Add config option :bothcase_name

2022-01-17 14:48:49 +01:00
parent 8034957d28
commit d8ea157c66
6 changed files with 85 additions and 18 deletions
--- a/test/fixtures/config-ldapdb-bothcase.yaml
+++ b/test/fixtures/config-ldapdb-bothcase.yaml
@ -0,0 +1,34 @@
+---
+ldap_connection:
+  host: localhost
+  port: 1389
+
+ldap_users:
+  base: dc=example,dc=com
+  filter: (sAMAccountName=*)
+  name_attribute: sAMAccountName
+  bothcase_name: true
+
+ldap_groups:
+  base: dc=example,dc=com
+  filter: (member=*)
+  name_attribute: cn
+  bothcase_name: true
+  member_attribute: member
+
+pg_connection:
+  dbname: postgres
+  host: localhost
+  port: 54321
+# needed for postgres-pr:
+#   user: insert_your_username_here
+#   password:
+
+pg_users:
+  filter: rolcanlogin AND NOT rolsuper AND rolname!='double_user'
+  create_options: LOGIN
+
+pg_groups:
+  filter: NOT rolcanlogin
+  create_options: NOLOGIN
+  grant_options:
--- a/test/fixtures/ldapdb.yaml
+++ b/test/fixtures/ldapdb.yaml
@ -11,14 +11,14 @@ cn=Fred Flintstone,dc=example,dc=com:
  sn:
  - Flintstone
  sAMAccountName:
-  - fred
+  - Fred
 cn=Wilma Flintstone,dc=example,dc=com:
  cn:
  - Wilma Flintstone
  mail:
  - wilma@bedrock.org
  sAMAccountName:
-  - wilma
+  - Wilma
 cn=Flintstones,dc=example,dc=com:
  cn:
  - Flintstones
--- a/test/test_pg_ldap_sync.rb
+++ b/test/test_pg_ldap_sync.rb
@ -83,7 +83,7 @@ class TestPgLdapSync < Minitest::Test
  end

  def setup
-    @pgconn.exec "DROP ROLE IF EXISTS fred, wilma, \"Flintstones\", \"Wilmas\", \"All Users\", double_user"
+    @pgconn.exec "DROP ROLE IF EXISTS \"Fred\", fred, \"Wilma\", wilma, \"Flintstones\", \"flintstones\", \"Wilmas\", \"wilmas\", \"All Users\", double_user"
  end

  def assert_role(role_name, attrs, member_of=[])
@ -130,12 +130,12 @@ class TestPgLdapSync < Minitest::Test
    sync_with_config(config)
  end

-  def sync_change
-    sync_to_fixture
+  def sync_change(fixture: "ldapdb", config: "config-ldapdb")
+    sync_to_fixture(fixture: fixture, config: config)

    yield(@directory)

-    sync_with_config
+    sync_with_config(config)
    exec_psql_du if $DEBUG
  end

@ -153,8 +153,8 @@ class TestPgLdapSync < Minitest::Test
    assert_role('All Users', 'Cannot login')
    assert_role('Flintstones', 'Cannot login')
    assert_role('Wilmas', 'Cannot login', ['All Users'])
-    assert_role('fred', '', ['All Users', 'Flintstones'])
-    assert_role('wilma', '', ['Flintstones', 'Wilmas'])
+    assert_role('Fred', '', ['All Users', 'Flintstones'])
+    assert_role('Wilma', '', ['Flintstones', 'Wilmas'])
  end

  def test_add_membership
@ -162,7 +162,15 @@ class TestPgLdapSync < Minitest::Test
      # add 'Fred' to 'Wilmas'
      @directory[0]['cn=Wilmas,dc=example,dc=com']['member'] << 'cn=Fred Flintstone,dc=example,dc=com'
    end
-    assert_role('fred', '', ['All Users', 'Flintstones', 'Wilmas'])
+    assert_role('Fred', '', ['All Users', 'Flintstones', 'Wilmas'])
+  end
+
+  def test_add_membership_bothcase
+    sync_change(config: "config-ldapdb-bothcase") do |dir|
+      # add 'Fred' to 'Wilmas'
+      @directory[0]['cn=Wilmas,dc=example,dc=com']['member'] << 'cn=Fred Flintstone,dc=example,dc=com'
+    end
+    assert_role('fred', '', ['All Users', 'all users', 'Flintstones', 'flintstones', 'Wilmas', 'wilmas'])
  end

  def test_revoke_membership
@ -170,7 +178,7 @@ class TestPgLdapSync < Minitest::Test
      # revoke membership of 'wilma' to 'Flintstones'
      dir[0]['cn=Flintstones,dc=example,dc=com']['member'].pop
    end
-    assert_role('wilma', '', ['Wilmas'])
+    assert_role('Wilma', '', ['Wilmas'])
  end

  def test_rename_role
@ -179,6 +187,7 @@ class TestPgLdapSync < Minitest::Test
      dir[0]['cn=Wilma Flintstone,dc=example,dc=com']['sAMAccountName'] = ['Wilma Flintstone']
    end
    refute_role('wilma')
+    refute_role('Wilma')
    assert_role('Wilma Flintstone', '', ['Flintstones', 'Wilmas'])
  end