From f76fee63ed9cb3a30d3c0c092d860b1cb93a481b Mon Sep 17 00:00:00 2001
From: Gerard Smyth <gerard.smyth@gmail.com>
Date: Thu, 08 May 2014 13:09:30 -0400
Subject: [PATCH] Updated the SyndicationServlet to provide an additional option to return details of the tags in the repository instead of the commits. This uses a new 'ot' request parameter to indicate the object type of the content to return, which can be ither TAG or COMMIT. If this is not provided, then COMMIT is assumed to maintain backwards compatability. If tags are returned, then the paging parameters, 'l' and 'pg' are still supported, but searching options are currently ignored.

---
 src/test/java/com/gitblit/tests/LdapAuthenticationTest.java |  118 ++++++++++++++++++++++++++++++++++++++++++++++++-----------
 1 files changed, 96 insertions(+), 22 deletions(-)

diff --git a/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java b/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java
index ce3615e..21063d5 100644
--- a/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java
+++ b/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java
@@ -30,10 +30,13 @@
 
 import com.gitblit.Constants.AccountType;
 import com.gitblit.IStoredSettings;
+import com.gitblit.Keys;
 import com.gitblit.auth.LdapAuthProvider;
+import com.gitblit.manager.AuthenticationManager;
 import com.gitblit.manager.IUserManager;
 import com.gitblit.manager.RuntimeManager;
 import com.gitblit.manager.UserManager;
+import com.gitblit.models.TeamModel;
 import com.gitblit.models.UserModel;
 import com.gitblit.tests.mock.MemorySettings;
 import com.unboundid.ldap.listener.InMemoryDirectoryServer;
@@ -57,7 +60,7 @@
 	private static final String RESOURCE_DIR = "src/test/resources/ldap/";
 
     private File usersConf;
-    
+
     private LdapAuthProvider ldap;
 
 	static int ldapPort = 1389;
@@ -65,6 +68,8 @@
 	private static InMemoryDirectoryServer ds;
 
 	private IUserManager userManager;
+	
+	private AuthenticationManager auth;
 
 	private MemorySettings settings;
 
@@ -87,33 +92,41 @@
 		FileUtils.copyFile(new File(RESOURCE_DIR + "users.conf"), usersConf);
 		settings = getSettings();
 		ldap = newLdapAuthentication(settings);
+		auth = newAuthenticationManager(settings);
 	}
 
-	public LdapAuthProvider newLdapAuthentication(IStoredSettings settings) {
+	private LdapAuthProvider newLdapAuthentication(IStoredSettings settings) {
 		RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start();
 		userManager = new UserManager(runtime).start();
 		LdapAuthProvider ldap = new LdapAuthProvider();
 		ldap.setup(runtime, userManager);
 		return ldap;
 	}
+	
+	private AuthenticationManager newAuthenticationManager(IStoredSettings settings) {
+		RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start();
+		AuthenticationManager auth = new AuthenticationManager(runtime, userManager);
+		auth.addAuthenticationProvider(newLdapAuthentication(settings));
+		return auth;
+	}
 
 	private MemorySettings getSettings() {
 		Map<String, Object> backingMap = new HashMap<String, Object>();
-		backingMap.put("realm.userService", usersConf.getAbsolutePath());
-		backingMap.put("realm.ldap.server", "ldap://localhost:" + ldapPort);
-		backingMap.put("realm.ldap.domain", "");
-		backingMap.put("realm.ldap.username", "cn=Directory Manager");
-		backingMap.put("realm.ldap.password", "password");
-		backingMap.put("realm.ldap.backingUserService", "users.conf");
-		backingMap.put("realm.ldap.maintainTeams", "true");
-		backingMap.put("realm.ldap.accountBase", "OU=Users,OU=UserControl,OU=MyOrganization,DC=MyDomain");
-		backingMap.put("realm.ldap.accountPattern", "(&(objectClass=person)(sAMAccountName=${username}))");
-		backingMap.put("realm.ldap.groupBase", "OU=Groups,OU=UserControl,OU=MyOrganization,DC=MyDomain");
-		backingMap.put("realm.ldap.groupPattern", "(&(objectClass=group)(member=${dn}))");
-		backingMap.put("realm.ldap.admins", "UserThree @Git_Admins \"@Git Admins\"");
-		backingMap.put("realm.ldap.displayName", "displayName");
-		backingMap.put("realm.ldap.email", "email");
-		backingMap.put("realm.ldap.uid", "sAMAccountName");
+		backingMap.put(Keys.realm.userService, usersConf.getAbsolutePath());
+		backingMap.put(Keys.realm.ldap.server, "ldap://localhost:" + ldapPort);
+//		backingMap.put(Keys.realm.ldap.domain, "");
+		backingMap.put(Keys.realm.ldap.username, "cn=Directory Manager");
+		backingMap.put(Keys.realm.ldap.password, "password");
+//		backingMap.put(Keys.realm.ldap.backingUserService, "users.conf");
+		backingMap.put(Keys.realm.ldap.maintainTeams, "true");
+		backingMap.put(Keys.realm.ldap.accountBase, "OU=Users,OU=UserControl,OU=MyOrganization,DC=MyDomain");
+		backingMap.put(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");
+		backingMap.put(Keys.realm.ldap.groupBase, "OU=Groups,OU=UserControl,OU=MyOrganization,DC=MyDomain");
+		backingMap.put(Keys.realm.ldap.groupMemberPattern, "(&(objectClass=group)(member=${dn}))");
+		backingMap.put(Keys.realm.ldap.admins, "UserThree @Git_Admins \"@Git Admins\"");
+		backingMap.put(Keys.realm.ldap.displayName, "displayName");
+		backingMap.put(Keys.realm.ldap.email, "email");
+		backingMap.put(Keys.realm.ldap.uid, "sAMAccountName");
 
 		MemorySettings ms = new MemorySettings(backingMap);
 		return ms;
@@ -193,19 +206,70 @@
 
 	@Test
 	public void addingUserInLdapShouldNotUpdateGitBlitUsersAndGroups() throws Exception {
-		settings.put("realm.ldap.ldapCachePeriod", "0 MINUTES");
 		ds.addEntries(LDIFReader.readEntries(RESOURCE_DIR + "adduser.ldif"));
-		ldap.synchronizeWithLdapService();
+		ldap.sync();
 		assertEquals("Number of ldap users in gitblit user model", 5, countLdapUsersInUserManager());
 	}
 
 	@Test
 	public void addingUserInLdapShouldUpdateGitBlitUsersAndGroups() throws Exception {
-		settings.put("realm.ldap.synchronizeUsers.enable", "true");
-		settings.put("realm.ldap.ldapCachePeriod", "0 MINUTES");
+		settings.put(Keys.realm.ldap.synchronize, "true");
 		ds.addEntries(LDIFReader.readEntries(RESOURCE_DIR + "adduser.ldif"));
-		ldap.synchronizeWithLdapService();
+		ldap.sync();
 		assertEquals("Number of ldap users in gitblit user model", 6, countLdapUsersInUserManager());
+	}
+
+	@Test
+	public void addingGroupsInLdapShouldNotUpdateGitBlitUsersAndGroups() throws Exception {
+		ds.addEntries(LDIFReader.readEntries(RESOURCE_DIR + "addgroup.ldif"));
+		ldap.sync();
+		assertEquals("Number of ldap groups in gitblit team model", 0, countLdapTeamsInUserManager());
+	}
+
+	@Test
+	public void addingGroupsInLdapShouldUpdateGitBlitUsersAndGroups() throws Exception {
+		settings.put(Keys.realm.ldap.synchronize, "true");
+		ds.addEntries(LDIFReader.readEntries(RESOURCE_DIR + "addgroup.ldif"));
+		ldap.sync();
+		assertEquals("Number of ldap groups in gitblit team model", 1, countLdapTeamsInUserManager());
+	}
+
+	@Test
+	public void testAuthenticationManager() {
+		UserModel userOneModel = auth.authenticate("UserOne", "userOnePassword".toCharArray());
+		assertNotNull(userOneModel);
+		assertNotNull(userOneModel.getTeam("git_admins"));
+		assertNotNull(userOneModel.getTeam("git_users"));
+		assertTrue(userOneModel.canAdmin);
+
+		UserModel userOneModelFailedAuth = auth.authenticate("UserOne", "userTwoPassword".toCharArray());
+		assertNull(userOneModelFailedAuth);
+
+		UserModel userTwoModel = auth.authenticate("UserTwo", "userTwoPassword".toCharArray());
+		assertNotNull(userTwoModel);
+		assertNotNull(userTwoModel.getTeam("git_users"));
+		assertNull(userTwoModel.getTeam("git_admins"));
+		assertNotNull(userTwoModel.getTeam("git admins"));
+		assertTrue(userTwoModel.canAdmin);
+
+		UserModel userThreeModel = auth.authenticate("UserThree", "userThreePassword".toCharArray());
+		assertNotNull(userThreeModel);
+		assertNotNull(userThreeModel.getTeam("git_users"));
+		assertNull(userThreeModel.getTeam("git_admins"));
+		assertTrue(userThreeModel.canAdmin);
+	}
+	
+	@Test
+	public void testBindWithUser() {
+		settings.put(Keys.realm.ldap.bindpattern, "CN=${username},OU=US,OU=Users,OU=UserControl,OU=MyOrganization,DC=MyDomain");
+		settings.put(Keys.realm.ldap.username, "");
+		settings.put(Keys.realm.ldap.password, "");
+
+		UserModel userOneModel = auth.authenticate("UserOne", "userOnePassword".toCharArray());
+		assertNotNull(userOneModel);
+		
+		UserModel userOneModelFailedAuth = auth.authenticate("UserOne", "userTwoPassword".toCharArray());
+		assertNull(userOneModelFailedAuth);
 	}
 
 	private int countLdapUsersInUserManager() {
@@ -218,4 +282,14 @@
 		return ldapAccountCount;
 	}
 
+	private int countLdapTeamsInUserManager() {
+		int ldapAccountCount = 0;
+		for (TeamModel teamModel : userManager.getAllTeams()) {
+			if (AccountType.LDAP.equals(teamModel.accountType)) {
+				ldapAccountCount++;
+			}
+		}
+		return ldapAccountCount;
+	}
+
 }

--
Gitblit v1.9.1