Skip to content

Commit

Permalink
Add ldap travis tests
Browse files Browse the repository at this point in the history
  • Loading branch information
bolkedebruin committed Nov 5, 2015
1 parent 9c60b19 commit 1a66df4
Show file tree
Hide file tree
Showing 11 changed files with 106 additions and 18 deletions.
5 changes: 5 additions & 0 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,11 @@ jdk: oraclejdk7
services:
- mysql
- postgresql
addons:
apt:
packages:
- slapd
- ldap-utils
python:
- "2.7"
- "3.4"
Expand Down
2 changes: 1 addition & 1 deletion airflow/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ def load_login():
try:
global login
login = import_module(auth_backend)
except ImportError, err:
except ImportError as err:
logging.critical(
"Cannot import authentication module %s. "
"Please correct your authentication backend or disable authentication: %s",
Expand Down
4 changes: 0 additions & 4 deletions airflow/www/app.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,6 @@ def create_app(config=None):

#app.config = config
airflow.load_login()
airflow.login.login_manager = flask_login.LoginManager()
airflow.login.login_manager.login_view = 'airflow.login'
airflow.login.login_manager.login_message = None

airflow.login.login_manager.init_app(app)

cache = Cache(
Expand Down
16 changes: 16 additions & 0 deletions scripts/ci/ldap.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
#!/usr/bin/env bash

DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
LDAP_DB=/tmp/ldap_db

echo "Creating database directory"

rm -rf ${LDAP_DB} && mkdir ${LDAP_DB} && cp /usr/share/doc/slapd/examples/DB_CONFIG ${LDAP_DB}

echo "Launching OpenLDAP ..."

# Start slapd with non root privileges
slapd -h "ldap://127.0.0.1:3890/" -f ${DIR}/slapd.conf

# Wait for LDAP to start
sleep 1
6 changes: 6 additions & 0 deletions scripts/ci/ldif/example.com.ldif
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
dn: dc=example,dc=com
dc: example
description: LDAP Example
objectClass: dcObject
objectClass: organization
o: example
3 changes: 3 additions & 0 deletions scripts/ci/ldif/manager.example.com.ldif
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
dn: cn=Manager,dc=example,dc=com
cn: Manager
objectClass: organizationalRole
5 changes: 5 additions & 0 deletions scripts/ci/ldif/user1.example.com.ldif
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
dn: uid=user1,dc=example,dc=com
objectClass: account
objectClass: simpleSecurityObject
uid: user1
userPassword: user1
13 changes: 13 additions & 0 deletions scripts/ci/load_fixtures.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
#!/usr/bin/env bash

DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
FIXTURES_DIR="$DIR/ldif"

load_fixture () {
ldapadd -x -H ldap://127.0.0.1:3890/ -D "cn=Manager,dc=example,dc=com" -w insecure -f $1
}

for FIXTURE in `ls ${FIXTURES_DIR}`
do
load_fixture "${FIXTURES_DIR}/${FIXTURE}"
done;
44 changes: 44 additions & 0 deletions scripts/ci/slapd.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
##
# Global Directives
##

# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema

moduleload back_hdb

disallow bind_anon

##
# Test DB
##

database hdb

suffix "dc=example,dc=com"

rootdn "cn=Manager,dc=example,dc=com"
rootpw insecure

# The database directory MUST exist prior to running slapd AND
# change path as necessary
directory /tmp/ldap_db/

##
# ACL
##

# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
# These access lines apply to database #1 only
access to attrs=userPassword
by self write
by anonymous auth
by users none

access to * by * read
24 changes: 11 additions & 13 deletions tests/core.py
Original file line number Diff line number Diff line change
Expand Up @@ -458,7 +458,7 @@ def setUp(self):
configuration.conf.add_section("ldap")
except:
pass
configuration.conf.set("ldap", "uri", "ldap://localhost")
configuration.conf.set("ldap", "uri", "ldap://localhost:3890")
configuration.conf.set("ldap", "user_filter", "objectClass=*")
configuration.conf.set("ldap", "user_name_attr", "True")
configuration.conf.set("ldap", "bind_user", "cn=Manager,dc=example,dc=com")
Expand All @@ -483,23 +483,21 @@ def logout(self):
def test_login_logout_ldap(self):
assert configuration.conf.getboolean('webserver', 'authenticate') is True

#response = self.login('user1', 'userx')
#print(response.data)
#assert 'Incorrect login details' in response.data
response = self.login('user1', 'userx')
assert 'Incorrect login details' in response.data

#response = self.login('userz', 'user1')
#assert 'Incorrect login details' in response.data
response = self.login('userz', 'user1')
assert 'Incorrect login details' in response.data

#response = self.login('user1', 'user1')
#assert 'Data Profiling' in response.data
response = self.login('user1', 'user1')
assert 'Data Profiling' in response.data

#response = self.logout()
#assert 'form-signin' in response.data
response = self.logout()
assert 'form-signin' in response.data

def test_unauthorized(self):
response = self.app.get("/")
print response.data
assert '403 Forbidden' in response.data
response = self.app.get("/admin/airflow/landing_times")
self.assertEqual(response.status_code, 302)

def tearDown(self):
configuration.test_mode()
Expand Down
2 changes: 2 additions & 0 deletions tox.ini
Original file line number Diff line number Diff line change
Expand Up @@ -39,5 +39,7 @@ commands =
pip install --find-links={homedir}/.wheelhouse --no-index -rrequirements.txt
# {toxinidir}/scripts/ci/setup_kdc.sh
{toxinidir}/scripts/ci/setup_env.sh
{toxinidir}/scripts/ci/ldap.sh
{toxinidir}/scripts/ci/load_fixtures.sh
{toxinidir}/scripts/ci/run_tests.sh []
coveralls

0 comments on commit 1a66df4

Please sign in to comment.