ylqjgm
/
canvas-lms
mirror of https://github.com/instructure/canvas-lms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add more detailed errors to ldap tester 

fixes #6347

* logs more information on ldap failures and passes it down to the browser in
  the ajax response.
* fixes a crazy javascript bug where we were accidentally using a reserved
  global var in webkit, 'status', which is a string, which interacted strangely
  with our use of it as a boolean. this fixes the tester for firefox/ie

test plan:
(for #6347)
- use the tester in firefox and ie, it should work

(for error messages)
- one at a time, change the fields of a config, and run the tester
- you should get (slightly) more helpful error messages about what is failing,
  based on status returned from the server.

Change-Id: Ic0837d7ff9f6283d615ddd4bbeef5a957dbd6553
Reviewed-on: https://gerrit.instructure.com/12880
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
This commit is contained in:
Simon Williams 2012-08-10 13:10:14 -06:00
parent 0f6eae3cf1
commit 1f4599b456
4 changed files with 109 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
app/models/account_authorization_config.rb
View File

@ -227,36 +227,38 @@ class AccountAuthorizationConfig < ActiveRecord::Base
TCPSocket.open(self.auth_host, self.auth_port)
end
return true
rescue SocketError
self.errors.add(:ldap_connection_test, t(:test_host_unknown, "Unknown host: %{host}", :host => self.auth_host))
rescue Timeout::Error
self.errors.add(
:ldap_connection_test,
t(:test_connection_timeout, "Timeout when connecting")
)
rescue
self.errors.add(
:ldap_connection_test,
t(:test_connection_failed, "Failed to connect to host/port")
)
self.errors.add(:ldap_connection_test, t(:test_connection_timeout, "Timeout when connecting"))
rescue => e
self.errors.add(:ldap_connection_test, e.message)
end
false
end
def test_ldap_bind
begin
return self.ldap_connection.bind
rescue
self.errors.add(
:ldap_bind_test,
t(:test_bind_failed, "Failed to bind")
)
conn = self.ldap_connection
unless res = conn.bind
error = conn.get_operation_result
self.errors.add(:ldap_bind_test, "Error #{error.code}: #{error.message}")
end
return res
rescue => e
self.errors.add(:ldap_bind_test, t(:test_bind_failed, "Failed to bind with the following error: %{error}", :error => e.message))
return false
end
end
def test_ldap_search
begin
res = self.ldap_connection.search {|s| break s}
return true if res
conn = self.ldap_connection
unless res = conn.search {|s| break s}
error = conn.get_operation_result
self.errors.add(:ldap_search_test, "Error #{error.code}: #{error.message}")
end
return res.present?
rescue
self.errors.add(
:ldap_search_test,

28
app/views/account_authorization_configs/_ldap_settings_test.html.erb
View File

@ -115,6 +115,7 @@ require([
function clearTestLDAP() {
<% ldap_tests.each do |test| %>
$("#ldap_<%= test.test_type %>_result").html("");
$("#ldap_<%= test.test_type %>_help .server_error").remove();
$("#ldap_<%= test.test_type %>_help").hide();
<% end %>
$("#ldap_login_result").html("");
@ -124,13 +125,17 @@ require([
function <%= test.js_function %>() {
$("#ldap_<%= test.test_type %>_result").html("<img src='/images/ajax-loader.gif'/>");
$.getJSON('<%= context_url(@account, test.url_context) %>', function(data) {
status = true;
var success = true;
var server_error = "";
$.each(data, function(i, config) {
if (!config['ldap_<%= test.test_type %>_test']) {
status = false;
success = false;
if(config['errors'][0] && config['errors'][0]['ldap_<%= test.test_type %>_test']) {
server_error = config['errors'][0]['ldap_<%= test.test_type %>_test'];
}
}
});
if (status == "true") {
if (success) {
$("#ldap_<%= test.test_type %>_result").html("<h4 style='color:green'>" + <%= jt('#accounts.test_ldap_result_ok', 'OK') %> + "</h4>");
<% if next_test = ldap_tests[i+1] %>
// proceed to the next test
@ -142,6 +147,9 @@ require([
} else {
$("#ldap_<%= test.test_type %>_result").html("<h4 style='color:red'>" + <%= jt('#accounts.test_ldap_result_failed', 'Failed') %> + "</h4>");
$("#ldap_<%= test.test_type %>_help").show();
$server_error = $('<p></p>').addClass("server_error").css("color", "red").html(server_error);
$("#ldap_<%= test.test_type %>_help").append($server_error);
<% ldap_tests[i+1..-1].each do |next_test| %>
$("#ldap_<%= next_test.test_type %>_result").html("<h4 style='color:red'>" + <%= jt('#accounts.test_ldap_result_canceled', 'Canceled') %> + "</h4>");
<% end %>
@ -153,15 +161,15 @@ require([
function testLDAPLogin() {
$("#ldap_test_login").attr('disabled', 'true').attr('value', 'Testing...');
$("#ldap_login_result").html("<img src='/images/ajax-loader.gif'/>");
username = $("#ldap_test_login_user").val();
password = $("#ldap_test_login_pass").val();
url = '<%= context_url(@account, :context_test_ldap_logins_url) %>';
var username = $("#ldap_test_login_user").val();
var password = $("#ldap_test_login_pass").val();
var url = '<%= context_url(@account, :context_test_ldap_logins_url) %>';
$.post(url, {'username': username, 'password': password, authenticity_token: '<%= form_authenticity_token %>'}, function(data) {
status = true;
message = "";
var success = true;
var message = "";
$.each(data, function(i, config) {
if (!config['ldap_login_test']) {
status = false;
success = false;
}
if (config['errors']) {
$.each(config['errors'], function(i, m) {
@ -171,7 +179,7 @@ require([
});
}
});
if (status == "true") {
if (success) {
$("#ldap_login_help_error").hide();
$("#ldap_login_result").html("<h4 style='color:green'>" + <%= jt('#accounts.test_ldap_result_ok', 'OK') %> + "</h4>");
$("#ldap_test_login").attr('disabled', '').attr('value', 'Test Login');

53
config/initializers/net_ldap.rb Normal file
View File

@ -0,0 +1,53 @@
Net::LDAP::ResultStrings.merge!({
0 => "Success Hi",
1 => "Operation Error",
2 => "Protocol Error",
3 => "Time Limit Exceeded",
4 => "Size Limit Exceeded",
5 => "Compare False",
6 => "Compare True",
7 => "Auth Method Not Supported",
8 => "Strong Auth Required",
9 => "Ldap Partial Results",
10 => "Referral (ldap V3)",
11 => "Admin Limit Exceeded (ldap V3)",
12 => "Unavailable Critical Extension (ldap V3)",
13 => "Confidentiality Required (ldap V3)",
14 => "Sasl Bind In Progress",
16 => "No Such Attribute",
17 => "Undefined Attribute Type",
18 => "Inappropriate Matching",
19 => "Constraint Violation",
20 => "Attribute Or Value Exists",
21 => "Invalid Attribute Syntax",
32 => "No Such Object",
33 => "Alias Problem",
34 => "Invalid Dn Syntax",
35 => "Is Leaf",
36 => "Alias Dereferencing Problem",
48 => "Inappropriate Authentication",
49 => "Invalid Credentials",
50 => "Insufficient Access Rights",
51 => "Busy",
52 => "Unavailable",
53 => "Unwilling To Perform",
54 => "Loop Defect",
64 => "Naming Violation",
65 => "Object Class Violation",
66 => "Not Allowed On Nonleaf",
67 => "Not Allowed On Rdn",
68 => "Entry Already Exists",
69 => "Object Class Mods Prohibited",
71 => "Affects Multiple Dsas (ldap V3)",
80 => "Other",
81 => "Server Down",
85 => "Ldap Timeout",
89 => "Param Error",
91 => "Connect Error",
92 => "Ldap Not Supported",
93 => "Control Not Found",
94 => "No Results Returned",
95 => "More Results To Return",
96 => "Client Loop",
97 => "Referral Limit Exceeded",
})

19
spec/selenium/account_authorization_configs_spec.rb Normal file
View File

@ -0,0 +1,19 @@
require File.expand_path(File.dirname(__FILE__) + '/common')
describe "Account Authorization Configs" do
it_should_behave_like "in-process server selenium tests"
it "should show the error message generated by the server" do
site_admin_logged_in
Account.default.account_authorization_configs.create!({
:auth_host => "blah.blah",
:auth_over_tls => false,
:auth_port => "123",
:auth_type => "ldap",
})
get "/accounts/#{Account.default.id}/account_authorization_configs"
f(".test_ldap_link").click
wait_for_ajaximations
f("#ldap_connection_help .server_error").text.should == "Unknown host: blah.blah"
end
end