1#
2## LDAP NODE ATTRIBUTES BUILDING VALIDATION
3##
4## Here we can check the suffix selection function.
5##
6## We do not need running LDAP server for that
7##
8
9use strict;
10use warnings;
11use utf8;
12use Test::More;
13use XML::Simple;
14use Data::Dumper;
15use File::Spec;
16
17#--- check permission to run test
18my $test_directory = File::Spec->catfile( 't', '18_ldap');
19my $semaphore_file = File::Spec->catfile(
20			    $test_directory,
21                    	    'enable_talk_to_server',
22		     );
23if( !( -f $semaphore_file) ) {
24    plan skip_all => "No ldap server for testing";
25};
26
27use_ok( 'OpenXPKI::LdapUtils' );
28
29my  $utils=OpenXPKI::LdapUtils->new();
30
31my $config_file = File::Spec->catfile(
32			't', '18_ldap', 'ldappublic_dummy.xml'
33		  );
34my $config = XMLin( $config_file );
35my $dumper= Data::Dumper->new([$config],['realm_config']);
36
37$dumper->Indent(1);
38my $make_schema = $dumper->Dump();
39
40my $realm_config;
41eval $make_schema;
42
43#-------------------------- CONVERTING SCHEMA TO REALM CONFIG FORMAT
44my $schema_profiles = [
45			 'default',
46			 'certificate',
47			 'ca',
48		      ];
49my $schemas=[];
50
51foreach my $schema_profile ( @{$schema_profiles} ) {
52    my $schema_dump = $realm_config->{'schema'}->{$schema_profile};
53    my $schema = { };
54    foreach my $rdn ( @{$schema_dump->{'rdn'}} ){
55
56# solving the scalar ref problem
57	my $attributetypes;
58	my $musts;
59	my $mays = [];
60	my $structurals;
61        my $auxiliaries = [];
62
63 	if( ref( $rdn->{'attributetype'} ) eq 'ARRAY' ) {
64            $attributetypes = $rdn->{'attributetype'};
65	} else {
66            $attributetypes = [ $rdn->{'attributetype'} ];
67	};
68
69 	if( ref( $rdn->{'must'}->{'attributetype'} ) eq 'ARRAY' ) {
70            $musts = $rdn->{'must'}->{'attributetype'};
71	} else {
72            $musts = [ $rdn->{'must'}->{'attributetype'} ];
73	};
74
75	if( defined $rdn->{'may'} ) {
76 		if( ref( $rdn->{'may'}->{'attributetype'} ) eq 'ARRAY' ) {
77	            $mays = $rdn->{'may'}->{'attributetype'};
78		} else {
79            		$mays = [ $rdn->{'may'}->{'attributetype'} ];
80		};
81	};
82
83 	if( ref( $rdn->{'structural'}->{'objectclass'} ) eq 'ARRAY' ) {
84            $structurals = $rdn->{'structural'}->{'objectclass'};
85	} else {
86            $structurals = [ $rdn->{'structural'}->{'objectclass'} ];
87	};
88
89	if( defined $rdn->{'auxiliary'} ) {
90 		if( ref( $rdn->{'auxiliary'}->{'objectclass'} ) eq 'ARRAY' ) {
91	            $auxiliaries = $rdn->{'auxiliary'}->{'objectclass'};
92		} else {
93        	    $auxiliaries = [ $rdn->{'auxiliary'}->{'objectclass'} ];
94		};
95	};
96
97	$schema->{ $rdn->{'attributetype'} }=
98                       {
99		         'attributetype' => $rdn->{'attributetype'},
100			 'must'          => $musts,
101			 'may'           => $mays,
102			 'structural'    => $structurals,
103			 'auxiliary'     => $auxiliaries,
104		       };
105    };
106    push @{$schemas}, $schema;
107};
108
109    my $schema;
110    my $cert_extra_attrs = [
111				{
112				    'mail' => 'jmax@openxpki.org',
113                            	    'sn'   => 'Maxwell',
114                        	},
115				{
116				    'mail' => 'jmax@openxpki.org',
117                            	    'sn'   => 'Иванов',
118                        	},
119			   ];
120
121    my $dn_hashes        = [
122				{
123				    'dc' => ['openxpki','org'],
124                            	    'ou' => 'Security',
125			    	    'o'  => 'University'
126				},
127				{
128				    'dc' => ['openxpki','org'],
129                            	    'ou' => 'Security',
130			    	    'o'  => 'Институт Механики',
131				},
132				{
133				    'dc' => ['openxpki','org'],
134                            	    'ou' => 'Security',
135			    	    'o'  => 'Институт IPMCE',
136				},
137			   ];
138
139    my $parsed_rdns      = [
140				[
141                            	    [ 'cn' ,'James'],
142                            	    [ 'uid','jmax'],
143                        	],
144				[
145                            	    [ 'cn' ,'Server'],
146                        	],
147				[
148                            	    [ 'cn' ,'Иван'],
149                            	    [ 'uid','jmax'],
150                        	],
151				[
152                            	    [ 'cn' ,'Интертех'],
153                        	],
154				[
155                            	    [ 'cn' ,'Иван Smith'],
156                            	    [ 'uid','jmax'],
157                        	],
158				[
159                            	    [ 'cn' ,'Интертех Corp.'],
160                        	],
161			   ];
162    my $expected_hashes =  [
163				{
164    				    'objectclass' => [
165		        		'opencaEmailAddress',
166			        	'pkiUser',
167					'organizationalPerson',
168					'person',
169				        'inetOrgPerson'
170				    ],
171				      'ou' => 'Security',
172				     'uid' => 'jmax',
173				      'cn' => 'James',
174				      'sn' => 'Maxwell',
175				    'mail' => 'jmax@openxpki.org',
176				       'o' => 'University',
177			        },
178				{
179    				    'objectclass' => [
180		        		'opencaEmailAddress',
181					'organizationalRole',
182			        	'pkiCA',
183				    ],
184				      'ou' => 'Security',
185				      'cn' => 'Server',
186				    'mail' => 'jmax@openxpki.org',
187			        },
188				{
189    				    'objectclass' => [
190		        		'opencaEmailAddress',
191			        	'pkiUser',
192					'organizationalPerson',
193					'person',
194				        'inetOrgPerson'
195				    ],
196				      'ou' => 'Security',
197				     'uid' => 'jmax',
198				      'cn' => 'Иван',
199				      'sn' => 'Иванов',
200				    'mail' => 'jmax@openxpki.org',
201				       'o' => 'University',
202			        },
203				{
204    				    'objectclass' => [
205		        		'opencaEmailAddress',
206					'organizationalRole',
207			        	'pkiCA',
208				    ],
209				      'ou' => 'Security',
210				      'cn' => 'Интертех',
211				    'mail' => 'jmax@openxpki.org',
212			        },
213				{
214    				    'objectclass' => [
215		        		'opencaEmailAddress',
216			        	'pkiUser',
217					'organizationalPerson',
218					'person',
219				        'inetOrgPerson'
220				    ],
221				      'ou' => 'Security',
222				     'uid' => 'jmax',
223				      'cn' => 'Иван Smith',
224				      'sn' => 'Иванов',
225				    'mail' => 'jmax@openxpki.org',
226				       'o' => 'University',
227			        },
228				{
229    				    'objectclass' => [
230		        		'opencaEmailAddress',
231					'organizationalRole',
232			        	'pkiCA',
233				    ],
234				      'ou' => 'Security',
235				      'cn' => 'Интертех Corp.',
236				    'mail' => 'jmax@openxpki.org',
237			        },
238				{
239    				    'objectclass' => [
240		        		'opencaEmailAddress',
241			        	'pkiUser',
242					'organizationalPerson',
243					'person',
244				        'inetOrgPerson'
245				    ],
246				      'ou' => 'Security',
247				     'uid' => 'jmax',
248				      'cn' => 'Иван',
249				      'sn' => 'Иванов',
250				    'mail' => 'jmax@openxpki.org',
251				       'o' => 'Институт Механики',
252			        },
253				{
254    				    'objectclass' => [
255		        		'opencaEmailAddress',
256			        	'pkiUser',
257					'organizationalPerson',
258					'person',
259				        'inetOrgPerson'
260				    ],
261				      'ou' => 'Security',
262				     'uid' => 'jmax',
263				      'cn' => 'Иван Smith',
264				      'sn' => 'Иванов',
265				    'mail' => 'jmax@openxpki.org',
266				       'o' => 'Институт IPMCE',
267			        },
268
269			   ];
270
271
272    #
273    # TEST STRUCTURE - indexes for arrays of parameteres
274    #
275    #		      [ schema, extras, dn_hash, parsed, expected, message ]
276    #
277    # message is used to indicate UTF-8 tests
278    #
279
280    my $test_structure = [
281			    [  1, 0, 0, 0, 0,''                          ],
282			    [  0, 0, 0, 1, 1,''                          ],
283			    [  1, 1, 0, 2, 2,'(UTF-8 attributes)'        ],
284			    [  0, 1, 0, 3, 3,'(UTF-8 attributes)'        ],
285			    [  1, 1, 0, 4, 4,'(Mixed attributes)'        ],
286			    [  0, 1, 0, 5, 5,'(Mixed attributes)'        ],
287			    [  1, 1, 1, 2, 6,'(UTF-8 attributes in dn)'  ],
288			    [  1, 1, 2, 4, 7,'(Mixed attributes in dn)'  ],
289			 ];
290
291    my $test_number = scalar @{$test_structure};
292
293    plan tests => $test_number;
294
295    diag "LDAP NODE ATTRIBUTES BUILDING VALIDATION\n" if $ENV{VERBOSE};
296
297    for( my $i=0; $i < $test_number ;$i++) {
298
299	my $i_schemas      = $test_structure->[$i]->[0];
300	my $i_extras       = $test_structure->[$i]->[1];
301	my $i_dn_hash      = $test_structure->[$i]->[2];
302	my $i_parsed_rdn   = $test_structure->[$i]->[3];
303	my $i_expected     = $test_structure->[$i]->[4];
304	my $utf8_indicator = $test_structure->[$i]->[5];
305	my @add_ldap_args = $utils->get_ldap_node_attributes(
306                    	    			    $schemas->[$i_schemas],
307            	                	    $cert_extra_attrs->[$i_extras],
308				    		   $dn_hashes->[$i_dn_hash],
309                    	        		 $parsed_rdns->[$i_parsed_rdn],
310                    		    );
311
312	my $test_dumper = Data::Dumper->
313				new(
314				    [ {@add_ldap_args} ],
315				    ['test_hash']
316				 );
317	$test_dumper->Indent(1);
318	my $test_hash_code = $test_dumper->Dump();
319
320#    print $test_hash_code;
321#      |
322#     use this to create expected hash code if it is really valid
323#
324#
325	my $test_hash;
326	eval  $test_hash_code;
327        is_deeply(
328			$test_hash,
329	    $expected_hashes->[$i_expected],
330	    "Building node attributes for <" .
331		$schema_profiles->[$i_schemas] .
332		"> profile " . $utf8_indicator,
333	);
334    };
3351;
336
337
338