1 # $Id: testldap.rb 65 2006-04-23 01:17:49Z blackhedd $
14 class TestLdapClient < Test::Unit::TestCase
16 # TODO: these tests crash and burn if the associated
17 # LDAP testserver isn't up and running.
18 # We rely on being able to read a file with test data
20 # TODO, WARNING: for the moment, this data is in a file
21 # whose name and location are HARDCODED into the
22 # instance method load_test_data.
29 :username => "cn=bigshot,dc=bayshorenetworks,dc=com",
30 :password => "opensesame"
33 @ldif = load_test_data
38 # Get some test data which will be used to validate
39 # the responses from the test LDAP server we will
41 # TODO, Bogus: we are HARDCODING the location of the file for now.
44 ary = File.readlines( "tests/testdata.ldif" )
46 while line = ary.shift and line.chomp!
47 if line =~ /^dn:[\s]*/i
50 while attr = ary.shift and attr.chomp! and attr =~ /^([\w]+)[\s]*:[\s]*/
51 hash[dn][$1.downcase.intern] ||= []
52 hash[dn][$1.downcase.intern] << $'
62 # Need tests for all kinds of network failures and incorrect auth.
63 # TODO: Implement a class-level timeout for operations like bind.
64 # Search has a timeout defined at the protocol level, other ops do not.
65 # TODO, use constants for the LDAP result codes, rather than hardcoding them.
67 ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
68 assert_equal( true, ldap.bind )
69 assert_equal( 0, ldap.get_operation_result.code )
70 assert_equal( "Success", ldap.get_operation_result.message )
72 bad_username = @auth.merge( {:username => "cn=badguy,dc=imposters,dc=com"} )
73 ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_username
74 assert_equal( false, ldap.bind )
75 assert_equal( 48, ldap.get_operation_result.code )
76 assert_equal( "Inappropriate Authentication", ldap.get_operation_result.message )
78 bad_password = @auth.merge( {:password => "cornhusk"} )
79 ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_password
80 assert_equal( false, ldap.bind )
81 assert_equal( 49, ldap.get_operation_result.code )
82 assert_equal( "Invalid Credentials", ldap.get_operation_result.message )
88 ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
90 search = {:base => "dc=smalldomain,dc=com"}
91 assert_equal( false, ldap.search( search ))
92 assert_equal( 32, ldap.get_operation_result.code )
94 search = {:base => "dc=bayshorenetworks,dc=com"}
95 assert_equal( true, ldap.search( search ))
96 assert_equal( 0, ldap.get_operation_result.code )
98 ldap.search( search ) {|res|
99 assert_equal( res, @ldif )
106 # This is a helper routine for test_search_attributes.
107 def internal_test_search_attributes attrs_to_search
108 ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
112 :base => "dc=bayshorenetworks,dc=com",
113 :attributes => attrs_to_search
117 ldif.each {|dn,entry|
118 entry.delete_if {|attr,value|
119 ! attrs_to_search.include?(attr)
123 assert_equal( true, ldap.search( search ))
124 ldap.search( search ) {|res|
125 res_keys = res.keys.sort
126 ldif_keys = ldif.keys.sort
127 assert( res_keys, ldif_keys )
129 assert( res[rk], ldif[rk] )
135 def test_search_attributes
136 internal_test_search_attributes [:mail]
137 internal_test_search_attributes [:cn]
138 internal_test_search_attributes [:ou]
139 internal_test_search_attributes [:hasaccessprivilege]
140 internal_test_search_attributes ["mail"]
141 internal_test_search_attributes ["cn"]
142 internal_test_search_attributes ["ou"]
143 internal_test_search_attributes ["hasaccessrole"]
145 internal_test_search_attributes [:mail, :cn, :ou, :hasaccessrole]
146 internal_test_search_attributes [:mail, "cn", :ou, "hasaccessrole"]
150 def test_search_filters
151 ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
153 :base => "dc=bayshorenetworks,dc=com",
154 :filter => Net::LDAP::Filter.eq( "sn", "Fosse" )
157 ldap.search( search ) {|res|
165 ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
168 rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" )
169 assert_equal( true, rc )
176 Net::LDAP.open( :host => @host, :port => @port, :auth => @auth ) {|ldap|
178 rc = ldap.search( :base => "dc=bayshorenetworks,dc=com" )
179 assert_equal( true, rc )