7df8ed4a60
Change SecScanAPI to use a uri creation func instead of test context Pass config provider through validator context Remove app config dependency for validators
78 lines
2.6 KiB
Python
78 lines
2.6 KiB
Python
import pytest
|
|
|
|
from util.config.validator import ValidatorContext
|
|
from util.config.validators import ConfigValidationException
|
|
from util.config.validators.validate_ldap import LDAPValidator
|
|
from util.morecollections import AttrDict
|
|
|
|
from test.test_ldap import mock_ldap
|
|
|
|
from test.fixtures import *
|
|
from app import config_provider
|
|
|
|
@pytest.mark.parametrize('unvalidated_config', [
|
|
({}),
|
|
({'AUTHENTICATION_TYPE': 'Database'}),
|
|
])
|
|
def test_validate_noop(unvalidated_config, app):
|
|
config = ValidatorContext(unvalidated_config)
|
|
config.config_provider = config_provider
|
|
LDAPValidator.validate(config)
|
|
|
|
@pytest.mark.parametrize('unvalidated_config', [
|
|
({'AUTHENTICATION_TYPE': 'LDAP'}),
|
|
({'AUTHENTICATION_TYPE': 'LDAP', 'LDAP_ADMIN_DN': 'foo'}),
|
|
])
|
|
def test_invalid_config(unvalidated_config, app):
|
|
with pytest.raises(ConfigValidationException):
|
|
config = ValidatorContext(unvalidated_config)
|
|
config.config_provider = config_provider
|
|
LDAPValidator.validate(config)
|
|
|
|
|
|
@pytest.mark.parametrize('uri', [
|
|
'foo',
|
|
'http://foo',
|
|
'ldap:foo',
|
|
])
|
|
def test_invalid_uri(uri, app):
|
|
config = {}
|
|
config['AUTHENTICATION_TYPE'] = 'LDAP'
|
|
config['LDAP_BASE_DN'] = ['dc=quay', 'dc=io']
|
|
config['LDAP_ADMIN_DN'] = 'uid=testy,ou=employees,dc=quay,dc=io'
|
|
config['LDAP_ADMIN_PASSWD'] = 'password'
|
|
config['LDAP_USER_RDN'] = ['ou=employees']
|
|
config['LDAP_URI'] = uri
|
|
|
|
with pytest.raises(ConfigValidationException):
|
|
config = ValidatorContext(config)
|
|
config.config_provider = config_provider
|
|
LDAPValidator.validate(config)
|
|
|
|
|
|
@pytest.mark.parametrize('username, password, expected_exception', [
|
|
('invaliduser', 'invalidpass', ConfigValidationException),
|
|
('someuser', 'invalidpass', ConfigValidationException),
|
|
('invaliduser', 'somepass', ConfigValidationException),
|
|
('someuser', 'somepass', None),
|
|
])
|
|
def test_validated_ldap(username, password, expected_exception, app):
|
|
config = {}
|
|
config['AUTHENTICATION_TYPE'] = 'LDAP'
|
|
config['LDAP_BASE_DN'] = ['dc=quay', 'dc=io']
|
|
config['LDAP_ADMIN_DN'] = 'uid=testy,ou=employees,dc=quay,dc=io'
|
|
config['LDAP_ADMIN_PASSWD'] = 'password'
|
|
config['LDAP_USER_RDN'] = ['ou=employees']
|
|
|
|
unvalidated_config = ValidatorContext(config)
|
|
unvalidated_config.user = AttrDict(dict(username=username))
|
|
unvalidated_config.user_password = password
|
|
unvalidated_config.config_provider = config_provider
|
|
|
|
if expected_exception is not None:
|
|
with pytest.raises(ConfigValidationException):
|
|
with mock_ldap():
|
|
LDAPValidator.validate(unvalidated_config)
|
|
else:
|
|
with mock_ldap():
|
|
LDAPValidator.validate(unvalidated_config)
|