Joseph Doherty
ddad573b75
- Resolve 14 conflicts from popping local stash on top of origin'seed1e88+8d3352fdoc-comment additions (11 mechanical, plus version.rs, DashboardAuthenticatorTests.cs, DashboardGalaxyProjector.cs) - Fix 4 test files that used AGENTS.md as the repo-root sentinel (now use CLAUDE.md, since AGENTS.md was removed in4731ab5) - Redirect 10 doc citations from AGENTS.md to the matching gateway.md sections (Value Model, Status Model, Security, STA Worker Thread Model, gRPC Layer rule, cancellation rule) Verified: solution build clean, x86 worker build clean, 266/266 gateway tests passing, 121/121 worker tests passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
75 lines
2.2 KiB
C#
75 lines
2.2 KiB
C#
using Microsoft.Extensions.Logging.Abstractions;
|
|
using Microsoft.Extensions.Options;
|
|
using MxGateway.Server.Configuration;
|
|
using MxGateway.Server.Dashboard;
|
|
|
|
namespace MxGateway.Tests.Gateway.Dashboard;
|
|
|
|
public sealed class DashboardAuthenticatorTests
|
|
{
|
|
[Fact]
|
|
public void EscapeLdapFilter_EscapesSpecialCharacters()
|
|
{
|
|
string escaped = DashboardAuthenticator.EscapeLdapFilter("a\\b*c(d)e\0f");
|
|
|
|
Assert.Equal("a\\5cb\\2ac\\28d\\29e\\00f", escaped);
|
|
}
|
|
|
|
[Theory]
|
|
[InlineData("GwAdmin", true)]
|
|
[InlineData("gwadmin", true)]
|
|
[InlineData("ou=GwAdmin,ou=groups,dc=lmxopcua,dc=local", true)]
|
|
[InlineData("OtherGroup", false)]
|
|
public void IsMemberOfRequiredGroup_MatchesShortNameAndDistinguishedName(
|
|
string requiredGroup,
|
|
bool expected)
|
|
{
|
|
string[] groups =
|
|
[
|
|
"ou=ReadOnly,ou=groups,dc=lmxopcua,dc=local",
|
|
"ou=GwAdmin,ou=groups,dc=lmxopcua,dc=local"
|
|
];
|
|
|
|
bool result = DashboardAuthenticator.IsMemberOfRequiredGroup(groups, requiredGroup);
|
|
|
|
Assert.Equal(expected, result);
|
|
}
|
|
|
|
[Fact]
|
|
public void ExtractFirstRdnValue_ReturnsLeadingRdnValue()
|
|
{
|
|
string result = DashboardAuthenticator.ExtractFirstRdnValue(
|
|
"CN=Gateway Admins,OU=Groups,DC=example,DC=com");
|
|
|
|
Assert.Equal("Gateway Admins", result);
|
|
}
|
|
|
|
[Fact]
|
|
public async Task AuthenticateAsync_LdapDisabled_ReturnsFailureWithoutRawCredentials()
|
|
{
|
|
DashboardAuthenticator authenticator = CreateAuthenticator(new GatewayOptions
|
|
{
|
|
Ldap = new LdapOptions
|
|
{
|
|
Enabled = false,
|
|
},
|
|
});
|
|
|
|
DashboardAuthenticationResult result = await authenticator.AuthenticateAsync(
|
|
"admin",
|
|
"admin123",
|
|
CancellationToken.None);
|
|
|
|
Assert.False(result.Succeeded);
|
|
Assert.Null(result.Principal);
|
|
Assert.DoesNotContain("admin123", result.FailureMessage, StringComparison.Ordinal);
|
|
}
|
|
|
|
private static DashboardAuthenticator CreateAuthenticator(GatewayOptions options)
|
|
{
|
|
return new DashboardAuthenticator(
|
|
Options.Create(options),
|
|
NullLogger<DashboardAuthenticator>.Instance);
|
|
}
|
|
}
|