1# 2## LDAP NODE ATTRIBUTES BUILDING VALIDATION 3## 4## Here we can check the suffix selection function. 5## 6## We do not need running LDAP server for that 7## 8 9use strict; 10use warnings; 11use utf8; 12use Test::More; 13use XML::Simple; 14use Data::Dumper; 15use File::Spec; 16 17#--- check permission to run test 18my $test_directory = File::Spec->catfile( 't', '18_ldap'); 19my $semaphore_file = File::Spec->catfile( 20 $test_directory, 21 'enable_talk_to_server', 22 ); 23if( !( -f $semaphore_file) ) { 24 plan skip_all => "No ldap server for testing"; 25}; 26 27use_ok( 'OpenXPKI::LdapUtils' ); 28 29my $utils=OpenXPKI::LdapUtils->new(); 30 31my $config_file = File::Spec->catfile( 32 't', '18_ldap', 'ldappublic_dummy.xml' 33 ); 34my $config = XMLin( $config_file ); 35my $dumper= Data::Dumper->new([$config],['realm_config']); 36 37$dumper->Indent(1); 38my $make_schema = $dumper->Dump(); 39 40my $realm_config; 41eval $make_schema; 42 43#-------------------------- CONVERTING SCHEMA TO REALM CONFIG FORMAT 44my $schema_profiles = [ 45 'default', 46 'certificate', 47 'ca', 48 ]; 49my $schemas=[]; 50 51foreach my $schema_profile ( @{$schema_profiles} ) { 52 my $schema_dump = $realm_config->{'schema'}->{$schema_profile}; 53 my $schema = { }; 54 foreach my $rdn ( @{$schema_dump->{'rdn'}} ){ 55 56# solving the scalar ref problem 57 my $attributetypes; 58 my $musts; 59 my $mays = []; 60 my $structurals; 61 my $auxiliaries = []; 62 63 if( ref( $rdn->{'attributetype'} ) eq 'ARRAY' ) { 64 $attributetypes = $rdn->{'attributetype'}; 65 } else { 66 $attributetypes = [ $rdn->{'attributetype'} ]; 67 }; 68 69 if( ref( $rdn->{'must'}->{'attributetype'} ) eq 'ARRAY' ) { 70 $musts = $rdn->{'must'}->{'attributetype'}; 71 } else { 72 $musts = [ $rdn->{'must'}->{'attributetype'} ]; 73 }; 74 75 if( defined $rdn->{'may'} ) { 76 if( ref( $rdn->{'may'}->{'attributetype'} ) eq 'ARRAY' ) { 77 $mays = $rdn->{'may'}->{'attributetype'}; 78 } else { 79 $mays = [ $rdn->{'may'}->{'attributetype'} ]; 80 }; 81 }; 82 83 if( ref( $rdn->{'structural'}->{'objectclass'} ) eq 'ARRAY' ) { 84 $structurals = $rdn->{'structural'}->{'objectclass'}; 85 } else { 86 $structurals = [ $rdn->{'structural'}->{'objectclass'} ]; 87 }; 88 89 if( defined $rdn->{'auxiliary'} ) { 90 if( ref( $rdn->{'auxiliary'}->{'objectclass'} ) eq 'ARRAY' ) { 91 $auxiliaries = $rdn->{'auxiliary'}->{'objectclass'}; 92 } else { 93 $auxiliaries = [ $rdn->{'auxiliary'}->{'objectclass'} ]; 94 }; 95 }; 96 97 $schema->{ $rdn->{'attributetype'} }= 98 { 99 'attributetype' => $rdn->{'attributetype'}, 100 'must' => $musts, 101 'may' => $mays, 102 'structural' => $structurals, 103 'auxiliary' => $auxiliaries, 104 }; 105 }; 106 push @{$schemas}, $schema; 107}; 108 109 my $schema; 110 my $cert_extra_attrs = [ 111 { 112 'mail' => 'jmax@openxpki.org', 113 'sn' => 'Maxwell', 114 }, 115 { 116 'mail' => 'jmax@openxpki.org', 117 'sn' => 'Иванов', 118 }, 119 ]; 120 121 my $dn_hashes = [ 122 { 123 'dc' => ['openxpki','org'], 124 'ou' => 'Security', 125 'o' => 'University' 126 }, 127 { 128 'dc' => ['openxpki','org'], 129 'ou' => 'Security', 130 'o' => 'Институт Механики', 131 }, 132 { 133 'dc' => ['openxpki','org'], 134 'ou' => 'Security', 135 'o' => 'Институт IPMCE', 136 }, 137 ]; 138 139 my $parsed_rdns = [ 140 [ 141 [ 'cn' ,'James'], 142 [ 'uid','jmax'], 143 ], 144 [ 145 [ 'cn' ,'Server'], 146 ], 147 [ 148 [ 'cn' ,'Иван'], 149 [ 'uid','jmax'], 150 ], 151 [ 152 [ 'cn' ,'Интертех'], 153 ], 154 [ 155 [ 'cn' ,'Иван Smith'], 156 [ 'uid','jmax'], 157 ], 158 [ 159 [ 'cn' ,'Интертех Corp.'], 160 ], 161 ]; 162 my $expected_hashes = [ 163 { 164 'objectclass' => [ 165 'opencaEmailAddress', 166 'pkiUser', 167 'organizationalPerson', 168 'person', 169 'inetOrgPerson' 170 ], 171 'ou' => 'Security', 172 'uid' => 'jmax', 173 'cn' => 'James', 174 'sn' => 'Maxwell', 175 'mail' => 'jmax@openxpki.org', 176 'o' => 'University', 177 }, 178 { 179 'objectclass' => [ 180 'opencaEmailAddress', 181 'organizationalRole', 182 'pkiCA', 183 ], 184 'ou' => 'Security', 185 'cn' => 'Server', 186 'mail' => 'jmax@openxpki.org', 187 }, 188 { 189 'objectclass' => [ 190 'opencaEmailAddress', 191 'pkiUser', 192 'organizationalPerson', 193 'person', 194 'inetOrgPerson' 195 ], 196 'ou' => 'Security', 197 'uid' => 'jmax', 198 'cn' => 'Иван', 199 'sn' => 'Иванов', 200 'mail' => 'jmax@openxpki.org', 201 'o' => 'University', 202 }, 203 { 204 'objectclass' => [ 205 'opencaEmailAddress', 206 'organizationalRole', 207 'pkiCA', 208 ], 209 'ou' => 'Security', 210 'cn' => 'Интертех', 211 'mail' => 'jmax@openxpki.org', 212 }, 213 { 214 'objectclass' => [ 215 'opencaEmailAddress', 216 'pkiUser', 217 'organizationalPerson', 218 'person', 219 'inetOrgPerson' 220 ], 221 'ou' => 'Security', 222 'uid' => 'jmax', 223 'cn' => 'Иван Smith', 224 'sn' => 'Иванов', 225 'mail' => 'jmax@openxpki.org', 226 'o' => 'University', 227 }, 228 { 229 'objectclass' => [ 230 'opencaEmailAddress', 231 'organizationalRole', 232 'pkiCA', 233 ], 234 'ou' => 'Security', 235 'cn' => 'Интертех Corp.', 236 'mail' => 'jmax@openxpki.org', 237 }, 238 { 239 'objectclass' => [ 240 'opencaEmailAddress', 241 'pkiUser', 242 'organizationalPerson', 243 'person', 244 'inetOrgPerson' 245 ], 246 'ou' => 'Security', 247 'uid' => 'jmax', 248 'cn' => 'Иван', 249 'sn' => 'Иванов', 250 'mail' => 'jmax@openxpki.org', 251 'o' => 'Институт Механики', 252 }, 253 { 254 'objectclass' => [ 255 'opencaEmailAddress', 256 'pkiUser', 257 'organizationalPerson', 258 'person', 259 'inetOrgPerson' 260 ], 261 'ou' => 'Security', 262 'uid' => 'jmax', 263 'cn' => 'Иван Smith', 264 'sn' => 'Иванов', 265 'mail' => 'jmax@openxpki.org', 266 'o' => 'Институт IPMCE', 267 }, 268 269 ]; 270 271 272 # 273 # TEST STRUCTURE - indexes for arrays of parameteres 274 # 275 # [ schema, extras, dn_hash, parsed, expected, message ] 276 # 277 # message is used to indicate UTF-8 tests 278 # 279 280 my $test_structure = [ 281 [ 1, 0, 0, 0, 0,'' ], 282 [ 0, 0, 0, 1, 1,'' ], 283 [ 1, 1, 0, 2, 2,'(UTF-8 attributes)' ], 284 [ 0, 1, 0, 3, 3,'(UTF-8 attributes)' ], 285 [ 1, 1, 0, 4, 4,'(Mixed attributes)' ], 286 [ 0, 1, 0, 5, 5,'(Mixed attributes)' ], 287 [ 1, 1, 1, 2, 6,'(UTF-8 attributes in dn)' ], 288 [ 1, 1, 2, 4, 7,'(Mixed attributes in dn)' ], 289 ]; 290 291 my $test_number = scalar @{$test_structure}; 292 293 plan tests => $test_number; 294 295 diag "LDAP NODE ATTRIBUTES BUILDING VALIDATION\n" if $ENV{VERBOSE}; 296 297 for( my $i=0; $i < $test_number ;$i++) { 298 299 my $i_schemas = $test_structure->[$i]->[0]; 300 my $i_extras = $test_structure->[$i]->[1]; 301 my $i_dn_hash = $test_structure->[$i]->[2]; 302 my $i_parsed_rdn = $test_structure->[$i]->[3]; 303 my $i_expected = $test_structure->[$i]->[4]; 304 my $utf8_indicator = $test_structure->[$i]->[5]; 305 my @add_ldap_args = $utils->get_ldap_node_attributes( 306 $schemas->[$i_schemas], 307 $cert_extra_attrs->[$i_extras], 308 $dn_hashes->[$i_dn_hash], 309 $parsed_rdns->[$i_parsed_rdn], 310 ); 311 312 my $test_dumper = Data::Dumper-> 313 new( 314 [ {@add_ldap_args} ], 315 ['test_hash'] 316 ); 317 $test_dumper->Indent(1); 318 my $test_hash_code = $test_dumper->Dump(); 319 320# print $test_hash_code; 321# | 322# use this to create expected hash code if it is really valid 323# 324# 325 my $test_hash; 326 eval $test_hash_code; 327 is_deeply( 328 $test_hash, 329 $expected_hashes->[$i_expected], 330 "Building node attributes for <" . 331 $schema_profiles->[$i_schemas] . 332 "> profile " . $utf8_indicator, 333 ); 334 }; 3351; 336 337 338