7.2. LDAPServer data injection
To inject user defined LDAP database into the LDAPServer
API when testing outside the SPS box.
Patch/overwrite the safeguard.sessions.plugin_impl.ldap_server.ldap_servers
with your own LDAP like database.
The ldap_servers
is a dictionary where the key is the name of the LDAP Server policy to define, and the value
itself is a dictionary where “users”, “groups” keys define users and groups respectively. See the example
for more detail.
7.2.1. Example usage
from safeguard.sessions.plugin import LDAPServer
from safeguard.sessions.plugin import PluginConfiguration as PluginConfig
from safeguard.sessions.plugin_impl.ldap_server import ldap_servers
# Data injection of an LDAP database under the LDAP Server policy "adserver"
ldap_servers['adserver'] = {
'users': {
'root': {
'description': 'adminuser',
'cn': 'root',
'multivalue': ['a', 'b'],
'numeric': 1000,
},
'wsmith': {
'description': 'user',
'cn': 'wsmith',
'multivalue': ['x', 'y'],
},
},
'groups': {
'admins': ['root'],
'dbuser': ['wsmith']
}
}
# Test the injected data
pc = PluginConfig('''
[ldap_server]
name=adserver
''')
ls = LDAPServer.from_config(pc)
assert ls.get_user_string_attribute('numeric') == ['1000']
assert ls.filter_user_groups('root', ['admins']) == ['admins']
7.2.2. Example usage with pytest and monkeypatch
from safeguard.sessions.plugin import LDAPServer
from safeguard.sessions.plugin import PluginConfiguration as PluginConfig
from safeguard.sessions.plugin_impl.ldap_server import ldap_servers
def test_user_list(monkeypatch):
# Data injection
testdb = {
'users': {
'root': {
'description': 'adminuser',
'cn': 'root',
'multivalue': ['a', 'b'],
'numeric': 1000,
},
'wsmith': {
'description': 'user',
'cn': 'wsmith',
'multivalue': ['x', 'y'],
},
},
'groups': {
'admins': ['root'],
'dbuser': ['wsmith']
}
}
monkeypatch.setitem(ldap_servers, 'adserver', testdb)
# Test the injected data
pc = PluginConfig('''
[ldap_server]
name=adserver
''')
ls = LDAPServer.from_config(pc)
assert ls.get_user_string_attribute('numeric') == ['1000']
assert ls.filter_user_groups('root', ['admins']) == ['admins']