2019-10-12 21:52:04 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2016-09-29 09:46:39 +05:30
|
|
|
module LdapHelpers
|
|
|
|
|
def ldap_adapter(provider = 'ldapmain', ldap = double(:ldap))
|
2020-04-08 14:13:33 +05:30
|
|
|
::Gitlab::Auth::Ldap::Adapter.new(provider, ldap)
|
2016-09-29 09:46:39 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def user_dn(uid)
|
|
|
|
|
"uid=#{uid},ou=users,dc=example,dc=com"
|
|
|
|
|
end
|
|
|
|
|
|
2020-04-08 14:13:33 +05:30
|
|
|
# Accepts a hash of Gitlab::Auth::Ldap::Config keys and values.
|
2016-09-29 09:46:39 +05:30
|
|
|
#
|
|
|
|
|
# Example:
|
|
|
|
|
# stub_ldap_config(
|
|
|
|
|
# group_base: 'ou=groups,dc=example,dc=com',
|
|
|
|
|
# admin_group: 'my-admin-group'
|
|
|
|
|
# )
|
|
|
|
|
def stub_ldap_config(messages)
|
2020-04-08 14:13:33 +05:30
|
|
|
allow_any_instance_of(::Gitlab::Auth::Ldap::Config).to receive_messages(messages)
|
2016-09-29 09:46:39 +05:30
|
|
|
end
|
|
|
|
|
|
2018-10-15 14:42:47 +05:30
|
|
|
def stub_ldap_setting(messages)
|
|
|
|
|
allow(Gitlab.config.ldap).to receive_messages(to_settings(messages))
|
|
|
|
|
end
|
|
|
|
|
|
2016-09-29 09:46:39 +05:30
|
|
|
# Stub an LDAP person search and provide the return entry. Specify `nil` for
|
|
|
|
|
# `entry` to simulate when an LDAP person is not found
|
|
|
|
|
#
|
|
|
|
|
# Example:
|
2020-04-08 14:13:33 +05:30
|
|
|
# adapter = ::Gitlab::Auth::Ldap::Adapter.new('ldapmain', double(:ldap))
|
2016-09-29 09:46:39 +05:30
|
|
|
# ldap_user_entry = ldap_user_entry('john_doe')
|
|
|
|
|
#
|
|
|
|
|
# stub_ldap_person_find_by_uid('john_doe', ldap_user_entry, adapter)
|
|
|
|
|
def stub_ldap_person_find_by_uid(uid, entry, provider = 'ldapmain')
|
2020-04-08 14:13:33 +05:30
|
|
|
return_value = ::Gitlab::Auth::Ldap::Person.new(entry, provider) if entry.present?
|
2016-09-29 09:46:39 +05:30
|
|
|
|
2020-04-08 14:13:33 +05:30
|
|
|
allow(::Gitlab::Auth::Ldap::Person)
|
2016-09-29 09:46:39 +05:30
|
|
|
.to receive(:find_by_uid).with(uid, any_args).and_return(return_value)
|
|
|
|
|
end
|
|
|
|
|
|
2018-11-20 20:47:30 +05:30
|
|
|
def stub_ldap_person_find_by_dn(entry, provider = 'ldapmain')
|
2020-04-08 14:13:33 +05:30
|
|
|
person = ::Gitlab::Auth::Ldap::Person.new(entry, provider) if entry.present?
|
2018-11-20 20:47:30 +05:30
|
|
|
|
2020-04-08 14:13:33 +05:30
|
|
|
allow(::Gitlab::Auth::Ldap::Person)
|
2018-11-20 20:47:30 +05:30
|
|
|
.to receive(:find_by_dn)
|
|
|
|
|
.and_return(person)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def stub_ldap_person_find_by_email(email, entry, provider = 'ldapmain')
|
2020-04-08 14:13:33 +05:30
|
|
|
person = ::Gitlab::Auth::Ldap::Person.new(entry, provider) if entry.present?
|
2018-11-20 20:47:30 +05:30
|
|
|
|
2020-04-08 14:13:33 +05:30
|
|
|
allow(::Gitlab::Auth::Ldap::Person)
|
2018-11-20 20:47:30 +05:30
|
|
|
.to receive(:find_by_email)
|
|
|
|
|
.with(email, anything)
|
|
|
|
|
.and_return(person)
|
|
|
|
|
end
|
|
|
|
|
|
2016-09-29 09:46:39 +05:30
|
|
|
# Create a simple LDAP user entry.
|
|
|
|
|
def ldap_user_entry(uid)
|
|
|
|
|
entry = Net::LDAP::Entry.new
|
|
|
|
|
entry['dn'] = user_dn(uid)
|
|
|
|
|
entry['uid'] = uid
|
|
|
|
|
|
|
|
|
|
entry
|
|
|
|
|
end
|
2018-05-09 12:01:36 +05:30
|
|
|
|
|
|
|
|
def raise_ldap_connection_error
|
2020-04-08 14:13:33 +05:30
|
|
|
allow_any_instance_of(Gitlab::Auth::Ldap::Adapter)
|
|
|
|
|
.to receive(:ldap_search).and_raise(Gitlab::Auth::Ldap::LdapConnectionError)
|
2018-05-09 12:01:36 +05:30
|
|
|
end
|
2022-11-25 23:54:43 +05:30
|
|
|
|
|
|
|
|
def stub_ldap_access(user, provider, provider_label)
|
|
|
|
|
ldap_server_config =
|
|
|
|
|
{
|
|
|
|
|
'label' => provider_label,
|
|
|
|
|
'provider_name' => provider,
|
|
|
|
|
'attributes' => {},
|
|
|
|
|
'encryption' => 'plain',
|
|
|
|
|
'uid' => 'uid',
|
|
|
|
|
'base' => 'dc=example,dc=com'
|
|
|
|
|
}
|
|
|
|
|
uid = 'my-uid'
|
|
|
|
|
allow(::Gitlab::Auth::Ldap::Config).to receive_messages(enabled: true, servers: [ldap_server_config])
|
|
|
|
|
allow(Gitlab::Auth::OAuth::Provider).to receive_messages(providers: [provider.to_sym])
|
|
|
|
|
|
|
|
|
|
Ldap::OmniauthCallbacksController.define_providers!
|
|
|
|
|
Rails.application.reload_routes!
|
|
|
|
|
|
|
|
|
|
mock_auth_hash(provider, uid, user.email)
|
|
|
|
|
allow(Gitlab::Auth::Ldap::Access).to receive(:allowed?).with(user).and_return(true)
|
|
|
|
|
|
|
|
|
|
allow_next_instance_of(ActionDispatch::Routing::RoutesProxy) do |instance|
|
|
|
|
|
allow(instance).to receive(:"user_#{provider}_omniauth_callback_path")
|
|
|
|
|
.and_return("/users/auth/#{provider}/callback")
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-09-29 09:46:39 +05:30
|
|
|
end
|
2019-12-04 20:38:33 +05:30
|
|
|
|
2021-06-08 01:23:25 +05:30
|
|
|
LdapHelpers.include_mod_with('LdapHelpers')
|
