X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/d51eee69da0b9b572b5319d3429267bedb2fb3ae..HEAD:/lib/controller/localdb/login_ldap_test.go diff --git a/lib/controller/localdb/login_ldap_test.go b/lib/controller/localdb/login_ldap_test.go index bce1ecfcf2..c7d8390225 100644 --- a/lib/controller/localdb/login_ldap_test.go +++ b/lib/controller/localdb/login_ldap_test.go @@ -5,48 +5,27 @@ package localdb import ( - "context" "encoding/json" "net" "net/http" - "git.arvados.org/arvados.git/lib/config" "git.arvados.org/arvados.git/lib/controller/railsproxy" "git.arvados.org/arvados.git/lib/ctrlctx" "git.arvados.org/arvados.git/sdk/go/arvados" - "git.arvados.org/arvados.git/sdk/go/arvadostest" - "git.arvados.org/arvados.git/sdk/go/auth" "git.arvados.org/arvados.git/sdk/go/ctxlog" "github.com/bradleypeabody/godap" - "github.com/jmoiron/sqlx" check "gopkg.in/check.v1" ) var _ = check.Suite(&LDAPSuite{}) type LDAPSuite struct { - cluster *arvados.Cluster - ctrl *ldapLoginController - ldap *godap.LDAPServer // fake ldap server that accepts auth goodusername/goodpassword - db *sqlx.DB - - // transaction context - ctx context.Context - rollback func() error -} - -func (s *LDAPSuite) TearDownSuite(c *check.C) { - // Undo any changes/additions to the user database so they - // don't affect subsequent tests. - arvadostest.ResetEnv() - c.Check(arvados.NewClientFromEnv().RequestAndDecode(nil, "POST", "database/reset", nil, nil), check.IsNil) + localdbSuite + ldap *godap.LDAPServer // fake ldap server that accepts auth goodusername/goodpassword } -func (s *LDAPSuite) SetUpSuite(c *check.C) { - cfg, err := config.NewLoader(nil, ctxlog.TestLogger(c)).Load() - c.Assert(err, check.IsNil) - s.cluster, err = cfg.GetCluster("") - c.Assert(err, check.IsNil) +func (s *LDAPSuite) SetUpTest(c *check.C) { + s.localdbSuite.SetUpTest(c) ln, err := net.Listen("tcp", "127.0.0.1:0") c.Assert(err, check.IsNil) @@ -84,35 +63,19 @@ func (s *LDAPSuite) SetUpSuite(c *check.C) { s.cluster.Login.LDAP.Enable = true err = json.Unmarshal([]byte(`"ldap://`+ln.Addr().String()+`"`), &s.cluster.Login.LDAP.URL) + c.Assert(err, check.IsNil) s.cluster.Login.LDAP.StartTLS = false s.cluster.Login.LDAP.SearchBindUser = "cn=goodusername,dc=example,dc=com" s.cluster.Login.LDAP.SearchBindPassword = "goodpassword" s.cluster.Login.LDAP.SearchBase = "dc=example,dc=com" - c.Assert(err, check.IsNil) - s.ctrl = &ldapLoginController{ - Cluster: s.cluster, - RailsProxy: railsproxy.NewConn(s.cluster), - } - s.db = arvadostest.DB(c, s.cluster) -} - -func (s *LDAPSuite) SetUpTest(c *check.C) { - tx, err := s.db.Beginx() - c.Assert(err, check.IsNil) - s.ctx = ctrlctx.NewWithTransaction(context.Background(), tx) - s.rollback = tx.Rollback -} - -func (s *LDAPSuite) TearDownTest(c *check.C) { - if s.rollback != nil { - s.rollback() + s.localdb.loginController = &ldapLoginController{ + Cluster: s.cluster, + Parent: s.localdb, } } func (s *LDAPSuite) TestLoginSuccess(c *check.C) { - conn := NewConn(s.cluster) - conn.loginController = s.ctrl - resp, err := conn.UserAuthenticate(s.ctx, arvados.UserAuthenticateOptions{ + resp, err := s.localdb.UserAuthenticate(s.ctx, arvados.UserAuthenticateOptions{ Username: "goodusername", Password: "goodpassword", }) @@ -121,7 +84,7 @@ func (s *LDAPSuite) TestLoginSuccess(c *check.C) { c.Check(resp.UUID, check.Matches, `zzzzz-gj3su-.*`) c.Check(resp.Scopes, check.DeepEquals, []string{"all"}) - ctx := auth.NewContext(s.ctx, &auth.Credentials{Tokens: []string{"v2/" + resp.UUID + "/" + resp.APIToken}}) + ctx := ctrlctx.NewWithToken(s.ctx, s.cluster, "v2/"+resp.UUID+"/"+resp.APIToken) user, err := railsproxy.NewConn(s.cluster).UserGetCurrent(ctx, arvados.GetOptions{}) c.Check(err, check.IsNil) c.Check(user.Email, check.Equals, "goodusername@example.com") @@ -131,7 +94,7 @@ func (s *LDAPSuite) TestLoginSuccess(c *check.C) { func (s *LDAPSuite) TestLoginFailure(c *check.C) { // search returns no results s.cluster.Login.LDAP.SearchBase = "dc=example,dc=invalid" - resp, err := s.ctrl.UserAuthenticate(s.ctx, arvados.UserAuthenticateOptions{ + resp, err := s.localdb.UserAuthenticate(s.ctx, arvados.UserAuthenticateOptions{ Username: "goodusername", Password: "goodpassword", }) @@ -144,7 +107,7 @@ func (s *LDAPSuite) TestLoginFailure(c *check.C) { // search returns result, but auth fails s.cluster.Login.LDAP.SearchBase = "dc=example,dc=com" - resp, err = s.ctrl.UserAuthenticate(s.ctx, arvados.UserAuthenticateOptions{ + resp, err = s.localdb.UserAuthenticate(s.ctx, arvados.UserAuthenticateOptions{ Username: "badusername", Password: "badpassword", })