Add plugin ldap tests

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 64c8184767deff4a9082edf72f2f7955bb7b730d..0305171c7992525cbb36a126824cbde68436c9c8 100644 (file)
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -5,6 +5,7 @@ stages:
   - test
   - clients
   - docker-nightly
+  - external-plugins
 
 #before_script:
 #  - 'sed -i -z "s/database:\n  hostname: ''localhost''/database:\n  hostname: ''postgres''/" config/test.yaml'
@@ -93,7 +94,7 @@ build-openapi-clients:
       - schedules
     changes:
       - support/doc/api/openapi.yaml
-  script: 
+  script:
     - apt-get update -qq
     - apt-get -yqqq install openjdk-8-jre
     - yarn install --pure-lockfile
@@ -145,3 +146,31 @@ build-docker-master:
     - master
   variables:
     DOCKER_IMAGE_NAME: chocobozzz/peertube:production-buster
+
+test-external-plugins:
+  stage: external-plugins
+  only:
+    - schedules
+  services:
+    - name: postgres:9.6
+      alias: postgres
+    - name: redis:latest
+      alias: redis
+    - name: rroemhild/test-openldap
+      alias: ldap
+  variables:
+    PGHOST: postgres
+    PGUSER: postgres
+    REDIS_HOST: redis
+  artifacts:
+   expire_in: 1 day
+   paths:
+     - test*/logs
+   when: always
+  before_script:
+    - 'sed -i -z "s/database:\n  hostname: ''localhost''/database:\n  hostname: ''postgres''/" config/test.yaml'
+    - 'sed -i -z "s/redis:\n  hostname: ''localhost''/redis:\n  hostname: ''redis''/" config/test.yaml'
+    - psql -c "create user peertube with password 'peertube';"; fi
+    - NOCLIENT=1 yarn install --pure-lockfile --cache-folder .yarn-cache
+  script:
+    - npm run ci -- "external-plugins"
\ No newline at end of file

diff --git a/scripts/ci.sh b/scripts/ci.sh
index aea009d9f48a795905006159b31d50326cee60da..7854d88fc7b78131c69392cb3dff4f8d6f754106 100755 (executable)
--- a/scripts/ci.sh
+++ b/scripts/ci.sh
@@ -34,6 +34,9 @@ elif [ "$1" = "api-3" ]; then
 elif [ "$1" = "api-4" ]; then
     npm run build:server
     sh ./server/tests/api/ci-4.sh 2
+elif [ "$1" = "external-plugins" ]; then
+    npm run build:server
+    mocha --timeout 5000 --exit --require ts-node/register --require tsconfig-paths/register --bail server/tests/external-plugins/index.ts
 elif [ "$1" = "lint" ]; then
     npm run eslint -- --ext .ts "server/**/*.ts" "shared/**/*.ts"
     npm run swagger-cli -- validate support/doc/api/openapi.yaml

diff --git a/server/tests/external-plugins/auth-ldap.ts b/server/tests/external-plugins/auth-ldap.ts
new file mode 100644 (file)
index 0000000..7aee986
--- /dev/null
+++ b/server/tests/external-plugins/auth-ldap.ts
@@ -0,0 +1,100 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+
+import 'mocha'
+import { getMyUserInformation, installPlugin, setAccessTokensToServers, updatePluginSettings, userLogin, uploadVideo, uninstallPlugin } from '../../../shared/extra-utils'
+import { cleanupTests, flushAndRunServer, ServerInfo } from '../../../shared/extra-utils/server/servers'
+import { User } from '@shared/models/users/user.model'
+import { expect } from 'chai'
+
+describe('Official plugin auth-ldap', function () {
+  let server: ServerInfo
+  let accessToken: string
+
+  before(async function () {
+    this.timeout(30000)
+
+    server = await flushAndRunServer(1)
+    await setAccessTokensToServers([ server ])
+
+    await installPlugin({
+      url: server.url,
+      accessToken: server.accessToken,
+      npmName: 'peertube-plugin-auth-ldap'
+    })
+  })
+
+  it('Should not login with without LDAP settings', async function () {
+    await userLogin(server, { username: 'fry', password: 'fry' }, 400)
+  })
+
+  it('Should not login with bad LDAP settings', async function () {
+    await updatePluginSettings({
+      url: server.url,
+      accessToken: server.accessToken,
+      npmName: 'peertube-plugin-auth-ldap',
+      settings: {
+        'bind-credentials': 'GoodNewsEveryone',
+        'bind-dn': 'cn=admin,dc=planetexpress,dc=com',
+        'insecure-tls': false,
+        'mail-property': 'mail',
+        'search-base': 'ou=people,dc=planetexpress,dc=com',
+        'search-filter': '(|(mail={{username}})(uid={{username}}))',
+        'url': 'ldap://ldap:390',
+        'username-property': 'uid'
+      }
+    })
+
+    await userLogin(server, { username: 'fry', password: 'fry' }, 400)
+  })
+
+  it('Should not login with good LDAP settings but wrong username/password', async function () {
+    await updatePluginSettings({
+      url: server.url,
+      accessToken: server.accessToken,
+      npmName: 'peertube-plugin-auth-ldap',
+      settings: {
+        'bind-credentials': 'GoodNewsEveryone',
+        'bind-dn': 'cn=admin,dc=planetexpress,dc=com',
+        'insecure-tls': false,
+        'mail-property': 'mail',
+        'search-base': 'ou=people,dc=planetexpress,dc=com',
+        'search-filter': '(|(mail={{username}})(uid={{username}}))',
+        'url': 'ldap://ldap:389',
+        'username-property': 'uid'
+      }
+    })
+
+    await userLogin(server, { username: 'fry', password: 'bad password' }, 400)
+    await userLogin(server, { username: 'fryr', password: 'fry' }, 400)
+  })
+
+  it('Should login with the appropriate username/password', async function () {
+    accessToken = await userLogin(server, { username: 'fry', password: 'fry' })
+  })
+
+  it('Should login with the appropriate email/password', async function () {
+    accessToken = await userLogin(server, { username: 'fry@planetexpress.com', password: 'fry' })
+  })
+
+  it('Should login get my profile', async function () {
+    const res = await getMyUserInformation(server.url, accessToken)
+    const body: User = res.body
+
+    expect(body.username).to.equal('fry')
+    expect(body.email).to.equal('fry@planetexpress.com')
+  })
+
+  it('Should upload a video', async function () {
+    await uploadVideo(server.url, accessToken, { name: 'my super video' })
+  })
+
+  it('Should not login if the plugin is uninstalled', async function () {
+    await uninstallPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-plugin-auth-ldap' })
+
+    await userLogin(server, { username: 'fry@planetexpress.com', password: 'fry' }, 400)
+  })
+
+  after(async function () {
+    await cleanupTests([ server ])
+  })
+})

diff --git a/server/tests/external-plugins/index.ts b/server/tests/external-plugins/index.ts
new file mode 100644 (file)
index 0000000..1f1236c
--- /dev/null
+++ b/server/tests/external-plugins/index.ts
@@ -0,0 +1 @@
+export * from './auth-ldap'