function it_should_refresh_roles_but_not_attributes_if_specified($query, LdapUser $user) { $this->setRefreshAttributes(false); $query->getResult()->shouldBeCalled(); $user->toArray()->shouldBeCalled()->willReturn(['foo' => 'bar', 'guid' => $this->attr['guid']]); $user->getType()->shouldBeCalled()->willReturn('user'); $user->getRoles()->shouldNotBeCalled(); $query->getSingleResult()->shouldNotBeCalled(); $this->refreshUser($user)->toArray()->shouldEqual(['foo' => 'bar', 'guid' => $this->attr['guid']]); }
function it_should_throw_an_account_expired_exception_if_the_user_checker_detects_it() { $this->user->isAccountNonExpired()->willReturn(false); $this->shouldThrow('\\Symfony\\Component\\Security\\Core\\Exception\\AccountExpiredException')->duringAuthenticate($this->token); }
function it_should_call_a_login_success_event() { $credentials = $this->credentials; $credentials['ldap_domain'] = ''; $user = new LdapUser(new LdapObject(['username' => 'foo'])); $token = new UsernamePasswordToken($user, $credentials['password'], 'ldap-tools', $user->getRoles()); $token->setAttribute('ldap_domain', ''); $this->connection->execute(new AuthenticationOperation('foo', 'bar'))->shouldBeCalled()->willReturn(new AuthenticationResponse(true)); $this->checkCredentials($credentials, $user)->shouldReturn(true); $this->dispatcher->dispatch('ldap_tools_bundle.login.success', new LdapLoginEvent($user, $token))->shouldBeCalled(); }
/** * @param LdapUser $user * @return LdapObjectCollection */ protected function getGroupsForUser(LdapUser $user) { $select = $this->roleAttrMap; unset($select['members']); $query = $this->ldap->buildLdapQuery()->from($this->groupObjectType)->select(array_values($select)); if ($this->checkGroupsRecursively) { $query->where($query->filter()->hasMemberRecursively($user->getLdapGuid(), $this->roleAttrMap['members'])); } else { $query->where([$this->roleAttrMap['members'] => $user->getLdapGuid()]); } return $query->getLdapQuery()->getResult(); }