mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
tests for sudo run as user or group https://fedorahosted.org/freeipa/ticket/570
This commit is contained in:
parent
b23b3911d2
commit
ced639eb99
@ -43,6 +43,9 @@ class test_sudorule(XMLRPC_test):
|
|||||||
test_sudodenycmdgroup = u'sudorule_test_denycmdgroup'
|
test_sudodenycmdgroup = u'sudorule_test_denycmdgroup'
|
||||||
test_command = u'/usr/bin/testsudocmd1'
|
test_command = u'/usr/bin/testsudocmd1'
|
||||||
test_denycommand = u'/usr/bin/testdenysudocmd1'
|
test_denycommand = u'/usr/bin/testdenysudocmd1'
|
||||||
|
test_runasuser = u'manager'
|
||||||
|
test_runasgroup = u'manager'
|
||||||
|
test_catagory = u'all'
|
||||||
|
|
||||||
def test_0_sudorule_add(self):
|
def test_0_sudorule_add(self):
|
||||||
"""
|
"""
|
||||||
@ -107,6 +110,9 @@ class test_sudorule(XMLRPC_test):
|
|||||||
self.failsafe_add(api.Object.user,
|
self.failsafe_add(api.Object.user,
|
||||||
self.test_user, givenname=u'first', sn=u'last'
|
self.test_user, givenname=u'first', sn=u'last'
|
||||||
)
|
)
|
||||||
|
self.failsafe_add(api.Object.user,
|
||||||
|
self.test_runasuser, givenname=u'first', sn=u'last'
|
||||||
|
)
|
||||||
self.failsafe_add(api.Object.group,
|
self.failsafe_add(api.Object.group,
|
||||||
self.test_group, description=u'description'
|
self.test_group, description=u'description'
|
||||||
)
|
)
|
||||||
@ -164,6 +170,71 @@ class test_sudorule(XMLRPC_test):
|
|||||||
assert 'memberuser_user' not in entry
|
assert 'memberuser_user' not in entry
|
||||||
assert 'memberuser_group' not in entry
|
assert 'memberuser_group' not in entry
|
||||||
|
|
||||||
|
def test_a_sudorule_add_runasuser(self):
|
||||||
|
"""
|
||||||
|
Test adding run as user to Sudo rule using
|
||||||
|
`xmlrpc.sudorule_add_runasuser`.
|
||||||
|
"""
|
||||||
|
ret = api.Command['sudorule_add_runasuser'](
|
||||||
|
self.rule_name, user=self.test_runasuser
|
||||||
|
)
|
||||||
|
assert ret['completed'] == 1
|
||||||
|
failed = ret['failed']
|
||||||
|
assert 'ipasudorunas' in failed
|
||||||
|
assert 'user' in failed['ipasudorunas']
|
||||||
|
assert not failed['ipasudorunas']['user']
|
||||||
|
entry = ret['result']
|
||||||
|
assert_attr_equal(entry, 'ipasudorunas_user', self.test_runasuser)
|
||||||
|
|
||||||
|
def test_b_sudorule_remove_runasuser(self):
|
||||||
|
"""
|
||||||
|
Test removing run as user to Sudo rule using
|
||||||
|
`xmlrpc.sudorule_remove_runasuser'.
|
||||||
|
"""
|
||||||
|
ret = api.Command['sudorule_remove_runasuser'](
|
||||||
|
self.rule_name, user=self.test_runasuser
|
||||||
|
)
|
||||||
|
assert ret['completed'] == 1
|
||||||
|
failed = ret['failed']
|
||||||
|
assert 'ipasudorunas' in failed
|
||||||
|
assert 'user' in failed['ipasudorunas']
|
||||||
|
assert not failed['ipasudorunas']['user']
|
||||||
|
entry = ret['result']
|
||||||
|
assert 'ipasudorunas_user' not in entry
|
||||||
|
|
||||||
|
def test_a_sudorule_add_runasgroup(self):
|
||||||
|
"""
|
||||||
|
Test adding run as group to Sudo rule using
|
||||||
|
`xmlrpc.sudorule_add_runasgroup`.
|
||||||
|
"""
|
||||||
|
ret = api.Command['sudorule_add_runasgroup'](
|
||||||
|
self.rule_name, group=self.test_runasgroup
|
||||||
|
)
|
||||||
|
print ret
|
||||||
|
assert ret['completed'] == 1
|
||||||
|
failed = ret['failed']
|
||||||
|
assert 'ipasudorunasgroup' in failed
|
||||||
|
assert 'group' in failed['ipasudorunasgroup']
|
||||||
|
assert not failed['ipasudorunasgroup']['group']
|
||||||
|
entry = ret['result']
|
||||||
|
assert_attr_equal(entry, 'ipasudorunasgroup_group', self.test_runasgroup)
|
||||||
|
|
||||||
|
def test_b_sudorule_remove_runasgroup(self):
|
||||||
|
"""
|
||||||
|
Test removing run as group to Sudo rule using
|
||||||
|
`xmlrpc.sudorule_remove_runasgroup'.
|
||||||
|
"""
|
||||||
|
ret = api.Command['sudorule_remove_runasgroup'](
|
||||||
|
self.rule_name, group=self.test_runasgroup
|
||||||
|
)
|
||||||
|
assert ret['completed'] == 1
|
||||||
|
failed = ret['failed']
|
||||||
|
assert 'ipasudorunasgroup' in failed
|
||||||
|
assert 'group' in failed['ipasudorunasgroup']
|
||||||
|
assert not failed['ipasudorunasgroup']['group']
|
||||||
|
entry = ret['result']
|
||||||
|
assert 'ipasudorunasgroup_group' not in entry
|
||||||
|
|
||||||
def test_a_sudorule_add_host(self):
|
def test_a_sudorule_add_host(self):
|
||||||
"""
|
"""
|
||||||
Test adding host and hostgroup to Sudo rule using
|
Test adding host and hostgroup to Sudo rule using
|
||||||
@ -289,6 +360,7 @@ class test_sudorule(XMLRPC_test):
|
|||||||
Clear data for Sudo rule plugin testing.
|
Clear data for Sudo rule plugin testing.
|
||||||
"""
|
"""
|
||||||
api.Command['user_del'](self.test_user)
|
api.Command['user_del'](self.test_user)
|
||||||
|
api.Command['user_del'](self.test_runasuser)
|
||||||
api.Command['group_del'](self.test_group)
|
api.Command['group_del'](self.test_group)
|
||||||
api.Command['host_del'](self.test_host)
|
api.Command['host_del'](self.test_host)
|
||||||
api.Command['hostgroup_del'](self.test_hostgroup)
|
api.Command['hostgroup_del'](self.test_hostgroup)
|
||||||
|
Loading…
Reference in New Issue
Block a user