add test for ldap.go (#1307)

LGTM

src/ui/api/harborapi_test.go

@@ -90,6 +90,7 @@ func init() {
 	beego.Router("/api/policies/replication/:id([0-9]+)/enablement", &RepPolicyAPI{}, "put:UpdateEnablement")
 	beego.Router("/api/systeminfo/volumes", &SystemInfoAPI{}, "get:GetVolumeInfo")
 	beego.Router("/api/systeminfo/getcert", &SystemInfoAPI{}, "get:GetCert")
+	beego.Router("/api/ldap/ping", &LdapAPI{}, "post:Ping")
 
 	_ = updateInitPassword(1, "Harbor12345")
 
@@ -897,3 +898,19 @@ func (a testapi) CertGet(authInfo usrInfo) (int, []byte, error) {
 	httpStatusCode, body, err := request(_sling, jsonAcceptHeader, authInfo)
 	return httpStatusCode, body, err
 }
+
+//Post ldap test
+func (a testapi) LdapPost(authInfo usrInfo, ldapConf apilib.LdapConf) (int, error) {
+
+	_sling := sling.New().Post(a.basePath)
+
+	// create path and map variables
+	path := "/api/ldap/ping"
+
+	_sling = _sling.Path(path)
+
+	// body params
+	_sling = _sling.BodyJSON(ldapConf)
+	httpStatusCode, _, err := request(_sling, jsonAcceptHeader, authInfo)
+	return httpStatusCode, err
+}

src/ui/api/ldap_test.go

@@ -0,0 +1,95 @@
+package api
+
+import (
+	"fmt"
+	"github.com/stretchr/testify/assert"
+	"github.com/vmware/harbor/tests/apitests/apilib"
+	"testing"
+)
+
+var ldapConf apilib.LdapConf
+
+func TestLdapPost(t *testing.T) {
+	fmt.Println("Testing ldap post")
+	assert := assert.New(t)
+	apiTest := newHarborAPI()
+
+	//case 1: ping ldap server without admin role
+	CommonAddUser()
+	code, err := apiTest.LdapPost(*testUser, ldapConf)
+	if err != nil {
+		t.Error("Error occured while ping ldap server")
+		t.Log(err)
+	} else {
+		assert.Equal(403, code, "Ping ldap server status should be 403")
+	}
+	//case 2: ping ldap server with admin role, but empty ldapConf
+	code, err = apiTest.LdapPost(*admin, ldapConf)
+	if err != nil {
+		t.Error("Error occured while ping ldap server")
+		t.Log(err)
+	} else {
+		assert.Equal(400, code, "Ping ldap server status should be 400")
+	}
+
+	//case 3: ping ldap server with admin role, but bad format of ldapConf
+	ldapConf.LdapURL = "http://127.0.0.1"
+	code, err = apiTest.LdapPost(*admin, ldapConf)
+	if err != nil {
+		t.Error("Error occured while ping ldap server")
+		t.Log(err)
+	} else {
+		assert.Equal(400, code, "Ping ldap server status should be 400")
+	}
+	//case 4: ping ldap server with admin role, but bad format of ldapConf
+	ldapConf.LdapURL = "127.0.0.1:sss"
+	code, err = apiTest.LdapPost(*admin, ldapConf)
+	if err != nil {
+		t.Error("Error occured while ping ldap server")
+		t.Log(err)
+	} else {
+		assert.Equal(400, code, "Ping ldap server status should be 400")
+	}
+	//case 5: ping ldap server with admin role, ldap protocol, without port
+	ldapConf.LdapURL = "127.0.0.1"
+	code, err = apiTest.LdapPost(*admin, ldapConf)
+	if err != nil {
+		t.Error("Error occured while ping ldap server")
+		t.Log(err)
+	} else {
+		assert.Equal(200, code, "Ping ldap server status should be 200")
+	}
+	//not success, will try later
+	/*
+		//case 6: ping ldap server with admin role, ldaps protocol without port
+		ldapConf.LdapURL = "ldaps://127.0.0.1"
+		code, err = apiTest.LdapPost(*admin, ldapConf)
+		if err != nil {
+			t.Error("Error occured while ping ldap server")
+			t.Log(err)
+		} else {
+			assert.Equal(200, code, "Ping ldap server status should be 200")
+		}*/
+	//case 7: ping ldap server with admin role, ldap protocol, port, ldapSearchDn, but wrong password
+	ldapConf.LdapURL = "ldap://127.0.0.1:389"
+	ldapConf.LdapSearchDn = "cn=admin,dc=example,dc=org"
+	code, err = apiTest.LdapPost(*admin, ldapConf)
+	if err != nil {
+		t.Error("Error occured while ping ldap server")
+		t.Log(err)
+	} else {
+		assert.Equal(400, code, "Ping ldap server status should be 400")
+	}
+	//case 8: ping ldap server with admin role, ldap protocol, port, ldapSearchDn, right password
+	ldapConf.LdapURL = "ldap://127.0.0.1:389"
+	ldapConf.LdapSearchDn = "cn=admin,dc=example,dc=org"
+	ldapConf.LdapSearchPassword = "admin"
+	code, err = apiTest.LdapPost(*admin, ldapConf)
+	if err != nil {
+		t.Error("Error occured while ping ldap server")
+		t.Log(err)
+	} else {
+		assert.Equal(200, code, "Ping ldap server status should be 200")
+	}
+	CommonDelUser()
+}

tests/apitests/apilib/ldap.go

@@ -0,0 +1,34 @@
+/*
+ * Harbor API
+ *
+ * These APIs provide services for manipulating Harbor project.
+ *
+ * OpenAPI spec version: 0.3.0
+ *
+ * Generated by: https://github.com/swagger-api/swagger-codegen.git
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package apilib
+
+type LdapConf struct {
+	LdapURL               string `json:"ldap_url"`
+	LdapSearchDn          string `json:"ldap_search_dn"`
+	LdapSearchPassword    string `json:"ldap_search_password"`
+	LdapBaseDn            string `json:"ldap_base_dn"`
+	LdapFilter            string `json:"ldap_filter"`
+	LdapUID               string `json:"ldap_uid"`
+	LdapScope             int    `json:"ldap_scope"`
+	LdapConnectionTimeout int    `json:"ldap_connection_timeout"`
+}

tests/docker-compose.test.yml

@@ -21,3 +21,34 @@ services:
       - ./common/config/db/env
     ports:
       - 3306:3306
+  ldap:
+    image: osixia/openldap:1.1.7
+    restart: always
+    environment:
+      LDAP_LOG_LEVEL: "256"
+      LDAP_ORGANISATION: "Example Inc."
+      LDAP_DOMAIN: "example.org"
+      LDAP_BASE_DN: ""
+      LDAP_ADMIN_PASSWORD: "admin"
+      LDAP_CONFIG_PASSWORD: "config"
+      LDAP_READONLY_USER: "false"                                                                              
+      LDAP_BACKEND: "hdb"
+      LDAP_TLS: "true"
+      LDAP_TLS_CRT_FILENAME: "ldap.crt"
+      LDAP_TLS_KEY_FILENAME: "ldap.key"
+      LDAP_TLS_CA_CRT_FILENAME: "ca.crt"
+      LDAP_TLS_ENFORCE: "false"
+      LDAP_TLS_CIPHER_SUITE: "SECURE256:-VERS-SSL3.0"
+      LDAP_TLS_PROTOCOL_MIN: "3.1"
+      LDAP_TLS_VERIFY_CLIENT: "demand"
+      LDAP_REPLICATION: "false"
+      LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
+      LDAP_SSL_HELPER_PREFIX: "ldap"
+    volumes:
+      - /var/lib/ldap
+      - /etc/ldap/slapd.d
+      - /container/service/slapd/assets/certs/
+    hostname: "example.org"
+    ports:
+      - 389:389
+      - 636:636