Append unit test & update manifest (#2662)

2021-11-24 14:00:35 +01:00 · 2021-11-24 14:00:35 +01:00 · 16a096b154
parent 7d55202159
commit 16a096b154
3 changed files with 100 additions and 3 deletions
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@ -709,6 +709,7 @@ t/66-CDA-with-REST.t
 t/66-CDA-with-SOAP.t
 t/66-CDA.t
 t/67-CheckUser-with-Global-token.t
+t/67-CheckUser-with-hidden-attributes.t
 t/67-CheckUser-with-history.t
 t/67-CheckUser-with-Impersonation-and-Macros.t
 t/67-CheckUser-with-issuer-SAML-POST.t
--- a/lemonldap-ng-portal/t/67-CheckUser-with-hidden-attributes.t
+++ b/lemonldap-ng-portal/t/67-CheckUser-with-hidden-attributes.t
@ -0,0 +1,98 @@
+use Test::More;
+use strict;
+use IO::String;
+
+require 't/test-lib.pm';
+
+my $res;
+my $client = LLNG::Manager::Test->new( {
+        ini => {
+            logLevel                         => 'error',
+            authentication                   => 'Demo',
+            userDB                           => 'Same',
+            checkUser                        => 1,
+            checkUserHiddenAttributes        => 'hGroups, authenticationLevel',
+            checkUserDisplayHiddenAttributes => '$uid eq "dwho"',
+        }
+    }
+);
+
+## Try to authenticate
+ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
+my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'user', 'password' );
+$query =~ s/user=/user=dwho/;
+$query =~ s/password=/password=dwho/;
+ok(
+    $res = $client->_post(
+        '/',
+        IO::String->new($query),
+        length => length($query),
+        accept => 'text/html',
+    ),
+    'Auth query'
+);
+count(2);
+my $id = expectCookie($res);
+expectRedirection( $res, 'http://auth.example.com/' );
+
+# CheckUser form
+# ------------------------
+ok(
+    $res = $client->_get(
+        '/checkuser', cookie => "lemonldap=$id"
+    ),
+    'GET CheckUser',
+);
+
+my $data = eval { JSON::from_json( $res->[2]->[0] ) };
+ok( not($@), ' Content is JSON' )
+  or explain( [ $@, $res->[2] ], 'JSON content' );
+my @hiddenAttributes =
+  map { $_->{key} =~ /\b(?:hGroups|authenticationLevel)\b/ ? $_ : () }
+  @{ $data->{ATTRIBUTES} };
+ok( @hiddenAttributes == 2, 'Hidden attributes found' )
+  or explain( \@hiddenAttributes, 'Hidden attributes' );
+count(3);
+$client->logout($id);
+
+## Try to authenticate
+ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
+( $host, $url, $query ) = expectForm( $res, '#', undef, 'user', 'password' );
+$query =~ s/user=/user=msmith/;
+$query =~ s/password=/password=msmith/;
+ok(
+    $res = $client->_post(
+        '/',
+        IO::String->new($query),
+        length => length($query),
+        accept => 'text/html',
+    ),
+    'Auth query'
+);
+count(2);
+$id = expectCookie($res);
+expectRedirection( $res, 'http://auth.example.com/' );
+
+# CheckUser form
+# ------------------------
+ok(
+    $res = $client->_get(
+        '/checkuser', cookie => "lemonldap=$id"
+    ),
+    'GET CheckUser',
+);
+
+$data = eval { JSON::from_json( $res->[2]->[0] ) };
+ok( not($@), ' Content is JSON' )
+  or explain( [ $@, $res->[2] ], 'JSON content' );
+@hiddenAttributes =
+  map { $_->{key} =~ /\b(?:hGroups|authenticationLevel)\b/ ? $_ : () }
+  @{ $data->{ATTRIBUTES} };
+ok( @hiddenAttributes == 0, 'No hidden attribute found' )
+  or explain( \@hiddenAttributes, 'No hidden attribute' );
+count(3);
+$client->logout($id);
+
+clean_sessions();
+
+done_testing( count() );
--- a/lemonldap-ng-portal/t/67-CheckUser.t
+++ b/lemonldap-ng-portal/t/67-CheckUser.t
@ -25,9 +25,7 @@ my $client = LLNG::Manager::Test->new( {
            totp2fActivation               => 1,
            totp2fDigits                   => 6,
            totp2fAuthnLevel               => 8,
-            impersonationRule              => 1,
-
-            #hiddenAttributes               => 'test',
+            impersonationRule              => 1
        }
    }
 );