spec/socialcast/command_line/provision_spec.rb in socialcast-1.3.0 vs spec/socialcast/command_line/provision_spec.rb in socialcast-1.3.1
- old
+ new
@@ -1,10 +1,11 @@
require 'spec_helper'
describe Socialcast::CommandLine::Provision do
let!(:credentials) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'credentials.yml')) }
let!(:ldap_default_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap.yml')) }
+ let!(:ldap_blank_basedn_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_blank_basedn.yml')) }
let!(:ldap_connection_mapping_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_connection_mapping.yml')) }
let!(:ldap_connection_permission_mapping_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_connection_permission_mapping.yml')) }
let!(:ldap_multiple_connection_mapping_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_multiple_connection_mappings.yml')) }
let!(:ldap_multiple_connection_permission_mapping_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_multiple_connection_permission_mappings.yml')) }
let!(:ldap_with_account_type_without_roles_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_account_type_without_roles.yml')) }
@@ -13,10 +14,11 @@
let!(:ldap_with_manager_attribute_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_manager_attribute.yml')) }
let!(:ldap_with_plugin_mapping_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_plugin_mapping.yml')) }
let!(:ldap_with_roles_without_account_type_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_roles_without_account_type.yml')) }
let!(:ldap_with_unique_identifier_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_unique_identifier.yml')) }
let!(:ldap_without_account_type_or_roles_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_without_account_type_or_roles.yml')) }
+ let!(:ldap_without_filter_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_without_filter.yml')) }
def create_entry(entry_attributes)
Net::LDAP::Entry.new("dc=example,dc=com").tap do |e|
entry_attributes.each_pair do |attr, value|
e[attr] = value
@@ -130,16 +132,16 @@
context "with mappings at the connection level for multiple connections" do
before do
provision_instance = Socialcast::CommandLine::Provision.new(ldap_multiple_connection_mapping_config, {})
- ldap_instance1 = double
+ ldap_instance1 = double(Net::LDAP)
provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance1)
entry1 = create_entry :mailCon => 'user@example.com', :givenName => 'first name', :sn => 'last name'
ldap_instance1.should_receive(:search).once.with(hash_including(:attributes => ['mailCon', 'isMemberOf'])).and_yield(entry1)
- ldap_instance2 = double
+ ldap_instance2 = double(Net::LDAP)
provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance2)
entry2 = create_entry :mailCon2 => 'user2@example.com', :firstName => 'first name2', :sn => 'last name2'
ldap_instance2.should_receive(:search).once.with(hash_including(:attributes => ['mailCon2', 'firstName', 'isMemberOf'])).and_yield(entry2)
provision_instance.provision
@@ -188,11 +190,11 @@
context "with manager" do
before do
provision_instance = Socialcast::CommandLine::Provision.new(ldap_with_manager_attribute_config, {})
- ldap_instance = double
+ ldap_instance = double(Net::LDAP)
provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance)
user_entry = create_entry :mail => 'user@example.com', :ldap_manager => 'cn=theboss,dc=example,dc=com'
manager_entry = create_entry :mail => 'boss@example.com'
ldap_instance.should_receive(:search).once.ordered.with(hash_including(:attributes => ['mail', 'ldap_manager', 'isMemberOf'])).and_yield(user_entry)
@@ -356,16 +358,16 @@
let(:ldap_group_attribute) { 'memberOf' }
let(:ldap_groups) { }
before do
provision_instance = Socialcast::CommandLine::Provision.new(ldap_multiple_connection_permission_mapping_config, {})
- ldap_instance1 = double
+ ldap_instance1 = double(Net::LDAP)
provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance1)
entry1 = create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name', :memberOf => ["cn=External,dc=example,dc=com", "cn=SbiAdmins,dc=example,dc=com", "cn=TownHallAdmins,dc=example,dc=com"]
ldap_instance1.should_receive(:search).once.with(hash_including(:attributes => ['givenName', 'sn', 'mail', 'memberOf'])).and_yield(entry1)
- ldap_instance2 = double
+ ldap_instance2 = double(Net::LDAP)
provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance2)
entry2 = create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name', :member => ["cn=Contractors,dc=example,dc=com", "cn=SbiAdmins,dc=example,dc=com", "cn=TownHallAdmins,dc=example,dc=com"]
ldap_instance2.should_receive(:search).once.with(hash_including(:attributes => ['givenName', 'sn', 'mail', 'member'])).and_yield(entry2)
provision_instance.provision
@@ -381,10 +383,32 @@
</roles>]]
end
it_behaves_like "permission attributes are mapped properly"
end
end
+
+ context "with no basedn configured" do
+ before do
+ RestClient::Resource.any_instance.should_receive(:post).once.with(hash_including(:file => result), { :accept => :json })
+
+ provision_instance = Socialcast::CommandLine::Provision.new(ldap_blank_basedn_config, {})
+
+ root_entry = create_entry(:namingcontexts => ['dc=foo,dc=com', 'dc=bar,dc=com'])
+ ldap_instance = double(Net::LDAP)
+ ldap_instance.should_receive(:search_root_dse).once.and_return(root_entry)
+ provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance)
+
+ user_entry = create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name'
+ ldap_instance.should_receive(:search).once.ordered.with(hash_including(:base => 'dc=foo,dc=com', :attributes => ['givenName', 'sn', 'mail', 'isMemberOf']))
+ ldap_instance.should_receive(:search).once.ordered.with(hash_including(:base => 'dc=bar,dc=com', :attributes => ['givenName', 'sn', 'mail', 'isMemberOf'])).and_yield(user_entry)
+
+ provision_instance.provision
+ end
+ it "searches all basedns and puts the user in the output file" do
+ result.should =~ /user@example.com/
+ end
+ end
end
describe '#dereference_mail' do
context "called on directreport entry" do
let(:entry) do
@@ -422,9 +446,77 @@
},
'custom_fields' => [],
'account_type' => 'member',
'roles' => []
}))
+ end
+ end
+
+ describe "#fetch_user_hash" do
+ context "without specifying an identifying field" do
+ let(:provision_instance) { Socialcast::CommandLine::Provision.new(ldap_with_unique_identifier_config, {}) }
+ let(:entry) { create_entry :uid => 'unique identifier', :givenName => 'first name', :sn => 'last name' }
+ before do
+ filter = Net::LDAP::Filter.construct('(&(mail=*)(uid=unique identifier))')
+ Net::LDAP.any_instance.should_receive(:search).once
+ .with(hash_including(:attributes => ['givenName', 'sn', 'uid', 'isMemberOf'], :filter => filter))
+ .and_yield(entry)
+ end
+ it do
+ provision_instance.fetch_user_hash('unique identifier').should == {
+ 'account_type' => 'member',
+ 'contact_info' => {},
+ 'custom_fields' => [],
+ 'first_name' => 'first name',
+ 'last_name' => 'last name',
+ 'roles' => [],
+ 'unique_identifier' => 'unique identifier'
+ }
+ end
+ end
+ context "specifying an identifying field" do
+ let(:provision_instance) { Socialcast::CommandLine::Provision.new(ldap_default_config, {}) }
+ let(:entry) { create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name' }
+ before do
+ filter = Net::LDAP::Filter.construct('(&(mail=*)(mail=user@example.com))')
+ Net::LDAP.any_instance.should_receive(:search).once
+ .with(hash_including(:attributes => ['givenName', 'sn', 'mail', 'isMemberOf'], :filter => filter))
+ .and_yield(entry)
+ end
+ it do
+ provision_instance.fetch_user_hash('user@example.com', :identifying_field => 'email').should == {
+ 'account_type' => 'member',
+ 'contact_info' => {
+ 'email' => 'user@example.com'
+ },
+ 'custom_fields' => [],
+ 'first_name' => 'first name',
+ 'last_name' => 'last name',
+ 'roles' => []
+ }
+ end
+ end
+ context "without a filter specified" do
+ let(:provision_instance) { Socialcast::CommandLine::Provision.new(ldap_without_filter_config, {}) }
+ let(:entry) { create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name' }
+ before do
+ filter = Net::LDAP::Filter.construct('(&(objectclass=*)(mail=user@example.com))')
+ Net::LDAP.any_instance.should_receive(:search).once
+ .with(hash_including(:attributes => ['givenName', 'sn', 'mail', 'isMemberOf'], :filter => filter))
+ .and_yield(entry)
+ end
+ it do
+ provision_instance.fetch_user_hash('user@example.com', :identifying_field => 'email').should == {
+ 'account_type' => 'member',
+ 'contact_info' => {
+ 'email' => 'user@example.com'
+ },
+ 'custom_fields' => [],
+ 'first_name' => 'first name',
+ 'last_name' => 'last name',
+ 'roles' => []
+ }
+ end
end
end
describe "#grab" do
let(:provision_instance) { Socialcast::CommandLine::Provision.new(ldap_with_plugin_mapping_config, :plugins => 'socialcast/command_line/fake_attribute_map') }