def test_08_trimresult(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
y.loadConfig(
{
"LDAPURI": "ldap://localhost",
"LDAPBASE": "o=test",
"BINDDN": "cn=manager,ou=example,o=test",
"BINDPW": "ldaptest",
"LOGINNAMEATTRIBUTE": "cn",
"LDAPSEARCHFILTER": "(cn=*)",
"LDAPFILTER": "(&(cn=%s))",
"USERINFO": '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
"UIDTYPE": "oid",
"NOREFERRALS": True,
}
)
r = y._trim_result(
[
{"type": "searchResEntry", "DN": "blafoo"},
{"type": "searchResEntry", "DN": "foobar"},
{"type": "searchResRef", "info": "this is located on another LDAP"},
]
)
self.assertEqual(len(r), 2)
def test_05_authtype_not_supported(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
res = y.testconnection(
{
"LDAPURI": "ldap://localhost",
"LDAPBASE": "o=test",
"BINDDN": "cn=manager,ou=example,o=test",
"BINDPW": "ldaptest",
"AUTHTYPE": "unknown",
"LOGINNAMEATTRIBUTE": "cn",
"LDAPSEARCHFILTER": "(cn=*)",
"LDAPFILTER": "(&(cn=%s))",
"USERINFO": '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
"UIDTYPE": "oid",
}
)
self.assertFalse(res[0], res)
self.assertTrue("Authtype unknown not supported" in res[1], res)
def test_03_testconnection(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
res = y.testconnection({
'LDAPURI':
'ldap://localhost',
'LDAPBASE':
'o=test',
'BINDDN':
'cn=manager,ou=example,o=test',
'BINDPW':
'ldaptest',
'LOGINNAMEATTRIBUTE':
'cn',
'LDAPSEARCHFILTER':
'(cn=*)',
'LDAPFILTER':
'(&(cn=%s))',
'USERINFO':
'{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE':
'oid',
})
self.assertTrue(res[0], res)
self.assertTrue(
res[1] == 'Your LDAP config seems to be OK, 3 user '
'objects found.', res)
def test_08_trimresult(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
y.loadConfig({'LDAPURI': 'ldap://localhost',
'LDAPBASE': 'o=test',
'BINDDN': 'cn=manager,ou=example,o=test',
'BINDPW': 'ldaptest',
'LOGINNAMEATTRIBUTE': 'cn',
'LDAPSEARCHFILTER': '(cn=*)',
'LDAPFILTER': '(&(cn=%s))',
'USERINFO': '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE': 'oid',
'NOREFERRALS': True
})
r = y._trim_result([{"type": "searchResEntry",
"DN": "blafoo"},
{"type": "searchResEntry",
"DN": "foobar"},
{"type": "searchResRef",
"info": "this is located on another LDAP"}])
self.assertEqual(len(r), 2)
def test_00_testconnection(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
success, desc = \
pretestresolver("ldapresolver", {'LDAPURI':
'ldap://localhost',
'LDAPBASE': 'o=test',
'BINDDN':
'cn=manager,'
'ou=example,'
'o=test',
'BINDPW': 'ldaptest',
'LOGINNAMEATTRIBUTE': 'cn',
'LDAPSEARCHFILTER':
'(cn=*)',
'LDAPFILTER': '(&('
'cn=%s))',
'USERINFO': '{ '
'"username": "******",'
'"phone" '
': '
'"telephoneNumber", '
'"mobile" : "mobile"'
', '
'"email" '
': '
'"mail", '
'"surname" : "sn", '
'"givenname" : '
'"givenName" }',
'UIDTYPE': 'DN'})
self.assertTrue(success, (success, desc))
def test_07_testconnection(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
(success, desc) = LdapMachineResolver.testconnection(MYCONFIG)
self.assertTrue(success)
self.assertEqual(
desc, "Your LDAP config seems to be OK, 3 "
"machine objects found.")
def test_00_testconnection(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
success, desc = \
pretestresolver("ldapresolver", {'LDAPURI':
'ldap://localhost',
'LDAPBASE': 'o=test',
'BINDDN':
'cn=manager,'
'ou=example,'
'o=test',
'BINDPW': 'ldaptest',
'LOGINNAMEATTRIBUTE': 'cn',
'LDAPSEARCHFILTER':
'(cn=*)',
'LDAPFILTER': '(&('
'cn=%s))',
'USERINFO': '{ '
'"username": "******",'
'"phone" '
': '
'"telephoneNumber", '
'"mobile" : "mobile"'
', '
'"email" '
': '
'"mail", '
'"surname" : "sn", '
'"givenname" : '
'"givenName" }',
'UIDTYPE': 'DN'})
self.assertTrue(success, (success, desc))
def test_00_testconnection(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
success, desc = pretestresolver(
"ldapresolver",
{
"LDAPURI": "ldap://localhost",
"LDAPBASE": "o=test",
"BINDDN": "cn=manager," "ou=example," "o=test",
"BINDPW": "ldaptest",
"LOGINNAMEATTRIBUTE": "cn",
"LDAPSEARCHFILTER": "(cn=*)",
"LDAPFILTER": "(&(" "cn=%s))",
"USERINFO": "{ "
'"username": "******",'
'"phone" '
": "
'"telephoneNumber", '
'"mobile" : "mobile"'
", "
'"email" '
": "
'"mail", '
'"surname" : "sn", '
'"givenname" : '
'"givenName" }',
"UIDTYPE": "DN",
},
)
self.assertTrue(success, (success, desc))
def test_13_update_resolver(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
# --------------------------------
# First we create an LDAP resolver
rid = save_resolver(
{
"resolver": "myLDAPres",
"type": "ldapresolver",
"LDAPURI": "ldap://localhost",
"LDAPBASE": "o=test",
"BINDDN": "cn=manager,ou=example,o=test",
"BINDPW": "ldaptest",
"LOGINNAMEATTRIBUTE": "cn",
"LDAPSEARCHFILTER": "(cn=*)",
"LDAPFILTER": "(&(cn=%s))",
"USERINFO": '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
"UIDTYPE": "DN",
}
)
self.assertTrue(rid > 0, rid)
reso_list = get_resolver_list()
self.assertTrue("myLDAPres" in reso_list, reso_list)
ui = ResolverConfig.query.filter(ResolverConfig.Key == "USERINFO").first().Value
# Check that the email is contained in the UI
self.assertTrue("email" in ui, ui)
# --------------------------------
# Then we update the LDAP resolver
rid = save_resolver(
{
"resolver": "myLDAPres",
"type": "ldapresolver",
"LDAPURI": "ldap://localhost",
"LDAPBASE": "o=test",
"BINDDN": "cn=manager,ou=example,o=test",
"BINDPW": "ldaptest",
"LOGINNAMEATTRIBUTE": "cn",
"LDAPSEARCHFILTER": "(cn=*)",
"LDAPFILTER": "(&(cn=%s))",
"USERINFO": '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
"UIDTYPE": "DN",
}
)
self.assertTrue(rid > 0, rid)
reso_list = get_resolver_list(filter_resolver_name="myLDAPres")
# TODO check the data
ui = ResolverConfig.query.filter(ResolverConfig.Key == "USERINFO").first().Value
# Check that the email is NOT contained in the UI
self.assertTrue("email" not in ui, ui)
def test_01_LDAP_DN(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
y.loadConfig(
{
"LDAPURI": "ldap://localhost",
"LDAPBASE": "o=test",
"BINDDN": "cn=manager,ou=example,o=test",
"BINDPW": "ldaptest",
"LOGINNAMEATTRIBUTE": "cn",
"LDAPSEARCHFILTER": "(cn=*)",
"LDAPFILTER": "(&(cn=%s))",
"USERINFO": '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
"UIDTYPE": "DN",
}
)
result = y.getUserList({"username": "******"})
self.assertEqual(len(result), 3)
user = "******"
user_id = y.getUserId(user)
self.assertTrue(user_id == "cn=bob,ou=example,o=test", user_id)
rid = y.getResolverId()
self.assertTrue(rid == "ldap://localhost", rid)
rtype = y.getResolverType()
self.assertTrue(rtype == "ldapresolver", rtype)
rdesc = y.getResolverClassDescriptor()
rdesc = y.getResolverDescriptor()
self.assertTrue("ldapresolver" in rdesc, rdesc)
self.assertTrue("config" in rdesc.get("ldapresolver"), rdesc)
self.assertTrue("clazz" in rdesc.get("ldapresolver"), rdesc)
uinfo = y.getUserInfo(user_id)
self.assertTrue(uinfo.get("username") == "bob", uinfo)
ret = y.getUserList({"username": "******"})
self.assertTrue(len(ret) == 1, ret)
username = y.getUsername(user_id)
self.assertTrue(username == "bob", username)
res = y.checkPass(user_id, "bobpw")
self.assertTrue(res)
res = y.checkPass(user_id, "wrong pw")
self.assertFalse(res)
def test_03_get_machines(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
machines = self.mreso.get_machines()
self.assertEqual(len(machines), 3)
machines = self.mreso.get_machines(hostname="machine1.example.test")
self.assertEqual(len(machines), 1)
# THere is one machine, that contains "e2"
machines = self.mreso.get_machines(hostname="e2", substring=True)
self.assertEqual(len(machines), 1)
def test_03_get_machines(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
machines = self.mreso.get_machines()
self.assertEqual(len(machines), 3)
machines = self.mreso.get_machines(hostname="machine1.example.test")
self.assertEqual(len(machines), 1)
# THere is one machine, that contains "e2"
machines = self.mreso.get_machines(hostname="e2",
substring=True)
self.assertEqual(len(machines), 1)
def test_01_LDAP_double_mapping(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
y.loadConfig({'LDAPURI': 'ldap://localhost',
'LDAPBASE': 'o=test',
'BINDDN': 'cn=manager,ou=example,o=test',
'BINDPW': 'ldaptest',
'LOGINNAMEATTRIBUTE': 'cn',
'LDAPSEARCHFILTER': '(cn=*)',
'LDAPFILTER': '(&(cn=%s))',
'USERINFO': '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "email", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE': 'DN',
})
result = y.getUserList({'username': '******'})
self.assertEqual(len(result), 3)
user = "******"
user_id = y.getUserId(user)
self.assertTrue(user_id == "cn=bob,ou=example,o=test", user_id)
rid = y.getResolverId()
self.assertTrue(rid == "ldap://localhost", rid)
rtype = y.getResolverType()
self.assertTrue(rtype == "ldapresolver", rtype)
rdesc = y.getResolverClassDescriptor()
rdesc = y.getResolverDescriptor()
self.assertTrue("ldapresolver" in rdesc, rdesc)
self.assertTrue("config" in rdesc.get("ldapresolver"), rdesc)
self.assertTrue("clazz" in rdesc.get("ldapresolver"), rdesc)
uinfo = y.getUserInfo(user_id)
self.assertTrue(uinfo.get("username") == "*****@*****.**", uinfo)
ret = y.getUserList({"username": "******"})
self.assertTrue(len(ret) == 1, ret)
username = y.getUsername(user_id)
self.assertTrue(username == "*****@*****.**", username)
res = y.checkPass(user_id, "bobpw")
self.assertTrue(res)
res = y.checkPass(user_id, "wrong pw")
self.assertFalse(res)
def test_09_ldaps(self):
# Check that use_ssl and tls are actually passed to the Connection
ldap3mock.setLDAPDirectory(LDAPDirectory)
config = MYCONFIG.copy()
config['LDAPURI'] = 'ldaps://1.2.3.4'
config['TLS_VERIFY'] = '1'
ldaps_resolver = LdapMachineResolver("myResolver", config=config)
machines = ldaps_resolver.get_machines()
self.assertEqual(len(machines), 3)
# We check that all Server objects were constructed with a non-None TLS context and use_ssl=True
for _, kwargs in ldap3mock.get_server_mock().call_args_list:
self.assertIsNotNone(kwargs['tls'])
self.assertTrue(kwargs['use_ssl'])
def test_18_user_with_several_phones(self):
ldap3mock.setLDAPDirectory(LDAPDirectory_small)
params = ({
'LDAPURI':
'ldap://localhost',
'LDAPBASE':
'o=test',
'BINDDN':
'cn=manager,ou=example,o=test',
'BINDPW':
'ldaptest',
'LOGINNAMEATTRIBUTE':
'cn',
'LDAPSEARCHFILTER':
'(|(cn=*))', # we use this weird search filter to get a unique resolver ID
'USERINFO':
'{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE':
'objectGUID',
'NOREFERRALS':
True,
'CACHE_TIMEOUT':
0
})
params["resolver"] = "ldapresolver"
params["type"] = "ldapresolver"
rid = save_resolver(params)
self.assertTrue(rid > 0)
(added, failed) = set_realm("ldap", ["ldapresolver"])
self.assertEqual(len(added), 1)
self.assertEqual(len(failed), 0)
u = User("salesman", "ldap")
# get the complete list
r = u.get_user_phone("mobile")
self.assertEqual(r, ["1234", "3456"])
# get the first entry
r = u.get_user_phone("mobile", index=0)
self.assertEqual(r, "1234")
# Index out of range
r = u.get_user_phone("mobile", index=2)
self.assertEqual(r, "")
delete_realm("ldap")
delete_resolver("ldapresolver")
def setUp(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
host = "localhost"
u = "manager"
p = "ldaptest"
self.base = "o=test"
srv = ldap3.Server(host, port=389, use_ssl=False, connect_timeout=5)
self.c = ldap3.Connection(srv, user=u, password=p,
auto_referrals=False,
client_strategy=ldap3.SYNC, check_names=True,
authentication=ldap3.SIMPLE, auto_bind=False)
self.c.open()
self.c.bind()
def setUp(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
host = "localhost"
u = "manager"
p = "ldaptest"
self.base = "o=test"
srv = ldap3.Server(host, port=389, use_ssl=False, connect_timeout=5)
self.c = ldap3.Connection(srv, user=u, password=p,
auto_referrals=False,
client_strategy=ldap3.SYNC, check_names=True,
authentication=ldap3.SIMPLE, auto_bind=False)
self.c.open()
self.c.bind()
def test_08_start_tls(self):
# Check that START_TLS and TLS_VERIFY are actually passed to the ldap3 Connection
ldap3mock.setLDAPDirectory(LDAPDirectory)
config = MYCONFIG.copy()
config['START_TLS'] = '1'
config['TLS_VERIFY'] = '1'
start_tls_resolver = LdapMachineResolver("myResolver", config=config)
machines = start_tls_resolver.get_machines()
self.assertEqual(len(machines), 3)
# We check two things:
# 1) start_tls has actually been called!
self.assertTrue(start_tls_resolver.l.start_tls_called)
# 2) All Server objects were constructed with a non-None TLS context, but use_ssl=False
for _, kwargs in ldap3mock.get_server_mock().call_args_list:
self.assertIsNotNone(kwargs['tls'])
self.assertFalse(kwargs['use_ssl'])
def test_01_broken_uidtype(self):
# checkPass with wrong UIDtype
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
y.loadConfig({
'LDAPURI':
'ldap://localhost',
'LDAPBASE':
'o=test',
'BINDDN':
'cn=manager,ou=example,o=test',
'BINDPW':
'ldaptest',
'LOGINNAMEATTRIBUTE':
'cn',
'LDAPSEARCHFILTER':
'(cn=*)',
'LDAPFILTER':
'(&(cn=%s))',
'USERINFO':
'{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE':
'unknownType',
})
result = y.getUserList({'username': '******'})
self.assertEqual(len(result), 3)
rid = y.getResolverId()
self.assertTrue(rid == "ldap://localhost", rid)
rtype = y.getResolverType()
self.assertTrue(rtype == "ldapresolver", rtype)
rdesc = y.getResolverClassDescriptor()
rdesc = y.getResolverDescriptor()
self.assertTrue("ldapresolver" in rdesc, rdesc)
self.assertTrue("config" in rdesc.get("ldapresolver"), rdesc)
self.assertTrue("clazz" in rdesc.get("ldapresolver"), rdesc)
res = y.checkPass("bob", "bobpwééé")
self.assertFalse(res)
def test_08_trimresult(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
y.loadConfig({
'LDAPURI':
'ldap://localhost',
'LDAPBASE':
'o=test',
'BINDDN':
'cn=manager,ou=example,o=test',
'BINDPW':
'ldaptest',
'LOGINNAMEATTRIBUTE':
'cn',
'LDAPSEARCHFILTER':
'(cn=*)',
'LDAPFILTER':
'(&(cn=%s))',
'USERINFO':
'{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE':
'oid',
'NOREFERRALS':
True
})
r = y._trim_result([{
"type": "searchResEntry",
"DN": "blafoo"
}, {
"type": "searchResEntry",
"DN": "foobar"
}, {
"type": "searchResRef",
"info": "this is located on another LDAP"
}])
self.assertEqual(len(r), 2)
def test_03_testconnection_anonymous(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
res = y.testconnection({'LDAPURI': 'ldap://localhost',
'LDAPBASE': 'o=test',
'LOGINNAMEATTRIBUTE': 'cn',
'LDAPSEARCHFILTER': '(cn=*)',
'BINDDN': '',
'LDAPFILTER': '(&(cn=%s))',
'USERINFO': '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE': 'oid',
})
self.assertTrue(res[0], res)
self.assertTrue(res[1] == 'Your LDAP config seems to be OK, 3 user '
'objects found.', res)
def test_04_testconnection_fail(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
res = y.testconnection({'LDAPURI': 'ldap://localhost',
'LDAPBASE': 'o=test',
'BINDDN': 'cn=manager,ou=example,o=test',
'BINDPW': 'wrongpw',
'LOGINNAMEATTRIBUTE': 'cn',
'LDAPSEARCHFILTER': '(cn=*)',
'LDAPFILTER': '(&(cn=%s))',
'USERINFO': '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE': 'oid',
})
self.assertFalse(res[0], res)
self.assertTrue("Wrong credentials" in res[1], res)
def test_01_broken_uidtype(self):
# checkPass with wrong UIDtype
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
y.loadConfig(
{
"LDAPURI": "ldap://localhost",
"LDAPBASE": "o=test",
"BINDDN": "cn=manager,ou=example,o=test",
"BINDPW": "ldaptest",
"LOGINNAMEATTRIBUTE": "cn",
"LDAPSEARCHFILTER": "(cn=*)",
"LDAPFILTER": "(&(cn=%s))",
"USERINFO": '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
"UIDTYPE": "unknownType",
}
)
result = y.getUserList({"username": "******"})
self.assertEqual(len(result), 3)
rid = y.getResolverId()
self.assertTrue(rid == "ldap://localhost", rid)
rtype = y.getResolverType()
self.assertTrue(rtype == "ldapresolver", rtype)
rdesc = y.getResolverClassDescriptor()
rdesc = y.getResolverDescriptor()
self.assertTrue("ldapresolver" in rdesc, rdesc)
self.assertTrue("config" in rdesc.get("ldapresolver"), rdesc)
self.assertTrue("clazz" in rdesc.get("ldapresolver"), rdesc)
res = y.checkPass("bob", "bobpw")
self.assertFalse(res)
def test_05_authtype_not_supported(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
res = y.testconnection({'LDAPURI': 'ldap://localhost',
'LDAPBASE': 'o=test',
'BINDDN': 'cn=manager,ou=example,o=test',
'BINDPW': 'ldaptest',
'AUTHTYPE': 'unknown',
'LOGINNAMEATTRIBUTE': 'cn',
'LDAPSEARCHFILTER': '(cn=*)',
'LDAPFILTER': '(&(cn=%s))',
'USERINFO': '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE': 'oid',
})
self.assertFalse(res[0], res)
self.assertTrue("Authtype unknown not supported" in res[1], res)
def test_03_testconnection_anonymous(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
res = y.testconnection(
{
"LDAPURI": "ldap://localhost",
"LDAPBASE": "o=test",
"LOGINNAMEATTRIBUTE": "cn",
"LDAPSEARCHFILTER": "(cn=*)",
"BINDDN": "",
"LDAPFILTER": "(&(cn=%s))",
"USERINFO": '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
"UIDTYPE": "oid",
}
)
self.assertTrue(res[0], res)
self.assertTrue(res[1] == "Your LDAP config seems to be OK, 3 user " "objects found.", res)
def test_04_testconnection_fail(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
res = y.testconnection(
{
"LDAPURI": "ldap://localhost",
"LDAPBASE": "o=test",
"BINDDN": "cn=manager,ou=example,o=test",
"BINDPW": "wrongpw",
"LOGINNAMEATTRIBUTE": "cn",
"LDAPSEARCHFILTER": "(cn=*)",
"LDAPFILTER": "(&(cn=%s))",
"USERINFO": '{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
"UIDTYPE": "oid",
}
)
self.assertFalse(res[0], res)
self.assertTrue("Wrong credentials" in res[1], res)
def test_07_testconnection(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
(success, desc) = LdapMachineResolver.testconnection(MYCONFIG)
self.assertTrue(success)
self.assertTrue("3" in desc)
def test_07_testconnection(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
(success, desc) = LdapMachineResolver.testconnection(MYCONFIG)
self.assertTrue(success)
self.assertTrue("3" in desc)
def test_13_update_resolver(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
# --------------------------------
# First we create an LDAP resolver
rid = save_resolver({
"resolver":
"myLDAPres",
"type":
"ldapresolver",
'LDAPURI':
'ldap://localhost',
'LDAPBASE':
'o=test',
'BINDDN':
'cn=manager,ou=example,o=test',
'BINDPW':
'ldaptest',
'LOGINNAMEATTRIBUTE':
'cn',
'LDAPSEARCHFILTER':
'(cn=*)',
'LDAPFILTER':
'(&(cn=%s))',
'USERINFO':
'{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE':
'DN'
})
self.assertTrue(rid > 0, rid)
reso_list = get_resolver_list()
self.assertTrue("myLDAPres" in reso_list, reso_list)
ui = ResolverConfig.query.filter(
ResolverConfig.Key == 'USERINFO').first().Value
# Check that the email is contained in the UI
self.assertTrue("email" in ui, ui)
# --------------------------------
# Then we update the LDAP resolver
rid = save_resolver({
"resolver":
"myLDAPres",
"type":
"ldapresolver",
'LDAPURI':
'ldap://localhost',
'LDAPBASE':
'o=test',
'BINDDN':
'cn=manager,ou=example,o=test',
'BINDPW':
'ldaptest',
'LOGINNAMEATTRIBUTE':
'cn',
'LDAPSEARCHFILTER':
'(cn=*)',
'LDAPFILTER':
'(&(cn=%s))',
'USERINFO':
'{ "username": "******",'
'"phone" : "telephoneNumber", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE':
'DN'
})
self.assertTrue(rid > 0, rid)
reso_list = get_resolver_list(filter_resolver_name="myLDAPres")
# TODO check the data
ui = ResolverConfig.query.filter(
ResolverConfig.Key == 'USERINFO').first().Value
# Check that the email is NOT contained in the UI
self.assertTrue("email" not in ui, ui)
def test_07_testconnection(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
(success, desc) = LdapMachineResolver.testconnection(MYCONFIG)
self.assertTrue(success)
self.assertEqual(desc, "Your LDAP config seems to be OK, 3 "
"machine objects found.")
def test_02_LDAP_OID(self):
ldap3mock.setLDAPDirectory(LDAPDirectory)
y = LDAPResolver()
y.loadConfig({
'LDAPURI':
'ldap://localhost',
'LDAPBASE':
'o=test',
'BINDDN':
'cn=manager,ou=example,o=test',
'BINDPW':
'ldaptest',
'LOGINNAMEATTRIBUTE':
'cn',
'LDAPSEARCHFILTER':
'(cn=*)',
'LDAPFILTER':
'(&(cn=%s))',
'USERINFO':
'{ "username": "******",'
'"phone" : "telephoneNumber", '
'"mobile" : "mobile"'
', "email" : "mail", '
'"surname" : "sn", '
'"givenname" : "givenName" }',
'UIDTYPE':
'oid',
})
result = y.getUserList({'username': '******'})
self.assertEqual(len(result), 3)
user = "******"
user_id = y.getUserId(user)
self.assertTrue(user_id == "3", "%s" % user_id)
rid = y.getResolverId()
self.assertTrue(rid == "ldap://localhost", rid)
rtype = y.getResolverType()
self.assertTrue(rtype == "ldapresolver", rtype)
rdesc = y.getResolverClassDescriptor()
self.assertTrue("ldapresolver" in rdesc, rdesc)
self.assertTrue("config" in rdesc.get("ldapresolver"), rdesc)
self.assertTrue("clazz" in rdesc.get("ldapresolver"), rdesc)
uinfo = y.getUserInfo("3")
self.assertTrue(uinfo.get("username") == "bob", uinfo)
ret = y.getUserList({"username": "******"})
self.assertTrue(len(ret) == 1, ret)
username = y.getUsername(user_id)
self.assertTrue(username == "bob", username)
res = y.checkPass(user_id, "bobpwééé")
self.assertTrue(res)
res = y.checkPass(user_id, "wrong pw")
self.assertFalse(res)
