From 86d145f0692df7b6d5883c6caa88c19b7d725161 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Thu, 15 Mar 2018 18:39:27 +0100 Subject: behat integration tests for LDAP, basic setup Signed-off-by: Arthur Schiwon --- build/integration/ldap_features/ldap-openldap.feature | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 build/integration/ldap_features/ldap-openldap.feature (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature new file mode 100644 index 00000000000..e52ab600aec --- /dev/null +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -0,0 +1,10 @@ +Feature: LDAP + Background: + Given using api version "2" + + Scenario: Test valid configuration by logging in + Given having a valid LDAP configuration + When Logging in using web as "alice" + #When As an "alice" + And sending "GET" to "/cloud/user" + Then the HTTP status code should be "200" -- cgit v1.2.3 From b4eeb9eff5b2892fc9c1da5f56fb1129730d07a6 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Mon, 9 Apr 2018 12:27:36 +0200 Subject: check user details Signed-off-by: Arthur Schiwon --- build/integration/features/bootstrap/LDAPContext.php | 20 ++++++++++++++++++++ .../integration/ldap_features/ldap-openldap.feature | 11 +++++++++-- 2 files changed, 29 insertions(+), 2 deletions(-) (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/build/integration/features/bootstrap/LDAPContext.php b/build/integration/features/bootstrap/LDAPContext.php index 5d7bb34a90a..b1ccd59ab7b 100644 --- a/build/integration/features/bootstrap/LDAPContext.php +++ b/build/integration/features/bootstrap/LDAPContext.php @@ -104,4 +104,24 @@ class LDAPContext implements Context { $this->settingTheLDAPConfigurationTo($data); $this->asAn(''); } + + /** + * @Given /^looking up details for the first result matches expectations$/ + * @param TableNode $expectations + */ + public function lookingUpDetailsForTheFirstResult(TableNode $expectations) { + $userResultElements = simplexml_load_string($this->response->getBody())->data[0]->users[0]->element; + $userResults = json_decode(json_encode($userResultElements), 1); + $userId = array_shift($userResults); + + $this->sendingTo('GET', '/cloud/users/' . $userId); + + foreach($expectations->getRowsHash() as $k => $v) { + $value = (string)simplexml_load_string($this->response->getBody())->data[0]->$k; + PHPUnit_Framework_Assert::assertEquals($v, $value); + } + + $backend = (string)simplexml_load_string($this->response->getBody())->data[0]->backend; + PHPUnit_Framework_Assert::assertEquals('LDAP', $backend); + } } diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature index e52ab600aec..c63fdf1f9c5 100644 --- a/build/integration/ldap_features/ldap-openldap.feature +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -5,6 +5,13 @@ Feature: LDAP Scenario: Test valid configuration by logging in Given having a valid LDAP configuration When Logging in using web as "alice" - #When As an "alice" - And sending "GET" to "/cloud/user" Then the HTTP status code should be "200" + + Scenario: Look for a known LDAP user + Given having a valid LDAP configuration + And As an "admin" + And sending "GET" to "/cloud/users?search=alice" + Then the OCS status code should be "200" + And looking up details for the first result matches expectations + | email | alice@nextcloud.ci | + | displayname | Alice | -- cgit v1.2.3 From 3450ed4536030ccc8ddd34836fc2e17ddc328a18 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Wed, 11 Apr 2018 00:32:49 +0200 Subject: integration test checking the group filter Signed-off-by: Arthur Schiwon --- .../Lib/IntegrationTestAccessGroupsMatchFilter.php | 127 --------------------- .../integration/features/bootstrap/LDAPContext.php | 31 +++++ .../ldap_features/ldap-openldap.feature | 43 +++++++ 3 files changed, 74 insertions(+), 127 deletions(-) delete mode 100644 apps/user_ldap/tests/Integration/Lib/IntegrationTestAccessGroupsMatchFilter.php (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestAccessGroupsMatchFilter.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestAccessGroupsMatchFilter.php deleted file mode 100644 index 87c2e408424..00000000000 --- a/apps/user_ldap/tests/Integration/Lib/IntegrationTestAccessGroupsMatchFilter.php +++ /dev/null @@ -1,127 +0,0 @@ - - * @author Joas Schilling - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\User_LDAP\Tests\Integration\Lib; - -use OCA\User_LDAP\Tests\Integration\AbstractIntegrationTest; - -require_once __DIR__ . '/../Bootstrap.php'; - -class IntegrationTestAccessGroupsMatchFilter extends AbstractIntegrationTest { - - /** - * prepares the LDAP environment and sets up a test configuration for - * the LDAP backend. - */ - public function init() { - require(__DIR__ . '/../setup-scripts/createExplicitUsers.php'); - require(__DIR__ . '/../setup-scripts/createExplicitGroups.php'); - require(__DIR__ . '/../setup-scripts/createExplicitGroupsDifferentOU.php'); - parent::init(); - } - - /** - * tests whether the group filter works with one specific group, while the - * input is the same. - * - * @return bool - */ - protected function case1() { - $this->connection->setConfiguration(['ldapGroupFilter' => 'cn=RedGroup']); - - $dns = ['cn=RedGroup,ou=Groups,' . $this->base]; - $result = $this->access->groupsMatchFilter($dns); - return ($dns === $result); - } - - /** - * Tests whether a filter for limited groups is effective when more existing - * groups were passed for validation. - * - * @return bool - */ - protected function case2() { - $this->connection->setConfiguration(['ldapGroupFilter' => '(|(cn=RedGroup)(cn=PurpleGroup))']); - - $dns = [ - 'cn=RedGroup,ou=Groups,' . $this->base, - 'cn=BlueGroup,ou=Groups,' . $this->base, - 'cn=PurpleGroup,ou=Groups,' . $this->base - ]; - $result = $this->access->groupsMatchFilter($dns); - - $status = - count($result) === 2 - && in_array('cn=RedGroup,ou=Groups,' . $this->base, $result) - && in_array('cn=PurpleGroup,ou=Groups,' . $this->base, $result); - - return $status; - } - - /** - * Tests whether a filter for limited groups is effective when more existing - * groups were passed for validation. - * - * @return bool - */ - protected function case3() { - $this->connection->setConfiguration(['ldapGroupFilter' => '(objectclass=groupOfNames)']); - - $dns = [ - 'cn=RedGroup,ou=Groups,' . $this->base, - 'cn=PurpleGroup,ou=Groups,' . $this->base, - 'cn=SquaredCircleGroup,ou=SpecialGroups,' . $this->base - ]; - $result = $this->access->groupsMatchFilter($dns); - - $status = - count($result) === 2 - && in_array('cn=RedGroup,ou=Groups,' . $this->base, $result) - && in_array('cn=PurpleGroup,ou=Groups,' . $this->base, $result); - - return $status; - } - - /** - * sets up the LDAP configuration to be used for the test - */ - protected function initConnection() { - parent::initConnection(); - $this->connection->setConfiguration([ - 'ldapBaseGroups' => 'ou=Groups,' . $this->base, - 'ldapUserFilter' => 'objectclass=inetOrgPerson', - 'ldapUserDisplayName' => 'displayName', - 'ldapGroupDisplayName' => 'cn', - 'ldapLoginFilter' => 'uid=%uid', - ]); - } -} - -/** @var string $host */ -/** @var int $port */ -/** @var string $adn */ -/** @var string $apwd */ -/** @var string $bdn */ -$test = new IntegrationTestAccessGroupsMatchFilter($host, $port, $adn, $apwd, $bdn); -$test->init(); -$test->run(); diff --git a/build/integration/features/bootstrap/LDAPContext.php b/build/integration/features/bootstrap/LDAPContext.php index b1ccd59ab7b..4b9810aeff7 100644 --- a/build/integration/features/bootstrap/LDAPContext.php +++ b/build/integration/features/bootstrap/LDAPContext.php @@ -98,6 +98,7 @@ class LDAPContext implements Context { ['configData[ldapUserFilter]', '(&(objectclass=inetorgperson))'], ['configData[ldapLoginFilter]', '(&(objectclass=inetorgperson)(uid=%uid))'], ['configData[ldapUserDisplayName]', 'displayname'], + ['configData[ldapGroupDisplayName]', 'cn'], ['configData[ldapEmailAttribute]', 'mail'], ['configData[ldapConfigurationActive]', '1'], ]); @@ -124,4 +125,34 @@ class LDAPContext implements Context { $backend = (string)simplexml_load_string($this->response->getBody())->data[0]->backend; PHPUnit_Framework_Assert::assertEquals('LDAP', $backend); } + + /** + * @Given /^modify LDAP configuration$/ + */ + public function modifyLDAPConfiguration(TableNode $table) { + $originalAsAn = $this->currentUser; + $this->asAn('admin'); + $configData = $table->getRows(); + foreach($configData as &$row) { + $row[0] = 'configData[' . $row[0] . ']'; + } + $this->settingTheLDAPConfigurationTo(new TableNode($configData)); + $this->asAn($originalAsAn); + } + + /** + * @Given /^the group result should$/ + */ + public function theGroupResultShould(TableNode $expectations) { + $listReturnedGroups = simplexml_load_string($this->response->getBody())->data[0]->groups[0]->element; + $extractedGroupsArray = json_decode(json_encode($listReturnedGroups), 1); + + foreach($expectations->getRows() as $groupExpectation) { + if((int)$groupExpectation[1] === 1) { + PHPUnit_Framework_Assert::assertContains($groupExpectation[0], $extractedGroupsArray); + } else { + PHPUnit_Framework_Assert::assertNotContains($groupExpectation[0], $extractedGroupsArray); + } + } + } } diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature index c63fdf1f9c5..a2b16950bb1 100644 --- a/build/integration/ldap_features/ldap-openldap.feature +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -15,3 +15,46 @@ Feature: LDAP And looking up details for the first result matches expectations | email | alice@nextcloud.ci | | displayname | Alice | + + Scenario: Test group filter with one specific group + Given having a valid LDAP configuration + And modify LDAP configuration + | ldapGroupFilter | cn=RedGroup | + | ldapBaseGroups | ou=Groups,ou=Ordinary,dc=nextcloud,dc=ci | + And As an "admin" + And sending "GET" to "/cloud/groups" + Then the OCS status code should be "200" + And the group result should + | RedGroup | 1 | + | GreenGroup | 0 | + | BlueGroup | 0 | + | PurpleGroup | 0 | + + Scenario: Test group filter with two specific groups + Given having a valid LDAP configuration + And modify LDAP configuration + | ldapGroupFilter | (\|(cn=RedGroup)(cn=GreenGroup)) | + | ldapBaseGroups | ou=Groups,ou=Ordinary,dc=nextcloud,dc=ci | + And As an "admin" + And sending "GET" to "/cloud/groups" + Then the OCS status code should be "200" + And the group result should + | RedGroup | 1 | + | GreenGroup | 1 | + | BlueGroup | 0 | + | PurpleGroup | 0 | + + Scenario: Test group filter ruling out a group from a different base + Given having a valid LDAP configuration + And modify LDAP configuration + | ldapGroupFilter | (objectClass=groupOfNames) | + | ldapBaseGroups | ou=Groups,ou=Ordinary,dc=nextcloud,dc=ci | + And As an "admin" + And sending "GET" to "/cloud/groups" + Then the OCS status code should be "200" + And the group result should + | RedGroup | 1 | + | GreenGroup | 1 | + | BlueGroup | 1 | + | PurpleGroup | 1 | + | SquareGroup | 0 | -- cgit v1.2.3 From 4e8db8aa11ebd075d4fe4b9b5d47bc9a17dcf8b6 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Wed, 11 Apr 2018 18:14:28 +0200 Subject: convert LDAP offline and backup server integration tests Signed-off-by: Arthur Schiwon --- .../Lib/IntegrationTestBackupServer.php | 124 --------------------- .../integration/features/bootstrap/LDAPContext.php | 13 +++ .../ldap_features/ldap-openldap.feature | 27 +++++ 3 files changed, 40 insertions(+), 124 deletions(-) delete mode 100644 apps/user_ldap/tests/Integration/Lib/IntegrationTestBackupServer.php (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestBackupServer.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestBackupServer.php deleted file mode 100644 index 0eef5507538..00000000000 --- a/apps/user_ldap/tests/Integration/Lib/IntegrationTestBackupServer.php +++ /dev/null @@ -1,124 +0,0 @@ - - * @author Joas Schilling - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\User_LDAP\Tests\Integration\Lib; - -use OC\ServerNotAvailableException; -use OCA\User_LDAP\Tests\Integration\AbstractIntegrationTest; -use OCA\User_LDAP\Mapping\UserMapping; -use OCA\User_LDAP\User_LDAP; - -require_once __DIR__ . '/../Bootstrap.php'; - -class IntegrationTestBackupServer extends AbstractIntegrationTest { - /** @var UserMapping */ - protected $mapping; - - /** @var User_LDAP */ - protected $backend; - - /** - * sets up the LDAP configuration to be used for the test - */ - protected function initConnection() { - parent::initConnection(); - $originalHost = $this->connection->ldapHost; - $originalPort = $this->connection->ldapPort; - $this->connection->setConfiguration([ - 'ldapHost' => 'qwertz.uiop', - 'ldapPort' => '32123', - 'ldap_backup_host' => $originalHost, - 'ldap_backup_port' => $originalPort, - ]); - } - - /** - * tests that a backup connection is being used when the main LDAP server - * is offline - * - * Beware: after starting docker, the LDAP host might not be ready yet, thus - * causing a false positive. Retry in that case… or increase the sleep time - * in run-test.sh - * - * @return bool - */ - protected function case1() { - try { - $this->connection->getConnectionResource(); - } catch (ServerNotAvailableException $e) { - return false; - } - return true; - } - - /** - * ensures that an exception is thrown if LDAP main server and LDAP backup - * server are not available - * - * @return bool - */ - protected function case2() { - // reset possible LDAP connection - $this->initConnection(); - try { - $this->connection->setConfiguration([ - 'ldap_backup_host' => 'qwertz.uiop', - 'ldap_backup_port' => '32123', - ]); - $this->connection->getConnectionResource(); - } catch (ServerNotAvailableException $e) { - return true; - } - return false; - } - - /** - * ensures that an exception is thrown if main LDAP server is down and a - * backup server is not given - * - * @return bool - */ - protected function case3() { - // reset possible LDAP connection - $this->initConnection(); - try { - $this->connection->setConfiguration([ - 'ldap_backup_host' => '', - 'ldap_backup_port' => '', - ]); - $this->connection->getConnectionResource(); - } catch (ServerNotAvailableException $e) { - return true; - } - return false; - } -} - -/** @var string $host */ -/** @var int $port */ -/** @var string $adn */ -/** @var string $apwd */ -/** @var string $bdn */ -$test = new IntegrationTestBackupServer($host, $port, $adn, $apwd, $bdn); -$test->init(); -$test->run(); diff --git a/build/integration/features/bootstrap/LDAPContext.php b/build/integration/features/bootstrap/LDAPContext.php index 4b9810aeff7..ce63bc3f698 100644 --- a/build/integration/features/bootstrap/LDAPContext.php +++ b/build/integration/features/bootstrap/LDAPContext.php @@ -155,4 +155,17 @@ class LDAPContext implements Context { } } } + + /** + * @Given /^Expect ServerException on failed web login as "([^"]*)"$/ + */ + public function expectServerExceptionOnFailedWebLoginAs($login) { + try { + $this->loggingInUsingWebAs($login); + } catch (\GuzzleHttp\Exception\ServerException $e) { + PHPUnit_Framework_Assert::assertEquals(500, $e->getResponse()->getStatusCode()); + return; + } + PHPUnit_Framework_Assert::assertTrue(false, 'expected Exception not received'); + } } diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature index a2b16950bb1..b56f9eb2cae 100644 --- a/build/integration/ldap_features/ldap-openldap.feature +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -58,3 +58,30 @@ Feature: LDAP | BlueGroup | 1 | | PurpleGroup | 1 | | SquareGroup | 0 | + + Scenario: Test backup server + Given having a valid LDAP configuration + And modify LDAP configuration + | ldapBackupHost | openldap | + | ldapBackupPort | 389 | + | ldapHost | foo.bar | + | ldapPort | 2456 | + And Logging in using web as "alice" + Then the HTTP status code should be "200" + + Scenario: Test backup server offline + Given having a valid LDAP configuration + And modify LDAP configuration + | ldapBackupHost | off.line | + | ldapBackupPort | 3892 | + | ldapHost | foo.bar | + | ldapPort | 2456 | + Then Expect ServerException on failed web login as "alice" + + Scenario: Test LDAP server offline, no backup server + Given having a valid LDAP configuration + And modify LDAP configuration + | ldapHost | foo.bar | + | ldapPort | 2456 | + Then Expect ServerException on failed web login as "alice" + -- cgit v1.2.3 From d1a8a909de471eab64bf5fac8d83a6c9fa812b33 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Wed, 11 Apr 2018 19:27:39 +0200 Subject: login does not save the response Signed-off-by: Arthur Schiwon --- build/integration/ldap_features/ldap-openldap.feature | 1 + 1 file changed, 1 insertion(+) (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature index b56f9eb2cae..13e011bb0c8 100644 --- a/build/integration/ldap_features/ldap-openldap.feature +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -5,6 +5,7 @@ Feature: LDAP Scenario: Test valid configuration by logging in Given having a valid LDAP configuration When Logging in using web as "alice" + And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken Then the HTTP status code should be "200" Scenario: Look for a known LDAP user -- cgit v1.2.3 From eaf352b8d11251becbbd04690af80e04e3b1e35e Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Thu, 12 Apr 2018 10:57:42 +0200 Subject: integration test to ensure entries without displayname don't cause trouble Signed-off-by: Arthur Schiwon --- .../IntegrationTestBatchApplyUserAttributes.php | 81 ---------------------- .../integration/features/bootstrap/LDAPContext.php | 17 +++-- .../ldap_features/ldap-openldap.feature | 17 ++++- 3 files changed, 22 insertions(+), 93 deletions(-) delete mode 100644 apps/user_ldap/tests/Integration/Lib/IntegrationTestBatchApplyUserAttributes.php (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestBatchApplyUserAttributes.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestBatchApplyUserAttributes.php deleted file mode 100644 index 24476c9a868..00000000000 --- a/apps/user_ldap/tests/Integration/Lib/IntegrationTestBatchApplyUserAttributes.php +++ /dev/null @@ -1,81 +0,0 @@ - - * @author Joas Schilling - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\User_LDAP\Tests\Integration\Lib; - -use OCA\User_LDAP\Mapping\UserMapping; -use OCA\User_LDAP\Tests\Integration\AbstractIntegrationTest; - -require_once __DIR__ . '/../Bootstrap.php'; - -class IntegrationTestBatchApplyUserAttributes extends AbstractIntegrationTest { - /** @var UserMapping */ - protected $mapping; - - /** - * prepares the LDAP environment and sets up a test configuration for - * the LDAP backend. - */ - public function init() { - require(__DIR__ . '/../setup-scripts/createExplicitUsers.php'); - require(__DIR__ . '/../setup-scripts/createUsersWithoutDisplayName.php'); - parent::init(); - - $this->mapping = new UserMapping(\OC::$server->getDatabaseConnection()); - $this->mapping->clear(); - $this->access->setUserMapper($this->mapping); - } - - /** - * sets up the LDAP configuration to be used for the test - */ - protected function initConnection() { - parent::initConnection(); - $this->connection->setConfiguration([ - 'ldapUserDisplayName' => 'displayname', - ]); - } - - /** - * indirectly tests whether batchApplyUserAttributes does it job properly, - * when a user without display name is included in the result set from LDAP. - * - * @return bool - */ - protected function case1() { - $result = $this->access->fetchListOfUsers('objectclass=person', 'dn'); - // on the original issue, PHP would emit a fatal error - // – cannot catch it here, but will render the test as unsuccessful - return is_array($result) && !empty($result); - } - -} - -/** @var string $host */ -/** @var int $port */ -/** @var string $adn */ -/** @var string $apwd */ -/** @var string $bdn */ -$test = new IntegrationTestBatchApplyUserAttributes($host, $port, $adn, $apwd, $bdn); -$test->init(); -$test->run(); diff --git a/build/integration/features/bootstrap/LDAPContext.php b/build/integration/features/bootstrap/LDAPContext.php index ce63bc3f698..a4a878b1ca8 100644 --- a/build/integration/features/bootstrap/LDAPContext.php +++ b/build/integration/features/bootstrap/LDAPContext.php @@ -141,17 +141,16 @@ class LDAPContext implements Context { } /** - * @Given /^the group result should$/ + * @Given /^the "([^"]*)" result should match$/ */ - public function theGroupResultShould(TableNode $expectations) { - $listReturnedGroups = simplexml_load_string($this->response->getBody())->data[0]->groups[0]->element; - $extractedGroupsArray = json_decode(json_encode($listReturnedGroups), 1); - - foreach($expectations->getRows() as $groupExpectation) { - if((int)$groupExpectation[1] === 1) { - PHPUnit_Framework_Assert::assertContains($groupExpectation[0], $extractedGroupsArray); + public function theGroupResultShouldMatch(string $type, TableNode $expectations) { + $listReturnedElements = simplexml_load_string($this->response->getBody())->data[0]->$type[0]->element; + $extractedIDsArray = json_decode(json_encode($listReturnedElements), 1); + foreach($expectations->getRows() as $expectation) { + if((int)$expectation[1] === 1) { + PHPUnit_Framework_Assert::assertContains($expectation[0], $extractedIDsArray); } else { - PHPUnit_Framework_Assert::assertNotContains($groupExpectation[0], $extractedGroupsArray); + PHPUnit_Framework_Assert::assertNotContains($expectation[0], $extractedIDsArray); } } } diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature index 13e011bb0c8..d992f77c67c 100644 --- a/build/integration/ldap_features/ldap-openldap.feature +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -17,6 +17,17 @@ Feature: LDAP | email | alice@nextcloud.ci | | displayname | Alice | + Scenario: Look for a expected LDAP users + Given having a valid LDAP configuration + And modify LDAP configuration + | ldapExpertUsernameAttr | uid | + And As an "admin" + And sending "GET" to "/cloud/users" + Then the OCS status code should be "200" + And the "users" result should match + | alice | 1 | + | ghost | 0 | + Scenario: Test group filter with one specific group Given having a valid LDAP configuration And modify LDAP configuration @@ -25,7 +36,7 @@ Feature: LDAP And As an "admin" And sending "GET" to "/cloud/groups" Then the OCS status code should be "200" - And the group result should + And the "groups" result should match | RedGroup | 1 | | GreenGroup | 0 | | BlueGroup | 0 | @@ -39,7 +50,7 @@ Feature: LDAP And As an "admin" And sending "GET" to "/cloud/groups" Then the OCS status code should be "200" - And the group result should + And the "groups" result should match | RedGroup | 1 | | GreenGroup | 1 | | BlueGroup | 0 | @@ -53,7 +64,7 @@ Feature: LDAP And As an "admin" And sending "GET" to "/cloud/groups" Then the OCS status code should be "200" - And the group result should + And the "groups" result should match | RedGroup | 1 | | GreenGroup | 1 | | BlueGroup | 1 | -- cgit v1.2.3 From 8808da816dcc35c05bb73f17cd3c84f70e850c0e Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Fri, 13 Apr 2018 15:39:12 +0200 Subject: simplify tests and move some out to a new feature as we need a pristine database for them Signed-off-by: Arthur Schiwon --- .drone.yml | 12 ++++++++ .../ldap_features/ldap-openldap.feature | 36 ++++++---------------- .../ldap_features/openldap-uid-username.feature | 14 +++++++++ 3 files changed, 35 insertions(+), 27 deletions(-) create mode 100644 build/integration/ldap_features/openldap-uid-username.feature (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/.drone.yml b/.drone.yml index 84a6d0495f2..2ac98e4523f 100644 --- a/.drone.yml +++ b/.drone.yml @@ -572,6 +572,16 @@ pipeline: when: matrix: TESTS: integration-ldap-openldap-features + integration-ldap-openldap-uid-features: + image: nextcloudci/integration-php7.0:integration-php7.0-6 + commands: + - ./occ maintenance:install --admin-pass=admin --data-dir=/dev/shm/nc_int + - ./occ app:enable user_ldap + - cd build/integration + - ./run.sh ldap_features/openldap-uid-username.feature + when: + matrix: + TESTS: integration-ldap-openldap-uid-features integration-trashbin: image: nextcloudci/integration-php7.0:integration-php7.0-8 commands: @@ -840,6 +850,8 @@ matrix: - TESTS: integration-ldap-features - TESTS: integration-ldap-openldap-features ENABLE_OPENLDAP: true + - TESTS: integration-ldap-openldap-uid-features + ENABLE_OPENLDAP: true - TESTS: integration-trashbin - TESTS: integration-remote-api - TESTS: integration-download diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature index d992f77c67c..bd2e7bb85a1 100644 --- a/build/integration/ldap_features/ldap-openldap.feature +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -1,36 +1,23 @@ Feature: LDAP Background: Given using api version "2" + And having a valid LDAP configuration Scenario: Test valid configuration by logging in - Given having a valid LDAP configuration - When Logging in using web as "alice" + Given Logging in using web as "alice" And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken Then the HTTP status code should be "200" Scenario: Look for a known LDAP user - Given having a valid LDAP configuration - And As an "admin" + Given As an "admin" And sending "GET" to "/cloud/users?search=alice" Then the OCS status code should be "200" And looking up details for the first result matches expectations | email | alice@nextcloud.ci | | displayname | Alice | - Scenario: Look for a expected LDAP users - Given having a valid LDAP configuration - And modify LDAP configuration - | ldapExpertUsernameAttr | uid | - And As an "admin" - And sending "GET" to "/cloud/users" - Then the OCS status code should be "200" - And the "users" result should match - | alice | 1 | - | ghost | 0 | - Scenario: Test group filter with one specific group - Given having a valid LDAP configuration - And modify LDAP configuration + Given modify LDAP configuration | ldapGroupFilter | cn=RedGroup | | ldapBaseGroups | ou=Groups,ou=Ordinary,dc=nextcloud,dc=ci | And As an "admin" @@ -43,8 +30,7 @@ Feature: LDAP | PurpleGroup | 0 | Scenario: Test group filter with two specific groups - Given having a valid LDAP configuration - And modify LDAP configuration + Given modify LDAP configuration | ldapGroupFilter | (\|(cn=RedGroup)(cn=GreenGroup)) | | ldapBaseGroups | ou=Groups,ou=Ordinary,dc=nextcloud,dc=ci | And As an "admin" @@ -57,8 +43,7 @@ Feature: LDAP | PurpleGroup | 0 | Scenario: Test group filter ruling out a group from a different base - Given having a valid LDAP configuration - And modify LDAP configuration + Given modify LDAP configuration | ldapGroupFilter | (objectClass=groupOfNames) | | ldapBaseGroups | ou=Groups,ou=Ordinary,dc=nextcloud,dc=ci | And As an "admin" @@ -72,8 +57,7 @@ Feature: LDAP | SquareGroup | 0 | Scenario: Test backup server - Given having a valid LDAP configuration - And modify LDAP configuration + Given modify LDAP configuration | ldapBackupHost | openldap | | ldapBackupPort | 389 | | ldapHost | foo.bar | @@ -82,8 +66,7 @@ Feature: LDAP Then the HTTP status code should be "200" Scenario: Test backup server offline - Given having a valid LDAP configuration - And modify LDAP configuration + Given modify LDAP configuration | ldapBackupHost | off.line | | ldapBackupPort | 3892 | | ldapHost | foo.bar | @@ -91,8 +74,7 @@ Feature: LDAP Then Expect ServerException on failed web login as "alice" Scenario: Test LDAP server offline, no backup server - Given having a valid LDAP configuration - And modify LDAP configuration + Given modify LDAP configuration | ldapHost | foo.bar | | ldapPort | 2456 | Then Expect ServerException on failed web login as "alice" diff --git a/build/integration/ldap_features/openldap-uid-username.feature b/build/integration/ldap_features/openldap-uid-username.feature new file mode 100644 index 00000000000..a8bb20abf8e --- /dev/null +++ b/build/integration/ldap_features/openldap-uid-username.feature @@ -0,0 +1,14 @@ +Feature: LDAP + Background: + Given using api version "2" + And having a valid LDAP configuration + And modify LDAP configuration + | ldapExpertUsernameAttr | uid | + + Scenario: Look for a expected LDAP users + Given As an "admin" + And sending "GET" to "/cloud/users" + Then the OCS status code should be "200" + And the "users" result should match + | alice | 1 | + | ghost | 0 | -- cgit v1.2.3 From 0f6d98eed2e45623514ed7445aedf599a9d8d185 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Fri, 13 Apr 2018 16:43:02 +0200 Subject: convert connection tests Signed-off-by: Arthur Schiwon --- .../Integration/Lib/IntegrationTestConnect.php | 172 --------------------- .../features/bootstrap/BasicStructure.php | 7 + .../ldap_features/ldap-openldap.feature | 24 +++ 3 files changed, 31 insertions(+), 172 deletions(-) delete mode 100644 apps/user_ldap/tests/Integration/Lib/IntegrationTestConnect.php (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestConnect.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestConnect.php deleted file mode 100644 index f4fc0f189b4..00000000000 --- a/apps/user_ldap/tests/Integration/Lib/IntegrationTestConnect.php +++ /dev/null @@ -1,172 +0,0 @@ - - * @author Joas Schilling - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\User_LDAP\Tests\Integration\Lib; - -use OC\ServerNotAvailableException; -use OCA\User_LDAP\Tests\Integration\AbstractIntegrationTest; -use OCA\User_LDAP\Mapping\UserMapping; -use OCA\User_LDAP\User_LDAP; - -require_once __DIR__ . '/../Bootstrap.php'; - -class IntegrationTestConnect extends AbstractIntegrationTest { - /** @var UserMapping */ - protected $mapping; - - /** @var User_LDAP */ - protected $backend; - - /** @var string */ - protected $host; - - /** @var int */ - protected $port; - - public function __construct($host, $port, $bind, $pwd, $base) { - // make sure host is a simple host name - if(strpos($host, '://') !== false) { - $host = substr_replace($host, '', 0, strpos($host, '://') + 3); - } - if(strpos($host, ':') !== false) { - $host = substr_replace($host, '', strpos($host, ':')); - } - $this->host = $host; - $this->port = $port; - parent::__construct($host, $port, $bind, $pwd, $base); - } - - /** - * test that a faulty host will does not connect successfully - * - * @return bool - */ - protected function case1() { - // reset possible LDAP connection - $this->initConnection(); - $this->connection->setConfiguration([ - 'ldapHost' => 'qwertz.uiop', - ]); - try { - $this->connection->getConnectionResource(); - } catch (ServerNotAvailableException $e) { - return true; - } - return false; - } - - /** - * tests that a connect succeeds when only a hostname is provided - * - * @return bool - */ - protected function case2() { - // reset possible LDAP connection - $this->initConnection(); - $this->connection->setConfiguration([ - 'ldapHost' => $this->host, - ]); - try { - $this->connection->getConnectionResource(); - } catch (ServerNotAvailableException $e) { - return false; - } - return true; - } - - /** - * tests that a connect succeeds when an LDAP URL is provided - * - * @return bool - */ - protected function case3() { - // reset possible LDAP connection - $this->initConnection(); - $this->connection->setConfiguration([ - 'ldapHost' => 'ldap://' . $this->host, - ]); - try { - $this->connection->getConnectionResource(); - } catch (ServerNotAvailableException $e) { - return false; - } - return true; - } - - /** - * tests that a connect succeeds when an LDAP URL with port is provided - * - * @return bool - */ - protected function case4() { - // reset possible LDAP connection - $this->initConnection(); - $this->connection->setConfiguration([ - 'ldapHost' => 'ldap://' . $this->host . ':' . $this->port, - ]); - try { - $this->connection->getConnectionResource(); - } catch (ServerNotAvailableException $e) { - return false; - } - return true; - } - - /** - * tests that a connect succeeds when a hostname with port is provided - * - * @return bool - */ - protected function case5() { - // reset possible LDAP connection - $this->initConnection(); - $this->connection->setConfiguration([ - 'ldapHost' => $this->host . ':' . $this->port, - ]); - try { - $this->connection->getConnectionResource(); - } catch (ServerNotAvailableException $e) { - return false; - } - return true; - } - - /** - * repeat case1, only to make sure that not a connection was reused by - * accident. - * - * @return bool - */ - protected function case6() { - return $this->case1(); - } -} - -/** @var string $host */ -/** @var int $port */ -/** @var string $adn */ -/** @var string $apwd */ -/** @var string $bdn */ -$test = new IntegrationTestConnect($host, $port, $adn, $apwd, $bdn); -$test->init(); -$test->run(); diff --git a/build/integration/features/bootstrap/BasicStructure.php b/build/integration/features/bootstrap/BasicStructure.php index 32e02bad2a3..f6c93aa5174 100644 --- a/build/integration/features/bootstrap/BasicStructure.php +++ b/build/integration/features/bootstrap/BasicStructure.php @@ -497,4 +497,11 @@ trait BasicStructure { $file->isDir() ? rmdir($file) : unlink($file); } } + + /** + * @Given /^cookies are reset$/ + */ + public function cookiesAreReset() { + $this->cookieJar = new CookieJar(); + } } diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature index bd2e7bb85a1..311334a7b49 100644 --- a/build/integration/ldap_features/ldap-openldap.feature +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -8,6 +8,30 @@ Feature: LDAP And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken Then the HTTP status code should be "200" + Scenario: Test valid configuration with port in the hostname by logging in + Given modify LDAP configuration + | ldapHost | openldap:389 | + And cookies are reset + And Logging in using web as "alice" + And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken + Then the HTTP status code should be "200" + + Scenario: Test valid configuration with LDAP protocol by logging in + Given modify LDAP configuration + | ldapHost | ldap://openldap | + And cookies are reset + And Logging in using web as "alice" + And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken + Then the HTTP status code should be "200" + + Scenario: Test valid configuration with LDAP protoccol and port by logging in + Given modify LDAP configuration + | ldapHost | ldap://openldap:389 | + And cookies are reset + And Logging in using web as "alice" + And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken + Then the HTTP status code should be "200" + Scenario: Look for a known LDAP user Given As an "admin" And sending "GET" to "/cloud/users?search=alice" -- cgit v1.2.3 From b069b132267aee0f34da5bf16c828de66ec518ed Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Tue, 24 Apr 2018 12:04:29 +0200 Subject: convert pagination tests Signed-off-by: Arthur Schiwon --- .../Integration/Lib/IntegrationTestPaging.php | 37 +---------------- .../integration/features/bootstrap/LDAPContext.php | 15 +++++++ .../ldap_features/ldap-openldap.feature | 41 +++++++++--------- .../ldap_features/openldap-uid-username.feature | 48 ++++++++++++++++++++++ 4 files changed, 84 insertions(+), 57 deletions(-) (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestPaging.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestPaging.php index d54d001c4ad..fcb2e59b4a9 100644 --- a/apps/user_ldap/tests/Integration/Lib/IntegrationTestPaging.php +++ b/apps/user_ldap/tests/Integration/Lib/IntegrationTestPaging.php @@ -58,30 +58,12 @@ class IntegrationTestPaging extends AbstractIntegrationTest { ]); } - /** - * tests that paging works properly against a simple example (reading all - * of few users in small steps) - * - * @return bool - */ - protected function case1() { - $filter = 'objectclass=inetorgperson'; - $attributes = ['cn', 'dn']; - - $result = $this->access->searchUsers($filter, $attributes); - if(count($result) === 7) { - return true; - } - - return false; - } - /** * fetch first three, afterwards all users * * @return bool */ - protected function case2() { + protected function case1() { $filter = 'objectclass=inetorgperson'; $attributes = ['cn', 'dn']; @@ -102,23 +84,6 @@ class IntegrationTestPaging extends AbstractIntegrationTest { return true; } - - /** - * reads all remaining users starting first page - * - * @return bool - */ - protected function case3() { - $filter = 'objectclass=inetorgperson'; - $attributes = ['cn', 'dn']; - - $result = $this->access->searchUsers($filter, $attributes, null, $this->pagingSize); - if(count($result) === (7 - $this->pagingSize)) { - return true; - } - - return false; - } } /** @var string $host */ diff --git a/build/integration/features/bootstrap/LDAPContext.php b/build/integration/features/bootstrap/LDAPContext.php index a4a878b1ca8..5b226753e5c 100644 --- a/build/integration/features/bootstrap/LDAPContext.php +++ b/build/integration/features/bootstrap/LDAPContext.php @@ -167,4 +167,19 @@ class LDAPContext implements Context { } PHPUnit_Framework_Assert::assertTrue(false, 'expected Exception not received'); } + + /** + * @Given /^the "([^"]*)" result should contain "([^"]*)" of$/ + */ + public function theResultShouldContainOf($type, $expectedCount, TableNode $expectations) { + $listReturnedElements = simplexml_load_string($this->response->getBody())->data[0]->$type[0]->element; + $extractedIDsArray = json_decode(json_encode($listReturnedElements), 1); + $uidsFound = 0; + foreach($expectations->getRows() as $expectation) { + if(in_array($expectation[0], $extractedIDsArray)) { + $uidsFound++; + } + } + PHPUnit_Framework_Assert::assertSame((int)$expectedCount, $uidsFound); + } } diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature index 311334a7b49..299142cfedc 100644 --- a/build/integration/ldap_features/ldap-openldap.feature +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -80,26 +80,25 @@ Feature: LDAP | PurpleGroup | 1 | | SquareGroup | 0 | - Scenario: Test backup server - Given modify LDAP configuration - | ldapBackupHost | openldap | - | ldapBackupPort | 389 | - | ldapHost | foo.bar | - | ldapPort | 2456 | - And Logging in using web as "alice" - Then the HTTP status code should be "200" - - Scenario: Test backup server offline - Given modify LDAP configuration - | ldapBackupHost | off.line | - | ldapBackupPort | 3892 | - | ldapHost | foo.bar | - | ldapPort | 2456 | - Then Expect ServerException on failed web login as "alice" + Scenario: Test backup server + Given modify LDAP configuration + | ldapBackupHost | openldap | + | ldapBackupPort | 389 | + | ldapHost | foo.bar | + | ldapPort | 2456 | + And Logging in using web as "alice" + Then the HTTP status code should be "200" - Scenario: Test LDAP server offline, no backup server - Given modify LDAP configuration - | ldapHost | foo.bar | - | ldapPort | 2456 | - Then Expect ServerException on failed web login as "alice" + Scenario: Test backup server offline + Given modify LDAP configuration + | ldapBackupHost | off.line | + | ldapBackupPort | 3892 | + | ldapHost | foo.bar | + | ldapPort | 2456 | + Then Expect ServerException on failed web login as "alice" + Scenario: Test LDAP server offline, no backup server + Given modify LDAP configuration + | ldapHost | foo.bar | + | ldapPort | 2456 | + Then Expect ServerException on failed web login as "alice" diff --git a/build/integration/ldap_features/openldap-uid-username.feature b/build/integration/ldap_features/openldap-uid-username.feature index a8bb20abf8e..aa6010875c1 100644 --- a/build/integration/ldap_features/openldap-uid-username.feature +++ b/build/integration/ldap_features/openldap-uid-username.feature @@ -12,3 +12,51 @@ Feature: LDAP And the "users" result should match | alice | 1 | | ghost | 0 | + + Scenario: Fetch all users, invoking pagination + Given modify LDAP configuration + | ldapBaseUsers | ou=PagingTest,dc=nextcloud,dc=ci | + | ldapPagingSize | 2 | + And As an "admin" + And sending "GET" to "/cloud/users" + Then the OCS status code should be "200" + And the "users" result should match + | ebba | 1 | + | eindis | 1 | + | fjolnir | 1 | + | gunna | 1 | + | juliana | 1 | + | leo | 1 | + | stigur | 1 | + + Scenario: Fetch all users, invoking pagination + Given modify LDAP configuration + | ldapBaseUsers | ou=PagingTest,dc=nextcloud,dc=ci | + | ldapPagingSize | 2 | + And As an "admin" + And sending "GET" to "/cloud/users?limit=10" + Then the OCS status code should be "200" + And the "users" result should match + | ebba | 1 | + | eindis | 1 | + | fjolnir | 1 | + | gunna | 1 | + | juliana | 1 | + | leo | 1 | + | stigur | 1 | + + Scenario: Fetch first foall users, invoking pagination + Given modify LDAP configuration + | ldapBaseUsers | ou=PagingTest,dc=nextcloud,dc=ci | + | ldapPagingSize | 2 | + And As an "admin" + And sending "GET" to "/cloud/users?limit=10&offset=2" + Then the OCS status code should be "200" + And the "users" result should contain "5" of + | ebba | + | eindis | + | fjolnir | + | gunna | + | juliana | + | leo | + | stigur | -- cgit v1.2.3 From 59e35e3bf7fc46980bd6d415e1a56c6be81c6899 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Tue, 22 May 2018 18:07:25 +0200 Subject: tests for user storage location Signed-off-by: Arthur Schiwon --- .../Integration/Lib/IntegrationTestUserHome.php | 186 --------------------- .../integration/features/bootstrap/LDAPContext.php | 23 ++- .../ldap_features/ldap-openldap.feature | 4 +- .../ldap_features/openldap-uid-username.feature | 28 +++- 4 files changed, 44 insertions(+), 197 deletions(-) delete mode 100644 apps/user_ldap/tests/Integration/Lib/IntegrationTestUserHome.php (limited to 'build/integration/ldap_features/ldap-openldap.feature') diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestUserHome.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestUserHome.php deleted file mode 100644 index 9ee5a7efac2..00000000000 --- a/apps/user_ldap/tests/Integration/Lib/IntegrationTestUserHome.php +++ /dev/null @@ -1,186 +0,0 @@ - - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Vinicius Cubas Brand - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\User_LDAP\Tests\Integration\Lib; - -use OCA\User_LDAP\FilesystemHelper; -use OCA\User_LDAP\LogWrapper; -use OCA\User_LDAP\User\Manager as LDAPUserManager; -use OCA\User_LDAP\Tests\Integration\AbstractIntegrationTest; -use OCA\User_LDAP\Mapping\UserMapping; -use OCA\User_LDAP\User_LDAP; -use OCP\Image; - -require_once __DIR__ . '/../Bootstrap.php'; - -class IntegrationTestUserHome extends AbstractIntegrationTest { - /** @var UserMapping */ - protected $mapping; - - /** @var User_LDAP */ - protected $backend; - - /** - * prepares the LDAP environment and sets up a test configuration for - * the LDAP backend. - */ - public function init() { - require(__DIR__ . '/../setup-scripts/createExplicitUsers.php'); - parent::init(); - - $this->mapping = new UserMapping(\OC::$server->getDatabaseConnection()); - $this->mapping->clear(); - $this->access->setUserMapper($this->mapping); - $this->backend = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager(), \OC::$server->getUserSession(), \OC::$server->query('LDAPUserPluginManager')); - } - - /** - * sets up the LDAP configuration to be used for the test - */ - protected function initConnection() { - parent::initConnection(); - $this->connection->setConfiguration([ - 'homeFolderNamingRule' => 'homeDirectory', - ]); - } - - /** - * initializes an LDAP user manager instance - * @return LDAPUserManager - */ - protected function initUserManager() { - $this->userManager = new LDAPUserManager( - \OC::$server->getConfig(), - new FilesystemHelper(), - new LogWrapper(), - \OC::$server->getAvatarManager(), - new Image(), - \OC::$server->getDatabaseConnection(), - \OC::$server->getUserManager(), - \OC::$server->getNotificationManager() - ); - } - - /** - * homeDirectory on LDAP is empty. Return values of getHome should be - * identical to user name, following Nextcloud default. - * - * @return bool - */ - protected function case1() { - \OC::$server->getConfig()->setAppValue('user_ldap', 'enforce_home_folder_naming_rule', false); - $userManager = \OC::$server->getUserManager(); - $userManager->clearBackends(); - $userManager->registerBackend($this->backend); - $users = $userManager->search('', 5, 0); - - foreach($users as $user) { - $home = $user->getHome(); - $uid = $user->getUID(); - $posFound = strpos($home, '/' . $uid); - $posExpected = strlen($home) - (strlen($uid) + 1); - if($posFound === false || $posFound !== $posExpected) { - print('"' . $user->getUID() . '" was not found in "' . $home . '" or does not end with it.' . PHP_EOL); - return false; - } - } - - return true; - } - - /** - * homeDirectory on LDAP is empty. Having the attributes set is enforced. - * - * @return bool - */ - protected function case2() { - \OC::$server->getConfig()->setAppValue('user_ldap', 'enforce_home_folder_naming_rule', true); - $userManager = \OC::$server->getUserManager(); - // clearing backends is critical, otherwise the userManager will have - // the user objects cached and the value from case1 returned - $userManager->clearBackends(); - $userManager->registerBackend($this->backend); - $users = $userManager->search('', 5, 0); - - try { - foreach ($users as $user) { - $user->getHome(); - print('User home was retrieved without throwing an Exception!' . PHP_EOL); - return false; - } - } catch (\Exception $e) { - if(strpos($e->getMessage(), 'Home dir attribute') === 0) { - return true; - } - } - - return false; - } - - /** - * homeDirectory on LDAP is set to "attr:" which is effectively empty. - * Return values of getHome should be Nextcloud default. - * - * @return bool - */ - protected function case3() { - \OC::$server->getConfig()->setAppValue('user_ldap', 'enforce_home_folder_naming_rule', true); - $this->connection->setConfiguration([ - 'homeFolderNamingRule' => 'attr:', - ]); - $userManager = \OC::$server->getUserManager(); - $userManager->clearBackends(); - $userManager->registerBackend($this->backend); - $users = $userManager->search('', 5, 0); - - try { - foreach ($users as $user) { - $home = $user->getHome(); - $uid = $user->getUID(); - $posFound = strpos($home, '/' . $uid); - $posExpected = strlen($home) - (strlen($uid) + 1); - if ($posFound === false || $posFound !== $posExpected) { - print('"' . $user->getUID() . '" was not found in "' . $home . '" or does not end with it.' . PHP_EOL); - return false; - } - } - } catch (\Exception $e) { - print("Unexpected Exception: " . $e->getMessage() . PHP_EOL); - return false; - } - - return true; - } -} - -/** @var string $host */ -/** @var int $port */ -/** @var string $adn */ -/** @var string $apwd */ -/** @var string $bdn */ -$test = new IntegrationTestUserHome($host, $port, $adn, $apwd, $bdn); -$test->init(); -$test->run(); diff --git a/build/integration/features/bootstrap/LDAPContext.php b/build/integration/features/bootstrap/LDAPContext.php index 5b226753e5c..30e3d1a3d2f 100644 --- a/build/integration/features/bootstrap/LDAPContext.php +++ b/build/integration/features/bootstrap/LDAPContext.php @@ -116,14 +116,7 @@ class LDAPContext implements Context { $userId = array_shift($userResults); $this->sendingTo('GET', '/cloud/users/' . $userId); - - foreach($expectations->getRowsHash() as $k => $v) { - $value = (string)simplexml_load_string($this->response->getBody())->data[0]->$k; - PHPUnit_Framework_Assert::assertEquals($v, $value); - } - - $backend = (string)simplexml_load_string($this->response->getBody())->data[0]->backend; - PHPUnit_Framework_Assert::assertEquals('LDAP', $backend); + $this->theRecordFieldsShouldMatch($expectations); } /** @@ -180,6 +173,20 @@ class LDAPContext implements Context { $uidsFound++; } } + error_log('result array ' . json_encode($extractedIDsArray)); ## TODO remove debug statement PHPUnit_Framework_Assert::assertSame((int)$expectedCount, $uidsFound); } + + /** + * @Given /^the record's fields should match$/ + */ + public function theRecordFieldsShouldMatch(TableNode $expectations) { + foreach($expectations->getRowsHash() as $k => $v) { + $value = (string)simplexml_load_string($this->response->getBody())->data[0]->$k; + PHPUnit_Framework_Assert::assertEquals($v, $value); + } + + $backend = (string)simplexml_load_string($this->response->getBody())->data[0]->backend; + PHPUnit_Framework_Assert::assertEquals('LDAP', $backend); + } } diff --git a/build/integration/ldap_features/ldap-openldap.feature b/build/integration/ldap_features/ldap-openldap.feature index 299142cfedc..4c507e74595 100644 --- a/build/integration/ldap_features/ldap-openldap.feature +++ b/build/integration/ldap_features/ldap-openldap.feature @@ -37,8 +37,8 @@ Feature: LDAP And sending "GET" to "/cloud/users?search=alice" Then the OCS status code should be "200" And looking up details for the first result matches expectations - | email | alice@nextcloud.ci | - | displayname | Alice | + | email | alice@nextcloud.ci | + | displayname | Alice | Scenario: Test group filter with one specific group Given modify LDAP configuration diff --git a/build/integration/ldap_features/openldap-uid-username.feature b/build/integration/ldap_features/openldap-uid-username.feature index aa6010875c1..d267870ca26 100644 --- a/build/integration/ldap_features/openldap-uid-username.feature +++ b/build/integration/ldap_features/openldap-uid-username.feature @@ -11,8 +11,34 @@ Feature: LDAP Then the OCS status code should be "200" And the "users" result should match | alice | 1 | + | elisa | 1 | | ghost | 0 | + Scenario: check default home of an LDAP user + Given As an "admin" + And sending "GET" to "/cloud/users/alice" + Then the OCS status code should be "200" + And the record's fields should match + | storageLocation | /dev/shm/nc_int/alice | + + Scenario: check custom relative home of an LDAP user + Given modify LDAP configuration + | homeFolderNamingRule | sn | + And As an "admin" + And sending "GET" to "/cloud/users/alice" + Then the OCS status code should be "200" + And the record's fields should match + | storageLocation | /dev/shm/nc_int/Alfgeirdottir | + + Scenario: check custom absolute home of an LDAP user + Given modify LDAP configuration + | homeFolderNamingRule | roomNumber | + And As an "admin" + And sending "GET" to "/cloud/users/elisa" + Then the OCS status code should be "200" + And the record's fields should match + | storageLocation | /dev/shm/elisa-data | + Scenario: Fetch all users, invoking pagination Given modify LDAP configuration | ldapBaseUsers | ou=PagingTest,dc=nextcloud,dc=ci | @@ -45,7 +71,7 @@ Feature: LDAP | leo | 1 | | stigur | 1 | - Scenario: Fetch first foall users, invoking pagination + Scenario: Fetch from second batch of all users, invoking pagination Given modify LDAP configuration | ldapBaseUsers | ou=PagingTest,dc=nextcloud,dc=ci | | ldapPagingSize | 2 | -- cgit v1.2.3