67-CheckUser.t 6.26 KB
Newer Older
1 2 3 4 5 6 7 8 9 10
use Test::More;
use strict;
use IO::String;

BEGIN {
    require 't/test-lib.pm';
}

my $res;

11 12
my $client = LLNG::Manager::Test->new( {
        ini => {
13
            logLevel                       => 'debug',
14 15 16 17 18 19 20
            authentication                 => 'Demo',
            userDB                         => 'Same',
            loginHistoryEnabled            => 0,
            brutForceProtection            => 0,
            portalMainLogo                 => 'common/logos/logo_llng_old.png',
            checkUser                      => 1,
            requireToken                   => 0,
21
            checkUserIdRule                => '$uid ne "msmith"',
22 23 24 25 26 27 28
            checkUserDisplayPersistentInfo => 1,
            checkUserDisplayEmptyValues    => 1,
        }
    }
);

## Try to authenticate
29 30
ok(
    $res = $client->_post(
31
        '/',
32
        IO::String->new('user=msmith&password=msmith'),
33 34 35 36 37 38 39 40 41 42
        length => 27,
        accept => 'text/html',
    ),
    'Auth query'
);
count(1);

my $id = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );

43 44
ok(
    $res = $client->_get(
45 46 47 48 49 50 51 52
        '/checkuser',
        cookie => "lemonldap=$id",
        accept => 'text/html'
    ),
    'Try to access /checkuser'
);
count(1);

53 54 55 56 57
ok( $res->[2]->[0] =~ m%An error occurs, you're going to be redirected to%,
    'Found redirection page' )
  or explain( $res->[2]->[0],
    "An error occurs, you're going to be redirected to" );
count(1);
58 59 60
$client->logout($id);

## Try to authenticate
61 62
ok(
    $res = $client->_post(
63 64 65 66 67 68 69 70 71 72 73 74 75 76
        '/',
        IO::String->new('user=dwho&password=dwho'),
        length => 23,
        accept => 'text/html',
    ),
    'Auth query'
);
count(1);

$id = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );

# CheckUser form -> granted
# ------------------------
77 78
ok(
    $res = $client->_get(
79 80 81 82 83 84 85
        '/checkuser',
        cookie => "lemonldap=$id",
        accept => 'text/html'
    ),
    'CheckUser form',
);
count(1);
86 87

# Request with bad VH
88 89 90 91
my ( $host, $url, $query ) =
  expectForm( $res, undef, '/checkuser', 'user', 'url' );
ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
  or explain( $res->[2]->[0], 'trspan="checkUser"' );
92 93
count(1);

Christophe Maudoux's avatar
Christophe Maudoux committed
94
$query =~ s/user=/user=rtyler/;
95
$query =~ s/url=/url=http%3A%2F%2Ftry.example.com/;
96 97
ok(
    $res = $client->_post(
98 99 100 101 102 103 104 105 106
        '/checkuser',
        IO::String->new($query),
        cookie => "lemonldap=$id",
        length => length($query),
        accept => 'text/html',
    ),
    'POST checkuser'
);
count(1);
107

108 109
( $host, $url, $query ) =
  expectForm( $res, undef, '/checkuser', 'user', 'url' );
110 111
ok( $res->[2]->[0] =~ m%<span trspan="VHnotFound">%,
    'Found trspan="VHnotFound"' )
112
  or explain( $res->[2]->[0], 'trspan="VHnotFound"' );
113 114
count(1);

115
# Request with good VH & user
116 117 118 119
$query =~
  s/url=http%3A%2F%2Ftry.example.com/url=http%3A%2F%2Ftest1.example.com/;
ok(
    $res = $client->_post(
120 121 122 123 124 125 126 127 128 129
        '/checkuser',
        IO::String->new($query),
        cookie => "lemonldap=$id",
        length => length($query),
        accept => 'text/html',
    ),
    'POST checkuser'
);
count(1);

130 131 132 133
( $host, $url, $query ) =
  expectForm( $res, undef, '/checkuser', 'user', 'url' );
ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
  or explain( $res->[2]->[0], 'trspan="checkUser"' );
134 135
count(1);

136 137 138 139 140
ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
  or explain( $res->[2]->[0], 'trspan="checkUser"' );
ok(
    $res->[2]->[0] =~
m%<div class="alert alert-success"><b><span trspan="allowed"></span></b></div>%,
141 142 143
    'Found trspan="allowed"'
) or explain( $res->[2]->[0], 'trspan="allowed"' );
ok( $res->[2]->[0] =~ m%<span trspan="headers">%, 'Found trspan="headers"' )
144
  or explain( $res->[2]->[0], 'trspan="headers"' );
145 146
ok( $res->[2]->[0] =~ m%<span trspan="groups_sso">%,
    'Found trspan="groups_sso"' )
147
  or explain( $res->[2]->[0], 'trspan="groups_sso"' );
148
ok( $res->[2]->[0] =~ m%<span trspan="macros">%, 'Found trspan="macros"' )
149
  or explain( $res->[2]->[0], 'trspan="macros"' );
150 151
ok( $res->[2]->[0] =~ m%<span trspan="attributes">%,
    'Found trspan="attributes"' )
152
  or explain( $res->[2]->[0], 'trspan="attributes"' );
153 154
ok( $res->[2]->[0] =~ m%<td class="align-middle">Auth-User</td>%,
    'Found Auth-User' )
155 156 157
  or explain( $res->[2]->[0], 'Header Key: Auth-User' );
ok( $res->[2]->[0] =~ m%<td class="align-middle">rtyler</td>%, 'Found rtyler' )
  or explain( $res->[2]->[0], 'Header Value: rtyler' );
158
ok( $res->[2]->[0] =~ m%<td class="align-middle">su</td>%, 'Found su' )
159
  or explain( $res->[2]->[0], 'SSO Groups: su' );
160 161
ok( $res->[2]->[0] =~ m%<td class="align-middle">_whatToTrace</td>%,
    'Found _whatToTrace' )
162
  or explain( $res->[2]->[0], 'Macro Key _whatToTrace' );
163
ok( $res->[2]->[0] =~ m%<td class="text-left">uid</td>%, 'Found uid' )
164
  or explain( $res->[2]->[0], 'Attribute Value uid' );
165 166
count(11);

167 168 169 170 171 172 173 174 175 176 177 178 179 180 181
# Request a forbidden identity
$query =~ s/user=rtyler/user=msmith/;
ok(
    $res = $client->_post(
        '/checkuser',
        IO::String->new($query),
        cookie => "lemonldap=$id",
        length => length($query),
        accept => 'text/html',
    ),
    'POST checkuser'
);
ok(
    $res->[2]->[0] =~
m%<div class="message message-positive alert"><span trspan="PE5"></span></div>%,
182 183
    ' PE5 found'
) or explain( $res->[2]->[0], 'PE5 - Forbidden identity' );
184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200
count(2);

# Request an unknown identity
$query =~ s/user=msmith/user=davros/;
ok(
    $res = $client->_post(
        '/checkuser',
        IO::String->new($query),
        cookie => "lemonldap=$id",
        length => length($query),
        accept => 'text/html',
    ),
    'POST checkuser'
);
ok(
    $res->[2]->[0] =~
m%<div class="message message-positive alert"><span trspan="PE5"></span></div>%,
201 202
    ' PE5 found'
) or explain( $res->[2]->[0], 'PE5 - Unknown identity' );
203 204 205
count(2);

# Request an unvalid identity
206
$query =~ s/user=dwho/user=%*'/;
207 208
ok(
    $res = $client->_post(
209 210 211 212 213 214 215 216
        '/checkuser',
        IO::String->new($query),
        cookie => "lemonldap=$id",
        length => length($query),
        accept => 'text/html',
    ),
    'POST checkuser'
);
217 218
ok(
    $res->[2]->[0] =~
219
m%<div class="message message-positive alert"><span trspan="PE5"></span></div>%,
220 221
    ' PE5 found'
) or explain( $res->[2]->[0], 'PE5 - Unvalid identity' );
222 223 224 225 226
count(2);

$client->logout($id);
clean_sessions();

227
done_testing( count() );