diff options
| author | zeripath <art27@cantab.net> | 2021-07-22 15:24:21 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-07-22 17:24:21 +0300 |
| commit | 0b06b2019f3b09f44c1cb045b90cd6a0ab649b1b (patch) | |
| tree | 6a716cfb9da7f108051447887bd2f9fd6124e305 /integrations | |
| parent | 057205a4b7c3aab8c75525e92678123f84ca88b1 (diff) | |
| download | gitea-0b06b2019f3b09f44c1cb045b90cd6a0ab649b1b.tar.gz gitea-0b06b2019f3b09f44c1cb045b90cd6a0ab649b1b.zip | |
Add basic edit ldap auth test & actually fix #16252 (#16465) (#16494)v1.15.0-rc2
Backport #16465
One of the reasons why #16447 was needed and why #16268 was needed in
the first place was because it appears that editing ldap configuration
doesn't get tested.
This PR therefore adds a basic test that will run the edit pipeline.
In doing so it's now clear that #16447 and #16268 aren't actually
solving #16252. It turns out that what actually happens is that is that
the bytes are actually double encoded.
This PR now changes the json unmarshal wrapper to handle this double
encode.
Fix #16252
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Diffstat (limited to 'integrations')
| -rw-r--r-- | integrations/auth_ldap_test.go | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/integrations/auth_ldap_test.go b/integrations/auth_ldap_test.go index 4d82c092e7..59f5195123 100644 --- a/integrations/auth_ldap_test.go +++ b/integrations/auth_ldap_test.go @@ -144,6 +144,60 @@ func TestLDAPUserSignin(t *testing.T) { assert.Equal(t, u.Email, htmlDoc.Find(`label[for="email"]`).Siblings().First().Text()) } +func TestLDAPAuthChange(t *testing.T) { + defer prepareTestEnv(t)() + addAuthSourceLDAP(t, "") + + session := loginUser(t, "user1") + req := NewRequest(t, "GET", "/admin/auths") + resp := session.MakeRequest(t, req, http.StatusOK) + doc := NewHTMLParser(t, resp.Body) + href, exists := doc.Find("table.table td a").Attr("href") + if !exists { + assert.True(t, exists, "No authentication source found") + return + } + + req = NewRequest(t, "GET", href) + resp = session.MakeRequest(t, req, http.StatusOK) + doc = NewHTMLParser(t, resp.Body) + csrf := doc.GetCSRF() + host, _ := doc.Find(`input[name="host"]`).Attr("value") + assert.Equal(t, host, getLDAPServerHost()) + binddn, _ := doc.Find(`input[name="bind_dn"]`).Attr("value") + assert.Equal(t, binddn, "uid=gitea,ou=service,dc=planetexpress,dc=com") + + req = NewRequestWithValues(t, "POST", href, map[string]string{ + "_csrf": csrf, + "type": "2", + "name": "ldap", + "host": getLDAPServerHost(), + "port": "389", + "bind_dn": "uid=gitea,ou=service,dc=planetexpress,dc=com", + "bind_password": "password", + "user_base": "ou=people,dc=planetexpress,dc=com", + "filter": "(&(objectClass=inetOrgPerson)(memberOf=cn=git,ou=people,dc=planetexpress,dc=com)(uid=%s))", + "admin_filter": "(memberOf=cn=admin_staff,ou=people,dc=planetexpress,dc=com)", + "restricted_filter": "(uid=leela)", + "attribute_username": "uid", + "attribute_name": "givenName", + "attribute_surname": "sn", + "attribute_mail": "mail", + "attribute_ssh_public_key": "", + "is_sync_enabled": "on", + "is_active": "on", + }) + session.MakeRequest(t, req, http.StatusFound) + + req = NewRequest(t, "GET", href) + resp = session.MakeRequest(t, req, http.StatusOK) + doc = NewHTMLParser(t, resp.Body) + host, _ = doc.Find(`input[name="host"]`).Attr("value") + assert.Equal(t, host, getLDAPServerHost()) + binddn, _ = doc.Find(`input[name="bind_dn"]`).Attr("value") + assert.Equal(t, binddn, "uid=gitea,ou=service,dc=planetexpress,dc=com") +} + func TestLDAPUserSync(t *testing.T) { if skipLDAPTests() { t.Skip() |