From b2ab2863ca121d94e7519cd53a9fdbb43b6c5d27 Mon Sep 17 00:00:00 2001
From: Anuja More <amore@redhat.com>
Date: Tue, 24 Dec 2019 15:55:59 +0530
Subject: [PATCH] ipatests: User and group with same name should not break
 reading AD user data.

Regression test resolving trusted users and groups should be
successful when there is a user in IPA with the
same name as a group name.

Related: https://pagure.io/SSSD/sssd/issue/4073

Signed-off-by: Anuja More <amore@redhat.com>
Reviewed-By: Sergey Orlov <sorlov@redhat.com>
---
 ipatests/test_integration/test_sssd.py | 36 ++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/ipatests/test_integration/test_sssd.py b/ipatests/test_integration/test_sssd.py
index d2eba3383..45602bdce 100644
--- a/ipatests/test_integration/test_sssd.py
+++ b/ipatests/test_integration/test_sssd.py
@@ -286,3 +286,39 @@ class TestSSSDWithAdTrust(IntegrationTest):
         finally:
             sssd_conf_backup.restore()
             tasks.clear_sssd_cache(self.master)
+
+    def test_ext_grp_with_ldap(self):
+        """User and group with same name should not break reading AD user data.
+
+        Regression test for https://pagure.io/SSSD/sssd/issue/4073
+
+        When aduser is added in extrnal group and this group is added
+        in group with same name of nonprivate ipa user and possix id, then
+        lookup of aduser and group should be successful when cache is empty.
+        """
+        client = self.clients[0]
+        user = 'ipatest'
+        userid = '100996'
+        ext_group = 'ext-ipatest'
+        tasks.kinit_admin(self.master)
+        # add user with same uid and gidnumber
+        tasks.user_add(self.master, user, extra_args=[
+            '--noprivate', '--uid', userid, '--gidnumber', userid])
+        # add group with same as user_name and user_id.
+        tasks.group_add(self.master, user, extra_args=['--gid', userid])
+        tasks.group_add(self.master, ext_group, extra_args=['--external'])
+        self.master.run_command(
+            ['ipa', 'group-add-member', '--group', ext_group, user])
+        self.master.run_command([
+            'ipa', 'group-add-member', '--external',
+            self.users['ad']['name'], ext_group,
+            '--users=', '--groups='])
+        tasks.clear_sssd_cache(self.master)
+        tasks.clear_sssd_cache(client)
+        try:
+            result = client.run_command(['id', self.users['ad']['name']])
+            assert '{uid}({name})'.format(uid=userid,
+                                          name=user) in result.stdout_text
+        finally:
+            self.master.run_command(['ipa', 'user-del', user])
+            self.master.run_command(['ipa', 'group-del', user, ext_group])