2019-06-07 20:48:39 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* This file is part of the Kimai time-tracking app.
|
|
|
|
|
*
|
|
|
|
|
* For the full copyright and license information, please view the LICENSE
|
|
|
|
|
* file that was distributed with this source code.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
namespace App\Tests\Ldap;
|
|
|
|
|
|
|
|
|
|
use App\Configuration\LdapConfiguration;
|
|
|
|
|
use App\Entity\User;
|
|
|
|
|
use App\Ldap\LdapDriver;
|
2019-10-24 15:35:05 +00:00
|
|
|
use App\Ldap\LdapDriverException;
|
2019-06-07 20:48:39 +00:00
|
|
|
use App\Ldap\LdapManager;
|
2021-06-10 13:34:13 +00:00
|
|
|
use App\Tests\Configuration\TestConfigLoader;
|
2019-11-10 17:53:56 +00:00
|
|
|
use App\Tests\Mocks\Security\RoleServiceFactory;
|
2022-12-31 20:19:55 +00:00
|
|
|
use App\Tests\Mocks\SystemConfigurationFactory;
|
2019-06-07 20:48:39 +00:00
|
|
|
use PHPUnit\Framework\TestCase;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @covers \App\Ldap\LdapManager
|
|
|
|
|
*/
|
|
|
|
|
class LdapManagerTest extends TestCase
|
|
|
|
|
{
|
|
|
|
|
protected function getLdapManager(LdapDriver $driver, $roleConfig = null)
|
|
|
|
|
{
|
|
|
|
|
if (null === $roleConfig) {
|
|
|
|
|
$roleConfig = [
|
|
|
|
|
'baseDn' => 'ou=groups, dc=kimai, dc=org',
|
|
|
|
|
'nameAttribute' => 'cn',
|
|
|
|
|
'userDnAttribute' => 'member',
|
|
|
|
|
'groups' => [
|
|
|
|
|
['ldap_value' => 'group1', 'role' => 'ROLE_TEAMLEAD'],
|
|
|
|
|
['ldap_value' => 'group2', 'role' => 'ROLE_ADMIN'],
|
|
|
|
|
['ldap_value' => 'group3', 'role' => 'ROLE_CUSTOMER'], // not existing!
|
|
|
|
|
['ldap_value' => 'group4', 'role' => 'ROLE_SUPER_ADMIN'],
|
|
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-10 13:34:13 +00:00
|
|
|
$conf = [
|
2019-06-07 20:48:39 +00:00
|
|
|
'user' => [
|
|
|
|
|
'attributes' => [],
|
|
|
|
|
'filter' => '(&(objectClass=inetOrgPerson))',
|
|
|
|
|
'usernameAttribute' => 'uid',
|
2019-06-23 10:38:11 +00:00
|
|
|
'attributesFilter' => '(objectClass=*)',
|
2019-06-07 20:48:39 +00:00
|
|
|
'baseDn' => 'ou=users, dc=kimai, dc=org',
|
|
|
|
|
],
|
|
|
|
|
'role' => $roleConfig,
|
2021-06-10 13:34:13 +00:00
|
|
|
];
|
2022-12-31 20:19:55 +00:00
|
|
|
$systemConfig = SystemConfigurationFactory::create(new TestConfigLoader([]), ['ldap' => $conf]);
|
2021-06-10 13:34:13 +00:00
|
|
|
$config = new LdapConfiguration($systemConfig);
|
2019-06-07 20:48:39 +00:00
|
|
|
|
2019-11-10 17:53:56 +00:00
|
|
|
$roles = [
|
2022-12-31 20:19:55 +00:00
|
|
|
'ROLE_USER',
|
|
|
|
|
'ROLE_TEAMLEAD',
|
|
|
|
|
'ROLE_ADMIN',
|
|
|
|
|
'ROLE_SUPER_ADMIN',
|
2019-11-10 17:53:56 +00:00
|
|
|
];
|
|
|
|
|
|
2022-12-31 20:19:55 +00:00
|
|
|
return new LdapManager($driver, $config, (new RoleServiceFactory($this))->create($roles));
|
2019-06-07 20:48:39 +00:00
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testFindUserByUsernameOnZeroResults(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
|
|
|
|
$expected = [
|
|
|
|
|
'count' => 0
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->once())->method('search')->willReturnCallback(function ($baseDn, $filter) use ($expected) {
|
|
|
|
|
self::assertEquals('ou=users, dc=kimai, dc=org', $baseDn);
|
|
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=foo))', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected;
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver);
|
|
|
|
|
$actual = $sut->findUserByUsername('foo');
|
|
|
|
|
self::assertNull($actual);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testFindUserByUsernameOnMultiResults(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
2019-10-24 15:35:05 +00:00
|
|
|
$this->expectException(LdapDriverException::class);
|
|
|
|
|
$this->expectExceptionMessage('This search must only return a single user');
|
|
|
|
|
|
2019-06-07 20:48:39 +00:00
|
|
|
$expected = [
|
|
|
|
|
'count' => 3
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->once())->method('search')->willReturnCallback(function ($baseDn, $filter) use ($expected) {
|
|
|
|
|
self::assertEquals('ou=users, dc=kimai, dc=org', $baseDn);
|
|
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=foo))', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected;
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver);
|
|
|
|
|
$sut->findUserByUsername('foo');
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testFindUserByUsernameOnValidResult(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
|
|
|
|
$expected = [
|
2022-12-31 20:19:55 +00:00
|
|
|
0 => ['dn' => 'foo', 'uid' => ['foo']],
|
2019-06-07 20:48:39 +00:00
|
|
|
'count' => 1,
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->once())->method('search')->willReturnCallback(function ($baseDn, $filter) use ($expected) {
|
|
|
|
|
self::assertEquals('ou=users, dc=kimai, dc=org', $baseDn);
|
|
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=foo))', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected;
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver);
|
|
|
|
|
$actual = $sut->findUserByUsername('foo');
|
|
|
|
|
self::assertInstanceOf(User::class, $actual);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testFindUserByOnZeroResults(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
|
|
|
|
$expected = [
|
|
|
|
|
'count' => 0
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->once())->method('search')->willReturnCallback(function ($baseDn, $filter) use ($expected) {
|
|
|
|
|
self::assertEquals('ou=users, dc=kimai, dc=org', $baseDn);
|
|
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=foo))', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected;
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver);
|
2022-12-31 20:19:55 +00:00
|
|
|
$actual = $sut->findUserByUsername('foo');
|
2019-06-07 20:48:39 +00:00
|
|
|
self::assertNull($actual);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testFindUserByOnMultiResults(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
2019-10-24 15:35:05 +00:00
|
|
|
$this->expectException(LdapDriverException::class);
|
|
|
|
|
$this->expectExceptionMessage('This search must only return a single user');
|
|
|
|
|
|
2019-06-07 20:48:39 +00:00
|
|
|
$expected = [
|
|
|
|
|
'count' => 3
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->once())->method('search')->willReturnCallback(function ($baseDn, $filter) use ($expected) {
|
|
|
|
|
self::assertEquals('ou=users, dc=kimai, dc=org', $baseDn);
|
|
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=foo))', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected;
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver);
|
2022-12-31 20:19:55 +00:00
|
|
|
$sut->findUserByUsername('foo');
|
2019-06-07 20:48:39 +00:00
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testFindUserByOnValidResult(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
|
|
|
|
$expected = [
|
2022-12-31 20:19:55 +00:00
|
|
|
0 => ['dn' => 'foo', 'uid' => ['foo']],
|
2019-06-07 20:48:39 +00:00
|
|
|
'count' => 1,
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->once())->method('search')->willReturnCallback(function ($baseDn, $filter) use ($expected) {
|
|
|
|
|
self::assertEquals('ou=users, dc=kimai, dc=org', $baseDn);
|
2022-12-31 20:19:55 +00:00
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=trä\5cl=alß#aa=XY\5cZ0))', $filter);
|
2019-06-07 20:48:39 +00:00
|
|
|
|
|
|
|
|
return $expected;
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver);
|
2022-12-31 20:19:55 +00:00
|
|
|
$actual = $sut->findUserByUsername('trä\l=alß#aa=XY\Z0');
|
2019-06-07 20:48:39 +00:00
|
|
|
self::assertInstanceOf(User::class, $actual);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testBind(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
2022-12-31 20:19:55 +00:00
|
|
|
$user = new User();
|
|
|
|
|
$user->setUserIdentifier('foobar');
|
2019-06-07 20:48:39 +00:00
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['bind'])->getMock();
|
2022-12-31 20:19:55 +00:00
|
|
|
$driver->expects($this->once())->method('bind')->willReturnCallback(function ($bindUser, $password) {
|
|
|
|
|
self::assertEquals('foobar', $bindUser);
|
2019-06-07 20:48:39 +00:00
|
|
|
self::assertEquals('a-very-secret-secret', $password);
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver);
|
2022-12-31 20:19:55 +00:00
|
|
|
$actual = $sut->bind($user->getUserIdentifier(), 'a-very-secret-secret');
|
2019-06-07 20:48:39 +00:00
|
|
|
self::assertTrue($actual);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testUpdateUserOnZeroResults(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
2022-12-31 20:19:55 +00:00
|
|
|
$user = new User();
|
|
|
|
|
$user->setUserIdentifier('foobar');
|
|
|
|
|
|
2023-11-17 13:37:00 +00:00
|
|
|
$user->setPreferenceValue('ldap_dn', 'fooooooooooo');
|
2019-06-07 20:48:39 +00:00
|
|
|
$expected = [
|
|
|
|
|
[
|
2022-12-31 20:19:55 +00:00
|
|
|
0 => ['dn' => 'blub', 'uid' => ['blub']],
|
2019-06-07 20:48:39 +00:00
|
|
|
'count' => 1,
|
|
|
|
|
],
|
|
|
|
|
[
|
|
|
|
|
'count' => 0,
|
|
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->exactly(2))->method('search')->willReturnCallback(function ($baseDn, $filter) use ($expected) {
|
|
|
|
|
if ($baseDn === 'ou=users, dc=kimai, dc=org') {
|
|
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=foobar))', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected[0];
|
|
|
|
|
} elseif ($baseDn === 'blub') {
|
|
|
|
|
self::assertEquals('(objectClass=*)', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected[1];
|
|
|
|
|
}
|
2024-08-04 16:22:27 +00:00
|
|
|
$this->fail(\sprintf('Unexpected search with baseDn %s', $baseDn));
|
2019-06-07 20:48:39 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver);
|
|
|
|
|
|
|
|
|
|
$userOrig = clone $user;
|
|
|
|
|
$sut->updateUser($user);
|
|
|
|
|
self::assertEquals($userOrig, $user);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testUpdateUserOnMultiResults(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
2019-10-24 15:35:05 +00:00
|
|
|
$this->expectException(LdapDriverException::class);
|
|
|
|
|
$this->expectExceptionMessage('This search must only return a single user');
|
|
|
|
|
|
2022-12-31 20:19:55 +00:00
|
|
|
$user = new User();
|
|
|
|
|
$user->setUserIdentifier('foobar');
|
2023-11-17 13:37:00 +00:00
|
|
|
$user->setPreferenceValue('ldap_dn', 'xxxxxxx');
|
2019-06-07 20:48:39 +00:00
|
|
|
|
|
|
|
|
$expected = [
|
|
|
|
|
[
|
2022-12-31 20:19:55 +00:00
|
|
|
0 => ['dn' => 'blub', 'uid' => ['blub']],
|
2019-06-07 20:48:39 +00:00
|
|
|
'count' => 1,
|
|
|
|
|
],
|
|
|
|
|
[
|
|
|
|
|
'count' => 3,
|
|
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->exactly(2))->method('search')->willReturnCallback(function ($baseDn, $filter) use ($expected) {
|
|
|
|
|
if ($baseDn === 'ou=users, dc=kimai, dc=org') {
|
|
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=foobar))', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected[0];
|
|
|
|
|
} elseif ($baseDn === 'blub') {
|
|
|
|
|
self::assertEquals('(objectClass=*)', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected[1];
|
|
|
|
|
}
|
|
|
|
|
|
2024-08-04 16:22:27 +00:00
|
|
|
$this->fail(\sprintf('Unexpected search with baseDn %s', $baseDn));
|
2019-06-07 20:48:39 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver);
|
|
|
|
|
$sut->updateUser($user);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testUpdateUserOnValidResultWithEmptyRoleBaseDn(): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
2022-12-31 20:19:55 +00:00
|
|
|
$user = new User();
|
|
|
|
|
$user->setUserIdentifier('foobar');
|
2023-11-17 13:37:00 +00:00
|
|
|
$user->setPreferenceValue('ldap_dn', 'sssssss');
|
2019-06-07 20:48:39 +00:00
|
|
|
|
|
|
|
|
$expected = [
|
|
|
|
|
[
|
2022-12-31 20:19:55 +00:00
|
|
|
0 => ['dn' => 'blub', 'uid' => ['blub']],
|
2019-06-07 20:48:39 +00:00
|
|
|
'count' => 1,
|
|
|
|
|
],
|
|
|
|
|
[
|
2022-12-31 20:19:55 +00:00
|
|
|
0 => ['dn' => 'blub-updated', 'uid' => ['foobar']],
|
2019-06-07 20:48:39 +00:00
|
|
|
'count' => 1,
|
|
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->exactly(2))->method('search')->willReturnCallback(function ($baseDn, $filter) use ($expected) {
|
|
|
|
|
if ($baseDn === 'ou=users, dc=kimai, dc=org') {
|
|
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=foobar))', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected[0];
|
|
|
|
|
} elseif ($baseDn === 'blub') {
|
|
|
|
|
self::assertEquals('(objectClass=*)', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected[1];
|
|
|
|
|
}
|
|
|
|
|
|
2024-08-04 16:22:27 +00:00
|
|
|
$this->fail(\sprintf('Unexpected search with baseDn %s', $baseDn));
|
2019-06-07 20:48:39 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver, [
|
|
|
|
|
'baseDn' => null,
|
|
|
|
|
'nameAttribute' => 'cn',
|
|
|
|
|
'userDnAttribute' => 'member',
|
|
|
|
|
'groups' => [
|
|
|
|
|
['ldap_value' => 'group1', 'role' => 'ROLE_TEAMLEAD'],
|
|
|
|
|
['ldap_value' => 'group2', 'role' => 'ROLE_ADMIN'],
|
|
|
|
|
['ldap_value' => 'group3', 'role' => 'ROLE_CUSTOMER'], // not existing!
|
|
|
|
|
['ldap_value' => 'group4', 'role' => 'ROLE_SUPER_ADMIN'],
|
|
|
|
|
],
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$userOrig = clone $user;
|
|
|
|
|
$sut->updateUser($user);
|
2020-01-31 18:47:34 +00:00
|
|
|
self::assertEquals($userOrig->setEmail('foobar')->setAuth(User::AUTH_LDAP), $user);
|
2023-11-17 13:37:00 +00:00
|
|
|
self::assertEquals($user->getPreferenceValue('ldap_dn'), 'blub-updated');
|
2019-06-07 20:48:39 +00:00
|
|
|
}
|
|
|
|
|
|
2024-12-22 00:25:30 +00:00
|
|
|
public static function getValidConfigsTestData()
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
|
|
|
|
return [
|
|
|
|
|
[
|
|
|
|
|
[
|
|
|
|
|
0 => [
|
|
|
|
|
'dn' => 'blub',
|
|
|
|
|
'uid' => ['Karl-Heinz'],
|
|
|
|
|
// just some rubbish data
|
|
|
|
|
'blub' => ['dfsdfsdf'],
|
|
|
|
|
'foo' => ['count' => 1, 'bar'],
|
|
|
|
|
'bar' => ['count' => 1, 'foo', 'xxx'],
|
|
|
|
|
'xxxxxxxx' => ['https://www.example.com'],
|
|
|
|
|
'blub1' => ['dfsdfsdf'],
|
|
|
|
|
],
|
|
|
|
|
'count' => 1,
|
|
|
|
|
],
|
|
|
|
|
[
|
|
|
|
|
'baseDn' => 'ou=groups, dc=kimai, dc=org',
|
|
|
|
|
'nameAttribute' => 'cn',
|
|
|
|
|
'usernameAttribute' => 'cn', // test that "cn" is not set and fallback to "dn" happens
|
|
|
|
|
'userDnAttribute' => 'member',
|
|
|
|
|
'groups' => [
|
|
|
|
|
['ldap_value' => 'group1', 'role' => 'ROLE_TEAMLEAD'],
|
|
|
|
|
['ldap_value' => 'group2', 'role' => 'ROLE_ADMIN'],
|
|
|
|
|
['ldap_value' => 'group3', 'role' => 'ROLE_CUSTOMER'], // not existing!
|
|
|
|
|
['ldap_value' => 'group4', 'role' => 'ROLE_SUPER_ADMIN'],
|
|
|
|
|
],
|
|
|
|
|
],
|
|
|
|
|
'(&(member=blub))'
|
|
|
|
|
],
|
|
|
|
|
[
|
|
|
|
|
[
|
|
|
|
|
0 => [
|
|
|
|
|
'dn' => 'blub',
|
|
|
|
|
'uid' => ['Karl-Heinz'],
|
|
|
|
|
// just some rubbish data
|
2020-03-06 15:16:31 +00:00
|
|
|
'blub' => ['foo'],
|
2019-06-07 20:48:39 +00:00
|
|
|
'foo' => ['count' => 1, 'bar'],
|
|
|
|
|
'bar' => ['count' => 1, 'foo', 'xxx'],
|
|
|
|
|
'xxxxxxxx' => ['https://www.example.com'],
|
2020-03-06 15:16:31 +00:00
|
|
|
'blub1' => ['foo(bar)'],
|
2019-06-07 20:48:39 +00:00
|
|
|
],
|
|
|
|
|
'count' => 1,
|
|
|
|
|
],
|
|
|
|
|
[
|
|
|
|
|
'baseDn' => 'ou=groups, dc=kimai, dc=org',
|
|
|
|
|
'nameAttribute' => 'cn',
|
|
|
|
|
'usernameAttribute' => 'blub1',
|
|
|
|
|
'userDnAttribute' => 'memberuid',
|
|
|
|
|
'groups' => [
|
|
|
|
|
['ldap_value' => 'group1', 'role' => 'ROLE_TEAMLEAD'],
|
|
|
|
|
['ldap_value' => 'group2', 'role' => 'ROLE_ADMIN'],
|
|
|
|
|
['ldap_value' => 'group3', 'role' => 'ROLE_CUSTOMER'], // not existing!
|
|
|
|
|
['ldap_value' => 'group4', 'role' => 'ROLE_SUPER_ADMIN'],
|
|
|
|
|
],
|
|
|
|
|
],
|
2020-03-06 15:16:31 +00:00
|
|
|
'(&(memberuid=foo\28bar\29))'
|
2019-06-07 20:48:39 +00:00
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider getValidConfigsTestData
|
|
|
|
|
*/
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testUpdateUserOnValidResultWithRolesResult(array $expectedUsers, array $groupConfig, string $expectedGroupQuery): void
|
2019-06-07 20:48:39 +00:00
|
|
|
{
|
|
|
|
|
$expected = [
|
2022-12-31 20:19:55 +00:00
|
|
|
0 => ['dn' => 'blub', 'uid' => ['blub']],
|
2019-06-07 20:48:39 +00:00
|
|
|
'count' => 1,
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$expectedGroups = [
|
|
|
|
|
// ROLE_TEAMLEAD
|
|
|
|
|
0 => [
|
|
|
|
|
'cn' => [0 => 'group1'],
|
|
|
|
|
'member' => [0 => 'uid=user1,ou=users,dc=kimai,dc=org', 1 => 'uid=user2,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
// ROLE_ADMIN
|
|
|
|
|
1 => [
|
|
|
|
|
'cn' => [0 => 'admin'],
|
|
|
|
|
'member' => [0 => 'uid=user2,ou=users,dc=kimai,dc=org', 1 => 'uid=user3,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
// will be ignored: unknown group
|
|
|
|
|
2 => [
|
|
|
|
|
'cn' => [0 => 'kimai_admin'],
|
|
|
|
|
'member' => [0 => 'uid=user2,ou=users,dc=kimai,dc=org', 1 => 'uid=user3,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
// will be ignored: unknown group
|
|
|
|
|
3 => [
|
|
|
|
|
'cn' => [0 => 'group3'],
|
|
|
|
|
'member' => [0 => 'uid=user2,ou=users,dc=kimai,dc=org', 1 => 'uid=user3,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
// will be ignored: the counter below does not announce this group!
|
|
|
|
|
4 => [
|
|
|
|
|
'cn' => [0 => 'group4'],
|
|
|
|
|
'member' => [0 => 'uid=user2,ou=users,dc=kimai,dc=org', 1 => 'uid=user3,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
'count' => 4
|
|
|
|
|
];
|
|
|
|
|
|
2019-11-08 15:10:38 +00:00
|
|
|
$driver = $this->getMockBuilder(LdapDriver::class)->disableOriginalConstructor()->onlyMethods(['search'])->getMock();
|
2019-06-07 20:48:39 +00:00
|
|
|
$driver->expects($this->exactly(3))->method('search')->willReturnCallback(function ($baseDn, $filter, $attributes) use ($expectedUsers, $expectedGroups, $expectedGroupQuery, $expected) {
|
|
|
|
|
if ($baseDn === 'ou=users, dc=kimai, dc=org') {
|
|
|
|
|
self::assertEquals('(&(&(objectClass=inetOrgPerson))(uid=Karl-Heinz))', $filter);
|
|
|
|
|
|
|
|
|
|
return $expected;
|
|
|
|
|
} elseif ($baseDn === 'blub') {
|
|
|
|
|
// user attributes search
|
|
|
|
|
self::assertEquals('(objectClass=*)', $filter);
|
|
|
|
|
|
|
|
|
|
return $expectedUsers;
|
|
|
|
|
} elseif ($baseDn === 'ou=groups, dc=kimai, dc=org') {
|
|
|
|
|
// roles search
|
|
|
|
|
self::assertEquals($expectedGroupQuery, $filter);
|
|
|
|
|
self::assertEquals([0 => 'cn'], $attributes);
|
|
|
|
|
|
|
|
|
|
return $expectedGroups;
|
|
|
|
|
}
|
2024-08-04 16:22:27 +00:00
|
|
|
$this->fail(\sprintf('Unexpected search with baseDn %s', $baseDn));
|
2019-06-07 20:48:39 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$sut = $this->getLdapManager($driver, $groupConfig);
|
|
|
|
|
|
2022-12-31 20:19:55 +00:00
|
|
|
$user = new User();
|
|
|
|
|
$user->setUserIdentifier('Karl-Heinz');
|
2023-11-17 13:37:00 +00:00
|
|
|
$user->setPreferenceValue('ldap_dn', 'blub');
|
2019-06-07 20:48:39 +00:00
|
|
|
$userOrig = clone $user;
|
2020-01-31 18:47:34 +00:00
|
|
|
$userOrig->setEmail('Karl-Heinz')->setRoles(['ROLE_TEAMLEAD', 'ROLE_ADMIN'])->setAuth(User::AUTH_LDAP);
|
2019-06-07 20:48:39 +00:00
|
|
|
|
|
|
|
|
$sut->updateUser($user);
|
|
|
|
|
self::assertEquals($userOrig, $user);
|
|
|
|
|
self::assertEquals(['ROLE_TEAMLEAD', 'ROLE_ADMIN', 'ROLE_USER'], $user->getRoles());
|
|
|
|
|
}
|
2022-12-31 20:19:55 +00:00
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testEmptyHydrate(): void
|
2022-12-31 20:19:55 +00:00
|
|
|
{
|
|
|
|
|
$ldapConfig = [
|
|
|
|
|
'activate' => true,
|
|
|
|
|
'connection' => [
|
|
|
|
|
'host' => '1.1.1.1'
|
|
|
|
|
],
|
|
|
|
|
'user' => [
|
|
|
|
|
'usernameAttribute' => 'foo',
|
|
|
|
|
'attributes' => []
|
|
|
|
|
],
|
|
|
|
|
'role' => [],
|
|
|
|
|
];
|
|
|
|
|
$systemConfig = SystemConfigurationFactory::create(new TestConfigLoader([]), ['ldap' => $ldapConfig]);
|
|
|
|
|
|
|
|
|
|
$config = new LdapConfiguration($systemConfig);
|
|
|
|
|
|
|
|
|
|
$sut = new LdapManager($this->createMock(LdapDriver::class), $config, (new RoleServiceFactory($this))->create([]));
|
|
|
|
|
$user = $sut->hydrate(['dn' => 'blub', 'foo' => ['blub']]);
|
|
|
|
|
self::assertInstanceOf(User::class, $user);
|
|
|
|
|
self::assertEquals('blub', $user->getUserIdentifier());
|
|
|
|
|
self::assertEquals('blub', $user->getUserIdentifier());
|
|
|
|
|
self::assertEquals('blub', $user->getEmail());
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testEmptyHydrateThrowsException(): void
|
2022-12-31 20:19:55 +00:00
|
|
|
{
|
|
|
|
|
$this->expectException(LdapDriverException::class);
|
|
|
|
|
$this->expectExceptionMessage('Missing username in LDAP hydration');
|
|
|
|
|
|
|
|
|
|
$ldapConfig = [
|
|
|
|
|
'activate' => true,
|
|
|
|
|
'connection' => [
|
|
|
|
|
'host' => '1.1.1.1'
|
|
|
|
|
],
|
|
|
|
|
'user' => [
|
|
|
|
|
'usernameAttribute' => 'foo',
|
|
|
|
|
'attributes' => []
|
|
|
|
|
],
|
|
|
|
|
'role' => [],
|
|
|
|
|
];
|
|
|
|
|
$systemConfig = SystemConfigurationFactory::create(new TestConfigLoader([]), ['ldap' => $ldapConfig]);
|
|
|
|
|
|
|
|
|
|
$config = new LdapConfiguration($systemConfig);
|
|
|
|
|
|
|
|
|
|
$sut = new LdapManager($this->createMock(LdapDriver::class), $config, (new RoleServiceFactory($this))->create([]));
|
|
|
|
|
$user = $sut->hydrate(['dn' => 'blub']);
|
|
|
|
|
self::assertInstanceOf(User::class, $user);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testHydrate(): void
|
2022-12-31 20:19:55 +00:00
|
|
|
{
|
|
|
|
|
$ldapConfig = [
|
|
|
|
|
'connection' => [
|
|
|
|
|
'host' => '1.1.1.1'
|
|
|
|
|
],
|
|
|
|
|
'user' => [
|
|
|
|
|
'usernameAttribute' => 'foo',
|
|
|
|
|
'attributes' => [
|
|
|
|
|
['ldap_attr' => 'uid', 'user_method' => 'setUserIdentifier'],
|
|
|
|
|
['ldap_attr' => 'foo', 'user_method' => 'setAlias'],
|
|
|
|
|
['ldap_attr' => 'bar', 'user_method' => 'setTitle'],
|
|
|
|
|
['ldap_attr' => 'roles', 'user_method' => 'setRoles'],
|
|
|
|
|
['ldap_attr' => 'xxxxxxxx', 'user_method' => 'setAvatar'],
|
|
|
|
|
['ldap_attr' => 'blubXX', 'user_method' => 'setAvatar'],
|
|
|
|
|
]
|
|
|
|
|
],
|
|
|
|
|
'role' => [],
|
|
|
|
|
];
|
|
|
|
|
$systemConfig = SystemConfigurationFactory::create(new TestConfigLoader([]), ['ldap' => $ldapConfig]);
|
|
|
|
|
$config = new LdapConfiguration($systemConfig);
|
|
|
|
|
|
|
|
|
|
$ldapEntry = [
|
|
|
|
|
'uid' => ['Karl-Heinz'],
|
|
|
|
|
'blub' => ['dfsdfsdf'],
|
|
|
|
|
'foo' => ['count' => 1, 0 => 'bar'],
|
|
|
|
|
'bar' => ['foo'],
|
|
|
|
|
'roles' => ['count' => 2, 0 => 'ROLE_TEAMLEAD', 1 => 'ROLE_ADMIN'],
|
|
|
|
|
'xxxxxxxx' => ['https://www.example.com'],
|
|
|
|
|
'blub1' => ['dfsdfsdf'],
|
|
|
|
|
'dn' => 'blub',
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$sut = new LdapManager($this->createMock(LdapDriver::class), $config, (new RoleServiceFactory($this))->create([]));
|
|
|
|
|
$user = $sut->hydrate($ldapEntry);
|
|
|
|
|
|
|
|
|
|
self::assertInstanceOf(User::class, $user);
|
|
|
|
|
self::assertEquals('Karl-Heinz', $user->getUserIdentifier());
|
|
|
|
|
self::assertEquals('bar', $user->getAlias());
|
|
|
|
|
self::assertEquals('foo', $user->getTitle());
|
|
|
|
|
self::assertEquals(['ROLE_TEAMLEAD', 'ROLE_ADMIN', 'ROLE_USER'], $user->getRoles());
|
|
|
|
|
self::assertEquals('https://www.example.com', $user->getAvatar());
|
|
|
|
|
self::assertEquals('Karl-Heinz', $user->getEmail());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testThrowsOnMissingMethod(): void
|
|
|
|
|
{
|
|
|
|
|
$this->expectException(\Exception::class);
|
|
|
|
|
$this->expectExceptionMessage('Unknown mapping method: setAlias2');
|
|
|
|
|
$ldapConfig = [
|
|
|
|
|
'connection' => [
|
|
|
|
|
'host' => '1.1.1.1'
|
|
|
|
|
],
|
|
|
|
|
'user' => [
|
|
|
|
|
'usernameAttribute' => 'foo',
|
|
|
|
|
'attributes' => [
|
|
|
|
|
['ldap_attr' => 'foo', 'user_method' => 'setAlias2'],
|
|
|
|
|
]
|
|
|
|
|
],
|
|
|
|
|
'role' => [],
|
|
|
|
|
];
|
|
|
|
|
$systemConfig = SystemConfigurationFactory::create(new TestConfigLoader([]), ['ldap' => $ldapConfig]);
|
|
|
|
|
$config = new LdapConfiguration($systemConfig);
|
|
|
|
|
|
|
|
|
|
$ldapEntry = [
|
|
|
|
|
'foo' => ['count' => 1, 0 => 'bar'],
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$sut = new LdapManager($this->createMock(LdapDriver::class), $config, (new RoleServiceFactory($this))->create([]));
|
|
|
|
|
$user = $sut->hydrate($ldapEntry);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @group legacy
|
|
|
|
|
*/
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testHydrateWithDepercatedSetter(): void
|
2022-12-31 20:19:55 +00:00
|
|
|
{
|
|
|
|
|
$ldapConfig = [
|
|
|
|
|
'connection' => [
|
|
|
|
|
'host' => '1.1.1.1'
|
|
|
|
|
],
|
|
|
|
|
'user' => [
|
|
|
|
|
'usernameAttribute' => 'foo',
|
|
|
|
|
'attributes' => [
|
|
|
|
|
['ldap_attr' => 'uid', 'user_method' => 'setUsername'], // use setUsername here for BC reasons!
|
|
|
|
|
['ldap_attr' => 'foo', 'user_method' => 'setAlias'],
|
|
|
|
|
['ldap_attr' => 'bar', 'user_method' => 'setTitle'],
|
|
|
|
|
['ldap_attr' => 'roles', 'user_method' => 'setRoles'],
|
|
|
|
|
['ldap_attr' => 'xxxxxxxx', 'user_method' => 'setAvatar'],
|
|
|
|
|
['ldap_attr' => 'blubXX', 'user_method' => 'setAvatar'],
|
|
|
|
|
]
|
|
|
|
|
],
|
|
|
|
|
'role' => [],
|
|
|
|
|
];
|
|
|
|
|
$systemConfig = SystemConfigurationFactory::create(new TestConfigLoader([]), ['ldap' => $ldapConfig]);
|
|
|
|
|
$config = new LdapConfiguration($systemConfig);
|
|
|
|
|
|
|
|
|
|
$ldapEntry = [
|
|
|
|
|
'uid' => ['Karl-Heinz'],
|
|
|
|
|
'blub' => ['dfsdfsdf'],
|
|
|
|
|
'foo' => ['count' => 1, 0 => 'bar'],
|
|
|
|
|
'bar' => ['foo'],
|
|
|
|
|
'roles' => ['count' => 2, 0 => 'ROLE_TEAMLEAD', 1 => 'ROLE_ADMIN'],
|
|
|
|
|
'xxxxxxxx' => ['https://www.example.com'],
|
|
|
|
|
'blub1' => ['dfsdfsdf'],
|
|
|
|
|
'dn' => 'blub',
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$sut = new LdapManager($this->createMock(LdapDriver::class), $config, (new RoleServiceFactory($this))->create([]));
|
|
|
|
|
$user = $sut->hydrate($ldapEntry);
|
|
|
|
|
|
|
|
|
|
self::assertInstanceOf(User::class, $user);
|
|
|
|
|
self::assertEquals('Karl-Heinz', $user->getUserIdentifier());
|
|
|
|
|
self::assertEquals('bar', $user->getAlias());
|
|
|
|
|
self::assertEquals('foo', $user->getTitle());
|
|
|
|
|
self::assertEquals(['ROLE_TEAMLEAD', 'ROLE_ADMIN', 'ROLE_USER'], $user->getRoles());
|
|
|
|
|
self::assertEquals('https://www.example.com', $user->getAvatar());
|
|
|
|
|
self::assertEquals('Karl-Heinz', $user->getEmail());
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testHydrateUser(): void
|
2022-12-31 20:19:55 +00:00
|
|
|
{
|
|
|
|
|
$ldapConfig = [
|
|
|
|
|
'connection' => [
|
|
|
|
|
'host' => '1.1.1.1'
|
|
|
|
|
],
|
|
|
|
|
'user' => [
|
|
|
|
|
'usernameAttribute' => 'foo',
|
|
|
|
|
'attributes' => [
|
|
|
|
|
['ldap_attr' => 'uid', 'user_method' => 'setUserIdentifier'],
|
|
|
|
|
['ldap_attr' => 'email', 'user_method' => 'setEmail'],
|
|
|
|
|
['ldap_attr' => 'foo', 'user_method' => 'setAlias'],
|
|
|
|
|
['ldap_attr' => 'bar', 'user_method' => 'setTitle'],
|
|
|
|
|
['ldap_attr' => 'xxxxxxxx', 'user_method' => 'setAvatar'],
|
|
|
|
|
]
|
|
|
|
|
],
|
|
|
|
|
'role' => [],
|
|
|
|
|
];
|
|
|
|
|
$systemConfig = SystemConfigurationFactory::create(new TestConfigLoader([]), ['ldap' => $ldapConfig]);
|
|
|
|
|
$config = new LdapConfiguration($systemConfig);
|
|
|
|
|
|
|
|
|
|
$ldapEntry = [
|
|
|
|
|
'uid' => ['Karl-Heinz'],
|
|
|
|
|
'email' => [['karl-heinz@example.com', 'foo@example.com', 'bar@example.com']],
|
|
|
|
|
'blub' => ['dfsdfsdf'],
|
|
|
|
|
'foo' => ['bar'],
|
|
|
|
|
'bar' => ['foo'],
|
|
|
|
|
'xxxxxxxx' => ['https://www.example.com'],
|
|
|
|
|
'blub1' => ['dfsdfsdf'],
|
|
|
|
|
'dn' => 'blub',
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$sut = new LdapManager($this->createMock(LdapDriver::class), $config, (new RoleServiceFactory($this))->create([]));
|
|
|
|
|
|
|
|
|
|
$user = new User();
|
|
|
|
|
$user->setPassword('foobar');
|
|
|
|
|
$sut->hydrateUser($user, $ldapEntry);
|
|
|
|
|
self::assertEquals('Karl-Heinz', $user->getUserIdentifier());
|
|
|
|
|
self::assertEquals('bar', $user->getAlias());
|
|
|
|
|
self::assertEquals('foo', $user->getTitle());
|
|
|
|
|
self::assertEquals('https://www.example.com', $user->getAvatar());
|
|
|
|
|
self::assertEquals('karl-heinz@example.com', $user->getEmail());
|
|
|
|
|
|
|
|
|
|
// make sure that the password was resetted in hydrate
|
|
|
|
|
$pwdCheck = clone $user;
|
|
|
|
|
$pwdCheck->setPassword('');
|
|
|
|
|
self::assertEquals($pwdCheck, $user);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-07 22:47:25 +00:00
|
|
|
public function testHydrateRoles(): void
|
2022-12-31 20:19:55 +00:00
|
|
|
{
|
|
|
|
|
$ldapConfig = [
|
|
|
|
|
'user' => [
|
|
|
|
|
'attributes' => []
|
|
|
|
|
],
|
|
|
|
|
'role' => [
|
|
|
|
|
'nameAttribute' => 'cn',
|
|
|
|
|
'userDnAttribute' => 'member',
|
|
|
|
|
'groups' => [
|
|
|
|
|
['ldap_value' => 'group1', 'role' => 'ROLE_TEAMLEAD'],
|
|
|
|
|
['ldap_value' => 'group2', 'role' => 'ROLE_ADMIN'],
|
|
|
|
|
['ldap_value' => 'group3', 'role' => 'ROLE_CUSTOMER'], // not existing!
|
|
|
|
|
['ldap_value' => 'group4', 'role' => 'ROLE_SUPER_ADMIN'],
|
|
|
|
|
],
|
|
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
$systemConfig = SystemConfigurationFactory::create(new TestConfigLoader([]), ['ldap' => $ldapConfig]);
|
|
|
|
|
$config = new LdapConfiguration($systemConfig);
|
|
|
|
|
|
|
|
|
|
$ldapGroups = [
|
|
|
|
|
// ROLE_TEAMLEAD
|
|
|
|
|
0 => [
|
|
|
|
|
'cn' => [0 => 'group1'],
|
|
|
|
|
'member' => [0 => 'uid=user1,ou=users,dc=kimai,dc=org', 1 => 'uid=user2,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
// ROLE_ADMIN
|
|
|
|
|
1 => [
|
|
|
|
|
'cn' => [0 => 'admin'],
|
|
|
|
|
'member' => [0 => 'uid=user2,ou=users,dc=kimai,dc=org', 1 => 'uid=user3,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
// will be ignored: unknown group
|
|
|
|
|
2 => [
|
|
|
|
|
'cn' => [0 => 'kimai_admin'],
|
|
|
|
|
'member' => [0 => 'uid=user2,ou=users,dc=kimai,dc=org', 1 => 'uid=user3,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
// will be ignored: unknown group
|
|
|
|
|
3 => [
|
|
|
|
|
'cn' => [0 => 'group3'],
|
|
|
|
|
'member' => [0 => 'uid=user2,ou=users,dc=kimai,dc=org', 1 => 'uid=user3,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
// will be ignored: the counter below does not announce this group!
|
|
|
|
|
4 => [
|
|
|
|
|
'cn' => [0 => 'group4'],
|
|
|
|
|
'member' => [0 => 'uid=user2,ou=users,dc=kimai,dc=org', 1 => 'uid=user3,ou=users,dc=kimai,dc=org'],
|
|
|
|
|
],
|
|
|
|
|
'count' => 4
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$roles = [
|
|
|
|
|
'ROLE_USER',
|
|
|
|
|
'ROLE_TEAMLEAD',
|
|
|
|
|
'ROLE_ADMIN',
|
|
|
|
|
'ROLE_SUPER_ADMIN',
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$sut = new LdapManager($this->createMock(LdapDriver::class), $config, (new RoleServiceFactory($this))->create($roles));
|
|
|
|
|
|
|
|
|
|
$user = new User();
|
|
|
|
|
$sut->hydrateRoles($user, $ldapGroups);
|
|
|
|
|
self::assertEquals(['ROLE_TEAMLEAD', 'ROLE_ADMIN', 'ROLE_USER'], $user->getRoles());
|
|
|
|
|
}
|
2019-06-07 20:48:39 +00:00
|
|
|
}
|
