dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Append unit test if Impersonation is missing (#1976)

Browse Source
This commit is contained in:
Christophe Maudoux 2020-12-26 14:30:27 +01:00
parent 3219673375
commit 406fdbc54b
11 changed files with 128 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
View File

@ -6,7 +6,7 @@ use Lemonldap::NG::Common::Regexp;
use Lemonldap::NG::Handler::Main;
use Lemonldap::NG::Common::Util qw(getSameSite);
our $VERSION = '2.0.10';
our $VERSION = '2.0.11';
## @method hashref tests(hashref conf)
# Return a hash ref where keys are the names of the tests and values

2
lemonldap-ng-portal/MANIFEST
View File

@ -679,6 +679,8 @@ t/68-ContextSwitching.t
t/68-FindUser-with-DBI.t
t/68-FindUser-with-Demo-and-token.t
t/68-FindUser-with-Demo.t
t/68-FindUser-without-attribute.t
t/68-FindUser-without-Impersonation.t
t/68-Impersonation-with-2F.t
t/68-Impersonation-with-doubleCookies.t
t/68-Impersonation-with-filtered-merge.t

9
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
View File

@ -479,11 +479,12 @@ sub display {
# Display authentication form
else {
my $fields = [];
my $fields = [];
if ( $self->conf->{findUser}
&& $self->conf->{impersonationRule}
&& $self->conf->{findUserSearchingAttributes} )
{
$login = $req->{findUser};
$login = $req->{findUser};
$self->logger->debug(
'Building array ref with searching fields...');
@$fields = map { {
@ -509,7 +510,7 @@ sub display {
DISPLAY_YUBIKEY_FORM => 0,
FIELDS => $fields,
SPOOFID => $req->{findUser},
FINDUSER => $self->conf->{findUser} && scalar @$fields
FINDUSER => scalar @$fields
);
}
@ -543,7 +544,7 @@ sub display {
MSG => $req->info(),
FIELDS => $fields,
SPOOFID => $req->{findUser},
FINDUSER => $self->conf->{findUser} && scalar @$fields
FINDUSER => scalar @$fields
);
}

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
View File

@ -9,7 +9,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_BADCREDENTIALS
);
our $VERSION = '2.0.10';
our $VERSION = '2.0.11';
extends qw(
Lemonldap::NG::Portal::Main::Plugin

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/DecryptValue.pm
View File

@ -8,7 +8,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED
);
our $VERSION = '2.0.10';
our $VERSION = '2.0.11';
extends qw(
Lemonldap::NG::Portal::Main::Plugin

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/FindUser.pm
View File

@ -33,6 +33,8 @@ sub init {
( my $imp = grep /::Plugins::Impersonation$/, $self->p->enabledPlugins )
? $self->addUnauthRoute( finduser => 'provideUser', ['POST'] )
: $self->logger->warn('FindUser plugin enabled without Impersonation');
$self->logger->warn('FindUser plugin enabled without searching attribute')
unless keys %{ $self->conf->{findUserSearchingAttributes} };
return 1;
}

8
lemonldap-ng-portal/t/68-FindUser-with-DBI.t
View File

@ -5,9 +5,8 @@ use IO::String;
require 't/test-lib.pm';
my $maintests = 41;
my $userdb = tempdb();
my $userdb = tempdb();
SKIP: {
eval { require DBI; require DBD::SQLite; };
@ -64,8 +63,9 @@ SKIP: {
## Simple access
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
my ( $host, $url, $query ) =
expectForm( $res, '#', undef, 'uid', 'password', 'spoofId' );
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
( $host, $url, $query ) =
expectForm( $res, '#', undef, 'uid', 'guy', 'cn' );
$request = '';
ok(
$res = $client->_post(

6
lemonldap-ng-portal/t/68-FindUser-with-Demo-and-token.t
View File

@ -9,7 +9,7 @@ my $res;
my $json;
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'debug',
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
useSafeJail => 1,
@ -27,9 +27,9 @@ my $client = LLNG::Manager::Test->new( {
## Simple access
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
my ( $host, $url, $query ) =
expectForm( $res, '#', undef, 'uid', 'password', 'spoofId', 'token' );
expectForm( $res, '#', undef, 'user', 'password', 'spoofId', 'token' );
( $host, $url, $query ) =
expectForm( $res, '#', undef, 'user', 'guy', 'cn', 'token' );
expectForm( $res, '#', undef, 'uid', 'guy', 'cn', 'token' );
count(1);
$query =~ s/uid=/uid=dwho/;

2
lemonldap-ng-portal/t/68-FindUser-with-Demo.t
View File

@ -30,7 +30,7 @@ my $client = LLNG::Manager::Test->new( {
## Simple access
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
my ( $host, $url, $query ) =
expectForm( $res, '#', undef, 'uid', 'password', 'spoofId' );
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
$request = '';
ok(

54
lemonldap-ng-portal/t/68-FindUser-without-Impersonation.t Normal file
View File

@ -0,0 +1,54 @@
use Test::More;
use strict;
use JSON;
use IO::String;
require 't/test-lib.pm';
my $maintests = 6;
my $res;
my $json;
my $request;
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
useSafeJail => 1,
requireToken => 0,
findUser => 1,
impersonationRule => 0,
findUserSearchingAttributes =>
{ uid => 'Login', guy => 'Kind', cn => 'Name' },
findUserExcludingAttributes =>
{ type => 'mutant', uid => 'rtyler' },
}
}
);
## Simple access
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'user', 'password' );
ok(
$res->[2]->[0] !~
m%<span trspan="searchAccount">Search for an account</span>%,
'Search an account not found'
) or explain( $res->[2]->[0], 'Found search for an account' );
$request = 'uid=dwho';
ok(
$res = $client->_post(
'/finduser', IO::String->new($request),
accept => 'application/json',
length => length($request)
),
'Post FindFuser request'
);
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
or print STDERR "$@\n" . Dumper($res);
ok( $json->{result} == 0, ' result => 0' )
or explain( $json, 'result => 0' );
ok( $json->{error} == 9, ' error => 9' )
or explain( $json, 'result => 9' );
count($maintests);
done_testing( count() );

54
lemonldap-ng-portal/t/68-FindUser-without-attribute.t Normal file
View File

@ -0,0 +1,54 @@
use Test::More;
use strict;
use JSON;
use IO::String;
require 't/test-lib.pm';
my $maintests = 6;
my $res;
my $json;
my $request;
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
useSafeJail => 1,
requireToken => 0,
findUser => 1,
impersonationRule => 1,
findUserExcludingAttributes =>
{ type => 'mutant', uid => 'rtyler' },
}
}
);
## Simple access
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
my ( $host, $url, $query ) =
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
ok(
$res->[2]->[0] !~
m%<span trspan="searchAccount">Search for an account</span>%,
'Search an account not found'
) or explain( $res->[2]->[0], 'Found search for an account' );
$request = 'uid=dwho';
ok(
$res = $client->_post(
'/finduser', IO::String->new($request),
accept => 'application/json',
length => length($request)
),
'Post FindFuser request'
);
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
or print STDERR "$@\n" . Dumper($res);
ok( $json->{user} eq '', ' No user' )
or explain( $json, 'user => \'\'' );
ok( $json->{result} == 1, ' result => 1' )
or explain( $json, 'result => 1' );
count($maintests);
done_testing( count() );