activeldap 0.9.0 → 0.10.0

data/test/test_load.rb

@@ -0,0 +1,126 @@
+require 'al-test-utils'
+
+class TestLoad < Test::Unit::TestCase
+  include AlTestUtils
+
+  priority :must
+  def test_load_modify_record
+    ldif = ActiveLdap::LDIF.new
+    make_temporary_user do |user, password|
+      user.display_name = "Display Name"
+      assert(user.save)
+
+      user = @user_class.find(user.dn)
+      assert_equal("Display Name", user.display_name)
+
+      record = ActiveLdap::LDIF::ModifyRecord.new(user.dn)
+      ldif << record
+
+      original_descriptions = user.description(true)
+      new_description = "new description"
+      record.add_operation(:add, "description", [],
+                           {"description" => [new_description]})
+
+      record.add_operation(:delete, "DisplayName", [], {})
+
+      original_sn = user.sn
+      new_sn = ["New SN1", "New SN2"]
+      record.add_operation(:replace, "sn", [], {"sn" => new_sn})
+
+      ActiveLdap::Base.load(ldif.to_s)
+
+      user = @user_class.find(user.dn)
+      assert_equal(original_descriptions + [new_description],
+                   user.description(true))
+      assert_nil(user.display_name)
+      assert_equal(new_sn, user.sn)
+    end
+  end
+
+  def test_load_move_dn_record
+    assert_load_move_dn_record(ActiveLdap::LDIF::ModifyDNRecord)
+    assert_load_move_dn_record(ActiveLdap::LDIF::ModifyRDNRecord)
+  end
+
+  def test_load_copy_dn_record
+    assert_load_copy_dn_record(ActiveLdap::LDIF::ModifyDNRecord)
+    assert_load_copy_dn_record(ActiveLdap::LDIF::ModifyRDNRecord)
+  end
+
+  def test_load_delete_record
+    ldif = ActiveLdap::LDIF.new
+    make_temporary_user do |user, password|
+      record = ActiveLdap::LDIF::DeleteRecord.new(user.dn)
+      ldif << record
+      assert_true(@user_class.exists?(user.dn))
+      ActiveLdap::Base.load(ldif.to_s)
+      assert_false(@user_class.exists?(user.dn))
+    end
+  end
+
+  def test_load_add_record
+    ldif = ActiveLdap::LDIF.new
+    make_temporary_user do |user, password|
+      new_description = "new description"
+      attributes = {
+        "description" => [new_description]
+      }
+      original_descriptions = user.description(true)
+      record = ActiveLdap::LDIF::AddRecord.new(user.dn, [], attributes)
+      ldif << record
+      ActiveLdap::Base.load(ldif.to_s)
+      user.reload
+      assert(original_descriptions + [new_description], user.description(true))
+    end
+  end
+
+  def test_load_content_records
+    ldif = ActiveLdap::LDIF.new
+    2.times do
+      make_temporary_user do |user, password|
+        ldif << ActiveLdap::LDIF.parse(user.to_ldif).records[0]
+      end
+    end
+
+    original_n_users = @user_class.count
+    ActiveLdap::Base.load(ldif.to_s)
+    assert_equal(2, @user_class.count - original_n_users)
+  end
+
+  priority :normal
+
+  private
+  def assert_load_copy_dn_record(record_class)
+    ldif = ActiveLdap::LDIF.new
+    make_temporary_user do |user, password|
+      new_rdn = "uid=XXX"
+      ensure_delete_user(new_rdn) do
+        record = record_class.new(user.dn, [], new_rdn, false)
+        ldif << record
+        assert_true(@user_class.exists?(user.dn))
+        assert_false(@user_class.exists?(new_rdn))
+        ActiveLdap::Base.load(ldif.to_s)
+        assert_true(@user_class.exists?(user.dn))
+        assert_true(@user_class.exists?(new_rdn))
+        assert_equal(user.cn, @user_class.find(new_rdn).cn)
+      end
+    end
+  end
+
+  def assert_load_move_dn_record(record_class)
+    ldif = ActiveLdap::LDIF.new
+    make_temporary_user do |user, password|
+      new_rdn = "uid=XXX"
+      ensure_delete_user(new_rdn) do
+        record = record_class.new(user.dn, [], new_rdn, true)
+        ldif << record
+        assert_true(@user_class.exists?(user.dn))
+        assert_false(@user_class.exists?(new_rdn))
+        ActiveLdap::Base.load(ldif.to_s)
+        assert_false(@user_class.exists?(user.dn))
+        assert_true(@user_class.exists?(new_rdn))
+        assert_equal(user.cn, @user_class.find(new_rdn).cn)
+      end
+    end
+  end
+end

data/test/test_object_class.rb

@@ -4,15 +4,33 @@ class TestObjectClass < Test::Unit::TestCase
   include AlTestUtils
 
   priority :must
+  def test_pass_nil_to_set_classes
+    make_temporary_group do |group|
+      assert_raises(ActiveLdap::RequiredObjectClassMissed) do
+        group.classes = nil
+      end
+    end
+  end
 
   priority :normal
+  def test_pass_nil_to_replace_class
+    make_temporary_group do |group|
+      assert_raises(ActiveLdap::RequiredObjectClassMissed) do
+        group.replace_class(nil)
+      end
+    end
+  end
+
   def test_case_insensitive_match
     assert_nothing_raised do
-      @group_class.instantiate(["cn=test-group,#{@group_class.base}",
-                                {
-                                  :cn => "test-group",
-                                  :objectClass => ["TOP", "posixgroup"],
-                                }])
+      @group_class.send(:instantiate,
+                        [
+                         "cn=test-group,#{@group_class.base}",
+                         {
+                           :cn => "test-group",
+                           :objectClass => ["TOP", "posixgroup"],
+                         }
+                        ])
     end
   end
 

data/test/test_schema.rb

@@ -2,6 +2,34 @@ require 'al-test-utils'
 
 class TestSchema < Test::Unit::TestCase
   priority :must
+  def test_normalize_attribute_value
+    entry = {
+      "attributeTypes" =>
+      [
+       "( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) DESC " +
+       "'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match SUBSTR " +
+       "caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 " +
+       "SINGLE-VALUE )",
+      ],
+      "ldapSyntaxes" =>
+      [
+       "( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' " +
+       "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )",
+      ],
+    }
+
+    schema = ActiveLdap::Schema.new(entry)
+    dc = schema.attribute("dc")
+    assert_equal(["com"], dc.normalize_value("com"))
+    assert_equal(["com"], dc.normalize_value(["com"]))
+    assert_raise(ActiveLdap::AttributeValueInvalid) do
+      dc.normalize_value(["com", "co.jp"])
+    end
+    assert_equal([{"lang-en" => ["com"]},
+                  {"lang-ja" => ["co.jp"]}],
+                 dc.normalize_value([{"lang-en" => "com"},
+                                     {"lang-ja" => "co.jp"}]))
+  end
 
   priority :normal
   def test_syntax_validation

data/test/test_syntax.rb

@@ -84,11 +84,12 @@ class TestSyntax < Test::Unit::TestCase
 
   def test_generalized_time_type_cast
     assert_type_cast_without_validation(nil, nil, "Generalized Time")
-    assert_type_cast(Time.parse("1994/12/16 10:32"), "199412161032",
+    assert_type_cast(Time.parse("1994/12/16 10:32:12"), "19941216103212",
                      "Generalized Time")
-    assert_type_cast(Time.parse("1994/12/16 10:32Z"), "199412161032Z",
+    assert_type_cast(Time.parse("1994/12/16 10:32:12Z"), "19941216103212Z",
                      "Generalized Time")
-    assert_type_cast(Time.parse("1994/12/16 10:32 +09:00"), "199412161032+0900",
+    assert_type_cast(Time.parse("1994/12/16 10:32:12.345 +09:00"),
+                     "19941216103212.345+0900",
                      "Generalized Time")
   end
 
@@ -165,12 +166,18 @@ class TestSyntax < Test::Unit::TestCase
   end
 
   def test_generalized_time_validate
-    assert_valid("199412161032", "Generalized Time")
-    assert_valid("199412161032Z", "Generalized Time")
-    assert_valid("199412161032+0900", "Generalized Time")
+    assert_valid("19941216103201", "Generalized Time")
+    assert_valid("19941216103212Z", "Generalized Time")
+    assert_valid("19941216103230+0900", "Generalized Time")
+    assert_valid("20080107034615.0Z", "Generalized Time")
+    assert_valid("20080107034615,123-0900", "Generalized Time")
 
     value = "1994"
-    params = [value.inspect, %w(month day hour minute).join(", ")]
+    params = [value.inspect, %w(month day hour minute second).join(", ")]
+    assert_invalid(_("%s has missing components: %s") % params,
+                   value, "Generalized Time")
+    value = "199412161032"
+    params = [value.inspect, %w(second).join(", ")]
     assert_invalid(_("%s has missing components: %s") % params,
                    value, "Generalized Time")
   end
@@ -217,7 +224,7 @@ class TestSyntax < Test::Unit::TestCase
     assert_valid("1.2.3.4", "OID")
     assert_valid("cn", "OID")
 
-    assert_invalid_oid("\#@!")
+    assert_invalid_oid("\#@!", "attribute type is missing")
   end
 
   def test_other_mailbox_validate
@@ -304,9 +311,13 @@ class TestSyntax < Test::Unit::TestCase
                    value, "Numeric String")
   end
 
-  def assert_invalid_oid(value)
-    assert_invalid(_("%s is invalid OID format") % value.inspect,
-                   value, "OID")
+  def assert_invalid_oid(value, reason=nil)
+    if reason
+      message = _("%s is invalid OID format: %s") % [value.inspect, _(reason)]
+    else
+      message = _("%s is invalid OID format") % value.inspect
+    end
+    assert_invalid(message, value, "OID")
   end
 
   def assert_type_cast_without_validation(type_casted_value, original_value,

data/test/test_user.rb

@@ -38,17 +38,15 @@ class TestUser < Test::Unit::TestCase
                    'This should have returned an array of a ' +
                    'normal cn and a lang-en-us cn.')
 
-      uid_number = 9000
+      uid_number = "9000"
       user.uid_number = uid_number
-      # Test to_s on Fixnums
-      assert_equal(uid_number, user.uid_number)
-      assert_equal(uid_number.to_s, user.uid_number_before_type_cast)
+      assert_equal(uid_number.to_i, user.uid_number)
+      assert_equal(uid_number, user.uid_number_before_type_cast)
 
       gid_number = 9000
       user.gid_number = gid_number
-      # Test to_s on Fixnums
       assert_equal(gid_number, user.gid_number)
-      assert_equal(gid_number.to_s, user.gid_number_before_type_cast)
+      assert_equal(gid_number, user.gid_number_before_type_cast)
 
       home_directory = '/home/foo'
       user.home_directory = home_directory
@@ -104,42 +102,35 @@ class TestUser < Test::Unit::TestCase
 
   # This tests the reload of a binary_required type
   def test_binary_required
+    require 'openssl'
     make_temporary_user do |user, password|
       # validate add
       user.user_certificate = nil
-      assert_equal({'binary' => nil}, user.user_certificate)
+      assert_nil(user.user_certificate)
       assert_nothing_raised() { user.save! }
-      assert_equal({'binary' => nil}, user.user_certificate)
+      assert_nil(user.user_certificate)
 
       user.user_certificate = {"binary" => [certificate]}
-      assert_equal({'binary' => certificate},
-                   user.user_certificate,
-                   'This should have been forced to be a binary subtype.')
+      assert_equal(certificate, user.user_certificate)
       assert_nothing_raised() { user.save! }
-      assert_equal({'binary' => certificate},
-                   user.user_certificate,
-                   'This should have been forced to be a binary subtype.')
+      assert_equal(certificate, user.user_certificate)
 
       # now test modify
       user.user_certificate = nil
-      assert_equal({"binary" => nil}, user.user_certificate)
+      assert_nil(user.user_certificate)
       assert_nothing_raised() { user.save! }
-      assert_equal({"binary" => nil}, user.user_certificate)
+      assert_nil(user.user_certificate)
 
       user.user_certificate = certificate
-      assert_equal({'binary' => certificate},
-                   user.user_certificate,
-                   'This should have been forced to be a binary subtype.')
+      assert_equal(certificate, user.user_certificate)
       assert_nothing_raised() { user.save! }
 
       # validate modify
       user = @user_class.find(user.uid)
-      assert_equal({'binary' => certificate},
-                   user.user_certificate,
-                   'This should have been forced to be a binary subtype.')
+      assert_equal(certificate, user.user_certificate)
 
       expected_cert = OpenSSL::X509::Certificate.new(certificate)
-      actual_cert = user.user_certificate['binary']
+      actual_cert = user.user_certificate
       actual_cert = OpenSSL::X509::Certificate.new(actual_cert)
       assert_equal(expected_cert.subject.to_s,
                    actual_cert.subject.to_s,
@@ -150,10 +141,10 @@ class TestUser < Test::Unit::TestCase
   def test_binary_required_nested
     make_temporary_user do |user, password|
       user.user_certificate = {"lang-en" => [certificate]}
-      assert_equal({'lang-en' => {'binary' => certificate}},
+      assert_equal({'lang-en' => certificate},
                    user.user_certificate)
       assert_nothing_raised() { user.save! }
-      assert_equal({'lang-en' => {'binary' => certificate}},
+      assert_equal({'lang-en' => certificate},
                    user.user_certificate)
     end
   end

data/test/test_useradd-binary.rb

@@ -46,7 +46,7 @@ class TestUseraddBinary < Test::Unit::TestCase
       assert_equal(['person', 'posixAccount', 'shadowAccount',
                     'strongAuthenticationUser'].sort, user.classes.sort)
       cert = File.read(File.join(@examples_dir, 'example.der'))
-      assert_equal({"binary" => cert}, user.user_certificate)
+      assert_equal(cert, user.user_certificate)
     end
   end
 

data/test/test_usermod-binary-add-time.rb

@@ -48,7 +48,7 @@ class TestUsermodBinaryAddTime < Test::Unit::TestCase
       assert_equal((previous_classes + ['strongAuthenticationUser']).sort,
                    user.classes.sort)
       cert = File.read(File.join(@examples_dir, 'example.der'))
-      assert_equal({"binary" => cert}, user.user_certificate)
+      assert_equal(cert, user.user_certificate)
     end
   end
 

data/test/test_usermod-binary-add.rb

@@ -48,7 +48,7 @@ class TestUsermodBinaryAdd < Test::Unit::TestCase
       assert_equal((previous_classes + ['strongAuthenticationUser']).sort,
                    user.classes.sort)
       cert = File.read(File.join(@examples_dir, 'example.der'))
-      assert_equal({"binary" => cert}, user.user_certificate)
+      assert_equal(cert, user.user_certificate)
     end
   end
 

data/test/test_validation.rb

@@ -1,3 +1,4 @@
+# -*- coding: utf-8 -*-
 require 'al-test-utils'
 
 class TestValidation < Test::Unit::TestCase
@@ -5,6 +6,63 @@ class TestValidation < Test::Unit::TestCase
   include ActiveLdap::Helper
 
   priority :must
+  def test_validate_excluded_classes
+    make_temporary_user do |user,|
+      user.save
+      user.classes -= ['person']
+      assert(user.save)
+      user.class.excluded_classes = ['person']
+      assert(!user.save)
+      if ActiveLdap.get_text_supported?
+        format = n_("%{fn} has excluded value: %s",
+                    "%{fn} has excluded values: %s",
+                    1) % {:fn => la_("objectClass")}
+        message = format % loc_("person")
+      else
+        message = "ObjectClass has excluded value: person"
+      end
+      assert_equal([message], user.errors.full_messages)
+    end
+  end
+
+  priority :normal
+  def test_valid_subtype_and_single_value
+    make_temporary_user do |user, password|
+      user.display_name = [{"lang-ja" => ["ユーザ"]},
+                           {"lang-en" => "User"}]
+      assert(user.save)
+
+      user = user.class.find(user.dn)
+      assert_equal([{"lang-ja" => "ユーザ"}, {"lang-en" => "User"}],
+                   user.display_name)
+    end
+  end
+
+  def test_invalid_subtype_and_single_value
+    assert_invalid_display_name_value(["User1", "User2"],
+                                      ["User1", "User2"])
+    assert_invalid_display_name_value(["User3", "User4"],
+                                      [{"lang-en" => ["User3", "User4"]}],
+                                      {"lang-en" => ["User3", "User4"]}.inspect)
+    assert_invalid_display_name_value(["U2", "U3"],
+                                      [{"lang-ja" => ["User1"]},
+                                       {"lang-en" => ["U2", "U3"]}],
+                                      [{"lang-ja" => "User1"},
+                                       {"lang-en" => ["U2", "U3"]}].inspect)
+  end
+
+  def test_validate_required_ldap_values
+    make_temporary_user(:simple => true) do |user, password|
+      assert(user.save)
+
+      user.add_class("strongAuthenticationUser")
+      user.user_certificate = nil
+      assert(!user.save)
+      assert(user.errors.invalid?(:userCertificate))
+      assert_equal(1, user.errors.size)
+    end
+  end
+
   def test_syntax_validation
     make_temporary_user do |user, password|
       assert(user.save)
@@ -26,7 +84,6 @@ class TestValidation < Test::Unit::TestCase
                                   "lang-ja-jp")
   end
 
-  priority :normal
   def test_duplicated_dn_creation
     assert(ou_class.new("YYY").save)
     ou = ou_class.new("YYY")
@@ -70,6 +127,29 @@ class TestValidation < Test::Unit::TestCase
   end
 
   private
+  def assert_invalid_value(name, formatted_value, syntax, reason, model, option)
+    syntax_description = lsd_(syntax)
+    assert_not_nil(syntax_description)
+    params = [formatted_value, syntax_description, reason]
+    params.unshift(option) if option
+    if ActiveLdap.get_text_supported?
+      if option
+        format = _("%{fn} (%s) has invalid format: %s: required syntax: %s: %s")
+      else
+        format = _("%{fn} has invalid format: %s: required syntax: %s: %s")
+      end
+      format = format % {:fn => la_(name)}
+      assert_equal([format % params], model.errors.full_messages)
+    else
+      if option
+        format = _("(%s) has invalid format: %s: required syntax: %s: %s")
+      else
+        format = _("has invalid format: %s: required syntax: %s: %s")
+      end
+      assert_equal(["#{name} #{format % params}"], model.errors.full_messages)
+    end
+  end
+
   def assert_invalid_see_also_value(invalid_value, value, option=nil)
     make_temporary_user do |user, password|
       assert(user.save)
@@ -82,29 +162,27 @@ class TestValidation < Test::Unit::TestCase
       assert(user.errors.invalid?(:seeAlso))
       assert_equal(1, user.errors.size)
 
-      syntax_description = lsd_("1.3.6.1.4.1.1466.115.121.1.12")
-      assert_not_nil(syntax_description)
       reason_params = [invalid_value, _("attribute value is missing")]
       reason = _('%s is invalid distinguished name (DN): %s') % reason_params
-      params = [invalid_value, syntax_description, reason]
-      params.unshift(option) if option
-      if ActiveLdap.get_text_supported?
-        if option
-          format =
-            _("%{fn} (%s) has invalid format: %s: required syntax: %s: %s")
-        else
-          format = _("%{fn} has invalid format: %s: required syntax: %s: %s")
-        end
-        format = format % {:fn => la_("seeAlso")}
-        assert_equal([format % params], user.errors.full_messages)
-      else
-        if option
-          format = _("(%s) has invalid format: %s: required syntax: %s: %s")
-        else
-          format = _("has invalid format: %s: required syntax: %s: %s")
-        end
-        assert_equal(["seeAlso #{format % params}"], user.errors.full_messages)
-      end
+      assert_invalid_value("seeAlso", value.inspect,
+                           "1.3.6.1.4.1.1466.115.121.1.12",
+                           reason, user, option)
+    end
+  end
+
+  def assert_invalid_display_name_value(invalid_value, value,
+                                        formatted_value=nil)
+    make_temporary_user do |user, password|
+      assert(user.save)
+
+      user.display_name = value
+      assert(!user.save)
+
+      reason_params = [la_("displayName"), invalid_value.inspect]
+      reason = _('Attribute %s can only have a single value: %s') % reason_params
+      assert_invalid_value("displayName", formatted_value || value.inspect,
+                           "1.3.6.1.4.1.1466.115.121.1.15",
+                           reason, user, nil)
     end
   end
 end