review.fuel-infra Code Review - packages/trusty/rabbitmq-server.git/blob

   1 %% The contents of this file are subject to the Mozilla Public License
   2 %% Version 1.1 (the "License"); you may not use this file except in
   3 %% compliance with the License. You may obtain a copy of the License
   4 %% at http://www.mozilla.org/MPL/
   5 %%
   6 %% Software distributed under the License is distributed on an "AS IS"
   7 %% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
   8 %% the License for the specific language governing rights and
   9 %% limitations under the License.
  10 %%
  11 %% The Original Code is RabbitMQ
  12 %%
  13 %% The Initial Developer of the Original Code is GoPivotal, Inc.
  14 %% Copyright (c) 2007-2014 GoPivotal, Inc.  All rights reserved.
  15 %%
  16
  17 -module(rabbit_auth_backend_ldap_test).
  18
  19 -include_lib("eunit/include/eunit.hrl").
  20 -include_lib("amqp_client/include/amqp_client.hrl").
  21
  22 -define(SIMON, #amqp_params_network{username     = <<"Simon MacMullen">>,
  23                                     password     = <<"password">>,
  24                                     virtual_host = <<"test">>}).
  25
  26 -define(MIKEB, #amqp_params_network{username     = <<"Mike Bridgen">>,
  27                                     password     = <<"password">>,
  28                                     virtual_host = <<"test">>}).
  29
  30 %%--------------------------------------------------------------------
  31
  32 login_test_() ->
  33     [test_login(Env, L, case {LGood, EnvGood} of
  34                             {good, good} -> fun succ/1;
  35                             _            -> fun fail/1
  36                         end) || {LGood, L}     <- logins(),
  37                                 {EnvGood, Env} <- login_envs()].
  38
  39 logins() ->
  40     [{bad, #amqp_params_network{}},
  41      {bad, #amqp_params_network{username = <<"Simon MacMullen">>}},
  42      {bad, #amqp_params_network{username = <<"Simon MacMullen">>,
  43                                 password = <<"password">>}},
  44      {good, ?SIMON},
  45      {good, ?MIKEB}].
  46
  47 login_envs() ->
  48     [{good, base_login_env()},
  49      {good, dn_lookup_pre_bind_env()},
  50      {good, other_bind_admin_env()},
  51      {good, other_bind_anon_env()},
  52      {bad, other_bind_broken_env()}].
  53
  54 base_login_env() ->
  55     [{user_dn_pattern,    "cn=${username},ou=People,dc=example,dc=com"},
  56      {dn_lookup_attribute, none},
  57      {dn_lookup_base,      none},
  58      {dn_lookup_bind,      as_user},
  59      {other_bind,          as_user}].
  60
  61 %% TODO configure OpenLDAP to allow a dn_lookup_post_bind_env()
  62 dn_lookup_pre_bind_env() ->
  63     [{user_dn_pattern,    "${username}"},
  64      {dn_lookup_attribute, "cn"},
  65      {dn_lookup_base,      "OU=People,DC=example,DC=com"},
  66      {dn_lookup_bind,      {"cn=admin,dc=example,dc=com", "admin"}}].
  67
  68 other_bind_admin_env() ->
  69     [{other_bind, {"cn=admin,dc=example,dc=com", "admin"}}].
  70
  71 other_bind_anon_env() ->
  72     [{other_bind, anon}].
  73
  74 other_bind_broken_env() ->
  75     [{other_bind, {"cn=admin,dc=example,dc=com", "admi"}}].
  76
  77 test_login(Env, Login, ResultFun) ->
  78     ?_test(try
  79                set_env(Env),
  80                ResultFun(Login)
  81            after
  82                set_env(base_login_env())
  83            end).
  84
  85 set_env(Env) ->
  86     [application:set_env(rabbitmq_auth_backend_ldap, K, V) || {K, V} <- Env].
  87
  88 succ(Login) -> ?assertMatch({ok, _}, amqp_connection:start(Login)).
  89 fail(Login) -> ?assertMatch({error, _}, amqp_connection:start(Login)).
  90
  91 %%--------------------------------------------------------------------
  92
  93 in_group_test_() ->
  94     X = [#'exchange.declare'{exchange = <<"test">>}],
  95     test_resource_funs([{?SIMON, X, ok},
  96                          {?MIKEB, X, fail}]).
  97
  98 const_test_() ->
  99     Q = [#'queue.declare'{queue = <<"test">>}],
 100     test_resource_funs([{?SIMON, Q, ok},
 101                         {?MIKEB, Q, fail}]).
 102
 103 string_match_test_() ->
 104     B = fun(N) ->
 105                 [#'exchange.declare'{exchange = N},
 106                  #'queue.declare'{queue = <<"test">>},
 107                  #'queue.bind'{exchange = N, queue = <<"test">>}]
 108         end,
 109     test_resource_funs([{?SIMON, B(<<"xch-Simon MacMullen-abc123">>), ok},
 110                         {?SIMON, B(<<"abc123">>),                     fail},
 111                         {?SIMON, B(<<"xch-Someone Else-abc123">>),    fail}]).
 112
 113 boolean_logic_test_() ->
 114     Q1 = [#'queue.declare'{queue = <<"test1">>},
 115           #'basic.consume'{queue = <<"test1">>}],
 116     Q2 = [#'queue.declare'{queue = <<"test2">>},
 117           #'basic.consume'{queue = <<"test2">>}],
 118     [test_resource_fun(PTR) || PTR <- [{?SIMON, Q1, ok},
 119                                        {?SIMON, Q2, ok},
 120                                        {?MIKEB, Q1, fail},
 121                                        {?MIKEB, Q2, fail}]].
 122
 123 test_resource_funs(PTRs) -> [test_resource_fun(PTR) || PTR <- PTRs].
 124
 125 test_resource_fun({Person, Things, Result}) ->
 126     fun() ->
 127             {ok, Conn} = amqp_connection:start(Person),
 128             {ok, Ch} = amqp_connection:open_channel(Conn),
 129             ?assertEqual(Result,
 130                          try
 131                              [amqp_channel:call(Ch, T) || T <- Things],
 132                              amqp_connection:close(Conn),
 133                              ok
 134                          catch exit:_ -> fail
 135                          end)
 136     end.
 137
 138 %%--------------------------------------------------------------------