additional unit tests and partial support for filters in the test server.

2006-04-17 17:57:33 +00:00 · 2006-04-17 17:57:33 +00:00 · ca38bfc803
parent 7d08543d24
commit ca38bfc803
3 changed files with 185 additions and 7 deletions
--- a/tests/testdata.ldif
+++ b/tests/testdata.ldif
@ -0,0 +1,101 @@
+# $Id$
+#
+# This is test-data for an LDAP server in LDIF format.
+#
+dn: dc=bayshorenetworks,dc=com
+objectClass: dcObject
+objectClass: organization
+o: Bayshore Networks LLC
+dc: bayshorenetworks
+
+dn: cn=Manager,dc=bayshorenetworks,dc=com
+objectClass: organizationalrole
+cn: Manager
+
+dn: ou=people,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: people
+
+dn: ou=privileges,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: privileges
+
+dn: ou=roles,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: roles
+
+dn: ou=office,dc=bayshorenetworks,dc=com
+objectClass: organizationalunit
+ou: office
+
+dn: mail=nogoodnik@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Bob Fosse
+mail: nogoodnik@steamheat.net
+sn: Fosse
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_logging_user,ou=roles
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=bayshore_eagle_superuser,ou=roles
+hasAccessRole: uniqueIdentifier=kledaras_user,ou=roles
+
+dn: mail=elephant@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Gwen Verdon
+mail: elephant@steamheat.net
+sn: Verdon
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
+
+dn: uniqueIdentifier=engineering,ou=privileges,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineering
+ou: privileges
+objectClass: accessPrivilege
+
+dn: uniqueIdentifier=engineer,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: engineer
+ou: roles
+objectClass: accessRole
+hasAccessPrivilege: uniqueIdentifier=engineering,ou=privileges
+
+dn: uniqueIdentifier=ldapadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapadmin
+ou: roles
+objectClass: accessRole
+
+dn: uniqueIdentifier=ldapsuperadmin,ou=roles,dc=bayshorenetworks,dc=com
+uniqueIdentifier: ldapsuperadmin
+ou: roles
+objectClass: accessRole
+
+dn: mail=catperson@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
+cn: Sid Sorokin
+mail: catperson@steamheat.net
+sn: Sorokin
+ou: people
+objectClass: top
+objectClass: inetorgperson
+objectClass: authorizedperson
+hasAccessRole: uniqueIdentifier=engineer,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
+hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
+hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
+hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
+hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
+
--- a/tests/testldap.rb
+++ b/tests/testldap.rb
@ -13,6 +13,11 @@ class TestLdapClient < Test::Unit::TestCase

  # TODO: these tests crash and burn if the associated
  # LDAP testserver isn't up and running.
+  # We rely on being able to read a file with test data
+  # in LDIF format.
+  # TODO, WARNING: for the moment, this data is in a file
+  # whose name and location are HARDCODED into the
+  # instance method load_test_data.

  def setup
    @host = "127.0.0.1"
@ -23,8 +28,34 @@ class TestLdapClient < Test::Unit::TestCase
      :password => "opensesame"
    }

+    @ldif = load_test_data
  end

+
+
+  # Get some test data which will be used to validate
+  # the responses from the test LDAP server we will
+  # connect to.
+  # TODO, Bogus: we are HARDCODING the location of the file for now.
+  #
+  def load_test_data
+    ary = File.readlines( "tests/testdata.ldif" )
+    hash = {}
+    while line = ary.shift and line.chomp!
+      if line =~ /^dn:[\s]*/i
+        dn = $'
+        hash[dn] = {}
+        while attr = ary.shift and attr.chomp! and attr =~ /^([\w]+)[\s]*:[\s]*/
+          hash[dn][$1.downcase.intern] ||= []
+          hash[dn][$1.downcase.intern] << $'
+        end
+      end
+    end
+    hash
+  end
+
+
+
  # Binding tests.
  # Need tests for all kinds of network failures and incorrect auth.
  # TODO: Implement a class-level timeout for operations like bind.
@ -43,6 +74,8 @@ class TestLdapClient < Test::Unit::TestCase
    assert_equal( 49, ldap.bind )
  end

+
+
  def test_search
    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth

@ -53,30 +86,67 @@ class TestLdapClient < Test::Unit::TestCase
    assert_equal( 0, ldap.search( search ))
    
    ldap.search( search ) {|res|
-      # STUB.
-      #p res
+      assert_equal( res, @ldif )
    }
  end
    

-  def test_search_attributes
+
+
+  # This is a helper routine for test_search_attributes.
+  def internal_test_search_attributes attrs_to_search
    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
    assert_equal( 0, ldap.bind )

    search = {
      :base => "dc=bayshorenetworks,dc=com",
-      :attributes => ["mail"]
+      :attributes => attrs_to_search
    }
-    assert_equal( 0, ldap.search( search ))

+    ldif = @ldif
+    ldif.each {|dn,entry|
+      entry.delete_if {|attr,value|
+        ! attrs_to_search.include?(attr)
+      }
+    }
+  
+    assert_equal( 0, ldap.search( search ))
    ldap.search( search ) {|res|
-      # STUB.
-      p res
+      res_keys = res.keys.sort
+      ldif_keys = ldif.keys.sort
+      assert( res_keys, ldif_keys )
+      res.keys.each {|rk|
+        assert( res[rk], ldif[rk] )
+      }
    }
  end


+  def test_search_attributes
+    internal_test_search_attributes [:mail]
+    internal_test_search_attributes [:cn]
+    internal_test_search_attributes [:ou]
+    internal_test_search_attributes [:hasaccessprivilege]
+    internal_test_search_attributes ["mail"]
+    internal_test_search_attributes ["cn"]
+    internal_test_search_attributes ["ou"]
+    internal_test_search_attributes ["hasaccessrole"]
+
+    internal_test_search_attributes [:mail, :cn, :ou, :hasaccessrole]
+    internal_test_search_attributes [:mail, "cn", :ou, "hasaccessrole"]
+  end
+
+
  def test_search_filters
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
+    search = {
+      :base => "dc=bayshorenetworks,dc=com",
+      :filter => Net::LDAP::Filter.eq( "sn", "Verdon" )
+    }
+
+    ldap.search( search ) {|res|
+      p res
+    }
  end


--- a/testserver/ldapserver.rb
+++ b/testserver/ldapserver.rb
@ -50,6 +50,9 @@ module LdapServer
        0 => :string,              # simple auth (password)
        7 => :string               # present filter
      },
+      :constructed => {
+        3 => :array                # equality filter
+      },
    }
  }

@ -139,6 +142,10 @@ module LdapServer
      :all
    end

+    filters = pdu[1][6]
+    if filters.length > 0
+      p filters.ber_identifier
+    end

    $ldif.each {|dn, entry|