Page MenuHomeSoftware Heritage
Files F8395205

keycloak_ldap_user_provider_spec.rb
No OneTemporary
Actions

keycloak_ldap_user_provider_spec.rb
View Options

require 'spec_helper'
describe Puppet::Type.type(:keycloak_ldap_user_provider) do
let(:default_config) do
{
:name => 'foo',
:realm => 'test'
}
end
let(:config) do
default_config
end
let(:resource) do
described_class.new(config)
end
it 'should add to catalog without raising an error' do
catalog = Puppet::Resource::Catalog.new
expect {
catalog.add_resource resource
}.to_not raise_error
end
it 'should have a name' do
expect(resource[:name]).to eq('foo')
end
it 'should have resource_name default to name' do
expect(resource[:resource_name]).to eq('foo')
end
it 'should have id default to resource_name-realm' do
expect(resource[:id]).to eq('foo-test')
end
it 'should have realm' do
expect(resource[:realm]).to eq('test')
end
it 'should handle componsite name' do
component = described_class.new(:name => 'foo on test')
expect(component[:name]).to eq('foo on test')
expect(component[:resource_name]).to eq('foo')
expect(component[:realm]).to eq('test')
end
it 'should default to auth_type=none' do
expect(resource[:auth_type]).to eq('none')
end
it 'should not allow invalid auth_type' do
config[:auth_type] = 'foo'
expect {
resource
}.to raise_error
end
it 'should default to edit_mode=READ_ONLY' do
expect(resource[:edit_mode]).to eq('READ_ONLY')
end
it 'should not allow invalid edit_mode' do
config[:edit_mode] = 'foo'
expect {
resource
}.to raise_error
end
it 'should default to vendor=other' do
expect(resource[:vendor]).to eq('other')
end
it 'should not allow invalid vendor' do
config[:vendor] = 'foo'
expect {
resource
}.to raise_error
end
it 'should default to use_truststore_spi=ldapsOnly' do
expect(resource[:use_truststore_spi]).to eq('ldapsOnly')
end
it 'should not allow invalid use_truststore_spi' do
config[:use_truststore_spi] = 'foo'
expect {
resource
}.to raise_error
end
it 'should allow bind_dn' do
config[:auth_type] = 'simple'
config[:bind_dn] = 'foo'
expect(resource[:bind_dn]).to eq('foo')
end
it 'should allow bind_credential' do
config[:auth_type] = 'simple'
config[:bind_credential] = 'foo'
expect(resource[:bind_credential]).to eq('foo')
end
it 'should allow bind_credential' do
config[:auth_type] = 'simple'
config[:use_kerberos_for_password_authentication] = true
expect(resource[:use_kerberos_for_password_authentication]).to eq(:true)
end
it 'should not allow invalid bind_credential' do
config[:auth_type] = 'simple'
config[:use_kerberos_for_password_authentication] = 'foo'
expect {
resource
}.to raise_error
end
# Test basic properties
[
:users_dn,
:connection_url,
:priority,
:batch_size_for_sync,
:username_ldap_attribute,
:rdn_ldap_attribute,
:uuid_ldap_attribute,
].each do |p|
it "should accept a #{p.to_s}" do
config[p] = 'foo'
expect(resource[p]).to eq('foo')
end
end
# Test boolean properties
[
:import_enabled,
].each do |p|
it "should accept true for #{p.to_s}" do
config[p] = true
expect(resource[p]).to eq(:true)
config[p] = 'true'
expect(resource[p]).to eq(:true)
end
it "should accept false for #{p.to_s}" do
config[p] = false
expect(resource[p]).to eq(:false)
config[p] = 'false'
expect(resource[p]).to eq(:false)
end
it "should not accept strings for #{p.to_s}" do
config[p] = 'foo'
expect {
resource
}.to raise_error
end
end
# Array properties
[
:user_object_classes,
].each do |p|
it 'should accept array' do
config[p] = ['foo','bar']
expect(resource[p]).to eq(['foo','bar'])
end
end
it 'should autorequire keycloak_conn_validator' do
keycloak_conn_validator = Puppet::Type.type(:keycloak_conn_validator).new(:name => 'keycloak')
catalog = Puppet::Resource::Catalog.new
catalog.add_resource resource
catalog.add_resource keycloak_conn_validator
rel = resource.autorequire[0]
expect(rel.source.ref).to eq(keycloak_conn_validator.ref)
expect(rel.target.ref).to eq(resource.ref)
end
it 'should autorequire kcadm-wrapper.sh' do
file = Puppet::Type.type(:file).new(:name => 'kcadm-wrapper.sh', :path => '/opt/keycloak/bin/kcadm-wrapper.sh')
catalog = Puppet::Resource::Catalog.new
catalog.add_resource resource
catalog.add_resource file
rel = resource.autorequire[0]
expect(rel.source.ref).to eq(file.ref)
expect(rel.target.ref).to eq(resource.ref)
end
it 'should autorequire keycloak_realm' do
keycloak_realm = Puppet::Type.type(:keycloak_realm).new(:name => 'test')
catalog = Puppet::Resource::Catalog.new
catalog.add_resource resource
catalog.add_resource keycloak_realm
rel = resource.autorequire[0]
expect(rel.source.ref).to eq(keycloak_realm.ref)
expect(rel.target.ref).to eq(resource.ref)
end
it 'should not allow use_kerberos_for_password_authentication with auth_type=none' do
config[:auth_type] = 'none'
config[:use_kerberos_for_password_authentication] = true
expect { resource }.to raise_error(Puppet::Error, /use_kerberos_for_password_authentication is not valid for auth_type none/)
end
it 'should not allow bind_credential with auth_type=none' do
config[:auth_type] = 'none'
config[:bind_credential] = true
expect { resource }.to raise_error(Puppet::Error, /bind_credential is not valid for auth_type none/)
end
it 'should not allow bind_dn with auth_type=none' do
config[:auth_type] = 'none'
config[:bind_dn] = true
expect { resource }.to raise_error(Puppet::Error, /bind_dn is not valid for auth_type none/)
end
end

File Metadata

Mime Type
text/x-ruby
Expires
Jun 4 2025, 7:36 PM (10 w, 5 h ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3399254

Event Timeline

About · Developer information · Legal