function LdapUserUnitTests::testProvisionToDrupal in Lightweight Directory Access Protocol (LDAP) 8.2
Same name and namespace in other branches
- 7.2 ldap_user/tests/ldap_user.test \LdapUserUnitTests::testProvisionToDrupal()
File
- ldap_user/
tests/ ldap_user.test, line 371
Class
Code
function testProvisionToDrupal() {
/**
* test that $ldap_user_conf->synchToDrupalAccount() works for various contexts.
* make sure changing when a given field/property is flagged for a particular context, everything works
* tests one property (property.mail) and one field (field.field_lname) as well as username, puid
*/
// just to give warning if setup doesn't succeed. may want to take these out at some point.
$setup_success = module_exists('ldap_user') && module_exists('ldap_servers') && config('ldap_test.settings')
->get('simpletest') > 0;
$this
->assertTrue($setup_success, ' ldap_user setup successful', $this
->testId("setup"));
$sid = 'activedirectory1';
$sids = array(
$sid,
);
$this
->prepTestData('hogwarts', $sids, 'provisionToDrupal', 'default');
$tests = array();
$tests[] = array(
'disabled' => 0,
'user' => 'hpotter',
'field_name' => 'field_lname',
'field_values' => array(
array(
'sn' => 'Potter',
),
array(
'sn' => 'Pottery-Chard',
),
),
'field_results' => array(
'Potter',
'Pottery-Chard',
),
// first value is what is desired on synch, second if no sycn
'mapping' => array(
'sid' => $sid,
'name' => 'Field: Last Name',
'ldap_attr' => '[SN]',
'user_attr' => '[field.field_lname]',
'convert' => 0,
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
'prov_events' => array(
LDAP_USER_EVENT_CREATE_DRUPAL_USER,
LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER,
),
'user_tokens' => '',
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'enabled' => TRUE,
),
);
// test for compound tokens
$tests[] = array(
'disabled' => 0,
'user' => 'hpotter',
'field_name' => 'field_display_name',
'field_values' => array(
array(
'givenname' => 'Harry',
'sn' => 'Potter',
),
array(
'givenname' => 'Sir Harry',
'sn' => 'Potter',
),
),
'field_results' => array(
'Harry Potter',
'Sir Harry Potter',
),
// desired results
'mapping' => array(
'sid' => $sid,
'ldap_attr' => '[givenName] [sn]',
'user_attr' => '[field.field_display_name]',
'convert' => 0,
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
'prov_events' => array(
LDAP_USER_EVENT_CREATE_DRUPAL_USER,
LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER,
),
'name' => 'Field: Display Name',
'enabled' => TRUE,
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'user_tokens' => '',
),
);
// test for constants in use (e.g. "Smith" and "0") instead of tokens e.g. "[sn]" and "[enabled]"
$tests[] = array(
'disabled' => 0,
'user' => 'hpotter',
'field_name' => 'field_lname',
'field_values' => array(
array(
'sn' => 'Potter1',
),
array(
'sn' => 'Potter2',
),
),
'field_results' => array(
'Smith',
'Smith',
),
'mapping' => array(
'sid' => $sid,
'name' => 'Field: Last Name',
'ldap_attr' => 'Smith',
// testing of a constant mapped to a field. that is everyone should have last name smith
'user_attr' => '[field.field_lname]',
'convert' => 0,
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
'prov_events' => array(
LDAP_USER_EVENT_CREATE_DRUPAL_USER,
LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER,
),
'user_tokens' => '',
'config_module' => 'ldap_user',
'prov_module' => 'ldap_user',
'enabled' => TRUE,
),
);
// test for compound tokens
$tests[] = array(
'disabled' => 0,
'user' => 'hpotter',
'property_name' => 'signature',
'property_values' => array(
array(
'cn' => 'hpotter',
),
array(
'cn' => 'hpotter2',
),
),
'property_results' => array(
'hpotter@hogwarts.edu',
'hpotter2@hogwarts.edu',
),
'mapping' => array(
'sid' => $sid,
'ldap_attr' => '[cn]@hogwarts.edu',
'user_attr' => '[property.signature]',
'convert' => 0,
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
'prov_events' => array(
LDAP_USER_EVENT_CREATE_DRUPAL_USER,
LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER,
),
'name' => 'Property: Signature',
'enabled' => TRUE,
'config_module' => 'ldap_servers',
'prov_module' => 'ldap_user',
'user_tokens' => '',
),
);
$tests[] = array(
'disabled' => 0,
'user' => 'hpotter',
'property_name' => 'mail',
'property_values' => array(
array(
'mail' => 'hpotter@hogwarts.edu',
),
array(
'mail' => 'hpotter@owlmail.com',
),
),
'property_results' => array(
'hpotter@hogwarts.edu',
'hpotter@owlmail.com',
),
'mapping' => array(
'sid' => $sid,
'ldap_attr' => '[mail]',
'user_attr' => '[property.mail]',
'convert' => 0,
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
'prov_events' => array(
LDAP_USER_EVENT_CREATE_DRUPAL_USER,
LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER,
),
'name' => 'Property: Mail',
'enabled' => TRUE,
'config_module' => 'ldap_servers',
'prov_module' => 'ldap_user',
'user_tokens' => '',
),
);
$tests[] = array(
'disabled' => 0,
'user' => 'hpotter',
'property_name' => 'status',
'property_values' => array(
array(
0 => 'z',
),
array(
0 => 'z',
),
),
'property_results' => array(
0,
0,
),
'mapping' => array(
'sid' => $sid,
'ldap_attr' => '0',
'user_attr' => '[property.status]',
// testing of a constant mapped to property
'convert' => 0,
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
'prov_events' => array(
LDAP_USER_EVENT_CREATE_DRUPAL_USER,
),
'name' => 'Property: Status',
'enabled' => TRUE,
'config_module' => 'ldap_servers',
'prov_module' => 'ldap_user',
'user_tokens' => '',
),
);
// @todo test with binary field
// @todo case sensitivity in tokens and user_attr in mappings
$test_prov_events = array(
LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER => array(
LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER,
LDAP_USER_EVENT_CREATE_DRUPAL_USER,
),
LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY => array(
LDAP_USER_EVENT_SYNCH_TO_LDAP_ENTRY,
LDAP_USER_EVENT_CREATE_LDAP_ENTRY,
),
);
$this->privileged_user = $this
->drupalCreateUser(array(
'administer site configuration',
'administer users',
));
/** Tests for various synch contexts **/
foreach ($tests as $j => $test) {
$field_name = isset($test['field_name']) ? $test['field_name'] : FALSE;
$property_name = isset($test['property_name']) ? $test['property_name'] : FALSE;
$direction = $property_name ? $test['mapping']['direction'] : $test['mapping']['direction'];
foreach ($test_prov_events[$direction] as $i => $prov_event) {
// test for each provision event
// 1. set fake ldap values for field and property in fake ldap server
// and clear out mappings and set to provision account with test field and prop[0] on provision
$ldap_server = ldap_servers_get_servers('activedirectory1', 'enabled', TRUE);
$this
->prepTestData('hogwarts', $sids, 'provisionToDrupal', 'default');
$ldap_user_conf = ldap_user_conf('admin', TRUE);
if ($property_name) {
$token_attributes = array();
ldap_servers_token_extract_attributes($token_attributes, $test['mapping']['ldap_attr']);
foreach ($token_attributes as $attr_name => $attr_parts) {
$this->testFunctions
->setFakeServerUserAttribute('activedirectory1', 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', $attr_name, $test['property_values'][0][$attr_name], 0);
}
$property_token = '[property.' . $property_name . ']';
$ldap_user_conf->ldapUserSynchMappings[$direction][$property_token] = $test['mapping'];
}
if ($field_name) {
$token_attributes = array();
ldap_servers_token_extract_attributes($token_attributes, $test['mapping']['ldap_attr']);
//debug('token_attributes'); debug($token_attributes);
foreach ($token_attributes as $attr_name => $attr_parts) {
$this->testFunctions
->setFakeServerUserAttribute('activedirectory1', 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', $attr_name, $test['field_values'][0][drupal_strtolower($attr_name)], 0);
}
$field_token = '[field.' . $field_name . ']';
$ldap_user_conf->ldapUserSynchMappings[$direction][$field_token] = $test['mapping'];
}
$ldap_user_conf
->save();
$ldap_user_conf = ldap_user_conf('admin', TRUE);
// debug("ldap_user_conf in prep field_token=$field_token"); debug($ldap_user_conf->synchMapping); debug($ldap_user_conf->ldapUserSynchMappings);
ldap_user_ldap_provision_semaphore(NULL, NULL, NULL, TRUE);
ldap_servers_flush_server_cache();
// 2. delete user
$username = $test['user'];
$user_object = user_load_by_name($username);
if (is_object($user_object)) {
user_delete($user_object->uid);
// watch out for this.
}
// 3. create new user with provisionDrupalAccount
$account = NULL;
$user_edit = array(
'name' => $username,
);
// $this->ldapTestId = $this->module_name . ': provisionDrupalAccount function test';
$result = $ldap_user_conf
->provisionDrupalAccount($account, $user_edit, NULL, TRUE);
list($user_object, $user_entity) = ldap_user_load_user_acct_and_entity($username);
if ($property_name) {
if (in_array($prov_event, $ldap_user_conf->ldapUserSynchMappings[$direction][$property_token]['prov_events'])) {
// if intended to synch
$property_success = $user_object->{$property_name} == $test['property_results'][0];
$this
->assertTrue($property_success, t("provisionDrupalAccount worked for property {$property_name}"), $this
->testId(":provisionDrupalAccount.i={$j}.prov_event={$prov_event}"));
if (!$property_success) {
debug('field fail,' . $property_name);
debug($user_entity->{$property_name});
debug($test['property_results'][0]);
//debug($user_entity);
}
}
else {
// debug("property_name=$property_name not configured to provisionDrupalAccount on drupal user create for direction=$direction and prov_event=$prov_event");
}
}
if ($field_name) {
// debug("property_name=$property_name, prov_event=$prov_event, direction=$direction, field_token=$field_token, sid=$sid, ldap_user_conf->ldapUserSynchMappings $direction - $sid"); debug($ldap_user_conf->ldapUserSynchMappings[$direction][$sid]);
if (in_array($prov_event, $ldap_user_conf->ldapUserSynchMappings[$direction][$field_token]['prov_events'])) {
// if intended to synch
$field_success = isset($user_entity->{$field_name}['und'][0]['value']) && $user_entity->{$field_name}['und'][0]['value'] == $test['field_results'][0];
$this
->assertTrue($field_success, t("provisionDrupalAccount worked for field {$field_name}"), $this
->testId(":provisionDrupalAccount.i={$j}.prov_event={$prov_event}"));
if (!$field_success) {
debug('field fail,' . $field_name);
debug($user_entity->{$field_name});
debug($test['field_results'][0]);
//debug($user_entity);
}
}
else {
debug("field_name={$field_name} not configured to provisionDrupalAccount on drupal user create for direction={$direction} and prov_event={$prov_event}");
}
}
ldap_user_ldap_provision_semaphore(NULL, NULL, NULL, TRUE);
}
/**
* manually create drupal user with option of not ldap associated checked
*/
if ($hpotter = user_load_by_name('hpotter')) {
user_delete($hpotter->uid);
}
$this
->assertFalse(user_load_by_name('hpotter'), t('hpotter removed before manual account creation test'), $this
->testId('manual non ldap account created'));
$this
->drupalLogout();
$this
->drupalLogin($this->privileged_user);
$this
->drupalGet('admin/people/create');
$edit = array(
'name' => 'hpotter',
'mail' => 'hpotter@hogwarts.edu',
'pass[pass1]' => 'goodpwd',
'pass[pass2]' => 'goodpwd',
'notify' => FALSE,
'ldap_user_association' => LDAP_USER_MANUAL_ACCT_CONFLICT_NO_LDAP_ASSOCIATE,
);
$this
->drupalPost('admin/people/create', $edit, t('Create new account'));
$hpotter = user_load_by_name('hpotter');
$this
->assertTrue($hpotter, t('hpotter created via ui form'), $this
->testId('manual non ldap account created'));
$this
->assertTrue($hpotter && !ldap_user_is_ldap_associated($hpotter), t('hpotter not ldap associated'), $this
->testId('manual non ldap account created'));
}
/**
* $entry = $servers['activedirectory1']->dnExists($desired_dn, 'ldap_entry');
* $this->assertFalse($entry, t("Corresponding LDAP entry deleted when Drupal Account deleted for " . $username), $this->ldapTestId);
*/
}