2014-04-08 14:57:06 +04:00
|
|
|
|
<?php
|
|
|
|
|
|
/**
|
2016-07-21 17:49:16 +03:00
|
|
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
|
|
|
|
*
|
2016-05-26 20:56:05 +03:00
|
|
|
|
* @author Arthur Schiwon <blizzz@arthur-schiwon.de>
|
2020-03-31 11:49:10 +03:00
|
|
|
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
2016-07-21 17:49:16 +03:00
|
|
|
|
* @author Joas Schilling <coding@schilljs.com>
|
2015-03-26 13:44:34 +03:00
|
|
|
|
* @author Morris Jobke <hey@morrisjobke.de>
|
2017-11-06 17:56:42 +03:00
|
|
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
2016-01-12 17:02:16 +03:00
|
|
|
|
* @author Thomas Müller <thomas.mueller@tmit.eu>
|
2017-11-06 17:56:42 +03:00
|
|
|
|
* @author Victor Dubiniuk <dubiniuk@owncloud.com>
|
2016-07-21 17:49:16 +03:00
|
|
|
|
* @author Vincent Petry <pvince81@owncloud.com>
|
2017-11-06 17:56:42 +03:00
|
|
|
|
* @author Vinicius Cubas Brand <vinicius@eita.org.br>
|
2017-03-18 09:56:24 +03:00
|
|
|
|
* @author Xuanwo <xuanwo@yunify.com>
|
2015-03-26 13:44:34 +03:00
|
|
|
|
*
|
|
|
|
|
|
* @license AGPL-3.0
|
|
|
|
|
|
*
|
|
|
|
|
|
* This code is free software: you can redistribute it and/or modify
|
|
|
|
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
|
|
|
|
* as published by the Free Software Foundation.
|
|
|
|
|
|
*
|
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
|
|
*
|
|
|
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
2019-12-03 21:57:53 +03:00
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
2015-03-26 13:44:34 +03:00
|
|
|
|
*
|
|
|
|
|
|
*/
|
2015-02-26 13:37:37 +03:00
|
|
|
|
|
2016-05-12 11:43:34 +03:00
|
|
|
|
namespace OCA\User_LDAP\Tests;
|
2014-04-08 14:57:06 +04:00
|
|
|
|
|
2017-11-03 19:40:05 +03:00
|
|
|
|
use OCA\User_LDAP\Access;
|
|
|
|
|
|
use OCA\User_LDAP\Connection;
|
2016-05-12 11:43:34 +03:00
|
|
|
|
use OCA\User_LDAP\Group_LDAP as GroupLDAP;
|
2019-11-22 22:52:10 +03:00
|
|
|
|
use OCA\User_LDAP\GroupPluginManager;
|
2016-09-02 12:02:12 +03:00
|
|
|
|
use OCA\User_LDAP\ILDAPWrapper;
|
2020-06-01 01:01:49 +03:00
|
|
|
|
use OCA\User_LDAP\Mapping\GroupMapping;
|
2017-11-03 19:40:05 +03:00
|
|
|
|
use OCA\User_LDAP\User\Manager;
|
2019-11-22 22:52:10 +03:00
|
|
|
|
use OCP\GroupInterface;
|
2020-06-01 01:01:49 +03:00
|
|
|
|
use PHPUnit\Framework\MockObject\MockObject;
|
2018-02-23 14:04:48 +03:00
|
|
|
|
use Test\TestCase;
|
2014-04-08 14:57:06 +04:00
|
|
|
|
|
2015-11-25 18:58:54 +03:00
|
|
|
|
/**
|
2016-05-12 11:43:34 +03:00
|
|
|
|
* Class GroupLDAPTest
|
2015-11-25 18:58:54 +03:00
|
|
|
|
*
|
|
|
|
|
|
* @group DB
|
|
|
|
|
|
*
|
2016-05-12 18:14:59 +03:00
|
|
|
|
* @package OCA\User_LDAP\Tests
|
2015-11-25 18:58:54 +03:00
|
|
|
|
*/
|
2018-02-23 14:04:48 +03:00
|
|
|
|
class Group_LDAPTest extends TestCase {
|
2020-11-27 21:34:35 +03:00
|
|
|
|
public function testCountEmptySearchString() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
$groupDN = 'cn=group,dc=foo,dc=bar';
|
|
|
|
|
|
|
|
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('groupname2dn')
|
|
|
|
|
|
->willReturn($groupDN);
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->willReturnCallback(function ($dn) use ($groupDN) {
|
|
|
|
|
|
if ($dn === $groupDN) {
|
|
|
|
|
|
return [
|
|
|
|
|
|
'uid=u11,ou=users,dc=foo,dc=bar',
|
|
|
|
|
|
'uid=u22,ou=users,dc=foo,dc=bar',
|
|
|
|
|
|
'uid=u33,ou=users,dc=foo,dc=bar',
|
|
|
|
|
|
'uid=u34,ou=users,dc=foo,dc=bar'
|
|
|
|
|
|
];
|
|
|
|
|
|
}
|
|
|
|
|
|
return [];
|
|
|
|
|
|
});
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('isDNPartOfBase')
|
|
|
|
|
|
->willReturn(true);
|
|
|
|
|
|
// for primary groups
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('countUsers')
|
|
|
|
|
|
->willReturn(2);
|
|
|
|
|
|
|
|
|
|
|
|
$access->userManager->expects($this->any())
|
|
|
|
|
|
->method('getAttributes')
|
|
|
|
|
|
->willReturn(['displayName', 'mail']);
|
|
|
|
|
|
|
|
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
|
|
|
|
|
$users = $groupBackend->countUsersInGroup('group');
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(6, $users);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-11-03 19:40:05 +03:00
|
|
|
|
/**
|
2020-06-01 01:01:49 +03:00
|
|
|
|
* @return MockObject|Access
|
2017-11-03 19:40:05 +03:00
|
|
|
|
*/
|
2014-04-08 14:57:06 +04:00
|
|
|
|
private function getAccessMock() {
|
|
|
|
|
|
static $conMethods;
|
|
|
|
|
|
static $accMethods;
|
|
|
|
|
|
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if (is_null($conMethods) || is_null($accMethods)) {
|
2020-06-01 01:01:49 +03:00
|
|
|
|
$conMethods = get_class_methods(Connection::class);
|
|
|
|
|
|
$accMethods = get_class_methods(Access::class);
|
2014-04-08 14:57:06 +04:00
|
|
|
|
}
|
2020-04-17 17:02:04 +03:00
|
|
|
|
$lw = $this->createMock(ILDAPWrapper::class);
|
2020-06-01 01:01:49 +03:00
|
|
|
|
$connector = $this->getMockBuilder(Connection::class)
|
2016-09-27 23:54:37 +03:00
|
|
|
|
->setMethods($conMethods)
|
|
|
|
|
|
->setConstructorArgs([$lw, null, null])
|
|
|
|
|
|
->getMock();
|
2017-11-03 19:40:05 +03:00
|
|
|
|
|
|
|
|
|
|
$access = $this->createMock(Access::class);
|
2014-04-08 14:57:06 +04:00
|
|
|
|
|
2015-08-21 01:55:42 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('getConnection')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn($connector);
|
2015-08-21 01:55:42 +03:00
|
|
|
|
|
2020-06-24 14:09:15 +03:00
|
|
|
|
$access->userManager = $this->createMock(Manager::class);
|
|
|
|
|
|
|
2014-04-08 14:57:06 +04:00
|
|
|
|
return $access;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/**
|
|
|
|
|
|
* @return MockObject|GroupPluginManager
|
|
|
|
|
|
*/
|
2017-11-02 15:40:38 +03:00
|
|
|
|
private function getPluginManagerMock() {
|
2020-06-01 01:01:49 +03:00
|
|
|
|
return $this->createMock(GroupPluginManager::class);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
}
|
2020-03-12 17:24:38 +03:00
|
|
|
|
|
2020-06-01 01:01:49 +03:00
|
|
|
|
private function enableGroups(Access $access) {
|
2017-11-03 19:40:05 +03:00
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
2014-04-08 14:57:06 +04:00
|
|
|
|
$access->connection->expects($this->any())
|
2016-02-04 00:45:33 +03:00
|
|
|
|
->method('__get')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function ($name) {
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if ($name === 'ldapDynamicGroupMemberURL') {
|
2016-02-04 00:45:33 +03:00
|
|
|
|
return '';
|
|
|
|
|
|
}
|
|
|
|
|
|
return 1;
|
2020-03-26 00:21:27 +03:00
|
|
|
|
});
|
2014-04-08 14:57:06 +04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testCountWithSearchString() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
2014-04-08 14:57:06 +04:00
|
|
|
|
|
|
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('groupname2dn')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn('cn=group,dc=foo,dc=bar');
|
2014-07-02 00:02:41 +04:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('fetchListOfUsers')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn([]);
|
2014-04-08 14:57:06 +04:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('readAttribute')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function ($name) {
|
2014-04-08 14:57:06 +04:00
|
|
|
|
//the search operation will call readAttribute, thus we need
|
|
|
|
|
|
//to anaylze the "dn". All other times we just need to return
|
|
|
|
|
|
//something that is neither null or false, but once an array
|
|
|
|
|
|
//with the users in the group – so we do so all other times for
|
|
|
|
|
|
//simplicicity.
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if (strpos($name, 'u') === 0) {
|
2014-04-08 14:57:06 +04:00
|
|
|
|
return strpos($name, '3');
|
|
|
|
|
|
}
|
2019-03-02 02:36:08 +03:00
|
|
|
|
return ['u11', 'u22', 'u33', 'u34'];
|
2020-03-26 00:21:27 +03:00
|
|
|
|
});
|
2014-04-08 14:57:06 +04:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('dn2username')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function () {
|
2018-01-13 21:41:34 +03:00
|
|
|
|
return 'foobar' . \OC::$server->getSecureRandom()->generate(7);
|
2020-03-26 00:21:27 +03:00
|
|
|
|
});
|
2020-03-12 17:24:38 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('isDNPartOfBase')
|
|
|
|
|
|
->willReturn(true);
|
2020-06-01 01:01:49 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('escapeFilterPart')
|
|
|
|
|
|
->willReturnArgument(0);
|
2014-04-08 14:57:06 +04:00
|
|
|
|
|
2020-08-11 19:53:50 +03:00
|
|
|
|
$access->userManager->expects($this->any())
|
|
|
|
|
|
->method('getAttributes')
|
|
|
|
|
|
->willReturn(['displayName', 'mail']);
|
|
|
|
|
|
|
2020-04-17 17:02:04 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2014-04-08 14:57:06 +04:00
|
|
|
|
$users = $groupBackend->countUsersInGroup('group', '3');
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(2, $users);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
public function testCountUsersWithPlugin() {
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2020-04-17 17:02:04 +03:00
|
|
|
|
->setMethods(['implementsActions', 'countUsersInGroup'])
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::COUNT_USERS)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(true);
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('countUsersInGroup')
|
|
|
|
|
|
->with('gid', 'search')
|
|
|
|
|
|
->willReturn(42);
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
2020-04-17 17:02:04 +03:00
|
|
|
|
$this->assertEquals($ldap->countUsersInGroup('gid', 'search'), 42);
|
2020-04-09 17:07:47 +03:00
|
|
|
|
}
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
2017-03-18 09:56:24 +03:00
|
|
|
|
public function testGidNumber2NameSuccess() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2017-03-18 09:56:24 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('searchGroups')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn([['dn' => ['cn=foo,dc=barfoo,dc=bar']]]);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('dn2groupname')
|
|
|
|
|
|
->with('cn=foo,dc=barfoo,dc=bar')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn('MyGroup');
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
|
|
|
|
|
$group = $groupBackend->gidNumber2Name('3117', $userDN);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame('MyGroup', $group);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testGidNumberID2NameNoGroup() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2017-03-18 09:56:24 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('searchGroups')
|
2020-03-26 11:30:18 +03:00
|
|
|
|
->willReturn([]);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->never())
|
|
|
|
|
|
->method('dn2groupname');
|
|
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
|
|
|
|
|
$group = $groupBackend->gidNumber2Name('3117', $userDN);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(false, $group);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testGidNumberID2NameNoName() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2017-03-18 09:56:24 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('searchGroups')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn([['dn' => ['cn=foo,dc=barfoo,dc=bar']]]);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('dn2groupname')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(false);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
|
|
|
|
|
$group = $groupBackend->gidNumber2Name('3117', $userDN);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(false, $group);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testGetEntryGidNumberValue() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2017-03-18 09:56:24 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$dn = 'cn=foobar,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
$attr = 'gidNumber';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->with($dn, $attr)
|
2020-03-26 11:30:18 +03:00
|
|
|
|
->willReturn(['3117']);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
|
|
|
|
|
$gid = $groupBackend->getGroupGidNumber($dn);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame('3117', $gid);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testGetEntryGidNumberNoValue() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2017-03-18 09:56:24 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$dn = 'cn=foobar,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
$attr = 'gidNumber';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->with($dn, $attr)
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(false);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2017-03-18 09:56:24 +03:00
|
|
|
|
|
|
|
|
|
|
$gid = $groupBackend->getGroupGidNumber($dn);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(false, $gid);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2014-07-02 00:02:41 +04:00
|
|
|
|
public function testPrimaryGroupID2NameSuccess() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2014-07-02 00:02:41 +04:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('getSID')
|
|
|
|
|
|
->with($userDN)
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn('S-1-5-21-249921958-728525901-1594176202');
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('searchGroups')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn([['dn' => ['cn=foo,dc=barfoo,dc=bar']]]);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('dn2groupname')
|
|
|
|
|
|
->with('cn=foo,dc=barfoo,dc=bar')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn('MyGroup');
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$group = $groupBackend->primaryGroupID2Name('3117', $userDN);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame('MyGroup', $group);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testPrimaryGroupID2NameNoSID() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2014-07-02 00:02:41 +04:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('getSID')
|
|
|
|
|
|
->with($userDN)
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(false);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->never())
|
|
|
|
|
|
->method('searchGroups');
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->never())
|
|
|
|
|
|
->method('dn2groupname');
|
|
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$group = $groupBackend->primaryGroupID2Name('3117', $userDN);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(false, $group);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testPrimaryGroupID2NameNoGroup() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2014-07-02 00:02:41 +04:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('getSID')
|
|
|
|
|
|
->with($userDN)
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn('S-1-5-21-249921958-728525901-1594176202');
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('searchGroups')
|
2020-03-26 11:30:18 +03:00
|
|
|
|
->willReturn([]);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->never())
|
|
|
|
|
|
->method('dn2groupname');
|
|
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$group = $groupBackend->primaryGroupID2Name('3117', $userDN);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(false, $group);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testPrimaryGroupID2NameNoName() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2014-07-02 00:02:41 +04:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('getSID')
|
|
|
|
|
|
->with($userDN)
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn('S-1-5-21-249921958-728525901-1594176202');
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('searchGroups')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn([['dn' => ['cn=foo,dc=barfoo,dc=bar']]]);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('dn2groupname')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(false);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$group = $groupBackend->primaryGroupID2Name('3117', $userDN);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(false, $group);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testGetEntryGroupIDValue() {
|
|
|
|
|
|
//tests getEntryGroupID via getGroupPrimaryGroupID
|
|
|
|
|
|
//which is basically identical to getUserPrimaryGroupIDs
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2014-07-02 00:02:41 +04:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$dn = 'cn=foobar,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
$attr = 'primaryGroupToken';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->with($dn, $attr)
|
2020-03-26 11:30:18 +03:00
|
|
|
|
->willReturn(['3117']);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$gid = $groupBackend->getGroupPrimaryGroupID($dn);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame('3117', $gid);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testGetEntryGroupIDNoValue() {
|
|
|
|
|
|
//tests getEntryGroupID via getGroupPrimaryGroupID
|
|
|
|
|
|
//which is basically identical to getUserPrimaryGroupIDs
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2014-07-02 00:02:41 +04:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$dn = 'cn=foobar,cn=foo,dc=barfoo,dc=bar';
|
|
|
|
|
|
$attr = 'primaryGroupToken';
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->with($dn, $attr)
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(false);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2014-07-02 00:02:41 +04:00
|
|
|
|
|
|
|
|
|
|
$gid = $groupBackend->getGroupPrimaryGroupID($dn);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(false, $gid);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2014-10-16 18:08:59 +04:00
|
|
|
|
/**
|
|
|
|
|
|
* tests whether Group Backend behaves correctly when cache with uid and gid
|
|
|
|
|
|
* is hit
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function testInGroupHitsUidGidCache() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2014-10-16 18:08:59 +04:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$uid = 'someUser';
|
|
|
|
|
|
$gid = 'someGroup';
|
2020-04-17 17:02:04 +03:00
|
|
|
|
$cacheKey = 'inGroup' . $uid . ':' . $gid;
|
2014-10-16 18:08:59 +04:00
|
|
|
|
|
|
|
|
|
|
$access->connection->expects($this->once())
|
|
|
|
|
|
->method('getFromCache')
|
|
|
|
|
|
->with($cacheKey)
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(true);
|
2014-10-16 18:08:59 +04:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->never())
|
|
|
|
|
|
->method('username2dn');
|
|
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2014-10-16 18:08:59 +04:00
|
|
|
|
$groupBackend->inGroup($uid, $gid);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-11-27 21:34:35 +03:00
|
|
|
|
public function groupWithMembersProvider() {
|
2020-11-27 21:24:12 +03:00
|
|
|
|
return [
|
|
|
|
|
|
[
|
|
|
|
|
|
'someGroup',
|
|
|
|
|
|
'cn=someGroup,ou=allTheGroups,ou=someDepartment,dc=someDomain,dc=someTld',
|
|
|
|
|
|
[
|
|
|
|
|
|
'uid=oneUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
|
|
|
|
|
|
'uid=someUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
|
|
|
|
|
|
'uid=anotherUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
|
|
|
|
|
|
'uid=differentUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
|
|
|
|
|
|
],
|
|
|
|
|
|
],
|
|
|
|
|
|
];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @dataProvider groupWithMembersProvider
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function testInGroupMember(string $gid, string $groupDn, array $memberDNs) {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$uid = 'someUser';
|
|
|
|
|
|
$userDn = $memberDNs[0];
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('__get')
|
|
|
|
|
|
->willReturnCallback(function ($name) {
|
|
|
|
|
|
switch ($name) {
|
|
|
|
|
|
case 'ldapGroupMemberAssocAttr':
|
|
|
|
|
|
return 'member';
|
|
|
|
|
|
case 'ldapDynamicGroupMemberURL':
|
|
|
|
|
|
return '';
|
|
|
|
|
|
case 'hasPrimaryGroups':
|
2020-11-27 21:34:35 +03:00
|
|
|
|
case 'ldapNestedGroups':
|
2020-11-27 21:24:12 +03:00
|
|
|
|
return 0;
|
|
|
|
|
|
default:
|
|
|
|
|
|
return 1;
|
|
|
|
|
|
}
|
|
|
|
|
|
});
|
|
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('getFromCache')
|
|
|
|
|
|
->willReturn(null);
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('username2dn')
|
|
|
|
|
|
->with($uid)
|
|
|
|
|
|
->willReturn($userDn);
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('groupname2dn')
|
|
|
|
|
|
->willReturn($groupDn);
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->willReturn($memberDNs);
|
|
|
|
|
|
|
|
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
|
|
|
|
|
$this->assertTrue($groupBackend->inGroup($uid, $gid));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @dataProvider groupWithMembersProvider
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function testInGroupMemberNot(string $gid, string $groupDn, array $memberDNs) {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$uid = 'unelatedUser';
|
|
|
|
|
|
$userDn = 'uid=unrelatedUser,ou=unrelatedTeam,ou=unrelatedDepartment,dc=someDomain,dc=someTld';
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('__get')
|
|
|
|
|
|
->willReturnCallback(function ($name) {
|
|
|
|
|
|
switch ($name) {
|
|
|
|
|
|
case 'ldapGroupMemberAssocAttr':
|
|
|
|
|
|
return 'member';
|
|
|
|
|
|
case 'ldapDynamicGroupMemberURL':
|
|
|
|
|
|
return '';
|
|
|
|
|
|
case 'hasPrimaryGroups':
|
2020-11-27 21:34:35 +03:00
|
|
|
|
case 'ldapNestedGroups':
|
2020-11-27 21:24:12 +03:00
|
|
|
|
return 0;
|
|
|
|
|
|
default:
|
|
|
|
|
|
return 1;
|
|
|
|
|
|
}
|
|
|
|
|
|
});
|
|
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('getFromCache')
|
|
|
|
|
|
->willReturn(null);
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('username2dn')
|
|
|
|
|
|
->with($uid)
|
|
|
|
|
|
->willReturn($userDn);
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('groupname2dn')
|
|
|
|
|
|
->willReturn($groupDn);
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->willReturn($memberDNs);
|
|
|
|
|
|
|
|
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
|
|
|
|
|
$this->assertFalse($groupBackend->inGroup($uid, $gid));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @dataProvider groupWithMembersProvider
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function testInGroupMemberUid(string $gid, string $groupDn, array $memberDNs) {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
|
|
|
|
|
$memberUids = [];
|
|
|
|
|
|
$userRecords = [];
|
|
|
|
|
|
foreach ($memberDNs as $dn) {
|
|
|
|
|
|
$memberUids[] = ldap_explode_dn($dn, false)[0];
|
|
|
|
|
|
$userRecords[] = ['dn' => [$dn]];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$uid = 'someUser';
|
|
|
|
|
|
$userDn = $memberDNs[0];
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('__get')
|
|
|
|
|
|
->willReturnCallback(function ($name) {
|
|
|
|
|
|
switch ($name) {
|
|
|
|
|
|
case 'ldapGroupMemberAssocAttr':
|
|
|
|
|
|
return 'memberUid';
|
|
|
|
|
|
case 'ldapDynamicGroupMemberURL':
|
|
|
|
|
|
return '';
|
|
|
|
|
|
case 'ldapLoginFilter':
|
|
|
|
|
|
return 'uid=%uid';
|
|
|
|
|
|
case 'hasPrimaryGroups':
|
2020-11-27 21:34:35 +03:00
|
|
|
|
case 'ldapNestedGroups':
|
2020-11-27 21:24:12 +03:00
|
|
|
|
return 0;
|
|
|
|
|
|
default:
|
|
|
|
|
|
return 1;
|
|
|
|
|
|
}
|
|
|
|
|
|
});
|
|
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('getFromCache')
|
|
|
|
|
|
->willReturn(null);
|
|
|
|
|
|
|
|
|
|
|
|
$access->userManager->expects($this->any())
|
|
|
|
|
|
->method('getAttributes')
|
|
|
|
|
|
->willReturn(['uid', 'mail', 'displayname']);
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('username2dn')
|
|
|
|
|
|
->with($uid)
|
|
|
|
|
|
->willReturn($userDn);
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('groupname2dn')
|
|
|
|
|
|
->willReturn($groupDn);
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->willReturn($memberUids);
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('fetchListOfUsers')
|
|
|
|
|
|
->willReturn($userRecords);
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('combineFilterWithOr')
|
|
|
|
|
|
->willReturn('(|(pseudo=filter)(filter=pseudo))');
|
|
|
|
|
|
|
|
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
|
|
|
|
|
$this->assertTrue($groupBackend->inGroup($uid, $gid));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2015-03-23 18:51:40 +03:00
|
|
|
|
public function testGetGroupsWithOffset() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2015-03-23 18:51:40 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
2017-04-12 07:21:04 +03:00
|
|
|
|
->method('nextcloudGroupNames')
|
2020-03-26 11:30:18 +03:00
|
|
|
|
->willReturn(['group1', 'group2']);
|
2015-03-23 18:51:40 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2015-03-23 18:51:40 +03:00
|
|
|
|
$groups = $groupBackend->getGroups('', 2, 2);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(2, count($groups));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2015-04-14 15:40:37 +03:00
|
|
|
|
/**
|
|
|
|
|
|
* tests that a user listing is complete, if all it's members have the group
|
|
|
|
|
|
* as their primary.
|
|
|
|
|
|
*/
|
2016-05-12 11:43:34 +03:00
|
|
|
|
public function testUsersInGroupPrimaryMembersOnly() {
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
2017-04-25 16:07:05 +03:00
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('getFromCache')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(null);
|
2017-04-25 16:07:05 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('readAttribute')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function ($dn, $attr) {
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if ($attr === 'primaryGroupToken') {
|
2020-03-26 11:30:18 +03:00
|
|
|
|
return [1337];
|
2020-04-10 15:19:56 +03:00
|
|
|
|
} elseif ($attr === 'gidNumber') {
|
2017-04-25 16:07:05 +03:00
|
|
|
|
return [4211];
|
|
|
|
|
|
}
|
2020-03-26 11:30:18 +03:00
|
|
|
|
return [];
|
2020-03-26 00:21:27 +03:00
|
|
|
|
});
|
2017-04-25 16:07:05 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('groupname2dn')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn('cn=foobar,dc=foo,dc=bar');
|
2017-04-25 16:07:05 +03:00
|
|
|
|
$access->expects($this->exactly(2))
|
|
|
|
|
|
->method('nextcloudUserNames')
|
|
|
|
|
|
->willReturnOnConsecutiveCalls(['lisa', 'bart', 'kira', 'brad'], ['walle', 'dino', 'xenia']);
|
2020-03-12 17:24:38 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('isDNPartOfBase')
|
|
|
|
|
|
->willReturn(true);
|
2020-06-25 00:34:37 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('combineFilterWithAnd')
|
|
|
|
|
|
->willReturn('pseudo=filter');
|
2020-08-11 19:53:50 +03:00
|
|
|
|
|
|
|
|
|
|
$access->userManager->expects($this->any())
|
|
|
|
|
|
->method('getAttributes')
|
|
|
|
|
|
->willReturn(['displayName', 'mail']);
|
2017-04-25 16:07:05 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2017-04-25 16:07:05 +03:00
|
|
|
|
$users = $groupBackend->usersInGroup('foobar');
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(7, count($users));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* tests that a user listing is complete, if all it's members have the group
|
|
|
|
|
|
* as their primary.
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function testUsersInGroupPrimaryAndUnixMembers() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2017-04-25 16:07:05 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('getFromCache')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(null);
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('readAttribute')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function ($dn, $attr) {
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if ($attr === 'primaryGroupToken') {
|
2020-03-26 11:30:18 +03:00
|
|
|
|
return [1337];
|
2015-04-14 15:40:37 +03:00
|
|
|
|
}
|
2020-03-26 11:30:18 +03:00
|
|
|
|
return [];
|
2020-03-26 00:21:27 +03:00
|
|
|
|
});
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('groupname2dn')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn('cn=foobar,dc=foo,dc=bar');
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$access->expects($this->once())
|
2017-04-12 07:21:04 +03:00
|
|
|
|
->method('nextcloudUserNames')
|
2020-03-26 11:30:18 +03:00
|
|
|
|
->willReturn(['lisa', 'bart', 'kira', 'brad']);
|
2020-03-12 17:24:38 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('isDNPartOfBase')
|
|
|
|
|
|
->willReturn(true);
|
2020-06-25 00:34:37 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('combineFilterWithAnd')
|
|
|
|
|
|
->willReturn('pseudo=filter');
|
2020-08-11 19:53:50 +03:00
|
|
|
|
|
|
|
|
|
|
$access->userManager->expects($this->any())
|
|
|
|
|
|
->method('getAttributes')
|
|
|
|
|
|
->willReturn(['displayName', 'mail']);
|
2015-04-14 15:40:37 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$users = $groupBackend->usersInGroup('foobar');
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(4, count($users));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* tests that a user counting is complete, if all it's members have the group
|
|
|
|
|
|
* as their primary.
|
|
|
|
|
|
*/
|
2016-05-12 11:43:34 +03:00
|
|
|
|
public function testCountUsersInGroupPrimaryMembersOnly() {
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('getFromCache')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(null);
|
2015-04-14 15:40:37 +03:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('readAttribute')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function ($dn, $attr) {
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if ($attr === 'primaryGroupToken') {
|
2020-03-26 11:30:18 +03:00
|
|
|
|
return [1337];
|
2015-04-14 15:40:37 +03:00
|
|
|
|
}
|
2020-03-26 11:30:18 +03:00
|
|
|
|
return [];
|
2020-03-26 00:21:27 +03:00
|
|
|
|
});
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('groupname2dn')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn('cn=foobar,dc=foo,dc=bar');
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('countUsers')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(4);
|
2020-03-12 17:24:38 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('isDNPartOfBase')
|
|
|
|
|
|
->willReturn(true);
|
2015-04-14 15:40:37 +03:00
|
|
|
|
|
2020-08-11 19:53:50 +03:00
|
|
|
|
$access->userManager->expects($this->any())
|
|
|
|
|
|
->method('getAttributes')
|
|
|
|
|
|
->willReturn(['displayName', 'mail']);
|
|
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2015-04-14 15:40:37 +03:00
|
|
|
|
$users = $groupBackend->countUsersInGroup('foobar');
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(4, $users);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2015-06-03 18:37:36 +03:00
|
|
|
|
public function testGetUserGroupsMemberOf() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
|
|
|
|
|
|
2015-06-03 18:37:36 +03:00
|
|
|
|
$this->enableGroups($access);
|
|
|
|
|
|
|
|
|
|
|
|
$dn = 'cn=userX,dc=foobar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection->hasPrimaryGroups = false;
|
2017-03-18 09:56:24 +03:00
|
|
|
|
$access->connection->hasGidNumber = false;
|
2015-06-03 18:37:36 +03:00
|
|
|
|
|
2015-08-21 01:55:42 +03:00
|
|
|
|
$access->expects($this->any())
|
2015-06-03 18:37:36 +03:00
|
|
|
|
->method('username2dn')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn($dn);
|
2020-03-12 17:24:38 +03:00
|
|
|
|
$access->expects($this->exactly(5))
|
2015-06-03 18:37:36 +03:00
|
|
|
|
->method('readAttribute')
|
2020-03-12 17:24:38 +03:00
|
|
|
|
->will($this->onConsecutiveCalls(['cn=groupA,dc=foobar', 'cn=groupB,dc=foobar'], [], [], [], []));
|
|
|
|
|
|
$access->expects($this->any())
|
2015-06-03 18:37:36 +03:00
|
|
|
|
->method('dn2groupname')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturnArgument(0);
|
2020-03-12 17:24:38 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('groupname2dn')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturnArgument(0);
|
2020-03-12 17:24:38 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('isDNPartOfBase')
|
|
|
|
|
|
->willReturn(true);
|
2015-06-30 14:56:25 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2015-06-03 18:37:36 +03:00
|
|
|
|
$groups = $groupBackend->getUserGroups('userX');
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertSame(2, count($groups));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testGetUserGroupsMemberOfDisabled() {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
2015-06-03 18:37:36 +03:00
|
|
|
|
|
2017-11-03 19:40:05 +03:00
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
2015-06-03 18:37:36 +03:00
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('__get')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function ($name) {
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if ($name === 'useMemberOfToDetectMembership') {
|
2015-06-03 18:37:36 +03:00
|
|
|
|
return 0;
|
2020-04-10 15:19:56 +03:00
|
|
|
|
} elseif ($name === 'ldapDynamicGroupMemberURL') {
|
2016-02-04 00:45:33 +03:00
|
|
|
|
return '';
|
2015-06-03 18:37:36 +03:00
|
|
|
|
}
|
|
|
|
|
|
return 1;
|
2020-03-26 00:21:27 +03:00
|
|
|
|
});
|
2015-06-03 18:37:36 +03:00
|
|
|
|
|
|
|
|
|
|
$dn = 'cn=userX,dc=foobar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection->hasPrimaryGroups = false;
|
2017-03-18 09:56:24 +03:00
|
|
|
|
$access->connection->hasGidNumber = false;
|
2015-06-03 18:37:36 +03:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
|
|
|
|
|
->method('username2dn')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn($dn);
|
2015-06-03 18:37:36 +03:00
|
|
|
|
$access->expects($this->never())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->with($dn, 'memberOf');
|
|
|
|
|
|
$access->expects($this->once())
|
2017-04-12 07:21:04 +03:00
|
|
|
|
->method('nextcloudGroupNames')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn([]);
|
2015-06-03 18:37:36 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2015-06-03 18:37:36 +03:00
|
|
|
|
$groupBackend->getUserGroups('userX');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-10-19 14:17:06 +03:00
|
|
|
|
public function nestedGroupsProvider(): array {
|
|
|
|
|
|
return [
|
2020-11-27 21:34:35 +03:00
|
|
|
|
[true],
|
|
|
|
|
|
[false],
|
2020-10-19 14:17:06 +03:00
|
|
|
|
];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @dataProvider nestedGroupsProvider
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function testGetGroupsByMember(bool $nestedGroups) {
|
2016-06-09 18:57:07 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$pluginManager = $this->getPluginManagerMock();
|
2016-06-09 18:57:07 +03:00
|
|
|
|
|
2020-10-19 14:17:06 +03:00
|
|
|
|
$groupFilter = '(&(objectclass=nextcloudGroup)(nextcloudEnabled=TRUE))';
|
2017-11-03 19:40:05 +03:00
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
2016-06-09 18:57:07 +03:00
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('__get')
|
2020-10-19 14:17:06 +03:00
|
|
|
|
->willReturnCallback(function ($name) use ($nestedGroups, $groupFilter) {
|
2020-04-10 15:19:56 +03:00
|
|
|
|
switch ($name) {
|
2019-03-02 02:36:08 +03:00
|
|
|
|
case 'useMemberOfToDetectMembership':
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
case 'ldapDynamicGroupMemberURL':
|
|
|
|
|
|
return '';
|
|
|
|
|
|
case 'ldapNestedGroups':
|
2020-10-19 14:17:06 +03:00
|
|
|
|
return $nestedGroups;
|
2019-03-02 02:36:08 +03:00
|
|
|
|
case 'ldapGroupMemberAssocAttr':
|
|
|
|
|
|
return 'member';
|
2020-10-19 14:17:06 +03:00
|
|
|
|
case 'ldapGroupFilter':
|
|
|
|
|
|
return $groupFilter;
|
2016-06-09 18:57:07 +03:00
|
|
|
|
}
|
|
|
|
|
|
return 1;
|
2020-03-26 00:21:27 +03:00
|
|
|
|
});
|
2016-06-09 18:57:07 +03:00
|
|
|
|
|
|
|
|
|
|
$dn = 'cn=userX,dc=foobar';
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection->hasPrimaryGroups = false;
|
2017-03-18 09:56:24 +03:00
|
|
|
|
$access->connection->hasGidNumber = false;
|
2016-06-09 18:57:07 +03:00
|
|
|
|
|
|
|
|
|
|
$access->expects($this->exactly(2))
|
|
|
|
|
|
->method('username2dn')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn($dn);
|
2020-03-12 17:24:38 +03:00
|
|
|
|
$access->expects($this->any())
|
2016-06-09 18:57:07 +03:00
|
|
|
|
->method('readAttribute')
|
2020-03-12 17:24:38 +03:00
|
|
|
|
->willReturn([]);
|
2020-10-19 14:17:06 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('combineFilterWithAnd')
|
|
|
|
|
|
->willReturnCallback(function (array $filterParts) {
|
|
|
|
|
|
// ⚠ returns a pseudo-filter only, not real LDAP Filter syntax
|
|
|
|
|
|
return implode('&', $filterParts);
|
|
|
|
|
|
});
|
2016-06-09 18:57:07 +03:00
|
|
|
|
|
|
|
|
|
|
$group1 = [
|
|
|
|
|
|
'cn' => 'group1',
|
|
|
|
|
|
'dn' => ['cn=group1,ou=groups,dc=domain,dc=com'],
|
|
|
|
|
|
];
|
|
|
|
|
|
$group2 = [
|
|
|
|
|
|
'cn' => 'group2',
|
|
|
|
|
|
'dn' => ['cn=group2,ou=groups,dc=domain,dc=com'],
|
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
|
|
$access->expects($this->once())
|
2017-04-12 07:21:04 +03:00
|
|
|
|
->method('nextcloudGroupNames')
|
2016-06-09 18:57:07 +03:00
|
|
|
|
->with([$group1, $group2])
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn(['group1', 'group2']);
|
2020-10-19 14:17:06 +03:00
|
|
|
|
$access->expects($nestedGroups ? $this->atLeastOnce() : $this->once())
|
2016-06-09 18:57:07 +03:00
|
|
|
|
->method('fetchListOfGroups')
|
2020-10-19 14:17:06 +03:00
|
|
|
|
->willReturnCallback(function ($filter, $attr, $limit, $offset) use ($nestedGroups, $groupFilter, $group1, $group2) {
|
|
|
|
|
|
static $firstRun = true;
|
|
|
|
|
|
if (!$nestedGroups) {
|
|
|
|
|
|
// When nested groups are enabled, groups cannot be filtered early as it would
|
|
|
|
|
|
// exclude intermediate groups. But we can, and should, when working with flat groups.
|
|
|
|
|
|
$this->assertTrue(strpos($filter, $groupFilter) !== false);
|
|
|
|
|
|
}
|
|
|
|
|
|
if ($firstRun) {
|
|
|
|
|
|
$firstRun = false;
|
|
|
|
|
|
return [$group1, $group2];
|
|
|
|
|
|
}
|
|
|
|
|
|
return [];
|
|
|
|
|
|
});
|
2019-03-02 02:36:08 +03:00
|
|
|
|
$access->expects($this->any())
|
2020-03-12 17:24:38 +03:00
|
|
|
|
->method('dn2groupname')
|
2020-04-17 17:02:04 +03:00
|
|
|
|
->willReturnCallback(function (string $dn) {
|
2020-03-12 17:24:38 +03:00
|
|
|
|
return ldap_explode_dn($dn, 1)[0];
|
|
|
|
|
|
});
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('groupname2dn')
|
|
|
|
|
|
->willReturnCallback(function (string $gid) use ($group1, $group2) {
|
2020-04-17 17:02:04 +03:00
|
|
|
|
if ($gid === $group1['cn']) {
|
2020-03-12 17:24:38 +03:00
|
|
|
|
return $group1['dn'][0];
|
|
|
|
|
|
}
|
2020-04-17 17:02:04 +03:00
|
|
|
|
if ($gid === $group2['cn']) {
|
2020-03-12 17:24:38 +03:00
|
|
|
|
return $group2['dn'][0];
|
|
|
|
|
|
}
|
|
|
|
|
|
});
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('isDNPartOfBase')
|
|
|
|
|
|
->willReturn(true);
|
2016-06-09 18:57:07 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$groupBackend = new GroupLDAP($access, $pluginManager);
|
2016-06-09 18:57:07 +03:00
|
|
|
|
$groups = $groupBackend->getUserGroups('userX');
|
|
|
|
|
|
$this->assertEquals(['group1', 'group2'], $groups);
|
|
|
|
|
|
|
|
|
|
|
|
$groupsAgain = $groupBackend->getUserGroups('userX');
|
|
|
|
|
|
$this->assertEquals(['group1', 'group2'], $groupsAgain);
|
|
|
|
|
|
}
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
|
|
|
|
|
public function testCreateGroupWithPlugin() {
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2020-04-17 17:02:04 +03:00
|
|
|
|
->setMethods(['implementsActions', 'createGroup'])
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::CREATE_GROUP)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(true);
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('createGroup')
|
|
|
|
|
|
->with('gid')
|
|
|
|
|
|
->willReturn('result');
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
2020-04-17 17:02:04 +03:00
|
|
|
|
$this->assertEquals($ldap->createGroup('gid'), true);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-12 17:24:38 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
public function testCreateGroupFailing() {
|
2019-11-27 17:27:18 +03:00
|
|
|
|
$this->expectException(\Exception::class);
|
|
|
|
|
|
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->setMethods(['implementsActions', 'createGroup'])
|
|
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::CREATE_GROUP)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(false);
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
|
|
|
|
|
$ldap->createGroup('gid');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testDeleteGroupWithPlugin() {
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2020-04-17 17:02:04 +03:00
|
|
|
|
->setMethods(['implementsActions', 'deleteGroup'])
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::DELETE_GROUP)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(true);
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('deleteGroup')
|
|
|
|
|
|
->with('gid')
|
|
|
|
|
|
->willReturn('result');
|
|
|
|
|
|
|
2020-06-01 01:01:49 +03:00
|
|
|
|
$mapper = $this->getMockBuilder(GroupMapping::class)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->setMethods(['unmap'])
|
|
|
|
|
|
->disableOriginalConstructor()
|
|
|
|
|
|
->getMock();
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
2017-11-02 15:40:38 +03:00
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('getGroupMapper')
|
2020-03-26 00:21:27 +03:00
|
|
|
|
->willReturn($mapper);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
2020-04-17 17:02:04 +03:00
|
|
|
|
$this->assertEquals($ldap->deleteGroup('gid'), 'result');
|
2017-11-02 15:40:38 +03:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-12 17:24:38 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
public function testDeleteGroupFailing() {
|
2019-11-27 17:27:18 +03:00
|
|
|
|
$this->expectException(\Exception::class);
|
|
|
|
|
|
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->setMethods(['implementsActions', 'deleteGroup'])
|
|
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::DELETE_GROUP)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(false);
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
|
|
|
|
|
$ldap->deleteGroup('gid');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testAddToGroupWithPlugin() {
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2020-04-17 17:02:04 +03:00
|
|
|
|
->setMethods(['implementsActions', 'addToGroup'])
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::ADD_TO_GROUP)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(true);
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('addToGroup')
|
|
|
|
|
|
->with('uid', 'gid')
|
|
|
|
|
|
->willReturn('result');
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
2020-04-17 17:02:04 +03:00
|
|
|
|
$this->assertEquals($ldap->addToGroup('uid', 'gid'), 'result');
|
2017-11-02 15:40:38 +03:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-12 17:24:38 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
public function testAddToGroupFailing() {
|
2019-11-27 17:27:18 +03:00
|
|
|
|
$this->expectException(\Exception::class);
|
|
|
|
|
|
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->setMethods(['implementsActions', 'addToGroup'])
|
|
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::ADD_TO_GROUP)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(false);
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
|
|
|
|
|
$ldap->addToGroup('uid', 'gid');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testRemoveFromGroupWithPlugin() {
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2020-04-17 17:02:04 +03:00
|
|
|
|
->setMethods(['implementsActions', 'removeFromGroup'])
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::REMOVE_FROM_GROUP)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(true);
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('removeFromGroup')
|
|
|
|
|
|
->with('uid', 'gid')
|
|
|
|
|
|
->willReturn('result');
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
2020-04-17 17:02:04 +03:00
|
|
|
|
$this->assertEquals($ldap->removeFromGroup('uid', 'gid'), 'result');
|
2017-11-02 15:40:38 +03:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-12 17:24:38 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
public function testRemoveFromGroupFailing() {
|
2019-11-27 17:27:18 +03:00
|
|
|
|
$this->expectException(\Exception::class);
|
|
|
|
|
|
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->setMethods(['implementsActions', 'removeFromGroup'])
|
|
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::REMOVE_FROM_GROUP)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(false);
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
|
|
|
|
|
$ldap->removeFromGroup('uid', 'gid');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function testGetGroupDetailsWithPlugin() {
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2020-04-17 17:02:04 +03:00
|
|
|
|
->setMethods(['implementsActions', 'getGroupDetails'])
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::GROUP_DETAILS)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(true);
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('getGroupDetails')
|
|
|
|
|
|
->with('gid')
|
|
|
|
|
|
->willReturn('result');
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
2020-04-17 17:02:04 +03:00
|
|
|
|
$this->assertEquals($ldap->getGroupDetails('gid'), 'result');
|
2017-11-02 15:40:38 +03:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-12 17:24:38 +03:00
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
|
public function testGetGroupDetailsFailing() {
|
2019-11-27 17:27:18 +03:00
|
|
|
|
$this->expectException(\Exception::class);
|
|
|
|
|
|
|
2020-06-01 01:01:49 +03:00
|
|
|
|
/** @var GroupPluginManager|MockObject $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->getMockBuilder(GroupPluginManager::class)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->setMethods(['implementsActions', 'getGroupDetails'])
|
|
|
|
|
|
->getMock();
|
|
|
|
|
|
|
|
|
|
|
|
$pluginManager->expects($this->once())
|
|
|
|
|
|
->method('implementsActions')
|
2017-11-03 01:19:03 +03:00
|
|
|
|
->with(GroupInterface::GROUP_DETAILS)
|
2017-11-02 15:40:38 +03:00
|
|
|
|
->willReturn(false);
|
|
|
|
|
|
|
2017-11-07 15:19:08 +03:00
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
|
|
|
|
|
$ldap->getGroupDetails('gid');
|
2018-02-23 14:04:48 +03:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function groupMemberProvider() {
|
|
|
|
|
|
$base = 'dc=species,dc=earth';
|
|
|
|
|
|
|
|
|
|
|
|
$groups0 = [
|
|
|
|
|
|
'uid=3723,' . $base,
|
|
|
|
|
|
'uid=8372,' . $base,
|
|
|
|
|
|
'uid=8427,' . $base,
|
|
|
|
|
|
'uid=2333,' . $base,
|
|
|
|
|
|
'uid=4754,' . $base,
|
|
|
|
|
|
];
|
|
|
|
|
|
$groups1 = [
|
|
|
|
|
|
'3723',
|
|
|
|
|
|
'8372',
|
|
|
|
|
|
'8427',
|
|
|
|
|
|
'2333',
|
|
|
|
|
|
'4754',
|
|
|
|
|
|
];
|
|
|
|
|
|
$groups2Nested = ['6642', '1424'];
|
|
|
|
|
|
$expGroups2 = array_merge($groups1, $groups2Nested);
|
|
|
|
|
|
|
|
|
|
|
|
return [
|
|
|
|
|
|
[ #0 – test DNs
|
|
|
|
|
|
'cn=Birds,' . $base,
|
|
|
|
|
|
$groups0,
|
|
|
|
|
|
['cn=Birds,' . $base => $groups0]
|
|
|
|
|
|
],
|
|
|
|
|
|
[ #1 – test uids
|
|
|
|
|
|
'cn=Birds,' . $base,
|
|
|
|
|
|
$groups1,
|
|
|
|
|
|
['cn=Birds,' . $base => $groups1]
|
|
|
|
|
|
],
|
|
|
|
|
|
];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @param string $groupDN
|
|
|
|
|
|
* @param string[] $expectedMembers
|
|
|
|
|
|
* @param array $groupsInfo
|
|
|
|
|
|
* @dataProvider groupMemberProvider
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function testGroupMembers($groupDN, $expectedMembers, $groupsInfo = null) {
|
|
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->expects($this->any())
|
|
|
|
|
|
->method('readAttribute')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function ($group) use ($groupDN, $expectedMembers, $groupsInfo) {
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if (isset($groupsInfo[$group])) {
|
2018-02-23 14:04:48 +03:00
|
|
|
|
return $groupsInfo[$group];
|
|
|
|
|
|
}
|
|
|
|
|
|
return [];
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if (count($groupsInfo) > 1) {
|
2018-02-23 14:04:48 +03:00
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('__get')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function ($name) {
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if ($name === 'ldapNestedGroups') {
|
2018-02-23 14:04:48 +03:00
|
|
|
|
return 1;
|
|
|
|
|
|
}
|
|
|
|
|
|
return null;
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/** @var GroupPluginManager $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->createMock(GroupPluginManager::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
|
|
|
|
|
$resultingMembers = $this->invokePrivate($ldap, '_groupMembers', [$groupDN]);
|
|
|
|
|
|
|
2019-11-29 15:30:25 +03:00
|
|
|
|
$this->assertEqualsCanonicalizing($expectedMembers, $resultingMembers);
|
2018-02-23 14:04:48 +03:00
|
|
|
|
}
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
2019-05-23 17:58:58 +03:00
|
|
|
|
public function displayNameProvider() {
|
|
|
|
|
|
return [
|
|
|
|
|
|
['Graphic Novelists', ['Graphic Novelists']],
|
|
|
|
|
|
['', false],
|
|
|
|
|
|
];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @dataProvider displayNameProvider
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function testGetDisplayName(string $expected, $ldapResult) {
|
|
|
|
|
|
$gid = 'graphic_novelists';
|
|
|
|
|
|
|
|
|
|
|
|
$access = $this->getAccessMock();
|
|
|
|
|
|
$access->expects($this->atLeastOnce())
|
|
|
|
|
|
->method('readAttribute')
|
|
|
|
|
|
->willReturn($ldapResult);
|
|
|
|
|
|
|
|
|
|
|
|
$access->connection = $this->createMock(Connection::class);
|
|
|
|
|
|
$access->connection->expects($this->any())
|
|
|
|
|
|
->method('__get')
|
2020-04-09 14:53:40 +03:00
|
|
|
|
->willReturnCallback(function ($name) {
|
2020-04-10 15:19:56 +03:00
|
|
|
|
if ($name === 'ldapGroupMemberAssocAttr') {
|
2019-05-23 17:58:58 +03:00
|
|
|
|
return 'member';
|
2020-04-10 15:19:56 +03:00
|
|
|
|
} elseif ($name === 'ldapGroupFilter') {
|
2019-05-23 17:58:58 +03:00
|
|
|
|
return 'objectclass=nextcloudGroup';
|
2020-04-10 15:19:56 +03:00
|
|
|
|
} elseif ($name === 'ldapGroupDisplayName') {
|
2019-05-23 17:58:58 +03:00
|
|
|
|
return 'cn';
|
|
|
|
|
|
}
|
|
|
|
|
|
return null;
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
/** @var GroupPluginManager $pluginManager */
|
|
|
|
|
|
$pluginManager = $this->createMock(GroupPluginManager::class);
|
|
|
|
|
|
|
|
|
|
|
|
$ldap = new GroupLDAP($access, $pluginManager);
|
|
|
|
|
|
$this->assertSame($expected, $ldap->getDisplayName($gid));
|
|
|
|
|
|
}
|
2014-04-25 20:52:13 +04:00
|
|
|
|
}
|
