net-ldap 0.8.0 → 0.9.0

data/test/integration/test_delete.rb

@@ -0,0 +1,31 @@
+require_relative '../test_helper'
+
+class TestDeleteIntegration < LDAPIntegrationTestCase
+  def setup
+    super
+    @ldap.authenticate "cn=admin,dc=rubyldap,dc=com", "passworD1"
+
+    @dn = "uid=delete-user1,ou=People,dc=rubyldap,dc=com"
+
+    attrs = {
+      objectclass: %w(top inetOrgPerson organizationalPerson person),
+      uid:  "delete-user1",
+      cn:   "delete-user1",
+      sn:   "delete-user1",
+      mail: "delete-user1@rubyldap.com"
+    }
+    unless @ldap.search(base: @dn, scope: Net::LDAP::SearchScope_BaseObject)
+      assert @ldap.add(dn: @dn, attributes: attrs), @ldap.get_operation_result.inspect
+    end
+    assert @ldap.search(base: @dn, scope: Net::LDAP::SearchScope_BaseObject)
+  end
+
+  def test_delete
+    assert @ldap.delete(dn: @dn), @ldap.get_operation_result.inspect
+    refute @ldap.search(base: @dn, scope: Net::LDAP::SearchScope_BaseObject)
+
+    result = @ldap.get_operation_result
+    assert_equal Net::LDAP::ResultCodeNoSuchObject, result.code
+    assert_equal Net::LDAP::ResultStrings[Net::LDAP::ResultCodeNoSuchObject], result.message
+  end
+end

data/test/integration/test_open.rb

@@ -0,0 +1,88 @@
+require_relative '../test_helper'
+
+class TestBindIntegration < LDAPIntegrationTestCase
+  def test_binds_without_open
+    events = @service.subscribe "bind.net_ldap_connection"
+
+    @ldap.search(filter: "uid=user1", base: "ou=People,dc=rubyldap,dc=com", ignore_server_caps: true)
+    @ldap.search(filter: "uid=user1", base: "ou=People,dc=rubyldap,dc=com", ignore_server_caps: true)
+
+    assert_equal 2, events.size
+  end
+
+  def test_binds_with_open
+    events = @service.subscribe "bind.net_ldap_connection"
+
+    @ldap.open do
+      @ldap.search(filter: "uid=user1", base: "ou=People,dc=rubyldap,dc=com", ignore_server_caps: true)
+      @ldap.search(filter: "uid=user1", base: "ou=People,dc=rubyldap,dc=com", ignore_server_caps: true)
+    end
+
+    assert_equal 1, events.size
+  end
+
+  # NOTE: query for two or more entries so that the socket must be read
+  # multiple times.
+  # See The Problem: https://github.com/ruby-ldap/ruby-net-ldap/issues/136
+
+  def test_nested_search_without_open
+    entries = []
+    nested_entry = nil
+
+    @ldap.search(filter: "(|(uid=user1)(uid=user2))", base: "ou=People,dc=rubyldap,dc=com") do |entry|
+      entries << entry.uid.first
+      nested_entry ||= @ldap.search(filter: "uid=user3", base: "ou=People,dc=rubyldap,dc=com").first
+    end
+
+    assert_equal "user3", nested_entry.uid.first
+    assert_equal %w(user1 user2), entries
+  end
+
+  def test_nested_search_with_open
+    entries = []
+    nested_entry = nil
+
+    @ldap.open do
+      @ldap.search(filter: "(|(uid=user1)(uid=user2))", base: "ou=People,dc=rubyldap,dc=com") do |entry|
+        entries << entry.uid.first
+        nested_entry ||= @ldap.search(filter: "uid=user3", base: "ou=People,dc=rubyldap,dc=com").first
+      end
+    end
+
+    assert_equal "user3", nested_entry.uid.first
+    assert_equal %w(user1 user2), entries
+  end
+
+  def test_nested_add_with_open
+    entries = []
+    nested_entry = nil
+
+    dn = "uid=nested-open-added-user1,ou=People,dc=rubyldap,dc=com"
+    attrs = {
+      objectclass: %w(top inetOrgPerson organizationalPerson person),
+      uid:  "nested-open-added-user1",
+      cn:   "nested-open-added-user1",
+      sn:   "nested-open-added-user1",
+      mail: "nested-open-added-user1@rubyldap.com"
+    }
+
+    @ldap.authenticate "cn=admin,dc=rubyldap,dc=com", "passworD1"
+    @ldap.delete dn: dn
+
+    @ldap.open do
+      @ldap.search(filter: "(|(uid=user1)(uid=user2))", base: "ou=People,dc=rubyldap,dc=com") do |entry|
+        entries << entry.uid.first
+
+        nested_entry ||= begin
+          assert @ldap.add(dn: dn, attributes: attrs), @ldap.get_operation_result.inspect
+          @ldap.search(base: dn, scope: Net::LDAP::SearchScope_BaseObject).first
+        end
+      end
+    end
+
+    assert_equal %w(user1 user2), entries
+    assert_equal "nested-open-added-user1", nested_entry.uid.first
+  ensure
+    @ldap.delete dn: dn
+  end
+end

data/test/integration/test_return_codes.rb

@@ -0,0 +1,38 @@
+require_relative '../test_helper'
+
+# NOTE: These tests depend on the OpenLDAP retcode overlay.
+# See: section 12.12 http://www.openldap.org/doc/admin24/overlays.html
+
+class TestReturnCodeIntegration < LDAPIntegrationTestCase
+  def test_operations_error
+    refute @ldap.search(filter: "cn=operationsError", base: "ou=Retcodes,dc=rubyldap,dc=com")
+    assert result = @ldap.get_operation_result
+
+    assert_equal Net::LDAP::ResultCodeOperationsError, result.code
+    assert_equal Net::LDAP::ResultStrings[Net::LDAP::ResultCodeOperationsError], result.message
+  end
+
+  def test_protocol_error
+    refute @ldap.search(filter: "cn=protocolError", base: "ou=Retcodes,dc=rubyldap,dc=com")
+    assert result = @ldap.get_operation_result
+
+    assert_equal Net::LDAP::ResultCodeProtocolError, result.code
+    assert_equal Net::LDAP::ResultStrings[Net::LDAP::ResultCodeProtocolError], result.message
+  end
+
+  def test_time_limit_exceeded
+    assert @ldap.search(filter: "cn=timeLimitExceeded", base: "ou=Retcodes,dc=rubyldap,dc=com")
+    assert result = @ldap.get_operation_result
+
+    assert_equal Net::LDAP::ResultCodeTimeLimitExceeded, result.code
+    assert_equal Net::LDAP::ResultStrings[Net::LDAP::ResultCodeTimeLimitExceeded], result.message
+  end
+
+  def test_size_limit_exceeded
+    assert @ldap.search(filter: "cn=sizeLimitExceeded", base: "ou=Retcodes,dc=rubyldap,dc=com")
+    assert result = @ldap.get_operation_result
+
+    assert_equal Net::LDAP::ResultCodeSizeLimitExceeded, result.code
+    assert_equal Net::LDAP::ResultStrings[Net::LDAP::ResultCodeSizeLimitExceeded], result.message
+  end
+end

data/test/integration/test_search.rb

@@ -0,0 +1,77 @@
+require_relative '../test_helper'
+
+class TestSearchIntegration < LDAPIntegrationTestCase
+  def test_search
+    entries = []
+
+    result = @ldap.search(base: "dc=rubyldap,dc=com") do |entry|
+      assert_kind_of Net::LDAP::Entry, entry
+      entries << entry
+    end
+
+    refute entries.empty?
+    assert_equal entries, result
+  end
+
+  def test_search_without_result
+    entries = []
+
+    result = @ldap.search(base: "dc=rubyldap,dc=com", return_result: false) do |entry|
+      assert_kind_of Net::LDAP::Entry, entry
+      entries << entry
+    end
+
+    assert result
+    refute_equal entries, result
+  end
+
+  def test_search_filter_string
+    entries = @ldap.search(base: "dc=rubyldap,dc=com", filter: "(uid=user1)")
+    assert_equal 1, entries.size
+  end
+
+  def test_search_filter_object
+    filter = Net::LDAP::Filter.eq("uid", "user1") | Net::LDAP::Filter.eq("uid", "user2")
+    entries = @ldap.search(base: "dc=rubyldap,dc=com", filter: filter)
+    assert_equal 2, entries.size
+  end
+
+  def test_search_constrained_attributes
+    entry = @ldap.search(base: "uid=user1,ou=People,dc=rubyldap,dc=com", attributes: ["cn", "sn"]).first
+    assert_equal [:cn, :dn, :sn], entry.attribute_names.sort  # :dn is always included
+    assert_empty entry[:mail]
+  end
+
+  def test_search_attributes_only
+    entry = @ldap.search(base: "uid=user1,ou=People,dc=rubyldap,dc=com", attributes_only: true).first
+
+    assert_empty entry[:cn], "unexpected attribute value: #{entry[:cn]}"
+  end
+
+  def test_search_timeout
+    entries = []
+    events = @service.subscribe "search.net_ldap_connection"
+
+    result = @ldap.search(base: "dc=rubyldap,dc=com", time: 5) do |entry|
+      assert_kind_of Net::LDAP::Entry, entry
+      entries << entry
+    end
+
+    payload, _ = events.pop
+    assert_equal 5, payload[:time]
+    assert_equal entries, result
+  end
+
+  # http://tools.ietf.org/html/rfc4511#section-4.5.1.4
+  def test_search_with_size
+    entries = []
+
+    result = @ldap.search(base: "dc=rubyldap,dc=com", size: 1) do |entry|
+      assert_kind_of Net::LDAP::Entry, entry
+      entries << entry
+    end
+
+    assert_equal 1, result.size
+    assert_equal entries, result
+  end
+end

data/test/support/vm/openldap/.gitignore

@@ -0,0 +1 @@
+/.vagrant

data/test/support/vm/openldap/README.md

@@ -0,0 +1,32 @@
+# Local OpenLDAP Integration Testing
+
+Set up a [Vagrant](http://www.vagrantup.com/) VM to run integration tests against OpenLDAP locally.
+
+To run integration tests locally:
+
+``` bash
+# start VM (from the correct directory)
+$ cd test/support/vm/openldap/
+$ vagrant up
+
+# get the IP address of the VM
+$ ip=$(vagrant ssh -- "ifconfig eth1 | grep -o -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | head -n1")
+
+# change back to root project directory
+$ cd ../../../..
+
+# run all tests, including integration tests
+$ time INTEGRATION=openldap INTEGRATION_HOST=$ip bundle exec rake
+
+# run a specific integration test file
+$ time INTEGRATION=openldap INTEGRATION_HOST=$ip bundle exec ruby test/integration/test_search.rb
+
+# run integration tests by default
+$ export INTEGRATION=openldap
+$ export INTEGRATION_HOST=$ip
+
+# now run tests without having to set ENV variables
+$ time bundle exec rake
+```
+
+You may need to `gem install vagrant` first in order to provision the VM.

data/test/support/vm/openldap/Vagrantfile

@@ -0,0 +1,33 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
+VAGRANTFILE_API_VERSION = "2"
+
+Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
+  config.vm.hostname = "rubyldap.com"
+
+  config.vm.box = "hashicorp/precise64"
+
+  config.vm.network "private_network", type: :dhcp
+
+  config.ssh.forward_agent = true
+
+  config.vm.provision "shell", inline: "apt-get update; exec env /vagrant_data/script/install-openldap"
+
+  config.vm.synced_folder "../../../..", "/vagrant_data"
+
+  config.vm.provider "vmware_fusion" do |vb, override|
+    override.vm.box = "hashicorp/precise64"
+    vb.memory = 4596
+    vb.vmx["displayname"] = "integration tests vm"
+    vb.vmx["numvcpus"] = "2"
+  end
+
+  config.vm.provider "virtualbox" do |vb, override|
+    vb.memory = 4096
+    vb.customize ["modifyvm", :id, "--nicpromisc2", "allow-all"]
+    vb.customize ["modifyvm", :id, "--chipset", "ich9"]
+    vb.customize ["modifyvm", :id, "--vram", "16"]
+  end
+end

data/test/test_dn.rb

@@ -0,0 +1,44 @@
+require_relative 'test_helper'
+require 'net/ldap/dn'
+
+class TestDN < Test::Unit::TestCase
+  def test_escape
+    assert_equal '\\,\\+\\"\\\\\\<\\>\\;', Net::LDAP::DN.escape(',+"\\<>;')
+  end
+
+  def test_escape_on_initialize
+    dn = Net::LDAP::DN.new('cn', ',+"\\<>;', 'ou=company')
+    assert_equal 'cn=\\,\\+\\"\\\\\\<\\>\\;,ou=company', dn.to_s
+  end
+
+  def test_to_a
+    dn = Net::LDAP::DN.new('cn=James, ou=Company\\,\\20LLC')
+    assert_equal ['cn','James','ou','Company, LLC'], dn.to_a
+  end
+
+  def test_to_a_parenthesis
+    dn = Net::LDAP::DN.new('cn =  \ James , ou  =  "Comp\28ny"  ')
+    assert_equal ['cn',' James','ou','Comp(ny'], dn.to_a
+  end
+
+  def test_to_a_hash_symbol
+    dn = Net::LDAP::DN.new('1.23.4=  #A3B4D5  ,ou=Company')
+    assert_equal ['1.23.4','#A3B4D5','ou','Company'], dn.to_a
+  end
+
+  # TODO: raise a more specific exception than RuntimeError
+  def test_bad_input_raises_error
+    [
+      'cn=James,',
+      'cn=#aa aa',
+      'cn="James',
+      'cn=J\ames',
+      'cn=\\',
+      '1.2.d=Value',
+      'd1.2=Value',
+    ].each do |input|
+      dn = Net::LDAP::DN.new(input)
+      assert_raises(RuntimeError) { dn.to_a }
+    end
+  end
+end

data/test/test_entry.rb

@@ -1,59 +1,65 @@
-require 'common'
+require_relative 'test_helper'
 
-=begin
 class TestEntry < Test::Unit::TestCase
-Commented out until I can make it a spec.
-  context "An instance of Entry" do
-    setup do
-      @entry = Net::LDAP::Entry.new 'cn=Barbara,o=corp'
-    end
-
-    should "be initialized with the DN" do
-      assert_equal 'cn=Barbara,o=corp', @entry.dn
-    end
-
-    should 'return an empty array when accessing a nonexistent attribute (index lookup)' do
-      assert_equal [], @entry['sn']
-    end
-
-    should 'return an empty array when accessing a nonexistent attribute (method call)' do
-      assert_equal [], @entry.sn
-    end
-
-    should 'create an attribute on assignment (index lookup)' do
-      @entry['sn'] = 'Jensen'
-      assert_equal ['Jensen'], @entry['sn']
-    end
-
-    should 'create an attribute on assignment (method call)' do
-      @entry.sn = 'Jensen'
-      assert_equal ['Jensen'], @entry.sn
-    end
-
-    should 'have attributes accessible by index lookup' do
-      @entry['sn'] = 'Jensen'
-      assert_equal ['Jensen'], @entry['sn']
-    end
-
-    should 'have attributes accessible using a Symbol as the index' do
-      @entry[:sn] = 'Jensen'
-      assert_equal ['Jensen'], @entry[:sn]
-    end
-
-    should 'have attributes accessible by method call' do
-      @entry['sn'] = 'Jensen'
-      assert_equal ['Jensen'], @entry.sn
-    end
-
-    should 'ignore case of attribute names' do
-      @entry['sn'] = 'Jensen'
-      assert_equal ['Jensen'], @entry.sn
-      assert_equal ['Jensen'], @entry.Sn
-      assert_equal ['Jensen'], @entry.SN
-      assert_equal ['Jensen'], @entry['sn']
-      assert_equal ['Jensen'], @entry['Sn']
-      assert_equal ['Jensen'], @entry['SN']
-    end
-	end
+  def setup
+    @entry = Net::LDAP::Entry.new 'cn=Barbara,o=corp'
+  end
+
+  def test_dn
+    assert_equal 'cn=Barbara,o=corp', @entry.dn
+  end
+
+  def test_empty_array_when_accessing_nonexistent_attribute
+    assert_equal [], @entry['sn']
+  end
+
+  def test_attribute_assignment
+    @entry['sn'] = 'Jensen'
+    assert_equal ['Jensen'], @entry['sn']
+    assert_equal ['Jensen'], @entry.sn
+    assert_equal ['Jensen'], @entry[:sn]
+
+    @entry[:sn] = 'Jensen'
+    assert_equal ['Jensen'], @entry['sn']
+    assert_equal ['Jensen'], @entry.sn
+    assert_equal ['Jensen'], @entry[:sn]
+
+    @entry.sn = 'Jensen'
+    assert_equal ['Jensen'], @entry['sn']
+    assert_equal ['Jensen'], @entry.sn
+    assert_equal ['Jensen'], @entry[:sn]
+  end
+
+  def test_case_insensitive_attribute_names
+    @entry['sn'] = 'Jensen'
+    assert_equal ['Jensen'], @entry.sn
+    assert_equal ['Jensen'], @entry.Sn
+    assert_equal ['Jensen'], @entry.SN
+    assert_equal ['Jensen'], @entry['sn']
+    assert_equal ['Jensen'], @entry['Sn']
+    assert_equal ['Jensen'], @entry['SN']
+  end
+end
+
+class TestEntryLDIF < Test::Unit::TestCase
+  def setup
+    @entry = Net::LDAP::Entry.from_single_ldif_string(
+      %Q{dn: something
+foo: foo
+barAttribute: bar
+      })
+  end
+
+  def test_attribute
+    assert_equal ['foo'], @entry.foo
+    assert_equal ['foo'], @entry.Foo
+  end
+
+  def test_modify_attribute
+    @entry.foo = 'bar'
+    assert_equal ['bar'], @entry.foo
+
+    @entry.fOo= 'baz'
+    assert_equal ['baz'], @entry.foo
+  end
 end
-=end