Skip to content

Commit 620ce32

Browse files
mtoddmtodd
committed
Reproduce oddity with nested queries in Net::LDAP#open
cc @jch
1 parent e14a910 commit 620ce32

File tree

2 files changed

+82
-0
lines changed

2 files changed

+82
-0
lines changed

test/domain_test.rb

Lines changed: 77 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -219,3 +219,80 @@ def test_membership_for_posixGroups
219219
"Expected `#{@cn}` to not include the member `#{user.dn}`"
220220
end
221221
end
222+
223+
class GitHubLdapOpenTest < GitHub::Ldap::Test
224+
def setup
225+
@ldap = GitHub::Ldap.new(options)
226+
@domain = @ldap.domain("dc=github,dc=com")
227+
@dn = "cn=nested-groups,ou=Groups,dc=github,dc=com"
228+
@groups = ["nested-group1", "nested-group2"]
229+
end
230+
231+
def test_membership_for_first_nested_group
232+
assert user = @ldap.domain('uid=user1,ou=People,dc=github,dc=com').bind
233+
234+
assert @domain.is_member?(user, @groups)
235+
236+
@ldap.open do
237+
assert @domain.is_member?(user, @groups)
238+
end
239+
end
240+
241+
def test_membership_for_last_nested_group
242+
assert user = @ldap.domain('uid=user10,ou=People,dc=github,dc=com').bind
243+
244+
assert @domain.is_member?(user, @groups)
245+
246+
@ldap.open do
247+
assert @domain.is_member?(user, @groups)
248+
end
249+
end
250+
251+
def test_members_match_when_open_and_close
252+
members_close = @ldap.group(@dn).members.map(&:uid).flatten
253+
254+
members_open =
255+
@ldap.open do
256+
@ldap.group(@dn).members.map(&:uid).flatten
257+
end
258+
259+
assert_equal members_close, members_open
260+
end
261+
262+
def test_open_with_subsearches
263+
base = "dc=github,dc=com"
264+
filter = "(|(cn=nested-group1)(cn=nested-group2))"
265+
266+
close_results = {}
267+
@ldap.search(filter: filter, base: base) do |entry|
268+
close_results[entry.dn] = []
269+
entry['member'].each do |child_dn|
270+
@ldap.search(base: child_dn, scope: Net::LDAP::SearchScope_BaseObject) do |child|
271+
close_results[entry.dn] << child.dn
272+
end
273+
end
274+
end
275+
276+
open_results = {}
277+
@ldap.open do
278+
@ldap.search(filter: filter, base: base) do |entry|
279+
open_results[entry.dn] = []
280+
entry['member'].each do |child_dn|
281+
@ldap.search(base: child_dn, scope: Net::LDAP::SearchScope_BaseObject) do |child|
282+
open_results[entry.dn] << child.dn
283+
end
284+
end
285+
end
286+
end
287+
288+
if ENV.fetch('VERBOSE', '0') == '1'
289+
require 'pp'
290+
puts
291+
pp close_results
292+
puts "******"
293+
pp open_results
294+
end
295+
296+
assert_equal close_results, open_results
297+
end
298+
end

test/fixtures/common/seed.ldif

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -226,6 +226,10 @@ member: uid=user2,ou=People,dc=github,dc=com
226226
member: uid=user3,ou=People,dc=github,dc=com
227227
member: uid=user4,ou=People,dc=github,dc=com
228228
member: uid=user5,ou=People,dc=github,dc=com
229+
230+
dn: cn=nested-group2,ou=Groups,dc=github,dc=com
231+
cn: nested-group2
232+
objectClass: groupOfNames
229233
member: uid=user6,ou=People,dc=github,dc=com
230234
member: uid=user7,ou=People,dc=github,dc=com
231235
member: uid=user8,ou=People,dc=github,dc=com
@@ -236,6 +240,7 @@ dn: cn=nested-groups,ou=Groups,dc=github,dc=com
236240
cn: nested-groups
237241
objectClass: groupOfNames
238242
member: cn=nested-group1,ou=Groups,dc=github,dc=com
243+
member: cn=nested-group2,ou=Groups,dc=github,dc=com
239244

240245
dn: cn=n-member-nested-group1,ou=Groups,dc=github,dc=com
241246
cn: n-member-nested-group1

0 commit comments

Comments
 (0)