def test_connection_targets_separate_branch_of_tree(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' self.assertRaises(backend.LDAPError, backend.initialize, ldapurl) backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) self.assert_(connection) ldapurl = 'ldap://ldap.example.org' dom = 'dc=example,dc=org' self.assertRaises(backend.LDAPError, backend.initialize, ldapurl) backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) self.assert_(connection)
def test_adding_items_to_tree(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' dn = 'uid=uid1,%s' % dom attrs = [('testattr','testattr1')] backend._addTreeItems(ldapurl, dom) c = backend.initialize(ldapurl) c.simple_bind_s() expected = {ldapurl: { 'dc=com': { 'dn': 'dc=com', 'dc=example': { 'dn': 'dc=example,dc=com', 'uid=uid1': { 'dn': 'uid=uid1,dc=example,dc=com', 'uid': ['uid1'], 'testattr': ['testattr1'] } } } }} c.add_s(dn, attrs) self.failUnlessEqual(backend.TREE, expected)
def test_searching_for_user_by_uid_with_only_wildcard_from_branch(self): base_dn = 'ou=users,%s' % self.root_dn connection = backend.initialize(self.ldapurl) connection.simple_bind_s() results = connection.search_s(base_dn, filterstr='(uid=*)') self.assertEqual(len(results), 2)
def test_searching_for_non_matching_attributes(self): base_dn = 'uid=jradford,ou=users,%s' % self.root_dn connection = backend.initialize(self.ldapurl) connection.simple_bind_s() results = connection.search_s(base_dn, attrlist=['uid', 'ou']) self.assertEqual(results[0], (base_dn, {'uid': ['jradford']}))
def test_adding_items_to_tree(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' dn = 'uid=uid1,%s' % dom attrs = [('testattr', 'testattr1')] backend._addTreeItems(ldapurl, dom) c = backend.initialize(ldapurl) c.simple_bind_s() expected = { ldapurl: { 'dc=com': { 'dn': 'dc=com', 'dc=example': { 'dn': 'dc=example,dc=com', 'uid=uid1': { 'dn': 'uid=uid1,dc=example,dc=com', 'uid': ['uid1'], 'testattr': ['testattr1'] } } } } } c.add_s(dn, attrs) self.failUnlessEqual(backend.TREE, expected)
def test_unbound_modifying_raises_error(self): dn, attrs = self.makeOU(self.dom, 'users') backend._addTreeItems(self.ldapurl, dn, attrs) mod_attrs = [(backend.MOD_ADD, 'testattr', 'TESTATTR')] connection = backend.initialize(self.ldapurl) self.assertRaises(backend.LDAPError, connection.modify_s, dn, mod_attrs)
def test_searching_for_everything_from_leaf_node(self): base_dn = 'uid=jradford,ou=users,%s' % self.root_dn connection = backend.initialize(self.ldapurl) connection.simple_bind_s() results = connection.search_s(base_dn) self.assertEqual(len(results), 1)
def test_modifications_fail_when_auth_required(self): backend._toggle_auth_required(self.ldapurl) connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [( backend.MOD_ADD, 'testattr', 'TESTATTR' )] self.assertRaises(backend.STRONG_AUTH_REQUIRED, connection.modify_s, dn, mod_attrs)
def test_deletions_fail_when_auth_required(self): backend._toggle_auth_required(self.ldapurl) connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn self.assertRaises(backend.STRONG_AUTH_REQUIRED, connection.delete_s, dn)
def test_searching_for_user_by_uid_with_wildcard_at_start_and_end_from_root(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() results = connection.search_s(self.root_dn, filterstr='(uid=*dfor*)') self.assertEqual(len(results), 1) self.assertEqual(results[0][0], 'uid=jradford,ou=users,dc=example,dc=com')
def XXtest_bind_with_non_existant_user(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) connection.add_s(*self.makeOU('dc=example,dc=com', 'users')) self.assertRaises(backend.NO_SUCH_OBJECT, connection.simple_bind_s, 'uid=noone,ou=users,dc=example,dc=com', 'password')
def test_bind_with_directory_manager(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) result = connection.simple_bind_s('Manager', 'password') self.assert_(result) self.assert_(connection.bound)
def test_searching_for_user_by_uid_with_wildcard_at_start_from_root(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() results = connection.search_s(self.root_dn, filterstr='(uid=*d)') self.assertEqual(len(results), 1) self.assertEqual(results[0][0], 'uid=jradford,ou=users,dc=example,dc=com')
def test_searching_for_only_dn_attribute(self): base_dn = 'uid=jradford,ou=users,%s' % self.root_dn connection = backend.initialize(self.ldapurl) connection.simple_bind_s() results = connection.search_s(base_dn, attrlist=['dn']) self.assertEqual(len(results), 1) self.assertEqual(results[0], (base_dn, {}))
def test_searching_for_user_by_uid_from_branch(self): base_dn = 'ou=users,%s' % self.root_dn connection = backend.initialize(self.ldapurl) connection.simple_bind_s() results = connection.search_s(base_dn, filterstr='(uid=jradford)') self.assertEqual(len(results), 1) self.assertEqual(results[0][0], 'uid=jradford,ou=users,dc=example,dc=com')
def test_bind_with_blank_password(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) result = connection.simple_bind_s('noone', '') self.assert_(result) self.assert_(connection.bound)
def test_modifications_fail_when_auth_required(self): backend._toggle_auth_required(self.ldapurl) connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [(backend.MOD_ADD, 'testattr', 'TESTATTR')] self.assertRaises(backend.STRONG_AUTH_REQUIRED, connection.modify_s, dn, mod_attrs)
def test_unbound_searching_always_returns_nothing(self): dn, attrs = self.makeOU(self.dom, 'users') backend._addTreeItems(self.ldapurl, dn, attrs) dn, attrs = self.makeUser('ou=users,%s' % self.dom, 'jradford', 'Jacob', 'Radford') backend._addTreeItems(self.ldapurl, dn, attrs) connection = backend.initialize(self.ldapurl) result = connection.search_s(self.dom) self.failIf(result)
def exists(url, dn): connection = backend.initialize(url) try: if connection._search_s(dn, scope=backend.SCOPE_BASE): return True except backend.LDAPError: pass return False
def check_password(url, dn, password): connection = backend.initialize(url) try: connection.simple_bind_s(dn, password) return True except backend.INVALID_CREDENTIALS: pass return False
def test_disconnecting(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) connection.simple_bind_s() connection.search_s( dom ) connection.unbind_s() self.assertRaises(backend.LDAPError, connection.search_s, dom)
def test_deleting_non_existant_node(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=nonentity,ou=users,%s' % self.root_dn connection.delete_s(dn) results = connection.search_s(self.root_dn) self.assert_(len(results) == 4)
def XXtest_bind_with_user_but_wrong_pass(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) connection.add_s(*self.makeOU('dc=example,dc=com', 'users')) connection.add_s(*self.makeUser('ou=users,dc=example,dc=com', 'jradford', 'Jacob', 'Radford')) self.assertRaises(backend.INVALID_CREDENTIALS, connection.simple_bind_s, 'uid=jradford,ou=users,dc=example,dc=com', 'badpassword')
def XXtest_bind_with_user(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) connection.add_s(*self.makeOU('dc=example,dc=com', 'users')) connection.add_s(*self.makeUser('ou=users,dc=example,dc=com', 'jradford', 'Jacob', 'Radford')) result = connection.simple_bind_s('uid=jradford,ou=users,dc=example,dc=com', 'password') self.assert_(result)
def test_disconnecting(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) connection.simple_bind_s() connection.search_s(dom) connection.unbind_s() self.assertRaises(backend.LDAPError, connection.search_s, dom)
def test_modifying_with_mod_delete_on_attrib_using_non_matching_value(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [( backend.MOD_DELETE, 'cn', 'non-existant' )] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.assert_(results[0][1].get('cn') == ['Jacob Radford'])
def test_modifying_with_mod_delete_on_attrib_with_single_value_using_None_value(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [( backend.MOD_DELETE, 'cn', None )] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.failIf(results[0][1].get('cn'))
def test_deleting_root_of_multiple_nodes(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'ou=users,%s' % self.root_dn connection.delete_s(dn) results = connection.search_s(self.root_dn) self.assert_(len(results) == 1) self.assertRaises(backend.NO_SUCH_OBJECT, connection.search_s, dn)
def test_attempted_add_to_non_existant_branch_raises_error(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' dn = 'uid=uid1,ou=users,%s' % dom attrs = dict(testattr='testattr1') backend._addTreeItems(ldapurl, dom) c = backend.initialize(ldapurl) c.simple_bind_s() self.assertRaises(backend.NO_SUCH_OBJECT, c.add_s, dn, attrs)
def test_modifying_with_mod_add_using_arr_value(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [(backend.MOD_ADD, 'testattr', ['TESTATTR'])] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.assert_('TESTATTR' in results[0][1].get('testattr'))
def test_modifying_with_mod_add_using_arr_value(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [( backend.MOD_ADD, 'testattr', ['TESTATTR'] )] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.assert_('TESTATTR' in results[0][1].get('testattr'))
def test_modifying_with_mod_add_to_preexisting_using_str_value(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [( backend.MOD_ADD, 'cn', 'TESTATTR' )] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.assert_('Jacob Radford' in results[0][1].get('cn')) self.assert_('TESTATTR' in results[0][1].get('cn'))
def test_modifying_with_mod_delete_on_attrib_with_single_value_using_None_value( self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [(backend.MOD_DELETE, 'cn', None)] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.failIf(results[0][1].get('cn'))
def test_modifying_with_mod_delete_on_attrib_using_non_matching_value( self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [(backend.MOD_DELETE, 'cn', 'non-existant')] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.assert_(results[0][1].get('cn') == ['Jacob Radford'])
def test_modifying_with_mod_replace_using_arr_value(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [(backend.MOD_REPLACE, 'cn', ['TESTATTR'])] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.failIf('Jacob Radford' in results[0][1].get('cn')) self.assert_('TESTATTR' in results[0][1].get('cn'))
def test_attempted_add_of_duplicate_raises_error(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' dn = 'uid=uid1,%s' % dom attrs = [('testattr', 'testattr1')] backend._addTreeItems(ldapurl, dom) c = backend.initialize(ldapurl) c.simple_bind_s() c.add_s(dn, attrs) self.assertRaises(backend.ALREADY_EXISTS, c.add_s, dn, attrs)
def test_modifying_with_mod_replace_using_arr_value(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [( backend.MOD_REPLACE, 'cn', ['TESTATTR'] )] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.failIf('Jacob Radford' in results[0][1].get('cn')) self.assert_('TESTATTR' in results[0][1].get('cn'))
def test_modifying_with_mod_delete_on_attrib_with_multiple_values_using_matching_str_value(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn self.assert_(connection.search_s(dn)[0][1].get('objectClass') == ['person', 'inetOrgPerson']) mod_attrs = [( backend.MOD_DELETE, 'objectClass', 'inetOrgPerson' )] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.failIf(results[0][1].get('cn') == ['person'])
def test_modifying_with_mod_add_to_preexisting_using_str_value(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn mod_attrs = [(backend.MOD_ADD, 'cn', 'TESTATTR')] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.assert_('Jacob Radford' in results[0][1].get('cn')) self.assert_('TESTATTR' in results[0][1].get('cn'))
def XXtest_bind_with_user(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' backend._addTreeItems(ldapurl, dom) connection = backend.initialize(ldapurl) connection.add_s(*self.makeOU('dc=example,dc=com', 'users')) connection.add_s(*self.makeUser('ou=users,dc=example,dc=com', 'jradford', 'Jacob', 'Radford')) result = connection.simple_bind_s( 'uid=jradford,ou=users,dc=example,dc=com', 'password') self.assert_(result)
def test_attempted_add_of_duplicate_raises_error(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' dn = 'uid=uid1,%s' % dom attrs = [('testattr','testattr1')] backend._addTreeItems(ldapurl, dom) c = backend.initialize(ldapurl) c.simple_bind_s() c.add_s(dn, attrs) self.assertRaises(backend.ALREADY_EXISTS, c.add_s, dn, attrs)
def test_inavlid_bind_removes_prior_bind(self): ldapurl = 'ldap://ldap.example.com' dom = 'dc=example,dc=com' backend._addTreeItems(ldapurl, dom) backend._addTreeItems(ldapurl, *self.makeOU('dc=example,dc=com', 'users')) backend._addTreeItems(ldapurl, *self.makeUser('ou=users,dc=example,dc=com', 'jradford', 'Jacob', 'Radford')) connection = backend.initialize(ldapurl) connection.simple_bind_s('Manager', 'password') self.assert_(connection.bound) self.assertRaises(backend.INVALID_CREDENTIALS, connection.simple_bind_s, 'uid=jradford,ou=users,dc=example,dc=com', 'badpassword') self.failIf(connection.bound)
def test_modifying_with_mod_delete_on_attrib_with_multiple_values_using_matching_str_value( self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'uid=jradford,ou=users,%s' % self.root_dn self.assert_( connection.search_s(dn)[0][1].get('objectClass') == ['person', 'inetOrgPerson']) mod_attrs = [(backend.MOD_DELETE, 'objectClass', 'inetOrgPerson')] connection.modify_s(dn, mod_attrs) results = connection.search_s(dn) self.failIf(results[0][1].get('cn') == ['person'])
def test_moving_single_node(self): connection = backend.initialize(self.ldapurl) connection.simple_bind_s() dn = 'ou=groups,%s' % self.root_dn newrdn = 'ou=orgs' newdn = '%s,%s' % (newrdn, self.root_dn) connection.modrdn_s(dn, newrdn) results = connection.search_s(self.root_dn) new_record = connection.search_s(newdn)[0] self.assert_(len(results) == 4) self.assertRaises(backend.NO_SUCH_OBJECT, connection.search_s, dn) self.assertEqual(new_record[0], newdn) self.assertEqual(new_record[1]['ou'], ['orgs'])