Fix common names for user memberships in groups. Newer openldap overr…

…ides the cn in the dn with the cn in the ldif entry.
ConductorOne · Jun 27, 2024 · 682f453 · 682f453
1 parent b3e0b3e
commit 682f453
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -93,6 +93,6 @@ jobs:
       - name: Run baton-ldap
         run: ./baton-ldap
       - name: Revoke grants
-        run: ./baton-ldap --revoke-grant 'group:cn=testgroup00000,dc=example,dc=org:member:user:cn=testuser00999,dc=example,dc=org' && ./baton-ldap --revoke-grant 'group:cn=othertestgroup00000,dc=example,dc=org:member:user:cn=testuser00999,dc=example,dc=org'
+        run: ./baton-ldap --revoke-grant 'group:cn=testgroup00000,dc=example,dc=org:member:user:cn=testuser00999@example.com,dc=example,dc=org' && ./baton-ldap --revoke-grant 'group:cn=othertestgroup00000,dc=example,dc=org:member:user:cn=testuser00999@example.com,dc=example,dc=org'
       - name: Grant entitlements
-        run: ./baton-ldap --grant-entitlement 'group:cn=testgroup00000,dc=example,dc=org:member' --grant-principal 'cn=testuser00999,dc=example,dc=org' --grant-principal-type 'user' && ./baton-ldap --grant-entitlement 'group:cn=othertestgroup00000,dc=example,dc=org:member' --grant-principal 'cn=testuser00999,dc=example,dc=org' --grant-principal-type 'user'
+        run: ./baton-ldap --grant-entitlement 'group:cn=testgroup00000,dc=example,dc=org:member' --grant-principal 'cn=testuser00999@example.com,dc=example,dc=org' --grant-principal-type 'user' && ./baton-ldap --grant-entitlement 'group:cn=othertestgroup00000,dc=example,dc=org:member' --grant-principal 'cn=testuser00999@example.com,dc=example,dc=org' --grant-principal-type 'user'
diff --git a/scripts/ldif.js b/scripts/ldif.js
@@ -58,7 +58,7 @@ gidNumber: ${groupId}
 
   for (let userId = 0; userId < userCount; userId++) {
     const userIdStr = ("00000" + userId).slice(-5);
-    groupStr += `memberUid: testuser${userIdStr}
+    groupStr += `memberUid: testuser${userIdStr}@example.com
 `;
   }
 
@@ -72,12 +72,12 @@ for (let groupId = 0; groupId < groupCount; groupId++) {
 objectClass: top
 objectClass: groupOfUniqueNames
 cn: othertestgroup${groupIdStr}
-owner: cn=testuser00000,dc=example,dc=org
+owner: cn=testuser00000@example.com,dc=example,dc=org
 `;
 
   for (let userId = 0; userId < userCount; userId++) {
     const userIdStr = ("00000" + userId).slice(-5);
-    groupStr += `uniquemember: cn=testuser${userIdStr},dc=example,dc=org
+    groupStr += `uniquemember: cn=testuser${userIdStr}@example.com,dc=example,dc=org
 `;
   }
 
@@ -88,7 +88,7 @@ owner: cn=testuser00000,dc=example,dc=org
 for (let userId = 0; userId < userCount; userId++) {
   const userIdStr = ("00000" + userId).slice(-5);
   const email = `testuser${userIdStr}@example.com`
-  write(`dn: cn=testuser${userIdStr},dc=example,dc=org
+  write(`dn: cn=${email},dc=example,dc=org
 objectClass: inetOrgPerson
 objectClass: posixAccount
 objectClass: shadowAccount