Commit 232fc453 authored by Francesc Guasch's avatar Francesc Guasch
Browse files

test(auth): properly check both uid and cn

* Only necessary on binded login
* Required to check PR #1206
parent 6fc916e2
......@@ -251,6 +251,8 @@ sub test_user_bind {
is($mcnulty->{_auth}, 'bind');
test_uid_cn($user, $with_posix_group);
unlink $file_config_bind;
$ravada = Ravada->new(config => $file_config
......@@ -438,43 +440,56 @@ sub test_posix_group {
}
sub test_uid_cn($user, $with_posix_group) {
my $password = 'jameson';
sub _replace_field($entry, $field, $with_posix_group) {
my $old_value = $entry->get_value($field);
die "Error: No $field found in LDAP entry in ".$entry->get_value('cn')
if !$old_value;
my $new_value = new_domain_name();
Ravada::Auth::LDAP::init();
my $ldap = Ravada::Auth::LDAP::_init_ldap_admin();
my $login_ok;
$entry->replace($field => $new_value);
my $mesg = $entry->update($ldap);
confess $mesg->code." ".$mesg->error if $mesg->code && $mesg->code;
for my $field ( qw(uid cn) ) {
diag("Testing login with $field");
_add_to_posix_group($new_value, $with_posix_group);
my $entry = $user->{_ldap_entry};
my $old_value = $entry->get_value($field);
die "Error: No $field found in LDAP entry in ".Dummper($user)
if !$old_value;
return ($old_value, $new_value);
}
eval { $login_ok = Ravada::Auth::login($old_value, $password) };
is($@,'',$old_value);
ok($login_ok, $old_value);
sub test_uid_cn($user, $with_posix_group) {
Ravada::Auth::LDAP::init();
my $ldap = Ravada::Auth::LDAP::_init_ldap_admin();
my $entry = $user->{_ldap_entry};
next if $field eq 'cn';
my $field = 'uid';
my %data = (
cn => $entry->get_value('cn')
,$field => $entry->get_value($field)
my $new_value = new_domain_name();
diag("Testing login with $field $new_value , posix_group=$with_posix_group");
);
$entry->replace($field => $new_value);
my $mesg = $entry->update($ldap);
die $mesg->code." ".$mesg->error if $mesg->code && $mesg->code;
test_login_fields(\%data);
my ($old_value, $new_value) = _replace_field($entry, $field, $with_posix_group);
_add_to_posix_group($new_value, $with_posix_group);
$data{$field} = $new_value;
test_login_fields(\%data);
eval { $login_ok = Ravada::Auth::login($new_value, $password) };
is($@,''," $field: $new_value") or exit;
ok($login_ok, $new_value);
$entry->replace($field => $old_value);
$entry->update($ldap);
}
$entry->replace($field => $old_value);
$entry->update($ldap);
sub test_login_fields($data) {
my $password = 'jameson';
my $login_ok;
for my $field ( sort keys %$data ) {
my $value = $data->{$field};
eval { $login_ok = Ravada::Auth::login($value, $password) };
is($@,''," $field: $value");
ok($login_ok, $value);
}
}
SKIP: {
......@@ -517,7 +532,6 @@ SKIP: {
test_user_bind($user, $fly_config, $with_posix_group);
test_uid_cn($user, $with_posix_group);
remove_users();
};
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment