Esempio n. 1
0
func TestSuppressMemberLookupErrorMemberNotFound(t *testing.T) {
	var testCases = []struct {
		name               string
		err                error
		expectedHandled    bool
		expectedFatalError error
	}{
		{
			name:               "nil error",
			err:                nil,
			expectedHandled:    false,
			expectedFatalError: nil,
		},
		{
			name:               "other error",
			err:                errors.New("generic error"),
			expectedHandled:    false,
			expectedFatalError: nil,
		},
		{
			name:               "non-member-not-found member lookup error",
			err:                NewMemberLookupError("", "", nil),
			expectedHandled:    false,
			expectedFatalError: nil,
		},
		{
			name:               "no such object member lookup error",
			err:                NewMemberLookupError("", "", ldaputil.NewNoSuchObjectError("")),
			expectedHandled:    true,
			expectedFatalError: nil,
		},
		{
			name:               "member not found member lookup error",
			err:                NewMemberLookupError("", "", ldaputil.NewEntryNotFoundError("", "")),
			expectedHandled:    true,
			expectedFatalError: nil,
		},
	}

	for _, testCase := range testCases {
		handler := NewMemberLookupMemberNotFoundSuppressor(ioutil.Discard)

		actualHandled, actualFatalErr := handler.HandleError(testCase.err)
		if actualHandled != testCase.expectedHandled {
			t.Errorf("%s: handler did not handle as expected: wanted handled=%t, got handled=%t", testCase.name, testCase.expectedHandled, actualHandled)
		}

		if !reflect.DeepEqual(actualFatalErr, testCase.expectedFatalError) {
			t.Errorf("%s: handler did not return correct error:\n\twanted\n\t%v,\n\tgot\n\t%v", testCase.name, testCase.expectedFatalError, actualFatalErr)
		}
	}
}
Esempio n. 2
0
func TestExtractMembers(t *testing.T) {
	var testCases = []struct {
		name            string
		client          ldap.Client
		expectedError   error
		expectedMembers []*ldap.Entry
	}{
		{
			name: "group lookup errors",
			client: testclient.NewMatchingSearchErrorClient(
				testclient.New(),
				"cn=testGroup,ou=groups,dc=example,dc=com",
				errors.New("generic search error"),
			),
			expectedError:   errors.New("generic search error"),
			expectedMembers: nil,
		},
		{
			name: "member lookup errors",
			// this is a nested test client, the first nest tries to error on the user DN
			// the second nest attempts to give back from the DN mapping
			// the third nest is the default "safe" impl from ldaputil
			client: testclient.NewMatchingSearchErrorClient(
				testclient.NewDNMappingClient(
					testclient.New(),
					map[string][]*ldap.Entry{
						"cn=testGroup,ou=groups,dc=example,dc=com": {newTestGroup("testGroup", "cn=testUser,ou=users,dc=example,dc=com")},
					},
				),
				"cn=testUser,ou=users,dc=example,dc=com",
				errors.New("generic search error"),
			),
			expectedError:   syncerror.NewMemberLookupError("cn=testGroup,ou=groups,dc=example,dc=com", "cn=testUser,ou=users,dc=example,dc=com", errors.New("generic search error")),
			expectedMembers: nil,
		},
		{
			name: "out of scope member lookup suppressed",
			client: testclient.NewMatchingSearchErrorClient(
				testclient.NewDNMappingClient(
					testclient.New(),
					map[string][]*ldap.Entry{
						"cn=testGroup,ou=groups,dc=example,dc=com": {newTestGroup("testGroup", "cn=testUser,ou=users,dc=other-example,dc=com")},
					},
				),
				"cn=testUser,ou=users,dc=other-example,dc=com",
				ldaputil.NewQueryOutOfBoundsError("cn=testUser,ou=users,dc=other-example,dc=com", "cn=testGroup,ou=groups,dc=example,dc=com"),
			),
			expectedError:   nil,
			expectedMembers: []*ldap.Entry{},
		},
		{
			name: "no such object member lookup error suppressed",
			client: testclient.NewMatchingSearchErrorClient(
				testclient.NewDNMappingClient(
					testclient.New(),
					map[string][]*ldap.Entry{
						"cn=testGroup,ou=groups,dc=example,dc=com": {newTestGroup("testGroup", "cn=testUser,ou=users,dc=other-example,dc=com")},
					},
				),
				"cn=testUser,ou=users,dc=other-example,dc=com",
				ldaputil.NewNoSuchObjectError("cn=testUser,ou=users,dc=other-example,dc=com"),
			),
			expectedError:   nil,
			expectedMembers: []*ldap.Entry{},
		},
		{
			name: "member not found member lookup error suppressed",
			client: testclient.NewMatchingSearchErrorClient(
				testclient.NewDNMappingClient(
					testclient.New(),
					map[string][]*ldap.Entry{
						"cn=testGroup,ou=groups,dc=example,dc=com": {newTestGroup("testGroup", "cn=testUser,ou=users,dc=other-example,dc=com")},
					},
				),
				"cn=testUser,ou=users,dc=other-example,dc=com",
				ldaputil.NewEntryNotFoundError("cn=testUser,ou=users,dc=other-example,dc=com", "objectClass=groupOfNames"),
			),
			expectedError:   nil,
			expectedMembers: []*ldap.Entry{},
		},
		{
			name: "no errors",
			client: testclient.NewDNMappingClient(
				testclient.New(),
				map[string][]*ldap.Entry{
					"cn=testGroup,ou=groups,dc=example,dc=com": {newTestGroup("testGroup", "cn=testUser,ou=users,dc=example,dc=com")},
					"cn=testUser,ou=users,dc=example,dc=com":   {newTestUser("testUser")},
				},
			),
			expectedError:   nil,
			expectedMembers: []*ldap.Entry{newTestUser("testUser")},
		},
	}
	for _, testCase := range testCases {
		ldapInterface := newTestLDAPInterface(testCase.client)
		members, err := ldapInterface.ExtractMembers("cn=testGroup,ou=groups,dc=example,dc=com")
		if !reflect.DeepEqual(err, testCase.expectedError) {
			t.Errorf("%s: incorrect error returned:\n\texpected:\n\t%v\n\tgot:\n\t%v\n", testCase.name, testCase.expectedError, err)
		}
		if !reflect.DeepEqual(members, testCase.expectedMembers) {
			t.Errorf("%s: incorrect members returned:\n\texpected:\n\t%v\n\tgot:\n\t%v\n", testCase.name, testCase.expectedMembers, members)
		}
	}
}
Esempio n. 3
0
	return nil, nil
}

func (g *puppetGetterExtractor) ExtractMembers(ldapGroupUID string) ([]*ldap.Entry, error) {
	if len(g.returnVal) > 0 {
		return g.returnVal, nil
	}
	return nil, nil
}

// the following generators are both GroupGetters and MemberExtractors that generate specific errors
// whenever their corresponding methods are called. They are used for the tests for this package

var outOfBoundsError error = ldaputil.NewQueryOutOfBoundsError("baseDN", "queryDN")
var entryNotFoundError error = ldaputil.NewEntryNotFoundError("baseDN", "filter")
var noSuchObjectError error = ldaputil.NewNoSuchObjectError("baseDN")
var genericError error = errors.New("generic error")

type errOutOfBoundsGetterExtractor struct{}

func (g *errOutOfBoundsGetterExtractor) GroupEntryFor(ldapGroupUID string) (*ldap.Entry, error) {
	return nil, outOfBoundsError
}

func (g *errOutOfBoundsGetterExtractor) ExtractMembers(ldapGroupUID string) ([]*ldap.Entry, error) {
	return nil, outOfBoundsError
}

type errEntryNotFoundGetterExtractor struct{}

func (g *errEntryNotFoundGetterExtractor) GroupEntryFor(ldapGroupUID string) (*ldap.Entry, error) {