Allow additional attribute mappings in ldap

This is needed as a work around for objectclasses that require additional
attributes other than just what is supplied in user_id_attribute and
user_name_attribute.

Change-Id: Ie6cdd0534b8389f62f98fdca7d19bc0feb9c131f
Fixes: bug #1158077

1 files changed, 20 insertions, 0 deletions

diff --git a/tests/test_backend_ldap.py b/tests/test_backend_ldap.py
index 6db626d8..b0ce3920 100644
--- a/tests/test_backend_ldap.py
+++ b/tests/test_backend_ldap.py
@@ -364,6 +364,26 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
             'Invalid LDAP deref option: %s\.' % CONF.ldap.alias_dereferencing,
             identity.backends.ldap.Identity)
 
+    def test_user_extra_attribute_mapping(self):
+        CONF.ldap.user_additional_attribute_mapping = ['description:name']
+        self.identity_api = identity.backends.ldap.Identity()
+        user = {
+            'id': 'extra_attributes',
+            'name': 'EXTRA_ATTRIBUTES',
+            'password': 'extra',
+        }
+        self.identity_api.create_user(user['id'], user)
+        dn, attrs = self.identity_api.user._ldap_get(user['id'])
+        self.assertTrue(user['name'] in attrs['description'])
+
+    def test_parse_extra_attribute_mapping(self):
+        option_list = ['description:name', 'gecos:password',
+                       'fake:invalid', 'invalid1', 'invalid2:',
+                       'description:name:something']
+        mapping = self.identity_api.user._parse_extra_attrs(option_list)
+        expected_dict = {'description': 'name', 'gecos': 'password'}
+        self.assertDictEqual(expected_dict, mapping)
+
 # TODO (henry-nash) These need to be removed when the full LDAP implementation
 # is submitted - see Bugs 1092187, 1101287, 1101276, 1101289