powerhome-activeldap 3.2.3

data/test/test_user_password.rb

@@ -0,0 +1,108 @@
+require 'al-test-utils'
+
+class TestUserPassword < Test::Unit::TestCase
+  priority :must
+
+  priority :normal
+  def test_valid?
+    {
+      "{CRYPT}.yNLaKqtwQbnY" => 'wibble', #CRYPT
+      "{MD5}DRB9CfW75Ayt495ccenptw==" => 'letmein', #MD5
+      "{SMD5}8L2iXJuazftLVHrAf7ptPFQIDaw=" => 'letmein', #SMD5 as generated by slappasswd (4 bytes of salt)
+      "{SMD5}kXibTNG+O98gaQtkugYcmSTiE+M2Z5TA" => 'letmein', #SMD5 as generated by Apache Directory Studio (8 bytes of salt)
+      "{SHA}t6h1/B6iKLkGEEG3zsS9PFKrPOM=" => 'letmein', #SHA
+      "{SSHA}YA87hc9/L/cCGR1HValcJb7a8AYxZXY4" => 'wibble', # SSHA as generated by slappasswd (4 bytes of salt)
+      "{SSHA}6J6Ios3l1panY9sm0+g9l3/jFz2kwOPrVA4+OA==" => 'letmein', # SSHA as generated by Apache Directory Studio (8 bytes of salt)
+      "letmein" => 'letmein', #Cleartext password
+    }.each do |hash, plain|
+      assert_send([ActiveLdap::UserPassword, :valid?,
+                   plain, hash])
+      assert_not_send([ActiveLdap::UserPassword, :valid?,
+                   "not#{plain}", hash])
+    end
+  end
+
+  def test_crypt
+    salt = ".WoUoU9f3IlUx9Hh7D/8y.xA6ziklGib"
+    assert_equal("{CRYPT}.W57FZhV52w0s",
+                 ActiveLdap::UserPassword.crypt("password", salt))
+
+    password = "PASSWORD"
+    hashed_password = ActiveLdap::UserPassword.crypt(password)
+    salt = hashed_password.sub(/^\{CRYPT\}/, '')
+    assert_equal(hashed_password,
+                 ActiveLdap::UserPassword.crypt(password, salt))
+  end
+
+  def test_extract_salt_for_crypt
+    assert_extract_salt(:crypt, "AB", "ABCDE")
+    assert_extract_salt(:crypt, "$1", "$1")
+    assert_extract_salt(:crypt, "$1$$", "$1$")
+    assert_extract_salt(:crypt, "$1$$", "$1$$")
+    assert_extract_salt(:crypt, "$1$abcdefgh$", "$1$abcdefgh$")
+    assert_extract_salt(:crypt, "$1$abcdefgh$", "$1$abcdefghi$")
+  end
+
+  def test_md5
+    assert_equal("{MD5}X03MO1qnZdYdgyfeuILPmQ==",
+                 ActiveLdap::UserPassword.md5("password"))
+  end
+
+  def test_smd5
+    assert_equal("{SMD5}gjz+SUSfZaux99Xsji/No200cGI=",
+                 ActiveLdap::UserPassword.smd5("password", "m4pb"))
+
+    password = "PASSWORD"
+    hashed_password = ActiveLdap::UserPassword.smd5(password)
+    salt = decode64(hashed_password.sub(/^\{SMD5\}/, ''))[-4, 4]
+    assert_equal(hashed_password,
+                 ActiveLdap::UserPassword.smd5(password, salt))
+  end
+
+  def test_extract_salt_for_smd5
+    assert_extract_salt(:smd5, 'this', encode64("1234567890123456this"))
+    assert_extract_salt(:smd5, 'this is the salt', encode64("1234567890123456this is the salt"))
+    assert_extract_salt(:smd5, nil, encode64("123456789"))
+    assert_extract_salt(:smd5, nil, encode64("123456789012345"))
+    assert_extract_salt(:smd5, nil, encode64("1234567890123456"))
+  end
+
+  def test_sha
+    assert_equal("{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=",
+                 ActiveLdap::UserPassword.sha("password"))
+  end
+
+  def test_ssha
+    assert_equal("{SSHA}ipnlCLA1HaK3mm3hyneJIp+Px2h1RGk3",
+                 ActiveLdap::UserPassword.ssha("password", "uDi7"))
+
+    password = "PASSWORD"
+    hashed_password = ActiveLdap::UserPassword.ssha(password)
+    salt = decode64(hashed_password.sub(/^\{SSHA\}/, ''))[-4, 4]
+    assert_equal(hashed_password,
+                 ActiveLdap::UserPassword.ssha(password, salt))
+  end
+
+  def test_extract_salt_for_ssha
+    assert_extract_salt(:ssha, 'this', encode64("12345678901234567890this"))
+    assert_extract_salt(:ssha, 'this is the salt', encode64("12345678901234567890this is the salt"))
+    assert_extract_salt(:ssha, nil, encode64("12345678901234"))
+    assert_extract_salt(:ssha, nil, encode64("1234567890123456789"))
+    assert_extract_salt(:ssha, nil, encode64("12345678901234567890"))
+  end
+
+  private
+  def assert_extract_salt(type, expected, hashed_password)
+    actual = ActiveLdap::UserPassword.send("extract_salt_for_#{type}",
+                                           hashed_password)
+    assert_equal(expected, actual)
+  end
+
+  def encode64(string)
+    [string].pack('m').chomp
+  end
+
+  def decode64(string)
+    string.unpack('m')[0]
+  end
+end

data/test/test_useradd-binary.rb

@@ -0,0 +1,62 @@
+require 'al-test-utils'
+
+class TestUseraddBinary < Test::Unit::TestCase
+  include AlTestUtils
+
+  def setup
+    super
+    @command = File.join(@examples_dir, "useradd-binary")
+    make_ou("People")
+    @user_class.prefix = "ou=People"
+  end
+
+  priority :must
+
+  priority :normal
+  def test_exist_user
+    make_temporary_user do |user, password|
+      assert(@user_class.exists?(user.uid))
+      assert_equal([false, "User #{user.uid} already exists.\n"],
+                   run_command(user.uid, user.cn, user.uid_number))
+      assert(@user_class.exists?(user.uid))
+    end
+  end
+
+  def test_add_user
+    ensure_delete_user("test-user") do |uid,|
+      assert_useradd_binary_successfully(uid, uid, 10000)
+    end
+  end
+
+  private
+  def assert_useradd_binary_successfully(name, cn, uid, *args, &block)
+    _wrap_assertion do
+      assert(!@user_class.exists?(name))
+      args.concat([name, cn, uid])
+      assert_equal([true, ""], run_command(*args, &block))
+      assert(@user_class.exists?(name))
+
+      user = @user_class.find(name)
+      assert_equal(name, user.uid)
+      assert_equal(cn, user.cn)
+      assert_equal(uid.to_i, user.uid_number)
+      assert_equal(uid.to_i, user.gid_number)
+      assert_equal(uid.to_s, user.uid_number_before_type_cast)
+      assert_equal(uid.to_s, user.gid_number_before_type_cast)
+      assert_equal(['person', 'posixAccount', 'shadowAccount',
+                    'strongAuthenticationUser'].sort, user.classes.sort)
+      cert = File.read(File.join(@examples_dir, 'example.der'))
+      cert.force_encoding('ascii-8bit') if cert.respond_to?(:force_encoding)
+      assert_equal(cert, user.user_certificate)
+    end
+  end
+
+  def assert_useradd_binary_failed(name, cn, uid, message, *args, &block)
+    _wrap_assertion do
+      assert(!@user_class.exists?(name))
+      args.concat([name, cn, uid])
+      assert_equal([false, message], run_command(*args, &block))
+      assert(!@user_class.exists?(name))
+    end
+  end
+end

data/test/test_useradd.rb

@@ -0,0 +1,57 @@
+require 'al-test-utils'
+
+class TestUseradd < Test::Unit::TestCase
+  include AlTestUtils
+
+  def setup
+    super
+    @command = File.join(@examples_dir, "useradd")
+    make_ou("People")
+    @user_class.prefix = "ou=People"
+  end
+
+  priority :must
+
+  priority :normal
+  def test_exist_user
+    make_temporary_user do |user, password|
+      assert(@user_class.exists?(user.uid))
+      assert_equal([false, "User #{user.uid} already exists.\n"],
+                   run_command(user.uid, user.cn, user.uid_number))
+      assert(@user_class.exists?(user.uid))
+    end
+  end
+
+  def test_add_user
+    ensure_delete_user("test-user") do |uid,|
+      assert_useradd_successfully(uid, uid, 10000)
+    end
+  end
+
+  private
+  def assert_useradd_successfully(name, cn, uid, *args, &block)
+    _wrap_assertion do
+      assert(!@user_class.exists?(name))
+      args.concat([name, cn, uid])
+      assert_equal([true, ""], run_command(*args, &block))
+      assert(@user_class.exists?(name))
+
+      user = @user_class.find(name)
+      assert_equal(name, user.uid)
+      assert_equal(cn, user.cn)
+      assert_equal(uid.to_i, user.uid_number)
+      assert_equal(uid.to_i, user.gid_number)
+      assert_equal(uid.to_s, user.uid_number_before_type_cast)
+      assert_equal(uid.to_s, user.gid_number_before_type_cast)
+    end
+  end
+
+  def assert_useradd_failed(name, cn, uid, message, *args, &block)
+    _wrap_assertion do
+      assert(!@user_class.exists?(name))
+      args.concat([name, cn, uid])
+      assert_equal([false, message], run_command(*args, &block))
+      assert(!@user_class.exists?(name))
+    end
+  end
+end

data/test/test_userdel.rb

@@ -0,0 +1,48 @@
+require 'al-test-utils'
+
+class TestUserdel < Test::Unit::TestCase
+  include AlTestUtils
+
+  def setup
+    super
+    @command = File.join(@examples_dir, "userdel")
+    make_ou("People")
+    @user_class.prefix = "ou=People"
+  end
+
+  priority :must
+
+  priority :normal
+  def test_non_exist_user
+    ensure_delete_user("test-user") do |uid,|
+      assert(!@user_class.exists?(uid))
+      assert_equal([false, "User #{uid} doesn't exist.\n"], run_command(uid))
+      assert(!@user_class.exists?(uid))
+    end
+  end
+
+  def test_delete_user
+    make_temporary_user do |user, password|
+      assert_userdel_successfully(user.uid)
+    end
+  end
+
+  private
+  def assert_userdel_successfully(name, *args, &block)
+    _wrap_assertion do
+      assert(@user_class.exists?(name))
+      args.concat([name])
+      assert_equal([true, ""], run_command(*args, &block))
+      assert(!@user_class.exists?(name))
+    end
+  end
+
+  def assert_userdel_failed(name, message, *args, &block)
+    _wrap_assertion do
+      assert(@user_class.exists?(name))
+      args.concat([name])
+      assert_equal([false, message], run_command(*args, &block))
+      assert(@user_class.exists?(name))
+    end
+  end
+end

data/test/test_userls.rb

@@ -0,0 +1,91 @@
+require 'al-test-utils'
+
+class TestUserls < Test::Unit::TestCase
+  include AlTestUtils
+
+  def setup
+    super
+    @command = File.join(@examples_dir, "userls")
+    make_ou("People")
+    @user_class.prefix = "ou=People"
+  end
+
+  priority :must
+
+  priority :normal
+  def test_non_exist_user
+    ensure_delete_user("test-user") do |uid,|
+      assert(!@user_class.exists?(uid))
+      assert_equal([false, "User #{uid} doesn't exist.\n"], run_command(uid))
+      assert(!@user_class.exists?(uid))
+    end
+  end
+
+  def test_list_user_no_group
+    make_temporary_user do |user, password|
+      assert_userls_successfully(user.uid, [], [])
+    end
+  end
+
+  def test_list_user_have_primary_group
+    make_temporary_group do |group|
+      make_temporary_user(:gid_number => group.gid_number) do |user, password|
+        assert_userls_successfully(user.uid, [group], [])
+      end
+    end
+  end
+
+  def test_list_user_have_groups
+    make_temporary_group do |group1|
+      make_temporary_group do |group2|
+        options = {:gid_number => group2.gid_number.succ}
+        make_temporary_user(options) do |user, password|
+          user.groups << group1
+          user.groups << group2
+          assert_userls_successfully(user.uid, [], [group1, group2])
+        end
+      end
+    end
+  end
+
+  def test_list_user_have_groups_and_primary_group
+    make_temporary_group do |group1|
+      make_temporary_user(:gid_number => group1.gid_number) do |user, password|
+        make_temporary_group do |group2|
+          make_temporary_group do |group3|
+            user.groups << group2
+            user.groups << group3
+            assert_userls_successfully(user.uid, [group1], [group2, group3])
+          end
+        end
+      end
+    end
+  end
+
+  private
+  def assert_userls_successfully(name, primary_groups, groups, *args, &block)
+    _wrap_assertion do
+      assert(@user_class.exists?(name))
+      args.concat([name])
+      user = @user_class.find(name)
+      group_names = groups.collect {|g| "#{g.cn}"}
+      group_infos = (primary_groups + groups).collect do |g|
+        "#{g.cn}[#{g.gid_number}]"
+      end
+      result = user.to_ldif
+      result << "Groups by name only: #{group_names.join(', ')}\n"
+      result << "Groups: #{group_infos.join(', ')}\n"
+      assert_equal([true, result], run_command(*args, &block))
+      assert(@user_class.exists?(name))
+    end
+  end
+
+  def assert_userls_failed(name, message, *args, &block)
+    _wrap_assertion do
+      assert(@user_class.exists?(name))
+      args.concat([name])
+      assert_equal([false, message], run_command(*args, &block))
+      assert(@user_class.exists?(name))
+    end
+  end
+end

data/test/test_usermod-binary-add-time.rb

@@ -0,0 +1,65 @@
+require 'al-test-utils'
+
+class TestUsermodBinaryAddTime < Test::Unit::TestCase
+  include AlTestUtils
+
+  def setup
+    super
+    @command = File.join(@examples_dir, "usermod-binary-add-time")
+    make_ou("People")
+    @user_class.prefix = "ou=People"
+  end
+
+  priority :must
+
+  priority :normal
+  def test_non_exist_user
+    ensure_delete_user("test-user") do |uid,|
+      assert(!@user_class.exists?(uid))
+      assert_equal([false, "User #{uid} doesn't exist.\n"],
+                   run_command(uid, "New CN", 11111))
+      assert(!@user_class.exists?(uid))
+    end
+  end
+
+  def test_modify_user
+    make_temporary_user do |user, password|
+      assert_usermod_binary_add_time_successfully(user.uid, "New #{user.cn}",
+                                                  user.uid_number.to_i + 100)
+    end
+  end
+
+  private
+  def assert_usermod_binary_add_time_successfully(name, cn, uid, *args, &block)
+    _wrap_assertion do
+      assert(@user_class.exists?(name))
+      previous_classes = @user_class.find(name).classes
+      args.concat([name, cn, uid])
+      assert_equal([true, ""], run_command(*args, &block))
+      assert(@user_class.exists?(name))
+
+      user = @user_class.find(name)
+      assert_equal(name, user.uid)
+      assert_equal(cn, user.cn)
+      assert_equal(uid.to_i, user.uid_number)
+      assert_equal(uid.to_i, user.gid_number)
+      assert_equal(uid.to_s, user.uid_number_before_type_cast)
+      assert_equal(uid.to_s, user.gid_number_before_type_cast)
+      assert_equal((previous_classes + ['strongAuthenticationUser']).sort,
+                   user.classes.sort)
+      cert = File.read(File.join(@examples_dir, 'example.der'))
+      cert.force_encoding("ascii-8bit") if cert.respond_to?(:force_encoding)
+      assert_equal(cert, user.user_certificate)
+    end
+  end
+
+  def assert_usermod_binary_add_time_failed(name, cn, uid, message,
+                                            *args, &block)
+    _wrap_assertion do
+      assert(@user_class.exists?(name))
+      args.concat([name, cn, uid])
+      assert_equal([false, message], run_command(*args, &block))
+      assert(@user_class.exists?(name))
+    end
+  end
+end

data/test/test_usermod-binary-add.rb

@@ -0,0 +1,64 @@
+require 'al-test-utils'
+
+class TestUsermodBinaryAdd < Test::Unit::TestCase
+  include AlTestUtils
+
+  def setup
+    super
+    @command = File.join(@examples_dir, "usermod-binary-add")
+    make_ou("People")
+    @user_class.prefix = "ou=People"
+  end
+
+  priority :must
+
+  priority :normal
+  def test_non_exist_user
+    ensure_delete_user("test-user") do |uid,|
+      assert(!@user_class.exists?(uid))
+      assert_equal([false, "User #{uid} doesn't exist.\n"],
+                   run_command(uid, "New CN", 11111))
+      assert(!@user_class.exists?(uid))
+    end
+  end
+
+  def test_modify_user
+    make_temporary_user do |user, password|
+      assert_usermod_binary_add_successfully(user.uid, "New #{user.cn}",
+                                             user.uid_number.to_i + 100)
+    end
+  end
+
+  private
+  def assert_usermod_binary_add_successfully(name, cn, uid, *args, &block)
+    _wrap_assertion do
+      assert(@user_class.exists?(name))
+      previous_classes = @user_class.find(name).classes
+      args.concat([name, cn, uid])
+      assert_equal([true, ""], run_command(*args, &block))
+      assert(@user_class.exists?(name))
+
+      user = @user_class.find(name)
+      assert_equal(name, user.uid)
+      assert_equal(cn, user.cn)
+      assert_equal(uid.to_i, user.uid_number)
+      assert_equal(uid.to_i, user.gid_number)
+      assert_equal(uid.to_s, user.uid_number_before_type_cast)
+      assert_equal(uid.to_s, user.gid_number_before_type_cast)
+      assert_equal((previous_classes + ['strongAuthenticationUser']).sort,
+                   user.classes.sort)
+      cert = File.read(File.join(@examples_dir, 'example.der'))
+      cert.force_encoding("ascii-8bit") if cert.respond_to?(:force_encoding)
+      assert_equal(cert, user.user_certificate)
+    end
+  end
+
+  def assert_usermod_binary_add_failed(name, cn, uid, message, *args, &block)
+    _wrap_assertion do
+      assert(@user_class.exists?(name))
+      args.concat([name, cn, uid])
+      assert_equal([false, message], run_command(*args, &block))
+      assert(@user_class.exists?(name))
+    end
+  end
+end