setSynchMapping() * @todo test for ldapUserConf->ldapAssociateDrupalAccount($drupal_username) * */ module_load_include('php', 'ldap_test', 'LdapTestCase.class'); class LdapUserUnitTests extends LdapTestCase { public static function getInfo() { return array( 'name' => 'LDAP User Unit Tests', 'description' => 'Test functions outside of real contexts.', 'group' => 'LDAP User' ); } function __construct($test_id = NULL) { parent::__construct($test_id); } public $module_name = 'ldap_user'; protected $ldap_test_data; /** * create one or more server configurations in such as way * that this setUp can be a prerequisite for ldap_authentication and ldap_authorization */ function setUp() { parent::setUp(array('ldap_servers', 'ldap_user', 'ldap_authentication', 'ldap_test')); variable_set('ldap_simpletest', 2); } function tearDown() { parent::tearDown(); variable_del('ldap_help_watchdog_detail'); variable_del('ldap_simpletest'); } /** * make sure install succeeds and ldap user functions/methods work */ function testUnitTests() { // just to give warning if setup doesn't succeed. $setup_success = ( module_exists('ldap_user') && module_exists('ldap_servers') && (variable_get('ldap_simpletest', 2) > 0) ); $this->assertTrue($setup_success, ' ldap_user setup successful', $this->testId('setup')); $api_functions = array( 'ldap_user_conf' => array(2, 0), 'ldap_user_synch_to_drupal' => array(3, 1), 'ldap_user_provision_to_drupal' => array(2, 1), 'ldap_user_ldap_provision_semaphore' => array(4, 2), 'ldap_user_token_replace' => array(3, 2), 'ldap_user_token_tokenize_entry' => array(5, 2) ); foreach ($api_functions as $api_function_name => $param_count) { $reflector = new ReflectionFunction($api_function_name); $this->assertTrue( function_exists($api_function_name) && $param_count[1] == $reflector->getNumberOfRequiredParameters() && $param_count[0] == $reflector->getNumberOfParameters() , ' api function ' . $api_function_name . ' parameters and required parameters count unchanged.', $this->testId($api_function_name . ' unchanged')); } $this->assertTrue(drupal_cron_run(), t('Cron can run with ldap user enabled.'), $this->testId('cron works')); // test user token functions $entity = new stdClass(); $entity->lname['und'][0]['value'] = 'potter'; $entity->house['und'][0]['value'] = 'Gryffindor'; $entity->house['und'][1]['value'] = 'Privet Drive'; $account = new stdClass(); $account->mail = 'hpotter@hogwarts.edu'; $mail = ldap_user_token_replace('[property.mail]', $account, $entity); $this->assertTrue($mail == $account->mail, t('[property.mail] token worked on ldap_user_token_replace().'), $this->testId('tokens.property')); $lname = ldap_user_token_replace('[field.lname]', $account, $entity); $this->assertTrue($lname == $entity->lname['und'][0]['value'], t('[field.lname] token worked on ldap_user_token_replace().'), $this->testId('tokens.property.field')); $house1 = ldap_user_token_replace('[field.house:1]', $account, $entity); $this->assertTrue($house1 == $entity->house['und'][1]['value'], t('[field.house:1] token worked on ldap_user_token_replace().'), $this->testId('tokens.property.field.ordinal')); //@todo need tests for :last and a multivalued attribute. see http://drupal.org/node/1245736 $sids = array('activedirectory1'); $this->prepTestData('hogwarts', $sids, 'default'); // prepTestData($sids, 'provisionToDrupal', 'default'); $ldap_server = ldap_servers_get_servers('activedirectory1', NULL, TRUE, TRUE); $ldap_user_conf = ldap_user_conf('admin', TRUE); $this->assertTrue(is_object($ldap_user_conf), t('ldap_conf class instantiated'), $this->testId('construct ldapUserConf object')); $user_edit = array(); $ldap_user = ldap_servers_get_user_ldap_data('hpotter', $ldap_user_conf->drupalAcctProvisionServer, 'ldap_user_prov_to_drupal'); $desired_result = array( 'dn' => 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', 'mail' => 'hpotter@hogwarts.edu', 'attr' => $ldap_server->entries['cn=hpotter,ou=people,dc=hogwarts,dc=edu'], 'sid' => 'activedirectory1', ); $array_diff = array_diff($ldap_user, $desired_result); $this->assertTrue(count($array_diff) == 0, t('ldap_servers_get_user_ldap_data retrieved correct attributes and values'), $this->testId('ldap_servers_get_user_ldap_data')); if (count($array_diff) != 0) { debug('ldap_servers_get_user_ldap_data failed. resulting ldap data array:'); debug($ldap_user); debug('desired result:'); debug($desired_result); debug('array_diff:'); debug($array_diff); } $ldap_todrupal_prov_server = ldap_servers_get_servers($ldap_user_conf->drupalAcctProvisionServer, 'all', TRUE); $ldap_user_conf->entryToUserEdit($ldap_user, $user_edit, $ldap_todrupal_prov_server); unset($user_edit['pass']); $desired_result = array( 'mail' => 'hpotter@hogwarts.edu', 'name' => 'hpotter', 'init' => 'hpotter@hogwarts.edu', 'status' => 1, 'signature' => '', 'data' => array( 'ldap_authentication' => array( 'init' => array( 'sid' => 'activedirectory1', 'dn' => 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', 'mail' => 'hpotter@hogwarts.edu', ), ), ), 'ldap_user_puid' => array( 'und' => array( 0 => array( 'value' => '101', ), ), ), 'ldap_user_puid_property' => array( 'und' => array( 0 => array( 'value' => 'guid', ), ), ), 'ldap_user_puid_sid' => array( 'und' => array( 0 => array( 'value' => 'activedirectory1', ), ), ), 'ldap_user_current_dn' => array( 'und' => array( 0 => array( 'value' => 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', ), ), ), ); $array_diff = array_diff($user_edit, $desired_result); //@todo need better diff, this will give false positives in most cases // debug('user_edit,desired_result,diff'); debug( array($user_edit, $desired_result, $array_diff)); $this->assertTrue(count($array_diff) == 0, t('ldapUserConf::entryToUserEdit retrieved correct property, field, and data values.'), $this->testId('ldapUserConf::entryToUserEdit')); if (count($array_diff) != 0) { debug('ldapUserConf::entryToUserEdit failed. resulting user edit array:'); debug($user_edit); debug('desired result:'); debug($desired_result); debug('array_diff:'); debug($array_diff); } $is_synched_tests = array( LDAP_USER_EVENT_CREATE_DRUPAL_USER => array( 0 => array('[property.fake]', '[property.data]', '[property.uid]'), 1 => array('[property.mail]', '[property.name]', '[field.ldap_user_puid]', '[field.ldap_user_puid_property]', '[field.ldap_user_puid_sid]', '[field.ldap_user_current_dn]'), ), LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER => array( 0 => array('[property.fake]', '[property.data]', '[property.uid]', '[field.ldap_user_puid]', '[field.ldap_user_puid_property]', '[field.ldap_user_puid_sid]'), 1 => array('[property.mail]', '[property.name]', '[field.ldap_user_current_dn]'), ), ); $debug = array(); $fail = FALSE; foreach ($is_synched_tests as $prov_event => $tests) { foreach ($tests as $boolean_result => $attribute_tokens) { foreach ($attribute_tokens as $attribute_token) { $is_synched = $ldap_user_conf->isSynched($attribute_token, array($prov_event), LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER); // debug("is_synched_tests: is_synched=$is_synched, attribute_token=$attribute_token, prov_event=$prov_event"); if ((int)$is_synched !== (int)$boolean_result) { $fail = TRUE; $debug[$attribute_token] = "isSynched($attribute_token, array($prov_event), LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) returned $is_synched when it should have returned ". (int)$boolean_result; } } } } $this->assertFalse($fail, t('ldapUserConf::isSynched works'), $this->testId('ldapUserConf::isSynched')); if ($fail) { debug('ldapUserConf::isSynched failures:'); debug($debug); } $this->assertTrue($ldap_user_conf->isDrupalAcctProvisionServer('activedirectory1'), t('isDrupalAcctProvisionServer works'), $this->testId('isDrupalAcctProvisionServer')); $this->assertFalse($ldap_user_conf->isLdapEntryProvisionServer('activedirectory1'), t('isLdapEntryProvisionServer works'), $this->testId('isLdapEntryProvisionServer')); $ldap_user_required_attributes = $ldap_user_conf->getLdapUserRequiredAttributes(LDAP_USER_PROV_DIRECTION_ALL); $provision_enabled_truth = (boolean)( $ldap_user_conf->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, LDAP_USER_DRUPAL_USER_PROV_ON_USER_UPDATE_CREATE) && $ldap_user_conf->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, LDAP_USER_DRUPAL_USER_PROV_ON_AUTHENTICATE) && !$ldap_user_conf->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY, LDAP_USER_LDAP_ENTRY_PROV_ON_USER_UPDATE_CREATE) ); $this->assertTrue($provision_enabled_truth, t('provisionEnabled works'), $this->testId('provisionEnabled.1')); $provision_enabled_false = ($ldap_user_conf->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY, LDAP_USER_DRUPAL_USER_PROV_ON_USER_UPDATE_CREATE) || $ldap_user_conf->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY, LDAP_USER_DRUPAL_USER_PROV_ON_AUTHENTICATE) || $ldap_user_conf->provisionEnabled(LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, LDAP_USER_LDAP_ENTRY_PROV_ON_USER_UPDATE_CREATE)); $this->assertFalse($provision_enabled_false, t('provisionEnabled works'), $this->testId('provisionEnabled.2')); $account = new stdClass(); $account->name = 'hpotter'; $params = array('ldap_context' => 'ldap_user_prov_to_drupal', 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER); list($ldap_entry, $error) = $ldap_user_conf->drupalUserToLdapEntry($account, 'activedirectory1', $params); // debug('ldap_entry'); debug($ldap_entry); $account = NULL; $user_edit = array('name' => 'hpotter'); // test method provisionDrupalAccount() $hpotter = $ldap_user_conf->provisionDrupalAccount($account, $user_edit, NULL, TRUE); $hpotter = user_load_by_name('hpotter'); $properties_set = ( $hpotter->name == 'hpotter' && $hpotter->mail == 'hpotter@hogwarts.edu' && $hpotter->init == 'hpotter@hogwarts.edu' && $hpotter->status == 1 ); $this->assertTrue($properties_set, t('user name, mail, init, and status correctly populated for hpotter'), $this->testId()); $fields_set = ( isset($hpotter->ldap_user_puid['und'][0]['value']) && $hpotter->ldap_user_puid['und'][0]['value'] == '101' && isset($hpotter->ldap_user_puid_property['und'][0]['value']) && $hpotter->ldap_user_puid_property['und'][0]['value'] == 'guid' && isset($hpotter->ldap_user_puid_sid['und'][0]['value']) && $hpotter->ldap_user_puid_sid['und'][0]['value'] == 'activedirectory1' && isset($hpotter->ldap_user_current_dn['und'][0]['value']) && $hpotter->ldap_user_current_dn['und'][0]['value'] == 'cn=hpotter,ou=people,dc=hogwarts,dc=edu' ); $this->assertTrue($fields_set, t('user ldap_user_puid, ldap_user_puid_property, ldap_user_puid_sid, and ldap_user_current_dn correctly populated for hpotter'), $this->testId('provisionDrupalAccount function test 3')); $data_diff = array_diff( $hpotter->data['ldap_user'], array( 'init' => array( 'sid' => 'activedirectory1', 'dn' => NULL, 'mail' => 'hpotter@hogwarts.edu', ), ) ); $this->assertTrue(count($data_diff) == 0, t('user->data array correctly populated for hpotter'), $this->testId()); // test account exists with correct username, mail, fname, puid, puidfield, dn // change some user mock ldap data first, (mail and fname) then synch $account = user_load_by_name('hpotter'); $user_edit = NULL; $ldap_user_conf->ldapUserSynchMappings = array(); $sid = 'activedirectory1'; $ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER]['[property.mail]'] = array( 'sid' => $sid, 'ldap_attr' => '[mail]', 'user_attr' => '[property.mail]', 'convert' => 0, 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, 'ldap_contexts' => array('ldap_user_insert_drupal_user', 'ldap_user_update_drupal_user', 'ldap_authentication_authenticate'), 'prov_events' => array(LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER), 'name' => 'Property: Mail', 'enabled' => TRUE, 'config_module' => 'ldap_servers', 'prov_module' => 'ldap_user', 'user_tokens' => '', ); $ldap_user_conf->save(); $this->testFunctions->setFakeServerUserAttribute($sid, 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', 'mail', 'hpotter@owlcarriers.com', 0); $ldap_server = ldap_servers_get_servers('activedirectory1', NULL, TRUE, TRUE); // clear server cache; $user = $ldap_user_conf->synchToDrupalAccount($account, $user_edit, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER, NULL, TRUE); $hpotter = user_load_by_name('hpotter'); $hpotter_uid = $hpotter->uid; $success = ($hpotter->mail == 'hpotter@owlcarriers.com'); $this->assertTrue($success, t('synchToDrupalAccount worked for property (mail) for hpotter'), $this->testId()); if (!$success) { debug("hpotter mail after synchToDrupalAccount :" . $hpotter->mail); $ldap_server = ldap_servers_get_servers($sid, NULL, TRUE, TRUE); debug('ldap_server'); debug($ldap_server); } /** * test for username change and provisioning with puid conflict * hpotter drupal user already exists and has correct puid * change samaccountname value (puid field) of hpotter ldap entry and attempt to provision account with new username (hpotterbrawn) * return should be old drupal account (same uid) */ $this->testFunctions->setFakeServerUserAttribute('activedirectory1', 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', 'samaccountname', 'hpotter-granger', 0); $account = NULL; $user_edit = array('name' => 'hpotter-granger'); $hpottergranger = $ldap_user_conf->provisionDrupalAccount($account, $user_edit, NULL, TRUE); $this->testFunctions->setFakeServerUserAttribute('activedirectory1', 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', 'samaccountname', 'hpotter', 0); $pass = (is_object($hpottergranger) && is_object($hpotter) && $hpotter->uid == $hpottergranger->uid); $this->assertTrue($pass, t('provisionDrupalAccount recognized PUID conflict and synched instead of creating a conflicted drupal account.'), $this->testId('provisionDrupalAccount function test with existing user with same puid')); if (!$pass) { debug('hpotter'); debug($hpotter); debug('hpottergranger'); debug($hpottergranger); } $authmaps = user_get_authmaps('hpotter-granger'); $pass = $authmaps['ldap_user'] == 'hpotter-granger'; $this->assertTrue($pass, t('provisionDrupalAccount recognized PUID conflict and fixed authmap.'), $this->testId()); $pass = is_object($hpottergranger) && $hpottergranger->name == 'hpotter-granger'; $this->assertTrue($pass, t('provisionDrupalAccount recognized PUID conflict and fixed username.'), $this->testId()); $user_edit = array('name' => 'hpotter'); $hpotter = user_save($hpottergranger, $user_edit, 'ldap_user'); // delete and recreate test account to make sure account is in correct state $ldap_user_conf->deleteDrupalAccount('hpotter'); $this->assertFalse(user_load($hpotter_uid, TRUE), t('deleteDrupalAccount deleted hpotter successfully'), $this->testId()); $ldap_server = ldap_servers_get_servers('activedirectory1', 'enabled', TRUE, TRUE); $ldap_server->refreshFakeData(); $account = NULL; $user_edit = array('name' => 'hpotter'); $hpotter = $ldap_user_conf->provisionDrupalAccount($account, $user_edit, NULL, TRUE); } function testProvisionToDrupal() { /** * test that $ldap_user_conf->synchToDrupalAccount() works for various contexts. * make sure changing when a given field/property is flagged for a particular context, everything works * tests one property (property.mail) and one field (field.field_lname) as well as username, puid */ // just to give warning if setup doesn't succeed. may want to take these out at some point. $setup_success = ( module_exists('ldap_user') && module_exists('ldap_servers') && (variable_get('ldap_simpletest', 0) > 0) ); $this->assertTrue($setup_success, ' ldap_user setup successful', $this->testId("setup")); $sid = 'activedirectory1'; $sids = array($sid); $this->prepTestData('hogwarts', $sids, 'provisionToDrupal', 'default'); $tests = array(); $tests[] = array( 'disabled' => 0, 'user' => 'hpotter', 'field_name' => 'field_lname', 'field_values' => array(array('sn' => 'Potter'), array('sn' => 'Pottery-Chard')), 'field_results' => array('Potter', 'Pottery-Chard'), // first value is what is desired on synch, second if no sycn 'mapping' => array( 'sid' => $sid, 'name' => 'Field: Last Name', 'ldap_attr' => '[SN]', 'user_attr' => '[field.field_lname]', 'convert' => 0, 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, 'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER), 'user_tokens' => '', 'config_module' => 'ldap_user', 'prov_module' => 'ldap_user', 'enabled' => TRUE, ), ); // test for compound tokens $tests[] = array( 'disabled' => 0, 'user' => 'hpotter', 'field_name' => 'field_display_name', 'field_values' => array(array('givenname' => 'Harry', 'sn' => 'Potter'), array('givenname' => 'Sir Harry', 'sn' => 'Potter')), 'field_results' => array('Harry Potter', 'Sir Harry Potter'), // desired results 'mapping' => array( 'sid' => $sid, 'ldap_attr' => '[givenName] [sn]', 'user_attr' => '[field.field_display_name]', 'convert' => 0, 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, 'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER), 'name' => 'Field: Display Name', 'enabled' => TRUE, 'config_module' => 'ldap_user', 'prov_module' => 'ldap_user', 'user_tokens' => '', ), ); // test for constants in use (e.g. "Smith" and "0") instead of tokens e.g. "[sn]" and "[enabled]" $tests[] = array( 'disabled' => 0, 'user' => 'hpotter', 'field_name' => 'field_lname', 'field_values' => array(array('sn' => 'Potter1'), array('sn' => 'Potter2')), 'field_results' => array('Smith', 'Smith'), 'mapping' => array( 'sid' => $sid, 'name' => 'Field: Last Name', 'ldap_attr' => 'Smith', // testing of a constant mapped to a field. that is everyone should have last name smith 'user_attr' => '[field.field_lname]', 'convert' => 0, 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, 'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER), 'user_tokens' => '', 'config_module' => 'ldap_user', 'prov_module' => 'ldap_user', 'enabled' => TRUE, ), ); // test for compound tokens $tests[] = array( 'disabled' => 0, 'user' => 'hpotter', 'property_name' => 'signature', 'property_values' => array(array('cn' => 'hpotter'), array('cn' => 'hpotter2')), 'property_results' => array('hpotter@hogwarts.edu', 'hpotter2@hogwarts.edu'), 'mapping' => array( 'sid' => $sid, 'ldap_attr' => '[cn]@hogwarts.edu', 'user_attr' => '[property.signature]', 'convert' => 0, 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, 'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER), 'name' => 'Property: Signature', 'enabled' => TRUE, 'config_module' => 'ldap_servers', 'prov_module' => 'ldap_user', 'user_tokens' => '', ), ); $tests[] = array( 'disabled' => 0, 'user' => 'hpotter', 'property_name' => 'mail', 'property_values' => array(array('mail' => 'hpotter@hogwarts.edu'), array('mail' => 'hpotter@owlmail.com')), 'property_results' => array('hpotter@hogwarts.edu', 'hpotter@owlmail.com'), 'mapping' => array( 'sid' => $sid, 'ldap_attr' => '[mail]', 'user_attr' => '[property.mail]', 'convert' => 0, 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, 'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER), 'name' => 'Property: Mail', 'enabled' => TRUE, 'config_module' => 'ldap_servers', 'prov_module' => 'ldap_user', 'user_tokens' => '', ), ); $tests[] = array( 'disabled' => 0, 'user' => 'hpotter', 'property_name' => 'status', 'property_values' => array(array(0 => 'z'), array(0 => 'z')), 'property_results' => array(0, 0), 'mapping' => array( 'sid' => $sid, 'ldap_attr' => '0', 'user_attr' => '[property.status]', // testing of a constant mapped to property 'convert' => 0, 'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER, 'prov_events' => array(LDAP_USER_EVENT_CREATE_DRUPAL_USER), 'name' => 'Property: Status', 'enabled' => TRUE, 'config_module' => 'ldap_servers', 'prov_module' => 'ldap_user', 'user_tokens' => '', ), ); // @todo test with binary field // @todo case sensitivity in tokens and user_attr in mappings $test_prov_events = array( LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER => array( LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER, LDAP_USER_EVENT_CREATE_DRUPAL_USER, ), LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY => array( LDAP_USER_EVENT_SYNCH_TO_LDAP_ENTRY, LDAP_USER_EVENT_CREATE_LDAP_ENTRY, ), ); $this->privileged_user = $this->drupalCreateUser(array( 'administer site configuration', 'administer users' )); /** Tests for various synch contexts **/ foreach ($tests as $j => $test) { $field_name = isset($test['field_name']) ? $test['field_name'] : FALSE; $property_name = isset($test['property_name']) ? $test['property_name'] : FALSE; $direction = ($property_name) ? $test['mapping']['direction'] : $test['mapping']['direction']; foreach ($test_prov_events[$direction] as $i => $prov_event) { // test for each provision event // 1. set fake ldap values for field and property in fake ldap server // and clear out mappings and set to provision account with test field and prop[0] on provision $ldap_server = ldap_servers_get_servers('activedirectory1', 'enabled', TRUE); $this->prepTestData('hogwarts', $sids, 'provisionToDrupal', 'default'); $ldap_user_conf = ldap_user_conf('admin', TRUE); if ($property_name) { $token_attributes = array(); ldap_servers_token_extract_attributes($token_attributes, $test['mapping']['ldap_attr']); foreach ($token_attributes as $attr_name => $attr_parts) { $this->testFunctions->setFakeServerUserAttribute( 'activedirectory1', 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', $attr_name, $test['property_values'][0][$attr_name], 0); } $property_token = '[property.' . $property_name . ']'; $ldap_user_conf->ldapUserSynchMappings[$direction][$property_token] = $test['mapping']; } if ($field_name) { $token_attributes = array(); ldap_servers_token_extract_attributes($token_attributes, $test['mapping']['ldap_attr']); //debug('token_attributes'); debug($token_attributes); foreach ($token_attributes as $attr_name => $attr_parts ) { $this->testFunctions->setFakeServerUserAttribute( 'activedirectory1', 'cn=hpotter,ou=people,dc=hogwarts,dc=edu', $attr_name, $test['field_values'][0][drupal_strtolower($attr_name)], 0); } $field_token = '[field.' . $field_name . ']'; $ldap_user_conf->ldapUserSynchMappings[$direction][$field_token] = $test['mapping']; } $ldap_user_conf->save(); $ldap_user_conf = ldap_user_conf('admin', TRUE); // debug("ldap_user_conf in prep field_token=$field_token"); debug($ldap_user_conf->synchMapping); debug($ldap_user_conf->ldapUserSynchMappings); ldap_user_ldap_provision_semaphore(NULL, NULL, NULL, TRUE); ldap_servers_flush_server_cache(); // 2. delete user $username = $test['user']; $user_object = user_load_by_name($username); if (is_object($user_object)) { user_delete($user_object->uid); // watch out for this. } // 3. create new user with provisionDrupalAccount $account = NULL; $user_edit = array('name' => $username); // $this->ldapTestId = $this->module_name . ': provisionDrupalAccount function test'; $result = $ldap_user_conf->provisionDrupalAccount($account, $user_edit, NULL, TRUE); list($user_object, $user_entity) = ldap_user_load_user_acct_and_entity($username); if ($property_name) { if (in_array($prov_event, $ldap_user_conf->ldapUserSynchMappings[$direction][$property_token]['prov_events'])) { // if intended to synch $property_success = ($user_object->{$property_name} == $test['property_results'][0]); $this->assertTrue($property_success, t("provisionDrupalAccount worked for property $property_name"), $this->testId(":provisionDrupalAccount.i=$j.prov_event=$prov_event")); if (!$property_success) { debug('field fail,' . $property_name); debug($user_entity->{$property_name}); debug($test['property_results'][0]); //debug($user_entity); } } else { // debug("property_name=$property_name not configured to provisionDrupalAccount on drupal user create for direction=$direction and prov_event=$prov_event"); } } if ($field_name) { // debug("property_name=$property_name, prov_event=$prov_event, direction=$direction, field_token=$field_token, sid=$sid, ldap_user_conf->ldapUserSynchMappings $direction - $sid"); debug($ldap_user_conf->ldapUserSynchMappings[$direction][$sid]); if (in_array($prov_event, $ldap_user_conf->ldapUserSynchMappings[$direction][$field_token]['prov_events'])) { // if intended to synch $field_success = isset($user_entity->{$field_name}['und'][0]['value']) && $user_entity->{$field_name}['und'][0]['value'] == $test['field_results'][0]; $this->assertTrue($field_success, t("provisionDrupalAccount worked for field $field_name"), $this->testId(":provisionDrupalAccount.i=$j.prov_event=$prov_event")); if (!$field_success) { debug('field fail,' . $field_name); debug($user_entity->{$field_name}); debug($test['field_results'][0]); //debug($user_entity); } } else { debug("field_name=$field_name not configured to provisionDrupalAccount on drupal user create for direction=$direction and prov_event=$prov_event"); } } ldap_user_ldap_provision_semaphore(NULL, NULL, NULL, TRUE); } /** * manually create drupal user with option of not ldap associated checked */ if ($hpotter = user_load_by_name('hpotter')) { user_delete($hpotter->uid); } $this->assertFalse(user_load_by_name('hpotter'), t('hpotter removed before manual account creation test'), $this->testId('manual non ldap account created')); $this->drupalLogout(); $this->drupalLogin($this->privileged_user); $this->drupalGet('admin/people/create'); $edit = array( 'name' => 'hpotter', 'mail' => 'hpotter@hogwarts.edu', 'pass[pass1]' => 'goodpwd', 'pass[pass2]' => 'goodpwd', 'notify' => FALSE, 'ldap_user_association' => LDAP_USER_MANUAL_ACCT_CONFLICT_NO_LDAP_ASSOCIATE, ); $this->drupalPost('admin/people/create', $edit, t('Create new account')); $hpotter = user_load_by_name('hpotter'); $this->assertTrue($hpotter, t('hpotter created via ui form'), $this->testId('manual non ldap account created')); $this->assertTrue($hpotter && !ldap_user_is_ldap_associated($hpotter), t('hpotter not ldap associated'), $this->testId('manual non ldap account created')); } /** * $entry = $servers['activedirectory1']->dnExists($desired_dn, 'ldap_entry'); * $this->assertFalse($entry, t("Corresponding LDAP entry deleted when Drupal Account deleted for " . $username), $this->ldapTestId); */ } } class LdapUserIntegrationTests extends LdapTestCase { public static function getInfo() { return array( 'name' => 'LDAP User Integration Tests', 'description' => 'Test provisioning and synching in real contexts such as account creation on logon, synching on user edit, etc.', 'group' => 'LDAP User' ); } function __construct($test_id = NULL) { parent::__construct($test_id); } public $module_name = 'ldap_user'; protected $ldap_test_data; /** * create one or more server configurations in such as way * that this setUp can be a prerequisite for ldap_authentication and ldap_authorization */ function setUp() { parent::setUp(array('ldap_user', 'ldap_test')); variable_set('ldap_simpletest', 2); } function tearDown() { parent::tearDown(); variable_del('ldap_help_watchdog_detail'); variable_del('ldap_simpletest'); } /** * integration tests for provisioning to ldap */ function testProvisionToLdap() { // just to give warning if setup doesn't succeed. may want to take these out at some point. $setup_success = ( module_exists('ldap_user') && module_exists('ldap_servers') && (variable_get('ldap_simpletest', 2) > 0) ); $this->assertTrue($setup_success, ' ldap_user setup successful', $this->testId("setup")); foreach (array('activedirectory1', 'openldap1') as $test_sid) { $sids = array($test_sid); $this->prepTestData('hogwarts', $sids, 'provisionToLdap_' . $test_sid); // this will create the proper ldap_user configuration from ldap_test/ldap_user.conf.inc $ldap_user_conf = ldap_user_conf('default', TRUE); // 9.B. Create and approve new user, populating first and last name. $username = 'bhautdeser'; if ($user = user_load_by_name($username)) { user_delete($user->uid); } $user_edit = array( 'name' => $username, 'mail' => $username . '@hogwarts.org', 'pass' => user_password(), 'status' => 1, ); $user_acct = new stdClass(); $user_acct->is_new = TRUE; $user_acct->field_fname['und'][0]['value'] = 'Bercilak'; $user_acct->field_lname['und'][0]['value'] = 'Hautdesert'; $servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE); $desired_dn = "cn=bhautdeser,ou=people,dc=hogwarts,dc=edu"; $pre_entry = $servers[$test_sid]->dnExists($desired_dn, 'ldap_entry'); $drupal_account = user_save($user_acct, $user_edit); $ldap_entry_post = $servers[$test_sid]->dnExists($desired_dn, 'ldap_entry'); $ldap_entry_success = ( $ldap_entry_post && $ldap_entry_post['cn'][0] == 'bhautdeser' && $ldap_entry_post['displayname'][0] == 'Bercilak Hautdesert' && $ldap_entry_post['sn'][0] == 'Hautdesert' && $ldap_entry_post['guid'][0] == '151' && $ldap_entry_post['provisionsource'][0] == 'drupal.hogwarts.edu' ); $this->assertTrue($ldap_entry_success, t("provision of ldap entry on user create succeeded for " . $username), $this->testId("test for provision to ldap on drupal acct create")); if (!$ldap_entry_success) { debug('drupal_account'); debug($drupal_account); debug("desired_dn=$desired_dn, ldap_entry_post="); debug($ldap_entry_post); debug('ldap_user_conf'); debug($ldap_user_conf); } ldap_user_ldap_provision_semaphore(NULL, NULL, NULL, TRUE); // need to reset for simpletests // Change lastname and first name (in drupal) and save user to test ldapSynch event handler // confirm that appropriate attributes were changed in ldap entry $ldap_entry_pre = $servers[$test_sid]->dnExists($desired_dn, 'ldap_entry'); $user_acct_pre = user_load_by_name('bhautdeser'); $edit = array(); $edit['field_fname']['und'][0]['value'] = 'Bredbeddle'; $edit['field_lname']['und'][0]['value'] = 'Hautdesert'; $user_acct = user_save($user_acct, $edit); $user_acct_post = user_load_by_name('bhautdeser'); $servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE); // clear cache $ldap_entry_post = $servers[$test_sid]->dnExists($desired_dn, 'ldap_entry'); $ldap_entry_success = ( $ldap_entry_post['givenname'][0] == 'Bredbeddle' && $ldap_entry_post['displayname'][0] == 'Bredbeddle Hautdesert' && $ldap_entry_post['sn'][0] == 'Hautdesert' ); $this->assertTrue($ldap_entry_success, t("synch to ldap entry on user save succeeded for " . $username), $this->testId()); if (!$ldap_entry_success) { debug("dn=$desired_dn"); debug('drupal_account pre'); debug($user_acct_pre); debug('drupal_account post'); debug($user_acct_post); debug('ldap_entry_pre'); debug($ldap_entry_pre); debug('ldap_entry_post'); debug($ldap_entry_post); debug('ldap_user_conf'); debug($ldap_user_conf); } // Change username and first name (in drupal) and save user to test ldapSynch event handler // confirm that appropriate attributes were changed in ldap entry $ldap_entry_pre = $servers[$test_sid]->dnExists($desired_dn, 'ldap_entry'); $user_acct_pre = user_load_by_name('bhautdeser'); $edit = array(); $edit['field_fname']['und'][0]['value'] = 'Bredbeddle'; $edit['field_lname']['und'][0]['value'] = 'Hautdesert'; $user_acct = user_save($user_acct, $edit); $user_acct_post = user_load_by_name('bhautdeser'); $servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE); // clear cache $ldap_entry_post = $servers[$test_sid]->dnExists($desired_dn, 'ldap_entry'); $ldap_entry_success = ( $ldap_entry_post['givenname'][0] == 'Bredbeddle' && $ldap_entry_post['displayname'][0] == 'Bredbeddle Hautdesert' && $ldap_entry_post['sn'][0] == 'Hautdesert' ); $this->assertTrue($ldap_entry_success, t("synch to ldap entry on user save succeeded for " . $username), $this->testId()); if (!$ldap_entry_success) { debug("dn=$desired_dn"); debug('drupal_account pre'); debug($user_acct_pre); debug('drupal_account post'); debug($user_acct_post); debug('ldap_entry_pre'); debug($ldap_entry_pre); debug('ldap_entry_post'); debug($ldap_entry_post); debug('ldap_user_conf'); debug($ldap_user_conf); } } /** * provisionToLdapEmailVerification * use case where a user self creates and confirms a drupal account and * a corresponding ldap entry with password is created */ $password_tests = array( '[password.user-random]' => 'goodpwd', '[password.random]' => 'random', ); foreach ($password_tests as $password_token => $password_result) { $test_id = "provisionToLdapEmailVerification $password_token, $test_sid"; ldap_user_ldap_provision_semaphore(NULL, NULL, NULL, TRUE); // need to reset for simpletests /** * provisionToLdapEmailVerification setup */ $this->prepTestData('hogwarts', $sids, 'provisionToLdap_' . $test_sid); // this will create the proper ldap_user configuration from ldap_test/ldap_user.conf.inc $ldap_user_conf = ldap_user_conf('admin', TRUE); $ldap_user_conf->drupalAcctProvisionServer = 0; // turn off provisioning to drupal $ldap_user_conf->ldapEntryProvisionServer = $test_sid; $ldap_user_conf->ldapEntryProvisionTriggers = array( LDAP_USER_LDAP_ENTRY_PROV_ON_USER_UPDATE_CREATE, LDAP_USER_LDAP_ENTRY_PROV_ON_AUTHENTICATE ); $ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_LDAP_ENTRY]['[password]'] = array( 'sid' => $test_sid, 'ldap_attr' => '[password]', 'user_attr' => 'user_tokens', 'convert' => 0, 'user_tokens' => $password_token, 'config_module' => 'ldap_user', 'synch_module' => 'ldap_user', 'enabled' => 1, 'prov_events' => array(LDAP_USER_EVENT_CREATE_LDAP_ENTRY, LDAP_USER_EVENT_SYNCH_TO_LDAP_ENTRY), ); $ldap_user_conf->save(); $ldap_user_conf = ldap_user_conf('default', TRUE); // debug('ldap_user_conf after provisionToLdapEmailVerification setup'); debug($ldap_user_conf); variable_set('user_email_verification', TRUE); variable_set('user_register', USER_REGISTER_VISITORS); // or USER_REGISTER_ADMINISTRATORS_ONLY, USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL variable_set('user_cancel_method', 'user_cancel_block'); // user_cancel_block_unpublish, user_cancel_reassign, user_cancel_delete $username = 'sstephens'; $this->drupalLogout(); if ($sstephens = user_load_by_name($username)) { user_delete($sstephens->uid); } /** * provisionToLdapEmailVerification test */ $this->drupalGet('user/register'); // user register form $edit = array( 'name' => $username, 'mail' => $username . '@hogwarts.edu', ); $this->createTestUserFields(); // this will create last and first name fields $this->drupalPost('user/register', $edit, t('Create new account')); $sstephens = user_load_by_name($username); //can't derive login url, must get it from outgoing email because timestamp in hash is not stored in user_mail_tokens() $emails = $this->drupalGetMails(); $email_body = $emails[count($emails) - 1]['body']; // most recent email is the one of interest $result = array(); preg_match_all('/(user\/reset\/.*)This link can only be/s', $email_body, $result, PREG_PATTERN_ORDER); if (count($result == 2)) { $login_path = trim($result[1][0]); $this->drupalGet($login_path); // user login form $sstephens = user_load_by_name($username); $this->drupalPost($login_path, array(), t('Log in')); $sstephens = user_load_by_name($username); $edit = array( 'mail' => $username . '@hogwarts.edu', 'pass[pass1]' => 'goodpwd', 'pass[pass2]' => 'goodpwd', 'field_fname[und][0][value]' => 'Samantha', 'field_lname[und][0][value]' => 'Stephens' ); $this->drupalPost(NULL, $edit, t('Save')); $sstephens = user_load_by_name($username); $servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE); // clear cache $desired_dn = "cn=$username,ou=people,dc=hogwarts,dc=edu"; $ldap_entry_post = $servers[$test_sid]->dnExists($desired_dn, 'ldap_entry'); $password_success = ( is_array($ldap_entry_post) && ( ($password_token == '[password.random]' && $ldap_entry_post['password'][0] && $ldap_entry_post['password'][0] != 'goodpwd') || ($password_token == '[password.user-random]' && $ldap_entry_post['password'][0] == $password_result) ) ); $ldap_entry_success = ( $password_success && $ldap_entry_post['cn'][0] == $username && $ldap_entry_post['displayname'][0] == 'Samantha Stephens' && $ldap_entry_post['provisionsource'][0] == 'drupal.hogwarts.edu' && $ldap_entry_post['sn'][0] == 'Stephens' && $ldap_entry_post['givenname'][0] == 'Samantha' ); } else { $ldap_entry_success = FALSE; } $this->assertTrue($ldap_entry_success, t("correct ldap entry created for " . $username), $this->testId($test_id)); if (!$ldap_entry_success) { debug("password_success=$password_success,password_token,password_result: $password_token, $password_result"); debug('ldap_user_conf'); debug($ldap_user_conf); debug('ldap_entry_post'); debug($ldap_entry_post); debug('user'); debug($sstephens); } /** * @todo functional tests do a password reset of some sort try to add a drupal user that conflicts with an ldap user try a binary fields such as a user profile image */ } // test deletion of drupal entry on deletion of drupal user foreach (array('activedirectory1', 'openldap1') as $test_sid) { $test_id = $test_sid; // 1. setup $sids = array($test_sid); $this->prepTestData('hogwarts', $sids, 'provisionToLdap_' . $test_sid); // this will create the proper ldap_user configuration from ldap_test/ldap_user.conf.inc $ldap_user_conf = ldap_user_conf('admin', TRUE); if (!in_array(LDAP_USER_LDAP_ENTRY_DELETE_ON_USER_DELETE, $ldap_user_conf->ldapEntryProvisionTriggers)) { $ldap_user_conf->ldapEntryProvisionTriggers[] = LDAP_USER_LDAP_ENTRY_DELETE_ON_USER_DELETE; } $ldap_user_conf->provisionsLdapEntriesFromDrupalUsers = TRUE; $ldap_user_conf->save(); $username = 'bhautdeser'; if ($user = user_load_by_name($username)) { user_delete($user->uid); } $user_edit = array( 'name' => $username, 'mail' => $username . '@hogwarts.org', 'pass' => user_password(), 'status' => 1, ); $user_acct = new stdClass(); $user_acct->is_new = TRUE; $user_acct->field_fname['und'][0]['value'] = 'Bercilak'; $user_acct->field_lname['und'][0]['value'] = 'Hautdesert'; $servers = ldap_servers_get_servers(NULL, NULL, FALSE, TRUE); $desired_dn = "cn=bhautdeser,ou=people,dc=hogwarts,dc=edu"; $pre_entry = $servers[$test_sid]->dnExists($desired_dn, 'ldap_entry'); $drupal_account = user_save($user_acct, $user_edit); $ldap_entry_pre_delete = $servers[$test_sid]->dnExists($desired_dn, 'ldap_entry'); $ldap_entry = $ldap_user_conf->getProvisionRelatedLdapEntry($drupal_account); // 2. test user_delete($drupal_account->uid); $ldap_server = ldap_servers_get_servers($test_sid, 'all', TRUE, TRUE); $ldap_entry_post_delete = $ldap_server->dnExists($desired_dn, 'ldap_entry'); $success = (!$ldap_entry_post_delete); $this->assertTrue($success, t("ldap entry removed for $username on drupal user delete with deletion enabled."), $this->testId($test_id)); if (!$success) { debug(" desired_dn=$desired_dn test_sid=$test_sid, ldap entry post:"); debug($ldap_entry_post_delete); } } } /** * test cron function for dealing with ldap associated users who no longer have * ldap entries * - fix search in fake server to deal with general or queries * * simpletest approach: * - loop through all options for user_cancel * ldap_user_orphan_email user_cancel_block, user_cancel_block_unpublish, user_cancel_reassign, user_cancel_delete * - automatically generate 70 ldap users with cns hpotter1-hpotter300 * - create 75 corresponding drupal uses that are ldap identified * - delete 10 of the ldap entries * - run cron * - test for drupal accounts being dealt with correctly and or email sent */ function testDrupalAccountsOrphaned() { // just to give warning if setup doesn't succeed. may want to take these out at some point. $setup_success = ( module_exists('ldap_user') && module_exists('ldap_servers') && (variable_get('ldap_simpletest', 2) > 0) ); $this->assertTrue($setup_success, ' ldap_user setup successful', $this->testId('orphaned entries tests')); $sids = array('activedirectory1'); $this->prepTestData('hogwarts', $sids, 'provisionToDrupal', 'default'); $ldap_user_conf = ldap_user_conf('admin'); $drupal_form = $ldap_user_conf->drupalForm(); $account_options = $drupal_form['basic_to_drupal']['orphanedDrupalAcctBehavior']['#options']; $cn_to_account = array(); $ldap_server = ldap_servers_get_servers('activedirectory1', NULL, TRUE, TRUE); // debug("ldap_server"); debug(is_object($ldap_server)); foreach ($account_options as $account_option => $account_option_text) { // debug("$account_option - $account_option_text"); $sids = array('activedirectory1'); $this->prepTestData('hogwarts', $sids, 'provisionToDrupal', 'default'); $ldap_user_conf->orphanedDrupalAcctBehavior = $account_option; $ldap_user_conf->save(); $test_id = "ldap_user.orphans.$account_option"; $test_text = "Test of orphaned Drupal account option: $account_option_text"; $success = FALSE; // create 70 drupal accounts (clone0 to clone69) based on corresponding ldap entries $first_clone_username = 'clone0'; $last_clone_username= 'clone' . (LDAP_TEST_USER_ORPHAN_CLONE_COUNT - 1); for ($i = 0; $i < LDAP_TEST_USER_ORPHAN_CLONE_COUNT; $i++) { // 70 $name = "clone" . $i; //debug("create clone $name, activedirectory1"); $account = $this->createLdapIdentifiedDrupalAccount( $ldap_user_conf, $name, 'activedirectory1' ); $cn_to_account[$name] = $account; //debug("new account"); debug($account); } // debug($cn_to_account['clone0']); // debug($cn_to_account[$last_clone_username]); // delete 10 ldap entries $clone_first_uid = $cn_to_account[$first_clone_username]->uid; $clone_last_uid = $cn_to_account[$last_clone_username]->uid; $clone_first = user_load($clone_first_uid, TRUE); $clone_last = user_load($clone_last_uid, TRUE); //debug("pre ldap delete, clone0 and cloneN $first_clone_username and $last_clone_username"); debug($clone_first);debug($clone_last); //debug($ldap_server->entries); $delete = LDAP_TEST_USER_ORPHAN_CLONE_COUNT - LDAP_TEST_USER_ORPHAN_CLONE_REMOVE_COUNT; for ($i = 0; $i < $delete; $i++) { $name = "clone" . $i; $account = $cn_to_account[$name]; //debug("delete ldap entry: ". $account->ldap_user_current_dn['und'][0]['value']); // ?? is it possible the ldap delete hook is causing the drupal user to get populated with empty values? $ldap_server->delete($account->ldap_user_current_dn['und'][0]['value']); } $clone_first = user_load($clone_first_uid, TRUE); $clone_last = user_load($clone_last_uid, TRUE); //debug("post ldap delete and pre cron, clone0 and cloneN"); debug($clone_first->status);debug($clone_last->status);// debug($ldap_server->entries); drupal_cron_run(); $clone_first = user_load($clone_first_uid, TRUE); $clone_last = user_load($clone_last_uid, TRUE); //debug("post cron, clone0 and cloneN"); debug($clone_first->status);debug($clone_last->status); //debug($ldap_server->entries); switch ($account_option) { case 'ldap_user_orphan_do_not_check': $test_uids = array(); for ($i = 0; $i < LDAP_TEST_USER_ORPHAN_CLONE_COUNT; $i++) { // 70 $name = "clone" . $i; $test_uids[] = @$cn_to_account[$name]->uid; //debug($account); } $success = TRUE; $accounts = user_load_multiple($test_uids); // debug("accounts for $test_id"); debug($accounts); foreach ($accounts as $uid => $account) { if ($account->status != 1) { $success = FALSE; break; } } if ($success) { $success = ($clone_last && $clone_last->status == 1); if (!$success) { // debug("success = $success, status=" . $clone_last->status); } } break; case 'ldap_user_orphan_email' : // debug('ldap_user_orphan_email'); // test is if email has 10 users and was sent $emails = $this->drupalGetMails(); if (count($emails)) { $email_body = $emails[count($emails) - 1]['body']; // most recent email is the one of interest $success = (strpos($email_body, "The following $delete Drupal users") !== FALSE); } else { $success = FALSE; } break; case 'user_cancel_block': case 'user_cancel_block_unpublish': //debug('user_cancel_block'); // test is if clone0-clone9 have a status of 0 // and clone12,11... have a status of 1 $test_uids = array(); for ($i = 0; $i < $delete; $i++) { // 70 $name = "clone" . $i; $test_uids[] = @$cn_to_account[$name]->uid; } $success = TRUE; $accounts = user_load_multiple($test_uids); foreach ($accounts as $uid => $account) { if ($account->status != 0) { $success = FALSE; break; } } if ($success) { $clone_last = user_load($clone_last_uid, TRUE); $success = ($clone_last && $clone_last->status == 1); } break; case 'user_cancel_reassign': case 'user_cancel_delete': // test is if clone0-clone9 are deleted // and clone12,11... have a status of 1 $test_uids = array(); for ($i = 0; $i < $delete; $i++) { // 70 $name = "clone" . $i; $test_uids[] = @$cn_to_account[$name]->uid; //debug($account); } $success = TRUE; $accounts = user_load_multiple($test_uids); $success = (count($accounts) == LDAP_TEST_USER_ORPHAN_CLONE_COUNT); if ($success) { $clone_last = user_load($clone_last_uid, TRUE); $success = ($clone_last && $clone_last->status == 1); } break; } $this->assertTrue($success, $test_id, $test_text); // remove all drupal users except 1 for next test foreach ($cn_to_account as $cn => $account) { @user_delete($account->uid); } } } function createLdapIdentifiedDrupalAccount($ldap_user_conf, $name, $sid) { $account = NULL; $user_edit = array('name' => $name); $user = $ldap_user_conf->provisionDrupalAccount($account, $user_edit, NULL, TRUE); return user_load($user->uid, TRUE); } } class LdapUserUITests extends LdapTestCase { public static function getInfo() { return array( 'name' => 'LDAP User User Interface', 'description' => 'Test ldap user admin interface.', 'group' => 'LDAP User' ); } function __construct($test_id = NULL) { parent::__construct($test_id); } public $module_name = 'ldap_user'; protected $ldap_test_data; /** * create one or more server configurations in such as way * that this setUp can be a prerequisite for ldap_authentication and ldap_authorization */ function setUp() { parent::setUp(array('ldap_user', 'ldap_test')); variable_set('ldap_simpletest', 2); } function tearDown() { parent::tearDown(); variable_del('ldap_help_watchdog_detail'); variable_del('ldap_simpletest'); } /** * make sure user admin interface works. (its a beast) */ function testUI() { // just to give warning if setup doesn't succeed. may want to take these out at some point. $setup_success = ( module_exists('ldap_user') && module_exists('ldap_servers') && (variable_get('ldap_simpletest', 2) > 0) ); $this->assertTrue($setup_success, ' ldap_user setup successful', $this->testId('user interface tests')); $sids = array('activedirectory1'); $this->prepTestData('hogwarts', $sids, 'provisionToDrupal', 'default'); $this->privileged_user = $this->drupalCreateUser(array( 'administer site configuration', 'administer users' )); $this->drupalLogin($this->privileged_user); $ldap_user_conf = ldap_user_conf(); // debug('ldap_user_conf before form submission'); debug($ldap_user_conf); $this->drupalGet('admin/config/people/ldap/user'); // Populate the field settings with new settings. $sid = 'activedirectory1'; $edit_direct_map = array( 'manualAccountConflict' => LDAP_USER_MANUAL_ACCT_CONFLICT_LDAP_ASSOCIATE, 'drupalAcctProvisionServer' => $sid, 'userConflictResolve' => LDAP_USER_CONFLICT_LOG, 'acctCreation' => LDAP_USER_ACCT_CREATION_LDAP_BEHAVIOR_DEFAULT, 'orphanedDrupalAcctBehavior' => 'ldap_user_orphan_email', 'orphanedCheckQty' => '50', 'ldapEntryProvisionServer' => $sid, ); // 'wsEnabled' => TRUE, 'wsKey' => $wsKey, // 'wsUserIps' => join("\n", $wsUserIps), $edit = $edit_direct_map + array( 'drupalAcctProvisionTriggers[' . LDAP_USER_DRUPAL_USER_PROV_ON_AUTHENTICATE . ']' => TRUE, 'drupalAcctProvisionTriggers[' . LDAP_USER_DRUPAL_USER_PROV_ON_USER_UPDATE_CREATE . ']' => TRUE, '1__sm__ldap_attr__6' => '[sn]', '1__sm__convert__6' => FALSE, '1__sm__user_attr__6' => '[field.field_lname]', '1__sm__1__6' => TRUE, '1__sm__2__6' => TRUE, '1__sm__ldap_attr__7' => '[givenname]', '1__sm__convert__7' => FALSE, '1__sm__user_attr__7' => '[field.field_fname]', '1__sm__1__7' => TRUE, '1__sm__2__7' => TRUE, 'ldapEntryProvisionTriggers[' . LDAP_USER_LDAP_ENTRY_PROV_ON_USER_UPDATE_CREATE . ']' => TRUE, 'ldapEntryProvisionTriggers[' . LDAP_USER_LDAP_ENTRY_PROV_ON_AUTHENTICATE . ']' => TRUE, 'ldapEntryProvisionTriggers[' . LDAP_USER_LDAP_ENTRY_DELETE_ON_USER_DELETE . ']' => TRUE, '2__sm__user_attr__0' => 'user_tokens', '2__sm__user_tokens__0' => 'Drupal provisioned account for [property.uid]', '2__sm__convert__0' => FALSE, '2__sm__ldap_attr__0' => '[description]', '2__sm__4__3' => TRUE, '2__sm__4__3' => TRUE, '2__sm__user_attr__1' => '[property.uid]', '2__sm__user_tokens__1' => '', '2__sm__convert__1' => TRUE, '2__sm__ldap_attr__1' => '[guid]', '2__sm__4__1' => TRUE, '2__sm__4__1' => TRUE, '2__sm__user_attr__2' => 'user_tokens', '2__sm__user_tokens__2' => 'cn=[property.name]ou=people,dc=hogwarts,dc=edu', '2__sm__convert__2' => FALSE, '2__sm__ldap_attr__2' => '[dn]', '2__sm__4__2' => TRUE, '2__sm__4__2' => TRUE, ); $this->drupalPost('admin/config/people/ldap/user', $edit, t('Save')); $ldap_user_conf = ldap_user_conf(NULL, TRUE); // debug('edit'); debug($edit); debug('user conf object after save'); debug($ldap_user_conf); foreach ($edit_direct_map as $property => $value) { $this->assertTrue($ldap_user_conf->{$property} == $value, $property . ' ' . t('field set correctly'), $this->testId('user interface tests')); } // $this->assertTrue( // ($ldap_user_conf->wsUserIps[0] == $wsUserIps[0] && $ldap_user_conf->wsUserIps[1] == $wsUserIps[1]) // , t('webserice ips set correctly'), $this->testId('user interface tests')); $this->assertTrue( isset($ldap_user_conf->drupalAcctProvisionTriggers[LDAP_USER_DRUPAL_USER_PROV_ON_AUTHENTICATE]) && isset($ldap_user_conf->drupalAcctProvisionTriggers[LDAP_USER_DRUPAL_USER_PROV_ON_USER_UPDATE_CREATE]) , t('drupal provision triggers set correctly'), $this->testId('user interface tests')); $this->assertTrue( isset($ldap_user_conf->ldapEntryProvisionTriggers[LDAP_USER_LDAP_ENTRY_PROV_ON_USER_UPDATE_CREATE]) && isset($ldap_user_conf->ldapEntryProvisionTriggers[LDAP_USER_LDAP_ENTRY_PROV_ON_AUTHENTICATE]) && isset($ldap_user_conf->ldapEntryProvisionTriggers[LDAP_USER_LDAP_ENTRY_DELETE_ON_USER_DELETE]) , t('ldap provision triggers set correctly'), $this->testId('user interface tests')); $field_token = '[field.field_lname]'; $field_lname_set_correctly = ( $ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER][$field_token]['enabled'] == TRUE && $ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER][$field_token]['ldap_attr'] == '[sn]'); $this->assertTrue($field_lname_set_correctly, t('Synch mapping for field.field_lname field set correctly'), $this->testId('user interface tests')); if (!$field_lname_set_correctly) { debug('ldap_user_conf->synchMapping[direction][field.field_lname]'); debug($ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER]['field.field_lname']); } $field_token = '[field.field_fname]'; $field_fname_set_correctly = ($ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER][$field_token]['enabled'] == TRUE && $ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER][$field_token]['direction'] == 1 && $ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER][$field_token]['ldap_attr'] == '[givenname]'); $this->assertTrue($field_fname_set_correctly, t('Synch mapping for field.field_lname field set correctly'), $this->testId('user interface tests')); if (!$field_fname_set_correctly) { debug('ldap_user_conf->synchMapping[direction][field.field_lname]'); debug($ldap_user_conf->ldapUserSynchMappings[LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER]['field.field_lname']); } } }