Context Navigation

53-grouptsync.t @ 2679

Visit:

Revision 2679, 8.0 kB (checked in by bchoate, 17 months ago)
Test updates to skip when appropriate.
Property svn:keywords set to `Author Date Id Revision`

Line
1	# $Id$
2
3	use strict;
4	use lib 't/lib', 'extlib', 'lib', '../lib', '../extlib';
5	use MT;
6	use Test::More;
7
8	my $number = 25;
9
10	use vars qw( $DB_DIR $T_CFG );
11	use MT::Test;
12
13	my $mt = MT->instance;
14
15	if ( !$mt->component('enterprise') ) {
16	plan skip_all => "Enterprise pack is not installed.";
17	} else {
18	plan tests => $number;
19	}
20
21	SKIP: {
22	eval "require Net::LDAP;";
23	if ($@) {
24	skip "Net::LDAP is not installed.", $number;
25	}
26	eval "require MT::LDAP;";
27	if ($@) {
28	skip "MT::LDAP is not found. Did you enable Enterprise Pack?", $number;
29	}
30
31	MT::Test->import( qw(:db :data) );
32
33	require MT::Author;
34	require MT::Auth;
35	require MT::Auth::LDAP;
36
37	if (!MT::ConfigMgr->instance->LDAPUserIdAttribute) {
38	print "Set LDAPUserIdAttribute directive or this test will fail.\n";
39	}
40	if (!MT::ConfigMgr->instance->LDAPGroupIdAttribute) {
41	print "Set LDAPGroupIdAttribute directive or this test will fail.\n";
42	}
43
44	&ldapadd_user(
45	name => 'Bob D',
46	email => 'bobd@example.com',
47	displayName => 'Dylan',
48	);
49	my ($entry) = &ldapsearch(
50	filter => '(cn=Bob D)',
51	attrs => [MT::ConfigMgr->instance->LDAPUserIdAttribute]
52	);
53
54	my $author = MT::Author->load({ name => 'Bob D' });
55	ok($author);
56	ok($author->is_active);
57	$author->external_id($entry->get_value(MT::ConfigMgr->instance->LDAPUserIdAttribute));
58	$author->save;
59
60	&ldapadd_group(
61	name => 'Group 1',
62	members => [ 'Bob D' ],
63	);
64	my ($entry) = &ldapsearch(
65	filter => '(cn=Group 1)',
66	attrs => [MT::ConfigMgr->instance->LDAPGroupIdAttribute]
67	);
68
69	ok(MT::Auth->synchronize_group);
70
71	my $group = MT::Group->load({ name => 'Group 1' }, {cached_ok=>0});
72	is($group->name, 'Group 1');
73	ok($group->is_active);
74	is($group->user_count, 1);
75	my $iter1 = $group->user_iter();
76	while (my $user = $iter1->()) {
77	is($user->name, $author->name);
78	is($user->external_id, $author->external_id);
79	}
80
81	&ldapadd_user(
82	name => 'Chuck D',
83	email => 'chuckd@example.com',
84	displayName => 'Chuck',
85	);
86	my ($entry2) = &ldapsearch(
87	filter => '(cn=Chuck D)',
88	attrs => [MT::ConfigMgr->instance->LDAPUserIdAttribute]
89	);
90
91	my $authorC = MT::Author->load({ name => 'Chuck D' });
92	ok($authorC);
93	ok($authorC->is_active);
94	$authorC->external_id($entry2->get_value(MT::ConfigMgr->instance->LDAPUserIdAttribute));
95	$authorC->save;
96
97	&ldapmodify(
98	name => 'Group 1',
99	newname => 'New Group',
100	newnick => 'Group name modified',
101	members => [ 'Bob D', 'Chuck D' ],
102	);
103
104	ok(MT::Auth->synchronize_group);
105
106	my $groupX = MT::Group->load({ name => 'Group 1' }, {cached_ok=>0});
107	ok(!$groupX);
108	my $group2 = MT::Group->load({ name => 'New Group' }, {cached_ok=>0});
109	is($group2->name, 'New Group');
110	ok($group2->is_active);
111	is($group2->user_count, 2);
112	my $iter2 = $group->user_iter({}, { sort => 'name' });
113	my $user2 = $iter2->();
114	is($user2->name, 'Bob D');
115	my $user3 = $iter2->();
116	is($user3->name, 'Chuck D');
117
118	&ldapmodify(
119	name => 'New Group',
120	newname => 'New Group',
121	newnick => 'Group name modified',
122	members => [ 'Chuck D' ],
123	);
124
125	ok(MT::Auth->synchronize_group);
126
127	my $group3 = MT::Group->load({ name => 'New Group' }, {cached_ok=>0});
128	is($group3->user_count, 1);
129	my $iter3 = $group3->user_iter({}, { sort => 'name' });
130	my $user3 = $iter3->();
131	is($user3->name, 'Chuck D');
132
133	&ldapdelete( name => 'New Group' );
134
135	ok(MT::Auth->synchronize_group);
136
137	my $group4 = MT::Group->load({ name => 'New Group' }, {cached_ok=>0});
138	ok(!$group4); # We remove groups upon synchronization instead of disabling
139
140	&ldapadd_group(
141	name => 'New Group',
142	members => [ 'Bob D' ],
143	);
144
145	ok(MT::Auth->synchronize_group);
146
147	SKIP: {
148	skip "These can't be run with our intensive caching.", 2;
149	my $group5 = MT::Group->load({ name => 'New Group' }, {cached_ok=>0});
150	ok($group5);
151	ok(!$group5->is_active); ## make sure newly created group with the same name does not re-activate an group.
152	}
153
154	&ldapdelete( name => 'New Group' );
155	&ldapdelete( name => 'Bob D' );
156	&ldapdelete( name => 'Chuck D' );
157	} # end of SKIP block
158
159	sub _ldapbind {
160	my ($auth, $ldap) = @_;
161	my $res;
162	my $base = $auth->{base};
163	my $bind_dn = $auth->{bind_dn};
164	my $bind_password = $auth->{bind_password};
165	my $sasl_mechanism = $auth->{sasl_mechanism};
166	my $uid_attr_name = $auth->{uid_attr_name};
167	my $filter = $auth->{filter};
168	my $scope = $auth->{scope};
169	if (!$bind_dn) {
170	$res = $ldap->bind;
171	} else {
172	if ($sasl_mechanism eq 'PLAIN') {
173	$res = $ldap->bind($bind_dn, password => $bind_password);
174	} else {
175	require Authen::SASL;
176	my $sasl = Authen::SASL->new(
177	mechanism => $sasl_mechanism,
178	callback => {
179	pass => $bind_password,
180	user => $bind_dn,
181	},
182	);
183	$res = $ldap->bind($bind_dn, sasl => $sasl);
184	}
185	}
186	1;
187	}
188
189	sub ldapadd_user {
190	my (%opt) = @_;
191	my $auth = MT::LDAP->new;
192	my $ldap = $auth->ldap;
193	_ldapbind($auth, $ldap);
194	my $base = $auth->{base};
195	my $dn = "cn=$opt{name},$base";
196	my $result = $ldap->add( $dn,
197	attr => [
198	$auth->{uid_attr_name} => [$opt{name}],
199	'cn' => [$opt{name}],
200	'sn' => $opt{name},
201	MT::ConfigMgr->instance->LDAPUserFullNameAttribute => $opt{displayName},
202	MT::ConfigMgr->instance->LDAPUserEmailAttribute => $opt{email},
203	'objectclass' => ['top', 'person',
204	'organizationalPerson',
205	'inetOrgPerson' ],
206	]
207	);
208	$result->code && warn "failed to add entry: ", $result->error ;
209	my $mesg = $ldap->unbind; # take down session
210	1;
211	}
212
213	sub ldapadd_group {
214	my (%opt) = @_;
215	my $auth = MT::LDAP->new;
216	my $ldap = $auth->ldap;
217	_ldapbind($auth, $ldap);
218	my $base = $auth->{base};
219	my $dn = "cn=$opt{name},$base";
220	my $cfg = MT::ConfigMgr->instance;
221	my $result = $ldap->add( $dn,
222	attr => [
223	$cfg->LDAPGroupNameAttribute => [$opt{name}],
224	$cfg->LDAPGroupMemberAttribute => @{$opt{members}},
225	'objectclass' => ['top', 'posixGroup'],
226	'gidNumber' => int(rand(100)),
227	]
228	);
229	$result->code && warn "failed to add entry: ", $result->error ;
230	my $mesg = $ldap->unbind; # take down session
231	1;
232	}
233
234	sub ldapmodify {
235	my (%opt) = @_;
236	my $auth = MT::LDAP->new;
237	my $ldap = $auth->ldap;
238	my $cfg = MT::ConfigMgr->instance;
239	_ldapbind($auth, $ldap);
240	my $base = $auth->{base};
241	my $dn = "cn=$opt{name},$base";
242	my $mesg = $ldap->moddn( $dn, newrdn => "cn=$opt{newname}" );
243	$dn = "cn=$opt{newname},$base";
244	my $result = $ldap->modify( $dn,
245	changes => [replace => [
246	$cfg->LDAPGroupNameAttribute => [$opt{newname}],
247	#$cfg->LDAPGroupFullNameAttribute => $opt{newnick},
248	$cfg->LDAPGroupMemberAttribute => $opt{members},
249	]]
250	);
251	$result->code && warn "failed to modify entry: ", $result->error ;
252	$mesg = $ldap->unbind; # take down session
253	1;
254	}
255
256	sub ldapdelete {
257	my (%opt) = @_;
258	my $auth = MT::LDAP->new;
259	my $ldap = $auth->ldap;
260	_ldapbind($auth, $ldap);
261	my $base = $auth->{base};
262	my $dn = "cn=$opt{name},$base";
263	my $result = $ldap->delete($dn);
264	$result->code && warn "failed to delete entry: ", $result->error ;
265	my $mesg = $ldap->unbind; # take down session
266	1;
267	}
268
269	sub ldapsearch {
270	my (%opt) = @_;
271	my $auth = MT::LDAP->new;
272	my $ldap = $auth->ldap;
273	_ldapbind($auth, $ldap);
274	my $base = $auth->{base};
275	my $res = $ldap->search(
276	base => $base,
277	filter => $opt{filter},
278	attrs => $opt{attrs},
279	);
280	$res->entries;
281	}
282
283	1;

Note: See TracBrowser for help on using the browser.

Context Navigation

root/branches/release-41/t/53-grouptsync.t @ 2679

Download in other formats: