RubyGems - devise_ldap_authenticatable - Versions diffs - 0.6.1 → 0.7.0 - Mend

devise_ldap_authenticatable 0.6.1 → 0.7.0

Files changed (104) hide show

data/test/rails_app/config/ldap_with_check_membership_off.yml DELETED Viewed

@@ -1,23 +0,0 @@
-authorizations: &AUTHORIZATIONS
-  ## Authorization
-  group_base: ou=groups,dc=test,dc=com
-  check_group_membership: false
-  required_groups:
-    - cn=admins,ou=groups,dc=test,dc=com
-    - ["authorizationRole", "cn=users,ou=groups,dc=test,dc=com"]
-  require_attribute:
-    objectClass: inetOrgPerson
-    authorizationRole: blogAdmin
-test: &TEST
-  host: localhost
-  port: 3389
-  attribute: cn
-  base: ou=people,dc=test,dc=com
-  admin_user: cn=admin,dc=test,dc=com
-  admin_password: secret
-  ssl: false
-  <<: *AUTHORIZATIONS
-development:
-  <<: *TEST

data/test/rails_app/config/ldap_with_check_membership_on.yml DELETED Viewed

@@ -1,23 +0,0 @@
-authorizations: &AUTHORIZATIONS
-  ## Authorization
-  group_base: ou=groups,dc=test,dc=com
-  check_group_membership: true
-  required_groups:
-    - cn=admins,ou=groups,dc=test,dc=com
-    - ["authorizationRole", "cn=users,ou=groups,dc=test,dc=com"]
-  require_attribute:
-    objectClass: inetOrgPerson
-    authorizationRole: blogAdmin
-test: &TEST
-  host: localhost
-  port: 3389
-  attribute: cn
-  base: ou=people,dc=test,dc=com
-  admin_user: cn=admin,dc=test,dc=com
-  admin_password: secret
-  ssl: false
-  <<: *AUTHORIZATIONS
-development:
-  <<: *TEST

data/test/rails_app/config/locales/devise.en.yml DELETED Viewed

@@ -1,39 +0,0 @@
-en:
-  errors:
-    messages:
-      not_found: "not found"
-      already_confirmed: "was already confirmed"
-      not_locked: "was not locked"
-  devise:
-    failure:
-      unauthenticated: 'You need to sign in or sign up before continuing.'
-      unconfirmed: 'You have to confirm your account before continuing.'
-      locked: 'Your account is locked.'
-      invalid: 'Invalid email or password.'
-      invalid_token: 'Invalid authentication token.'
-      timeout: 'Your session expired, please sign in again to continue.'
-      inactive: 'Your account was not activated yet.'
-    sessions:
-      signed_in: 'Signed in successfully.'
-      signed_out: 'Signed out successfully.'
-    passwords:
-      send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
-      updated: 'Your password was changed successfully. You are now signed in.'
-    confirmations:
-      send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.'
-      confirmed: 'Your account was successfully confirmed. You are now signed in.'
-    registrations:
-      signed_up: 'You have signed up successfully. If enabled, a confirmation was sent to your e-mail.'
-      updated: 'You updated your account successfully.'
-      destroyed: 'Bye! Your account was successfully cancelled. We hope to see you again soon.'
-    unlocks:
-      send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.'
-      unlocked: 'Your account was successfully unlocked. You are now signed in.'
-    mailer:
-      confirmation_instructions:
-        subject: 'Confirmation instructions'
-      reset_password_instructions:
-        subject: 'Reset password instructions'
-      unlock_instructions:
-        subject: 'Unlock Instructions'

data/test/rails_app/db/migrate/20100708120302_create_posts.rb DELETED Viewed

@@ -1,14 +0,0 @@
-class CreatePosts < ActiveRecord::Migration
-  def self.up
-    create_table :posts do |t|
-      t.string :title
-      t.text :body
-      t.timestamps
-    end
-  end
-  def self.down
-    drop_table :posts
-  end
-end

data/test/rails_app/db/seeds.rb DELETED Viewed

@@ -1,7 +0,0 @@
-# This file should contain all the record creation needed to seed the database with its default values.
-# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
-#
-# Examples:
-#
-#   cities = City.create([{ :name => 'Chicago' }, { :name => 'Copenhagen' }])
-#   Mayor.create(:name => 'Daley', :city => cities.first)

data/test/rails_app/test/factories/users.rb DELETED Viewed

@@ -1,14 +0,0 @@
-Factory.define :user do |f|
-  f.email "example.user@test.com"
-  f.password "secret"
-end
-Factory.define :admin, :class => "user" do |f|
-  f.email "example.admin@test.com"
-  f.password "admin_secret"
-end
-Factory.define :other, :class => "user" do |f|
-  f.email "other.user@test.com"
-  f.password "other_secret"
-end

data/test/rails_app/test/functional/posts_controller_test.rb DELETED Viewed

@@ -1,58 +0,0 @@
-require 'test_helper'
-class PostsControllerTest < ActionController::TestCase
-  include Devise::TestHelpers
-  context "not logged in" do
-    should "should get INDEX" do
-      get :index
-      assert_response :success
-      assert_equal(response.body, "posts#index")
-    end
-    context "go to NEW page" do
-      setup do
-        get :new
-      end
-      should "not get NEW" do
-        assert_response :redirect
-      end
-    end
-  end
-  context "logged in" do
-    setup do
-      @user = Factory(:user)
-      sign_in(@user)
-    end
-    context "get NEW action" do
-      setup do
-        get :new
-      end
-      should "get the NEW action" do
-        assert_response :success
-        assert_equal(response.body, "posts#new")
-      end
-    end
-    context "log out user" do
-      setup do
-        sign_out(@user)
-        get :new
-      end
-      should "get redirected to the login page" do
-        assert_response :redirect
-      end
-    end
-  end
-end

data/test/rails_app/test/performance/browsing_test.rb DELETED Viewed

@@ -1,9 +0,0 @@
-require 'test_helper'
-require 'rails/performance_test_help'
-# Profiling results for each test method are written to tmp/performance.
-class BrowsingTest < ActionDispatch::PerformanceTest
-  def test_homepage
-    get '/'
-  end
-end

data/test/rails_app/test/test_helper.rb DELETED Viewed

@@ -1,36 +0,0 @@
-ENV["RAILS_ENV"] = "test"
-require File.expand_path('../../config/environment', __FILE__)
-require 'rails/test_help'
-class ActiveSupport::TestCase
-  def ldap_connect_string
-    if ENV["LDAP_SSL"]
-      "-x -H ldaps://localhost:3389 -D 'cn=admin,dc=test,dc=com' -w secret"
-    else
-      "-x -h localhost -p 3389 -D 'cn=admin,dc=test,dc=com' -w secret"
-    end
-  end
-  def reset_ldap_server!
-    if ENV["LDAP_SSL"]
-      `ldapmodify #{ldap_connect_string} -f ../ldap/clear.ldif`
-      `ldapadd #{ldap_connect_string} -f ../ldap/base.ldif`
-    else
-      `ldapmodify #{ldap_connect_string} -f ../ldap/clear.ldif`
-      `ldapadd #{ldap_connect_string} -f ../ldap/base.ldif`
-    end
-  end
-  def default_devise_settings!
-    ::Devise.ldap_logger = true
-    ::Devise.ldap_create_user = false
-    ::Devise.ldap_update_password = true
-    ::Devise.ldap_config = "#{Rails.root}/config/#{"ssl_" if ENV["LDAP_SSL"]}ldap.yml"
-    ::Devise.ldap_check_group_membership = false
-    ::Devise.ldap_check_attributes = false
-    ::Devise.ldap_auth_username_builder = Proc.new() {|attribute, login, ldap| "#{attribute}=#{login},#{ldap.base}" }
-    ::Devise.authentication_keys = [:email]
-  end
-end

data/test/rails_app/test/unit/helpers/posts_helper_test.rb DELETED Viewed

@@ -1,4 +0,0 @@
-require 'test_helper'
-class PostsHelperTest < ActionView::TestCase
-end

data/test/rails_app/test/unit/post_test.rb DELETED Viewed

@@ -1,4 +0,0 @@
-require 'test_helper'
-class PostTest < ActiveSupport::TestCase
-end

data/test/rails_app/test/unit/user_test.rb DELETED Viewed

@@ -1,314 +0,0 @@
-require 'test_helper'
-class UserTest < ActiveSupport::TestCase
-  def should_be_validated(user, password, message = "Password is invalid")
-    assert(user.valid_ldap_authentication?(password), message)
-  end
-  def should_not_be_validated(user, password, message = "Password is not properly set")
-     assert(!user.valid_ldap_authentication?(password), message)
-  end
-  context "With default settings" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-    end
-    context "look up and ldap user" do
-      should "return true for a user that does exist in LDAP" do
-        assert_equal true, ::Devise::LdapAdapter.valid_login?('example.user@test.com')
-      end
-      should "return false for a user that doesn't exist in LDAP" do
-        assert_equal false, ::Devise::LdapAdapter.valid_login?('barneystinson')
-      end
-    end
-    context "create a basic user" do
-      setup do
-        @user = Factory(:user)
-      end
-      should "check for password validation" do
-        assert_equal(@user.email, "example.user@test.com")
-        should_be_validated @user, "secret"
-        should_not_be_validated @user, "wrong_secret"
-        should_not_be_validated @user, "Secret"
-      end
-    end
-    context "change a LDAP password" do
-      setup do
-        @user = Factory(:user)
-      end
-      should "change password" do
-        should_be_validated @user, "secret"
-        @user.reset_password!("changed","changed")
-        should_be_validated @user, "changed", "password was not changed properly on the LDAP sevrer"
-      end
-      should "not allow to change password if setting is false" do
-        should_be_validated @user, "secret"
-        ::Devise.ldap_update_password = false
-        @user.reset_password!("wrong_secret", "wrong_secret")
-        should_not_be_validated @user, "wrong_secret"
-        should_be_validated @user, "secret"
-      end
-    end
-    context "create new local user if user is in LDAP" do
-      setup do
-        assert(User.all.blank?, "There shouldn't be any users in the database")
-      end
-      should "don't create user in the database" do
-        @user = User.authenticate_with_ldap(:email => "example.user@test.com", :password => "secret")
-        assert(User.all.blank?)
-      end
-      context "creating users is enabled" do
-        setup do
-          ::Devise.ldap_create_user = true
-        end
-        should "create a user in the database" do
-          @user = User.authenticate_with_ldap(:email => "example.user@test.com", :password => "secret")
-          assert_equal(User.all.size, 1)
-          assert_contains(User.all.collect(&:email), "example.user@test.com", "user not in database")
-        end
-        should "not create a user in the database if the password is wrong_secret" do
-          @user = User.authenticate_with_ldap(:email => "example.user", :password => "wrong_secret")
-          assert(User.all.blank?, "There's users in the database")
-        end
-        should "create a user if the user is not in LDAP" do
-          @user = User.authenticate_with_ldap(:email => "wrong_secret.user@test.com", :password => "wrong_secret")
-          assert(User.all.blank?, "There's users in the database")
-        end
-        should "create a user in the database if case insensitivity does not matter" do
-          ::Devise.case_insensitive_keys = false
-          @user = Factory(:user)
-          assert_difference "User.count", +1 do
-            User.authenticate_with_ldap(:email => "EXAMPLE.user@test.com", :password => "secret")
-          end
-        end
-        should "not create a user in the database if case insensitivity matters" do
-          ::Devise.case_insensitive_keys = [:email]
-          @user = Factory(:user)
-          assert_no_difference "User.count" do
-            User.authenticate_with_ldap(:email => "EXAMPLE.user@test.com", :password => "secret")
-          end
-        end
-        should "create a user with downcased email in the database if case insensitivity matters" do
-          ::Devise.case_insensitive_keys = [:email]
-          @user = User.authenticate_with_ldap(:email => "EXAMPLE.user@test.com", :password => "secret")
-          assert_contains(User.all.collect(&:email), "example.user@test.com", "user not in database")
-        end
-      end
-    end
-    context "use groups for authorization" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user)
-        ::Devise.authentication_keys = [:email]
-        ::Devise.ldap_check_group_membership = true
-      end
-      context "config check_group_membership is not defined" do
-        should "admin should be allowed in" do
-          should_be_validated @admin, "admin_secret"
-        end
-        should "admin should have the proper groups set" do
-          assert_contains(@admin.ldap_groups, /cn=admins/, "groups attribute not being set properly")
-        end
-        should "user should not be allowed in" do
-          should_not_be_validated @user, "secret"
-        end
-        should "not be validated if group with different attribute is removed" do
-          `ldapmodify #{ldap_connect_string} -f ../ldap/delete_authorization_role.ldif`
-          should_not_be_validated @admin, "admin_secret"
-        end
-      end
-      context "config file check_group_membership is defined" do
-        setup do
-          default_devise_settings!
-          reset_ldap_server!
-        end
-        context "check_group_membership is turned on" do
-          setup do
-            ::Devise.ldap_config = "#{Rails.root}/config/ldap_with_check_membership_on.yml"
-            ::Devise.ldap_check_group_membership = false
-          end
-          # Config file value has precedence over ldap_check_group_membership
-          should "user should not be allowed in" do
-            should_not_be_validated @user, "secret"
-          end
-        end
-        context "check_group_membership is turned off" do
-          setup do
-            ::Devise.ldap_config = "#{Rails.root}/config/ldap_with_check_membership_off.yml"
-            ::Devise.ldap_check_group_membership = true
-          end
-          # Config file value has precedence over ldap_check_group_membership
-          should "user should be allowed in" do
-            should_be_validated @user, "secret"
-          end
-        end
-      end
-    end
-    context "use role attribute for authorization" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user)
-        ::Devise.ldap_check_attributes = true
-      end
-      should "admin should be allowed in" do
-        should_be_validated @admin, "admin_secret"
-      end
-      should "user should not be allowed in" do
-        should_not_be_validated @user, "secret"
-      end
-    end
-    context "use admin setting to bind" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user)
-        ::Devise.ldap_use_admin_to_bind = true
-      end
-      should "description" do
-        should_be_validated @admin, "admin_secret"
-      end
-    end
-  end
-  context "use uid for login" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-      ::Devise.ldap_config = "#{Rails.root}/config/#{"ssl_" if ENV["LDAP_SSL"]}ldap_with_uid.yml"
-      ::Devise.authentication_keys = [:uid]
-    end
-    context "description" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user, :uid => "example_user")
-      end
-      should "be able to authenticate using uid" do
-        should_be_validated @user, "secret"
-        should_not_be_validated @admin, "admin_secret"
-      end
-    end
-    context "create user" do
-      setup do
-        ::Devise.ldap_create_user = true
-      end
-      should "create a user in the database" do
-        @user = User.authenticate_with_ldap(:uid => "example_user", :password => "secret")
-        assert_equal(User.all.size, 1)
-        assert_contains(User.all.collect(&:uid), "example_user", "user not in database")
-      end
-      should "call ldap_before_save hooks" do
-        User.class_eval do
-          def ldap_before_save
-            @foobar = 'foobar'
-          end
-        end
-        user = User.authenticate_with_ldap(:uid => "example_user", :password => "secret")
-        assert_equal 'foobar', user.instance_variable_get(:"@foobar")
-        User.class_eval do
-          undef ldap_before_save
-        end
-      end
-      should "not call ldap_before_save hook if not defined" do
-        assert_nothing_raised do
-          should_be_validated Factory(:user, :uid => "example_user"), "secret"
-        end
-      end
-    end
-  end
-  context "using ERB in the config file" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-      ::Devise.ldap_config = "#{Rails.root}/config/#{"ssl_" if ENV["LDAP_SSL"]}ldap_with_erb.yml"
-    end
-    context "authenticate" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user)
-      end
-      should "be able to authenticate" do
-        should_be_validated @user, "secret"
-        should_be_validated @admin, "admin_secret"
-      end
-    end
-  end
-  context "using variants in the config file" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-      ::Devise.ldap_config = Rails.root.join 'config', 'ldap_with_boolean_ssl.yml'
-    end
-    should "not fail if config file has ssl: true" do
-      assert_nothing_raised do
-        Devise::LdapAdapter::LdapConnect.new
-      end
-    end
-  end
-  context "use username builder" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-      ::Devise.ldap_auth_username_builder = Proc.new() do |attribute, login, ldap|
-        "#{attribute}=#{login},ou=others,dc=test,dc=com"
-      end
-      @other = Factory(:other)
-    end
-    should "be able to authenticate" do
-      should_be_validated @other, "other_secret"
-    end
-  end
-end