Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-user-manager / e8d664d1689cfec3449ec964262d665f7b4ec873 / . / test / ldap_config_test.cpp
blob: febe687022c101a464c285a58c3faa9ac550e6b9 [file] [log] [blame]
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]1#include "config.h"
Patrick Williams9638afb2021-02-22 17:16:24 -0600[diff] [blame]2
Ratan Gupta37fb3fe2019-04-13 12:54:18 +0530[diff] [blame]3#include "phosphor-ldap-config/ldap_config.hpp"
Ratan Guptae1f4db62019-04-11 18:57:42 +0530[diff] [blame]4#include "phosphor-ldap-config/ldap_config_mgr.hpp"
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]5
Patrick Williams9638afb2021-02-22 17:16:24 -0600[diff] [blame]6#include <sys/types.h>
7
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]8#include <sdbusplus/bus.hpp>
9#include <xyz/openbmc_project/Common/error.hpp>
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]10#include <xyz/openbmc_project/User/Common/error.hpp>
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]11
12#include <filesystem>
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]13#include <fstream>
14#include <string>
Patrick Williams9638afb2021-02-22 17:16:24 -0600[diff] [blame]15
16#include <gmock/gmock.h>
17#include <gtest/gtest.h>
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]18
19namespace phosphor
20{
21namespace ldap
22{
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]23namespace fs = std::filesystem;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]24namespace ldap_base = sdbusplus::xyz::openbmc_project::User::Ldap::server;
Jiaqing Zhaoe8d664d2022-07-05 21:22:54 +0800[diff] [blame^]25using namespace sdbusplus::xyz::openbmc_project::Common::Error;
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]26using PrivilegeMappingExists = sdbusplus::xyz::openbmc_project::User::Common::
27 Error::PrivilegeMappingExists;
Jiaqing Zhaoe8d664d2022-07-05 21:22:54 +0800[diff] [blame^]28using Config = phosphor::ldap::Config;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]29
30class TestLDAPConfig : public testing::Test
31{
32 public:
33 TestLDAPConfig() : bus(sdbusplus::bus::new_default())
Patrick Williams9638afb2021-02-22 17:16:24 -0600[diff] [blame]34 {}
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]35 void SetUp() override
36 {
37 using namespace phosphor::ldap;
38 char tmpldap[] = "/tmp/ldap_test.XXXXXX";
39 dir = fs::path(mkdtemp(tmpldap));
Zbigniew Kurzynski5d00cf22019-10-03 12:10:20 +0200[diff] [blame]40 fs::path tlsCacertFilePath{TLS_CACERT_PATH};
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]41 tlsCACertFile = tlsCacertFilePath.filename().c_str();
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]42 fs::path tlsCertFilePath{TLS_CERT_FILE};
43 tlsCertFile = tlsCertFilePath.filename().c_str();
44
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]45 fs::path confFilePath{LDAP_CONFIG_FILE};
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]46 ldapConfFile = confFilePath.filename().c_str();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]47 std::fstream fs;
48 fs.open(dir / defaultNslcdFile, std::fstream::out);
49 fs.close();
50 fs.open(dir / nsSwitchFile, std::fstream::out);
51 fs.close();
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]52 fs.open(dir / tlsCACertFile, std::fstream::out);
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]53 fs.close();
54 fs.open(dir / tlsCertFile, std::fstream::out);
55 fs.close();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]56 }
57
58 void TearDown() override
59 {
60 fs::remove_all(dir);
61 }
62
63 protected:
64 fs::path dir;
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]65 std::string tlsCACertFile;
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]66 std::string tlsCertFile;
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]67 std::string ldapConfFile;
Patrick Williamsb3ef4e12022-07-22 19:26:55 -0500[diff] [blame]68 sdbusplus::bus_t bus;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]69};
70
71class MockConfigMgr : public phosphor::ldap::ConfigMgr
72{
73 public:
Patrick Williamsb3ef4e12022-07-22 19:26:55 -0500[diff] [blame]74 MockConfigMgr(sdbusplus::bus_t& bus, const char* path, const char* filePath,
75 const char* dbusPersistentFile, const char* caCertFile,
76 const char* certFile) :
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]77 phosphor::ldap::ConfigMgr(bus, path, filePath, dbusPersistentFile,
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]78 caCertFile, certFile)
Patrick Williams9638afb2021-02-22 17:16:24 -0600[diff] [blame]79 {}
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]80 MOCK_METHOD1(restartService, void(const std::string& service));
81 MOCK_METHOD1(stopService, void(const std::string& service));
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]82 std::unique_ptr<Config>& getOpenLdapConfigPtr()
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]83 {
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]84 return openLDAPConfigPtr;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]85 }
86
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]87 std::string configBindPassword()
88 {
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]89 return getADConfigPtr()->ldapBindPassword;
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]90 }
91
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]92 std::unique_ptr<Config>& getADConfigPtr()
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]93 {
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]94 return ADConfigPtr;
95 }
96 void restore()
97 {
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]98 phosphor::ldap::ConfigMgr::restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]99 return;
100 }
101
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]102 void createDefaultObjects()
103 {
104 phosphor::ldap::ConfigMgr::createDefaultObjects();
105 }
106
Ravi Tejad5884042019-06-10 02:35:22 -0500[diff] [blame]107 bool secureLDAP()
108 {
109 return ADConfigPtr->secureLDAP;
110 }
111
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]112 friend class TestLDAPConfig;
113};
114
115TEST_F(TestLDAPConfig, testCreate)
116{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]117 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
118 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
119 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]120 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]121
122 if (fs::exists(configFilePath))
123 {
124 fs::remove(configFilePath);
125 }
126 EXPECT_FALSE(fs::exists(configFilePath));
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]127 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]128 dbusPersistentFilePath.c_str(),
129 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]130
Ratan Guptaec117542019-04-25 18:38:29 +0530[diff] [blame]131 EXPECT_CALL(manager, stopService("nslcd.service")).Times(2);
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]132 EXPECT_CALL(manager, restartService("nslcd.service")).Times(2);
Ratan Guptaec117542019-04-25 18:38:29 +0530[diff] [blame]133 EXPECT_CALL(manager, restartService("nscd.service")).Times(2);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]134
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]135 manager.createConfig(
136 "ldap://9.194.251.136/", "cn=Users,dc=com", "cn=Users,dc=corp",
137 "MyLdap12", ldap_base::Create::SearchScope::sub,
138 ldap_base::Create::Type::ActiveDirectory, "uid", "gid");
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]139 manager.getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]140
Ratan Guptaec117542019-04-25 18:38:29 +0530[diff] [blame]141 manager.createConfig("ldap://9.194.251.137/", "cn=Users",
142 "cn=Users,dc=test", "MyLdap123",
143 ldap_base::Create::SearchScope::sub,
144 ldap_base::Create::Type::OpenLdap, "uid", "gid");
145 manager.getOpenLdapConfigPtr()->enabled(false);
146
147 // Below setting of username/groupname attr is to make sure
148 // that in-active config should not call the start/stop service.
149 manager.getOpenLdapConfigPtr()->userNameAttribute("abc");
150 EXPECT_EQ(manager.getOpenLdapConfigPtr()->userNameAttribute(), "abc");
151
152 manager.getOpenLdapConfigPtr()->groupNameAttribute("def");
153 EXPECT_EQ(manager.getOpenLdapConfigPtr()->groupNameAttribute(), "def");
154
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]155 EXPECT_TRUE(fs::exists(configFilePath));
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]156 EXPECT_EQ(manager.getADConfigPtr()->ldapServerURI(),
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]157 "ldap://9.194.251.136/");
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]158 EXPECT_EQ(manager.getADConfigPtr()->ldapBindDN(), "cn=Users,dc=com");
159 EXPECT_EQ(manager.getADConfigPtr()->ldapBaseDN(), "cn=Users,dc=corp");
160 EXPECT_EQ(manager.getADConfigPtr()->ldapSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]161 ldap_base::Config::SearchScope::sub);
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]162 EXPECT_EQ(manager.getADConfigPtr()->ldapType(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]163 ldap_base::Config::Type::ActiveDirectory);
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]164
165 EXPECT_EQ(manager.getADConfigPtr()->userNameAttribute(), "uid");
166 EXPECT_EQ(manager.getADConfigPtr()->groupNameAttribute(), "gid");
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]167 EXPECT_EQ(manager.getADConfigPtr()->ldapBindDNPassword(), "");
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]168 EXPECT_EQ(manager.configBindPassword(), "MyLdap12");
169 // change the password
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]170 manager.getADConfigPtr()->ldapBindDNPassword("MyLdap14");
171 EXPECT_EQ(manager.getADConfigPtr()->ldapBindDNPassword(), "");
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]172 EXPECT_EQ(manager.configBindPassword(), "MyLdap14");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]173}
174
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]175TEST_F(TestLDAPConfig, testDefaultObject)
176{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]177 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
178 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
179 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]180 auto dbusPersistentFilePath = std::string(dir.c_str());
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]181
182 if (fs::exists(configFilePath))
183 {
184 fs::remove(configFilePath);
185 }
186 EXPECT_FALSE(fs::exists(configFilePath));
187
188 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]189 dbusPersistentFilePath.c_str(),
190 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]191
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]192 manager.createDefaultObjects();
193
194 EXPECT_NE(nullptr, manager.getADConfigPtr());
195 EXPECT_NE(nullptr, manager.getOpenLdapConfigPtr());
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]196 EXPECT_EQ(manager.getADConfigPtr()->ldapType(),
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]197 ldap_base::Config::Type::ActiveDirectory);
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]198 EXPECT_EQ(manager.getOpenLdapConfigPtr()->ldapType(),
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]199 ldap_base::Config::Type::OpenLdap);
200}
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]201
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]202TEST_F(TestLDAPConfig, testRestoresDefault)
203{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]204 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
205 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
206 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]207 auto dbusPersistentFilePath = std::string(dir.c_str());
208
209 if (fs::exists(configFilePath))
210 {
211 fs::remove(configFilePath);
212 }
213 EXPECT_FALSE(fs::exists(configFilePath));
214
215 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]216 dbusPersistentFilePath.c_str(),
217 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]218
219 EXPECT_CALL(manager, stopService("nslcd.service")).Times(1);
220 EXPECT_CALL(manager, restartService("nslcd.service")).Times(0);
221 EXPECT_CALL(manager, restartService("nscd.service")).Times(0);
222
223 manager.restore();
224
225 EXPECT_NE(nullptr, manager.getADConfigPtr());
226 EXPECT_NE(nullptr, manager.getOpenLdapConfigPtr());
227 EXPECT_EQ(manager.getADConfigPtr()->ldapType(),
228 ldap_base::Config::Type::ActiveDirectory);
229 EXPECT_EQ(manager.getOpenLdapConfigPtr()->ldapType(),
230 ldap_base::Config::Type::OpenLdap);
231 EXPECT_FALSE(manager.getADConfigPtr()->enabled());
232 EXPECT_FALSE(manager.getOpenLdapConfigPtr()->enabled());
233}
234
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]235TEST_F(TestLDAPConfig, testRestores)
236{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]237 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
238 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
239 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]240 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]241
242 if (fs::exists(configFilePath))
243 {
244 fs::remove(configFilePath);
245 }
246 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]247 MockConfigMgr* managerPtr =
248 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]249 dbusPersistentFilePath.c_str(),
250 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]251 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]252 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]253 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]254 managerPtr->createConfig(
255 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
256 "MyLdap12", ldap_base::Create::SearchScope::sub,
257 ldap_base::Create::Type::ActiveDirectory, "uid", "gid");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]258 managerPtr->getADConfigPtr()->enabled(false);
259 EXPECT_FALSE(fs::exists(configFilePath));
260 EXPECT_FALSE(managerPtr->getADConfigPtr()->enabled());
261 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]262
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]263 EXPECT_TRUE(fs::exists(configFilePath));
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]264 // Restore from configFilePath
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]265 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]266 // validate restored properties
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]267 EXPECT_TRUE(managerPtr->getADConfigPtr()->enabled());
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]268 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapServerURI(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]269 "ldap://9.194.251.138/");
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]270 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapBindDN(), "cn=Users,dc=com");
271 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapBaseDN(), "cn=Users,dc=corp");
272 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]273 ldap_base::Config::SearchScope::sub);
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]274 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapType(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]275 ldap_base::Config::Type::ActiveDirectory);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]276 EXPECT_EQ(managerPtr->getADConfigPtr()->userNameAttribute(), "uid");
277 EXPECT_EQ(managerPtr->getADConfigPtr()->groupNameAttribute(), "gid");
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]278 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapBindDNPassword(), "");
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]279 EXPECT_EQ(managerPtr->configBindPassword(), "MyLdap12");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]280 delete managerPtr;
281}
282
283TEST_F(TestLDAPConfig, testLDAPServerURI)
284{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]285 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
286 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
287 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]288 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]289
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]290 if (fs::exists(configFilePath))
291 {
292 fs::remove(configFilePath);
293 }
294 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]295 MockConfigMgr* managerPtr =
296 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]297 dbusPersistentFilePath.c_str(),
298 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]299
300 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]301 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(3);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]302 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]303
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]304 managerPtr->createConfig(
305 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
306 "MyLdap12", ldap_base::Create::SearchScope::sub,
307 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]308 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]309
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]310 // Change LDAP Server URI
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]311 managerPtr->getADConfigPtr()->ldapServerURI("ldap://9.194.251.139/");
312 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapServerURI(),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]313 "ldap://9.194.251.139/");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]314
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]315 fs::remove(tlsCACertFilePath.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]316 // Change LDAP Server URI to make it secure
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]317 EXPECT_THROW(
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]318 managerPtr->getADConfigPtr()->ldapServerURI("ldaps://9.194.251.139/"),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]319 NoCACertificate);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]320
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]321 // check once again
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]322 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapServerURI(),
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]323 "ldap://9.194.251.139/");
324
325 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]326 // Check LDAP Server URI
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]327 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapServerURI(),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]328 "ldap://9.194.251.139/");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]329 delete managerPtr;
330}
331
332TEST_F(TestLDAPConfig, testLDAPBindDN)
333{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]334 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
335 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
336 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]337 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]338
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]339 if (fs::exists(configFilePath))
340 {
341 fs::remove(configFilePath);
342 }
343 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]344 MockConfigMgr* managerPtr =
345 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]346 dbusPersistentFilePath.c_str(),
347 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]348
349 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]350 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(3);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]351 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]352
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]353 managerPtr->createConfig(
354 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
355 "MyLdap12", ldap_base::Create::SearchScope::sub,
356 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]357 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]358
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]359 // Change LDAP BindDN
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]360 managerPtr->getADConfigPtr()->ldapBindDN(
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]361 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]362 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapBindDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]363 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
364 // Change LDAP BindDN
365 EXPECT_THROW(
366 {
367 try
368 {
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]369 managerPtr->getADConfigPtr()->ldapBindDN("");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]370 }
371 catch (const InvalidArgument& e)
372 {
373 throw;
374 }
375 },
376 InvalidArgument);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]377
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]378 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]379 // Check LDAP BindDN after restoring
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]380 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapBindDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]381 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
382 delete managerPtr;
383}
384
385TEST_F(TestLDAPConfig, testLDAPBaseDN)
386{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]387 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
388 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
389 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]390 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]391
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]392 if (fs::exists(configFilePath))
393 {
394 fs::remove(configFilePath);
395 }
396 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]397 MockConfigMgr* managerPtr =
398 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]399 dbusPersistentFilePath.c_str(),
400 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]401 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]402 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(3);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]403 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]404 managerPtr->createConfig(
405 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
406 "MyLdap12", ldap_base::Create::SearchScope::sub,
407 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]408 managerPtr->getADConfigPtr()->enabled(true);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]409 // Change LDAP BaseDN
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]410 managerPtr->getADConfigPtr()->ldapBaseDN(
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]411 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]412 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapBaseDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]413 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
414 // Change LDAP BaseDN
415 EXPECT_THROW(
416 {
417 try
418 {
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]419 managerPtr->getADConfigPtr()->ldapBaseDN("");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]420 }
421 catch (const InvalidArgument& e)
422 {
423 throw;
424 }
425 },
426 InvalidArgument);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]427
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]428 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]429 // Check LDAP BaseDN after restoring
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]430 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapBaseDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]431 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
432 delete managerPtr;
433}
434
435TEST_F(TestLDAPConfig, testSearchScope)
436{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]437 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
438 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
439 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]440 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]441
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]442 if (fs::exists(configFilePath))
443 {
444 fs::remove(configFilePath);
445 }
446 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]447 MockConfigMgr* managerPtr =
448 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]449 dbusPersistentFilePath.c_str(),
450 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]451 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]452 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(3);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]453 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]454 managerPtr->createConfig(
455 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
456 "MyLdap12", ldap_base::Create::SearchScope::sub,
457 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]458 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]459
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]460 // Change LDAP SearchScope
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]461 managerPtr->getADConfigPtr()->ldapSearchScope(
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]462 ldap_base::Config::SearchScope::one);
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]463 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]464 ldap_base::Config::SearchScope::one);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]465
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]466 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]467 // Check LDAP SearchScope after restoring
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]468 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]469 ldap_base::Config::SearchScope::one);
470 delete managerPtr;
471}
472
473TEST_F(TestLDAPConfig, testLDAPType)
474{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]475 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
476 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
477 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]478 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]479
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]480 if (fs::exists(configFilePath))
481 {
482 fs::remove(configFilePath);
483 }
484 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]485 MockConfigMgr* managerPtr =
486 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]487 dbusPersistentFilePath.c_str(),
488 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]489 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]490 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]491 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]492 managerPtr->createConfig(
493 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
494 "MyLdap12", ldap_base::Create::SearchScope::sub,
495 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]496 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]497
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]498 // Change LDAP type
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]499 // will not be changed
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]500 EXPECT_THROW(managerPtr->getADConfigPtr()->ldapType(
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]501 ldap_base::Config::Type::OpenLdap),
502 NotAllowed);
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]503 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapType(),
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]504 ldap_base::Config::Type::ActiveDirectory);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]505
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]506 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]507 // Check LDAP type after restoring
Patrick Williamse6500a42021-05-01 05:58:23 -0500[diff] [blame]508 EXPECT_EQ(managerPtr->getADConfigPtr()->ldapType(),
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]509 ldap_base::Config::Type::ActiveDirectory);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]510 delete managerPtr;
511}
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]512
Ravi Tejad5884042019-06-10 02:35:22 -0500[diff] [blame]513TEST_F(TestLDAPConfig, testsecureLDAPRestore)
514{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]515 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
516 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
517 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ravi Tejad5884042019-06-10 02:35:22 -0500[diff] [blame]518 auto dbusPersistentFilePath = std::string(dir.c_str());
519
520 if (fs::exists(configFilePath))
521 {
522 fs::remove(configFilePath);
523 }
524 EXPECT_FALSE(fs::exists(configFilePath));
525 MockConfigMgr* managerPtr =
526 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]527 dbusPersistentFilePath.c_str(),
528 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ravi Tejad5884042019-06-10 02:35:22 -0500[diff] [blame]529 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
Alexander Filippov372c5662021-06-30 20:23:39 +0300[diff] [blame]530 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
Ravi Tejad5884042019-06-10 02:35:22 -0500[diff] [blame]531 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
532 managerPtr->createConfig(
533 "ldaps://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
534 "MyLdap12", ldap_base::Create::SearchScope::sub,
535 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
536 managerPtr->getADConfigPtr()->enabled(true);
537 EXPECT_TRUE(managerPtr->secureLDAP());
538 managerPtr->restore();
539 // Check secureLDAP variable value after restoring
540 EXPECT_TRUE(managerPtr->secureLDAP());
541
542 delete managerPtr;
543}
544
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]545TEST_F(TestLDAPConfig, filePermission)
546{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]547 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
548 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
549 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]550 auto dbusPersistentFilePath = std::string(dir.c_str());
551
552 if (fs::exists(configFilePath))
553 {
554 fs::remove(configFilePath);
555 }
556 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]557 MockConfigMgr* managerPtr =
558 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]559 dbusPersistentFilePath.c_str(),
560 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]561 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
562 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(1);
563 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
564 managerPtr->createConfig(
565 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
566 "MyLdap12", ldap_base::Create::SearchScope::sub,
567 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
568 managerPtr->getADConfigPtr()->enabled(true);
569
570 // Permission of the persistent file should be 640
571 // Others should not be allowed to read.
572 auto permission =
573 fs::perms::owner_read | fs::perms::owner_write | fs::perms::group_read;
574 auto persistFilepath = std::string(dir.c_str());
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]575 persistFilepath += adDbusObjectPath;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]576 persistFilepath += "/config";
577
578 EXPECT_EQ(fs::status(persistFilepath).permissions(), permission);
579 delete managerPtr;
580}
581
Ratan Guptac5481d12019-04-12 18:31:05 +0530[diff] [blame]582TEST_F(TestLDAPConfig, ConditionalEnableConfig)
583{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]584 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
585 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
586 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptac5481d12019-04-12 18:31:05 +0530[diff] [blame]587 auto dbusPersistentFilePath = std::string(dir.c_str());
588
589 if (fs::exists(configFilePath))
590 {
591 fs::remove(configFilePath);
592 }
593 EXPECT_FALSE(fs::exists(configFilePath));
Ratan Gupta22f13f12019-04-29 15:36:40 +0530[diff] [blame]594 MockConfigMgr* managerPtr =
595 new MockConfigMgr(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]596 dbusPersistentFilePath.c_str(),
597 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Guptac5481d12019-04-12 18:31:05 +0530[diff] [blame]598 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(3);
599 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
600 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(2);
601 managerPtr->createConfig(
602 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
603 "MyLdap12", ldap_base::Create::SearchScope::sub,
604 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
605
606 managerPtr->createConfig(
607 "ldap://9.194.251.139/", "cn=Users,dc=com, dc=ldap", "cn=Users,dc=corp",
608 "MyLdap123", ldap_base::Create::SearchScope::sub,
609 ldap_base::Create::Type::OpenLdap, "attr1", "attr2");
610
611 // Enable the AD configuration
612 managerPtr->getADConfigPtr()->enabled(true);
613
614 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), true);
615 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), false);
616
617 // AS AD is already enabled so openldap can't be enabled.
618 EXPECT_THROW(
619 {
620 try
621 {
622 managerPtr->getOpenLdapConfigPtr()->enabled(true);
623 }
624 catch (const NotAllowed& e)
625 {
626 throw;
627 }
628 },
629 NotAllowed);
630 // Check the values
631 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), true);
632 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), false);
633 // Let's disable the AD.
634 managerPtr->getADConfigPtr()->enabled(false);
635 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), false);
636 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), false);
637 // Now enable the openldap
638 managerPtr->getOpenLdapConfigPtr()->enabled(true);
639 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), true);
640 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), false);
641
642 delete managerPtr;
643}
644
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]645TEST_F(TestLDAPConfig, createPrivMapping)
646{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]647 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
648 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
649 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]650 auto dbusPersistentFilePath = std::string(dir.c_str());
651
652 if (fs::exists(configFilePath))
653 {
654 fs::remove(configFilePath);
655 }
656 EXPECT_FALSE(fs::exists(configFilePath));
657 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]658 dbusPersistentFilePath.c_str(),
659 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]660 manager.createDefaultObjects();
661 // Create the priv-mapping under the config.
662 manager.getADConfigPtr()->create("admin", "priv-admin");
663 // Check whether the entry has been created.
664 EXPECT_THROW(
665 {
666 try
667 {
668 manager.getADConfigPtr()->checkPrivilegeMapper("admin");
669 }
670 catch (const PrivilegeMappingExists& e)
671 {
672 throw;
673 }
674 },
675 PrivilegeMappingExists);
676}
677
678TEST_F(TestLDAPConfig, deletePrivMapping)
679{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]680 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
681 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
682 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]683 auto dbusPersistentFilePath = std::string(dir.c_str());
684
685 if (fs::exists(configFilePath))
686 {
687 fs::remove(configFilePath);
688 }
689 EXPECT_FALSE(fs::exists(configFilePath));
690 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]691 dbusPersistentFilePath.c_str(),
692 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]693 manager.createDefaultObjects();
694 // Create the priv-mapping under the config.
695 manager.getADConfigPtr()->create("admin", "priv-admin");
696 manager.getADConfigPtr()->create("user", "priv-user");
697 // Check whether the entry has been created.
698 EXPECT_THROW(
699 {
700 try
701 {
702 manager.getADConfigPtr()->checkPrivilegeMapper("admin");
703 manager.getADConfigPtr()->checkPrivilegeMapper("user");
704 }
705 catch (const PrivilegeMappingExists& e)
706 {
707 throw;
708 }
709 },
710 PrivilegeMappingExists);
711
712 // This would delete the admin privilege
713 manager.getADConfigPtr()->deletePrivilegeMapper(1);
714 EXPECT_NO_THROW(manager.getADConfigPtr()->checkPrivilegeMapper("admin"));
715 manager.getADConfigPtr()->deletePrivilegeMapper(2);
716 EXPECT_NO_THROW(manager.getADConfigPtr()->checkPrivilegeMapper("user"));
717}
718
719TEST_F(TestLDAPConfig, restorePrivMapping)
720{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]721 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
722 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
723 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]724 auto dbusPersistentFilePath = std::string(dir.c_str());
725
726 if (fs::exists(configFilePath))
727 {
728 fs::remove(configFilePath);
729 }
730 EXPECT_FALSE(fs::exists(configFilePath));
731 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]732 dbusPersistentFilePath.c_str(),
733 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]734 manager.createDefaultObjects();
735 // Create the priv-mapping under the config.
736 manager.getADConfigPtr()->create("admin", "priv-admin");
737 manager.getOpenLdapConfigPtr()->create("user", "priv-user");
738 manager.restore();
739 EXPECT_THROW(
740 {
741 try
742 {
743 manager.getADConfigPtr()->checkPrivilegeMapper("admin");
744 }
745 catch (const PrivilegeMappingExists& e)
746 {
747 throw;
748 }
749 },
750 PrivilegeMappingExists);
751
752 EXPECT_THROW(
753 {
754 try
755 {
756 manager.getOpenLdapConfigPtr()->checkPrivilegeMapper("user");
757 }
758 catch (const PrivilegeMappingExists& e)
759 {
760 throw;
761 }
762 },
763 PrivilegeMappingExists);
764}
765
766TEST_F(TestLDAPConfig, testPrivileges)
767{
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]768 auto configFilePath = std::string(dir.c_str()) + "/" + ldapConfFile;
769 auto tlsCACertFilePath = std::string(dir.c_str()) + "/" + tlsCACertFile;
770 auto tlsCertFilePath = std::string(dir.c_str()) + "/" + tlsCertFile;
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]771 auto dbusPersistentFilePath = std::string(dir.c_str());
772
773 if (fs::exists(configFilePath))
774 {
775 fs::remove(configFilePath);
776 }
777 EXPECT_FALSE(fs::exists(configFilePath));
778 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Nan Zhou78d85042022-08-29 17:50:22 +0000[diff] [blame]779 dbusPersistentFilePath.c_str(),
780 tlsCACertFilePath.c_str(), tlsCertFilePath.c_str());
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]781 manager.createDefaultObjects();
782
783 std::string groupName = "admin";
784 std::string privilege = "priv-admin";
785 size_t entryId = 1;
786 auto dbusPath = std::string(LDAP_CONFIG_ROOT) +
787 "/active_directory/role_map/" + std::to_string(entryId);
788 dbusPersistentFilePath += dbusPath;
789
790 auto entry = std::make_unique<LDAPMapperEntry>(
791 bus, dbusPath.c_str(), dbusPersistentFilePath.c_str(), groupName,
792 privilege, *(manager.getADConfigPtr()));
793
794 EXPECT_NO_THROW(entry->privilege("priv-operator"));
795 EXPECT_NO_THROW(entry->privilege("priv-user"));
Ratan Guptafef57892019-04-14 13:43:09 +0530[diff] [blame]796}
797
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]798} // namespace ldap
799} // namespace phosphor