Fix LDAPGroupMapperTest with MSAD and Mongo

keycloak · Apr 1, 2016 · 5d7b549 · 5d7b549
1 parent 7f88e76
commit 5d7b549
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 5 deletions.
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java
@@ -232,7 +232,7 @@ public List<UserModel> loadUsersByUsernames(List<String> usernames, RealmModel r
             if (kcUser == null) {
                 logger.warnf("User '%s' referenced by membership wasn't found in LDAP", username);
             } else if (!model.getId().equals(kcUser.getFederationLink())) {
-                logger.warnf("Incorrect federation provider of user %s" + kcUser.getUsername());
+                logger.warnf("Incorrect federation provider of user '%s'", kcUser.getUsername());
             } else {
                 result.add(kcUser);
             }

diff --git a/...rc/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapper2WaySyncTest.java b/...rc/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapper2WaySyncTest.java
@@ -21,8 +21,10 @@
 
 import org.junit.Assert;
 import org.junit.ClassRule;
+import org.junit.FixMethodOrder;
 import org.junit.Rule;
 import org.junit.Test;
+import org.junit.runners.MethodSorters;
 import org.keycloak.federation.ldap.LDAPFederationProvider;
 import org.keycloak.federation.ldap.LDAPFederationProviderFactory;
 import org.keycloak.federation.ldap.mappers.membership.LDAPGroupMapperMode;
@@ -45,6 +47,7 @@
 /**
  * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
  */
+@FixMethodOrder(MethodSorters.NAME_ASCENDING)
 public class LDAPGroupMapper2WaySyncTest {
 
     @ClassRule

diff --git a/...ration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java b/...ration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java
@@ -28,6 +28,7 @@
 import org.junit.rules.RuleChain;
 import org.junit.rules.TestRule;
 import org.junit.runners.MethodSorters;
+import org.keycloak.federation.ldap.LDAPConfig;
 import org.keycloak.federation.ldap.LDAPFederationProvider;
 import org.keycloak.federation.ldap.LDAPFederationProviderFactory;
 import org.keycloak.federation.ldap.LDAPUtils;
@@ -110,6 +111,9 @@ public void config(RealmManager manager, RealmModel adminstrationRealm, RealmMod
             LDAPObject rob = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "robkeycloak", "Rob", "Brown", "rob@email.org", null, "8910");
             FederationTestUtils.updateLDAPPassword(ldapFedProvider, rob, "Password1");
 
+            LDAPObject james = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "jameskeycloak", "James", "Brown", "james@email.org", null, "8910");
+            FederationTestUtils.updateLDAPPassword(ldapFedProvider, james, "Password1");
+
         }
     });
 
@@ -309,6 +313,12 @@ public void test03_importGroupMappings() {
     public void test04_groupReferencingNonExistentMember() {
         KeycloakSession session = keycloakRule.startSession();
         try {
+            // Ignoring this test on ActiveDirectory as it's not allowed to have LDAP group referencing nonexistent member. KEYCLOAK-2682 was related to OpenLDAP TODO: Better solution than programmatic...
+            LDAPConfig config = FederationTestUtils.getLdapProvider(session, ldapModel).getLdapIdentityStore().getConfig();
+            if (config.isActiveDirectory()) {
+                return;
+            }
+
             RealmModel appRealm = session.realms().getRealmByName("test");
 
             UserFederationMapperModel mapperModel = appRealm.getUserFederationMapperByName(ldapModel.getId(), "groupsMapper");
@@ -321,12 +331,12 @@ public void test04_groupReferencingNonExistentMember() {
             LDAPObject group2 = FederationTestUtils.createLDAPGroup(session, appRealm, ldapModel, "group2", descriptionAttrName, "group2 - description");
 
             // 2 - Add one existing user rob to LDAP group
-            LDAPObject robLdap = ldapProvider.loadLDAPUserByUsername(appRealm, "robkeycloak");
+            LDAPObject jamesLdap = ldapProvider.loadLDAPUserByUsername(appRealm, "jameskeycloak");
-            LDAPUtils.addMember(ldapProvider, MembershipType.DN, LDAPConstants.MEMBER, group2, robLdap, false);
+            LDAPUtils.addMember(ldapProvider, MembershipType.DN, LDAPConstants.MEMBER, group2, jamesLdap, false);
 
             // 3 - Add non-existing user to LDAP group
             LDAPDn nonExistentDn = LDAPDn.fromString(ldapProvider.getLdapIdentityStore().getConfig().getUsersDn());
-            nonExistentDn.addFirst(robLdap.getRdnAttributeName(), "nonexistent");
+            nonExistentDn.addFirst(jamesLdap.getRdnAttributeName(), "nonexistent");
             LDAPObject nonExistentLdapUser = new LDAPObject();
             nonExistentLdapUser.setDn(nonExistentDn);
             LDAPUtils.addMember(ldapProvider, MembershipType.DN, LDAPConstants.MEMBER, group2, nonExistentLdapUser, true);
@@ -337,7 +347,7 @@ public void test04_groupReferencingNonExistentMember() {
             List<UserModel> groupUsers = session.users().getGroupMembers(appRealm, kcGroup2, 0, 5);
             Assert.assertEquals(1, groupUsers.size());
             UserModel rob = groupUsers.get(0);
-            Assert.assertEquals("robkeycloak", rob.getUsername());
+            Assert.assertEquals("jameskeycloak", rob.getUsername());
 
         } finally {
             keycloakRule.stopSession(session, false);