diff --git a/src/test/ldap-test.js b/src/test/ldap-test.js index cf260addc..f5f9bc5ae 100644 --- a/src/test/ldap-test.js +++ b/src/test/ldap-test.js @@ -291,11 +291,11 @@ describe('Ldap', function () { }); it('cannot get inactive mailbox', async function () { - await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: false }, auditSource); + await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: false, enablePop3: false }, auditSource); const [error] = await safe(ldapSearch(`cn=${mailbox},ou=mailboxes,dc=cloudron`, 'objectclass=mailbox')); expect(error).to.be.a(ldap.NoSuchObjectError); - await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: true }, auditSource); + await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: true, enablePop3: false }, auditSource); }); }); @@ -371,55 +371,55 @@ describe('Ldap', function () { }); }); - describe('user sendmail bind', function () { + describe('user msa bind', function () { it('email disabled - cannot find domain email', async function () { await mail._updateDomain(domain.domain, { enabled: false }); - const [error] = await safe(ldapBind(`cn=${mailbox},ou=sendmail,dc=cloudron`, 'badpassword')); + const [error] = await safe(ldapBind(`cn=${mailbox},ou=msa,dc=cloudron`, 'badpassword')); expect(error).to.be.a(ldap.InvalidCredentialsError); }); it('email enabled - allows with valid email', async function () { await mail._updateDomain(domain.domain, { enabled: true }); - await ldapBind(`cn=${mailbox},ou=sendmail,dc=cloudron`, user.password); + await ldapBind(`cn=${mailbox},ou=msa,dc=cloudron`, user.password); await mail._updateDomain(domain.domain, { enabled: false }); }); it('email enabled - does not allow with invalid password', async function () { await mail._updateDomain(domain.domain, { enabled: true }); - const [error] = await safe(ldapBind(`cn=${mailbox},ou=sendmail,dc=cloudron`, 'badpassword')); + const [error] = await safe(ldapBind(`cn=${mailbox},ou=msa,dc=cloudron`, 'badpassword')); expect(error).to.be.a(ldap.InvalidCredentialsError); await mail._updateDomain(domain.domain, { enabled: false }); }); it('does not allow for inactive mailbox', async function () { await mail._updateDomain(domain.domain, { enabled: true }); - await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: false }, auditSource); - const [error] = await safe(ldapBind(`cn=${mailbox},ou=sendmail,dc=cloudron`, 'badpassword')); + await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: false, enablePop3: false }, auditSource); + const [error] = await safe(ldapBind(`cn=${mailbox},ou=msa,dc=cloudron`, 'badpassword')); expect(error).to.be.a(ldap.NoSuchObjectError); - await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: true }, auditSource); + await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: true, enablePop3: false }, auditSource); }); }); - describe('app sendmail bind', function () { + describe('app msa bind', function () { // these tests should work even when email is disabled before(async function () { await mail._updateDomain(domain.domain, { enabled: false }); }); it('does not allow with invalid app', async function () { - const [error] = await safe(ldapBind(`cn=hacker.app@${domain.domain},ou=sendmail,dc=cloudron`, 'nope')); + const [error] = await safe(ldapBind(`cn=hacker.app@${domain.domain},ou=msa,dc=cloudron`, 'nope')); expect(error).to.be.a(ldap.NoSuchObjectError); }); it('does not allow with invalid password', async function () { - const [error] = await safe(ldapBind(`cn=${app.location}.app@${domain.domain},ou=sendmail,dc=cloudron`, 'nope')); + const [error] = await safe(ldapBind(`cn=${app.location}.app@${domain.domain},ou=msa,dc=cloudron`, 'nope')); expect(error).to.be.a(ldap.NoSuchObjectError); }); it('allows with valid password', async function () { await addonConfigs.set(app.id, 'sendmail', [{ name: 'MAIL_SMTP_USERNAME', value : `${app.location}.app@${domain.domain}` }, { name: 'MAIL_SMTP_PASSWORD', value : 'sendmailpassword' }]), - await ldapBind(`cn=${app.location}.app@${domain.domain},ou=sendmail,dc=cloudron`, 'sendmailpassword'); + await ldapBind(`cn=${app.location}.app@${domain.domain},ou=msa,dc=cloudron`, 'sendmailpassword'); }); }); @@ -443,11 +443,11 @@ describe('Ldap', function () { it('does not allow for inactive mailbox', async function () { await mail._updateDomain(domain.domain, { enabled: true }); - await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: false }, auditSource); + await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: false, enablePop3: false }, auditSource); const [error] = await safe(ldapBind(`cn=${mailbox},ou=imap,dc=cloudron`, 'badpassword')); expect(error).to.be.a(ldap.NoSuchObjectError); await mail._updateDomain(domain.domain, { enabled: false }); - await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: true }, auditSource); + await mail.updateMailbox(mailboxName, domain.domain, { ownerId: user.id, ownerType: mail.OWNERTYPE_USER, active: true, enablePop3: false }, auditSource); }); }); @@ -461,14 +461,21 @@ describe('Ldap', function () { expect(error).to.be.a(ldap.NoSuchObjectError); }); - it('does not allow with invalid password', async function () { - const [error] = await safe(ldapBind(`cn=${app.location}.app@${domain.domain},ou=imap,dc=cloudron`, 'nope')); + it('does not allow with valid password (missing mailbox)', async function () { + await addonConfigs.set(app.id, 'recvmail', [{ name: 'MAIL_IMAP_USERNAME', value : `${app.location}.app@${domain.domain}` }, { name: 'MAIL_IMAP_PASSWORD', value : 'imappassword' }]); + const [error] = await safe(ldapBind(`cn=${app.location}.app@${domain.domain},ou=imap,dc=cloudron`, 'imappassword')); expect(error).to.be.a(ldap.NoSuchObjectError); }); + it('does not allow with invalid password', async function () { + await addonConfigs.set(app.id, 'recvmail', [{ name: 'MAIL_IMAP_USERNAME', value : `${mailboxName}@${domain.domain}` }, { name: 'MAIL_IMAP_PASSWORD', value : 'imappassword' }]); + const [error] = await safe(ldapBind(`cn=${mailboxName}@${domain.domain},ou=imap,dc=cloudron`, 'nope')); + expect(error).to.be.a(ldap.InvalidCredentialsError); + }); + it('allows with valid password', async function () { - await addonConfigs.set(app.id, 'imap', [{ name: 'MAIL_IMAP_USERNAME', value : `${app.location}.app@${domain.domain}` }, { name: 'MAIL_IMAP_PASSWORD', value : 'imappassword' }]), - await ldapBind(`cn=${app.location}.app@${domain.domain},ou=imap,dc=cloudron`, 'imappassword'); + await addonConfigs.set(app.id, 'recvmail', [{ name: 'MAIL_IMAP_USERNAME', value : `${mailboxName}@${domain.domain}` }, { name: 'MAIL_IMAP_PASSWORD', value : 'imappassword' }]); + await ldapBind(`cn=${mailboxName}@${domain.domain},ou=imap,dc=cloudron`, 'imappassword'); }); }); });