RubyGems - devise_ldap_authenticatable - Versions diffs - 0.6.1 → 0.7.0 - Mend

devise_ldap_authenticatable 0.6.1 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (104) hide show

data/test/rails_app/config/ldap_with_check_membership_off.yml DELETED Viewed

@@ -1,23 +0,0 @@
-authorizations: &AUTHORIZATIONS
-  ## Authorization
-  group_base: ou=groups,dc=test,dc=com
-  check_group_membership: false
-  required_groups:
-    - cn=admins,ou=groups,dc=test,dc=com
-    - ["authorizationRole", "cn=users,ou=groups,dc=test,dc=com"]
-  require_attribute:
-    objectClass: inetOrgPerson
-    authorizationRole: blogAdmin
-test: &TEST
-  host: localhost
-  port: 3389
-  attribute: cn
-  base: ou=people,dc=test,dc=com
-  admin_user: cn=admin,dc=test,dc=com
-  admin_password: secret
-  ssl: false
-  <<: *AUTHORIZATIONS
-development:
-  <<: *TEST

data/test/rails_app/config/ldap_with_check_membership_on.yml DELETED Viewed

@@ -1,23 +0,0 @@
-authorizations: &AUTHORIZATIONS
-  ## Authorization
-  group_base: ou=groups,dc=test,dc=com
-  check_group_membership: true
-  required_groups:
-    - cn=admins,ou=groups,dc=test,dc=com
-    - ["authorizationRole", "cn=users,ou=groups,dc=test,dc=com"]
-  require_attribute:
-    objectClass: inetOrgPerson
-    authorizationRole: blogAdmin
-test: &TEST
-  host: localhost
-  port: 3389
-  attribute: cn
-  base: ou=people,dc=test,dc=com
-  admin_user: cn=admin,dc=test,dc=com
-  admin_password: secret
-  ssl: false
-  <<: *AUTHORIZATIONS
-development:
-  <<: *TEST

data/test/rails_app/config/locales/devise.en.yml DELETED Viewed

@@ -1,39 +0,0 @@
-en:
-  errors:
-    messages:
-      not_found: "not found"
-      already_confirmed: "was already confirmed"
-      not_locked: "was not locked"
-  devise:
-    failure:
-      unauthenticated: 'You need to sign in or sign up before continuing.'
-      unconfirmed: 'You have to confirm your account before continuing.'
-      locked: 'Your account is locked.'
-      invalid: 'Invalid email or password.'
-      invalid_token: 'Invalid authentication token.'
-      timeout: 'Your session expired, please sign in again to continue.'
-      inactive: 'Your account was not activated yet.'
-    sessions:
-      signed_in: 'Signed in successfully.'
-      signed_out: 'Signed out successfully.'
-    passwords:
-      send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
-      updated: 'Your password was changed successfully. You are now signed in.'
-    confirmations:
-      send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.'
-      confirmed: 'Your account was successfully confirmed. You are now signed in.'
-    registrations:
-      signed_up: 'You have signed up successfully. If enabled, a confirmation was sent to your e-mail.'
-      updated: 'You updated your account successfully.'
-      destroyed: 'Bye! Your account was successfully cancelled. We hope to see you again soon.'
-    unlocks:
-      send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.'
-      unlocked: 'Your account was successfully unlocked. You are now signed in.'
-    mailer:
-      confirmation_instructions:
-        subject: 'Confirmation instructions'
-      reset_password_instructions:
-        subject: 'Reset password instructions'
-      unlock_instructions:
-        subject: 'Unlock Instructions'

data/test/rails_app/db/migrate/20100708120302_create_posts.rb DELETED Viewed

@@ -1,14 +0,0 @@
-class CreatePosts < ActiveRecord::Migration
-  def self.up
-    create_table :posts do |t|
-      t.string :title
-      t.text :body
-      t.timestamps
-    end
-  end
-  def self.down
-    drop_table :posts
-  end
-end

data/test/rails_app/db/seeds.rb DELETED Viewed

@@ -1,7 +0,0 @@
-# This file should contain all the record creation needed to seed the database with its default values.
-# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
-#
-# Examples:
-#
-#   cities = City.create([{ :name => 'Chicago' }, { :name => 'Copenhagen' }])
-#   Mayor.create(:name => 'Daley', :city => cities.first)

data/test/rails_app/test/factories/users.rb DELETED Viewed

@@ -1,14 +0,0 @@
-Factory.define :user do |f|
-  f.email "example.user@test.com"
-  f.password "secret"
-end
-Factory.define :admin, :class => "user" do |f|
-  f.email "example.admin@test.com"
-  f.password "admin_secret"
-end
-Factory.define :other, :class => "user" do |f|
-  f.email "other.user@test.com"
-  f.password "other_secret"
-end

data/test/rails_app/test/functional/posts_controller_test.rb DELETED Viewed

@@ -1,58 +0,0 @@
-require 'test_helper'
-class PostsControllerTest < ActionController::TestCase
-  include Devise::TestHelpers
-  context "not logged in" do
-    should "should get INDEX" do
-      get :index
-      assert_response :success
-      assert_equal(response.body, "posts#index")
-    end
-    context "go to NEW page" do
-      setup do
-        get :new
-      end
-      should "not get NEW" do
-        assert_response :redirect
-      end
-    end
-  end
-  context "logged in" do
-    setup do
-      @user = Factory(:user)
-      sign_in(@user)
-    end
-    context "get NEW action" do
-      setup do
-        get :new
-      end
-      should "get the NEW action" do
-        assert_response :success
-        assert_equal(response.body, "posts#new")
-      end
-    end
-    context "log out user" do
-      setup do
-        sign_out(@user)
-        get :new
-      end
-      should "get redirected to the login page" do
-        assert_response :redirect
-      end
-    end
-  end
-end

data/test/rails_app/test/performance/browsing_test.rb DELETED Viewed

@@ -1,9 +0,0 @@
-require 'test_helper'
-require 'rails/performance_test_help'
-# Profiling results for each test method are written to tmp/performance.
-class BrowsingTest < ActionDispatch::PerformanceTest
-  def test_homepage
-    get '/'
-  end
-end

data/test/rails_app/test/test_helper.rb DELETED Viewed

@@ -1,36 +0,0 @@
-ENV["RAILS_ENV"] = "test"
-require File.expand_path('../../config/environment', __FILE__)
-require 'rails/test_help'
-class ActiveSupport::TestCase
-  def ldap_connect_string
-    if ENV["LDAP_SSL"]
-      "-x -H ldaps://localhost:3389 -D 'cn=admin,dc=test,dc=com' -w secret"
-    else
-      "-x -h localhost -p 3389 -D 'cn=admin,dc=test,dc=com' -w secret"
-    end
-  end
-  def reset_ldap_server!
-    if ENV["LDAP_SSL"]
-      `ldapmodify #{ldap_connect_string} -f ../ldap/clear.ldif`
-      `ldapadd #{ldap_connect_string} -f ../ldap/base.ldif`
-    else
-      `ldapmodify #{ldap_connect_string} -f ../ldap/clear.ldif`
-      `ldapadd #{ldap_connect_string} -f ../ldap/base.ldif`
-    end
-  end
-  def default_devise_settings!
-    ::Devise.ldap_logger = true
-    ::Devise.ldap_create_user = false
-    ::Devise.ldap_update_password = true
-    ::Devise.ldap_config = "#{Rails.root}/config/#{"ssl_" if ENV["LDAP_SSL"]}ldap.yml"
-    ::Devise.ldap_check_group_membership = false
-    ::Devise.ldap_check_attributes = false
-    ::Devise.ldap_auth_username_builder = Proc.new() {|attribute, login, ldap| "#{attribute}=#{login},#{ldap.base}" }
-    ::Devise.authentication_keys = [:email]
-  end
-end

data/test/rails_app/test/unit/helpers/posts_helper_test.rb DELETED Viewed

@@ -1,4 +0,0 @@
-require 'test_helper'
-class PostsHelperTest < ActionView::TestCase
-end

data/test/rails_app/test/unit/post_test.rb DELETED Viewed

@@ -1,4 +0,0 @@
-require 'test_helper'
-class PostTest < ActiveSupport::TestCase
-end

data/test/rails_app/test/unit/user_test.rb DELETED Viewed

@@ -1,314 +0,0 @@
-require 'test_helper'
-class UserTest < ActiveSupport::TestCase
-  def should_be_validated(user, password, message = "Password is invalid")
-    assert(user.valid_ldap_authentication?(password), message)
-  end
-  def should_not_be_validated(user, password, message = "Password is not properly set")
-     assert(!user.valid_ldap_authentication?(password), message)
-  end
-  context "With default settings" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-    end
-    context "look up and ldap user" do
-      should "return true for a user that does exist in LDAP" do
-        assert_equal true, ::Devise::LdapAdapter.valid_login?('example.user@test.com')
-      end
-      should "return false for a user that doesn't exist in LDAP" do
-        assert_equal false, ::Devise::LdapAdapter.valid_login?('barneystinson')
-      end
-    end
-    context "create a basic user" do
-      setup do
-        @user = Factory(:user)
-      end
-      should "check for password validation" do
-        assert_equal(@user.email, "example.user@test.com")
-        should_be_validated @user, "secret"
-        should_not_be_validated @user, "wrong_secret"
-        should_not_be_validated @user, "Secret"
-      end
-    end
-    context "change a LDAP password" do
-      setup do
-        @user = Factory(:user)
-      end
-      should "change password" do
-        should_be_validated @user, "secret"
-        @user.reset_password!("changed","changed")
-        should_be_validated @user, "changed", "password was not changed properly on the LDAP sevrer"
-      end
-      should "not allow to change password if setting is false" do
-        should_be_validated @user, "secret"
-        ::Devise.ldap_update_password = false
-        @user.reset_password!("wrong_secret", "wrong_secret")
-        should_not_be_validated @user, "wrong_secret"
-        should_be_validated @user, "secret"
-      end
-    end
-    context "create new local user if user is in LDAP" do
-      setup do
-        assert(User.all.blank?, "There shouldn't be any users in the database")
-      end
-      should "don't create user in the database" do
-        @user = User.authenticate_with_ldap(:email => "example.user@test.com", :password => "secret")
-        assert(User.all.blank?)
-      end
-      context "creating users is enabled" do
-        setup do
-          ::Devise.ldap_create_user = true
-        end
-        should "create a user in the database" do
-          @user = User.authenticate_with_ldap(:email => "example.user@test.com", :password => "secret")
-          assert_equal(User.all.size, 1)
-          assert_contains(User.all.collect(&:email), "example.user@test.com", "user not in database")
-        end
-        should "not create a user in the database if the password is wrong_secret" do
-          @user = User.authenticate_with_ldap(:email => "example.user", :password => "wrong_secret")
-          assert(User.all.blank?, "There's users in the database")
-        end
-        should "create a user if the user is not in LDAP" do
-          @user = User.authenticate_with_ldap(:email => "wrong_secret.user@test.com", :password => "wrong_secret")
-          assert(User.all.blank?, "There's users in the database")
-        end
-        should "create a user in the database if case insensitivity does not matter" do
-          ::Devise.case_insensitive_keys = false
-          @user = Factory(:user)
-          assert_difference "User.count", +1 do
-            User.authenticate_with_ldap(:email => "EXAMPLE.user@test.com", :password => "secret")
-          end
-        end
-        should "not create a user in the database if case insensitivity matters" do
-          ::Devise.case_insensitive_keys = [:email]
-          @user = Factory(:user)
-          assert_no_difference "User.count" do
-            User.authenticate_with_ldap(:email => "EXAMPLE.user@test.com", :password => "secret")
-          end
-        end
-        should "create a user with downcased email in the database if case insensitivity matters" do
-          ::Devise.case_insensitive_keys = [:email]
-          @user = User.authenticate_with_ldap(:email => "EXAMPLE.user@test.com", :password => "secret")
-          assert_contains(User.all.collect(&:email), "example.user@test.com", "user not in database")
-        end
-      end
-    end
-    context "use groups for authorization" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user)
-        ::Devise.authentication_keys = [:email]
-        ::Devise.ldap_check_group_membership = true
-      end
-      context "config check_group_membership is not defined" do
-        should "admin should be allowed in" do
-          should_be_validated @admin, "admin_secret"
-        end
-        should "admin should have the proper groups set" do
-          assert_contains(@admin.ldap_groups, /cn=admins/, "groups attribute not being set properly")
-        end
-        should "user should not be allowed in" do
-          should_not_be_validated @user, "secret"
-        end
-        should "not be validated if group with different attribute is removed" do
-          `ldapmodify #{ldap_connect_string} -f ../ldap/delete_authorization_role.ldif`
-          should_not_be_validated @admin, "admin_secret"
-        end
-      end
-      context "config file check_group_membership is defined" do
-        setup do
-          default_devise_settings!
-          reset_ldap_server!
-        end
-        context "check_group_membership is turned on" do
-          setup do
-            ::Devise.ldap_config = "#{Rails.root}/config/ldap_with_check_membership_on.yml"
-            ::Devise.ldap_check_group_membership = false
-          end
-          # Config file value has precedence over ldap_check_group_membership
-          should "user should not be allowed in" do
-            should_not_be_validated @user, "secret"
-          end
-        end
-        context "check_group_membership is turned off" do
-          setup do
-            ::Devise.ldap_config = "#{Rails.root}/config/ldap_with_check_membership_off.yml"
-            ::Devise.ldap_check_group_membership = true
-          end
-          # Config file value has precedence over ldap_check_group_membership
-          should "user should be allowed in" do
-            should_be_validated @user, "secret"
-          end
-        end
-      end
-    end
-    context "use role attribute for authorization" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user)
-        ::Devise.ldap_check_attributes = true
-      end
-      should "admin should be allowed in" do
-        should_be_validated @admin, "admin_secret"
-      end
-      should "user should not be allowed in" do
-        should_not_be_validated @user, "secret"
-      end
-    end
-    context "use admin setting to bind" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user)
-        ::Devise.ldap_use_admin_to_bind = true
-      end
-      should "description" do
-        should_be_validated @admin, "admin_secret"
-      end
-    end
-  end
-  context "use uid for login" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-      ::Devise.ldap_config = "#{Rails.root}/config/#{"ssl_" if ENV["LDAP_SSL"]}ldap_with_uid.yml"
-      ::Devise.authentication_keys = [:uid]
-    end
-    context "description" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user, :uid => "example_user")
-      end
-      should "be able to authenticate using uid" do
-        should_be_validated @user, "secret"
-        should_not_be_validated @admin, "admin_secret"
-      end
-    end
-    context "create user" do
-      setup do
-        ::Devise.ldap_create_user = true
-      end
-      should "create a user in the database" do
-        @user = User.authenticate_with_ldap(:uid => "example_user", :password => "secret")
-        assert_equal(User.all.size, 1)
-        assert_contains(User.all.collect(&:uid), "example_user", "user not in database")
-      end
-      should "call ldap_before_save hooks" do
-        User.class_eval do
-          def ldap_before_save
-            @foobar = 'foobar'
-          end
-        end
-        user = User.authenticate_with_ldap(:uid => "example_user", :password => "secret")
-        assert_equal 'foobar', user.instance_variable_get(:"@foobar")
-        User.class_eval do
-          undef ldap_before_save
-        end
-      end
-      should "not call ldap_before_save hook if not defined" do
-        assert_nothing_raised do
-          should_be_validated Factory(:user, :uid => "example_user"), "secret"
-        end
-      end
-    end
-  end
-  context "using ERB in the config file" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-      ::Devise.ldap_config = "#{Rails.root}/config/#{"ssl_" if ENV["LDAP_SSL"]}ldap_with_erb.yml"
-    end
-    context "authenticate" do
-      setup do
-        @admin = Factory(:admin)
-        @user = Factory(:user)
-      end
-      should "be able to authenticate" do
-        should_be_validated @user, "secret"
-        should_be_validated @admin, "admin_secret"
-      end
-    end
-  end
-  context "using variants in the config file" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-      ::Devise.ldap_config = Rails.root.join 'config', 'ldap_with_boolean_ssl.yml'
-    end
-    should "not fail if config file has ssl: true" do
-      assert_nothing_raised do
-        Devise::LdapAdapter::LdapConnect.new
-      end
-    end
-  end
-  context "use username builder" do
-    setup do
-      default_devise_settings!
-      reset_ldap_server!
-      ::Devise.ldap_auth_username_builder = Proc.new() do |attribute, login, ldap|
-        "#{attribute}=#{login},ou=others,dc=test,dc=com"
-      end
-      @other = Factory(:other)
-    end
-    should "be able to authenticate" do
-      should_be_validated @other, "other_secret"
-    end
-  end
-end