91 lines
2.1 KiB
Ruby
91 lines
2.1 KiB
Ruby
# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
|
|
|
|
require 'rails_helper'
|
|
require 'lib/auth/backend/backend_examples'
|
|
|
|
RSpec.describe ::Auth::Backend::Ldap do
|
|
|
|
let(:user) { create(:user, source: 'Ldap') }
|
|
let(:password) { 'secure' }
|
|
let(:auth) { Auth.new(user.login, password) }
|
|
let(:config) do
|
|
{
|
|
adapter: described_class.name
|
|
}
|
|
end
|
|
let(:instance) { described_class.new(config, auth) }
|
|
let(:ldap_integration) { true }
|
|
|
|
before do
|
|
Setting.set('ldap_integration', ldap_integration)
|
|
end
|
|
|
|
describe '#valid?' do
|
|
let(:ldap_user) { instance_double(Ldap::User) }
|
|
|
|
before do
|
|
allow(Ldap::User).to receive(:new).with(any_args).and_return(ldap_user)
|
|
allow(ldap_user).to receive(:valid?).with(any_args).and_return(true)
|
|
end
|
|
|
|
it_behaves_like 'Auth backend'
|
|
|
|
it 'authenticates users' do
|
|
expect(instance.valid?).to be true
|
|
end
|
|
|
|
context 'when custom login attribute is configured' do
|
|
|
|
let(:config) do
|
|
super().merge(
|
|
login_attributes: %w[firstname]
|
|
)
|
|
end
|
|
|
|
it 'authenticates' do
|
|
allow(ldap_user).to receive(:valid?).with(user.firstname, password).and_return(true)
|
|
|
|
expect(instance.valid?).to be true
|
|
end
|
|
end
|
|
|
|
context 'when Setting ldap_integration is false' do
|
|
|
|
let(:ldap_integration) { false }
|
|
|
|
it "doesn't authenticate" do
|
|
expect(instance.valid?).to be false
|
|
end
|
|
end
|
|
|
|
context 'when LDAP authentication fails' do
|
|
|
|
it "doesn't authenticate" do
|
|
allow(ldap_user).to receive(:valid?).with(any_args).and_return(false)
|
|
|
|
expect(instance.valid?).to be false
|
|
end
|
|
end
|
|
|
|
context 'when User#source does not match Ldap' do
|
|
|
|
context 'when blank' do
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
it "doesn't authenticate" do
|
|
expect(instance.valid?).to be false
|
|
end
|
|
end
|
|
|
|
context 'when some other value' do
|
|
|
|
let(:user) { create(:user, source: 'some other value') }
|
|
|
|
it "doesn't authenticate" do
|
|
expect(instance.valid?).to be false
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|