Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-user-manager / 75b5a6fc4c0c06f43623fe0e746fd55e667dceb3 / . / test / ldap_config_test.cpp
blob: ab354ff1d792bc5751d67e7f64e52948d4a28586 [file] [log] [blame]
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]1#include "config.h"
Ratan Gupta37fb3fe2019-04-13 12:54:18 +0530[diff] [blame]2#include "phosphor-ldap-config/ldap_config.hpp"
Ratan Guptae1f4db62019-04-11 18:57:42 +0530[diff] [blame]3#include "phosphor-ldap-config/ldap_config_mgr.hpp"
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]4
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]5#include <phosphor-logging/log.hpp>
6#include <phosphor-logging/elog-errors.hpp>
7#include <sdbusplus/bus.hpp>
8#include <xyz/openbmc_project/Common/error.hpp>
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]9#include <xyz/openbmc_project/User/Common/error.hpp>
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]10#include <sdbusplus/bus.hpp>
11#include <gmock/gmock.h>
12#include <gtest/gtest.h>
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]13
14#include <filesystem>
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]15#include <fstream>
16#include <string>
17#include <sys/types.h>
18
19namespace phosphor
20{
21namespace ldap
22{
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]23namespace fs = std::filesystem;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]24namespace ldap_base = sdbusplus::xyz::openbmc_project::User::Ldap::server;
Ratan Guptac5481d12019-04-12 18:31:05 +0530[diff] [blame]25using NotAllowed = sdbusplus::xyz::openbmc_project::Common::Error::NotAllowed;
26using NotAllowedArgument = xyz::openbmc_project::Common::NotAllowed;
27
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]28using Config = phosphor::ldap::Config;
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]29static constexpr const char* dbusPersistFile = "Config";
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]30using PrivilegeMappingExists = sdbusplus::xyz::openbmc_project::User::Common::
31 Error::PrivilegeMappingExists;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]32
33class TestLDAPConfig : public testing::Test
34{
35 public:
36 TestLDAPConfig() : bus(sdbusplus::bus::new_default())
37 {
38 }
39 void SetUp() override
40 {
41 using namespace phosphor::ldap;
42 char tmpldap[] = "/tmp/ldap_test.XXXXXX";
43 dir = fs::path(mkdtemp(tmpldap));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]44 fs::path tlsCacertFilePath{TLS_CACERT_FILE};
45 tlsCacertFile = tlsCacertFilePath.filename().c_str();
46 fs::path tlsCertFilePath{TLS_CERT_FILE};
47 tlsCertFile = tlsCertFilePath.filename().c_str();
48
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]49 fs::path confFilePath{LDAP_CONFIG_FILE};
50 ldapconfFile = confFilePath.filename().c_str();
51 std::fstream fs;
52 fs.open(dir / defaultNslcdFile, std::fstream::out);
53 fs.close();
54 fs.open(dir / nsSwitchFile, std::fstream::out);
55 fs.close();
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]56 fs.open(dir / tlsCacertFile, std::fstream::out);
57 fs.close();
58 fs.open(dir / tlsCertFile, std::fstream::out);
59 fs.close();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]60 }
61
62 void TearDown() override
63 {
64 fs::remove_all(dir);
65 }
66
67 protected:
68 fs::path dir;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]69 std::string tlsCacertFile;
70 std::string tlsCertFile;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]71 std::string ldapconfFile;
72 sdbusplus::bus::bus bus;
73};
74
75class MockConfigMgr : public phosphor::ldap::ConfigMgr
76{
77 public:
78 MockConfigMgr(sdbusplus::bus::bus& bus, const char* path,
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]79 const char* filePath, const char* dbusPersistentFile,
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]80 const char* caCertFile, const char* certFile) :
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]81 phosphor::ldap::ConfigMgr(bus, path, filePath, dbusPersistentFile,
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]82 caCertFile, certFile)
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]83 {
84 }
85 MOCK_METHOD1(restartService, void(const std::string& service));
86 MOCK_METHOD1(stopService, void(const std::string& service));
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]87 std::unique_ptr<Config>& getOpenLdapConfigPtr()
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]88 {
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]89 return openLDAPConfigPtr;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]90 }
91
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]92 std::string configBindPassword()
93 {
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]94 return getADConfigPtr()->lDAPBindPassword;
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]95 }
96
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]97 std::unique_ptr<Config>& getADConfigPtr()
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]98 {
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]99 return ADConfigPtr;
100 }
101 void restore()
102 {
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]103 phosphor::ldap::ConfigMgr::restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]104 return;
105 }
106
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]107 void createDefaultObjects()
108 {
109 phosphor::ldap::ConfigMgr::createDefaultObjects();
110 }
111
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]112 friend class TestLDAPConfig;
113};
114
115TEST_F(TestLDAPConfig, testCreate)
116{
117 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]118 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
119 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]120 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]121
122 if (fs::exists(configFilePath))
123 {
124 fs::remove(configFilePath);
125 }
126 EXPECT_FALSE(fs::exists(configFilePath));
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]127 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]128 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
129 tlsCertfile.c_str());
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]130
Ratan Guptaec117542019-04-25 18:38:29 +0530[diff] [blame]131 EXPECT_CALL(manager, stopService("nslcd.service")).Times(2);
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]132 EXPECT_CALL(manager, restartService("nslcd.service")).Times(2);
Ratan Guptaec117542019-04-25 18:38:29 +0530[diff] [blame]133 EXPECT_CALL(manager, restartService("nscd.service")).Times(2);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]134
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]135 manager.createConfig(
136 "ldap://9.194.251.136/", "cn=Users,dc=com", "cn=Users,dc=corp",
137 "MyLdap12", ldap_base::Create::SearchScope::sub,
138 ldap_base::Create::Type::ActiveDirectory, "uid", "gid");
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]139 manager.getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]140
Ratan Guptaec117542019-04-25 18:38:29 +0530[diff] [blame]141 manager.createConfig("ldap://9.194.251.137/", "cn=Users",
142 "cn=Users,dc=test", "MyLdap123",
143 ldap_base::Create::SearchScope::sub,
144 ldap_base::Create::Type::OpenLdap, "uid", "gid");
145 manager.getOpenLdapConfigPtr()->enabled(false);
146
147 // Below setting of username/groupname attr is to make sure
148 // that in-active config should not call the start/stop service.
149 manager.getOpenLdapConfigPtr()->userNameAttribute("abc");
150 EXPECT_EQ(manager.getOpenLdapConfigPtr()->userNameAttribute(), "abc");
151
152 manager.getOpenLdapConfigPtr()->groupNameAttribute("def");
153 EXPECT_EQ(manager.getOpenLdapConfigPtr()->groupNameAttribute(), "def");
154
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]155 EXPECT_TRUE(fs::exists(configFilePath));
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]156 EXPECT_EQ(manager.getADConfigPtr()->lDAPServerURI(),
157 "ldap://9.194.251.136/");
158 EXPECT_EQ(manager.getADConfigPtr()->lDAPBindDN(), "cn=Users,dc=com");
159 EXPECT_EQ(manager.getADConfigPtr()->lDAPBaseDN(), "cn=Users,dc=corp");
160 EXPECT_EQ(manager.getADConfigPtr()->lDAPSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]161 ldap_base::Config::SearchScope::sub);
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]162 EXPECT_EQ(manager.getADConfigPtr()->lDAPType(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]163 ldap_base::Config::Type::ActiveDirectory);
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]164
165 EXPECT_EQ(manager.getADConfigPtr()->userNameAttribute(), "uid");
166 EXPECT_EQ(manager.getADConfigPtr()->groupNameAttribute(), "gid");
167 EXPECT_EQ(manager.getADConfigPtr()->lDAPBindDNPassword(), "");
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]168 EXPECT_EQ(manager.configBindPassword(), "MyLdap12");
169 // change the password
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]170 manager.getADConfigPtr()->lDAPBindDNPassword("MyLdap14");
171 EXPECT_EQ(manager.getADConfigPtr()->lDAPBindDNPassword(), "");
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]172 EXPECT_EQ(manager.configBindPassword(), "MyLdap14");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]173}
174
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]175TEST_F(TestLDAPConfig, testDefaultObject)
176{
177 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]178 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
179 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]180 auto dbusPersistentFilePath = std::string(dir.c_str());
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]181
182 if (fs::exists(configFilePath))
183 {
184 fs::remove(configFilePath);
185 }
186 EXPECT_FALSE(fs::exists(configFilePath));
187
188 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]189 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
190 tlsCertfile.c_str());
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]191
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]192 manager.createDefaultObjects();
193
194 EXPECT_NE(nullptr, manager.getADConfigPtr());
195 EXPECT_NE(nullptr, manager.getOpenLdapConfigPtr());
196 EXPECT_EQ(manager.getADConfigPtr()->lDAPType(),
197 ldap_base::Config::Type::ActiveDirectory);
198 EXPECT_EQ(manager.getOpenLdapConfigPtr()->lDAPType(),
199 ldap_base::Config::Type::OpenLdap);
200}
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]201
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]202TEST_F(TestLDAPConfig, testRestores)
203{
204 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]205 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
206 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]207 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]208
209 if (fs::exists(configFilePath))
210 {
211 fs::remove(configFilePath);
212 }
213 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]214 MockConfigMgr* managerPtr =
215 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
216 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
217 tlsCertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]218 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
219 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(1);
220 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]221 managerPtr->createConfig(
222 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
223 "MyLdap12", ldap_base::Create::SearchScope::sub,
224 ldap_base::Create::Type::ActiveDirectory, "uid", "gid");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]225 managerPtr->getADConfigPtr()->enabled(false);
226 EXPECT_FALSE(fs::exists(configFilePath));
227 EXPECT_FALSE(managerPtr->getADConfigPtr()->enabled());
228 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]229
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]230 EXPECT_TRUE(fs::exists(configFilePath));
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]231 // Restore from configFilePath
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]232 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]233 // validate restored properties
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]234 EXPECT_TRUE(managerPtr->getADConfigPtr()->enabled());
235 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPServerURI(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]236 "ldap://9.194.251.138/");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]237 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBindDN(), "cn=Users,dc=com");
238 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBaseDN(), "cn=Users,dc=corp");
239 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]240 ldap_base::Config::SearchScope::sub);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]241 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPType(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]242 ldap_base::Config::Type::ActiveDirectory);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]243 EXPECT_EQ(managerPtr->getADConfigPtr()->userNameAttribute(), "uid");
244 EXPECT_EQ(managerPtr->getADConfigPtr()->groupNameAttribute(), "gid");
245 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBindDNPassword(), "");
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]246 EXPECT_EQ(managerPtr->configBindPassword(), "MyLdap12");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]247 delete managerPtr;
248}
249
250TEST_F(TestLDAPConfig, testLDAPServerURI)
251{
252 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]253 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
254 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]255 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]256
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]257 if (fs::exists(configFilePath))
258 {
259 fs::remove(configFilePath);
260 }
261 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]262 MockConfigMgr* managerPtr =
263 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
264 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
265 tlsCertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]266
267 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
268 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
269 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]270
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]271 managerPtr->createConfig(
272 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
273 "MyLdap12", ldap_base::Create::SearchScope::sub,
274 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]275 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]276
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]277 // Change LDAP Server URI
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]278 managerPtr->getADConfigPtr()->lDAPServerURI("ldap://9.194.251.139/");
279 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPServerURI(),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]280 "ldap://9.194.251.139/");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]281
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]282 fs::remove(tlsCacertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]283 // Change LDAP Server URI to make it secure
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]284 EXPECT_THROW(
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]285 managerPtr->getADConfigPtr()->lDAPServerURI("ldaps://9.194.251.139/"),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]286 NoCACertificate);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]287
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]288 // check once again
289 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPServerURI(),
290 "ldap://9.194.251.139/");
291
292 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]293 // Check LDAP Server URI
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]294 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPServerURI(),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]295 "ldap://9.194.251.139/");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]296 delete managerPtr;
297}
298
299TEST_F(TestLDAPConfig, testLDAPBindDN)
300{
301 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]302 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
303 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]304 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]305
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]306 if (fs::exists(configFilePath))
307 {
308 fs::remove(configFilePath);
309 }
310 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]311 MockConfigMgr* managerPtr =
312 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
313 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
314 tlsCertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]315
316 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
317 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
318 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]319
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]320 managerPtr->createConfig(
321 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
322 "MyLdap12", ldap_base::Create::SearchScope::sub,
323 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]324 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]325
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]326 // Change LDAP BindDN
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]327 managerPtr->getADConfigPtr()->lDAPBindDN(
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]328 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]329 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBindDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]330 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
331 // Change LDAP BindDN
332 EXPECT_THROW(
333 {
334 try
335 {
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]336 managerPtr->getADConfigPtr()->lDAPBindDN("");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]337 }
338 catch (const InvalidArgument& e)
339 {
340 throw;
341 }
342 },
343 InvalidArgument);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]344
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]345 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]346 // Check LDAP BindDN after restoring
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]347 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBindDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]348 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
349 delete managerPtr;
350}
351
352TEST_F(TestLDAPConfig, testLDAPBaseDN)
353{
354 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]355 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
356 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]357 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]358
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]359 if (fs::exists(configFilePath))
360 {
361 fs::remove(configFilePath);
362 }
363 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]364 MockConfigMgr* managerPtr =
365 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
366 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
367 tlsCertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]368 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
369 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
370 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]371 managerPtr->createConfig(
372 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
373 "MyLdap12", ldap_base::Create::SearchScope::sub,
374 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]375 managerPtr->getADConfigPtr()->enabled(true);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]376 // Change LDAP BaseDN
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]377 managerPtr->getADConfigPtr()->lDAPBaseDN(
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]378 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]379 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBaseDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]380 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
381 // Change LDAP BaseDN
382 EXPECT_THROW(
383 {
384 try
385 {
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]386 managerPtr->getADConfigPtr()->lDAPBaseDN("");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]387 }
388 catch (const InvalidArgument& e)
389 {
390 throw;
391 }
392 },
393 InvalidArgument);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]394
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]395 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]396 // Check LDAP BaseDN after restoring
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]397 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBaseDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]398 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
399 delete managerPtr;
400}
401
402TEST_F(TestLDAPConfig, testSearchScope)
403{
404 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]405 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
406 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]407 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]408
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]409 if (fs::exists(configFilePath))
410 {
411 fs::remove(configFilePath);
412 }
413 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]414 MockConfigMgr* managerPtr =
415 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
416 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
417 tlsCertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]418 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
419 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
420 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]421 managerPtr->createConfig(
422 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
423 "MyLdap12", ldap_base::Create::SearchScope::sub,
424 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]425 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]426
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]427 // Change LDAP SearchScope
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]428 managerPtr->getADConfigPtr()->lDAPSearchScope(
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]429 ldap_base::Config::SearchScope::one);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]430 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]431 ldap_base::Config::SearchScope::one);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]432
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]433 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]434 // Check LDAP SearchScope after restoring
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]435 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]436 ldap_base::Config::SearchScope::one);
437 delete managerPtr;
438}
439
440TEST_F(TestLDAPConfig, testLDAPType)
441{
442 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]443 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
444 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]445 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]446
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]447 if (fs::exists(configFilePath))
448 {
449 fs::remove(configFilePath);
450 }
451 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]452 MockConfigMgr* managerPtr =
453 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
454 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
455 tlsCertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]456 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
457 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(1);
458 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]459 managerPtr->createConfig(
460 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
461 "MyLdap12", ldap_base::Create::SearchScope::sub,
462 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]463 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]464
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]465 // Change LDAP type
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]466 // will not be changed
467 EXPECT_THROW(managerPtr->getADConfigPtr()->lDAPType(
468 ldap_base::Config::Type::OpenLdap),
469 NotAllowed);
470 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPType(),
471 ldap_base::Config::Type::ActiveDirectory);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]472
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]473 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]474 // Check LDAP type after restoring
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]475 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPType(),
476 ldap_base::Config::Type::ActiveDirectory);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]477 delete managerPtr;
478}
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]479
480TEST_F(TestLDAPConfig, filePermission)
481{
482 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]483 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
484 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]485 auto dbusPersistentFilePath = std::string(dir.c_str());
486
487 if (fs::exists(configFilePath))
488 {
489 fs::remove(configFilePath);
490 }
491 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]492 MockConfigMgr* managerPtr =
493 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
494 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
495 tlsCertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]496 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
497 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(1);
498 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
499 managerPtr->createConfig(
500 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
501 "MyLdap12", ldap_base::Create::SearchScope::sub,
502 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
503 managerPtr->getADConfigPtr()->enabled(true);
504
505 // Permission of the persistent file should be 640
506 // Others should not be allowed to read.
507 auto permission =
508 fs::perms::owner_read | fs::perms::owner_write | fs::perms::group_read;
509 auto persistFilepath = std::string(dir.c_str());
510 persistFilepath += ADDbusObjectPath;
511 persistFilepath += "/config";
512
513 EXPECT_EQ(fs::status(persistFilepath).permissions(), permission);
514 delete managerPtr;
515}
516
Ratan Guptac5481d12019-04-12 18:31:05 +0530[diff] [blame]517TEST_F(TestLDAPConfig, ConditionalEnableConfig)
518{
519 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]520 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
521 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptac5481d12019-04-12 18:31:05 +0530[diff] [blame]522 auto dbusPersistentFilePath = std::string(dir.c_str());
523
524 if (fs::exists(configFilePath))
525 {
526 fs::remove(configFilePath);
527 }
528 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]529 MockConfigMgr* managerPtr =
530 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
531 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
532 tlsCertfile.c_str());
Ratan Guptac5481d12019-04-12 18:31:05 +0530[diff] [blame]533 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(3);
534 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
535 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(2);
536 managerPtr->createConfig(
537 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
538 "MyLdap12", ldap_base::Create::SearchScope::sub,
539 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
540
541 managerPtr->createConfig(
542 "ldap://9.194.251.139/", "cn=Users,dc=com, dc=ldap", "cn=Users,dc=corp",
543 "MyLdap123", ldap_base::Create::SearchScope::sub,
544 ldap_base::Create::Type::OpenLdap, "attr1", "attr2");
545
546 // Enable the AD configuration
547 managerPtr->getADConfigPtr()->enabled(true);
548
549 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), true);
550 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), false);
551
552 // AS AD is already enabled so openldap can't be enabled.
553 EXPECT_THROW(
554 {
555 try
556 {
557 managerPtr->getOpenLdapConfigPtr()->enabled(true);
558 }
559 catch (const NotAllowed& e)
560 {
561 throw;
562 }
563 },
564 NotAllowed);
565 // Check the values
566 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), true);
567 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), false);
568 // Let's disable the AD.
569 managerPtr->getADConfigPtr()->enabled(false);
570 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), false);
571 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), false);
572 // Now enable the openldap
573 managerPtr->getOpenLdapConfigPtr()->enabled(true);
574 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), true);
575 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), false);
576
577 delete managerPtr;
578}
579
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]580TEST_F(TestLDAPConfig, createPrivMapping)
581{
582 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]583 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
584 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]585 auto dbusPersistentFilePath = std::string(dir.c_str());
586
587 if (fs::exists(configFilePath))
588 {
589 fs::remove(configFilePath);
590 }
591 EXPECT_FALSE(fs::exists(configFilePath));
592 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]593 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
594 tlsCertfile.c_str());
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]595 manager.createDefaultObjects();
596 // Create the priv-mapping under the config.
597 manager.getADConfigPtr()->create("admin", "priv-admin");
598 // Check whether the entry has been created.
599 EXPECT_THROW(
600 {
601 try
602 {
603 manager.getADConfigPtr()->checkPrivilegeMapper("admin");
604 }
605 catch (const PrivilegeMappingExists& e)
606 {
607 throw;
608 }
609 },
610 PrivilegeMappingExists);
611}
612
613TEST_F(TestLDAPConfig, deletePrivMapping)
614{
615 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]616 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
617 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]618 auto dbusPersistentFilePath = std::string(dir.c_str());
619
620 if (fs::exists(configFilePath))
621 {
622 fs::remove(configFilePath);
623 }
624 EXPECT_FALSE(fs::exists(configFilePath));
625 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]626 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
627 tlsCertfile.c_str());
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]628 manager.createDefaultObjects();
629 // Create the priv-mapping under the config.
630 manager.getADConfigPtr()->create("admin", "priv-admin");
631 manager.getADConfigPtr()->create("user", "priv-user");
632 // Check whether the entry has been created.
633 EXPECT_THROW(
634 {
635 try
636 {
637 manager.getADConfigPtr()->checkPrivilegeMapper("admin");
638 manager.getADConfigPtr()->checkPrivilegeMapper("user");
639 }
640 catch (const PrivilegeMappingExists& e)
641 {
642 throw;
643 }
644 },
645 PrivilegeMappingExists);
646
647 // This would delete the admin privilege
648 manager.getADConfigPtr()->deletePrivilegeMapper(1);
649 EXPECT_NO_THROW(manager.getADConfigPtr()->checkPrivilegeMapper("admin"));
650 manager.getADConfigPtr()->deletePrivilegeMapper(2);
651 EXPECT_NO_THROW(manager.getADConfigPtr()->checkPrivilegeMapper("user"));
652}
653
654TEST_F(TestLDAPConfig, restorePrivMapping)
655{
656 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]657 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
658 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]659 auto dbusPersistentFilePath = std::string(dir.c_str());
660
661 if (fs::exists(configFilePath))
662 {
663 fs::remove(configFilePath);
664 }
665 EXPECT_FALSE(fs::exists(configFilePath));
666 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]667 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
668 tlsCertfile.c_str());
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]669 manager.createDefaultObjects();
670 // Create the priv-mapping under the config.
671 manager.getADConfigPtr()->create("admin", "priv-admin");
672 manager.getOpenLdapConfigPtr()->create("user", "priv-user");
673 manager.restore();
674 EXPECT_THROW(
675 {
676 try
677 {
678 manager.getADConfigPtr()->checkPrivilegeMapper("admin");
679 }
680 catch (const PrivilegeMappingExists& e)
681 {
682 throw;
683 }
684 },
685 PrivilegeMappingExists);
686
687 EXPECT_THROW(
688 {
689 try
690 {
691 manager.getOpenLdapConfigPtr()->checkPrivilegeMapper("user");
692 }
693 catch (const PrivilegeMappingExists& e)
694 {
695 throw;
696 }
697 },
698 PrivilegeMappingExists);
699}
700
701TEST_F(TestLDAPConfig, testPrivileges)
702{
703 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]704 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tlsCacertFile;
705 auto tlsCertfile = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]706 auto dbusPersistentFilePath = std::string(dir.c_str());
707
708 if (fs::exists(configFilePath))
709 {
710 fs::remove(configFilePath);
711 }
712 EXPECT_FALSE(fs::exists(configFilePath));
713 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]714 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str(),
715 tlsCertfile.c_str());
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]716 manager.createDefaultObjects();
717
718 std::string groupName = "admin";
719 std::string privilege = "priv-admin";
720 size_t entryId = 1;
721 auto dbusPath = std::string(LDAP_CONFIG_ROOT) +
722 "/active_directory/role_map/" + std::to_string(entryId);
723 dbusPersistentFilePath += dbusPath;
724
725 auto entry = std::make_unique<LDAPMapperEntry>(
726 bus, dbusPath.c_str(), dbusPersistentFilePath.c_str(), groupName,
727 privilege, *(manager.getADConfigPtr()));
728
729 EXPECT_NO_THROW(entry->privilege("priv-operator"));
730 EXPECT_NO_THROW(entry->privilege("priv-user"));
731 EXPECT_NO_THROW(entry->privilege("priv-callback"));
732}
733
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]734} // namespace ldap
735} // namespace phosphor