You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 7 » Og2.test » LdapAuthorizationOg2Tests

function LdapAuthorizationOg2Tests::testAuthorizationsOnLogon in Lightweight Directory Access Protocol (LDAP) 7

IV. Test authorizations granted on logon

File

ldap_authorization/tests/Og/Og2.test, line 386

Class

LdapAuthorizationOg2Tests

Code

function testAuthorizationsOnLogon() {

  // TODO: Fix failing tests, excluding to make branch pass.
  return;
  if (ldap_authorization_og_og_version() != 2) {
    debug('LdapAuthorizationOg2Tests must be run with OG 7.x-2.x');
    return;
  }
  $this->ldapTestId = $this->module_name . ': og authorizations on logon';
  $setup_success = module_exists('ldap_authentication') && module_exists('ldap_servers') && module_exists('ldap_authorization') && module_exists('ldap_authorization_drupal_role') && module_exists('ldap_authorization_og') && variable_get('ldap_simpletest', 0) == 1;
  $this
    ->assertTrue($setup_success, ' ldap_authorizations og setup successful', $this->ldapTestId);
  $web_user = $this
    ->drupalCreateUser();
  $this->ldapTestId = 'OgLogon';
  $this->serversData = 'Og/ldap_servers.inc';
  $this->authorizationData = 'Og/ldap_authorization_og2.inc';
  $this->authenticationData = 'Og/ldap_authentication.inc';
  $this->consumerType = 'og_group';
  $this
    ->prepTestData();
  $og_auth = new LdapAuthorizationConsumerOG('og_group');
  $this
    ->assertTrue(is_object($og_auth), 'Successfully instantiated LdapAuthorizationConsumerOG', $this->ldapTestId);
  list($og_knitters, $og_knitters_node) = ldap_authorization_og2_get_group('node', 'knitters', 'group_name', 'object');
  list($og_bakers, $og_bakers_node) = ldap_authorization_og2_get_group('node', 'bakers', 'group_name', 'object');
  list($og_butchers, $og_butchers_node) = ldap_authorization_og2_get_group('node', 'butchers', 'group_name', 'object');
  $anonymous_rid = ldap_authorization_og2_rid_from_role_name('node', $og_knitters_node->nid, OG_ANONYMOUS_ROLE);
  $member_rid = ldap_authorization_og2_rid_from_role_name('node', $og_knitters_node->nid, OG_AUTHENTICATED_ROLE);
  $admin_rid = ldap_authorization_og2_rid_from_role_name('node', $og_knitters_node->nid, OG_ADMINISTRATOR_ROLE);
  $knitters_nonmember_id = ldap_authorization_og_authorization_id($og_knitters_node->nid, $anonymous_rid, 'node');
  $knitters_member_id = ldap_authorization_og_authorization_id($og_knitters_node->nid, $member_rid, 'node');
  $bakers_nonmember_id = ldap_authorization_og_authorization_id($og_bakers_node->nid, $anonymous_rid, 'node');
  $bakers_member_id = ldap_authorization_og_authorization_id($og_bakers_node->nid, $member_rid, 'node');
  $butcher_member_id = ldap_authorization_og_authorization_id($og_butchers_node->nid, $member_rid, 'node');
  $butcher_admin_id = ldap_authorization_og_authorization_id($og_butchers_node->nid, $admin_rid, 'node');
  debug("\n      butcher_member_id={$butcher_member_id},<br/>\n      butcher_admin_id={$butcher_admin_id},<br/>\n      bakers_nonmember_id={$bakers_nonmember_id},<br/>\n      bakers_member_id={$bakers_member_id},<br/>\n      knitters_nonmember_id={$knitters_nonmember_id},<br/>\n      knitters_member_id={$knitters_member_id}<br/>\n      ");

  /**
   verykool: 'cn=sysadmins,ou=it,dc=ad,dc=myuniversity,dc=edu', special guests, guest accounts
  */
  $verykool = user_load_by_name('verykool');
  if (is_object($verykool)) {
    user_delete($verykool->uid);
  }
  $edit = array(
    'name' => 'verykool',
    'pass' => 'goodpwd',
  );
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t('Member for'), 'New Ldap user with good password authenticated.', $this->ldapTestId);
  $this
    ->assertTrue($this->testFunctions
    ->ldapUserIsAuthmapped('verykool'), 'Ldap user properly authmapped.', $this->ldapTestId);
  $verykool = user_load_by_name('verykool');
  $existing_authorizations = $og_auth
    ->usersAuthorizations($verykool);
  $correct_roles = in_array($butcher_member_id, $existing_authorizations) && in_array($bakers_member_id, $existing_authorizations);
  if (!$correct_roles) {
    debug('verykool og authorizations');
    debug($existing_authorizations);
  }
  $this
    ->assertTrue($correct_roles, 'verykool granted butcher and knitter memberships', $this->ldapTestId);
  $this
    ->drupalGet('user/logout');

  /**
   *   jkool:  guest accounts, cn=sysadmins,ou=it,dc=ad,dc=myuniversity,dc=edu
   */
  $user = $this
    ->drupalCreateUser(array());
  $jkool = $this->testFunctions
    ->drupalLdapUpdateUser(array(
    'name' => 'jkool',
    'mail' => 'jkool@guests.myuniversity.edu',
  ), TRUE, $user);
  list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($jkool, 'query');

  // just see if the correct ones are derived.
  user_delete($jkool->uid);
  $edit = array(
    'name' => 'jkool',
    'pass' => 'goodpwd',
  );
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t('Member for'), 'New Ldap user with good password authenticated.', $this->ldapTestId);
  $this
    ->assertTrue($this->testFunctions
    ->ldapUserIsAuthmapped('jkool'), 'Ldap user properly authmapped.', $this->ldapTestId);
  $jkool = user_load_by_name('jkool');
  $existing_authorizations = $og_auth
    ->usersAuthorizations($jkool);
  $correct_roles = in_array($butcher_member_id, $existing_authorizations);
  if (!$correct_roles) {
    debug('jkool og authorizations');
    debug($existing_authorizations);
  }
  $this
    ->assertTrue($correct_roles, 'jkool granted admin role', $this->ldapTestId);
  $this
    ->drupalGet('user/logout');
}