[tests-only] Make LDAP based test config more flexible for being able to run with libregraph/idm default config #39893
Commits on Mar 22, 2022
-
Avoid hardcoded LDAP attributes
The "ou" values for Test Users and Groups and the baseDN are defined via config. Remove the hardcoded references to "dc=owncloud,dc=com" and "ou=TestUsers/Groups" from the code.
-
Allow to override LDAP SSL usage and Bind Password via env
This introduces two new env setttings: REVA_LDAP_USESSL and REVA_LDAP_BIND_PASSWORD. Set REVA_LDAP_USESSL to true to be able to force the usage of LDAPS even when not running on the standard port (636). REVA_LDAP_BIND_PASSWORD can be used to override the LDAP bind password. The purpose of this change is to be able to test against exiting LDAP servers and the embeded libregraph-idm that is deployed be the default configuration in ocis.
-
Explicitly set "uid" Attribute on LDAP users
This is merely a cosmetic change and the attribute is already used as the naming attribute in the users's DN (thus set implicitly). This is just making things explicit and visible.
-
Allow to skip base LDIF import
In order to be a bit more flexible when testing against libregraph-idm introduce the new variable REVA_LDAP_SKIP_LDIF_IMPORT to allow to skip the import of the base LDIF file that creates the ou objects for users and groups (these objects are already present in such a setup). This also means that when removing users and groups after each test we cannot rely on recursivly removing the ou object about explicitly delete every user/group.
-
The objectclasses "person", "organizationalPerson" and "top" are valid for all setups (alternatively they could be left out as they are implicitly added via inheritance) When testing against oCIS alway add the "owncloud" objectclass and the "owncloudUUID" attribute independent of the parallel deployment setting.
-
-
Allow to switch Group Schema for LDAP Groups
This allows to switch between different types of LDAP Groups. The default behaviour (REVA_LDAP_GROUP_SCHEMA="rfc2307") is to use the "posixGroup" objectclass with "memberUID" attribute. Any other value for REVA_LDAP_GROUP_SCHEMA will switch the behaviour to objectclass "groupOfNames" and the "member" Attribute.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.