2019-06-17 21:32:20 +03:00
// Copyright 2019 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2019-06-17 21:32:20 +03:00
package cmd
import (
2021-11-07 06:11:27 +03:00
"context"
2019-06-17 21:32:20 +03:00
"testing"
2022-01-02 16:12:35 +03:00
"code.gitea.io/gitea/models/auth"
2021-07-24 13:16:34 +03:00
"code.gitea.io/gitea/services/auth/source/ldap"
2019-06-17 21:32:20 +03:00
"github.com/stretchr/testify/assert"
2023-07-21 12:28:19 +03:00
"github.com/urfave/cli/v2"
2019-06-17 21:32:20 +03:00
)
func TestAddLdapBindDn ( t * testing . T ) {
// Mock cli functions to do not exit on error
2022-01-20 20:46:10 +03:00
osExiter := cli . OsExiter
2019-06-17 21:32:20 +03:00
defer func ( ) { cli . OsExiter = osExiter } ( )
cli . OsExiter = func ( code int ) { }
// Test cases
2022-01-20 20:46:10 +03:00
cases := [ ] struct {
2022-01-02 16:12:35 +03:00
args [ ] string
source * auth . Source
errMsg string
2019-06-17 21:32:20 +03:00
} {
// case 0
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (via Bind DN) source full" ,
"--not-active" ,
"--security-protocol" , "ldaps" ,
"--skip-tls-verify" ,
"--host" , "ldap-bind-server full" ,
"--port" , "9876" ,
"--user-search-base" , "ou=Users,dc=full-domain-bind,dc=org" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=full-domain-bind,dc=org)" ,
"--admin-filter" , "(memberOf=cn=admin-group,ou=example,dc=full-domain-bind,dc=org)" ,
2020-03-05 09:30:33 +03:00
"--restricted-filter" , "(memberOf=cn=restricted-group,ou=example,dc=full-domain-bind,dc=org)" ,
2019-06-17 21:32:20 +03:00
"--username-attribute" , "uid-bind full" ,
"--firstname-attribute" , "givenName-bind full" ,
"--surname-attribute" , "sn-bind full" ,
"--email-attribute" , "mail-bind full" ,
"--public-ssh-key-attribute" , "publickey-bind full" ,
2021-09-27 05:39:36 +03:00
"--avatar-attribute" , "avatar-bind full" ,
2019-06-17 21:32:20 +03:00
"--bind-dn" , "cn=readonly,dc=full-domain-bind,dc=org" ,
"--bind-password" , "secret-bind-full" ,
"--attributes-in-bind" ,
"--synchronize-users" ,
"--page-size" , "99" ,
} ,
2022-01-02 16:12:35 +03:00
source : & auth . Source {
Type : auth . LDAP ,
2019-06-17 21:32:20 +03:00
Name : "ldap (via Bind DN) source full" ,
2021-07-24 13:16:34 +03:00
IsActive : false ,
2019-06-17 21:32:20 +03:00
IsSyncEnabled : true ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Name : "ldap (via Bind DN) source full" ,
Host : "ldap-bind-server full" ,
Port : 9876 ,
SecurityProtocol : ldap . SecurityProtocol ( 1 ) ,
SkipVerify : true ,
BindDN : "cn=readonly,dc=full-domain-bind,dc=org" ,
BindPassword : "secret-bind-full" ,
UserBase : "ou=Users,dc=full-domain-bind,dc=org" ,
AttributeUsername : "uid-bind full" ,
AttributeName : "givenName-bind full" ,
AttributeSurname : "sn-bind full" ,
AttributeMail : "mail-bind full" ,
AttributesInBind : true ,
AttributeSSHPublicKey : "publickey-bind full" ,
2021-09-27 05:39:36 +03:00
AttributeAvatar : "avatar-bind full" ,
2021-07-24 13:16:34 +03:00
SearchPageSize : 99 ,
Filter : "(memberOf=cn=user-group,ou=example,dc=full-domain-bind,dc=org)" ,
AdminFilter : "(memberOf=cn=admin-group,ou=example,dc=full-domain-bind,dc=org)" ,
RestrictedFilter : "(memberOf=cn=restricted-group,ou=example,dc=full-domain-bind,dc=org)" ,
Enabled : true ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 1
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (via Bind DN) source min" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-bind-server min" ,
"--port" , "1234" ,
"--user-search-base" , "ou=Users,dc=min-domain-bind,dc=org" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=min-domain-bind,dc=org)" ,
"--email-attribute" , "mail-bind min" ,
} ,
2022-01-02 16:12:35 +03:00
source : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Name : "ldap (via Bind DN) source min" ,
IsActive : true ,
Cfg : & ldap . Source {
Name : "ldap (via Bind DN) source min" ,
Host : "ldap-bind-server min" ,
Port : 1234 ,
SecurityProtocol : ldap . SecurityProtocol ( 0 ) ,
UserBase : "ou=Users,dc=min-domain-bind,dc=org" ,
AttributeMail : "mail-bind min" ,
Filter : "(memberOf=cn=user-group,ou=example,dc=min-domain-bind,dc=org)" ,
Enabled : true ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 2
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (via Bind DN) source" ,
"--security-protocol" , "zzzzz" ,
"--host" , "ldap-server" ,
"--port" , "1234" ,
"--user-search-base" , "ou=Users,dc=domain,dc=org" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=domain,dc=org)" ,
"--email-attribute" , "mail" ,
} ,
errMsg : "Unknown security protocol name: zzzzz" ,
} ,
// case 3
{
args : [ ] string {
"ldap-test" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-server" ,
"--port" , "1234" ,
"--user-search-base" , "ou=Users,dc=domain,dc=org" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=domain,dc=org)" ,
"--email-attribute" , "mail" ,
} ,
errMsg : "name is not set" ,
} ,
// case 4
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (via Bind DN) source" ,
"--host" , "ldap-server" ,
"--port" , "1234" ,
"--user-search-base" , "ou=Users,dc=domain,dc=org" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=domain,dc=org)" ,
"--email-attribute" , "mail" ,
} ,
errMsg : "security-protocol is not set" ,
} ,
// case 5
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (via Bind DN) source" ,
"--security-protocol" , "unencrypted" ,
"--port" , "1234" ,
"--user-search-base" , "ou=Users,dc=domain,dc=org" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=domain,dc=org)" ,
"--email-attribute" , "mail" ,
} ,
errMsg : "host is not set" ,
} ,
// case 6
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (via Bind DN) source" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-server" ,
"--user-search-base" , "ou=Users,dc=domain,dc=org" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=domain,dc=org)" ,
"--email-attribute" , "mail" ,
} ,
errMsg : "port is not set" ,
} ,
// case 7
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (via Bind DN) source" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-server" ,
"--port" , "1234" ,
"--user-search-base" , "ou=Users,dc=domain,dc=org" ,
"--email-attribute" , "mail" ,
} ,
errMsg : "user-filter is not set" ,
} ,
// case 8
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (via Bind DN) source" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-server" ,
"--port" , "1234" ,
"--user-search-base" , "ou=Users,dc=domain,dc=org" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=domain,dc=org)" ,
} ,
errMsg : "email-attribute is not set" ,
} ,
}
for n , c := range cases {
// Mock functions.
2022-01-02 16:12:35 +03:00
var createdAuthSource * auth . Source
2019-06-17 21:32:20 +03:00
service := & authService {
2021-11-07 06:11:27 +03:00
initDB : func ( context . Context ) error {
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
createAuthSource : func ( ctx context . Context , authSource * auth . Source ) error {
2022-01-02 16:12:35 +03:00
createdAuthSource = authSource
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
updateAuthSource : func ( ctx context . Context , authSource * auth . Source ) error {
2022-01-02 16:12:35 +03:00
assert . FailNow ( t , "case %d: should not call updateAuthSource" , n )
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
getAuthSourceByID : func ( ctx context . Context , id int64 ) ( * auth . Source , error ) {
2022-01-02 16:12:35 +03:00
assert . FailNow ( t , "case %d: should not call getAuthSourceByID" , n )
2019-06-17 21:32:20 +03:00
return nil , nil
} ,
}
// Create a copy of command to test
app := cli . NewApp ( )
2023-09-27 15:25:38 +03:00
app . Flags = microcmdAuthAddLdapBindDn . Flags
2019-06-17 21:32:20 +03:00
app . Action = service . addLdapBindDn
// Run it
err := app . Run ( c . args )
if c . errMsg != "" {
assert . EqualError ( t , err , c . errMsg , "case %d: error should match" , n )
} else {
assert . NoError ( t , err , "case %d: should have no errors" , n )
2022-01-02 16:12:35 +03:00
assert . Equal ( t , c . source , createdAuthSource , "case %d: wrong authSource" , n )
2019-06-17 21:32:20 +03:00
}
}
}
func TestAddLdapSimpleAuth ( t * testing . T ) {
// Mock cli functions to do not exit on error
2022-01-20 20:46:10 +03:00
osExiter := cli . OsExiter
2019-06-17 21:32:20 +03:00
defer func ( ) { cli . OsExiter = osExiter } ( )
cli . OsExiter = func ( code int ) { }
// Test cases
2022-01-20 20:46:10 +03:00
cases := [ ] struct {
2022-01-02 16:12:35 +03:00
args [ ] string
authSource * auth . Source
errMsg string
2019-06-17 21:32:20 +03:00
} {
// case 0
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (simple auth) source full" ,
"--not-active" ,
"--security-protocol" , "starttls" ,
"--skip-tls-verify" ,
"--host" , "ldap-simple-server full" ,
"--port" , "987" ,
"--user-search-base" , "ou=Users,dc=full-domain-simple,dc=org" ,
"--user-filter" , "(&(objectClass=posixAccount)(full-simple-cn=%s))" ,
"--admin-filter" , "(memberOf=cn=admin-group,ou=example,dc=full-domain-simple,dc=org)" ,
2020-03-05 09:30:33 +03:00
"--restricted-filter" , "(memberOf=cn=restricted-group,ou=example,dc=full-domain-simple,dc=org)" ,
2019-06-17 21:32:20 +03:00
"--username-attribute" , "uid-simple full" ,
"--firstname-attribute" , "givenName-simple full" ,
"--surname-attribute" , "sn-simple full" ,
"--email-attribute" , "mail-simple full" ,
"--public-ssh-key-attribute" , "publickey-simple full" ,
2021-09-27 05:39:36 +03:00
"--avatar-attribute" , "avatar-simple full" ,
2019-06-17 21:32:20 +03:00
"--user-dn" , "cn=%s,ou=Users,dc=full-domain-simple,dc=org" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Name : "ldap (simple auth) source full" ,
IsActive : false ,
Cfg : & ldap . Source {
Name : "ldap (simple auth) source full" ,
Host : "ldap-simple-server full" ,
Port : 987 ,
SecurityProtocol : ldap . SecurityProtocol ( 2 ) ,
SkipVerify : true ,
UserDN : "cn=%s,ou=Users,dc=full-domain-simple,dc=org" ,
UserBase : "ou=Users,dc=full-domain-simple,dc=org" ,
AttributeUsername : "uid-simple full" ,
AttributeName : "givenName-simple full" ,
AttributeSurname : "sn-simple full" ,
AttributeMail : "mail-simple full" ,
AttributeSSHPublicKey : "publickey-simple full" ,
2021-09-27 05:39:36 +03:00
AttributeAvatar : "avatar-simple full" ,
2021-07-24 13:16:34 +03:00
Filter : "(&(objectClass=posixAccount)(full-simple-cn=%s))" ,
AdminFilter : "(memberOf=cn=admin-group,ou=example,dc=full-domain-simple,dc=org)" ,
RestrictedFilter : "(memberOf=cn=restricted-group,ou=example,dc=full-domain-simple,dc=org)" ,
Enabled : true ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 1
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (simple auth) source min" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-simple-server min" ,
"--port" , "123" ,
"--user-filter" , "(&(objectClass=posixAccount)(min-simple-cn=%s))" ,
"--email-attribute" , "mail-simple min" ,
"--user-dn" , "cn=%s,ou=Users,dc=min-domain-simple,dc=org" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Name : "ldap (simple auth) source min" ,
IsActive : true ,
Cfg : & ldap . Source {
Name : "ldap (simple auth) source min" ,
Host : "ldap-simple-server min" ,
Port : 123 ,
SecurityProtocol : ldap . SecurityProtocol ( 0 ) ,
UserDN : "cn=%s,ou=Users,dc=min-domain-simple,dc=org" ,
AttributeMail : "mail-simple min" ,
Filter : "(&(objectClass=posixAccount)(min-simple-cn=%s))" ,
Enabled : true ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 2
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (simple auth) source" ,
"--security-protocol" , "zzzzz" ,
"--host" , "ldap-server" ,
"--port" , "123" ,
"--user-filter" , "(&(objectClass=posixAccount)(cn=%s))" ,
"--email-attribute" , "mail" ,
"--user-dn" , "cn=%s,ou=Users,dc=domain,dc=org" ,
} ,
errMsg : "Unknown security protocol name: zzzzz" ,
} ,
// case 3
{
args : [ ] string {
"ldap-test" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-server" ,
"--port" , "123" ,
"--user-filter" , "(&(objectClass=posixAccount)(cn=%s))" ,
"--email-attribute" , "mail" ,
"--user-dn" , "cn=%s,ou=Users,dc=domain,dc=org" ,
} ,
errMsg : "name is not set" ,
} ,
// case 4
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (simple auth) source" ,
"--host" , "ldap-server" ,
"--port" , "123" ,
"--user-filter" , "(&(objectClass=posixAccount)(cn=%s))" ,
"--email-attribute" , "mail" ,
"--user-dn" , "cn=%s,ou=Users,dc=domain,dc=org" ,
} ,
errMsg : "security-protocol is not set" ,
} ,
// case 5
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (simple auth) source" ,
"--security-protocol" , "unencrypted" ,
"--port" , "123" ,
"--user-filter" , "(&(objectClass=posixAccount)(cn=%s))" ,
"--email-attribute" , "mail" ,
"--user-dn" , "cn=%s,ou=Users,dc=domain,dc=org" ,
} ,
errMsg : "host is not set" ,
} ,
// case 6
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (simple auth) source" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-server" ,
"--user-filter" , "(&(objectClass=posixAccount)(cn=%s))" ,
"--email-attribute" , "mail" ,
"--user-dn" , "cn=%s,ou=Users,dc=domain,dc=org" ,
} ,
errMsg : "port is not set" ,
} ,
// case 7
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (simple auth) source" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-server" ,
"--port" , "123" ,
"--email-attribute" , "mail" ,
"--user-dn" , "cn=%s,ou=Users,dc=domain,dc=org" ,
} ,
errMsg : "user-filter is not set" ,
} ,
// case 8
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (simple auth) source" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-server" ,
"--port" , "123" ,
"--user-filter" , "(&(objectClass=posixAccount)(cn=%s))" ,
"--user-dn" , "cn=%s,ou=Users,dc=domain,dc=org" ,
} ,
errMsg : "email-attribute is not set" ,
} ,
// case 9
{
args : [ ] string {
"ldap-test" ,
"--name" , "ldap (simple auth) source" ,
"--security-protocol" , "unencrypted" ,
"--host" , "ldap-server" ,
"--port" , "123" ,
"--user-filter" , "(&(objectClass=posixAccount)(cn=%s))" ,
"--email-attribute" , "mail" ,
} ,
errMsg : "user-dn is not set" ,
} ,
}
for n , c := range cases {
// Mock functions.
2022-01-02 16:12:35 +03:00
var createdAuthSource * auth . Source
2019-06-17 21:32:20 +03:00
service := & authService {
2021-11-07 06:11:27 +03:00
initDB : func ( context . Context ) error {
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
createAuthSource : func ( ctx context . Context , authSource * auth . Source ) error {
2022-01-02 16:12:35 +03:00
createdAuthSource = authSource
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
updateAuthSource : func ( ctx context . Context , authSource * auth . Source ) error {
2022-01-02 16:12:35 +03:00
assert . FailNow ( t , "case %d: should not call updateAuthSource" , n )
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
getAuthSourceByID : func ( ctx context . Context , id int64 ) ( * auth . Source , error ) {
2022-01-02 16:12:35 +03:00
assert . FailNow ( t , "case %d: should not call getAuthSourceByID" , n )
2019-06-17 21:32:20 +03:00
return nil , nil
} ,
}
// Create a copy of command to test
app := cli . NewApp ( )
2023-09-27 15:25:38 +03:00
app . Flags = microcmdAuthAddLdapSimpleAuth . Flags
2019-06-17 21:32:20 +03:00
app . Action = service . addLdapSimpleAuth
// Run it
err := app . Run ( c . args )
if c . errMsg != "" {
assert . EqualError ( t , err , c . errMsg , "case %d: error should match" , n )
} else {
assert . NoError ( t , err , "case %d: should have no errors" , n )
2022-01-02 16:12:35 +03:00
assert . Equal ( t , c . authSource , createdAuthSource , "case %d: wrong authSource" , n )
2019-06-17 21:32:20 +03:00
}
}
}
func TestUpdateLdapBindDn ( t * testing . T ) {
// Mock cli functions to do not exit on error
2022-01-20 20:46:10 +03:00
osExiter := cli . OsExiter
2019-06-17 21:32:20 +03:00
defer func ( ) { cli . OsExiter = osExiter } ( )
cli . OsExiter = func ( code int ) { }
// Test cases
2022-01-20 20:46:10 +03:00
cases := [ ] struct {
2022-01-02 16:12:35 +03:00
args [ ] string
id int64
existingAuthSource * auth . Source
authSource * auth . Source
errMsg string
2019-06-17 21:32:20 +03:00
} {
// case 0
{
args : [ ] string {
"ldap-test" ,
"--id" , "23" ,
"--name" , "ldap (via Bind DN) source full" ,
"--not-active" ,
"--security-protocol" , "LDAPS" ,
"--skip-tls-verify" ,
"--host" , "ldap-bind-server full" ,
"--port" , "9876" ,
"--user-search-base" , "ou=Users,dc=full-domain-bind,dc=org" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=full-domain-bind,dc=org)" ,
"--admin-filter" , "(memberOf=cn=admin-group,ou=example,dc=full-domain-bind,dc=org)" ,
2020-03-05 09:30:33 +03:00
"--restricted-filter" , "(memberOf=cn=restricted-group,ou=example,dc=full-domain-bind,dc=org)" ,
2019-06-17 21:32:20 +03:00
"--username-attribute" , "uid-bind full" ,
"--firstname-attribute" , "givenName-bind full" ,
"--surname-attribute" , "sn-bind full" ,
"--email-attribute" , "mail-bind full" ,
"--public-ssh-key-attribute" , "publickey-bind full" ,
2021-09-27 05:39:36 +03:00
"--avatar-attribute" , "avatar-bind full" ,
2019-06-17 21:32:20 +03:00
"--bind-dn" , "cn=readonly,dc=full-domain-bind,dc=org" ,
"--bind-password" , "secret-bind-full" ,
"--synchronize-users" ,
"--page-size" , "99" ,
} ,
id : 23 ,
2022-01-02 16:12:35 +03:00
existingAuthSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
IsActive : true ,
Cfg : & ldap . Source {
Enabled : true ,
2019-06-17 21:32:20 +03:00
} ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2019-06-17 21:32:20 +03:00
Name : "ldap (via Bind DN) source full" ,
2021-07-24 13:16:34 +03:00
IsActive : false ,
2019-06-17 21:32:20 +03:00
IsSyncEnabled : true ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Name : "ldap (via Bind DN) source full" ,
Host : "ldap-bind-server full" ,
Port : 9876 ,
SecurityProtocol : ldap . SecurityProtocol ( 1 ) ,
SkipVerify : true ,
BindDN : "cn=readonly,dc=full-domain-bind,dc=org" ,
BindPassword : "secret-bind-full" ,
UserBase : "ou=Users,dc=full-domain-bind,dc=org" ,
AttributeUsername : "uid-bind full" ,
AttributeName : "givenName-bind full" ,
AttributeSurname : "sn-bind full" ,
AttributeMail : "mail-bind full" ,
AttributesInBind : false ,
AttributeSSHPublicKey : "publickey-bind full" ,
2021-09-27 05:39:36 +03:00
AttributeAvatar : "avatar-bind full" ,
2021-07-24 13:16:34 +03:00
SearchPageSize : 99 ,
Filter : "(memberOf=cn=user-group,ou=example,dc=full-domain-bind,dc=org)" ,
AdminFilter : "(memberOf=cn=admin-group,ou=example,dc=full-domain-bind,dc=org)" ,
RestrictedFilter : "(memberOf=cn=restricted-group,ou=example,dc=full-domain-bind,dc=org)" ,
Enabled : true ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 1
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} ,
} ,
// case 2
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--name" , "ldap (via Bind DN) source" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2019-06-17 21:32:20 +03:00
Name : "ldap (via Bind DN) source" ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Name : "ldap (via Bind DN) source" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 3
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--not-active" ,
} ,
2022-01-02 16:12:35 +03:00
existingAuthSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
IsActive : true ,
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
IsActive : false ,
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} ,
} ,
// case 4
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--security-protocol" , "LDAPS" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
SecurityProtocol : ldap . SecurityProtocol ( 1 ) ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 5
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--skip-tls-verify" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
SkipVerify : true ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 6
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--host" , "ldap-server" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Host : "ldap-server" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 7
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--port" , "389" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Port : 389 ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 8
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--user-search-base" , "ou=Users,dc=domain,dc=org" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
UserBase : "ou=Users,dc=domain,dc=org" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 9
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--user-filter" , "(memberOf=cn=user-group,ou=example,dc=domain,dc=org)" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Filter : "(memberOf=cn=user-group,ou=example,dc=domain,dc=org)" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 10
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--admin-filter" , "(memberOf=cn=admin-group,ou=example,dc=domain,dc=org)" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AdminFilter : "(memberOf=cn=admin-group,ou=example,dc=domain,dc=org)" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 11
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--username-attribute" , "uid" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeUsername : "uid" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 12
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--firstname-attribute" , "givenName" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeName : "givenName" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 13
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--surname-attribute" , "sn" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeSurname : "sn" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 14
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--email-attribute" , "mail" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeMail : "mail" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 15
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--attributes-in-bind" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributesInBind : true ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 16
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--public-ssh-key-attribute" , "publickey" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeSSHPublicKey : "publickey" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 17
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--bind-dn" , "cn=readonly,dc=domain,dc=org" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
BindDN : "cn=readonly,dc=domain,dc=org" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 18
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--bind-password" , "secret" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
BindPassword : "secret" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 19
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--synchronize-users" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2019-06-17 21:32:20 +03:00
IsSyncEnabled : true ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} ,
} ,
// case 20
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--page-size" , "12" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
SearchPageSize : 12 ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 21
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--security-protocol" , "xxxxx" ,
} ,
errMsg : "Unknown security protocol name: xxxxx" ,
} ,
// case 22
{
args : [ ] string {
"ldap-test" ,
} ,
errMsg : "id is not set" ,
} ,
// case 23
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
} ,
2022-01-02 16:12:35 +03:00
existingAuthSource : & auth . Source {
Type : auth . OAuth2 ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} ,
errMsg : "Invalid authentication type. expected: LDAP (via BindDN), actual: OAuth2" ,
} ,
2022-07-04 12:21:14 +03:00
// case 24
{
args : [ ] string {
"ldap-test" ,
"--id" , "24" ,
"--name" , "ldap (via Bind DN) flip 'active' and 'user sync' attributes" ,
"--active" ,
"--disable-synchronize-users" ,
} ,
id : 24 ,
existingAuthSource : & auth . Source {
Type : auth . LDAP ,
IsActive : false ,
IsSyncEnabled : true ,
Cfg : & ldap . Source {
Name : "ldap (via Bind DN) flip 'active' and 'user sync' attributes" ,
Enabled : true ,
} ,
} ,
authSource : & auth . Source {
Type : auth . LDAP ,
Name : "ldap (via Bind DN) flip 'active' and 'user sync' attributes" ,
IsActive : true ,
IsSyncEnabled : false ,
Cfg : & ldap . Source {
Name : "ldap (via Bind DN) flip 'active' and 'user sync' attributes" ,
Enabled : true ,
} ,
} ,
} ,
2019-06-17 21:32:20 +03:00
}
for n , c := range cases {
// Mock functions.
2022-01-02 16:12:35 +03:00
var updatedAuthSource * auth . Source
2019-06-17 21:32:20 +03:00
service := & authService {
2021-11-07 06:11:27 +03:00
initDB : func ( context . Context ) error {
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
createAuthSource : func ( ctx context . Context , authSource * auth . Source ) error {
2022-01-02 16:12:35 +03:00
assert . FailNow ( t , "case %d: should not call createAuthSource" , n )
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
updateAuthSource : func ( ctx context . Context , authSource * auth . Source ) error {
2022-01-02 16:12:35 +03:00
updatedAuthSource = authSource
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
getAuthSourceByID : func ( ctx context . Context , id int64 ) ( * auth . Source , error ) {
2019-06-17 21:32:20 +03:00
if c . id != 0 {
assert . Equal ( t , c . id , id , "case %d: wrong id" , n )
}
2022-01-02 16:12:35 +03:00
if c . existingAuthSource != nil {
return c . existingAuthSource , nil
2019-06-17 21:32:20 +03:00
}
2022-01-02 16:12:35 +03:00
return & auth . Source {
Type : auth . LDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} , nil
} ,
}
// Create a copy of command to test
app := cli . NewApp ( )
2023-09-27 15:25:38 +03:00
app . Flags = microcmdAuthUpdateLdapBindDn . Flags
2019-06-17 21:32:20 +03:00
app . Action = service . updateLdapBindDn
// Run it
err := app . Run ( c . args )
if c . errMsg != "" {
assert . EqualError ( t , err , c . errMsg , "case %d: error should match" , n )
} else {
assert . NoError ( t , err , "case %d: should have no errors" , n )
2022-01-02 16:12:35 +03:00
assert . Equal ( t , c . authSource , updatedAuthSource , "case %d: wrong authSource" , n )
2019-06-17 21:32:20 +03:00
}
}
}
func TestUpdateLdapSimpleAuth ( t * testing . T ) {
// Mock cli functions to do not exit on error
2022-01-20 20:46:10 +03:00
osExiter := cli . OsExiter
2019-06-17 21:32:20 +03:00
defer func ( ) { cli . OsExiter = osExiter } ( )
cli . OsExiter = func ( code int ) { }
// Test cases
2022-01-20 20:46:10 +03:00
cases := [ ] struct {
2022-01-02 16:12:35 +03:00
args [ ] string
id int64
existingAuthSource * auth . Source
authSource * auth . Source
errMsg string
2019-06-17 21:32:20 +03:00
} {
// case 0
{
args : [ ] string {
"ldap-test" ,
"--id" , "7" ,
"--name" , "ldap (simple auth) source full" ,
"--not-active" ,
"--security-protocol" , "starttls" ,
"--skip-tls-verify" ,
"--host" , "ldap-simple-server full" ,
"--port" , "987" ,
"--user-search-base" , "ou=Users,dc=full-domain-simple,dc=org" ,
"--user-filter" , "(&(objectClass=posixAccount)(full-simple-cn=%s))" ,
"--admin-filter" , "(memberOf=cn=admin-group,ou=example,dc=full-domain-simple,dc=org)" ,
2020-03-05 09:30:33 +03:00
"--restricted-filter" , "(memberOf=cn=restricted-group,ou=example,dc=full-domain-simple,dc=org)" ,
2019-06-17 21:32:20 +03:00
"--username-attribute" , "uid-simple full" ,
"--firstname-attribute" , "givenName-simple full" ,
"--surname-attribute" , "sn-simple full" ,
"--email-attribute" , "mail-simple full" ,
"--public-ssh-key-attribute" , "publickey-simple full" ,
2021-09-27 05:39:36 +03:00
"--avatar-attribute" , "avatar-simple full" ,
2019-06-17 21:32:20 +03:00
"--user-dn" , "cn=%s,ou=Users,dc=full-domain-simple,dc=org" ,
} ,
id : 7 ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Name : "ldap (simple auth) source full" ,
IsActive : false ,
Cfg : & ldap . Source {
Name : "ldap (simple auth) source full" ,
Host : "ldap-simple-server full" ,
Port : 987 ,
SecurityProtocol : ldap . SecurityProtocol ( 2 ) ,
SkipVerify : true ,
UserDN : "cn=%s,ou=Users,dc=full-domain-simple,dc=org" ,
UserBase : "ou=Users,dc=full-domain-simple,dc=org" ,
AttributeUsername : "uid-simple full" ,
AttributeName : "givenName-simple full" ,
AttributeSurname : "sn-simple full" ,
AttributeMail : "mail-simple full" ,
AttributeSSHPublicKey : "publickey-simple full" ,
2021-09-27 05:39:36 +03:00
AttributeAvatar : "avatar-simple full" ,
2021-07-24 13:16:34 +03:00
Filter : "(&(objectClass=posixAccount)(full-simple-cn=%s))" ,
AdminFilter : "(memberOf=cn=admin-group,ou=example,dc=full-domain-simple,dc=org)" ,
RestrictedFilter : "(memberOf=cn=restricted-group,ou=example,dc=full-domain-simple,dc=org)" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 1
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} ,
} ,
// case 2
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--name" , "ldap (simple auth) source" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2019-06-17 21:32:20 +03:00
Name : "ldap (simple auth) source" ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Name : "ldap (simple auth) source" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 3
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--not-active" ,
} ,
2022-01-02 16:12:35 +03:00
existingAuthSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
IsActive : true ,
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
IsActive : false ,
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} ,
} ,
// case 4
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--security-protocol" , "starttls" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
SecurityProtocol : ldap . SecurityProtocol ( 2 ) ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 5
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--skip-tls-verify" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
SkipVerify : true ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 6
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--host" , "ldap-server" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Host : "ldap-server" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 7
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--port" , "987" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Port : 987 ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 8
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--user-search-base" , "ou=Users,dc=domain,dc=org" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
UserBase : "ou=Users,dc=domain,dc=org" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 9
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--user-filter" , "(&(objectClass=posixAccount)(cn=%s))" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
Filter : "(&(objectClass=posixAccount)(cn=%s))" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 10
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--admin-filter" , "(memberOf=cn=admin-group,ou=example,dc=domain,dc=org)" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AdminFilter : "(memberOf=cn=admin-group,ou=example,dc=domain,dc=org)" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 11
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--username-attribute" , "uid" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeUsername : "uid" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 12
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--firstname-attribute" , "givenName" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeName : "givenName" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 13
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--surname-attribute" , "sn" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeSurname : "sn" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 14
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--email-attribute" , "mail" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeMail : "mail" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 15
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--public-ssh-key-attribute" , "publickey" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
AttributeSSHPublicKey : "publickey" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 16
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--user-dn" , "cn=%s,ou=Users,dc=domain,dc=org" ,
} ,
2022-01-02 16:12:35 +03:00
authSource : & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source {
UserDN : "cn=%s,ou=Users,dc=domain,dc=org" ,
2019-06-17 21:32:20 +03:00
} ,
} ,
} ,
// case 17
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
"--security-protocol" , "xxxxx" ,
} ,
errMsg : "Unknown security protocol name: xxxxx" ,
} ,
// case 18
{
args : [ ] string {
"ldap-test" ,
} ,
errMsg : "id is not set" ,
} ,
// case 19
{
args : [ ] string {
"ldap-test" ,
"--id" , "1" ,
} ,
2022-01-02 16:12:35 +03:00
existingAuthSource : & auth . Source {
Type : auth . PAM ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} ,
errMsg : "Invalid authentication type. expected: LDAP (simple auth), actual: PAM" ,
} ,
2022-07-04 12:21:14 +03:00
// case 20
{
args : [ ] string {
"ldap-test" ,
"--id" , "20" ,
"--name" , "ldap (simple auth) flip 'active' attribute" ,
"--active" ,
} ,
id : 20 ,
existingAuthSource : & auth . Source {
Type : auth . DLDAP ,
IsActive : false ,
Cfg : & ldap . Source {
Name : "ldap (simple auth) flip 'active' attribute" ,
Enabled : true ,
} ,
} ,
authSource : & auth . Source {
Type : auth . DLDAP ,
Name : "ldap (simple auth) flip 'active' attribute" ,
IsActive : true ,
Cfg : & ldap . Source {
Name : "ldap (simple auth) flip 'active' attribute" ,
Enabled : true ,
} ,
} ,
} ,
2019-06-17 21:32:20 +03:00
}
for n , c := range cases {
// Mock functions.
2022-01-02 16:12:35 +03:00
var updatedAuthSource * auth . Source
2019-06-17 21:32:20 +03:00
service := & authService {
2021-11-07 06:11:27 +03:00
initDB : func ( context . Context ) error {
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
createAuthSource : func ( ctx context . Context , authSource * auth . Source ) error {
2022-01-02 16:12:35 +03:00
assert . FailNow ( t , "case %d: should not call createAuthSource" , n )
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
updateAuthSource : func ( ctx context . Context , authSource * auth . Source ) error {
2022-01-02 16:12:35 +03:00
updatedAuthSource = authSource
2019-06-17 21:32:20 +03:00
return nil
} ,
2023-10-11 07:24:07 +03:00
getAuthSourceByID : func ( ctx context . Context , id int64 ) ( * auth . Source , error ) {
2019-06-17 21:32:20 +03:00
if c . id != 0 {
assert . Equal ( t , c . id , id , "case %d: wrong id" , n )
}
2022-01-02 16:12:35 +03:00
if c . existingAuthSource != nil {
return c . existingAuthSource , nil
2019-06-17 21:32:20 +03:00
}
2022-01-02 16:12:35 +03:00
return & auth . Source {
Type : auth . DLDAP ,
2021-07-24 13:16:34 +03:00
Cfg : & ldap . Source { } ,
2019-06-17 21:32:20 +03:00
} , nil
} ,
}
// Create a copy of command to test
app := cli . NewApp ( )
2023-09-27 15:25:38 +03:00
app . Flags = microcmdAuthUpdateLdapSimpleAuth . Flags
2019-06-17 21:32:20 +03:00
app . Action = service . updateLdapSimpleAuth
// Run it
err := app . Run ( c . args )
if c . errMsg != "" {
assert . EqualError ( t , err , c . errMsg , "case %d: error should match" , n )
} else {
assert . NoError ( t , err , "case %d: should have no errors" , n )
2022-01-02 16:12:35 +03:00
assert . Equal ( t , c . authSource , updatedAuthSource , "case %d: wrong authSource" , n )
2019-06-17 21:32:20 +03:00
}
}
}