  103 +
  104 + # Get the user's dn and any attributes for them, given their login
  105 + def get_user_dn(login, password)
  106 + ldap_con = nil
  107 + if self.account && self.account.include?("$login")
  108 + ldap_con = initialize_ldap_con(self.account.sub("$login", Net::LDAP::DN.escape(login)), password)
  109 + else
  110 + ldap_con = initialize_ldap_con(self.account, self.account_password)
  111 + end
  112 + login_filter = Net::LDAP::Filter.eq( self.attr_login, login )
  113 + object_filter = Net::LDAP::Filter.eq( "objectClass", "*" )
  114 + attrs = {}
  115 +
  116 + search_filter = object_filter & login_filter
  117 + if f = ldap_filter
  118 + search_filter = search_filter & f
  119 + end
  120 +
  121 + ldap_con.search( :base => self.base_dn, :filter => search_filter, :attributes=> search_attributes) do |entry|
  122 + if onthefly_register?
  123 + attrs = get_user_attributes_from_ldap_entry(entry)
  124 + else
  125 + attrs = {:dn => entry.dn}
  126 + end
  127 + end
  128 +
  129 + attrs
  130 + end
  131 +
  132 + def self.get_attr(entry, attr_name)
  133 + if !attr_name.blank?
  134 + entry[attr_name].is_a?(Array) ? entry[attr_name].first : entry[attr_name]
  135 + end
  136 + end
  137 +end
... ...
plugins/ldap/lib/ldap_plugin.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,80 @@
  1 +require_dependency File.dirname(__FILE__) + '/ext/environment'
  2 +require File.dirname(__FILE__) + '/ldap_authentication.rb'
  3 +
  4 +
  5 +class LdapPlugin < Noosfero::Plugin
  6 +
  7 + def self.plugin_name
  8 + "LdapPlugin"
  9 + end
  10 +
  11 + def self.plugin_description
  12 + _("A plugin that add ldap support.")
  13 + end
  14 +
  15 + def allow_user_registration
  16 + false
  17 + end
  18 +
  19 + def allow_password_recovery
  20 + false
  21 + end
  22 +
  23 + def alternative_authentication
  24 + login = context.params[:user][:login]
  25 + password = context.params[:user][:password]
  26 + ldap = LdapAuthentication.new(context.environment.ldap_plugin_attributes)
  27 +
  28 + user = User.find_or_initialize_by_login(login)
  29 +
  30 + if user.new_record?
  31 + # user is not yet registered, try to authenticate
  32 + begin
  33 + attrs = ldap.authenticate(login, password)
  34 + rescue Net::LDAP::LdapError => e
  35 + puts "LDAP is not configured correctly"
  36 + end
  37 +
  38 + if attrs
  39 + user.login = login
  40 + user.email = attrs[:mail]
  41 + user.name = attrs[:fullname]
  42 + user.password = password
  43 + user.password_confirmation = password
  44 + user.person_data = context.params[:profile_data]
  45 + user.activated_at = Time.now.utc
  46 + user.activation_code = nil
  47 +
  48 + ldap = LdapAuthentication.new(context.environment.ldap_plugin_attributes)
  49 + begin
  50 + user = nil unless user.save
  51 + rescue
  52 + #User not saved
  53 + end
  54 + end
  55 + else
  56 +
  57 + return nil if !user.activated?
  58 +
  59 + begin
  60 + # user si defined as nil if ldap authentication failed
  61 + user = nil if ldap.authenticate(login, password).nil?
  62 + rescue Net::LDAP::LdapError => e
  63 + puts "LDAP is not configured correctly"
  64 + end
  65 + end
  66 +
  67 + user
  68 + end
  69 +
  70 + def login_extra_contents
  71 + lambda do
  72 + @person = Person.new(:environment => @environment)
  73 + @profile_data = @person
  74 + labelled_fields_for :profile_data, @person do |f|
  75 + render :partial => 'profile_editor/person_form', :locals => {:f => f}
  76 + end
  77 + end
  78 + end
  79 +
  80 +end
... ...
plugins/ldap/test/functional/account_controller_plugin_test.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,81 @@
  1 +require File.dirname(__FILE__) + '/../test_helper'
  2 +
  3 +# Re-raise errors caught by the controller.
  4 +class AccountController; def rescue_action(e) raise e end; end
  5 +
  6 +class AccountControllerPluginTest < ActionController::TestCase
  7 +
  8 + def setup
  9 + @controller = AccountController.new
  10 + @request = ActionController::TestRequest.new
  11 + @response = ActionController::TestResponse.new
  12 +
  13 + @environment = Environment.default
  14 + @environment.enabled_plugins = ['LdapPlugin']
  15 + @ldap_config = load_ldap_config
  16 + @environment.ldap_plugin= @ldap_config['server'] unless @ldap_config.nil?
  17 + @environment.save!
  18 + end
  19 +
  20 + should 'not authenticate user if its not a local user or a ldap user' do
  21 + post :login, :user => {:login => 'someuser', :password => 'somepass'}
  22 + assert_nil session[:user]
  23 + end
  24 +
  25 + should 'authenticate user if its a local user but is not a ldap user' do
  26 + user = create_user('testuser', :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test')
  27 + user.activate
  28 + post :login, :user => {:login => 'testuser', :password => 'test'}
  29 + assert session[:user]
  30 + end
  31 +
  32 + should 'display required fields on user login' do
  33 + @environment.custom_person_fields = {"contact_phone"=>{"required"=>"true", "signup"=>"false", "active"=>"true"}}
  34 + @environment.save
  35 + get :login
  36 + assert_tag(:input, :attributes => {:id => 'profile_data_contact_phone'})
  37 + end
  38 +
  39 + if ldap_configured?
  40 +
  41 + should 'authenticate an existing noosfero user with ldap and loggin' do
  42 + user = create_user(@ldap_config['user']['login'], :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test')
  43 + user.activate
  44 + count = User.count
  45 + post :login, :user => @ldap_config['user']
  46 + assert session[:user]
  47 + assert_equal count, User.count
  48 + end
  49 +
  50 + should 'login and create a new noosfero user if ldap authentication works properly' do
  51 + count = User.count
  52 + post :login, :user => @ldap_config['user']
  53 + assert session[:user]
  54 + assert_equal count + 1, User.count
  55 + end
  56 +
  57 + should 'login on ldap if required fields are defined' do
  58 + count = User.count
  59 + @environment.custom_person_fields = {"contact_phone"=>{"required"=>"true", "signup"=>"false", "active"=>"true"}}
  60 + @environment.save
  61 + post :login, :user => @ldap_config['user'], :profile_data => {:contact_phone => '11111111'}
  62 + assert session[:user]
  63 + end
  64 +
  65 + should 'not login on ldap if required fields are not defined' do
  66 + @environment.custom_person_fields = {"contact_phone"=>{"required"=>"true", "signup"=>"false", "active"=>"true"}}
  67 + @environment.save
  68 + post :login, :user => @ldap_config['user']
  69 + assert_nil session[:user]
  70 + end
  71 +
  72 + should 'authenticate user if its not a local user but is a ldap user' do
  73 + post :login, :user => @ldap_config['user']
  74 + assert session[:user]
  75 + end
  76 +
  77 + else
  78 + puts LDAP_SERVER_ERROR_MESSAGE
  79 + end
  80 +
  81 +end
... ...
plugins/ldap/test/functional/ldap_plugin_admin_controller_test.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,204 @@
  1 +require File.dirname(__FILE__) + '/../../../../test/test_helper'
  2 +require File.dirname(__FILE__) + '/../../controllers/ldap_plugin_admin_controller'
  3 +
  4 +# Re-raise errors caught by the controller.
  5 +class LdapPluginAdminController; def rescue_action(e) raise e end; end
  6 +
  7 +class LdapPluginAdminControllerTest < ActionController::TestCase
  8 +
  9 + def setup
  10 + @controller = LdapPluginAdminController.new
  11 + @request = ActionController::TestRequest.new
  12 + @response = ActionController::TestResponse.new
  13 +
  14 + @environment = Environment.default
  15 + user_login = create_admin_user(@environment)
  16 + login_as(user_login)
  17 + @admin = User[user_login].person
  18 + @environment.enabled_plugins = ['LdapPlugin']
  19 + @environment.ldap_plugin_host="http://somehost"
  20 + @environment.save!
  21 + end
  22 +
  23 + attr_accessor :admin
  24 +
  25 + should 'access index action' do
  26 + get :index
  27 + assert_template 'index'
  28 + assert_response :success
  29 + end
  30 +
  31 + should 'update ldap successfully display a message successfully' do
  32 + @environment.ldap_plugin_host = nil
  33 + @environment.save
  34 + assert_nil @environment.ldap_plugin_host
  35 + post :update, :environment => { :ldap_plugin_host => 'http://something' }
  36 + assert_equal 'Ldap configuration updated successfully.', @response.session[:notice]
  37 + end
  38 +
  39 + should 'wrong ldap update display a message unsuccessfully' do
  40 + @environment.ldap_plugin_host = nil
  41 + @environment.save
  42 + assert_nil @environment.ldap_plugin_host
  43 + post :update, :environment => { :ldap_plugin_host => '' }
  44 + assert_equal 'Ldap configuration could not be saved.', @response.session[:notice]
  45 + end
  46 +
  47 + should 'update ldap successfully render index template' do
  48 + post :update, :environment => { :ldap_plugin_host => 'http://something' }
  49 +
  50 + assert_template 'index'
  51 + end
  52 +
  53 + should 'update ldap unsuccessfully render index template' do
  54 + post :update, :environment => { :ldap_plugin_port => '3434' }
  55 +
  56 + assert_template 'index'
  57 + end
  58 +
  59 + should 'update ldap host' do
  60 + @environment.ldap_plugin_host = nil
  61 + @environment.save
  62 + assert_nil @environment.ldap_plugin_host
  63 + post :update, :environment => { :ldap_plugin_host => 'http://something' }
  64 +
  65 + @environment.reload
  66 + assert_not_nil @environment.ldap_plugin_host
  67 + end
  68 +
  69 + should 'update ldap port' do
  70 + post :update, :environment => { :ldap_plugin_port => '245' }
  71 +
  72 + @environment.reload
  73 + assert_not_nil @environment.ldap_plugin_port
  74 + end
  75 +
  76 + should 'update ldap account' do
  77 + assert_nil @environment.ldap_plugin_account
  78 + post :update, :environment => { :ldap_plugin_account => 'uid=sector,ou=Service,ou=corp,dc=company,dc=com,dc=br' }
  79 +
  80 + @environment.reload
  81 + assert_not_nil @environment.ldap_plugin_account
  82 + end
  83 +
  84 + should 'update ldap acccount_password' do
  85 + assert_nil @environment.ldap_plugin_account_password
  86 + post :update, :environment => { :ldap_plugin_account_password => 'password' }
  87 +
  88 + @environment.reload
  89 + assert_not_nil @environment.ldap_plugin_account_password
  90 + end
  91 +
  92 + should 'update ldap base_dn' do
  93 + assert_nil @environment.ldap_plugin_base_dn
  94 + post :update, :environment => { :ldap_plugin_base_dn => 'dc=company,dc=com,dc=br' }
  95 +
  96 + @environment.reload
  97 + assert_not_nil @environment.ldap_plugin_base_dn
  98 + end
  99 +
  100 + should 'update ldap attr_login' do
  101 + assert_nil @environment.ldap_plugin_attr_login
  102 + post :update, :environment => { :ldap_plugin_attr_login => 'uid' }
  103 +
  104 + @environment.reload
  105 + assert_not_nil @environment.ldap_plugin_attr_login
  106 + end
  107 +
  108 + should 'update ldap attr_mail' do
  109 + assert_nil @environment.ldap_plugin_attr_mail
  110 + post :update, :environment => { :ldap_plugin_attr_mail => 'test@noosfero.com' }
  111 +
  112 + @environment.reload
  113 + assert_not_nil @environment.ldap_plugin_attr_mail
  114 + end
  115 +
  116 + should 'update ldap onthefly_register' do
  117 + post :update, :environment => { :ldap_plugin_onthefly_register => '1' }
  118 +
  119 + @environment.reload
  120 + assert_not_nil @environment.ldap_plugin_onthefly_register
  121 + end
  122 +
  123 + should 'update ldap filter' do
  124 + assert_nil @environment.ldap_plugin_filter
  125 + post :update, :environment => { :ldap_plugin_filter => 'test' }
  126 +
  127 + @environment.reload
  128 + assert_not_nil @environment.ldap_plugin_filter
  129 + end
  130 +
  131 + should 'update ldap tls' do
  132 + post :update, :environment => { :ldap_plugin_tls => '1' }
  133 +
  134 + @environment.reload
  135 + assert_not_nil @environment.ldap_plugin_tls
  136 + end
  137 +
  138 + should 'have a field to manage the host' do
  139 + get :index
  140 +
  141 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_host'}
  142 + end
  143 +
  144 + should 'have a field to manage the port' do
  145 + get :index
  146 +
  147 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_port'}
  148 + end
  149 +
  150 + should 'have a field to manage the account' do
  151 + get :index
  152 +
  153 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_account'}
  154 + end
  155 +
  156 + should 'have a field to manage the account_password' do
  157 + get :index
  158 +
  159 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_account_password'}
  160 + end
  161 +
  162 + should 'have a field to manage the base_dn' do
  163 + get :index
  164 +
  165 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_base_dn'}
  166 + end
  167 +
  168 + should 'have a field to manage the attr_login' do
  169 + get :index
  170 +
  171 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_attr_login'}
  172 + end
  173 +
  174 + should 'have a field to manage the attr_fullname' do
  175 + get :index
  176 +
  177 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_attr_fullname'}
  178 + end
  179 +
  180 + should 'have a field to manage the attr_mail' do
  181 + get :index
  182 +
  183 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_attr_mail'}
  184 + end
  185 +
  186 + should 'have a field to manage the onthefly_register' do
  187 + get :index
  188 +
  189 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_onthefly_register'}
  190 + end
  191 +
  192 + should 'have a field to manage the filter' do
  193 + get :index
  194 +
  195 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_filter'}
  196 + end
  197 +
  198 + should 'have a field to manage the tls' do
  199 + get :index
  200 +
  201 + assert_tag :tag => 'input', :attributes => {:id => 'environment_ldap_plugin_tls'}
  202 + end
  203 +
  204 +end
... ...
plugins/ldap/test/test_helper.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,23 @@
  1 +require File.dirname(__FILE__) + '/../../../test/test_helper'
  2 +
  3 +def load_ldap_config
  4 + begin
  5 + YAML.load_file(File.dirname(__FILE__) + '/../fixtures/ldap.yml')
  6 + rescue Errno::ENOENT => e
  7 + # There is no config file
  8 + return nil
  9 + end
  10 +end
  11 +
  12 +def ldap_configured?
  13 + ldap_config = load_ldap_config
  14 + begin
  15 + test_ldap = Net::LDAP.new(:host => ldap_config['server']['host'], :port => ldap_config['server']['port'])
  16 + return test_ldap.bind
  17 + rescue Exception => e
  18 + #LDAP is not listening
  19 + return nil
  20 + end
  21 +end
  22 +
  23 +LDAP_SERVER_ERROR_MESSAGE = "\n\nWARNING: LDAP test server is not configured properly. Please see the file fixtures/ldap.yml on ldap plugin\n\n"
... ...
plugins/ldap/test/unit/ext/environment_test.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,186 @@
  1 +require File.dirname(__FILE__) + '/../../../../../test/test_helper'
  2 +
  3 +class EnvironmentTest < ActiveSupport::TestCase
  4 +
  5 + def setup
  6 + @enviroment = Environment.default
  7 + end
  8 +
  9 + should 'have ldap_plugin variable defined' do
  10 + assert_equal Hash, @enviroment.ldap_plugin.class
  11 + end
  12 +
  13 + should 'return an empty hash by default on ldap_plugin_attributes method' do
  14 + assert_equal Hash.new, @enviroment.ldap_plugin_attributes
  15 + end
  16 +
  17 + should 'ldap_plugin_host= define the ldap host' do
  18 + host = "http://something"
  19 + @enviroment.ldap_plugin_host= host
  20 + assert_equal host, @enviroment.ldap_plugin['host']
  21 + end
  22 +
  23 + should 'ldap_plugin_host return the defined ldap host' do
  24 + host = "http://something"
  25 + @enviroment.ldap_plugin_host= host
  26 + assert_equal host, @enviroment.ldap_plugin_host
  27 + end
  28 +
  29 + should 'ldap_plugin_port= define the ldap port' do
  30 + value = 255
  31 + @enviroment.ldap_plugin_port= value
  32 + assert_equal value, @enviroment.ldap_plugin['port']
  33 + end
  34 +
  35 + should 'ldap_plugin_port return the defined ldap port' do
  36 + value = 255
  37 + @enviroment.ldap_plugin_port= value
  38 + assert_equal value, @enviroment.ldap_plugin_port
  39 + end
  40 +
  41 + should 'default ldap_plugin_port be 389' do
  42 + assert_equal 389, @enviroment.ldap_plugin_port
  43 + end
  44 +
  45 + should 'ldap_plugin_account= define the ldap acccount' do
  46 + value = 'uid=sector,ou=Service,ou=corp,dc=company,dc=com,dc=br'
  47 + @enviroment.ldap_plugin_account= value
  48 + assert_equal value, @enviroment.ldap_plugin['account']
  49 + end
  50 +
  51 + should 'ldap_plugin_account return the defined ldap account' do
  52 + value = 'uid=sector,ou=Service,ou=corp,dc=company,dc=com,dc=br'
  53 + @enviroment.ldap_plugin_account= value
  54 + assert_equal value, @enviroment.ldap_plugin_account
  55 + end
  56 +
  57 + should 'ldap_plugin_account_password= define the ldap acccount_password' do
  58 + value = 'password'
  59 + @enviroment.ldap_plugin_account_password= value
  60 + assert_equal value, @enviroment.ldap_plugin['account_password']
  61 + end
  62 +
  63 + should 'ldap_plugin_account_password return the defined ldap account password' do
  64 + value = 'password'
  65 + @enviroment.ldap_plugin_account_password= value
  66 + assert_equal value, @enviroment.ldap_plugin_account_password
  67 + end
  68 +
  69 + should 'ldap_plugin_base_dn= define the ldap base_dn' do
  70 + value = 'dc=company,dc=com,dc=br'
  71 + @enviroment.ldap_plugin_base_dn= value
  72 + assert_equal value, @enviroment.ldap_plugin['base_dn']
  73 + end
  74 +
  75 + should 'ldap_plugin_base_dn return the defined ldap base_dn' do
  76 + value = 'dc=company,dc=com,dc=br'
  77 + @enviroment.ldap_plugin_base_dn= value
  78 + assert_equal value, @enviroment.ldap_plugin_base_dn
  79 + end
  80 +
  81 + should 'ldap_plugin_attr_login= define the ldap attr_login' do
  82 + value = 'uid'
  83 + @enviroment.ldap_plugin_attr_login= value
  84 + assert_equal value, @enviroment.ldap_plugin['attr_login']
  85 + end
  86 +
  87 + should 'ldap_plugin_attr_login return the defined ldap attr_login' do
  88 + value = 'uid'
  89 + @enviroment.ldap_plugin_attr_login= value
  90 + assert_equal value, @enviroment.ldap_plugin_attr_login
  91 + end
  92 +
  93 + should 'ldap_plugin_attr_fullname= define the ldap attr_fullname' do
  94 + value = 'Noosfero System'
  95 + @enviroment.ldap_plugin_attr_fullname= value
  96 + assert_equal value, @enviroment.ldap_plugin['attr_fullname']
  97 + end
  98 +
  99 + should 'ldap_plugin_attr_fullname return the defined ldap attr_fullname' do
  100 + value = 'uid'
  101 + @enviroment.ldap_plugin_attr_fullname= value
  102 + assert_equal value, @enviroment.ldap_plugin_attr_fullname
  103 + end
  104 +
  105 +
  106 + should 'ldap_plugin_attr_mail= define the ldap attr_mail' do
  107 + value = 'test@noosfero.com'
  108 + @enviroment.ldap_plugin_attr_mail= value
  109 + assert_equal value, @enviroment.ldap_plugin['attr_mail']
  110 + end
  111 +
  112 + should 'ldap_plugin_attr_mail return the defined ldap attr_mail' do
  113 + value = 'test@noosfero.com'
  114 + @enviroment.ldap_plugin_attr_mail= value
  115 + assert_equal value, @enviroment.ldap_plugin_attr_mail
  116 + end
  117 +
  118 + should 'ldap_plugin_onthefly_register= define the ldap onthefly_register' do
  119 + value = '1'
  120 + @enviroment.ldap_plugin_onthefly_register= value
  121 + assert @enviroment.ldap_plugin['onthefly_register']
  122 + end
  123 +
  124 + should 'ldap_plugin_onthefly_register return true if ldap onthefly_register variable is defined as true' do
  125 + value = '1'
  126 + @enviroment.ldap_plugin_onthefly_register= value
  127 + assert @enviroment.ldap_plugin_onthefly_register
  128 + end
  129 +
  130 + should 'ldap_plugin_onthefly_register return false if ldap onthefly_register variable is defined as false' do
  131 + value = '0'
  132 + @enviroment.ldap_plugin_onthefly_register= value
  133 + assert !@enviroment.ldap_plugin_onthefly_register
  134 + end
  135 +
  136 + should 'ldap_plugin_filter= define the ldap filter' do
  137 + value = 'test'
  138 + @enviroment.ldap_plugin_filter= value
  139 + assert_equal value, @enviroment.ldap_plugin['filter']
  140 + end
  141 +
  142 + should 'ldap_plugin_filter return the defined ldap filter' do
  143 + value = 'test'
  144 + @enviroment.ldap_plugin_filter= value
  145 + assert_equal value, @enviroment.ldap_plugin_filter
  146 + end
  147 +
  148 + should 'ldap_plugin_tls= define the ldap tls' do
  149 + value = '1'
  150 + @enviroment.ldap_plugin_tls= value
  151 + assert @enviroment.ldap_plugin['tls']
  152 + end
  153 +
  154 + should 'tls return true if ldap tls variable is defined as true' do
  155 + value = '1'
  156 + @enviroment.ldap_plugin_tls= value
  157 + assert @enviroment.ldap_plugin_tls
  158 + end
  159 +
  160 + should 'tls return false if ldap tls variable is defined as false' do
  161 + value = '0'
  162 + @enviroment.ldap_plugin_tls= value
  163 + assert !@enviroment.ldap_plugin_tls
  164 + end
  165 +
  166 + should 'validates presence of host' do
  167 + @enviroment.ldap_plugin= {:port => 3000}
  168 + @enviroment.valid?
  169 +
  170 + assert @enviroment.errors.invalid?(:ldap_plugin_host)
  171 +
  172 + @enviroment.ldap_plugin_host= "http://somehost.com"
  173 + @enviroment.valid?
  174 + assert !@enviroment.errors.invalid?(:ldap_plugin_host)
  175 + end
  176 +
  177 + should 'validates presence of host only if some ldap configuration is defined' do
  178 + @enviroment.valid?
  179 + assert !@enviroment.errors.invalid?(:ldap_plugin_host)
  180 +
  181 + @enviroment.ldap_plugin= {:port => 3000}
  182 + @enviroment.valid?
  183 + assert @enviroment.errors.invalid?(:ldap_plugin_host)
  184 + end
  185 +
  186 +end
... ...
plugins/ldap/test/unit/ldap_authentication_test.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,180 @@
  1 +require File.dirname(__FILE__) + '/../test_helper'
  2 +
  3 +class LdapAuthenticationTest < ActiveSupport::TestCase
  4 +
  5 + def setup
  6 + @ldap_config = load_ldap_config
  7 + end
  8 +
  9 + should "host be nil as default" do
  10 + ldap = LdapAuthentication.new
  11 + assert_nil ldap.host
  12 + end
  13 +
  14 + should "create with host passed as parameter" do
  15 + value = 'http://myhost.com'
  16 + ldap = LdapAuthentication.new('host' => value)
  17 + assert_equal value, ldap.host
  18 + end
  19 +
  20 + should "port be 389 as default" do
  21 + ldap = LdapAuthentication.new
  22 + assert_equal 389, ldap.port
  23 + end
  24 +
  25 + should "create with port passed as parameter" do
  26 + value = 555
  27 + ldap = LdapAuthentication.new('port' => value)
  28 + assert_equal value, ldap.port
  29 + end
  30 +
  31 + should "account be nil as default" do
  32 + ldap = LdapAuthentication.new
  33 + assert_nil ldap.account
  34 + end
  35 +
  36 + should "create with account passed as parameter" do
  37 + value = 'uid=sector,ou=Service,ou=corp,dc=company,dc=com,dc=br'
  38 + ldap = LdapAuthentication.new('account' => value)
  39 + assert_equal value, ldap.account
  40 + end
  41 +
  42 + should "account_password be nil as default" do
  43 + ldap = LdapAuthentication.new
  44 + assert_nil ldap.account_password
  45 + end
  46 +
  47 + should "create with account_password passed as parameter" do
  48 + value = 'password'
  49 + ldap = LdapAuthentication.new('account_password' => value)
  50 + assert_equal value, ldap.account_password
  51 + end
  52 +
  53 + should "base_dn be nil as default" do
  54 + ldap = LdapAuthentication.new
  55 + assert_nil ldap.base_dn
  56 + end
  57 +
  58 + should "create with base_dn passed as parameter" do
  59 + value = 'dc=company,dc=com,dc=br'
  60 + ldap = LdapAuthentication.new('base_dn' => value)
  61 + assert_equal value, ldap.base_dn
  62 + end
  63 +
  64 + should "attr_login be nil as default" do
  65 + ldap = LdapAuthentication.new
  66 + assert_nil ldap.attr_login
  67 + end
  68 +
  69 + should "create with attr_login passed as parameter" do
  70 + value = 'uid'
  71 + ldap = LdapAuthentication.new('attr_login' => value)
  72 + assert_equal value, ldap.attr_login
  73 + end
  74 +
  75 + should "attr_fullname be nil as default" do
  76 + ldap = LdapAuthentication.new
  77 + assert_nil ldap.attr_fullname
  78 + end
  79 +
  80 + should "create with attr_fullname passed as parameter" do
  81 + value = 'Noosfero System'
  82 + ldap = LdapAuthentication.new('attr_fullname' => value)
  83 + assert_equal value, ldap.attr_fullname
  84 + end
  85 +
  86 + should "attr_mail be nil as default" do
  87 + ldap = LdapAuthentication.new
  88 + assert_nil ldap.attr_mail
  89 + end
  90 +
  91 + should "create with attr_mail passed as parameter" do
  92 + value = 'test@noosfero.com'
  93 + ldap = LdapAuthentication.new('attr_mail' => value)
  94 + assert_equal value, ldap.attr_mail
  95 + end
  96 +
  97 + should "onthefly_register be false as default" do
  98 + ldap = LdapAuthentication.new
  99 + assert !ldap.onthefly_register
  100 + end
  101 +
  102 + should "create with onthefly_register passed as parameter" do
  103 + value = true
  104 + ldap = LdapAuthentication.new('onthefly_register' => value)
  105 + assert_equal value, ldap.onthefly_register
  106 + end
  107 +
  108 + should "filter be nil as default" do
  109 + ldap = LdapAuthentication.new
  110 + assert_nil ldap.filter
  111 + end
  112 +
  113 + should "create with filter passed as parameter" do
  114 + value = 'test'
  115 + ldap = LdapAuthentication.new('filter' => value)
  116 + assert_equal value, ldap.filter
  117 + end
  118 +
  119 + should "tls be false as default" do
  120 + ldap = LdapAuthentication.new
  121 + assert !ldap.tls
  122 + end
  123 +
  124 + should "create with tls passed as parameter" do
  125 + value = true
  126 + ldap = LdapAuthentication.new('tls' => value)
  127 + assert_equal value, ldap.tls
  128 + end
  129 +
  130 + should "onthefly_register? return true if onthefly_register is true" do
  131 + ldap = LdapAuthentication.new('onthefly_register' => true)
  132 + assert ldap.onthefly_register?
  133 + end
  134 +
  135 + should "onthefly_register? return false if onthefly_register is false" do
  136 + ldap = LdapAuthentication.new('onthefly_register' => false)
  137 + assert !ldap.onthefly_register?
  138 + end
  139 +
  140 + if ldap_configured?
  141 + should 'return the user attributes' do
  142 + auth = LdapAuthentication.new(@ldap_config['server'])
  143 + attributes = auth.authenticate(@ldap_config['user']['login'],@ldap_config['user']['password'])
  144 + assert attributes.is_a?(Hash), "An hash was not returned"
  145 + assert_not_nil attributes[:fullname]
  146 + assert_not_nil attributes[:mail]
  147 + end
  148 +
  149 + should 'return nil with a invalid ldap user' do
  150 + auth = LdapAuthentication.new(@ldap_config['server'])
  151 + assert_equal nil, auth.authenticate('nouser','123456')
  152 + end
  153 +
  154 + should 'return nil without a login' do
  155 + auth = LdapAuthentication.new(@ldap_config['server'])
  156 + assert_equal nil, auth.authenticate('', @ldap_config['user']['password'])
  157 + end
  158 +
  159 + should 'return nil without a password' do
  160 + auth = LdapAuthentication.new(@ldap_config['server'])
  161 + assert_equal nil, auth.authenticate(@ldap_config['user']['login'],'')
  162 + end
  163 +
  164 + should 'return any user without filter' do
  165 + auth = LdapAuthentication.new(@ldap_config['server'])
  166 + assert auth.authenticate(@ldap_config['user']['login'], @ldap_config['user']['password'])
  167 + end
  168 +
  169 + should 'not return a valid ldap user if a filter is defined' do
  170 + auth = LdapAuthentication.new(@ldap_config['server'])
  171 + auth.filter = '(mail=*@test.org)'
  172 + assert_nil auth.authenticate(@ldap_config['user']['login'], @ldap_config['user']['password'])
  173 + end
  174 +
  175 + else
  176 + puts LDAP_SERVER_ERROR_MESSAGE
  177 + end
  178 +
  179 +
  180 +end
... ...
plugins/ldap/test/unit/ldap_plugin_test.rb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,15 @@
  1 +require File.dirname(__FILE__) + '/../../../../test/test_helper'
  2 +
  3 +class LdapPluginTest < ActiveSupport::TestCase
  4 +
  5 + should "not allow user registration" do
  6 + plugin = LdapPlugin.new
  7 + assert !plugin.allow_user_registration
  8 + end
  9 +
  10 + should "not allow password recovery" do
  11 + plugin = LdapPlugin.new
  12 + assert !plugin.allow_password_recovery
  13 + end
  14 +
  15 +end
... ...
plugins/ldap/views/ldap_plugin_admin/index.html.erb 0 → 100644
  Diff comments   View file @d711beb
... ... @@ -0,0 +1,69 @@
  1 +<h1><%= _("Ldap Management") %> </h1>
  2 +
  3 +<% labelled_form_for(:environment, @environment, :url => {:action => 'update'}) do |f| %>
  4 +
  5 +<table>
  6 + <tr>
  7 + <th><%= _('Configuration') %></th>
  8 + <th><%= _('Value') %></th>
  9 + </tr>
  10 + <tr>
  11 + <td><%= _('Host') %></td>
  12 + <td><%= text_field :environment, :ldap_plugin_host %></td>
  13 + </tr>
  14 + <tr>
  15 + <td><%= _('Port') %></td>
  16 + <td><%= text_field :environment, :ldap_plugin_port %></td>
  17 + </tr>
  18 + <tr>
  19 + <td><%= _('Account') %></td>
  20 + <td><%= text_field :environment, :ldap_plugin_account %></td>
  21 + </tr>
  22 + <tr>
  23 + <td><%= _('Account Password') %></td>
  24 + <td><%= password_field :environment, :ldap_plugin_account_password %></td>
  25 + </tr>
  26 + <tr>
  27 + <td><%= _('Base DN') %></td>
  28 + <td><%= text_field :environment, :ldap_plugin_base_dn %></td>
  29 + </tr>
  30 + <tr>
  31 + <td><%= _('LDAP Filter') %></td>
  32 + <td><%= text_field :environment, :ldap_plugin_filter %></td>
  33 + </tr>
  34 + <tr>
  35 + <td><%= _('On the fly creation') %></td>
  36 + <td><%= check_box :environment, :ldap_plugin_onthefly_register, {}, '1', '0' %></td>
  37 + </tr>
  38 + <tr>
  39 + <td><%= _('LDAPS') %></td>
  40 + <td><%= check_box :environment, :ldap_plugin_tls, {}, '1', '0' %></td>
  41 + </tr>
  42 +</table>
  43 +
  44 +<table>
  45 + <tr>
  46 + <th colspan='2'> <%= _('Attributes') %> </th>
  47 + </tr>
  48 + <tr>
  49 + <td><%= _('Login') %></td>
  50 + <td><%= text_field :environment, :ldap_plugin_attr_login %></td>
  51 + </tr>
  52 + <tr>
  53 + <td><%= _('Fullname') %></td>
  54 + <td><%= text_field :environment, :ldap_plugin_attr_fullname %></td>
  55 + </tr>
  56 + <tr>
  57 + <td><%= _('Mail') %></td>
  58 + <td><%= text_field :environment, :ldap_plugin_attr_mail %></td>
  59 + </tr>
  60 +</table>
  61 +
  62 +<div>
  63 + <% button_bar do %>
  64 + <%= submit_button('save', _('Save changes')) %>
  65 + <%= button :back, _('Back to plugins administration panel'), :controller => 'plugins' %>
  66 + <% end %>
  67 +</div>
  68 +
  69 +<% end %>
... ...