diff --git a/demo/complex/tests/main.bats b/demo/complex/tests/main.bats
index 5cd95bb..92b3980 100755
--- a/demo/complex/tests/main.bats
+++ b/demo/complex/tests/main.bats
@@ -128,21 +128,76 @@ load ../../../library
# TODO check assignments etc
}
-@test "230 Check 'TestUser230' in Midpoint and LDAP" {
+@test "230 Import SIS_COURSES" {
+ if [ -e $BATS_TMPDIR/not-started ]; then skip 'not started'; fi
+
+ add_object tasks midpoint-objects-manual/tasks/task-import-sis-courses.xml
+ search_and_check_object tasks "Import from SIS courses"
+ wait_for_task_completion b73a2e66-8233-4c20-928f-acb30027b33e 8 10
+ assert_task_success b73a2e66-8233-4c20-928f-acb30027b33e
+
+ search_and_check_object orgs course_ACCT101
+ search_and_check_object orgs course_ACCT201
+ search_and_check_object orgs course_CS251
+ search_and_check_object orgs course_CS252
+ search_and_check_object orgs course_MATH100
+ search_and_check_object orgs course_MATH101
+ search_and_check_object orgs course_SCI123
+ search_and_check_object orgs course_SCI404
+
+ check_ldap_courses_by_name course_ACCT101 complex_directory_1
+ check_ldap_courses_by_name course_ACCT201 complex_directory_1
+ check_ldap_courses_by_name course_CS251 complex_directory_1
+ check_ldap_courses_by_name course_CS252 complex_directory_1
+ check_ldap_courses_by_name course_MATH100 complex_directory_1
+ check_ldap_courses_by_name course_MATH101 complex_directory_1
+ check_ldap_courses_by_name course_SCI123 complex_directory_1
+ check_ldap_courses_by_name course_SCI404 complex_directory_1
+
+ check_of_ldap_membership amorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "ACCT101" complex_directory_1
+ check_of_ldap_membership cmorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "ACCT101" complex_directory_1
+ check_of_ldap_membership mroberts "ou=courses,ou=groups,dc=internet2,dc=edu" "ACCT101" complex_directory_1
+ check_of_ldap_membership whenderson "ou=courses,ou=groups,dc=internet2,dc=edu" "ACCT101" complex_directory_1
+
+ check_of_ldap_membership amorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "CS251" complex_directory_1
+ check_of_ldap_membership cmorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "CS251" complex_directory_1
+ check_of_ldap_membership ddavis "ou=courses,ou=groups,dc=internet2,dc=edu" "CS251" complex_directory_1
+ check_of_ldap_membership mroberts "ou=courses,ou=groups,dc=internet2,dc=edu" "CS251" complex_directory_1
+
+ check_of_ldap_membership kwhite "ou=courses,ou=groups,dc=internet2,dc=edu" "CS252" complex_directory_1
+
+ check_of_ldap_membership danderson "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH100" complex_directory_1
+ check_of_ldap_membership ddavis "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH100" complex_directory_1
+ check_of_ldap_membership kwhite "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH100" complex_directory_1
+ check_of_ldap_membership wprice "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH100" complex_directory_1
+
+ check_of_ldap_membership amorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH101" complex_directory_1
+ check_of_ldap_membership cmorrison "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH101" complex_directory_1
+ check_of_ldap_membership mroberts "ou=courses,ou=groups,dc=internet2,dc=edu" "MATH101" complex_directory_1
+
+ check_of_ldap_membership danderson "ou=courses,ou=groups,dc=internet2,dc=edu" "SCI123" complex_directory_1
+ check_of_ldap_membership mroberts "ou=courses,ou=groups,dc=internet2,dc=edu" "SCI123" complex_directory_1
+
+ check_of_ldap_membership kwhite "ou=courses,ou=groups,dc=internet2,dc=edu" "SCI404" complex_directory_1
+ check_of_ldap_membership wprice "ou=courses,ou=groups,dc=internet2,dc=edu" "SCI404" complex_directory_1
+}
+
+
+@test "240 Check 'TestUser240' in Midpoint and LDAP" {
if [ -e $BATS_TMPDIR/not-started ]; then skip 'not started'; fi
check_health
- echo "TestUser230Test User230TestUser230password" >/tmp/testuser230.xml
- add_object users /tmp/testuser230.xml
- rm /tmp/testuser230.xml
- search_and_check_object users TestUser230
+ echo "TestUser240Test User240TestUser240password" >/tmp/testuser240.xml
+ add_object users /tmp/testuser240.xml
+ rm /tmp/testuser240.xml
+ search_and_check_object users TestUser240
execute_bulk_action tests/resources/bulk-action/recompute-role-grouper-sysadmin.xml complex_midpoint_server_1
execute_bulk_action tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml complex_midpoint_server_1
- check_ldap_account_by_user_name TestUser230 complex_directory_1
- check_of_ldap_membership TestUser230 sysadmingroup complex_directory_1
+ check_ldap_account_by_user_name TestUser240 complex_directory_1
+ check_of_ldap_membership TestUser240 "ou=groups,dc=internet2,dc=edu" "sysadmingroup" complex_directory_1
- delete_object_by_name users TestUser230
+ delete_object_by_name users TestUser240
}
diff --git a/demo/complex/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml b/demo/complex/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml
index c2736da..0cb1a6b 100644
--- a/demo/complex/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml
+++ b/demo/complex/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml
@@ -8,7 +8,7 @@
c:name
- TestUser230
+ TestUser240
diff --git a/library.bash b/library.bash
index eae9fb2..450bb7b 100644
--- a/library.bash
+++ b/library.bash
@@ -12,7 +12,7 @@ function generic_wait_for_log () {
FAILURE="$4"
ADDITIONAL_CONTAINER_NAME=$5
ATTEMPT=0
- MAX_ATTEMPTS=40
+ MAX_ATTEMPTS=20
DELAY=10
until [[ $ATTEMPT = $MAX_ATTEMPTS ]]; do
@@ -340,7 +340,7 @@ function search_ldap_object_by_filter () {
local LDAP_CONTAINER=$3
TMPFILE=$(mktemp /tmp/ldapsearch.XXXXXX)
- docker exec $LDAP_CONTAINER ldapsearch -h localhost -p 389 -D "cn=Directory Manager" -w password -b "$BASE_CONTEXT_FOR_SEARCH" "($FILTER)" >$TMPFILE || (rm $TMPFILE ; return 1)
+ docker exec $LDAP_CONTAINER ldapsearch -h localhost -p 389 -D "cn=Directory Manager" -w password -b "$BASE_CONTEXT_FOR_SEARCH" "($FILTER)" >$TMPFILE || (echo "Couldn't search $FILTER:" ;m $TMPFILE ; return 1)
LDAPSEARCH_RESULT_FILE=$TMPFILE
return 0
}
@@ -370,15 +370,40 @@ function check_ldap_account_by_user_name () {
return 1
}
+function check_ldap_courses_by_name () {
+ local NAME="$1"
+ local LDAP_CONTAINER=$2
+ search_objects_by_name orgs $NAME
+
+ local MP_ORG_IDENTIFIER=$(xmllint --xpath "/*/*/*[local-name()='identifier']/text()" $SEARCH_RESULT_FILE) || (echo "Couldn't extract user identifier from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; return 1)
+
+ search_ldap_object_by_filter "ou=courses,ou=groups,dc=internet2,dc=edu" "cn=$MP_ORG_IDENTIFIER" $LDAP_CONTAINER
+
+ local LDAP_CN=$(grep -oP "cn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user cn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
+
+ rm $SEARCH_RESULT_FILE
+ rm $LDAPSEARCH_RESULT_FILE
+
+ if [[ $MP_ORG_IDENTIFIER = $LDAP_CN ]]; then
+ return 0
+ fi
+
+ echo "Orgs $NAME in Midpoint and LDAP Group(Course) with cn $MP_ORG_IDENTIFIER are not same"
+ return 1
+}
+
+
function check_of_ldap_membership () {
local NAME_OF_USER="$1"
- local NAME_OF_GROUP="$2"
- local LDAP_CONTAINER=$3
+ local BASE_CONTEXT_FOR_GROUP="$2"
+ #path to curent group from ou=group
+ local NAME_OF_GROUP="$3"
+ local LDAP_CONTAINER=$4
search_ldap_object_by_filter "ou=people,dc=internet2,dc=edu" "uid=$NAME_OF_USER" $LDAP_CONTAINER
local LDAP_ACCOUNT_DN=$(grep -oP "dn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user dn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
- search_ldap_object_by_filter "ou=groups,dc=internet2,dc=edu" "cn=$NAME_OF_GROUP" $LDAP_CONTAINER
+ search_ldap_object_by_filter "$BASE_CONTEXT_FOR_GROUP" "cn=$NAME_OF_GROUP" $LDAP_CONTAINER
local LDAP_MEMBERS_DNS=$(grep -oP "uniqueMember: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user uniqueMember from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
@@ -388,6 +413,6 @@ function check_of_ldap_membership () {
return 0
fi
- echo "LDAP Account with uid $NAME_OF_USER is not member of LDAP Group $NAME_OF_GROUP"
+ echo "LDAP Account with uid $NAME_OF_USER is not member of LDAP Group $NAME_OF_GROUP in base context $BASE_CONTEXT_FOR_GROUP"
return 1
}