Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(LDAP): add integration tests for LDAP Authorization #812

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat(LDAP): add integration tests for LDAP Authorization #812

wants to merge 1 commit into from
+255 −0

Conversation

sixdouglas
Copy link
Contributor

  • Breaking change? (if so, please describe the impact and migration path for existing application instances)

What changes did you make? (Give an overview)

This is a PR to add Integration tests for the LDAP Authorization capability. Based on the work done for Active Directory in #726

closes #782

Is there anything you'd like reviewers to focus on?

How Has This Been Tested? (put an "x" (case-sensitive!) next to an item)

  • No need to
  • Manually (please, describe, if necessary)
  • Unit checks
  • Integration checks
  • Covered by existing automation

Checklist (put an "x" (case-sensitive!) next to all the items, otherwise the build will fail)

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation (e.g. ENVIRONMENT VARIABLES)
  • My changes generate no new warnings (e.g. Sonar is happy)
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged

Check out Contributing and Code of Conduct

A picture of a cute animal (not mandatory but encouraged)

@sixdouglas sixdouglas requested a review from a team as a code owner February 2, 2025 11:10
@kapybro kapybro bot added status/triage Issues pending maintainers triage status/triage/manual Manual triage in progress status/triage/completed Automatic triage completed and removed status/triage Issues pending maintainers triage labels Feb 2, 2025
Haarolean
Haarolean requested changes Feb 3, 2025
View reviewed changes
Copy link
Member

@Haarolean Haarolean left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sixdouglas thank you very much for raising this PR, LDAP tests are much needed indeed :)

api/src/test/resources/application-rbac-ldap.yml Outdated
group-filter-search-base: "ou=people,dc=kafbat,dc=io" # required for RBAC
oauth2:
ldap:
activeDirectory: false
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this can be removed as it should default to false anyway, might be a good thing to catch possible issues like in https://github.com/kafbat/kafka-ui/pull/779/files

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, you're right, let's remove redundant config settings

api/src/test/java/io/kafbat/ui/OpenLdapPIntegrationTest.java Outdated
assertTrue(info.getRbacEnabled());
System.out.println("info = " + info);
List<UserPermissionDTO> permissions = info.getUserInfo().getPermissions();
assertFalse(permissions.isEmpty());
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this particular test looks redundant -- in testUserPermissions we've asserted that permissions of jacksmith are the same as johndoe's and have a topic permissions

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree, I've created this test while debugging config issues.
Not needed anymore, I'll remove it

api/src/test/java/io/kafbat/ui/OpenLdapPIntegrationTest.java Outdated Show resolved Hide resolved
api/src/test/java/io/kafbat/ui/OpenLdapPIntegrationTest.java Outdated
@Override
public void initialize(ConfigurableApplicationContext context) {
System.setProperty("spring.ldap.urls", LDAP_CONTAINER.getLdapUrl());
System.setProperty("oauth2.ldap.activeDirectory", "false");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

perhaps redundant as mentioned in other comment

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove too, thanks for the catch

@sixdouglas sixdouglas force-pushed the feat/ldapIntegrationTests branch from cc01a5c to b155902 Compare February 3, 2025 08:12
@sixdouglas
Copy link
Contributor Author

@Haarolean removing both config:

System.setProperty("oauth2.ldap.activeDirectory", "false");

and this one:

oauth2:
  ldap:
    activeDirectory: false

Break the LDAP tests in the CI, though it works on my machine (I never though I would use this sentence again ;) ).
I'll keep looking for a reason and solution

@Haarolean
Copy link
Member

@Haarolean removing both config:


System.setProperty("oauth2.ldap.activeDirectory", "false");

and this one:


oauth2:

  ldap:

    activeDirectory: false

Break the LDAP tests in the CI, though it works on my machine (I never though I would use this sentence again ;) ).

I'll keep looking for a reason and solution

I'll take a look as well, might be faster

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Haarolean Haarolean Haarolean requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
status/triage/completed Automatic triage completed status/triage/manual Manual triage in progress
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

BE: Impl LDAP integration test
2 participants
@sixdouglas @Haarolean