def testConnectSSL(self): cfg2 = cfg.copy() cfg2['uri'] = 'ldaps://ldap.dnscherry.org:637' cfg2['checkcert'] = 'on' inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid') ldap = inv._connect() ldap.simple_bind_s(inv.binddn, inv.bindpassword)
def testConnectStartTLS(self): cfg2 = cfg.copy() cfg2['uri'] = 'ldap://ldap.ldapcherry.org:390' cfg2['checkcert'] = 'off' cfg2['starttls'] = 'on' cfg2['ca'] = './test/cfg/ca.crt' inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid') ldapc = inv._connect() ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
def testDelUserDontExists(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') try: inv.del_user(u'test☭') inv.del_user(u'test☭') except UserDoesntExist: return else: raise AssertionError("expected an exception")
def testMissingCA(self): cfg2 = cfg.copy() cfg2['uri'] = 'ldaps://ldap.dnscherry.org:637' cfg2['checkcert'] = 'on' cfg2['ca'] = './test/cfg/not_a_ca.crt' try: inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid') ldapc = inv._connect() except CaFileDontExist as e: return else: raise AssertionError("expected an exception")
def testConnectSSLWrongCA(self): cfg2 = cfg.copy() cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637' cfg2['checkcert'] = 'on' inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid') ldapc = inv._connect() try: ldapc.simple_bind_s(inv.binddn, inv.bindpassword) except ldap.SERVER_DOWN as e: assert e[0]['info'] == 'TLS: hostname does not match CN in peer certificate' else: raise AssertionError("expected an exception")
def testLdapUnavaible(self): cfg2 = cfg.copy() cfg2['uri'] = 'ldaps://notaldap:637' cfg2['checkcert'] = 'on' inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid') try: ldapc = inv._connect() ldapc.simple_bind_s(inv.binddn, inv.bindpassword) except ldap.SERVER_DOWN as e: return else: raise AssertionError("expected an exception")
def testGetUser(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') ret = inv.get_user(u'jwatsoné') expected = { 'uid': u'jwatsoné', 'objectClass': 'inetOrgPerson', 'carLicense': 'HERCAR 125', 'sn': 'watson', 'mail': '*****@*****.**', 'homePhone': '555-111-2225', 'cn': 'John Watson', 'userPassword': u'passwordwatsoné' } assert ret == expected
def testAddUserMissingMustattribute(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') user = { 'uid': u'test☭', 'sn': u'test☭', 'cn': u'test☭', 'userPassword': u'test☭', 'gidNumber': '42', 'homeDirectory': '/home/test/' } try: inv.add_user(user) except ldap.OBJECT_CLASS_VIOLATION: return else: inv.del_user(u'test☭') raise AssertionError("expected an exception")
def testAddUser(self): try: inv.del_user(u'test☭,cn=') except: pass inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') user = { 'uid': u'test☭,cn=', 'sn': u'test☭', 'cn': u'test☭', 'userPassword': u'test☭', 'uidNumber': '42', 'gidNumber': '42', 'homeDirectory': '/home/test/' } inv.add_user(user) inv.del_user(u'test☭,cn=')
def testMissingParam(self): cfg2 = {} return True try: inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid') except MissingKey: return else: raise AssertionError("expected an exception")
def testSearchUser(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') ret = inv.search('smith') expected = { 'ssmith': { 'sn': 'smith', 'uid': 'ssmith', 'cn': 'Sheri Smith', 'userPassword': '******' }, 'jsmith': { 'sn': 'Smith', 'uid': 'jsmith', 'cn': 'John Smith', 'userPassword': '******' } } assert ret == expected
def testAddDeleteGroups(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') groups = [ 'cn=hrpeople,ou=Groups,dc=example,dc=org', 'cn=itpeople,ou=Groups,dc=example,dc=org', ] inv.add_to_groups(u'jwatsoné', groups) ret = inv.get_groups(u'jwatsoné') inv.del_from_groups(u'jwatsoné', ['cn=hrpeople,ou=Groups,dc=example,dc=org']) inv.del_from_groups(u'jwatsoné', ['cn=hrpeople,ou=Groups,dc=example,dc=org']) assert ret == [ 'cn=itpeople,ou=Groups,dc=example,dc=org', 'cn=hrpeople,ou=Groups,dc=example,dc=org' ]
def testModifyUser(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') user = { 'uid': u'test☭', 'sn': u'test☭', 'cn': u'test☭', 'userPassword': u'test☭', 'uidNumber': '42', 'gidNumber': '42', 'homeDirectory': '/home/test/' } inv.add_user(user) inv.set_attrs(u'test☭', {'gecos': 'test2', 'homeDirectory': '/home/test/'}) inv.del_user(u'test☭')
def testAddDeleteGroups(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') groups = [ 'cn=hrpeople,ou=Groups,dc=example,dc=org', 'cn=itpeople,ou=Groups,dc=example,dc=org', ] inv.add_to_groups(u'jwatsoné', groups) ret = inv.get_groups(u'jwatsoné') inv.del_from_groups(u'jwatsoné', ['cn=hrpeople,ou=Groups,dc=example,dc=org']) inv.del_from_groups(u'jwatsoné', ['cn=hrpeople,ou=Groups,dc=example,dc=org']) assert ret == ['cn=itpeople,ou=Groups,dc=example,dc=org', 'cn=hrpeople,ou=Groups,dc=example,dc=org']
def testAddUserDuplicate(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') user = { 'uid': u'test☭', 'sn': u'test☭', 'cn': u'test☭', 'uidNumber': '42', 'userPassword': u'test☭', 'gidNumber': '42', 'homeDirectory': '/home/test/' } try: inv.add_user(user) inv.add_user(user) except UserAlreadyExists: inv.del_user(u'test☭') return else: inv.del_user(u'test☭') raise AssertionError("expected an exception")
def testAuthFailure(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') res = inv.auth('notauser', 'password') or inv.auth(u'jwatsoné', 'notapasswordé') assert res == False
def testGetUser(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') ret = inv.get_user(u'jwatsoné') expected = {'uid': u'jwatsoné', 'cn': 'John Watson', 'sn': 'watson'} assert ret == expected
def testConnect(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') ldap = inv._connect() ldap.simple_bind_s(inv.binddn, inv.bindpassword) return True
def testNominal(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') return True
def testSearchUser(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') ret = inv.search('smith') expected = {'ssmith': {'sn': 'smith', 'uid': 'ssmith', 'cn': 'Sheri Smith', 'userPassword': '******'}, 'jsmith': {'sn': 'Smith', 'uid': 'jsmith', 'cn': 'John Smith', 'userPassword': '******'}} assert ret == expected
def testGetGroups(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') ret = inv.get_groups(u'jwatsoné') expected = ['cn=itpeople,ou=Groups,dc=example,dc=org'] assert ret == expected
def testAuthSuccess(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') ret = inv.auth(u'jwatsoné', u'passwordwatsoné') assert ret == True
def testGetUser(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') ret = inv.get_user(u'jwatsoné') expected = {'uid': u'jwatsoné', 'objectClass': 'inetOrgPerson', 'carLicense': 'HERCAR 125', 'sn': 'watson', 'mail': '*****@*****.**', 'homePhone': '555-111-2225', 'cn': 'John Watson', 'userPassword': u'passwordwatsoné'} assert ret == expected
def testAuthFailure(self): inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') res = inv.auth('notauser', 'password') or inv.auth( u'jwatsoné', 'notapasswordé') assert res == False
} def syslog_error(msg='', context='', severity=logging.INFO, traceback=False): pass cherrypy.log.error = syslog_error attr = [ 'shéll', 'cn', 'uid', 'uidNumber', 'gidNumber', 'home', 'userPassword', 'givenName', 'email', 'sn' ] cherrypy.log.error = syslog_error inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') print inv.get_user('jwatson') print inv.get_groups('jwatson') print inv.search('smit') user = { 'uid': 'test', 'sn': 'test', 'cn': 'test', 'userPassword': '******', 'uidNumber': '42', 'gidNumber': '42', 'homeDirectory': '/home/test/' } inv.add_user(user) print inv.get_user('test') print inv.get_groups('test')
'dn_user_attr' : 'uid', 'group_attr.uniqMember' : "%(dn)s", 'group_attr.memberUid' : "%(uid)s", } def syslog_error(msg='', context='', severity=logging.INFO, traceback=False): pass cherrypy.log.error = syslog_error attr = ['shéll', 'cn', 'uid', 'uidNumber', 'gidNumber', 'home', 'userPassword', 'givenName', 'email', 'sn'] cherrypy.log.error = syslog_error inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid') print inv.get_user('jwatson') print inv.get_groups('jwatson') print inv.search('smit') user = { 'uid': 'test', 'sn': 'test', 'cn': 'test', 'userPassword': '******', 'uidNumber': '42', 'gidNumber': '42', 'homeDirectory': '/home/test/' } inv.add_user(user) print inv.get_user('test') print inv.get_groups('test')