Add property GroupMembershipAttributes to allow customize LDAP attrib…

…utes used for augmentation #67
Yvand · Dec 20, 2018 · 69ec96f · 69ec96f
1 parent 3fa9530
commit 69ec96f
Show file tree

Hide file tree

Showing 6 changed files with 61 additions and 15 deletions.
diff --git a/LDAPCP.Tests/AugmentationTests.cs → LDAPCP.Tests/AugmentationAsADDomainTests.cs b/LDAPCP.Tests/AugmentationTests.cs → LDAPCP.Tests/AugmentationAsADDomainTests.cs
@@ -5,7 +5,7 @@ namespace LDAPCP.Tests
 {
     [TestFixture]
     [Parallelizable(ParallelScope.Children)]
-    public class AugmentationTests : EntityTestsBase
+    public class AugmentationAsADDomainTests : EntityTestsBase
     {
         public override bool TestSearch => false;
         public override bool TestValidation => false;

diff --git a/LDAPCP.Tests/AugmentationAsLDAPServersTests.cs b/LDAPCP.Tests/AugmentationAsLDAPServersTests.cs
@@ -0,0 +1,43 @@
+using ldapcp;
+using NUnit.Framework;
+
+namespace LDAPCP.Tests
+{
+    [TestFixture]
+    [Parallelizable(ParallelScope.Children)]
+    public class AugmentationAsLDAPServersTests : EntityTestsBase
+    {
+        public override bool TestSearch => false;
+        public override bool TestValidation => false;
+        public override bool TestAugmentation => true;
+
+        public override void InitializeConfiguration()
+        {
+            base.InitializeConfiguration();
+            Config.EnableAugmentation = true;
+            Config.MainGroupClaimType = ClaimsProviderConstants.DefaultMainGroupClaimType;
+            foreach (LDAPConnection ldapConn in Config.LDAPConnectionsProp)
+            {
+                ldapConn.AugmentationEnabled = true;
+                ldapConn.GetGroupMembershipAsADDomainProp = false;
+                ldapConn.GroupMembershipAttributes = new string[] { "memberOf", "uniquememberof" };
+            }
+            Config.Update();
+        }
+
+        [TestCase("yvand@contoso.local", true)]
+        [TestCase("zzzyvand@contoso.local", false)]
+        public override void DEBUG_AugmentEntity(string claimValue, bool isMemberOfTrustedGroup)
+        {
+            //LDAPConnection coco = new LDAPConnection();
+            //coco.AugmentationEnabled = true;
+            //coco.GetGroupMembershipAsADDomainProp = false;
+            //coco.UserServerDirectoryEntry = false;
+            //coco.Path = "LDAP://test";
+            //coco.Username = "userTest";
+            //Config.LDAPConnectionsProp.Add(coco);
+            //Config.Update();
+            UnitTestsHelper.TestAugmentationOperation(UnitTestsHelper.SPTrust.IdentityClaimTypeInformation.MappedClaimType, claimValue, isMemberOfTrustedGroup);
+        }
+    }
+}
diff --git a/LDAPCP.Tests/EntityTestsBase.cs b/LDAPCP.Tests/EntityTestsBase.cs
@@ -63,7 +63,7 @@ public virtual void AugmentEntity(ValidateEntityData registrationData)
         }
 
         //[TestCaseSource(typeof(SearchEntityDataSourceCollection))]
-        public void DEBUG_SearchEntitiesFromCollection(string inputValue, string expectedCount, string expectedClaimValue)
+        public virtual void DEBUG_SearchEntitiesFromCollection(string inputValue, string expectedCount, string expectedClaimValue)
         {
             UnitTestsHelper.TestSearchOperation(inputValue, Convert.ToInt32(expectedCount), expectedClaimValue);
         }
@@ -72,7 +72,7 @@ public void DEBUG_SearchEntitiesFromCollection(string inputValue, string expecte
         //[TestCase(@"test)", 2, @"test)char@contoso.local")]
         //[TestCase(@"group\ch", 1, @"group\chartest")]
         [TestCase(@"user1", 2, @"user1@yvand.net")]
-        public void DEBUG_SearchEntities(string inputValue, int expectedResultCount, string expectedEntityClaimValue)
+        public virtual void DEBUG_SearchEntities(string inputValue, int expectedResultCount, string expectedEntityClaimValue)
         {
             if (!TestSearch) return;
 
@@ -92,7 +92,7 @@ public void DEBUG_SearchEntities(string inputValue, int expectedResultCount, str
         //[TestCase("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", @"test)char@contoso.local", true)]
         //[TestCase("http://yvand.com/customType1", @"group\chartest", true)]
         [TestCase("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", @"yvan", false)]
-        public void DEBUG_ValidateClaim(string claimType, string claimValue, bool shouldValidate)
+        public virtual void DEBUG_ValidateClaim(string claimType, string claimValue, bool shouldValidate)
         {
             if (!TestValidation) return;
 
@@ -102,7 +102,7 @@ public void DEBUG_ValidateClaim(string claimType, string claimValue, bool should
 
         [TestCase("FakeAccount", false)]
         [TestCase("yvand@contoso.local", true)]
-        public void DEBUG_AugmentEntity(string claimValue, bool shouldHavePermissions)
+        public virtual void DEBUG_AugmentEntity(string claimValue, bool shouldHavePermissions)
         {
             if (!TestAugmentation) return;
 

diff --git a/LDAPCP.Tests/LDAPCP.Tests.csproj b/LDAPCP.Tests/LDAPCP.Tests.csproj
@@ -46,7 +46,8 @@
     <Reference Include="System.Core" />
   </ItemGroup>
   <ItemGroup>
-    <Compile Include="AugmentationTests.cs" />
+    <Compile Include="AugmentationAsLDAPServersTests.cs" />
+    <Compile Include="AugmentationAsADDomainTests.cs" />
     <Compile Include="CustomConfigTests.cs" />
     <Compile Include="ModifyConfigBase.cs" />
     <Compile Include="ModifyConfigTests.cs" />

diff --git a/LDAPCP/LDAPCP.cs b/LDAPCP/LDAPCP.cs
@@ -1276,16 +1276,14 @@ protected virtual List<SPClaim> GetGroupsFromLDAPDirectory(LDAPConnection ldapCo
                             if (groupCTConfig.ClaimType == MainGroupClaimTypeConfig.ClaimType)
                             {
                                 valueIsDistinguishedNameFormat = true;
-                                if (result.Properties.Contains("memberOf"))
+                                foreach (string groupMembershipAttributes in ldapConnection.GroupMembershipAttributes)
                                 {
-                                    propertyCount = result.Properties["memberOf"].Count;
-                                    groupValues = result.Properties["memberOf"];
-                                }
-
-                                if (propertyCount == 0 && result.Properties.Contains("uniquememberof"))
-                                {
-                                    propertyCount = result.Properties["uniquememberof"].Count;
-                                    groupValues = result.Properties["uniquememberof"];
+                                    if (result.Properties.Contains(groupMembershipAttributes))
+                                    {
+                                        propertyCount = result.Properties[groupMembershipAttributes].Count;
+                                        groupValues = result.Properties[groupMembershipAttributes];
+                                        break;
+                                    }
                                 }
                             }
                             else

diff --git a/LDAPCP/LDAPCPConfig.cs b/LDAPCP/LDAPCPConfig.cs
@@ -726,6 +726,9 @@ public bool GetGroupMembershipAsADDomainProp
             set => GetGroupMembershipAsADDomain = value;
         }
 
+        [Persisted]
+        public string[] GroupMembershipAttributes = new string[] { "memberOf", "uniquememberof" };
+
         /// <summary>
         /// DirectoryEntry used to make LDAP queries
         /// </summary>
@@ -750,6 +753,7 @@ internal LDAPConnection CopyPersistedProperties()
                 UserServerDirectoryEntry = this.UserServerDirectoryEntry,
                 AugmentationEnabled = this.AugmentationEnabled,
                 GetGroupMembershipAsADDomain = this.GetGroupMembershipAsADDomain,
+                GroupMembershipAttributes = this.GroupMembershipAttributes,
             };
         }
     }