Context Navigation

53-grouptsync.t @ 1098

Visit:

Revision 1098, 7.9 kB (checked in by hachi, 2 years ago)
Branching for boomer from release-19, rev 62318
Property svn:keywords set to `Author Date Id Revision`

Line
1	# $Id$
2
3	use strict;
4	use MT::Author;
5	use MT;
6	use strict;
7	use MT::Auth;
8
9	my $number = 25;
10
11	use Test::More tests => 25;
12
13	use MT;
14
15	use vars qw( $DB_DIR $T_CFG );
16	use lib 't/lib', 'extlib', 'lib', '../lib', '../extlib';
17	use MT::Test qw(:db :data);
18
19	SKIP: {
20	eval "require Net::LDAP;";
21	if ($@) {
22	skip "Net::LDAP is not installed.", $number;
23	}
24	eval "require MT::LDAP;";
25	if ($@) {
26	skip "MT::LDAP is not found. Did you enable Enterprise Pack?", $number;
27	}
28
29	my $mt = MT->new( Config => $T_CFG ) or die MT->errstr;
30	if (!MT::ConfigMgr->instance->LDAPUserIdAttribute) {
31	print "Set LDAPUserIdAttribute directive or this test will fail.\n";
32	}
33	if (!MT::ConfigMgr->instance->LDAPGroupIdAttribute) {
34	print "Set LDAPGroupIdAttribute directive or this test will fail.\n";
35	}
36
37	&ldapadd_user(
38	name => 'Bob D',
39	email => 'bobd@example.com',
40	displayName => 'Dylan',
41	);
42	my ($entry) = &ldapsearch(
43	filter => '(cn=Bob D)',
44	attrs => [MT::ConfigMgr->instance->LDAPUserIdAttribute]
45	);
46
47	my $author = MT::Author->load({ name => 'Bob D' });
48	ok($author);
49	ok($author->is_active);
50	$author->external_id($entry->get_value(MT::ConfigMgr->instance->LDAPUserIdAttribute));
51	$author->save;
52
53	&ldapadd_group(
54	name => 'Group 1',
55	members => [ 'Bob D' ],
56	);
57	my ($entry) = &ldapsearch(
58	filter => '(cn=Group 1)',
59	attrs => [MT::ConfigMgr->instance->LDAPGroupIdAttribute]
60	);
61
62	ok(MT::Auth->synchronize_group);
63
64	my $group = MT::Group->load({ name => 'Group 1' }, {cached_ok=>0});
65	is($group->name, 'Group 1');
66	ok($group->is_active);
67	is($group->user_count, 1);
68	my $iter1 = $group->user_iter();
69	while (my $user = $iter1->()) {
70	is($user->name, $author->name);
71	is($user->external_id, $author->external_id);
72	}
73
74	&ldapadd_user(
75	name => 'Chuck D',
76	email => 'chuckd@example.com',
77	displayName => 'Chuck',
78	);
79	my ($entry2) = &ldapsearch(
80	filter => '(cn=Chuck D)',
81	attrs => [MT::ConfigMgr->instance->LDAPUserIdAttribute]
82	);
83
84	my $authorC = MT::Author->load({ name => 'Chuck D' });
85	ok($authorC);
86	ok($authorC->is_active);
87	$authorC->external_id($entry2->get_value(MT::ConfigMgr->instance->LDAPUserIdAttribute));
88	$authorC->save;
89
90	&ldapmodify(
91	name => 'Group 1',
92	newname => 'New Group',
93	newnick => 'Group name modified',
94	members => [ 'Bob D', 'Chuck D' ],
95	);
96
97	ok(MT::Auth->synchronize_group);
98
99	my $groupX = MT::Group->load({ name => 'Group 1' }, {cached_ok=>0});
100	ok(!$groupX);
101	my $group2 = MT::Group->load({ name => 'New Group' }, {cached_ok=>0});
102	is($group2->name, 'New Group');
103	ok($group2->is_active);
104	is($group2->user_count, 2);
105	my $iter2 = $group->user_iter({}, { sort => 'name' });
106	my $user2 = $iter2->();
107	is($user2->name, 'Bob D');
108	my $user3 = $iter2->();
109	is($user3->name, 'Chuck D');
110
111	&ldapmodify(
112	name => 'New Group',
113	newname => 'New Group',
114	newnick => 'Group name modified',
115	members => [ 'Chuck D' ],
116	);
117
118	ok(MT::Auth->synchronize_group);
119
120	my $group3 = MT::Group->load({ name => 'New Group' }, {cached_ok=>0});
121	is($group3->user_count, 1);
122	my $iter3 = $group3->user_iter({}, { sort => 'name' });
123	my $user3 = $iter3->();
124	is($user3->name, 'Chuck D');
125
126	&ldapdelete( name => 'New Group' );
127
128	ok(MT::Auth->synchronize_group);
129
130	my $group4 = MT::Group->load({ name => 'New Group' }, {cached_ok=>0});
131	ok(!$group4); # We remove groups upon synchronization instead of disabling
132
133	&ldapadd_group(
134	name => 'New Group',
135	members => [ 'Bob D' ],
136	);
137
138	ok(MT::Auth->synchronize_group);
139
140	SKIP: {
141	skip "These can't be run with our intensive caching.", 2;
142	my $group5 = MT::Group->load({ name => 'New Group' }, {cached_ok=>0});
143	ok($group5);
144	ok(!$group5->is_active); ## make sure newly created group with the same name does not re-activate an group.
145	}
146
147	&ldapdelete( name => 'New Group' );
148	&ldapdelete( name => 'Bob D' );
149	&ldapdelete( name => 'Chuck D' );
150	} # end of SKIP block
151
152	sub _ldapbind {
153	my ($auth, $ldap) = @_;
154	my $res;
155	my $base = $auth->{base};
156	my $bind_dn = $auth->{bind_dn};
157	my $bind_password = $auth->{bind_password};
158	my $sasl_mechanism = $auth->{sasl_mechanism};
159	my $uid_attr_name = $auth->{uid_attr_name};
160	my $filter = $auth->{filter};
161	my $scope = $auth->{scope};
162	if (!$bind_dn) {
163	$res = $ldap->bind;
164	} else {
165	if ($sasl_mechanism eq 'PLAIN') {
166	$res = $ldap->bind($bind_dn, password => $bind_password);
167	} else {
168	require Authen::SASL;
169	my $sasl = Authen::SASL->new(
170	mechanism => $sasl_mechanism,
171	callback => {
172	pass => $bind_password,
173	user => $bind_dn,
174	},
175	);
176	$res = $ldap->bind($bind_dn, sasl => $sasl);
177	}
178	}
179	1;
180	}
181
182	use MT::Auth;
183	use MT::Auth::LDAP;
184
185	sub ldapadd_user {
186	my (%opt) = @_;
187	my $auth = MT::LDAP->new;
188	my $ldap = $auth->ldap;
189	_ldapbind($auth, $ldap);
190	my $base = $auth->{base};
191	my $dn = "cn=$opt{name},$base";
192	my $result = $ldap->add( $dn,
193	attr => [
194	$auth->{uid_attr_name} => [$opt{name}],
195	'cn' => [$opt{name}],
196	'sn' => $opt{name},
197	MT::ConfigMgr->instance->LDAPUserFullNameAttribute => $opt{displayName},
198	MT::ConfigMgr->instance->LDAPUserEmailAttribute => $opt{email},
199	'objectclass' => ['top', 'person',
200	'organizationalPerson',
201	'inetOrgPerson' ],
202	]
203	);
204	$result->code && warn "failed to add entry: ", $result->error ;
205	my $mesg = $ldap->unbind; # take down session
206	1;
207	}
208
209	sub ldapadd_group {
210	my (%opt) = @_;
211	my $auth = MT::LDAP->new;
212	my $ldap = $auth->ldap;
213	_ldapbind($auth, $ldap);
214	my $base = $auth->{base};
215	my $dn = "cn=$opt{name},$base";
216	my $cfg = MT::ConfigMgr->instance;
217	my $result = $ldap->add( $dn,
218	attr => [
219	$cfg->LDAPGroupNameAttribute => [$opt{name}],
220	$cfg->LDAPGroupMemberAttribute => @{$opt{members}},
221	'objectclass' => ['top', 'posixGroup'],
222	'gidNumber' => int(rand(100)),
223	]
224	);
225	$result->code && warn "failed to add entry: ", $result->error ;
226	my $mesg = $ldap->unbind; # take down session
227	1;
228	}
229
230	sub ldapmodify {
231	my (%opt) = @_;
232	my $auth = MT::LDAP->new;
233	my $ldap = $auth->ldap;
234	my $cfg = MT::ConfigMgr->instance;
235	_ldapbind($auth, $ldap);
236	my $base = $auth->{base};
237	my $dn = "cn=$opt{name},$base";
238	my $mesg = $ldap->moddn( $dn, newrdn => "cn=$opt{newname}" );
239	$dn = "cn=$opt{newname},$base";
240	my $result = $ldap->modify( $dn,
241	changes => [replace => [
242	$cfg->LDAPGroupNameAttribute => [$opt{newname}],
243	#$cfg->LDAPGroupFullNameAttribute => $opt{newnick},
244	$cfg->LDAPGroupMemberAttribute => $opt{members},
245	]]
246	);
247	$result->code && warn "failed to modify entry: ", $result->error ;
248	$mesg = $ldap->unbind; # take down session
249	1;
250	}
251
252	sub ldapdelete {
253	my (%opt) = @_;
254	my $auth = MT::LDAP->new;
255	my $ldap = $auth->ldap;
256	_ldapbind($auth, $ldap);
257	my $base = $auth->{base};
258	my $dn = "cn=$opt{name},$base";
259	my $result = $ldap->delete($dn);
260	$result->code && warn "failed to delete entry: ", $result->error ;
261	my $mesg = $ldap->unbind; # take down session
262	1;
263	}
264
265	sub ldapsearch {
266	my (%opt) = @_;
267	my $auth = MT::LDAP->new;
268	my $ldap = $auth->ldap;
269	_ldapbind($auth, $ldap);
270	my $base = $auth->{base};
271	my $res = $ldap->search(
272	base => $base,
273	filter => $opt{filter},
274	attrs => $opt{attrs},
275	);
276	$res->entries;
277	}
278
279	1;

Note: See TracBrowser for help on using the browser.

Context Navigation

root/branches/boomer/t/53-grouptsync.t @ 1098

Download in other formats: