Commit 772b82cd authored by Christophe Maudoux's avatar Christophe Maudoux 🐛

Improve unit test (#1664)

parent d39078f2
...@@ -29,7 +29,7 @@ my $client = LLNG::Manager::Test->new( { ...@@ -29,7 +29,7 @@ my $client = LLNG::Manager::Test->new( {
ok( ok(
$res = $client->_post( $res = $client->_post(
'/', '/',
IO::String->new('user=msmith&password=msmith'), IO::String->new('user=rtyler&password=rtyler'),
length => 27, length => 27,
accept => 'text/html', accept => 'text/html',
), ),
......
...@@ -113,6 +113,67 @@ count(2); ...@@ -113,6 +113,67 @@ count(2);
$id = expectCookie($res); $id = expectCookie($res);
$client->logout($id); $client->logout($id);
## An unauthorized user to impersonate tries to authenticate
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
count(1);
( $host, $url, $query ) =
expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
$query =~ s/user=/user=msmith/;
$query =~ s/password=/password=msmith/;
ok(
$res = $client->_post(
'/',
IO::String->new($query),
length => length($query),
accept => 'text/html',
),
'Auth query'
);
count(1);
$id = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );
# CheckUser form
# ------------------------
ok(
$res = $client->_get(
'/checkuser',
cookie => "lemonldap=$id",
accept => 'text/html'
),
'CheckUser form',
);
count(1);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkuser', 'user', 'url' );
ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
or explain( $res->[2]->[0], 'trspan="checkUser"' );
count(1);
ok(
$res = $client->_post(
'/checkuser',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
accept => 'text/html',
),
'POST checkuser'
);
count(1);
ok( $res->[2]->[0] =~ m%<td class="align-middle">test_impersonation</td>%,
'Found macro test_impersonation' )
or explain( $res->[2]->[0], 'test_impersonation' );
ok( $res->[2]->[0] =~ m%<td class="align-middle">msmith/msmith</td>%,
'Found msmith/msmith' )
or explain( $res->[2]->[0], 'Found msmith/msmith' );
count(2);
$client->logout($id);
## Try to authenticate ## Try to authenticate
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', ); ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
count(1); count(1);
......
...@@ -35,7 +35,7 @@ ...@@ -35,7 +35,7 @@
"key": "qwertyui", "key": "qwertyui",
"locationRules": { "locationRules": {
"auth.example.com" : { "auth.example.com" : {
"(?#checkUser)^/checkuser" : "$uid eq \"dwho\" or $uid eq \"rtyler\"", "(?#checkUser)^/checkuser" : "$uid eq \"dwho\" or $uid eq \"msmith\"",
"(?#errors)^/lmerror/": "accept", "(?#errors)^/lmerror/": "accept",
"default" : "accept" "default" : "accept"
}, },
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment