Test required select values & Append unit test (#1976)
This commit is contained in:
parent
54f41f10ea
commit
d2e35df987
|
@ -686,6 +686,7 @@ t/68-FindUser-with-BadChoice-and-token.t
|
|||
t/68-FindUser-with-Choice-and-token.t
|
||||
t/68-FindUser-with-Combination.t
|
||||
t/68-FindUser-with-DBI.t
|
||||
t/68-FindUser-with-Demo-and-required-select.t
|
||||
t/68-FindUser-with-Demo-and-token.t
|
||||
t/68-FindUser-with-Demo.t
|
||||
t/68-FindUser-with-LDAP.t
|
||||
|
|
|
@ -83,32 +83,53 @@ sub provideUser {
|
|||
}
|
||||
|
||||
sub retreiveFindUserParams {
|
||||
my ( $self, $req ) = @_;
|
||||
my ( $searching, $excluding ) = ( [], [] );
|
||||
my ( $self, $req ) = @_;
|
||||
my ( $searching, $excluding, @required ) = ( [], [], () );
|
||||
|
||||
$self->logger->debug("FindUser: reading parameters...");
|
||||
@$searching = map {
|
||||
my $regex = '\w+';
|
||||
my $key = ( split '#', $_ )[0];
|
||||
my $value = $req->params($key) // '';
|
||||
my ( $key, $value, $null ) = split '#', $_;
|
||||
my $param = $req->params($key) // '';
|
||||
my @values = split $self->conf->{multiValuesSeparator},
|
||||
$self->conf->{findUserSearchingAttributes}->{$_} || '';
|
||||
$regex = '^(?:' . join( '|', split( /\s+/, @values ) ) . ')$'
|
||||
if scalar @values > 1;
|
||||
my $select = scalar @values > 1 && not scalar @values % 2;
|
||||
my %values = @values if $select;
|
||||
my $defined = length $param;
|
||||
my $regex = '^(?:' . join( '|', keys %values ) . ')$';
|
||||
my $checked =
|
||||
$select
|
||||
? $param =~ /$regex/o
|
||||
: $param =~ /$self->{conf}->{findUserControl}/o;
|
||||
push @required, $key if $select && !$null;
|
||||
|
||||
if ( $value =~ /$regex/o
|
||||
&& $value =~ /$self->{conf}->{findUserControl}/o )
|
||||
{
|
||||
$self->logger->debug("Push searching parameter: $key => $value");
|
||||
{ key => $key, value => $value };
|
||||
# For <select>, accept only set values or empty if allowed
|
||||
if ( $defined && $checked ) {
|
||||
$self->logger->debug("Append searching parameter: $key => $param");
|
||||
{ key => $key, value => $param };
|
||||
}
|
||||
else {
|
||||
$self->logger->warn(
|
||||
"Parameter $key has been reject by findUserControl");
|
||||
"Parameter $key has been reject by findUserControl")
|
||||
if $defined;
|
||||
();
|
||||
}
|
||||
} sort keys %{ $self->conf->{findUserSearchingAttributes} };
|
||||
|
||||
if ( scalar @required ) {
|
||||
my $test = 0;
|
||||
foreach my $ref (@$searching) {
|
||||
foreach (@required) {
|
||||
$test++ if $ref->{key} eq $_;
|
||||
}
|
||||
}
|
||||
unless ( scalar @required == $test ) {
|
||||
$self->logger->warn( 'A required parameter is missing ('
|
||||
. join( '|', @required )
|
||||
. ')' );
|
||||
$searching = [];
|
||||
}
|
||||
}
|
||||
|
||||
if ( scalar @$searching
|
||||
&& keys %{ $self->conf->{findUserExcludingAttributes} } )
|
||||
{
|
||||
|
|
|
@ -94,7 +94,7 @@ sub findUser {
|
|||
$iswc = $_->{value} =~ s/\Q$wildcard\E+//g;
|
||||
$cond .=
|
||||
$iswc
|
||||
? '( $' . $_->{key} . " =~ /\Q$_->{value}\E/ ) && "
|
||||
? '($' . $_->{key} . " =~ /\Q$_->{value}\E/) && "
|
||||
: '$' . $_->{key} . " eq '$_->{value}' && ";
|
||||
}
|
||||
else {
|
||||
|
|
|
@ -0,0 +1,153 @@
|
|||
use Test::More;
|
||||
use strict;
|
||||
use JSON;
|
||||
use IO::String;
|
||||
|
||||
require 't/test-lib.pm';
|
||||
|
||||
my $maintests = 26;
|
||||
|
||||
my $res;
|
||||
my $json;
|
||||
my $request;
|
||||
my $client = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'error',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
useSafeJail => 1,
|
||||
requireToken => 0,
|
||||
findUser => 1,
|
||||
impersonationRule => 1,
|
||||
findUserControl => '^[\w*\s]+$',
|
||||
findUserWildcard => '*',
|
||||
findUserSearchingAttributes => {
|
||||
uid => 'Name',
|
||||
guy => 'Kind',
|
||||
'type#Type#1' => 'mutant; mutant; character',
|
||||
'cn#Name#0' => 'Bad Guy; Not a good person; The Daleks; daleks'
|
||||
},
|
||||
findUserExcludingAttributes =>
|
||||
{ type => 'mutant', uid => 'rtyler' },
|
||||
}
|
||||
}
|
||||
);
|
||||
use Lemonldap::NG::Portal::Main::Constants 'PE_USERNOTFOUND';
|
||||
|
||||
## Simple access
|
||||
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Portal', );
|
||||
my ( $host, $url, $query ) =
|
||||
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
|
||||
|
||||
$request = '';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'text/html',
|
||||
length => length($request)
|
||||
),
|
||||
'Post empty FindFuser request'
|
||||
);
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
|
||||
( $host, $url, $query ) = expectForm( $res, '#', undef, 'uid', 'guy' );
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m%<input id="spoofIdfield" name="spoofId" type="text" class="form-control" value="" autocomplete="off"%,
|
||||
'value=""'
|
||||
) or explain( $res->[2]->[0], 'value=""' );
|
||||
|
||||
$request = 'uid=davros&cn=Bad Guy';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'text/html',
|
||||
length => length($request)
|
||||
),
|
||||
'Post FindFuser request'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ m%value="davros"%, 'value="davros"' )
|
||||
or explain( $res->[2]->[0], 'value="davros"' );
|
||||
ok( $res->[2]->[0] =~ m%autocomplete="off"%, 'autocomplete="off"' )
|
||||
or explain( $res->[2]->[0], 'autocomplete="off"' );
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m%<span trspan="searchAccount">Search for an account</span>%,
|
||||
'Search an account'
|
||||
) or explain( $res->[2]->[0], 'Search for an account' );
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m%<input id="findUser_guy" name="guy" type="text" autocomplete="off" class="form-control" placeholder="Kind" />%,
|
||||
'id="findUser_guy"'
|
||||
) or explain( $res->[2]->[0], 'id="findUser_guy"' );
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m%<input id="findUser_uid" name="uid" type="text" autocomplete="off" class="form-control" placeholder="Name" />%,
|
||||
'id="findUser_uid"'
|
||||
) or explain( $res->[2]->[0], 'id="findUser_uid"' );
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m%<select class="form-control" id="findUser_cn" name="cn">%,
|
||||
'id="findUser_cn"'
|
||||
) or explain( $res->[2]->[0], 'id="findUser_cn"' );
|
||||
ok( $res->[2]->[0] !~ m%id="findUser_type"%, 'id="findUser_type" not found' )
|
||||
or explain( $res->[2]->[0], 'id="findUser_cn" not found' );
|
||||
ok( $res->[2]->[0] =~ m%<label for="cn">Name</label>%, 'label for="cn"' )
|
||||
or explain( $res->[2]->[0], 'label for="cn"' );
|
||||
ok( $res->[2]->[0] !~ m%<option value=""></option>%, 'Empty option not found' )
|
||||
or explain( $res->[2]->[0], 'Empty option not found' );
|
||||
ok( $res->[2]->[0] =~ m%<option value="The Daleks">daleks</option>%,
|
||||
'The Daleks' )
|
||||
or explain( $res->[2]->[0], 'The Daleks option' );
|
||||
ok( $res->[2]->[0] =~ m%<option value="Bad Guy">Not a good person</option>%,
|
||||
'Bad Guy option' )
|
||||
or explain( $res->[2]->[0], 'Bad Guy' );
|
||||
|
||||
$request = 'cn=Bad Guy';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'application/json',
|
||||
length => length($request)
|
||||
),
|
||||
'Post FindFuser request'
|
||||
);
|
||||
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||
or print STDERR "$@\n" . Dumper($res);
|
||||
ok( $json->{user} eq 'davros', ' Good user' )
|
||||
or explain( $json, 'user => davros' );
|
||||
|
||||
$request = 'cn=The Daleks';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'application/json',
|
||||
length => length($request)
|
||||
),
|
||||
'Post FindFuser request'
|
||||
);
|
||||
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||
or print STDERR "$@\n" . Dumper($res);
|
||||
ok( $json->{result} == 0, ' Good result' )
|
||||
or explain( $json, 'result => 0' );
|
||||
ok( $json->{error} == PE_USERNOTFOUND, ' No user found' )
|
||||
or explain( $json, 'error => 4' );
|
||||
|
||||
$request = 'uid=davros';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'application/json',
|
||||
length => length($request)
|
||||
),
|
||||
'Post FindFuser request'
|
||||
);
|
||||
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||
or print STDERR "$@\n" . Dumper($res);
|
||||
ok( $json->{result} == 1, ' Good result' )
|
||||
or explain( $json, 'result => 1' );
|
||||
ok( $json->{user} eq '', ' No user' )
|
||||
or explain( $json, 'user => ?' );
|
||||
|
||||
count($maintests);
|
||||
done_testing( count() );
|
|
@ -5,24 +5,27 @@ use IO::String;
|
|||
|
||||
require 't/test-lib.pm';
|
||||
|
||||
my $maintests = 46;
|
||||
my $maintests = 54;
|
||||
|
||||
my $res;
|
||||
my $json;
|
||||
my $request;
|
||||
my $client = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'error',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
useSafeJail => 1,
|
||||
requireToken => 0,
|
||||
findUser => 1,
|
||||
impersonationRule => 1,
|
||||
findUserControl => '^[\w*\s]+$',
|
||||
findUserWildcard => '*',
|
||||
findUserSearchingAttributes =>
|
||||
{ uid => undef, guy => 'Kind', cn => 'Name' },
|
||||
logLevel => 'error',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
useSafeJail => 1,
|
||||
requireToken => 0,
|
||||
findUser => 1,
|
||||
impersonationRule => 1,
|
||||
findUserControl => '^[\w*\s]+$',
|
||||
findUserWildcard => '*',
|
||||
findUserSearchingAttributes => {
|
||||
uid => undef,
|
||||
guy => 'Kind',
|
||||
'cn#Name#1' => 'Bad Guy; Not a good person; BB; Bad Boy'
|
||||
},
|
||||
findUserExcludingAttributes =>
|
||||
{ type => 'mutant', uid => 'rtyler' },
|
||||
}
|
||||
|
@ -46,7 +49,7 @@ ok(
|
|||
);
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
|
||||
( $host, $url, $query ) = expectForm( $res, '#', undef, 'uid', 'guy', 'cn' );
|
||||
( $host, $url, $query ) = expectForm( $res, '#', undef, 'uid', 'guy' );
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m%<input id="spoofIdfield" name="spoofId" type="text" class="form-control" value="" autocomplete="off"%,
|
||||
|
@ -83,9 +86,18 @@ m%<input id="findUser_uid" name="uid" type="text" autocomplete="off" class="form
|
|||
) or explain( $res->[2]->[0], 'id="findUser_uid"' );
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m%<input id="findUser_cn" name="cn" type="text" autocomplete="off" class="form-control" placeholder="Name" />%,
|
||||
m%<select class="form-control" id="findUser_cn" name="cn">%,
|
||||
'id="findUser_cn"'
|
||||
) or explain( $res->[2]->[0], 'id="findUser_cn"' );
|
||||
ok( $res->[2]->[0] =~ m%<label for="cn">Name</label>%, 'label for="cn"' )
|
||||
or explain( $res->[2]->[0], 'label for="cn"' );
|
||||
ok( $res->[2]->[0] =~ m%<option value=""></option>%, 'Empty option' )
|
||||
or explain( $res->[2]->[0], 'Empty option' );
|
||||
ok( $res->[2]->[0] =~ m%<option value="BB">Bad Boy</option>%, 'BB option' )
|
||||
or explain( $res->[2]->[0], 'BB option' );
|
||||
ok( $res->[2]->[0] =~ m%<option value="Bad Guy">Not a good person</option>%,
|
||||
'Bad Guy option' )
|
||||
or explain( $res->[2]->[0], 'Bad Guy' );
|
||||
|
||||
$request = 'uid=dwho';
|
||||
ok(
|
||||
|
@ -131,6 +143,22 @@ ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
|||
ok( $json->{user} eq 'davros', ' Good user' )
|
||||
or explain( $json, "user => 'davros'" );
|
||||
|
||||
$request = 'cn=Good Guy';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/finduser', IO::String->new($request),
|
||||
accept => 'application/json',
|
||||
length => length($request)
|
||||
),
|
||||
'Post FindFuser request with a not allowed select value'
|
||||
);
|
||||
ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||
or print STDERR "$@\n" . Dumper($res);
|
||||
ok( $json->{result} == 1, ' Good result' )
|
||||
or explain( $json, 'result => 1' );
|
||||
ok( $json->{user} eq '', ' No user' )
|
||||
or explain( $json, 'user => ?' );
|
||||
|
||||
$request = 'guy=good';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
|
|
Loading…
Reference in New Issue
Block a user