Google Git
Sign in
apache / archiva-redback-core / 2ec73e9ed5331e89e8e2306586b32cba2488c228 / . / redback-common / redback-common-ldap / src / test / java / org / apache / archiva / redback / common / ldap / role / TestLdapRoleMapper.java
blob: 3aabfa3e793f2a37721f537ae2ae1023a7f60e64 [file] [log] [blame]
package org.apache.archiva.redback.common.ldap.role;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import junit.framework.TestCase;
import org.apache.archiva.redback.common.ldap.connection.LdapConnection;
import org.apache.archiva.redback.common.ldap.connection.LdapConnectionFactory;
import org.apache.archiva.components.apacheds.ApacheDs;
import org.apache.archiva.redback.policy.PasswordEncoder;
import org.apache.archiva.redback.policy.encoders.SHA1PasswordEncoder;
import static org.assertj.core.api.Assertions.assertThat;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import javax.inject.Inject;
import javax.inject.Named;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* @author Olivier Lamy
*/
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(
locations = { "classpath*:/META-INF/spring-context.xml", "classpath:/spring-context-role-mapper.xml" })
@DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_EACH_TEST_METHOD)
public class TestLdapRoleMapper
extends TestCase
{
Logger log = LoggerFactory.getLogger( getClass() );
@Inject
@Named(value = "apacheDS#test")
private ApacheDs apacheDs;
private String suffix;
private String groupSuffix;
private PasswordEncoder passwordEncoder;
//@Inject
//private LdapCacheService ldapCacheService;
@Inject
@Named(value = "ldapRoleMapper#test")
LdapRoleMapper ldapRoleMapper;
@Inject
LdapConnectionFactory ldapConnectionFactory;
List<String> roleNames =
Arrays.asList( "Archiva System Administrator", "Internal Repo Manager", "Internal Repo Observer", "Ldap Group Test Role" );
LdapConnection ldapConnection;
DirContext context;
private Map<String, List<String>> usersPerGroup;
private List<String> users;
@Before
public void setUp()
throws Exception
{
super.setUp();
usersPerGroup = new HashMap<String, List<String>>( 3 );
usersPerGroup.put( "internal-repo-manager", Arrays.asList( "admin", "user.9" ) );
usersPerGroup.put( "internal-repo-observer", Arrays.asList( "admin", "user.7", "user.8" ) );
usersPerGroup.put( "archiva-admin", Arrays.asList( "admin", "user.7" ) );
usersPerGroup.put( "archiva/group-with-slash", Arrays.asList( "user.8", "user.9" ) );
users = new ArrayList<String>( 4 );
users.add( "admin" );
users.add( "user.7" );
users.add( "user.8" );
users.add( "user.9" );
passwordEncoder = new SHA1PasswordEncoder();
groupSuffix = apacheDs.addSimplePartition( "test", new String[]{ "archiva", "apache", "org" } ).getSuffix();
log.info( "groupSuffix: {}", groupSuffix );
suffix = "ou=People,dc=archiva,dc=apache,dc=org";
log.info( "DN Suffix: {}", suffix );
apacheDs.startServer();
BasicAttribute objectClass = new BasicAttribute( "objectClass" );
objectClass.add( "top" );
objectClass.add( "organizationalUnit" );
Attributes attributes = new BasicAttributes( true );
attributes.put( objectClass );
attributes.put( "organizationalUnitName", "foo" );
apacheDs.getAdminContext().createSubcontext( suffix, attributes );
makeUsers();
createGroups();
}
@After
public void tearDown()
throws Exception
{
// clear cache
//ldapCacheService.removeAllUsers();
InitialDirContext context = apacheDs.getAdminContext();
for ( String uid : users )
{
context.unbind( createDn( uid ) );
}
for ( Map.Entry<String, List<String>> group : usersPerGroup.entrySet() )
{
try
{
context.unbind( createGroupDn( group.getKey( ) ) );
} catch (Exception ex) {
// Ignore
}
}
context.unbind( suffix );
context.close();
ldapConnection.close();
apacheDs.stopServer();
super.tearDown();
}
protected DirContext getDirContext()
throws Exception
{
ldapConnection = ldapConnectionFactory.getConnection();
context = ldapConnection.getDirContext();
return context;
}
private void createGroups()
throws Exception
{
InitialDirContext context = apacheDs.getAdminContext();
for ( Map.Entry<String, List<String>> group : usersPerGroup.entrySet() )
{
createGroup( context, group.getKey(), createGroupDn( group.getKey() ), group.getValue() );
}
}
private void createGroup( DirContext context, String groupName, String dn, List<String> users )
throws Exception
{
Attributes attributes = new BasicAttributes( true );
BasicAttribute objectClass = new BasicAttribute( "objectClass" );
objectClass.add( "top" );
objectClass.add( "groupOfUniqueNames" );
attributes.put( objectClass );
attributes.put( "cn", groupName );
BasicAttribute basicAttribute = new BasicAttribute( "uniquemember" );
for ( String user : users )
{
basicAttribute.add( "uid=" + user + "," + suffix );// dc=archiva,dc=apache,dc=org" );
}
attributes.put( basicAttribute );
context.createSubcontext( dn, attributes );
}
private void bindUserObject( DirContext context, String cn, String dn )
throws Exception
{
Attributes attributes = new BasicAttributes( true );
BasicAttribute objectClass = new BasicAttribute( "objectClass" );
objectClass.add( "top" );
objectClass.add( "inetOrgPerson" );
objectClass.add( "person" );
objectClass.add( "organizationalperson" );
attributes.put( objectClass );
attributes.put( "cn", cn );
attributes.put( "sn", "foo" );
attributes.put( "mail", cn + "@apache.org" );
attributes.put( "userPassword", passwordEncoder.encodePassword( "foo" ) );
attributes.put( "givenName", "foo" );
context.createSubcontext( dn, attributes );
}
private void makeUsers()
throws Exception
{
for ( String uid : users )
{
makeUser( uid );
}
}
private void makeUser( String uid )
throws Exception
{
InitialDirContext context = apacheDs.getAdminContext();
bindUserObject( context, uid, createDn( uid ) );
assertExist( context, createDn( uid ), "cn", uid );
}
private void assertExist( DirContext context, String dn, String attribute, String value )
throws NamingException
{
SearchControls ctls = new SearchControls();
ctls.setDerefLinkFlag( true );
ctls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
ctls.setReturningAttributes( new String[]{ "*" } );
BasicAttributes matchingAttributes = new BasicAttributes();
matchingAttributes.put( attribute, value );
BasicAttribute objectClass = new BasicAttribute( "objectClass" );
objectClass.add( "inetOrgPerson" );
matchingAttributes.put( objectClass );
NamingEnumeration<SearchResult> results = context.search( suffix, matchingAttributes );
assertTrue( results.hasMoreElements() );
SearchResult result = results.nextElement();
Attributes attrs = result.getAttributes();
Attribute testAttr = attrs.get( attribute );
assertEquals( value, testAttr.get() );
}
private String createDn( String cn )
{
return "cn=" + cn + "," + suffix;
}
private String createGroupDn( String cn )
{
return "cn=" + cn + "," + groupSuffix;
}
@Test
public void getAllGroups()
throws Exception
{
List<String> allGroups = ldapRoleMapper.getAllGroups( getDirContext() );
log.info( "allGroups: {}", allGroups );
assertThat( allGroups ).isNotNull().isNotEmpty().contains( "archiva/group-with-slash", "archiva-admin",
"internal-repo-manager" );
}
@Test
public void getGroupsMember()
throws Exception
{
List<String> users = ldapRoleMapper.getGroupsMember( "archiva-admin", getDirContext() );
log.info( "users for archiva-admin: {}", users );
assertThat( users ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "admin", "user.7" );
users = ldapRoleMapper.getGroupsMember( "internal-repo-observer", getDirContext() );
assertThat( users ).isNotNull().isNotEmpty().hasSize( 3 ).contains( "admin", "user.7", "user.8" );
}
@Test
public void getGroups()
throws Exception
{
List<String> groups = ldapRoleMapper.getGroups( "admin", getDirContext() );
log.info( "groups for admin: {}", groups );
assertThat( groups ).isNotNull().isNotEmpty().hasSize( 3 ).contains( "archiva-admin",
"internal-repo-manager",
"internal-repo-observer" );
groups = ldapRoleMapper.getGroups( "user.8", getDirContext() );
assertThat( groups ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "internal-repo-observer", "archiva/group-with-slash" );
groups = ldapRoleMapper.getGroups( "user.7", getDirContext() );
assertThat( groups ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "archiva-admin",
"internal-repo-observer" );
}
@Test
public void getRoles()
throws Exception
{
List<String> roles = ldapRoleMapper.getRoles( "admin", getDirContext(), roleNames );
log.info( "roles for admin: {}", roles );
assertThat( roles ).isNotNull().isNotEmpty().hasSize( 3 ).contains( "Archiva System Administrator",
"Internal Repo Manager",
"Internal Repo Observer" );
roles = ldapRoleMapper.getRoles( "user.7", getDirContext(), roleNames );
log.info( "roles for user.7: {}", roles );
assertThat( roles ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "Archiva System Administrator",
"Internal Repo Observer" );
roles = ldapRoleMapper.getRoles( "user.8", getDirContext(), roleNames );
log.info( "roles for user.8: {}", roles );
assertThat( roles ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "Internal Repo Observer" );
}
@Test
public void hasRoleFound()
throws Exception
{
assertTrue( ldapRoleMapper.hasRole( getDirContext(), "Internal Repo Observer" ) );
}
@Test
public void hasRoleNotFound()
throws Exception
{
assertFalse( ldapRoleMapper.hasRole( getDirContext(), "Australian wine is good but not as French! " ) );
}
@Test
public void removeRole() throws Exception
{
assertTrue( ldapRoleMapper.getAllGroups( getDirContext( ) ).contains( "archiva-admin" ) );
ldapRoleMapper.removeRole( "Archiva System Administrator", getDirContext() );
assertFalse( ldapRoleMapper.getAllGroups( getDirContext( ) ).contains( "archiva-admin" ) );
}
@Test
public void removeAllRoles() throws Exception
{
assertEquals( 4, ldapRoleMapper.getAllGroups( getDirContext( ) ).size() );
ldapRoleMapper.removeAllRoles( getDirContext() );
assertEquals( 0, ldapRoleMapper.getAllGroups( getDirContext( ) ).size() );
}
}