From 94c85df2d7ded82f2939d8fe29821e4c78ff000d Mon Sep 17 00:00:00 2001

From: Pavel Reichl <pavel.reichl@redhat.com>

Date: Thu, 14 Nov 2013 21:52:26 +0000

Subject: [PATCH 6/6] SSSD: Unit test - sss_ldap_dn_in_search_bases

Unit test testing detection of the right domain when processing group with members from several domains

Resolves:

https://fedorahosted.org/sssd/ticket/2132

---

 Makefile.am                          |  27 ++++-

 src/tests/cmocka/test_search_bases.c | 191 +++++++++++++++++++++++++++++++++++

 2 files changed, 217 insertions(+), 1 deletion(-)

 create mode 100644 src/tests/cmocka/test_search_bases.c

diff --git a/Makefile.am b/Makefile.am

index 2ba1ec0fd94e3292f05de0139d607b3626b5c6f7..583ccdb499306268640bfb894f673c42945e19ff 100644

--- a/Makefile.am

+++ b/Makefile.am

@@ -151,7 +151,8 @@ if HAVE_CMOCKA

         fqnames-tests \

         test_sss_idmap \

         test_utils \

-        ad_access_filter_tests

+        ad_access_filter_tests \

+        test_search_bases

 endif

 check_PROGRAMS = \

@@ -1367,6 +1368,30 @@ test_utils_LDADD = \

     $(SSSD_INTERNAL_LTLIBS) \

     libsss_test_common.la

+test_search_bases_SOURCES = \

+    $(sssd_be_SOURCES) \

+    src/util/sss_ldap.c \

+    src/util/sss_krb5.c \

+    src/util/find_uid.c \

+    src/util/user_info_msg.c \

+    src/tests/cmocka/test_search_bases.c

+test_search_bases_CFLAGS = \

+    $(AM_CFLAGS) \

+    -DUNIT_TESTING

+test_search_bases_LDADD = \

+    $(PAM_LIBS) \

+    $(CMOCKA_LIBS) \

+    $(POPT_LIBS) \

+    $(SSSD_LIBS) \

+    $(CARES_LIBS) \

+    $(KRB5_LIBS) \

+    $(SSSD_INTERNAL_LTLIBS) \

+    $(SYSTEMD_LOGIN_LIBS) \

+    libsss_ldap_common.la \

+    libsss_idmap.la \

+    libsss_krb5_common.la \

+    libsss_test_common.la

+

 ad_access_filter_tests_SOURCES = \

     $(sssd_be_SOURCES) \

     src/util/sss_ldap.c \

diff --git a/src/tests/cmocka/test_search_bases.c b/src/tests/cmocka/test_search_bases.c

new file mode 100644

index 0000000000000000000000000000000000000000..e03ef3662685d92335bce4a7023e1ac7e64432c8

--- /dev/null

+++ b/src/tests/cmocka/test_search_bases.c

@@ -0,0 +1,191 @@

+/*

+    Authors:

+        Pavel Reichl <preichl@redhat.com>

+

+    Copyright (C) 2013 Red Hat

+

+    SSSD tests - Search bases

+

+    This program is free software; you can redistribute it and/or modify

+    it under the terms of the GNU General Public License as published by

+    the Free Software Foundation; either version 3 of the License, or

+    (at your option) any later version.

+

+    This program is distributed in the hope that it will be useful,

+    but WITHOUT ANY WARRANTY; without even the implied warranty of

+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+    GNU General Public License for more details.

+

+    You should have received a copy of the GNU General Public License

+    along with this program.  If not, see <http://www.gnu.org/licenses/>.

+*/

+

+#include <stdarg.h>

+#include <stdlib.h>

+#include <stddef.h>

+#include <setjmp.h>

+#include <unistd.h>

+#include <sys/types.h>

+#include <cmocka.h>

+#include <ldap.h>

+

+#include "util/find_uid.h"

+#include "util/sss_ldap.h"

+#include "tests/common.h"

+#include "providers/ldap/ldap_common.h"

+#include "providers/ldap/sdap.h"

+#include "dhash.h"

+#include "tests/common_check.h"

+

+enum sss_test_get_by_dn {

+    DN_NOT_IN_DOMS, /* dn is not in any domain           */

+    DN_IN_DOM1,     /* dn is in the domain based on dns  */

+    DN_IN_DOM2,     /* dn is in the domain based on dns2 */

+};

+

+static struct sdap_search_base** generate_bases(TALLOC_CTX *mem_ctx,

+                                                const char** dns, size_t n)

+{

+    struct sdap_search_base **search_bases;

+    errno_t err;

+    int i;

+

+    search_bases = talloc_array(mem_ctx, struct sdap_search_base *, n + 1);

+    assert_non_null(search_bases);

+

+    for (i=0; i < n; ++i) {

+        err = sdap_create_search_base(mem_ctx, dns[i], LDAP_SCOPE_SUBTREE,

+                                      NULL, &search_bases[i]);

+        if (err != EOK) {

+            fprintf(stderr, "Failed to create search base\n");

+        }

+        assert_int_equal(err, EOK);

+    }

+    search_bases[n] = NULL;

+    return search_bases;

+}

+

+static bool do_test_search_bases(const char* dn, const char** dns, size_t n)

+{

+    TALLOC_CTX *tmp_ctx;

+    struct sdap_search_base **search_bases;

+    bool ret;

+

+    tmp_ctx = talloc_new(NULL);

+    assert_non_null(tmp_ctx);

+

+    search_bases = generate_bases(tmp_ctx, dns, n);

+    check_leaks_push(tmp_ctx);

+    ret = sss_ldap_dn_in_search_bases(tmp_ctx, dn, search_bases, NULL);

+    assert_true(check_leaks_pop(tmp_ctx) == true);

+

+    talloc_free(tmp_ctx);

+    return ret;

+}

+

+void test_search_bases_fail(void **state)

+{

+    const char *dn = "cn=user, dc=sub, dc=ad, dc=pb";

+    const char *dns[] = {"dc=example, dc=com", "dc=subdom, dc=ad, dc=pb"};

+    bool ret;

+

+    ret = do_test_search_bases(dn, dns, 2);

+    assert_false(ret);

+}

+

+void test_search_bases_success(void **state)

+{

+    const char *dn = "cn=user, dc=sub, dc=ad, dc=pb";

+    const char *dns[] = {"", "dc=ad, dc=pb", "dc=sub, dc=ad, dc=pb"};

+    bool ret;

+

+    ret = do_test_search_bases(dn, dns, 3);

+    assert_true(ret);

+}

+

+static void do_test_get_by_dn(const char *dn, const char **dns, size_t n,

+                              const char **dns2, size_t n2, int expected_result)

+{

+    TALLOC_CTX *tmp_ctx;

+    struct sdap_options *opts;

+    struct sdap_domain *sdom;

+    struct sdap_domain *sdom2;

+    struct sdap_domain *res_sdom;

+    struct sdap_search_base **search_bases;

+    struct sdap_search_base **search_bases2;

+    tmp_ctx = talloc_new(NULL);

+    assert_non_null(tmp_ctx);

+

+    search_bases = generate_bases(tmp_ctx, dns, n);

+    search_bases2 = generate_bases(tmp_ctx, dns2, n2);

+    sdom = talloc_zero(tmp_ctx, struct sdap_domain);

+    assert_non_null(sdom);

+    sdom2 = talloc_zero(tmp_ctx, struct sdap_domain);

+    assert_non_null(sdom2);

+

+    sdom->search_bases = search_bases;

+    sdom->next = sdom2;

+    sdom->prev = NULL;

+    sdom2->search_bases = search_bases2;

+    sdom2->next = NULL;

+    sdom2->prev = sdom;

+

+    opts = talloc(tmp_ctx, struct sdap_options);

+    assert_non_null(opts);

+    opts->sdom = sdom;

+    res_sdom = sdap_domain_get_by_dn(opts, dn);

+

+    switch (expected_result) {

+    case DN_NOT_IN_DOMS:

+        assert_null(res_sdom);

+        break;

+    case DN_IN_DOM1:

+        assert_true(res_sdom == sdom);

+        break;

+    case DN_IN_DOM2:

+        assert_true(res_sdom == sdom2);

+        break;

+    }

+

+    talloc_free(tmp_ctx);

+}

+

+void test_get_by_dn(void **state)

+{

+    const char *dn = "cn=user, dc=sub, dc=ad, dc=pb";

+    const char *dns[] = {"dc=ad, dc=pb"};

+    const char *dns2[] = {"dc=sub, dc=ad, dc=pb"};

+

+    do_test_get_by_dn(dn, dns, 1, dns2, 1, DN_IN_DOM2);

+}

+

+void test_get_by_dn2(void **state)

+{

+    const char *dn = "cn=user, dc=ad, dc=com";

+    const char *dns[] = {"dc=ad, dc=com"};

+    const char *dns2[] = {"dc=sub, dc=ad, dc=pb"};

+

+    do_test_get_by_dn(dn, dns, 1, dns2, 1, DN_IN_DOM1);

+}

+

+void test_get_by_dn_fail(void **state)

+{

+    const char *dn = "cn=user, dc=sub, dc=example, dc=com";

+    const char *dns[] = {"dc=ad, dc=pb"};

+    const char *dns2[] = {"dc=sub, dc=ad, dc=pb"};

+

+    do_test_get_by_dn(dn, dns, 1, dns2, 1, DN_NOT_IN_DOMS);

+}

+

+int main(void)

+{

+    const UnitTest tests[] = {

+        unit_test(test_search_bases_fail),

+        unit_test(test_search_bases_success),

+        unit_test(test_get_by_dn_fail),

+        unit_test(test_get_by_dn),

+        unit_test(test_get_by_dn2)

+     };

+

+    return run_tests(tests);

+}

-- 

1.8.4.2