diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2017-02-20 21:34:55 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-02-20 21:34:55 +0100 |
commit | a4266f59ae68062988487cc972ba00f71e692920 (patch) | |
tree | 85a7757b0738e22af29f45df57fe5fc9980408d0 /apps | |
parent | c20409373b95b04d449cc60aea15ac8113664825 (diff) | |
parent | ce97ab92c63bd639b870a68e18c8e2419a2e3c8f (diff) | |
download | nextcloud-server-a4266f59ae68062988487cc972ba00f71e692920.tar.gz nextcloud-server-a4266f59ae68062988487cc972ba00f71e692920.zip |
Merge pull request #3521 from nextcloud/ldap-fix-uuid-attr-detection
Fix Borken UUID Attribute Detection
Diffstat (limited to 'apps')
20 files changed, 895 insertions, 43 deletions
diff --git a/apps/user_ldap/appinfo/info.xml b/apps/user_ldap/appinfo/info.xml index 7535790fa57..9794db30e2b 100644 --- a/apps/user_ldap/appinfo/info.xml +++ b/apps/user_ldap/appinfo/info.xml @@ -9,7 +9,7 @@ A user logs into ownCloud with their LDAP or AD credentials, and is granted acce </description> <licence>AGPL</licence> <author>Dominik Schmidt and Arthur Schiwon</author> - <version>1.2.0</version> + <version>1.2.1</version> <types> <authentication/> </types> @@ -32,4 +32,10 @@ A user logs into ownCloud with their LDAP or AD credentials, and is granted acce <admin>OCA\User_LDAP\Settings\Admin</admin> <admin-section>OCA\User_LDAP\Settings\Section</admin-section> </settings> + + <repair-steps> + <post-migration> + <step>OCA\User_LDAP\Migration\UUIDFixInsert</step> + </post-migration> + </repair-steps> </info> diff --git a/apps/user_ldap/lib/Access.php b/apps/user_ldap/lib/Access.php index 9e93ef2ecaa..cc0446ae523 100644 --- a/apps/user_ldap/lib/Access.php +++ b/apps/user_ldap/lib/Access.php @@ -1473,7 +1473,7 @@ class Access extends LDAPUtility implements IUserTools { return true; } - if ($uuidOverride !== '' && !$force) { + if (is_string($uuidOverride) && trim($uuidOverride) !== '' && !$force) { $this->connection->$uuidAttr = $uuidOverride; return true; } diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php index becd39205bc..04f8c7401e2 100644 --- a/apps/user_ldap/lib/Connection.php +++ b/apps/user_ldap/lib/Connection.php @@ -47,6 +47,8 @@ use OC\ServerNotAvailableException; * @property string[] ldapBaseUsers * @property int|string ldapPagingSize holds an integer * @property bool|mixed|void ldapGroupMemberAssocAttr + * @property string ldapUuidUserAttribute + * @property string ldapUuidGroupAttribute */ class Connection extends LDAPUtility { private $ldapConnectionRes = null; diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php index 49e5e724833..d620a00f849 100644 --- a/apps/user_ldap/lib/Group_LDAP.php +++ b/apps/user_ldap/lib/Group_LDAP.php @@ -902,4 +902,12 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface { public function implementsActions($actions) { return (bool)(\OC\Group\Backend::COUNT_USERS & $actions); } + + /** + * Return access for LDAP interaction. + * @return Access instance of Access for LDAP interaction + */ + public function getLDAPAccess() { + return $this->access; + } } diff --git a/apps/user_ldap/lib/Group_Proxy.php b/apps/user_ldap/lib/Group_Proxy.php index 64b85427f8f..c102e7ac626 100644 --- a/apps/user_ldap/lib/Group_Proxy.php +++ b/apps/user_ldap/lib/Group_Proxy.php @@ -196,4 +196,13 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface { //it's the same across all our user backends obviously return $this->refBackend->implementsActions($actions); } + + /** + * Return access for LDAP interaction. + * @param string $gid + * @return Access instance of Access for LDAP interaction + */ + public function getLDAPAccess($gid) { + return $this->handleRequest($gid, 'getLDAPAccess', []); + } } diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php index 6fb4a5436c3..755cfadbccd 100644 --- a/apps/user_ldap/lib/Mapping/AbstractMapping.php +++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php @@ -129,6 +129,25 @@ abstract class AbstractMapping { } /** + * Updates the UUID based on the given DN + * + * required by Migration/UUIDFix + * + * @param $uuid + * @param $fdn + * @return bool + */ + public function setUUIDbyDN($uuid, $fdn) { + $query = $this->dbc->prepare(' + UPDATE `' . $this->getTableName() . '` + SET `directory_uuid` = ? + WHERE `ldap_dn` = ? + '); + + return $this->modify($query, [$uuid, $fdn]); + } + + /** * Gets the name based on the provided LDAP DN. * @param string $fdn * @return string|false diff --git a/apps/user_ldap/lib/Migration/UUIDFix.php b/apps/user_ldap/lib/Migration/UUIDFix.php new file mode 100644 index 00000000000..5b9e5e2231d --- /dev/null +++ b/apps/user_ldap/lib/Migration/UUIDFix.php @@ -0,0 +1,60 @@ +<?php +/** + * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_LDAP\Migration; + + +use OC\BackgroundJob\QueuedJob; +use OCA\User_LDAP\Mapping\AbstractMapping; +use OCA\User_LDAP\Proxy; +use OCA\User_LDAP\User_Proxy; + +abstract class UUIDFix extends QueuedJob { + /** @var AbstractMapping */ + protected $mapper; + + /** @var Proxy */ + protected $proxy; + + public function run($argument) { + $isUser = $this->proxy instanceof User_Proxy; + foreach($argument['records'] as $record) { + $access = $this->proxy->getLDAPAccess($record['name']); + $uuid = $access->getUUID($record['dn'], $isUser); + if($uuid === false) { + // record not found, no prob, continue with the next + continue; + } + if($uuid !== $record['uuid']) { + $this->mapper->setUUIDbyDN($uuid, $record['dn']); + } + } + } + + /** + * @param Proxy $proxy + */ + public function overrideProxy(Proxy $proxy) { + $this->proxy = $proxy; + } +} diff --git a/apps/user_ldap/lib/Migration/UUIDFixGroup.php b/apps/user_ldap/lib/Migration/UUIDFixGroup.php new file mode 100644 index 00000000000..cbc38366984 --- /dev/null +++ b/apps/user_ldap/lib/Migration/UUIDFixGroup.php @@ -0,0 +1,37 @@ +<?php +/** + * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_LDAP\Migration; + +use OCA\User_LDAP\Helper; +use OCA\User_LDAP\LDAP; +use OCA\User_LDAP\Mapping\GroupMapping; +use OCA\User_LDAP\User_Proxy; +use OCP\IConfig; + +class UUIDFixGroup extends UUIDFix { + public function __construct(GroupMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) { + $this->mapper = $mapper; + $this->proxy = new User_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config); + } +} diff --git a/apps/user_ldap/lib/Migration/UUIDFixInsert.php b/apps/user_ldap/lib/Migration/UUIDFixInsert.php new file mode 100644 index 00000000000..4a1104f2c6f --- /dev/null +++ b/apps/user_ldap/lib/Migration/UUIDFixInsert.php @@ -0,0 +1,101 @@ +<?php +/** + * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_LDAP\Migration; + +use OCA\User_LDAP\Mapping\GroupMapping; +use OCA\User_LDAP\Mapping\UserMapping; +use OCP\BackgroundJob\IJobList; +use OCP\IConfig; +use OCP\Migration\IOutput; +use OCP\Migration\IRepairStep; + +class UUIDFixInsert implements IRepairStep { + + /** @var IConfig */ + protected $config; + + /** @var UserMapping */ + protected $userMapper; + + /** @var GroupMapping */ + protected $groupMapper; + + /** @var IJobList */ + protected $jobList; + + public function __construct(IConfig $config, UserMapping $userMapper, GroupMapping $groupMapper, IJobList $jobList) { + $this->config = $config; + $this->userMapper = $userMapper; + $this->groupMapper = $groupMapper; + $this->jobList = $jobList; + } + + /** + * Returns the step's name + * + * @return string + * @since 9.1.0 + */ + public function getName() { + return 'Insert UUIDFix background job for user and group in batches'; + } + + /** + * Run repair step. + * Must throw exception on error. + * + * @param IOutput $output + * @throws \Exception in case of failure + * @since 9.1.0 + */ + public function run(IOutput $output) { + $installedVersion = $this->config->getAppValue('user_ldap', 'installed_version', '1.2.1'); + if(version_compare($installedVersion, '1.2.1') !== -1) { + return; + } + + foreach ([$this->userMapper, $this->groupMapper] as $mapper) { + $offset = 0; + $batchSize = 50; + $jobClass = $mapper instanceof UserMapping ? UUIDFixUser::class : UUIDFixGroup::class; + do { + $retry = false; + $records = $mapper->getList($offset, $batchSize); + if(count($records) === 0){ + continue; + } + try { + $this->jobList->add($jobClass, ['records' => $records]); + $offset += $batchSize; + } catch (\InvalidArgumentException $e) { + if(strpos($e->getMessage(), 'Background job arguments can\'t exceed 4000') !== false) { + $batchSize = intval(floor(count($records) * 0.8)); + $retry = true; + } + } + } while (count($records) === $batchSize || $retry); + } + + } +} diff --git a/apps/user_ldap/lib/Migration/UUIDFixUser.php b/apps/user_ldap/lib/Migration/UUIDFixUser.php new file mode 100644 index 00000000000..ee1457dcccb --- /dev/null +++ b/apps/user_ldap/lib/Migration/UUIDFixUser.php @@ -0,0 +1,37 @@ +<?php +/** + * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_LDAP\Migration; + +use OCA\User_LDAP\Helper; +use OCA\User_LDAP\LDAP; +use OCA\User_LDAP\Mapping\UserMapping; +use OCA\User_LDAP\Group_Proxy; +use OCP\IConfig; + +class UUIDFixUser extends UUIDFix { + public function __construct(UserMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) { + $this->mapper = $mapper; + $this->proxy = new Group_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config); + } +} diff --git a/apps/user_ldap/lib/Proxy.php b/apps/user_ldap/lib/Proxy.php index 6b896e0b13d..7f998314e20 100644 --- a/apps/user_ldap/lib/Proxy.php +++ b/apps/user_ldap/lib/Proxy.php @@ -128,6 +128,12 @@ abstract class Proxy { abstract protected function walkBackends($id, $method, $parameters); /** + * @param string $id + * @return Access + */ + abstract public function getLDAPAccess($id); + + /** * Takes care of the request to the User backend * @param string $id * @param string $method string, the method of the user backend that shall be called diff --git a/apps/user_ldap/tests/Integration/AbstractIntegrationTest.php b/apps/user_ldap/tests/Integration/AbstractIntegrationTest.php index 493fc2abace..2966180f5a1 100644 --- a/apps/user_ldap/tests/Integration/AbstractIntegrationTest.php +++ b/apps/user_ldap/tests/Integration/AbstractIntegrationTest.php @@ -25,8 +25,10 @@ namespace OCA\User_LDAP\Tests\Integration; use OCA\User_LDAP\Access; use OCA\User_LDAP\Connection; +use OCA\User_LDAP\FilesystemHelper; use OCA\User_LDAP\LDAP; use OCA\User_LDAP\Helper; +use OCA\User_LDAP\LogWrapper; use OCA\User_LDAP\User\Manager; abstract class AbstractIntegrationTest { @@ -106,7 +108,15 @@ abstract class AbstractIntegrationTest { * @return Manager */ protected function initUserManager() { - $this->userManager = new FakeManager(); + $this->userManager = new Manager( + \OC::$server->getConfig(), + new FilesystemHelper(), + new LogWrapper(), + \OC::$server->getAvatarManager(), + new \OCP\Image(), + \OC::$server->getDatabaseConnection(), + \OC::$server->getUserManager() + ); } /** diff --git a/apps/user_ldap/tests/Integration/FakeManager.php b/apps/user_ldap/tests/Integration/FakeManager.php deleted file mode 100644 index 1eb405298a2..00000000000 --- a/apps/user_ldap/tests/Integration/FakeManager.php +++ /dev/null @@ -1,38 +0,0 @@ -<?php -/** - * @copyright Copyright (c) 2016, ownCloud, Inc. - * - * @author Arthur Schiwon <blizzz@arthur-schiwon.de> - * @author Joas Schilling <coding@schilljs.com> - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OCA\User_LDAP\Tests\Integration; - -/** - * Class FakeManager - * - * this is a mock of \OCA\User_LDAP\User\Manager which is a dependency of - * Access, that pulls plenty more things in. Because it is not needed in the - * scope of these tests, we replace it with a mock. - */ -class FakeManager extends \OCA\User_LDAP\User\Manager { - public function __construct() { - $this->ocConfig = \OC::$server->getConfig(); - $this->image = new \OCP\Image(); - } -} diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestAttributeDetection.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestAttributeDetection.php new file mode 100644 index 00000000000..55b2eabedc2 --- /dev/null +++ b/apps/user_ldap/tests/Integration/Lib/IntegrationTestAttributeDetection.php @@ -0,0 +1,86 @@ +<?php +/** + * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\user_ldap\tests\Integration\Lib; + +use OCA\User_LDAP\Group_LDAP; +use OCA\User_LDAP\Mapping\GroupMapping; +use OCA\User_LDAP\Mapping\UserMapping; +use OCA\User_LDAP\Tests\Integration\AbstractIntegrationTest; +use OCA\User_LDAP\User_LDAP; + +require_once __DIR__ . '/../Bootstrap.php'; + +class IntegrationTestAttributeDetection extends AbstractIntegrationTest { + public function init() { + require(__DIR__ . '/../setup-scripts/createExplicitUsers.php'); + require(__DIR__ . '/../setup-scripts/createExplicitGroups.php'); + + parent::init(); + + $this->connection->setConfiguration(['ldapGroupFilter' => 'objectClass=groupOfNames']); + $this->connection->setConfiguration(['ldapGroupMemberAssocAttr' => 'member']); + + $userMapper = new UserMapping(\OC::$server->getDatabaseConnection()); + $userMapper->clear(); + $this->access->setUserMapper($userMapper); + + $groupMapper = new GroupMapping(\OC::$server->getDatabaseConnection()); + $groupMapper->clear(); + $this->access->setGroupMapper($groupMapper); + + $userBackend = new User_LDAP($this->access, \OC::$server->getConfig()); + $userManager = \OC::$server->getUserManager(); + $userManager->clearBackends(); + $userManager->registerBackend($userBackend); + + $groupBackend = new Group_LDAP($this->access); + $groupManger = \OC::$server->getGroupManager(); + $groupManger->clearBackends(); + $groupManger->addBackend($groupBackend); + } + + protected function caseNativeUUIDAttributeUsers() { + // trigger importing of users which also triggers UUID attribute detection + \OC::$server->getUserManager()->search('', 5, 0); + return $this->connection->ldapUuidUserAttribute === 'entryuuid'; + } + + protected function caseNativeUUIDAttributeGroups() { + // essentially the same as 'caseNativeUUIDAttributeUsers', code paths + // are similar, but we take no chances. + + // trigger importing of users which also triggers UUID attribute detection + \OC::$server->getGroupManager()->search('', 5, 0); + return $this->connection->ldapUuidGroupAttribute === 'entryuuid'; + } +} + +/** @var string $host */ +/** @var int $port */ +/** @var string $adn */ +/** @var string $apwd */ +/** @var string $bdn */ +$test = new IntegrationTestAttributeDetection($host, $port, $adn, $apwd, $bdn); +$test->init(); +$test->run(); diff --git a/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserDisplayName.php b/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserDisplayName.php index ab0d2ffdcce..d0444daca5f 100644 --- a/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserDisplayName.php +++ b/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserDisplayName.php @@ -25,6 +25,7 @@ namespace OCA\User_LDAP\Tests\Integration\Lib\User; use OCA\User_LDAP\Mapping\UserMapping; use OCA\User_LDAP\Tests\Integration\AbstractIntegrationTest; +use OCA\User_LDAP\User_LDAP; require_once __DIR__ . '/../../Bootstrap.php'; @@ -42,7 +43,7 @@ class IntegrationTestUserDisplayName extends AbstractIntegrationTest { $this->mapping = new UserMapping(\OC::$server->getDatabaseConnection()); $this->mapping->clear(); $this->access->setUserMapper($this->mapping); - $userBackend = new \OCA\User_LDAP\User_LDAP($this->access, \OC::$server->getConfig()); + $userBackend = new User_LDAP($this->access, \OC::$server->getConfig()); \OC_User::useBackend($userBackend); } diff --git a/apps/user_ldap/tests/Mapping/AbstractMappingTest.php b/apps/user_ldap/tests/Mapping/AbstractMappingTest.php index 5c3474d9ad2..c9845bb31e5 100644 --- a/apps/user_ldap/tests/Mapping/AbstractMappingTest.php +++ b/apps/user_ldap/tests/Mapping/AbstractMappingTest.php @@ -26,6 +26,7 @@ namespace OCA\User_LDAP\Tests\Mapping; +use OCA\User_LDAP\Mapping\AbstractMapping; use OCP\IDBConnection; abstract class AbstractMappingTest extends \Test\TestCase { @@ -182,7 +183,7 @@ abstract class AbstractMappingTest extends \Test\TestCase { /** * tests setDNbyUUID() for successful and unsuccessful update. */ - public function testSetMethod() { + public function testSetDNMethod() { list($mapper, $data) = $this->initTest(); $newDN = 'uid=modified,dc=example,dc=org'; @@ -196,7 +197,26 @@ abstract class AbstractMappingTest extends \Test\TestCase { $this->assertFalse($done); $name = $mapper->getNameByDN($newDN); $this->assertFalse($name); + } + + /** + * tests setUUIDbyDN() for successful and unsuccessful update. + */ + public function testSetUUIDMethod() { + /** @var AbstractMapping $mapper */ + list($mapper, $data) = $this->initTest(); + $newUUID = 'ABC737-DEF754'; + + $done = $mapper->setUUIDbyDN($newUUID, 'uid=notme,dc=example,dc=org'); + $this->assertFalse($done); + $name = $mapper->getNameByUUID($newUUID); + $this->assertFalse($name); + + $done = $mapper->setUUIDbyDN($newUUID, $data[0]['dn']); + $this->assertTrue($done); + $uuid = $mapper->getUUIDByDN($data[0]['dn']); + $this->assertSame($uuid, $newUUID); } /** diff --git a/apps/user_ldap/tests/Migration/AbstractUUIDFixTest.php b/apps/user_ldap/tests/Migration/AbstractUUIDFixTest.php new file mode 100644 index 00000000000..8921648da83 --- /dev/null +++ b/apps/user_ldap/tests/Migration/AbstractUUIDFixTest.php @@ -0,0 +1,197 @@ +<?php +/** + * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_LDAP\Tests\Migration; + +use OCA\User_LDAP\LDAP; +use Test\TestCase; +use OCA\User_LDAP\Access; +use OCA\User_LDAP\Helper; +use OCA\User_LDAP\Migration\UUIDFixUser; +use OCA\User_LDAP\Mapping\UserMapping; +use OCA\User_LDAP\Mapping\GroupMapping; +use OCA\User_LDAP\User_Proxy; +use OCP\IConfig; + +abstract class AbstractUUIDFixTest extends TestCase { + /** @var Helper|\PHPUnit_Framework_MockObject_MockObject */ + protected $helper; + + /** @var IConfig|\PHPUnit_Framework_MockObject_MockObject */ + protected $config; + + /** @var LDAP|\PHPUnit_Framework_MockObject_MockObject */ + protected $ldap; + + /** @var UserMapping|GroupMapping|\PHPUnit_Framework_MockObject_MockObject */ + protected $mapper; + + /** @var UUIDFixUser */ + protected $job; + + /** @var User_Proxy|\PHPUnit_Framework_MockObject_MockObject */ + protected $proxy; + + /** @var Access|\PHPUnit_Framework_MockObject_MockObject */ + protected $access; + + /** @var bool */ + protected $isUser = true; + + public function setUp() { + parent::setUp(); + + $this->ldap = $this->createMock(LDAP::class); + $this->config = $this->createMock(IConfig::class); + $this->access = $this->createMock(Access::class); + + $this->helper = $this->createMock(Helper::class); + $this->helper->expects($this->any()) + ->method('getServerConfigurationPrefixes') + ->with(true) + ->willReturn(['s01', 's03']); + } + + protected function mockProxy($className) { + $this->proxy = $this->createMock($className); + $this->proxy->expects($this->any()) + ->method('getLDAPAccess') + ->willReturn($this->access); + } + + protected function instantiateJob($className) { + $this->job = new $className($this->mapper, $this->ldap, $this->config, $this->helper); + $this->job->overrideProxy($this->proxy); + } + + public function testRunSingleRecord() { + $args = [ + 'records' => [ + 0 => [ + 'name' => 'Someone', + 'dn' => 'uid=Someone,dc=Somewhere', + 'uuid' => 'kaput' + ] + ] + ]; + $correctUUID = '4355-AED3-9D73-03AD'; + + $this->access->expects($this->once()) + ->method('getUUID') + ->with($args['records'][0]['dn'], $this->isUser) + ->willReturn($correctUUID); + + $this->mapper->expects($this->once()) + ->method('setUUIDbyDN') + ->with($correctUUID, $args['records'][0]['dn']); + + $this->job->run($args); + } + + public function testRunValidRecord() { + $correctUUID = '4355-AED3-9D73-03AD'; + $args = [ + 'records' => [ + 0 => [ + 'name' => 'Someone', + 'dn' => 'uid=Someone,dc=Somewhere', + 'uuid' => $correctUUID + ] + ] + ]; + + $this->access->expects($this->once()) + ->method('getUUID') + ->with($args['records'][0]['dn'], $this->isUser) + ->willReturn($correctUUID); + + $this->mapper->expects($this->never()) + ->method('setUUIDbyDN'); + + $this->job->run($args); + } + + public function testRunRemovedRecord() { + $args = [ + 'records' => [ + 0 => [ + 'name' => 'Someone', + 'dn' => 'uid=Someone,dc=Somewhere', + 'uuid' => 'kaput' + ] + ] + ]; + + $this->access->expects($this->once()) + ->method('getUUID') + ->with($args['records'][0]['dn'], $this->isUser) + ->willReturn(false); + + $this->mapper->expects($this->never()) + ->method('setUUIDbyDN'); + + $this->job->run($args); + } + + public function testRunManyRecords() { + $args = [ + 'records' => [ + 0 => [ + 'name' => 'Someone', + 'dn' => 'uid=Someone,dc=Somewhere', + 'uuid' => 'kaput' + ], + 1 => [ + 'name' => 'kdslkdsaIdsal', + 'dn' => 'uid=kdslkdsaIdsal,dc=Somewhere', + 'uuid' => 'AED3-4355-03AD-9D73' + ], + 2 => [ + 'name' => 'Paperboy', + 'dn' => 'uid=Paperboy,dc=Somewhere', + 'uuid' => 'kaput' + ] + ] + ]; + $correctUUIDs = ['4355-AED3-9D73-03AD', 'AED3-4355-03AD-9D73', 'AED3-9D73-4355-03AD']; + + $this->access->expects($this->exactly(3)) + ->method('getUUID') + ->withConsecutive( + [$args['records'][0]['dn'], $this->isUser], + [$args['records'][1]['dn'], $this->isUser], + [$args['records'][2]['dn'], $this->isUser] + ) + ->willReturnOnConsecutiveCalls($correctUUIDs[0], $correctUUIDs[1], $correctUUIDs[2]); + + $this->mapper->expects($this->exactly(2)) + ->method('setUUIDbyDN') + ->withConsecutive( + [$correctUUIDs[0], $args['records'][0]['dn']], + [$correctUUIDs[2], $args['records'][2]['dn']] + ); + + $this->job->run($args); + } + +} diff --git a/apps/user_ldap/tests/Migration/UUIDFixGroupTest.php b/apps/user_ldap/tests/Migration/UUIDFixGroupTest.php new file mode 100644 index 00000000000..b91f4af433f --- /dev/null +++ b/apps/user_ldap/tests/Migration/UUIDFixGroupTest.php @@ -0,0 +1,50 @@ +<?php +/** + * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\Group_LDAP\Tests\Migration; + +use OCA\User_LDAP\Migration\UUIDFixGroup; +use OCA\User_LDAP\Mapping\GroupMapping; +use OCA\User_LDAP\Group_Proxy; +use OCA\User_LDAP\Tests\Migration\AbstractUUIDFixTest; + +/** + * Class UUIDFixGroupTest + * + * @package OCA\Group_LDAP\Tests\Migration + * @group DB + */ +class UUIDFixGroupTest extends AbstractUUIDFixTest { + public function setUp() { + $this->isUser = false; + parent::setUp(); + + $this->isUser = false; + + $this->mapper = $this->createMock(GroupMapping::class); + + $this->mockProxy(Group_Proxy::class); + $this->instantiateJob(UUIDFixGroup::class); + } + +} diff --git a/apps/user_ldap/tests/Migration/UUIDFixInsertTest.php b/apps/user_ldap/tests/Migration/UUIDFixInsertTest.php new file mode 100644 index 00000000000..a5f7ea50175 --- /dev/null +++ b/apps/user_ldap/tests/Migration/UUIDFixInsertTest.php @@ -0,0 +1,195 @@ +<?php +/** + * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_LDAP\Tests\Migration; + +use OCA\User_LDAP\Migration\UUIDFixInsert; +use OCA\User_LDAP\Mapping\UserMapping; +use OCA\User_LDAP\Mapping\GroupMapping; +use OCP\BackgroundJob\IJobList; +use OCP\IConfig; +use OCP\Migration\IOutput; +use Test\TestCase; + +class UUIDFixInsertTest extends TestCase { + /** @var IConfig|\PHPUnit_Framework_MockObject_MockObject */ + protected $config; + + /** @var UserMapping|\PHPUnit_Framework_MockObject_MockObject */ + protected $userMapper; + + /** @var GroupMapping|\PHPUnit_Framework_MockObject_MockObject */ + protected $groupMapper; + + /** @var IJobList|\PHPUnit_Framework_MockObject_MockObject */ + protected $jobList; + + /** @var UUIDFixInsert */ + protected $job; + + public function setUp() { + parent::setUp(); + + $this->jobList = $this->createMock(IJobList::class); + $this->config = $this->createMock(IConfig::class); + $this->userMapper = $this->createMock(UserMapping::class); + $this->groupMapper = $this->createMock(GroupMapping::class); + $this->job = new UUIDFixInsert( + $this->config, + $this->userMapper, + $this->groupMapper, + $this->jobList + ); + } + + public function testGetName() { + $this->assertSame('Insert UUIDFix background job for user and group in batches', $this->job->getName()); + } + + public function recordProvider() { + $record = [ + 'dn' => 'cn=somerecord,dc=somewhere', + 'name' => 'Something', + 'uuid' => 'AB12-3456-CDEF7-8GH9' + ]; + array_fill(0, 50, $record); + + $userBatches = [ + 0 => array_fill(0, 50, $record), + 1 => array_fill(0, 50, $record), + 2 => array_fill(0, 13, $record), + ]; + + $groupBatches = [ + 0 => array_fill(0, 7, $record), + ]; + + return [ + ['userBatches' => $userBatches, 'groupBatches' => $groupBatches] + ]; + } + + public function recordProviderTooLongAndNone() { + $record = [ + 'dn' => 'cn=somerecord,dc=somewhere', + 'name' => 'Something', + 'uuid' => 'AB12-3456-CDEF7-8GH9' + ]; + array_fill(0, 50, $record); + + $userBatches = [ + 0 => array_fill(0, 50, $record), + 1 => array_fill(0, 40, $record), + 2 => array_fill(0, 32, $record), + 3 => array_fill(0, 32, $record), + 4 => array_fill(0, 23, $record), + ]; + + $groupBatches = [0 => []]; + + return [ + ['userBatches' => $userBatches, 'groupBatches' => $groupBatches] + ]; + } + + /** + * @dataProvider recordProvider + */ + public function testRun($userBatches, $groupBatches) { + $this->config->expects($this->once()) + ->method('getAppValue') + ->with('user_ldap', 'installed_version', '1.2.1') + ->willReturn('1.2.0'); + + $this->userMapper->expects($this->exactly(3)) + ->method('getList') + ->withConsecutive([0, 50], [50, 50], [100, 50]) + ->willReturnOnConsecutiveCalls($userBatches[0], $userBatches[1], $userBatches[2]); + + $this->groupMapper->expects($this->exactly(1)) + ->method('getList') + ->with(0, 50) + ->willReturn($groupBatches[0]); + + $this->jobList->expects($this->exactly(4)) + ->method('add'); + + /** @var IOutput $out */ + $out = $this->createMock(IOutput::class); + $this->job->run($out); + } + + /** + * @dataProvider recordProviderTooLongAndNone + */ + public function testRunWithManyAndNone($userBatches, $groupBatches) { + $this->config->expects($this->once()) + ->method('getAppValue') + ->with('user_ldap', 'installed_version', '1.2.1') + ->willReturn('1.2.0'); + + $this->userMapper->expects($this->exactly(5)) + ->method('getList') + ->withConsecutive([0, 50], [0, 40], [0, 32], [32, 32], [64, 32]) + ->willReturnOnConsecutiveCalls($userBatches[0], $userBatches[1], $userBatches[2], $userBatches[3], $userBatches[4]); + + $this->groupMapper->expects($this->once()) + ->method('getList') + ->with(0, 50) + ->willReturn($groupBatches[0]); + + $this->jobList->expects($this->at(0)) + ->method('add') + ->willThrowException(new \InvalidArgumentException('Background job arguments can\'t exceed 4000 etc')); + $this->jobList->expects($this->at(1)) + ->method('add') + ->willThrowException(new \InvalidArgumentException('Background job arguments can\'t exceed 4000 etc')); + $this->jobList->expects($this->at(2)) + ->method('add'); + $this->jobList->expects($this->at(3)) + ->method('add'); + $this->jobList->expects($this->at(4)) + ->method('add'); + + /** @var IOutput $out */ + $out = $this->createMock(IOutput::class); + $this->job->run($out); + } + + public function testDonNotRun() { + $this->config->expects($this->once()) + ->method('getAppValue') + ->with('user_ldap', 'installed_version', '1.2.1') + ->willReturn('1.2.1'); + $this->userMapper->expects($this->never()) + ->method('getList'); + $this->groupMapper->expects($this->never()) + ->method('getList'); + $this->jobList->expects($this->never()) + ->method('add'); + + /** @var IOutput $out */ + $out = $this->createMock(IOutput::class); + $this->job->run($out); + } +} diff --git a/apps/user_ldap/tests/Migration/UUIDFixUserTest.php b/apps/user_ldap/tests/Migration/UUIDFixUserTest.php new file mode 100644 index 00000000000..28eca1608d2 --- /dev/null +++ b/apps/user_ldap/tests/Migration/UUIDFixUserTest.php @@ -0,0 +1,46 @@ +<?php +/** + * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_LDAP\Tests\Migration; + +use OCA\User_LDAP\Migration\UUIDFixUser; +use OCA\User_LDAP\Mapping\UserMapping; +use OCA\User_LDAP\User_Proxy; + +/** + * Class UUIDFixUserTest + * + * @package OCA\User_LDAP\Tests\Migration + * @group DB + */ +class UUIDFixUserTest extends AbstractUUIDFixTest { + public function setUp() { + $this->isUser = true; + parent::setUp(); + + $this->mapper = $this->createMock(UserMapping::class); + + $this->mockProxy(User_Proxy::class); + $this->instantiateJob(UUIDFixUser::class); + } +} |