nextcloud/apps/user_ldap/tests/access.php

<?php
/**
* ownCloud
*
* @author Arthur Schiwon
* @copyright 2013 Arthur Schiwon blizzz@owncloud.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
*
*/

namespace OCA\user_ldap\tests;

use \OCA\user_ldap\lib\Access;
use \OCA\user_ldap\lib\Connection;
use \OCA\user_ldap\lib\ILDAPWrapper;

class Test_Access extends \PHPUnit_Framework_TestCase {
	private function getConnecterAndLdapMock() {
		static $conMethods;
		static $accMethods;
		static $umMethods;

		if(is_null($conMethods) || is_null($accMethods)) {
			$conMethods = get_class_methods('\OCA\user_ldap\lib\Connection');
			$accMethods = get_class_methods('\OCA\user_ldap\lib\Access');
			$umMethods  = get_class_methods('\OCA\user_ldap\lib\user\Manager');
		}
		$lw  = $this->getMock('\OCA\user_ldap\lib\ILDAPWrapper');
		$connector = $this->getMock('\OCA\user_ldap\lib\Connection',
									$conMethods,
									array($lw, null, null));
		$um = $this->getMock('\OCA\user_ldap\lib\user\Manager',
			$umMethods, array(
				$this->getMock('\OCP\IConfig'),
				$this->getMock('\OCA\user_ldap\lib\FilesystemHelper'),
				$this->getMock('\OCA\user_ldap\lib\LogWrapper'),
				$this->getMock('\OCP\IAvatarManager'),
				$this->getMock('\OCP\Image')));

		return array($lw, $connector, $um);
	}

	public function testEscapeFilterPartValidChars() {
		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$access = new Access($con, $lw, $um);

		$input = 'okay';
		$this->assertTrue($input === $access->escapeFilterPart($input));
	}

	public function testEscapeFilterPartEscapeWildcard() {
		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$access = new Access($con, $lw, $um);

		$input = '*';
		$expected = '\\\\*';
		$this->assertTrue($expected === $access->escapeFilterPart($input));
	}

	public function testEscapeFilterPartEscapeWildcard2() {
		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$access = new Access($con, $lw, $um);

		$input = 'foo*bar';
		$expected = 'foo\\\\*bar';
		$this->assertTrue($expected === $access->escapeFilterPart($input));
	}

	public function testConvertSID2StrSuccess() {
		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$access = new Access($con, $lw, $um);

		if(!function_exists('\bcadd')) {
			$this->markTestSkipped('bcmath not available');
		}

		$sidBinary = file_get_contents(__DIR__ . '/data/sid.dat');
		$sidExpected = 'S-1-5-21-249921958-728525901-1594176202';

		$this->assertSame($sidExpected, $access->convertSID2Str($sidBinary));
	}

	public function testConvertSID2StrInputError() {
		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$access = new Access($con, $lw, $um);

		if(!function_exists('\bcadd')) {
			$this->markTestSkipped('bcmath not available');
		}

		$sidIllegal = 'foobar';
		$sidExpected = '';

		$this->assertSame($sidExpected, $access->convertSID2Str($sidIllegal));
	}

	public function testConvertSID2StrNoBCMath() {
		if(function_exists('\bcadd')) {
			$removed = false;
			if(function_exists('runkit_function_remove')) {
				$removed = !runkit_function_remove('\bcadd');
			}
			if(!$removed) {
				$this->markTestSkipped('bcadd could not be removed for ' .
					'testing without bcmath');
			}
		}

		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$access = new Access($con, $lw, $um);

		$sidBinary = file_get_contents(__DIR__ . '/data/sid.dat');
		$sidExpected = '';

		$this->assertSame($sidExpected, $access->convertSID2Str($sidBinary));
	}

	public function testGetDomainDNFromDNSuccess() {
		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$access = new Access($con, $lw, $um);

		$inputDN = 'uid=zaphod,cn=foobar,dc=my,dc=server,dc=com';
		$domainDN = 'dc=my,dc=server,dc=com';

		$lw->expects($this->once())
			->method('explodeDN')
			->with($inputDN, 0)
			->will($this->returnValue(explode(',', $inputDN)));

		$this->assertSame($domainDN, $access->getDomainDNFromDN($inputDN));
	}

	public function testGetDomainDNFromDNError() {
		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$access = new Access($con, $lw, $um);

		$inputDN = 'foobar';
		$expected = '';

		$lw->expects($this->once())
			->method('explodeDN')
			->with($inputDN, 0)
			->will($this->returnValue(false));

		$this->assertSame($expected, $access->getDomainDNFromDN($inputDN));
	}

	private function getResemblesDNInputData() {
		return  $cases = array(
			array(
				'input' => 'foo=bar,bar=foo,dc=foobar',
				'interResult' => array(
					'count' => 3,
					0 => 'foo=bar',
					1 => 'bar=foo',
					2 => 'dc=foobar'
				),
				'expectedResult' => true
			),
			array(
				'input' => 'foobarbarfoodcfoobar',
				'interResult' => false,
				'expectedResult' => false
			)
		);
	}

	public function testStringResemblesDN() {
		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$access = new Access($con, $lw, $um);

		$cases = $this->getResemblesDNInputData();

		$lw->expects($this->exactly(2))
			->method('explodeDN')
			->will($this->returnCallback(function ($dn) use ($cases) {
				foreach($cases as $case) {
					if($dn === $case['input']) {
						return $case['interResult'];
					}
				}
			}));

		foreach($cases as $case) {
			$this->assertSame($case['expectedResult'], $access->stringResemblesDN($case['input']));
		}
	}

	public function testStringResemblesDNLDAPmod() {
		list($lw, $con, $um) = $this->getConnecterAndLdapMock();
		$lw = new \OCA\user_ldap\lib\LDAP();
		$access = new Access($con, $lw, $um);

		if(!function_exists('ldap_explode_dn')) {
			$this->markTestSkipped('LDAP Module not available');
		}

		$cases = $this->getResemblesDNInputData();

		foreach($cases as $case) {
			$this->assertSame($case['expectedResult'], $access->stringResemblesDN($case['input']));
		}
	}
}
LDAP: fix and extend tests 2014-02-20 17:05:45 +04:00			`<?php`
			`/**`
			`* ownCloud`
			`*`
			`* @author Arthur Schiwon`
			`* @copyright 2013 Arthur Schiwon blizzz@owncloud.com`
			`*`
			`* This library is free software; you can redistribute it and/or`
			`* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE`
			`* License as published by the Free Software Foundation; either`
			`* version 3 of the License, or any later version.`
			`*`
			`* This library is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU AFFERO GENERAL PUBLIC LICENSE for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public`
			`* License along with this library. If not, see <http://www.gnu.org/licenses/>.`
			`*`
			`*/`

			`namespace OCA\user_ldap\tests;`

			`use \OCA\user_ldap\lib\Access;`
			`use \OCA\user_ldap\lib\Connection;`
			`use \OCA\user_ldap\lib\ILDAPWrapper;`

			`class Test_Access extends \PHPUnit_Framework_TestCase {`
			`private function getConnecterAndLdapMock() {`
			`static $conMethods;`
			`static $accMethods;`
adjust Access test 2014-03-31 12:48:38 +04:00			`static $umMethods;`
LDAP: fix and extend tests 2014-02-20 17:05:45 +04:00
			`if(is_null($conMethods) \|\| is_null($accMethods)) {`
			`$conMethods = get_class_methods('\OCA\user_ldap\lib\Connection');`
			`$accMethods = get_class_methods('\OCA\user_ldap\lib\Access');`
adjust Access test 2014-03-31 12:48:38 +04:00			`$umMethods = get_class_methods('\OCA\user_ldap\lib\user\Manager');`
LDAP: fix and extend tests 2014-02-20 17:05:45 +04:00			`}`
			`$lw = $this->getMock('\OCA\user_ldap\lib\ILDAPWrapper');`
			`$connector = $this->getMock('\OCA\user_ldap\lib\Connection',`
			`$conMethods,`
			`array($lw, null, null));`
adjust Access test 2014-03-31 12:48:38 +04:00			`$um = $this->getMock('\OCA\user_ldap\lib\user\Manager',`
			`$umMethods, array(`
			`$this->getMock('\OCP\IConfig'),`
			`$this->getMock('\OCA\user_ldap\lib\FilesystemHelper'),`
			`$this->getMock('\OCA\user_ldap\lib\LogWrapper'),`
			`$this->getMock('\OCP\IAvatarManager'),`
			`$this->getMock('\OCP\Image')));`
LDAP: fix and extend tests 2014-02-20 17:05:45 +04:00
adjust Access test 2014-03-31 12:48:38 +04:00			`return array($lw, $connector, $um);`
LDAP: fix and extend tests 2014-02-20 17:05:45 +04:00			`}`

			`public function testEscapeFilterPartValidChars() {`
adjust Access test 2014-03-31 12:48:38 +04:00			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$access = new Access($con, $lw, $um);`
LDAP: fix and extend tests 2014-02-20 17:05:45 +04:00
			`$input = 'okay';`
			`$this->assertTrue($input === $access->escapeFilterPart($input));`
			`}`

			`public function testEscapeFilterPartEscapeWildcard() {`
adjust Access test 2014-03-31 12:48:38 +04:00			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$access = new Access($con, $lw, $um);`
LDAP: fix and extend tests 2014-02-20 17:05:45 +04:00
			`$input = '*';`
			`$expected = '\\\\*';`
			`$this->assertTrue($expected === $access->escapeFilterPart($input));`
			`}`

			`public function testEscapeFilterPartEscapeWildcard2() {`
adjust Access test 2014-03-31 12:48:38 +04:00			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$access = new Access($con, $lw, $um);`
LDAP: fix and extend tests 2014-02-20 17:05:45 +04:00
			`$input = 'foo*bar';`
			`$expected = 'foo\\\\*bar';`
			`$this->assertTrue($expected === $access->escapeFilterPart($input));`
			`}`
support for AD primary groups support for primary groups actually the problem is only known on AD, it is only needed to take care of their attributes adjust to ADs special behaviour this change was not intended cache the SID value so it is not requested over and over again theres only one, use singular we are access add tests for new Access methods add tests for new Group methods address scrutinizer findings, mostly doc call ldap_explode_dn from ldap wrapper, enables tests without php5-ldap PHP Doc yo dawg, i heard you like backslashes … php doc fix PHPDoc updated and typos fixed while reviewing 2014-07-02 00:02:41 +04:00
			`public function testConvertSID2StrSuccess() {`
			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$access = new Access($con, $lw, $um);`

make tests deal with missing bcmath 2014-07-11 14:13:54 +04:00			`if(!function_exists('\bcadd')) {`
			`$this->markTestSkipped('bcmath not available');`
			`}`

support for AD primary groups support for primary groups actually the problem is only known on AD, it is only needed to take care of their attributes adjust to ADs special behaviour this change was not intended cache the SID value so it is not requested over and over again theres only one, use singular we are access add tests for new Access methods add tests for new Group methods address scrutinizer findings, mostly doc call ldap_explode_dn from ldap wrapper, enables tests without php5-ldap PHP Doc yo dawg, i heard you like backslashes … php doc fix PHPDoc updated and typos fixed while reviewing 2014-07-02 00:02:41 +04:00			`$sidBinary = file_get_contents(__DIR__ . '/data/sid.dat');`
			`$sidExpected = 'S-1-5-21-249921958-728525901-1594176202';`

			`$this->assertSame($sidExpected, $access->convertSID2Str($sidBinary));`
			`}`

			`public function testConvertSID2StrInputError() {`
			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$access = new Access($con, $lw, $um);`

make tests deal with missing bcmath 2014-07-11 14:13:54 +04:00			`if(!function_exists('\bcadd')) {`
			`$this->markTestSkipped('bcmath not available');`
			`}`

support for AD primary groups support for primary groups actually the problem is only known on AD, it is only needed to take care of their attributes adjust to ADs special behaviour this change was not intended cache the SID value so it is not requested over and over again theres only one, use singular we are access add tests for new Access methods add tests for new Group methods address scrutinizer findings, mostly doc call ldap_explode_dn from ldap wrapper, enables tests without php5-ldap PHP Doc yo dawg, i heard you like backslashes … php doc fix PHPDoc updated and typos fixed while reviewing 2014-07-02 00:02:41 +04:00			`$sidIllegal = 'foobar';`
			`$sidExpected = '';`

			`$this->assertSame($sidExpected, $access->convertSID2Str($sidIllegal));`
			`}`

make tests deal with missing bcmath 2014-07-11 14:13:54 +04:00			`public function testConvertSID2StrNoBCMath() {`
			`if(function_exists('\bcadd')) {`
			`$removed = false;`
			`if(function_exists('runkit_function_remove')) {`
			`$removed = !runkit_function_remove('\bcadd');`
			`}`
			`if(!$removed) {`
			`$this->markTestSkipped('bcadd could not be removed for ' .`
			`'testing without bcmath');`
			`}`
			`}`

			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$access = new Access($con, $lw, $um);`

			`$sidBinary = file_get_contents(__DIR__ . '/data/sid.dat');`
			`$sidExpected = '';`

			`$this->assertSame($sidExpected, $access->convertSID2Str($sidBinary));`
			`}`

support for AD primary groups support for primary groups actually the problem is only known on AD, it is only needed to take care of their attributes adjust to ADs special behaviour this change was not intended cache the SID value so it is not requested over and over again theres only one, use singular we are access add tests for new Access methods add tests for new Group methods address scrutinizer findings, mostly doc call ldap_explode_dn from ldap wrapper, enables tests without php5-ldap PHP Doc yo dawg, i heard you like backslashes … php doc fix PHPDoc updated and typos fixed while reviewing 2014-07-02 00:02:41 +04:00			`public function testGetDomainDNFromDNSuccess() {`
			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$access = new Access($con, $lw, $um);`

			`$inputDN = 'uid=zaphod,cn=foobar,dc=my,dc=server,dc=com';`
			`$domainDN = 'dc=my,dc=server,dc=com';`

			`$lw->expects($this->once())`
			`->method('explodeDN')`
			`->with($inputDN, 0)`
			`->will($this->returnValue(explode(',', $inputDN)));`

			`$this->assertSame($domainDN, $access->getDomainDNFromDN($inputDN));`
			`}`

			`public function testGetDomainDNFromDNError() {`
			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$access = new Access($con, $lw, $um);`

			`$inputDN = 'foobar';`
			`$expected = '';`

			`$lw->expects($this->once())`
			`->method('explodeDN')`
			`->with($inputDN, 0)`
			`->will($this->returnValue(false));`

			`$this->assertSame($expected, $access->getDomainDNFromDN($inputDN));`
			`}`
better check whether string resembles a DN, fixes #9887 2014-08-11 18:40:41 +04:00
unify tests 2014-08-18 18:55:08 +04:00			`private function getResemblesDNInputData() {`
			`return $cases = array(`
			`array(`
			`'input' => 'foo=bar,bar=foo,dc=foobar',`
			`'interResult' => array(`
			`'count' => 3,`
			`0 => 'foo=bar',`
			`1 => 'bar=foo',`
			`2 => 'dc=foobar'`
			`),`
			`'expectedResult' => true`
			`),`
			`array(`
			`'input' => 'foobarbarfoodcfoobar',`
			`'interResult' => false,`
			`'expectedResult' => false`
			`)`
better check whether string resembles a DN, fixes #9887 2014-08-11 18:40:41 +04:00			`);`
			`}`

unify tests 2014-08-18 18:55:08 +04:00			`public function testStringResemblesDN() {`
better check whether string resembles a DN, fixes #9887 2014-08-11 18:40:41 +04:00			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$access = new Access($con, $lw, $um);`

unify tests 2014-08-18 18:55:08 +04:00			`$cases = $this->getResemblesDNInputData();`
better check whether string resembles a DN, fixes #9887 2014-08-11 18:40:41 +04:00
unify tests 2014-08-18 18:55:08 +04:00			`$lw->expects($this->exactly(2))`
better check whether string resembles a DN, fixes #9887 2014-08-11 18:40:41 +04:00			`->method('explodeDN')`
unify tests 2014-08-18 18:55:08 +04:00			`->will($this->returnCallback(function ($dn) use ($cases) {`
			`foreach($cases as $case) {`
			`if($dn === $case['input']) {`
			`return $case['interResult'];`
			`}`
			`}`
			`}));`

			`foreach($cases as $case) {`
			`$this->assertSame($case['expectedResult'], $access->stringResemblesDN($case['input']));`
			`}`
better check whether string resembles a DN, fixes #9887 2014-08-11 18:40:41 +04:00			`}`

unify tests 2014-08-18 18:55:08 +04:00			`public function testStringResemblesDNLDAPmod() {`
better check whether string resembles a DN, fixes #9887 2014-08-11 18:40:41 +04:00			`list($lw, $con, $um) = $this->getConnecterAndLdapMock();`
			`$lw = new \OCA\user_ldap\lib\LDAP();`
			`$access = new Access($con, $lw, $um);`

			`if(!function_exists('ldap_explode_dn')) {`
			`$this->markTestSkipped('LDAP Module not available');`
			`}`

unify tests 2014-08-18 18:55:08 +04:00			`$cases = $this->getResemblesDNInputData();`
better check whether string resembles a DN, fixes #9887 2014-08-11 18:40:41 +04:00
unify tests 2014-08-18 18:55:08 +04:00			`foreach($cases as $case) {`
			`$this->assertSame($case['expectedResult'], $access->stringResemblesDN($case['input']));`
			`}`
better check whether string resembles a DN, fixes #9887 2014-08-11 18:40:41 +04:00			`}`
support for AD primary groups support for primary groups actually the problem is only known on AD, it is only needed to take care of their attributes adjust to ADs special behaviour this change was not intended cache the SID value so it is not requested over and over again theres only one, use singular we are access add tests for new Access methods add tests for new Group methods address scrutinizer findings, mostly doc call ldap_explode_dn from ldap wrapper, enables tests without php5-ldap PHP Doc yo dawg, i heard you like backslashes … php doc fix PHPDoc updated and typos fixed while reviewing 2014-07-02 00:02:41 +04:00			`}`