Question

在我的Laravel项目中，我使用Ldap-connector package来针对LDAP验证用户

Auth工作正常。

在/app/providers/AuthServiceProvider.php中我定义了一个管理LDAP用户访问权限的策略，例如：

public function boot(GateContract $gate)
{
    $this->registerPolicies($gate);

    $gate->define('rewards', function ($user) {
        return ($user->getAdLDAP()->inGroup('Admin') || $user->getAdLDAP()->inGroup('Marketing')) ? true : false;
    });
    // other policies 
    // ...
}

在控制器中，我检查登录用户的策略，如：

class RewardController extends Controller {
    public function __construct($handler = null) {
        $this->authorize('rewards');
    }
    // other methods
    // ...
}

一切正常，如果登录用户没有Marketing或Admin组，控制器将抛出403例外。

现在，对于我的phpunit测试，我需要模拟LDAP auth并提供对控制器的访问以测试它的方法，否则策略会引发我This action is unauthorized.错误

自实施ldap auth驱动程序以来，我不认为使用了用户模型App/User，而我无法使用来自{{3}的Laravel文档中的$this->actingAs($user)完成此操作}

Answer 1

我能够自己找到解决方案

我将LDAP连接包切换为Adldap2/Adldap2-Laravel

我使用existing unit tests并使用Admin群组用户创建了我自己的身份验证：

<?php

use Adldap\Auth\Guard;
use Adldap\Connections\Manager;
use Adldap\Connections\Provider;
use Adldap\Contracts\Connections\ConnectionInterface;
use Adldap\Laravel\Facades\Adldap;
use Adldap\Models\User;
use Adldap\Query\Builder;
use Adldap\Schemas\Schema;
use Adldap\Search\Factory;
use Illuminate\Support\Facades\Auth;
use Adldap\Models\Group;

class TestCase extends Illuminate\Foundation\Testing\TestCase
{
    public function pass_auth() {

        $mockedProvider = $this->mock(Provider::class);
        $mockedBuilder = $this->mock(Builder::class);
        $mockedSearch = $this->mock(Factory::class);
        $mockedAuth = $this->mock(Guard::class);
        $mockedConnection = $this->mock(ConnectionInterface::class);

        $mockedConnection->shouldReceive('isBound')->once()->andReturn(true);

        $mockedBuilder->shouldReceive('getSchema')->once()->andReturn(Schema::get());
        $mockedBuilder->shouldReceive('getConnection')->once()->andReturn($mockedConnection);

        $adUser = (new User([], $mockedBuilder))->setRawAttributes([
            'samaccountname' => ['jdoe'],
            'mail'           => ['jdoe@email.com'],
            'cn'             => ['John Doe'],
        ]);

        $manager = new Manager();
        $manager->add('default', $mockedProvider);

        Adldap::shouldReceive('getManager')->andReturn($manager);

        $mockedProvider->shouldReceive('search')->once()->andReturn($mockedSearch);
        $mockedProvider->shouldReceive('getSchema')->andReturn(Schema::get());
        $mockedProvider->shouldReceive('auth')->once()->andReturn($mockedAuth);

        $mockedSearch->shouldReceive('users')->once()->andReturn($mockedSearch);
        $mockedSearch->shouldReceive('select')->once()->andReturn($mockedBuilder);

        $mockedBuilder->shouldReceive('whereEquals')->once()->andReturn($mockedBuilder);
        $mockedBuilder->shouldReceive('first')->once()->andReturn($adUser);

        $mockedAuth->shouldReceive('attempt')->once()->andReturn(true);

        $this->assertTrue(Auth::attempt(['username' => 'jdoe', 'password' => '12345']));

        $mockedGroup = $this->mock(Group::class);
        $mockedGroup->shouldReceive('getName')->once()->andReturn('Admin');

        $mockedBuilder->shouldReceive('newInstance')->andReturnSelf();
        $mockedBuilder->shouldReceive('newCollection')->andReturn([$mockedGroup]);

    }
}

此部分将Admin组添加到user模拟

$mockedGroup = $this->mock(Group::class);
$mockedGroup->shouldReceive('getName')->once()->andReturn('Admin');

$mockedBuilder->shouldReceive('newInstance')->andReturnSelf();
$mockedBuilder->shouldReceive('newCollection')->andReturn([$mockedGroup]);

如何模拟LDAP Laravel auth进行单元测试

1 个答案: