summaryrefslogtreecommitdiff
path: root/tests/units/Core/Ldap/LdapUserTest.php
diff options
context:
space:
mode:
authorFrederic Guillot <fred@kanboard.net>2015-12-05 20:31:27 -0500
committerFrederic Guillot <fred@kanboard.net>2015-12-05 20:31:27 -0500
commite9fedf3e5cd63aea4da7a71f6647ee427c62fa49 (patch)
treeabc2de5aebace4a2d7c94805552264dab6b10bc7 /tests/units/Core/Ldap/LdapUserTest.php
parent346b8312e5ac877ce3192c2db3a26b500018bbb5 (diff)
Rewrite of the authentication and authorization system
Diffstat (limited to 'tests/units/Core/Ldap/LdapUserTest.php')
-rw-r--r--tests/units/Core/Ldap/LdapUserTest.php379
1 files changed, 379 insertions, 0 deletions
diff --git a/tests/units/Core/Ldap/LdapUserTest.php b/tests/units/Core/Ldap/LdapUserTest.php
new file mode 100644
index 00000000..2b3db1e5
--- /dev/null
+++ b/tests/units/Core/Ldap/LdapUserTest.php
@@ -0,0 +1,379 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Ldap\User;
+use Kanboard\Core\Ldap\Entries;
+use Kanboard\Core\Security\Role;
+
+class LdapUserTest extends Base
+{
+ private $query;
+ private $client;
+ private $user;
+
+ public function setUp()
+ {
+ parent::setUp();
+
+ $this->client = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\Client')
+ ->setMethods(array(
+ 'getConnection',
+ ))
+ ->getMock();
+
+ $this->query = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\Query')
+ ->setConstructorArgs(array($this->client))
+ ->setMethods(array(
+ 'execute',
+ 'hasResult',
+ 'getEntries',
+ ))
+ ->getMock();
+
+ $this->user = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\User')
+ ->setConstructorArgs(array($this->query))
+ ->setMethods(array(
+ 'getAttributeUsername',
+ 'getAttributeEmail',
+ 'getAttributeName',
+ 'getAttributeGroup',
+ 'getGroupAdminDn',
+ 'getGroupManagerDn',
+ 'getBasDn',
+ ))
+ ->getMock();
+ }
+
+ public function testGetUser()
+ {
+ $entries = new Entries(array(
+ 'count' => 1,
+ 0 => array(
+ 'count' => 2,
+ 'dn' => 'uid=my_ldap_user,ou=People,dc=kanboard,dc=local',
+ 'displayname' => array(
+ 'count' => 1,
+ 0 => 'My LDAP user',
+ ),
+ 'mail' => array(
+ 'count' => 2,
+ 0 => 'user1@localhost',
+ 1 => 'user2@localhost',
+ ),
+ 'samaccountname' => array(
+ 'count' => 1,
+ 0 => 'my_ldap_user',
+ ),
+ 0 => 'displayname',
+ 1 => 'mail',
+ 2 => 'samaccountname',
+ )
+ ));
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('ou=People,dc=kanboard,dc=local'),
+ $this->equalTo('(uid=my_ldap_user)')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(true));
+
+ $this->query
+ ->expects($this->once())
+ ->method('getEntries')
+ ->will($this->returnValue($entries));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeUsername')
+ ->will($this->returnValue('samaccountname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('displayname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeEmail')
+ ->will($this->returnValue('mail'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
+
+ $user = $this->user->find('(uid=my_ldap_user)');
+ $this->assertInstanceOf('Kanboard\User\LdapUserProvider', $user);
+ $this->assertEquals('uid=my_ldap_user,ou=People,dc=kanboard,dc=local', $user->getDn());
+ $this->assertEquals('my_ldap_user', $user->getUsername());
+ $this->assertEquals('My LDAP user', $user->getName());
+ $this->assertEquals('user1@localhost', $user->getEmail());
+ $this->assertEquals(Role::APP_USER, $user->getRole());
+ $this->assertEquals(array(), $user->getExternalGroupIds());
+ $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes());
+ }
+
+ public function testGetUserWithAdminRole()
+ {
+ $entries = new Entries(array(
+ 'count' => 1,
+ 0 => array(
+ 'count' => 2,
+ 'dn' => 'uid=my_ldap_user,ou=People,dc=kanboard,dc=local',
+ 'displayname' => array(
+ 'count' => 1,
+ 0 => 'My LDAP user',
+ ),
+ 'mail' => array(
+ 'count' => 2,
+ 0 => 'user1@localhost',
+ 1 => 'user2@localhost',
+ ),
+ 'samaccountname' => array(
+ 'count' => 1,
+ 0 => 'my_ldap_user',
+ ),
+ 'memberof' => array(
+ 'count' => 1,
+ 0 => 'CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local',
+ ),
+ 0 => 'displayname',
+ 1 => 'mail',
+ 2 => 'samaccountname',
+ 3 => 'memberof',
+ )
+ ));
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('ou=People,dc=kanboard,dc=local'),
+ $this->equalTo('(uid=my_ldap_user)')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(true));
+
+ $this->query
+ ->expects($this->once())
+ ->method('getEntries')
+ ->will($this->returnValue($entries));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeUsername')
+ ->will($this->returnValue('samaccountname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('displayname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeEmail')
+ ->will($this->returnValue('mail'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeGroup')
+ ->will($this->returnValue('memberof'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getGroupAdminDn')
+ ->will($this->returnValue('CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
+
+ $user = $this->user->find('(uid=my_ldap_user)');
+ $this->assertInstanceOf('Kanboard\User\LdapUserProvider', $user);
+ $this->assertEquals('uid=my_ldap_user,ou=People,dc=kanboard,dc=local', $user->getDn());
+ $this->assertEquals('my_ldap_user', $user->getUsername());
+ $this->assertEquals('My LDAP user', $user->getName());
+ $this->assertEquals('user1@localhost', $user->getEmail());
+ $this->assertEquals(Role::APP_ADMIN, $user->getRole());
+ $this->assertEquals(array('CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local'), $user->getExternalGroupIds());
+ $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes());
+ }
+
+ public function testGetUserWithManagerRole()
+ {
+ $entries = new Entries(array(
+ 'count' => 1,
+ 0 => array(
+ 'count' => 2,
+ 'dn' => 'uid=my_ldap_user,ou=People,dc=kanboard,dc=local',
+ 'displayname' => array(
+ 'count' => 1,
+ 0 => 'My LDAP user',
+ ),
+ 'mail' => array(
+ 'count' => 2,
+ 0 => 'user1@localhost',
+ 1 => 'user2@localhost',
+ ),
+ 'samaccountname' => array(
+ 'count' => 1,
+ 0 => 'my_ldap_user',
+ ),
+ 'memberof' => array(
+ 'count' => 2,
+ 0 => 'CN=Kanboard-Users,CN=Users,DC=kanboard,DC=local',
+ 1 => 'CN=Kanboard-Managers,CN=Users,DC=kanboard,DC=local',
+ ),
+ 0 => 'displayname',
+ 1 => 'mail',
+ 2 => 'samaccountname',
+ 3 => 'memberof',
+ )
+ ));
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('ou=People,dc=kanboard,dc=local'),
+ $this->equalTo('(uid=my_ldap_user)')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(true));
+
+ $this->query
+ ->expects($this->once())
+ ->method('getEntries')
+ ->will($this->returnValue($entries));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeUsername')
+ ->will($this->returnValue('samaccountname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('displayname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeEmail')
+ ->will($this->returnValue('mail'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeGroup')
+ ->will($this->returnValue('memberof'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getGroupManagerDn')
+ ->will($this->returnValue('CN=Kanboard-Managers,CN=Users,DC=kanboard,DC=local'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
+
+ $user = $this->user->find('(uid=my_ldap_user)');
+ $this->assertInstanceOf('Kanboard\User\LdapUserProvider', $user);
+ $this->assertEquals('uid=my_ldap_user,ou=People,dc=kanboard,dc=local', $user->getDn());
+ $this->assertEquals('my_ldap_user', $user->getUsername());
+ $this->assertEquals('My LDAP user', $user->getName());
+ $this->assertEquals('user1@localhost', $user->getEmail());
+ $this->assertEquals(Role::APP_MANAGER, $user->getRole());
+ $this->assertEquals(array('CN=Kanboard-Users,CN=Users,DC=kanboard,DC=local', 'CN=Kanboard-Managers,CN=Users,DC=kanboard,DC=local'), $user->getExternalGroupIds());
+ $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes());
+ }
+
+ public function testGetUserNotFound()
+ {
+ $entries = new Entries(array());
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('ou=People,dc=kanboard,dc=local'),
+ $this->equalTo('(uid=my_ldap_user)')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(false));
+
+ $this->query
+ ->expects($this->never())
+ ->method('getEntries');
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeUsername')
+ ->will($this->returnValue('samaccountname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('displayname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeEmail')
+ ->will($this->returnValue('mail'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
+
+ $user = $this->user->find('(uid=my_ldap_user)');
+ $this->assertEquals(null, $user);
+ }
+
+ public function testGetBaseDnNotConfigured()
+ {
+ $this->setExpectedException('\LogicException');
+
+ $user = new User($this->query);
+ $user->getBasDn();
+ }
+}