systemausfall.org/userausfall
Archived
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

test: Add ldap tests

Browse source
This commit is contained in:
aldrin 2021-10-26 11:11:24 +02:00
parent 9449f7e665
commit bba1d7c8aa
2 changed files with 69 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
userausfall/ldap.py
View file

@ -1,44 +1,50 @@
from django.conf import settings from django.conf import settings
from ldap3 import Connection, Server, SYNC from ldap3 import Connection, MOCK_SYNC, SAFE_SYNC, Server
def create_account(username, raw_password): class LDAPManager:
connection = _get_connection() def __init__(self):
is_success = connection.add( if not getattr(settings, "USERAUSFALL_LDAP_IS_TEST", False):
self.connection = self._get_connection()
else:
self.connection = self._get_test_connection()
def create_account(self, username, raw_password):
is_success = self.connection.add(
f"cn={username},dc=local", f"cn={username},dc=local",
["simpleSecurityObject", "organizationalRole"], ["simpleSecurityObject", "organizationalRole"],
{"userPassword": raw_password}, {"userPassword": raw_password},
) )
return is_success return is_success
def has_account(self, username):
def account_exists(username): exists = self.connection.search(f"cn={username},dc=local", "(objectclass=simpleSecurityObject)")
connection = _get_connection()
exists = connection.search(f"cn={username},dc=local", "(objectclass=simpleSecurityObject)")
return exists return exists
def is_valid_account_data(self, username, raw_password):
def is_valid_account_data(username, raw_password): is_valid = self.connection.search(
connection = _get_connection()
is_valid = connection.search(
f"cn={username},dc=local", f"cn={username},dc=local",
"(objectclass=simpleSecurityObject)", "(objectclass=simpleSecurityObject)",
attributes=["userPassword"], attributes=["userPassword"],
) )
if is_valid: if is_valid:
is_valid = connection.entries[0]["userPassword"].value == raw_password is_valid = self.connection.entries[0]["userPassword"].value == raw_password
return is_valid return is_valid
def _get_connection(self):
def _get_connection():
server = Server("localhost") server = Server("localhost")
# The SAFE_SYNC client strategy doesn't seem to be present in Buster version of ldap3. We might want to use it as
# soon as it is available (multithreading).
connection = Connection( connection = Connection(
server, server,
settings.USERAUSFALL_LDAP["ADMIN_USER_DN"], settings.USERAUSFALL_LDAP["ADMIN_USER_DN"],
settings.USERAUSFALL_LDAP["ADMIN_USER_PASSWORD"], settings.USERAUSFALL_LDAP["ADMIN_USER_PASSWORD"],
client_strategy=SYNC, client_strategy=SAFE_SYNC,
auto_bind=True, auto_bind=True,
) )
return connection return connection
def _get_test_connection(self):
server = Server("testserver")
connection = Connection(server, user="cn=admin,dc=local", password="admin_secret", client_strategy=MOCK_SYNC)
connection.strategy.add_entry("cn=admin,dc=local", {"userPassword": "admin_secret"})
connection.bind()
return connection

27
userausfall/tests.py Normal file
View file

@ -0,0 +1,27 @@
from django.test import override_settings, TestCase
from userausfall.ldap import LDAPManager
@override_settings(USERAUSFALL_LDAP_IS_TEST=True)
class LDAPTestCase(TestCase):
def setUp(self) -> None:
self.username = "test"
self.password = "test12345"
self.ldap = LDAPManager()
def test_create_has_account(self):
exists = self.ldap.has_account(self.username)
self.assertFalse(exists)
is_created = self.ldap.create_account(self.username, self.password)
self.assertTrue(is_created)
exists = self.ldap.has_account(self.username)
self.assertTrue(exists)
def test_create_account_data(self):
is_valid = self.ldap.is_valid_account_data(self.username, self.password)
self.assertFalse(is_valid)
is_created = self.ldap.create_account(self.username, self.password)
self.assertTrue(is_created)
is_valid = self.ldap.is_valid_account_data(self.username, self.password)
self.assertTrue(is_valid)