1use strict; 2use warnings; 3 4use RT::Test tests => undef; 5 6eval { require RT::Authen::ExternalAuth; require Net::LDAP::Server::Test; 1; } or do { 7 plan skip_all => 'Unable to test without Net::LDAP and Net::LDAP::Server::Test'; 8}; 9 10 11my $ldap_port = RT::Test->find_idle_port; 12ok( my $server = Net::LDAP::Server::Test->new( $ldap_port, auto_schema => 1 ), 13 "spawned test LDAP server on port $ldap_port" ); 14 15my $ldap = Net::LDAP->new("localhost:$ldap_port"); 16$ldap->bind(); 17my $username = "testuser"; 18my $base = "dc=bestpractical,dc=com"; 19my $dn = "uid=$username,$base"; 20my $entry = { 21 cn => $username, 22 mail => "$username\@invalid.tld", 23 uid => $username, 24 objectClass => 'User', 25 userPassword => 'password', 26 employeeType => 'engineer', 27 employeeID => '234', 28}; 29$ldap->add( $base ); 30$ldap->add( $dn, attr => [%$entry] ); 31 32my $employee_type_cf = RT::CustomField->new( RT->SystemUser ); 33ok( $employee_type_cf->Create( 34 Name => 'Employee Type', 35 LookupType => RT::User->CustomFieldLookupType, 36 Type => 'Select', 37 MaxValues => 1, 38 ), 39 'created cf Employee Type' 40); 41ok( $employee_type_cf->AddToObject( RT::User->new( RT->SystemUser ) ), 'applied Employee Type globally' ); 42 43my $employee_id_cf = RT::CustomField->new( RT->SystemUser ); 44ok( $employee_id_cf->Create( 45 Name => 'Employee ID', 46 LookupType => RT::User->CustomFieldLookupType, 47 Type => 'Freeform', 48 MaxValues => 1, 49 ), 50 'created cf Employee ID' 51); 52ok( $employee_id_cf->AddToObject( RT::User->new( RT->SystemUser ) ), 'applied Employee ID globally' ); 53 54my $delegate_cf = RT::CustomField->new( RT->SystemUser ); 55ok( $delegate_cf->Create( 56 Name => 'Delegate', 57 LookupType => RT::User->CustomFieldLookupType, 58 Type => 'Freeform', 59 MaxValues => 1, 60 ), 61 'created cf Delegate' 62); 63ok( $delegate_cf->AddToObject( RT::User->new( RT->SystemUser ) ), 'applied Delegate globally' ); 64 65RT->Config->Set( ExternalAuthPriority => ['My_LDAP'] ); 66RT->Config->Set( ExternalInfoPriority => ['My_LDAP'] ); 67RT->Config->Set( AutoCreateNonExternalUsers => 0 ); 68RT->Config->Set( AutoCreate => undef ); 69RT->Config->Set( 70 ExternalSettings => { # AN EXAMPLE DB SERVICE 71 'My_LDAP' => { 72 'type' => 'ldap', 73 'server' => "127.0.0.1:$ldap_port", 74 'base' => $base, 75 'filter' => '(objectClass=*)', 76 'd_filter' => '()', 77 'tls' => 0, 78 'net_ldap_args' => [ version => 3 ], 79 'attr_match_list' => [ 'Name', 'EmailAddress' ], 80 'attr_map' => { 81 'Name' => 'uid', 82 'EmailAddress' => 'mail', 83 'FreeformContactInfo' => [ 'uid', 'mail' ], 84 'CF.Employee Type' => 'employeeType', 85 'UserCF.Employee Type' => 'employeeType', 86 'UserCF.Employee ID' => sub { 87 my %args = @_; 88 return ( 'employeeType', 'employeeID' ) unless $args{external_entry}; 89 return ( 90 $args{external_entry}->get_value('employeeType') // '', 91 $args{external_entry}->get_value('employeeID') // '', 92 ); 93 }, 94 } 95 }, 96 } 97); 98RT->Config->PostLoadCheck; 99 100my ( $baseurl, $m ) = RT::Test->started_ok(); 101 102diag "test uri login"; 103{ 104 ok( !$m->login( 'fakeuser', 'password' ), 'not logged in with fake user' ); 105 $m->warning_like( qr/FAILED LOGIN for fakeuser/ ); 106 ok( $m->login( 'testuser', 'password' ), 'logged in' ); 107} 108diag "test user creation"; 109{ 110 my $testuser = RT::User->new($RT::SystemUser); 111 my ($ok,$msg) = $testuser->Load( 'testuser' ); 112 ok($ok,$msg); 113 is($testuser->EmailAddress,'testuser@invalid.tld'); 114 115 is( $testuser->FreeformContactInfo, 'testuser testuser@invalid.tld', 'user FreeformContactInfo' ); 116 is( $testuser->FirstCustomFieldValue('Employee Type'), 'engineer', 'user Employee Type value' ); 117 is( $testuser->FirstCustomFieldValue('Employee ID'), 'engineer 234', 'user Employee ID value' ); 118 is( $employee_type_cf->Values->Count, 1, 'cf Employee Type values count' ); 119 is( $employee_type_cf->Values->First->Name, 'engineer', 'cf Employee Type value' ); 120} 121 122 123diag "test form login"; 124{ 125 $m->logout; 126 $m->get_ok( $baseurl, 'base url' ); 127 $m->submit_form( 128 form_number => 1, 129 fields => { user => 'testuser', pass => 'password', }, 130 ); 131 $m->text_contains( 'Logout', 'logged in via form' ); 132} 133 134is( $m->uri, $baseurl . '/SelfService/' , 'selfservice page' ); 135 136diag "test redirect after login"; 137{ 138 $m->logout; 139 $m->get_ok( $baseurl . '/SelfService/Closed.html', 'closed tickets page' ); 140 $m->submit_form( 141 form_number => 1, 142 fields => { user => 'testuser', pass => 'password', }, 143 ); 144 $m->text_contains( 'Logout', 'logged in' ); 145 is( $m->uri, $baseurl . '/SelfService/Closed.html' ); 146} 147 148diag "test admin user create"; 149{ 150 $m->logout; 151 ok( $m->login ); 152 $m->get_ok( $baseurl . '/Admin/Users/Modify.html?Create=1', 'user create page' ); 153 $m->text_contains( 'Employee Type: Set from external source' ); 154 $m->text_contains( 'Employee ID: Set from external source' ); 155 156 my $username = 'testuser2'; 157 $m->submit_form( 158 form_name => 'UserCreate', 159 fields => { Name => $username }, 160 ); 161 $m->text_contains( 'User could not be created: Could not set user info' ); 162 $m->text_lacks( 'User could not be created: Name in use' ); 163 164 my $entry = { 165 cn => $username, 166 mail => "$username\@invalid.tld", 167 uid => $username, 168 objectClass => 'User', 169 userPassword => 'password', 170 employeeType => 'sale', 171 employeeID => '345', 172 }; 173 $ldap->add( $base ); 174 my $dn = "uid=$username,$base"; 175 $ldap->add( $dn, attr => [ %$entry ] ); 176 177 my $delegate_input = RT::Interface::Web::GetCustomFieldInputName( 178 Object => RT::User->new( RT->SystemUser ), 179 CustomField => $delegate_cf, 180 ); 181 $m->submit_form( 182 form_name => 'UserCreate', 183 fields => { 184 Name => '', 185 EmailAddress => "$username\@invalid.tld", 186 $delegate_input => 'root', 187 }, 188 ); 189 $m->text_contains( 'User created' ); 190 my ( $id ) = ( $m->uri =~ /id=(\d+)/ ); 191 my $user = RT::User->new( RT->SystemUser ); 192 $user->Load( $id ); 193 is( $user->EmailAddress, "$username\@invalid.tld", 'email is not changed' ); 194 is( $user->Name, $username, 'got canonicalized Name' ); 195 is( $user->FirstCustomFieldValue('Employee Type'), 'sale', 'Employee Type set to sale from LDAP' ); 196 is( $user->FirstCustomFieldValue('Delegate'), 'root', 'Delegate set to root from Web' ); 197} 198 199diag "test user update via login"; 200{ 201 $m->logout; 202 ok( $m->login( 'testuser2', 'password' ), 'logged in' ); 203 204 my $user = RT::User->new( RT->SystemUser ); 205 ok( $user->Load('testuser2'), 'load user testuser2' ); 206 is( $user->FreeformContactInfo, 'testuser2 testuser2@invalid.tld', 'user FreeformContactInfo' ); 207 is( $user->FirstCustomFieldValue('Employee Type'), 'sale', 'user Employee Type value' ); 208 is( $user->FirstCustomFieldValue('Employee ID'), 'sale 345', 'user Employee ID value' ); 209 is( $employee_type_cf->Values->Count, 2, 'cf Employee Type values count' ); 210 is_deeply( 211 [ map { $_->Name } @{ $employee_type_cf->Values->ItemsArrayRef } ], 212 [ 'engineer', 'sale' ], 213 'cf Employee Type values' 214 ); 215} 216 217$ldap->unbind(); 218 219done_testing; 220