ldap_spec.rb 2.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. require 'lib/auth/backend/backend_examples'
  4. RSpec.describe Auth::Backend::Ldap do
  5. let(:ldap_source) { create(:ldap_source) }
  6. let(:user) { create(:user, source: "Ldap::#{ldap_source.id}") }
  7. let(:password) { 'secure' }
  8. let(:auth) { Auth.new(user.login, password) }
  9. let(:config) do
  10. {
  11. adapter: described_class.name
  12. }
  13. end
  14. let(:instance) { described_class.new(config, auth) }
  15. let(:ldap_integration) { true }
  16. before do
  17. Setting.set('ldap_integration', ldap_integration)
  18. end
  19. describe '#valid?' do
  20. let(:ldap_user) { instance_double(Ldap::User) }
  21. before do
  22. allow(Ldap::User).to receive(:new).with(any_args).and_return(ldap_user)
  23. allow(ldap_user).to receive(:valid?).with(any_args).and_return(true)
  24. end
  25. it_behaves_like 'Auth backend'
  26. it 'authenticates users' do
  27. expect(instance.valid?).to be true
  28. end
  29. context 'when custom login attribute is configured' do
  30. let(:config) do
  31. super().merge(
  32. login_attributes: %w[firstname]
  33. )
  34. end
  35. it 'authenticates' do
  36. allow(ldap_user).to receive(:valid?).with(user.firstname, password).and_return(true)
  37. expect(instance.valid?).to be true
  38. end
  39. end
  40. context 'when Setting ldap_integration is false' do
  41. let(:ldap_integration) { false }
  42. it "doesn't authenticate" do
  43. expect(instance.valid?).to be false
  44. end
  45. end
  46. context 'when LDAP authentication fails' do
  47. it "doesn't authenticate" do
  48. allow(ldap_user).to receive(:valid?).with(any_args).and_return(false)
  49. expect(instance.valid?).to be false
  50. end
  51. end
  52. context 'when User#source does not match Ldap' do
  53. context 'when blank' do
  54. let(:user) { create(:user) }
  55. it "doesn't authenticate" do
  56. expect(instance.valid?).to be false
  57. end
  58. end
  59. context 'when some other value' do
  60. let(:user) { create(:user, source: 'some other value') }
  61. it "doesn't authenticate" do
  62. expect(instance.valid?).to be false
  63. end
  64. end
  65. end
  66. end
  67. end