func TestQueryWithPaging(t *testing.T) { expectedResult := &ldap.SearchResult{ Entries: []*ldap.Entry{ldap.NewEntry("cn=paging,ou=paging,dc=paging,dc=com", map[string][]string{"paging": {"true"}})}, } testConfig := testclient.NewConfig(testclient.NewPagingOnlyClient(testclient.New(), expectedResult, )) testSearchRequest := &ldap.SearchRequest{ BaseDN: "dc=example,dc=com", Scope: ldap.ScopeWholeSubtree, DerefAliases: int(DefaultDerefAliases), SizeLimit: DefaultSizeLimit, TimeLimit: DefaultTimeLimit, TypesOnly: DefaultTypesOnly, Filter: "(objectClass=*)", Attributes: append(DefaultAttributes), Controls: []ldap.Control{ldap.NewControlPaging(5)}, } // test that a search request with paging controls gets correctly routed to the SearchWithPaging call response, err := QueryForEntries(testConfig, testSearchRequest) if err != nil { t.Errorf("query with paging control should not create error, but got %v", err) } if !reflect.DeepEqual(expectedResult.Entries, response) { t.Errorf("query with paging did not return correct response: expected %v, got %v", expectedResult.Entries, response) } }
// TestErrEntryNotFound checks that we wrap a zero-length list of results correctly if we search for a unique entry func TestErrEntryNotFound(t *testing.T) { testConfig := testclient.NewConfig(testclient.New()) testSearchRequest := &ldap.SearchRequest{ BaseDN: "dc=example,dc=com", Scope: ldap.ScopeWholeSubtree, DerefAliases: int(DefaultDerefAliases), SizeLimit: DefaultSizeLimit, TimeLimit: DefaultTimeLimit, TypesOnly: DefaultTypesOnly, Filter: "(objectClass=*)", Attributes: append(DefaultAttributes), Controls: DefaultControls, } expectedErr := &errEntryNotFound{baseDN: "dc=example,dc=com", filter: "(objectClass=*)"} // test that a unique search errors on no result if _, err := QueryForUniqueEntry(testConfig, testSearchRequest); !reflect.DeepEqual(err, expectedErr) { t.Errorf("query for unique entry did not get correct error:\n\texpected:\n\t%v\n\tgot:\n\t%v", expectedErr, err) } // test that a non-unique search doesn't error if _, err := QueryForEntries(testConfig, testSearchRequest); !reflect.DeepEqual(err, nil) { t.Errorf("query for entries did not get correct error:\n\texpected:\n\t%v\n\tgot:\n\t%v", nil, err) } }
// TestErrNoSuchObject tests that our LDAP search correctly wraps the LDAP server error func TestErrNoSuchObject(t *testing.T) { var testCases = []struct { name string searchRequest *ldap.SearchRequest expectedError error }{ { name: "valid search", searchRequest: &ldap.SearchRequest{ BaseDN: "uid=john,o=users,dc=example,dc=com", }, expectedError: nil, }, { name: "invalid search", searchRequest: &ldap.SearchRequest{ BaseDN: "ou=groups,dc=example,dc=com", }, expectedError: &errNoSuchObject{baseDN: "ou=groups,dc=example,dc=com"}, }, } for _, testCase := range testCases { testClient := testclient.NewMatchingSearchErrorClient(testclient.New(), "ou=groups,dc=example,dc=com", ldap.NewError(ldap.LDAPResultNoSuchObject, errors.New("")), ) testConfig := testclient.NewConfig(testClient) if _, err := QueryForEntries(testConfig, testCase.searchRequest); !reflect.DeepEqual(err, testCase.expectedError) { t.Errorf("%s: error did not match:\n\texpected:\n\t%v\n\tgot:\n\t%v", testCase.name, testCase.expectedError, err) } } }
func newTestLDAPInterface(client ldap.Client) *LDAPInterface { // below are common test implementations of LDAPInterface fields groupQuery := ldaputil.LDAPQueryOnAttribute{ LDAPQuery: ldaputil.LDAPQuery{ BaseDN: "ou=groups,dc=example,dc=com", Scope: ldaputil.ScopeWholeSubtree, DerefAliases: ldaputil.DerefAliasesAlways, TimeLimit: 0, Filter: "objectClass=groupOfNames", }, QueryAttribute: "dn", } groupNameAttributes := []string{"cn"} groupMembershipAttributes := []string{"member"} userQuery := ldaputil.LDAPQueryOnAttribute{ LDAPQuery: ldaputil.LDAPQuery{ BaseDN: "ou=users,dc=example,dc=com", Scope: ldaputil.ScopeWholeSubtree, DerefAliases: ldaputil.DerefAliasesAlways, TimeLimit: 0, Filter: "objectClass=inetOrgPerson", }, QueryAttribute: "dn", } userNameAttributes := []string{"cn"} return NewLDAPInterface(testclient.NewConfig(client), groupQuery, groupNameAttributes, groupMembershipAttributes, userQuery, userNameAttributes) }
func newTestLDAPInterface(client ldap.Client) *LDAPInterface { // below are common test implementations of LDAPInterface fields groupQuery := ldaputil.LDAPQueryOnAttribute{ LDAPQuery: ldaputil.LDAPQuery{ BaseDN: "ou=groups,dc=example,dc=com", Scope: ldaputil.ScopeWholeSubtree, DerefAliases: ldaputil.DerefAliasesAlways, TimeLimit: 0, Filter: "objectClass=groupOfNames", }, QueryAttribute: "dn", } groupNameAttributes := []string{"cn"} groupMembershipAttributes := []string{"member"} userQuery := ldaputil.LDAPQueryOnAttribute{ LDAPQuery: ldaputil.LDAPQuery{ BaseDN: "ou=users,dc=example,dc=com", Scope: ldaputil.ScopeWholeSubtree, DerefAliases: ldaputil.DerefAliasesAlways, TimeLimit: 0, Filter: "objectClass=inetOrgPerson", }, QueryAttribute: "dn", } userNameAttributes := []string{"cn"} errorHandler := syncerror.NewCompoundHandler( syncerror.NewMemberLookupOutOfBoundsSuppressor(ioutil.Discard), syncerror.NewMemberLookupMemberNotFoundSuppressor(ioutil.Discard), ) return NewLDAPInterface(testclient.NewConfig(client), groupQuery, groupNameAttributes, groupMembershipAttributes, userQuery, userNameAttributes, errorHandler) }