plugins/user-authenticators/ldap/src/test/groovy/org/apache/cloudstack/ldap/LinkDomainToLdapCmdSpec.groovy - cloudstack - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package groovy.org.apache.cloudstack.ldap

 import com.cloud.exception.InvalidParameterValueException
 import com.cloud.user.Account
 import com.cloud.user.AccountService
 import com.cloud.user.User
 import com.cloud.user.UserAccount
 import org.apache.cloudstack.api.ServerApiException
 import org.apache.cloudstack.api.command.LinkDomainToLdapCmd
 import org.apache.cloudstack.api.response.LinkDomainToLdapResponse
 import org.apache.cloudstack.ldap.LdapManager
 import org.apache.cloudstack.ldap.LdapUser
 import org.apache.cloudstack.ldap.NoLdapUserMatchingQueryException
 import spock.lang.Shared
 import spock.lang.Specification

 class LinkDomainToLdapCmdSpec extends Specification {

     @Shared
     private LdapManager _ldapManager;

     @Shared
     public AccountService _accountService;

     @Shared
     public LinkDomainToLdapCmd linkDomainToLdapCmd;

     def setup() {
         _ldapManager = Mock(LdapManager)
         _accountService = Mock(AccountService)

         linkDomainToLdapCmd = new LinkDomainToLdapCmd()
         linkDomainToLdapCmd._accountService = _accountService
         linkDomainToLdapCmd._ldapManager = _ldapManager
     }

     def "test invalid params"() {
         _ldapManager.linkDomainToLdap(_,_,_,_) >> {throw new InvalidParameterValueException("invalid param")}
         when:
             linkDomainToLdapCmd.execute();
         then:
             thrown(ServerApiException)
     }
     def "test valid params without admin"(){
         LinkDomainToLdapResponse response = new LinkDomainToLdapResponse("1", "GROUP", "CN=test,DC=ccp,DC=citrix,DC=com", (short)2)
         _ldapManager.linkDomainToLdap(_,_,_,_) >> response
         when:
             linkDomainToLdapCmd.execute()
         then:
             LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
             result.getObjectName() == "LinkDomainToLdap"
             result.getResponseName() == linkDomainToLdapCmd.getCommandName()
     }

     def "test with valid params and with disabled admin"() {
         def domainId = "1";
         def type = "GROUP";
         def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
         def accountType = 2;
         def username = "admin"

         LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId, type, name, (short)accountType)
         _ldapManager.linkDomainToLdap(_,_,_,_) >> response
         _ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", true, null)

         linkDomainToLdapCmd.admin = username
         linkDomainToLdapCmd.type = type
         linkDomainToLdapCmd.name = name
         linkDomainToLdapCmd.domainId = domainId

         when:
         linkDomainToLdapCmd.execute()
         then:
         LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
         result.getObjectName() == "LinkDomainToLdap"
         result.getResponseName() == linkDomainToLdapCmd.getCommandName()
         result.getDomainId() == domainId
         result.getType() == type
         result.getName() == name
         result.getAdminId() == null
     }

     def "test with valid params and with admin who exist in cloudstack already"() {
         def domainId = 1L;
         def type = "GROUP";
         def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
         def accountType = 2;
         def username = "admin"

         LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, name, (short)accountType)
         _ldapManager.linkDomainToLdap(_,_,_,_) >> response
         _ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", false, null)

         _accountService.getActiveAccountByName(username, domainId) >> Mock(Account)

         linkDomainToLdapCmd.admin = username
         linkDomainToLdapCmd.type = type
         linkDomainToLdapCmd.name = name
         linkDomainToLdapCmd.domainId = domainId

         when:
         linkDomainToLdapCmd.execute()
         then:
         LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
         result.getObjectName() == "LinkDomainToLdap"
         result.getResponseName() == linkDomainToLdapCmd.getCommandName()
         result.getDomainId() == domainId.toString()
         result.getType() == type
         result.getName() == name
         result.getAdminId() == null
     }

     def "test with valid params and with admin who doesnt exist in cloudstack"() {
         def domainId = 1L;
         def type = "GROUP";
         def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
         def accountType = 2;
         def username = "admin"
         def accountId = 24

         LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, name, (short)accountType)
         _ldapManager.linkDomainToLdap(_,_,_,_) >> response
         _ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", false)

         _accountService.getActiveAccountByName(username, domainId) >> null
         UserAccount userAccount = Mock(UserAccount)
         userAccount.getAccountId() >> 24
         _accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
                 username, null, _, _, User.Source.LDAP) >> userAccount

         linkDomainToLdapCmd.admin = username
         linkDomainToLdapCmd.type = type
         linkDomainToLdapCmd.name = name
         linkDomainToLdapCmd.domainId = domainId

         when:
         linkDomainToLdapCmd.execute()
         then:
         LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
         result.getObjectName() == "LinkDomainToLdap"
         result.getResponseName() == linkDomainToLdapCmd.getCommandName()
         result.getDomainId() == domainId.toString()
         result.getType() == type
         result.getName() == name
         result.getAdminId() == String.valueOf(accountId)
     }

     def "test when admin doesnt exist in ldap"() {
         def domainId = 1L;
         def type = "GROUP";
         def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
         def accountType = 2;
         def username = "admin"

         LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, name, (short)accountType)
         _ldapManager.linkDomainToLdap(_,_,_,_) >> response
         _ldapManager.getUser(username, type, name) >> {throw new NoLdapUserMatchingQueryException("get ldap user failed from mock")}

         linkDomainToLdapCmd.admin = username
         linkDomainToLdapCmd.type = type
         linkDomainToLdapCmd.name = name
         linkDomainToLdapCmd.domainId = domainId

         when:
         linkDomainToLdapCmd.execute()
         then:
         LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
         result.getObjectName() == "LinkDomainToLdap"
         result.getResponseName() == linkDomainToLdapCmd.getCommandName()
         result.getDomainId() == domainId.toString()
         result.getType() == type
         result.getName() == name
         result.getAdminId() == null
     }

     /**
      * api should not fail in this case as link domain to ldap is successful
      */
     def "test when create user account throws a run time exception"() {
         def domainId = 1L;
         def type = "GROUP";
         def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
         def accountType = 2;
         def username = "admin"
         def accountId = 24

         LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, name, (short)accountType)
         _ldapManager.linkDomainToLdap(_,_,_,_) >> response
         _ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", false, null)

         _accountService.getActiveAccountByName(username, domainId) >> null
         UserAccount userAccount = Mock(UserAccount)
         userAccount.getAccountId() >> 24
         _accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
                 username, null, _, _, User.Source.LDAP) >> { throw new RuntimeException("created failed from mock") }

         linkDomainToLdapCmd.admin = username
         linkDomainToLdapCmd.type = type
         linkDomainToLdapCmd.name = name
         linkDomainToLdapCmd.domainId = domainId

         when:
         linkDomainToLdapCmd.execute()
         then:
         LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
         result.getObjectName() == "LinkDomainToLdap"
         result.getResponseName() == linkDomainToLdapCmd.getCommandName()
         result.getDomainId() == domainId.toString()
         result.getType() == type
         result.getName() == name
         result.getAdminId() == null
     }

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package groovy.org.apache.cloudstack.ldap

	import com.cloud.exception.InvalidParameterValueException
	import com.cloud.user.Account
	import com.cloud.user.AccountService
	import com.cloud.user.User
	import com.cloud.user.UserAccount
	import org.apache.cloudstack.api.ServerApiException
	import org.apache.cloudstack.api.command.LinkDomainToLdapCmd
	import org.apache.cloudstack.api.response.LinkDomainToLdapResponse
	import org.apache.cloudstack.ldap.LdapManager
	import org.apache.cloudstack.ldap.LdapUser
	import org.apache.cloudstack.ldap.NoLdapUserMatchingQueryException
	import spock.lang.Shared
	import spock.lang.Specification

	class LinkDomainToLdapCmdSpec extends Specification {

	@Shared
	private LdapManager _ldapManager;

	@Shared
	public AccountService _accountService;

	@Shared
	public LinkDomainToLdapCmd linkDomainToLdapCmd;

	def setup() {
	_ldapManager = Mock(LdapManager)
	_accountService = Mock(AccountService)

	linkDomainToLdapCmd = new LinkDomainToLdapCmd()
	linkDomainToLdapCmd._accountService = _accountService
	linkDomainToLdapCmd._ldapManager = _ldapManager
	}

	def "test invalid params"() {
	_ldapManager.linkDomainToLdap(_,_,_,_) >> {throw new InvalidParameterValueException("invalid param")}
	when:
	linkDomainToLdapCmd.execute();
	then:
	thrown(ServerApiException)
	}
	def "test valid params without admin"(){
	LinkDomainToLdapResponse response = new LinkDomainToLdapResponse("1", "GROUP", "CN=test,DC=ccp,DC=citrix,DC=com", (short)2)
	_ldapManager.linkDomainToLdap(_,_,_,_) >> response
	when:
	linkDomainToLdapCmd.execute()
	then:
	LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
	result.getObjectName() == "LinkDomainToLdap"
	result.getResponseName() == linkDomainToLdapCmd.getCommandName()
	}

	def "test with valid params and with disabled admin"() {
	def domainId = "1";
	def type = "GROUP";
	def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
	def accountType = 2;
	def username = "admin"

	LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId, type, name, (short)accountType)
	_ldapManager.linkDomainToLdap(_,_,_,_) >> response
	_ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", true, null)

	linkDomainToLdapCmd.admin = username
	linkDomainToLdapCmd.type = type
	linkDomainToLdapCmd.name = name
	linkDomainToLdapCmd.domainId = domainId

	when:
	linkDomainToLdapCmd.execute()
	then:
	LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
	result.getObjectName() == "LinkDomainToLdap"
	result.getResponseName() == linkDomainToLdapCmd.getCommandName()
	result.getDomainId() == domainId
	result.getType() == type
	result.getName() == name
	result.getAdminId() == null
	}

	def "test with valid params and with admin who exist in cloudstack already"() {
	def domainId = 1L;
	def type = "GROUP";
	def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
	def accountType = 2;
	def username = "admin"

	LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, name, (short)accountType)
	_ldapManager.linkDomainToLdap(_,_,_,_) >> response
	_ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", false, null)

	_accountService.getActiveAccountByName(username, domainId) >> Mock(Account)

	linkDomainToLdapCmd.admin = username
	linkDomainToLdapCmd.type = type
	linkDomainToLdapCmd.name = name
	linkDomainToLdapCmd.domainId = domainId

	when:
	linkDomainToLdapCmd.execute()
	then:
	LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
	result.getObjectName() == "LinkDomainToLdap"
	result.getResponseName() == linkDomainToLdapCmd.getCommandName()
	result.getDomainId() == domainId.toString()
	result.getType() == type
	result.getName() == name
	result.getAdminId() == null
	}

	def "test with valid params and with admin who doesnt exist in cloudstack"() {
	def domainId = 1L;
	def type = "GROUP";
	def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
	def accountType = 2;
	def username = "admin"
	def accountId = 24

	LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, name, (short)accountType)
	_ldapManager.linkDomainToLdap(_,_,_,_) >> response
	_ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", false)

	_accountService.getActiveAccountByName(username, domainId) >> null
	UserAccount userAccount = Mock(UserAccount)
	userAccount.getAccountId() >> 24
	_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
	username, null, _, _, User.Source.LDAP) >> userAccount

	linkDomainToLdapCmd.admin = username
	linkDomainToLdapCmd.type = type
	linkDomainToLdapCmd.name = name
	linkDomainToLdapCmd.domainId = domainId

	when:
	linkDomainToLdapCmd.execute()
	then:
	LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
	result.getObjectName() == "LinkDomainToLdap"
	result.getResponseName() == linkDomainToLdapCmd.getCommandName()
	result.getDomainId() == domainId.toString()
	result.getType() == type
	result.getName() == name
	result.getAdminId() == String.valueOf(accountId)
	}

	def "test when admin doesnt exist in ldap"() {
	def domainId = 1L;
	def type = "GROUP";
	def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
	def accountType = 2;
	def username = "admin"

	LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, name, (short)accountType)
	_ldapManager.linkDomainToLdap(_,_,_,_) >> response
	_ldapManager.getUser(username, type, name) >> {throw new NoLdapUserMatchingQueryException("get ldap user failed from mock")}

	linkDomainToLdapCmd.admin = username
	linkDomainToLdapCmd.type = type
	linkDomainToLdapCmd.name = name
	linkDomainToLdapCmd.domainId = domainId

	when:
	linkDomainToLdapCmd.execute()
	then:
	LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
	result.getObjectName() == "LinkDomainToLdap"
	result.getResponseName() == linkDomainToLdapCmd.getCommandName()
	result.getDomainId() == domainId.toString()
	result.getType() == type
	result.getName() == name
	result.getAdminId() == null
	}

	/**
	* api should not fail in this case as link domain to ldap is successful
	*/
	def "test when create user account throws a run time exception"() {
	def domainId = 1L;
	def type = "GROUP";
	def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
	def accountType = 2;
	def username = "admin"
	def accountId = 24

	LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, name, (short)accountType)
	_ldapManager.linkDomainToLdap(_,_,_,_) >> response
	_ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", false, null)

	_accountService.getActiveAccountByName(username, domainId) >> null
	UserAccount userAccount = Mock(UserAccount)
	userAccount.getAccountId() >> 24
	_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
	username, null, _, _, User.Source.LDAP) >> { throw new RuntimeException("created failed from mock") }

	linkDomainToLdapCmd.admin = username
	linkDomainToLdapCmd.type = type
	linkDomainToLdapCmd.name = name
	linkDomainToLdapCmd.domainId = domainId

	when:
	linkDomainToLdapCmd.execute()
	then:
	LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
	result.getObjectName() == "LinkDomainToLdap"
	result.getResponseName() == linkDomainToLdapCmd.getCommandName()
	result.getDomainId() == domainId.toString()
	result.getType() == type
	result.getName() == name
	result.getAdminId() == null
	}

	}