summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap
diff options
context:
space:
mode:
authorThomas Müller <thomas.mueller@tmit.eu>2015-05-15 17:32:07 +0200
committerThomas Müller <thomas.mueller@tmit.eu>2015-05-15 17:32:07 +0200
commit8e61ad08726659179ff6a208b26772bba41cbe25 (patch)
treef1442c31f59a7d342d0c8c0e647c4b3751402bcd /apps/user_ldap
parentc3e066c5eb177bcda56178b98ec4c89fc8209870 (diff)
parent18661ceb634a6d3e727ea21d89fa56de1eff9e58 (diff)
downloadnextcloud-server-8e61ad08726659179ff6a208b26772bba41cbe25.tar.gz
nextcloud-server-8e61ad08726659179ff6a208b26772bba41cbe25.zip
Merge pull request #15811 from owncloud/exception-on-lost-ldap-connection
throw exception when LDAP Connection was lost
Diffstat (limited to 'apps/user_ldap')
-rw-r--r--apps/user_ldap/lib/ldap.php4
-rw-r--r--apps/user_ldap/tests/integration/exceptionOnLostConnection.php192
2 files changed, 196 insertions, 0 deletions
diff --git a/apps/user_ldap/lib/ldap.php b/apps/user_ldap/lib/ldap.php
index b4ca3499f49..74df3dd8ae7 100644
--- a/apps/user_ldap/lib/ldap.php
+++ b/apps/user_ldap/lib/ldap.php
@@ -26,6 +26,8 @@
namespace OCA\user_ldap\lib;
+use OC\ServerNotAvailableException;
+
class LDAP implements ILDAPWrapper {
protected $curFunc = '';
protected $curArgs = array();
@@ -283,6 +285,8 @@ class LDAP implements ILDAPWrapper {
//for now
} else if ($errorCode === 10) {
//referrals, we switch them off, but then there is AD :)
+ } else if ($errorCode === -1) {
+ throw new ServerNotAvailableException('Lost connection to LDAP server.');
} else {
\OCP\Util::writeLog('user_ldap',
'LDAP error '.$errorMsg.' (' .
diff --git a/apps/user_ldap/tests/integration/exceptionOnLostConnection.php b/apps/user_ldap/tests/integration/exceptionOnLostConnection.php
new file mode 100644
index 00000000000..a55d4822689
--- /dev/null
+++ b/apps/user_ldap/tests/integration/exceptionOnLostConnection.php
@@ -0,0 +1,192 @@
+<?php
+/**
+ * @author Arthur Schiwon <blizzz@owncloud.com>
+ *
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+use OC\ServerNotAvailableException;
+use OCA\user_ldap\lib\LDAP;
+
+/**
+ * Class ExceptionOnLostConnection
+ *
+ * integration test, ensures that an exception is thrown, when the connection is lost.
+ *
+ * LDAP must be available via toxiproxy.
+ *
+ * This test must be run manually.
+ *
+ */
+class ExceptionOnLostConnection {
+ /** @var string */
+ private $toxiProxyHost;
+
+ /** @var string */
+ private $toxiProxyName;
+
+ /** @var string */
+ private $ldapBase;
+
+ /** @var string|null */
+ private $ldapBindDN;
+
+ /** @var string|null */
+ private $ldapBindPwd;
+
+ /** @var string */
+ private $ldapHost;
+
+ /** @var OCA\user_ldap\lib\LDAP */
+ private $ldap;
+
+ /** @var bool */
+ private $originalProxyState;
+
+ /**
+ * @param string $proxyHost host of toxiproxy as url, like http://localhost:8474
+ * @param string $proxyName name of the LDAP proxy service as configured in toxiProxy
+ * @param string $ldapBase any valid LDAP base DN
+ * @param null $bindDN optional, bind DN if anonymous bind is not possible
+ * @param null $bindPwd optional
+ */
+ public function __construct($proxyHost, $proxyName, $ldapBase, $bindDN = null, $bindPwd = null) {
+ $this->toxiProxyHost = $proxyHost;
+ $this->toxiProxyName = $proxyName;
+ $this->ldapBase = $ldapBase;
+ $this->ldapBindDN = $bindDN;
+ $this->ldapBindPwd = $bindPwd;
+
+ $this->setUp();
+ }
+
+ /**
+ * destructor
+ */
+ public function __destruct() {
+ $this->cleanUp();
+ }
+
+ /**
+ * prepares everything for the test run. Includes loading ownCloud and
+ * the LDAP backend, as well as getting information about toxiproxy.
+ * Also creates an instance of the LDAP class, the testee
+ *
+ * @throws Exception
+ */
+ public function setUp() {
+ require_once __DIR__ . '/../../../../lib/base.php';
+ \OC_App::loadApps('user_ldap');
+
+ $ch = $this->getCurl();
+ $proxyInfoJson = curl_exec($ch);
+ $this->checkCurlResult($ch, $proxyInfoJson);
+ $proxyInfo = json_decode($proxyInfoJson, true);
+ $this->originalProxyState = $proxyInfo['enabled'];
+ $this->ldapHost = 'ldap://' . $proxyInfo['listen']; // contains port as well
+
+ $this->ldap = new LDAP();
+ }
+
+ /**
+ * restores original state of the LDAP proxy, if necessary
+ */
+ public function cleanUp() {
+ if($this->originalProxyState === true) {
+ $this->setProxyState(true);
+ }
+ }
+
+ /**
+ * runs the test and prints the result. Exit code is 0 if successful, 1 on
+ * fail
+ */
+ public function run() {
+ if($this->originalProxyState === false) {
+ $this->setProxyState(true);
+ }
+ //host contains port, 2nd parameter will be ignored
+ $cr = $this->ldap->connect($this->ldapHost, 0);
+ $this->ldap->bind($cr, $this->ldapBindDN, $this->ldapBindPwd);
+ $this->ldap->search($cr, $this->ldapBase, 'objectClass=*', array('dn'), true, 5);
+
+ // disable LDAP, will cause lost connection
+ $this->setProxyState(false);
+ try {
+ $this->ldap->search($cr, $this->ldapBase, 'objectClass=*', array('dn'), true, 5);
+ } catch (ServerNotAvailableException $e) {
+ print("Test PASSED" . PHP_EOL);
+ exit(0);
+ }
+ print("Test FAILED" . PHP_EOL);
+ exit(1);
+ }
+
+ /**
+ * tests whether a curl operation ran successfully. If not, an exception
+ * is thrown
+ *
+ * @param resource $ch
+ * @param mixed $result
+ * @throws Exception
+ */
+ private function checkCurlResult($ch, $result) {
+ if($result === false) {
+ $error = curl_error($ch);
+ curl_close($ch);
+ throw new \Exception($error);
+ }
+ }
+
+ /**
+ * enables or disabled the LDAP proxy service in toxiproxy
+ *
+ * @param bool $isEnabled whether is should be enabled or disables
+ * @throws Exception
+ */
+ private function setProxyState($isEnabled) {
+ if(!is_bool($isEnabled)) {
+ throw new \InvalidArgumentException('Bool expected');
+ }
+ $postData = json_encode(['enabled' => $isEnabled]);
+ $ch = $this->getCurl();
+ curl_setopt($ch, CURLOPT_POST, true);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
+ curl_setopt($ch, CURLOPT_HTTPHEADER, array(
+ 'Content-Type: application/json',
+ 'Content-Length: ' . strlen($postData))
+ );
+ $recvd = curl_exec($ch);
+ $this->checkCurlResult($ch, $recvd);
+ }
+
+ /**
+ * initializes a curl handler towards the toxiproxy LDAP proxy service
+ * @return resource
+ */
+ private function getCurl() {
+ $ch = curl_init();
+ curl_setopt($ch, CURLOPT_URL, $this->toxiProxyHost . '/proxies/' . $this->toxiProxyName);
+ curl_setopt($ch, CURLOPT_HEADER, false);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+ return $ch;
+ }
+}
+
+$test = new ExceptionOnLostConnection('http://localhost:8474', 'ldap', 'dc=owncloud,dc=bzoc');
+$test->run();
+