From 7a728f2154a1d0670b1f073315983b2969fafb07 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@arthur-schiwon.de>
Date: Wed, 27 Jun 2018 23:09:44 +0200
Subject: LDAP backup server should not be queried when auth fails

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
---
 apps/user_ldap/tests/ConnectionTest.php | 53 +++++++++++++++++++++++++++++++--
 1 file changed, 50 insertions(+), 3 deletions(-)

(limited to 'apps/user_ldap/tests/ConnectionTest.php')

diff --git a/apps/user_ldap/tests/ConnectionTest.php b/apps/user_ldap/tests/ConnectionTest.php
index cead84b05b0..c6c1fe11922 100644
--- a/apps/user_ldap/tests/ConnectionTest.php
+++ b/apps/user_ldap/tests/ConnectionTest.php
@@ -38,7 +38,7 @@ use OCA\User_LDAP\ILDAPWrapper;
  * @package OCA\User_LDAP\Tests
  */
 class ConnectionTest extends \Test\TestCase {
-	/** @var \OCA\User_LDAP\ILDAPWrapper  */
+	/** @var \OCA\User_LDAP\ILDAPWrapper|\PHPUnit_Framework_MockObject_MockObject  */
 	protected $ldap;
 
 	/** @var  Connection */
@@ -110,7 +110,7 @@ class ConnectionTest extends \Test\TestCase {
 			->method('setOption')
 			->will($this->returnValue(true));
 
-		$this->ldap->expects($this->exactly(3))
+		$this->ldap->expects($this->exactly(2))
 			->method('connect')
 			->will($this->returnValue('ldapResource'));
 
@@ -119,7 +119,7 @@ class ConnectionTest extends \Test\TestCase {
 			->will($this->returnValue(0));
 
 		// Not called often enough? Then, the fallback to the backup server is broken.
-		$this->connection->expects($this->exactly(4))
+		$this->connection->expects($this->exactly(3))
 			->method('getFromCache')
 			->with('overrideMainServer')
 			->will($this->onConsecutiveCalls(false, false, true, true));
@@ -145,6 +145,53 @@ class ConnectionTest extends \Test\TestCase {
 		$this->connection->init();
 	}
 
+	public function testDontUseBackupServerOnFailedAuth() {
+		$mainHost = 'ldap://nixda.ldap';
+		$backupHost = 'ldap://fallback.ldap';
+		$config = [
+			'ldapConfigurationActive' => true,
+			'ldapHost' => $mainHost,
+			'ldapPort' => 389,
+			'ldapBackupHost' => $backupHost,
+			'ldapBackupPort' => 389,
+			'ldapAgentName' => 'uid=agent',
+			'ldapAgentPassword' => 'SuchASecret'
+		];
+
+		$this->connection->setIgnoreValidation(true);
+		$this->connection->setConfiguration($config);
+
+		$this->ldap->expects($this->any())
+			->method('isResource')
+			->will($this->returnValue(true));
+
+		$this->ldap->expects($this->any())
+			->method('setOption')
+			->will($this->returnValue(true));
+
+		$this->ldap->expects($this->once())
+			->method('connect')
+			->will($this->returnValue('ldapResource'));
+
+		$this->ldap->expects($this->any())
+			->method('errno')
+			->will($this->returnValue(49));
+
+		$this->connection->expects($this->any())
+			->method('getFromCache')
+			->with('overrideMainServer')
+			->willReturn(false);
+
+		$this->connection->expects($this->never())
+			->method('writeToCache');
+
+		$this->ldap->expects($this->exactly(1))
+			->method('bind')
+			->willReturn(false);
+
+		$this->connection->init();
+	}
+
 	public function testBindWithInvalidCredentials() {
 		// background: Bind with invalid credentials should return false
 		// and not throw a ServerNotAvailableException.
-- 
cgit v1.2.3