Merge pull request #16567 from jvlcek/openidc-rakefile

Enable OpenID-Connect in the appliance console.
ManageIQ · Jul 24, 2018 · b64387c · b64387c
2 parents 8d725a7 + 3a760a0
commit b64387c
Show file tree

Hide file tree

Showing 2 changed files with 79 additions and 5 deletions.
diff --git a/lib/tasks/evm_settings.rake b/lib/tasks/evm_settings.rake
@@ -1,14 +1,18 @@
 module EvmSettings
-  ALLOWED_KEYS = [
+  ALLOWED_KEYS ||= [
     "/authentication/sso_enabled",
     "/authentication/saml_enabled",
+    "/authentication/oidc_enabled",
+    "/authentication/provider_type",
     "/authentication/local_login_disabled"
   ].freeze
 
-  INFO, WARN, ERROR = %w(info warn error)
+  INFO  ||= "info".freeze
+  WARN  ||= "warn".freeze
+  ERROR ||= "error".freeze
 
   def self.get_keys(keylist = nil)
-    keylist = ALLOWED_KEYS unless keylist.present?
+    keylist = ALLOWED_KEYS if keylist.blank?
     settings_hash = Settings.to_hash
     keylist.each do |key|
       validate_key(key)
@@ -80,8 +84,8 @@ module EvmSettings
   private_class_method :str_to_value
 
   def self.value_to_str(value)
-    return "true"  if value  || value =~ /true/i
-    return "false" if !value || value =~ /false/i
+    return "true"  if value == true || value =~ /true/i
+    return "false" if value == false || value =~ /false/i
     value
   end
   private_class_method :value_to_str

diff --git a/spec/lib/tasks/evm_settings_spec.rb b/spec/lib/tasks/evm_settings_spec.rb
@@ -0,0 +1,70 @@
+require "rake"
+
+describe "EvmSettings", :type => :rake_task do
+  let(:task_path) { "lib/tasks/evm_settings" }
+  let(:keys) { ["/authentication/sso_enabled", "/authentication/saml_enabled", "/authentication/oidc_enabled", "/authentication/local_login_disabled"] }
+
+  describe ".get_keys" do
+    context "gets the current keys" do
+      it "when provider_type is none" do
+        @settings_hash =
+          {:authentication => {:user_type            => "userprincipalname",
+                               :amazon_key           => nil,
+                               :oidc_enabled         => false,
+                               :saml_enabled         => false,
+                               :local_login_disabled => false,
+                               :provider_type        => "none",
+                               :sso_enabled          => false},
+           :binary_blob    => {:purge_window_size    => 100}}
+
+        allow(Settings).to receive(:to_hash).and_return(@settings_hash)
+        expect(STDOUT).to receive(:puts).with("/authentication/sso_enabled=false")
+        expect(STDOUT).to receive(:puts).with("/authentication/saml_enabled=false")
+        expect(STDOUT).to receive(:puts).with("/authentication/oidc_enabled=false")
+        expect(STDOUT).to receive(:puts).with("/authentication/provider_type=none")
+        expect(STDOUT).to receive(:puts).with("/authentication/local_login_disabled=false")
+        EvmSettings.get_keys
+      end
+
+      it "when provider_type is oidc" do
+        @settings_hash =
+          {:authentication => {:user_type            => "userprincipalname",
+                               :amazon_key           => nil,
+                               :oidc_enabled         => true,
+                               :saml_enabled         => false,
+                               :local_login_disabled => false,
+                               :provider_type        => "oidc",
+                               :sso_enabled          => false},
+           :binary_blob    => {:purge_window_size    => 100}}
+
+        allow(Settings).to receive(:to_hash).and_return(@settings_hash)
+        expect(STDOUT).to receive(:puts).with("/authentication/sso_enabled=false")
+        expect(STDOUT).to receive(:puts).with("/authentication/saml_enabled=false")
+        expect(STDOUT).to receive(:puts).with("/authentication/oidc_enabled=true")
+        expect(STDOUT).to receive(:puts).with("/authentication/provider_type=oidc")
+        expect(STDOUT).to receive(:puts).with("/authentication/local_login_disabled=false")
+        EvmSettings.get_keys
+      end
+
+      it "when provider_type is saml" do
+        @settings_hash =
+          {:authentication => {:user_type            => "userprincipalname",
+                               :amazon_key           => nil,
+                               :oidc_enabled         => false,
+                               :saml_enabled         => true,
+                               :local_login_disabled => false,
+                               :provider_type        => "saml",
+                               :sso_enabled          => false},
+           :binary_blob    => {:purge_window_size    => 100}}
+
+        allow(Settings).to receive(:to_hash).and_return(@settings_hash)
+        expect(STDOUT).to receive(:puts).with("/authentication/sso_enabled=false")
+        expect(STDOUT).to receive(:puts).with("/authentication/saml_enabled=true")
+        expect(STDOUT).to receive(:puts).with("/authentication/oidc_enabled=false")
+        expect(STDOUT).to receive(:puts).with("/authentication/provider_type=saml")
+        expect(STDOUT).to receive(:puts).with("/authentication/local_login_disabled=false")
+        EvmSettings.get_keys
+      end
+    end
+  end
+end