habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sources/ldap: implement test

Browse Source
This commit is contained in:
Amélie Lilith Krejčí
2025-02-21 14:07:01 +01:00
parent f6a3105fa5
commit cdfd92c49e
2 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
authentik/sources/ldap/tests/mock_freeipa.py
View File

@ -101,12 +101,21 @@ def mock_freeipa_connection(password: str) -> Connection:
"cn=user4,ou=users,dc=goauthentik,dc=io", "cn=user4,ou=users,dc=goauthentik,dc=io",
{ {
"name": "user4_sn", "name": "user4_sn",
"uid": "user4_sn",
"objectClass": "person", "objectClass": "person",
"memberOf": [ "memberOf": [
"cn=group1,ou=groups,dc=goauthentik,dc=io", "cn=reverse-lookup-group,ou=groups,dc=goauthentik,dc=io",
] ]
}, },
) )
connection.strategy.add_entry(
"cn=reverse-lookup-group,ou=groups,dc=goauthentik,dc=io",
{
"cn": "reverse-lookup-group",
"uid": "reverse-lookup-group",
"objectClass": "groupOfNames",
},
)
# Locked out user # Locked out user
connection.strategy.add_entry( connection.strategy.add_entry(
"cn=user-nsaccountlock,ou=users,dc=goauthentik,dc=io", "cn=user-nsaccountlock,ou=users,dc=goauthentik,dc=io",

10
authentik/sources/ldap/tests/test_sync.py
View File

@ -167,6 +167,7 @@ class LDAPSyncTests(TestCase):
self.source.object_uniqueness_field = "uid" self.source.object_uniqueness_field = "uid"
self.source.group_object_filter = "(objectClass=groupOfNames)" self.source.group_object_filter = "(objectClass=groupOfNames)"
self.source.lookup_groups_from_user = True self.source.lookup_groups_from_user = True
self.source.group_membership_field = "memberOf"
self.source.user_property_mappings.set( self.source.user_property_mappings.set(
LDAPSourcePropertyMapping.objects.filter( LDAPSourcePropertyMapping.objects.filter(
Q(managed__startswith="goauthentik.io/sources/ldap/default") Q(managed__startswith="goauthentik.io/sources/ldap/default")
@ -180,7 +181,6 @@ class LDAPSyncTests(TestCase):
) )
connection = MagicMock(return_value=mock_freeipa_connection(LDAP_PASSWORD)) connection = MagicMock(return_value=mock_freeipa_connection(LDAP_PASSWORD))
with patch("authentik.sources.ldap.models.LDAPSource.connection", connection): with patch("authentik.sources.ldap.models.LDAPSource.connection", connection):
self.source.save()
user_sync = UserLDAPSynchronizer(self.source) user_sync = UserLDAPSynchronizer(self.source)
user_sync.sync_full() user_sync.sync_full()
group_sync = GroupLDAPSynchronizer(self.source) group_sync = GroupLDAPSynchronizer(self.source)
@ -188,11 +188,11 @@ class LDAPSyncTests(TestCase):
membership_sync = MembershipLDAPSynchronizer(self.source) membership_sync = MembershipLDAPSynchronizer(self.source)
membership_sync.sync_full() membership_sync.sync_full()
self.assertTrue(User.objects.filter(username="user4_sn").exists()) self.assertTrue(User.objects.filter(username="user4_sn").exists(), "User does not exist")
# Test if membership mapping based on memberOf works. # Test if membership mapping based on memberOf works.
memberof_group = Group.objects.filter(name="group1").first() memberof_group = Group.objects.filter(name="reverse-lookup-group")
self.assertTrue(memberof_group.exists()) self.assertTrue(memberof_group.exists(), "Group does not exist")
self.assertTrue(memberof_group.users.filter(name="user4_sn").exists()) self.assertTrue(memberof_group.first().users.filter(username="user4_sn").exists(), "User not a member of the group")
def test_sync_groups_ad(self): def test_sync_groups_ad(self):
"""Test group sync""" """Test group sync"""