root/branches/boomer/t/52-ldap.t @ 1098

Revision 1098, 4.5 kB (checked in by hachi, 2 years ago)

Branching for boomer from release-19, rev 62318
  • Property svn:mime-type set to text/plain
  • Property svn:keywords set to Author Date Id Revision
Line 
1# $Id$
2
3use strict;
4my $number = 15;
5
6use Test::More tests => 15;
7
8use MT;
9
10use vars qw( $DB_DIR $T_CFG );
11use lib 't/lib', 'extlib', 'lib', '../lib', '../extlib';
12use MT::Test qw(:db :data);
13
14SKIP: {
15eval "require Net::LDAP;";
16if ($@) {
17    skip "Net::LDAP is not installed.", $number;
18}
19eval "require MT::LDAP;";
20if ($@) {
21    skip "MT::LDAP is not found.  Did you enable Enterprise Pack?", $number;
22}
23{
24# @test create MT object
25my $mt = MT->new( Config => $T_CFG ) or die MT->errstr;
26ok($mt);
27
28# @test create MT::LDAP object
29my $ldap = MT::LDAP->new;
30ok($ldap);
31
32$ldap->bind_ldap;
33
34my $filter = '(uid=Bob)';
35my $attrs = [
36               'cn',
37               'mail',
38               'displayName',
39               MT->config->LDAPUserIdAttribute
40            ];
41
42# @test search unavailable user
43my @ldap_entries = $ldap->search_ldap(
44                            filter => $filter,
45                            attrs => $attrs);
46
47is($#ldap_entries, 0);
48
49&ldapadd(
50    name => 'Bob D',
51    email => 'bobd@example.com',
52    displayName => 'Dylan',
53    uid => 'Bob',
54);
55
56# @test search available user
57@ldap_entries = $ldap->search_ldap(
58                        filter => $filter,
59                        attrs => $attrs);
60
61is(@ldap_entries, 1);
62
63# @test valid login
64my $res = $ldap->can_login(
65    'cn=Bob D,'.$ldap->{base},
66    'Bob',
67    'password');
68ok($res);
69
70
71# @test invalid login (password invalid)
72my $res = $ldap->can_login(
73    'cn=Bob D,'.$ldap->{base},
74    'Bob',
75    'bob');
76ok(!$res);
77
78
79# @test get user dn
80my $dn = $ldap->get_dn('Bob');
81is($dn, 'cn=Bob D,'.$ldap->{base});
82
83# @test user attribute validation
84my $entry = $ldap->get_entry_by_name('Bob', $attrs);
85
86ok($entry);
87is($entry->get_value('cn'), 'Bob D');
88is($entry->get_value('mail'), 'bobd@example.com');
89is($entry->get_value('displayName'), 'Dylan');
90
91my $uuid = $entry->get_value(MT->config->LDAPUserIdAttribute);
92
93# @test user attribute validation
94$entry = $ldap->get_entry_by_uuid($uuid, $attrs);
95
96ok($entry);
97is($entry->get_value('cn'), 'Bob D');
98is($entry->get_value('mail'), 'bobd@example.com');
99is($entry->get_value('displayName'), 'Dylan');
100
101
102$ldap->unbind_ldap;
103
104&ldapdelete( name => 'Bob D' );
105}
106
107} # end of skip block
108
109sub _ldapbind {
110    my ($auth, $ldap) = @_;
111    my $res;
112    my $base = $auth->{base};
113    my $bind_dn = $auth->{bind_dn};
114    my $bind_password = $auth->{bind_password};
115    my $sasl_mechanism = $auth->{sasl_mechanism};
116    my $uid_attr_name = $auth->{uid_attr_name};
117    my $filter = $auth->{filter};
118    my $scope = $auth->{scope};
119    if (!$bind_dn) {
120        $res = $ldap->bind;
121    } else {
122        if ($sasl_mechanism eq 'PLAIN') {
123            $res = $ldap->bind($bind_dn, password => $bind_password);
124        } else {
125            require Authen::SASL;
126            my $sasl = Authen::SASL->new(
127                mechanism => $sasl_mechanism,
128                callback => {
129                    pass => $bind_password,
130                    user => $bind_dn,
131                },
132            );
133            $res = $ldap->bind($bind_dn, sasl => $sasl);
134        }
135    }
136    1;
137}
138
139sub ldapadd {
140    my (%opt) = @_;
141    my $auth = MT::LDAP->new;
142    my $ldap = $auth->{ldap};
143    _ldapbind($auth, $ldap);
144    my $base = $auth->{base};
145    my $dn = "cn=$opt{name},$base";
146    my $result = $ldap->add( $dn,
147                        attr => [
148                         $auth->{uid_attr_name} => [$opt{name}],
149                         'cn'   => [$opt{name}],
150                         'sn'   => $opt{name},
151                         'uid'  => $opt{uid},
152                         #'userPassword' => ["{CRYPT}kVY9KP1SHbGN2"],
153                         'userPassword' => ["{SSHA}P3KrGHWOjo/b+haSXBGGHtJjonkeLgDt"],
154                         MT->config->LDAPUserFullNameAttribute => $opt{displayName},
155                         MT->config->LDAPUserEmailAttribute => $opt{email},
156                         'objectclass' => ['top', 'person',
157                                           'organizationalPerson',
158                                           'inetOrgPerson' ],
159                       ]
160                     );
161    $result->code && warn "failed to add entry: ", $result->error ;
162    my $mesg = $ldap->unbind;  # take down session
163    1;
164}
165
166sub ldapdelete {
167    my (%opt) = @_;
168    my $auth = MT::LDAP->new;
169    my $ldap = $auth->{ldap};
170    _ldapbind($auth, $ldap);
171    my $base = $auth->{base};
172    my $dn = "cn=$opt{name},$base";
173    my $result = $ldap->delete($dn);
174    $result->code && warn "failed to delete entry: ", $result->error ;
175    my $mesg = $ldap->unbind;  # take down session
176    1;
177}
178
1791;
Note: See TracBrowser for help on using the browser.