BookStack Code Mirror - bookstack/blobdiff

index 64f3fd74265142e11038b79e9ce4fd2b2ccef208..16ba113587e772d61a545a0cadcaafd6286ff4ca 100644 (file)

--- a/tests/Auth/LdapTest.php

+++ b/tests/Auth/LdapTest.php

@@ -1,7 +1,7 @@

<?php namespace Tests;

-use BookStack\Role;

-use BookStack\Services\Ldap;

-use BookStack\User;

+use BookStack\Auth\Role;

+use BookStack\Auth\Access\Ldap;

+use BookStack\Auth\User;

use Mockery\MockInterface;

class LdapTest extends BrowserKitTest

@@ -31,6 +31,20 @@ class LdapTest extends BrowserKitTest

$this->mockUser = factory(User::class)->make();

}

+ protected function mockEscapes($times = 1)

+ {

+ $this->mockLdap->shouldReceive('escape')->times($times)->andReturnUsing(function($val) {

+ return ldap_escape($val);

+ });

+ }

+ protected function mockExplodes($times = 1)

+ {

+ $this->mockLdap->shouldReceive('explodeDn')->times($times)->andReturnUsing(function($dn, $withAttrib) {

+ return ldap_explode_dn($dn, $withAttrib);

+ });

+ }

public function test_login()

{

$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);

@@ -44,6 +58,7 @@ class LdapTest extends BrowserKitTest

'dn' => ['dc=test' . config('services.ldap.base_dn')]

]]);

$this->mockLdap->shouldReceive('bind')->times(6)->andReturn(true);

+ $this->mockEscapes(4);

$this->visit('/login')

->see('Username')

@@ -73,6 +88,7 @@ class LdapTest extends BrowserKitTest

'mail' => [$this->mockUser->email]

]]);

$this->mockLdap->shouldReceive('bind')->times(3)->andReturn(true);

+ $this->mockEscapes(2);

$this->visit('/login')

->see('Username')

@@ -97,6 +113,7 @@ class LdapTest extends BrowserKitTest

'dn' => ['dc=test' . config('services.ldap.base_dn')]

]]);

$this->mockLdap->shouldReceive('bind')->times(3)->andReturn(true, true, false);

+ $this->mockEscapes(2);

$this->visit('/login')

->see('Username')

@@ -146,7 +163,7 @@ class LdapTest extends BrowserKitTest

->dontSee('External Authentication');

}

- public function test_login_maps_roles_and_retains_existsing_roles()

+ public function test_login_maps_roles_and_retains_existing_roles()

{

$roleToReceive = factory(Role::class)->create(['name' => 'ldaptester', 'display_name' => 'LdapTester']);

$roleToReceive2 = factory(Role::class)->create(['name' => 'ldaptester-second', 'display_name' => 'LdapTester Second']);

@@ -176,6 +193,8 @@ class LdapTest extends BrowserKitTest

]

]]);

$this->mockLdap->shouldReceive('bind')->times(6)->andReturn(true);

+ $this->mockEscapes(5);

+ $this->mockExplodes(6);

$this->visit('/login')

->see('Username')

@@ -227,6 +246,8 @@ class LdapTest extends BrowserKitTest

]

]]);

$this->mockLdap->shouldReceive('bind')->times(5)->andReturn(true);

+ $this->mockEscapes(4);

+ $this->mockExplodes(2);

$this->visit('/login')

->see('Username')

@@ -279,6 +300,8 @@ class LdapTest extends BrowserKitTest

]

]]);

$this->mockLdap->shouldReceive('bind')->times(5)->andReturn(true);

+ $this->mockEscapes(4);

+ $this->mockExplodes(2);

$this->visit('/login')

->see('Username')

@@ -298,4 +321,55 @@ class LdapTest extends BrowserKitTest

]);

}

+ public function test_login_group_mapping_does_not_conflict_with_default_role()

+ {

+ $roleToReceive = factory(Role::class)->create(['name' => 'ldaptester', 'display_name' => 'LdapTester']);

+ $roleToReceive2 = factory(Role::class)->create(['name' => 'ldaptester-second', 'display_name' => 'LdapTester Second']);

+ $this->mockUser->forceFill(['external_auth_id' => $this->mockUser->name])->save();

+ setting()->put('registration-role', $roleToReceive->id);

+ app('config')->set([

+ 'services.ldap.user_to_groups' => true,

+ 'services.ldap.group_attribute' => 'memberOf',

+ 'services.ldap.remove_from_groups' => true,

+ ]);

+ $this->mockLdap->shouldReceive('connect')->times(2)->andReturn($this->resourceId);

+ $this->mockLdap->shouldReceive('setVersion')->times(2);

+ $this->mockLdap->shouldReceive('setOption')->times(5);

+ $this->mockLdap->shouldReceive('searchAndGetEntries')->times(5)

+ ->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))

+ ->andReturn(['count' => 1, 0 => [

+ 'uid' => [$this->mockUser->name],

+ 'cn' => [$this->mockUser->name],

+ 'dn' => ['dc=test' . config('services.ldap.base_dn')],

+ 'mail' => [$this->mockUser->email],

+ 'memberof' => [

+ 'count' => 2,

+ 0 => "cn=ldaptester,ou=groups,dc=example,dc=com",

+ 1 => "cn=ldaptester-second,ou=groups,dc=example,dc=com",

+ ]

+ ]]);

+ $this->mockLdap->shouldReceive('bind')->times(6)->andReturn(true);

+ $this->mockEscapes(5);

+ $this->mockExplodes(6);

+ $this->visit('/login')

+ ->see('Username')

+ ->type($this->mockUser->name, '#username')

+ ->type($this->mockUser->password, '#password')

+ ->press('Log In')

+ ->seePageIs('/');

+ $user = User::where('email', $this->mockUser->email)->first();

+ $this->seeInDatabase('role_user', [

+ 'user_id' => $user->id,

+ 'role_id' => $roleToReceive->id

+ ]);

+ $this->seeInDatabase('role_user', [

+ 'user_id' => $user->id,

+ 'role_id' => $roleToReceive2->id

+ ]);

+ }

}