Add generic LDAP client library

3 files changed, 427 insertions, 0 deletions

diff --git a/tests/units/Core/Ldap/ClientTest.php b/tests/units/Core/Ldap/ClientTest.php
new file mode 100644
index 00000000..7b6e983d
--- /dev/null
+++ b/tests/units/Core/Ldap/ClientTest.php
@@ -0,0 +1,195 @@
+<?php
+
+namespace Kanboard\Core\Ldap;
+
+require_once __DIR__.'/../../Base.php';
+
+function ldap_connect($hostname, $port)
+{
+    return ClientTest::$functions->ldap_connect($hostname, $port);
+}
+
+function ldap_set_option()
+{
+}
+
+function ldap_bind($link_identifier, $bind_rdn = null, $bind_password = null)
+{
+    return ClientTest::$functions->ldap_bind($link_identifier, $bind_rdn, $bind_password);
+}
+
+function ldap_start_tls($link_identifier)
+{
+    return ClientTest::$functions->ldap_start_tls($link_identifier);
+}
+
+class ClientTest extends \Base
+{
+    public static $functions;
+    private $ldap;
+
+    public function setUp()
+    {
+        parent::setup();
+
+        self::$functions = $this
+            ->getMockBuilder('stdClass')
+            ->setMethods(array(
+                'ldap_connect',
+                'ldap_set_option',
+                'ldap_bind',
+                'ldap_start_tls',
+            ))
+            ->getMock();
+    }
+
+    public function tearDown()
+    {
+        parent::tearDown();
+        self::$functions = null;
+    }
+
+    public function testConnectSuccess()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_connect')
+            ->with(
+                $this->equalTo('my_ldap_server'),
+                $this->equalTo(389)
+            )
+            ->will($this->returnValue('my_ldap_resource'));
+
+        $ldap = new Client;
+        $this->assertEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server'));
+    }
+
+    public function testConnectFailure()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_connect')
+            ->with(
+                $this->equalTo('my_ldap_server'),
+                $this->equalTo(389)
+            )
+            ->will($this->returnValue(false));
+
+        $this->setExpectedException('\Kanboard\Core\Ldap\ClientException');
+
+        $ldap = new Client;
+        $this->assertNotEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server'));
+    }
+
+    public function testConnectSuccessWithTLS()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_connect')
+            ->with(
+                $this->equalTo('my_ldap_server'),
+                $this->equalTo(389)
+            )
+            ->will($this->returnValue('my_ldap_resource'));
+
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_start_tls')
+            ->with(
+                $this->equalTo('my_ldap_resource')
+            )
+            ->will($this->returnValue(true));
+
+        $ldap = new Client;
+        $this->assertEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server', 389, true));
+    }
+
+    public function testConnectFailureWithTLS()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_connect')
+            ->with(
+                $this->equalTo('my_ldap_server'),
+                $this->equalTo(389)
+            )
+            ->will($this->returnValue('my_ldap_resource'));
+
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_start_tls')
+            ->with(
+                $this->equalTo('my_ldap_resource')
+            )
+            ->will($this->returnValue(false));
+
+        $this->setExpectedException('\Kanboard\Core\Ldap\ClientException');
+
+        $ldap = new Client;
+        $this->assertNotEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server', 389, true));
+    }
+
+    public function testAnonymousAuthenticationSuccess()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_bind')
+            ->with(
+                $this->equalTo('my_ldap_resource')
+            )
+            ->will($this->returnValue(true));
+
+        $ldap = new Client;
+        $this->assertTrue($ldap->useAnonymousAuthentication('my_ldap_resource'));
+    }
+
+    public function testAnonymousAuthenticationFailure()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_bind')
+            ->with(
+                $this->equalTo('my_ldap_resource')
+            )
+            ->will($this->returnValue(false));
+
+        $this->setExpectedException('\Kanboard\Core\Ldap\ClientException');
+
+        $ldap = new Client;
+        $ldap->useAnonymousAuthentication('my_ldap_resource');
+    }
+
+    public function testUserAuthenticationSuccess()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_bind')
+            ->with(
+                $this->equalTo('my_ldap_resource'),
+                $this->equalTo('my_ldap_user'),
+                $this->equalTo('my_ldap_password')
+            )
+            ->will($this->returnValue(true));
+
+        $ldap = new Client;
+        $this->assertTrue($ldap->authenticate('my_ldap_resource', 'my_ldap_user', 'my_ldap_password'));
+    }
+
+    public function testUserAuthenticationFailure()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_bind')
+            ->with(
+                $this->equalTo('my_ldap_resource'),
+                $this->equalTo('my_ldap_user'),
+                $this->equalTo('my_ldap_password')
+            )
+            ->will($this->returnValue(false));
+
+        $this->setExpectedException('\Kanboard\Core\Ldap\ClientException');
+
+        $ldap = new Client;
+        $ldap->authenticate('my_ldap_resource', 'my_ldap_user', 'my_ldap_password');
+    }
+}
diff --git a/tests/units/Core/Ldap/QueryTest.php b/tests/units/Core/Ldap/QueryTest.php
new file mode 100644
index 00000000..2eb3940f
--- /dev/null
+++ b/tests/units/Core/Ldap/QueryTest.php
@@ -0,0 +1,137 @@
+<?php
+
+namespace Kanboard\Core\Ldap;
+
+require_once __DIR__.'/../../Base.php';
+
+function ldap_search($link_identifier, $base_dn, $filter, array $attributes)
+{
+    return QueryTest::$functions->ldap_search($link_identifier, $base_dn, $filter, $attributes);
+}
+
+function ldap_get_entries($link_identifier, $result_identifier)
+{
+    return QueryTest::$functions->ldap_get_entries($link_identifier, $result_identifier);
+}
+
+class QueryTest extends \Base
+{
+    public static $functions;
+
+    public function setUp()
+    {
+        parent::setup();
+
+        self::$functions = $this
+            ->getMockBuilder('stdClass')
+            ->setMethods(array(
+                'ldap_search',
+                'ldap_get_entries',
+            ))
+            ->getMock();
+    }
+
+    public function tearDown()
+    {
+        parent::tearDown();
+        self::$functions = null;
+    }
+
+    public function testExecuteQuerySuccessfully()
+    {
+        $entries = array(
+            'count' => 1,
+            0 => array(
+                'count' => 2,
+                'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
+                'displayname' => array(
+                    'count' => 1,
+                    0 => 'My user',
+                ),
+                'mail' => array(
+                    'count' => 2,
+                    0 => 'user1@localhost',
+                    1 => 'user2@localhost',
+                ),
+                0 => 'displayname',
+                1 => 'mail',
+            )
+        );
+
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_search')
+            ->with(
+                $this->equalTo('my_ldap_resource'),
+                $this->equalTo('ou=People,dc=kanboard,dc=local'),
+                $this->equalTo('uid=my_user'),
+                $this->equalTo(array('displayname'))
+            )
+            ->will($this->returnValue('search_resource'));
+
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_get_entries')
+            ->with(
+                $this->equalTo('my_ldap_resource'),
+                $this->equalTo('search_resource')
+            )
+            ->will($this->returnValue($entries));
+
+        $query = new Query;
+        $query->execute('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname'));
+        $this->assertTrue($query->hasResult());
+
+        $this->assertEquals('My user', $query->getAttributeValue('displayname'));
+        $this->assertEquals('user1@localhost', $query->getAttributeValue('mail'));
+        $this->assertEquals('', $query->getAttributeValue('not_found'));
+
+        $this->assertEquals('uid=my_user,ou=People,dc=kanboard,dc=local', $query->getAttribute('dn'));
+        $this->assertEquals(null, $query->getAttribute('missing'));
+    }
+
+    public function testExecuteQueryNotFound()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_search')
+            ->with(
+                $this->equalTo('my_ldap_resource'),
+                $this->equalTo('ou=People,dc=kanboard,dc=local'),
+                $this->equalTo('uid=my_user'),
+                $this->equalTo(array('displayname'))
+            )
+            ->will($this->returnValue('search_resource'));
+
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_get_entries')
+            ->with(
+                $this->equalTo('my_ldap_resource'),
+                $this->equalTo('search_resource')
+            )
+            ->will($this->returnValue(array()));
+
+        $query = new Query;
+        $query->execute('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname'));
+        $this->assertFalse($query->hasResult());
+    }
+
+    public function testExecuteQueryFailed()
+    {
+        self::$functions
+            ->expects($this->once())
+            ->method('ldap_search')
+            ->with(
+                $this->equalTo('my_ldap_resource'),
+                $this->equalTo('ou=People,dc=kanboard,dc=local'),
+                $this->equalTo('uid=my_user'),
+                $this->equalTo(array('displayname'))
+            )
+            ->will($this->returnValue(false));
+
+        $query = new Query;
+        $query->execute('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname'));
+        $this->assertFalse($query->hasResult());
+    }
+}
diff --git a/tests/units/Core/Ldap/UserTest.php b/tests/units/Core/Ldap/UserTest.php
new file mode 100644
index 00000000..b19592c2
--- /dev/null
+++ b/tests/units/Core/Ldap/UserTest.php
@@ -0,0 +1,95 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Ldap\User;
+
+class UserTest extends Base
+{
+    public function testGetProfile()
+    {
+        $entries = array(
+            'count' => 1,
+            0 => array(
+                'count' => 2,
+                'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
+                'displayname' => array(
+                    'count' => 1,
+                    0 => 'My LDAP user',
+                ),
+                'mail' => array(
+                    'count' => 2,
+                    0 => 'user1@localhost',
+                    1 => 'user2@localhost',
+                ),
+                'samaccountname' => array(
+                    'count' => 1,
+                    0 => 'my_ldap_user',
+                ),
+                0 => 'displayname',
+                1 => 'mail',
+                2 => 'samaccountname',
+            )
+        );
+
+        $expected = array(
+            'ldap_id' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
+            'username' => 'my_ldap_user',
+            'name' => 'My LDAP user',
+            'email' => 'user1@localhost',
+            'is_admin' => 0,
+            'is_project_admin' => 0,
+            'is_ldap_user' => 1,
+        );
+
+        $query = $this
+            ->getMockBuilder('\Kanboard\Core\Ldap\Query')
+            ->setConstructorArgs(array($entries))
+            ->setMethods(array(
+                'execute',
+                'hasResult',
+            ))
+            ->getMock();
+
+        $query
+            ->expects($this->once())
+            ->method('execute')
+            ->with(
+                $this->equalTo('my_ldap_resource'),
+                $this->equalTo('ou=People,dc=kanboard,dc=local'),
+                $this->equalTo('(uid=my_user)')
+            );
+
+        $query
+            ->expects($this->once())
+            ->method('hasResult')
+            ->will($this->returnValue(true));
+
+        $user = $this
+            ->getMockBuilder('\Kanboard\Core\Ldap\User')
+            ->setConstructorArgs(array($query))
+            ->setMethods(array(
+                'getAttributeUsername',
+                'getAttributeEmail',
+                'getAttributeName',
+            ))
+            ->getMock();
+
+        $user
+            ->expects($this->any())
+            ->method('getAttributeUsername')
+            ->will($this->returnValue('samaccountname'));
+
+        $user
+            ->expects($this->any())
+            ->method('getAttributeName')
+            ->will($this->returnValue('displayname'));
+
+        $user
+            ->expects($this->any())
+            ->method('getAttributeEmail')
+            ->will($this->returnValue('mail'));
+
+        $this->assertEquals($expected, $user->getProfile('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', '(uid=my_user)'));
+    }
+}