From 58a5315f2b1b2f3d0f742dfd3793a562acae5711 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Fri, 26 Sep 2014 17:09:52 -0700 Subject: [PATCH 01/33] Hook up separate OpenLDAP install, build steps --- .travis.yml | 12 ++++++++++++ script/cibuild-apacheds | 3 +++ script/cibuild-openldap | 3 +++ script/install-openldap | 3 +++ 4 files changed, 21 insertions(+) create mode 100755 script/cibuild-apacheds create mode 100755 script/cibuild-openldap create mode 100755 script/install-openldap diff --git a/.travis.yml b/.travis.yml index 8f17123..8536179 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,5 +3,17 @@ rvm: - 1.9.3 - 2.1.0 +env: + matrix: + - TESTENV=openldap + - TESTENV=apacheds + +install: + - if [ "$TESTENV" = "openldap" ]; then ./script/install-openldap; fi + +script: + - if [ "$TESTENV" = "openldap" ]; then ./script/cibuild-openldap; fi + - if [ "$TESTENV" = "apacheds" ]; then ./script/cibuild-apacheds; fi + notifications: email: false diff --git a/script/cibuild-apacheds b/script/cibuild-apacheds new file mode 100755 index 0000000..8fdaec9 --- /dev/null +++ b/script/cibuild-apacheds @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +rake diff --git a/script/cibuild-openldap b/script/cibuild-openldap new file mode 100755 index 0000000..0304526 --- /dev/null +++ b/script/cibuild-openldap @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +echo "OpenLDAP test runner stub" diff --git a/script/install-openldap b/script/install-openldap new file mode 100755 index 0000000..815cb9a --- /dev/null +++ b/script/install-openldap @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +echo "OpenLDAP installer stub" From 87592057c84e999c9731d75fb3990d894d78c574 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Fri, 26 Sep 2014 17:17:26 -0700 Subject: [PATCH 02/33] RVM exec rake for testing ApacheDS tests --- script/cibuild-apacheds | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/script/cibuild-apacheds b/script/cibuild-apacheds index 8fdaec9..b5f928f 100755 --- a/script/cibuild-apacheds +++ b/script/cibuild-apacheds @@ -1,3 +1,3 @@ #!/usr/bin/env sh -rake +rvm exec rake From 392410f220a8d89eaa445a327cb9e4af06385470 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Fri, 26 Sep 2014 17:23:03 -0700 Subject: [PATCH 03/33] Simplify a bit --- script/cibuild-apacheds | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/script/cibuild-apacheds b/script/cibuild-apacheds index b5f928f..dee4823 100755 --- a/script/cibuild-apacheds +++ b/script/cibuild-apacheds @@ -1,3 +1,4 @@ #!/usr/bin/env sh -rvm exec rake +cd .. +rake From 5844fe617662cdb410eacb1e93f116744be29c59 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 16:31:58 -0700 Subject: [PATCH 04/33] Fast finish, simplify script, remove extraneous bits --- .travis.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.travis.yml b/.travis.yml index 8536179..c567448 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,19 +1,19 @@ language: ruby rvm: - - 1.9.3 - - 2.1.0 + - 1.9.3 + - 2.1.0 env: - matrix: - - TESTENV=openldap - - TESTENV=apacheds + - TESTENV=openldap + - TESTENV=apacheds install: - if [ "$TESTENV" = "openldap" ]; then ./script/install-openldap; fi script: - - if [ "$TESTENV" = "openldap" ]; then ./script/cibuild-openldap; fi - - if [ "$TESTENV" = "apacheds" ]; then ./script/cibuild-apacheds; fi + - ./script/cibuild-$TESTENV +matrix: + fast_finish: true notifications: email: false From 2397389cb0d2efd415c56bc728cb28caf22abc3e Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 16:32:31 -0700 Subject: [PATCH 05/33] Compute relative path to cd into, add debugging output --- script/cibuild-apacheds | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/script/cibuild-apacheds b/script/cibuild-apacheds index dee4823..0da077d 100755 --- a/script/cibuild-apacheds +++ b/script/cibuild-apacheds @@ -1,4 +1,9 @@ #!/usr/bin/env sh +set -e +set -x + +echo pwd +cd `dirname $0`/.. +echo pwd -cd .. rake From efcd72ed2fc0299a63f49becbc5b805556d342f3 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 16:48:51 -0700 Subject: [PATCH 06/33] Bundle exec --- script/cibuild-apacheds | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/script/cibuild-apacheds b/script/cibuild-apacheds index 0da077d..7244dfe 100755 --- a/script/cibuild-apacheds +++ b/script/cibuild-apacheds @@ -2,8 +2,8 @@ set -e set -x -echo pwd +echo `pwd` cd `dirname $0`/.. -echo pwd +echo `pwd` -rake +bundle exec rake From f566ababd730b9fd28c9dac87f65b8209ae57ebf Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 16:52:49 -0700 Subject: [PATCH 07/33] bundle install --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index c567448..09e4709 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,6 +9,7 @@ env: install: - if [ "$TESTENV" = "openldap" ]; then ./script/install-openldap; fi + - bundle install script: - ./script/cibuild-$TESTENV From 4efafa69cb76824d7d091d7848a702a2285eb9ee Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 17:33:18 -0700 Subject: [PATCH 08/33] Install, configure, seed OpenLDAP --- script/install-openldap | 29 +++ test/fixtures/openldap/memberof.ldif | 33 +++ test/fixtures/openldap/seed.ldif | 316 +++++++++++++++++++++++++ test/fixtures/openldap/slapd.conf.ldif | 67 ++++++ 4 files changed, 445 insertions(+) create mode 100644 test/fixtures/openldap/memberof.ldif create mode 100644 test/fixtures/openldap/seed.ldif create mode 100644 test/fixtures/openldap/slapd.conf.ldif diff --git a/script/install-openldap b/script/install-openldap index 815cb9a..3ef514d 100755 --- a/script/install-openldap +++ b/script/install-openldap @@ -1,3 +1,32 @@ #!/usr/bin/env sh echo "OpenLDAP installer stub" + +DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y --force-yes slapd time ldap-utils + +BASE_PATH="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && cd ../test/fixtures/openldap && pwd )" + +# setup base configuration, schemas +sudo slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/slapd.conf.ldif +# load memberof and ref-int overlays and configure them +sudo slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/memberof.ldif + +# Add base domain. +sudo slapadd -F /etc/ldap/slapd.d < Date: Mon, 29 Sep 2014 17:39:14 -0700 Subject: [PATCH 09/33] :fire: unnecessary debugging --- script/cibuild-apacheds | 2 -- 1 file changed, 2 deletions(-) diff --git a/script/cibuild-apacheds b/script/cibuild-apacheds index 7244dfe..6e02fa0 100755 --- a/script/cibuild-apacheds +++ b/script/cibuild-apacheds @@ -2,8 +2,6 @@ set -e set -x -echo `pwd` cd `dirname $0`/.. -echo `pwd` bundle exec rake From af39c0ce4afe3cc2d1d1b59de8b004b727f0b7ee Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 17:39:40 -0700 Subject: [PATCH 10/33] Fail on error, adjust base path computation --- script/install-openldap | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/script/install-openldap b/script/install-openldap index 3ef514d..6f47260 100755 --- a/script/install-openldap +++ b/script/install-openldap @@ -1,10 +1,14 @@ #!/usr/bin/env sh +set -e +set -x echo "OpenLDAP installer stub" DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y --force-yes slapd time ldap-utils -BASE_PATH="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && cd ../test/fixtures/openldap && pwd )" +BASE_PATH="$( cd `dirname $0`/../test/fixtures/openldap && pwd )" + +sudo /etc/init.d/slapd stop # setup base configuration, schemas sudo slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/slapd.conf.ldif From 6e2d2c30583890d44ed148cf31666bc3ee74f5e1 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 21:05:23 -0700 Subject: [PATCH 11/33] Wipe out old config first --- script/install-openldap | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/script/install-openldap b/script/install-openldap index 6f47260..22921b0 100755 --- a/script/install-openldap +++ b/script/install-openldap @@ -2,17 +2,24 @@ set -e set -x -echo "OpenLDAP installer stub" - -DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y --force-yes slapd time ldap-utils +TMPDIR=$(mktemp -d) +cd $TMPDIR BASE_PATH="$( cd `dirname $0`/../test/fixtures/openldap && pwd )" +DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y --force-yes slapd time ldap-utils + sudo /etc/init.d/slapd stop -# setup base configuration, schemas +ls -lah /etc/ldap/slapd.d + +# Delete data and reconfigure. +sudo cp -v /var/lib/ldap/DB_CONFIG ./DB_CONFIG +sudo rm -rf /etc/ldap/slapd.d/* +sudo rm -rf /var/lib/ldap/* +sudo cp -v ./DB_CONFIG /var/lib/ldap/DB_CONFIG sudo slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/slapd.conf.ldif -# load memberof and ref-int overlays and configure them +# Load memberof and ref-int overlays and configure them. sudo slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/memberof.ldif # Add base domain. @@ -34,3 +41,5 @@ sudo /etc/init.d/slapd start cat $BASE_PATH/seed.ldif | /usr/bin/time sudo ldapadd -x -D "cn=admin,dc=github,dc=org" -w passworD1 \ -h localhost -p 389 + +sudo rm -rf $TMPDIR From e4f0a198b2acb3da1b1eefe138dac468c48c95cc Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 21:09:16 -0700 Subject: [PATCH 12/33] Switch things around to keep the path sane --- script/install-openldap | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/script/install-openldap b/script/install-openldap index 22921b0..c6c67c7 100755 --- a/script/install-openldap +++ b/script/install-openldap @@ -2,16 +2,14 @@ set -e set -x -TMPDIR=$(mktemp -d) -cd $TMPDIR - BASE_PATH="$( cd `dirname $0`/../test/fixtures/openldap && pwd )" DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y --force-yes slapd time ldap-utils sudo /etc/init.d/slapd stop -ls -lah /etc/ldap/slapd.d +TMPDIR=$(mktemp -d) +cd $TMPDIR # Delete data and reconfigure. sudo cp -v /var/lib/ldap/DB_CONFIG ./DB_CONFIG From 2e4ce0fcc1b681e8964d42d6f3d8590f1c06ebd2 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 21:27:45 -0700 Subject: [PATCH 13/33] Run the test suite with OpenLDAP --- script/cibuild-openldap | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/script/cibuild-openldap b/script/cibuild-openldap index 0304526..6e02fa0 100755 --- a/script/cibuild-openldap +++ b/script/cibuild-openldap @@ -1,3 +1,7 @@ #!/usr/bin/env sh +set -e +set -x -echo "OpenLDAP test runner stub" +cd `dirname $0`/.. + +bundle exec rake From 19d2fb9ab2f347456f8705872e17c3d9ea51e34b Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 21:37:53 -0700 Subject: [PATCH 14/33] Go back to dc=github,dc=com to match existing fixtures --- script/install-openldap | 4 +- test/fixtures/openldap/seed.ldif | 240 ++++++++++++------------- test/fixtures/openldap/slapd.conf.ldif | 8 +- 3 files changed, 126 insertions(+), 126 deletions(-) diff --git a/script/install-openldap b/script/install-openldap index c6c67c7..bdbeae9 100755 --- a/script/install-openldap +++ b/script/install-openldap @@ -22,7 +22,7 @@ sudo slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/memberof.ldif # Add base domain. sudo slapadd -F /etc/ldap/slapd.d < Date: Mon, 29 Sep 2014 21:40:05 -0700 Subject: [PATCH 15/33] Start test server with ladle when in apacheds test env only --- test/test_helper.rb | 40 ++++++++++++++++++++++++++++++++-------- 1 file changed, 32 insertions(+), 8 deletions(-) diff --git a/test/test_helper.rb b/test/test_helper.rb index d996c5f..720d988 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -13,6 +13,10 @@ require 'minitest/autorun' class GitHub::Ldap::Test < Minitest::Test + def self.test_env + ENV['TESTENV'] || "apacheds" + end + def self.run(reporter, options = {}) start_server super @@ -20,26 +24,46 @@ def self.run(reporter, options = {}) end def self.stop_server - GitHub::Ldap.stop_server + if test_env == "apacheds" + GitHub::Ldap.stop_server + end end def self.start_server - server_opts = respond_to?(:test_server_options) ? test_server_options : {} - GitHub::Ldap.start_server(server_opts) + if test_env == "apacheds" + server_opts = respond_to?(:test_server_options) ? test_server_options : {} + GitHub::Ldap.start_server(server_opts) + end end def options @service = MockInstrumentationService.new - @options ||= GitHub::Ldap.server_options.merge \ - host: 'localhost', - uid: 'uid', - :instrumentation_service => @service + @options ||= + case self.class.test_env + when "apacheds" + GitHub::Ldap.server_options.merge \ + host: 'localhost', + uid: 'uid', + instrumentation_service: @service + when "openldap" + { + host: 'localhost', + port: 389 + admin_user: 'uid=admin,dc=github,dc=com', + admin_password: 'passworD1', + search_domains: %w(dc=github,dc=com), + uid: 'uid', + instrumentation_service: @service + } + end end end class GitHub::Ldap::UnauthenticatedTest < GitHub::Ldap::Test def self.start_server - GitHub::Ldap.start_server(:allow_anonymous => true) + if test_env == "apacheds" + GitHub::Ldap.start_server(:allow_anonymous => true) + end end def options From 33ad5a893291fd57b7daf8eb09758e6d6ee88286 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 29 Sep 2014 21:54:11 -0700 Subject: [PATCH 16/33] I hear commas are good --- test/test_helper.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test_helper.rb b/test/test_helper.rb index 720d988..f12ddbc 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -48,7 +48,7 @@ def options when "openldap" { host: 'localhost', - port: 389 + port: 389, admin_user: 'uid=admin,dc=github,dc=com', admin_password: 'passworD1', search_domains: %w(dc=github,dc=com), From 94d5b828c8de14e12f1f6c776840d36cb9822ec6 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Sun, 5 Oct 2014 18:56:22 -0700 Subject: [PATCH 17/33] Create a 'common' fixture file --- test/fixtures/common/seed.ldif | 336 +++++++++++++++++++++++++++++++++ 1 file changed, 336 insertions(+) create mode 100644 test/fixtures/common/seed.ldif diff --git a/test/fixtures/common/seed.ldif b/test/fixtures/common/seed.ldif new file mode 100644 index 0000000..3067949 --- /dev/null +++ b/test/fixtures/common/seed.ldif @@ -0,0 +1,336 @@ +dn: ou=People,dc=github,dc=com +objectClass: top +objectClass: organizationalUnit +ou: People + +dn: ou=Groups,dc=github,dc=com +objectClass: top +objectClass: organizationalUnit +ou: Groups + +# Directory Superuser +dn: uid=admin,dc=github,dc=com +uid: admin +cn: system administrator +sn: administrator +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +displayName: Directory Superuser +userPassword: passworD1 + +# Users 1-10 + +dn: uid=user1,ou=People,dc=github,dc=com +uid: user1 +cn: user1 +sn: user1 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user1@openldap.ghe.local + +dn: uid=user2,ou=People,dc=github,dc=com +uid: user2 +cn: user2 +sn: user2 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user2@openldap.ghe.local + +dn: uid=user3,ou=People,dc=github,dc=com +uid: user3 +cn: user3 +sn: user3 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user3@openldap.ghe.local + +dn: uid=user4,ou=People,dc=github,dc=com +uid: user4 +cn: user4 +sn: user4 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user4@openldap.ghe.local + +dn: uid=user5,ou=People,dc=github,dc=com +uid: user5 +cn: user5 +sn: user5 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user5@openldap.ghe.local + +dn: uid=user6,ou=People,dc=github,dc=com +uid: user6 +cn: user6 +sn: user6 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user6@openldap.ghe.local + +dn: uid=user7,ou=People,dc=github,dc=com +uid: user7 +cn: user7 +sn: user7 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user7@openldap.ghe.local + +dn: uid=user8,ou=People,dc=github,dc=com +uid: user8 +cn: user8 +sn: user8 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user8@openldap.ghe.local + +dn: uid=user9,ou=People,dc=github,dc=com +uid: user9 +cn: user9 +sn: user9 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user9@openldap.ghe.local + +dn: uid=user10,ou=People,dc=github,dc=com +uid: user10 +cn: user10 +sn: user10 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: user10@openldap.ghe.local + +# Emailless User 1 + +dn: uid=emailless-user1,ou=People,dc=github,dc=com +uid: emailless-user1 +cn: emailless-user1 +sn: emailless-user1 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 + +# Admin User 1 + +dn: uid=admin1,ou=People,dc=github,dc=com +uid: admin1 +cn: admin1 +sn: admin1 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 +mail: admin1@openldap.ghe.local + +# Groups + +dn: cn=ghe-users,ou=Groups,dc=github,dc=com +cn: ghe-users +objectClass: groupOfNames +member: uid=user1,ou=People,dc=github,dc=com +member: uid=emailless-user1,ou=People,dc=github,dc=com + +dn: cn=all-users,ou=Groups,dc=github,dc=com +cn: all-users +objectClass: groupOfNames +member: cn=ghe-users,ou=Groups,dc=github,dc=com +member: uid=user1,ou=People,dc=github,dc=com +member: uid=user2,ou=People,dc=github,dc=com +member: uid=user3,ou=People,dc=github,dc=com +member: uid=user4,ou=People,dc=github,dc=com +member: uid=user5,ou=People,dc=github,dc=com +member: uid=user6,ou=People,dc=github,dc=com +member: uid=user7,ou=People,dc=github,dc=com +member: uid=user8,ou=People,dc=github,dc=com +member: uid=user9,ou=People,dc=github,dc=com +member: uid=user10,ou=People,dc=github,dc=com +member: uid=emailless-user1,ou=People,dc=github,dc=com + +dn: cn=ghe-admins,ou=Groups,dc=github,dc=com +cn: ghe-admins +objectClass: groupOfNames +member: uid=admin1,ou=People,dc=github,dc=com + +dn: cn=all-admins,ou=Groups,dc=github,dc=com +cn: all-admins +objectClass: groupOfNames +member: cn=ghe-admins,ou=Groups,dc=github,dc=com +member: uid=admin1,ou=People,dc=github,dc=com + +dn: cn=n-member-group10,ou=Groups,dc=github,dc=com +cn: n-member-group10 +objectClass: groupOfNames +member: uid=user1,ou=People,dc=github,dc=com +member: uid=user2,ou=People,dc=github,dc=com +member: uid=user3,ou=People,dc=github,dc=com +member: uid=user4,ou=People,dc=github,dc=com +member: uid=user5,ou=People,dc=github,dc=com +member: uid=user6,ou=People,dc=github,dc=com +member: uid=user7,ou=People,dc=github,dc=com +member: uid=user8,ou=People,dc=github,dc=com +member: uid=user9,ou=People,dc=github,dc=com +member: uid=user10,ou=People,dc=github,dc=com + +dn: cn=nested-group1,ou=Groups,dc=github,dc=com +cn: nested-group1 +objectClass: groupOfNames +member: uid=user1,ou=People,dc=github,dc=com +member: uid=user2,ou=People,dc=github,dc=com +member: uid=user3,ou=People,dc=github,dc=com +member: uid=user4,ou=People,dc=github,dc=com +member: uid=user5,ou=People,dc=github,dc=com +member: uid=user6,ou=People,dc=github,dc=com +member: uid=user7,ou=People,dc=github,dc=com +member: uid=user8,ou=People,dc=github,dc=com +member: uid=user9,ou=People,dc=github,dc=com +member: uid=user10,ou=People,dc=github,dc=com + +dn: cn=nested-groups,ou=Groups,dc=github,dc=com +cn: nested-groups +objectClass: groupOfNames +member: cn=nested-group1,ou=Groups,dc=github,dc=com + +dn: cn=n-member-nested-group1,ou=Groups,dc=github,dc=com +cn: n-member-nested-group1 +objectClass: groupOfNames +member: cn=nested-group1,ou=Groups,dc=github,dc=com + +dn: cn=deeply-nested-group0.0.0,ou=Groups,dc=github,dc=com +cn: deeply-nested-group0.0.0 +objectClass: groupOfNames +member: uid=user1,ou=People,dc=github,dc=com +member: uid=user2,ou=People,dc=github,dc=com +member: uid=user3,ou=People,dc=github,dc=com +member: uid=user4,ou=People,dc=github,dc=com +member: uid=user5,ou=People,dc=github,dc=com + +dn: cn=deeply-nested-group0.0.1,ou=Groups,dc=github,dc=com +cn: deeply-nested-group0.0.1 +objectClass: groupOfNames +member: uid=user6,ou=People,dc=github,dc=com +member: uid=user7,ou=People,dc=github,dc=com +member: uid=user8,ou=People,dc=github,dc=com +member: uid=user9,ou=People,dc=github,dc=com +member: uid=user10,ou=People,dc=github,dc=com + +dn: cn=deeply-nested-group0.0,ou=Groups,dc=github,dc=com +cn: deeply-nested-group0.0 +objectClass: groupOfNames +member: cn=deeply-nested-group0.0.0,ou=Groups,dc=github,dc=com +member: cn=deeply-nested-group0.0.1,ou=Groups,dc=github,dc=com + +dn: cn=deeply-nested-group0,ou=Groups,dc=github,dc=com +cn: deeply-nested-group0 +objectClass: groupOfNames +member: cn=deeply-nested-group0.0,ou=Groups,dc=github,dc=com + +dn: cn=deeply-nested-groups,ou=Groups,dc=github,dc=com +cn: deeply-nested-groups +objectClass: groupOfNames +member: cn=deeply-nested-group0,ou=Groups,dc=github,dc=com + +dn: cn=n-depth-nested-group1,ou=Groups,dc=github,dc=com +cn: n-depth-nested-group1 +objectClass: groupOfNames +member: cn=nested-group1,ou=Groups,dc=github,dc=com + +dn: cn=n-depth-nested-group2,ou=Groups,dc=github,dc=com +cn: n-depth-nested-group2 +objectClass: groupOfNames +member: cn=n-depth-nested-group1,ou=Groups,dc=github,dc=com + +dn: cn=n-depth-nested-group3,ou=Groups,dc=github,dc=com +cn: n-depth-nested-group3 +objectClass: groupOfNames +member: cn=n-depth-nested-group2,ou=Groups,dc=github,dc=com + +dn: cn=n-depth-nested-group4,ou=Groups,dc=github,dc=com +cn: n-depth-nested-group4 +objectClass: groupOfNames +member: cn=n-depth-nested-group3,ou=Groups,dc=github,dc=com + +dn: cn=n-depth-nested-group5,ou=Groups,dc=github,dc=com +cn: n-depth-nested-group5 +objectClass: groupOfNames +member: cn=n-depth-nested-group4,ou=Groups,dc=github,dc=com + +dn: cn=n-depth-nested-group6,ou=Groups,dc=github,dc=com +cn: n-depth-nested-group6 +objectClass: groupOfNames +member: cn=n-depth-nested-group5,ou=Groups,dc=github,dc=com + +dn: cn=n-depth-nested-group7,ou=Groups,dc=github,dc=com +cn: n-depth-nested-group7 +objectClass: groupOfNames +member: cn=n-depth-nested-group6,ou=Groups,dc=github,dc=com + +dn: cn=n-depth-nested-group8,ou=Groups,dc=github,dc=com +cn: n-depth-nested-group8 +objectClass: groupOfNames +member: cn=n-depth-nested-group7,ou=Groups,dc=github,dc=com + +dn: cn=n-depth-nested-group9,ou=Groups,dc=github,dc=com +cn: n-depth-nested-group9 +objectClass: groupOfNames +member: cn=n-depth-nested-group8,ou=Groups,dc=github,dc=com + +dn: cn=head-group,ou=Groups,dc=github,dc=com +cn: head-group +objectClass: groupOfNames +member: cn=tail-group,ou=Groups,dc=github,dc=com +member: uid=user1,ou=People,dc=github,dc=com +member: uid=user2,ou=People,dc=github,dc=com +member: uid=user3,ou=People,dc=github,dc=com +member: uid=user4,ou=People,dc=github,dc=com +member: uid=user5,ou=People,dc=github,dc=com + +dn: cn=tail-group,ou=Groups,dc=github,dc=com +cn: tail-group +objectClass: groupOfNames +member: cn=head-group,ou=Groups,dc=github,dc=com +member: uid=user6,ou=People,dc=github,dc=com +member: uid=user7,ou=People,dc=github,dc=com +member: uid=user8,ou=People,dc=github,dc=com +member: uid=user9,ou=People,dc=github,dc=com +member: uid=user10,ou=People,dc=github,dc=com + +dn: cn=recursively-nested-groups,ou=Groups,dc=github,dc=com +cn: recursively-nested-groups +objectClass: groupOfNames +member: cn=head-group,ou=Groups,dc=github,dc=com +member: cn=tail-group,ou=Groups,dc=github,dc=com From d2065f7ae6d3741daa3e93dc6db82af42ce8c7d9 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Sun, 5 Oct 2014 18:58:30 -0700 Subject: [PATCH 18/33] Hardcode server options This is to reduce the variations each test creates, so all tests can pass with the same settings, fixtures. --- test/test_helper.rb | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/test/test_helper.rb b/test/test_helper.rb index f12ddbc..3408a72 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -29,10 +29,18 @@ def self.stop_server end end + def self.test_server_options + { + custom_schemas: FIXTURES.join('posixGroup.schema.ldif').to_s, + user_fixtures: FIXTURES.join('common/seed.ldif').to_s, + allow_anonymous: true, + verbose: ENV.fetch("VERBOSE", "0") == "1" + } + end + def self.start_server if test_env == "apacheds" - server_opts = respond_to?(:test_server_options) ? test_server_options : {} - GitHub::Ldap.start_server(server_opts) + GitHub::Ldap.start_server(test_server_options) end end @@ -42,6 +50,8 @@ def options case self.class.test_env when "apacheds" GitHub::Ldap.server_options.merge \ + admin_user: 'uid=admin,dc=github,dc=com', + admin_password: 'passworD1', host: 'localhost', uid: 'uid', instrumentation_service: @service @@ -60,12 +70,6 @@ def options end class GitHub::Ldap::UnauthenticatedTest < GitHub::Ldap::Test - def self.start_server - if test_env == "apacheds" - GitHub::Ldap.start_server(:allow_anonymous => true) - end - end - def options @options ||= begin super.delete_if {|k, _| [:admin_user, :admin_password].include?(k)} From 1e2b52ee73354568a560f099a737df75e49c03c3 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 11:01:28 -0700 Subject: [PATCH 19/33] Remove test-specific fixtures, use common seed Overrides local adaptor settings, though. --- test/domain_test.rb | 46 +++++++++------------------------------- test/group_test.rb | 12 ----------- test/posix_group_test.rb | 4 ---- 3 files changed, 10 insertions(+), 52 deletions(-) diff --git a/test/domain_test.rb b/test/domain_test.rb index 470e00d..6c0d1e4 100644 --- a/test/domain_test.rb +++ b/test/domain_test.rb @@ -143,10 +143,6 @@ class GitHubLdapDomainUnauthenticatedTest < GitHub::Ldap::UnauthenticatedTest end class GitHubLdapDomainNestedGroupsTest < GitHub::Ldap::Test - def self.test_server_options - {user_fixtures: FIXTURES.join('github-with-subgroups.ldif').to_s} - end - def setup @ldap = GitHub::Ldap.new(options) @domain = @ldap.domain("dc=github,dc=com") @@ -168,17 +164,10 @@ def test_membership_in_deeply_nested_subgroups end class GitHubLdapPosixGroupsWithRecursionFallbackTest < GitHub::Ldap::Test - def self.test_server_options - { - custom_schemas: FIXTURES.join('posixGroup.schema.ldif'), - user_fixtures: FIXTURES.join('github-with-posixGroups.ldif').to_s, - # so we exercise the recursive group search fallback - recursive_group_search_fallback: true - } - end - def setup - @ldap = GitHub::Ldap.new(options) + opts = options.merge \ + recursive_group_search_fallback: true + @ldap = GitHub::Ldap.new(opts) @domain = @ldap.domain("dc=github,dc=com") @cn = "enterprise-posix-devs" end @@ -192,17 +181,10 @@ def test_membership_for_posixGroups end class GitHubLdapPosixGroupsWithoutRecursionTest < GitHub::Ldap::Test - def self.test_server_options - { - custom_schemas: FIXTURES.join('posixGroup.schema.ldif'), - user_fixtures: FIXTURES.join('github-with-posixGroups.ldif').to_s, - # so we test the test the non-recursive group membership search - recursive_group_search_fallback: false - } - end - def setup - @ldap = GitHub::Ldap.new(options) + opts = options.merge \ + recursive_group_search_fallback: false + @ldap = GitHub::Ldap.new(opts) @domain = @ldap.domain("dc=github,dc=com") @cn = "enterprise-posix-devs" end @@ -218,19 +200,11 @@ def test_membership_for_posixGroups # Specifically testing that this doesn't break when posixGroups are not # supported. class GitHubLdapWithoutPosixGroupsTest < GitHub::Ldap::Test - def self.test_server_options - { - custom_schemas: FIXTURES.join('posixGroup.schema.ldif'), - user_fixtures: FIXTURES.join('github-with-posixGroups.ldif').to_s, - # so we test the test the non-recursive group membership search - recursive_group_search_fallback: false, - # explicitly disable posixGroup support (even if the schema supports it) - posix_support: false - } - end - def setup - @ldap = GitHub::Ldap.new(options) + opts = options.merge \ + recursive_group_search_fallback: false, # test non-recursive group membership search + posix_support: false # disable posixGroup support + @ldap = GitHub::Ldap.new(opts) @domain = @ldap.domain("dc=github,dc=com") @cn = "enterprise-posix-devs" end diff --git a/test/group_test.rb b/test/group_test.rb index 6f1714d..2bde806 100644 --- a/test/group_test.rb +++ b/test/group_test.rb @@ -1,10 +1,6 @@ require_relative 'test_helper' class GitHubLdapGroupTest < GitHub::Ldap::Test - def self.test_server_options - {user_fixtures: FIXTURES.join('github-with-subgroups.ldif').to_s} - end - def groups_domain @ldap.domain("ou=groups,dc=github,dc=com") end @@ -62,10 +58,6 @@ def test_unknown_group end class GitHubLdapLoopedGroupTest < GitHub::Ldap::Test - def self.test_server_options - {user_fixtures: FIXTURES.join('github-with-looped-subgroups.ldif').to_s} - end - def setup @group = GitHub::Ldap.new(options).group("cn=enterprise,ou=groups,dc=github,dc=com") end @@ -76,10 +68,6 @@ def test_members_from_subgroups end class GitHubLdapMissingEntriesTest < GitHub::Ldap::Test - def self.test_server_options - {user_fixtures: FIXTURES.join('github-with-missing-entries.ldif').to_s} - end - def setup @ldap = GitHub::Ldap.new(options) end diff --git a/test/posix_group_test.rb b/test/posix_group_test.rb index a71e252..4f9d815 100644 --- a/test/posix_group_test.rb +++ b/test/posix_group_test.rb @@ -1,10 +1,6 @@ require_relative 'test_helper' class GitHubLdapPosixGroupTest < GitHub::Ldap::Test - def self.test_server_options - {user_fixtures: FIXTURES.join('github-with-subgroups.ldif').to_s} - end - def setup @simple_group = Net::LDAP::Entry._load(""" dn: cn=enterprise-posix-devs,ou=groups,dc=github,dc=com From f0a3d7579abd1547abccaf41c6afcfaf6553a191 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 11:01:59 -0700 Subject: [PATCH 20/33] Remove quiet option when verbose is set Helpful for debugging since quiet will override verbose in practice. --- lib/github/ldap/server.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/github/ldap/server.rb b/lib/github/ldap/server.rb index c2cf10c..c7f624a 100644 --- a/lib/github/ldap/server.rb +++ b/lib/github/ldap/server.rb @@ -38,6 +38,8 @@ def self.start_server(options = {}) @server_options[:domain] = @server_options[:user_domain] @server_options[:tmpdir] ||= server_tmp + @server_options[:quiet] = false if @server_options[:verbose] + @ldap_server = Ladle::Server.new(@server_options) @ldap_server.start end From 19aa5070c17f71a7eef8eed6ab2b5c398b658bfe Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 11:02:49 -0700 Subject: [PATCH 21/33] Use ENV.fetch with default --- test/test_helper.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test_helper.rb b/test/test_helper.rb index 3408a72..57bcf28 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -14,7 +14,7 @@ class GitHub::Ldap::Test < Minitest::Test def self.test_env - ENV['TESTENV'] || "apacheds" + ENV.fetch("TESTENV", "apacheds") end def self.run(reporter, options = {}) From d80dbc55a6769bb8eed9ecd04024ae93b0bfb560 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 11:03:21 -0700 Subject: [PATCH 22/33] Update one Domain test with correct fixture --- test/domain_test.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/domain_test.rb b/test/domain_test.rb index 6c0d1e4..e771951 100644 --- a/test/domain_test.rb +++ b/test/domain_test.rb @@ -7,8 +7,8 @@ def setup end def test_user_valid_login - user = @domain.valid_login?('calavera', 'passworD1') - assert_equal 'uid=calavera,dc=github,dc=com', user.dn + assert user = @domain.valid_login?('user1', 'passworD1') + assert_equal 'uid=user1,ou=People,dc=github,dc=com', user.dn end def test_user_with_invalid_password From 010fbc4d4559db51e83f79dac5f55c96f9436900 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 14:45:50 -0700 Subject: [PATCH 23/33] Fix Domain posixGroup tests, fixtures --- test/domain_test.rb | 8 ++++---- test/fixtures/common/seed.ldif | 11 +++++++++++ 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/test/domain_test.rb b/test/domain_test.rb index e771951..ec3e7e4 100644 --- a/test/domain_test.rb +++ b/test/domain_test.rb @@ -186,11 +186,11 @@ def setup recursive_group_search_fallback: false @ldap = GitHub::Ldap.new(opts) @domain = @ldap.domain("dc=github,dc=com") - @cn = "enterprise-posix-devs" + @cn = "posix-group1" end def test_membership_for_posixGroups - assert user = @ldap.domain('uid=mtodd,ou=users,dc=github,dc=com').bind + assert user = @ldap.domain('uid=user1,ou=People,dc=github,dc=com').bind assert @domain.is_member?(user, [@cn]), "Expected `#{@cn}` to include the member `#{user.dn}`" @@ -206,11 +206,11 @@ def setup posix_support: false # disable posixGroup support @ldap = GitHub::Ldap.new(opts) @domain = @ldap.domain("dc=github,dc=com") - @cn = "enterprise-posix-devs" + @cn = "posix-group1" end def test_membership_for_posixGroups - assert user = @ldap.domain('uid=mtodd,ou=users,dc=github,dc=com').bind + assert user = @ldap.domain('uid=user1,ou=People,dc=github,dc=com').bind refute @domain.is_member?(user, [@cn]), "Expected `#{@cn}` to not include the member `#{user.dn}`" diff --git a/test/fixtures/common/seed.ldif b/test/fixtures/common/seed.ldif index 3067949..b07aedc 100644 --- a/test/fixtures/common/seed.ldif +++ b/test/fixtures/common/seed.ldif @@ -334,3 +334,14 @@ cn: recursively-nested-groups objectClass: groupOfNames member: cn=head-group,ou=Groups,dc=github,dc=com member: cn=tail-group,ou=Groups,dc=github,dc=com + +# posixGroup + +dn: cn=posix-group1,ou=Groups,dc=github,dc=com +cn: posix-group1 +objectClass: posixGroup +memberUid: user1 +memberUid: user2 +memberUid: user3 +memberUid: user4 +memberUid: user5 From b3ac5f3627d31d0b6d07f799d2b8cc14a58fb9c2 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 14:46:22 -0700 Subject: [PATCH 24/33] Add byebug as an development, test bundler dependency --- Gemfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Gemfile b/Gemfile index ab76291..106eaf9 100644 --- a/Gemfile +++ b/Gemfile @@ -2,3 +2,7 @@ source 'https://rubygems.org' # Specify your gem's dependencies in github-ldap.gemspec gemspec + +group :test, :development do + gem "byebug" +end From 1fe748e25687290c51b86ef731956a01de55558a Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 14:51:38 -0700 Subject: [PATCH 25/33] Experiment with reusing the ApacheDS LDAP server for each test --- test/test_helper.rb | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/test/test_helper.rb b/test/test_helper.rb index 57bcf28..feee10f 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -12,6 +12,15 @@ require 'minitest/autorun' +if ENV.fetch('TESTENV', "apacheds") == "apacheds" + # Make sure we clean up running test server + # NOTE: We need to do this manually since its internal `at_exit` hook + # collides with Minitest's autorun at_exit handling, hence this hook. + Minitest.after_run do + GitHub::Ldap.stop_server + end +end + class GitHub::Ldap::Test < Minitest::Test def self.test_env ENV.fetch("TESTENV", "apacheds") @@ -25,7 +34,8 @@ def self.run(reporter, options = {}) def self.stop_server if test_env == "apacheds" - GitHub::Ldap.stop_server + # see Minitest.after_run hook above. + # GitHub::Ldap.stop_server end end @@ -40,6 +50,9 @@ def self.test_server_options def self.start_server if test_env == "apacheds" + # skip this if a server has already been started + return if GitHub::Ldap.ldap_server + GitHub::Ldap.start_server(test_server_options) end end From 34d63f6f9f740e2a232ac0dcef89ac939d9a9107 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 15:14:28 -0700 Subject: [PATCH 26/33] byebug is supported on MRI 2.0, 2.1 only --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 106eaf9..4abbfe8 100644 --- a/Gemfile +++ b/Gemfile @@ -4,5 +4,5 @@ source 'https://rubygems.org' gemspec group :test, :development do - gem "byebug" + gem "byebug", :platforms => [:mri_20, :mri_21] end From 84e37ce4f64ae89c7c5647d072b9db1545f2ec5c Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 16:13:32 -0700 Subject: [PATCH 27/33] Add supporting fixtures, fix email domain --- test/fixtures/common/seed.ldif | 38 +++++++++++++++++++++----------- test/fixtures/openldap/seed.ldif | 22 +++++++++--------- 2 files changed, 36 insertions(+), 24 deletions(-) diff --git a/test/fixtures/common/seed.ldif b/test/fixtures/common/seed.ldif index b07aedc..e319f69 100644 --- a/test/fixtures/common/seed.ldif +++ b/test/fixtures/common/seed.ldif @@ -31,7 +31,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user1@openldap.ghe.local +mail: user1@github.com dn: uid=user2,ou=People,dc=github,dc=com uid: user2 @@ -42,7 +42,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user2@openldap.ghe.local +mail: user2@github.com dn: uid=user3,ou=People,dc=github,dc=com uid: user3 @@ -53,7 +53,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user3@openldap.ghe.local +mail: user3@github.com dn: uid=user4,ou=People,dc=github,dc=com uid: user4 @@ -64,7 +64,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user4@openldap.ghe.local +mail: user4@github.com dn: uid=user5,ou=People,dc=github,dc=com uid: user5 @@ -75,7 +75,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user5@openldap.ghe.local +mail: user5@github.com dn: uid=user6,ou=People,dc=github,dc=com uid: user6 @@ -86,7 +86,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user6@openldap.ghe.local +mail: user6@github.com dn: uid=user7,ou=People,dc=github,dc=com uid: user7 @@ -97,7 +97,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user7@openldap.ghe.local +mail: user7@github.com dn: uid=user8,ou=People,dc=github,dc=com uid: user8 @@ -108,7 +108,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user8@openldap.ghe.local +mail: user8@github.com dn: uid=user9,ou=People,dc=github,dc=com uid: user9 @@ -119,7 +119,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user9@openldap.ghe.local +mail: user9@github.com dn: uid=user10,ou=People,dc=github,dc=com uid: user10 @@ -130,9 +130,9 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user10@openldap.ghe.local +mail: user10@github.com -# Emailless User 1 +# Emailless User dn: uid=emailless-user1,ou=People,dc=github,dc=com uid: emailless-user1 @@ -144,7 +144,19 @@ objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -# Admin User 1 +# Groupless User + +dn: uid=groupless-user1,ou=People,dc=github,dc=com +uid: groupless-user1 +cn: groupless-user1 +sn: groupless-user1 +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +userPassword: passworD1 + +# Admin User dn: uid=admin1,ou=People,dc=github,dc=com uid: admin1 @@ -155,7 +167,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: admin1@openldap.ghe.local +mail: admin1@github.com # Groups diff --git a/test/fixtures/openldap/seed.ldif b/test/fixtures/openldap/seed.ldif index d0eb715..2a0765f 100644 --- a/test/fixtures/openldap/seed.ldif +++ b/test/fixtures/openldap/seed.ldif @@ -17,7 +17,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user1@openldap.ghe.local +mail: user1@github.com dn: uid=user2,ou=People,dc=github,dc=com uid: user2 @@ -28,7 +28,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user2@openldap.ghe.local +mail: user2@github.com dn: uid=user3,ou=People,dc=github,dc=com uid: user3 @@ -39,7 +39,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user3@openldap.ghe.local +mail: user3@github.com dn: uid=user4,ou=People,dc=github,dc=com uid: user4 @@ -50,7 +50,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user4@openldap.ghe.local +mail: user4@github.com dn: uid=user5,ou=People,dc=github,dc=com uid: user5 @@ -61,7 +61,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user5@openldap.ghe.local +mail: user5@github.com dn: uid=user6,ou=People,dc=github,dc=com uid: user6 @@ -72,7 +72,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user6@openldap.ghe.local +mail: user6@github.com dn: uid=user7,ou=People,dc=github,dc=com uid: user7 @@ -83,7 +83,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user7@openldap.ghe.local +mail: user7@github.com dn: uid=user8,ou=People,dc=github,dc=com uid: user8 @@ -94,7 +94,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user8@openldap.ghe.local +mail: user8@github.com dn: uid=user9,ou=People,dc=github,dc=com uid: user9 @@ -105,7 +105,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user9@openldap.ghe.local +mail: user9@github.com dn: uid=user10,ou=People,dc=github,dc=com uid: user10 @@ -116,7 +116,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: user10@openldap.ghe.local +mail: user10@github.com dn: uid=emailless-user1,ou=People,dc=github,dc=com uid: emailless-user1 @@ -137,7 +137,7 @@ objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson userPassword: passworD1 -mail: admin1@openldap.ghe.local +mail: admin1@github.com dn: cn=ghe-users,ou=Groups,dc=github,dc=com cn: ghe-users From 919734ea185667b412ca535a342d4d9527ecbefb Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 16:14:42 -0700 Subject: [PATCH 28/33] Use common seed for OpenLDAP --- script/install-openldap | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/script/install-openldap b/script/install-openldap index bdbeae9..bb0033f 100755 --- a/script/install-openldap +++ b/script/install-openldap @@ -3,6 +3,7 @@ set -e set -x BASE_PATH="$( cd `dirname $0`/../test/fixtures/openldap && pwd )" +SEED_PATH="$( cd `dirname $0`/../test/fixtures/common && pwd )" DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y --force-yes slapd time ldap-utils @@ -36,7 +37,7 @@ sudo /etc/init.d/slapd start # Import seed data. # NOTE: use ldapadd in order for memberOf and refint to apply, instead of: # /vagrant/services/ldap/openldap/seed.rb | sudo slapadd -F /etc/ldap/slapd.d -cat $BASE_PATH/seed.ldif | +cat $SEED_PATH/seed.ldif | /usr/bin/time sudo ldapadd -x -D "cn=admin,dc=github,dc=com" -w passworD1 \ -h localhost -p 389 From 46fea0d6bb705e968451be935ab802266176dda1 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 16:14:54 -0700 Subject: [PATCH 29/33] Rewrite Domain tests --- test/domain_test.rb | 97 +++++++++++++++++++++++---------------------- 1 file changed, 50 insertions(+), 47 deletions(-) diff --git a/test/domain_test.rb b/test/domain_test.rb index ec3e7e4..8ddf72c 100644 --- a/test/domain_test.rb +++ b/test/domain_test.rb @@ -12,8 +12,8 @@ def test_user_valid_login end def test_user_with_invalid_password - assert !@domain.valid_login?('calavera', 'foo'), - "Login `calavera` expected to be invalid with password `foo`" + assert !@domain.valid_login?('user1', 'foo'), + "Login `user1` expected to be invalid with password `foo`" end def test_user_with_invalid_login @@ -22,115 +22,118 @@ def test_user_with_invalid_login end def test_groups_in_server - assert_equal 2, @domain.groups(%w(Enterprise People)).size + assert_equal 2, @domain.groups(%w(ghe-users ghe-admins)).size end def test_user_in_group - user = @domain.valid_login?('calavera', 'passworD1') + assert user = @domain.valid_login?('user1', 'passworD1') - assert @domain.is_member?(user, %w(Enterprise People)), - "Expected `Enterprise` or `Poeple` to include the member `#{user.dn}`" + assert @domain.is_member?(user, %w(ghe-users ghe-admins)), + "Expected `ghe-users` or `ghe-admins` to include the member `#{user.dn}`" end def test_user_not_in_different_group - user = @domain.valid_login?('calavera', 'passworD1') + user = @domain.valid_login?('user1', 'passworD1') - assert !@domain.is_member?(user, %w(People)), - "Expected `Poeple` not to include the member `#{user.dn}`" + refute @domain.is_member?(user, %w(ghe-admins)), + "Expected `ghe-admins` not to include the member `#{user.dn}`" end def test_user_without_group - user = @domain.valid_login?('ldaptest', 'secret') + user = @domain.valid_login?('groupless-user1', 'passworD1') - assert !@domain.is_member?(user, %w(People)), - "Expected `People` not to include the member `#{user.dn}`" + assert !@domain.is_member?(user, %w(all-users)), + "Expected `all-users` not to include the member `#{user.dn}`" end - def test_authenticate_doesnt_return_invalid_users - user = @domain.authenticate!('calavera', 'passworD1') - assert_equal 'uid=calavera,dc=github,dc=com', user.dn + def test_authenticate_returns_valid_users + user = @domain.authenticate!('user1', 'passworD1') + assert_equal 'uid=user1,ou=People,dc=github,dc=com', user.dn end def test_authenticate_doesnt_return_invalid_users - assert !@domain.authenticate!('calavera', 'foo'), + refute @domain.authenticate!('user1', 'foo'), "Expected `authenticate!` to not return an invalid user" end def test_authenticate_check_valid_user_and_groups - user = @domain.authenticate!('calavera', 'passworD1', %w(Enterprise People)) + user = @domain.authenticate!('user1', 'passworD1', %w(ghe-users ghe-admins)) - assert_equal 'uid=calavera,dc=github,dc=com', user.dn + assert_equal 'uid=user1,ou=People,dc=github,dc=com', user.dn end def test_authenticate_doesnt_return_valid_users_in_different_groups - assert !@domain.authenticate!('calavera', 'passworD1', %w(People)), + refute @domain.authenticate!('user1', 'passworD1', %w(ghe-admins)), "Expected `authenticate!` to not return an user" end def test_membership_empty_for_non_members - user = @ldap.domain('uid=calavera,dc=github,dc=com').bind + user = @ldap.domain('uid=user1,ou=People,dc=github,dc=com').bind - assert @domain.membership(user, %w(People)).empty?, - "Expected `calavera` not to be a member of `People`." + assert @domain.membership(user, %w(ghe-admins)).empty?, + "Expected `user1` not to be a member of `ghe-admins`." end def test_membership_groups_for_members - user = @ldap.domain('uid=calavera,dc=github,dc=com').bind - groups = @domain.membership(user, %w(Enterprise People)) + user = @ldap.domain('uid=user1,ou=People,dc=github,dc=com').bind + groups = @domain.membership(user, %w(ghe-users ghe-admins)) assert_equal 1, groups.size - assert_equal 'cn=Enterprise,ou=Group,dc=github,dc=com', groups.first.dn + assert_equal 'cn=ghe-users,ou=Groups,dc=github,dc=com', groups.first.dn end def test_membership_with_virtual_attributes ldap = GitHub::Ldap.new(options.merge(virtual_attributes: true)) - user = ldap.domain('uid=calavera,dc=github,dc=com').bind - user[:memberof] = 'cn=Enterprise,ou=Group,dc=github,dc=com' + + user = ldap.domain('uid=user1,ou=People,dc=github,dc=com').bind + user[:memberof] = 'cn=ghe-admins,ou=Groups,dc=github,dc=com' domain = ldap.domain("dc=github,dc=com") - groups = domain.membership(user, %w(Enterprise People)) + groups = domain.membership(user, %w(ghe-admins)) assert_equal 1, groups.size - assert_equal 'cn=Enterprise,ou=Group,dc=github,dc=com', groups.first.dn + assert_equal 'cn=ghe-admins,ou=Groups,dc=github,dc=com', groups.first.dn end def test_search assert 1, @domain.search( attributes: %w(uid), - filter: Net::LDAP::Filter.eq('uid', 'calavera')).size + filter: Net::LDAP::Filter.eq('uid', 'user1')).size end def test_search_override_base_name assert 1, @domain.search( base: "this base name is incorrect", attributes: %w(uid), - filter: Net::LDAP::Filter.eq('uid', 'calavera')).size + filter: Net::LDAP::Filter.eq('uid', 'user1')).size end def test_user_exists - assert_equal 'uid=calavera,dc=github,dc=com', @domain.user?('calavera').dn + assert user = @domain.user?('user1') + assert_equal 'uid=user1,ou=People,dc=github,dc=com', user.dn end def test_user_wildcards_are_filtered - assert !@domain.user?('cal*'), 'Expected uid `cal*` to not complete' + refute @domain.user?('user*'), 'Expected uid `user*` to not complete' end def test_user_does_not_exist - assert !@domain.user?('foobar'), 'Expected uid `foobar` to not exist.' + refute @domain.user?('foobar'), 'Expected uid `foobar` to not exist.' end def test_user_returns_every_attribute - assert_equal ['calavera@github.com'], @domain.user?('calavera')[:mail] + assert user = @domain.user?('user1') + assert_equal ['user1@github.com'], user[:mail] end def test_auth_binds - user = @domain.user?('calavera') - assert @domain.auth(user, 'passworD1'), 'Expected user to be bound.' + assert user = @domain.user?('user1') + assert @domain.auth(user, 'passworD1'), 'Expected user to bind' end def test_auth_does_not_bind - user = @domain.user?('calavera') - assert !@domain.auth(user, 'foo'), 'Expected user not to be bound.' + assert user = @domain.user?('user1') + refute @domain.auth(user, 'foo'), 'Expected user not not bind' end end @@ -149,17 +152,17 @@ def setup end def test_membership_in_subgroups - user = @ldap.domain('uid=rubiojr,ou=users,dc=github,dc=com').bind + user = @ldap.domain('uid=user1,ou=People,dc=github,dc=com').bind - assert @domain.is_member?(user, %w(enterprise-ops)), - "Expected `enterprise-ops` to include the member `#{user.dn}`" + assert @domain.is_member?(user, %w(nested-groups)), + "Expected `nested-groups` to include the member `#{user.dn}`" end def test_membership_in_deeply_nested_subgroups - assert user = @ldap.domain('uid=user1.1.1.1,ou=users,dc=github,dc=com').bind + assert user = @ldap.domain('uid=user1,ou=People,dc=github,dc=com').bind - assert @domain.is_member?(user, %w(group1)), - "Expected `group1` to include the member `#{user.dn}` via deep recursion" + assert @domain.is_member?(user, %w(n-depth-nested-group4)), + "Expected `n-depth-nested-group4` to include the member `#{user.dn}` via deep recursion" end end @@ -169,11 +172,11 @@ def setup recursive_group_search_fallback: true @ldap = GitHub::Ldap.new(opts) @domain = @ldap.domain("dc=github,dc=com") - @cn = "enterprise-posix-devs" + @cn = "posix-group1" end def test_membership_for_posixGroups - assert user = @ldap.domain('uid=mtodd,ou=users,dc=github,dc=com').bind + assert user = @ldap.domain('uid=user1,ou=People,dc=github,dc=com').bind assert @domain.is_member?(user, [@cn]), "Expected `#{@cn}` to include the member `#{user.dn}`" From a1988abf64df0cd49ae56d358fa97a8247435951 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 16:35:00 -0700 Subject: [PATCH 30/33] Include gidNumber in seed; fix posixGroup schema The original posixGroup schema was mostly made up, so this duplicates the reference: http://www.zytrax.com/books/ldap/ape/nis.html --- test/fixtures/common/seed.ldif | 1 + test/fixtures/posixGroup.schema.ldif | 42 ++++++++++++++++++++++------ 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/test/fixtures/common/seed.ldif b/test/fixtures/common/seed.ldif index e319f69..e624858 100644 --- a/test/fixtures/common/seed.ldif +++ b/test/fixtures/common/seed.ldif @@ -352,6 +352,7 @@ member: cn=tail-group,ou=Groups,dc=github,dc=com dn: cn=posix-group1,ou=Groups,dc=github,dc=com cn: posix-group1 objectClass: posixGroup +gidNumber: 1001 memberUid: user1 memberUid: user2 memberUid: user3 diff --git a/test/fixtures/posixGroup.schema.ldif b/test/fixtures/posixGroup.schema.ldif index 94dd488..3ba04e0 100644 --- a/test/fixtures/posixGroup.schema.ldif +++ b/test/fixtures/posixGroup.schema.ldif @@ -1,26 +1,52 @@ version: 1 -dn: m-oid=1.3.6.1.4.1.18055.0.4.1.2.1001,ou=attributeTypes,cn=other,ou=schema +# attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' +# DESC 'An integer uniquely identifying a group in an administrative domain' +# EQUALITY integerMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +dn: m-oid=1.3.6.1.1.1.1.1,ou=attributeTypes,cn=other,ou=schema +objectClass: metaAttributeType +objectClass: metaTop +objectClass: top +m-collective: FALSE +m-description: An integer uniquely identifying a group in an administrative domain +m-equality: integerMatch +m-name: gidNumber +m-syntax: 1.3.6.1.4.1.1466.115.121.1.27 +m-usage: USER_APPLICATIONS +m-oid: 1.3.6.1.1.1.1.1 + +# attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' +# EQUALITY caseExactIA5Match +# SUBSTR caseExactIA5SubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +dn: m-oid=1.3.6.1.1.1.1.12,ou=attributeTypes,cn=other,ou=schema objectClass: metaAttributeType objectClass: metaTop objectClass: top m-collective: FALSE m-description: memberUid -m-equality: caseExactMatch +m-equality: caseExactIA5Match m-name: memberUid -m-syntax: 1.3.6.1.4.1.1466.115.121.1.15 +m-syntax: 1.3.6.1.4.1.1466.115.121.1.26 m-usage: USER_APPLICATIONS -m-oid: 1.3.6.1.4.1.18055.0.4.1.2.1001 +m-oid: 1.3.6.1.1.1.1.12 -dn: m-oid=1.3.6.1.4.1.18055.0.4.1.3.1001,ou=objectClasses,cn=other,ou=schema +# objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top STRUCTURAL +# DESC 'Abstraction of a group of accounts' +# MUST ( cn $ gidNumber ) +# MAY ( userPassword $ memberUid $ description ) ) +dn: m-oid=1.3.6.1.1.1.2.2,ou=objectClasses,cn=other,ou=schema objectClass: metaObjectClass objectClass: metaTop objectClass: top m-description: posixGroup -m-may: cn -m-may: sn +m-must: cn +m-must: gidNumber m-may: memberUid +m-may: userPassword +m-may: description m-supobjectclass: top m-name: posixGroup -m-oid: 1.3.6.1.4.1.18055.0.4.1.3.1001 +m-oid: 1.3.6.1.1.1.2.2 m-typeobjectclass: STRUCTURAL From 102351c53df6ddf0de154083c18ecb7cbf4a5c49 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 16:44:49 -0700 Subject: [PATCH 31/33] Rewrite GitHub::Ldap tests --- test/ldap_test.rb | 41 ++++++++++++++++++----------------------- 1 file changed, 18 insertions(+), 23 deletions(-) diff --git a/test/ldap_test.rb b/test/ldap_test.rb index 27861d3..40fcb95 100644 --- a/test/ldap_test.rb +++ b/test/ldap_test.rb @@ -22,59 +22,54 @@ def test_start_tls end def test_search_delegator - @ldap.domain('dc=github,dc=com').valid_login? 'calavera', 'secret' + assert user = @ldap.domain('dc=github,dc=com').valid_login?('user1', 'passworD1') - result = @ldap.search( - {:base => 'dc=github,dc=com', - :attributes => %w(uid), - :filter => Net::LDAP::Filter.eq('uid', 'calavera')}) + result = @ldap.search \ + :base => 'dc=github,dc=com', + :attributes => %w(uid), + :filter => Net::LDAP::Filter.eq('uid', 'user1') refute result.empty? - assert_equal 'calavera', result.first[:uid].first + assert_equal 'user1', result.first[:uid].first end - def test_virtual_attributes_defaults - @ldap = GitHub::Ldap.new(options.merge(virtual_attributes: true)) - - assert @ldap.virtual_attributes.enabled?, "Expected to have virtual attributes enabled with defaults" - assert_equal 'memberOf', @ldap.virtual_attributes.virtual_membership + def test_virtual_attributes_disabled + refute @ldap.virtual_attributes.enabled?, "Expected to have virtual attributes disabled" end - def test_virtual_attributes_defaults + def test_virtual_attributes_configured ldap = GitHub::Ldap.new(options.merge(virtual_attributes: true)) - assert ldap.virtual_attributes.enabled?, "Expected to have virtual attributes enabled with defaults" + assert ldap.virtual_attributes.enabled?, + "Expected virtual attributes to be enabled" assert_equal 'memberOf', ldap.virtual_attributes.virtual_membership end - def test_virtual_attributes_hash + def test_virtual_attributes_configured_with_membership_attribute ldap = GitHub::Ldap.new(options.merge(virtual_attributes: {virtual_membership: "isMemberOf"})) - assert ldap.virtual_attributes.enabled?, "Expected to have virtual attributes enabled with defaults" + assert ldap.virtual_attributes.enabled?, + "Expected virtual attributes to be enabled" assert_equal 'isMemberOf', ldap.virtual_attributes.virtual_membership end - def test_virtual_attributes_disabled - refute @ldap.virtual_attributes.enabled?, "Expected to have virtual attributes disabled" - end - def test_search_domains ldap = GitHub::Ldap.new(options.merge(search_domains: ['dc=github,dc=com'])) - result = ldap.search(filter: Net::LDAP::Filter.eq('uid', 'calavera')) + result = ldap.search(filter: Net::LDAP::Filter.eq('uid', 'user1')) refute result.empty? - assert_equal 'calavera', result.first[:uid].first + assert_equal 'user1', result.first[:uid].first end def test_instruments_search events = @service.subscribe "search.github_ldap" - result = @ldap.search(filter: "(uid=calavera)", :base => "dc=github,dc=com") + result = @ldap.search(filter: "(uid=user1)", :base => "dc=github,dc=com") refute_predicate result, :empty? payload, event_result = events.pop assert payload assert event_result assert_equal result, event_result - assert_equal "(uid=calavera)", payload[:filter].to_s + assert_equal "(uid=user1)", payload[:filter].to_s assert_equal "dc=github,dc=com", payload[:base] end end From 6502ab1026d43d631780322c819f4af547ee4366 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Mon, 6 Oct 2014 17:05:21 -0700 Subject: [PATCH 32/33] Fix Group tests, add fixture group with missing members --- test/fixtures/common/seed.ldif | 9 +++++++++ test/group_test.rb | 28 +++++++++++++++------------- 2 files changed, 24 insertions(+), 13 deletions(-) diff --git a/test/fixtures/common/seed.ldif b/test/fixtures/common/seed.ldif index e624858..29284bb 100644 --- a/test/fixtures/common/seed.ldif +++ b/test/fixtures/common/seed.ldif @@ -358,3 +358,12 @@ memberUid: user2 memberUid: user3 memberUid: user4 memberUid: user5 + +# missing members + +dn: cn=missing-users,ou=Groups,dc=github,dc=com +cn: missing-users +objectClass: groupOfNames +member: uid=user1,ou=People,dc=github,dc=com +member: uid=user2,ou=People,dc=github,dc=com +member: uid=nonexistent-user,ou=People,dc=github,dc=com diff --git a/test/group_test.rb b/test/group_test.rb index 2bde806..1ed5f82 100644 --- a/test/group_test.rb +++ b/test/group_test.rb @@ -2,12 +2,12 @@ class GitHubLdapGroupTest < GitHub::Ldap::Test def groups_domain - @ldap.domain("ou=groups,dc=github,dc=com") + @ldap.domain("ou=Groups,dc=github,dc=com") end def setup @ldap = GitHub::Ldap.new(options) - @group = @ldap.group("cn=enterprise,ou=groups,dc=github,dc=com") + @group = @ldap.group("cn=ghe-users,ou=Groups,dc=github,dc=com") end def test_group? @@ -21,34 +21,36 @@ def test_group? end def test_subgroups - assert_equal 3, @group.subgroups.size + group = @ldap.group("cn=deeply-nested-group0.0,ou=Groups,dc=github,dc=com") + assert_equal 2, group.subgroups.size end def test_members_from_subgroups - assert_equal 4, @group.members.size + group = @ldap.group("cn=deeply-nested-group0.0,ou=Groups,dc=github,dc=com") + assert_equal 10, group.members.size end def test_all_domain_groups groups = groups_domain.all_groups - assert_equal 8, groups.size + assert_equal 27, groups.size end def test_filter_domain_groups - groups = groups_domain.filter_groups('devs') + groups = groups_domain.filter_groups('ghe-users') assert_equal 1, groups.size end def test_filter_domain_groups_limited groups = [] - groups_domain.filter_groups('enter', size: 1) do |entry| + groups_domain.filter_groups('deeply-nested-group', size: 1) do |entry| groups << entry end assert_equal 1, groups.size end def test_filter_domain_groups_unlimited - groups = groups_domain.filter_groups('ent') - assert_equal 3, groups.size + groups = groups_domain.filter_groups('deeply-nested-group') + assert_equal 5, groups.size end def test_unknown_group @@ -59,11 +61,11 @@ def test_unknown_group class GitHubLdapLoopedGroupTest < GitHub::Ldap::Test def setup - @group = GitHub::Ldap.new(options).group("cn=enterprise,ou=groups,dc=github,dc=com") + @group = GitHub::Ldap.new(options).group("cn=recursively-nested-groups,ou=Groups,dc=github,dc=com") end def test_members_from_subgroups - assert_equal 4, @group.members.size + assert_equal 10, @group.members.size end end @@ -73,10 +75,10 @@ def setup end def test_load_right_members - assert_equal 3, @ldap.domain("cn=spaniards,ou=groups,dc=github,dc=com").bind[:member].size + assert_equal 3, @ldap.domain("cn=missing-users,ou=groups,dc=github,dc=com").bind[:member].size end def test_ignore_missing_member_entries - assert_equal 2, @ldap.group("cn=spaniards,ou=groups,dc=github,dc=com").members.size + assert_equal 2, @ldap.group("cn=missing-users,ou=groups,dc=github,dc=com").members.size end end From 15953cc66634f5ffa58f2534215ae06f8feac948 Mon Sep 17 00:00:00 2001 From: Matt Todd Date: Wed, 8 Oct 2014 01:30:41 -0700 Subject: [PATCH 33/33] Fix up posixGroup tests --- test/posix_group_test.rb | 49 ++++++++++++++++++++-------------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/test/posix_group_test.rb b/test/posix_group_test.rb index 4f9d815..e21b3ac 100644 --- a/test/posix_group_test.rb +++ b/test/posix_group_test.rb @@ -3,48 +3,49 @@ class GitHubLdapPosixGroupTest < GitHub::Ldap::Test def setup @simple_group = Net::LDAP::Entry._load(""" -dn: cn=enterprise-posix-devs,ou=groups,dc=github,dc=com -cn: enterprise-posix-devs +dn: cn=simple-group,ou=Groups,dc=github,dc=com +cn: simple-group objectClass: posixGroup -memberUid: benburkert -memberUid: mtodd""") +memberUid: user1 +memberUid: user2""") @one_level_deep_group = Net::LDAP::Entry._load(""" -dn: cn=enterprise-posix-ops,ou=groups,dc=github,dc=com -cn: enterprise-posix-ops +dn: cn=one-level-deep-group,ou=Groups,dc=github,dc=com +cn: one-level-deep-group objectClass: posixGroup objectClass: groupOfNames -memberUid: sbryant -member: cn=spaniards,ou=groups,dc=github,dc=com""") +memberUid: user6 +member: cn=ghe-users,ou=Groups,dc=github,dc=com""") @two_levels_deep_group = Net::LDAP::Entry._load(""" -dn: cn=enterprise-posix,ou=groups,dc=github,dc=com -cn: Enterprise Posix +dn: cn=two-levels-deep-group,ou=Groups,dc=github,dc=com +cn: two-levels-deep-group objectClass: posixGroup objectClass: groupOfNames -memberUid: calavera -member: cn=enterprise-devs,ou=groups,dc=github,dc=com -member: cn=enterprise-ops,ou=groups,dc=github,dc=com""") +memberUid: user6 +member: cn=n-depth-nested-group2,ou=Groups,dc=github,dc=com +member: cn=posix-group1,ou=Groups,dc=github,dc=com""") @empty_group = Net::LDAP::Entry._load(""" -dn: cn=enterprise-posix-empty,ou=groups,dc=github,dc=com -cn: enterprise-posix-empty +dn: cn=empty-group,ou=Groups,dc=github,dc=com +cn: empty-group objectClass: posixGroup""") @ldap = GitHub::Ldap.new(options.merge(search_domains: %w(dc=github,dc=com))) end def test_posix_group - assert GitHub::Ldap::PosixGroup.valid?(@simple_group), + entry = @ldap.search(filter: "(cn=posix-group1)").first + assert GitHub::Ldap::PosixGroup.valid?(entry), "Expected entry to be a valid posixGroup" end def test_posix_simple_members - group = GitHub::Ldap::PosixGroup.new(@ldap, @simple_group) + assert group = @ldap.group("cn=posix-group1,ou=Groups,dc=github,dc=com") members = group.members - assert_equal 2, members.size - assert_equal %w(benburkert mtodd), members.map(&:uid).flatten.sort + assert_equal 5, members.size + assert_equal %w(user1 user2 user3 user4 user5), members.map(&:uid).flatten.sort end def test_posix_combined_group @@ -58,7 +59,7 @@ def test_posix_combined_group_unique_members group = GitHub::Ldap::PosixGroup.new(@ldap, @two_levels_deep_group) members = group.members - assert_equal 4, members.size + assert_equal 10, members.size end def test_empty_subgroups @@ -77,7 +78,7 @@ def test_posix_combined_group_subgroups def test_is_member_simple_group group = GitHub::Ldap::PosixGroup.new(@ldap, @simple_group) - user = @ldap.domain("uid=benburkert,ou=users,dc=github,dc=com").bind + user = @ldap.domain("uid=user1,ou=People,dc=github,dc=com").bind assert group.is_member?(user), "Expected user in the memberUid list to be a member of the posixgroup" @@ -85,7 +86,7 @@ def test_is_member_simple_group def test_is_member_combined_group group = GitHub::Ldap::PosixGroup.new(@ldap, @one_level_deep_group) - user = @ldap.domain("uid=calavera,ou=users,dc=github,dc=com").bind + user = @ldap.domain("uid=user1,ou=People,dc=github,dc=com").bind assert group.is_member?(user), "Expected user in a subgroup to be a member of the posixgroup" @@ -93,7 +94,7 @@ def test_is_member_combined_group def test_is_not_member_simple_group group = GitHub::Ldap::PosixGroup.new(@ldap, @simple_group) - user = @ldap.domain("uid=calavera,ou=users,dc=github,dc=com").bind + user = @ldap.domain("uid=user10,ou=People,dc=github,dc=com").bind refute group.is_member?(user), "Expected user to not be member when her uid is not in the list of memberUid" @@ -101,7 +102,7 @@ def test_is_not_member_simple_group def test_is_member_combined_group group = GitHub::Ldap::PosixGroup.new(@ldap, @one_level_deep_group) - user = @ldap.domain("uid=benburkert,ou=users,dc=github,dc=com").bind + user = @ldap.domain("uid=user10,ou=People,dc=github,dc=com").bind refute group.is_member?(user), "Expected user to not be member when she's not member of any subgroup" pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy