jon-nfc/ldap3_schema_json_creation.py

## ldap3_schema_json_creation.py

import unittest, functools, ldap3, ssl, os

from unittest import mock
from ldap3 import Server, Connection, MOCK_SYNC, OFFLINE_SLAPD_2_4, OFFLINE_AD_2012_R2, ALL_ATTRIBUTES

# May require some debugging to get working.

class test_ActiveDirectory(unittest.TestCase):

	@classmethod
	def setUpClass(self):
		print('TEMP Test Case Active Directory setup')

		#self.server = Server(host='ldap://my_fake_server:389', get_info=OFFLINE_AD_2012_R2)

		# Setup Mock OpenLDAP Directory
		self.ldap_dc_path = 'dc=unit,dc=testing'
		self.ldap_user_path = 'ou=Users,' + self.ldap_dc_path
		self.ldap_group_path = 'ou=Groups,' + self.ldap_dc_path
		self.base_dn = 'cn=base_dn_user,' + self.ldap_dc_path
		self.base_password = 'my_password'
		self.ldap_server = 'ldap://my_fake_server:389'

		self.server = Server(host=self.ldap_server, port=389, get_info=OFFLINE_AD_2012_R2)

		self.connection = Connection(
			self.server,
			user=self.base_dn,
			password=self.base_password,
			read_only=True,
			client_strategy=MOCK_SYNC)

		# DC
		self.connection.strategy.add_entry(self.ldap_dc_path,{
			'dc': 'testing',
			'o': 'Testing',
			'objectclass': [
				'top',
				'dcObject',
				'organization'
			]})

		# Base user / simple security object
		self.connection.strategy.add_entry(self.base_dn, {
			'userPassword': self.base_password,
			'sn': 'user_sn',
			'objectclass': [
				'user',
				'organizationalPerson',
				'person',
				'top'
			],
			'memberOf': [
				'cn=Domain Users,' + self.ldap_group_path,
				'cn=Enterprise Administrators,' + self.ldap_group_path
			],
			'samaccountname': self.base_dn})


		# OU Users
		self.connection.strategy.add_entry(self.ldap_user_path, {
			'objectclass': [
				'top',
				'organizationalUnit'
			],
			'ou': 'Users'})

		# Domain User
		#ToDo: confirm fields gidnumber
		self.connection.strategy.add_entry('cn=Posix User1,' + self.ldap_user_path, {
			'cn': 'Posix User1',
			'description': 'ACCESS:test1,ACCESS:test2',
			#'gidnumber': 501,
			'givenname': 'Posix',
			#'homedirectory': '/home/users/posix.user',
			'mail': 'posix.user1@unit.testing',
			'objectclass': [
				'user',
				'organizationalPerson',
				'person',
				'top'
			],
			'sn': 'User1',
			'mobile': '0421 123 456',
			'telephonenumber': '08 8912 3456',
			'samaccountname': 'posix.user',
			#'uidnumber': 1000,
			'userpassword': 'posix_user_password',
			'memberOf': [
				'cn=Domain Users,' + self.ldap_group_path,
				'cn=Domain Administrators,' + self.ldap_group_path
			]})


		#ToDo: confirm fields gidnumber
		self.connection.strategy.add_entry('cn=Posix User2,' + self.ldap_user_path, {
			'cn': 'Posix User2',
			'description': 'ACCESS:test1,ACCESS:test3',
			#'gidnumber': 501,
			'givenname': 'Posix',
			'homedirectory': '/home/users/posix.user2',
			'mail': 'posix.user2@unit.testing',
			'objectclass': [
				'user',
				'organizationalPerson',
				'person',
				'top'
			],
			'sn': 'User2',
			'mobile': '0421 456 789',
			'telephonenumber': '08 8978 1234',
			'samaccountname': 'posix.user2',
			#'uidnumber': 1001,
			'userpassword': 'posix_user2_password',
			'memberOf': [
				'cn=Domain Users,' + self.ldap_group_path,
				'cn=Enterprise Administrators,' + self.ldap_group_path
			]})


		#OU Groups ToDo: find an ldif for ad ou
		self.connection.strategy.add_entry(self.ldap_group_path, {
			'objectclass': [
				'organizationalUnit',
				'top'
			],
			'ou': 'Groups'})

		# Group, Administrator ToDo: confirm gidnumber
		self.connection.strategy.add_entry('cn=Domain Administrators,' + self.ldap_group_path, {
			'cn': 'Domain Administrators',
			'description': 'group1 Administrators contains only posix.user only',
			#'gidnumber': 500,
			'Member': [
				'cn=Posix User1,' + self.ldap_user_path,
				self.base_dn
			],
			'objectclass': [
				'group',
				'top'
			],
			'groupType': '2147483652'})


		# Group, Users ToDo: confirm gidnumber
		self.connection.strategy.add_entry('cn=Domain Users,' + self.ldap_group_path, {
			'cn': 'Domain Users',
			'description': 'group2 Users contains only posix.user and posix.user2',
			#'gidnumber': 501,
			'Member': [
				'cn=Posix User1,' + self.ldap_user_path,
				'cn=Posix User2,' + self.ldap_user_path
			],
			'objectclass': [
				'group',
				'top'
			],
			'groupType': '2147483652'
			})


		# Group3 ToDo: confirm gidnumber
		self.connection.strategy.add_entry('cn=Enterprise Administrators,' + self.ldap_group_path, {
			'cn': 'Enterprise Administrators',
			'description': 'group contains only posix.user2',
			#'gidnumber': 502,
			'Member': [
				'cn=Posix User2,' + self.ldap_user_path
			],
			'objectclass': [
				'group',
				'top'
			],
			'groupType': '2147483652'
			})

		self.connection.bind()

		# ToDo: when test dev complete, remove the entries above and if just below as 'json file will be used for stategy
		if self.connection.search(self.ldap_dc_path, '(objectclass=*)', attributes=ALL_ATTRIBUTES):
			self.connection.response_to_file(os.path.abspath( os.path.dirname( __file__ ) ) + '/test_data_ldif_activedirectory.json', raw=True)

		self.connection.unbind()


	@classmethod
	def tearDownClass(self):
		print('TEMP Test Case Active Directory tear down')
		# Clear LDAP connection
		self.connection = None


	def test_activedirectory_setup(self):
		pass


class TestLDAPSettings_OpenLDAP(unittest.TestCase):

	@classmethod
	def setUpClass(self, ldapServer='OpenLDAP'):

		print('TEMP OpenLDAP setup')
		#self.clean_test_users()
		# Save user data for restoration in tearDownClass()


		# Setup Mock OpenLDAP Directory
		self.ldap_dc_path = 'dc=unit,dc=testing'
		self.ldap_user_path = 'ou=users,' + self.ldap_dc_path
		self.ldap_group_path = 'ou=groups,' + self.ldap_dc_path
		self.base_dn = 'cn=base_dn_user,' + self.ldap_dc_path
		self.base_password = 'my_password'
		self.ldap_server = 'ldap://my_fake_server:389'

		self.server = Server(host=self.ldap_server, port=389, get_info=OFFLINE_SLAPD_2_4)

		self.connection = Connection(
			self.server,
			user=self.base_dn,
			password=self.base_password,
			read_only=True,
			client_strategy=MOCK_SYNC)

		# DC
		self.connection.strategy.add_entry(self.ldap_dc_path,{
			'dc': 'testing',
			'o': 'Testing',
			'objectclass': [
				'top',
				'dcObject',
				'organization'
			]})

		# Base user / simple security object
		self.connection.strategy.add_entry(self.base_dn, {
			'userPassword': self.base_password,
			'sn': 'user_sn',
			'objectclass': [
				'simpleSecurityObject',
				'organizationalRole'
		]})

		# OU Users
		self.connection.strategy.add_entry(self.ldap_user_path, {
			'objectclass': [
				'top',
				'organizationalUnit'
			],
			'ou': 'Users'})

		# Posix / Generic User
		self.connection.strategy.add_entry('cn=Posix User1,' + self.ldap_user_path, {
			'cn': 'Posix User1',
			'description': 'ACCESS:test1,ACCESS:test2',
			'gidnumber': 501,
			'givenname': 'Posix',
			'homedirectory': '/home/users/posix.user',
			'mail': 'posix.user1@unit.testing',
			'objectclass': [
				'inetOrgPerson',
				'posixAccount',
				'top'
			],
			'sn': 'User1',
			'mobile': '0421 123 456',
			'telephonenumber': '08 8912 3456',
			'uid': 'posix.user',
			'uidnumber': 1000,
			'userpassword': 'posix_user_password'})

		# Posix / Generic User
		self.connection.strategy.add_entry('cn=Posix User2,' + self.ldap_user_path, {
			'cn': 'Posix User2',
			'description': 'ACCESS:test1,ACCESS:test3',
			'gidnumber': 501,
			'givenname': 'Posix2',
			'homedirectory': '/home/users/posix.user2',
			'mail': 'posix.user2@unit.testing',
			'objectclass': [
				'inetOrgPerson',
				'posixAccount',
				'top'
			],
			'sn': 'User2',
			'mobile': '0421 456 789',
			'telephonenumber': '08 8978 1234',
			'uid': 'posix.user2',
			'uidnumber': 1000,
			'userpassword': 'posix_user2_password'})


		#OU Groups
		self.connection.strategy.add_entry(self.ldap_group_path, {
			'objectclass': [
				'organizationalUnit',
				'top'
			],
			'ou': 'Users'})

		# Group, Administrator
		self.connection.strategy.add_entry('cn=Administrators,' + self.ldap_group_path, {
			'cn': 'Administrators',
			'description': 'group1 Administrators contains only posix.user only',
			'gidnumber': 500,
			'memberuid': [
				'posix.user'
			],
			'objectclass': [
				'posixGroup',
			'top']})

		# Group, Users
		self.connection.strategy.add_entry('cn=Users,' + self.ldap_group_path, {
			'cn': 'Users',
			'description': 'group2 Users contains only posix.user and posix.user2',
			'gidnumber': 501,
			'memberuid': [
				'posix.user2',
				'posix.user'
			],
			'objectclass': [
				'posixGroup',
				'top'
			]
			})

		# Group, group3
		self.connection.strategy.add_entry('cn=Group3,' + self.ldap_group_path, {
			'cn': 'Group3',
			'description': 'group3 Group3 contains only posix.user2 only',
			'gidnumber': 502,
			'memberuid': [
				'posix.user2'
			],
			'objectclass': [
				'posixGroup',
				'top'
			]
			})

		self.connection.bind()


		if self.connection.search(self.ldap_dc_path, '(objectclass=*)', attributes=ALL_ATTRIBUTES):
			self.connection.response_to_file(os.path.abspath( os.path.dirname( __file__ ) ) + '/test_data_ldif_openldap.json', raw=True)

		self.connection.unbind()

		self.connection = Connection(
			self.server,
			user=self.base_dn,
			password=self.base_password,
			read_only=True,
			client_strategy=MOCK_SYNC)

		self.connection.strategy.entries_from_json(os.path.abspath( os.path.dirname( __file__ ) ) + '/test_data_ldif_openldap.json')

		self.connection.bind()

	@classmethod
	def tearDownClass(self):
		print('TEMP OpenLDAP tear down')
		# Clear LDAP connection
		self.connection = None


	def test_activedirectory_setup(self):

		pass

	import unittest, functools, ldap3, ssl, os

	from unittest import mock
	from ldap3 import Server, Connection, MOCK_SYNC, OFFLINE_SLAPD_2_4, OFFLINE_AD_2012_R2, ALL_ATTRIBUTES

	# May require some debugging to get working.

	class test_ActiveDirectory(unittest.TestCase):

	@classmethod
	def setUpClass(self):
	print('TEMP Test Case Active Directory setup')

	#self.server = Server(host='ldap://my_fake_server:389', get_info=OFFLINE_AD_2012_R2)

	# Setup Mock OpenLDAP Directory
	self.ldap_dc_path = 'dc=unit,dc=testing'
	self.ldap_user_path = 'ou=Users,' + self.ldap_dc_path
	self.ldap_group_path = 'ou=Groups,' + self.ldap_dc_path
	self.base_dn = 'cn=base_dn_user,' + self.ldap_dc_path
	self.base_password = 'my_password'
	self.ldap_server = 'ldap://my_fake_server:389'

	self.server = Server(host=self.ldap_server, port=389, get_info=OFFLINE_AD_2012_R2)

	self.connection = Connection(
	self.server,
	user=self.base_dn,
	password=self.base_password,
	read_only=True,
	client_strategy=MOCK_SYNC)

	# DC
	self.connection.strategy.add_entry(self.ldap_dc_path,{
	'dc': 'testing',
	'o': 'Testing',
	'objectclass': [
	'top',
	'dcObject',
	'organization'
	]})

	# Base user / simple security object
	self.connection.strategy.add_entry(self.base_dn, {
	'userPassword': self.base_password,
	'sn': 'user_sn',
	'objectclass': [
	'user',
	'organizationalPerson',
	'person',
	'top'
	],
	'memberOf': [
	'cn=Domain Users,' + self.ldap_group_path,
	'cn=Enterprise Administrators,' + self.ldap_group_path
	],
	'samaccountname': self.base_dn})


	# OU Users
	self.connection.strategy.add_entry(self.ldap_user_path, {
	'objectclass': [
	'top',
	'organizationalUnit'
	],
	'ou': 'Users'})

	# Domain User
	#ToDo: confirm fields gidnumber
	self.connection.strategy.add_entry('cn=Posix User1,' + self.ldap_user_path, {
	'cn': 'Posix User1',
	'description': 'ACCESS:test1,ACCESS:test2',
	#'gidnumber': 501,
	'givenname': 'Posix',
	#'homedirectory': '/home/users/posix.user',
	'mail': 'posix.user1@unit.testing',
	'objectclass': [
	'user',
	'organizationalPerson',
	'person',
	'top'
	],
	'sn': 'User1',
	'mobile': '0421 123 456',
	'telephonenumber': '08 8912 3456',
	'samaccountname': 'posix.user',
	#'uidnumber': 1000,
	'userpassword': 'posix_user_password',
	'memberOf': [
	'cn=Domain Users,' + self.ldap_group_path,
	'cn=Domain Administrators,' + self.ldap_group_path
	]})


	#ToDo: confirm fields gidnumber
	self.connection.strategy.add_entry('cn=Posix User2,' + self.ldap_user_path, {
	'cn': 'Posix User2',
	'description': 'ACCESS:test1,ACCESS:test3',
	#'gidnumber': 501,
	'givenname': 'Posix',
	'homedirectory': '/home/users/posix.user2',
	'mail': 'posix.user2@unit.testing',
	'objectclass': [
	'user',
	'organizationalPerson',
	'person',
	'top'
	],
	'sn': 'User2',
	'mobile': '0421 456 789',
	'telephonenumber': '08 8978 1234',
	'samaccountname': 'posix.user2',
	#'uidnumber': 1001,
	'userpassword': 'posix_user2_password',
	'memberOf': [
	'cn=Domain Users,' + self.ldap_group_path,
	'cn=Enterprise Administrators,' + self.ldap_group_path
	]})


	#OU Groups ToDo: find an ldif for ad ou
	self.connection.strategy.add_entry(self.ldap_group_path, {
	'objectclass': [
	'organizationalUnit',
	'top'
	],
	'ou': 'Groups'})

	# Group, Administrator ToDo: confirm gidnumber
	self.connection.strategy.add_entry('cn=Domain Administrators,' + self.ldap_group_path, {
	'cn': 'Domain Administrators',
	'description': 'group1 Administrators contains only posix.user only',
	#'gidnumber': 500,
	'Member': [
	'cn=Posix User1,' + self.ldap_user_path,
	self.base_dn
	],
	'objectclass': [
	'group',
	'top'
	],
	'groupType': '2147483652'})


	# Group, Users ToDo: confirm gidnumber
	self.connection.strategy.add_entry('cn=Domain Users,' + self.ldap_group_path, {
	'cn': 'Domain Users',
	'description': 'group2 Users contains only posix.user and posix.user2',
	#'gidnumber': 501,
	'Member': [
	'cn=Posix User1,' + self.ldap_user_path,
	'cn=Posix User2,' + self.ldap_user_path
	],
	'objectclass': [
	'group',
	'top'
	],
	'groupType': '2147483652'
	})


	# Group3 ToDo: confirm gidnumber
	self.connection.strategy.add_entry('cn=Enterprise Administrators,' + self.ldap_group_path, {
	'cn': 'Enterprise Administrators',
	'description': 'group contains only posix.user2',
	#'gidnumber': 502,
	'Member': [
	'cn=Posix User2,' + self.ldap_user_path
	],
	'objectclass': [
	'group',
	'top'
	],
	'groupType': '2147483652'
	})

	self.connection.bind()

	# ToDo: when test dev complete, remove the entries above and if just below as 'json file will be used for stategy
	if self.connection.search(self.ldap_dc_path, '(objectclass=*)', attributes=ALL_ATTRIBUTES):
	self.connection.response_to_file(os.path.abspath( os.path.dirname( __file__ ) ) + '/test_data_ldif_activedirectory.json', raw=True)

	self.connection.unbind()



	@classmethod
	def tearDownClass(self):
	print('TEMP Test Case Active Directory tear down')
	# Clear LDAP connection
	self.connection = None


	def test_activedirectory_setup(self):
	pass


	class TestLDAPSettings_OpenLDAP(unittest.TestCase):

	@classmethod
	def setUpClass(self, ldapServer='OpenLDAP'):

	print('TEMP OpenLDAP setup')
	#self.clean_test_users()
	# Save user data for restoration in tearDownClass()


	# Setup Mock OpenLDAP Directory
	self.ldap_dc_path = 'dc=unit,dc=testing'
	self.ldap_user_path = 'ou=users,' + self.ldap_dc_path
	self.ldap_group_path = 'ou=groups,' + self.ldap_dc_path
	self.base_dn = 'cn=base_dn_user,' + self.ldap_dc_path
	self.base_password = 'my_password'
	self.ldap_server = 'ldap://my_fake_server:389'

	self.server = Server(host=self.ldap_server, port=389, get_info=OFFLINE_SLAPD_2_4)

	self.connection = Connection(
	self.server,
	user=self.base_dn,
	password=self.base_password,
	read_only=True,
	client_strategy=MOCK_SYNC)

	# DC
	self.connection.strategy.add_entry(self.ldap_dc_path,{
	'dc': 'testing',
	'o': 'Testing',
	'objectclass': [
	'top',
	'dcObject',
	'organization'
	]})

	# Base user / simple security object
	self.connection.strategy.add_entry(self.base_dn, {
	'userPassword': self.base_password,
	'sn': 'user_sn',
	'objectclass': [
	'simpleSecurityObject',
	'organizationalRole'
	]})

	# OU Users
	self.connection.strategy.add_entry(self.ldap_user_path, {
	'objectclass': [
	'top',
	'organizationalUnit'
	],
	'ou': 'Users'})

	# Posix / Generic User
	self.connection.strategy.add_entry('cn=Posix User1,' + self.ldap_user_path, {
	'cn': 'Posix User1',
	'description': 'ACCESS:test1,ACCESS:test2',
	'gidnumber': 501,
	'givenname': 'Posix',
	'homedirectory': '/home/users/posix.user',
	'mail': 'posix.user1@unit.testing',
	'objectclass': [
	'inetOrgPerson',
	'posixAccount',
	'top'
	],
	'sn': 'User1',
	'mobile': '0421 123 456',
	'telephonenumber': '08 8912 3456',
	'uid': 'posix.user',
	'uidnumber': 1000,
	'userpassword': 'posix_user_password'})

	# Posix / Generic User
	self.connection.strategy.add_entry('cn=Posix User2,' + self.ldap_user_path, {
	'cn': 'Posix User2',
	'description': 'ACCESS:test1,ACCESS:test3',
	'gidnumber': 501,
	'givenname': 'Posix2',
	'homedirectory': '/home/users/posix.user2',
	'mail': 'posix.user2@unit.testing',
	'objectclass': [
	'inetOrgPerson',
	'posixAccount',
	'top'
	],
	'sn': 'User2',
	'mobile': '0421 456 789',
	'telephonenumber': '08 8978 1234',
	'uid': 'posix.user2',
	'uidnumber': 1000,
	'userpassword': 'posix_user2_password'})


	#OU Groups
	self.connection.strategy.add_entry(self.ldap_group_path, {
	'objectclass': [
	'organizationalUnit',
	'top'
	],
	'ou': 'Users'})

	# Group, Administrator
	self.connection.strategy.add_entry('cn=Administrators,' + self.ldap_group_path, {
	'cn': 'Administrators',
	'description': 'group1 Administrators contains only posix.user only',
	'gidnumber': 500,
	'memberuid': [
	'posix.user'
	],
	'objectclass': [
	'posixGroup',
	'top']})

	# Group, Users
	self.connection.strategy.add_entry('cn=Users,' + self.ldap_group_path, {
	'cn': 'Users',
	'description': 'group2 Users contains only posix.user and posix.user2',
	'gidnumber': 501,
	'memberuid': [
	'posix.user2',
	'posix.user'
	],
	'objectclass': [
	'posixGroup',
	'top'
	]
	})

	# Group, group3
	self.connection.strategy.add_entry('cn=Group3,' + self.ldap_group_path, {
	'cn': 'Group3',
	'description': 'group3 Group3 contains only posix.user2 only',
	'gidnumber': 502,
	'memberuid': [
	'posix.user2'
	],
	'objectclass': [
	'posixGroup',
	'top'
	]
	})

	self.connection.bind()


	if self.connection.search(self.ldap_dc_path, '(objectclass=*)', attributes=ALL_ATTRIBUTES):
	self.connection.response_to_file(os.path.abspath( os.path.dirname( __file__ ) ) + '/test_data_ldif_openldap.json', raw=True)

	self.connection.unbind()

	self.connection = Connection(
	self.server,
	user=self.base_dn,
	password=self.base_password,
	read_only=True,
	client_strategy=MOCK_SYNC)

	self.connection.strategy.entries_from_json(os.path.abspath( os.path.dirname( __file__ ) ) + '/test_data_ldif_openldap.json')

	self.connection.bind()

	@classmethod
	def tearDownClass(self):
	print('TEMP OpenLDAP tear down')
	# Clear LDAP connection
	self.connection = None


	def test_activedirectory_setup(self):

	pass