X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/6762d1501f67860180045bbce3e63ef573d07fec..202d4e06c61dbeaeed7d2e5196cd65c7f788b103:/lib/controller/localdb/login_ldap_test.go diff --git a/lib/controller/localdb/login_ldap_test.go b/lib/controller/localdb/login_ldap_test.go index 9a8f83f857..c7d8390225 100644 --- a/lib/controller/localdb/login_ldap_test.go +++ b/lib/controller/localdb/login_ldap_test.go @@ -5,16 +5,13 @@ package localdb import ( - "context" "encoding/json" "net" "net/http" - "git.arvados.org/arvados.git/lib/config" "git.arvados.org/arvados.git/lib/controller/railsproxy" + "git.arvados.org/arvados.git/lib/ctrlctx" "git.arvados.org/arvados.git/sdk/go/arvados" - "git.arvados.org/arvados.git/sdk/go/arvadostest" - "git.arvados.org/arvados.git/sdk/go/auth" "git.arvados.org/arvados.git/sdk/go/ctxlog" "github.com/bradleypeabody/godap" check "gopkg.in/check.v1" @@ -23,25 +20,15 @@ import ( var _ = check.Suite(&LDAPSuite{}) type LDAPSuite struct { - cluster *arvados.Cluster - ctrl *ldapLoginController - ldap *godap.LDAPServer // fake ldap server that accepts auth goodusername/goodpassword + localdbSuite + ldap *godap.LDAPServer // fake ldap server that accepts auth goodusername/goodpassword } -func (s *LDAPSuite) TearDownSuite(c *check.C) { - // Undo any changes/additions to the user database so they - // don't affect subsequent tests. - arvadostest.ResetEnv() - c.Check(arvados.NewClientFromEnv().RequestAndDecode(nil, "POST", "database/reset", nil, nil), check.IsNil) -} - -func (s *LDAPSuite) SetUpSuite(c *check.C) { - cfg, err := config.NewLoader(nil, ctxlog.TestLogger(c)).Load() - c.Assert(err, check.IsNil) - s.cluster, err = cfg.GetCluster("") - c.Assert(err, check.IsNil) +func (s *LDAPSuite) SetUpTest(c *check.C) { + s.localdbSuite.SetUpTest(c) ln, err := net.Listen("tcp", "127.0.0.1:0") + c.Assert(err, check.IsNil) s.ldap = &godap.LDAPServer{ Listener: ln, Handlers: []godap.LDAPRequestHandler{ @@ -56,7 +43,7 @@ func (s *LDAPSuite) SetUpSuite(c *check.C) { return []*godap.LDAPSimpleSearchResultEntry{} } return []*godap.LDAPSimpleSearchResultEntry{ - &godap.LDAPSimpleSearchResultEntry{ + { DN: "cn=" + req.FilterValue + "," + req.BaseDN, Attrs: map[string]interface{}{ "SN": req.FilterValue, @@ -76,19 +63,19 @@ func (s *LDAPSuite) SetUpSuite(c *check.C) { s.cluster.Login.LDAP.Enable = true err = json.Unmarshal([]byte(`"ldap://`+ln.Addr().String()+`"`), &s.cluster.Login.LDAP.URL) + c.Assert(err, check.IsNil) s.cluster.Login.LDAP.StartTLS = false s.cluster.Login.LDAP.SearchBindUser = "cn=goodusername,dc=example,dc=com" s.cluster.Login.LDAP.SearchBindPassword = "goodpassword" s.cluster.Login.LDAP.SearchBase = "dc=example,dc=com" - c.Assert(err, check.IsNil) - s.ctrl = &ldapLoginController{ - Cluster: s.cluster, - RailsProxy: railsproxy.NewConn(s.cluster), + s.localdb.loginController = &ldapLoginController{ + Cluster: s.cluster, + Parent: s.localdb, } } func (s *LDAPSuite) TestLoginSuccess(c *check.C) { - resp, err := s.ctrl.UserAuthenticate(context.Background(), arvados.UserAuthenticateOptions{ + resp, err := s.localdb.UserAuthenticate(s.ctx, arvados.UserAuthenticateOptions{ Username: "goodusername", Password: "goodpassword", }) @@ -97,7 +84,7 @@ func (s *LDAPSuite) TestLoginSuccess(c *check.C) { c.Check(resp.UUID, check.Matches, `zzzzz-gj3su-.*`) c.Check(resp.Scopes, check.DeepEquals, []string{"all"}) - ctx := auth.NewContext(context.Background(), &auth.Credentials{Tokens: []string{"v2/" + resp.UUID + "/" + resp.APIToken}}) + ctx := ctrlctx.NewWithToken(s.ctx, s.cluster, "v2/"+resp.UUID+"/"+resp.APIToken) user, err := railsproxy.NewConn(s.cluster).UserGetCurrent(ctx, arvados.GetOptions{}) c.Check(err, check.IsNil) c.Check(user.Email, check.Equals, "goodusername@example.com") @@ -107,7 +94,7 @@ func (s *LDAPSuite) TestLoginSuccess(c *check.C) { func (s *LDAPSuite) TestLoginFailure(c *check.C) { // search returns no results s.cluster.Login.LDAP.SearchBase = "dc=example,dc=invalid" - resp, err := s.ctrl.UserAuthenticate(context.Background(), arvados.UserAuthenticateOptions{ + resp, err := s.localdb.UserAuthenticate(s.ctx, arvados.UserAuthenticateOptions{ Username: "goodusername", Password: "goodpassword", }) @@ -120,7 +107,7 @@ func (s *LDAPSuite) TestLoginFailure(c *check.C) { // search returns result, but auth fails s.cluster.Login.LDAP.SearchBase = "dc=example,dc=com" - resp, err = s.ctrl.UserAuthenticate(context.Background(), arvados.UserAuthenticateOptions{ + resp, err = s.localdb.UserAuthenticate(s.ctx, arvados.UserAuthenticateOptions{ Username: "badusername", Password: "badpassword", })