Add ldap tests for verifying a user exists
This commit is contained in:
Sam Chow
parent
9024419896
commit
1add992525
1 changed files with 55 additions and 0 deletions
|
|
@ -126,6 +126,14 @@ def mock_ldap(requires_email=True):
|
||||||
obj.search_s.seed('ou=otheremployees,dc=quay,dc=io', 2,
|
obj.search_s.seed('ou=otheremployees,dc=quay,dc=io', 2,
|
||||||
'(|(uid=unknown*)(mail=unknown*))')([])
|
'(|(uid=unknown*)(mail=unknown*))')([])
|
||||||
|
|
||||||
|
no_users_found_exception = Exception()
|
||||||
|
no_users_found_exception.message = { 'matched': 'dc=quay,dc=io', 'desc': 'No such object' }
|
||||||
|
|
||||||
|
obj.search_s.seed('ou=nonexistent,dc=quay,dc=io', 2)(no_users_found_exception)
|
||||||
|
obj.search_s.seed('ou=employees,dc=quay,dc=io', 2)([
|
||||||
|
('uid=cool.user,ou=employees,dc=quay,dc=io', cool_block)
|
||||||
|
])
|
||||||
|
|
||||||
obj._results = {}
|
obj._results = {}
|
||||||
|
|
||||||
def result3(messageid):
|
def result3(messageid):
|
||||||
|
|
@ -161,8 +169,12 @@ def mock_ldap(requires_email=True):
|
||||||
obj._results['messageid'] = (None, results, None, [page_control])
|
obj._results['messageid'] = (None, results, None, [page_control])
|
||||||
return msgid
|
return msgid
|
||||||
|
|
||||||
|
def search_ext_s(user_search_dn, scope):
|
||||||
|
return (obj.search_s(user_search_dn, scope), None)
|
||||||
|
|
||||||
obj.search_ext = search_ext
|
obj.search_ext = search_ext
|
||||||
obj.result3 = result3
|
obj.result3 = result3
|
||||||
|
obj.search_ext_s = search_ext_s
|
||||||
|
|
||||||
return obj
|
return obj
|
||||||
|
|
||||||
|
|
@ -456,6 +468,49 @@ class TestLDAP(unittest.TestCase):
|
||||||
with mock_ldap() as ldap:
|
with mock_ldap() as ldap:
|
||||||
assert 'base_dn' in ldap.service_metadata()
|
assert 'base_dn' in ldap.service_metadata()
|
||||||
|
|
||||||
|
|
||||||
|
def test_at_least_one_user_exists_invalid_creds(self):
|
||||||
|
base_dn = ['dc=quay', 'dc=io']
|
||||||
|
admin_dn = 'uid=testy,ou=employees,dc=quay,dc=io'
|
||||||
|
admin_passwd = 'INVALIDPASSWORD'
|
||||||
|
user_rdn = ['ou=employees']
|
||||||
|
uid_attr = 'uid'
|
||||||
|
email_attr = 'mail'
|
||||||
|
|
||||||
|
with mock_ldap():
|
||||||
|
ldap = LDAPUsers('ldap://localhost', base_dn, admin_dn, admin_passwd, user_rdn,
|
||||||
|
uid_attr, email_attr)
|
||||||
|
|
||||||
|
# Try to query with invalid credentials.
|
||||||
|
(response, err_msg) = ldap.at_least_one_user_exists()
|
||||||
|
self.assertFalse(response)
|
||||||
|
self.assertEquals('LDAP Admin dn or password is invalid', err_msg)
|
||||||
|
|
||||||
|
def test_at_least_one_user_exists_no_users(self):
|
||||||
|
base_dn = ['dc=quay', 'dc=io']
|
||||||
|
admin_dn = 'uid=testy,ou=employees,dc=quay,dc=io'
|
||||||
|
admin_passwd = 'password'
|
||||||
|
user_rdn = ['ou=nonexistent']
|
||||||
|
uid_attr = 'uid'
|
||||||
|
email_attr = 'mail'
|
||||||
|
|
||||||
|
with mock_ldap():
|
||||||
|
ldap = LDAPUsers('ldap://localhost', base_dn, admin_dn, admin_passwd, user_rdn,
|
||||||
|
uid_attr, email_attr)
|
||||||
|
|
||||||
|
# Try to find users in a nonexistent group.
|
||||||
|
(response, err_msg) = ldap.at_least_one_user_exists()
|
||||||
|
self.assertFalse(response)
|
||||||
|
self.assertDictEqual({'matched': 'dc=quay,dc=io', 'desc': 'No such object'}, err_msg)
|
||||||
|
|
||||||
|
def test_at_least_one_user_exists_true(self):
|
||||||
|
with mock_ldap() as ldap:
|
||||||
|
# Ensure we have at least a single user in the valid group
|
||||||
|
(response, err_msg) = ldap.at_least_one_user_exists()
|
||||||
|
self.assertIsNone(err_msg)
|
||||||
|
self.assertTrue(response)
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
unittest.main()
|
unittest.main()
|
||||||
|
|
||||||
|
|
|
||||||
Reference in a new issue