Exemple #1
0
def test_get_members(mocker, settings, group_dn, mock_data, expected):
    mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject')
    mocker.patch(
        'flask_multipass.providers.ldap.providers.build_group_search_filter',
        side_effect=MagicMock(side_effect=mock_data['groups']))
    mocker.patch(
        'flask_multipass.providers.ldap.providers.build_user_search_filter',
        side_effect=MagicMock(side_effect=mock_data['groups']))
    app = Flask('test')
    multipass = Multipass(app)
    with app.app_context():
        idp = LDAPIdentityProvider(multipass, 'LDAP test idp', settings)

    idp._search_groups = MagicMock(
        side_effect=lambda x: mock_data['subgroups'].get(x, []))
    idp._search_users = MagicMock(
        side_effect=lambda x: mock_data['users'].get(x, []))
    group = LDAPGroup(idp, 'LDAP test group', group_dn)

    with pytest.raises(StopIteration):
        members = group.get_members()
        while True:
            member = next(members)
            assert member.provider.name == idp.name
            assert member.identifier == expected.pop(0)
Exemple #2
0
def test_default_idp_settings(mocker, required_settings, expected_settings):
    certifi = mocker.patch('flask_multipass.providers.ldap.providers.certifi')
    certifi.where.return_value = '/default/ca-certs-file'
    app = Flask('test')
    multipass = Multipass(app)
    with app.app_context():
        idp = LDAPIdentityProvider(multipass, 'LDAP test idp',
                                   {'ldap': required_settings})
    assert idp.ldap_settings == expected_settings
Exemple #3
0
def test_has_member_bad_identifier(mocker, settings):
    mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject')
    app = Flask('test')
    multipass = Multipass(app)
    with app.app_context():
        idp = LDAPIdentityProvider(multipass, 'LDAP test idp', settings)
    group = LDAPGroup(idp, 'LDAP test group', 'group_dn')

    with pytest.raises(IdentityRetrievalFailed):
        group.has_member(None)
Exemple #4
0
def test_has_member_slapd(mocker, settings, group_dn, user_mock, expected):
    mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject')
    mocker.patch('flask_multipass.providers.ldap.providers.get_user_by_id',
                 return_value=(user_mock['dn'], user_mock['data']))

    app = Flask('test')
    multipass = Multipass(app)
    with app.app_context():
        idp = LDAPIdentityProvider(multipass, 'LDAP test idp', settings)
    group = LDAPGroup(idp, 'LDAP test group', group_dn)
    assert group.has_member(user_mock['data']['uid'][0]) == expected
def test_get_members(mocker, settings, group_dn, mock_data, expected):
    mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject')
    mocker.patch('flask_multipass.providers.ldap.providers.build_group_search_filter',
                 side_effect=MagicMock(side_effect=mock_data['groups']))
    mocker.patch('flask_multipass.providers.ldap.providers.build_user_search_filter',
                 side_effect=MagicMock(side_effect=mock_data['groups']))
    app = Flask('test')
    multipass = Multipass(app)
    with app.app_context():
        idp = LDAPIdentityProvider(multipass, 'LDAP test idp', settings)

    idp._search_groups = MagicMock(side_effect=lambda x: mock_data['subgroups'].get(x, []))
    idp._search_users = MagicMock(side_effect=lambda x: mock_data['users'].get(x, []))
    group = LDAPGroup(idp, 'LDAP test group', group_dn)

    with pytest.raises(StopIteration):
        members = group.get_members()
        while True:
            member = next(members)
            assert member.provider.name == idp.name
            assert member.identifier == expected.pop(0)
Exemple #6
0
def test_has_member_unknown_user(mocker, settings):
    mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject')
    mocker.patch('flask_multipass.providers.ldap.providers.get_user_by_id',
                 return_value=(None, {
                     'cn': ['Configuration']
                 }))
    app = Flask('test')
    multipass = Multipass(app)
    with app.app_context():
        idp = LDAPIdentityProvider(multipass, 'LDAP test idp', settings)
    group = LDAPGroup(idp, 'LDAP test group', 'group_dn')

    assert not group.has_member('unknown_user')
Exemple #7
0
def test_iter_group(mocker, settings, group_dn, subgroups, expected):
    app = Flask('test')
    multipass = Multipass(app)
    with app.app_context():
        idp = LDAPIdentityProvider(multipass, 'LDAP test idp', settings)
    group = LDAPGroup(idp, 'LDAP test group', group_dn)
    visited_groups = []
    iter_group = group._iter_group()
    # should not throw StopIteration as the initial group dn must be returned first
    current_dn = next(iter_group)
    with pytest.raises(StopIteration):
        while current_dn:
            visited_groups.append(current_dn)
            current_dn = iter_group.send(subgroups.get(current_dn, []))

    assert len(visited_groups) == len(expected)
    assert set(visited_groups) == expected
Exemple #8
0
def test_has_member_ad(mocker, settings, group_mock, user_mock, expected):
    def get_token_groups(user_dn):
        if user_mock['dn'] != user_dn:
            pytest.fail('expected {0}, got {1}'.format(user_mock['dn'],
                                                       user_dn))
        return user_mock['token_groups']

    mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject')
    mocker.patch('flask_multipass.providers.ldap.providers.get_user_by_id',
                 return_value=(user_mock['dn'], user_mock['data']))
    mocker.patch('flask_multipass.providers.ldap.providers.get_group_by_id',
                 return_value=(group_mock['dn'], group_mock['data']))
    mocker.patch(
        'flask_multipass.providers.ldap.providers.get_token_groups_from_user_dn',
        side_effect=get_token_groups)

    app = Flask('test')
    multipass = Multipass(app)
    with app.app_context():
        idp = LDAPIdentityProvider(multipass, 'LDAP test idp', settings)
    group = LDAPGroup(idp, 'LDAP test group', group_mock['dn'])
    assert group.has_member(user_mock['data']['uid'][0]) == expected