use BookStack\Auth\Role;
use BookStack\Auth\Access\Ldap;
use BookStack\Auth\User;
+use BookStack\Exceptions\LdapException;
use Mockery\MockInterface;
use Tests\BrowserKitTest;
$this->mockUser = factory(User::class)->make();
}
+ protected function runFailedAuthLogin()
+ {
+ $this->commonLdapMocks(1, 1, 1, 1, 1);
+ $this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)
+ ->andReturn(['count' => 0]);
+ $this->post('/login', ['username' => 'timmyjenkins', 'password' => 'cattreedog']);
+ }
+
protected function mockEscapes($times = 1)
{
$this->mockLdap->shouldReceive('escape')->times($times)->andReturnUsing(function($val) {
]);
}
+ public function test_start_tls_called_if_option_set()
+ {
+ config()->set(['services.ldap.start_tls' => true]);
+ $this->mockLdap->shouldReceive('startTls')->once()->andReturn(true);
+ $this->runFailedAuthLogin();
+ }
+
+ public function test_connection_fails_if_tls_fails()
+ {
+ config()->set(['services.ldap.start_tls' => true]);
+ $this->mockLdap->shouldReceive('startTls')->once()->andReturn(false);
+ $this->commonLdapMocks(1, 1, 0, 0, 0);
+ $this->post('/login', ['username' => 'timmyjenkins', 'password' => 'cattreedog']);
+ $this->assertResponseStatus(500);
+ }
+
public function test_ldap_attributes_can_be_binary_decoded_if_marked()
{
config()->set(['services.ldap.id_attribute' => 'BIN;uid']);
$this->see('A user with the email
[email protected] already exists but with different credentials');
}
+ public function test_login_with_email_confirmation_required_maps_groups_but_shows_confirmation_screen()
+ {
+ $roleToReceive = factory(Role::class)->create(['display_name' => 'LdapTester']);
+ $user = factory(User::class)->make();
+ setting()->put('registration-confirmation', 'true');
+
+ app('config')->set([
+ 'services.ldap.user_to_groups' => true,
+ 'services.ldap.group_attribute' => 'memberOf',
+ 'services.ldap.remove_from_groups' => true,
+ ]);
+
+ $this->commonLdapMocks(1, 1, 3, 4, 3, 2);
+ $this->mockLdap->shouldReceive('searchAndGetEntries')
+ ->times(3)
+ ->andReturn(['count' => 1, 0 => [
+ 'uid' => [$user->name],
+ 'cn' => [$user->name],
+ 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'mail' => [$user->email],
+ 'memberof' => [
+ 'count' => 1,
+ 0 => "cn=ldaptester,ou=groups,dc=example,dc=com",
+ ]
+ ]]);
+
+ $this->mockUserLogin()->seePageIs('/register/confirm');
+ $this->seeInDatabase('users', [
+ 'email' => $user->email,
+ 'email_confirmed' => false,
+ ]);
+
+ $user = User::query()->where('email', '=', $user->email)->first();
+ $this->seeInDatabase('role_user', [
+ 'user_id' => $user->id,
+ 'role_id' => $roleToReceive->id
+ ]);
+
+ $homePage = $this->get('/');
+ $homePage->assertRedirectedTo('/register/confirm/awaiting');
+ }
+
public function test_failed_logins_are_logged_when_message_configured()
{
$log = $this->withTestLogger();
config()->set(['logging.failed_login.message' => 'Failed login for %u']);
-
- $this->commonLdapMocks(1, 1, 1, 1, 1);
- $this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)
- ->andReturn(['count' => 0]);
-
- $this->post('/login', ['username' => 'timmyjenkins', 'password' => 'cattreedog']);
+ $this->runFailedAuthLogin();
$this->assertTrue($log->hasWarningThatContains('Failed login for timmyjenkins'));
}
}
projects / bookstack / blobdiff