Provide unit tests for LDAP groups

lemonldap-ng-portal/MANIFEST

@@ -569,6 +569,8 @@ t/20-Auth-and-password-DBI.t
 t/20-Auth-DBI-utf8.t
 t/21-Auth-and-password-LDAP.t
 t/21-Auth-LDAP-attributes.t
+t/21-Auth-LDAP-group-with-group-filter.t
+t/21-Auth-LDAP-group-without-group-filter.t
 t/21-Auth-LDAP-Policy-Combination.t
 t/21-Auth-LDAP-Policy-only.t
 t/21-Auth-LDAP-Policy.t

lemonldap-ng-portal/t/21-Auth-LDAP-group-with-group-filter.t

+use warnings;
+use Test::More;
+use strict;
+use IO::String;
+
+require 't/test-lib.pm';
+
+my $res;
+my $maintests = 5;
+
+no warnings 'once';
+
+SKIP: {
+    skip 'LLNGTESTLDAP is not set', $maintests unless ( $ENV{LLNGTESTLDAP} );
+    require 't/test-ldap.pm';
+
+    my $client = LLNG::Manager::Test->new(
+        {
+            ini => {
+                logLevel                 => 'error',
+                useSafeJail              => 1,
+                authentication           => 'LDAP',
+                portal                   => 'http://auth.example.com/',
+                userDB                   => 'Same',
+                passwordDB               => 'LDAP',
+                portalRequireOldPassword => 1,
+                ldapServer               => $main::slapd_url,
+                ldapBase                 => 'ou=users,dc=example,dc=com',
+                ldapGroupBase            => 'ou=groups,dc=example,dc=com',
+                groupLDAPFilter          => '(|(objectClass=extensibleObject)(objectClass=groupOfNames))',
+                ldapGroupAttributeName   => 'member',
+                managerDn                => 'cn=admin,dc=example,dc=com',
+                managerPassword          => 'admin',
+                restSessionServer        => 1,
+            }
+        }
+    );
+
+    # Try to authenticate
+    # -------------------
+
+    ok(
+        $res = $client->_post(
+            '/', IO::String->new('user=dwho&password=dwho'),
+            length => 23
+        ),
+        'Auth query'
+    );
+    expectOK($res);
+    my $id = expectCookie($res);
+
+    ok( $res = $client->_get("/sessions/global/$id"), 'Get UTF-8' );
+    expectOK($res);
+    ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
+      or print STDERR $@;
+    ok( defined $res->{hGroups}->{extgroup}, 'Group extgroup found in session');
+    ok( defined $res->{hGroups}->{mygroup}, 'Group mygroup found in session');
+
+}
+
+count($maintests);
+clean_sessions();
+done_testing( count() );

lemonldap-ng-portal/t/21-Auth-LDAP-group-without-group-filter.t

+use warnings;
+use Test::More;
+use strict;
+use IO::String;
+
+require 't/test-lib.pm';
+
+my $res;
+my $maintests = 5;
+
+no warnings 'once';
+
+SKIP: {
+    skip 'LLNGTESTLDAP is not set', $maintests unless ( $ENV{LLNGTESTLDAP} );
+    require 't/test-ldap.pm';
+
+    my $client = LLNG::Manager::Test->new(
+        {
+            ini => {
+                logLevel                 => 'error',
+                useSafeJail              => 1,
+                authentication           => 'LDAP',
+                portal                   => 'http://auth.example.com/',
+                userDB                   => 'Same',
+                passwordDB               => 'LDAP',
+                portalRequireOldPassword => 1,
+                ldapServer               => $main::slapd_url,
+                ldapBase                 => 'ou=users,dc=example,dc=com',
+                ldapGroupBase            => 'ou=groups,dc=example,dc=com',
+                ldapGroupObjectClass     => 'extensibleObject',
+                ldapGroupAttributeName   => 'member',
+                managerDn                => 'cn=admin,dc=example,dc=com',
+                managerPassword          => 'admin',
+                restSessionServer        => 1,
+            }
+        }
+    );
+
+    # Try to authenticate
+    # -------------------
+
+    ok(
+        $res = $client->_post(
+            '/', IO::String->new('user=dwho&password=dwho'),
+            length => 23
+        ),
+        'Auth query'
+    );
+    expectOK($res);
+    my $id = expectCookie($res);
+
+    ok( $res = $client->_get("/sessions/global/$id"), 'Get UTF-8' );
+    expectOK($res);
+    ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
+      or print STDERR $@;
+    ok( defined $res->{hGroups}->{extgroup}, 'Group extgroup found in session');
+    ok( !defined $res->{hGroups}->{mygroup}, 'Group mygroup not found in session');
+
+}
+
+count($maintests);
+clean_sessions();
+done_testing( count() );

lemonldap-ng-portal/t/testslapd/users.ldif

@@ -172,3 +172,10 @@ objectClass: groupOfNames
 objectClass: top
 cn: mygroup
 member: uid=dwho,ou=users,dc=example,dc=com
+
+dn: cn=extgroup,ou=groups,dc=example,dc=com
+objectClass: extensibleObject
+objectClass: device
+objectClass: top
+cn: extgroup
+member: uid=dwho,ou=users,dc=example,dc=com