dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lemonldap-ng/lemonldap-ng-portal/t/56-CheckDevOps.t

386 lines
11 KiB
Perl
Raw Permalink Blame History

use Test::More;
use strict;
use IO::String;
use JSON;
BEGIN {
require 't/test-lib.pm';
}
my $res;
my $file = '{
"rules": {
"^/deny": "deny",
"^/testno": "$uid ne qq#dwho#",
"^/testyes": "$uid eq qq#dwho#",
"default": "accept"
},
"headers": {
"User": "$uid",
"Mail": "$mail",
"Name": "$cn",
"LDAP_Var": "$ldapExpVar",
"Groups_SSO": "$groups",
"UA": "$UA ? $UA : qq#FF#"
}
}';
my $bad_file = '{
"rules": {
"^/testno": "$uid ne qq#dwho#"
"default": "accept"
},
"headers": {
"User": "$uid",
}
}';
my $bad_file2 = qq%{
"rules": {
"default": "accept"
},
"headers": {
"User": "'user",
"Mail": "'mail'"
}
}%;
my $bad_file3 = q%{
"rule": {
"default": "accept"
},
"headers": {
"User": "'user",
"Mail": "'mail'"
}
}%;
my $bad_file4 = q%{
"rules": {
"default": "accept"
},
"headers": {
"test": "$none",
"bad": "$test ? $other : $dalek"
}
}%;
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
requireToken => 1,
checkDevOps => 1,
checkDevOpsDownload => 0,
checkDevOpsDisplayNormalizedHeaders => 0,
hiddenAttributes => 'mail, UA',
ldapExportedVars => { ldapExpVar => '' }
}
}
);
## Try to authenticate
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
count(1);
my ( $host, $url, $query ) =
expectForm( $res, '#', undef, 'user', 'password', 'token' );
$query =~ s/user=/user=dwho/;
$query =~ s/password=/password=dwho/;
ok(
$res = $client->_post(
'/',
IO::String->new($query),
length => length($query),
accept => 'text/html',
),
'Auth query'
);
count(1);
my $id = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );
# CheckDevOps form
# ----------------
ok(
$res = $client->_get(
'/checkdevops',
cookie => "lemonldap=$id",
accept => 'text/html'
),
'CheckDevOps form',
);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'token' );
ok( $res->[2]->[0] =~ m%<span trspan="checkDevOps">%,
'Found trspan="checkDevOps"' )
or explain( $res->[2]->[0], 'trspan="checkDevOps"' );
count(2);
# POST without token
# ------------------
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new(''),
cookie => "lemonldap=$id",
length => 0,
accept => 'text/html'
),
'POST checkdevops without token'
);
ok( $res->[2]->[0] =~ m%<span trspan="PE81"></span%, 'Found PE_NOTOKEN' )
or explain( $res->[2]->[0], 'trspan="PE81"' );
count(2);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'token' );
# POST bad file
# -------------
$query .= "&checkDevOpsFile=$bad_file";
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
accept => 'text/html'
),
'POST checkdevops with bad file'
);
ok( $res->[2]->[0] =~ m%<span trspan="PE104"></span>%,
'Found PE_BAD_DEVOPS_FILE' )
or explain( $res->[2]->[0], 'trspan="PE104"' );
count(2);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'token' );
# POST bad file2
# --------------
$query .= "&checkDevOpsFile=$bad_file2";
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
accept => 'text/html'
),
'POST checkdevops with bad file2'
);
ok( $res->[2]->[0] =~ m%<span trspan="PE104"></span>%,
'Found PE_BAD_DEVOPS_FILE' )
or explain( $res->[2]->[0], 'trspan="PE104"' );
count(2);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'token' );
# POST bad file3
# --------------
$query .= "&checkDevOpsFile=$bad_file3";
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
accept => 'text/html'
),
'POST checkdevops with bad file3'
);
ok( $res->[2]->[0] =~ m%<span trspan="PE104"></span>%,
'Found PE_BAD_DEVOPS_FILE' )
or explain( $res->[2]->[0], 'trspan="PE104"' );
count(2);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'token' );
# POST bad file4
# --------------
$query .= "&checkDevOpsFile=$bad_file4";
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
accept => 'text/html'
),
'POST checkdevops with bad file4'
);
ok( $res->[2]->[0] =~ m%<span trspan="PE104"></span>%,
'Found PE_BAD_DEVOPS_FILE' )
or explain( $res->[2]->[0], 'trspan="PE104"' );
ok( $res->[2]->[0] =~ m%<span trspan="unknownAttributes">%,
'Found unknownAttributes' )
or explain( $res->[2]->[0], 'trspan="unknownAttributes"' );
ok( $res->[2]->[0] =~ m%dalek; none; other; test%,
'Found 4 unknown attributes' )
or explain( $res->[2]->[0], 'Unknown attributes' );
count(4);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'token' );
# POST file
# ---------
$query .= "&checkDevOpsFile=$file";
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
accept => 'text/html'
),
'POST checkdevops with file'
);
ok(
$res->[2]->[0] =~
m%<pre><textarea id="checkDevOpsFile" name="checkDevOpsFile" class="form-control rounded-1" rows="10" trplaceholder="pasteHere" required>%,
'PRE required'
) or explain( $res->[2]->[0], 'PRE required' );
# Headers
ok( $res->[2]->[0] =~ m%<b><span trspan="headers">HEADERS</span></b>%,
'HEADERS' )
or explain( $res->[2]->[0], 'HEADERS' );
ok( $res->[2]->[0] =~ m%Name: Doctor Who<br/>%, 'Hearder Name found' )
or explain( $res->[2]->[0], 'Hearder Name' );
ok( $res->[2]->[0] =~ m%User: dwho<br/>%, 'Hearder User found' )
or explain( $res->[2]->[0], 'Hearder User' );
ok( $res->[2]->[0] =~ m%LDAP_Var: <br/>%, 'Hearder LDAP_Var found' )
or explain( $res->[2]->[0], 'Hearder LDAP_Var' );
ok( $res->[2]->[0] =~ m%Groups_SSO: (.+?)<br/>%, 'Hearder Groups_SSO found' )
or explain( $res->[2]->[0], 'Hearder Groups_SSO' );
my @groups = split '; ', $1;
ok( scalar @groups == 3, '3 SSO groups found' )
or explain( $res->[2]->[0], 'SSO groups' );
ok( $res->[2]->[0] !~ m%Mail: dwho\@badwolf.org<br/>%,
'Hearder Mail not found' )
or explain( $res->[2]->[0], 'No hearder Mail' );
ok( $res->[2]->[0] !~ m%UA: <br/>%, 'Hearder UA not found' )
or explain( $res->[2]->[0], 'No hearder UA' );
# Rules
ok( $res->[2]->[0] =~ m%<b><span trspan="rules">RULES</span></b>%, 'RULES' )
or explain( $res->[2]->[0], 'RULES' );
ok( $res->[2]->[0] =~ m%\^/testno: <span trspan="forbidden">%, 'testno' )
or explain( $res->[2]->[0], 'testno' );
ok( $res->[2]->[0] =~ m%default: <span trspan="allowed">%, 'default' )
or explain( $res->[2]->[0], 'default' );
ok( $res->[2]->[0] =~ m%\^/testyes: <span trspan="allowed">%, 'testyes' )
or explain( $res->[2]->[0], 'testyes' );
ok( $res->[2]->[0] =~ m%\^/deny: <span trspan="forbidden">%, 'deny' )
or explain( $res->[2]->[0], 'deny' );
ok( $res->[2]->[0] =~ m%\$uid eq qq#dwho#"%, 'file' )
or explain( $res->[2]->[0], 'file' );
count(13);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'token' );
# POST file (json)
# ----------------
$query .= "&checkDevOpsFile=$file";
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
),
'POST checkdevops with file'
);
ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
or print STDERR "$@\n" . Dumper($res);
ok( $res->{ALERTE} eq 'alert-info', 'alert-info found' )
or print STDERR Dumper($res);
ok( $res->{FILE} =~ /headers/, 'headers found' )
or print STDERR Dumper($res);
ok( $res->{FILE} =~ /rules/, 'rules found' )
or print STDERR Dumper($res);
ok( $res->{FILE} =~ /"\$uid ne qq#dwho#"/, 'rule found' )
or print STDERR Dumper($res);
count(6);
# POST bad file (json)
# --------------------
ok(
$res = $client->_get(
'/checkdevops',
cookie => "lemonldap=$id",
accept => 'text/html'
),
'CheckDevOps form',
);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'token' );
$query .= "&checkDevOpsFile=$bad_file";
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
),
'POST checkdevops with file'
);
ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
or print STDERR "$@\n" . Dumper($res);
ok( $res->{ALERTE} eq 'alert-danger', 'alert-danger found' )
or print STDERR Dumper($res);
ok( $res->{FILE} eq '', 'No file found' )
or print STDERR Dumper($res);
ok( $res->{MSG} eq 'PE104', 'PE104 found' )
or print STDERR Dumper($res);
ok( $res->{TOKEN} =~ /^\d{10}_\d+$/, 'Token found' )
or print STDERR Dumper($res);
count(7);
# POST with an expired token (json)
# ---------------------------------
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
),
'POST checkdevops without token'
);
ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
or print STDERR "$@\n" . Dumper($res);
ok( $res->{ALERTE} eq 'alert-warning', 'alert-warning found' )
or print STDERR Dumper($res);
ok( $res->{TOKEN} =~ /^\d{10}_\d+$/, 'Token found' )
or print STDERR Dumper($res);
ok( $res->{FILE} eq '', 'No file found' )
or print STDERR Dumper($res);
ok( $res->{MSG} eq 'PE82', 'PE82 found' )
or print STDERR Dumper($res);
count(6);
# POST without token (json)
# -------------------------
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new(''),
cookie => "lemonldap=$id",
length => 0,
),
'POST checkdevops without token'
);
ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
or print STDERR "$@\n" . Dumper($res);
ok( $res->{ALERTE} eq 'alert-warning', 'alert-warning found' )
or print STDERR Dumper($res);
ok( $res->{TOKEN} =~ /^\d{10}_\d+$/, 'Token found' )
or print STDERR Dumper($res);
ok( $res->{MSG} eq 'PE81', 'PE81 found' )
or print STDERR Dumper($res);
count(5);
$client->logout($id);
clean_sessions();
done_testing();
Reference in New Issue View Git Blame Copy Permalink