IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use ipauniqueid for the RDN of sudo commands

Browse Source 
Since sudo commands are case-sensitive, we can't use 'sudocmd'
as the RDN.

Tests for case-sensitive behavior included

https://fedorahosted.org/freeipa/ticket/2482
This commit is contained in:
Petr Viktorin
2012-03-08 07:55:00 -05:00
committed by Martin Kosek
parent 1821fa0aab
commit d66898405b
4 changed files with 153 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ipalib/plugins/sudocmd.py
View File

@@ -62,6 +62,7 @@ class sudocmd(LDAPObject):
'memberof': ['sudocmdgroup'],
}
uuid_attribute = 'ipauniqueid'
rdn_attribute = 'ipauniqueid'
label = _('Sudo Commands')
label_singular = _('Sudo Command')

82
tests/test_xmlrpc/test_sudocmd_plugin.py
View File

@@ -21,18 +21,20 @@
Test the `ipalib/plugins/sudocmd.py` module.
"""
from ipalib import api, errors
from tests.test_xmlrpc.xmlrpc_test import Declarative, fuzzy_uuid
from ipalib import errors
from tests.test_xmlrpc.xmlrpc_test import (Declarative, fuzzy_sudocmddn,
fuzzy_uuid)
from tests.test_xmlrpc import objectclasses
from ipapython.dn import DN
sudocmd1 = u'/usr/bin/sudotestcmd1'
sudocmd1_camelcase = u'/usr/bin/sudoTestCmd1'
class test_sudocmd(Declarative):
cleanup_commands = [
('sudocmd_del', [sudocmd1], {}),
('sudocmd_del', [sudocmd1_camelcase], {}),
]
tests = [
@@ -72,8 +74,7 @@ class test_sudocmd(Declarative):
value=sudocmd1,
summary=u'Added Sudo Command "%s"' % sudocmd1,
result=dict(
dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'),
api.env.basedn),
dn=fuzzy_sudocmddn,
sudocmd=[sudocmd1],
description=[u'Test sudo command 1'],
objectclass=objectclasses.sudocmd,
@@ -82,6 +83,26 @@ class test_sudocmd(Declarative):
),
),
dict(
desc='Create %r' % sudocmd1_camelcase,
command=('sudocmd_add', [sudocmd1_camelcase],
dict(
description=u'Test sudo command 2',
),
),
expected=dict(
value=sudocmd1_camelcase,
summary=u'Added Sudo Command "%s"' % sudocmd1_camelcase,
result=dict(
dn=fuzzy_sudocmddn,
sudocmd=[sudocmd1_camelcase],
description=[u'Test sudo command 2'],
objectclass=objectclasses.sudocmd,
ipauniqueid=[fuzzy_uuid],
),
),
),
dict(
desc='Try to create duplicate %r' % sudocmd1,
@@ -94,6 +115,17 @@ class test_sudocmd(Declarative):
u'name "%s" already exists' % sudocmd1),
),
dict(
desc='Try to create duplicate %r' % sudocmd1_camelcase,
command=('sudocmd_add', [sudocmd1_camelcase],
dict(
description=u'Test sudo command 2',
),
),
expected=errors.DuplicateEntry(message=u'sudo command with ' +
u'name "%s" already exists' % sudocmd1_camelcase),
),
dict(
desc='Retrieve %r' % sudocmd1,
@@ -102,8 +134,7 @@ class test_sudocmd(Declarative):
value=sudocmd1,
summary=None,
result=dict(
dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'),
api.env.basedn),
dn=fuzzy_sudocmddn,
sudocmd=[sudocmd1],
description=[u'Test sudo command 1'],
),
@@ -120,8 +151,7 @@ class test_sudocmd(Declarative):
summary=u'1 Sudo Command matched',
result=[
dict(
dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),
('cn','sudo'),api.env.basedn),
dn=fuzzy_sudocmddn,
sudocmd=[sudocmd1],
description=[u'Test sudo command 1'],
),
@@ -129,6 +159,23 @@ class test_sudocmd(Declarative):
),
),
dict(
desc='Search for %r' % sudocmd1_camelcase,
command=('sudocmd_find', [sudocmd1_camelcase], {}),
expected=dict(
count=1,
truncated=False,
summary=u'1 Sudo Command matched',
result=[
dict(
dn=fuzzy_sudocmddn,
sudocmd=[sudocmd1_camelcase],
description=[u'Test sudo command 2'],
),
],
),
),
dict(
desc='Update %r' % sudocmd1,
@@ -152,8 +199,7 @@ class test_sudocmd(Declarative):
value=sudocmd1,
summary=None,
result=dict(
dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'),
api.env.basedn),
dn=fuzzy_sudocmddn,
sudocmd=[sudocmd1],
description=[u'Updated sudo command 1'],
),
@@ -194,4 +240,18 @@ class test_sudocmd(Declarative):
expected=errors.NotFound(
reason=u'%s: sudo command not found' % sudocmd1),
),
dict(
desc='Retrieve %r' % sudocmd1_camelcase,
command=('sudocmd_show', [sudocmd1_camelcase], {}),
expected=dict(
value=sudocmd1_camelcase,
summary=None,
result=dict(
dn=fuzzy_sudocmddn,
sudocmd=[sudocmd1_camelcase],
description=[u'Test sudo command 2'],
),
),
),
]

85
tests/test_xmlrpc/test_sudocmdgroup_plugin.py
View File

@@ -22,12 +22,13 @@ Test the `ipalib/plugins/sudocmdgroup.py` module.
from ipalib import api, errors
from tests.test_xmlrpc import objectclasses
from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid
from xmlrpc_test import Declarative, fuzzy_uuid, fuzzy_sudocmddn
from ipapython.dn import DN
sudocmdgroup1 = u'testsudocmdgroup1'
sudocmdgroup2 = u'testsudocmdgroup2'
sudocmd1 = u'/usr/bin/sudotestcmd1'
sudocmd1_camelcase = u'/usr/bin/sudoTestCmd1'
sudocmd_plus = u'/bin/ls -l /lost+found/*'
def create_command(sudocmd):
@@ -43,10 +44,8 @@ def create_command(sudocmd):
result=dict(
objectclass=objectclasses.sudocmd,
sudocmd=[sudocmd],
ipauniqueid=[fuzzy_uuid],
description=[u'Test sudo command'],
dn=DN(('sudocmd',sudocmd),('cn','sudocmds'),('cn','sudo'),
api.env.basedn),
ipauniqueid=[fuzzy_uuid], description=[u'Test sudo command'],
dn=fuzzy_sudocmddn,
),
),
)
@@ -56,6 +55,7 @@ class test_sudocmdgroup(Declarative):
('sudocmdgroup_del', [sudocmdgroup1], {}),
('sudocmdgroup_del', [sudocmdgroup2], {}),
('sudocmd_del', [sudocmd1], {}),
('sudocmd_del', [sudocmd1_camelcase], {}),
('sudocmd_del', [sudocmd_plus], {}),
]
@@ -76,12 +76,28 @@ class test_sudocmdgroup(Declarative):
sudocmd=[u'/usr/bin/sudotestcmd1'],
ipauniqueid=[fuzzy_uuid],
description=[u'Test sudo command 1'],
dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'),
api.env.basedn),
dn=fuzzy_sudocmddn,
),
),
),
dict(
desc='Create %r' % sudocmd1_camelcase,
command=(
'sudocmd_add', [], dict(sudocmd=sudocmd1_camelcase, description=u'Test sudo command 2')
),
expected=dict(
value=sudocmd1_camelcase,
summary=u'Added Sudo Command "%s"' % sudocmd1_camelcase,
result=dict(
objectclass=objectclasses.sudocmd,
sudocmd=[u'/usr/bin/sudoTestCmd1'],
ipauniqueid=[fuzzy_uuid],
description=[u'Test sudo command 2'],
dn=fuzzy_sudocmddn,
),
),
),
dict(
desc='Verify the managed sudo command %r was created' % sudocmd1,
@@ -92,8 +108,7 @@ class test_sudocmdgroup(Declarative):
result=dict(
sudocmd=[sudocmd1],
description=[u'Test sudo command 1'],
dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'),
api.env.basedn),
dn=fuzzy_sudocmddn,
),
),
),
@@ -413,11 +428,10 @@ class test_sudocmdgroup(Declarative):
value=sudocmd1,
summary=None,
result=dict(
dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'),
api.env.basedn),
dn=fuzzy_sudocmddn,
sudocmd=[sudocmd1],
description=[u'Test sudo command 1'],
memberof_sudocmdgroup = [u'testsudocmdgroup1'],
memberof_sudocmdgroup=[u'testsudocmdgroup1'],
),
),
),
@@ -445,6 +459,29 @@ class test_sudocmdgroup(Declarative):
),
),
dict(
desc='Add member %r to %r' % (sudocmd1_camelcase, sudocmdgroup1),
command=(
'sudocmdgroup_add_member', [sudocmdgroup1],
dict(sudocmd=sudocmd1_camelcase)
),
expected=dict(
completed=1,
failed=dict(
member=dict(
sudocmd=tuple(),
),
),
result={
'dn': DN(('cn',sudocmdgroup1),('cn','sudocmdgroups'),
('cn','sudo'),api.env.basedn),
'member_sudocmd': (sudocmd1, sudocmd1_camelcase),
'cn': [sudocmdgroup1],
'description': [u'New desc 1'],
},
),
),
dict(
desc='Remove member %r from %r' % (sudocmd1, sudocmdgroup1),
command=('sudocmdgroup_remove_member',
@@ -459,7 +496,29 @@ class test_sudocmdgroup(Declarative):
),
result={
'dn': DN(('cn',sudocmdgroup1),('cn','sudocmdgroups'),
('cn','sudo'),api.env.basedn),
('cn','sudo'),api.env.basedn),
'member_sudocmd': (sudocmd1_camelcase,),
'cn': [sudocmdgroup1],
'description': [u'New desc 1'],
},
),
),
dict(
desc='Remove member %r from %r' % (sudocmd1_camelcase, sudocmdgroup1),
command=('sudocmdgroup_remove_member',
[sudocmdgroup1], dict(sudocmd=sudocmd1_camelcase)
),
expected=dict(
completed=1,
failed=dict(
member=dict(
sudocmd=tuple(),
),
),
result={
'dn': DN(('cn',sudocmdgroup1),('cn','sudocmdgroups'),
('cn','sudo'),api.env.basedn),
'cn': [sudocmdgroup1],
'description': [u'New desc 1'],
},

13
tests/test_xmlrpc/xmlrpc_test.py
View File

@@ -35,10 +35,10 @@ from ipalib.x509 import valid_issuer
# or `long`? If not, we still need to return them as `unicode` instead of `str`.
fuzzy_digits = Fuzzy('^\d+$', type=basestring)
uuid_re = '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}'
# Matches an ipauniqueid like u'784d85fd-eae7-11de-9d01-54520012478b'
fuzzy_uuid = Fuzzy(
'^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$'
)
fuzzy_uuid = Fuzzy('^%s$' % uuid_re)
# Matches trusted domain GUID, like u'463bf2be-3456-4a57-979e-120304f2a0eb'
fuzzy_guid = fuzzy_uuid
@@ -52,7 +52,12 @@ fuzzy_domain_sid = Fuzzy(
# Matches netgroup dn. Note (?i) at the beginning of the regexp is the ingnore case flag
fuzzy_netgroupdn = Fuzzy(
'(?i)ipauniqueid=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},cn=ng,cn=alt,%s' % api.env.basedn
'(?i)ipauniqueid=%s,cn=ng,cn=alt,%s' % (uuid_re, api.env.basedn)
)
# Matches sudocmd dn
fuzzy_sudocmddn = Fuzzy(
'(?i)ipauniqueid=%s,cn=sudocmds,cn=sudo,%s' % (uuid_re, api.env.basedn)
)
# Matches a hash signature, not enforcing length