path: root/apps/user_ldap/tests
diff options
authorArthur Schiwon <>2015-06-29 16:01:06 +0200
committerArthur Schiwon <>2015-06-30 12:52:27 +0200
commit663cd7af4d2aa4cd715972885bf32ed29aa9f375 (patch)
treec393875a4d19212539138392f62c1a8cb26bbad3 /apps/user_ldap/tests
parent8625a8cf23f1583bd84778d46383f46e86469955 (diff)
integration test
Diffstat (limited to 'apps/user_ldap/tests')
5 files changed, 331 insertions, 0 deletions
diff --git a/apps/user_ldap/tests/integration/lib/IntegrationTestAccessGroupsMatchFilter.php b/apps/user_ldap/tests/integration/lib/IntegrationTestAccessGroupsMatchFilter.php
new file mode 100644
index 00000000000..6560153bb63
--- /dev/null
+++ b/apps/user_ldap/tests/integration/lib/IntegrationTestAccessGroupsMatchFilter.php
@@ -0,0 +1,158 @@
+ * Created by PhpStorm.
+ * User: blizzz
+ * Date: 26.06.15
+ * Time: 18:13
+ */
+use OCA\user_ldap\lib\LDAP;
+require_once __DIR__ . '/../../../../../lib/base.php';
+class IntegrationTestAccessGroupsMatchFilter {
+ /** @var LDAP */
+ protected $ldap;
+ /** @var \OCA\user_ldap\lib\Connection */
+ protected $connection;
+ /** @var \OCA\user_ldap\lib\Access */
+ protected $access;
+ /** @var string */
+ protected $base;
+ /** @var string[] */
+ protected $server;
+ public function __construct($host, $port, $bind, $pwd, $base) {
+ $this->base = $base;
+ $this->server = [
+ 'host' => $host,
+ 'port' => $port,
+ 'dn' => $bind,
+ 'pwd' => $pwd
+ ];
+ }
+ /**
+ * prepares the LDAP environement and sets up a test configuration for
+ * the LDAP backend.
+ */
+ public function init() {
+ require('setup-scripts/createExplicitUsers.php');
+ require('setup-scripts/createExplicitGroups.php');
+ $this->initLDAPWrapper();
+ $this->initConnection();
+ $this->initAccess();
+ }
+ /**
+ * runs the test cases while outputting progress and result information
+ *
+ * If a test failed, the script is exited with return code 1.
+ */
+ public function run() {
+ $cases = ['case1', 'case2'];
+ foreach ($cases as $case) {
+ print("running $case " . PHP_EOL);
+ if (!$this->$case()) {
+ print(PHP_EOL . '>>> !!! Test ' . $case . ' FAILED !!! <<<' . PHP_EOL . PHP_EOL);
+ exit(1);
+ }
+ }
+ print('Tests succeeded' . PHP_EOL);
+ }
+ /**
+ * tests whether the group filter works with one specific group, while the
+ * input is the same.
+ *
+ * @return bool
+ */
+ private function case1() {
+ $this->connection->setConfiguration(['ldapGroupFilter' => 'cn=RedGroup']);
+ $dns = ['cn=RedGroup,ou=Groups,' . $this->base];
+ $result = $this->access->groupsMatchFilter($dns);
+ return ($dns === $result);
+ }
+ /**
+ * Tests whether a filter for limited groups is effective when more existing
+ * groups were passed for validation.
+ *
+ * @return bool
+ */
+ private function case2() {
+ $this->connection->setConfiguration(['ldapGroupFilter' => '(|(cn=RedGroup)(cn=PurpleGroup))']);
+ $dns = [
+ 'cn=RedGroup,ou=Groups,' . $this->base,
+ 'cn=BlueGroup,ou=Groups,' . $this->base,
+ 'cn=PurpleGroup,ou=Groups,' . $this->base
+ ];
+ $result = $this->access->groupsMatchFilter($dns);
+ $status =
+ count($result) === 2
+ && in_array('cn=RedGroup,ou=Groups,' . $this->base, $result)
+ && in_array('cn=PurpleGroup,ou=Groups,' . $this->base, $result);
+ return $status;
+ }
+ /**
+ * initializes the Access test instance
+ */
+ private function initAccess() {
+ $this->access = new \OCA\user_ldap\lib\Access($this->connection, $this->ldap, new FakeManager());
+ }
+ /**
+ * initializes the test LDAP wrapper
+ */
+ private function initLDAPWrapper() {
+ $this->ldap = new LDAP();
+ }
+ /**
+ * sets up the LDAP configuration to be used for the test
+ */
+ private function initConnection() {
+ $this->connection = new \OCA\user_ldap\lib\Connection($this->ldap, '', null);
+ $this->connection->setConfiguration([
+ 'ldapHost' => $this->server['host'],
+ 'ldapPort' => $this->server['port'],
+ 'ldapBase' => $this->base,
+ 'ldapAgentName' => $this->server['dn'],
+ 'ldapAgentPassword' => $this->server['pwd'],
+ 'ldapUserFilter' => 'objectclass=inetOrgPerson',
+ 'ldapUserDisplayName' => 'displayName',
+ 'ldapGroupDisplayName' => 'cn',
+ 'ldapLoginFilter' => 'uid=%uid',
+ 'ldapCacheTTL' => 0,
+ 'ldapConfigurationActive' => 1,
+ ]);
+ }
+ * Class FakeManager
+ *
+ * this is a mock of \OCA\user_ldap\lib\user\Manager which is a dependency of
+ * Access, that pulls plenty more things in. Because it is not needed in the
+ * scope of these tests, we replace it with a mock.
+ */
+class FakeManager extends \OCA\user_ldap\lib\user\Manager {
+ public function __construct() {}
+$test = new IntegrationTestAccessGroupsMatchFilter($host, $port, $adn, $apwd, $bdn);
diff --git a/apps/user_ldap/tests/integration/ b/apps/user_ldap/tests/integration/
new file mode 100644
index 00000000000..e20efef8fdc
--- /dev/null
+++ b/apps/user_ldap/tests/integration/
@@ -0,0 +1,60 @@
+# Requirements #
+Have (as in do copy if not already done) the following files from copied into the directory "setup-scripts":
+ *
+ *
+ * config.php
+Configure config.php according to your needs, also have a look into the LDAP and network settings in and
+# Usage #
+The basic command to run a test is:
+```# ./ [phpscript]```
+Yes, run it as root from within this directory.
+$ sudo ./ lib/IntegrationTestAccessGroupsMatchFilter.php
+c74dc0155db4 osixia/phpldapadmin:0.5.1 "/sbin/my_init" 1 seconds ago Up Less than a second 80/tcp,>443/tcp docker-phpldapadmin
+71cbe88a4993 nickstenning/slapd:latest "/sbin/my_init" 1 seconds ago Up Less than a second>389/tcp docker-slapd
+LDAP server now available under (internal IP is
+phpldapadmin now available under
+created user : Alice Ealic
+created group : RedGroup
+created group : BlueGroup
+created group : GreenGroup
+created group : PurpleGroup
+running case1
+running case2
+Tests succeeded
+Stopping and resetting containers
+# How it works #
+1. is executed which brings up a fresh and clean OpenLDAP in Docker.
+2. The provided test script is executed. It also outputs results.
+3. is executed to shut down OpenLDAP
+# Beware #
+This is quick solution for basically one test case. With expension this mechanism should be improved as well.
+It does not run automatically, unless you do it. No integration with any testing framework.
+exceptionOnLostConnection.php is not part of this mechanism. Read its source and run it isolated. While you're at it, port it :รพ
diff --git a/apps/user_ldap/tests/integration/ b/apps/user_ldap/tests/integration/
new file mode 100755
index 00000000000..e07e9b43408
--- /dev/null
+++ b/apps/user_ldap/tests/integration/
@@ -0,0 +1,17 @@
+if [ $1 ] ; then
+ echo "No test file given" exit
+if [ ! -e "$TESTSCRIPT" ] ; then
+ echo "Test file does not exist"
+ exit
+# sleep is necessary, otherwise the LDAP server cannot be connected to, yet.
+setup-scripts/ && sleep 2 && php -f "$TESTSCRIPT"
diff --git a/apps/user_ldap/tests/integration/setup-scripts/createExplicitGroups.php b/apps/user_ldap/tests/integration/setup-scripts/createExplicitGroups.php
new file mode 100644
index 00000000000..60166dec26a
--- /dev/null
+++ b/apps/user_ldap/tests/integration/setup-scripts/createExplicitGroups.php
@@ -0,0 +1,47 @@
+include __DIR__ . '/config.php';
+$cr = ldap_connect($host, $port);
+ldap_set_option($cr, LDAP_OPT_PROTOCOL_VERSION, 3);
+$ok = ldap_bind($cr, $adn, $apwd);
+if (!$ok) {
+ die(ldap_error($cr));
+$ouName = 'Groups';
+$ouDN = 'ou=' . $ouName . ',' . $bdn;
+//creates an OU
+if (true) {
+ $entry = [];
+ $entry['objectclass'][] = 'top';
+ $entry['objectclass'][] = 'organizationalunit';
+ $entry['ou'] = $ouName;
+ $b = ldap_add($cr, $ouDN, $entry);
+ if (!$b) {
+ die(ldap_error($cr));
+ }
+$groups = ['RedGroup', 'BlueGroup', 'GreenGroup', 'PurpleGroup'];
+// groupOfNames requires groups to have at least one member
+// the member used is created by createExplicitUsers.php script
+$omniMember = 'uid=alice,ou=Users,' . $bdn;
+foreach ($groups as $cn) {
+ $newDN = 'cn=' . $cn . ',' . $ouDN;
+ $entry = [];
+ $entry['cn'] = $cn;
+ $entry['objectclass'][] = 'groupOfNames';
+ $entry['member'][] = $omniMember;
+ $ok = ldap_add($cr, $newDN, $entry);
+ if ($ok) {
+ echo('created group ' . ': ' . $entry['cn'] . PHP_EOL);
+ } else {
+ die(ldap_error($cr));
+ }
diff --git a/apps/user_ldap/tests/integration/setup-scripts/createExplicitUsers.php b/apps/user_ldap/tests/integration/setup-scripts/createExplicitUsers.php
new file mode 100644
index 00000000000..957c25236fd
--- /dev/null
+++ b/apps/user_ldap/tests/integration/setup-scripts/createExplicitUsers.php
@@ -0,0 +1,49 @@
+include __DIR__ . '/config.php';
+$cr = ldap_connect($host, $port);
+ldap_set_option($cr, LDAP_OPT_PROTOCOL_VERSION, 3);
+$ok = ldap_bind($cr, $adn, $apwd);
+if (!$ok) {
+ die(ldap_error($cr));
+$ouName = 'Users';
+$ouDN = 'ou=' . $ouName . ',' . $bdn;
+//creates on OU
+if (true) {
+ $entry = [];
+ $entry['objectclass'][] = 'top';
+ $entry['objectclass'][] = 'organizationalunit';
+ $entry['ou'] = $ouName;
+ $b = ldap_add($cr, $ouDN, $entry);
+ if (!$b) {
+ die(ldap_error($cr));
+ }
+$users = ['alice'];
+foreach ($users as $uid) {
+ $newDN = 'uid=' . $uid . ',' . $ouDN;
+ $fn = ucfirst($uid);
+ $sn = ucfirst(str_shuffle($uid)); // not so explicit but it's OK.
+ $entry = [];
+ $entry['cn'] = $fn . ' ' . $sn;
+ $entry['objectclass'][] = 'inetOrgPerson';
+ $entry['objectclass'][] = 'person';
+ $entry['sn'] = $sn;
+ $entry['userPassword'] = $uid;
+ $entry['displayName'] = $sn . ', ' . $fn;
+ $ok = ldap_add($cr, $newDN, $entry);
+ if ($ok) {
+ echo('created user ' . ': ' . $entry['cn'] . PHP_EOL);
+ } else {
+ die(ldap_error($cr));
+ }