ldap_authentication_test.rb 6.18 KB
Edit Raw Blame History Permalink



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217


# encoding: UTF-8
require File.dirname(__FILE__) + '/../test_helper'

class LdapAuthenticationTest < ActiveSupport::TestCase

  def pseudoEntry(data)
    entry = data.clone
    def entry.dn; 'testDN'; end
    entry
  end

  def setup
    @ldap_config = load_ldap_config
  end

  should 'host be nil as default' do
    ldap = LdapAuthentication.new
    assert_nil ldap.host
  end

  should 'create with host passed as parameter' do
    value = 'http://myhost.com'
    ldap = LdapAuthentication.new('host' => value)
    assert_equal value, ldap.host
  end

  should 'port be 389 as default' do
    ldap = LdapAuthentication.new
    assert_equal 389, ldap.port
  end

  should 'create with port passed as parameter' do
    value = 555
    ldap = LdapAuthentication.new('port' => value)
    assert_equal value, ldap.port
  end

  should 'account be nil as default' do
    ldap = LdapAuthentication.new
    assert_nil ldap.account
  end

  should 'create with account passed as parameter' do
    value = 'uid=sector,ou=Service,ou=corp,dc=company,dc=com,dc=br'
    ldap = LdapAuthentication.new('account' => value)
    assert_equal value, ldap.account
  end

  should 'account_password be nil as default' do
    ldap = LdapAuthentication.new
    assert_nil ldap.account_password
  end

  should 'create with account_password passed as parameter' do
    value = 'password'
    ldap = LdapAuthentication.new('account_password' => value)
    assert_equal value, ldap.account_password
  end

  should 'base_dn be nil as default' do
    ldap = LdapAuthentication.new
    assert_nil ldap.base_dn
  end

  should 'create with base_dn passed as parameter' do
    value = 'dc=company,dc=com,dc=br'
    ldap = LdapAuthentication.new('base_dn' => value)
    assert_equal value, ldap.base_dn
  end

  should 'attr_login be nil as default' do
    ldap = LdapAuthentication.new
    assert_nil ldap.attr_login
  end

  should 'create with attr_login passed as parameter' do
    value = 'uid'
    ldap = LdapAuthentication.new('attr_login' => value)
    assert_equal value, ldap.attr_login
  end

  should 'attr_fullname be nil as default' do
    ldap = LdapAuthentication.new
    assert_nil ldap.attr_fullname
  end

  should 'create with attr_fullname passed as parameter' do
    value = 'Noosfero System'
    ldap = LdapAuthentication.new('attr_fullname' => value)
    assert_equal value, ldap.attr_fullname
  end

  should 'attr_mail be nil as default' do
    ldap = LdapAuthentication.new
    assert_nil ldap.attr_mail
  end

  should 'create with attr_mail passed as parameter' do
    value = 'test@noosfero.com'
    ldap = LdapAuthentication.new('attr_mail' => value)
    assert_equal value, ldap.attr_mail
  end

  should 'onthefly_register be false as default' do
    ldap = LdapAuthentication.new
    refute ldap.onthefly_register
  end

  should 'create with onthefly_register passed as parameter' do
    value = true
    ldap = LdapAuthentication.new('onthefly_register' => value)
    assert_equal value, ldap.onthefly_register
  end

  should 'filter be nil as default' do
    ldap = LdapAuthentication.new
    assert_nil ldap.filter
  end

  should 'create with filter passed as parameter' do
    value = 'test'
    ldap = LdapAuthentication.new('filter' => value)
    assert_equal value, ldap.filter
  end

  should 'tls be false as default' do
    ldap = LdapAuthentication.new
    refute ldap.tls
  end

  should 'create with tls passed as parameter' do
    value = true
    ldap = LdapAuthentication.new('tls' => value)
    assert_equal value, ldap.tls
  end

  should 'onthefly_register? return true if onthefly_register is true' do
    ldap = LdapAuthentication.new('onthefly_register' => true)
    assert ldap.onthefly_register?
  end

  should 'onthefly_register? return false if onthefly_register is false' do
    ldap = LdapAuthentication.new('onthefly_register' => false)
    refute ldap.onthefly_register?
  end

  should 'detect and convert non utf-8 charset from ldap' do
    entry = pseudoEntry('name' => "Jos\xE9 Jo\xE3o")
    name = LdapAuthentication.get_attr entry, 'name'
    assert_equal name, 'José João'
  end

  should 'dont crash when entry key is empty string' do
    entry = pseudoEntry('name' => "")
    name = LdapAuthentication.get_attr entry, 'name'
    assert_equal name, ''
  end

  should 'dont crash when entry key has only a space char' do
    entry = pseudoEntry('name' => " ")
    name = LdapAuthentication.get_attr entry, 'name'
    assert_equal name, ''
  end

  should 'dont crash when entry key is nil' do
    entry = pseudoEntry('name' => nil)
    name = LdapAuthentication.get_attr entry, 'name'
    assert_equal name, nil
  end

  should 'dont crash when entry key does not exists' do
    entry = pseudoEntry({})
    name = LdapAuthentication.get_attr entry, 'name'
    assert_equal name, nil
  end

  if ldap_configured?
    should 'return the user attributes' do
      auth = LdapAuthentication.new(@ldap_config['server'])
      attributes =  auth.authenticate(@ldap_config['user']['login'],@ldap_config['user']['password'])
      assert attributes.is_a?(Hash), "An hash was not returned"
      assert_not_nil attributes[:fullname]
      assert_not_nil attributes[:mail]
    end

    should 'return nil with a invalid ldap user' do
      auth = LdapAuthentication.new(@ldap_config['server'])
      assert_equal nil, auth.authenticate('nouser','123456')
    end

    should 'return nil without a login' do
      auth = LdapAuthentication.new(@ldap_config['server'])
      assert_equal nil, auth.authenticate('', @ldap_config['user']['password'])
    end

    should 'return nil without a password' do
      auth = LdapAuthentication.new(@ldap_config['server'])
      assert_equal nil, auth.authenticate(@ldap_config['user']['login'],'')
    end

    should 'return any user without filter' do
      auth = LdapAuthentication.new(@ldap_config['server'])
      assert auth.authenticate(@ldap_config['user']['login'], @ldap_config['user']['password'])
    end

    should 'not return a valid ldap user if a filter is defined' do
      auth = LdapAuthentication.new(@ldap_config['server'])
      auth.filter = '(mail=*@test.org)'
      assert_nil auth.authenticate(@ldap_config['user']['login'], @ldap_config['user']['password'])
    end

  else
    puts LDAP_SERVER_ERROR_MESSAGE
  end


end