net-ldap-1 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.autotest +11 -0
- data/.rspec +2 -0
- data/Contributors.rdoc +21 -0
- data/Hacking.rdoc +68 -0
- data/History.rdoc +186 -0
- data/License.rdoc +29 -0
- data/Manifest.txt +49 -0
- data/README.rdoc +52 -0
- data/Rakefile +74 -0
- data/autotest/discover.rb +1 -0
- data/lib/net-ldap.rb +2 -0
- data/lib/net/ber.rb +318 -0
- data/lib/net/ber/ber_parser.rb +168 -0
- data/lib/net/ber/core_ext.rb +62 -0
- data/lib/net/ber/core_ext/array.rb +96 -0
- data/lib/net/ber/core_ext/bignum.rb +22 -0
- data/lib/net/ber/core_ext/false_class.rb +10 -0
- data/lib/net/ber/core_ext/fixnum.rb +66 -0
- data/lib/net/ber/core_ext/string.rb +65 -0
- data/lib/net/ber/core_ext/true_class.rb +12 -0
- data/lib/net/ldap.rb +1618 -0
- data/lib/net/ldap/dataset.rb +154 -0
- data/lib/net/ldap/dn.rb +225 -0
- data/lib/net/ldap/entry.rb +185 -0
- data/lib/net/ldap/filter.rb +759 -0
- data/lib/net/ldap/password.rb +31 -0
- data/lib/net/ldap/pdu.rb +273 -0
- data/lib/net/snmp.rb +268 -0
- data/net-ldap-1.gemspec +58 -0
- data/spec/integration/ssl_ber_spec.rb +36 -0
- data/spec/spec.opts +2 -0
- data/spec/spec_helper.rb +5 -0
- data/spec/unit/ber/ber_spec.rb +109 -0
- data/spec/unit/ber/core_ext/string_spec.rb +51 -0
- data/spec/unit/ldap/dn_spec.rb +80 -0
- data/spec/unit/ldap/entry_spec.rb +51 -0
- data/spec/unit/ldap/filter_spec.rb +84 -0
- data/spec/unit/ldap_spec.rb +78 -0
- data/test/common.rb +3 -0
- data/test/test_entry.rb +59 -0
- data/test/test_filter.rb +122 -0
- data/test/test_ldap_connection.rb +24 -0
- data/test/test_ldif.rb +79 -0
- data/test/test_password.rb +17 -0
- data/test/test_rename.rb +77 -0
- data/test/test_snmp.rb +114 -0
- data/test/testdata.ldif +101 -0
- data/testserver/ldapserver.rb +210 -0
- data/testserver/testdata.ldif +101 -0
- metadata +197 -0
@@ -0,0 +1,78 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Net::LDAP::Connection do
|
4
|
+
describe "initialize" do
|
5
|
+
context "when host is not responding" do
|
6
|
+
before(:each) do
|
7
|
+
flexmock(TCPSocket).
|
8
|
+
should_receive(:new).and_raise(Errno::ECONNREFUSED)
|
9
|
+
end
|
10
|
+
|
11
|
+
it "should raise LdapError" do
|
12
|
+
lambda {
|
13
|
+
Net::LDAP::Connection.new(
|
14
|
+
:server => 'test.mocked.com',
|
15
|
+
:port => 636)
|
16
|
+
}.should raise_error(Net::LDAP::LdapError)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
context "when host is blocking the port" do
|
20
|
+
before(:each) do
|
21
|
+
flexmock(TCPSocket).
|
22
|
+
should_receive(:new).and_raise(SocketError)
|
23
|
+
end
|
24
|
+
|
25
|
+
it "should raise LdapError" do
|
26
|
+
lambda {
|
27
|
+
Net::LDAP::Connection.new(
|
28
|
+
:server => 'test.mocked.com',
|
29
|
+
:port => 636)
|
30
|
+
}.should raise_error(Net::LDAP::LdapError)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
context "on other exceptions" do
|
34
|
+
before(:each) do
|
35
|
+
flexmock(TCPSocket).
|
36
|
+
should_receive(:new).and_raise(NameError)
|
37
|
+
end
|
38
|
+
|
39
|
+
it "should rethrow the exception" do
|
40
|
+
lambda {
|
41
|
+
Net::LDAP::Connection.new(
|
42
|
+
:server => 'test.mocked.com',
|
43
|
+
:port => 636)
|
44
|
+
}.should raise_error(NameError)
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
context "populate error messages" do
|
50
|
+
before do
|
51
|
+
@tcp_socket = flexmock(:connection)
|
52
|
+
@tcp_socket.should_receive(:write)
|
53
|
+
flexmock(TCPSocket).should_receive(:new).and_return(@tcp_socket)
|
54
|
+
end
|
55
|
+
|
56
|
+
subject { Net::LDAP::Connection.new(:server => 'test.mocked.com', :port => 636) }
|
57
|
+
|
58
|
+
it "should get back error messages if operation fails" do
|
59
|
+
ber = Net::BER::BerIdentifiedArray.new([53, "", "The provided password value was rejected by a password validator: The provided password did not contain enough characters from the character set 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'. The minimum number of characters from that set that must be present in user passwords is 1"])
|
60
|
+
ber.ber_identifier = 7
|
61
|
+
@tcp_socket.should_receive(:read_ber).and_return([2, ber])
|
62
|
+
|
63
|
+
result = subject.modify(:dn => "1", :operations => [[:replace, "mail", "something@sothsdkf.com"]])
|
64
|
+
result.should be_failure
|
65
|
+
result.error_message.should == "The provided password value was rejected by a password validator: The provided password did not contain enough characters from the character set 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'. The minimum number of characters from that set that must be present in user passwords is 1"
|
66
|
+
end
|
67
|
+
|
68
|
+
it "shouldn't get back error messages if operation succeeds" do
|
69
|
+
ber = Net::BER::BerIdentifiedArray.new([0, "", ""])
|
70
|
+
ber.ber_identifier = 7
|
71
|
+
@tcp_socket.should_receive(:read_ber).and_return([2, ber])
|
72
|
+
|
73
|
+
result = subject.modify(:dn => "1", :operations => [[:replace, "mail", "something@sothsdkf.com"]])
|
74
|
+
result.should be_success
|
75
|
+
result.error_message.should == ""
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
data/test/common.rb
ADDED
data/test/test_entry.rb
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
require 'common'
|
2
|
+
|
3
|
+
=begin
|
4
|
+
class TestEntry < Test::Unit::TestCase
|
5
|
+
Commented out until I can make it a spec.
|
6
|
+
context "An instance of Entry" do
|
7
|
+
setup do
|
8
|
+
@entry = Net::LDAP::Entry.new 'cn=Barbara,o=corp'
|
9
|
+
end
|
10
|
+
|
11
|
+
should "be initialized with the DN" do
|
12
|
+
assert_equal 'cn=Barbara,o=corp', @entry.dn
|
13
|
+
end
|
14
|
+
|
15
|
+
should 'return an empty array when accessing a nonexistent attribute (index lookup)' do
|
16
|
+
assert_equal [], @entry['sn']
|
17
|
+
end
|
18
|
+
|
19
|
+
should 'return an empty array when accessing a nonexistent attribute (method call)' do
|
20
|
+
assert_equal [], @entry.sn
|
21
|
+
end
|
22
|
+
|
23
|
+
should 'create an attribute on assignment (index lookup)' do
|
24
|
+
@entry['sn'] = 'Jensen'
|
25
|
+
assert_equal ['Jensen'], @entry['sn']
|
26
|
+
end
|
27
|
+
|
28
|
+
should 'create an attribute on assignment (method call)' do
|
29
|
+
@entry.sn = 'Jensen'
|
30
|
+
assert_equal ['Jensen'], @entry.sn
|
31
|
+
end
|
32
|
+
|
33
|
+
should 'have attributes accessible by index lookup' do
|
34
|
+
@entry['sn'] = 'Jensen'
|
35
|
+
assert_equal ['Jensen'], @entry['sn']
|
36
|
+
end
|
37
|
+
|
38
|
+
should 'have attributes accessible using a Symbol as the index' do
|
39
|
+
@entry[:sn] = 'Jensen'
|
40
|
+
assert_equal ['Jensen'], @entry[:sn]
|
41
|
+
end
|
42
|
+
|
43
|
+
should 'have attributes accessible by method call' do
|
44
|
+
@entry['sn'] = 'Jensen'
|
45
|
+
assert_equal ['Jensen'], @entry.sn
|
46
|
+
end
|
47
|
+
|
48
|
+
should 'ignore case of attribute names' do
|
49
|
+
@entry['sn'] = 'Jensen'
|
50
|
+
assert_equal ['Jensen'], @entry.sn
|
51
|
+
assert_equal ['Jensen'], @entry.Sn
|
52
|
+
assert_equal ['Jensen'], @entry.SN
|
53
|
+
assert_equal ['Jensen'], @entry['sn']
|
54
|
+
assert_equal ['Jensen'], @entry['Sn']
|
55
|
+
assert_equal ['Jensen'], @entry['SN']
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
=end
|
data/test/test_filter.rb
ADDED
@@ -0,0 +1,122 @@
|
|
1
|
+
require 'common'
|
2
|
+
|
3
|
+
class TestFilter < Test::Unit::TestCase
|
4
|
+
Filter = Net::LDAP::Filter
|
5
|
+
|
6
|
+
def test_bug_7534_rfc2254
|
7
|
+
assert_equal("(cn=Tim Wizard)",
|
8
|
+
Filter.from_rfc2254("(cn=Tim Wizard)").to_rfc2254)
|
9
|
+
end
|
10
|
+
|
11
|
+
def test_invalid_filter_string
|
12
|
+
assert_raises(Net::LDAP::LdapError) { Filter.from_rfc2254("") }
|
13
|
+
end
|
14
|
+
|
15
|
+
def test_invalid_filter
|
16
|
+
assert_raises(Net::LDAP::LdapError) {
|
17
|
+
# This test exists to prove that our constructor blocks unknown filter
|
18
|
+
# types. All filters must be constructed using helpers.
|
19
|
+
Filter.__send__(:new, :xx, nil, nil)
|
20
|
+
}
|
21
|
+
end
|
22
|
+
|
23
|
+
def test_to_s
|
24
|
+
assert_equal("(uid=george *)", Filter.eq("uid", "george *").to_s)
|
25
|
+
end
|
26
|
+
|
27
|
+
def test_convenience_filters
|
28
|
+
assert_equal("(uid=\\2A)", Filter.equals("uid", "*").to_s)
|
29
|
+
assert_equal("(uid=\\28*)", Filter.begins("uid", "(").to_s)
|
30
|
+
assert_equal("(uid=*\\29)", Filter.ends("uid", ")").to_s)
|
31
|
+
assert_equal("(uid=*\\5C*)", Filter.contains("uid", "\\").to_s)
|
32
|
+
end
|
33
|
+
|
34
|
+
def test_c2
|
35
|
+
assert_equal("(uid=george *)",
|
36
|
+
Filter.from_rfc2254("uid=george *").to_rfc2254)
|
37
|
+
assert_equal("(uid:=george *)",
|
38
|
+
Filter.from_rfc2254("uid:=george *").to_rfc2254)
|
39
|
+
assert_equal("(uid=george*)",
|
40
|
+
Filter.from_rfc2254(" ( uid = george* ) ").to_rfc2254)
|
41
|
+
assert_equal("(!(uid=george*))",
|
42
|
+
Filter.from_rfc2254("uid!=george*").to_rfc2254)
|
43
|
+
assert_equal("(uid<=george*)",
|
44
|
+
Filter.from_rfc2254("uid <= george*").to_rfc2254)
|
45
|
+
assert_equal("(uid>=george*)",
|
46
|
+
Filter.from_rfc2254("uid>=george*").to_rfc2254)
|
47
|
+
assert_equal("(&(uid=george*)(mail=*))",
|
48
|
+
Filter.from_rfc2254("(& (uid=george* ) (mail=*))").to_rfc2254)
|
49
|
+
assert_equal("(|(uid=george*)(mail=*))",
|
50
|
+
Filter.from_rfc2254("(| (uid=george* ) (mail=*))").to_rfc2254)
|
51
|
+
assert_equal("(!(mail=*))",
|
52
|
+
Filter.from_rfc2254("(! (mail=*))").to_rfc2254)
|
53
|
+
end
|
54
|
+
|
55
|
+
def test_filter_with_single_clause
|
56
|
+
assert_equal("(cn=name)", Net::LDAP::Filter.construct("(&(cn=name))").to_s)
|
57
|
+
end
|
58
|
+
|
59
|
+
def test_filters_from_ber
|
60
|
+
[
|
61
|
+
Net::LDAP::Filter.eq("objectclass", "*"),
|
62
|
+
Net::LDAP::Filter.pres("objectclass"),
|
63
|
+
Net::LDAP::Filter.eq("objectclass", "ou"),
|
64
|
+
Net::LDAP::Filter.ge("uid", "500"),
|
65
|
+
Net::LDAP::Filter.le("uid", "500"),
|
66
|
+
(~ Net::LDAP::Filter.pres("objectclass")),
|
67
|
+
(Net::LDAP::Filter.pres("objectclass") & Net::LDAP::Filter.pres("ou")),
|
68
|
+
(Net::LDAP::Filter.pres("objectclass") & Net::LDAP::Filter.pres("ou") & Net::LDAP::Filter.pres("sn")),
|
69
|
+
(Net::LDAP::Filter.pres("objectclass") | Net::LDAP::Filter.pres("ou") | Net::LDAP::Filter.pres("sn")),
|
70
|
+
|
71
|
+
Net::LDAP::Filter.eq("objectclass", "*aaa"),
|
72
|
+
Net::LDAP::Filter.eq("objectclass", "*aaa*bbb"),
|
73
|
+
Net::LDAP::Filter.eq("objectclass", "*aaa*bbb*ccc"),
|
74
|
+
Net::LDAP::Filter.eq("objectclass", "aaa*bbb"),
|
75
|
+
Net::LDAP::Filter.eq("objectclass", "aaa*bbb*ccc"),
|
76
|
+
Net::LDAP::Filter.eq("objectclass", "abc*def*1111*22*g"),
|
77
|
+
Net::LDAP::Filter.eq("objectclass", "*aaa*"),
|
78
|
+
Net::LDAP::Filter.eq("objectclass", "*aaa*bbb*"),
|
79
|
+
Net::LDAP::Filter.eq("objectclass", "*aaa*bbb*ccc*"),
|
80
|
+
Net::LDAP::Filter.eq("objectclass", "aaa*"),
|
81
|
+
Net::LDAP::Filter.eq("objectclass", "aaa*bbb*"),
|
82
|
+
Net::LDAP::Filter.eq("objectclass", "aaa*bbb*ccc*"),
|
83
|
+
].each do |ber|
|
84
|
+
f = Net::LDAP::Filter.parse_ber(ber.to_ber.read_ber(Net::LDAP::AsnSyntax))
|
85
|
+
assert(f == ber)
|
86
|
+
assert_equal(f.to_ber, ber.to_ber)
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
def test_ber_from_rfc2254_filter
|
91
|
+
[
|
92
|
+
Net::LDAP::Filter.construct("objectclass=*"),
|
93
|
+
Net::LDAP::Filter.construct("objectclass=ou"),
|
94
|
+
Net::LDAP::Filter.construct("uid >= 500"),
|
95
|
+
Net::LDAP::Filter.construct("uid <= 500"),
|
96
|
+
Net::LDAP::Filter.construct("(!(uid=*))"),
|
97
|
+
Net::LDAP::Filter.construct("(&(uid=*)(objectclass=*))"),
|
98
|
+
Net::LDAP::Filter.construct("(&(uid=*)(objectclass=*)(sn=*))"),
|
99
|
+
Net::LDAP::Filter.construct("(|(uid=*)(objectclass=*))"),
|
100
|
+
Net::LDAP::Filter.construct("(|(uid=*)(objectclass=*)(sn=*))"),
|
101
|
+
|
102
|
+
Net::LDAP::Filter.construct("objectclass=*aaa"),
|
103
|
+
Net::LDAP::Filter.construct("objectclass=*aaa*bbb"),
|
104
|
+
Net::LDAP::Filter.construct("objectclass=*aaa bbb"),
|
105
|
+
Net::LDAP::Filter.construct("objectclass=*aaa bbb"),
|
106
|
+
Net::LDAP::Filter.construct("objectclass=*aaa*bbb*ccc"),
|
107
|
+
Net::LDAP::Filter.construct("objectclass=aaa*bbb"),
|
108
|
+
Net::LDAP::Filter.construct("objectclass=aaa*bbb*ccc"),
|
109
|
+
Net::LDAP::Filter.construct("objectclass=abc*def*1111*22*g"),
|
110
|
+
Net::LDAP::Filter.construct("objectclass=*aaa*"),
|
111
|
+
Net::LDAP::Filter.construct("objectclass=*aaa*bbb*"),
|
112
|
+
Net::LDAP::Filter.construct("objectclass=*aaa*bbb*ccc*"),
|
113
|
+
Net::LDAP::Filter.construct("objectclass=aaa*"),
|
114
|
+
Net::LDAP::Filter.construct("objectclass=aaa*bbb*"),
|
115
|
+
Net::LDAP::Filter.construct("objectclass=aaa*bbb*ccc*"),
|
116
|
+
].each do |ber|
|
117
|
+
f = Net::LDAP::Filter.parse_ber(ber.to_ber.read_ber(Net::LDAP::AsnSyntax))
|
118
|
+
assert(f == ber)
|
119
|
+
assert_equal(f.to_ber, ber.to_ber)
|
120
|
+
end
|
121
|
+
end
|
122
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
require 'common'
|
2
|
+
|
3
|
+
class TestLDAP < Test::Unit::TestCase
|
4
|
+
def test_modify_ops_delete
|
5
|
+
args = { :operations => [ [ :delete, "mail" ] ] }
|
6
|
+
result = Net::LDAP::Connection.modify_ops(args[:operations])
|
7
|
+
expected = [ "0\r\n\x01\x010\b\x04\x04mail1\x00" ]
|
8
|
+
assert_equal(expected, result)
|
9
|
+
end
|
10
|
+
|
11
|
+
def test_modify_ops_add
|
12
|
+
args = { :operations => [ [ :add, "mail", "testuser@example.com" ] ] }
|
13
|
+
result = Net::LDAP::Connection.modify_ops(args[:operations])
|
14
|
+
expected = [ "0#\n\x01\x000\x1E\x04\x04mail1\x16\x04\x14testuser@example.com" ]
|
15
|
+
assert_equal(expected, result)
|
16
|
+
end
|
17
|
+
|
18
|
+
def test_modify_ops_replace
|
19
|
+
args = { :operations =>[ [ :replace, "mail", "testuser@example.com" ] ] }
|
20
|
+
result = Net::LDAP::Connection.modify_ops(args[:operations])
|
21
|
+
expected = [ "0#\n\x01\x020\x1E\x04\x04mail1\x16\x04\x14testuser@example.com" ]
|
22
|
+
assert_equal(expected, result)
|
23
|
+
end
|
24
|
+
end
|
data/test/test_ldif.rb
ADDED
@@ -0,0 +1,79 @@
|
|
1
|
+
# $Id: testldif.rb 61 2006-04-18 20:55:55Z blackhedd $
|
2
|
+
|
3
|
+
require 'common'
|
4
|
+
|
5
|
+
require 'digest/sha1'
|
6
|
+
require 'base64'
|
7
|
+
|
8
|
+
class TestLdif < Test::Unit::TestCase
|
9
|
+
TestLdifFilename = "#{File.dirname(__FILE__)}/testdata.ldif"
|
10
|
+
|
11
|
+
def test_empty_ldif
|
12
|
+
ds = Net::LDAP::Dataset.read_ldif(StringIO.new)
|
13
|
+
assert_equal(true, ds.empty?)
|
14
|
+
end
|
15
|
+
|
16
|
+
def test_ldif_with_comments
|
17
|
+
str = ["# Hello from LDIF-land", "# This is an unterminated comment"]
|
18
|
+
io = StringIO.new(str[0] + "\r\n" + str[1])
|
19
|
+
ds = Net::LDAP::Dataset::read_ldif(io)
|
20
|
+
assert_equal(str, ds.comments)
|
21
|
+
end
|
22
|
+
|
23
|
+
def test_ldif_with_password
|
24
|
+
psw = "goldbricks"
|
25
|
+
hashed_psw = "{SHA}" + Base64::encode64(Digest::SHA1.digest(psw)).chomp
|
26
|
+
|
27
|
+
ldif_encoded = Base64::encode64(hashed_psw).chomp
|
28
|
+
ds = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: Goldbrick\r\nuserPassword:: #{ldif_encoded}\r\n\r\n"))
|
29
|
+
recovered_psw = ds["Goldbrick"][:userpassword].shift
|
30
|
+
assert_equal(hashed_psw, recovered_psw)
|
31
|
+
end
|
32
|
+
|
33
|
+
def test_ldif_with_continuation_lines
|
34
|
+
ds = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: abcdefg\r\n hijklmn\r\n\r\n"))
|
35
|
+
assert_equal(true, ds.has_key?("abcdefghijklmn"))
|
36
|
+
end
|
37
|
+
|
38
|
+
def test_ldif_with_continuation_lines_and_extra_whitespace
|
39
|
+
ds1 = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: abcdefg\r\n hijklmn\r\n\r\n"))
|
40
|
+
assert_equal(true, ds1.has_key?("abcdefg hijklmn"))
|
41
|
+
ds2 = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: abcdefg\r\n hij klmn\r\n\r\n"))
|
42
|
+
assert_equal(true, ds2.has_key?("abcdefghij klmn"))
|
43
|
+
end
|
44
|
+
|
45
|
+
def test_ldif_tab_is_not_continuation
|
46
|
+
ds = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: key\r\n\tnotcontinued\r\n\r\n"))
|
47
|
+
assert_equal(true, ds.has_key?("key"))
|
48
|
+
end
|
49
|
+
|
50
|
+
# TODO, INADEQUATE. We need some more tests
|
51
|
+
# to verify the content.
|
52
|
+
def test_ldif
|
53
|
+
File.open(TestLdifFilename, "r") {|f|
|
54
|
+
ds = Net::LDAP::Dataset::read_ldif(f)
|
55
|
+
assert_equal(13, ds.length)
|
56
|
+
}
|
57
|
+
end
|
58
|
+
|
59
|
+
# Must test folded lines and base64-encoded lines as well as normal ones.
|
60
|
+
def test_to_ldif
|
61
|
+
data = File.open(TestLdifFilename, "rb") { |f| f.read }
|
62
|
+
io = StringIO.new(data)
|
63
|
+
|
64
|
+
# added .lines to turn to array because 1.9 doesn't have
|
65
|
+
# .grep on basic strings
|
66
|
+
entries = data.lines.grep(/^dn:\s*/) { $'.chomp }
|
67
|
+
dn_entries = entries.dup
|
68
|
+
|
69
|
+
ds = Net::LDAP::Dataset::read_ldif(io) { |type, value|
|
70
|
+
case type
|
71
|
+
when :dn
|
72
|
+
assert_equal(dn_entries.first, value)
|
73
|
+
dn_entries.shift
|
74
|
+
end
|
75
|
+
}
|
76
|
+
assert_equal(entries.size, ds.size)
|
77
|
+
assert_equal(entries.sort, ds.to_ldif.grep(/^dn:\s*/) { $'.chomp })
|
78
|
+
end
|
79
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
# $Id: testpsw.rb 72 2006-04-24 21:58:14Z blackhedd $
|
2
|
+
|
3
|
+
require 'common'
|
4
|
+
|
5
|
+
class TestPassword < Test::Unit::TestCase
|
6
|
+
|
7
|
+
def test_psw
|
8
|
+
assert_equal(
|
9
|
+
"{MD5}xq8jwrcfibi0sZdZYNkSng==",
|
10
|
+
Net::LDAP::Password.generate( :md5, "cashflow" ))
|
11
|
+
|
12
|
+
assert_equal(
|
13
|
+
"{SHA}YE4eGkN4BvwNN1f5R7CZz0kFn14=",
|
14
|
+
Net::LDAP::Password.generate( :sha, "cashflow" ))
|
15
|
+
end
|
16
|
+
|
17
|
+
end
|
data/test/test_rename.rb
ADDED
@@ -0,0 +1,77 @@
|
|
1
|
+
require 'common'
|
2
|
+
|
3
|
+
# Commented out since it assumes you have a live LDAP server somewhere. This
|
4
|
+
# will be migrated to the integration specs, as soon as they are ready.
|
5
|
+
=begin
|
6
|
+
class TestRename < Test::Unit::TestCase
|
7
|
+
HOST= '10.10.10.71'
|
8
|
+
PORT = 389
|
9
|
+
BASE = "o=test"
|
10
|
+
AUTH = { :method => :simple, :username => "cn=testadmin,#{BASE}", :password => 'password' }
|
11
|
+
BASIC_USER = "cn=jsmith,ou=sales,#{BASE}"
|
12
|
+
RENAMED_USER = "cn=jbrown,ou=sales,#{BASE}"
|
13
|
+
MOVED_USER = "cn=jsmith,ou=marketing,#{BASE}"
|
14
|
+
RENAMED_MOVED_USER = "cn=jjones,ou=marketing,#{BASE}"
|
15
|
+
|
16
|
+
def setup
|
17
|
+
# create the entries we're going to manipulate
|
18
|
+
Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
|
19
|
+
if ldap.add(:dn => "ou=sales,#{BASE}", :attributes => { :ou => "sales", :objectclass => "organizationalUnit" })
|
20
|
+
puts "Add failed: #{ldap.get_operation_result.message} - code: #{ldap.get_operation_result.code}"
|
21
|
+
end
|
22
|
+
ldap.add(:dn => "ou=marketing,#{BASE}", :attributes => { :ou => "marketing", :objectclass => "organizationalUnit" })
|
23
|
+
ldap.add(:dn => BASIC_USER, :attributes => { :cn => "jsmith", :objectclass => "inetOrgPerson", :sn => "Smith" })
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def test_rename_entry
|
28
|
+
dn = nil
|
29
|
+
Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
|
30
|
+
ldap.rename(:olddn => BASIC_USER, :newrdn => "cn=jbrown")
|
31
|
+
|
32
|
+
ldap.search(:base => RENAMED_USER) do |entry|
|
33
|
+
dn = entry.dn
|
34
|
+
end
|
35
|
+
end
|
36
|
+
assert_equal(RENAMED_USER, dn)
|
37
|
+
end
|
38
|
+
|
39
|
+
def test_move_entry
|
40
|
+
dn = nil
|
41
|
+
Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
|
42
|
+
ldap.rename(:olddn => BASIC_USER, :newrdn => "cn=jsmith", :new_superior => "ou=marketing,#{BASE}")
|
43
|
+
|
44
|
+
ldap.search(:base => MOVED_USER) do |entry|
|
45
|
+
dn = entry.dn
|
46
|
+
end
|
47
|
+
end
|
48
|
+
assert_equal(MOVED_USER, dn)
|
49
|
+
end
|
50
|
+
|
51
|
+
def test_move_and_rename_entry
|
52
|
+
dn = nil
|
53
|
+
Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
|
54
|
+
ldap.rename(:olddn => BASIC_USER, :newrdn => "cn=jjones", :new_superior => "ou=marketing,#{BASE}")
|
55
|
+
|
56
|
+
ldap.search(:base => RENAMED_MOVED_USER) do |entry|
|
57
|
+
dn = entry.dn
|
58
|
+
end
|
59
|
+
end
|
60
|
+
assert_equal(RENAMED_MOVED_USER, dn)
|
61
|
+
end
|
62
|
+
|
63
|
+
def teardown
|
64
|
+
# delete the entries
|
65
|
+
# note: this doesn't always completely clear up on eDirectory as objects get locked while
|
66
|
+
# the rename/move is being completed on the server and this prevents the delete from happening
|
67
|
+
Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
|
68
|
+
ldap.delete(:dn => BASIC_USER)
|
69
|
+
ldap.delete(:dn => RENAMED_USER)
|
70
|
+
ldap.delete(:dn => MOVED_USER)
|
71
|
+
ldap.delete(:dn => RENAMED_MOVED_USER)
|
72
|
+
ldap.delete(:dn => "ou=sales,#{BASE}")
|
73
|
+
ldap.delete(:dn => "ou=marketing,#{BASE}")
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
=end
|