TSK-1152: using embedded ldap for integration tests.

rest/taskana-rest-spring/src/main/java/pro/taskana/ldap/LdapClient.java

@@ -8,7 +8,6 @@ import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 import javax.annotation.PostConstruct;
 import javax.naming.directory.SearchControls;
-import javax.naming.ldap.LdapName;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -20,7 +19,6 @@ import org.springframework.ldap.filter.AndFilter;
 import org.springframework.ldap.filter.EqualsFilter;
 import org.springframework.ldap.filter.OrFilter;
 import org.springframework.ldap.filter.WhitespaceWildcardsFilter;
-import org.springframework.ldap.support.LdapNameBuilder;
 import org.springframework.stereotype.Component;
 
 import pro.taskana.common.api.LoggerUtils;
@@ -70,16 +68,15 @@ public class LdapClient {
     isInitOrFail();
     testMinSearchForLength(name);
 
-    List<AccessIdResource> accessIds = new ArrayList<>(searchUsersByName(name));
-    accessIds.addAll(searchGroupsByName(name));
-    // TODO: remove try/catch as once the fix is verified
-    try {
+    List<AccessIdResource> accessIds = new ArrayList<>();
+    if (nameIsDn(name)) {
       AccessIdResource groupByDn = searchGroupByDn(name);
       if (groupByDn != null) {
-        accessIds.add(searchGroupByDn(name));
+        accessIds.add(groupByDn);
       }
-    } catch (Throwable t) {
-      LOGGER.error("unexpected error while searching group by dn", t);
+    } else {
+      accessIds.addAll(searchUsersByName(name));
+      accessIds.addAll(searchGroupsByName(name));
     }
     sortListOfAccessIdResources(accessIds);
     List<AccessIdResource> result = getFirstPageOfaResultList(accessIds);
@@ -93,6 +90,10 @@ public class LdapClient {
     return result;
   }
 
+  private boolean nameIsDn(String name) {
+    return name.toLowerCase().endsWith(getBaseDn().toLowerCase());
+  }
+
   public List<AccessIdResource> searchUsersByName(final String name)
       throws InvalidArgumentException {
     LOGGER.debug("entry to searchUsersByName(name = {}).", name);
@@ -162,7 +163,7 @@ public class LdapClient {
     // Therefore we have to remove the base name from the dn before performing the lookup
     String nameWithoutBaseDn = getNameWithoutBaseDn(name);
     LOGGER.debug(
-        "Removes baseDN {} from given DN. New DN to be used: {}", getBaseDn(), nameWithoutBaseDn);
+        "Removed baseDN {} from given DN. New DN to be used: {}", getBaseDn(), nameWithoutBaseDn);
     final AccessIdResource accessId =
         ldapTemplate.lookup(
             nameWithoutBaseDn, getLookUpGoupAttributesToReturn(), new GroupContextMapper());
@@ -353,14 +354,19 @@ public class LdapClient {
     @Override
     public AccessIdResource doMapFromContext(final DirContextOperations context) {
       final AccessIdResource accessId = new AccessIdResource();
-      LdapName dn = (LdapName) context.getDn();
-      if (!dn.getRdn(0).toString().equalsIgnoreCase(getBaseDn())) {
-        dn = LdapNameBuilder.newInstance(getBaseDn()).add(dn).build();
-      }
-      accessId.setAccessId(dn.toString()); // fully qualified dn
+      String dn = getDnWithBaseDn(context);
+      accessId.setAccessId(dn); // fully qualified dn
       accessId.setName(context.getStringAttribute(getGroupNameAttribute()));
       return accessId;
     }
+
+    private String getDnWithBaseDn(final DirContextOperations context) {
+      String dn = context.getDn().toString();
+      if (!dn.toLowerCase().endsWith(getBaseDn().toLowerCase())) {
+        dn = dn + "," + getBaseDn();
+      }
+      return dn;
+    }
   }
 
   /** Context Mapper for user entries. */

rest/taskana-rest-spring/src/test/java/pro/taskana/rest/AccessIdControllerIntTest.java

@@ -12,6 +12,7 @@ import org.springframework.core.ParameterizedTypeReference;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.test.context.ActiveProfiles;
 import org.springframework.web.client.HttpClientErrorException;
 import org.springframework.web.client.RestTemplate;
 
@@ -20,6 +21,7 @@ import pro.taskana.TaskanaSpringBootTest;
 import pro.taskana.rest.resource.AccessIdResource;
 
 @TaskanaSpringBootTest
+@ActiveProfiles({"test", "ldap"})
 class AccessIdControllerIntTest {
 
   private static RestTemplate template;
@@ -33,48 +35,52 @@ class AccessIdControllerIntTest {
 
   @Test
   void testQueryGroupsByDn() {
-    ResponseEntity<List<AccessIdResource>> response =
+    ResponseEntity<AccessIdListResource> response =
         template.exchange(
             restHelper.toUrl(Mapping.URL_ACCESSID)
                 + "?search-for=cn=ksc-users,cn=groups,OU=Test,O=TASKANA",
             HttpMethod.GET,
             restHelper.defaultRequest(),
-            ParameterizedTypeReference.forType(List.class));
+            ParameterizedTypeReference.forType(AccessIdListResource.class));
     assertThat(response.getBody()).hasSize(1);
+    assertThat(response.getBody().get(0).getAccessId())
+        .isEqualToIgnoringCase("cn=ksc-users,cn=groups,OU=Test,O=TASKANA");
   }
 
   @Test
   void testQueryGroupsByCn() {
-    ResponseEntity<List<AccessIdResource>> response =
+    ResponseEntity<AccessIdListResource> response =
         template.exchange(
             restHelper.toUrl(Mapping.URL_ACCESSID) + "?search-for=ksc",
             HttpMethod.GET,
             restHelper.defaultRequest(),
-            ParameterizedTypeReference.forType(List.class));
+            ParameterizedTypeReference.forType(AccessIdListResource.class));
     assertThat(response.getBody()).hasSize(1);
+    assertThat(response.getBody().get(0).getAccessId())
+        .isEqualToIgnoringCase("cn=ksc-users,cn=groups,OU=Test,O=TASKANA");
   }
 
   @Test
   void testGetMatches() {
     ResponseEntity<List<AccessIdResource>> response =
         template.exchange(
-            restHelper.toUrl(Mapping.URL_ACCESSID) + "?search-for=user",
+            restHelper.toUrl(Mapping.URL_ACCESSID) + "?search-for=rig",
             HttpMethod.GET,
             restHelper.defaultRequest(),
             ParameterizedTypeReference.forType(AccessIdListResource.class));
 
     List<AccessIdResource> body = response.getBody();
     assertThat(body).isNotNull();
-    assertThat(body).hasSize(3);
+    assertThat(body).hasSize(2);
     assertThat(body)
         .extracting(AccessIdResource::getName)
-        .containsExactlyInAnyOrder("Tralisch, Thea", "Bert, Ali", "Mente, Ali");
+        .containsExactlyInAnyOrder("Schläfrig, Tim", "Eifrig, Elena");
   }
 
   @Test
   void testBadRequestWhenSearchForIsTooShort() {
     assertThatThrownBy(
-        () ->
+            () ->
                 template.exchange(
                     restHelper.toUrl(Mapping.URL_ACCESSID) + "?search-for=al",
                     HttpMethod.GET,

rest/taskana-rest-spring/src/test/resources/application-ldap.properties

@@ -0,0 +1,51 @@
+logging.level.pro.taskana=INFO
+### logging.level.org.springframework=DEBUG
+######## Taskana DB #######
+datasource.url=jdbc:h2:mem:taskana;IGNORECASE=TRUE;LOCK_MODE=0
+datasource.driverClassName=org.h2.Driver
+datasource.username=sa
+datasource.password=sa
+taskana.schemaName=TASKANA
+####### property that control rest api security deploy use true for no security.
+devMode=false
+
+####### Property that informs about the Taskana's version. This version is shown the application web
+version=@project.version@
+
+####### control LDAP usage
+taskana.ldap.useLdap=true
+####### properties to connect to LDAP
+taskana.ldap.serverUrl=ldap://localhost:10389
+taskana.ldap.bindDn=uid=admin
+taskana.ldap.bindPassword=secret
+taskana.ldap.baseDn=ou=Test,O=TASKANA
+####### properties that control search for users and groups
+taskana.ldap.userSearchBase=cn=users
+taskana.ldap.userSearchFilterName=objectclass
+taskana.ldap.userSearchFilterValue=person
+taskana.ldap.userFirstnameAttribute=givenName
+taskana.ldap.userLastnameAttribute=sn
+taskana.ldap.userIdAttribute=uid
+taskana.ldap.groupSearchBase=cn=groups
+taskana.ldap.groupSearchFilterName=objectclass
+taskana.ldap.groupSearchFilterValue=groupOfUniqueNames
+taskana.ldap.groupNameAttribute=cn
+taskana.ldap.minSearchForLength=3
+taskana.ldap.maxNumberOfReturnedAccessIds=50
+taskana.ldap.groupsOfUser=memberUid
+####### JobScheduler cron expression that specifies when the JobSchedler runs
+taskana.jobscheduler.async.cron=0 0 * * * *
+####### cache static resources properties
+spring.resources.cache.cachecontrol.cache-private=true
+spring.main.allow-bean-definition-overriding=true
+####### tomcat is not detecting the x-forward headers from bluemix as a trustworthy proxy
+server.tomcat.internal-proxies=.*
+server.use-forward-headers=true
+
+# Embedded Spring LDAP
+spring.ldap.embedded.base-dn= O=TASKANA
+spring.ldap.embedded.credential.username= uid=admin
+spring.ldap.embedded.credential.password= secret
+spring.ldap.embedded.ldif=classpath:taskana-test.ldif
+spring.ldap.embedded.port= 10389
+spring.ldap.embedded.validation.enabled=false

rest/taskana-rest-spring/src/test/resources/application.properties

@@ -13,26 +13,25 @@ devMode=false
 version=@project.version@
 
 ####### control LDAP usage
-taskana.ldap.useLdap=true
+taskana.ldap.useLdap=false
 ####### properties to connect to LDAP
 taskana.ldap.serverUrl=ldap://localhost:10389
-taskana.ldap.bindDn=uid=admin
+taskana.ldap.bindDn=uid=admin,ou=system
 taskana.ldap.bindPassword=secret
-taskana.ldap.baseDn=ou=Test,O=TASKANA
+taskana.ldap.baseDn=o=TaskanaTest
 ####### properties that control search for users and groups
-taskana.ldap.userSearchBase=cn=users
+taskana.ldap.userSearchBase=ou=people
 taskana.ldap.userSearchFilterName=objectclass
 taskana.ldap.userSearchFilterValue=person
 taskana.ldap.userFirstnameAttribute=givenName
 taskana.ldap.userLastnameAttribute=sn
 taskana.ldap.userIdAttribute=uid
-taskana.ldap.groupSearchBase=cn=groups
+taskana.ldap.groupSearchBase=ou=groups
 taskana.ldap.groupSearchFilterName=objectclass
 taskana.ldap.groupSearchFilterValue=groupOfUniqueNames
 taskana.ldap.groupNameAttribute=cn
 taskana.ldap.minSearchForLength=3
 taskana.ldap.maxNumberOfReturnedAccessIds=50
-taskana.ldap.groupsOfUser=memberUid
 ####### JobScheduler cron expression that specifies when the JobSchedler runs
 taskana.jobscheduler.async.cron=0 0 * * * *
 ####### cache static resources properties
@@ -41,11 +40,3 @@ spring.main.allow-bean-definition-overriding=true
 ####### tomcat is not detecting the x-forward headers from bluemix as a trustworthy proxy
 server.tomcat.internal-proxies=.*
 server.use-forward-headers=true
-
-# Embedded Spring LDAP
-spring.ldap.embedded.base-dn= O=TASKANA
-spring.ldap.embedded.credential.username= uid=admin
-spring.ldap.embedded.credential.password= secret
-spring.ldap.embedded.ldif=classpath:taskana-test.ldif
-spring.ldap.embedded.port= 10389
-spring.ldap.embedded.validation.enabled=false

rest/taskana-rest-spring/src/test/resources/taskana-test.ldif

@@ -53,6 +53,31 @@ sn: Eifrig
 ou: Organisationseinheit/Organisationseinheit KSC/Organisationseinheit KSC 1
 cn: Elena Eifrig
 
+dn: uid=user_2_1,cn=users,OU=Test,O=TASKANA
+objectclass: inetorgperson
+objectclass: organizationalperson
+objectclass: person
+objectclass: top
+givenName: Simone
+description: desc
+uid: user_1_1
+sn: Müller
+ou: Organisationseinheit/Organisationseinheit KSC/Organisationseinheit KSC 1
+cn: Simone Müller
+
+dn: uid=user_2_2,cn=users,OU=Test,O=TASKANA
+objectclass: inetorgperson
+objectclass: organizationalperson
+objectclass: person
+objectclass: top
+givenName: Tim
+description: desc
+uid: user_1_1
+sn: Schläfrig
+ou: Organisationseinheit/Organisationseinheit KSC/Organisationseinheit KSC 1
+cn: Tim Schläfrig
+
+
 
 ########################
 # Groups