Add basic test of LDAP profile check_attribute

diff --git a/src/tests/modules/ldap/module.conf b/src/tests/modules/ldap/module.conf
index 3f1a58d2de5f24e0f59f6f62c5b14b35e9677e24..15c42c9a22c788dd3861895277d7b12becf0ca29 100644 (file)
--- a/src/tests/modules/ldap/module.conf
+++ b/src/tests/modules/ldap/module.conf
@@ -278,6 +278,7 @@ ldap {
                attribute = 'radiusProfileDn'
                attribute_suspend = "radiusProfileSuspendedDn"
                sort_by = 'radiusProfilePriority'
+               check_attribute = 'radiusProfileCondition'
        }
 
        #

diff --git a/src/tests/modules/ldap/xlat_profile.unlang b/src/tests/modules/ldap/xlat_profile.unlang
index aa62c1b38f1090e5ecd00fadd522de1b078cf25f..ba0a67cf5294a5011ab13af3a7fd9cada56afd55 100644 (file)
--- a/src/tests/modules/ldap/xlat_profile.unlang
+++ b/src/tests/modules/ldap/xlat_profile.unlang
@@ -71,4 +71,17 @@ if (reply.Reply-Message != 'Guten Tag') {
 
 reply := {}
 
+# Re-run the above with a different user name - the profile with "Guten Tag"
+# as the reply message has a condition of User-Name == bob
+&User-Name := 'john'
+if (!%ldap.profile('cn=nested,ou=profiles,dc=example,dc=com')) {
+       test_fail
+}
+
+if (reply.Reply-Message != 'Good Day') {
+       test_fail
+}
+
+reply := {}
+
 test_pass

diff --git a/src/tests/salt-test-server/salt/ldap/base.ldif b/src/tests/salt-test-server/salt/ldap/base.ldif
index b7d7235b2b86653af2f7fd620de1b355c6424cd6..5db1d8e18d2c182f3e8d017bac3000c0311c3df7 100644 (file)
--- a/src/tests/salt-test-server/salt/ldap/base.ldif
+++ b/src/tests/salt-test-server/salt/ldap/base.ldif
@@ -128,6 +128,7 @@ objectClass: radiusprofile
 cn: child1
 radiusAttribute: reply.Reply-Message := 'Guten Tag'
 radiusProfilePriority: 2
+radiusProfileCondition: User-Name == 'bob'
 
 dn: cn=child2,cn=nested,ou=profiles,dc=example,dc=com
 objectClass: freeradiusPolicy