LDAP improvements:

- Better logging - Better error messages - Add unit tests - Clean up the setup tool for LDAP
2015-05-11 21:23:18 -04:00 · 2015-05-11 21:23:18 -04:00 · efab02ae47
commit efab02ae47
parent 3e1abba284
5 changed files with 173 additions and 28 deletions
--- a/test/test_ldap.py
+++ b/test/test_ldap.py
@ -0,0 +1,83 @@
+import unittest
+
+from app import app
+from initdb import setup_database_for_testing, finished_database_for_testing
+from data import model
+from data.users import LDAPUsers
+
+from mockldap import MockLdap
+
+class TestLDAP(unittest.TestCase):
+  def setUp(self):
+    setup_database_for_testing(self)
+    self.app = app.test_client()
+    self.ctx = app.test_request_context()
+    self.ctx.__enter__()
+
+    self.mockldap = MockLdap({
+      'dc=quay,dc=io': {'dc': ['quay', 'io']},
+      'ou=employees,dc=quay,dc=io': {
+        'dc': ['quay', 'io'],
+        'ou': 'employees'
+      },
+      'uid=testy,ou=employees,dc=quay,dc=io': {
+        'dc': ['quay', 'io'],
+        'ou': 'employees',
+        'uid': 'testy',
+        'userPassword': ['password']
+      },
+      'uid=someuser,ou=employees,dc=quay,dc=io': {
+        'dc': ['quay', 'io'],
+        'ou': 'employees',
+        'uid': ['someuser'],
+        'userPassword': ['somepass'],
+        'mail': ['foo@bar.com']
+      },
+      'uid=nomail,ou=employees,dc=quay,dc=io': {
+        'dc': ['quay', 'io'],
+        'ou': 'employees',
+        'uid': ['nomail'],
+        'userPassword': ['somepass']
+      }
+    })
+
+    self.mockldap.start()
+
+  def tearDown(self):
+    self.mockldap.stop()
+    finished_database_for_testing(self)
+    self.ctx.__exit__(True, None, None)
+
+  def test_login(self):
+    base_dn = ['dc=quay', 'dc=io']
+    admin_dn = 'uid=testy,ou=employees,dc=quay,dc=io'
+    admin_passwd = 'password'
+    user_rdn = ['ou=employees']
+    uid_attr = 'uid'
+    email_attr = 'mail'
+
+    ldap = LDAPUsers('ldap://localhost', base_dn, admin_dn, admin_passwd, user_rdn,
+                     uid_attr, email_attr)
+
+    (response, _) = ldap.verify_user('someuser', 'somepass')
+    self.assertEquals(response.username, 'someuser')
+
+  def test_missing_mail(self):
+    base_dn = ['dc=quay', 'dc=io']
+    admin_dn = 'uid=testy,ou=employees,dc=quay,dc=io'
+    admin_passwd = 'password'
+    user_rdn = ['ou=employees']
+    uid_attr = 'uid'
+    email_attr = 'mail'
+
+    ldap = LDAPUsers('ldap://localhost', base_dn, admin_dn, admin_passwd, user_rdn,
+                     uid_attr, email_attr)
+
+    (response, err_msg) = ldap.verify_user('nomail', 'somepass')
+    self.assertIsNone(response)
+    self.assertEquals('Missing mail field "mail" in user record', err_msg)
+
+
+if __name__ == '__main__':
+  unittest.main()
+