Separate miab and miab-ldap migrations

Add tests for migrating from miab w/totp (migration 13) to miab-ldap
2026-03-05 15:57:23 +01:00 · 2020-09-16 09:00:27 -04:00
parent b3e789a4e2
commit 7c29628530
10 changed files with 169 additions and 18 deletions
--- a/tests/suites/_init.sh
+++ b/tests/suites/_init.sh
@@ -168,7 +168,7 @@ skip_test() {
 	if [ "$SKIP_REMOTE_SMTP_TESTS" == "yes" ] &&
 		   array_contains "remote-smtp" "$@";
 	then
-		test_skip "-no-smtp-remote option given"
+		test_skip "no-smtp-remote option given"
 		return 0
 	fi
 	
--- a/tests/suites/upgrade.sh
+++ b/tests/suites/upgrade.sh
@@ -38,7 +38,7 @@ verify_populate() {



-suite_start "upgrade"
+suite_start "upgrade-$1"

 export ASSETS_DIR
 export MIAB_DIR
--- a/tests/system-setup/populate/totpuser-data.sh
+++ b/tests/system-setup/populate/totpuser-data.sh
@@ -0,0 +1,9 @@
+#
+# requires:
+#    lib scripts: [ misc.sh ]
+#    system-setup scripts: [ setup-defaults.sh ]
+#
+
+TEST_USER="totp_admin@$(email_domainpart "$EMAIL_ADDR")"
+TEST_USER_PASS="$(static_qa_password)"
+TEST_USER_TOTP_SECRET="6VXVWOSCY7JLU4VBZ6LQEJSBN6WYWECU"
--- a/tests/system-setup/populate/totpuser-populate.sh
+++ b/tests/system-setup/populate/totpuser-populate.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+. "$(dirname "$0")/../setup-defaults.sh" || exit 1
+. "$(dirname "$0")/../../lib/all.sh" "$(dirname "$0")/../../lib" || exit 1
+. "$(dirname "$0")/totpuser-data.sh" || exit 1
+
+
+url=""
+admin_email="$EMAIL_ADDR"
+admin_pass="$EMAIL_PW"
+
+
+#
+# Add user
+#
+if ! populate_miab_users "$url" "$admin_email" "$admin_pass" "${TEST_USER}:${TEST_USER_PASS}"
+then
+    echo "Unable to add user"
+    exit 1
+fi
+
+# make the user an admin
+if ! rest_urlencoded POST "${url%/}/admin/mail/users/privileges/add" "$admin_email" "$admin_pass" --insecure -- "email=$TEST_USER" "privilege=admin" 2>/dev/null
+then
+    echo "Unable to add 'admin' privilege. err=$REST_ERROR" 1>&2
+    exit 1
+fi
+
+# enable totp
+if ! rest_urlencoded POST "${url%/}/admin/mfa/totp/enable" "$TEST_USER" "$TEST_USER_PASS" --insecure "secret=$TEST_USER_TOTP_SECRET" "token=$(totp_current_token "$TEST_USER_TOTP_SECRET")" 2>/dev/null; then
+    echo "Unable to enable TOTP. err=$REST_ERROR" 1>&2
+    exit 1
+fi
+
+
+exit 0
+
--- a/tests/system-setup/populate/totpuser-verify.sh
+++ b/tests/system-setup/populate/totpuser-verify.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+. "$(dirname "$0")/../setup-defaults.sh" || exit 1
+. "$(dirname "$0")/../../lib/all.sh" "$(dirname "$0")/../../lib" || exit 1
+. "$(dirname "$0")/totpuser-data.sh" || exit 1
+
+. /etc/mailinabox.conf || exit 1
+. "${STORAGE_ROOT}/ldap/miab_ldap.conf" || exit 1
+
+
+die() {
+    echo "$1"
+    exit 1
+}
+
+. "$MIAB_DIR/setup/functions-ldap.sh" || exit 1
+
+
+# the user's ldap entry contains the TOTP secret
+# 
+# other tests verify the functioning of totp - just make sure the totp
+# secret was migrated
+#
+get_attribute "$LDAP_USERS_BASE" "(&(mail=$TEST_USER)(objectClass=totpUser))" "totpSecret"
+if [ -z "$ATTR_DN" ]; then
+	echo "totpUser objectClass and secret not present"
+    exit 1
+fi
+
+if [ "$ATTR_VALUE" != "$TEST_USER_TOTP_SECRET" ]; then
+    echo "totpSecret mismatch"
+    exit 1
+fi
+
+echo "OK totpuser-verify passed"
+exit 0
--- a/tests/system-setup/setup-defaults.sh
+++ b/tests/system-setup/setup-defaults.sh
@@ -34,4 +34,5 @@ export NC_ADMIN_USER="${NC_ADMIN_USER:-admin}"
 export NC_ADMIN_PASSWORD="${NC_ADMIN_PASSWORD:-Test_1234}"

 # For setup scripts that install upstream versions
-export MIAB_UPSTREAM_GIT="https://github.com/mail-in-a-box/mailinabox.git"
+export MIAB_UPSTREAM_GIT="${MIAB_UPSTREAM_GIT:-https://github.com/mail-in-a-box/mailinabox.git}"
+export UPSTREAM_TAG="${UPSTREAM_TAG:-}"
--- a/tests/system-setup/setup-funcs.sh
+++ b/tests/system-setup/setup-funcs.sh
@@ -235,12 +235,13 @@ miab_ldap_install() {


 populate_by_name() {
-    local populate_name="$1"
-
-    H1 "Populate Mail-in-a-Box ($populate_name)"
-    local populate_script="tests/system-setup/populate/${populate_name}-populate.sh"
-    if [ ! -e "$populate_script" ]; then
-        die "Does not exist: $populate_script"
-    fi
-    "$populate_script" || die "Failed: $populate_script"
+    local populate_name
+    for populate_name; do
+        H1 "Populate Mail-in-a-Box ($populate_name)"
+        local populate_script="tests/system-setup/populate/${populate_name}-populate.sh"
+        if [ ! -e "$populate_script" ]; then
+            die "Does not exist: $populate_script"
+        fi
+        "$populate_script" || die "Failed: $populate_script"
+    done
 }
--- a/tests/system-setup/upgrade-from-upstream.sh
+++ b/tests/system-setup/upgrade-from-upstream.sh
@@ -113,7 +113,7 @@ case "$1" in
        ;;
    populate )
        . /etc/mailinabox.conf
-        populate_by_name "${1:-basic}"
+        populate_by_name "${2:-basic}"
        exit $?
        ;;
 esac
@@ -137,7 +137,11 @@ else
    . /etc/mailinabox.conf
    
    # populate some data
-    populate_by_name "${1:-basic}"
+    if [ $# -gt 0 ]; then
+        populate_by_name "$@"
+    else
+        populate_by_name "basic" "totpuser"
+    fi

    # capture upstream state
    pushd "$upstream_dir" >/dev/null