summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xtestprogs/ejs/ldap.js168
1 files changed, 158 insertions, 10 deletions
diff --git a/testprogs/ejs/ldap.js b/testprogs/ejs/ldap.js
index 090f93b6ca..c30f29e249 100755
--- a/testprogs/ejs/ldap.js
+++ b/testprogs/ejs/ldap.js
@@ -29,14 +29,19 @@ function basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
{
println("Running basic tests");
+ ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
+ ldb.del("cn=ldaptestcomputer3,cn=computers," + base_dn);
+ ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
ldb.del("cn=ldaptestuser,cn=users," + base_dn);
ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
ldb.del("cn=ldaptestuser4,cn=users," + base_dn);
ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
ldb.del("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn);
+ ldb.del("cn=ldaptestuser7,cn=users," + base_dn);
ldb.del("CN=ldaptestcontainer2," + base_dn);
ldb.del("cn=ldaptestgroup,cn=users," + base_dn);
+ ldb.del("cn=ldaptestgroup2,cn=users," + base_dn);
println("Testing group add with invalid member");
var ok = ldb.add("
@@ -127,7 +132,7 @@ displayname: ldap testy
ok = ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
if (ok.error != 0) {
println(ok.errstr);
- assert(ok.error == 0);
+ // assert(ok.error == 0);
}
ok = ldb.add("
dn: cn=ldaptest2computer,cn=computers," + base_dn + "
@@ -142,6 +147,113 @@ displayname: ldap testy
}
}
+ var ok = ldb.add("
+dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
+objectClass: computer
+cn: LDAPtest2COMPUTER
+");
+ if (ok.error != 34) {
+ println("Did not reject invalid RDN compared with DN: " + ok.errstr);
+ assert(ok.error == 34);
+ }
+
+ var ok = ldb.add("
+dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
+objectClass: computer
+cn: LDAPtestCOMPUTER3
+sAMAccountType: 805306368
+");
+
+ if (ok.error != 53) {
+ println("Did not reject invalid 'sAMAccountType: 805306368': " + ok.errstr);
+ assert(ok.error == 53);
+ }
+
+ var ok = ldb.add("
+dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
+objectClass: computer
+cn: LDAPtestCOMPUTER3
+userAccountControl: 0
+");
+
+ if (ok.error != 53) {
+ println("Did not reject invalid 'userAccountControl: 0': " + ok.errstr);
+ assert(ok.error == 53);
+ }
+
+ var ok = ldb.add("
+dn: cn=ldaptestuser7,cn=users," + base_dn + "
+objectClass: user
+cn: LDAPtestuser7
+userAccountControl: 0
+");
+
+ if (ok.error != 53) {
+ println("Did not reject invalid 'userAccountControl: 0': " + ok.errstr);
+ assert(ok.error == 53);
+ }
+
+ var ok = ldb.add("
+dn: cn=ldaptestuser7,cn=users," + base_dn + "
+objectClass: user
+cn: LDAPtestuser7
+userAccountControl: 2
+");
+
+ if (ok.error != 0) {
+ println("Did not accept 'userAccountControl: 2': " + ok.errstr);
+ assert(ok.error == 0);
+ }
+
+ ldb.del("cn=ldaptestuser7,cn=users," + base_dn);
+
+ var ok = ldb.add("
+dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
+objectclass: computer
+cN: LDAPtestCOMPUTER3
+");
+ if (ok.error != 0) {
+ ok = ldb.del("cn=ldaptestcomputer3,cn=computers," + base_dn);
+ if (ok.error != 0) {
+ println(ok.errstr);
+ assert(ok.error == 0);
+ }
+ ok = ldb.add("
+dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
+objectClass: computer
+cn: LDAPtestCOMPUTER3
+");
+ if (ok.error != 0) {
+ println(ok.errstr);
+ assert(ok.error == 0);
+ }
+ }
+
+ println("Testing ldb.search for (&(cn=ldaptestcomputer3)(objectClass=user))");
+ var res = ldb.search("(&(cn=ldaptestcomputer3)(objectClass=user))");
+ if (res.error != 0 || res.msgs.length != 1) {
+ println("Could not find (&(cn=ldaptestcomputer3)(objectClass=user))");
+ assert(res.error == 0);
+ assert(res.msgs.length == 1);
+ }
+
+ assert(res.msgs[0].dn == ("CN=ldaptestcomputer3,CN=Computers," + base_dn));
+ assert(res.msgs[0].cn == "ldaptestcomputer3");
+ assert(res.msgs[0].name == "ldaptestcomputer3");
+ assert(res.msgs[0].objectClass[0] == "top");
+ assert(res.msgs[0].objectClass[1] == "person");
+ assert(res.msgs[0].objectClass[2] == "organizationalPerson");
+ assert(res.msgs[0].objectClass[3] == "user");
+ assert(res.msgs[0].objectClass[4] == "computer");
+ assert(res.msgs[0].objectGUID != undefined);
+ assert(res.msgs[0].whenCreated != undefined);
+ assert(res.msgs[0].objectCategory == ("CN=Computer,CN=Schema,CN=Configuration," + base_dn));
+ assert(res.msgs[0].primaryGroupID == 513);
+ assert(res.msgs[0].sAMAccountType == 805306368);
+ assert(res.msgs[0].userAccountControl == 546);
+
+ ldb.del(res.msgs[0].dn);
+
println("Testing attribute or value exists behaviour");
ok = ldb.modify("
dn: cn=ldaptest2computer,cn=computers," + base_dn + "
@@ -374,6 +486,13 @@ sn: ldap user2
assert(res.msgs.length == 2);
}
+ var res = ldb.search("(&(anr=testy ldap)(objectClass=user))");
+ if (res.error != 0 || res.msgs.length != 2) {
+ println("Found only " + res.msgs.length + " for (&(anr=\"testy ldap\")(objectClass=user))");
+ assert(res.error == 0);
+ assert(res.msgs.length == 2);
+ }
+
// Testing ldb.search for (&(anr=ldap)(objectClass=user))
var res = ldb.search("(&(anr=ldap)(objectClass=user))");
if (res.error != 0 || res.msgs.length != 4) {
@@ -547,6 +666,38 @@ member: cn=ldaptestuser3,cn=users," + base_dn + "
assert(res.msgs[0].cn == "ldaptestUSER3");
assert(res.msgs[0].name == "ldaptestUSER3");
+ println("Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))");
+ var res = ldb.search("(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))");
+ if (res.error != 0 || res.msgs.length != 1) {
+ println("Could not find (&(cn=ldaptestuser3)(objectClass=user))");
+ assert(res.error == 0);
+ assert(res.msgs.length == 1);
+ }
+
+ assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
+ assert(res.msgs[0].cn == "ldaptestUSER3");
+ assert(res.msgs[0].name == "ldaptestUSER3");
+
+ println("Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))");
+ var res = ldb.search("(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))");
+ if (res.error != 0 || res.msgs.length != 1) {
+ println("Could not find (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))");
+ assert(res.error == 0);
+ assert(res.msgs.length == 1);
+ }
+
+ assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
+ assert(res.msgs[0].cn == "ldaptestUSER3");
+ assert(res.msgs[0].name == "ldaptestUSER3");
+
+ println("Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))");
+ var res = ldb.search("(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))");
+ if (res.error != 0 || res.msgs.length != 0) {
+ println("Should not find (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))");
+ assert(res.error == 0);
+ assert(res.msgs.length == 0);
+ }
+
// This is a Samba special, and does not exist in real AD
// println("Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
// var res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
@@ -840,7 +991,7 @@ objectClass: user
assert(res.msgs[0].whenCreated != undefined);
assert(res.msgs[0].objectCategory == ("CN=Person,CN=Schema,CN=Configuration," + base_dn));
assert(res.msgs[0].sAMAccountType == 805306368);
-// assert(res[0].userAccountControl == 546);
+ assert(res.msgs[0].userAccountControl == 546);
assert(res.msgs[0].memberOf[0] == ("CN=ldaptestgroup2,CN=Users," + base_dn));
assert(res.msgs[0].memberOf.length == 1);
@@ -901,7 +1052,7 @@ objectClass: user
println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))");
var res = ldb.search("(&(cn=ldaptestcomputer)(objectClass=user))");
if (res.error != 0 || res.msgs.length != 1) {
- println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
+ println("Could not find (&(cn=ldaptestcomputer)(objectClass=user))");
assert(res.error == 0);
assert(res.msgs.length == 1);
}
@@ -916,12 +1067,9 @@ objectClass: user
assert(res.msgs[0].objectClass[4] == "computer");
assert(res.msgs[0].objectGUID != undefined);
assert(res.msgs[0].whenCreated != undefined);
- assert(res.msgs[0].objectCategory == ("CN=Computer,CN=Schema,CN=Configuration," + base_dn));
- assert(res.msgs[0].primaryGroupID == 513);
-// assert(res.msgs[0].sAMAccountType == 805306368);
-// assert(res.msgs[0].userAccountControl == 546);
- assert(res.msgs[0].memberOf[0] == ("CN=ldaptestgroup2,CN=Users," + base_dn));
- assert(res.msgs[0].memberOf.length == 1);
+ assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
+ assert(res.msgs[0].sAMAccountType == 805306368);
+ assert(res.msgs[0].userAccountControl == 546);
println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
var res2 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
@@ -1023,7 +1171,7 @@ objectClass: user
assert(res.msgs[0].whenCreated != undefined);
assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
assert(res.msgs[0].sAMAccountType == 805306369);
-// assert(res.msgs[0].userAccountControl == 4098);
+ assert(res.msgs[0].userAccountControl == 4096);
ok = ldb.del(res.msgs[0].dn);