s1890: added unit test for getAugmentedSubject

5be9dbb3 · Jeff Burke · 60c3ecde · 5be9dbb3 · 5be9dbb3 · 5be9dbb3
Commit 5be9dbb3 authored 8 years ago by Jeff Burke
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -179,7 +179,7 @@ public class LdapUserDAO extends LdapDAO
    private String[] identityAttribs = new String[]
    {
        LDAP_UID, LDAP_DISTINGUISHED_NAME, LDAP_ENTRYDN,
-        LDAP_MEMBEROF // for group cache
+        LDAP_USER_NAME, LDAP_MEMBEROF // for group cache
    };

    public LdapUserDAO(LdapConnections connections)
@@ -678,8 +678,9 @@ public class LdapUserDAO extends LdapDAO
            }

            User user = new User();
-            user.getIdentities().add(new HttpPrincipal(
-                searchResult.getAttributeValue(LDAP_UID)));
+            String username = searchResult.getAttributeValue(LDAP_USER_NAME);
+            logger.debug("username is " + username);
+            user.getIdentities().add(new HttpPrincipal(username));

            String numericID = searchResult.getAttributeValue(LDAP_UID);
            logger.debug("numericID is " + numericID);
@@ -1092,6 +1093,7 @@ public class LdapUserDAO extends LdapDAO
    DN getUserDN(User user)
        throws UserNotFoundException, TransientException
    {
+        // Could be a DNPrincipal from a memberOf or uniquemember entrydn
        Principal userID = user.getHttpPrincipal();
        String searchField = userLdapAttrib.get(userID.getClass());
        if (searchField == null)

--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/UserRequestServlet.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/UserRequestServlet.java
@@ -102,8 +102,7 @@ import java.util.Set;

 public class UserRequestServlet extends HttpServlet
 {
-
-    private static final long serialVersionUID = 5289130885807305288L;
+    private static final long serialVersionUID = 6290241995918416399L;
    private static final Logger log = Logger.getLogger(UserRequestServlet.class);

    private List<Subject> privilegedSubjects;
@@ -129,20 +128,24 @@ public class UserRequestServlet extends HttpServlet
            {
                x500List = x500Users.split(" ");
                httpList = httpUsers.split(" ");
-            }

-            if (x500List.length != httpList.length)
-            {
-                throw new RuntimeException("Init exception: Lists of augment subject principals not equivalent in length");
-            }
+                if (x500List.length != httpList.length)
+                {
+                    throw new RuntimeException("Init exception: Lists of augment subject principals not equivalent in length");
+                }

-            privilegedSubjects = new ArrayList<Subject>(x500Users.length());
-            for (int i=0; i<x500List.length; i++)
+                privilegedSubjects = new ArrayList<Subject>(x500Users.length());
+                for (int i = 0; i < x500List.length; i++)
+                {
+                    Subject s = new Subject();
+                    s.getPrincipals().add(new X500Principal(x500List[i]));
+                    s.getPrincipals().add(new HttpPrincipal(httpList[i]));
+                    privilegedSubjects.add(s);
+                }
+            }
+            else
            {
-                Subject s = new Subject();
-                s.getPrincipals().add(new X500Principal(x500List[i]));
-                s.getPrincipals().add(new HttpPrincipal(httpList[i]));
-                privilegedSubjects.add(s);
+                log.warn("No Privileged users configured.");
            }

            PluginFactory pluginFactory = new PluginFactory();

--- a/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
+++ b/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
@@ -326,6 +326,38 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest
        });
    }

+    /**
+     * Test of getAugmentedUser method, of class LdapUserDAO.
+     */
+    @Test
+    public void getGetAugmentedUser() throws Exception
+    {
+        Subject subject = new Subject();
+        subject.getPrincipals().add(cadcDaoTest1_HttpPrincipal);
+        subject.getPrincipals().add(cadcDaoTest1_DNPrincipal);
+
+        // do everything as owner
+        Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
+        {
+            public Object run()
+                throws Exception
+            {
+                try
+                {
+                    final LdapUserDAO userDAO = getUserDAO();
+                    final User actual = userDAO.getUser(cadcDaoTest1_HttpPrincipal);
+                    assertEquals(cadcDaoTest1_User.getHttpPrincipal(), actual.getHttpPrincipal());
+
+                    return null;
+                }
+                catch (Exception e)
+                {
+                    throw new Exception("Problems", e);
+                }
+            }
+        });
+    }
+
    /**
     * Test of getUserByEmailAddress method, of class LdapUserDAO.
     */