You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 7 » Og2.test » LdapAuthorizationOg2Tests

function LdapAuthorizationOg2Tests::testAuthorizationsWithoutLogon in Lightweight Directory Access Protocol (LDAP) 7

File

ldap_authorization/tests/Og/Og2.test, line 280

Class

LdapAuthorizationOg2Tests

Code

function testAuthorizationsWithoutLogon() {

  // TODO: Fix failing tests, excluding to make branch pass.
  return;
  if (ldap_authorization_og_og_version() != 2) {
    debug('LdapAuthorizationOg2Tests must be run with OG 7.x-2.x');
    return;
  }
  $this->ldapTestId = $this->module_name . ': og authorizations on logon';

  // just to give warning if setup doesn't succeed.  may want to take these out at some point.
  $setup_success = module_exists('ldap_authentication') && module_exists('ldap_servers') && module_exists('ldap_authorization') && module_exists('ldap_authorization_drupal_role') && module_exists('ldap_authorization_og') && variable_get('ldap_simpletest', 0) == 1;
  $this
    ->assertTrue($setup_success, ' ldap_authorizations og setup successful', $this->ldapTestId);
  $web_user = $this
    ->drupalCreateUser();
  $this->ldapTestId = 'OgWithoutLogon';
  $this->serversData = 'Og/ldap_servers.inc';
  $this->authorizationData = 'Og/ldap_authorization_og2.inc';
  $this->authenticationData = 'Og/ldap_authentication.inc';
  $this->consumerType = 'og_group';
  $this
    ->prepTestData();
  $og_auth = new LdapAuthorizationConsumerOG('og_group');
  $this
    ->assertTrue(is_object($og_auth), 'Successfully instantiated LdapAuthorizationConsumerOG', $this->ldapTestId);
  list($og_knitters, $og_knitters_node) = ldap_authorization_og2_get_group('node', 'knitters', 'group_name', 'object');
  list($og_bakers, $og_bakers_node) = ldap_authorization_og2_get_group('node', 'bakers', 'group_name', 'object');
  list($og_butchers, $og_butchers_node) = ldap_authorization_og2_get_group('node', 'butchers', 'group_name', 'object');
  $anonymous_rid = ldap_authorization_og2_rid_from_role_name('node', $og_knitters_node->nid, OG_ANONYMOUS_ROLE);
  $member_rid = ldap_authorization_og2_rid_from_role_name('node', $og_bakers_node->nid, OG_AUTHENTICATED_ROLE);
  $admin_rid = ldap_authorization_og2_rid_from_role_name('node', $og_butchers_node->nid, OG_ADMINISTRATOR_ROLE);
  $knitters_nonmember_id = ldap_authorization_og_authorization_id($og_knitters_node->nid, $anonymous_rid, 'node');
  $knitters_member_id = ldap_authorization_og_authorization_id($og_knitters_node->nid, $member_rid, 'node');
  $bakers_nonmember_id = ldap_authorization_og_authorization_id($og_bakers_node->nid, $anonymous_rid, 'node');
  $bakers_member_id = ldap_authorization_og_authorization_id($og_bakers_node->nid, $member_rid, 'node');
  $butcher_member_id = ldap_authorization_og_authorization_id($og_butchers_node->nid, $member_rid, 'node');
  $butcher_admin_id = ldap_authorization_og_authorization_id($og_butchers_node->nid, $admin_rid, 'node');
  debug("butcher_member_id={$butcher_member_id},\n          butcher_admin_id={$butcher_admin_id},\n          knitters_nonmember_id={$knitters_nonmember_id},\n          knitters_member_id={$knitters_member_id}\n          ");

  /**
   * cn=unkool,ou=lost,dc=ad,dc=myuniversity,dc=edu
   * should not match any mappings
   */
  $user = $this
    ->drupalCreateUser(array());
  $unkool = $this->testFunctions
    ->drupalLdapUpdateUser(array(
    'name' => 'unkool',
    'mail' => 'unkool@nowhere.myuniversity.edu',
  ), TRUE, $user);
  list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($unkool, 'query');

  // just see if the correct ones are derived.
  if (count($new_authorizations['og_group']) != 0) {
    debug('new authorizations');
    debug($new_authorizations);
  }
  $this
    ->assertTrue(count($new_authorizations['og_group']) == 0, 'user account unkool tested for granting no drupal roles ', $this->ldapTestId . '.nomatch');

  /**
   *   jkool:  guest accounts, cn=sysadmins,ou=it,dc=ad,dc=myuniversity,dc=edu
   */
  $user = $this
    ->drupalCreateUser(array());
  $jkool = $this->testFunctions
    ->drupalLdapUpdateUser(array(
    'name' => 'jkool',
    'mail' => 'jkool@guests.myuniversity.edu',
  ), TRUE, $user);
  list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($jkool, 'query');

  // just see if the correct ones are derived.
  $correct_roles = (bool) (isset($new_authorizations['og_group']) && in_array($butcher_member_id, $new_authorizations['og_group']) && in_array($bakers_member_id, $new_authorizations['og_group']));
  if (!$correct_roles) {
    debug('jkool og ldap authorizations');
    debug($new_authorizations);
    debug($new_authorizations);
  }
  $this
    ->assertTrue($correct_roles, "user account jkool tested for granting og butchers member and admin ({$butcher_member_id} and {$butcher_admin_id})", $this->ldapTestId . '.onematch');

  /**
   verykool: 'cn=sysadmins,ou=it,dc=ad,dc=myuniversity,dc=edu', special guests, guest accounts
  */
  $user = $this
    ->drupalCreateUser(array());
  $verykool = $this->testFunctions
    ->drupalLdapUpdateUser(array(
    'name' => 'verykool',
    'mail' => 'verykool@myuniversity.edu',
  ), TRUE, $user);
  list($new_authorizations, $notifications) = ldap_authorizations_user_authorizations($verykool, 'query');

  // just see if the correct ones are derived.
  $correct_roles = (bool) (isset($new_authorizations['og_group']) && in_array($butcher_member_id, $new_authorizations[$this->consumerType]) && in_array($bakers_member_id, $new_authorizations[$this->consumerType]));
  if (!$correct_roles) {
    debug('verykool og ldap authorizations');
    debug($new_authorizations);
    debug($new_authorizations);
  }
  $this
    ->assertTrue($correct_roles, "user account verykool tested for granting og knitters member ({$knitters_member_id}) and og butchers member ({$butcher_member_id}) ", $this->ldapTestId . '.manymatch');
  $this
    ->assertTrue($correct_roles, 'user account verykool tested for case insensitivity ', $this->ldapTestId . '.caseinsensitive');
}