/*
* This program is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General
* Public License, version 2.1 as published by the Free Software Foundation. You should have received a copy of the GNU
* Lesser General Public License along with this program; if not, you can obtain a copy at
* http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html or from the Free Software Foundation, Inc., 51 Franklin
* Street, Fifth Floor, Boston, MA 02110-1301 USA. This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
* the GNU Lesser General Public License for more details. Copyright 2005 - 2009 Pentaho Corporation. All rights
* reserved.
*/
package org.pentaho.test.platform.plugin.services.security.userrole.ldap;
import static org.junit.Assert.assertTrue;
import java.util.Arrays;
import java.util.Set;
import org.junit.Test;
import org.pentaho.platform.plugin.services.security.userrole.ldap.RolePreprocessingMapper;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.ldap.SpringSecurityLdapTemplate;
import org.springframework.security.userdetails.UserDetails;
/**
* Tests for <code>RolePreprocessingMapper</code>. Essentially mimics the steps taken by
* <code>LdapAuthenticationProvider</code>.
*
* @author mlowery
*/
public class RolePreprocessingMapperTests extends AbstractPentahoLdapIntegrationTests {
@SuppressWarnings("unchecked")
@Test
public void testMapUserFromContext() throws Exception {
RolePreprocessingMapper mapper = new RolePreprocessingMapper();
mapper.setTokenName("cn"); //$NON-NLS-1$
mapper.setRolePrefix(""); //$NON-NLS-1$
mapper.setRoleAttributes(new String[] { "uniqueMember" }); //$NON-NLS-1$
// get the user record
DirContextOperations ctx = new SpringSecurityLdapTemplate(getContextSource()).retrieveEntry("uid=suzy,ou=users", //$NON-NLS-1$
null);
// get any roles that aren't in the user record
Set<String> extraRoles = new SpringSecurityLdapTemplate(getContextSource()).searchForSingleAttributeValues(
"ou=roles", "roleoccupant={0}", new String[] { "uid=suzy,ou=users,dc=pentaho,dc=org", "suzy" }, "cn"); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$ //$NON-NLS-5$
GrantedAuthority[] authorities = new GrantedAuthority[extraRoles.size()];
int i = 0;
for (String extraRole : extraRoles) {
authorities[i++] = new GrantedAuthorityImpl(extraRole);
}
// use the mapper to create a UserDetails instance
UserDetails userDetails = mapper.mapUserFromContext(ctx, "suzy", authorities); //$NON-NLS-1$
System.out.println(userDetails);
// this asserts the ordering too; not strictly necessary
GrantedAuthority[] expected = new GrantedAuthority[] { new GrantedAuthorityImpl("A"), new GrantedAuthorityImpl("cto"), //$NON-NLS-1$ //$NON-NLS-2$
new GrantedAuthorityImpl("is"), new GrantedAuthorityImpl("Authenticated") }; //$NON-NLS-1$//$NON-NLS-2$
assertTrue(Arrays.equals(expected, userDetails.getAuthorities()));
}
}