Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-user-manager / 7b04c35270e92b362cd9abe5b17315a7d46a74d8 / . / test / ldap_config_test.cpp
blob: b625a51949ae664ecf12391438494fe642179944 [file] [log] [blame]
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]1#include "config.h"
Ratan Gupta37fb3fe2019-04-13 12:54:18 +0530[diff] [blame]2#include "phosphor-ldap-config/ldap_config.hpp"
Ratan Guptae1f4db62019-04-11 18:57:42 +0530[diff] [blame]3#include "phosphor-ldap-config/ldap_config_mgr.hpp"
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]4
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]5#include <phosphor-logging/log.hpp>
6#include <phosphor-logging/elog-errors.hpp>
7#include <sdbusplus/bus.hpp>
8#include <xyz/openbmc_project/Common/error.hpp>
9#include <sdbusplus/bus.hpp>
10#include <gmock/gmock.h>
11#include <gtest/gtest.h>
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]12
13#include <filesystem>
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]14#include <fstream>
15#include <string>
16#include <sys/types.h>
17
18namespace phosphor
19{
20namespace ldap
21{
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]22namespace fs = std::filesystem;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]23namespace ldap_base = sdbusplus::xyz::openbmc_project::User::Ldap::server;
Ratan Guptac5481d12019-04-12 18:31:05 +0530[diff] [blame]24using NotAllowed = sdbusplus::xyz::openbmc_project::Common::Error::NotAllowed;
25using NotAllowedArgument = xyz::openbmc_project::Common::NotAllowed;
26
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]27using Config = phosphor::ldap::Config;
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]28static constexpr const char* dbusPersistFile = "Config";
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]29
30class TestLDAPConfig : public testing::Test
31{
32 public:
33 TestLDAPConfig() : bus(sdbusplus::bus::new_default())
34 {
35 }
36 void SetUp() override
37 {
38 using namespace phosphor::ldap;
39 char tmpldap[] = "/tmp/ldap_test.XXXXXX";
40 dir = fs::path(mkdtemp(tmpldap));
41 fs::path tslCacertFilePath{TLS_CACERT_FILE};
42 tslCacertFile = tslCacertFilePath.filename().c_str();
43 fs::path confFilePath{LDAP_CONFIG_FILE};
44 ldapconfFile = confFilePath.filename().c_str();
45 std::fstream fs;
46 fs.open(dir / defaultNslcdFile, std::fstream::out);
47 fs.close();
48 fs.open(dir / nsSwitchFile, std::fstream::out);
49 fs.close();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]50 }
51
52 void TearDown() override
53 {
54 fs::remove_all(dir);
55 }
56
57 protected:
58 fs::path dir;
59 std::string tslCacertFile;
60 std::string ldapconfFile;
61 sdbusplus::bus::bus bus;
62};
63
64class MockConfigMgr : public phosphor::ldap::ConfigMgr
65{
66 public:
67 MockConfigMgr(sdbusplus::bus::bus& bus, const char* path,
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]68 const char* filePath, const char* dbusPersistentFile,
69 const char* caCertFile) :
70 phosphor::ldap::ConfigMgr(bus, path, filePath, dbusPersistentFile,
71 caCertFile)
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]72 {
73 }
74 MOCK_METHOD1(restartService, void(const std::string& service));
75 MOCK_METHOD1(stopService, void(const std::string& service));
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]76 std::unique_ptr<Config>& getOpenLdapConfigPtr()
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]77 {
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]78 return openLDAPConfigPtr;
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]79 }
80
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]81 std::string configBindPassword()
82 {
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]83 return getADConfigPtr()->lDAPBindPassword;
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]84 }
85
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]86 std::unique_ptr<Config>& getADConfigPtr()
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]87 {
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]88 return ADConfigPtr;
89 }
90 void restore()
91 {
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]92 phosphor::ldap::ConfigMgr::restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]93 return;
94 }
95
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]96 void createDefaultObjects()
97 {
98 phosphor::ldap::ConfigMgr::createDefaultObjects();
99 }
100
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]101 friend class TestLDAPConfig;
102};
103
104TEST_F(TestLDAPConfig, testCreate)
105{
106 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]107 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]108 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]109
110 if (fs::exists(configFilePath))
111 {
112 fs::remove(configFilePath);
113 }
114 EXPECT_FALSE(fs::exists(configFilePath));
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]115 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]116 dbusPersistentFilePath.c_str(),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]117 tlsCacertfile.c_str());
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]118
Ratan Guptaec117542019-04-25 18:38:29 +0530[diff] [blame]119 EXPECT_CALL(manager, stopService("nslcd.service")).Times(2);
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]120 EXPECT_CALL(manager, restartService("nslcd.service")).Times(2);
Ratan Guptaec117542019-04-25 18:38:29 +0530[diff] [blame]121 EXPECT_CALL(manager, restartService("nscd.service")).Times(2);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]122
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]123 manager.createConfig(
124 "ldap://9.194.251.136/", "cn=Users,dc=com", "cn=Users,dc=corp",
125 "MyLdap12", ldap_base::Create::SearchScope::sub,
126 ldap_base::Create::Type::ActiveDirectory, "uid", "gid");
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]127 manager.getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]128
Ratan Guptaec117542019-04-25 18:38:29 +0530[diff] [blame]129 manager.createConfig("ldap://9.194.251.137/", "cn=Users",
130 "cn=Users,dc=test", "MyLdap123",
131 ldap_base::Create::SearchScope::sub,
132 ldap_base::Create::Type::OpenLdap, "uid", "gid");
133 manager.getOpenLdapConfigPtr()->enabled(false);
134
135 // Below setting of username/groupname attr is to make sure
136 // that in-active config should not call the start/stop service.
137 manager.getOpenLdapConfigPtr()->userNameAttribute("abc");
138 EXPECT_EQ(manager.getOpenLdapConfigPtr()->userNameAttribute(), "abc");
139
140 manager.getOpenLdapConfigPtr()->groupNameAttribute("def");
141 EXPECT_EQ(manager.getOpenLdapConfigPtr()->groupNameAttribute(), "def");
142
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]143 EXPECT_TRUE(fs::exists(configFilePath));
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]144 EXPECT_EQ(manager.getADConfigPtr()->lDAPServerURI(),
145 "ldap://9.194.251.136/");
146 EXPECT_EQ(manager.getADConfigPtr()->lDAPBindDN(), "cn=Users,dc=com");
147 EXPECT_EQ(manager.getADConfigPtr()->lDAPBaseDN(), "cn=Users,dc=corp");
148 EXPECT_EQ(manager.getADConfigPtr()->lDAPSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]149 ldap_base::Config::SearchScope::sub);
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]150 EXPECT_EQ(manager.getADConfigPtr()->lDAPType(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]151 ldap_base::Config::Type::ActiveDirectory);
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]152
153 EXPECT_EQ(manager.getADConfigPtr()->userNameAttribute(), "uid");
154 EXPECT_EQ(manager.getADConfigPtr()->groupNameAttribute(), "gid");
155 EXPECT_EQ(manager.getADConfigPtr()->lDAPBindDNPassword(), "");
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]156 EXPECT_EQ(manager.configBindPassword(), "MyLdap12");
157 // change the password
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]158 manager.getADConfigPtr()->lDAPBindDNPassword("MyLdap14");
159 EXPECT_EQ(manager.getADConfigPtr()->lDAPBindDNPassword(), "");
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]160 EXPECT_EQ(manager.configBindPassword(), "MyLdap14");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]161}
162
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]163TEST_F(TestLDAPConfig, testDefaultObject)
164{
165 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
166 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]167 auto dbusPersistentFilePath = std::string(dir.c_str());
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]168
169 if (fs::exists(configFilePath))
170 {
171 fs::remove(configFilePath);
172 }
173 EXPECT_FALSE(fs::exists(configFilePath));
174
175 MockConfigMgr manager(bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
176 dbusPersistentFilePath.c_str(),
177 tlsCacertfile.c_str());
178
Ratan Gupta27d4c012019-04-12 13:03:35 +0530[diff] [blame]179 manager.createDefaultObjects();
180
181 EXPECT_NE(nullptr, manager.getADConfigPtr());
182 EXPECT_NE(nullptr, manager.getOpenLdapConfigPtr());
183 EXPECT_EQ(manager.getADConfigPtr()->lDAPType(),
184 ldap_base::Config::Type::ActiveDirectory);
185 EXPECT_EQ(manager.getOpenLdapConfigPtr()->lDAPType(),
186 ldap_base::Config::Type::OpenLdap);
187}
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]188
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]189TEST_F(TestLDAPConfig, testRestores)
190{
191 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]192 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]193 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]194
195 if (fs::exists(configFilePath))
196 {
197 fs::remove(configFilePath);
198 }
199 EXPECT_FALSE(fs::exists(configFilePath));
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]200 MockConfigMgr* managerPtr = new MockConfigMgr(
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]201 bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
202 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]203 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
204 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(1);
205 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]206 managerPtr->createConfig(
207 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
208 "MyLdap12", ldap_base::Create::SearchScope::sub,
209 ldap_base::Create::Type::ActiveDirectory, "uid", "gid");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]210 managerPtr->getADConfigPtr()->enabled(false);
211 EXPECT_FALSE(fs::exists(configFilePath));
212 EXPECT_FALSE(managerPtr->getADConfigPtr()->enabled());
213 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]214
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]215 EXPECT_TRUE(fs::exists(configFilePath));
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]216 // Restore from configFilePath
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]217 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]218 // validate restored properties
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]219 EXPECT_TRUE(managerPtr->getADConfigPtr()->enabled());
220 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPServerURI(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]221 "ldap://9.194.251.138/");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]222 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBindDN(), "cn=Users,dc=com");
223 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBaseDN(), "cn=Users,dc=corp");
224 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]225 ldap_base::Config::SearchScope::sub);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]226 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPType(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]227 ldap_base::Config::Type::ActiveDirectory);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]228 EXPECT_EQ(managerPtr->getADConfigPtr()->userNameAttribute(), "uid");
229 EXPECT_EQ(managerPtr->getADConfigPtr()->groupNameAttribute(), "gid");
230 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBindDNPassword(), "");
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame]231 EXPECT_EQ(managerPtr->configBindPassword(), "MyLdap12");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]232 delete managerPtr;
233}
234
235TEST_F(TestLDAPConfig, testLDAPServerURI)
236{
237 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]238 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]239 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]240
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]241 if (fs::exists(configFilePath))
242 {
243 fs::remove(configFilePath);
244 }
245 EXPECT_FALSE(fs::exists(configFilePath));
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]246 MockConfigMgr* managerPtr = new MockConfigMgr(
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]247 bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
248 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]249
250 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
251 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
252 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]253
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]254 managerPtr->createConfig(
255 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
256 "MyLdap12", ldap_base::Create::SearchScope::sub,
257 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]258 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]259
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]260 // Change LDAP Server URI
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]261 managerPtr->getADConfigPtr()->lDAPServerURI("ldap://9.194.251.139/");
262 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPServerURI(),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]263 "ldap://9.194.251.139/");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]264
265 // Change LDAP Server URI to make it secure
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]266 EXPECT_THROW(
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]267 managerPtr->getADConfigPtr()->lDAPServerURI("ldaps://9.194.251.139/"),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]268 NoCACertificate);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]269
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]270 // check once again
271 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPServerURI(),
272 "ldap://9.194.251.139/");
273
274 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]275 // Check LDAP Server URI
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]276 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPServerURI(),
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]277 "ldap://9.194.251.139/");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]278 delete managerPtr;
279}
280
281TEST_F(TestLDAPConfig, testLDAPBindDN)
282{
283 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]284 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]285 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]286
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]287 if (fs::exists(configFilePath))
288 {
289 fs::remove(configFilePath);
290 }
291 EXPECT_FALSE(fs::exists(configFilePath));
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]292 MockConfigMgr* managerPtr = new MockConfigMgr(
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]293 bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
294 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]295
296 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
297 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
298 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]299
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]300 managerPtr->createConfig(
301 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
302 "MyLdap12", ldap_base::Create::SearchScope::sub,
303 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]304 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]305
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]306 // Change LDAP BindDN
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]307 managerPtr->getADConfigPtr()->lDAPBindDN(
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]308 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]309 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBindDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]310 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
311 // Change LDAP BindDN
312 EXPECT_THROW(
313 {
314 try
315 {
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]316 managerPtr->getADConfigPtr()->lDAPBindDN("");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]317 }
318 catch (const InvalidArgument& e)
319 {
320 throw;
321 }
322 },
323 InvalidArgument);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]324
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]325 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]326 // Check LDAP BindDN after restoring
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]327 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBindDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]328 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
329 delete managerPtr;
330}
331
332TEST_F(TestLDAPConfig, testLDAPBaseDN)
333{
334 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]335 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]336 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]337
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]338 if (fs::exists(configFilePath))
339 {
340 fs::remove(configFilePath);
341 }
342 EXPECT_FALSE(fs::exists(configFilePath));
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]343 MockConfigMgr* managerPtr = new MockConfigMgr(
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]344 bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
345 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]346 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
347 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
348 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]349 managerPtr->createConfig(
350 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
351 "MyLdap12", ldap_base::Create::SearchScope::sub,
352 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]353 managerPtr->getADConfigPtr()->enabled(true);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]354 // Change LDAP BaseDN
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]355 managerPtr->getADConfigPtr()->lDAPBaseDN(
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]356 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]357 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBaseDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]358 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
359 // Change LDAP BaseDN
360 EXPECT_THROW(
361 {
362 try
363 {
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]364 managerPtr->getADConfigPtr()->lDAPBaseDN("");
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]365 }
366 catch (const InvalidArgument& e)
367 {
368 throw;
369 }
370 },
371 InvalidArgument);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]372
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]373 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]374 // Check LDAP BaseDN after restoring
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]375 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPBaseDN(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]376 "cn=Administrator,cn=Users,dc=corp,dc=ibm,dc=com");
377 delete managerPtr;
378}
379
380TEST_F(TestLDAPConfig, testSearchScope)
381{
382 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]383 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]384 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]385
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]386 if (fs::exists(configFilePath))
387 {
388 fs::remove(configFilePath);
389 }
390 EXPECT_FALSE(fs::exists(configFilePath));
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]391 MockConfigMgr* managerPtr = new MockConfigMgr(
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]392 bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
393 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]394 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
395 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
396 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]397 managerPtr->createConfig(
398 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
399 "MyLdap12", ldap_base::Create::SearchScope::sub,
400 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]401 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]402
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]403 // Change LDAP SearchScope
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]404 managerPtr->getADConfigPtr()->lDAPSearchScope(
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]405 ldap_base::Config::SearchScope::one);
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]406 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]407 ldap_base::Config::SearchScope::one);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]408
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]409 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]410 // Check LDAP SearchScope after restoring
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]411 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPSearchScope(),
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]412 ldap_base::Config::SearchScope::one);
413 delete managerPtr;
414}
415
416TEST_F(TestLDAPConfig, testLDAPType)
417{
418 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]419 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]420 auto dbusPersistentFilePath = std::string(dir.c_str());
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]421
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]422 if (fs::exists(configFilePath))
423 {
424 fs::remove(configFilePath);
425 }
426 EXPECT_FALSE(fs::exists(configFilePath));
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]427 MockConfigMgr* managerPtr = new MockConfigMgr(
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]428 bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
429 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str());
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]430 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
431 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(1);
432 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]433 managerPtr->createConfig(
434 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
435 "MyLdap12", ldap_base::Create::SearchScope::sub,
436 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]437 managerPtr->getADConfigPtr()->enabled(true);
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]438
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]439 // Change LDAP type
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]440 // will not be changed
441 EXPECT_THROW(managerPtr->getADConfigPtr()->lDAPType(
442 ldap_base::Config::Type::OpenLdap),
443 NotAllowed);
444 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPType(),
445 ldap_base::Config::Type::ActiveDirectory);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]446
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]447 managerPtr->restore();
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]448 // Check LDAP type after restoring
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]449 EXPECT_EQ(managerPtr->getADConfigPtr()->lDAPType(),
450 ldap_base::Config::Type::ActiveDirectory);
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]451 delete managerPtr;
452}
Ratan Gupta21e88cb2019-04-12 17:15:52 +0530[diff] [blame]453
454TEST_F(TestLDAPConfig, filePermission)
455{
456 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
457 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
458 auto dbusPersistentFilePath = std::string(dir.c_str());
459
460 if (fs::exists(configFilePath))
461 {
462 fs::remove(configFilePath);
463 }
464 EXPECT_FALSE(fs::exists(configFilePath));
465 MockConfigMgr* managerPtr = new MockConfigMgr(
466 bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
467 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str());
468 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(1);
469 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(1);
470 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(1);
471 managerPtr->createConfig(
472 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
473 "MyLdap12", ldap_base::Create::SearchScope::sub,
474 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
475 managerPtr->getADConfigPtr()->enabled(true);
476
477 // Permission of the persistent file should be 640
478 // Others should not be allowed to read.
479 auto permission =
480 fs::perms::owner_read | fs::perms::owner_write | fs::perms::group_read;
481 auto persistFilepath = std::string(dir.c_str());
482 persistFilepath += ADDbusObjectPath;
483 persistFilepath += "/config";
484
485 EXPECT_EQ(fs::status(persistFilepath).permissions(), permission);
486 delete managerPtr;
487}
488
Ratan Guptac5481d12019-04-12 18:31:05 +0530[diff] [blame]489TEST_F(TestLDAPConfig, ConditionalEnableConfig)
490{
491 auto configFilePath = std::string(dir.c_str()) + "/" + ldapconfFile;
492 auto tlsCacertfile = std::string(dir.c_str()) + "/" + tslCacertFile;
493 auto dbusPersistentFilePath = std::string(dir.c_str());
494
495 if (fs::exists(configFilePath))
496 {
497 fs::remove(configFilePath);
498 }
499 EXPECT_FALSE(fs::exists(configFilePath));
500 MockConfigMgr* managerPtr = new MockConfigMgr(
501 bus, LDAP_CONFIG_ROOT, configFilePath.c_str(),
502 dbusPersistentFilePath.c_str(), tlsCacertfile.c_str());
503 EXPECT_CALL(*managerPtr, stopService("nslcd.service")).Times(3);
504 EXPECT_CALL(*managerPtr, restartService("nslcd.service")).Times(2);
505 EXPECT_CALL(*managerPtr, restartService("nscd.service")).Times(2);
506 managerPtr->createConfig(
507 "ldap://9.194.251.138/", "cn=Users,dc=com", "cn=Users,dc=corp",
508 "MyLdap12", ldap_base::Create::SearchScope::sub,
509 ldap_base::Create::Type::ActiveDirectory, "attr1", "attr2");
510
511 managerPtr->createConfig(
512 "ldap://9.194.251.139/", "cn=Users,dc=com, dc=ldap", "cn=Users,dc=corp",
513 "MyLdap123", ldap_base::Create::SearchScope::sub,
514 ldap_base::Create::Type::OpenLdap, "attr1", "attr2");
515
516 // Enable the AD configuration
517 managerPtr->getADConfigPtr()->enabled(true);
518
519 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), true);
520 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), false);
521
522 // AS AD is already enabled so openldap can't be enabled.
523 EXPECT_THROW(
524 {
525 try
526 {
527 managerPtr->getOpenLdapConfigPtr()->enabled(true);
528 }
529 catch (const NotAllowed& e)
530 {
531 throw;
532 }
533 },
534 NotAllowed);
535 // Check the values
536 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), true);
537 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), false);
538 // Let's disable the AD.
539 managerPtr->getADConfigPtr()->enabled(false);
540 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), false);
541 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), false);
542 // Now enable the openldap
543 managerPtr->getOpenLdapConfigPtr()->enabled(true);
544 EXPECT_EQ(managerPtr->getOpenLdapConfigPtr()->enabled(), true);
545 EXPECT_EQ(managerPtr->getADConfigPtr()->enabled(), false);
546
547 delete managerPtr;
548}
549
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]550} // namespace ldap
551} // namespace phosphor