IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

ipatests: test_sudo: Add tests for allowing hosts via hostmasks

Browse Source 
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
This commit is contained in:
Tomas Babej 2014-05-14 15:26:59 +02:00 committed by Petr Viktorin
parent b1275c5b1c
commit d537da8b8a
1 changed files with 36 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
ipatests/test_integration/test_sudo.py
View File

@ -226,6 +226,42 @@ class TestSudo(IntegrationTest):
'testrule', 'testrule',
'--hostgroups', 'testhostgroup']) '--hostgroups', 'testhostgroup'])
def test_sudo_rule_restricted_to_one_hostmask_setup(self):
# Add the client's /24 hostmask to the rule
ip = self.client.ip
self.master.run_command(['ipa', '-n', 'sudorule-add-host',
'testrule',
'--hostmask', '%s/24' % ip])
def test_sudo_rule_restricted_to_one_hostmask(self):
result1 = self.list_sudo_commands("testuser1")
assert "(ALL) NOPASSWD: ALL" in result1.stdout_text
def test_sudo_rule_restricted_to_one_hostmask_teardown(self):
# Remove the client's /24 hostmask from the rule
ip = self.client.ip
self.master.run_command(['ipa', '-n', 'sudorule-remove-host',
'testrule',
'--hostmask', '%s/24' % ip])
def test_sudo_rule_restricted_to_one_hostmask_negative_setup(self):
# Add the master's hostmask to the rule
ip = self.master.ip
self.master.run_command(['ipa', '-n', 'sudorule-add-host',
'testrule',
'--hostmask', '%s/32' % ip])
def test_sudo_rule_restricted_to_one_hostmask_negative(self):
result1 = self.list_sudo_commands("testuser1")
assert result1.returncode != 0
def test_sudo_rule_restricted_to_one_hostmask_negative_teardown(self):
# Remove the master's hostmask from the rule
ip = self.master.ip
self.master.run_command(['ipa', '-n', 'sudorule-remove-host',
'testrule',
'--hostmask', '%s/32' % ip])
def test_sudo_rule_restricted_to_one_command_setup(self): def test_sudo_rule_restricted_to_one_command_setup(self):
# Reset testrule configuration # Reset testrule configuration
self.reset_rule_categories() self.reset_rule_categories()