3:41 a.m.
"For example for federation, you need realm and user DB and you need to
have realm configured with federation Provider"
In such cases you can use mocks, stubs and object factories.
"There is not much you can test within single module"
IMHO there are still few things which would be nice to test. Look at the
first class in the module LDAP Config for example. There are few comments
suggesting refactoring it in the feature. I find refactoring single class
or classes with heavy integration test painful and insufficient. Look at
spring framework code. There are plenty of small unit tests which test only
one thing so that it is really well tested as a whole! I think good testing
is especially important in case of open source - where everybody adds some
code. For instance me :) For me LDAP it is a new topic, but I would like to
add some code to this part ... so I expect to make o a lot of mistakes :D
"Btv. what's your plan for KEYCLOAK-1797"
And now the hardest part :) As I said, I'm new in this topic (LDAP) so I
decided to wrap my head around it for a while - can you reccommend me any
reading materials suitable for beginners?
"And in your LDAP environment, is it often that new role is added as member
to some other roles?"
No .. but it is critical in my company.
"I wonder if we need to always do "deep" search in runtime, or if we can
instead do it just at some point and rely on Keycloak composite roles . If
you always need deep search and do something based on it, it will be good
to have a flag in configuration, which will allow to disable it (for
performance reasons)."
Thank you for the hint :) I couldn't agree more.
Best regards,
Andrzej
2015-10-26 14:11 GMT+01:00 Marek Posolda <mposolda(a)redhat.com>:
We prefer integration tests as you usually need more things to have
available. For example for federation, you need realm and user DB and you
need to have realm configured with federationProvider. There is not much
you can test within single module, so we have just very simple tests in
individual modules (like LDAPDnTest or PasswordPolicyTest), but most of the
stuff is tested in testsuite. For KEYCLOAK-1797 I prefer to take a look at
LDAPRoleMappingsTest
and possibly add new test methods here.
Btv. what's your plan for KEYCLOAK-1797 ? And in your LDAP environment, is
it often that new role is added as member to some other roles? I wonder if
we need to always do "deep" search in runtime, or if we can instead do it
just at some point and rely on Keycloak composite roles . If you always
need deep search and do something based on it, it will be good to have a
flag in configuration, which will allow to disable it (for performance
reasons).
Marek
On 26/10/15 08:55, Andrzej Goławski wrote:
Hi Marek,
Thanks for reply!
I saw those test, but personally I prefer unit tests over integrated
tests:)
I really recommend this: https://vimeo.com/80533536
Best Regards,
Andrzej
2015-10-26 8:41 GMT+01:00 Marek Posolda <mposolda(a)redhat.com>:
> Hi,
>
> most of the tests are in the testsuite/integration or
> testsuite/integration-arquillian, not in the modules itself. For the
> federation and ldap, you can take a look especially to package
> org.keycloak.testsuite.federation .
>
> Marek
>
> On 25/10/15 21:51, Andrzej Goławski wrote:
>
> Hi everyone!
>
> I decided to implement KEYCLOAK-1797 and started to look at the code
> (federation/ldap). I noticed lack of unit tests without which refactoring
> may be very error prone. I like writing test so I can write tests for that
> part. What are you thinking about it??
>
> Best Regards,
> Andrzej
>
>
> _______________________________________________
> keycloak-dev mailing
listkeycloak-dev@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>