1 #include "mock_user_mgr.hpp"
2 #include <xyz/openbmc_project/User/Common/error.hpp>
3 #include <xyz/openbmc_project/Common/error.hpp>
4 #include <gtest/gtest.h>
5 #include <exception>
6 
7 namespace phosphor
8 {
9 namespace user
10 {
11 
12 using ::testing::Return;
13 
14 using InternalFailure =
15     sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
16 
17 class TestUserMgr : public testing::Test
18 {
19   public:
20     sdbusplus::bus::bus bus;
21     MockManager mockManager;
22 
23     TestUserMgr() :
24         bus(sdbusplus::bus::new_default()), mockManager(bus, objpath)
25     {
26     }
27 
28     void createLocalUser(const std::string &userName,
29                          std::vector<std::string> groupNames,
30                          const std::string &priv, bool enabled)
31     {
32         std::string userObj = std::string(usersObjPath) + "/" + userName;
33         mockManager.usersList.emplace(
34             userName, std::move(std::make_unique<phosphor::user::Users>(
35                           mockManager.bus, userObj.c_str(), groupNames, priv,
36                           enabled, mockManager)));
37     }
38 
39     DbusUserObj createPrivilegeMapperDbusObject(void)
40     {
41         DbusUserObj object;
42         DbusUserObjValue objValue;
43 
44         DbusUserObjPath obj_path("/xyz/openbmc_project/user/ldap/openldap");
45         DbusUserPropVariant enabled(true);
46         DbusUserObjProperties property = {std::make_pair("Enabled", enabled)};
47         std::string intf = "xyz.openbmc_project.Object.Enable";
48         objValue.emplace(intf, property);
49         object.emplace(obj_path, objValue);
50 
51         DbusUserObjPath object_path(
52             "/xyz/openbmc_project/user/ldap/openldap/role_map/1");
53         std::string group = "ldapGroup";
54         std::string priv = "priv-admin";
55         DbusUserObjProperties properties = {std::make_pair("GroupName", group),
56                                             std::make_pair("Privilege", priv)};
57         std::string interface = "xyz.openbmc_project.User.PrivilegeMapperEntry";
58 
59         objValue.emplace(interface, properties);
60         object.emplace(object_path, objValue);
61 
62         return object;
63     }
64 
65     DbusUserObj createLdapConfigObjectWithoutPrivilegeMapper(void)
66     {
67         DbusUserObj object;
68         DbusUserObjValue objValue;
69 
70         DbusUserObjPath obj_path("/xyz/openbmc_project/user/ldap/openldap");
71         DbusUserPropVariant enabled(true);
72         DbusUserObjProperties property = {std::make_pair("Enabled", enabled)};
73         std::string intf = "xyz.openbmc_project.Object.Enable";
74         objValue.emplace(intf, property);
75         object.emplace(obj_path, objValue);
76         return object;
77     }
78 };
79 
80 TEST_F(TestUserMgr, ldapEntryDoesNotExist)
81 {
82     std::string userName = "user";
83     UserInfoMap userInfo;
84 
85     EXPECT_CALL(mockManager, getLdapGroupName(userName))
86         .WillRepeatedly(Return(""));
87     EXPECT_THROW(userInfo = mockManager.getUserInfo(userName), InternalFailure);
88 }
89 
90 TEST_F(TestUserMgr, localUser)
91 {
92     UserInfoMap userInfo;
93     std::string userName = "testUser";
94     std::string privilege = "priv-admin";
95     std::vector<std::string> groups{"testGroup"};
96     // Create local user
97     createLocalUser(userName, groups, privilege, true);
98     EXPECT_CALL(mockManager, userLockedForFailedAttempt(userName)).Times(1);
99     userInfo = mockManager.getUserInfo(userName);
100 
101     EXPECT_EQ(privilege, std::get<std::string>(userInfo["UserPrivilege"]));
102     EXPECT_EQ(groups,
103               std::get<std::vector<std::string>>(userInfo["UserGroups"]));
104     EXPECT_EQ(true, std::get<bool>(userInfo["UserEnabled"]));
105     EXPECT_EQ(false, std::get<bool>(userInfo["UserLockedForFailedAttempt"]));
106     EXPECT_EQ(false, std::get<bool>(userInfo["UserPasswordExpired"]));
107     EXPECT_EQ(false, std::get<bool>(userInfo["RemoteUser"]));
108 }
109 
110 TEST_F(TestUserMgr, ldapUserWithPrivMapper)
111 {
112     UserInfoMap userInfo;
113     std::string userName = "ldapUser";
114     std::string ldapGroup = "ldapGroup";
115 
116     EXPECT_CALL(mockManager, getLdapGroupName(userName))
117         .WillRepeatedly(Return(ldapGroup));
118     // Create privilege mapper dbus object
119     DbusUserObj object = createPrivilegeMapperDbusObject();
120     EXPECT_CALL(mockManager, getPrivilegeMapperObject())
121         .WillRepeatedly(Return(object));
122     userInfo = mockManager.getUserInfo(userName);
123     EXPECT_EQ(true, std::get<bool>(userInfo["RemoteUser"]));
124     EXPECT_EQ("priv-admin", std::get<std::string>(userInfo["UserPrivilege"]));
125 }
126 
127 TEST_F(TestUserMgr, ldapUserWithoutPrivMapper)
128 {
129     UserInfoMap userInfo;
130     std::string userName = "ldapUser";
131     std::string ldapGroup = "ldapGroup";
132 
133     EXPECT_CALL(mockManager, getLdapGroupName(userName))
134         .WillRepeatedly(Return(ldapGroup));
135     // Create LDAP config object without privilege mapper
136     DbusUserObj object = createLdapConfigObjectWithoutPrivilegeMapper();
137     EXPECT_CALL(mockManager, getPrivilegeMapperObject())
138         .WillRepeatedly(Return(object));
139     userInfo = mockManager.getUserInfo(userName);
140     EXPECT_EQ(true, std::get<bool>(userInfo["RemoteUser"]));
141     EXPECT_EQ("", std::get<std::string>(userInfo["UserPrivilege"]));
142 }
143 } // namespace user
144 } // namespace phosphor
145