From 7b6b147761a689aa07d83068e77348a3d3f84cfa Mon Sep 17 00:00:00 2001
From: Eric Davis <edavis@littlestreamsoftware.com>
Date: Tue, 16 Feb 2010 16:40:50 +0000
Subject: [PATCH] Added some tests for the LDAP authentication.

Includes an export of an LDAP database to use in testing.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3438 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 doc/RUNNING_TESTS                  | 11 ++++
 test/fixtures/ldap/test-ldap.ldif  | 82 ++++++++++++++++++++++++++++++
 test/test_helper.rb                |  5 ++
 test/unit/auth_source_ldap_test.rb | 58 +++++++++++++++++++++
 4 files changed, 156 insertions(+)
 create mode 100644 test/fixtures/ldap/test-ldap.ldif

diff --git a/doc/RUNNING_TESTS b/doc/RUNNING_TESTS
index 7114af4ee..bccd3d6f9 100644
--- a/doc/RUNNING_TESTS
+++ b/doc/RUNNING_TESTS
@@ -22,3 +22,14 @@ To test the support, a test repository needs to be created for each of those.
 Run `rake --tasks test:scm:setup` for a list of available test-repositories or
 run `rake test:scm:setup:all` to set up all of them
 
+Creating a test ldap database
+=============================
+
+Redmine supports using LDAP for user authentications.  To test LDAP
+with Redmine, load the LDAP export from test/fixtures/ldap/test-ldap.ldif
+into a testing LDAP server.  Test that the ldap server can be accessed
+at 127.0.0.1 on port 389.
+
+Setting up the test ldap server is beyond the scope of this documentation.
+The OpenLDAP project provides a simple LDAP implementation that should work
+good as a test server.
diff --git a/test/fixtures/ldap/test-ldap.ldif b/test/fixtures/ldap/test-ldap.ldif
new file mode 100644
index 000000000..7d9e109cc
--- /dev/null
+++ b/test/fixtures/ldap/test-ldap.ldif
@@ -0,0 +1,82 @@
+dn: dc=redmine,dc=org
+objectClass: top
+objectClass: dcObject
+objectClass: organization
+o: redmine.org
+dc: redmine
+structuralObjectClass: organization
+entryUUID: 886f5fca-0a87-102e-8d06-67c361d9bd2d
+creatorsName:
+createTimestamp: 20090721211642Z
+entryCSN: 20090721211642.955188Z#000000#000#000000
+modifiersName:
+modifyTimestamp: 20090721211642Z
+
+dn: cn=admin,dc=redmine,dc=org
+objectClass: simpleSecurityObject
+objectClass: organizationalRole
+cn: admin
+description: LDAP administrator
+userPassword:: e2NyeXB0fWlWTU9DcUt6WWxXRDI=
+structuralObjectClass: organizationalRole
+entryUUID: 88704e44-0a87-102e-8d07-67c361d9bd2d
+creatorsName:
+createTimestamp: 20090721211642Z
+entryCSN: 20090721211642.961418Z#000000#000#000000
+modifiersName:
+modifyTimestamp: 20090721211642Z
+
+dn: ou=Person,dc=redmine,dc=org
+ou: Person
+objectClass: top
+objectClass: organizationalUnit
+structuralObjectClass: organizationalUnit
+entryUUID: d39dd388-0c84-102e-82fa-dff86c63a7d6
+creatorsName: cn=admin,dc=redmine,dc=org
+createTimestamp: 20090724100222Z
+entryCSN: 20090724100222.924226Z#000000#000#000000
+modifiersName: cn=admin,dc=redmine,dc=org
+modifyTimestamp: 20090724100222Z
+
+dn: uid=example1,ou=Person,dc=redmine,dc=org
+objectClass: posixAccount
+objectClass: top
+objectClass: inetOrgPerson
+gidNumber: 0
+givenName: Example
+sn: One
+uid: example1
+homeDirectory: /home/example1
+cn: Example One
+structuralObjectClass: inetOrgPerson
+entryUUID: 285d304e-0c8a-102e-82fc-dff86c63a7d6
+creatorsName: cn=admin,dc=redmine,dc=org
+createTimestamp: 20090724104032Z
+uidNumber: 0
+mail: example1@redmine.org
+userPassword:: e1NIQX1mRXFOQ2NvM1lxOWg1WlVnbEQzQ1pKVDRsQnM9
+entryCSN: 20090724105945.375801Z#000000#000#000000
+modifiersName: cn=admin,dc=redmine,dc=org
+modifyTimestamp: 20090724105945Z
+
+dn: uid=edavis,ou=Person,dc=redmine,dc=org
+objectClass: posixAccount
+objectClass: top
+objectClass: inetOrgPerson
+gidNumber: 0
+givenName: Eric
+sn: Davis
+uid: edavis
+mail: edavis@littlestreamsoftware.com
+structuralObjectClass: inetOrgPerson
+entryUUID: 9c5f0502-0c8b-102e-82fe-dff86c63a7d6
+creatorsName: cn=admin,dc=redmine,dc=org
+createTimestamp: 20090724105056Z
+homeDirectory: /home/edavis
+cn: Eric Davis
+uidNumber: 0
+userPassword:: e1NIQX1mRXFOQ2NvM1lxOWg1WlVnbEQzQ1pKVDRsQnM9
+entryCSN: 20090724105937.734480Z#000000#000#000000
+modifiersName: cn=admin,dc=redmine,dc=org
+modifyTimestamp: 20090724105937Z
+
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 8e7927ab3..484678efc 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -76,6 +76,11 @@ class ActiveSupport::TestCase
     saved_settings.each {|k, v| Setting[k] = v}
   end
 
+  def self.ldap_configured?
+    @test_ldap = Net::LDAP.new(:host => '127.0.0.1', :port => 389)
+    return @test_ldap.bind
+  end
+
   # Shoulda macros
   def self.should_render_404
     should_respond_with :not_found
diff --git a/test/unit/auth_source_ldap_test.rb b/test/unit/auth_source_ldap_test.rb
index d0f7a6edf..16cc614fb 100644
--- a/test/unit/auth_source_ldap_test.rb
+++ b/test/unit/auth_source_ldap_test.rb
@@ -33,4 +33,62 @@ class AuthSourceLdapTest < ActiveSupport::TestCase
     assert a.save
     assert_equal 'givenName', a.reload.attr_firstname
   end
+
+  if ldap_configured?
+    context '#authenticate' do
+      setup do
+        @auth = AuthSourceLdap.generate!(:name => 'on the fly',
+                                         :host => '127.0.0.1',
+                                         :port => 389,
+                                         :base_dn => 'OU=Person,DC=redmine,DC=org',
+                                         :attr_login => 'uid',
+                                         :attr_firstname => 'givenName',
+                                         :attr_lastname => 'sn',
+                                         :attr_mail => 'mail',
+                                         :onthefly_register => true)
+
+      end
+
+      context 'with a valid LDAP user' do
+        should 'return the firstname user attributes' do
+          response =  @auth.authenticate('example1','123456')
+          assert response
+          assert_equal 'Example', response.first[:firstname]
+        end
+
+        should 'return the lastname user attributes' do
+          response =  @auth.authenticate('example1','123456')
+          assert response
+          assert_equal 'One', response.first[:lastname]
+        end
+
+        should 'return mail user attributes' do
+          response =  @auth.authenticate('example1','123456')
+          assert response
+          assert_equal 'example1@redmine.org', response.first[:mail]
+        end
+      end
+
+      context 'with an invalid LDAP user' do
+        should 'return nil' do
+          assert_equal nil, @auth.authenticate('nouser','123456')
+        end
+      end
+
+      context 'without a login' do
+        should 'return nil' do
+          assert_equal nil, @auth.authenticate('','123456')
+        end
+      end
+
+      context 'without a password' do
+        should 'return nil' do
+          assert_equal nil, @auth.authenticate('edavis','')
+        end
+      end
+      
+    end
+  else
+    puts '(Test LDAP server not configured)'
+  end
 end