Skip to content
Permalink
Browse files

[JENKINS-25576] A Ldap plugin test that runs with LDAP server is added.

There was only one Ldap plugin test which requires Docker to run. The
newly created LdapPluginNoDockerTest runs without Docker but with a
real LDAP server. Detailed configuration information can be set through
environment variables.

Because LdapPluginNoDockerTest has similar test stories with
ActiveDirectoryTest, ActiveDirectoryTest is refactored to reduce
duplicate code.

Change-Id: If729ceb05eb96a0b3abfc33fa141b748a0ba461a
  • Loading branch information
Bowen Cheng Bowen Cheng
Bowen Cheng authored and Bowen Cheng committed Nov 12, 2014
1 parent 076fb39 commit 2c87fd8530c83bee5dc61caab1b8051d76ec9c6a
@@ -0,0 +1,181 @@
/*
* The MIT License
*
* Copyright (c) 2014 Ericsson
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.jenkinsci.test.acceptance.plugins.ldap;

import static org.junit.Assume.assumeNotNull;

/**
* Thread-unsafe singleton serving ldap-prefixed test env args.
*
* @author Bowen.Cheng@ericsson.com
*/
public class LdapEnv {

private static final int DEFAULT_LDAP_PORT = 3268;
private static final String TRUE = "true";
private static final String FALSE = "false";
private static final String PARSE_USER_ATTRIBUTE_STRATEGY = "ParseUserAttribute";
private static final String SEARCH_FOR_GROUPS_STRATEGY = "SearchForGroups";

private static LdapDetails ldapDetails = null;
private static LdapEnv ldapEnv = null;

private String user;
private String password;
private String group;

private LdapEnv() {
user = System.getenv("ldapUser");
password = System.getenv("ldapPassword");
group = System.getenv("ldapGroup");
}

/**
* @return Existing ldapEnv object or a newly constructed one with given environment variables
*/
public static LdapEnv getLdapEnv() {
if(ldapEnv == null) {
ldapEnv = new LdapEnv();
}
return ldapEnv;
}

/**
* @return Existing ldapDetails object or a newly constructed one with given environment variables
*/
public static LdapDetails getLdapDetails() {
if(ldapDetails == null) {
ldapDetails = new LdapEnv().constructLdapDetails();
}
return ldapDetails;
}

/**
* @return user name by "-ldapUser" attribute
*/
public String getUser() {
assumeNotNull(user);
return user;
}

/**
* @return password used for logging in by "-ldapPassword" attribute
*/
public String getPassword() {
assumeNotNull(password);
return password;
}

/**
* @return user group by "-ldapGroup" attribute
*/
public String getGroup() {
assumeNotNull(group);
return group;
}

private LdapDetails constructLdapDetails() {
String host = System.getenv("ldapHost");
int port = parseInteger(System.getenv("ldapPort"), DEFAULT_LDAP_PORT);

LdapDetails ldapDetails = new LdapDetails(
host, port,
System.getenv("ldapManagerDn"),
System.getenv("ldapManagerPassword"),
System.getenv("ldapRootDn")
);
ldapDetails.setHostWithPort(host + ":" + port);
ldapDetails.setUserSearchBase(System.getenv("ldapUserSearchBase"));
ldapDetails.setUserSearchFilter(System.getenv("ldapUserSearchFilter"));
ldapDetails.setGroupSearchBase(System.getenv("ldapGroupSearchBase"));
ldapDetails.setGroupSearchFilter(System.getenv("ldapGroupSearchFilter"));
ldapDetails.setGroupMembershipStrategy(parseGroupMembershipStrategy(System.getenv("ldapGroupMembershipStrategy")));
ldapDetails.setGroupMembershipStrategyParam(System.getenv("ldapGroupMembershipStrategyParam"));
ldapDetails.setGroupMembershipFilter(System.getenv("ldapGroupMembershipFilter"));
ldapDetails.setDisplayNameAttributeName(System.getenv("ldapDisplayNameAttributeName"));
ldapDetails.setMailAddressAttributeName(System.getenv("ldapMailAddressAttributeName"));
ldapDetails.setDisableLdapEmailResolver(parseBoolean(System.getenv("ldapDisableLdapEmailResolver"), false));
ldapDetails.setEnableCache(parseBoolean(System.getenv("ldapEnableCache"), false));
ldapDetails.setCacheSize(parseInteger(System.getenv("ldapCacheSize"), 20));
ldapDetails.setCacheTTL(parseInteger(System.getenv("ldapCacheTTL"), 300));

return ldapDetails;
}

private Class parseGroupMembershipStrategy(String strategy) {
Class<? extends LdapGroupMembershipStrategy> strategyClass = null;

if (isEmptyOrNullString(strategy)) {
return strategyClass;
}

if (strategy.compareToIgnoreCase(PARSE_USER_ATTRIBUTE_STRATEGY) == 0) {
strategyClass = ParseUserAttributeLdapGroupMembershipStrategy.class;
} else if (strategy.compareToIgnoreCase(SEARCH_FOR_GROUPS_STRATEGY) == 0) {
strategyClass = SearchForGroupsLdapGroupMembershipStrategy.class;
}

return strategyClass;
}

/**
* Parse string representation of a boolean
*
* @param booleanString string representation of a boolean to be parsed
* @param defaultValue the value to be returned if there is any parse exception
* @return boolean value parsed
*/
private boolean parseBoolean(String booleanString, boolean defaultValue) {
boolean result = defaultValue;

if(isEmptyOrNullString(booleanString)) {
return result;
}
if(booleanString.compareToIgnoreCase(TRUE) == 0 || booleanString.compareToIgnoreCase(FALSE) == 0) {
result = Boolean.parseBoolean(booleanString);
}
return result;
}

/**
* Parse string representation of a integer
*
* @param intString string representation of a integer to be parsed
* @param defaultValue the value to be returned if there is any parse exception
* @return integer value after parsed
*/
private int parseInteger(String intString, int defaultValue) {
int result;
try {
result = Integer.parseInt(intString);
} catch (NumberFormatException e) {
result = defaultValue;
}
return result;
}

private boolean isEmptyOrNullString(String target) {
return target == null || target.isEmpty();
}
}
@@ -0,0 +1,48 @@
/*
* The MIT License
*
* Copyright (c) 2014 Ericsson
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.jenkinsci.test.acceptance.utils.pluginTests;

import org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow;
import org.jenkinsci.test.acceptance.plugins.matrix_auth.ProjectBasedMatrixAuthorizationStrategy;
import org.jenkinsci.test.acceptance.po.GlobalSecurityConfig;

public class SecurityConfigUtils {

private SecurityConfigUtils() {
}

/**
* Add and authorize given user admin role under "Project-based Matrix Authorization Strategy"
*
* @param user user to be added and authorized as admin
* @param security page object
* @return security page object
*/
public static GlobalSecurityConfig authorizeUserAsAdmin(String user, GlobalSecurityConfig security) {
ProjectBasedMatrixAuthorizationStrategy auth = security.useAuthorizationStrategy(ProjectBasedMatrixAuthorizationStrategy.class);
MatrixRow userAuth = auth.addUser(user);
userAuth.admin();
return security;
}
}
@@ -21,20 +21,20 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.jenkinsci.test.acceptance.plugins.active_directory;
package org.jenkinsci.test.acceptance.utils.pluginTests;

import org.jenkinsci.test.acceptance.po.Control;
import org.jenkinsci.test.acceptance.po.Jenkins;
import org.jenkinsci.test.acceptance.po.PageObject;

/**
* Page Object for AD security (global) configuration page.
* Page Object for security (global) configuration page.
* @author Marco.Miller@ericsson.com
*/
public class ActiveDirectorySecurity extends PageObject {
public class SecurityDisabler extends PageObject {
public final Jenkins jenkins;

public ActiveDirectorySecurity(Jenkins jenkins) {
public SecurityDisabler(Jenkins jenkins) {
super(jenkins.injector,jenkins.url("configureSecurity"));
this.jenkins = jenkins;
}
@@ -26,10 +26,8 @@
import org.jenkinsci.test.acceptance.junit.AbstractJUnitTest;
import org.jenkinsci.test.acceptance.junit.WithPlugins;
import org.jenkinsci.test.acceptance.plugins.active_directory.ActiveDirectoryEnv;
import org.jenkinsci.test.acceptance.plugins.active_directory.ActiveDirectorySecurity;
import org.jenkinsci.test.acceptance.utils.pluginTests.SecurityDisabler;
import org.jenkinsci.test.acceptance.plugins.active_directory.ActiveDirectorySecurityRealm;
import org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow;
import org.jenkinsci.test.acceptance.plugins.matrix_auth.ProjectBasedMatrixAuthorizationStrategy;
import org.jenkinsci.test.acceptance.po.GlobalSecurityConfig;
import org.junit.After;
import org.junit.Before;
@@ -38,6 +36,7 @@

import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.*;
import static org.jenkinsci.test.acceptance.utils.pluginTests.SecurityConfigUtils.authorizeUserAsAdmin;

/**
* Set these (data) at mvn-test command line to use this test:<br>
@@ -63,11 +62,11 @@
*/
@WithPlugins("active-directory@1.38")
public class ActiveDirectoryTest extends AbstractJUnitTest {
private ActiveDirectorySecurity adSecurity;
private SecurityDisabler securityDisabler;

@Before
public void setUp() {
adSecurity = new ActiveDirectorySecurity(jenkins);
securityDisabler = new SecurityDisabler(jenkins);
}

/**
@@ -124,7 +123,7 @@ public void wannabe_cannot_login_to_Jenkins_after_AD_security_configured() {

@After
public void tearDown() {
adSecurity.stopUsingSecurityAndSave();
securityDisabler.stopUsingSecurityAndSave();
}

private void userCanLoginToJenkinsAsAdmin(String userOrGroupToAddAsAdmin) {
@@ -137,15 +136,18 @@ private void userCanLoginToJenkinsAsAdmin(String userOrGroupToAddAsAdmin) {
assertThat(domain.getAttribute("value"), is(equalTo(ActiveDirectoryEnv.get().getDomain())));
}

private GlobalSecurityConfig saveSecurityConfig(String user) {
private GlobalSecurityConfig saveSecurityConfig(String userOrGroupToAddAsAdmin) {
GlobalSecurityConfig security = new GlobalSecurityConfig(jenkins);
security.configure();//open
security.configure();
security = authorizeUserAsAdmin(userOrGroupToAddAsAdmin, security);
security = configSecurityRealm(security);
security.save();
return security;
}

private GlobalSecurityConfig configSecurityRealm(GlobalSecurityConfig security) {
ActiveDirectorySecurityRealm realm = security.useRealm(ActiveDirectorySecurityRealm.class);
realm.configure();
ProjectBasedMatrixAuthorizationStrategy auth = security.useAuthorizationStrategy(ProjectBasedMatrixAuthorizationStrategy.class);
MatrixRow userAuth = auth.addUser(user);
userAuth.admin();
security.save();
return security;
}
}

0 comments on commit 2c87fd8

Please sign in to comment.
You can’t perform that action at this time.