Group_LDAPTest.php 38 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
  6. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  7. * @author Joas Schilling <coding@schilljs.com>
  8. * @author Morris Jobke <hey@morrisjobke.de>
  9. * @author Roeland Jago Douma <roeland@famdouma.nl>
  10. * @author Thomas Müller <thomas.mueller@tmit.eu>
  11. * @author Victor Dubiniuk <dubiniuk@owncloud.com>
  12. * @author Vincent Petry <vincent@nextcloud.com>
  13. * @author Vinicius Cubas Brand <vinicius@eita.org.br>
  14. * @author Xuanwo <xuanwo@yunify.com>
  15. *
  16. * @license AGPL-3.0
  17. *
  18. * This code is free software: you can redistribute it and/or modify
  19. * it under the terms of the GNU Affero General Public License, version 3,
  20. * as published by the Free Software Foundation.
  21. *
  22. * This program is distributed in the hope that it will be useful,
  23. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  24. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  25. * GNU Affero General Public License for more details.
  26. *
  27. * You should have received a copy of the GNU Affero General Public License, version 3,
  28. * along with this program. If not, see <http://www.gnu.org/licenses/>
  29. *
  30. */
  31. namespace OCA\User_LDAP\Tests;
  32. use OCA\User_LDAP\Access;
  33. use OCA\User_LDAP\Connection;
  34. use OCA\User_LDAP\Group_LDAP as GroupLDAP;
  35. use OCA\User_LDAP\GroupPluginManager;
  36. use OCA\User_LDAP\ILDAPWrapper;
  37. use OCA\User_LDAP\Mapping\GroupMapping;
  38. use OCA\User_LDAP\User\Manager;
  39. use OCP\GroupInterface;
  40. use PHPUnit\Framework\MockObject\MockObject;
  41. use Test\TestCase;
  42. /**
  43. * Class GroupLDAPTest
  44. *
  45. * @group DB
  46. *
  47. * @package OCA\User_LDAP\Tests
  48. */
  49. class Group_LDAPTest extends TestCase {
  50. public function testCountEmptySearchString() {
  51. $access = $this->getAccessMock();
  52. $pluginManager = $this->getPluginManagerMock();
  53. $groupDN = 'cn=group,dc=foo,dc=bar';
  54. $this->enableGroups($access);
  55. $access->expects($this->any())
  56. ->method('groupname2dn')
  57. ->willReturn($groupDN);
  58. $access->expects($this->any())
  59. ->method('readAttribute')
  60. ->willReturnCallback(function ($dn) use ($groupDN) {
  61. if ($dn === $groupDN) {
  62. return [
  63. 'uid=u11,ou=users,dc=foo,dc=bar',
  64. 'uid=u22,ou=users,dc=foo,dc=bar',
  65. 'uid=u33,ou=users,dc=foo,dc=bar',
  66. 'uid=u34,ou=users,dc=foo,dc=bar'
  67. ];
  68. }
  69. return [];
  70. });
  71. $access->expects($this->any())
  72. ->method('isDNPartOfBase')
  73. ->willReturn(true);
  74. // for primary groups
  75. $access->expects($this->once())
  76. ->method('countUsers')
  77. ->willReturn(2);
  78. $access->userManager->expects($this->any())
  79. ->method('getAttributes')
  80. ->willReturn(['displayName', 'mail']);
  81. $groupBackend = new GroupLDAP($access, $pluginManager);
  82. $users = $groupBackend->countUsersInGroup('group');
  83. $this->assertSame(6, $users);
  84. }
  85. /**
  86. * @return MockObject|Access
  87. */
  88. private function getAccessMock() {
  89. static $conMethods;
  90. static $accMethods;
  91. if (is_null($conMethods) || is_null($accMethods)) {
  92. $conMethods = get_class_methods(Connection::class);
  93. $accMethods = get_class_methods(Access::class);
  94. }
  95. $lw = $this->createMock(ILDAPWrapper::class);
  96. $connector = $this->getMockBuilder(Connection::class)
  97. ->setMethods($conMethods)
  98. ->setConstructorArgs([$lw, '', null])
  99. ->getMock();
  100. $access = $this->createMock(Access::class);
  101. $access->connection = $connector;
  102. $access->userManager = $this->createMock(Manager::class);
  103. return $access;
  104. }
  105. /**
  106. * @return MockObject|GroupPluginManager
  107. */
  108. private function getPluginManagerMock() {
  109. return $this->createMock(GroupPluginManager::class);
  110. }
  111. private function enableGroups(Access $access) {
  112. $access->connection = $this->createMock(Connection::class);
  113. $access->connection->expects($this->any())
  114. ->method('__get')
  115. ->willReturnCallback(function ($name) {
  116. if ($name === 'ldapDynamicGroupMemberURL') {
  117. return '';
  118. } elseif ($name === 'ldapBaseGroups') {
  119. return [];
  120. }
  121. return 1;
  122. });
  123. }
  124. public function testCountWithSearchString() {
  125. $access = $this->getAccessMock();
  126. $pluginManager = $this->getPluginManagerMock();
  127. $this->enableGroups($access);
  128. $access->expects($this->any())
  129. ->method('groupname2dn')
  130. ->willReturn('cn=group,dc=foo,dc=bar');
  131. $access->expects($this->any())
  132. ->method('fetchListOfUsers')
  133. ->willReturn([]);
  134. $access->expects($this->any())
  135. ->method('readAttribute')
  136. ->willReturnCallback(function ($name) {
  137. //the search operation will call readAttribute, thus we need
  138. //to analyze the "dn". All other times we just need to return
  139. //something that is neither null or false, but once an array
  140. //with the users in the group – so we do so all other times for
  141. //simplicicity.
  142. if (strpos($name, 'u') === 0) {
  143. return strpos($name, '3');
  144. }
  145. return ['u11', 'u22', 'u33', 'u34'];
  146. });
  147. $access->expects($this->any())
  148. ->method('dn2username')
  149. ->willReturnCallback(function () {
  150. return 'foobar' . \OC::$server->getSecureRandom()->generate(7);
  151. });
  152. $access->expects($this->any())
  153. ->method('isDNPartOfBase')
  154. ->willReturn(true);
  155. $access->expects($this->any())
  156. ->method('escapeFilterPart')
  157. ->willReturnArgument(0);
  158. $access->userManager->expects($this->any())
  159. ->method('getAttributes')
  160. ->willReturn(['displayName', 'mail']);
  161. $groupBackend = new GroupLDAP($access, $pluginManager);
  162. $users = $groupBackend->countUsersInGroup('group', '3');
  163. $this->assertSame(2, $users);
  164. }
  165. public function testCountUsersWithPlugin() {
  166. /** @var GroupPluginManager|MockObject $pluginManager */
  167. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  168. ->setMethods(['implementsActions', 'countUsersInGroup'])
  169. ->getMock();
  170. $pluginManager->expects($this->once())
  171. ->method('implementsActions')
  172. ->with(GroupInterface::COUNT_USERS)
  173. ->willReturn(true);
  174. $pluginManager->expects($this->once())
  175. ->method('countUsersInGroup')
  176. ->with('gid', 'search')
  177. ->willReturn(42);
  178. $access = $this->getAccessMock();
  179. $access->connection = $this->createMock(Connection::class);
  180. $ldap = new GroupLDAP($access, $pluginManager);
  181. $this->assertEquals($ldap->countUsersInGroup('gid', 'search'), 42);
  182. }
  183. public function testGidNumber2NameSuccess() {
  184. $access = $this->getAccessMock();
  185. $pluginManager = $this->getPluginManagerMock();
  186. $this->enableGroups($access);
  187. $userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
  188. $access->expects($this->once())
  189. ->method('searchGroups')
  190. ->willReturn([['dn' => ['cn=foo,dc=barfoo,dc=bar']]]);
  191. $access->expects($this->once())
  192. ->method('dn2groupname')
  193. ->with('cn=foo,dc=barfoo,dc=bar')
  194. ->willReturn('MyGroup');
  195. $groupBackend = new GroupLDAP($access, $pluginManager);
  196. $group = $groupBackend->gidNumber2Name('3117', $userDN);
  197. $this->assertSame('MyGroup', $group);
  198. }
  199. public function testGidNumberID2NameNoGroup() {
  200. $access = $this->getAccessMock();
  201. $pluginManager = $this->getPluginManagerMock();
  202. $this->enableGroups($access);
  203. $userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
  204. $access->expects($this->once())
  205. ->method('searchGroups')
  206. ->willReturn([]);
  207. $access->expects($this->never())
  208. ->method('dn2groupname');
  209. $groupBackend = new GroupLDAP($access, $pluginManager);
  210. $group = $groupBackend->gidNumber2Name('3117', $userDN);
  211. $this->assertSame(false, $group);
  212. }
  213. public function testGidNumberID2NameNoName() {
  214. $access = $this->getAccessMock();
  215. $pluginManager = $this->getPluginManagerMock();
  216. $this->enableGroups($access);
  217. $userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
  218. $access->expects($this->once())
  219. ->method('searchGroups')
  220. ->willReturn([['dn' => ['cn=foo,dc=barfoo,dc=bar']]]);
  221. $access->expects($this->once())
  222. ->method('dn2groupname')
  223. ->willReturn(false);
  224. $groupBackend = new GroupLDAP($access, $pluginManager);
  225. $group = $groupBackend->gidNumber2Name('3117', $userDN);
  226. $this->assertSame(false, $group);
  227. }
  228. public function testGetEntryGidNumberValue() {
  229. $access = $this->getAccessMock();
  230. $pluginManager = $this->getPluginManagerMock();
  231. $this->enableGroups($access);
  232. $dn = 'cn=foobar,cn=foo,dc=barfoo,dc=bar';
  233. $attr = 'gidNumber';
  234. $access->expects($this->once())
  235. ->method('readAttribute')
  236. ->with($dn, $attr)
  237. ->willReturn(['3117']);
  238. $groupBackend = new GroupLDAP($access, $pluginManager);
  239. $gid = $groupBackend->getGroupGidNumber($dn);
  240. $this->assertSame('3117', $gid);
  241. }
  242. public function testGetEntryGidNumberNoValue() {
  243. $access = $this->getAccessMock();
  244. $pluginManager = $this->getPluginManagerMock();
  245. $this->enableGroups($access);
  246. $dn = 'cn=foobar,cn=foo,dc=barfoo,dc=bar';
  247. $attr = 'gidNumber';
  248. $access->expects($this->once())
  249. ->method('readAttribute')
  250. ->with($dn, $attr)
  251. ->willReturn(false);
  252. $groupBackend = new GroupLDAP($access, $pluginManager);
  253. $gid = $groupBackend->getGroupGidNumber($dn);
  254. $this->assertSame(false, $gid);
  255. }
  256. public function testPrimaryGroupID2NameSuccessCache() {
  257. $access = $this->getAccessMock();
  258. $pluginManager = $this->getPluginManagerMock();
  259. $this->enableGroups($access);
  260. $userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
  261. $gid = '3117';
  262. $groupDN = 'cn=foo,dc=barfoo,dc=bar';
  263. /** @var MockObject $connection */
  264. $connection = $access->connection;
  265. $connection->expects($this->once())
  266. ->method('getFromCache')
  267. ->with('primaryGroupIDtoName_' . $gid)
  268. ->willReturn('MyGroup');
  269. $access->expects($this->never())
  270. ->method('getSID');
  271. $access->expects($this->never())
  272. ->method('searchGroups');
  273. $access->expects($this->never())
  274. ->method('dn2groupname');
  275. $groupBackend = new GroupLDAP($access, $pluginManager);
  276. $group = $groupBackend->primaryGroupID2Name($gid, $userDN);
  277. $this->assertSame('MyGroup', $group);
  278. }
  279. public function testPrimaryGroupID2NameSuccess() {
  280. $access = $this->getAccessMock();
  281. $pluginManager = $this->getPluginManagerMock();
  282. $this->enableGroups($access);
  283. $userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
  284. $access->expects($this->once())
  285. ->method('getSID')
  286. ->with($userDN)
  287. ->willReturn('S-1-5-21-249921958-728525901-1594176202');
  288. $access->expects($this->once())
  289. ->method('searchGroups')
  290. ->willReturn([['dn' => ['cn=foo,dc=barfoo,dc=bar']]]);
  291. $access->expects($this->once())
  292. ->method('dn2groupname')
  293. ->with('cn=foo,dc=barfoo,dc=bar')
  294. ->willReturn('MyGroup');
  295. $groupBackend = new GroupLDAP($access, $pluginManager);
  296. $group = $groupBackend->primaryGroupID2Name('3117', $userDN);
  297. $this->assertSame('MyGroup', $group);
  298. }
  299. public function testPrimaryGroupID2NameNoSID() {
  300. $access = $this->getAccessMock();
  301. $pluginManager = $this->getPluginManagerMock();
  302. $this->enableGroups($access);
  303. $userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
  304. $access->expects($this->once())
  305. ->method('getSID')
  306. ->with($userDN)
  307. ->willReturn(false);
  308. $access->expects($this->never())
  309. ->method('searchGroups');
  310. $access->expects($this->never())
  311. ->method('dn2groupname');
  312. $groupBackend = new GroupLDAP($access, $pluginManager);
  313. $group = $groupBackend->primaryGroupID2Name('3117', $userDN);
  314. $this->assertSame(false, $group);
  315. }
  316. public function testPrimaryGroupID2NameNoGroup() {
  317. $access = $this->getAccessMock();
  318. $pluginManager = $this->getPluginManagerMock();
  319. $this->enableGroups($access);
  320. $userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
  321. $access->expects($this->once())
  322. ->method('getSID')
  323. ->with($userDN)
  324. ->willReturn('S-1-5-21-249921958-728525901-1594176202');
  325. $access->expects($this->once())
  326. ->method('searchGroups')
  327. ->willReturn([]);
  328. $access->expects($this->never())
  329. ->method('dn2groupname');
  330. $groupBackend = new GroupLDAP($access, $pluginManager);
  331. $group = $groupBackend->primaryGroupID2Name('3117', $userDN);
  332. $this->assertSame(false, $group);
  333. }
  334. public function testPrimaryGroupID2NameNoName() {
  335. $access = $this->getAccessMock();
  336. $pluginManager = $this->getPluginManagerMock();
  337. $this->enableGroups($access);
  338. $userDN = 'cn=alice,cn=foo,dc=barfoo,dc=bar';
  339. $access->expects($this->once())
  340. ->method('getSID')
  341. ->with($userDN)
  342. ->willReturn('S-1-5-21-249921958-728525901-1594176202');
  343. $access->expects($this->once())
  344. ->method('searchGroups')
  345. ->willReturn([['dn' => ['cn=foo,dc=barfoo,dc=bar']]]);
  346. $access->expects($this->once())
  347. ->method('dn2groupname')
  348. ->willReturn(false);
  349. $groupBackend = new GroupLDAP($access, $pluginManager);
  350. $group = $groupBackend->primaryGroupID2Name('3117', $userDN);
  351. $this->assertSame(false, $group);
  352. }
  353. public function testGetEntryGroupIDValue() {
  354. //tests getEntryGroupID via getGroupPrimaryGroupID
  355. //which is basically identical to getUserPrimaryGroupIDs
  356. $access = $this->getAccessMock();
  357. $pluginManager = $this->getPluginManagerMock();
  358. $this->enableGroups($access);
  359. $dn = 'cn=foobar,cn=foo,dc=barfoo,dc=bar';
  360. $attr = 'primaryGroupToken';
  361. $access->expects($this->once())
  362. ->method('readAttribute')
  363. ->with($dn, $attr)
  364. ->willReturn(['3117']);
  365. $groupBackend = new GroupLDAP($access, $pluginManager);
  366. $gid = $groupBackend->getGroupPrimaryGroupID($dn);
  367. $this->assertSame('3117', $gid);
  368. }
  369. public function testGetEntryGroupIDNoValue() {
  370. //tests getEntryGroupID via getGroupPrimaryGroupID
  371. //which is basically identical to getUserPrimaryGroupIDs
  372. $access = $this->getAccessMock();
  373. $pluginManager = $this->getPluginManagerMock();
  374. $this->enableGroups($access);
  375. $dn = 'cn=foobar,cn=foo,dc=barfoo,dc=bar';
  376. $attr = 'primaryGroupToken';
  377. $access->expects($this->once())
  378. ->method('readAttribute')
  379. ->with($dn, $attr)
  380. ->willReturn(false);
  381. $groupBackend = new GroupLDAP($access, $pluginManager);
  382. $gid = $groupBackend->getGroupPrimaryGroupID($dn);
  383. $this->assertSame(false, $gid);
  384. }
  385. /**
  386. * tests whether Group Backend behaves correctly when cache with uid and gid
  387. * is hit
  388. */
  389. public function testInGroupHitsUidGidCache() {
  390. $access = $this->getAccessMock();
  391. $pluginManager = $this->getPluginManagerMock();
  392. $this->enableGroups($access);
  393. $uid = 'someUser';
  394. $gid = 'someGroup';
  395. $cacheKey = 'inGroup' . $uid . ':' . $gid;
  396. $access->connection->expects($this->once())
  397. ->method('getFromCache')
  398. ->with($cacheKey)
  399. ->willReturn(true);
  400. $access->expects($this->never())
  401. ->method('username2dn');
  402. $groupBackend = new GroupLDAP($access, $pluginManager);
  403. $groupBackend->inGroup($uid, $gid);
  404. }
  405. public function groupWithMembersProvider() {
  406. return [
  407. [
  408. 'someGroup',
  409. 'cn=someGroup,ou=allTheGroups,ou=someDepartment,dc=someDomain,dc=someTld',
  410. [
  411. 'uid=oneUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
  412. 'uid=someUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
  413. 'uid=anotherUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
  414. 'uid=differentUser,ou=someTeam,ou=someDepartment,dc=someDomain,dc=someTld',
  415. ],
  416. ],
  417. ];
  418. }
  419. /**
  420. * @dataProvider groupWithMembersProvider
  421. */
  422. public function testInGroupMember(string $gid, string $groupDn, array $memberDNs) {
  423. $access = $this->getAccessMock();
  424. $pluginManager = $this->getPluginManagerMock();
  425. $access->connection = $this->createMock(Connection::class);
  426. $uid = 'someUser';
  427. $userDn = $memberDNs[0];
  428. $access->connection->expects($this->any())
  429. ->method('__get')
  430. ->willReturnCallback(function ($name) {
  431. switch ($name) {
  432. case 'ldapGroupMemberAssocAttr':
  433. return 'member';
  434. case 'ldapDynamicGroupMemberURL':
  435. return '';
  436. case 'hasPrimaryGroups':
  437. case 'ldapNestedGroups':
  438. return 0;
  439. default:
  440. return 1;
  441. }
  442. });
  443. $access->connection->expects($this->any())
  444. ->method('getFromCache')
  445. ->willReturn(null);
  446. $access->expects($this->once())
  447. ->method('username2dn')
  448. ->with($uid)
  449. ->willReturn($userDn);
  450. $access->expects($this->once())
  451. ->method('groupname2dn')
  452. ->willReturn($groupDn);
  453. $access->expects($this->any())
  454. ->method('readAttribute')
  455. ->willReturn($memberDNs);
  456. $groupBackend = new GroupLDAP($access, $pluginManager);
  457. $this->assertTrue($groupBackend->inGroup($uid, $gid));
  458. }
  459. /**
  460. * @dataProvider groupWithMembersProvider
  461. */
  462. public function testInGroupMemberNot(string $gid, string $groupDn, array $memberDNs) {
  463. $access = $this->getAccessMock();
  464. $pluginManager = $this->getPluginManagerMock();
  465. $access->connection = $this->createMock(Connection::class);
  466. $uid = 'unelatedUser';
  467. $userDn = 'uid=unrelatedUser,ou=unrelatedTeam,ou=unrelatedDepartment,dc=someDomain,dc=someTld';
  468. $access->connection->expects($this->any())
  469. ->method('__get')
  470. ->willReturnCallback(function ($name) {
  471. switch ($name) {
  472. case 'ldapGroupMemberAssocAttr':
  473. return 'member';
  474. case 'ldapDynamicGroupMemberURL':
  475. return '';
  476. case 'hasPrimaryGroups':
  477. case 'ldapNestedGroups':
  478. return 0;
  479. default:
  480. return 1;
  481. }
  482. });
  483. $access->connection->expects($this->any())
  484. ->method('getFromCache')
  485. ->willReturn(null);
  486. $access->expects($this->once())
  487. ->method('username2dn')
  488. ->with($uid)
  489. ->willReturn($userDn);
  490. $access->expects($this->once())
  491. ->method('groupname2dn')
  492. ->willReturn($groupDn);
  493. $access->expects($this->any())
  494. ->method('readAttribute')
  495. ->willReturn($memberDNs);
  496. $groupBackend = new GroupLDAP($access, $pluginManager);
  497. $this->assertFalse($groupBackend->inGroup($uid, $gid));
  498. }
  499. /**
  500. * @dataProvider groupWithMembersProvider
  501. */
  502. public function testInGroupMemberUid(string $gid, string $groupDn, array $memberDNs) {
  503. $access = $this->getAccessMock();
  504. $pluginManager = $this->getPluginManagerMock();
  505. $memberUids = [];
  506. $userRecords = [];
  507. foreach ($memberDNs as $dn) {
  508. $memberUids[] = ldap_explode_dn($dn, false)[0];
  509. $userRecords[] = ['dn' => [$dn]];
  510. }
  511. $access->connection = $this->createMock(Connection::class);
  512. $uid = 'someUser';
  513. $userDn = $memberDNs[0];
  514. $access->connection->expects($this->any())
  515. ->method('__get')
  516. ->willReturnCallback(function ($name) {
  517. switch ($name) {
  518. case 'ldapGroupMemberAssocAttr':
  519. return 'memberUid';
  520. case 'ldapDynamicGroupMemberURL':
  521. return '';
  522. case 'ldapLoginFilter':
  523. return 'uid=%uid';
  524. case 'hasPrimaryGroups':
  525. case 'ldapNestedGroups':
  526. return 0;
  527. default:
  528. return 1;
  529. }
  530. });
  531. $access->connection->expects($this->any())
  532. ->method('getFromCache')
  533. ->willReturn(null);
  534. $access->userManager->expects($this->any())
  535. ->method('getAttributes')
  536. ->willReturn(['uid', 'mail', 'displayname']);
  537. $access->expects($this->once())
  538. ->method('username2dn')
  539. ->with($uid)
  540. ->willReturn($userDn);
  541. $access->expects($this->once())
  542. ->method('groupname2dn')
  543. ->willReturn($groupDn);
  544. $access->expects($this->any())
  545. ->method('readAttribute')
  546. ->willReturn($memberUids);
  547. $access->expects($this->any())
  548. ->method('fetchListOfUsers')
  549. ->willReturn($userRecords);
  550. $access->expects($this->any())
  551. ->method('combineFilterWithOr')
  552. ->willReturn('(|(pseudo=filter)(filter=pseudo))');
  553. $groupBackend = new GroupLDAP($access, $pluginManager);
  554. $this->assertTrue($groupBackend->inGroup($uid, $gid));
  555. }
  556. public function testGetGroupsWithOffset() {
  557. $access = $this->getAccessMock();
  558. $pluginManager = $this->getPluginManagerMock();
  559. $this->enableGroups($access);
  560. $access->expects($this->once())
  561. ->method('nextcloudGroupNames')
  562. ->willReturn(['group1', 'group2']);
  563. $groupBackend = new GroupLDAP($access, $pluginManager);
  564. $groups = $groupBackend->getGroups('', 2, 2);
  565. $this->assertSame(2, count($groups));
  566. }
  567. /**
  568. * tests that a user listing is complete, if all its members have the group
  569. * as their primary.
  570. */
  571. public function testUsersInGroupPrimaryMembersOnly() {
  572. $access = $this->getAccessMock();
  573. $pluginManager = $this->getPluginManagerMock();
  574. $this->enableGroups($access);
  575. $access->connection->expects($this->any())
  576. ->method('getFromCache')
  577. ->willReturn(null);
  578. $access->expects($this->any())
  579. ->method('readAttribute')
  580. ->willReturnCallback(function ($dn, $attr) {
  581. if ($attr === 'primaryGroupToken') {
  582. return [1337];
  583. } elseif ($attr === 'gidNumber') {
  584. return [4211];
  585. }
  586. return [];
  587. });
  588. $access->expects($this->any())
  589. ->method('groupname2dn')
  590. ->willReturn('cn=foobar,dc=foo,dc=bar');
  591. $access->expects($this->exactly(2))
  592. ->method('nextcloudUserNames')
  593. ->willReturnOnConsecutiveCalls(['lisa', 'bart', 'kira', 'brad'], ['walle', 'dino', 'xenia']);
  594. $access->expects($this->any())
  595. ->method('isDNPartOfBase')
  596. ->willReturn(true);
  597. $access->expects($this->any())
  598. ->method('combineFilterWithAnd')
  599. ->willReturn('pseudo=filter');
  600. $access->userManager->expects($this->any())
  601. ->method('getAttributes')
  602. ->willReturn(['displayName', 'mail']);
  603. $groupBackend = new GroupLDAP($access, $pluginManager);
  604. $users = $groupBackend->usersInGroup('foobar');
  605. $this->assertSame(7, count($users));
  606. }
  607. /**
  608. * tests that a user listing is complete, if all its members have the group
  609. * as their primary.
  610. */
  611. public function testUsersInGroupPrimaryAndUnixMembers() {
  612. $access = $this->getAccessMock();
  613. $pluginManager = $this->getPluginManagerMock();
  614. $this->enableGroups($access);
  615. $access->connection->expects($this->any())
  616. ->method('getFromCache')
  617. ->willReturn(null);
  618. $access->expects($this->any())
  619. ->method('readAttribute')
  620. ->willReturnCallback(function ($dn, $attr) {
  621. if ($attr === 'primaryGroupToken') {
  622. return [1337];
  623. }
  624. return [];
  625. });
  626. $access->expects($this->any())
  627. ->method('groupname2dn')
  628. ->willReturn('cn=foobar,dc=foo,dc=bar');
  629. $access->expects($this->once())
  630. ->method('nextcloudUserNames')
  631. ->willReturn(['lisa', 'bart', 'kira', 'brad']);
  632. $access->expects($this->any())
  633. ->method('isDNPartOfBase')
  634. ->willReturn(true);
  635. $access->expects($this->any())
  636. ->method('combineFilterWithAnd')
  637. ->willReturn('pseudo=filter');
  638. $access->userManager->expects($this->any())
  639. ->method('getAttributes')
  640. ->willReturn(['displayName', 'mail']);
  641. $groupBackend = new GroupLDAP($access, $pluginManager);
  642. $users = $groupBackend->usersInGroup('foobar');
  643. $this->assertSame(4, count($users));
  644. }
  645. /**
  646. * tests that a user counting is complete, if all its members have the group
  647. * as their primary.
  648. */
  649. public function testCountUsersInGroupPrimaryMembersOnly() {
  650. $access = $this->getAccessMock();
  651. $pluginManager = $this->getPluginManagerMock();
  652. $this->enableGroups($access);
  653. $access->connection->expects($this->any())
  654. ->method('getFromCache')
  655. ->willReturn(null);
  656. $access->expects($this->any())
  657. ->method('readAttribute')
  658. ->willReturnCallback(function ($dn, $attr) {
  659. if ($attr === 'primaryGroupToken') {
  660. return [1337];
  661. }
  662. return [];
  663. });
  664. $access->expects($this->any())
  665. ->method('groupname2dn')
  666. ->willReturn('cn=foobar,dc=foo,dc=bar');
  667. $access->expects($this->once())
  668. ->method('countUsers')
  669. ->willReturn(4);
  670. $access->expects($this->any())
  671. ->method('isDNPartOfBase')
  672. ->willReturn(true);
  673. $access->userManager->expects($this->any())
  674. ->method('getAttributes')
  675. ->willReturn(['displayName', 'mail']);
  676. $groupBackend = new GroupLDAP($access, $pluginManager);
  677. $users = $groupBackend->countUsersInGroup('foobar');
  678. $this->assertSame(4, $users);
  679. }
  680. public function testGetUserGroupsMemberOf() {
  681. $access = $this->getAccessMock();
  682. $pluginManager = $this->getPluginManagerMock();
  683. $this->enableGroups($access);
  684. $dn = 'cn=userX,dc=foobar';
  685. $access->connection->hasPrimaryGroups = false;
  686. $access->connection->hasGidNumber = false;
  687. $access->expects($this->any())
  688. ->method('username2dn')
  689. ->willReturn($dn);
  690. $access->expects($this->exactly(5))
  691. ->method('readAttribute')
  692. ->will($this->onConsecutiveCalls(['cn=groupA,dc=foobar', 'cn=groupB,dc=foobar'], [], [], [], []));
  693. $access->expects($this->any())
  694. ->method('dn2groupname')
  695. ->willReturnArgument(0);
  696. $access->expects($this->any())
  697. ->method('groupname2dn')
  698. ->willReturnArgument(0);
  699. $access->expects($this->any())
  700. ->method('isDNPartOfBase')
  701. ->willReturn(true);
  702. $groupBackend = new GroupLDAP($access, $pluginManager);
  703. $groups = $groupBackend->getUserGroups('userX');
  704. $this->assertSame(2, count($groups));
  705. }
  706. public function testGetUserGroupsMemberOfDisabled() {
  707. $access = $this->getAccessMock();
  708. $pluginManager = $this->getPluginManagerMock();
  709. $access->connection = $this->createMock(Connection::class);
  710. $access->connection->expects($this->any())
  711. ->method('__get')
  712. ->willReturnCallback(function ($name) {
  713. if ($name === 'useMemberOfToDetectMembership') {
  714. return 0;
  715. } elseif ($name === 'ldapDynamicGroupMemberURL') {
  716. return '';
  717. }
  718. return 1;
  719. });
  720. $dn = 'cn=userX,dc=foobar';
  721. $access->connection->hasPrimaryGroups = false;
  722. $access->connection->hasGidNumber = false;
  723. $access->expects($this->once())
  724. ->method('username2dn')
  725. ->willReturn($dn);
  726. $access->expects($this->never())
  727. ->method('readAttribute')
  728. ->with($dn, 'memberOf');
  729. $access->expects($this->once())
  730. ->method('nextcloudGroupNames')
  731. ->willReturn([]);
  732. $groupBackend = new GroupLDAP($access, $pluginManager);
  733. $groupBackend->getUserGroups('userX');
  734. }
  735. public function nestedGroupsProvider(): array {
  736. return [
  737. [true],
  738. [false],
  739. ];
  740. }
  741. /**
  742. * @dataProvider nestedGroupsProvider
  743. */
  744. public function testGetGroupsByMember(bool $nestedGroups) {
  745. $access = $this->getAccessMock();
  746. $pluginManager = $this->getPluginManagerMock();
  747. $groupFilter = '(&(objectclass=nextcloudGroup)(nextcloudEnabled=TRUE))';
  748. $access->connection = $this->createMock(Connection::class);
  749. $access->connection->expects($this->any())
  750. ->method('__get')
  751. ->willReturnCallback(function ($name) use ($nestedGroups, $groupFilter) {
  752. switch ($name) {
  753. case 'useMemberOfToDetectMembership':
  754. return 0;
  755. case 'ldapDynamicGroupMemberURL':
  756. return '';
  757. case 'ldapNestedGroups':
  758. return $nestedGroups;
  759. case 'ldapGroupMemberAssocAttr':
  760. return 'member';
  761. case 'ldapGroupFilter':
  762. return $groupFilter;
  763. case 'ldapBaseGroups':
  764. return [];
  765. }
  766. return 1;
  767. });
  768. $dn = 'cn=userX,dc=foobar';
  769. $access->connection->hasPrimaryGroups = false;
  770. $access->connection->hasGidNumber = false;
  771. $access->expects($this->exactly(2))
  772. ->method('username2dn')
  773. ->willReturn($dn);
  774. $access->expects($this->any())
  775. ->method('readAttribute')
  776. ->willReturn([]);
  777. $access->expects($this->any())
  778. ->method('combineFilterWithAnd')
  779. ->willReturnCallback(function (array $filterParts) {
  780. // ⚠ returns a pseudo-filter only, not real LDAP Filter syntax
  781. return implode('&', $filterParts);
  782. });
  783. $group1 = [
  784. 'cn' => 'group1',
  785. 'dn' => ['cn=group1,ou=groups,dc=domain,dc=com'],
  786. ];
  787. $group2 = [
  788. 'cn' => 'group2',
  789. 'dn' => ['cn=group2,ou=groups,dc=domain,dc=com'],
  790. ];
  791. $access->expects($this->once())
  792. ->method('nextcloudGroupNames')
  793. ->with([$group1, $group2])
  794. ->willReturn(['group1', 'group2']);
  795. $access->expects($nestedGroups ? $this->atLeastOnce() : $this->once())
  796. ->method('fetchListOfGroups')
  797. ->willReturnCallback(function ($filter, $attr, $limit, $offset) use ($nestedGroups, $groupFilter, $group1, $group2) {
  798. static $firstRun = true;
  799. if (!$nestedGroups) {
  800. // When nested groups are enabled, groups cannot be filtered early as it would
  801. // exclude intermediate groups. But we can, and should, when working with flat groups.
  802. $this->assertTrue(strpos($filter, $groupFilter) !== false);
  803. }
  804. if ($firstRun) {
  805. $firstRun = false;
  806. return [$group1, $group2];
  807. }
  808. return [];
  809. });
  810. $access->expects($this->any())
  811. ->method('dn2groupname')
  812. ->willReturnCallback(function (string $dn) {
  813. return ldap_explode_dn($dn, 1)[0];
  814. });
  815. $access->expects($this->any())
  816. ->method('groupname2dn')
  817. ->willReturnCallback(function (string $gid) use ($group1, $group2) {
  818. if ($gid === $group1['cn']) {
  819. return $group1['dn'][0];
  820. }
  821. if ($gid === $group2['cn']) {
  822. return $group2['dn'][0];
  823. }
  824. });
  825. $access->expects($this->any())
  826. ->method('isDNPartOfBase')
  827. ->willReturn(true);
  828. $groupBackend = new GroupLDAP($access, $pluginManager);
  829. $groups = $groupBackend->getUserGroups('userX');
  830. $this->assertEquals(['group1', 'group2'], $groups);
  831. $groupsAgain = $groupBackend->getUserGroups('userX');
  832. $this->assertEquals(['group1', 'group2'], $groupsAgain);
  833. }
  834. public function testCreateGroupWithPlugin() {
  835. /** @var GroupPluginManager|MockObject $pluginManager */
  836. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  837. ->setMethods(['implementsActions', 'createGroup'])
  838. ->getMock();
  839. $pluginManager->expects($this->once())
  840. ->method('implementsActions')
  841. ->with(GroupInterface::CREATE_GROUP)
  842. ->willReturn(true);
  843. $pluginManager->expects($this->once())
  844. ->method('createGroup')
  845. ->with('gid')
  846. ->willReturn('result');
  847. $access = $this->getAccessMock();
  848. $access->connection = $this->createMock(Connection::class);
  849. $ldap = new GroupLDAP($access, $pluginManager);
  850. $this->assertEquals($ldap->createGroup('gid'), true);
  851. }
  852. public function testCreateGroupFailing() {
  853. $this->expectException(\Exception::class);
  854. /** @var GroupPluginManager|MockObject $pluginManager */
  855. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  856. ->setMethods(['implementsActions', 'createGroup'])
  857. ->getMock();
  858. $pluginManager->expects($this->once())
  859. ->method('implementsActions')
  860. ->with(GroupInterface::CREATE_GROUP)
  861. ->willReturn(false);
  862. $access = $this->getAccessMock();
  863. $access->connection = $this->createMock(Connection::class);
  864. $ldap = new GroupLDAP($access, $pluginManager);
  865. $ldap->createGroup('gid');
  866. }
  867. public function testDeleteGroupWithPlugin() {
  868. /** @var GroupPluginManager|MockObject $pluginManager */
  869. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  870. ->setMethods(['implementsActions', 'deleteGroup'])
  871. ->getMock();
  872. $pluginManager->expects($this->once())
  873. ->method('implementsActions')
  874. ->with(GroupInterface::DELETE_GROUP)
  875. ->willReturn(true);
  876. $pluginManager->expects($this->once())
  877. ->method('deleteGroup')
  878. ->with('gid')
  879. ->willReturn(true);
  880. $mapper = $this->getMockBuilder(GroupMapping::class)
  881. ->setMethods(['unmap'])
  882. ->disableOriginalConstructor()
  883. ->getMock();
  884. $access = $this->getAccessMock();
  885. $access->expects($this->any())
  886. ->method('getGroupMapper')
  887. ->willReturn($mapper);
  888. $access->connection = $this->createMock(Connection::class);
  889. $ldap = new GroupLDAP($access, $pluginManager);
  890. $this->assertTrue($ldap->deleteGroup('gid'));
  891. }
  892. public function testDeleteGroupFailing() {
  893. $this->expectException(\Exception::class);
  894. /** @var GroupPluginManager|MockObject $pluginManager */
  895. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  896. ->setMethods(['implementsActions', 'deleteGroup'])
  897. ->getMock();
  898. $pluginManager->expects($this->once())
  899. ->method('implementsActions')
  900. ->with(GroupInterface::DELETE_GROUP)
  901. ->willReturn(false);
  902. $access = $this->getAccessMock();
  903. $access->connection = $this->createMock(Connection::class);
  904. $ldap = new GroupLDAP($access, $pluginManager);
  905. $ldap->deleteGroup('gid');
  906. }
  907. public function testAddToGroupWithPlugin() {
  908. /** @var GroupPluginManager|MockObject $pluginManager */
  909. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  910. ->setMethods(['implementsActions', 'addToGroup'])
  911. ->getMock();
  912. $pluginManager->expects($this->once())
  913. ->method('implementsActions')
  914. ->with(GroupInterface::ADD_TO_GROUP)
  915. ->willReturn(true);
  916. $pluginManager->expects($this->once())
  917. ->method('addToGroup')
  918. ->with('uid', 'gid')
  919. ->willReturn('result');
  920. $access = $this->getAccessMock();
  921. $access->connection = $this->createMock(Connection::class);
  922. $ldap = new GroupLDAP($access, $pluginManager);
  923. $this->assertEquals($ldap->addToGroup('uid', 'gid'), 'result');
  924. }
  925. public function testAddToGroupFailing() {
  926. $this->expectException(\Exception::class);
  927. /** @var GroupPluginManager|MockObject $pluginManager */
  928. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  929. ->setMethods(['implementsActions', 'addToGroup'])
  930. ->getMock();
  931. $pluginManager->expects($this->once())
  932. ->method('implementsActions')
  933. ->with(GroupInterface::ADD_TO_GROUP)
  934. ->willReturn(false);
  935. $access = $this->getAccessMock();
  936. $access->connection = $this->createMock(Connection::class);
  937. $ldap = new GroupLDAP($access, $pluginManager);
  938. $ldap->addToGroup('uid', 'gid');
  939. }
  940. public function testRemoveFromGroupWithPlugin() {
  941. /** @var GroupPluginManager|MockObject $pluginManager */
  942. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  943. ->setMethods(['implementsActions', 'removeFromGroup'])
  944. ->getMock();
  945. $pluginManager->expects($this->once())
  946. ->method('implementsActions')
  947. ->with(GroupInterface::REMOVE_FROM_GROUP)
  948. ->willReturn(true);
  949. $pluginManager->expects($this->once())
  950. ->method('removeFromGroup')
  951. ->with('uid', 'gid')
  952. ->willReturn('result');
  953. $access = $this->getAccessMock();
  954. $access->connection = $this->createMock(Connection::class);
  955. $ldap = new GroupLDAP($access, $pluginManager);
  956. $this->assertEquals($ldap->removeFromGroup('uid', 'gid'), 'result');
  957. }
  958. public function testRemoveFromGroupFailing() {
  959. $this->expectException(\Exception::class);
  960. /** @var GroupPluginManager|MockObject $pluginManager */
  961. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  962. ->setMethods(['implementsActions', 'removeFromGroup'])
  963. ->getMock();
  964. $pluginManager->expects($this->once())
  965. ->method('implementsActions')
  966. ->with(GroupInterface::REMOVE_FROM_GROUP)
  967. ->willReturn(false);
  968. $access = $this->getAccessMock();
  969. $access->connection = $this->createMock(Connection::class);
  970. $ldap = new GroupLDAP($access, $pluginManager);
  971. $ldap->removeFromGroup('uid', 'gid');
  972. }
  973. public function testGetGroupDetailsWithPlugin() {
  974. /** @var GroupPluginManager|MockObject $pluginManager */
  975. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  976. ->setMethods(['implementsActions', 'getGroupDetails'])
  977. ->getMock();
  978. $pluginManager->expects($this->once())
  979. ->method('implementsActions')
  980. ->with(GroupInterface::GROUP_DETAILS)
  981. ->willReturn(true);
  982. $pluginManager->expects($this->once())
  983. ->method('getGroupDetails')
  984. ->with('gid')
  985. ->willReturn('result');
  986. $access = $this->getAccessMock();
  987. $access->connection = $this->createMock(Connection::class);
  988. $ldap = new GroupLDAP($access, $pluginManager);
  989. $this->assertEquals($ldap->getGroupDetails('gid'), 'result');
  990. }
  991. public function testGetGroupDetailsFailing() {
  992. $this->expectException(\Exception::class);
  993. /** @var GroupPluginManager|MockObject $pluginManager */
  994. $pluginManager = $this->getMockBuilder(GroupPluginManager::class)
  995. ->setMethods(['implementsActions', 'getGroupDetails'])
  996. ->getMock();
  997. $pluginManager->expects($this->once())
  998. ->method('implementsActions')
  999. ->with(GroupInterface::GROUP_DETAILS)
  1000. ->willReturn(false);
  1001. $access = $this->getAccessMock();
  1002. $access->connection = $this->createMock(Connection::class);
  1003. $ldap = new GroupLDAP($access, $pluginManager);
  1004. $ldap->getGroupDetails('gid');
  1005. }
  1006. public function groupMemberProvider() {
  1007. $base = 'dc=species,dc=earth';
  1008. $groups0 = [
  1009. 'uid=3723,' . $base,
  1010. 'uid=8372,' . $base,
  1011. 'uid=8427,' . $base,
  1012. 'uid=2333,' . $base,
  1013. 'uid=4754,' . $base,
  1014. ];
  1015. $groups1 = [
  1016. '3723',
  1017. '8372',
  1018. '8427',
  1019. '2333',
  1020. '4754',
  1021. ];
  1022. $groups2Nested = ['6642', '1424'];
  1023. $expGroups2 = array_merge($groups1, $groups2Nested);
  1024. return [
  1025. [ #0 – test DNs
  1026. 'cn=Birds,' . $base,
  1027. $groups0,
  1028. ['cn=Birds,' . $base => $groups0]
  1029. ],
  1030. [ #1 – test uids
  1031. 'cn=Birds,' . $base,
  1032. $groups1,
  1033. ['cn=Birds,' . $base => $groups1]
  1034. ],
  1035. ];
  1036. }
  1037. /**
  1038. * @param string $groupDN
  1039. * @param string[] $expectedMembers
  1040. * @param array $groupsInfo
  1041. * @dataProvider groupMemberProvider
  1042. */
  1043. public function testGroupMembers($groupDN, $expectedMembers, $groupsInfo = null) {
  1044. $access = $this->getAccessMock();
  1045. $access->expects($this->any())
  1046. ->method('readAttribute')
  1047. ->willReturnCallback(function ($group) use ($groupDN, $expectedMembers, $groupsInfo) {
  1048. if (isset($groupsInfo[$group])) {
  1049. return $groupsInfo[$group];
  1050. }
  1051. return [];
  1052. });
  1053. $access->connection = $this->createMock(Connection::class);
  1054. $access->connection->expects($this->any())
  1055. ->method('__get')
  1056. ->willReturnCallback(function ($name) {
  1057. if ($name === 'ldapNestedGroups') {
  1058. return 1;
  1059. } elseif ($name === 'ldapGroupMemberAssocAttr') {
  1060. return 'attr';
  1061. }
  1062. return null;
  1063. });
  1064. /** @var GroupPluginManager $pluginManager */
  1065. $pluginManager = $this->createMock(GroupPluginManager::class);
  1066. $ldap = new GroupLDAP($access, $pluginManager);
  1067. $resultingMembers = $this->invokePrivate($ldap, '_groupMembers', [$groupDN]);
  1068. $this->assertEqualsCanonicalizing($expectedMembers, $resultingMembers);
  1069. }
  1070. public function displayNameProvider() {
  1071. return [
  1072. ['Graphic Novelists', ['Graphic Novelists']],
  1073. ['', false],
  1074. ];
  1075. }
  1076. /**
  1077. * @dataProvider displayNameProvider
  1078. */
  1079. public function testGetDisplayName(string $expected, $ldapResult) {
  1080. $gid = 'graphic_novelists';
  1081. $access = $this->getAccessMock();
  1082. $access->expects($this->atLeastOnce())
  1083. ->method('readAttribute')
  1084. ->willReturn($ldapResult);
  1085. $access->connection = $this->createMock(Connection::class);
  1086. $access->connection->expects($this->any())
  1087. ->method('__get')
  1088. ->willReturnCallback(function ($name) {
  1089. if ($name === 'ldapGroupMemberAssocAttr') {
  1090. return 'member';
  1091. } elseif ($name === 'ldapGroupFilter') {
  1092. return 'objectclass=nextcloudGroup';
  1093. } elseif ($name === 'ldapGroupDisplayName') {
  1094. return 'cn';
  1095. }
  1096. return null;
  1097. });
  1098. $access->expects($this->any())
  1099. ->method('groupname2dn')
  1100. ->willReturn('fakedn');
  1101. /** @var GroupPluginManager $pluginManager */
  1102. $pluginManager = $this->createMock(GroupPluginManager::class);
  1103. $ldap = new GroupLDAP($access, $pluginManager);
  1104. $this->assertSame($expected, $ldap->getDisplayName($gid));
  1105. }
  1106. }