add test with ldap- and pg-server

2011-05-24 11:14:26 +02:00 · 2011-05-24 11:14:26 +02:00 · 56534e4f93
commit 56534e4f93
parent 634a952269
4 changed files with 181 additions and 2 deletions
--- a/test/fixtures/config-ldapdb.yaml
+++ b/test/fixtures/config-ldapdb.yaml
@ -0,0 +1,36 @@
+---
+ldap_connection:
+  host: localhost
+  port: 1389
+#  auth:
+#    method: :simple
+#    username: dc=example,dc=com
+#    password:
+
+ldap_users:
+  base: dc=example,dc=com
+  filter: (&(cn=*)(sAMAccountName=*))
+  name_attribute: sAMAccountName
+
+ldap_groups:
+  base: dc=example,dc=com
+  filter: (member=*)
+  name_attribute: cn
+  member_attribute: member
+
+pg_connection:
+  host: localhost
+  dbname: postgres
+
+pg_users:
+  # WHERE-condition to identify LDAP generated users
+#  filter: rolcanlogin AND oid IN (SELECT pam.member FROM pg_auth_members pam JOIN pg_roles pr ON pr.oid=pam.roleid WHERE pr.rolname='edv')
+  filter: rolcanlogin AND NOT rolsuper
+  create_options: LOGIN
+
+pg_groups:
+  # WHERE-condition to identify LDAP generated groups
+#  filter: NOT rolcanlogin AND rolname='edv'
+  filter: NOT rolcanlogin
+  create_options: NOLOGIN
+  grant_options:
--- a/test/fixtures/ldapdb.yaml
+++ b/test/fixtures/ldapdb.yaml
@ -0,0 +1,38 @@
+---
+dc=example,dc=com:
+  cn:
+  - Top object
+cn=Fred Flintstone,dc=example,dc=com:
+  cn:
+  - Fred Flintstone
+  mail:
+  - fred@bedrock.org
+  - fred.flintstone@bedrock.org
+  sn:
+  - Flintstone
+  sAMAccountName:
+  - fred
+cn=Wilma Flintstone,dc=example,dc=com:
+  cn:
+  - Wilma Flintstone
+  mail:
+  - wilma@bedrock.org
+  sAMAccountName:
+  - wilma
+cn=Flintstones,dc=example,dc=com:
+  cn:
+  - Flintstones
+  member:
+  - cn=Fred Flintstone,dc=example,dc=com
+  - cn=Wilma Flintstone,dc=example,dc=com
+cn=Wilmas,dc=example,dc=com:
+  cn:
+  - Wilmas
+  member:
+  - cn=Wilma Flintstone,dc=example,dc=com
+cn=All Users,dc=example,dc=com:
+  cn:
+  - All Users
+  member:
+  - cn=Wilmas,dc=example,dc=com
+  - cn=Fred Flintstone,dc=example,dc=com
--- a/test/ldap_server.rb
+++ b/test/ldap_server.rb
@ -0,0 +1,41 @@
+#!/usr/local/bin/ruby -w
+
+# This is a trivial LDAP server which just stores directory entries in RAM.
+# It does no validation or authentication. This is intended just to
+# demonstrate the API, it's not for real-world use!!
+
+require 'rubygems'
+require 'ldap/server'
+
+# We subclass the Operation class, overriding the methods to do what we need
+
+class HashOperation < LDAP::Server::Operation
+  def initialize(connection, messageID, hash)
+    super(connection, messageID)
+    @hash = hash   # an object reference to our directory data
+  end
+
+  def search(basedn, scope, deref, filter)
+    basedn.downcase!
+
+    case scope
+    when LDAP::Server::BaseObject
+      # client asked for single object by DN
+      obj = @hash[basedn]
+      raise LDAP::ResultError::NoSuchObject unless obj
+      send_SearchResultEntry(basedn, obj) if LDAP::Server::Filter.run(filter, obj)
+
+    when LDAP::Server::WholeSubtree
+      @hash.each do |dn, av|
+        next unless dn.index(basedn, -basedn.length)    # under basedn?
+        next unless LDAP::Server::Filter.run(filter, av)  # attribute filter?
+        send_SearchResultEntry(dn, av)
+      end
+
+    else
+      raise LDAP::ResultError::UnwillingToPerform, "OneLevel not implemented"
+
+    end
+  end
+end
+
--- a/test/test_pg_ldap_sync.rb
+++ b/test/test_pg_ldap_sync.rb
@ -1,8 +1,72 @@
+#!/usr/bin/env ruby
+
 require "test/unit"
-require "pg_ldap_sync"
+require "pg_ldap_sync/application"
+require 'yaml'
+require 'test/ldap_server'
+require 'fileutils'

 class TestPgLdapSync < Test::Unit::TestCase
+  def log_and_run( *cmd )
+    puts cmd.join(' ')
+    system( *cmd )
+    raise "Command failed: [%s]" % [cmd.join(' ')] unless $?.success?
+  end
+
+  def start_ldap_server
+    yaml_fname = File.join(File.dirname(__FILE__), "fixtures/ldapdb.yaml")
+    directory = File.open(yaml_fname){|f| YAML::load(f.read) }
+
+    # Listen for incoming LDAP connections. For each one, create a Connection
+    # object, which will invoke a HashOperation object for each request.
+
+    @ldap_server = LDAP::Server.new(
+      :port     => 1389,
+      :nodelay    => true,
+      :listen     => 10,
+    # :ssl_key_file   => "key.pem",
+    # :ssl_cert_file    => "cert.pem",
+    # :ssl_on_connect   => true,
+      :operation_class  => HashOperation,
+      :operation_args   => [directory]
+    )
+    @ldap_server.run_tcpserver
+  end
+
+  def stop_ldap_server
+    @ldap_server.stop
+  end
+
+  def start_pg_server
+    @port = 54321
+    ENV['PGPORT'] = @port.to_s
+    ENV['PGHOST'] = 'localhost'
+    unless File.exist?('temp/pg_data')
+      FileUtils.mkdir_p 'temp/pg_data'
+      log_and_run 'initdb', '-D', 'temp/pg_data'
+    end
+    log_and_run 'pg_ctl', '-w', '-o', "-k .", '-D', 'temp/pg_data', 'start'
+    log_and_run 'psql', '-e', '-c', "DROP ROLE IF EXISTS fred, wilma, \"Flintstones\", \"Wilmas\", \"All Users\"", 'postgres'
+  end
+
+  def stop_pg_server
+    log_and_run 'pg_ctl', '-w', '-o', "-k .", '-D', 'temp/pg_data', 'stop'
+  end
+
+  def setup
+    start_ldap_server
+    start_pg_server
+  end
+
+  def teardown
+    stop_ldap_server
+    stop_pg_server
+  end
+
  def test_sanity
-    flunk "write tests or I will kneecap you"
+    PgLdapSync::Application.run(%w[-c test/fixtures/config-ldapdb.yaml -vv])
+
+    ENV['LC_MESSAGES'] = 'C'
+    log_and_run 'psql', '-c', "\\du", 'postgres'
  end
 end