root/branches/release-41/t/52-ldap.t @ 2680

Revision 2680, 4.6 kB (checked in by bchoate, 17 months ago)

Test updates to skip when appropriate.
  • Property svn:mime-type set to text/plain
  • Property svn:keywords set to Author Date Id Revision
Line 
1# $Id$
2
3use strict;
4my $number = 15;
5
6use Test::More;
7
8use lib 't/lib', 'extlib', 'lib', '../lib', '../extlib';
9use MT;
10use vars qw( $DB_DIR $T_CFG );
11use MT::Test;
12
13my $mt = MT->instance or die MT->errstr;
14SKIP: {
15if ( !$mt->component('enterprise') ) {
16    plan skip_all => "Enterprise pack is not installed";
17} else {
18    plan tests => $number;
19}
20
21eval "require Net::LDAP;";
22if ($@) {
23    skip "Net::LDAP is not installed.", $number;
24}
25eval "require MT::LDAP;";
26if ($@) {
27    skip "MT::LDAP is not found.  Did you enable Enterprise Pack?", $number;
28}
29{
30# @test create MT object
31MT::Test->import( qw(:db :data) );
32
33ok($mt);
34
35# @test create MT::LDAP object
36my $ldap = MT::LDAP->new;
37ok($ldap);
38
39$ldap->bind_ldap;
40
41my $filter = '(uid=Bob)';
42my $attrs = [
43               'cn',
44               'mail',
45               'displayName',
46               MT->config->LDAPUserIdAttribute
47            ];
48
49# @test search unavailable user
50my @ldap_entries = $ldap->search_ldap(
51                            filter => $filter,
52                            attrs => $attrs);
53
54is($#ldap_entries, 0);
55
56&ldapadd(
57    name => 'Bob D',
58    email => 'bobd@example.com',
59    displayName => 'Dylan',
60    uid => 'Bob',
61);
62
63# @test search available user
64@ldap_entries = $ldap->search_ldap(
65                        filter => $filter,
66                        attrs => $attrs);
67
68is(@ldap_entries, 1);
69
70# @test valid login
71my $res = $ldap->can_login(
72    'cn=Bob D,'.$ldap->{base},
73    'Bob',
74    'password');
75ok($res);
76
77
78# @test invalid login (password invalid)
79my $res = $ldap->can_login(
80    'cn=Bob D,'.$ldap->{base},
81    'Bob',
82    'bob');
83ok(!$res);
84
85
86# @test get user dn
87my $dn = $ldap->get_dn('Bob');
88is($dn, 'cn=Bob D,'.$ldap->{base});
89
90# @test user attribute validation
91my $entry = $ldap->get_entry_by_name('Bob', $attrs);
92
93ok($entry);
94is($entry->get_value('cn'), 'Bob D');
95is($entry->get_value('mail'), 'bobd@example.com');
96is($entry->get_value('displayName'), 'Dylan');
97
98my $uuid = $entry->get_value(MT->config->LDAPUserIdAttribute);
99
100# @test user attribute validation
101$entry = $ldap->get_entry_by_uuid($uuid, $attrs);
102
103ok($entry);
104is($entry->get_value('cn'), 'Bob D');
105is($entry->get_value('mail'), 'bobd@example.com');
106is($entry->get_value('displayName'), 'Dylan');
107
108
109$ldap->unbind_ldap;
110
111&ldapdelete( name => 'Bob D' );
112}
113
114} # end of skip block
115
116sub _ldapbind {
117    my ($auth, $ldap) = @_;
118    my $res;
119    my $base = $auth->{base};
120    my $bind_dn = $auth->{bind_dn};
121    my $bind_password = $auth->{bind_password};
122    my $sasl_mechanism = $auth->{sasl_mechanism};
123    my $uid_attr_name = $auth->{uid_attr_name};
124    my $filter = $auth->{filter};
125    my $scope = $auth->{scope};
126    if (!$bind_dn) {
127        $res = $ldap->bind;
128    } else {
129        if ($sasl_mechanism eq 'PLAIN') {
130            $res = $ldap->bind($bind_dn, password => $bind_password);
131        } else {
132            require Authen::SASL;
133            my $sasl = Authen::SASL->new(
134                mechanism => $sasl_mechanism,
135                callback => {
136                    pass => $bind_password,
137                    user => $bind_dn,
138                },
139            );
140            $res = $ldap->bind($bind_dn, sasl => $sasl);
141        }
142    }
143    1;
144}
145
146sub ldapadd {
147    my (%opt) = @_;
148    my $auth = MT::LDAP->new;
149    my $ldap = $auth->{ldap};
150    _ldapbind($auth, $ldap);
151    my $base = $auth->{base};
152    my $dn = "cn=$opt{name},$base";
153    my $result = $ldap->add( $dn,
154                        attr => [
155                         $auth->{uid_attr_name} => [$opt{name}],
156                         'cn'   => [$opt{name}],
157                         'sn'   => $opt{name},
158                         'uid'  => $opt{uid},
159                         #'userPassword' => ["{CRYPT}kVY9KP1SHbGN2"],
160                         'userPassword' => ["{SSHA}P3KrGHWOjo/b+haSXBGGHtJjonkeLgDt"],
161                         MT->config->LDAPUserFullNameAttribute => $opt{displayName},
162                         MT->config->LDAPUserEmailAttribute => $opt{email},
163                         'objectclass' => ['top', 'person',
164                                           'organizationalPerson',
165                                           'inetOrgPerson' ],
166                       ]
167                     );
168    $result->code && warn "failed to add entry: ", $result->error ;
169    my $mesg = $ldap->unbind;  # take down session
170    1;
171}
172
173sub ldapdelete {
174    my (%opt) = @_;
175    my $auth = MT::LDAP->new;
176    my $ldap = $auth->{ldap};
177    _ldapbind($auth, $ldap);
178    my $base = $auth->{base};
179    my $dn = "cn=$opt{name},$base";
180    my $result = $ldap->delete($dn);
181    $result->code && warn "failed to delete entry: ", $result->error ;
182    my $mesg = $ldap->unbind;  # take down session
183    1;
184}
185
1861;
Note: See TracBrowser for help on using the browser.