powerhome-activeldap 3.2.3

data/test/test_base_per_instance.rb

@@ -0,0 +1,61 @@
+require 'al-test-utils'
+
+class TestBasePerInstance < Test::Unit::TestCase
+  include AlTestUtils
+
+  def setup
+    super
+    ou_class("ou=Users").new("Sub").save!
+  end
+
+  priority :must
+  def test_set_base
+    guest = @user_class.new("guest")
+    guest.base = "ou=Sub"
+    assert_equal("uid=guest,ou=Sub,#{@user_class.base}", guest.dn)
+  end
+
+  priority :normal
+  def test_dn_is_base
+    entry_class = Class.new(ActiveLdap::Base)
+    entry_class.ldap_mapping :prefix => "",
+                             :classes => ["top"],
+                             :scope => :sub
+    entry_class.dn_attribute = nil
+
+    entry = entry_class.root
+    assert_equal(entry_class.base, entry.dn)
+    assert_equal(entry_class.base, entry.base)
+  end
+
+  def test_loose_dn
+    user = @user_class.new("test-user , ou = Sub")
+    assert_equal("uid=test-user,ou=Sub,#{@user_class.base}", user.dn)
+
+    user = @user_class.new("test-user , ou = Sub, #{@user_class.base}")
+    assert_equal("uid=test-user,ou=Sub,#{@user_class.base}", user.dn)
+  end
+
+  def test_exists?
+    make_temporary_user(:uid => "test-user,ou=Sub") do |user, password|
+      assert(@user_class.exists?(user.uid))
+      assert(@user_class.exists?("uid=#{user.uid}"))
+      assert(@user_class.exists?(user.dn))
+
+      assert(@user_class.exists?("test-user,ou=Sub"))
+      assert(@user_class.exists?("uid=test-user,ou=Sub"))
+    end
+  end
+
+  def test_add
+    make_temporary_user(:uid => "test-user,ou=Sub") do |user, password|
+      assert_equal("uid=test-user,ou=Sub,#{@user_class.base}", user.dn)
+      assert_equal("test-user", user.uid)
+    end
+
+    make_temporary_user(:uid => "uid=test-user,ou=Sub") do |user, password|
+      assert_equal("uid=test-user,ou=Sub,#{@user_class.base}", user.dn)
+      assert_equal("test-user", user.uid)
+    end
+  end
+end

data/test/test_bind.rb

@@ -0,0 +1,62 @@
+require 'al-test-utils'
+
+class TestBind < Test::Unit::TestCase
+  include AlTestUtils::Config
+
+  def setup
+    super
+  end
+
+  def teardown
+    ActiveLdap::Base.clear_active_connections!
+    super
+  end
+
+  def test_anonymous
+    assert(!ActiveLdap::Base.connected?)
+    assert_nothing_raised do
+      config = ActiveLdap::Base.configurations[LDAP_ENV].symbolize_keys
+      config = ActiveLdap::Base.prepare_configuration(config)
+      config.delete(:bind_dn)
+      config[:allow_anonymous] = true
+      connect(config)
+    end
+    assert(ActiveLdap::Base.connected?,
+           "Checking is the connection was established.")
+  end
+
+  def test_bind
+    assert(!ActiveLdap::Base.connected?)
+    config = ActiveLdap::Base.configurations[LDAP_ENV].symbolize_keys
+    config = ActiveLdap::Base.prepare_configuration(config)
+    if config[:bind_dn].nil? and !config[:try_sasl]
+      omit("need user configuration")
+    end
+    assert_nothing_raised do
+      config[:allow_anonymous] = false
+      connect(config)
+    end
+    assert(ActiveLdap::Base.connected?,
+           "Checking is the connection was established.")
+    assert(ActiveLdap::Base.connection.bound?)
+  end
+
+  def test_failed_bind
+    assert(!ActiveLdap::Base.connected?)
+    assert_raises(ActiveLdap::AuthenticationError) do
+      config = ActiveLdap::Base.configurations[LDAP_ENV].symbolize_keys
+      config = ActiveLdap::Base.prepare_configuration(config)
+      config.delete(:bind_dn)
+      config[:try_sasl] = false
+      config[:allow_anonymous] = false
+      connect(config)
+    end
+    assert(!ActiveLdap::Base.connection.bound?)
+  end
+
+  private
+  def connect(config)
+    ActiveLdap::Base.setup_connection(config)
+    ActiveLdap::Base.connection.connect
+  end
+end

data/test/test_callback.rb

@@ -0,0 +1,31 @@
+require 'al-test-utils'
+
+class TestCallback < Test::Unit::TestCase
+  include AlTestUtils
+
+  priority :must
+
+  priority :normal
+  def test_callback_after_find_and_after_initialize
+    make_temporary_group do |group|
+      found_entries = []
+      initialized_entries = []
+      @group_class.instance_variable_set("@found_entries", found_entries)
+      @group_class.instance_variable_set("@initialized_entries",
+                                         initialized_entries)
+      @group_class.module_eval do
+        after_find "self.class.instance_variable_get('@found_entries') << self"
+        after_initialize "self.class.instance_variable_get('@initialized_entries') << self"
+      end
+
+      assert_equal([], found_entries)
+      assert_equal([], initialized_entries)
+
+      found_group = @group_class.find(group.dn)
+
+      assert_equal([found_group.cn].sort, found_entries.collect {|g| g.cn}.sort)
+      assert_equal([found_group.cn].sort,
+                   initialized_entries.collect {|g| g.cn}.sort)
+    end
+  end
+end

data/test/test_configuration.rb

@@ -0,0 +1,40 @@
+require 'al-test-utils'
+
+class TestConfiguration < Test::Unit::TestCase
+  priority :must
+
+  priority :normal
+  def test_prepare_configuration_with_silent_uri
+    configuration = {
+      :bind_dn => "cn=admin,dc=example,dc=com",
+      :password => "secret",
+      :uri => "ldap://example.com/cn=ignore,dc=me"
+    }
+    prepared_configuration =
+      ActiveLdap::Base.prepare_configuration(configuration)
+    assert_equal({
+                   :host => "example.com",
+                   :port => 389,
+                   :bind_dn => "cn=admin,dc=example,dc=com",
+                   :password => "secret",
+                 },
+                 prepared_configuration)
+  end
+
+  def test_prepare_configuration_with_detailed_uri
+    configuration = {
+      :host => "example.net",
+      :uri => "ldaps://example.com/cn=admin,dc=example,dc=com??sub"
+    }
+    prepared_configuration =
+      ActiveLdap::Base.prepare_configuration(configuration)
+    assert_equal({
+                   :host => "example.net",
+                   :port => 636,
+                   :method => :ssl,
+                   :bind_dn => "cn=admin,dc=example,dc=com",
+                   :scope => "sub",
+                 },
+                 prepared_configuration)
+  end
+end

data/test/test_connection.rb

@@ -0,0 +1,82 @@
+require 'al-test-utils'
+
+class TestConnection < Test::Unit::TestCase
+  include AlTestUtils::Config
+  include AlTestUtils::MockLogger
+
+  def setup
+    super
+  end
+
+  def teardown
+    ActiveLdap::Base.clear_active_connections!
+    super
+  end
+
+  priority :must
+  def test_retry_limit_0_with_existent_host
+    config = current_configuration.merge("retry_limit" => 0)
+    ActiveLdap::Base.setup_connection(config)
+    assert_nothing_raised do
+      ActiveLdap::Base.find(:all)
+    end
+  end
+
+  def test_retry_limit_0_with_nonexistent_host_with_timeout
+    config = current_configuration.merge("host" => "192.168.29.29",
+                                         "retry_limit" => 0,
+                                         "timeout" => 1)
+    ActiveLdap::Base.setup_connection(config)
+    assert_raise(ActiveLdap::TimeoutError) do
+      ActiveLdap::Base.find(:first)
+    end
+  end
+
+  def test_bind_format_check
+    connector = Class.new(ActiveLdap::Base)
+    assert(!connector.connected?)
+    exception = nil
+    assert_raises(ArgumentError) do
+      begin
+        connector.setup_connection(:adapter => adapter,
+                                   :bind_format => "uid=%s,dc=test",
+                                   :allow_anonymous => false)
+        connector.connection.connect
+      rescue Exception
+        exception = $!
+        raise
+      end
+    end
+    assert_equal("Unknown key: bind_format", exception.message)
+  end
+
+  def test_can_reconnect?
+    assert(!ActiveLdap::Base.connected?)
+
+    config = current_configuration.merge("retry_limit" => 10)
+    ActiveLdap::Base.setup_connection(config)
+    connection = ActiveLdap::Base.connection
+    assert(!connection.send(:can_reconnect?, :reconnect_attempts => 11))
+
+    config = current_configuration.merge("retry_limit" => 10)
+    ActiveLdap::Base.setup_connection(config)
+    connection = ActiveLdap::Base.connection
+    assert(connection.send(:can_reconnect?, :reconnect_attempts => 10))
+
+    config = current_configuration.merge("retry_limit" => -1)
+    ActiveLdap::Base.setup_connection(config)
+    connection = ActiveLdap::Base.connection
+    assert(connection.send(:can_reconnect?, :reconnect_attempts => -10))
+  end
+
+  priority :low
+  def test_retry_limit_0_with_nonexistent_host
+    omit("this test will take a long time...")
+    config = current_configuration.merge("host" => "192.168.29.29",
+                                         "retry_limit" => 0)
+    ActiveLdap::Base.setup_connection(config)
+    assert_raise(ActiveLdap::ConnectionError) do
+      ActiveLdap::Base.find(:first)
+    end
+  end
+end

data/test/test_connection_per_class.rb

@@ -0,0 +1,112 @@
+require 'al-test-utils'
+
+class TestConnectionPerClass < Test::Unit::TestCase
+  include AlTestUtils
+
+  priority :must
+  def test_multi_setup_connections_with_association
+    make_ou("Sub,ou=Users")
+    make_ou("Sub2,ou=Users")
+
+    sub_user_class = Class.new(@user_class)
+    sub_user_class.prefix = "ou=Sub"
+    sub2_user_class = Class.new(@user_class)
+    sub2_user_class.prefix = "ou=Sub2"
+    sub_user_class.has_many(:related_entries, :wrap => "seeAlso")
+    sub_user_class.set_associated_class(:related_entries, sub2_user_class)
+
+    make_temporary_user(:uid => "uid=user1,ou=Sub") do |user,|
+      make_temporary_user(:uid => "uid=user2,ou=Sub2") do |user2,|
+        sub_user = sub_user_class.find(user.uid)
+        sub2_user = sub2_user_class.find(user2.uid)
+        sub_user.see_also = sub2_user.dn
+        assert(sub_user.save)
+
+        sub_user = sub_user_class.find(user.uid)
+        assert_equal(["ou=Sub2"],
+                     sub_user.related_entries.collect {|e| e.class.prefix})
+      end
+    end
+  end
+
+  priority :normal
+  def test_multi_setup_connections
+    make_ou("Sub")
+    make_ou("Sub2")
+    sub_class = ou_class("ou=Sub")
+    sub2_class = ou_class("ou=Sub2")
+
+    configuration = current_configuration.symbolize_keys
+    configuration[:scope] = :base
+    current_base = configuration[:base]
+    sub_configuration = configuration.dup
+    sub_base = "ou=Sub,#{current_base}"
+    sub_configuration[:base] = sub_base
+    sub2_configuration = configuration.dup
+    sub2_base = "ou=Sub2,#{current_base}"
+    sub2_configuration[:base] = sub2_base
+
+    sub_class.setup_connection(sub_configuration)
+    sub_class.prefix = nil
+    sub2_class.setup_connection(sub2_configuration)
+    sub2_class.prefix = nil
+
+    assert_equal([sub_base], sub_class.find(:all).collect(&:dn))
+    assert_equal([sub2_base], sub2_class.find(:all).collect(&:dn))
+    assert_equal([sub_base], sub_class.find(:all).collect(&:dn))
+    assert_equal([sub2_base], sub2_class.find(:all).collect(&:dn))
+  end
+
+  def test_bind
+    non_anon_class = ou_class("ou=NonAnonymous")
+    anon_class = ou_class("ou=Anonymous")
+
+    assert(non_anon_class.connection.bound?)
+    assert(anon_class.connection.bound?)
+
+    anon_class.connection.unbind
+    assert(!non_anon_class.connection.bound?)
+    assert(!anon_class.connection.bound?)
+
+    anon_class.connection.rebind
+    assert(non_anon_class.connection.bound?)
+    assert(anon_class.connection.bound?)
+
+    assert_raises(ActiveLdap::AuthenticationError) do
+      connect(non_anon_class,
+              :bind_dn => nil,
+              :allow_anonymous => false,
+              :retry_limit => 0)
+    end
+
+    assert(!non_anon_class.connection.bound?)
+    assert(anon_class.connection.bound?)
+
+    anon_class.connection.unbind
+    assert(!non_anon_class.connection.bound?)
+    assert(!anon_class.connection.bound?)
+
+    anon_class.connection.rebind
+    assert(!non_anon_class.connection.bound?)
+    assert(anon_class.connection.bound?)
+
+    anon_class.connection.unbind
+    assert(!non_anon_class.connection.bound?)
+    assert(!anon_class.connection.bound?)
+
+    assert_nothing_raised do
+      connect(anon_class,
+              :bind_dn => nil,
+              :allow_anonymous => true)
+    end
+
+    assert(!non_anon_class.connection.bound?)
+    assert(anon_class.connection.bound?)
+  end
+
+  private
+  def connect(klass, config)
+    klass.setup_connection({:adapter => adapter}.merge(config))
+    klass.connection.connect
+  end
+end

data/test/test_connection_per_dn.rb

@@ -0,0 +1,112 @@
+require 'al-test-utils'
+
+class TestConnectionPerDN < Test::Unit::TestCase
+  include AlTestUtils
+
+  priority :must
+  def test_bind_with_empty_password
+    make_temporary_user do |user, password|
+      assert_equal(user.class.connection, user.connection)
+      assert_raises(ActiveLdap::AuthenticationError) do
+        user.bind("", :try_sasl => false)
+      end
+      assert_equal(user.class.connection, user.connection)
+
+      assert_nothing_raised do
+        user.bind("", :try_sasl => false, :allow_anonymous => true)
+      end
+      assert_not_equal(user.class.connection, user.connection)
+    end
+  end
+
+  priority :normal
+  def test_rebind_with_invalid_password
+    make_temporary_user do |user, password|
+      assert_equal(user.class.connection, user.connection)
+      assert_nothing_raised do
+        user.bind(password)
+      end
+      assert_not_equal(user.class.connection, user.connection)
+
+      assert_raises(ActiveLdap::AuthenticationError) do
+        user.bind(password + "-WRONG", :try_sasl => false)
+      end
+    end
+  end
+
+  def test_bind
+    make_temporary_user do |user, password|
+      assert_equal(user.class.connection, user.connection)
+      assert_raises(ActiveLdap::AuthenticationError) do
+        user.bind(:bind_dn => nil,
+                  :try_sasl => false,
+                  :allow_anonymous => false,
+                  :retry_limit => 0)
+      end
+      assert_equal(user.class.connection, user.connection)
+
+      assert_nothing_raised do
+        user.bind(:bind_dn => nil,
+                  :try_sasl => false,
+                  :allow_anonymous => true)
+      end
+      assert_not_equal(user.class.connection, user.connection)
+
+      assert_equal(user.connection, user.class.find(user.dn).connection)
+      begin
+        assert_equal(user.connection, user.find(user.dn).connection)
+      rescue ActiveLdap::EntryNotFound
+        omit("requires permission for searching by 'uid' to anonymous user.")
+      end
+    end
+  end
+
+  def test_find
+    make_temporary_user do |user, password|
+      make_temporary_user do |user2, password2|
+        user.bind(password)
+        assert_not_equal(user.class.connection, user.connection)
+
+        found_user2 = user.find(user2.dn)
+        assert_not_equal(user2.connection, found_user2.connection)
+        assert_equal(user.connection, found_user2.connection)
+
+        assert_equal(found_user2.class.connection,
+                     found_user2.class.find(found_user2.dn).connection)
+
+        found_user2.bind(password2)
+        assert_not_equal(user.connection, found_user2.connection)
+        assert_equal(user2.connection, found_user2.connection)
+      end
+    end
+  end
+
+  def test_associations
+    make_temporary_user do |user, password|
+      make_temporary_group do |group1|
+        make_temporary_group do |group2|
+          user.groups = [group1]
+          assert_equal(group1.connection, user.connection)
+
+          user.bind(password, :try_sasl => false)
+          assert_not_equal(user.class.connection, user.connection)
+          assert_not_equal(group1.connection, user.connection)
+          assert_equal(user.groups[0].connection, user.connection)
+
+          assert_raise(ActiveLdap::OperationNotPermitted) do
+            user.groups << group2
+          end
+          assert_equal([group1.cn], user.groups.collect(&:cn))
+
+          assert_not_equal(group1.connection, user.connection)
+          assert_equal(user.groups[0].connection, user.connection)
+
+          found_user = user.class.find(user.dn)
+          assert_equal(user.connection, found_user.connection)
+          assert_equal(found_user.connection,
+                       found_user.groups[0].connection)
+        end
+      end
+    end
+  end
+end