public function LdapUserIntegrationTests::testProvisionToLdap in Lightweight Directory Access Protocol (LDAP) 7.2
Same name and namespace in other branches
- 8.2 ldap_user/tests/ldap_user.test \LdapUserIntegrationTests::testProvisionToLdap()
Integration tests for provisioning to ldap.
File
- ldap_user/
tests/ ldap_user.test, line 725
Class
Code
public function testProvisionToLdap() {
// Just to give warning if setup doesn't succeed. may want to take these out at some point.
$setup_success = module_exists('ldap_user') && module_exists('ldap_servers') && variable_get('ldap_simpletest', 2) > 0;
$this
->assertTrue($setup_success, ' ldap_user setup successful', $this
->testId("setup"));
foreach ([
'activedirectory1',
'openldap1',
] as $test_sid) {
$sids = [
$test_sid,
];
// This will create the proper ldap_user configuration from ldap_test/ldap_user.conf.inc.
$this
->prepTestData('hogwarts', $sids, 'provisionToLdap_' . $test_sid);
$ldap_user_conf = ldap_user_conf('default', TRUE);
// 9.B. Create and approve new user, populating first and last name.
$username = 'bhautdeser';
if ($user = user_load_by_name($username)) {
user_delete($user->uid);
}
$user_edit = [
'name' => $username,
'mail' => $username . '@hogwarts.org',
'pass' => user_password(),
'status' => 1,
];
$user_acct = new stdClass();
$user_acct->is_new = TRUE;
$user_acct->field_fname[LANGUAGE_NONE][0]['value'] = 'Bercilak';
$user_acct->field_lname[LANGUAGE_NONE][0]['value'] = 'Hautdesert';
$servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE);
$desired_dn = "cn=bhautdeser,ou=people,dc=hogwarts,dc=edu";
$pre_entry = $servers[$test_sid]
->dnExists($desired_dn, 'ldap_entry');
$drupal_account = user_save($user_acct, $user_edit);
$ldap_entry_post = $servers[$test_sid]
->dnExists($desired_dn, 'ldap_entry');
$ldap_entry_success = $ldap_entry_post && $ldap_entry_post['cn'][0] == 'bhautdeser' && $ldap_entry_post['displayname'][0] == 'Bercilak Hautdesert' && $ldap_entry_post['sn'][0] == 'Hautdesert' && $ldap_entry_post['guid'][0] == '151' && $ldap_entry_post['provisionsource'][0] == 'drupal.hogwarts.edu';
$this
->assertTrue($ldap_entry_success, t("provision of ldap entry on user create succeeded for " . $username), $this
->testId("test for provision to ldap on drupal acct create"));
if (!$ldap_entry_success) {
debug('drupal_account');
debug($drupal_account);
debug("desired_dn={$desired_dn}, ldap_entry_post=");
debug($ldap_entry_post);
debug('ldap_user_conf');
debug($ldap_user_conf);
}
// Need to reset for simpletests.
ldap_user_ldap_provision_semaphore(NULL, NULL, NULL, TRUE);
// Change lastname and first name (in drupal) and save user to test ldapSynch event handler
// confirm that appropriate attributes were changed in ldap entry.
$ldap_entry_pre = $servers[$test_sid]
->dnExists($desired_dn, 'ldap_entry');
$user_acct_pre = user_load_by_name('bhautdeser');
$edit = [];
$edit['field_fname'][LANGUAGE_NONE][0]['value'] = 'Bredbeddle';
$edit['field_lname'][LANGUAGE_NONE][0]['value'] = 'Hautdesert';
$user_acct = user_save($user_acct, $edit);
$user_acct_post = user_load_by_name('bhautdeser');
// Clear cache.
$servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE);
$ldap_entry_post = $servers[$test_sid]
->dnExists($desired_dn, 'ldap_entry');
$ldap_entry_success = $ldap_entry_post['givenname'][0] == 'Bredbeddle' && $ldap_entry_post['displayname'][0] == 'Bredbeddle Hautdesert' && $ldap_entry_post['sn'][0] == 'Hautdesert';
$this
->assertTrue($ldap_entry_success, t("synch to ldap entry on user save succeeded for " . $username), $this
->testId());
if (!$ldap_entry_success) {
debug("dn={$desired_dn}");
debug('drupal_account pre');
debug($user_acct_pre);
debug('drupal_account post');
debug($user_acct_post);
debug('ldap_entry_pre');
debug($ldap_entry_pre);
debug('ldap_entry_post');
debug($ldap_entry_post);
debug('ldap_user_conf');
debug($ldap_user_conf);
}
// Change username and first name (in drupal) and save user to test ldapSynch event handler
// confirm that appropriate attributes were changed in ldap entry.
$ldap_entry_pre = $servers[$test_sid]
->dnExists($desired_dn, 'ldap_entry');
$user_acct_pre = user_load_by_name('bhautdeser');
$edit = [];
$edit['field_fname'][LANGUAGE_NONE][0]['value'] = 'Bredbeddle';
$edit['field_lname'][LANGUAGE_NONE][0]['value'] = 'Hautdesert';
$user_acct = user_save($user_acct, $edit);
$user_acct_post = user_load_by_name('bhautdeser');
// Clear cache.
$servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE);
$ldap_entry_post = $servers[$test_sid]
->dnExists($desired_dn, 'ldap_entry');
$ldap_entry_success = $ldap_entry_post['givenname'][0] == 'Bredbeddle' && $ldap_entry_post['displayname'][0] == 'Bredbeddle Hautdesert' && $ldap_entry_post['sn'][0] == 'Hautdesert';
$this
->assertTrue($ldap_entry_success, t("synch to ldap entry on user save succeeded for " . $username), $this
->testId());
if (!$ldap_entry_success) {
debug("dn={$desired_dn}");
debug('drupal_account pre');
debug($user_acct_pre);
debug('drupal_account post');
debug($user_acct_post);
debug('ldap_entry_pre');
debug($ldap_entry_pre);
debug('ldap_entry_post');
debug($ldap_entry_post);
debug('ldap_user_conf');
debug($ldap_user_conf);
}
}
/**
* provisionToLdapEmailVerification
* use case where a user self creates and confirms a drupal account and
* a corresponding ldap entry with password is created
*/
$password_tests = [
'[password.user-random]' => 'goodpwd',
'[password.random]' => 'random',
];
foreach ($password_tests as $password_token => $password_result) {
$test_id = "provisionToLdapEmailVerification {$password_token}, {$test_sid}";
// Need to reset for simpletests.
ldap_user_ldap_provision_semaphore(NULL, NULL, NULL, TRUE);
/**
* provisionToLdapEmailVerification setup
*/
// This will create the proper ldap_user configuration from ldap_test/ldap_user.conf.inc.
$this
->prepTestData('hogwarts', $sids, 'provisionToLdap_' . $test_sid);
$ldap_user_conf = ldap_user_conf('admin', TRUE);
// Turn off provisioning to drupal.
$ldap_user_conf->drupalAcctProvisionServer = 0;
$ldap_user_conf->ldapEntryProvisionServer = $test_sid;
$ldap_user_conf->ldapEntryProvisionTriggers = [
LDAP_USER_LDAP_ENTRY_PROV_ON_USER_UPDATE_CREATE,
LDAP_USER_LDAP_ENTRY_PROV_ON_AUTHENTICATE,
];
$ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY]['[password]'] = [
'sid' => $test_sid,
'ldap_attr' => '[password]',
'user_attr' => 'user_tokens',
'convert' => 0,
'user_tokens' => $password_token,
'config_module' => 'ldap_user',
'synch_module' => 'ldap_user',
'enabled' => 1,
'prov_events' => [
LDAP_USER_EVENT_CREATE_LDAP_ENTRY,
LDAP_USER_EVENT_SYNCH_TO_LDAP_ENTRY,
],
];
$ldap_user_conf
->save();
$ldap_user_conf = ldap_user_conf('default', TRUE);
variable_set('user_email_verification', TRUE);
// Or USER_REGISTER_ADMINISTRATORS_ONLY, USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL.
variable_set('user_register', USER_REGISTER_VISITORS);
// user_cancel_block_unpublish, user_cancel_reassign, user_cancel_delete.
variable_set('user_cancel_method', 'user_cancel_block');
$username = 'sstephens';
$this
->drupalLogout();
if ($sstephens = user_load_by_name($username)) {
user_delete($sstephens->uid);
}
/**
* provisionToLdapEmailVerification test
*/
// User register form.
$this
->drupalGet('user/register');
$edit = [
'name' => $username,
'mail' => $username . '@hogwarts.edu',
];
// This will create last and first name fields.
$this
->createTestUserFields();
$this
->drupalPost('user/register', $edit, t('Create new account'));
$sstephens = user_load_by_name($username);
// can't derive login url, must get it from outgoing email because timestamp in hash is not stored in user_mail_tokens()
$emails = $this
->drupalGetMails();
// Most recent email is the one of interest.
$email_body = $emails[count($emails) - 1]['body'];
$result = [];
preg_match_all('/(user\\/reset\\/.*)This link can only be/s', $email_body, $result, PREG_PATTERN_ORDER);
if (is_array($result) && count($result) === 2) {
$login_path = trim($result[1][0]);
// User login form.
$this
->drupalGet($login_path);
$sstephens = user_load_by_name($username);
$this
->drupalPost($login_path, [], t('Log in'));
$sstephens = user_load_by_name($username);
$edit = [
'mail' => $username . '@hogwarts.edu',
'pass[pass1]' => 'goodpwd',
'pass[pass2]' => 'goodpwd',
'field_fname[und][0][value]' => 'Samantha',
'field_lname[und][0][value]' => 'Stephens',
];
$this
->drupalPost(NULL, $edit, t('Save'));
$sstephens = user_load_by_name($username);
// Clear cache.
$servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE);
$desired_dn = "cn={$username},ou=people,dc=hogwarts,dc=edu";
$ldap_entry_post = $servers[$test_sid]
->dnExists($desired_dn, 'ldap_entry');
$password_success = is_array($ldap_entry_post) && ($password_token == '[password.random]' && $ldap_entry_post['password'][0] && $ldap_entry_post['password'][0] != 'goodpwd' || $password_token == '[password.user-random]' && $ldap_entry_post['password'][0] == $password_result);
$ldap_entry_success = $password_success && $ldap_entry_post['cn'][0] == $username && $ldap_entry_post['displayname'][0] == 'Samantha Stephens' && $ldap_entry_post['provisionsource'][0] == 'drupal.hogwarts.edu' && $ldap_entry_post['sn'][0] == 'Stephens' && $ldap_entry_post['givenname'][0] == 'Samantha';
}
else {
$ldap_entry_success = FALSE;
}
$this
->assertTrue($ldap_entry_success, t("correct ldap entry created for " . $username), $this
->testId($test_id));
if (!$ldap_entry_success) {
debug("password_success={$password_success},password_token,password_result: {$password_token}, {$password_result}");
debug('ldap_user_conf');
debug($ldap_user_conf);
debug('ldap_entry_post');
debug($ldap_entry_post);
debug('user');
debug($sstephens);
}
/**
* @todo functional tests
*
* do a password reset of some sort
* try to add a drupal user that conflicts with an ldap user
* try a binary fields such as a user profile image
*/
}
// Test deletion of drupal entry on deletion of drupal user.
foreach ([
'activedirectory1',
'openldap1',
] as $test_sid) {
$test_id = $test_sid;
// 1. setup.
$sids = [
$test_sid,
];
// This will create the proper ldap_user configuration from ldap_test/ldap_user.conf.inc.
$this
->prepTestData('hogwarts', $sids, 'provisionToLdap_' . $test_sid);
$ldap_user_conf = ldap_user_conf('admin', TRUE);
if (!in_array(LDAP_USER_LDAP_ENTRY_DELETE_ON_USER_DELETE, $ldap_user_conf->ldapEntryProvisionTriggers)) {
$ldap_user_conf->ldapEntryProvisionTriggers[] = LDAP_USER_LDAP_ENTRY_DELETE_ON_USER_DELETE;
}
$ldap_user_conf->provisionsLdapEntriesFromDrupalUsers = TRUE;
$ldap_user_conf
->save();
$username = 'bhautdeser';
if ($user = user_load_by_name($username)) {
user_delete($user->uid);
}
$user_edit = [
'name' => $username,
'mail' => $username . '@hogwarts.org',
'pass' => user_password(),
'status' => 1,
];
$user_acct = new stdClass();
$user_acct->is_new = TRUE;
$user_acct->field_fname[LANGUAGE_NONE][0]['value'] = 'Bercilak';
$user_acct->field_lname[LANGUAGE_NONE][0]['value'] = 'Hautdesert';
$servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE);
$desired_dn = "cn=bhautdeser,ou=people,dc=hogwarts,dc=edu";
$pre_entry = $servers[$test_sid]
->dnExists($desired_dn, 'ldap_entry');
$drupal_account = user_save($user_acct, $user_edit);
$ldap_entry_pre_delete = $servers[$test_sid]
->dnExists($desired_dn, 'ldap_entry');
$ldap_entry = $ldap_user_conf
->getProvisionRelatedLdapEntry($drupal_account);
// 2. test.
user_delete($drupal_account->uid);
$ldap_server = ldap_servers_get_servers($test_sid, 'all', TRUE, TRUE);
$ldap_entry_post_delete = $ldap_server
->dnExists($desired_dn, 'ldap_entry');
$success = !$ldap_entry_post_delete;
$this
->assertTrue($success, t("ldap entry removed for {$username} on drupal user delete with deletion enabled."), $this
->testId($test_id));
if (!$success) {
debug(" desired_dn={$desired_dn} test_sid={$test_sid}, ldap entry post:");
debug($ldap_entry_post_delete);
}
}
}