TSK-1024: Add tests for ldapclient

2020-01-29 16:21:19 +01:00 · 2020-01-29 16:21:19 +01:00 · 08571e7216
parent dbe17fff57
commit 08571e7216
4 changed files with 113 additions and 6 deletions
--- a/pom.xml
+++ b/pom.xml
@ -75,6 +75,9 @@
 		<version.archunit>0.13.0</version.archunit>
 		<version.mockito>3.2.4</version.mockito>
 		<version.junit.mockito>3.2.4</version.junit.mockito>
+    <!-- byte buddy 1.9.7+ is needed to solve dependency errors with spring mock tests see LdapClientTest -->
+    <version.byte-buddy>1.9.7</version.byte-buddy>
+    <version.byte-buddy-agent>1.9.7</version.byte-buddy-agent>
 		<version.powermock>2.0.5</version.powermock>
 		<version.hamcrest>2.2</version.hamcrest>
 		<version.equalsverifier>3.1.12</version.equalsverifier>
--- a/rest/taskana-rest-spring/pom.xml
+++ b/rest/taskana-rest-spring/pom.xml
@ -139,6 +139,30 @@
 			<version>${version.spring.restdocs}</version>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.mockito</groupId>
+			<artifactId>mockito-core</artifactId>
+			<version>${version.mockito}</version>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.mockito</groupId>
+			<artifactId>mockito-junit-jupiter</artifactId>
+			<version>${version.junit.mockito}</version>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>net.bytebuddy</groupId>
+			<artifactId>byte-buddy</artifactId>
+			<version>${version.byte-buddy}</version>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>net.bytebuddy</groupId>
+			<artifactId>byte-buddy-agent</artifactId>
+			<version>${version.byte-buddy-agent}</version>
+			<scope>test</scope>
+		</dependency>
 		<dependency>
 			<groupId>com.h2database</groupId>
 			<artifactId>h2</artifactId>
--- a/rest/taskana-rest-spring/src/main/java/pro/taskana/ldap/LdapClient.java
+++ b/rest/taskana-rest-spring/src/main/java/pro/taskana/ldap/LdapClient.java
@ -1,6 +1,7 @@
 package pro.taskana.ldap;

 import java.util.List;
+import java.util.regex.Pattern;
 import javax.annotation.PostConstruct;
 import javax.naming.directory.SearchControls;
 import org.slf4j.Logger;
@ -64,6 +65,8 @@ public class LdapClient {

  private String groupsOfUser;

+  private String baseDn;
+
  private int minSearchForLength;

  private int maxNumberOfReturnedAccessIds;
@ -182,16 +185,22 @@ public class LdapClient {
      throw new SystemException(
          "LdapClient was called but is not active due to missing configuration: " + message);
    }
-
+    // Obviously Spring LdapTemplate does have a inconsistency and always adds the base name to the
+    // given DN.
+    // https://stackoverflow.com/questions/55285743/spring-ldaptemplate-how-to-lookup-fully-qualified-dn-with-configured-base-dn
+    // Therefore we have to remove the base name from the dn before performing the lookup
+    // (?i) --> case insensitive replacement
+    String nameWithoutBaseDn = name.replaceAll("(?i)" + Pattern.quote("," + baseDn), "");
+    LOGGER.debug(
+        "Removes baseDN {} from given DN. New DN to be used: {}", baseDn, nameWithoutBaseDn);
    String[] groupAttributesToReturn;
    if (CN.equals(groupNameAttribute)) {
      groupAttributesToReturn = new String[] {CN};
    } else {
      groupAttributesToReturn = new String[] {getGroupNameAttribute(), CN};
    }
-
    final AccessIdResource accessId =
-        ldapTemplate.lookup(name, groupAttributesToReturn, new GroupContextMapper());
+        ldapTemplate.lookup(nameWithoutBaseDn, groupAttributesToReturn, new GroupContextMapper());
    LOGGER.debug("Exit from searchGroupByDn. Retrieved the following group: {}", accessId);
    return accessId;
  }
@ -261,6 +270,10 @@ public class LdapClient {
    return env.getProperty("taskana.ldap.groupSearchBase");
  }

+  public String getBaseDn() {
+    return env.getProperty("taskana.ldap.baseDn");
+  }
+
  public String getGroupSearchFilterName() {
    return env.getProperty("taskana.ldap.groupSearchFilterName");
  }
@ -298,7 +311,7 @@ public class LdapClient {
  }

  @PostConstruct
-  private void init() {
+  void init() {
    LOGGER.debug("Entry to init()");
    String strMinSearchForLength = getMinSearchForLengthAsString();
    if (strMinSearchForLength == null || strMinSearchForLength.isEmpty()) {
@ -326,6 +339,7 @@ public class LdapClient {
      groupSearchFilterValue = getGroupSearchFilterValue();
      groupNameAttribute = getGroupNameAttribute();
      groupsOfUser = getGroupsOfUser();
+      baseDn = getBaseDn();

      ldapTemplate.setDefaultCountLimit(maxNumberOfReturnedAccessIds);

@ -364,6 +378,9 @@ public class LdapClient {
      if (groupsOfUser == null) {
        message += " taskana.ldap.groupsOfUser is not configured.";
      }
+      if (baseDn == null) {
+        message += " taskana.ldap.baseDn is not configured.";
+      }
      if (!message.equals(emptyMessage)) {
        throw new SystemException(message);
      }
@ -383,7 +400,7 @@ public class LdapClient {
  }

  /** Context Mapper for user entries. */
-  private class UserContextMapper extends AbstractContextMapper<AccessIdResource> {
+  class UserContextMapper extends AbstractContextMapper<AccessIdResource> {

    @Override
    public AccessIdResource doMapFromContext(final DirContextOperations context) {
@ -397,7 +414,7 @@ public class LdapClient {
  }

  /** Context Mapper for user entries. */
-  private class GroupContextMapper extends AbstractContextMapper<AccessIdResource> {
+  class GroupContextMapper extends AbstractContextMapper<AccessIdResource> {

    @Override
    public AccessIdResource doMapFromContext(final DirContextOperations context) {
--- a/rest/taskana-rest-spring/src/test/java/pro/taskana/ldap/LdapClientTest.java
+++ b/rest/taskana-rest-spring/src/test/java/pro/taskana/ldap/LdapClientTest.java
@ -0,0 +1,63 @@
+package pro.taskana.ldap;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.lenient;
+import static org.mockito.Mockito.verify;
+
+import java.util.stream.Stream;
+import org.junit.jupiter.api.Test;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoSettings;
+import org.springframework.core.env.Environment;
+import org.springframework.ldap.core.LdapTemplate;
+
+@MockitoSettings
+class LdapClientTest {
+
+  @Mock Environment environment;
+
+  @Mock LdapTemplate ldapTemplate;
+
+  @InjectMocks LdapClient cut;
+
+  @Test
+  void testLdap() {
+
+    setUpEnvMock();
+    cut.init();
+
+    cut.searchGroupByDn("cn=developersgroup,ou=groups,o=taskanatest");
+
+    verify(ldapTemplate)
+        .lookup(
+            eq("cn=developersgroup,ou=groups"), any(), any(LdapClient.GroupContextMapper.class));
+  }
+
+  private void setUpEnvMock() {
+    Stream.of(
+            new String[][] {
+              {"taskana.ldap.useLdap", "true"},
+              {"taskana.ldap.baseDn", "o=TaskanaTest"},
+              {"taskana.ldap.userSearchBase", "ou=people"},
+              {"taskana.ldap.userSearchFilterName", "objectclass"},
+              {"taskana.ldap.groupsOfUser", "memberUid"},
+              {"taskana.ldap.groupNameAttribute", "cn"},
+              {"taskana.ldap.groupSearchFilterValue", "groupOfUniqueNames"},
+              {"taskana.ldap.groupSearchFilterName", "objectclass"},
+              {"taskana.ldap.groupSearchBase", "ou=groups"},
+              {"taskana.ldap.userIdAttribute", "uid"},
+              {"taskana.ldap.userLastnameAttribute", "sn"},
+              {"taskana.ldap.userFirstnameAttribute", "givenName"},
+              {"taskana.ldap.userFirstnameAttribute", "givenName"},
+              {"taskana.ldap.userSearchFilterValue", "person"},
+              {"taskana.ldap.bindDn", "uid=admin,ou=system"},
+              {"taskana.ldap.bindPassword", "secret"},
+              {"taskana.ldap.serverUrl", "ldap://localhost:10389"},
+            })
+        .forEach(
+            strings ->
+                lenient().when(this.environment.getProperty(strings[0])).thenReturn(strings[1]));
+  }
+}