1
0

openldap-numerical-id.feature 3.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
  1. # SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
  2. # SPDX-License-Identifier: AGPL-3.0-or-later
  3. Feature: LDAP
  4. Background:
  5. Given using api version "2"
  6. And having a valid LDAP configuration
  7. And modify LDAP configuration
  8. | ldapExpertUsernameAttr | employeeNumber |
  9. | ldapLoginFilter | (&(objectclass=inetorgperson)(employeeNumber=%uid)) |
  10. # Those tests are dedicated to ensure Nc is working when it is provided with
  11. # users having numerical IDs
  12. Scenario: Look for a expected LDAP users
  13. Given As an "admin"
  14. And sending "GET" to "/cloud/users"
  15. Then the OCS status code should be "200"
  16. And the "users" result should match
  17. | 92379 | 1 |
  18. | 50194 | 1 |
  19. Scenario: check default home of an LDAP user
  20. Given As an "admin"
  21. And sending "GET" to "/cloud/users/92379"
  22. Then the OCS status code should be "200"
  23. And the record's fields should match
  24. | storageLocation | /dev/shm/nc_int/92379 |
  25. Scenario: Test by logging in
  26. Given cookies are reset
  27. And Logging in using web as "92379"
  28. And Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken
  29. Then the HTTP status code should be "200"
  30. Scenario: Test LDAP group retrieval with numeric group ids and nesting
  31. # Nesting does not play a role here really
  32. Given modify LDAP configuration
  33. | ldapBaseGroups | ou=NumericGroups,dc=nextcloud,dc=ci |
  34. | ldapGroupFilter | (objectclass=groupOfNames) |
  35. | ldapGroupMemberAssocAttr | member |
  36. | ldapNestedGroups | 1 |
  37. | useMemberOfToDetectMembership | 1 |
  38. And As an "admin"
  39. And sending "GET" to "/cloud/groups"
  40. Then the OCS status code should be "200"
  41. And the "groups" result should match
  42. | 2000 | 1 |
  43. | 3000 | 1 |
  44. | 3001 | 1 |
  45. | 3002 | 1 |
  46. Scenario: Test LDAP group membership with intermediate groups not matching filter, numeric group ids
  47. Given modify LDAP configuration
  48. | ldapBaseGroups | ou=NumericGroups,dc=nextcloud,dc=ci |
  49. | ldapGroupFilter | (&(cn=2000)(objectclass=groupOfNames)) |
  50. | ldapNestedGroups | 1 |
  51. | useMemberOfToDetectMembership | 1 |
  52. | ldapUserFilter | (&(objectclass=inetorgperson)(!(uid=alice))) |
  53. | ldapGroupMemberAssocAttr | member |
  54. And As an "admin"
  55. # for population
  56. And sending "GET" to "/cloud/groups"
  57. And sending "GET" to "/cloud/groups/2000/users"
  58. Then the OCS status code should be "200"
  59. And the "users" result should match
  60. | 92379 | 0 |
  61. | 54172 | 1 |
  62. | 50194 | 1 |
  63. | 59376 | 1 |
  64. | 59463 | 1 |
  65. Scenario: Test LDAP admin group mapping, empowered user
  66. Given modify LDAP configuration
  67. | ldapBaseGroups | ou=NumericGroups,dc=nextcloud,dc=ci |
  68. | ldapGroupFilter | (objectclass=groupOfNames) |
  69. | ldapGroupMemberAssocAttr | member |
  70. | ldapAdminGroup | 3001 |
  71. | useMemberOfToDetectMembership | 1 |
  72. And cookies are reset
  73. # alice, part of the promoted group
  74. And Logging in using web as "92379"
  75. And sending "GET" to "/cloud/groups"
  76. And sending "GET" to "/cloud/groups/2000/users"
  77. And Sending a "GET" to "/index.php/settings/admin/overview" with requesttoken
  78. Then the HTTP status code should be "200"
  79. Scenario: Test LDAP admin group mapping, regular user (no access)
  80. Given modify LDAP configuration
  81. | ldapBaseGroups | ou=NumericGroups,dc=nextcloud,dc=ci |
  82. | ldapGroupFilter | (objectclass=groupOfNames) |
  83. | ldapGroupMemberAssocAttr | member |
  84. | ldapAdminGroup | 3001 |
  85. | useMemberOfToDetectMembership | 1 |
  86. And cookies are reset
  87. # gustaf, not part of the promoted group
  88. And Logging in using web as "59376"
  89. And Sending a "GET" to "/index.php/settings/admin/overview" with requesttoken
  90. Then the HTTP status code should be "403"