nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-01-27 00:33:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
davical/testing/tests/ldap/0004-sync-ldap-changes.test
Andrew Ruthven 87c3df891b Fix typo, remove sleep 60!!
2024-05-01 22:32:33 +12:00

130 lines
3.6 KiB
Plaintext
Raw Permalink Blame History

# Copyright (c) 2021-2024 Andrew Ruthven <andrew@etc.gen.nz>
# Portions Copyright (c) Best Practical Solutions, LLC
# <sales@bestpractical.com>, licensed under the GPL v2.
#
# In this test we create LDAP records that are slightly different from
# the previous test to make sure that changes are reflected.
#
# Database will start with:
# pg_ldap_group1: pg_ldap1
# pg_ldap_group2: pg_ldap2
# pg_ldap_group3: <empty>
# pg_ldap_group4: pg_ldap1
#
# We will change that to:
# pg_ldap_group1: pg_ldap2
# pg_ldap_group2: pg_ldap1, pg_ldap2
# pg_ldap_group3: pg_ldap1
# pg_ldap_group4: <empty>
#
# The fullname for each group should change from "pg LDAP Group $n" to
# "pg_ldap_group_$n".
#
BEGINPERL
if ($debug) { $ENV{'LDAP_DEBUG'} = 1 };
use Net::LDAP::Server::Test;
use Net::LDAP;
use IO::Socket::INET;
my $ldap_port = 21394;
my $ldap_socket = IO::Socket::INET->new(
Listen => 5,
Proto => 'tcp',
Reuse => 1,
LocalPort => $ldap_port,
);
# Keep it around after this block exits.
$evaled{'ldap_server'} = Net::LDAP::Server::Test->new( $ldap_socket, auto_schema => 1 );
my $ldap = Net::LDAP->new("localhost:$ldap_port") || die "Failed to instantiate Net::LDAP: $!";
$ldap->bind();
my $base = "dc=example,dc=com";
my $users = "ou=users,$base";
my $groups = "ou=groups,$base";
$ldap->add( $base );
# pg = posixGroup
for my $username (qw/pg_ldap1 pg_ldap2/) {
my $dn = "uid=$username,$users";
(my $cn = $username) =~ s/_ldap(\d+)/LDAP $1/;
my $entry = {
cn => $cn,
mail => "$username\@example.com",
uid => $username,
objectClass => 'person',
userPassword => $username,
modifyTimestamp => 20240203001020,
};
$ldap->add( $dn, attr => [%$entry] );
}
make_group($ldap, 'pg_ldap_group1', 'pg_ldap2');
make_group($ldap, 'pg_ldap_group2', 'pg_ldap1', 'pg_ldap2');
make_group($ldap, 'pg_ldap_group3', 'pg_ldap1');
make_group($ldap, 'pg_ldap_group4');
# We need to keep the client around, otherwise the test server will exit.
$evaled{'ldap_client'} = $ldap;
sub make_group {
my $ldap = shift;
my $name = shift;
my @users = @_;
my $dn = "cn=$name,$groups";
my $entry = {
cn => $name,
objectClass => 'posixGroup',
description => $name,
(@users
? (memberUid => [ @users ])
: ()
),
modifyTimestamp => 20240203001020,
};
$ldap->add( $dn, attr => [%$entry] );
}
ENDPERL
SCRIPT=../scripts/cron-sync-ldap.php regression_ldap.host
# Testing logging in as one of the users - should work.
TYPE=PROPFIND
HEADER=Content-Type: text/xml
HEADER=Depth: 1
AUTH=pg_ldap1:pg_ldap1
HEAD
BEGINDATA
<?xml version="1.0" encoding="utf-8" ?>
<D:propfind xmlns:D="DAV:">
<D:prop>
<D:resourcetype/>
</D:prop>
</D:propfind>
ENDDATA
URL=http://regression_ldap.host/caldav.php/
# Check that a usr record has been created for all users and groups
QUERY
SELECT active, email, fullname, last_used, password, username
FROM usr
WHERE username LIKE 'pg_ldap%'
ORDER BY username;
ENDQUERY
# Check that group membership matches what was created above.
QUERY
SELECT grp_u.username AS group_name, usr_u.username AS user_name
FROM principal AS grp_p
left join group_member ON (grp_p.principal_id = group_member.group_id)
left join principal AS usr_p ON (group_member.member_id = usr_p.principal_id)
left join usr AS usr_u ON (usr_p.user_no = usr_u.user_no)
left join usr AS grp_u ON (grp_p.user_no = grp_u.user_no)
WHERE grp_u.username LIKE 'pg_ldap_group%'
ORDER BY group_name, user_name;
ENDQUERY
Reference in New Issue View Git Blame Copy Permalink