From 68c365ea8ab536a85d92d3769b0bbaa0e1691116 Mon Sep 17 00:00:00 2001 From: Alex Arnaud Date: Tue, 15 Nov 2016 09:46:52 +0000 Subject: [PATCH] Bug 6979 - Update tests Signed-off-by: Martin Renvoize Signed-off-by: Kyle M Hall --- C4/Auth_with_ldap.pm | 4 +- t/db_dependent/Auth_with_ldap.t | 110 ++++++++++++-------------------- 2 files changed, 43 insertions(+), 71 deletions(-) diff --git a/C4/Auth_with_ldap.pm b/C4/Auth_with_ldap.pm index 2ad3ee90c3..8b7533007c 100644 --- a/C4/Auth_with_ldap.pm +++ b/C4/Auth_with_ldap.pm @@ -60,6 +60,7 @@ my $prefhost = $ldap->{hostname} or die ldapserver_error('hostname'); my $base = $ldap->{base} or die ldapserver_error('base'); $ldapname = $ldap->{user} ; $ldappassword = $ldap->{pass} ; +$ldap->{anonymous_bind} = 1 unless $ldapname && $ldappassword; our %mapping = %{$ldap->{mapping}}; # FIXME dpavlin -- don't die because of || (); from 6eaf8511c70eb82d797c941ef528f4310a15e9f9 my @mapkeys = keys %mapping; $debug and print STDERR "Got ", scalar(@mapkeys), " ldap mapkeys ( total ): ", join ' ', @mapkeys, "\n"; @@ -176,7 +177,7 @@ sub checkpw_ldap { $userldapentry = $search->shift_entry; } } else { - my $res = ($config{anonymous}) ? $db->bind : $db->bind($ldapname, password=>$ldappassword); + my $res = ($ldap->{anonymous_bind}) ? $db->bind : $db->bind($ldapname, password=>$ldappassword); if ($res->code) { # connection refused warn "LDAP bind failed as ldapuser " . ($ldapname || '[ANONYMOUS]') . ": " . description($res); return 0; @@ -189,6 +190,7 @@ sub checkpw_ldap { warn "LDAP Auth rejected : invalid password for user '$userid'. " . description($user_ldap_bind_ret); return -1; } + } # To get here, LDAP has accepted our user's login attempt. diff --git a/t/db_dependent/Auth_with_ldap.t b/t/db_dependent/Auth_with_ldap.t index 8c4b9ba3a0..c42b98a070 100755 --- a/t/db_dependent/Auth_with_ldap.t +++ b/t/db_dependent/Auth_with_ldap.t @@ -46,11 +46,11 @@ my $anonymous_bind = 1; # Variables controlling LDAP behaviour my $desired_authentication_result = 'success'; my $desired_connection_result = 'error'; -my $desired_bind_result = 'error'; +my $desired_admin_bind_result = 'error'; my $desired_compare_result = 'error'; my $desired_search_result = 'error'; my $desired_count_result = 1; -my $non_anonymous_bind_result = 'error'; +my $desired_bind_result = 'error'; my $ret; # Mock the context module @@ -150,7 +150,7 @@ subtest 'checkpw_ldap tests' => sub { $desired_authentication_result = 'success'; $anonymous_bind = 1; - $desired_bind_result = 'error'; + $desired_admin_bind_result = 'error'; $desired_search_result = 'error'; reload_ldap_module(); @@ -164,10 +164,10 @@ subtest 'checkpw_ldap tests' => sub { $desired_authentication_result = 'success'; $anonymous_bind = 1; - $desired_bind_result = 'success'; + $desired_admin_bind_result = 'success'; $desired_search_result = 'success'; $desired_count_result = 1; - $non_anonymous_bind_result = 'success'; + $desired_bind_result = 'success'; $update = 1; reload_ldap_module(); @@ -212,7 +212,7 @@ subtest 'checkpw_ldap tests' => sub { 'checkpw_ldap returns 0 if user lookup returns 0' ); - $non_anonymous_bind_result = 'error'; + $desired_bind_result = 'error'; reload_ldap_module(); warning_like { @@ -227,10 +227,10 @@ subtest 'checkpw_ldap tests' => sub { # regression tests for bug 12831 $desired_authentication_result = 'error'; $anonymous_bind = 0; - $desired_bind_result = 'error'; + $desired_admin_bind_result = 'error'; $desired_search_result = 'success'; $desired_count_result = 0; # user auth problem - $non_anonymous_bind_result = 'error'; + $desired_bind_result = 'error'; reload_ldap_module(); warning_like { @@ -252,8 +252,8 @@ subtest 'checkpw_ldap tests' => sub { # Anonymous bind $anonymous_bind = 1; - $desired_bind_result = 'error'; - $non_anonymous_bind_result = 'error'; + $desired_admin_bind_result = 'error'; + $desired_bind_result = 'error'; reload_ldap_module(); warning_like { @@ -265,9 +265,8 @@ qr/LDAP bind failed as ldapuser cn=Manager,dc=metavore,dc=com: LDAP error #1: er is( $ret, 0, 'checkpw_ldap returns 0 if bind fails' ); $anonymous_bind = 1; - $desired_bind_result = 'success'; - $non_anonymous_bind_result = 'success'; - $desired_compare_result = 'error'; + $desired_admin_bind_result = 'success'; + $desired_bind_result = 'error'; reload_ldap_module(); warning_like { @@ -280,9 +279,8 @@ qr/LDAP Auth rejected : invalid password for user 'hola'. LDAP error #1: error_n # Non-anonymous bind $anonymous_bind = 0; - $desired_bind_result = 'success'; - $non_anonymous_bind_result = 'error'; - $desired_compare_result = 'dont care'; + $desired_admin_bind_result = 'error'; + $desired_bind_result = 'error'; reload_ldap_module(); warning_like { @@ -294,9 +292,8 @@ qr/LDAP bind failed as ldapuser cn=Manager,dc=metavore,dc=com: LDAP error #1: er is( $ret, 0, 'checkpw_ldap returns 0 if bind fails' ); $anonymous_bind = 0; - $desired_bind_result = 'success'; - $non_anonymous_bind_result = 'success'; - $desired_compare_result = 'error'; + $desired_admin_bind_result = 'success'; + $desired_bind_result = 'error'; reload_ldap_module(); warning_like { @@ -394,59 +391,22 @@ sub mock_net_ldap { my $mocked_ldap = Test::MockObject->new(); - $mocked_ldap->mock( - 'bind', - sub { - - my @args = @_; - my $mocked_message; - - if ( $#args > 1 ) { - - # Args passed => non-anonymous bind - if ( $non_anonymous_bind_result eq 'error' ) { - return mock_net_ldap_message( 1, 1, 'error_name', - 'error_text' ); - } - else { - return mock_net_ldap_message( 0, 0, q{}, q{} ); - } - } - else { - $mocked_message = mock_net_ldap_message( - ( $desired_bind_result eq 'error' ) ? 1 : 0, # code - ( $desired_bind_result eq 'error' ) ? 1 : 0, # error - ( $desired_bind_result eq 'error' ) - ? 'error_name' - : 0, # error_name - ( $desired_bind_result eq 'error' ) - ? 'error_text' - : 0 # error_text - ); - } - - return $mocked_message; + $mocked_ldap->mock( 'bind', sub { + if (is_admin_bind(@_)) { + return mock_net_ldap_message( + ($desired_admin_bind_result eq 'error' ) ? 1 : 0, # code + ($desired_admin_bind_result eq 'error' ) ? 1 : 0, # error + ($desired_admin_bind_result eq 'error' ) ? 'error_name' : 0, # error_name + ($desired_admin_bind_result eq 'error' ) ? 'error_text' : 0 # error_text + ); } - ); - - $mocked_ldap->mock( - 'compare', - sub { - - my $mocked_message; - - if ( $desired_compare_result eq 'error' ) { - $mocked_message = - mock_net_ldap_message( 1, 1, 'error_name', 'error_text' ); - } - else { - # we expect return code 6 for success - $mocked_message = mock_net_ldap_message( 6, 0, q{}, q{} ); + else { + if ( $desired_bind_result eq 'error' ) { + return mock_net_ldap_message(1,1,'error_name','error_text'); } - - return $mocked_message; + return mock_net_ldap_message(0,0,'',''); } - ); + }); $mocked_ldap->mock( 'search', @@ -531,6 +491,16 @@ sub reload_ldap_module { return; } -$schema->storage->txn_rollback(); +sub is_admin_bind { + my @args = @_; + + if ($#args <= 1 || $args[1] eq 'cn=Manager,dc=metavore,dc=com') { + return 1; + } + + return 0; +} + +$schema->storage->txn_rollback; 1; -- 2.39.5