/* * SonarQube * Copyright (C) 2009-2025 SonarSource SA * mailto:info AT sonarsource DOT com * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 3 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ package org.sonar.auth.ldap; import java.util.Collection; import org.junit.ClassRule; import org.junit.Test; import org.sonar.api.config.internal.MapSettings; import org.sonar.api.server.http.HttpRequest; import org.sonar.auth.ldap.server.LdapServer; import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.Mockito.mock; public class DefaultLdapGroupsProviderIT { /** * A reference to the original ldif file */ public static final String USERS_EXAMPLE_ORG_LDIF = "/users.example.org.ldif"; /** * A reference to an aditional ldif file. */ public static final String USERS_INFOSUPPORT_COM_LDIF = "/users.infosupport.com.ldif"; @ClassRule public static LdapServer exampleServer = new LdapServer(USERS_EXAMPLE_ORG_LDIF); @ClassRule public static LdapServer infosupportServer = new LdapServer(USERS_INFOSUPPORT_COM_LDIF, "infosupport.com", "dc=infosupport,dc=com"); @Test public void doGetGroups_when_single_server_without_key() { MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, null); LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig()); DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings()); Collection groups = getGroupsForContext(createContextForDefaultServer("tester"), groupsProvider); assertThat(groups).containsOnly("sonar-users"); groups = getGroupsForContext(createContextForDefaultServer("godin"), groupsProvider); assertThat(groups).containsOnly("sonar-users", "sonar-developers"); groups = getGroupsForContext(createContextForDefaultServer("unknown_user"), groupsProvider); assertThat(groups).isEmpty(); } @Test public void doGetGroups_when_two_ldap_servers() { MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer); LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig()); DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings()); Collection groups = getGroupsForContext(createContextForExampleServer("tester"), groupsProvider); assertThat(groups).containsOnly("sonar-users"); groups = getGroupsForContext(createContextForExampleServer("godin"), groupsProvider); assertThat(groups).containsOnly("sonar-users", "sonar-developers"); groups = getGroupsForContext(createContextForExampleServer("unknown_user"), groupsProvider); assertThat(groups).isEmpty(); groups = getGroupsForContext(createContextForInfoSupportServer("testerInfo"), groupsProvider); assertThat(groups).containsOnly("sonar-users"); groups = getGroupsForContext(createContextForInfoSupportServer("robby"), groupsProvider); assertThat(groups).containsOnly("sonar-users", "sonar-developers"); } @Test public void doGetGroups_when_two_ldap_servers_with_same_username_resolves_groups_from_right_server() { MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer); LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig()); DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings()); Collection groups = getGroupsForContext(createContextForExampleServer("duplicated"), groupsProvider); assertThat(groups).containsOnly("sonar-users"); groups = getGroupsForContext(createContextForInfoSupportServer("duplicated"), groupsProvider); assertThat(groups).containsOnly("sonar-developers"); } @Test public void posix() { MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, null); settings.setProperty("ldap.group.request", "(&(objectClass=posixGroup)(memberUid={uid}))"); LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig()); DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings()); Collection groups = getGroupsForContext(createContextForDefaultServer("godin"), groupsProvider); assertThat(groups).containsOnly("linux-users"); } @Test public void posixMultipleLdap() { MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer); settings.setProperty("ldap.example.group.request", "(&(objectClass=posixGroup)(memberUid={uid}))"); settings.setProperty("ldap.infosupport.group.request", "(&(objectClass=posixGroup)(memberUid={uid}))"); LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig()); DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings()); Collection groups = getGroupsForContext(createContextForExampleServer("godin"), groupsProvider); assertThat(groups).containsOnly("linux-users"); groups = getGroupsForContext(createContextForInfoSupportServer("robby"), groupsProvider); assertThat(groups).containsOnly("linux-users"); } private static Collection getGroupsForContext(LdapGroupsProvider.Context context, DefaultLdapGroupsProvider groupsProvider) { return groupsProvider.doGetGroups(context); } @Test public void mixed() { MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer); settings.setProperty("ldap.example.group.request", "(&(|(objectClass=groupOfUniqueNames)(objectClass=posixGroup))(|(uniqueMember={dn})(memberUid={uid})))"); LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig()); DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings()); Collection groups = getGroupsForContext(createContextForExampleServer("godin"), groupsProvider); assertThat(groups).containsOnly("sonar-users", "sonar-developers", "linux-users"); } @Test public void mixedMultipleLdap() { MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer); settings.setProperty("ldap.example.group.request", "(&(|(objectClass=groupOfUniqueNames)(objectClass=posixGroup))(|(uniqueMember={dn})(memberUid={uid})))"); settings.setProperty("ldap.infosupport.group.request", "(&(|(objectClass=groupOfUniqueNames)(objectClass=posixGroup))(|(uniqueMember={dn})(memberUid={uid})))"); LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig()); DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings()); Collection groups = getGroupsForContext(createContextForExampleServer("godin"), groupsProvider); assertThat(groups).containsOnly("sonar-users", "sonar-developers", "linux-users"); groups = getGroupsForContext(createContextForInfoSupportServer("robby"), groupsProvider); assertThat(groups).containsOnly("sonar-users", "sonar-developers", "linux-users"); } private static LdapGroupsProvider.Context createContextForDefaultServer(String userName) { return createContext("default", userName); } private static LdapGroupsProvider.Context createContextForExampleServer(String userName) { return createContext("example", userName); } private static LdapGroupsProvider.Context createContextForInfoSupportServer(String userName) { return createContext("infosupport", userName); } private static LdapGroupsProvider.Context createContext(String serverName, String userName) { return new LdapGroupsProvider.Context(serverName, userName, mock(HttpRequest.class)); } }