systemausfall.org/userausfall
Archived
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

test: Add ldap tests

Browse source
This commit is contained in:
aldrin 2021-10-26 11:11:24 +02:00
parent 9449f7e665
commit bba1d7c8aa
2 changed files with 69 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

78
userausfall/ldap.py
View file

@ -1,44 +1,50 @@
from django.conf import settings from django.conf import settings
from ldap3 import Connection, Server, SYNC from ldap3 import Connection, MOCK_SYNC, SAFE_SYNC, Server
def create_account(username, raw_password): class LDAPManager:
connection = _get_connection() def __init__(self):
is_success = connection.add( if not getattr(settings, "USERAUSFALL_LDAP_IS_TEST", False):
f"cn={username},dc=local", self.connection = self._get_connection()
["simpleSecurityObject", "organizationalRole"], else:
{"userPassword": raw_password}, self.connection = self._get_test_connection()
)
return is_success
def create_account(self, username, raw_password):
is_success = self.connection.add(
f"cn={username},dc=local",
["simpleSecurityObject", "organizationalRole"],
{"userPassword": raw_password},
)
return is_success
def account_exists(username): def has_account(self, username):
connection = _get_connection() exists = self.connection.search(f"cn={username},dc=local", "(objectclass=simpleSecurityObject)")
exists = connection.search(f"cn={username},dc=local", "(objectclass=simpleSecurityObject)") return exists
return exists
def is_valid_account_data(self, username, raw_password):
is_valid = self.connection.search(
f"cn={username},dc=local",
"(objectclass=simpleSecurityObject)",
attributes=["userPassword"],
)
if is_valid:
is_valid = self.connection.entries[0]["userPassword"].value == raw_password
return is_valid
def is_valid_account_data(username, raw_password): def _get_connection(self):
connection = _get_connection() server = Server("localhost")
is_valid = connection.search( connection = Connection(
f"cn={username},dc=local", server,
"(objectclass=simpleSecurityObject)", settings.USERAUSFALL_LDAP["ADMIN_USER_DN"],
attributes=["userPassword"], settings.USERAUSFALL_LDAP["ADMIN_USER_PASSWORD"],
) client_strategy=SAFE_SYNC,
if is_valid: auto_bind=True,
is_valid = connection.entries[0]["userPassword"].value == raw_password )
return is_valid return connection
def _get_test_connection(self):
def _get_connection(): server = Server("testserver")
server = Server("localhost") connection = Connection(server, user="cn=admin,dc=local", password="admin_secret", client_strategy=MOCK_SYNC)
# The SAFE_SYNC client strategy doesn't seem to be present in Buster version of ldap3. We might want to use it as connection.strategy.add_entry("cn=admin,dc=local", {"userPassword": "admin_secret"})
# soon as it is available (multithreading). connection.bind()
connection = Connection( return connection
server,
settings.USERAUSFALL_LDAP["ADMIN_USER_DN"],
settings.USERAUSFALL_LDAP["ADMIN_USER_PASSWORD"],
client_strategy=SYNC,
auto_bind=True,
)
return connection

27
userausfall/tests.py Normal file
View file

@ -0,0 +1,27 @@
from django.test import override_settings, TestCase
from userausfall.ldap import LDAPManager
@override_settings(USERAUSFALL_LDAP_IS_TEST=True)
class LDAPTestCase(TestCase):
def setUp(self) -> None:
self.username = "test"
self.password = "test12345"
self.ldap = LDAPManager()
def test_create_has_account(self):
exists = self.ldap.has_account(self.username)
self.assertFalse(exists)
is_created = self.ldap.create_account(self.username, self.password)
self.assertTrue(is_created)
exists = self.ldap.has_account(self.username)
self.assertTrue(exists)
def test_create_account_data(self):
is_valid = self.ldap.is_valid_account_data(self.username, self.password)
self.assertFalse(is_valid)
is_created = self.ldap.create_account(self.username, self.password)
self.assertTrue(is_created)
is_valid = self.ldap.is_valid_account_data(self.username, self.password)
self.assertTrue(is_valid)