Révision 32700c57
Ajouté par Assos Assos il y a environ 5 ans
| drupal7/sites/all/modules/ldap/ldap_authorization/tests/BasicTests.test | ||
|---|---|---|
| 15 | 15 |
* |
| 16 | 16 |
*/ |
| 17 | 17 |
public static function getInfo() {
|
| 18 |
return array(
|
|
| 18 |
return [
|
|
| 19 | 19 |
'name' => 'LDAP Authorization Basic Tests', |
| 20 | 20 |
'description' => 'Test ldap authorization.', |
| 21 | 21 |
'group' => 'LDAP Authorization', |
| 22 |
);
|
|
| 22 |
];
|
|
| 23 | 23 |
} |
| 24 | 24 |
|
| 25 | 25 |
/** |
| ... | ... | |
| 36 | 36 |
* |
| 37 | 37 |
*/ |
| 38 | 38 |
public function setUp() {
|
| 39 |
parent::setUp(array(
|
|
| 39 |
parent::setUp([
|
|
| 40 | 40 |
'ldap_authentication', |
| 41 | 41 |
'ldap_authorization', |
| 42 | 42 |
'ldap_authorization_drupal_role', |
| 43 | 43 |
// don't need any real servers, configured, just ldap_servers code base. |
| 44 | 44 |
'ldap_test', |
| 45 |
));
|
|
| 45 |
]);
|
|
| 46 | 46 |
variable_set('ldap_simpletest', 2);
|
| 47 | 47 |
} |
| 48 | 48 |
|
| ... | ... | |
| 70 | 70 |
); |
| 71 | 71 |
$this->assertTrue($setup_success, ' ldap_authorizations setup successful', 'LDAP Authorization: Test Setup Success'); |
| 72 | 72 |
|
| 73 |
$api_functions = array(
|
|
| 74 |
'ldap_authorization_get_consumer_object' => array(1, 1),
|
|
| 75 |
'ldap_authorization_get_consumers' => array(3, 0),
|
|
| 76 |
'ldap_authorizations_user_authorizations' => array(4, 1),
|
|
| 77 |
);
|
|
| 73 |
$api_functions = [
|
|
| 74 |
'ldap_authorization_get_consumer_object' => [1, 1],
|
|
| 75 |
'ldap_authorization_get_consumers' => [3, 0],
|
|
| 76 |
'ldap_authorizations_user_authorizations' => [4, 1],
|
|
| 77 |
];
|
|
| 78 | 78 |
|
| 79 | 79 |
foreach ($api_functions as $api_function_name => $param_count) {
|
| 80 | 80 |
$reflector = new ReflectionFunction($api_function_name); |
| ... | ... | |
| 97 | 97 |
|
| 98 | 98 |
$sid = 'activedirectory1'; |
| 99 | 99 |
$testid = 'ExclusiveModeUserLogon3'; |
| 100 |
$sids = array($sid);
|
|
| 100 |
$sids = [$sid];
|
|
| 101 | 101 |
$this->prepTestData(LDAP_TEST_LDAP_NAME, $sids, 'provisionToDrupal', 'default', 'drupal_role_default'); |
| 102 | 102 |
|
| 103 |
$hpotter_logon_edit = array(
|
|
| 103 |
$hpotter_logon_edit = [
|
|
| 104 | 104 |
'name' => 'hpotter', |
| 105 | 105 |
'pass' => 'goodpwd', |
| 106 |
);
|
|
| 106 |
];
|
|
| 107 | 107 |
$this->drupalPost('user', $hpotter_logon_edit, t('Log in'));
|
| 108 | 108 |
$this->assertText(t('Member for'), 'New Ldap user with good password authenticated.', 'LDAP Authorization: Test Logon');
|
| 109 | 109 |
$this->assertTrue( |
| ... | ... | |
| 114 | 114 |
|
| 115 | 115 |
$hpotter = $this->testFunctions->userByNameFlushingCache('hpotter');
|
| 116 | 116 |
$roles = array_values($hpotter->roles); |
| 117 |
$desired_roles = array('students', 'authenticated user', 'cn=gryffindor,ou=groups,dc=hogwarts,dc=edu', 'cn=honors students,ou=groups,dc=hogwarts,dc=edu');
|
|
| 117 |
$desired_roles = ['students', 'authenticated user', 'cn=gryffindor,ou=groups,dc=hogwarts,dc=edu', 'cn=honors students,ou=groups,dc=hogwarts,dc=edu'];
|
|
| 118 | 118 |
$diff1 = array_diff($roles, $desired_roles); |
| 119 | 119 |
$diff2 = array_diff($desired_roles, $roles); |
| 120 | 120 |
$correct_roles = (count($diff1) == 0 && count($diff2) == 0); |
| ... | ... | |
| 124 | 124 |
} |
| 125 | 125 |
$this->assertTrue( |
| 126 | 126 |
$correct_roles, |
| 127 |
t('hpotter granted correct roles on actual logon: %roles', array('%roles' => $roles_display)),
|
|
| 127 |
t('hpotter granted correct roles on actual logon: %roles', ['%roles' => $roles_display]),
|
|
| 128 | 128 |
'LDAP Authorization: Test Logon for roles' |
| 129 | 129 |
); |
| 130 | 130 |
|
| ... | ... | |
| 214 | 214 |
$sid = 'activedirectory1'; |
| 215 | 215 |
$this->prepTestData( |
| 216 | 216 |
LDAP_TEST_LDAP_NAME, |
| 217 |
array($sid),
|
|
| 217 |
[$sid],
|
|
| 218 | 218 |
'provisionToDrupal', |
| 219 | 219 |
'default', |
| 220 | 220 |
'drupal_role_default' |
| ... | ... | |
| 224 | 224 |
* LDAP_authorz.Flags.status=0: Disable ldap_authorization_drupal_role configuration and make sure no authorizations performed |
| 225 | 225 |
*/ |
| 226 | 226 |
|
| 227 |
$user = $this->drupalCreateUser(array());
|
|
| 228 |
$hpotter = $this->testFunctions->drupalLdapUpdateUser(array('name' => 'hpotter', 'mail' => 'hpotter@hogwarts.edu'), TRUE, $user);
|
|
| 227 |
$user = $this->drupalCreateUser([]);
|
|
| 228 |
$hpotter = $this->testFunctions->drupalLdapUpdateUser(['name' => 'hpotter', 'mail' => 'hpotter@hogwarts.edu'], TRUE, $user);
|
|
| 229 | 229 |
// Just see if the correct ones are derived. |
| 230 | 230 |
list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($hpotter, 'query'); |
| 231 | 231 |
$roles1 = $new_authorizations['drupal_role']; |
| 232 | 232 |
|
| 233 |
// $consumer_conf_admin = ldap_authorization_get_consumer_admin_object('drupal_role', FALSE);.
|
|
| 234 | 233 |
$this->consumerAdminConf['drupal_role']->status = 0; |
| 235 | 234 |
$this->consumerAdminConf['drupal_role']->save(); |
| 236 | 235 |
|
| 237 | 236 |
// Just see if the correct ones are derived. |
| 238 | 237 |
list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($hpotter, 'query', 'drupal_role'); |
| 239 |
$roles2 = isset($new_authorizations['drupal_role']) ? $new_authorizations['drupal_role'] : array();
|
|
| 238 |
$roles2 = isset($new_authorizations['drupal_role']) ? $new_authorizations['drupal_role'] : [];
|
|
| 240 | 239 |
// Not worried about which roles here, just that some are granted. |
| 241 | 240 |
$correct_roles = (count($roles1) > 0 && count($roles2) == 0); |
| 242 | 241 |
|
| ... | ... | |
| 260 | 259 |
$this->consumerAdminConf['drupal_role']->status = 1; |
| 261 | 260 |
$this->consumerAdminConf['drupal_role']->save(); |
| 262 | 261 |
|
| 263 |
$user = $this->drupalCreateUser(array());
|
|
| 264 |
$hgrainger = $this->testFunctions->drupalLdapUpdateUser(array('name' => 'hgrainger', 'mail' => 'hgrainger@hogwarts.edu'), TRUE, $user);
|
|
| 262 |
$user = $this->drupalCreateUser([]);
|
|
| 263 |
$hgrainger = $this->testFunctions->drupalLdapUpdateUser(['name' => 'hgrainger', 'mail' => 'hgrainger@hogwarts.edu'], TRUE, $user);
|
|
| 265 | 264 |
|
| 266 | 265 |
// Remove authmap in case it exists so test will work. |
| 267 | 266 |
db_delete('authmap')
|
| ... | ... | |
| 271 | 270 |
|
| 272 | 271 |
// Just see if the correct ones are derived. |
| 273 | 272 |
list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($hgrainger, 'query'); |
| 274 |
$roles = isset($new_authorizations['drupal_role']) ? $new_authorizations['drupal_role'] : array();
|
|
| 273 |
$roles = isset($new_authorizations['drupal_role']) ? $new_authorizations['drupal_role'] : [];
|
|
| 275 | 274 |
$success = (count($roles) == 0); |
| 276 | 275 |
$this->assertTrue( |
| 277 | 276 |
$success, |
| ... | ... | |
| 292 | 291 |
|
| 293 | 292 |
$this->consumerAdminConf['drupal_role']->synchOnLogon = 0; |
| 294 | 293 |
$this->consumerAdminConf['drupal_role']->save(); |
| 295 |
$edit = array(
|
|
| 294 |
$edit = [
|
|
| 296 | 295 |
'name' => 'hgrainger', |
| 297 | 296 |
'pass' => 'goodpwd', |
| 298 |
);
|
|
| 297 |
];
|
|
| 299 | 298 |
$this->drupalPost('user', $edit, t('Log in'));
|
| 300 | 299 |
$this->assertText( |
| 301 | 300 |
t('Member for'),
|
| ... | ... | |
| 313 | 312 |
|
| 314 | 313 |
$this->consumerAdminConf['drupal_role']->synchOnLogon = 1; |
| 315 | 314 |
$this->consumerAdminConf['drupal_role']->save(); |
| 316 |
$edit = array(
|
|
| 315 |
$edit = [
|
|
| 317 | 316 |
'name' => 'hgrainger', |
| 318 | 317 |
'pass' => 'goodpwd', |
| 319 |
);
|
|
| 318 |
];
|
|
| 320 | 319 |
$this->drupalPost('user', $edit, t('Log in'));
|
| 321 | 320 |
$this->assertText(t('Member for'), 'New Ldap user with good password authenticated.',
|
| 322 | 321 |
'LDAP_authorz.Flags.synchOnLogon=1'); |
| ... | ... | |
| 353 | 352 |
// Set correct roles manually. |
| 354 | 353 |
$hpotter = user_load_by_name('hpotter');
|
| 355 | 354 |
user_delete($hpotter->uid); |
| 356 |
$user = $this->drupalCreateUser(array());
|
|
| 357 |
$hpotter = $this->testFunctions->drupalLdapUpdateUser(array('name' => 'hpotter', 'mail' => 'hpotter@hogwarts.edu'), TRUE, $user);
|
|
| 358 |
$edit = array(
|
|
| 355 |
$user = $this->drupalCreateUser([]);
|
|
| 356 |
$hpotter = $this->testFunctions->drupalLdapUpdateUser(['name' => 'hpotter', 'mail' => 'hpotter@hogwarts.edu'], TRUE, $user);
|
|
| 357 |
$edit = [
|
|
| 359 | 358 |
'name' => 'hpotter', |
| 360 | 359 |
'pass' => 'goodpwd', |
| 361 |
);
|
|
| 360 |
];
|
|
| 362 | 361 |
$this->drupalPost('user', $edit, t('Log in'));
|
| 363 | 362 |
$this->assertText( |
| 364 | 363 |
t('Member for'),
|
| ... | ... | |
| 374 | 373 |
$roles[$troublemaker->rid] = $troublemaker->name; |
| 375 | 374 |
$roles[$superadmin->rid] = $superadmin->name; |
| 376 | 375 |
|
| 377 |
$data = array(
|
|
| 376 |
$data = [
|
|
| 378 | 377 |
'roles' => $roles, |
| 379 |
'data' => array(
|
|
| 378 |
'data' => [
|
|
| 380 | 379 |
'ldap_authorizations' => |
| 381 |
array(
|
|
| 380 |
[
|
|
| 382 | 381 |
'drupal_role' => |
| 383 |
array(
|
|
| 382 |
[
|
|
| 384 | 383 |
$superadmin->name => |
| 385 |
array('date_granted' => 1304216778),
|
|
| 386 |
),
|
|
| 387 |
),
|
|
| 388 |
),
|
|
| 389 |
);
|
|
| 384 |
['date_granted' => 1304216778],
|
|
| 385 |
],
|
|
| 386 |
],
|
|
| 387 |
],
|
|
| 388 |
];
|
|
| 390 | 389 |
$hpotter = user_save($hpotter, $data); |
| 391 | 390 |
|
| 392 | 391 |
// Apply correct authorizations. should remove the administrator role but not the manually created 'troublemaker' role. |
| ... | ... | |
| 415 | 414 |
$hpotter = user_load($hpotter->uid, TRUE); |
| 416 | 415 |
$roles = $hpotter->roles; |
| 417 | 416 |
unset($roles[$superadmin->rid]); |
| 418 |
user_save($hpotter, array('roles' => $roles));
|
|
| 417 |
user_save($hpotter, ['roles' => $roles]);
|
|
| 419 | 418 |
$hpotter = user_load($hpotter->uid, TRUE); |
| 420 | 419 |
list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($hpotter, 'set', 'drupal_role', 'logon'); |
| 421 | 420 |
$hpotter = user_load($hpotter->uid, TRUE); |
| ... | ... | |
| 437 | 436 |
*/ |
| 438 | 437 |
|
| 439 | 438 |
// Add new mapping to and enable create consumers. |
| 440 |
$this->prepTestData(LDAP_TEST_LDAP_NAME, array($sid), 'provisionToDrupal', 'default', 'drupal_role_default');
|
|
| 439 |
$this->prepTestData(LDAP_TEST_LDAP_NAME, [$sid], 'provisionToDrupal', 'default', 'drupal_role_default');
|
|
| 441 | 440 |
$this->drupalGet('user/logout');
|
| 442 | 441 |
$new_role = 'oompa-loompas'; |
| 443 | 442 |
$this->consumerAdminConf['drupal_role']->createConsumers = 1; |
| 444 |
$this->consumerAdminConf['drupal_role']->mappings[] = array(
|
|
| 443 |
$this->consumerAdminConf['drupal_role']->mappings[] = [
|
|
| 445 | 444 |
'from' => 'cn=students,ou=groups,dc=hogwarts,dc=edu', |
| 446 | 445 |
'user_entered' => $new_role, |
| 447 | 446 |
'normalized' => $new_role, |
| 448 | 447 |
'simplified' => $new_role, |
| 449 | 448 |
'valid' => TRUE, |
| 450 | 449 |
'error_message' => '', |
| 451 |
);
|
|
| 450 |
];
|
|
| 452 | 451 |
$this->consumerAdminConf['drupal_role']->save(); |
| 453 | 452 |
|
| 454 |
$edit = array(
|
|
| 453 |
$edit = [
|
|
| 455 | 454 |
'name' => 'hpotter', |
| 456 | 455 |
'pass' => 'goodpwd', |
| 457 |
);
|
|
| 456 |
];
|
|
| 458 | 457 |
$this->drupalPost('user', $edit, t('Log in'));
|
| 459 | 458 |
|
| 460 | 459 |
$new_role_created = in_array($new_role, array_values(user_roles())); |
| ... | ... | |
| 491 | 490 |
variable_del('ldap_simpletest');
|
| 492 | 491 |
|
| 493 | 492 |
$sid = 'activedirectory1'; |
| 494 |
$this->prepTestData(LDAP_TEST_LDAP_NAME, array($sid), 'provisionToDrupal', 'default');
|
|
| 493 |
$this->prepTestData(LDAP_TEST_LDAP_NAME, [$sid], 'provisionToDrupal', 'default');
|
|
| 495 | 494 |
|
| 496 | 495 |
ldap_servers_module_load_include('php', 'ldap_servers', 'LdapServerAdmin.class');
|
| 497 | 496 |
$ldap_server = new LdapServerAdmin($sid); |
| ... | ... | |
| 502 | 501 |
} |
| 503 | 502 |
$ldap_server->save('add');
|
| 504 | 503 |
|
| 505 |
$consumer_form_data = array(
|
|
| 506 |
'sid' => array('activedirectory1', 'activedirectory1'),
|
|
| 507 |
'status' => array(TRUE, TRUE),
|
|
| 508 |
'only_ldap_authenticated' => array(FALSE, TRUE),
|
|
| 509 |
'use_first_attr_as_groupid' => array(FALSE, TRUE),
|
|
| 510 |
'mappings' => array("a|b", "a|b"),
|
|
| 511 |
'use_filter' => array(FALSE, TRUE),
|
|
| 512 |
'synchronization_modes[user_logon]' => array(TRUE, FALSE),
|
|
| 513 |
'synchronization_actions[revoke_ldap_provisioned]' => array(TRUE, FALSE),
|
|
| 514 |
'synchronization_actions[regrant_ldap_provisioned]' => array(FALSE, TRUE),
|
|
| 515 |
'synchronization_actions[create_consumers]' => array(TRUE, FALSE),
|
|
| 516 |
);
|
|
| 517 |
|
|
| 518 |
$this->privileged_user = $this->drupalCreateUser(array('administer site configuration'));
|
|
| 504 |
$consumer_form_data = [
|
|
| 505 |
'sid' => ['activedirectory1', 'activedirectory1'],
|
|
| 506 |
'status' => [TRUE, TRUE],
|
|
| 507 |
'only_ldap_authenticated' => [FALSE, TRUE],
|
|
| 508 |
'use_first_attr_as_groupid' => [FALSE, TRUE],
|
|
| 509 |
'mappings' => ["a|b", "a|b"],
|
|
| 510 |
'use_filter' => [FALSE, TRUE],
|
|
| 511 |
'synchronization_modes[user_logon]' => [TRUE, FALSE],
|
|
| 512 |
'synchronization_actions[revoke_ldap_provisioned]' => [TRUE, FALSE],
|
|
| 513 |
'synchronization_actions[regrant_ldap_provisioned]' => [FALSE, TRUE],
|
|
| 514 |
'synchronization_actions[create_consumers]' => [TRUE, FALSE],
|
|
| 515 |
];
|
|
| 516 |
|
|
| 517 |
$this->privileged_user = $this->drupalCreateUser(['administer site configuration']);
|
|
| 519 | 518 |
$this->drupalLogin($this->privileged_user); |
| 520 | 519 |
$ldap_server = ldap_servers_get_servers('activedirectory1', NULL, TRUE, TRUE);
|
| 521 | 520 |
// This is just for debugging to show the server. |
| ... | ... | |
| 529 | 528 |
} |
| 530 | 529 |
$this->drupalGet('admin/config/people/ldap/servers/edit/activedirectory1');
|
| 531 | 530 |
|
| 532 |
foreach (array(0) as $i) {
|
|
| 533 |
foreach (array('drupal_role') as $consumer_type) {
|
|
| 531 |
foreach ([0] as $i) {
|
|
| 532 |
foreach (['drupal_role'] as $consumer_type) {
|
|
| 534 | 533 |
// May want to put this back in after ctools requirement is fixed. |
| 535 |
foreach (array(1) as $ctools_enabled) {
|
|
| 534 |
foreach ([1] as $ctools_enabled) {
|
|
| 536 | 535 |
$this->ldapTestId = "testUIForms.$i.$consumer_type.ctools.$ctools_enabled"; |
| 537 | 536 |
if ($ctools_enabled) {
|
| 538 |
module_enable(array('ctools'));
|
|
| 537 |
module_enable(['ctools']);
|
|
| 539 | 538 |
} |
| 540 | 539 |
else {
|
| 541 |
module_disable(array('ctools'));
|
|
| 540 |
module_disable(['ctools']);
|
|
| 542 | 541 |
} |
| 543 | 542 |
|
| 544 |
$lcase_transformed = array();
|
|
| 543 |
$lcase_transformed = [];
|
|
| 545 | 544 |
|
| 546 | 545 |
/** add server conf test **/ |
| 547 | 546 |
$this->drupalGet('admin/config/people/ldap/authorization/add/' . $consumer_type);
|
| 548 | 547 |
|
| 549 |
$edit = array();
|
|
| 548 |
$edit = [];
|
|
| 550 | 549 |
foreach ($consumer_form_data as $input_name => $input_values) {
|
| 551 | 550 |
$edit[$input_name] = $input_values[$i]; |
| 552 | 551 |
} |
| ... | ... | |
| 569 | 568 |
|
| 570 | 569 |
$this->drupalGet('admin/config/people/ldap/authorization/edit/' . $consumer_type);
|
| 571 | 570 |
|
| 572 |
$edit = array();
|
|
| 571 |
$edit = [];
|
|
| 573 | 572 |
foreach ($consumer_form_data as $input_name => $input_values) {
|
| 574 | 573 |
if ($input_values[$i] !== NULL) {
|
| 575 | 574 |
$edit[$input_name] = $input_values[$i]; |
| ... | ... | |
| 591 | 590 |
|
| 592 | 591 |
/** delete server conf test **/ |
| 593 | 592 |
$this->drupalGet('admin/config/people/ldap/authorization/delete/' . $consumer_type);
|
| 594 |
$this->drupalPost('admin/config/people/ldap/authorization/delete/' . $consumer_type, array(), t('Delete'));
|
|
| 593 |
$this->drupalPost('admin/config/people/ldap/authorization/delete/' . $consumer_type, [], t('Delete'));
|
|
| 595 | 594 |
ctools_include('export');
|
| 596 | 595 |
ctools_export_load_object_reset('ldap_authorization');
|
| 597 | 596 |
$consumer_conf = ldap_authorization_get_consumer_conf($consumer_type); |
Formats disponibles : Unified diff
Weekly update of contrib modules