namespace Tests\Auth;
-use BookStack\Auth\Access\Ldap;
-use BookStack\Auth\Access\LdapService;
-use BookStack\Auth\Role;
-use BookStack\Auth\User;
+use BookStack\Access\Ldap;
+use BookStack\Access\LdapService;
+use BookStack\Users\Models\Role;
+use BookStack\Users\Models\User;
use Illuminate\Testing\TestResponse;
use Mockery\MockInterface;
use Tests\TestCase;
class LdapTest extends TestCase
{
- /**
- * @var MockInterface
- */
- protected $mockLdap;
+ protected MockInterface $mockLdap;
- protected $mockUser;
- protected $resourceId = 'resource-test';
+ protected User $mockUser;
+ protected string $resourceId = 'resource-test';
protected function setUp(): void
{
'services.ldap.tls_insecure' => false,
'services.ldap.thumbnail_attribute' => null,
]);
- $this->mockLdap = \Mockery::mock(Ldap::class);
- $this->app[Ldap::class] = $this->mockLdap;
+ $this->mockLdap = $this->mock(Ldap::class);
$this->mockUser = User::factory()->make();
}
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
]]);
$resp = $this->mockUserLogin();
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
]]);
$resp = $this->mockUserLogin();
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
]]);
$this->mockLdap->shouldReceive('bind')->times(2)->andReturn(true, false);
public function test_user_edit_form()
{
- $editUser = $this->getNormalUser();
+ $editUser = $this->users->viewer();
$editPage = $this->asAdmin()->get("/settings/users/{$editUser->id}");
$editPage->assertSee('Edit User');
$editPage->assertDontSee('Password');
public function test_non_admins_cannot_change_auth_id()
{
- $testUser = $this->getNormalUser();
+ $testUser = $this->users->viewer();
$this->actingAs($testUser)
->get('/settings/users/' . $testUser->id)
->assertDontSee('External Authentication');
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
'mail' => [$this->mockUser->email],
'memberof' => [
'count' => 2,
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
'mail' => [$this->mockUser->email],
'memberof' => [
'count' => 1,
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
'mail' => [$this->mockUser->email],
'memberof' => [
'count' => 1,
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
'mail' => [$this->mockUser->email],
'memberof' => [
'count' => 2,
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
'displayname' => 'displayNameAttribute',
]]);
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
]]);
$this->mockUserLogin()->assertRedirect('/login');
]);
}
- protected function checkLdapReceivesCorrectDetails($serverString, $expectedHost, $expectedPort)
+ protected function checkLdapReceivesCorrectDetails($serverString, $expectedHostString): void
{
- app('config')->set([
- 'services.ldap.server' => $serverString,
- ]);
+ app('config')->set(['services.ldap.server' => $serverString]);
- // Standard mocks
- $this->commonLdapMocks(0, 1, 1, 2, 1);
- $this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)->andReturn(['count' => 1, 0 => [
- 'uid' => [$this->mockUser->name],
- 'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
- ]]);
+ $this->mockLdap->shouldReceive('connect')
+ ->once()
+ ->with($expectedHostString)
+ ->andReturn(false);
- $this->mockLdap->shouldReceive('connect')->once()
- ->with($expectedHost, $expectedPort)->andReturn($this->resourceId);
$this->mockUserLogin();
}
- public function test_ldap_port_provided_on_host_if_host_is_full_uri()
- {
- $hostName = 'ldaps://bookstack:8080';
- $this->checkLdapReceivesCorrectDetails($hostName, $hostName, 389);
- }
-
- public function test_ldap_port_parsed_from_server_if_host_is_not_full_uri()
+ public function test_ldap_receives_correct_connect_host_from_config()
{
- $this->checkLdapReceivesCorrectDetails('ldap.bookstack.com:8080', 'ldap.bookstack.com', 8080);
- }
+ $expectedResultByInput = [
+ 'ldaps://bookstack:8080' => 'ldaps://bookstack:8080',
+ 'ldap.bookstack.com:8080' => 'ldap://ldap.bookstack.com:8080',
+ 'ldap.bookstack.com' => 'ldap://ldap.bookstack.com',
+ 'ldaps://ldap.bookstack.com' => 'ldaps://ldap.bookstack.com',
+ 'ldaps://ldap.bookstack.com ldap://a.b.com' => 'ldaps://ldap.bookstack.com ldap://a.b.com',
+ ];
- public function test_default_ldap_port_used_if_not_in_server_string_and_not_uri()
- {
- $this->checkLdapReceivesCorrectDetails('ldap.bookstack.com', 'ldap.bookstack.com', 389);
+ foreach ($expectedResultByInput as $input => $expectedResult) {
+ $this->checkLdapReceivesCorrectDetails($input, $expectedResult);
+ $this->refreshApplication();
+ $this->setUp();
+ }
}
public function test_forgot_password_routes_inaccessible()
'cn' => [$this->mockUser->name],
// Test dumping binary data for avatar responses
'jpegphoto' => base64_decode('/9j/4AAQSkZJRg=='),
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
]]);
$resp = $this->post('/login', [
->andReturn(['count' => 1, 0 => [
'uid' => [hex2bin('FFF8F7')],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
]]);
$details = $ldapService->getUserDetails('test');
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
]], ['count' => 1, 0 => [
'uid' => ['Barry'],
'cn' => ['Scott'],
- 'dn' => ['dc=bscott' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=bscott' . config('services.ldap.base_dn'),
]]);
->andReturn(['count' => 1, 0 => [
'uid' => [$user->name],
'cn' => [$user->name],
- 'dn' => ['dc=test' . config('services.ldap.base_dn')],
+ 'dn' => 'dc=test' . config('services.ldap.base_dn'),
'mail' => [$user->email],
'memberof' => [
'count' => 1,
projects / bookstack / blobdiff