IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

xmlrpc tests: add test for idrange auto-private-groups option

Browse Source 
Scenarii:
- idrange-add prevents --auto-private-groups with a local id range
- idrange-mod prevents --auto-private-groups with a local id range
- auto-private-groups accepts only true/false/hybrid/empty values

Related: https://pagure.io/freeipa/issue/8807
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Florence Blanc-Renaud
2021-04-14 17:34:44 +02:00
parent ba7ab24b29
commit f45a79a783
1 changed files with 148 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

148
ipatests/test_xmlrpc/test_range_plugin.py
View File

@@ -581,6 +581,15 @@ class test_range(Declarative):
),
),
# Framework validation: mod local idrange with auto-private-groups
# is prohibited
dict(
desc=('Try to modify local range %r with --auto-private-groups'
% (testrange1)),
command=('idrange_mod', [testrange1],
dict(ipaautoprivategroups='true')),
expected=errors.ExecutionError(message=IPA_LOCAL_RANGE_MOD_ERR)
),
dict(
desc='Delete ID range %r' % testrange1,
@@ -707,6 +716,22 @@ class test_range(Declarative):
'secondary-rid-base cannot be used together'),
),
# Testing framework validation: --auto-private-groups is prohibited
# with ipa-local range
dict(
desc='Local ID range %r with auto-private-groups' % (testrange8),
command=('idrange_add', [testrange8],
dict(ipabaseid=testrange8_base_id,
ipaidrangesize=testrange8_size,
ipaautoprivategroups='true')),
expected=errors.ValidationError(
name='ID Range setup',
error='IPA Range type must be one of ipa-ad-trust '
'or ipa-ad-trust-posix when '
'auto-private-groups is specified'),
),
# Testing framework validation: --rid-base is prohibited with ipa-ad-posix
dict(
@@ -723,6 +748,22 @@ class test_range(Declarative):
'type is ipa-ad-trust-posix'),
),
# Testing framework validation: --auto-private-groups can only be
# one of true, false, hybrid
dict(
desc=('Create ID range %r with bogus --auto-private-groups'
% (domain7range1)),
command=('idrange_add', [domain7range1],
dict(ipabaseid=domain7range1_base_id,
ipaidrangesize=domain7range1_size,
iparangetype=domain7range1_type,
ipanttrusteddomainsid=domain7_sid,
ipaautoprivategroups='bogus')),
expected=errors.ValidationError(
name='auto_private_groups',
error="must be one of 'true', 'false', 'hybrid'"),
),
dict(
desc='Create ID range %r' % (domain7range1),
command=('idrange_add', [domain7range1],
@@ -896,6 +937,113 @@ class test_range(Declarative):
'range.'),
),
dict(
desc=('Modify ipa-ad-trust range %r with --auto-private-groups='
'true' % (domain2range1)),
command=('idrange_mod', [domain2range1],
dict(ipaautoprivategroups='true')),
expected=dict(
messages=(
messages.ServiceRestartRequired(
service=services.knownservices['sssd'].systemd_name,
server=domain2range1
).to_dict(),
),
result=dict(
cn=[domain2range1],
ipabaseid=[unicode(domain2range1_base_id)],
ipabaserid=[unicode(domain5range1_base_rid)],
ipaidrangesize=[unicode(domain2range1_size)],
ipanttrusteddomainsid=[unicode(domain2_sid)],
iparangetyperaw=[u'ipa-ad-trust'],
ipaautoprivategroups=[u'true'],
iparangetype=[u'Active Directory domain range'],
),
value=domain2range1,
summary=u'Modified ID range "%s"' % (domain2range1),
),
),
dict(
desc=('Modify ipa-ad-trust range %r with --auto-private-groups='
'false' % (domain2range1)),
command=('idrange_mod', [domain2range1],
dict(ipaautoprivategroups='false')),
expected=dict(
messages=(
messages.ServiceRestartRequired(
service=services.knownservices['sssd'].systemd_name,
server=domain2range1
).to_dict(),
),
result=dict(
cn=[domain2range1],
ipabaseid=[unicode(domain2range1_base_id)],
ipabaserid=[unicode(domain5range1_base_rid)],
ipaidrangesize=[unicode(domain2range1_size)],
ipanttrusteddomainsid=[unicode(domain2_sid)],
iparangetyperaw=[u'ipa-ad-trust'],
ipaautoprivategroups=[u'false'],
iparangetype=[u'Active Directory domain range'],
),
value=domain2range1,
summary=u'Modified ID range "%s"' % (domain2range1),
),
),
dict(
desc=('Modify ipa-ad-trust range %r with --auto-private-groups='
'hybrid' % (domain2range1)),
command=('idrange_mod', [domain2range1],
dict(ipaautoprivategroups='hybrid')),
expected=dict(
messages=(
messages.ServiceRestartRequired(
service=services.knownservices['sssd'].systemd_name,
server=domain2range1
).to_dict(),
),
result=dict(
cn=[domain2range1],
ipabaseid=[unicode(domain2range1_base_id)],
ipabaserid=[unicode(domain5range1_base_rid)],
ipaidrangesize=[unicode(domain2range1_size)],
ipanttrusteddomainsid=[unicode(domain2_sid)],
iparangetyperaw=[u'ipa-ad-trust'],
ipaautoprivategroups=[u'hybrid'],
iparangetype=[u'Active Directory domain range'],
),
value=domain2range1,
summary=u'Modified ID range "%s"' % (domain2range1),
),
),
dict(
desc=('Modify ipa-ad-trust range %r with --auto-private-groups='
'<empty>' % (domain2range1)),
command=('idrange_mod', [domain2range1],
dict(ipaautoprivategroups='')),
expected=dict(
messages=(
messages.ServiceRestartRequired(
service=services.knownservices['sssd'].systemd_name,
server=domain2range1
).to_dict(),
),
result=dict(
cn=[domain2range1],
ipabaseid=[unicode(domain2range1_base_id)],
ipabaserid=[unicode(domain5range1_base_rid)],
ipaidrangesize=[unicode(domain2range1_size)],
ipanttrusteddomainsid=[unicode(domain2_sid)],
iparangetyperaw=[u'ipa-ad-trust'],
iparangetype=[u'Active Directory domain range'],
),
value=domain2range1,
summary=u'Modified ID range "%s"' % (domain2range1),
),
),
# Test for bug 6404
# if dom-name is empty, add should not fail