summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--apps/user_ldap/tests/Group_LDAPTest.php173
1 files changed, 173 insertions, 0 deletions
diff --git a/apps/user_ldap/tests/Group_LDAPTest.php b/apps/user_ldap/tests/Group_LDAPTest.php
index 74dd2b467cf..63de2ee9481 100644
--- a/apps/user_ldap/tests/Group_LDAPTest.php
+++ b/apps/user_ldap/tests/Group_LDAPTest.php
@@ -503,6 +503,179 @@ class Group_LDAPTest extends TestCase {
$groupBackend->inGroup($uid, $gid);
}
+ public function groupWithMembersProvider() {
+ return [
+ [
+ 'someGroup',
+ 'cn=someGroup,ou=allTheGroups,ou=someDepartment,dc=someDomain,dc=someTld',
+ [
+ 'uid=oneUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
+ 'uid=someUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
+ 'uid=anotherUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
+ 'uid=differentUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * @dataProvider groupWithMembersProvider
+ */
+ public function testInGroupMember(string $gid, string $groupDn, array $memberDNs) {
+ $access = $this->getAccessMock();
+ $pluginManager = $this->getPluginManagerMock();
+
+ $access->connection = $this->createMock(Connection::class);
+
+ $uid = 'someUser';
+ $userDn = $memberDNs[0];
+
+ $access->connection->expects($this->any())
+ ->method('__get')
+ ->willReturnCallback(function ($name) {
+ switch ($name) {
+ case 'ldapGroupMemberAssocAttr':
+ return 'member';
+ case 'ldapDynamicGroupMemberURL':
+ return '';
+ case 'hasPrimaryGroups':
+ case 'ldapNestedGroups';
+ return 0;
+ default:
+ return 1;
+ }
+ });
+ $access->connection->expects($this->any())
+ ->method('getFromCache')
+ ->willReturn(null);
+
+ $access->expects($this->once())
+ ->method('username2dn')
+ ->with($uid)
+ ->willReturn($userDn);
+ $access->expects($this->once())
+ ->method('groupname2dn')
+ ->willReturn($groupDn);
+ $access->expects($this->any())
+ ->method('readAttribute')
+ ->willReturn($memberDNs);
+
+ $groupBackend = new GroupLDAP($access, $pluginManager);
+ $this->assertTrue($groupBackend->inGroup($uid, $gid));
+ }
+
+ /**
+ * @dataProvider groupWithMembersProvider
+ */
+ public function testInGroupMemberNot(string $gid, string $groupDn, array $memberDNs) {
+ $access = $this->getAccessMock();
+ $pluginManager = $this->getPluginManagerMock();
+
+ $access->connection = $this->createMock(Connection::class);
+
+ $uid = 'unelatedUser';
+ $userDn = 'uid=unrelatedUser,ou=unrelatedTeam,ou=unrelatedDepartment,dc=someDomain,dc=someTld';
+
+ $access->connection->expects($this->any())
+ ->method('__get')
+ ->willReturnCallback(function ($name) {
+ switch ($name) {
+ case 'ldapGroupMemberAssocAttr':
+ return 'member';
+ case 'ldapDynamicGroupMemberURL':
+ return '';
+ case 'hasPrimaryGroups':
+ case 'ldapNestedGroups';
+ return 0;
+ default:
+ return 1;
+ }
+ });
+ $access->connection->expects($this->any())
+ ->method('getFromCache')
+ ->willReturn(null);
+
+ $access->expects($this->once())
+ ->method('username2dn')
+ ->with($uid)
+ ->willReturn($userDn);
+ $access->expects($this->once())
+ ->method('groupname2dn')
+ ->willReturn($groupDn);
+ $access->expects($this->any())
+ ->method('readAttribute')
+ ->willReturn($memberDNs);
+
+ $groupBackend = new GroupLDAP($access, $pluginManager);
+ $this->assertFalse($groupBackend->inGroup($uid, $gid));
+ }
+
+ /**
+ * @dataProvider groupWithMembersProvider
+ */
+ public function testInGroupMemberUid(string $gid, string $groupDn, array $memberDNs) {
+ $access = $this->getAccessMock();
+ $pluginManager = $this->getPluginManagerMock();
+
+ $memberUids = [];
+ $userRecords = [];
+ foreach ($memberDNs as $dn) {
+ $memberUids[] = ldap_explode_dn($dn, false)[0];
+ $userRecords[] = ['dn' => [$dn]];
+ }
+
+
+ $access->connection = $this->createMock(Connection::class);
+
+ $uid = 'someUser';
+ $userDn = $memberDNs[0];
+
+ $access->connection->expects($this->any())
+ ->method('__get')
+ ->willReturnCallback(function ($name) {
+ switch ($name) {
+ case 'ldapGroupMemberAssocAttr':
+ return 'memberUid';
+ case 'ldapDynamicGroupMemberURL':
+ return '';
+ case 'ldapLoginFilter':
+ return 'uid=%uid';
+ case 'hasPrimaryGroups':
+ case 'ldapNestedGroups';
+ return 0;
+ default:
+ return 1;
+ }
+ });
+ $access->connection->expects($this->any())
+ ->method('getFromCache')
+ ->willReturn(null);
+
+ $access->userManager->expects($this->any())
+ ->method('getAttributes')
+ ->willReturn(['uid', 'mail', 'displayname']);
+
+ $access->expects($this->once())
+ ->method('username2dn')
+ ->with($uid)
+ ->willReturn($userDn);
+ $access->expects($this->once())
+ ->method('groupname2dn')
+ ->willReturn($groupDn);
+ $access->expects($this->any())
+ ->method('readAttribute')
+ ->willReturn($memberUids);
+ $access->expects($this->any())
+ ->method('fetchListOfUsers')
+ ->willReturn($userRecords);
+ $access->expects($this->any())
+ ->method('combineFilterWithOr')
+ ->willReturn('(|(pseudo=filter)(filter=pseudo))');
+
+ $groupBackend = new GroupLDAP($access, $pluginManager);
+ $this->assertTrue($groupBackend->inGroup($uid, $gid));
+ }
+
public function testGetGroupsWithOffset() {
$access = $this->getAccessMock();
$pluginManager = $this->getPluginManagerMock();