foreman/test/unit/auth_source_ldap_test.rb @ 8a65dff7
| 2594caf0 | José Luis Escalante | require 'test_helper'
|
|
class AuthSourceLdapTest < ActiveSupport::TestCase
|
|||
def setup
|
|||
@auth_source_ldap = AuthSourceLdap.new
|
|||
@attributes = { :name= => "value",
|
|||
:host= => "value",
|
|||
:attr_login= => "value",
|
|||
| 9fd7478e | Paul Kelly | :port= => 389 }
|
|
User.current = users(:admin)
|
|||
| 2594caf0 | José Luis Escalante | end
|
|
test "should exists a name" do
|
|||
missing(:name=)
|
|||
assert !@auth_source_ldap.save
|
|||
set(:name=)
|
|||
assert @auth_source_ldap.save
|
|||
end
|
|||
test "should exists a host" do
|
|||
missing(:host=)
|
|||
assert !@auth_source_ldap.save
|
|||
set(:host=)
|
|||
assert @auth_source_ldap.save
|
|||
end
|
|||
test "should exists a attr_login" do
|
|||
missing(:attr_login=)
|
|||
assert !@auth_source_ldap.save
|
|||
set(:attr_login=)
|
|||
assert @auth_source_ldap.save
|
|||
end
|
|||
test "should exists a port" do
|
|||
missing(:port=)
|
|||
assert !@auth_source_ldap.save
|
|||
set(:port=)
|
|||
assert @auth_source_ldap.save
|
|||
end
|
|||
test "after initiliaze if port == 0 should automatically change to 389" do
|
|||
other_auth_source_ldap = AuthSourceLdap.new(:port => 0)
|
|||
assert_equal 389, other_auth_source_ldap.port
|
|||
end
|
|||
test "the name should not exceed the 60 characters" do
|
|||
missing(:name=)
|
|||
| 7a65bc18 | José Luis Escalante | assigns_a_string_of_length_greater_than(60, :name=)
|
|
| 2594caf0 | José Luis Escalante | assert !@auth_source_ldap.save
|
|
end
|
|||
test "the host should not exceed the 60 characters" do
|
|||
missing(:host=)
|
|||
| 7a65bc18 | José Luis Escalante | assigns_a_string_of_length_greater_than(60, :host=)
|
|
| 2594caf0 | José Luis Escalante | assert !@auth_source_ldap.save
|
|
end
|
|||
test "the account_password should not exceed the 60 characters" do
|
|||
| f111e0da | José Luis Escalante | set_all_required_attributes
|
|
| 7a65bc18 | José Luis Escalante | assigns_a_string_of_length_greater_than(60, :account_password=)
|
|
| 2594caf0 | José Luis Escalante | assert !@auth_source_ldap.save
|
|
end
|
|||
test "the account should not exceed the 255 characters" do
|
|||
| f111e0da | José Luis Escalante | set_all_required_attributes
|
|
| 7a65bc18 | José Luis Escalante | assigns_a_string_of_length_greater_than(255, :account=)
|
|
| 2594caf0 | José Luis Escalante | assert !@auth_source_ldap.save
|
|
end
|
|||
test "the base_dn should not exceed the 255 characters" do
|
|||
| f111e0da | José Luis Escalante | set_all_required_attributes
|
|
| 7a65bc18 | José Luis Escalante | assigns_a_string_of_length_greater_than(255, :base_dn=)
|
|
| 2594caf0 | José Luis Escalante | assert !@auth_source_ldap.save
|
|
end
|
|||
test "the attr_login should not exceed the 30 characters" do
|
|||
missing(:attr_login=)
|
|||
| 7a65bc18 | José Luis Escalante | assigns_a_string_of_length_greater_than(30, :attr_login=)
|
|
| 2594caf0 | José Luis Escalante | assert !@auth_source_ldap.save
|
|
end
|
|||
test "the attr_firstname should not exceed the 30 characters" do
|
|||
| f111e0da | José Luis Escalante | set_all_required_attributes
|
|
| 7a65bc18 | José Luis Escalante | assigns_a_string_of_length_greater_than(30, :attr_firstname=)
|
|
| 2594caf0 | José Luis Escalante | assert !@auth_source_ldap.save
|
|
end
|
|||
test "the attr_lastname should not exceed the 30 characters" do
|
|||
| f111e0da | José Luis Escalante | set_all_required_attributes
|
|
| 7a65bc18 | José Luis Escalante | assigns_a_string_of_length_greater_than(30, :attr_lastname=)
|
|
| 2594caf0 | José Luis Escalante | assert !@auth_source_ldap.save
|
|
end
|
|||
test "the attr_mail should not exceed the 30 characters" do
|
|||
| f111e0da | José Luis Escalante | set_all_required_attributes
|
|
| 7a65bc18 | José Luis Escalante | assigns_a_string_of_length_greater_than(30, :attr_mail=)
|
|
| 2594caf0 | José Luis Escalante | assert !@auth_source_ldap.save
|
|
end
|
|||
test "port should be a integer" do
|
|||
missing(:port=)
|
|||
@auth_source_ldap.port = "crap"
|
|||
assert !@auth_source_ldap.save
|
|||
@auth_source_ldap.port = 123
|
|||
assert @auth_source_ldap.save
|
|||
end
|
|||
| f111e0da | José Luis Escalante | test "should strip the ldap attributes before validate" do
|
|
@auth_source_ldap.attr_login = "following spaces "
|
|||
@auth_source_ldap.attr_firstname = "following spaces "
|
|||
@auth_source_ldap.attr_lastname = "following spaces "
|
|||
@auth_source_ldap.attr_mail = "following spaces "
|
|||
@auth_source_ldap.save
|
|||
assert_equal "following spaces", @auth_source_ldap.attr_login
|
|||
assert_equal "following spaces", @auth_source_ldap.attr_firstname
|
|||
assert_equal "following spaces", @auth_source_ldap.attr_lastname
|
|||
assert_equal "following spaces", @auth_source_ldap.attr_mail
|
|||
end
|
|||
| 2594caf0 | José Luis Escalante | test "return nil if login is blank or password is blank" do
|
|
assert_equal nil, @auth_source_ldap.authenticate("", "")
|
|||
end
|
|||
| 7a65bc18 | José Luis Escalante | test "when auth_method_name is applied should return 'LDAP'" do
|
|
set_all_required_attributes
|
|||
@auth_source_ldap.save
|
|||
assert_equal 'LDAP', @auth_source_ldap.auth_method_name
|
|||
end
|
|||
| 2594caf0 | José Luis Escalante | def missing(attr)
|
|
@attributes.each { |k, v| @auth_source_ldap.send k, v unless k == attr }
|
|||
end
|
|||
def set(attr)
|
|||
@auth_source_ldap.send attr, @attributes[attr]
|
|||
end
|
|||
| f111e0da | José Luis Escalante | def set_all_required_attributes
|
|
| 2594caf0 | José Luis Escalante | @attributes.each { |k, v| @auth_source_ldap.send k, v }
|
|
end
|
|||
| 7a65bc18 | José Luis Escalante | ||
def assigns_a_string_of_length_greater_than(length, method)
|
|||
@auth_source_ldap.send method, "this is010this is020this is030this is040this is050this is060this is070this is080this is090this is100this is110this is120this is130this is140this is150this is160this is170this is180this is190this is200this is210this is220this is230this is240this is250 and something else"
|
|||
end
|
|||
| 9fd7478e | Paul Kelly | ||
def setup_user operation
|
|||
@one = users(:one)
|
|||
as_admin do
|
|||
role = Role.find_or_create_by_name :name => "#{operation}_authenticators"
|
|||
role.permissions = ["#{operation}_authenticators".to_sym]
|
|||
@one.roles = [role]
|
|||
@one.save!
|
|||
end
|
|||
User.current = @one
|
|||
end
|
|||
test "user with create permissions should be able to create" do
|
|||
setup_user "create"
|
|||
record = AuthSourceLdap.create :name => "dummy", :host => hosts(:one).name, :port => "1", :attr_login => "login"
|
|||
assert record.valid?
|
|||
assert !record.new_record?
|
|||
end
|
|||
test "user with view permissions should not be able to create" do
|
|||
setup_user "view"
|
|||
record = AuthSourceLdap.create :name => "dummy", :host => hosts(:one).name, :port => "1", :attr_login => "login"
|
|||
assert record.valid?
|
|||
assert record.new_record?
|
|||
end
|
|||
test "user with destroy permissions should be able to destroy" do
|
|||
setup_user "destroy"
|
|||
record = AuthSourceLdap.first
|
|||
assert record.destroy
|
|||
assert record.frozen?
|
|||
end
|
|||
test "user with edit permissions should not be able to destroy" do
|
|||
setup_user "edit"
|
|||
record = AuthSourceLdap.first
|
|||
assert !record.destroy
|
|||
assert !record.frozen?
|
|||
end
|
|||
test "user with edit permissions should be able to edit" do
|
|||
setup_user "edit"
|
|||
record = AuthSourceLdap.first
|
|||
record.name = "renamed"
|
|||
assert record.save
|
|||
end
|
|||
test "user with destroy permissions should not be able to edit" do
|
|||
setup_user "destroy"
|
|||
record = AuthSourceLdap.first
|
|||
record.name = "renamed"
|
|||
assert !record.save
|
|||
end
|
|||
| 2594caf0 | José Luis Escalante | end
|