diff options
| author | Michael Kozono <mkozono@gmail.com> | 2017-09-20 11:02:25 -0700 |
|---|---|---|
| committer | Michael Kozono <mkozono@gmail.com> | 2017-10-07 10:28:12 -0700 |
| commit | 91f2492a786bbe697b1f68e7b15090700a4c08a2 (patch) | |
| tree | 82b662d5acee6f210b244b66f88fdb0ceda91a9a | |
| parent | 2f11db4b005f67fe7687dd15267062556e8431ad (diff) | |
| download | gitlab-ce-91f2492a786bbe697b1f68e7b15090700a4c08a2.tar.gz | |
Add `DN#to_s_normalized`
| -rw-r--r-- | lib/gitlab/ldap/dn.rb | 8 | ||||
| -rw-r--r-- | spec/lib/gitlab/ldap/dn_spec.rb | 55 |
2 files changed, 62 insertions, 1 deletions
diff --git a/lib/gitlab/ldap/dn.rb b/lib/gitlab/ldap/dn.rb index 038476b2d2a..0a49d5e4ca8 100644 --- a/lib/gitlab/ldap/dn.rb +++ b/lib/gitlab/ldap/dn.rb @@ -38,7 +38,7 @@ module Gitlab buffer << "," if index % 2 == 0 && index != 0 if index < args.length - 1 || index % 2 == 1 - buffer << Net::LDAP::DN.escape(args[index]) + buffer << self.class.escape(args[index]) else buffer << args[index] end @@ -199,6 +199,12 @@ module Gitlab @dn end + ## + # Return the DN as an escaped and normalized string. + def to_s_normalized + self.class.new(*to_a).to_s + end + # http://tools.ietf.org/html/rfc2253 section 2.4 lists these exceptions # for dn values. All of the following must be escaped in any normal string # using a single backslash ('\') as escape. diff --git a/spec/lib/gitlab/ldap/dn_spec.rb b/spec/lib/gitlab/ldap/dn_spec.rb new file mode 100644 index 00000000000..11711c905a1 --- /dev/null +++ b/spec/lib/gitlab/ldap/dn_spec.rb @@ -0,0 +1,55 @@ +require 'spec_helper' + +describe Gitlab::LDAP::DN do + using RSpec::Parameterized::TableSyntax + + describe '#initialize' do + subject { described_class.new(given).to_s_normalized } + + # Regarding the telephoneNumber test: + # + # I am not sure whether a space after the telephoneNumber plus sign is valid, + # and I am not sure if this is "proper" behavior under these conditions, and + # I am not sure if it matters to us or anyone else, so rather than dig + # through RFCs, I am only documenting the behavior here. + where(:test_description, :given, :expected) do + 'strips extraneous whitespace' | 'uid =John Smith , ou = People, dc= example,dc =com' | 'uid=john smith,ou=people,dc=example,dc=com' + 'strips extraneous whitespace for a DN with a single RDN' | 'uid = John Smith' | 'uid=john smith' + 'strips extraneous whitespace without changing escaped characters' | 'uid = Sebasti\\c3\\a1n\\ C.\\20Smith\\ , ou=People (aka. \\22humans\\") ,dc=example, dc=com' | 'uid=sebasti\\c3\\a1n\\ c.\\20smith\\ ,ou=people (aka. \\22humans\\"),dc=example,dc=com' + 'strips extraneous whitespace without modifying the multivalued RDN' | 'uid = John Smith + telephoneNumber = +1 555-555-5555 , ou = People,dc=example,dc=com' | 'uid=john smith+telephonenumber=+1 555-555-5555,ou=people,dc=example,dc=com' + 'strips the space after the plus sign in the telephoneNumber' | 'uid = John Smith + telephoneNumber = + 1 555-555-5555 , ou = People,dc=example,dc=com' | 'uid=john smith+telephonenumber=+1 555-555-5555,ou=people,dc=example,dc=com' + 'downcases the whole string' | 'UID=John Smith,ou=People,dc=example,dc=com' | 'uid=john smith,ou=people,dc=example,dc=com' + 'for a null DN (empty string), returns empty string and does not error' | '' | '' + 'does not strip an escaped leading space in an attribute value (and does not error like Net::LDAP::DN.new does)' | 'uid=\\ John Smith,ou=People,dc=example,dc=com' | 'uid=\\ john smith,ou=people,dc=example,dc=com' + 'does not strip an escaped trailing space in an attribute value' | 'uid=John Smith\\ ,ou=People,dc=example,dc=com' | 'uid=john smith\\ ,ou=people,dc=example,dc=com' + 'does not strip an escaped leading newline in an attribute value' | 'uid=\\\nJohn Smith,ou=People,dc=example,dc=com' | 'uid=\\\njohn smith,ou=people,dc=example,dc=com' + 'does not strip an escaped trailing newline in an attribute value' | 'uid=John Smith\\\n,ou=People,dc=example,dc=com' | 'uid=john smith\\\n,ou=people,dc=example,dc=com' + 'does not strip an unescaped leading newline (actually an invalid DN)' | 'uid=\nJohn Smith,ou=People,dc=example,dc=com' | 'uid=\njohn smith,ou=people,dc=example,dc=com' + 'does not strip an unescaped trailing newline (actually an invalid DN)' | 'uid=John Smith\n ,ou=People,dc=example,dc=com' | 'uid=john smith\n,ou=people,dc=example,dc=com' + 'does not strip non whitespace' | 'uid=John Smith,ou=People,dc=example,dc=com' | 'uid=john smith,ou=people,dc=example,dc=com' + 'does not treat escaped equal signs as attribute delimiters' | 'uid= foo \\= bar' | 'uid=foo \\= bar' + 'does not treat escaped hex equal signs as attribute delimiters' | 'uid= foo \\3D bar' | 'uid=foo \\3d bar' + 'does not treat escaped commas as attribute delimiters' | 'uid= John C. Smith, ou=San Francisco\\, CA' | 'uid=john c. smith,ou=san francisco\\, ca' + 'does not treat escaped hex commas as attribute delimiters' | 'uid= John C. Smith, ou=San Francisco\\2C CA' | 'uid=john c. smith,ou=san francisco\\2c ca' + end + + with_them do + it 'normalizes the DN' do + assert_generic_test(test_description, subject, expected) + end + end + + context 'when the given DN is malformed' do + let(:given) { 'uid\\=john' } + + it 'raises MalformedDnError' do + expect(subject).to raise_error(MalformedDnError) + end + end + end + + def assert_generic_test(test_description, got, expected) + test_failure_message = "Failed test description: '#{test_description}'\n\n expected: #{expected}\n got: #{got}" + expect(got).to eq(expected), test_failure_message + end +end |