pruby-net-ldap 0.1.0

data/tests/testber.rb

@@ -0,0 +1,42 @@
+# $Id: testber.rb 57 2006-04-18 00:18:48Z blackhedd $
+#
+#
+
+
+$:.unshift "lib"
+
+require 'net/ldap'
+require 'stringio'
+
+
+class TestBer < Test::Unit::TestCase
+
+  def setup
+  end
+
+  # TODO: Add some much bigger numbers
+  # 5000000000 is a Bignum, which hits different code.
+  def test_ber_integers
+    assert_equal( "\002\001\005", 5.to_ber )
+    assert_equal( "\002\002\203t", 500.to_ber )
+    assert_equal( "\002\003\203\206P", 50000.to_ber )
+    assert_equal( "\002\005\222\320\227\344\000", 5000000000.to_ber )
+  end
+
+  def test_ber_parsing
+    assert_equal( 6, "\002\001\006".read_ber( Net::LDAP::AsnSyntax ))
+    assert_equal( "testing", "\004\007testing".read_ber( Net::LDAP::AsnSyntax ))
+  end
+
+
+  def test_ber_parser_on_ldap_bind_request
+    s = StringIO.new "0$\002\001\001`\037\002\001\003\004\rAdministrator\200\vad_is_bogus"
+    assert_equal( [1, [3, "Administrator", "ad_is_bogus"]], s.read_ber( Net::LDAP::AsnSyntax ))
+  end
+
+
+
+
+end
+
+

data/tests/testdata.ldif

@@ -0,0 +1,101 @@
+# $Id: testdata.ldif 50 2006-04-17 17:57:33Z blackhedd $
+#
+# This is test-data for an LDAP server in LDIF format.
+#
+dn: dc=bayshorenetworks,dc=com
+objectClass: dcObject
+objectClass: organization
+o: Bayshore Networks LLC
+dc: bayshorenetworks
+
+dn: cn=Manager,dc=bayshorenetworks,dc=com
+objectClass: organizationalrole
+cn: Manager
+
+dn: ou=people,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: people
+
+dn: ou=privileges,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: privileges
+
+dn: ou=roles,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: roles
+
+dn: ou=office,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: office
+
+dn: mail=nogoodnik@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Bob Fosse
+mail: nogoodnik@steamheat.net
+sn: Fosse
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_logging_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_superuser,ou=roles
+hasAccessRole: uniqueIdentifier=kledaras_user,ou=roles
+
+dn: mail=elephant@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Gwen Verdon
+mail: elephant@steamheat.net
+sn: Verdon
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+
+dn: uniqueIdentifier=engineering,ou=privileges,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineering
+ou: privileges
+objectClass: accessPrivilege
+
+dn: uniqueIdentifier=engineer,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineer
+ou: roles
+objectClass: accessRole
+hasAccessPrivilege: uniqueIdentifier=engineering,ou=privileges
+
+dn: uniqueIdentifier=ldapadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapadmin
+ou: roles
+objectClass: accessRole
+
+dn: uniqueIdentifier=ldapsuperadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapsuperadmin
+ou: roles
+objectClass: accessRole
+
+dn: mail=catperson@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Sid Sorokin
+mail: catperson@steamheat.net
+sn: Sorokin
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+

data/tests/testem.rb

@@ -0,0 +1,12 @@
+# $Id: testem.rb 121 2006-05-15 18:36:24Z blackhedd $
+#
+#
+
+require 'test/unit'
+require 'tests/testber'
+require 'tests/testldif'
+require 'tests/testldap'
+require 'tests/testpsw'
+require 'tests/testfilter'
+
+

data/tests/testfilter.rb

@@ -0,0 +1,37 @@
+# $Id: testfilter.rb 122 2006-05-15 20:03:56Z blackhedd $
+#
+#
+
+require 'test/unit'
+
+$:.unshift "lib"
+
+require 'net/ldap'
+
+
+class TestFilter < Test::Unit::TestCase
+
+  def setup
+  end
+
+
+  def teardown
+  end
+
+  def test_rfc_2254
+    p Net::LDAP::Filter.from_rfc2254( " ( uid=george*   ) " )
+    p Net::LDAP::Filter.from_rfc2254( "uid!=george*" )
+    p Net::LDAP::Filter.from_rfc2254( "uid<george*" )
+    p Net::LDAP::Filter.from_rfc2254( "uid <= george*" )
+    p Net::LDAP::Filter.from_rfc2254( "uid>george*" )
+    p Net::LDAP::Filter.from_rfc2254( "uid>=george*" )
+    p Net::LDAP::Filter.from_rfc2254( "uid!=george*" )
+
+    p Net::LDAP::Filter.from_rfc2254( "(& (uid!=george* ) (mail=*))" )
+    p Net::LDAP::Filter.from_rfc2254( "(| (uid!=george* ) (mail=*))" )
+    p Net::LDAP::Filter.from_rfc2254( "(! (mail=*))" )
+  end
+
+
+end
+

data/tests/testldap.rb

@@ -0,0 +1,190 @@
+# $Id: testldap.rb 65 2006-04-23 01:17:49Z blackhedd $
+#
+#
+
+
+$:.unshift "lib"
+
+require 'test/unit'
+
+require 'net/ldap'
+require 'stringio'
+
+
+class TestLdapClient < Test::Unit::TestCase
+
+  # TODO: these tests crash and burn if the associated
+  # LDAP testserver isn't up and running.
+  # We rely on being able to read a file with test data
+  # in LDIF format.
+  # TODO, WARNING: for the moment, this data is in a file
+  # whose name and location are HARDCODED into the
+  # instance method load_test_data.
+
+  def setup
+    @host = "127.0.0.1"
+    @port = 3890
+    @auth = {
+      :method => :simple,
+      :username => "cn=bigshot,dc=bayshorenetworks,dc=com",
+      :password => "opensesame"
+    }
+
+    @ldif = load_test_data
+  end
+
+
+
+  # Get some test data which will be used to validate
+  # the responses from the test LDAP server we will
+  # connect to.
+  # TODO, Bogus: we are HARDCODING the location of the file for now.
+  #
+  def load_test_data
+    ary = File.readlines( "tests/testdata.ldif" )
+    hash = {}
+    while line = ary.shift and line.chomp!
+      if line =~ /^dn:[\s]*/i
+        dn = $'
+        hash[dn] = {}
+        while attr = ary.shift and attr.chomp! and attr =~ /^([\w]+)[\s]*:[\s]*/
+          hash[dn][$1.downcase.intern] ||= []
+          hash[dn][$1.downcase.intern] << $'
+        end
+      end
+    end
+    hash
+  end
+
+
+
+  # Binding tests.
+  # Need tests for all kinds of network failures and incorrect auth.
+  # TODO: Implement a class-level timeout for operations like bind.
+  # Search has a timeout defined at the protocol level, other ops do not.
+  # TODO, use constants for the LDAP result codes, rather than hardcoding them.
+  def test_bind
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
+    assert_equal( true, ldap.bind )
+    assert_equal( 0, ldap.get_operation_result.code )
+    assert_equal( "Success", ldap.get_operation_result.message )
+
+    bad_username = @auth.merge( {:username => "cn=badguy,dc=imposters,dc=com"} )
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_username
+    assert_equal( false, ldap.bind )
+    assert_equal( 48, ldap.get_operation_result.code )
+    assert_equal( "Inappropriate Authentication", ldap.get_operation_result.message )
+
+    bad_password = @auth.merge( {:password => "cornhusk"} )
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_password
+    assert_equal( false, ldap.bind )
+    assert_equal( 49, ldap.get_operation_result.code )
+    assert_equal( "Invalid Credentials", ldap.get_operation_result.message )
+  end
+
+
+
+  def test_search
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
+
+    search = {:base => "dc=smalldomain,dc=com"}
+    assert_equal( false, ldap.search( search ))
+    assert_equal( 32, ldap.get_operation_result.code )
+    
+    search = {:base => "dc=bayshorenetworks,dc=com"}
+    assert_equal( true, ldap.search( search ))
+    assert_equal( 0, ldap.get_operation_result.code )
+    
+    ldap.search( search ) {|res|
+      assert_equal( res, @ldif )
+    }
+  end
+    
+
+
+
+  # This is a helper routine for test_search_attributes.
+  def internal_test_search_attributes attrs_to_search
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
+    assert( ldap.bind )
+
+    search = {
+      :base => "dc=bayshorenetworks,dc=com",
+      :attributes => attrs_to_search
+    }
+
+    ldif = @ldif
+    ldif.each {|dn,entry|
+      entry.delete_if {|attr,value|
+        ! attrs_to_search.include?(attr)
+      }
+    }
+  
+    assert_equal( true, ldap.search( search ))
+    ldap.search( search ) {|res|
+      res_keys = res.keys.sort
+      ldif_keys = ldif.keys.sort
+      assert( res_keys, ldif_keys )
+      res.keys.each {|rk|
+        assert( res[rk], ldif[rk] )
+      }
+    }
+  end
+
+
+  def test_search_attributes
+    internal_test_search_attributes [:mail]
+    internal_test_search_attributes [:cn]
+    internal_test_search_attributes [:ou]
+    internal_test_search_attributes [:hasaccessprivilege]
+    internal_test_search_attributes ["mail"]
+    internal_test_search_attributes ["cn"]
+    internal_test_search_attributes ["ou"]
+    internal_test_search_attributes ["hasaccessrole"]
+
+    internal_test_search_attributes [:mail, :cn, :ou, :hasaccessrole]
+    internal_test_search_attributes [:mail, "cn", :ou, "hasaccessrole"]
+  end
+
+
+  def test_search_filters
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
+    search = {
+      :base => "dc=bayshorenetworks,dc=com",
+      :filter => Net::LDAP::Filter.eq( "sn", "Fosse" )
+    }
+
+    ldap.search( search ) {|res|
+      p res
+    }
+  end
+
+
+
+  def test_open
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
+    ldap.open {|ldap|
+      10.times {
+        rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" )
+        assert_equal( true, rc )
+      }
+    }
+  end
+
+
+  def test_ldap_open
+    Net::LDAP.open( :host => @host, :port => @port, :auth => @auth ) {|ldap|
+      10.times {
+        rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" )
+        assert_equal( true, rc )
+      }
+    }
+  end
+
+
+
+
+
+end
+
+

data/tests/testldif.rb

@@ -0,0 +1,69 @@
+# $Id: testldif.rb 61 2006-04-18 20:55:55Z blackhedd $
+#
+#
+
+
+$:.unshift "lib"
+
+require 'test/unit'
+
+require 'net/ldap'
+require 'net/ldif'
+
+require 'sha1'
+require 'base64'
+
+class TestLdif < Test::Unit::TestCase
+
+  TestLdifFilename = "tests/testdata.ldif"
+
+  def test_empty_ldif
+    ds = Net::LDAP::Dataset::read_ldif( StringIO.new )
+    assert_equal( true, ds.empty? )
+  end
+
+  def test_ldif_with_comments
+    str = ["# Hello from LDIF-land", "# This is an unterminated comment"]
+    io = StringIO.new( str[0] + "\r\n" + str[1] )
+    ds = Net::LDAP::Dataset::read_ldif( io )
+    assert_equal( str, ds.comments )
+  end
+
+  def test_ldif_with_password
+    psw = "goldbricks"
+    hashed_psw = "{SHA}" + Base64::encode64( SHA1.new(psw).digest ).chomp
+
+    ldif_encoded = Base64::encode64( hashed_psw ).chomp
+    ds = Net::LDAP::Dataset::read_ldif( StringIO.new( "dn: Goldbrick\r\nuserPassword:: #{ldif_encoded}\r\n\r\n" ))
+    recovered_psw = ds["Goldbrick"][:userpassword].shift
+    assert_equal( hashed_psw, recovered_psw )
+  end
+
+  def test_ldif_with_continuation_lines
+    ds = Net::LDAP::Dataset::read_ldif( StringIO.new( "dn: abcdefg\r\n   hijklmn\r\n\r\n" ))
+    assert_equal( true, ds.has_key?( "abcdefg hijklmn" ))
+  end
+
+  # TODO, INADEQUATE. We need some more tests
+  # to verify the content.
+  def test_ldif
+    File.open( TestLdifFilename, "r" ) {|f|
+      ds = Net::LDAP::Dataset::read_ldif( f )
+      assert_equal( 13, ds.length )
+    }
+  end
+
+  # TODO, need some tests.
+  # Must test folded lines and base64-encoded lines as well as normal ones.
+  def test_to_ldif
+    File.open( TestLdifFilename, "r" ) {|f|
+      ds = Net::LDAP::Dataset::read_ldif( f )
+      ds.to_ldif
+      assert_equal( true, false ) # REMOVE WHEN WE HAVE SOME TESTS HERE.
+    }
+  end
+
+
+end
+
+

data/tests/testpsw.rb

@@ -0,0 +1,28 @@
+# $Id: testpsw.rb 72 2006-04-24 21:58:14Z blackhedd $
+#
+#
+
+
+$:.unshift "lib"
+
+require 'net/ldap'
+require 'stringio'
+
+
+class TestPassword < Test::Unit::TestCase
+
+  def setup
+  end
+
+
+  def test_psw
+    assert_equal( "{MD5}xq8jwrcfibi0sZdZYNkSng==", Net::LDAP::Password.generate( :md5, "cashflow" ))
+    assert_equal( "{SHA}YE4eGkN4BvwNN1f5R7CZz0kFn14=", Net::LDAP::Password.generate( :sha, "cashflow" ))
+  end
+
+
+
+
+end
+
+

metadata

@@ -0,0 +1,112 @@
+--- !ruby/object:Gem::Specification 
+name: pruby-net-ldap
+version: !ruby/object:Gem::Version 
+  prerelease: 
+  version: 0.1.0
+platform: ruby
+authors: 
+- Siva Kilaru
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-04-08 00:00:00 -05:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 1.0.0
+  type: :development
+  prerelease: false
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: jeweler
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 1.5.2
+  type: :development
+  prerelease: false
+  version_requirements: *id002
+description: Pure Ruby LDAP library.
+email: siva.kilaru@rackspace.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- ChangeLog
+- LICENSE.txt
+- README
+- README.rdoc
+files: 
+- .document
+- COPYING
+- ChangeLog
+- Gemfile
+- Gemfile.lock
+- LICENCE
+- LICENSE.txt
+- README
+- README.rdoc
+- Rakefile
+- VERSION
+- lib/net/ber.rb
+- lib/net/ldap.rb
+- lib/net/ldap/dataset.rb
+- lib/net/ldap/entry.rb
+- lib/net/ldap/filter.rb
+- lib/net/ldap/pdu.rb
+- lib/net/ldap/psw.rb
+- lib/net/ldif.rb
+- lib/pruby-net-ldap.rb
+- pre-setup.rb
+- pruby-net-ldap.gemspec
+- setup.rb
+- tests/testber.rb
+- tests/testdata.ldif
+- tests/testem.rb
+- tests/testfilter.rb
+- tests/testldap.rb
+- tests/testldif.rb
+- tests/testpsw.rb
+has_rdoc: true
+homepage: http://github.com/kilaru/pruby-net-ldap
+licenses: 
+- MIT
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 304052113
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.5.2
+signing_key: 
+specification_version: 3
+summary: See Net::LDAP for documentation and usage samples.
+test_files: []
+