/**
* Asserts binding parameters
*
* @param array $params Given parameters
* @param boolean $isBound Expected hostname
* @param boolean $isAnonymous Expected port
* @param string $dn Bind dn (Default: null)
* @param string $password Bind password (Default: null)
*
* @return void
*/
protected function assertBinding($params, $isBound, $isAnonymous, $dn = null, $password = null)
{
$manager = new Manager($params, $this->driver);
$manager->connect();
$manager->bind();
$instance = $this->driver->getConnection();
$this->assertEquals($isBound, $instance->isBound());
if ($isAnonymous) {
$this->assertNull($instance->getBindDn(), 'Anonymous bind Dn');
$this->assertNull($instance->getBindPassword(), 'Anonymous bind Password');
} else {
$this->assertEquals($dn, $instance->getBindDn(), 'Privileged bind Dn');
$this->assertEquals($password, $instance->getBindPassword(), 'Privileged bind Password');
}
}
/**
* Perform auth against ldap
*
* @param array $credentials
* @return Identity|\Nette\Security\IIdentity
* @throws \Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$username = call_user_func_array($this->usernameGenerator, array($this->ldap, $username));
// Auth
try {
$this->ldap->connect();
// @todo: Pullrequest to toyota, to check whether we're already connected
$this->ldap->bind($username, $password);
$data = array('username' => $username, 'fqdn' => $this->fqdn);
} catch (BindException $e) {
throw new AuthenticationException('Username or password is not valid', $e->getCode(), $e);
}
// Success handlers
foreach ($this->onSuccess as $key => $handler) {
$data[$key] = call_user_func_array($handler, array($this->ldap, $data));
}
// Allow/refuse login based on groups
$this->assertHasGroupAccess($data);
// Get & return the identity
return call_user_func_array($this->identityGenerator, array($this->ldap, $data));
}
/**
* Tests alternative binding
*
* @return void
*/
public function testAlternativeBinding()
{
$params = $this->minimal;
$params['bind_dn'] = 'default_dn';
$params['bind_password'] = '******';
$manager = new Manager($params, $this->driver);
$manager->connect();
$instance = $this->driver->getConnection();
$manager->bind();
$this->assertTrue($instance->isBound(), 'Binding occured');
$this->assertEquals('default_dn', $instance->getBindDn(), 'Default credential got used');
$this->assertEquals('default_password', $instance->getBindPassword(), 'Default credential got used');
$manager->bind(null, '');
$this->assertTrue($instance->isBound(), 'Binding occured');
$this->assertEquals('default_dn', $instance->getBindDn(), 'Default credential got used');
$this->assertEquals('default_password', $instance->getBindPassword(), 'Default credential got used');
$manager->bind(null, 'alt_pass');
$this->assertTrue($instance->isBound(), 'Binding occured');
$this->assertEquals('default_dn', $instance->getBindDn(), 'Default credential got used');
$this->assertEquals('default_password', $instance->getBindPassword(), 'Default credential got used');
$manager->bind('', 'alt_pass');
$this->assertTrue($instance->isBound(), 'Binding occured');
$this->assertEquals('default_dn', $instance->getBindDn(), 'Default credential got used');
$this->assertEquals('default_password', $instance->getBindPassword(), 'Default credential got used');
$manager->bind('alt_dn', 'alt_pass');
$this->assertTrue($instance->isBound(), 'Binding occured');
$this->assertEquals('alt_dn', $instance->getBindDn(), 'Now alternative binding occurs');
$this->assertEquals('alt_pass', $instance->getBindPassword(), 'Alternative password got used');
$manager->bind('alt_dn', '');
$this->assertTrue($instance->isBound(), 'Binding occured');
$this->assertEquals('alt_dn', $instance->getBindDn(), 'Now alternative binding occurs');
$this->assertEquals('', $instance->getBindPassword(), 'Alternative password got used');
$manager->bind('alt_dn');
$this->assertTrue($instance->isBound(), 'Binding occured');
$this->assertEquals('alt_dn', $instance->getBindDn(), 'Now alternative binding occurs');
$this->assertEquals('', $instance->getBindPassword(), 'Default empty password got used');
}
/**
* Tests complex updates with changeset merging when saving
*
* @return void
*/
public function testSaveMergesChanges()
{
$manager = new Manager($this->minimal, $this->driver);
$manager->connect();
$manager->bind();
$entry = new Entry('test_dn', array('a' => array('a1', 'a2'), 'b' => array('b1', 'b2'), 'c' => array('c1', 'c2'), 'd' => array('d1', 'd2'), 'e' => array('e1', 'e2')));
$this->driver->getConnection()->stackResults(array($entry));
$node = new Node();
$node->setDn('test_dn');
$node->get('a', true)->add(array('a2', 'a4'));
$node->get('b', true)->add(array('b1', 'b3'));
$node->get('c', true)->add(array('c1', 'c3'));
$node->get('d', true)->add(array('d1', 'd2', 'd3', 'd4'));
$node->get('g', true)->add('g1');
$node->get('h', true)->add(array('h1', 'h2'));
$node->get('i', true)->add(array('i1', 'i2'));
$node->snapshot(false);
$node->get('a')->add(array('a1', 'a3'));
$node->removeAttribute('b');
$node->get('c')->set(array('c4', 'c5'));
$node->get('d')->remove('d2');
$node->get('d')->remove('d3');
$node->get('d')->add('d5');
$node->get('f', true)->add(array('f1', 'f2'));
$node->removeAttribute('g');
$node->get('h')->set(array('h1', 'h3'));
$node->get('i')->remove('i2');
$this->assertFalse($manager->save($node), 'Node persistence resulted in an update');
$this->assertSearchLog($this->driver->getConnection()->shiftLog(), 'test_dn', '(objectclass=*)', SearchInterface::SCOPE_BASE, null, array($entry));
$this->assertActionLog($this->driver->getConnection()->shiftLog(), 'attr_add', 'test_dn', array('a' => array('a3'), 'd' => array('d5'), 'f' => array('f1', 'f2'), 'h' => array('h1', 'h3')));
$this->assertActionLog($this->driver->getConnection()->shiftLog(), 'attr_del', 'test_dn', array('b' => array(), 'd' => array('d2')));
$this->assertActionLog($this->driver->getConnection()->shiftLog(), 'attr_rep', 'test_dn', array('c' => array('c4', 'c5')));
$this->assertNull($this->driver->getConnection()->shiftLog(), 'All logs have been parsed');
$this->assertSnapshot($node, 'A node is snapshot after update');
}
