mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
54349 Commits
417 Branches
Tree: 153337a5be
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '153337a5be'
${ noResults }
nextcloud/build/integration/ldap_features/ldap-openldap.feature

ldap-openldap.feature 6.6KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171 
  1. Feature: LDAP

  2.   Background:

  3.     Given using api version "2"

  4.     And having a valid LDAP configuration

  5. 

  6.   Scenario: Test valid configuration by logging in

  7.     Given Logging in using web as "alice"

  8.     And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken

  9.     Then the HTTP status code should be "200"

  10. 

  11.   Scenario: Test valid configuration with port in the hostname by logging in

  12.     Given modify LDAP configuration

  13.       | ldapHost | openldap:389 |

  14.     And cookies are reset

  15.     And Logging in using web as "alice"

  16.     And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken

  17.     Then the HTTP status code should be "200"

  18. 

  19.   Scenario: Test valid configuration with LDAP protocol by logging in

  20.     Given modify LDAP configuration

  21.       | ldapHost | ldap://openldap |

  22.     And cookies are reset

  23.     And Logging in using web as "alice"

  24.     And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken

  25.     Then the HTTP status code should be "200"

  26. 

  27.   Scenario: Test valid configuration with LDAP protocol and port by logging in

  28.     Given modify LDAP configuration

  29.       | ldapHost | ldap://openldap:389 |

  30.     And cookies are reset

  31.     And Logging in using web as "alice"

  32.     And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken

  33.     Then the HTTP status code should be "200"

  34. 

  35.   Scenario: Look for a known LDAP user

  36.     Given As an "admin"

  37.     And sending "GET" to "/cloud/users?search=alice"

  38.     Then the OCS status code should be "200"

  39.     And looking up details for the first result matches expectations

  40.       | email           | alice@nextcloud.ci |

  41.       | displayname     | Alice              |

  42. 

  43.   Scenario: Test group filter with one specific group

  44.     Given modify LDAP configuration

  45.       | ldapGroupFilter          | cn=RedGroup |

  46.       | ldapGroupMemberAssocAttr | member |

  47.       | ldapBaseGroups           | ou=Groups,ou=Ordinary,dc=nextcloud,dc=ci  |

  48.     And As an "admin"

  49.     And sending "GET" to "/cloud/groups"

  50.     Then the OCS status code should be "200"

  51.     And the "groups" result should match

  52.       | RedGroup     | 1 |

  53.       | GreenGroup   | 0 |

  54.       | BlueGroup    | 0 |

  55.       | PurpleGroup  | 0 |

  56. 

  57.   Scenario: Test group filter with two specific groups

  58.     Given modify LDAP configuration

  59.       | ldapGroupFilter          | (\|(cn=RedGroup)(cn=GreenGroup)) |

  60.       | ldapGroupMemberAssocAttr | member |

  61.       | ldapBaseGroups           | ou=Groups,ou=Ordinary,dc=nextcloud,dc=ci |

  62.     And As an "admin"

  63.     And sending "GET" to "/cloud/groups"

  64.     Then the OCS status code should be "200"

  65.     And the "groups" result should match

  66.       | RedGroup     | 1 |

  67.       | GreenGroup   | 1 |

  68.       | BlueGroup    | 0 |

  69.       | PurpleGroup  | 0 |

  70. 

  71.   Scenario: Test group filter ruling out a group from a different base

  72.     Given modify LDAP configuration

  73.       | ldapGroupFilter          | (objectClass=groupOfNames) |

  74.       | ldapGroupMemberAssocAttr | member |

  75.       | ldapBaseGroups           | ou=Groups,ou=Ordinary,dc=nextcloud,dc=ci |

  76.     And As an "admin"

  77.     And sending "GET" to "/cloud/groups"

  78.     Then the OCS status code should be "200"

  79.     And the "groups" result should match

  80.       | RedGroup     | 1 |

  81.       | GreenGroup   | 1 |

  82.       | BlueGroup    | 1 |

  83.       | PurpleGroup  | 1 |

  84.       | SquareGroup  | 0 |

  85. 

  86.   Scenario: Test backup server

  87.     Given modify LDAP configuration

  88.       | ldapBackupHost | openldap |

  89.       | ldapBackupPort | 389      |

  90.       | ldapHost       | foo.bar  |

  91.       | ldapPort       | 2456     |

  92.     And Logging in using web as "alice"

  93.     Then the HTTP status code should be "200"

  94. 

  95.   Scenario: Test backup server offline

  96.     Given modify LDAP configuration

  97.       | ldapBackupHost | off.line |

  98.       | ldapBackupPort | 3892     |

  99.       | ldapHost       | foo.bar  |

  100.       | ldapPort       | 2456     |

  101.     Then Expect ServerException on failed web login as "alice"

  102. 

  103.   Scenario: Test LDAP server offline, no backup server

  104.     Given modify LDAP configuration

  105.       | ldapHost       | foo.bar  |

  106.       | ldapPort       | 2456     |

  107.     Then Expect ServerException on failed web login as "alice"

  108. 

  109.   Scenario: Test LDAP group membership with intermediate groups not matching filter

  110.     Given modify LDAP configuration

  111.       | ldapBaseGroups                | ou=OtherGroups,dc=nextcloud,dc=ci |

  112.       | ldapGroupFilter               | (&(cn=Gardeners)(objectclass=groupOfNames)) |

  113.       | ldapNestedGroups              | 1 |

  114.       | useMemberOfToDetectMembership | 1 |

  115.       | ldapUserFilter                | (&(objectclass=inetorgperson)(!(uid=alice))) |

  116.       | ldapExpertUsernameAttr        | uid |

  117.       | ldapGroupMemberAssocAttr      | member |

  118.     And As an "admin"

  119.     # for population

  120.     And sending "GET" to "/cloud/groups"

  121.     And sending "GET" to "/cloud/groups/Gardeners/users"

  122.     Then the OCS status code should be "200"

  123.     And the "users" result should match

  124.       | alice  | 0 |

  125.       | clara  | 1 |

  126.       | elisa  | 1 |

  127.       | gustaf | 1 |

  128.       | jesper | 1 |

  129. 

  130.   Scenario: Test LDAP group membership with intermediate groups not matching filter and without memberof

  131.     Given modify LDAP configuration

  132.       | ldapBaseGroups                | ou=OtherGroups,dc=nextcloud,dc=ci |

  133.       | ldapGroupFilter               | (&(cn=Gardeners)(objectclass=groupOfNames)) |

  134.       | ldapNestedGroups              | 1 |

  135.       | useMemberOfToDetectMembership | 0 |

  136.       | ldapUserFilter                | (&(objectclass=inetorgperson)(!(uid=alice))) |

  137.       | ldapExpertUsernameAttr        | uid |

  138.       | ldapGroupMemberAssocAttr      | member |

  139.     And As an "admin"

  140.     # for population

  141.     And sending "GET" to "/cloud/groups"

  142.     And sending "GET" to "/cloud/groups/Gardeners/users"

  143.     Then the OCS status code should be "200"

  144.     And the "users" result should match

  145.       | alice  | 0 |

  146.       | clara  | 1 |

  147.       | elisa  | 1 |

  148.       | gustaf | 1 |

  149.       | jesper | 1 |

  150. 

  151.   Scenario: Test LDAP group membership with intermediate groups not matching filter, numeric group ids

  152.     Given modify LDAP configuration

  153.       | ldapBaseGroups                | ou=NumericGroups,dc=nextcloud,dc=ci |

  154.       | ldapGroupFilter               | (&(cn=2000)(objectclass=groupOfNames)) |

  155.       | ldapNestedGroups              | 1 |

  156.       | useMemberOfToDetectMembership | 1 |

  157.       | ldapUserFilter                | (&(objectclass=inetorgperson)(!(uid=alice))) |

  158.       | ldapExpertUsernameAttr        | uid |

  159.       | ldapGroupMemberAssocAttr      | member |

  160.     And As an "admin"

  161.     # for population

  162.     And sending "GET" to "/cloud/groups"

  163.     And sending "GET" to "/cloud/groups/2000/users"

  164.     Then the OCS status code should be "200"

  165.     And the "users" result should match

  166.       | alice  | 0 |

  167.       | clara  | 1 |

  168.       | elisa  | 1 |

  169.       | gustaf | 1 |

  170.       | jesper | 1 |