From 92fd2dbfb672d7b2b1cdfd5dd5cf89f7716b3e12 Mon Sep 17 00:00:00 2001 From: asteroide Date: Tue, 1 Sep 2015 16:03:26 +0200 Subject: Update Keystone code from official Github repository with branch Master on 09/01/2015. Change-Id: I0ff6099e6e2580f87f502002a998bbfe12673498 --- .../keystone/tests/unit/common/test_ldap.py | 88 ++++++++++++++++++---- 1 file changed, 74 insertions(+), 14 deletions(-) (limited to 'keystone-moon/keystone/tests/unit/common/test_ldap.py') diff --git a/keystone-moon/keystone/tests/unit/common/test_ldap.py b/keystone-moon/keystone/tests/unit/common/test_ldap.py index 41568890..d3ce8cd2 100644 --- a/keystone-moon/keystone/tests/unit/common/test_ldap.py +++ b/keystone-moon/keystone/tests/unit/common/test_ldap.py @@ -11,23 +11,24 @@ # License for the specific language governing permissions and limitations # under the License. +import os +import tempfile import uuid +import fixtures import ldap.dn import mock from oslo_config import cfg from testtools import matchers -import os -import shutil -import tempfile - +from keystone.common import driver_hints from keystone.common import ldap as ks_ldap from keystone.common.ldap import core as common_ldap_core from keystone.tests import unit as tests from keystone.tests.unit import default_fixtures from keystone.tests.unit import fakeldap + CONF = cfg.CONF @@ -218,9 +219,7 @@ class LDAPDeleteTreeTest(tests.TestCase): def config_overrides(self): super(LDAPDeleteTreeTest, self).config_overrides() - self.config_fixture.config( - group='identity', - driver='keystone.identity.backends.ldap.Identity') + self.config_fixture.config(group='identity', driver='ldap') def config_files(self): config_files = super(LDAPDeleteTreeTest, self).config_files() @@ -311,8 +310,7 @@ class SslTlsTest(tests.TestCase): def test_certdir_trust_tls(self): # We need this to actually exist, so we create a tempdir. - certdir = tempfile.mkdtemp() - self.addCleanup(shutil.rmtree, certdir) + certdir = self.useFixture(fixtures.TempDir()).path self.config_fixture.config(group='ldap', url='ldap://localhost', use_tls=True, @@ -340,8 +338,7 @@ class SslTlsTest(tests.TestCase): def test_certdir_trust_ldaps(self): # We need this to actually exist, so we create a tempdir. - certdir = tempfile.mkdtemp() - self.addCleanup(shutil.rmtree, certdir) + certdir = self.useFixture(fixtures.TempDir()).path self.config_fixture.config(group='ldap', url='ldaps://localhost', use_tls=False, @@ -372,9 +369,7 @@ class LDAPPagedResultsTest(tests.TestCase): def config_overrides(self): super(LDAPPagedResultsTest, self).config_overrides() - self.config_fixture.config( - group='identity', - driver='keystone.identity.backends.ldap.Identity') + self.config_fixture.config(group='identity', driver='ldap') def config_files(self): config_files = super(LDAPPagedResultsTest, self).config_files() @@ -500,3 +495,68 @@ class CommonLdapTestCase(tests.BaseTestCase): py_result = ks_ldap.convert_ldap_result(result) # The user name should still be a string value. self.assertEqual(user_name, py_result[0][1]['user_name'][0]) + + +class LDAPFilterQueryCompositionTest(tests.TestCase): + """These test cases test LDAP filter generation.""" + + def setUp(self): + super(LDAPFilterQueryCompositionTest, self).setUp() + + self.base_ldap = ks_ldap.BaseLdap(self.config_fixture.conf) + + # The tests need an attribute mapping to use. + self.attribute_name = uuid.uuid4().hex + self.filter_attribute_name = uuid.uuid4().hex + self.base_ldap.attribute_mapping = { + self.attribute_name: self.filter_attribute_name + } + + def test_return_query_with_no_hints(self): + hints = driver_hints.Hints() + # NOTE: doesn't have to be a real query, we just need to make sure the + # same string is returned if there are no hints. + query = uuid.uuid4().hex + self.assertEqual(query, + self.base_ldap.filter_query(hints=hints, query=query)) + + # make sure the default query is an empty string + self.assertEqual('', self.base_ldap.filter_query(hints=hints)) + + def test_filter_with_empty_query_and_hints_set(self): + hints = driver_hints.Hints() + username = uuid.uuid4().hex + hints.add_filter(name=self.attribute_name, + value=username, + comparator='equals', + case_sensitive=False) + expected_ldap_filter = '(&(%s=%s))' % ( + self.filter_attribute_name, username) + self.assertEqual(expected_ldap_filter, + self.base_ldap.filter_query(hints=hints)) + + def test_filter_with_both_query_and_hints_set(self): + hints = driver_hints.Hints() + # NOTE: doesn't have to be a real query, we just need to make sure the + # filter string is concatenated correctly + query = uuid.uuid4().hex + username = uuid.uuid4().hex + expected_result = '(&%(query)s(%(user_name_attr)s=%(username)s))' % ( + {'query': query, + 'user_name_attr': self.filter_attribute_name, + 'username': username}) + hints.add_filter(self.attribute_name, username) + self.assertEqual(expected_result, + self.base_ldap.filter_query(hints=hints, query=query)) + + def test_filter_with_hints_and_query_is_none(self): + hints = driver_hints.Hints() + username = uuid.uuid4().hex + hints.add_filter(name=self.attribute_name, + value=username, + comparator='equals', + case_sensitive=False) + expected_ldap_filter = '(&(%s=%s))' % ( + self.filter_attribute_name, username) + self.assertEqual(expected_ldap_filter, + self.base_ldap.filter_query(hints=hints, query=None)) -- cgit 1.2.3-korg