From 41a574e55c3046ba894650492cc2cc2fa7c4bf9b Mon Sep 17 00:00:00 2001 From: stonezdj Date: Tue, 9 Apr 2019 17:43:35 +0800 Subject: [PATCH] Fix issue 6450 Test LDAP server error without save configuration Signed-off-by: stonezdj --- src/common/utils/ldap/ldap.go | 20 ++----------- src/core/api/ldap.go | 16 ++++++++++ tests/apitests/python/test_ldap_ping.py | 40 +++++++++++++++++++++++++ 3 files changed, 58 insertions(+), 18 deletions(-) create mode 100644 tests/apitests/python/test_ldap_ping.py diff --git a/src/common/utils/ldap/ldap.go b/src/common/utils/ldap/ldap.go index 627785733e..e7c453376c 100644 --- a/src/common/utils/ldap/ldap.go +++ b/src/common/utils/ldap/ldap.go @@ -43,19 +43,9 @@ type Session struct { ldapConn *goldap.Conn } -// LoadSystemLdapConfig - load LDAP configure from adminserver +// LoadSystemLdapConfig - load LDAP configure func LoadSystemLdapConfig() (*Session, error) { - authMode, err := config.AuthMode() - if err != nil { - log.Errorf("can't load auth mode from system, error: %v", err) - return nil, err - } - - if authMode != "ldap_auth" { - return nil, fmt.Errorf("system auth_mode isn't ldap_auth, please check configuration") - } - ldapConf, err := config.LDAPConf() if err != nil { @@ -158,14 +148,8 @@ func ConnectionTestWithConfig(ldapConfig models.LdapConf) error { // ConnectionTestWithAllConfig - test ldap session connection, out of the scope of normal session create/close func ConnectionTestWithAllConfig(ldapConfig models.LdapConf, ldapGroupConfig models.LdapGroupConf) error { - authMode, err := config.AuthMode() - if err != nil { - log.Errorf("Connection test failed %v", err) - return err - } - // If no password present, use the system default password - if ldapConfig.LdapSearchPassword == "" && authMode == "ldap_auth" { + if ldapConfig.LdapSearchPassword == "" { session, err := LoadSystemLdapConfig() diff --git a/src/core/api/ldap.go b/src/core/api/ldap.go index a5dc182ca1..234cf093a6 100644 --- a/src/core/api/ldap.go +++ b/src/core/api/ldap.go @@ -23,6 +23,9 @@ import ( "github.com/goharbor/harbor/src/core/auth" "errors" + "strings" + + "github.com/goharbor/harbor/src/core/config" goldap "gopkg.in/ldap.v2" ) @@ -52,6 +55,19 @@ func (l *LdapAPI) Prepare() { return } + // check the auth_mode except ping + if strings.EqualFold(l.Ctx.Request.RequestURI, "/api/ldap/ping") { + return + } + authMode, err := config.AuthMode() + if err != nil { + l.SendInternalServerError(fmt.Errorf("Can't load system configuration, error: %v", err)) + return + } + if authMode != "ldap_auth" { + l.SendInternalServerError(fmt.Errorf("Can't load system configuration, error: %v", err)) + return + } ldapCfg, err := ldapUtils.LoadSystemLdapConfig() if err != nil { l.SendInternalServerError(fmt.Errorf("Can't load system configuration, error: %v", err)) diff --git a/tests/apitests/python/test_ldap_ping.py b/tests/apitests/python/test_ldap_ping.py new file mode 100644 index 0000000000..bede8955e0 --- /dev/null +++ b/tests/apitests/python/test_ldap_ping.py @@ -0,0 +1,40 @@ +# coding: utf-8 + +""" + Harbor API + These APIs provide services for manipulating Harbor project. + OpenAPI spec version: 1.4.0 + Generated by: https://github.com/swagger-api/swagger-codegen.git +""" + + +from __future__ import absolute_import + +import os +import sys +sys.path.append(os.environ["SWAGGER_CLIENT_PATH"]) + +import unittest +import testutils +from swagger_client.models.ldap_conf import LdapConf +from pprint import pprint + +#Testcase +# Define a LDAP group with harbor admin +class TestLdapPing(unittest.TestCase): + """AccessLog unit test stubs""" + product_api = testutils.GetProductApi("admin", "Harbor12345") + project_id = 0 + def setUp(self): + pass + + def tearDown(self): + pass + + def testLdapPing(self): + """Test LdapAdminRole""" + result = self.product_api.ldap_ping_post(ldapconf=LdapConf(ldap_url="10.161.127.236", ldap_search_dn="cn=admin,dc=example,dc=com", ldap_search_password="admin", ldap_scope=2)) + pprint(result) + +if __name__ == '__main__': + unittest.main()