/*
* (C) Copyright 2011-2014 Nuxeo SA (http://nuxeo.com/) and others.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Contributors:
* mhilaire
*/
package org.nuxeo.ecm.directory.ldap;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.junit.Before;
import org.junit.Test;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.directory.BaseSession;
import org.nuxeo.ecm.directory.Session;
public class TestLDAPPOSIXSession extends TestLDAPSession {
@Override
public List<String> getLdifFiles() {
List<String> ldifFiles = new ArrayList<String>();
ldifFiles.add("sample-users-posix.ldif");
if (POSIXGROUP_IS_STRUCTURAL) {
ldifFiles.add("sample-structural-posixgroups.ldif");
} else {
ldifFiles.add("sample-posixgroups.ldif");
}
if (HAS_DYNGROUP_SCHEMA) {
ldifFiles.add("sample-dynamic-groups.ldif");
}
return ldifFiles;
}
@Override
@Before
public void setUp() throws Exception {
EXTERNAL_SERVER_SETUP = "TestDirectoriesWithExternalOpenLDAP-POSIX.xml";
INTERNAL_SERVER_SETUP = "TestDirectoriesWithInternalApacheDS-POSIX.xml";
super.setUp();
}
@Override
@SuppressWarnings("unchecked")
@Test
public void testGetEntry2() {
try (Session session = getLDAPDirectory("groupDirectory").getSession()) {
DocumentModel entry = session.getEntry("administrators");
assertNotNull(entry);
assertEquals("administrators", entry.getId());
assertEquals("administrators", entry.getProperty(TestLDAPSession.GROUP_SCHEMANAME, "groupname"));
if (USE_EXTERNAL_TEST_LDAP_SERVER) {
// LDAP references do not work with the internal test server
List<String> members = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "members");
assertNotNull(members);
assertEquals(1, members.size());
assertTrue(members.contains("Administrator"));
}
entry = session.getEntry("members");
assertNotNull(entry);
assertEquals("members", entry.getId());
assertEquals("members", entry.getProperty(GROUP_SCHEMANAME, "groupname"));
if (USE_EXTERNAL_TEST_LDAP_SERVER) {
// LDAP references do not work with the internal test server
List<String> members = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "members");
assertEquals(3, members.size());
assertTrue(members.contains("Administrator"));
assertTrue(members.contains("user1"));
}
entry = session.getEntry("submembers");
assertNotNull(entry);
assertEquals("submembers", entry.getId());
assertEquals("submembers", entry.getProperty(GROUP_SCHEMANAME, "groupname"));
if (USE_EXTERNAL_TEST_LDAP_SERVER) {
// LDAP references do not work with the internal test server
assertEquals(Arrays.asList("user2"), entry.getProperty(GROUP_SCHEMANAME, "members"));
}
}
}
@Override
@Test
public void testCreateEntry2() throws Exception {
if (USE_EXTERNAL_TEST_LDAP_SERVER) {
try (Session session = getLDAPDirectory("groupDirectory").getSession()) {
assertNotNull(session);
Map<String, Object> map = new HashMap<String, Object>();
map.put("groupname", "group2");
map.put("members", Arrays.asList("user1", "user2"));
map.put("gidNumber", 9000);
DocumentModel dm = session.createEntry(map);
dm = session.getEntry("group2");
assertNotNull(dm);
assertEquals(Arrays.asList("user1", "user2"), dm.getProperty(GROUP_SCHEMANAME, "members"));
map = new HashMap<String, Object>();
map.put("groupname", "group1");
map.put("members", Arrays.asList("Administrator"));
map.put("gidNumber", 9001);
dm = session.createEntry(map);
dm = session.getEntry("group1");
assertNotNull(dm);
assertEquals(Arrays.asList("Administrator"), dm.getProperty(GROUP_SCHEMANAME, "members"));
dm = session.getEntry("group2");
assertNotNull(dm);
map = new HashMap<String, Object>();
map.put("groupname", "emptygroup");
map.put("members", new ArrayList<String>());
map.put("gidNumber", 9000);
dm = session.createEntry(map);
dm = session.getEntry("emptygroup");
assertNotNull(dm);
assertEquals("emptygroup", dm.getId());
assertEquals("emptygroup", dm.getProperty(GROUP_SCHEMANAME, "groupname"));
assertEquals(Arrays.asList(), dm.getProperty(GROUP_SCHEMANAME, "members"));
}
}
}
@Override
@Test
public void testUpdateEntry() throws Exception {
if (USE_EXTERNAL_TEST_LDAP_SERVER) {
try (Session session = getLDAPDirectory("userDirectory").getSession();
Session groupSession = getLDAPDirectory("groupDirectory").getSession()) {
DocumentModel entry = session.getEntry("user1");
assertNotNull(entry);
// check that this entry is editable:
assertFalse(BaseSession.isReadOnlyEntry(entry));
entry.setProperty(USER_SCHEMANAME, "firstName", "toto");
entry.setProperty(USER_SCHEMANAME, "lastName", "");
entry.setProperty(USER_SCHEMANAME, "password", "toto");
entry.setProperty(USER_SCHEMANAME, "intField", Long.valueOf(123));
// try to tweak the DN read-only field
entry.setProperty(USER_SCHEMANAME, "dn", "cn=this,ou=is,ou=a,ou=fake,o=dn");
entry.setProperty(USER_SCHEMANAME, "employeeType", Arrays.asList("item3", "item4"));
List<String> groups = Arrays.asList("administrators", "members");
entry.setProperty(USER_SCHEMANAME, "groups", groups);
session.updateEntry(entry);
entry = session.getEntry("user1");
assertNotNull(entry);
assertEquals("toto", entry.getProperty(USER_SCHEMANAME, "firstName"));
assertEquals("", entry.getProperty(USER_SCHEMANAME, "lastName"));
assertEquals(Long.valueOf(123), entry.getProperty(USER_SCHEMANAME, "intField"));
assertEquals(Arrays.asList("item3", "item4"), entry.getProperty(USER_SCHEMANAME, "employeeType"));
if (HAS_DYNGROUP_SCHEMA) {
assertEquals(Arrays.asList("administrators", "dyngroup1", "dyngroup2", "members"),
entry.getProperty(USER_SCHEMANAME, "groups"));
} else {
assertEquals(Arrays.asList("administrators", "members"),
entry.getProperty(USER_SCHEMANAME, "groups"));
}
// check that the referenced groups where edited properly
entry = groupSession.getEntry("administrators");
assertNotNull(entry);
assertEquals(Arrays.asList("Administrator", "user1"), entry.getProperty(GROUP_SCHEMANAME, "members"));
entry = groupSession.getEntry("members");
assertNotNull(entry);
assertEquals(Arrays.asList("Administrator", "user1", "user2"),
entry.getProperty(GROUP_SCHEMANAME, "members"));
}
try (Session session = getLDAPDirectory("groupDirectory").getSession()) {
DocumentModel entry = session.getEntry("administrators");
assertNotNull(entry);
assertEquals(Arrays.asList("Administrator", "user1"), entry.getProperty(GROUP_SCHEMANAME, "members"));
}
}
}
@Override
@Test
public void testUpdateEntry2() throws Exception {
if (USE_EXTERNAL_TEST_LDAP_SERVER) {
try (Session session = getLDAPDirectory("groupDirectory").getSession()) {
DocumentModel entry = session.getEntry("members");
assertNotNull(entry);
// check that this entry is editable:
assertFalse(BaseSession.isReadOnlyEntry(entry));
assertEquals("cn=members,ou=editable,ou=groups,dc=example,dc=com",
entry.getProperty(GROUP_SCHEMANAME, "dn"));
// edit description and members but not subGroups
entry.setProperty(GROUP_SCHEMANAME, "description", "blablabla");
entry.setProperty(GROUP_SCHEMANAME, "members", Arrays.asList("user1", "user2"));
session.updateEntry(entry);
entry = session.getEntry("members");
assertNotNull(entry);
assertEquals("blablabla", entry.getProperty(GROUP_SCHEMANAME, "description"));
assertEquals(Arrays.asList("user1", "user2"), entry.getProperty(GROUP_SCHEMANAME, "members"));
// edit both members and subGroups at the same time
entry.setProperty(GROUP_SCHEMANAME, "members", Arrays.asList("user1", "user3"));
session.updateEntry(entry);
entry = session.getEntry("members");
assertNotNull(entry);
assertEquals("blablabla", entry.getProperty(GROUP_SCHEMANAME, "description"));
assertEquals(Arrays.asList("user1", "user3"), entry.getProperty(GROUP_SCHEMANAME, "members"));
}
}
}
@Override
@SuppressWarnings("unchecked")
@Test
public void testGetEntry3() {
if (!HAS_DYNGROUP_SCHEMA) {
return;
}
try (Session session = getLDAPDirectory("groupDirectory").getSession()) {
DocumentModel entry = session.getEntry("dyngroup1");
assertNotNull(entry);
assertEquals("dyngroup1", entry.getId());
assertEquals("dyngroup1", entry.getProperty(GROUP_SCHEMANAME, "groupname"));
List<String> members = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "members");
assertEquals(Arrays.asList("user1", "user3"), members);
List<String> subGroups = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "subGroups");
assertEquals(Arrays.asList("subgroup", "submembers", "subsubgroup", "subsubsubgroup"), subGroups);
List<String> parentGroups = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "parentGroups");
assertNotNull(parentGroups);
assertEquals(0, parentGroups.size());
entry = session.getEntry("dyngroup2");
assertNotNull(entry);
assertEquals("dyngroup2", entry.getId());
assertEquals("dyngroup2", entry.getProperty(GROUP_SCHEMANAME, "groupname"));
members = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "members");
assertEquals(Arrays.asList("user1", "user3"), members);
// user4 is not there since userDirectory is scoped 'onelevel'
subGroups = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "subGroups");
assertNotNull(subGroups);
assertEquals(0, subGroups.size());
parentGroups = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "parentGroups");
assertNotNull(parentGroups);
assertEquals(0, parentGroups.size());
// test that submembers is a subgroup of dyngroup1 (inverse
// reference resolution)
entry = session.getEntry("submembers");
assertNotNull(entry);
assertEquals("submembers", entry.getId());
assertEquals("submembers", entry.getProperty(GROUP_SCHEMANAME, "groupname"));
members = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "members");
assertEquals(Arrays.asList("user2"), members);
subGroups = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "subGroups");
assertNotNull(subGroups);
assertEquals(0, subGroups.size());
parentGroups = (List<String>) entry.getProperty(GROUP_SCHEMANAME, "parentGroups");
assertEquals(Arrays.asList("dyngroup1"), parentGroups);
}
}
@Override
@Test
public void testGetMandatoryAttributes() {
if (USE_EXTERNAL_TEST_LDAP_SERVER) {
try (LDAPSession session = (LDAPSession) getLDAPDirectory("userDirectory").getSession()) {
List<String> mandatoryAttributes = session.getMandatoryAttributes();
assertEquals(Arrays.asList("sn", "cn"), mandatoryAttributes);
}
try (LDAPSession session = (LDAPSession) getLDAPDirectory("groupDirectory").getSession()) {
List<String> mandatoryAttributes = session.getMandatoryAttributes();
List<String> expectedAttributes = Arrays.asList("cn", "gidNumber");
Collections.sort(mandatoryAttributes);
assertEquals(expectedAttributes, mandatoryAttributes);
}
}
}
}