123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- RSpec.describe Sequencer::Sequence::Import::Ldap::Users, sequencer: :sequence do
- let(:ldap_source) { create(:ldap_source) }
- context 'lost group assignment' do
- context 'config "unassigned_users": "skip_sync"' do
- it 'returns found ids based on ldap search', last_admin_check: false do
- user_entry = build(:ldap_entry)
- user_entry['objectguid'] = ['user1337']
- user_entry['samaccountname'] = ['login123']
- user_entry['first_name'] = ['Hans']
- group_entry = build(:ldap_entry)
- group_entry['member'] = [user_entry.dn]
- ldap_config = {
- id: ldap_source.id,
- user_filter: 'user=filter',
- group_role_map: {
- group_entry.dn => [1, 2]
- },
- user_attributes: {
- 'samaccountname' => 'login',
- 'first_name' => 'firstname',
- },
- user_uid: 'objectguid',
- unassigned_users: 'skip_sync',
- }
- import_job = build_stubbed(:import_job, name: 'Import::Ldap')
- connection = double(
- host: 'example.com',
- port: 1337,
- ssl: true,
- base_dn: 'test'
- )
- # LDAP::Group
- allow(connection).to receive(:search).and_yield(group_entry)
- allow(connection).to receive(:entries?).and_return(true)
- # Sequencer::Unit::Import::Ldap::Users::Total
- allow(connection).to receive(:count).and_return(1)
- # Sequencer::Unit::Import::Ldap::Users::SubSequence
- allow(connection).to receive(:search).and_yield(user_entry)
- result = process(
- dry_run: false,
- resource: ldap_config,
- ldap_connection: connection,
- import_job: import_job,
- )
- expect(result[:found_ids]).to eq([User.last.id])
- imported_user = User.last
- expect(imported_user.active).to be true
- expect(imported_user.source).to eq("Ldap::#{ldap_source.id}")
- connection = double(
- host: 'example.com',
- port: 1337,
- ssl: true,
- base_dn: 'test'
- )
- group_entry['member'] = ['some.other.dn']
- # LDAP::Group
- allow(connection).to receive(:search).and_yield(group_entry)
- allow(connection).to receive(:entries?).and_return(true)
- result = process(
- dry_run: false,
- resource: ldap_config,
- ldap_connection: connection,
- import_job: import_job,
- )
- expect(result[:found_ids]).to eq([])
- end
- end
- context 'config "unassigned_users": nil / "sigup_roles"' do
- it 'assigns signup roles', last_admin_check: false do
- user_entry = build(:ldap_entry)
- user_entry['objectguid'] = ['user1337']
- user_entry['samaccountname'] = ['login123']
- user_entry['first_name'] = ['Hans']
- group_entry = build(:ldap_entry)
- group_entry['member'] = [user_entry.dn]
- agent_admin_role_ids = [1, 2]
- ldap_config = {
- user_filter: 'user=filter',
- group_role_map: {
- group_entry.dn => agent_admin_role_ids
- },
- user_attributes: {
- 'samaccountname' => 'login',
- 'first_name' => 'firstname',
- },
- user_uid: 'objectguid',
- }
- import_job = build_stubbed(:import_job, name: 'Import::Ldap')
- connection = double(
- host: 'example.com',
- port: 1337,
- ssl: true,
- base_dn: 'test'
- )
- # LDAP::Group and Sequencer::Unit::Import::Ldap::Users::SubSequence
- allow(connection).to receive(:search).and_yield(group_entry).and_yield(user_entry)
- allow(connection).to receive(:entries?).and_return(true)
- # Sequencer::Unit::Import::Ldap::Users::Total
- allow(connection).to receive(:count).and_return(1)
- expect do
- process(
- dry_run: false,
- resource: ldap_config,
- ldap_connection: connection,
- import_job: import_job,
- )
- end.to change(User, :count).by(1)
- imported_user = User.last
- expect(imported_user.role_ids).to eq(agent_admin_role_ids)
- connection = double(
- host: 'example.com',
- port: 1337,
- ssl: true,
- base_dn: 'test'
- )
- group_entry['member'] = ['some.other.dn']
- # LDAP::Group
- allow(connection).to receive(:search).and_yield(group_entry)
- allow(connection).to receive(:entries?).and_return(true)
- # Sequencer::Unit::Import::Ldap::Users::Total
- # cached
- # expect(connection).to receive(:count).and_return(1)
- # Sequencer::Unit::Import::Ldap::Users::SubSequence
- allow(connection).to receive(:search).and_yield(user_entry)
- expect do
- process(
- dry_run: false,
- resource: ldap_config,
- ldap_connection: connection,
- import_job: import_job,
- )
- end.not_to change(User, :count)
- imported_user.reload
- expect(imported_user.roles).to eq(Role.signup_roles)
- end
- end
- end
- end
|