Validate externalhost (when added by --addattr/--setattr)

Change the externalhost attribute of hbacrule, netgroup and sudorule into a full-fledged Parameter, and attach a validator to it. The validator is relaxed to allow underscores, so that some hosts with nonstandard names can be added. Tests included. https://fedorahosted.org/freeipa/ticket/2649
2025-02-25 18:55:28 -06:00 · 2012-04-30 07:29:08 -04:00
parent f19218f7d8
commit 1565ce3a8c
7 changed files with 105 additions and 3 deletions
--- a/tests/test_xmlrpc/test_netgroup_plugin.py
+++ b/tests/test_xmlrpc/test_netgroup_plugin.py
@@ -46,6 +46,8 @@ host_dn1 = DN(('fqdn',host1),('cn','computers'),('cn','accounts'),

 unknown_host = u'unknown'

+unknown_host2 = u'unknown2'
+
 hostgroup1 = u'hg1'
 hostgroup_dn1 = DN(('cn',hostgroup1),('cn','hostgroups'),('cn','accounts'),
                   api.env.basedn)
@@ -828,6 +830,66 @@ class test_netgroup(Declarative):
            ),
        ),

+        dict(
+            desc='Add invalid host %r to netgroup %r using setattr' %
+                (invalidhost, netgroup1),
+            command=(
+                'netgroup_mod', [netgroup1],
+                dict(setattr='externalhost=%s' % invalidhost)
+            ),
+            expected=errors.ValidationError(name='externalhost',
+                error='only letters, numbers, _, and - are allowed. ' +
+                    'DNS label may not start or end with -'),
+        ),
+
+        dict(
+            desc='Add unknown host %r to netgroup %r using addattr' %
+                (unknown_host2, netgroup1),
+            command=(
+                'netgroup_mod', [netgroup1],
+                dict(addattr='externalhost=%s' % unknown_host2)
+            ),
+            expected=dict(
+                value=u'netgroup1',
+                summary=u'Modified netgroup "netgroup1"',
+                result={
+                        'memberhost_host': (host1,),
+                        'memberhost_hostgroup': (hostgroup1,),
+                        'memberuser_user': (user1,),
+                        'memberuser_group': (group1,),
+                        'member_netgroup': (netgroup2,),
+                        'cn': [netgroup1],
+                        'description': [u'Test netgroup 1'],
+                        'nisdomainname': [u'%s' % api.env.domain],
+                        'externalhost': [unknown_host, unknown_host2],
+                },
+            )
+        ),
+
+        dict(
+            desc='Remove unknown host %r from netgroup %r using delattr' %
+                (unknown_host2, netgroup1),
+            command=(
+                'netgroup_mod', [netgroup1],
+                dict(delattr='externalhost=%s' % unknown_host2)
+            ),
+            expected=dict(
+                value=u'netgroup1',
+                summary=u'Modified netgroup "netgroup1"',
+                result={
+                        'memberhost_host': (host1,),
+                        'memberhost_hostgroup': (hostgroup1,),
+                        'memberuser_user': (user1,),
+                        'memberuser_group': (group1,),
+                        'member_netgroup': (netgroup2,),
+                        'cn': [netgroup1],
+                        'description': [u'Test netgroup 1'],
+                        'nisdomainname': [u'%s' % api.env.domain],
+                        'externalhost': [unknown_host],
+                },
+            )
+        ),
+
        dict(
            desc='Retrieve %r' % netgroup1,
            command=('netgroup_show', [netgroup1], {}),