Add ldap tests for verifying a user exists
This commit is contained in:
		
							parent
							
								
									9024419896
								
							
						
					
					
						commit
						1add992525
					
				
					 1 changed files with 55 additions and 0 deletions
				
			
		|  | @ -126,6 +126,14 @@ def mock_ldap(requires_email=True): | |||
|     obj.search_s.seed('ou=otheremployees,dc=quay,dc=io', 2, | ||||
|                       '(|(uid=unknown*)(mail=unknown*))')([]) | ||||
| 
 | ||||
|     no_users_found_exception = Exception() | ||||
|     no_users_found_exception.message = { 'matched': 'dc=quay,dc=io', 'desc': 'No such object' } | ||||
| 
 | ||||
|     obj.search_s.seed('ou=nonexistent,dc=quay,dc=io', 2)(no_users_found_exception) | ||||
|     obj.search_s.seed('ou=employees,dc=quay,dc=io', 2)([ | ||||
|         ('uid=cool.user,ou=employees,dc=quay,dc=io', cool_block) | ||||
|     ]) | ||||
| 
 | ||||
|     obj._results = {} | ||||
| 
 | ||||
|     def result3(messageid): | ||||
|  | @ -161,8 +169,12 @@ def mock_ldap(requires_email=True): | |||
|       obj._results['messageid'] = (None, results, None, [page_control]) | ||||
|       return msgid | ||||
| 
 | ||||
|     def search_ext_s(user_search_dn, scope): | ||||
|         return (obj.search_s(user_search_dn, scope), None) | ||||
| 
 | ||||
|     obj.search_ext = search_ext | ||||
|     obj.result3 = result3 | ||||
|     obj.search_ext_s = search_ext_s | ||||
| 
 | ||||
|     return obj | ||||
| 
 | ||||
|  | @ -456,6 +468,49 @@ class TestLDAP(unittest.TestCase): | |||
|     with mock_ldap() as ldap: | ||||
|       assert 'base_dn' in ldap.service_metadata() | ||||
| 
 | ||||
| 
 | ||||
|   def test_at_least_one_user_exists_invalid_creds(self): | ||||
|       base_dn = ['dc=quay', 'dc=io'] | ||||
|       admin_dn = 'uid=testy,ou=employees,dc=quay,dc=io' | ||||
|       admin_passwd = 'INVALIDPASSWORD' | ||||
|       user_rdn = ['ou=employees'] | ||||
|       uid_attr = 'uid' | ||||
|       email_attr = 'mail' | ||||
| 
 | ||||
|       with mock_ldap(): | ||||
|           ldap = LDAPUsers('ldap://localhost', base_dn, admin_dn, admin_passwd, user_rdn, | ||||
|                            uid_attr, email_attr) | ||||
| 
 | ||||
|           # Try to query with invalid credentials. | ||||
|           (response, err_msg) = ldap.at_least_one_user_exists() | ||||
|           self.assertFalse(response) | ||||
|           self.assertEquals('LDAP Admin dn or password is invalid', err_msg) | ||||
| 
 | ||||
|   def test_at_least_one_user_exists_no_users(self): | ||||
|       base_dn = ['dc=quay', 'dc=io'] | ||||
|       admin_dn = 'uid=testy,ou=employees,dc=quay,dc=io' | ||||
|       admin_passwd = 'password' | ||||
|       user_rdn = ['ou=nonexistent'] | ||||
|       uid_attr = 'uid' | ||||
|       email_attr = 'mail' | ||||
| 
 | ||||
|       with mock_ldap(): | ||||
|           ldap = LDAPUsers('ldap://localhost', base_dn, admin_dn, admin_passwd, user_rdn, | ||||
|                            uid_attr, email_attr) | ||||
| 
 | ||||
|           # Try to find users in a nonexistent group. | ||||
|           (response, err_msg) = ldap.at_least_one_user_exists() | ||||
|           self.assertFalse(response) | ||||
|           self.assertDictEqual({'matched': 'dc=quay,dc=io', 'desc': 'No such object'}, err_msg) | ||||
| 
 | ||||
|   def test_at_least_one_user_exists_true(self): | ||||
|       with mock_ldap() as ldap: | ||||
|           # Ensure we have at least a single user in the valid group | ||||
|           (response, err_msg) = ldap.at_least_one_user_exists() | ||||
|           self.assertIsNone(err_msg) | ||||
|           self.assertTrue(response) | ||||
| 
 | ||||
| 
 | ||||
| if __name__ == '__main__': | ||||
|   unittest.main() | ||||
| 
 | ||||
|  |  | |||
		Reference in a new issue