Append unit test if Impersonation is missing (#1976)
This commit is contained in:
parent
3219673375
commit
406fdbc54b
|
@ -6,7 +6,7 @@ use Lemonldap::NG::Common::Regexp;
|
||||||
use Lemonldap::NG::Handler::Main;
|
use Lemonldap::NG::Handler::Main;
|
||||||
use Lemonldap::NG::Common::Util qw(getSameSite);
|
use Lemonldap::NG::Common::Util qw(getSameSite);
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.0.11';
|
||||||
|
|
||||||
## @method hashref tests(hashref conf)
|
## @method hashref tests(hashref conf)
|
||||||
# Return a hash ref where keys are the names of the tests and values
|
# Return a hash ref where keys are the names of the tests and values
|
||||||
|
|
|
@ -679,6 +679,8 @@ t/68-ContextSwitching.t
|
||||||
t/68-FindUser-with-DBI.t
|
t/68-FindUser-with-DBI.t
|
||||||
t/68-FindUser-with-Demo-and-token.t
|
t/68-FindUser-with-Demo-and-token.t
|
||||||
t/68-FindUser-with-Demo.t
|
t/68-FindUser-with-Demo.t
|
||||||
|
t/68-FindUser-without-attribute.t
|
||||||
|
t/68-FindUser-without-Impersonation.t
|
||||||
t/68-Impersonation-with-2F.t
|
t/68-Impersonation-with-2F.t
|
||||||
t/68-Impersonation-with-doubleCookies.t
|
t/68-Impersonation-with-doubleCookies.t
|
||||||
t/68-Impersonation-with-filtered-merge.t
|
t/68-Impersonation-with-filtered-merge.t
|
||||||
|
|
|
@ -479,11 +479,12 @@ sub display {
|
||||||
|
|
||||||
# Display authentication form
|
# Display authentication form
|
||||||
else {
|
else {
|
||||||
my $fields = [];
|
my $fields = [];
|
||||||
if ( $self->conf->{findUser}
|
if ( $self->conf->{findUser}
|
||||||
|
&& $self->conf->{impersonationRule}
|
||||||
&& $self->conf->{findUserSearchingAttributes} )
|
&& $self->conf->{findUserSearchingAttributes} )
|
||||||
{
|
{
|
||||||
$login = $req->{findUser};
|
$login = $req->{findUser};
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
'Building array ref with searching fields...');
|
'Building array ref with searching fields...');
|
||||||
@$fields = map { {
|
@$fields = map { {
|
||||||
|
@ -509,7 +510,7 @@ sub display {
|
||||||
DISPLAY_YUBIKEY_FORM => 0,
|
DISPLAY_YUBIKEY_FORM => 0,
|
||||||
FIELDS => $fields,
|
FIELDS => $fields,
|
||||||
SPOOFID => $req->{findUser},
|
SPOOFID => $req->{findUser},
|
||||||
FINDUSER => $self->conf->{findUser} && scalar @$fields
|
FINDUSER => scalar @$fields
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -543,7 +544,7 @@ sub display {
|
||||||
MSG => $req->info(),
|
MSG => $req->info(),
|
||||||
FIELDS => $fields,
|
FIELDS => $fields,
|
||||||
SPOOFID => $req->{findUser},
|
SPOOFID => $req->{findUser},
|
||||||
FINDUSER => $self->conf->{findUser} && scalar @$fields
|
FINDUSER => scalar @$fields
|
||||||
);
|
);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
PE_BADCREDENTIALS
|
PE_BADCREDENTIALS
|
||||||
);
|
);
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.0.11';
|
||||||
|
|
||||||
extends qw(
|
extends qw(
|
||||||
Lemonldap::NG::Portal::Main::Plugin
|
Lemonldap::NG::Portal::Main::Plugin
|
||||||
|
|
|
@ -8,7 +8,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED
|
PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED
|
||||||
);
|
);
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.0.11';
|
||||||
|
|
||||||
extends qw(
|
extends qw(
|
||||||
Lemonldap::NG::Portal::Main::Plugin
|
Lemonldap::NG::Portal::Main::Plugin
|
||||||
|
|
|
@ -33,6 +33,8 @@ sub init {
|
||||||
( my $imp = grep /::Plugins::Impersonation$/, $self->p->enabledPlugins )
|
( my $imp = grep /::Plugins::Impersonation$/, $self->p->enabledPlugins )
|
||||||
? $self->addUnauthRoute( finduser => 'provideUser', ['POST'] )
|
? $self->addUnauthRoute( finduser => 'provideUser', ['POST'] )
|
||||||
: $self->logger->warn('FindUser plugin enabled without Impersonation');
|
: $self->logger->warn('FindUser plugin enabled without Impersonation');
|
||||||
|
$self->logger->warn('FindUser plugin enabled without searching attribute')
|
||||||
|
unless keys %{ $self->conf->{findUserSearchingAttributes} };
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,9 +5,8 @@ use IO::String;
|
||||||
|
|
||||||
require 't/test-lib.pm';
|
require 't/test-lib.pm';
|
||||||
|
|
||||||
|
|
||||||
my $maintests = 41;
|
my $maintests = 41;
|
||||||
my $userdb = tempdb();
|
my $userdb = tempdb();
|
||||||
|
|
||||||
SKIP: {
|
SKIP: {
|
||||||
eval { require DBI; require DBD::SQLite; };
|
eval { require DBI; require DBD::SQLite; };
|
||||||
|
@ -64,8 +63,9 @@ SKIP: {
|
||||||
## Simple access
|
## Simple access
|
||||||
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
|
||||||
my ( $host, $url, $query ) =
|
my ( $host, $url, $query ) =
|
||||||
expectForm( $res, '#', undef, 'uid', 'password', 'spoofId' );
|
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
|
||||||
|
( $host, $url, $query ) =
|
||||||
|
expectForm( $res, '#', undef, 'uid', 'guy', 'cn' );
|
||||||
$request = '';
|
$request = '';
|
||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
|
|
|
@ -9,7 +9,7 @@ my $res;
|
||||||
my $json;
|
my $json;
|
||||||
my $client = LLNG::Manager::Test->new( {
|
my $client = LLNG::Manager::Test->new( {
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => 'debug',
|
logLevel => 'error',
|
||||||
authentication => 'Demo',
|
authentication => 'Demo',
|
||||||
userDB => 'Same',
|
userDB => 'Same',
|
||||||
useSafeJail => 1,
|
useSafeJail => 1,
|
||||||
|
@ -27,9 +27,9 @@ my $client = LLNG::Manager::Test->new( {
|
||||||
## Simple access
|
## Simple access
|
||||||
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
|
||||||
my ( $host, $url, $query ) =
|
my ( $host, $url, $query ) =
|
||||||
expectForm( $res, '#', undef, 'uid', 'password', 'spoofId', 'token' );
|
expectForm( $res, '#', undef, 'user', 'password', 'spoofId', 'token' );
|
||||||
( $host, $url, $query ) =
|
( $host, $url, $query ) =
|
||||||
expectForm( $res, '#', undef, 'user', 'guy', 'cn', 'token' );
|
expectForm( $res, '#', undef, 'uid', 'guy', 'cn', 'token' );
|
||||||
count(1);
|
count(1);
|
||||||
|
|
||||||
$query =~ s/uid=/uid=dwho/;
|
$query =~ s/uid=/uid=dwho/;
|
||||||
|
|
|
@ -30,7 +30,7 @@ my $client = LLNG::Manager::Test->new( {
|
||||||
## Simple access
|
## Simple access
|
||||||
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
|
||||||
my ( $host, $url, $query ) =
|
my ( $host, $url, $query ) =
|
||||||
expectForm( $res, '#', undef, 'uid', 'password', 'spoofId' );
|
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
|
||||||
|
|
||||||
$request = '';
|
$request = '';
|
||||||
ok(
|
ok(
|
||||||
|
|
54
lemonldap-ng-portal/t/68-FindUser-without-Impersonation.t
Normal file
54
lemonldap-ng-portal/t/68-FindUser-without-Impersonation.t
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
use Test::More;
|
||||||
|
use strict;
|
||||||
|
use JSON;
|
||||||
|
use IO::String;
|
||||||
|
|
||||||
|
require 't/test-lib.pm';
|
||||||
|
|
||||||
|
my $maintests = 6;
|
||||||
|
|
||||||
|
my $res;
|
||||||
|
my $json;
|
||||||
|
my $request;
|
||||||
|
my $client = LLNG::Manager::Test->new( {
|
||||||
|
ini => {
|
||||||
|
logLevel => 'error',
|
||||||
|
authentication => 'Demo',
|
||||||
|
userDB => 'Same',
|
||||||
|
useSafeJail => 1,
|
||||||
|
requireToken => 0,
|
||||||
|
findUser => 1,
|
||||||
|
impersonationRule => 0,
|
||||||
|
findUserSearchingAttributes =>
|
||||||
|
{ uid => 'Login', guy => 'Kind', cn => 'Name' },
|
||||||
|
findUserExcludingAttributes =>
|
||||||
|
{ type => 'mutant', uid => 'rtyler' },
|
||||||
|
}
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
## Simple access
|
||||||
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
|
||||||
|
my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'user', 'password' );
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] !~
|
||||||
|
m%<span trspan="searchAccount">Search for an account</span>%,
|
||||||
|
'Search an account not found'
|
||||||
|
) or explain( $res->[2]->[0], 'Found search for an account' );
|
||||||
|
$request = 'uid=dwho';
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/finduser', IO::String->new($request),
|
||||||
|
accept => 'application/json',
|
||||||
|
length => length($request)
|
||||||
|
),
|
||||||
|
'Post FindFuser request'
|
||||||
|
);
|
||||||
|
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||||
|
or print STDERR "$@\n" . Dumper($res);
|
||||||
|
ok( $json->{result} == 0, ' result => 0' )
|
||||||
|
or explain( $json, 'result => 0' );
|
||||||
|
ok( $json->{error} == 9, ' error => 9' )
|
||||||
|
or explain( $json, 'result => 9' );
|
||||||
|
count($maintests);
|
||||||
|
done_testing( count() );
|
54
lemonldap-ng-portal/t/68-FindUser-without-attribute.t
Normal file
54
lemonldap-ng-portal/t/68-FindUser-without-attribute.t
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
use Test::More;
|
||||||
|
use strict;
|
||||||
|
use JSON;
|
||||||
|
use IO::String;
|
||||||
|
|
||||||
|
require 't/test-lib.pm';
|
||||||
|
|
||||||
|
my $maintests = 6;
|
||||||
|
|
||||||
|
my $res;
|
||||||
|
my $json;
|
||||||
|
my $request;
|
||||||
|
my $client = LLNG::Manager::Test->new( {
|
||||||
|
ini => {
|
||||||
|
logLevel => 'error',
|
||||||
|
authentication => 'Demo',
|
||||||
|
userDB => 'Same',
|
||||||
|
useSafeJail => 1,
|
||||||
|
requireToken => 0,
|
||||||
|
findUser => 1,
|
||||||
|
impersonationRule => 1,
|
||||||
|
findUserExcludingAttributes =>
|
||||||
|
{ type => 'mutant', uid => 'rtyler' },
|
||||||
|
}
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
## Simple access
|
||||||
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
|
||||||
|
my ( $host, $url, $query ) =
|
||||||
|
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
|
||||||
|
ok(
|
||||||
|
$res->[2]->[0] !~
|
||||||
|
m%<span trspan="searchAccount">Search for an account</span>%,
|
||||||
|
'Search an account not found'
|
||||||
|
) or explain( $res->[2]->[0], 'Found search for an account' );
|
||||||
|
$request = 'uid=dwho';
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/finduser', IO::String->new($request),
|
||||||
|
accept => 'application/json',
|
||||||
|
length => length($request)
|
||||||
|
),
|
||||||
|
'Post FindFuser request'
|
||||||
|
);
|
||||||
|
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||||
|
or print STDERR "$@\n" . Dumper($res);
|
||||||
|
ok( $json->{user} eq '', ' No user' )
|
||||||
|
or explain( $json, 'user => \'\'' );
|
||||||
|
ok( $json->{result} == 1, ' result => 1' )
|
||||||
|
or explain( $json, 'result => 1' );
|
||||||
|
|
||||||
|
count($maintests);
|
||||||
|
done_testing( count() );
|
Loading…
Reference in New Issue
Block a user