LDAP add test for roles and multiple users
[?]
Sep 9, 2020, 8:47 PM
B22SQY652WAIPNO46LOIWOP7LDBSU5HKXCTL5PQVAETICNOLWNWACDependencies
Change contents
- edit in flake.nix at line 384
dn: ou=groups,dc=exampleou: groupsdescription: All groupsobjectClass: topobjectClass: organizationalUnitdn: cn=hydra_admin,ou=groups,dc=examplecn: hydra_admindescription: Hydra Admin user groupobjectClass: groupOfNamesmember: cn=admin,ou=users,dc=example - edit in flake.nix at line 403
dn: cn=admin,ou=users,dc=exampleobjectClass: organizationalPersonobjectClass: inetOrgPersonsn: admincn: adminmail: admin@exampleuserPassword: password - replacement in flake.nix at line 436
use_roles: 0role_basedn: "ou=groups,ou=OxObjects,dc=yourcompany,dc=com"role_filter: "(&(objectClass=posixGroup)(memberUid=%s))"use_roles: 1role_basedn: "ou=groups,dc=example"role_filter: "(&(objectClass=groupOfNames)(member=%s))" - replacement in flake.nix at line 440
role_field: uidrole_field: cn - edit in flake.nix at line 448
import json - replacement in flake.nix at line 453
machine.succeed(response = machine.succeed( - edit in flake.nix at line 456
response_json = json.loads(response)assert "user" == response_json["username"]assert "user@example" == response_json["emailaddress"]assert len(response_json["userroles"]) == 0# logging on with wrong credentials shouldn't work - edit in flake.nix at line 465
)# the admin user should get the admin role from his group membership in `hydra_admin`response = machine.succeed("curl --fail http://localhost:3000/login -H 'Accept: application/json' -H 'Referer: http://localhost:3000' --data 'username=admin&password=password'" - edit in flake.nix at line 471
response_json = json.loads(response)assert "admin" == response_json["username"]assert "admin@example" == response_json["emailaddress"]assert "admin" in response_json["userroles"]