activeldap 0.9.0 → 0.10.0

data/rails/plugin/active_ldap/init.rb

@@ -1,7 +1,7 @@
 require_library_or_gem 'active_ldap'
 ActiveLdap::Base.logger ||= RAILS_DEFAULT_LOGGER
 
-required_version = ["0", "8", "4"]
+required_version = ["0", "9", "1"]
 if (ActiveLdap::VERSION.split(".") <=> required_version) < 0
   ActiveLdap::Base.class_eval do
     format = _("You need ActiveLdap %s or later")
@@ -21,6 +21,44 @@ else
   end
 end
 
-class ActionView::Base
+class ::ActionView::Base
   include ActiveLdap::Helper
 end
+
+module ::ActionController
+  module LdapBenchmarking
+    def self.included(base)
+      base.class_eval do
+        alias_method_chain :render, :active_ldap_benchmark
+        alias_method_chain :rendering_runtime, :active_ldap
+      end
+    end
+
+    protected
+    def render_with_active_ldap_benchmark(*args, &block)
+      if logger
+        @ldap_runtime_before_render = ActiveLdap::Base.reset_runtime
+        result = render_without_active_ldap_benchmark(*args, &block)
+        @ldap_runtime_after_render = ActiveLdap::Base.reset_runtime
+        @rendering_runtime -= @ldap_runtime_after_render
+        result
+      else
+        render_without_active_ldap_benchmark(*args, &block)
+      end
+    end
+
+    private
+    def rendering_runtime_with_active_ldap(runtime)
+      result = rendering_runtime_without_active_ldap(runtime)
+      ldap_runtime = ActiveLdap::Base.reset_runtime
+      ldap_runtime += @ldap_runtime_before_render || 0
+      ldap_runtime += @ldap_runtime_after_render || 0
+      ldap_percentage = ldap_runtime * 100 / runtime
+      result + (" | LDAP: %.5f (%d%%)" % [ldap_runtime, ldap_percentage])
+    end
+  end
+
+  class Base
+    include LdapBenchmarking
+  end
+end

data/test/al-test-utils.rb

@@ -17,6 +17,7 @@ module AlTestUtils
   def self.included(base)
     base.class_eval do
       include ActiveLdap::GetTextSupport
+      include Assertions
       include Config
       include Connection
       include Populate
@@ -26,6 +27,16 @@ module AlTestUtils
     end
   end
 
+  module Assertions
+    def assert_true(actual, *args)
+      assert_equal(true, actual, *args)
+    end
+
+    def assert_false(actual, *args)
+      assert_equal(false, actual, *args)
+    end
+  end
+
   module Config
     def setup
       super
@@ -49,12 +60,72 @@ module AlTestUtils
         raise "config file for testing doesn't exist: #{@config_file}"
       end
       config = YAML.load(ERB.new(File.read(@config_file)).result)
+      _adapter = adapter
       config.each do |key, value|
-        adapter = ENV["ACTIVE_LDAP_TEST_ADAPTER"]
-        value[:adapter] = adapter if adapter
+        value[:adapter] = _adapter if _adapter
       end
       config
     end
+
+    def adapter
+      ENV["ACTIVE_LDAP_TEST_ADAPTER"]
+    end
+  end
+
+  module ExampleFile
+    def certificate_path
+      File.join(@example_dir, 'example.der')
+    end
+
+    @@certificate = nil
+    def certificate
+      return @@certificate if @@certificate
+      if File.exists?(certificate_path)
+        @@certificate = File.read(certificate_path)
+        return @@certificate
+      end
+
+      require 'openssl'
+      rsa = OpenSSL::PKey::RSA.new(512)
+      comment = "Generated by Ruby/OpenSSL"
+
+      cert = OpenSSL::X509::Certificate.new
+      cert.version = 3
+      cert.serial = 0
+      subject = [["OU", "test"],
+                 ["CN", Socket.gethostname]]
+      name = OpenSSL::X509::Name.new(subject)
+      cert.subject = name
+      cert.issuer = name
+      cert.not_before = Time.now
+      cert.not_after = Time.now + (365*24*60*60)
+      cert.public_key = rsa.public_key
+
+      ef = OpenSSL::X509::ExtensionFactory.new(nil, cert)
+      ef.issuer_certificate = cert
+      cert.extensions = [
+        ef.create_extension("basicConstraints","CA:FALSE"),
+        ef.create_extension("keyUsage", "keyEncipherment"),
+        ef.create_extension("subjectKeyIdentifier", "hash"),
+        ef.create_extension("extendedKeyUsage", "serverAuth"),
+        ef.create_extension("nsComment", comment),
+      ]
+      aki = ef.create_extension("authorityKeyIdentifier",
+                                "keyid:always,issuer:always")
+      cert.add_extension(aki)
+      cert.sign(rsa, OpenSSL::Digest::SHA1.new)
+
+      @@certificate = cert.to_der
+      @@certificate
+    end
+
+    def jpeg_photo_path
+      File.join(@example_dir, 'example.jpg')
+    end
+
+    def jpeg_photo
+      File.open(jpeg_photo_path, "rb") {|f| f.read}
+    end
   end
 
   module Connection
@@ -153,7 +224,8 @@ module AlTestUtils
   end
 
   module TemporaryEntry
-    @@certificate = nil
+    include ExampleFile
+
     def setup
       super
       @user_index = 0
@@ -218,8 +290,9 @@ module AlTestUtils
       yield(uid)
     ensure
       if @user_class.exists?(uid)
-        @user_class.find(uid).remove_connection
-        @user_class.delete(uid)
+        user = @user_class.find(uid)
+        user.remove_connection
+        @user_class.delete(user.dn)
       end
     end
 
@@ -236,59 +309,6 @@ module AlTestUtils
     def default_gid
       "10000#{@group_index}"
     end
-
-    def certificate_path
-      File.join(@example_dir, 'example.der')
-    end
-
-    def certificate
-      return @@certificate if @@certificate
-      if File.exists?(certificate_path)
-        @@certificate = File.read(certificate_path)
-        return @@certificate
-      end
-
-      require 'openssl'
-      rsa = OpenSSL::PKey::RSA.new(512)
-      comment = "Generated by Ruby/OpenSSL"
-
-      cert = OpenSSL::X509::Certificate.new
-      cert.version = 3
-      cert.serial = 0
-      subject = [["OU", "test"],
-                 ["CN", Socket.gethostname]]
-      name = OpenSSL::X509::Name.new(subject)
-      cert.subject = name
-      cert.issuer = name
-      cert.not_before = Time.now
-      cert.not_after = Time.now + (365*24*60*60)
-      cert.public_key = rsa.public_key
-
-      ef = OpenSSL::X509::ExtensionFactory.new(nil, cert)
-      ef.issuer_certificate = cert
-      cert.extensions = [
-        ef.create_extension("basicConstraints","CA:FALSE"),
-        ef.create_extension("keyUsage", "keyEncipherment"),
-        ef.create_extension("subjectKeyIdentifier", "hash"),
-        ef.create_extension("extendedKeyUsage", "serverAuth"),
-        ef.create_extension("nsComment", comment),
-      ]
-      aki = ef.create_extension("authorityKeyIdentifier",
-                                "keyid:always,issuer:always")
-      cert.add_extension(aki)
-      cert.sign(rsa, OpenSSL::Digest::SHA1.new)
-
-      @@certificate = cert.to_der
-      @@certificate
-    end
-
-    def jpeg_photo_path
-      File.join(@example_dir, 'example.jpg')
-    end
-
-    def jpeg_photo
-      File.read(jpeg_photo_path)
-    end
   end
 
   module CommandSupport

data/test/command.rb

@@ -27,11 +27,12 @@ module Command
     end
   end
 
-  def run(cmd, *args)
+  def run(cmd, *args, &block)
     raise ArgumentError, "command isn't specified" if cmd.nil?
     if args.any? {|x| x.nil?}
       raise ArgumentError, "args has nil: #{args.inspect}"
     end
+    return java_run(cmd, *args, &block) unless Kernel.respond_to?(:fork)
     in_r, in_w = IO.pipe
     out_r, out_w = IO.pipe
     pid = exit_status = nil
@@ -59,4 +60,53 @@ module Command
     pid, status = Process.waitpid2(pid)
     [status.exited? && status.exitstatus.zero?, out_r.read]
   end
+
+  def java_run(cmd, *args, &block)
+    runtime = java.lang.Runtime.get_runtime
+    process = runtime.exec([cmd, *args].to_java(:string))
+    input = JavaReaderWrapper.new(process.get_input_stream)
+    output = JavaWriterWrapper.new(process.get_output_stream)
+    error = JavaReaderWrapper.new(process.get_error_stream)
+    yield(input, output) if block_given?
+    output.close
+    success = process.wait_for.zero?
+
+    [success, input.read + error.read]
+  end
+
+  class JavaReaderWrapper
+    def initialize(input)
+      @input = input
+    end
+
+    def read
+      result = ""
+      while (c = @input.read) != -1
+        result << c.chr
+      end
+      result
+    end
+  end
+
+  class JavaWriterWrapper
+    def initialize(output)
+      output = java.io.OutputStreamWriter.new(output)
+      @output = java.io.BufferedWriter.new(output)
+    end
+
+    def puts(*messages)
+      messages.each do |message|
+        message += "\n" if /\n/ !~ message
+        @output.write(message)
+      end
+    end
+
+    def flush
+      @output.flush
+    end
+
+    def close
+      @output.close
+    end
+  end
 end

data/test/test-unit-ext/priority.rb

@@ -23,12 +23,16 @@ module Test
           end
         end
 
+        alias_method :method_added_without_priority, :method_added
         def method_added(name)
+          method_added_without_priority(name)
           set_priority(name) if defined?(@priority_initialized)
         end
 
         def priority(name, *tests)
-          unless private_methods.include?(priority_check_method_name(name))
+          singleton_class = (class << self; self; end)
+          priority_check_method = priority_check_method_name(name)
+          unless singleton_class.private_method_defined?(priority_check_method)
             raise ArgumentError, "unknown priority: #{name}"
           end
           if tests.empty?
@@ -106,16 +110,35 @@ module Test
       end
 
       def result_dir
-        dir = File.join(File.dirname($0), ".test-result",
-                        self.class.name, @method_name.to_s)
+        components = [".test-result", self.class.name, @method_name.to_s]
+        dir = File.join(File.dirname($0), *components)
         dir = File.expand_path(dir)
-        FileUtils.mkdir_p(dir)
+        begin
+          FileUtils.mkdir_p(dir)
+        rescue Errno::EACCES
+          retry_dir = File.join(File.dirname(__FILE__), "..", *components)
+          retry_dir = File.expand_path(retry_dir)
+          raise if retry_dir == dir
+          dir = retry_dir
+          retry
+        end
         dir
       end
 
       def passed_file
         File.join(result_dir, "passed")
       end
+
+      def escaped_method_name
+        @method_name.to_s.gsub(/[!?]$/) do |matched|
+          case matched
+          when "!"
+            ".destructive"
+          when "?"
+            ".predicate"
+          end
+        end
+      end
     end
 
     class TestSuite
@@ -150,9 +173,9 @@ module Test
     end
 
     class AutoRunner
-      alias_method :original_options, :options
+      alias_method :options_without_priority, :options
       def options
-        opts = original_options
+        opts = options_without_priority
         opts.on("--[no-]priority", "use priority mode") do |bool|
           TestSuite.priority_mode = bool
         end

data/test/test_adapter.rb

@@ -10,6 +10,19 @@ class TestAdapter < Test::Unit::TestCase
   end
 
   priority :must
+  def test_operator
+    assert_parse_filter("(uid~=Alice)", ["uid", "~=", "Alice"])
+    assert_parse_filter("(&(uid~=Alice)(uid~=Bob))",
+                        ["uid", "~=", "Alice", "Bob"])
+    assert_parse_filter("(uid~=Alice)", [["uid", "~=", "Alice"]])
+    assert_parse_filter("(|(uid~=Alice)(uid~=Bob))",
+                        [:or,
+                         ["uid", "~=", "Alice"],
+                         ["uid", "~=", "Bob"]])
+    assert_parse_filter("(|(uid~=Alice)(uid~=Bob))",
+                        [:or,
+                         ["uid", "~=", "Alice", "Bob"]])
+  end
 
   priority :normal
   def test_filter_with_escaped_character
@@ -73,14 +86,20 @@ class TestAdapter < Test::Unit::TestCase
     assert_parse_filter("(&(gidNumber=100001)" +
                         "(|(uid=temp-user1)(uid=temp-user2)))",
                         [:and,
-                         [:and, {"gidNumber"=>["100001"]}],
-                         [:or, {"uid"=>["temp-user1", "temp-user2"]}]])
+                         [:and, {"gidNumber" => ["100001"]}],
+                         [:or, {"uid" => ["temp-user1", "temp-user2"]}]])
     assert_parse_filter("(&(gidNumber=100001)" +
                         "(objectClass=person)(objectClass=posixAccount))",
                         [:and,
                          [:or, ["gidNumber", "100001"]],
                          ["objectClass", "person"],
                          ["objectClass", "posixAccount"]])
+    assert_parse_filter("(&(!(|(gidNumber=100001)(gidNumber=100002)))" +
+                        "(objectClass=person)(!(objectClass=posixAccount)))",
+                        [:and,
+                         [:not, [:or, ["gidNumber", "100001", "100002"]]],
+                         ["objectClass", "person"],
+                         [:not, ["objectClass", "posixAccount"]]])
   end
 
   def test_invalid_operator

data/test/test_attributes.rb

@@ -34,12 +34,25 @@ class TestAttributes < Test::Unit::TestCase
                  ActiveLdap::Base.normalize_attribute("userCertificate", []))
     assert_equal(["usercertificate", [{"binary" => []}]],
                  ActiveLdap::Base.normalize_attribute("userCertificate", nil))
+    assert_equal(["usercertificate", [{"binary" => "BINARY DATA"}]],
+                 ActiveLdap::Base.normalize_attribute("userCertificate",
+                                                      "BINARY DATA"))
+    assert_equal(["usercertificate", [{"binary" => ["BINARY DATA"]}]],
+                 ActiveLdap::Base.normalize_attribute("userCertificate",
+                                                      {"binary" =>
+                                                        ["BINARY DATA"]}))
   end
 
   def test_unnormalize_attribute
+    assert_equal({"sn" => ["Surname"]},
+                 ActiveLdap::Base.unnormalize_attribute("sn", ["Surname"]))
     assert_equal({"userCertificate;binary" => []},
                  ActiveLdap::Base.unnormalize_attribute("userCertificate",
                                                         [{"binary" => []}]))
+    assert_equal({"userCertificate;binary" => ["BINARY DATA"]},
+                 ActiveLdap::Base.unnormalize_attribute("userCertificate",
+                                                        [{"binary" =>
+                                                           ["BINARY DATA"]}]))
   end
 
   def test_attr_protected

data/test/test_base.rb

@@ -1,11 +1,50 @@
+# -*- coding: utf-8 -*-
 require 'al-test-utils'
 
 class TestBase < Test::Unit::TestCase
   include AlTestUtils
 
   priority :must
+  def test_excluded_classes
+    mapping = {:classes => ["person"]}
+    person_class = Class.new(@user_class)
+    person_class.ldap_mapping(mapping)
+
+    no_organizational_person_class = Class.new(@user_class)
+    no_organizational_person_mapping =
+      mapping.merge(:excluded_classes => ["organizationalPerson"])
+    no_organizational_person_class.ldap_mapping(no_organizational_person_mapping)
+
+    no_simple_person_class = Class.new(@user_class)
+    no_simple_person_mapping =
+      mapping.merge(:excluded_classes => ['shadowAccount', 'inetOrgPerson',
+                                          "organizationalPerson"])
+    no_simple_person_class.ldap_mapping(no_simple_person_mapping)
+
+    make_temporary_user do |user1,|
+      make_temporary_user(:simple => true) do |user2,|
+        assert_equal([user1.dn, user2.dn].sort,
+                     person_class.find(:all).collect(&:dn).sort)
+
+        no_organizational_people = no_organizational_person_class.find(:all)
+        assert_equal([user2.dn].sort,
+                     no_organizational_people.collect(&:dn).sort)
+
+        assert_equal([user2.dn].sort,
+                     no_simple_person_class.find(:all).collect(&:dn).sort)
+      end
+    end
+  end
 
   priority :normal
+  def test_new_with_dn
+    cn = "XXX"
+    dn = "cn=#{cn},#{@user_class.base}"
+    user = @user_class.new(ActiveLdap::DN.parse(dn))
+    assert_equal(cn, user.cn)
+    assert_equal(dn, user.dn)
+  end
+
   def test_dn_attribute_per_instance_with_invalid_value
     user = @user_class.new
     assert_equal("uid", user.dn_attribute)
@@ -134,6 +173,15 @@ class TestBase < Test::Unit::TestCase
                  ou_class.search(:value => name).collect {|dn, attrs| dn})
   end
 
+  def test_search_with_attributes_without_object_class
+    make_temporary_user do |user, password|
+      entries = @user_class.search(:filter => "#{user.dn_attribute}=#{user.id}",
+                                   :attributes => ["uidNumber"])
+      assert_equal([[user.dn, {"uidNumber" => [user.uid_number.to_s]}]],
+                    entries)
+    end
+  end
+
   def test_new_without_argument
     user = @user_class.new
     assert_equal(@user_class_classes, user.classes)
@@ -343,7 +391,9 @@ class TestBase < Test::Unit::TestCase
                    user2.attributes.reject {|k, v| k == "cn"})
 
       user2.reload
-      assert_equal(user1.attributes, user2.attributes)
+      assert_equal(user1.cn, user2.cn)
+      assert_equal(user1.attributes.reject {|k, v| k == "cn"},
+                   user2.attributes.reject {|k, v| k == "cn"})
     end
   end