mirror of
https://github.com/grafana/grafana.git
synced 2025-08-06 04:19:26 +08:00
LDAP: reduce API and allow its extension (#17209)
* Removes Add/Remove methods * Publicise necessary fields and methods so we could extend it * Publicise mock API * More comments and additional simplifications * Sync with master Still having low coverage :/ - should be addressed in #17208
This commit is contained in:
Oleg Gaidarenko
@ -13,12 +13,12 @@ import (
|
||||
|
||||
func TestLDAPLogin(t *testing.T) {
|
||||
Convey("Login()", t, func() {
|
||||
authScenario("When user is log in and updated", func(sc *scenarioContext) {
|
||||
serverScenario("When user is log in and updated", func(sc *scenarioContext) {
|
||||
// arrange
|
||||
mockConnection := &mockConnection{}
|
||||
mockConnection := &MockConnection{}
|
||||
|
||||
auth := &Server{
|
||||
config: &ServerConfig{
|
||||
server := &Server{
|
||||
Config: &ServerConfig{
|
||||
Host: "",
|
||||
RootCACert: "",
|
||||
Groups: []*GroupToOrgRole{
|
||||
@ -33,7 +33,7 @@ func TestLDAPLogin(t *testing.T) {
|
||||
},
|
||||
SearchBaseDNs: []string{"BaseDNHere"},
|
||||
},
|
||||
connection: mockConnection,
|
||||
Connection: mockConnection,
|
||||
log: log.New("test-logger"),
|
||||
}
|
||||
|
||||
@ -61,7 +61,7 @@ func TestLDAPLogin(t *testing.T) {
|
||||
sc.userOrgsQueryReturns([]*models.UserOrgDTO{})
|
||||
|
||||
// act
|
||||
extUser, _ := auth.Login(query)
|
||||
extUser, _ := server.Login(query)
|
||||
userInfo, err := user.Upsert(&user.UpsertArgs{
|
||||
SignupAllowed: true,
|
||||
ExternalUser: extUser,
|
||||
@ -73,7 +73,7 @@ func TestLDAPLogin(t *testing.T) {
|
||||
So(err, ShouldBeNil)
|
||||
|
||||
// User should be searched in ldap
|
||||
So(mockConnection.searchCalled, ShouldBeTrue)
|
||||
So(mockConnection.SearchCalled, ShouldBeTrue)
|
||||
|
||||
// Info should be updated (email differs)
|
||||
So(userInfo.Email, ShouldEqual, "roel@test.com")
|
||||
@ -82,8 +82,8 @@ func TestLDAPLogin(t *testing.T) {
|
||||
So(sc.addOrgUserCmd.Role, ShouldEqual, "Admin")
|
||||
})
|
||||
|
||||
authScenario("When login with invalid credentials", func(scenario *scenarioContext) {
|
||||
connection := &mockConnection{}
|
||||
serverScenario("When login with invalid credentials", func(scenario *scenarioContext) {
|
||||
connection := &MockConnection{}
|
||||
entry := ldap.Entry{}
|
||||
result := ldap.SearchResult{Entries: []*ldap.Entry{&entry}}
|
||||
connection.setSearchResult(&result)
|
||||
@ -93,8 +93,8 @@ func TestLDAPLogin(t *testing.T) {
|
||||
ResultCode: 49,
|
||||
}
|
||||
}
|
||||
auth := &Server{
|
||||
config: &ServerConfig{
|
||||
server := &Server{
|
||||
Config: &ServerConfig{
|
||||
Attr: AttributeMap{
|
||||
Username: "username",
|
||||
Name: "name",
|
||||
@ -102,19 +102,19 @@ func TestLDAPLogin(t *testing.T) {
|
||||
},
|
||||
SearchBaseDNs: []string{"BaseDNHere"},
|
||||
},
|
||||
connection: connection,
|
||||
Connection: connection,
|
||||
log: log.New("test-logger"),
|
||||
}
|
||||
|
||||
_, err := auth.Login(scenario.loginUserQuery)
|
||||
_, err := server.Login(scenario.loginUserQuery)
|
||||
|
||||
Convey("it should return invalid credentials error", func() {
|
||||
So(err, ShouldEqual, ErrInvalidCredentials)
|
||||
})
|
||||
})
|
||||
|
||||
authScenario("When login with valid credentials", func(scenario *scenarioContext) {
|
||||
connection := &mockConnection{}
|
||||
serverScenario("When login with valid credentials", func(scenario *scenarioContext) {
|
||||
connection := &MockConnection{}
|
||||
entry := ldap.Entry{
|
||||
DN: "dn", Attributes: []*ldap.EntryAttribute{
|
||||
{Name: "username", Values: []string{"markelog"}},
|
||||
@ -130,8 +130,8 @@ func TestLDAPLogin(t *testing.T) {
|
||||
connection.bindProvider = func(username, password string) error {
|
||||
return nil
|
||||
}
|
||||
auth := &Server{
|
||||
config: &ServerConfig{
|
||||
server := &Server{
|
||||
Config: &ServerConfig{
|
||||
Attr: AttributeMap{
|
||||
Username: "username",
|
||||
Name: "name",
|
||||
@ -139,18 +139,18 @@ func TestLDAPLogin(t *testing.T) {
|
||||
},
|
||||
SearchBaseDNs: []string{"BaseDNHere"},
|
||||
},
|
||||
connection: connection,
|
||||
Connection: connection,
|
||||
log: log.New("test-logger"),
|
||||
}
|
||||
|
||||
resp, err := auth.Login(scenario.loginUserQuery)
|
||||
resp, err := server.Login(scenario.loginUserQuery)
|
||||
|
||||
So(err, ShouldBeNil)
|
||||
So(resp.Login, ShouldEqual, "markelog")
|
||||
})
|
||||
|
||||
authScenario("When user not found in LDAP, but exist in Grafana", func(scenario *scenarioContext) {
|
||||
connection := &mockConnection{}
|
||||
serverScenario("When user not found in LDAP, but exist in Grafana", func(scenario *scenarioContext) {
|
||||
connection := &MockConnection{}
|
||||
result := ldap.SearchResult{Entries: []*ldap.Entry{}}
|
||||
connection.setSearchResult(&result)
|
||||
|
||||
@ -160,15 +160,15 @@ func TestLDAPLogin(t *testing.T) {
|
||||
connection.bindProvider = func(username, password string) error {
|
||||
return nil
|
||||
}
|
||||
auth := &Server{
|
||||
config: &ServerConfig{
|
||||
server := &Server{
|
||||
Config: &ServerConfig{
|
||||
SearchBaseDNs: []string{"BaseDNHere"},
|
||||
},
|
||||
connection: connection,
|
||||
Connection: connection,
|
||||
log: log.New("test-logger"),
|
||||
}
|
||||
|
||||
_, err := auth.Login(scenario.loginUserQuery)
|
||||
_, err := server.Login(scenario.loginUserQuery)
|
||||
|
||||
Convey("it should disable user", func() {
|
||||
So(scenario.disableExternalUserCalled, ShouldBeTrue)
|
||||
@ -181,8 +181,8 @@ func TestLDAPLogin(t *testing.T) {
|
||||
})
|
||||
})
|
||||
|
||||
authScenario("When user not found in LDAP, and disabled in Grafana already", func(scenario *scenarioContext) {
|
||||
connection := &mockConnection{}
|
||||
serverScenario("When user not found in LDAP, and disabled in Grafana already", func(scenario *scenarioContext) {
|
||||
connection := &MockConnection{}
|
||||
result := ldap.SearchResult{Entries: []*ldap.Entry{}}
|
||||
connection.setSearchResult(&result)
|
||||
|
||||
@ -192,15 +192,15 @@ func TestLDAPLogin(t *testing.T) {
|
||||
connection.bindProvider = func(username, password string) error {
|
||||
return nil
|
||||
}
|
||||
auth := &Server{
|
||||
config: &ServerConfig{
|
||||
server := &Server{
|
||||
Config: &ServerConfig{
|
||||
SearchBaseDNs: []string{"BaseDNHere"},
|
||||
},
|
||||
connection: connection,
|
||||
Connection: connection,
|
||||
log: log.New("test-logger"),
|
||||
}
|
||||
|
||||
_, err := auth.Login(scenario.loginUserQuery)
|
||||
_, err := server.Login(scenario.loginUserQuery)
|
||||
|
||||
Convey("it should't call disable function", func() {
|
||||
So(scenario.disableExternalUserCalled, ShouldBeFalse)
|
||||
@ -211,8 +211,8 @@ func TestLDAPLogin(t *testing.T) {
|
||||
})
|
||||
})
|
||||
|
||||
authScenario("When user found in LDAP, and disabled in Grafana", func(scenario *scenarioContext) {
|
||||
connection := &mockConnection{}
|
||||
serverScenario("When user found in LDAP, and disabled in Grafana", func(scenario *scenarioContext) {
|
||||
connection := &MockConnection{}
|
||||
entry := ldap.Entry{}
|
||||
result := ldap.SearchResult{Entries: []*ldap.Entry{&entry}}
|
||||
connection.setSearchResult(&result)
|
||||
@ -221,15 +221,15 @@ func TestLDAPLogin(t *testing.T) {
|
||||
connection.bindProvider = func(username, password string) error {
|
||||
return nil
|
||||
}
|
||||
auth := &Server{
|
||||
config: &ServerConfig{
|
||||
server := &Server{
|
||||
Config: &ServerConfig{
|
||||
SearchBaseDNs: []string{"BaseDNHere"},
|
||||
},
|
||||
connection: connection,
|
||||
Connection: connection,
|
||||
log: log.New("test-logger"),
|
||||
}
|
||||
|
||||
extUser, _ := auth.Login(scenario.loginUserQuery)
|
||||
extUser, _ := server.Login(scenario.loginUserQuery)
|
||||
_, err := user.Upsert(&user.UpsertArgs{
|
||||
SignupAllowed: true,
|
||||
ExternalUser: extUser,
|
||||
|
||||
Reference in New Issue
Block a user