From 734a1dc76b8e2446a0f5516b917baad42de1097c Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Wed, 29 Jan 2025 11:11:55 +0100 Subject: [PATCH] Adjust educational LDAP Attribute and Objectclasses This is largely untested and might need further adjustments, but should be "good enough" to not block us for now. --- .../20_opencloud_education_schema.ldif | 45 +++++++++ .../pkg/identity/ldap_education_class.go | 14 +-- .../pkg/identity/ldap_education_class_test.go | 80 ++++++++-------- .../pkg/identity/ldap_education_school.go | 14 +-- .../identity/ldap_education_school_test.go | 92 +++++++++---------- .../pkg/identity/ldap_education_user_test.go | 24 ++--- 6 files changed, 157 insertions(+), 112 deletions(-) create mode 100644 deployments/examples/shared/config/ldap/schemas/20_opencloud_education_schema.ldif diff --git a/deployments/examples/shared/config/ldap/schemas/20_opencloud_education_schema.ldif b/deployments/examples/shared/config/ldap/schemas/20_opencloud_education_schema.ldif new file mode 100644 index 0000000000..af29747456 --- /dev/null +++ b/deployments/examples/shared/config/ldap/schemas/20_opencloud_education_schema.ldif @@ -0,0 +1,45 @@ +# This LDIF files describes the LDAP schema related to the Education +# endpoints of the libregraph API +dn: cn=openCloudEdu,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: openCloudEdu +olcAttributeTypes: ( openCloudOid:1.1.6 NAME 'openCloudMemberOfSchool' + DESC 'Used as a backreference to the school(s) to which a user or class is assigned' + EQUALITY uuidMatch + SYNTAX 1.3.6.1.1.16.1 ) +olcAttributeTypes: ( openCloudOid:1.1.7 NAME 'openCloudEducationExternalId' + DESC 'An externally assigned string id for an education related object' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( openCloudOid:1.1.8 NAME 'openCloudEducationClassType' + DESC 'category of a class e.g. "course" or "class"' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( openCloudOid:1.1.9 NAME 'openCloudEducationTeacherMember' + DESC 'references a user who is assigned as a teacher to a class' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +olcAttributeTypes: ( openCloudOid:1.1.10 NAME 'openCloudEducationSchoolNumber' + DESC 'An externally assigned identifier for a school' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +olcAttributeTypes: ( openCloudOid:1.1.11 NAME 'openCloudEducationSchoolTerminationTimestamp' + DESC 'A Timestamp at which a school is considered to be disabled' + EQUALITY generalizedTimeMatch + ORDERING generalizedTimeOrderingMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ) +olcObjectClasses: ( openCloudOid:1.2.3 NAME 'openCloudEducationUser' + DESC 'OpenCloud education user objectclass' + SUP openCloudUser + AUXILIARY + MAY ( userClass $ openCloudMemberOfSchool ) ) +olcObjectClasses: ( openCloudOid:1.2.4 NAME 'openCloudEducationClass' + DESC 'OpenCloud education class objectclass' + SUP openCloudObject + AUXILIARY + MAY ( openCloudEducationExternalId $ openCloudEducationClassType $ openCloudEducationTeacherMember $ openCloudMemberOfSchool ) ) +olcObjectClasses: ( openCloudOid:1.2.5 NAME 'openCloudEducationSchool' + DESC 'OpenCloud education school objectclass' + SUP openCloudObject + AUXILIARY + MAY ( openCloudEducationSchoolNumber $ openCloudEducationSchoolTerminationTimestamp ) ) diff --git a/services/graph/pkg/identity/ldap_education_class.go b/services/graph/pkg/identity/ldap_education_class.go index c5c0169d61..a5c6f7d93b 100644 --- a/services/graph/pkg/identity/ldap_education_class.go +++ b/services/graph/pkg/identity/ldap_education_class.go @@ -7,8 +7,8 @@ import ( "github.com/go-ldap/ldap/v3" "github.com/libregraph/idm/pkg/ldapdn" - libregraph "github.com/owncloud/libre-graph-api-go" "github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode" + libregraph "github.com/owncloud/libre-graph-api-go" ) type educationClassAttributeMap struct { @@ -19,9 +19,9 @@ type educationClassAttributeMap struct { func newEducationClassAttributeMap() educationClassAttributeMap { return educationClassAttributeMap{ - externalID: "ocEducationExternalId", - classification: "ocEducationClassType", - teachers: "ocEducationTeacherMember", + externalID: "openCloudEducationExternalId", + classification: "openCloudEducationClassType", + teachers: "openCloudEducationTeacherMember", } } @@ -66,7 +66,7 @@ func (i *LDAP) GetEducationClasses(ctx context.Context) ([]*libregraph.Education // CreateEducationClass implements the EducationBackend interface for the LDAP backend. // An EducationClass is mapped to an LDAP entry of the "groupOfNames" structural ObjectClass. -// With a few additional Attributes added on top via the "ocEducationClass" auxiliary ObjectClass. +// With a few additional Attributes added on top via the "openCloudEducationClass" auxiliary ObjectClass. func (i *LDAP) CreateEducationClass(ctx context.Context, class libregraph.EducationClass) (*libregraph.EducationClass, error) { logger := i.logger.SubloggerWithRequestID(ctx) logger.Debug().Str("backend", "ldap").Msg("create educationClass") @@ -208,7 +208,7 @@ func (i *LDAP) UpdateEducationClass(ctx context.Context, id string, class libreg func (i *LDAP) updateClassExternalID(ctx context.Context, dn, externalID string) (string, error) { logger := i.logger.SubloggerWithRequestID(ctx) - newDN := fmt.Sprintf("ocEducationExternalId=%s", externalID) + newDN := fmt.Sprintf("openCloudEducationExternalId=%s", externalID) mrdn := ldap.NewModifyDNRequest(dn, newDN, true, "") i.logger.Debug().Str("Backend", "ldap"). @@ -339,7 +339,7 @@ func (i *LDAP) groupToEducationClass(group libregraph.Group, e *ldap.Entry) *lib func (i *LDAP) getEducationClassLDAPDN(class libregraph.EducationClass) string { attributeTypeAndValue := ldap.AttributeTypeAndValue{ - Type: "ocEducationExternalId", + Type: "openCloudEducationExternalId", Value: class.GetExternalId(), } return fmt.Sprintf("%s,%s", attributeTypeAndValue.String(), i.groupBaseDN) diff --git a/services/graph/pkg/identity/ldap_education_class_test.go b/services/graph/pkg/identity/ldap_education_class_test.go index 5469f544be..f028a1bb59 100644 --- a/services/graph/pkg/identity/ldap_education_class_test.go +++ b/services/graph/pkg/identity/ldap_education_class_test.go @@ -6,36 +6,36 @@ import ( "testing" "github.com/go-ldap/ldap/v3" - libregraph "github.com/owncloud/libre-graph-api-go" "github.com/opencloud-eu/opencloud/services/graph/pkg/identity/mocks" + libregraph "github.com/owncloud/libre-graph-api-go" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" ) -var classEntry = ldap.NewEntry("ocEducationExternalId=Math0123", +var classEntry = ldap.NewEntry("openCloudEducationExternalId=Math0123", map[string][]string{ - "cn": {"Math"}, - "ocEducationExternalId": {"Math0123"}, - "ocEducationClassType": {"course"}, - "entryUUID": {"abcd-defg"}, + "cn": {"Math"}, + "openCloudEducationExternalId": {"Math0123"}, + "openCloudEducationClassType": {"course"}, + "entryUUID": {"abcd-defg"}, }) -var classEntryWithSchool = ldap.NewEntry("ocEducationExternalId=Math0123", +var classEntryWithSchool = ldap.NewEntry("openCloudEducationExternalId=Math0123", map[string][]string{ - "cn": {"Math"}, - "ocEducationExternalId": {"Math0123"}, - "ocEducationClassType": {"course"}, - "entryUUID": {"abcd-defg"}, - "ocMemberOfSchool": {"abcd-defg"}, + "cn": {"Math"}, + "openCloudEducationExternalId": {"Math0123"}, + "openCloudEducationClassType": {"course"}, + "entryUUID": {"abcd-defg"}, + "openCloudMemberOfSchool": {"abcd-defg"}, }) -var classEntryWithMember = ldap.NewEntry("ocEducationExternalId=Math0123", +var classEntryWithMember = ldap.NewEntry("openCloudEducationExternalId=Math0123", map[string][]string{ - "cn": {"Math"}, - "ocEducationExternalId": {"Math0123"}, - "ocEducationClassType": {"course"}, - "entryUUID": {"abcd-defg"}, - "member": {"uid=user"}, + "cn": {"Math"}, + "openCloudEducationExternalId": {"Math0123"}, + "openCloudEducationClassType": {"course"}, + "entryUUID": {"abcd-defg"}, + "member": {"uid=user"}, }) func TestCreateEducationClass(t *testing.T) { @@ -107,25 +107,25 @@ func TestGetEducationClass(t *testing.T) { { name: "Test search class using id", id: "abcd-defg", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=abcd-defg)(ocEducationExternalId=abcd-defg)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=abcd-defg)(openCloudEducationExternalId=abcd-defg)))", expectedItemNotFound: false, }, { name: "Test search class using unknown Id", id: "xxxx-xxxx", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=xxxx-xxxx)(ocEducationExternalId=xxxx-xxxx)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=xxxx-xxxx)(openCloudEducationExternalId=xxxx-xxxx)))", expectedItemNotFound: true, }, { name: "Test search class using external ID", id: "Math0123", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=Math0123)(ocEducationExternalId=Math0123)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=Math0123)(openCloudEducationExternalId=Math0123)))", expectedItemNotFound: false, }, { name: "Test search school using unknown externalID", id: "Unknown3210", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=Unknown3210)(ocEducationExternalId=Unknown3210)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=Unknown3210)(openCloudEducationExternalId=Unknown3210)))", expectedItemNotFound: true, }, } @@ -137,7 +137,7 @@ func TestGetEducationClass(t *testing.T) { Scope: 2, SizeLimit: 1, Filter: tt.filter, - Attributes: []string{"cn", "entryUUID", "ocEducationClassType", "ocEducationExternalId", "ocMemberOfSchool", "ocEducationTeacherMember"}, + Attributes: []string{"cn", "entryUUID", "openCloudEducationClassType", "openCloudEducationExternalId", "openCloudMemberOfSchool", "openCloudEducationTeacherMember"}, Controls: []ldap.Control(nil), } if tt.expectedItemNotFound { @@ -174,25 +174,25 @@ func TestDeleteEducationClass(t *testing.T) { { name: "Test search class using id", id: "abcd-defg", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=abcd-defg)(ocEducationExternalId=abcd-defg)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=abcd-defg)(openCloudEducationExternalId=abcd-defg)))", expectedItemNotFound: false, }, { name: "Test search class using unknown Id", id: "xxxx-xxxx", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=xxxx-xxxx)(ocEducationExternalId=xxxx-xxxx)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=xxxx-xxxx)(openCloudEducationExternalId=xxxx-xxxx)))", expectedItemNotFound: true, }, { name: "Test search class using external ID", id: "Math0123", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=Math0123)(ocEducationExternalId=Math0123)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=Math0123)(openCloudEducationExternalId=Math0123)))", expectedItemNotFound: false, }, { name: "Test search school using unknown externalID", id: "Unknown3210", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=Unknown3210)(ocEducationExternalId=Unknown3210)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=Unknown3210)(openCloudEducationExternalId=Unknown3210)))", expectedItemNotFound: true, }, } @@ -204,7 +204,7 @@ func TestDeleteEducationClass(t *testing.T) { Scope: 2, SizeLimit: 1, Filter: tt.filter, - Attributes: []string{"cn", "entryUUID", "ocEducationClassType", "ocEducationExternalId", "ocMemberOfSchool", "ocEducationTeacherMember"}, + Attributes: []string{"cn", "entryUUID", "openCloudEducationClassType", "openCloudEducationExternalId", "openCloudMemberOfSchool", "openCloudEducationTeacherMember"}, Controls: []ldap.Control(nil), } if tt.expectedItemNotFound { @@ -213,7 +213,7 @@ func TestDeleteEducationClass(t *testing.T) { lm.On("Search", sr).Return(&ldap.SearchResult{Entries: []*ldap.Entry{classEntry}}, nil) } dr := &ldap.DelRequest{ - DN: "ocEducationExternalId=Math0123", + DN: "openCloudEducationExternalId=Math0123", } lm.On("Del", dr).Return(nil) @@ -243,25 +243,25 @@ func TestGetEducationClassMembers(t *testing.T) { { name: "Test search class using id", id: "abcd-defg", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=abcd-defg)(ocEducationExternalId=abcd-defg)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=abcd-defg)(openCloudEducationExternalId=abcd-defg)))", expectedItemNotFound: false, }, { name: "Test search class using unknown Id", id: "xxxx-xxxx", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=xxxx-xxxx)(ocEducationExternalId=xxxx-xxxx)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=xxxx-xxxx)(openCloudEducationExternalId=xxxx-xxxx)))", expectedItemNotFound: true, }, { name: "Test search class using external ID", id: "Math0123", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=Math0123)(ocEducationExternalId=Math0123)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=Math0123)(openCloudEducationExternalId=Math0123)))", expectedItemNotFound: false, }, { name: "Test search school using unknown externalID", id: "Unknown3210", - filter: "(&(objectClass=ocEducationClass)(|(entryUUID=Unknown3210)(ocEducationExternalId=Unknown3210)))", + filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=Unknown3210)(openCloudEducationExternalId=Unknown3210)))", expectedItemNotFound: true, }, } @@ -282,7 +282,7 @@ func TestGetEducationClassMembers(t *testing.T) { Scope: 2, SizeLimit: 1, Filter: tt.filter, - Attributes: []string{"cn", "entryUUID", "ocEducationClassType", "ocEducationExternalId", "ocMemberOfSchool", "ocEducationTeacherMember", "member"}, + Attributes: []string{"cn", "entryUUID", "openCloudEducationClassType", "openCloudEducationExternalId", "openCloudMemberOfSchool", "openCloudEducationTeacherMember", "member"}, Controls: []ldap.Control(nil), } if tt.expectedItemNotFound { @@ -346,7 +346,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) { assertion: func(tt assert.TestingT, err error, i ...interface{}) bool { return assert.Nil(tt, err) }, modifyData: modifyData{ arg: &ldap.ModifyRequest{ - DN: "ocEducationExternalId=Math0123", + DN: "openCloudEducationExternalId=Math0123", Changes: []ldap.Change{ { Operation: ldap.ReplaceAttribute, @@ -383,8 +383,8 @@ func TestLDAP_UpdateEducationClass(t *testing.T) { }, modifyDNData: modifyDNData{ arg: &ldap.ModifyDNRequest{ - DN: "ocEducationExternalId=Math0123", - NewRDN: "ocEducationExternalId=Math3210", + DN: "openCloudEducationExternalId=Math0123", + NewRDN: "openCloudEducationExternalId=Math3210", DeleteOldRDN: true, NewSuperior: "", }, @@ -409,7 +409,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) { assertion: func(tt assert.TestingT, err error, i ...interface{}) bool { return assert.Nil(tt, err) }, modifyData: modifyData{ arg: &ldap.ModifyRequest{ - DN: "ocEducationExternalId=Math3210,ou=groups,dc=test", + DN: "openCloudEducationExternalId=Math3210,ou=groups,dc=test", Changes: []ldap.Change{ { Operation: ldap.ReplaceAttribute, @@ -423,8 +423,8 @@ func TestLDAP_UpdateEducationClass(t *testing.T) { }, modifyDNData: modifyDNData{ arg: &ldap.ModifyDNRequest{ - DN: "ocEducationExternalId=Math0123", - NewRDN: "ocEducationExternalId=Math3210", + DN: "openCloudEducationExternalId=Math0123", + NewRDN: "openCloudEducationExternalId=Math3210", DeleteOldRDN: true, NewSuperior: "", }, diff --git a/services/graph/pkg/identity/ldap_education_school.go b/services/graph/pkg/identity/ldap_education_school.go index 03e15825ab..19437c4714 100644 --- a/services/graph/pkg/identity/ldap_education_school.go +++ b/services/graph/pkg/identity/ldap_education_school.go @@ -55,15 +55,15 @@ var ( func defaultEducationConfig() educationConfig { return educationConfig{ - schoolObjectClass: "ocEducationSchool", + schoolObjectClass: "openCloudEducationSchool", schoolScope: ldap.ScopeWholeSubtree, - memberOfSchoolAttribute: "ocMemberOfSchool", + memberOfSchoolAttribute: "openCloudMemberOfSchool", schoolAttributeMap: newSchoolAttributeMap(), - userObjectClass: "ocEducationUser", + userObjectClass: "openCloudEducationUser", userAttributeMap: newEducationUserAttributeMap(), - classObjectClass: "ocEducationClass", + classObjectClass: "openCloudEducationClass", classAttributeMap: newEducationClassAttributeMap(), } } @@ -104,9 +104,9 @@ func newEducationConfig(config config.LDAP) (educationConfig, error) { func newSchoolAttributeMap() schoolAttributeMap { return schoolAttributeMap{ displayName: "ou", - schoolNumber: "ocEducationSchoolNumber", - id: "owncloudUUID", - terminationDate: "ocEducationSchoolTerminationTimestamp", + schoolNumber: "openCloudEducationSchoolNumber", + id: "openCloudUUID", + terminationDate: "openCloudEducationSchoolTerminationTimestamp", } } diff --git a/services/graph/pkg/identity/ldap_education_school_test.go b/services/graph/pkg/identity/ldap_education_school_test.go index 2fe34d1651..107f22ab54 100644 --- a/services/graph/pkg/identity/ldap_education_school_test.go +++ b/services/graph/pkg/identity/ldap_education_school_test.go @@ -7,10 +7,10 @@ import ( "time" "github.com/go-ldap/ldap/v3" - libregraph "github.com/owncloud/libre-graph-api-go" "github.com/opencloud-eu/opencloud/services/graph/pkg/config" "github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode" "github.com/opencloud-eu/opencloud/services/graph/pkg/identity/mocks" + libregraph "github.com/owncloud/libre-graph-api-go" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" ) @@ -42,30 +42,30 @@ var eduConfig = config.LDAP{ var schoolEntry = ldap.NewEntry("ou=Test School", map[string][]string{ - "ou": {"Test School"}, - "ocEducationSchoolNumber": {"0123"}, - "owncloudUUID": {"abcd-defg"}, + "ou": {"Test School"}, + "openCloudEducationSchoolNumber": {"0123"}, + "openCloudUUID": {"abcd-defg"}, }) var schoolEntry1 = ldap.NewEntry("ou=Test School1", map[string][]string{ - "ou": {"Test School1"}, - "ocEducationSchoolNumber": {"0042"}, - "owncloudUUID": {"hijk-defg"}, + "ou": {"Test School1"}, + "openCloudEducationSchoolNumber": {"0042"}, + "openCloudUUID": {"hijk-defg"}, }) var schoolEntryWithTermination = ldap.NewEntry("ou=Test School", map[string][]string{ - "ou": {"Test School"}, - "ocEducationSchoolNumber": {"0123"}, - "owncloudUUID": {"abcd-defg"}, - "ocEducationSchoolTerminationTimestamp": {"20420131120000Z"}, + "ou": {"Test School"}, + "openCloudEducationSchoolNumber": {"0123"}, + "openCloudUUID": {"abcd-defg"}, + "openCloudEducationSchoolTerminationTimestamp": {"20420131120000Z"}, }) var ( - filterSchoolSearchByIdExisting = "(&(objectClass=ocEducationSchool)(|(owncloudUUID=abcd-defg)(ocEducationSchoolNumber=abcd-defg)))" - filterSchoolSearchByIdNonexistant = "(&(objectClass=ocEducationSchool)(|(owncloudUUID=xxxx-xxxx)(ocEducationSchoolNumber=xxxx-xxxx)))" - filterSchoolSearchByNumberExisting = "(&(objectClass=ocEducationSchool)(|(owncloudUUID=0123)(ocEducationSchoolNumber=0123)))" - filterSchoolSearchByNumberNonexistant = "(&(objectClass=ocEducationSchool)(|(owncloudUUID=3210)(ocEducationSchoolNumber=3210)))" + filterSchoolSearchByIdExisting = "(&(objectClass=openCloudEducationSchool)(|(openCloudUUID=abcd-defg)(openCloudEducationSchoolNumber=abcd-defg)))" + filterSchoolSearchByIdNonexistant = "(&(objectClass=openCloudEducationSchool)(|(openCloudUUID=xxxx-xxxx)(openCloudEducationSchoolNumber=xxxx-xxxx)))" + filterSchoolSearchByNumberExisting = "(&(objectClass=openCloudEducationSchool)(|(openCloudUUID=0123)(openCloudEducationSchoolNumber=0123)))" + filterSchoolSearchByNumberNonexistant = "(&(objectClass=openCloudEducationSchool)(|(openCloudUUID=3210)(openCloudEducationSchoolNumber=3210)))" ) func TestCreateEducationSchool(t *testing.T) { @@ -104,7 +104,7 @@ func TestCreateEducationSchool(t *testing.T) { return false } for _, attr := range ar.Attributes { - if attr.Type == "ocEducationSchoolTerminationTimestamp" { + if attr.Type == "openCloudEducationSchoolTerminationTimestamp" { return false } } @@ -124,8 +124,8 @@ func TestCreateEducationSchool(t *testing.T) { BaseDN: "", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationSchool)(ocEducationSchoolNumber=0123))", - Attributes: []string{"ou", "owncloudUUID", "ocEducationSchoolNumber", "ocEducationSchoolTerminationTimestamp"}, + Filter: "(&(objectClass=openCloudEducationSchool)(openCloudEducationSchoolNumber=0123))", + Attributes: []string{"ou", "openCloudUUID", "openCloudEducationSchoolNumber", "openCloudEducationSchoolTerminationTimestamp"}, Controls: []ldap.Control(nil), } lm.On("Search", schoolNumberSearchRequest). @@ -138,8 +138,8 @@ func TestCreateEducationSchool(t *testing.T) { BaseDN: "", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationSchool)(ocEducationSchoolNumber=0666))", - Attributes: []string{"ou", "owncloudUUID", "ocEducationSchoolNumber", "ocEducationSchoolTerminationTimestamp"}, + Filter: "(&(objectClass=openCloudEducationSchool)(openCloudEducationSchoolNumber=0666))", + Attributes: []string{"ou", "openCloudUUID", "openCloudEducationSchoolNumber", "openCloudEducationSchoolTerminationTimestamp"}, Controls: []ldap.Control(nil), } lm.On("Search", existingSchoolNumberSearchRequest). @@ -152,8 +152,8 @@ func TestCreateEducationSchool(t *testing.T) { BaseDN: "", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationSchool)(ocEducationSchoolNumber=1111))", - Attributes: []string{"ou", "owncloudUUID", "ocEducationSchoolNumber", "ocEducationSchoolTerminationTimestamp"}, + Filter: "(&(objectClass=openCloudEducationSchool)(openCloudEducationSchoolNumber=1111))", + Attributes: []string{"ou", "openCloudUUID", "openCloudEducationSchoolNumber", "openCloudEducationSchoolTerminationTimestamp"}, Controls: []ldap.Control(nil), } lm.On("Search", schoolNumberSearchRequestError). @@ -166,8 +166,8 @@ func TestCreateEducationSchool(t *testing.T) { BaseDN: "ou=Test School,", Scope: 0, SizeLimit: 1, - Filter: "(objectClass=ocEducationSchool)", - Attributes: []string{"ou", "owncloudUUID", "ocEducationSchoolNumber", "ocEducationSchoolTerminationTimestamp"}, + Filter: "(objectClass=openCloudEducationSchool)", + Attributes: []string{"ou", "openCloudUUID", "openCloudEducationSchoolNumber", "openCloudEducationSchoolTerminationTimestamp"}, Controls: []ldap.Control(nil), } lm.On("Search", schoolLookupAfterCreate). @@ -209,7 +209,7 @@ func TestUpdateEducationSchoolTerminationDate(t *testing.T) { } for _, mod := range mr.Changes { if mod.Operation == ldap.ReplaceAttribute && - mod.Modification.Type == "ocEducationSchoolTerminationTimestamp" && + mod.Modification.Type == "openCloudEducationSchoolTerminationTimestamp" && mod.Modification.Vals[0] == "20420131120000Z" { return true } @@ -355,7 +355,7 @@ func TestDeleteEducationSchool(t *testing.T) { Scope: 2, SizeLimit: 1, Filter: tt.filter, - Attributes: []string{"ou", "owncloudUUID", "ocEducationSchoolNumber", "ocEducationSchoolTerminationTimestamp"}, + Attributes: []string{"ou", "openCloudUUID", "openCloudEducationSchoolNumber", "openCloudEducationSchoolTerminationTimestamp"}, Controls: []ldap.Control(nil), } if tt.expectedItemNotFound { @@ -424,7 +424,7 @@ func TestGetEducationSchool(t *testing.T) { Scope: 2, SizeLimit: 1, Filter: tt.filter, - Attributes: []string{"ou", "owncloudUUID", "ocEducationSchoolNumber", "ocEducationSchoolTerminationTimestamp"}, + Attributes: []string{"ou", "openCloudUUID", "openCloudEducationSchoolNumber", "openCloudEducationSchoolTerminationTimestamp"}, Controls: []ldap.Control(nil), } if tt.expectedItemNotFound { @@ -457,8 +457,8 @@ func TestGetEducationSchools(t *testing.T) { BaseDN: "", Scope: 2, SizeLimit: 0, - Filter: "(objectClass=ocEducationSchool)", - Attributes: []string{"ou", "owncloudUUID", "ocEducationSchoolNumber", "ocEducationSchoolTerminationTimestamp"}, + Filter: "(objectClass=openCloudEducationSchool)", + Attributes: []string{"ou", "openCloudUUID", "openCloudEducationSchoolNumber", "openCloudEducationSchoolTerminationTimestamp"}, Controls: []ldap.Control(nil), } lm.On("Search", sr1).Return(&ldap.SearchResult{Entries: []*ldap.Entry{schoolEntry, schoolEntry1}}, nil) @@ -475,7 +475,7 @@ var schoolByIDSearch1 *ldap.SearchRequest = &ldap.SearchRequest{ Scope: 2, SizeLimit: 1, Filter: filterSchoolSearchByIdExisting, - Attributes: []string{"ou", "owncloudUUID", "ocEducationSchoolNumber", "ocEducationSchoolTerminationTimestamp"}, + Attributes: []string{"ou", "openCloudUUID", "openCloudEducationSchoolNumber", "openCloudEducationSchoolTerminationTimestamp"}, Controls: []ldap.Control(nil), } @@ -484,7 +484,7 @@ var schoolByNumberSearch *ldap.SearchRequest = &ldap.SearchRequest{ Scope: 2, SizeLimit: 1, Filter: filterSchoolSearchByNumberExisting, - Attributes: []string{"ou", "owncloudUUID", "ocEducationSchoolNumber", "ocEducationSchoolTerminationTimestamp"}, + Attributes: []string{"ou", "openCloudUUID", "openCloudEducationSchoolNumber", "openCloudEducationSchoolTerminationTimestamp"}, Controls: []ldap.Control(nil), } @@ -492,7 +492,7 @@ var userByIDSearch1 *ldap.SearchRequest = &ldap.SearchRequest{ BaseDN: "ou=people,dc=test", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationUser)(|(uid=abcd-defg)(entryUUID=abcd-defg)))", + Filter: "(&(objectClass=openCloudEducationUser)(|(uid=abcd-defg)(entryUUID=abcd-defg)))", Attributes: eduUserAttrs, Controls: []ldap.Control(nil), } @@ -501,7 +501,7 @@ var userByIDSearch2 *ldap.SearchRequest = &ldap.SearchRequest{ BaseDN: "ou=people,dc=test", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationUser)(|(uid=does-not-exist)(entryUUID=does-not-exist)))", + Filter: "(&(objectClass=openCloudEducationUser)(|(uid=does-not-exist)(entryUUID=does-not-exist)))", Attributes: eduUserAttrs, Controls: []ldap.Control(nil), } @@ -512,7 +512,7 @@ var userToSchoolModRequest *ldap.ModifyRequest = &ldap.ModifyRequest{ { Operation: ldap.AddAttribute, Modification: ldap.PartialAttribute{ - Type: "ocMemberOfSchool", + Type: "openCloudMemberOfSchool", Vals: []string{"abcd-defg"}, }, }, @@ -525,7 +525,7 @@ var userFromSchoolModRequest *ldap.ModifyRequest = &ldap.ModifyRequest{ { Operation: ldap.DeleteAttribute, Modification: ldap.PartialAttribute{ - Type: "ocMemberOfSchool", + Type: "openCloudMemberOfSchool", Vals: []string{"abcd-defg"}, }, }, @@ -533,12 +533,12 @@ var userFromSchoolModRequest *ldap.ModifyRequest = &ldap.ModifyRequest{ } var classToSchoolModRequest *ldap.ModifyRequest = &ldap.ModifyRequest{ - DN: "ocEducationExternalId=Math0123", + DN: "openCloudEducationExternalId=Math0123", Changes: []ldap.Change{ { Operation: ldap.AddAttribute, Modification: ldap.PartialAttribute{ - Type: "ocMemberOfSchool", + Type: "openCloudMemberOfSchool", Vals: []string{"abcd-defg"}, }, }, @@ -546,12 +546,12 @@ var classToSchoolModRequest *ldap.ModifyRequest = &ldap.ModifyRequest{ } var classFromSchoolModRequest *ldap.ModifyRequest = &ldap.ModifyRequest{ - DN: "ocEducationExternalId=Math0123", + DN: "openCloudEducationExternalId=Math0123", Changes: []ldap.Change{ { Operation: ldap.DeleteAttribute, Modification: ldap.PartialAttribute{ - Type: "ocMemberOfSchool", + Type: "openCloudMemberOfSchool", Vals: []string{"abcd-defg"}, }, }, @@ -609,7 +609,7 @@ var usersBySchoolIDSearch *ldap.SearchRequest = &ldap.SearchRequest{ BaseDN: "ou=people,dc=test", Scope: 2, SizeLimit: 0, - Filter: "(&(objectClass=ocEducationUser)(ocMemberOfSchool=abcd-defg))", + Filter: "(&(objectClass=openCloudEducationUser)(openCloudMemberOfSchool=abcd-defg))", Attributes: eduUserAttrs, Controls: []ldap.Control(nil), } @@ -632,8 +632,8 @@ var classesBySchoolIDSearch *ldap.SearchRequest = &ldap.SearchRequest{ BaseDN: "ou=groups,dc=test", Scope: 2, SizeLimit: 0, - Filter: "(&(objectClass=ocEducationClass)(ocMemberOfSchool=abcd-defg))", - Attributes: []string{"cn", "entryUUID", "ocEducationClassType", "ocEducationExternalId", "ocMemberOfSchool", "ocEducationTeacherMember"}, + Filter: "(&(objectClass=openCloudEducationClass)(openCloudMemberOfSchool=abcd-defg))", + Attributes: []string{"cn", "entryUUID", "openCloudEducationClassType", "openCloudEducationExternalId", "openCloudMemberOfSchool", "openCloudEducationTeacherMember"}, Controls: []ldap.Control(nil), } @@ -655,8 +655,8 @@ var classesByUUIDSearchNotFound *ldap.SearchRequest = &ldap.SearchRequest{ BaseDN: "ou=groups,dc=test", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationClass)(|(entryUUID=does-not-exist)(ocEducationExternalId=does-not-exist)))", - Attributes: []string{"cn", "entryUUID", "ocEducationClassType", "ocEducationExternalId", "ocMemberOfSchool", "ocEducationTeacherMember"}, + Filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=does-not-exist)(openCloudEducationExternalId=does-not-exist)))", + Attributes: []string{"cn", "entryUUID", "openCloudEducationClassType", "openCloudEducationExternalId", "openCloudMemberOfSchool", "openCloudEducationTeacherMember"}, Controls: []ldap.Control(nil), } @@ -664,8 +664,8 @@ var classesByUUIDSearchFound *ldap.SearchRequest = &ldap.SearchRequest{ BaseDN: "ou=groups,dc=test", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationClass)(|(entryUUID=abcd-defg)(ocEducationExternalId=abcd-defg)))", - Attributes: []string{"cn", "entryUUID", "ocEducationClassType", "ocEducationExternalId", "ocMemberOfSchool", "ocEducationTeacherMember"}, + Filter: "(&(objectClass=openCloudEducationClass)(|(entryUUID=abcd-defg)(openCloudEducationExternalId=abcd-defg)))", + Attributes: []string{"cn", "entryUUID", "openCloudEducationClassType", "openCloudEducationExternalId", "openCloudMemberOfSchool", "openCloudEducationTeacherMember"}, Controls: []ldap.Control(nil), } diff --git a/services/graph/pkg/identity/ldap_education_user_test.go b/services/graph/pkg/identity/ldap_education_user_test.go index 169837c42b..8da164531e 100644 --- a/services/graph/pkg/identity/ldap_education_user_test.go +++ b/services/graph/pkg/identity/ldap_education_user_test.go @@ -22,7 +22,7 @@ var eduUserAttrs = []string{ "userTypeAttribute", "openCloudExternalIdentity", "userClass", - "ocMemberOfSchool", + "openCloudMemberOfSchool", } var eduUserEntry = ldap.NewEntry("uid=user,ou=people,dc=test", @@ -55,12 +55,12 @@ var renamedEduUserEntry = ldap.NewEntry("uid=newtestuser,ou=people,dc=test", }) var eduUserEntryWithSchool = ldap.NewEntry("uid=user,ou=people,dc=test", map[string][]string{ - "uid": {"testuser"}, - "displayname": {"Test User"}, - "mail": {"user@example"}, - "entryuuid": {"abcd-defg"}, - "userClass": {"student"}, - "ocMemberOfSchool": {"abcd-defg"}, + "uid": {"testuser"}, + "displayname": {"Test User"}, + "mail": {"user@example"}, + "entryuuid": {"abcd-defg"}, + "userClass": {"student"}, + "openCloudMemberOfSchool": {"abcd-defg"}, "openCloudExternalIdentity": { "$ http://idp $ testuser", "xxx $ http://idpnew $ xxxxx-xxxxx-xxxxx", @@ -71,7 +71,7 @@ var sr1 *ldap.SearchRequest = &ldap.SearchRequest{ BaseDN: "ou=people,dc=test", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationUser)(|(uid=abcd-defg)(entryUUID=abcd-defg)))", + Filter: "(&(objectClass=openCloudEducationUser)(|(uid=abcd-defg)(entryUUID=abcd-defg)))", Attributes: eduUserAttrs, Controls: []ldap.Control(nil), } @@ -79,7 +79,7 @@ var sr2 *ldap.SearchRequest = &ldap.SearchRequest{ BaseDN: "ou=people,dc=test", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationUser)(|(uid=xxxx-xxxx)(entryUUID=xxxx-xxxx)))", + Filter: "(&(objectClass=openCloudEducationUser)(|(uid=xxxx-xxxx)(entryUUID=xxxx-xxxx)))", Attributes: eduUserAttrs, Controls: []ldap.Control(nil), } @@ -166,7 +166,7 @@ func TestGetEducationUsers(t *testing.T) { BaseDN: "ou=people,dc=test", Scope: 2, SizeLimit: 0, - Filter: "(objectClass=ocEducationUser)", + Filter: "(objectClass=openCloudEducationUser)", Attributes: eduUserAttrs, Controls: []ldap.Control(nil), } @@ -186,7 +186,7 @@ func TestUpdateEducationUser(t *testing.T) { BaseDN: "ou=people,dc=test", Scope: 2, SizeLimit: 1, - Filter: "(&(objectClass=ocEducationUser)(|(uid=testuser)(entryUUID=testuser)))", + Filter: "(&(objectClass=openCloudEducationUser)(|(uid=testuser)(entryUUID=testuser)))", Attributes: eduUserAttrs, } userLookupReq := &ldap.SearchRequest{ @@ -200,7 +200,7 @@ func TestUpdateEducationUser(t *testing.T) { BaseDN: "uid=newtestuser,ou=people,dc=test", Scope: 0, SizeLimit: 1, - Filter: "(objectClass=ocEducationUser)", + Filter: "(objectClass=openCloudEducationUser)", Attributes: eduUserAttrs, } groupSearchReq := &ldap.SearchRequest{