auth-ldap.ts 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117
  1. /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
  2. import { expect } from 'chai'
  3. import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
  4. import { HttpStatusCode } from '@shared/models'
  5. describe('Official plugin auth-ldap', function () {
  6. let server: PeerTubeServer
  7. let accessToken: string
  8. let userId: number
  9. before(async function () {
  10. this.timeout(30000)
  11. server = await createSingleServer(1)
  12. await setAccessTokensToServers([ server ])
  13. await server.plugins.install({ npmName: 'peertube-plugin-auth-ldap' })
  14. })
  15. it('Should not login with without LDAP settings', async function () {
  16. await server.login.login({ user: { username: 'fry', password: 'fry' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  17. })
  18. it('Should not login with bad LDAP settings', async function () {
  19. await server.plugins.updateSettings({
  20. npmName: 'peertube-plugin-auth-ldap',
  21. settings: {
  22. 'bind-credentials': 'GoodNewsEveryone',
  23. 'bind-dn': 'cn=admin,dc=planetexpress,dc=com',
  24. 'insecure-tls': false,
  25. 'mail-property': 'mail',
  26. 'search-base': 'ou=people,dc=planetexpress,dc=com',
  27. 'search-filter': '(|(mail={{username}})(uid={{username}}))',
  28. 'url': 'ldap://localhost:390',
  29. 'username-property': 'uid'
  30. }
  31. })
  32. await server.login.login({ user: { username: 'fry', password: 'fry' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  33. })
  34. it('Should not login with good LDAP settings but wrong username/password', async function () {
  35. await server.plugins.updateSettings({
  36. npmName: 'peertube-plugin-auth-ldap',
  37. settings: {
  38. 'bind-credentials': 'GoodNewsEveryone',
  39. 'bind-dn': 'cn=admin,dc=planetexpress,dc=com',
  40. 'insecure-tls': false,
  41. 'mail-property': 'mail',
  42. 'search-base': 'ou=people,dc=planetexpress,dc=com',
  43. 'search-filter': '(|(mail={{username}})(uid={{username}}))',
  44. 'url': 'ldap://localhost:10389',
  45. 'username-property': 'uid'
  46. }
  47. })
  48. await server.login.login({ user: { username: 'fry', password: 'bad password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  49. await server.login.login({ user: { username: 'fryr', password: 'fry' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  50. })
  51. it('Should login with the appropriate username/password', async function () {
  52. accessToken = await server.login.getAccessToken({ username: 'fry', password: 'fry' })
  53. })
  54. it('Should login with the appropriate email/password', async function () {
  55. accessToken = await server.login.getAccessToken({ username: 'fry@planetexpress.com', password: 'fry' })
  56. })
  57. it('Should login get my profile', async function () {
  58. const body = await server.users.getMyInfo({ token: accessToken })
  59. expect(body.username).to.equal('fry')
  60. expect(body.email).to.equal('fry@planetexpress.com')
  61. userId = body.id
  62. })
  63. it('Should upload a video', async function () {
  64. await server.videos.upload({ token: accessToken, attributes: { name: 'my super video' } })
  65. })
  66. it('Should not be able to login if the user is banned', async function () {
  67. await server.users.banUser({ userId })
  68. await server.login.login({
  69. user: { username: 'fry@planetexpress.com', password: 'fry' },
  70. expectedStatus: HttpStatusCode.BAD_REQUEST_400
  71. })
  72. })
  73. it('Should be able to login if the user is unbanned', async function () {
  74. await server.users.unbanUser({ userId })
  75. await server.login.login({ user: { username: 'fry@planetexpress.com', password: 'fry' } })
  76. })
  77. it('Should not be able to ask password reset', async function () {
  78. await server.users.askResetPassword({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 })
  79. })
  80. it('Should not be able to ask email verification', async function () {
  81. await server.users.askSendVerifyEmail({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 })
  82. })
  83. it('Should not login if the plugin is uninstalled', async function () {
  84. await server.plugins.uninstall({ npmName: 'peertube-plugin-auth-ldap' })
  85. await server.login.login({
  86. user: { username: 'fry@planetexpress.com', password: 'fry' },
  87. expectedStatus: HttpStatusCode.BAD_REQUEST_400
  88. })
  89. })
  90. after(async function () {
  91. await cleanupTests([ server ])
  92. })
  93. })