Merge branch 'dm-ldap-identity-normalize-dn' into 'master'

Normalize LDAP DN when looking up identity Closes #39559 See merge request gitlab-org/gitlab-ce!15103
author: Sean McGivern <sean@mcgivern.me.uk> 2017-10-31 20:36:51 +0300
committer: Sean McGivern <sean@mcgivern.me.uk> 2017-10-31 20:36:51 +0300
commit: 85a677991073c5d21a33f43980b94402954efa11 (patch)
tree: 692b11ab40dfb2b4ebc25b2b8c59f352289a7a5d /spec
parent: 01c954922490d222b072efe621f3231161d39108 (diff)
parent: 8399de0c961be75d0cd90e59a7e89fabc11025b8 (diff)
5 files changed, 22 insertions, 8 deletions
diff --git a/spec/lib/gitlab/ldap/authentication_spec.rb b/spec/lib/gitlab/ldap/authentication_spec.rb
index 01b6282af0c..9d57a46c12b 100644
--- a/spec/lib/gitlab/ldap/authentication_spec.rb
+++ b/spec/lib/gitlab/ldap/authentication_spec.rb
@@ -1,8 +1,8 @@
 require 'spec_helper'
 
 describe Gitlab::LDAP::Authentication do
-  let(:user)     { create(:omniauth_user, extern_uid: dn) }
-  let(:dn)       { 'uid=john,ou=people,dc=example,dc=com' }
+  let(:dn)       { 'uid=John Smith, ou=People, dc=example, dc=com' }
+  let(:user)     { create(:omniauth_user, extern_uid: Gitlab::LDAP::Person.normalize_dn(dn)) }
   let(:login)    { 'john' }
   let(:password) { 'password' }
 
diff --git a/spec/lib/gitlab/ldap/user_spec.rb b/spec/lib/gitlab/ldap/user_spec.rb
index 9a4705d1cee..260df6e4dae 100644
--- a/spec/lib/gitlab/ldap/user_spec.rb
+++ b/spec/lib/gitlab/ldap/user_spec.rb
@@ -44,23 +44,25 @@ describe Gitlab::LDAP::User do
   end
 
   describe '.find_by_uid_and_provider' do
+    let(:dn) { 'CN=John Åström, CN=Users, DC=Example, DC=com' }
+
     it 'retrieves the correct user' do
       special_info = {
         name: 'John Åström',
         email: 'john@example.com',
         nickname: 'jastrom'
       }
-      special_hash = OmniAuth::AuthHash.new(uid: 'CN=John Åström,CN=Users,DC=Example,DC=com', provider: 'ldapmain', info: special_info)
+      special_hash = OmniAuth::AuthHash.new(uid: dn, provider: 'ldapmain', info: special_info)
       special_chars_user = described_class.new(special_hash)
       user = special_chars_user.save
 
-      expect(described_class.find_by_uid_and_provider(special_hash.uid, special_hash.provider)).to eq user
+      expect(described_class.find_by_uid_and_provider(dn, 'ldapmain')).to eq user
     end
   end
 
   describe 'find or create' do
     it "finds the user if already existing" do
-      create(:omniauth_user, extern_uid: 'uid=John Smith,ou=People,dc=example,dc=com', provider: 'ldapmain')
+      create(:omniauth_user, extern_uid: 'uid=john smith,ou=people,dc=example,dc=com', provider: 'ldapmain')
 
       expect { ldap_user.save }.not_to change { User.count }
     end
diff --git a/spec/lib/gitlab/o_auth/user_spec.rb b/spec/lib/gitlab/o_auth/user_spec.rb
index db26e16e3b2..c7471a21fda 100644
--- a/spec/lib/gitlab/o_auth/user_spec.rb
+++ b/spec/lib/gitlab/o_auth/user_spec.rb
@@ -4,7 +4,7 @@ describe Gitlab::OAuth::User do
   let(:oauth_user) { described_class.new(auth_hash) }
   let(:gl_user) { oauth_user.gl_user }
   let(:uid) { 'my-uid' }
-  let(:dn) { 'uid=user1,ou=People,dc=example' }
+  let(:dn) { 'uid=user1,ou=people,dc=example' }
   let(:provider) { 'my-provider' }
   let(:auth_hash) { OmniAuth::AuthHash.new(uid: uid, provider: provider, info: info_hash) }
   let(:info_hash) do
diff --git a/spec/lib/gitlab/saml/user_spec.rb b/spec/lib/gitlab/saml/user_spec.rb
index 1c23fb5f285..1765980e977 100644
--- a/spec/lib/gitlab/saml/user_spec.rb
+++ b/spec/lib/gitlab/saml/user_spec.rb
@@ -7,7 +7,7 @@ describe Gitlab::Saml::User do
   let(:saml_user) { described_class.new(auth_hash) }
   let(:gl_user) { saml_user.gl_user }
   let(:uid) { 'my-uid' }
-  let(:dn) { 'uid=user1,ou=People,dc=example' }
+  let(:dn) { 'uid=user1,ou=people,dc=example' }
   let(:provider) { 'saml' }
   let(:raw_info_attr) { { 'groups' => %w(Developers Freelancers Designers) } }
   let(:auth_hash) { OmniAuth::AuthHash.new(uid: uid, provider: provider, info: info_hash, extra: { raw_info: OneLogin::RubySaml::Attributes.new(raw_info_attr) }) }
diff --git a/spec/models/identity_spec.rb b/spec/models/identity_spec.rb
index 4ca6556d0f4..3ed048744de 100644
--- a/spec/models/identity_spec.rb
+++ b/spec/models/identity_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-RSpec.describe Identity do
+describe Identity do
   describe 'relations' do
     it { is_expected.to belong_to(:user) }
   end
@@ -22,4 +22,16 @@ RSpec.describe Identity do
       expect(other_identity.ldap?).to be_falsey
     end
   end
+
+  describe '.with_extern_uid' do
+    context 'LDAP identity' do
+      let!(:ldap_identity) { create(:identity, provider: 'ldapmain', extern_uid: 'uid=john smith,ou=people,dc=example,dc=com') }
+
+      it 'finds the identity when the DN is formatted differently' do
+        identity = described_class.with_extern_uid('ldapmain', 'uid=John Smith, ou=People, dc=example, dc=com').first
+
+        expect(identity).to eq(ldap_identity)
+      end
+    end
+  end
 end
author	Sean McGivern <sean@mcgivern.me.uk>	2017-10-31 20:36:51 +0300
committer	Sean McGivern <sean@mcgivern.me.uk>	2017-10-31 20:36:51 +0300
commit	85a677991073c5d21a33f43980b94402954efa11 (patch)
tree	692b11ab40dfb2b4ebc25b2b8c59f352289a7a5d /spec
parent	01c954922490d222b072efe621f3231161d39108 (diff)
parent	8399de0c961be75d0cd90e59a7e89fabc11025b8 (diff)