function LdapUserUnitTests::testUnitTests in Lightweight Directory Access Protocol (LDAP) 8.2
Same name and namespace in other branches
- 7.2 ldap_user/tests/ldap_user.test \LdapUserUnitTests::testUnitTests()
make sure install succeeds and ldap user functions/methods work
File
- ldap_user/
tests/ ldap_user.test, line 52
Class
Code
function testUnitTests() {
// just to give warning if setup doesn't succeed.
$setup_success = module_exists('ldap_user') && module_exists('ldap_servers') && config('ldap_test.settings')
->get('simpletest') > 0;
$this
->assertTrue($setup_success, ' ldap_user setup successful', $this
->testId('setup'));
$api_functions = array(
'ldap_user_conf' => array(
2,
0,
),
'ldap_user_synch_to_drupal' => array(
3,
1,
),
'ldap_user_provision_to_drupal' => array(
2,
1,
),
'ldap_user_ldap_provision_semaphore' => array(
4,
2,
),
'ldap_user_token_replace' => array(
3,
2,
),
'ldap_user_token_tokenize_entry' => array(
5,
2,
),
);
foreach ($api_functions as $api_function_name => $param_count) {
$reflector = new ReflectionFunction($api_function_name);
$this
->assertTrue(function_exists($api_function_name) && $param_count[1] == $reflector
->getNumberOfRequiredParameters() && $param_count[0] == $reflector
->getNumberOfParameters(), ' api function ' . $api_function_name . ' parameters and required parameters count unchanged.', $this
->testId($api_function_name . ' unchanged'));
}
$this
->assertTrue(drupal_cron_run(), t('Cron can run with ldap user enabled.'), $this
->testId('cron works'));
// test user token functions
$entity = new stdClass();
$entity->lname['und'][0]['value'] = 'potter';
$entity->house['und'][0]['value'] = 'Gryffindor';
$entity->house['und'][1]['value'] = 'Privet Drive';
$account = new stdClass();
$account->mail = 'hpotter@hogwarts.edu';
$mail = ldap_user_token_replace('[property.mail]', $account, $entity);
$this
->assertTrue($mail == $account->mail, t('[property.mail] token worked on ldap_user_token_replace().'), $this
->testId('tokens.property'));
$lname = ldap_user_token_replace('[field.lname]', $account, $entity);
$this
->assertTrue($lname == $entity->lname['und'][0]['value'], t('[field.lname] token worked on ldap_user_token_replace().'), $this
->testId('tokens.property.field'));
$house1 = ldap_user_token_replace('[field.house:1]', $account, $entity);
$this
->assertTrue($house1 == $entity->house['und'][1]['value'], t('[field.house:1] token worked on ldap_user_token_replace().'), $this
->testId('tokens.property.field.ordinal'));
//@todo need tests for :last and a multivalued attribute. see http://drupal.org/node/1245736
$sids = array(
'activedirectory1',
);
$this
->prepTestData('hogwarts', $sids, 'default');
// prepTestData($sids, 'provisionToDrupal', 'default');
$ldap_server = ldap_servers_get_servers('activedirectory1', NULL, TRUE, TRUE);
$ldap_user_conf = ldap_user_conf('admin', TRUE);
$this
->assertTrue(is_object($ldap_user_conf), t('ldap_conf class instantiated'), $this
->testId('construct ldapUserConf object'));
$user_edit = array();
$ldap_user = ldap_servers_get_user_ldap_data('hpotter', $ldap_user_conf->drupalAcctProvisionServer, 'ldap_user_prov_to_drupal');
$desired_result = array(
'dn' => 'cn=hpotter,ou=people,dc=hogwarts,dc=edu',
'mail' => 'hpotter@hogwarts.edu',
'attr' => $ldap_server->entries['cn=hpotter,ou=people,dc=hogwarts,dc=edu'],
'sid' => 'activedirectory1',
);
$array_diff = array_diff($ldap_user, $desired_result);
$this
->assertTrue(count($array_diff) == 0, t('ldap_servers_get_user_ldap_data retrieved correct attributes and values'), $this
->testId('ldap_servers_get_user_ldap_data'));
if (count($array_diff) != 0) {
debug('ldap_servers_get_user_ldap_data failed. resulting ldap data array:');
debug($ldap_user);
debug('desired result:');
debug($desired_result);
debug('array_diff:');
debug($array_diff);
}
$ldap_todrupal_prov_server = ldap_servers_get_servers($ldap_user_conf->drupalAcctProvisionServer, 'all', TRUE);
$ldap_user_conf
->entryToUserEdit($ldap_user, $user_edit, $ldap_todrupal_prov_server);
unset($user_edit['pass']);
$desired_result = array(
'mail' => 'hpotter@hogwarts.edu',
'name' => 'hpotter',
'init' => 'hpotter@hogwarts.edu',
'status' => 1,
'signature' => '',
'data' => array(
'ldap_authentication' => array(
'init' => array(
'sid' => 'activedirectory1',
'dn' => 'cn=hpotter,ou=people,dc=hogwarts,dc=edu',
'mail' => 'hpotter@hogwarts.edu',
),
),
),
'ldap_user_puid' => array(
'und' => array(
0 => array(
'value' => '101',
),
),
),
'ldap_user_puid_property' => array(
'und' => array(
0 => array(
'value' => 'guid',
),
),
),
'ldap_user_puid_sid' => array(
'und' => array(
0 => array(
'value' => 'activedirectory1',
),
),
),
'ldap_user_current_dn' => array(
'und' => array(
0 => array(
'value' => 'cn=hpotter,ou=people,dc=hogwarts,dc=edu',
),
),
),
);
$array_diff = array_diff($user_edit, $desired_result);
//@todo need better diff, this will give false positives in most cases
// debug('user_edit,desired_result,diff'); debug( array($user_edit, $desired_result, $array_diff));
$this
->assertTrue(count($array_diff) == 0, t('ldapUserConf::entryToUserEdit retrieved correct property, field, and data values.'), $this
->testId('ldapUserConf::entryToUserEdit'));
if (count($array_diff) != 0) {
debug('ldapUserConf::entryToUserEdit failed. resulting user edit array:');
debug($user_edit);
debug('desired result:');
debug($desired_result);
debug('array_diff:');
debug($array_diff);
}
$is_synched_tests = array(
LDAP_USER_EVENT_CREATE_DRUPAL_USER => array(
0 => array(
'[property.fake]',
'[property.data]',
'[property.uid]',
),
1 => array(
'[property.mail]',
'[property.name]',
'[field.ldap_user_puid]',
'[field.ldap_user_puid_property]',
'[field.ldap_user_puid_sid]',
'[field.ldap_user_current_dn]',
),
),
LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER => array(
0 => array(
'[property.fake]',
'[property.data]',
'[property.uid]',
'[field.ldap_user_puid]',
'[field.ldap_user_puid_property]',
'[field.ldap_user_puid_sid]',
),
1 => array(
'[property.mail]',
'[property.name]',
'[field.ldap_user_current_dn]',
),
),
);
$debug = array();
$fail = FALSE;
foreach ($is_synched_tests as $prov_event => $tests) {
foreach ($tests as $boolean_result => $attribute_tokens) {
foreach ($attribute_tokens as $attribute_token) {
$is_synched = $ldap_user_conf
->isSynched($attribute_token, array(
$prov_event,
), LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER);
// debug("is_synched_tests: is_synched=$is_synched, attribute_token=$attribute_token, prov_event=$prov_event");
if ((int) $is_synched !== (int) $boolean_result) {
$fail = TRUE;
$debug[$attribute_token] = "isSynched({$attribute_token}, array({$prov_event}),\n LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) returned {$is_synched} when it should have returned " . (int) $boolean_result;
}
}
}
}
$this
->assertFalse($fail, t('ldapUserConf::isSynched works'), $this
->testId('ldapUserConf::isSynched'));
if ($fail) {
debug('ldapUserConf::isSynched failures:');
debug($debug);
}
$this
->assertTrue($ldap_user_conf
->isDrupalAcctProvisionServer('activedirectory1'), t('isDrupalAcctProvisionServer works'), $this
->testId('isDrupalAcctProvisionServer'));
$this
->assertFalse($ldap_user_conf
->isLdapEntryProvisionServer('activedirectory1'), t('isLdapEntryProvisionServer works'), $this
->testId('isLdapEntryProvisionServer'));
$ldap_user_required_attributes = $ldap_user_conf
->getLdapUserRequiredAttributes(LDAP_USER_PROV_DIRECTION_ALL);
$provision_enabled_truth = (bool) ($ldap_user_conf
->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, LDAP_USER_DRUPAL_USER_PROV_ON_USER_UPDATE_CREATE) && $ldap_user_conf
->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, LDAP_USER_DRUPAL_USER_PROV_ON_AUTHENTICATE) && !$ldap_user_conf
->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY, LDAP_USER_LDAP_ENTRY_PROV_ON_USER_UPDATE_CREATE));
$this
->assertTrue($provision_enabled_truth, t('provisionEnabled works'), $this
->testId('provisionEnabled.1'));
$provision_enabled_false = $ldap_user_conf
->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY, LDAP_USER_DRUPAL_USER_PROV_ON_USER_UPDATE_CREATE) || $ldap_user_conf
->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY, LDAP_USER_DRUPAL_USER_PROV_ON_AUTHENTICATE) || $ldap_user_conf
->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, LDAP_USER_LDAP_ENTRY_PROV_ON_USER_UPDATE_CREATE);
$this
->assertFalse($provision_enabled_false, t('provisionEnabled works'), $this
->testId('provisionEnabled.2'));
$account = new stdClass();
$account->name = 'hpotter';
$params = array(
'ldap_context' => 'ldap_user_prov_to_drupal',
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
);
list($ldap_entry, $error) = $ldap_user_conf
->drupalUserToLdapEntry($account, 'activedirectory1', $params);
// debug('ldap_entry'); debug($ldap_entry);
$account = NULL;
$user_edit = array(
'name' => 'hpotter',
);
// test method provisionDrupalAccount()
$hpotter = $ldap_user_conf
->provisionDrupalAccount($account, $user_edit, NULL, TRUE);
$hpotter = user_load_by_name('hpotter');
$properties_set = $hpotter->name == 'hpotter' && $hpotter->mail == 'hpotter@hogwarts.edu' && $hpotter->init == 'hpotter@hogwarts.edu' && $hpotter->status == 1;
$this
->assertTrue($properties_set, t('user name, mail, init, and status correctly populated for hpotter'), $this
->testId());
$fields_set = isset($hpotter->ldap_user_puid['und'][0]['value']) && $hpotter->ldap_user_puid['und'][0]['value'] == '101' && isset($hpotter->ldap_user_puid_property['und'][0]['value']) && $hpotter->ldap_user_puid_property['und'][0]['value'] == 'guid' && isset($hpotter->ldap_user_puid_sid['und'][0]['value']) && $hpotter->ldap_user_puid_sid['und'][0]['value'] == 'activedirectory1' && isset($hpotter->ldap_user_current_dn['und'][0]['value']) && $hpotter->ldap_user_current_dn['und'][0]['value'] == 'cn=hpotter,ou=people,dc=hogwarts,dc=edu';
$this
->assertTrue($fields_set, t('user ldap_user_puid, ldap_user_puid_property, ldap_user_puid_sid, and ldap_user_current_dn correctly populated for hpotter'), $this
->testId('provisionDrupalAccount function test 3'));
$data_diff = array_diff($hpotter->data['ldap_user'], array(
'init' => array(
'sid' => 'activedirectory1',
'dn' => NULL,
'mail' => 'hpotter@hogwarts.edu',
),
));
$this
->assertTrue(count($data_diff) == 0, t('user->data array correctly populated for hpotter'), $this
->testId());
// test account exists with correct username, mail, fname, puid, puidfield, dn
// change some user mock ldap data first, (mail and fname) then synch
$account = user_load_by_name('hpotter');
$user_edit = NULL;
$ldap_user_conf->ldapUserSynchMappings = array();
$sid = 'activedirectory1';
$ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER]['[property.mail]'] = array(
'sid' => $sid,
'ldap_attr' => '[mail]',
'user_attr' => '[property.mail]',
'convert' => 0,
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
'ldap_contexts' => array(
'ldap_user_insert_drupal_user',
'ldap_user_update_drupal_user',
'ldap_authentication_authenticate',
),
'prov_events' => array(
LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER,
),
'name' => 'Property: Mail',
'enabled' => TRUE,
'config_module' => 'ldap_servers',
'prov_module' => 'ldap_user',
'user_tokens' => '',
);
$ldap_user_conf
->save();
$this->testFunctions
->setFakeServerUserAttribute($sid, 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', 'mail', 'hpotter@owlcarriers.com', 0);
$ldap_server = ldap_servers_get_servers('activedirectory1', NULL, TRUE, TRUE);
// clear server cache;
$user = $ldap_user_conf
->synchToDrupalAccount($account, $user_edit, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER, NULL, TRUE);
$hpotter = user_load_by_name('hpotter');
$hpotter_uid = $hpotter->uid;
$success = $hpotter->mail == 'hpotter@owlcarriers.com';
$this
->assertTrue($success, t('synchToDrupalAccount worked for property (mail) for hpotter'), $this
->testId());
if (!$success) {
debug("hpotter mail after synchToDrupalAccount :" . $hpotter->mail);
$ldap_server = ldap_servers_get_servers($sid, NULL, TRUE, TRUE);
debug('ldap_server');
debug($ldap_server);
}
/**
* test for username change and provisioning with puid conflict
* hpotter drupal user already exists and has correct puid
* change samaccountname value (puid field) of hpotter ldap entry and attempt to provision account with new username (hpotterbrawn)
* return should be old drupal account (same uid)
*/
$this->testFunctions
->setFakeServerUserAttribute('activedirectory1', 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', 'samaccountname', 'hpotter-granger', 0);
$account = NULL;
$user_edit = array(
'name' => 'hpotter-granger',
);
$hpottergranger = $ldap_user_conf
->provisionDrupalAccount($account, $user_edit, NULL, TRUE);
$this->testFunctions
->setFakeServerUserAttribute('activedirectory1', 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', 'samaccountname', 'hpotter', 0);
$pass = is_object($hpottergranger) && is_object($hpotter) && $hpotter->uid == $hpottergranger->uid;
$this
->assertTrue($pass, t('provisionDrupalAccount recognized PUID conflict and synched instead of creating a conflicted drupal account.'), $this
->testId('provisionDrupalAccount function test with existing user with same puid'));
if (!$pass) {
debug('hpotter');
debug($hpotter);
debug('hpottergranger');
debug($hpottergranger);
}
$authmaps = user_get_authmaps('hpotter-granger');
$pass = $authmaps['ldap_user'] == 'hpotter-granger';
$this
->assertTrue($pass, t('provisionDrupalAccount recognized PUID conflict and fixed authmap.'), $this
->testId());
$pass = is_object($hpottergranger) && $hpottergranger->name == 'hpotter-granger';
$this
->assertTrue($pass, t('provisionDrupalAccount recognized PUID conflict and fixed username.'), $this
->testId());
$user_edit = array(
'name' => 'hpotter',
);
$hpotter = user_save($hpottergranger, $user_edit, 'ldap_user');
// delete and recreate test account to make sure account is in correct state
$ldap_user_conf
->deleteDrupalAccount('hpotter');
$this
->assertFalse(user_load($hpotter_uid, TRUE), t('deleteDrupalAccount deleted hpotter successfully'), $this
->testId());
$ldap_server = ldap_servers_get_servers('activedirectory1', 'enabled', TRUE, TRUE);
$ldap_server
->refreshFakeData();
$account = NULL;
$user_edit = array(
'name' => 'hpotter',
);
$hpotter = $ldap_user_conf
->provisionDrupalAccount($account, $user_edit, NULL, TRUE);
}