use strict;
use warnings;
-our $VERSION = '0.1004';
+our $VERSION = '0.1005';
use Catalyst::Authentication::Store::LDAP::User;
use Net::LDAP;
A) Bind to the directory using the configured binddn and bindpw
B) Perform a search for the User Object in the directory, using
user_basedn, user_filter, and user_scope.
- C) Assuming we found the object, we will walk it's attributes
+ C) Assuming we found the object, we will walk it's attributes
using L<Net::LDAP::Entry>'s get_value method. We store the
- results in a hashref.
- D) Return a hashref that looks like:
-
+ results in a hashref. If we do not find the object, then
+ undef is returned.
+ D) Return a hashref that looks like:
+
$results = {
'ldap_entry' => $entry, # The Net::LDAP::Entry object
'attributes' => $attributes,
push( @searchopts, %{ $self->user_search_options } );
}
my $usersearch = $ldap->search(@searchopts);
- if ( $usersearch->is_error ) {
- Catalyst::Exception->throw(
- "LDAP Error while searching for user: " . $usersearch->error );
- }
+
+ return if ( $usersearch->is_error );
+
my $userentry;
my $user_field = $self->user_field;
my $results_filter = $self->user_results_filter;
use warnings;
use Catalyst::Exception;
-use Test::More tests => 7;
+use Test::More tests => 11;
use Test::MockObject::Extends;
+use Test::Exception;
use Net::LDAP::Entry;
use lib 't/lib';
eval "use Catalyst::Model::LDAP";
if ($@) {
- skip "Catalyst::Model::LDAP not installed", 7;
+ skip "Catalyst::Model::LDAP not installed", 11;
}
use_ok("Catalyst::Authentication::Store::LDAP::Backend");
$ldap->mock('unbind' => sub {});
$ldap->mock('disconnect' => sub {});
my $search_res = Test::MockObject->new();
- $search_res->mock(is_error => sub {}); # Never an error
+ my $search_is_error = 0;
+ $search_res->mock(is_error => sub { $search_is_error });
$search_res->mock(entries => sub {
return map
{ my $id = $_;
is_deeply( [sort $user->roles],
[sort qw/quuxone quuxtwo/],
"User has the expected set of roles" );
+
+ $search_is_error = 1;
+ lives_ok {
+ ok !$back->find_user( { username => 'doesnotexist' } ),
+ 'Nonexistent user returns undef';
+ } 'No exception thrown for nonexistent user';
+
}
is_deeply(\@searches, [
['base', 'ou=foobar', 'filter', '(&(objectClass=inetOrgPerson)(uid=somebody))', 'scope', 'one'],
['base', 'ou=roles', 'filter', '(&(objectClass=posixGroup)(memberUid=test))', 'scope', 'one', 'attrs', [ 'userinrole' ]],
+ ['base', 'ou=foobar', 'filter', '(&(objectClass=inetOrgPerson)(uid=doesnotexist))', 'scope', 'one'],
['base', 'ou=foobar', 'filter', '(&(objectClass=inetOrgPerson)(uid=somebody))', 'scope', 'one'],
['base', 'ou=roles', 'filter', '(&(objectClass=posixGroup)(memberUid=test))', 'scope', 'one', 'attrs', [ 'userinrole' ]],
+ ['base', 'ou=foobar', 'filter', '(&(objectClass=inetOrgPerson)(uid=doesnotexist))', 'scope', 'one'],
], 'User searches as expected');
is_deeply(\@binds, [
[ undef ], # First user search
[
undef
], # Rebind with initial credentials to find roles
+ [ undef ], # Second user search
# 2nd pass round main loop
[ undef ], # First user search
[
'ou=foobar',
'password',
'password'
- ] # Rebind to confirm user _and_ lookup roles;
+ ], # Rebind to confirm user _and_ lookup roles;
+ [ undef ], # Second user search
], 'Binds as expected');
}