Test that ipapwpolicy objectclass is added on upgrade

Use ldapmodify to remove the objectclass from the default global policy then run ipa-server-upgrade to confirm that it is properly added. https://pagure.io/freeipa/issue/8555 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
2025-02-25 18:55:28 -06:00 · 2020-10-26 12:32:39 -04:00
parent b60d2d975d
commit f86250a9a5
1 changed files with 19 additions and 0 deletions
--- a/ipatests/test_integration/test_upgrade.py
+++ b/ipatests/test_integration/test_upgrade.py
@@ -9,6 +9,7 @@ import base64
 import configparser
 import os
 import io
+import textwrap

 from cryptography.hazmat.primitives import serialization
 import pytest
@@ -259,3 +260,21 @@ class TestUpgrade(IntegrationTest):
        self.master.run_command(['ipa-server-upgrade'])
        result = self.master.run_command(["ipa", "user-show", "admin"])
        assert rootprinc in result.stdout_text
+
+    def test_pwpolicy_upgrade(self):
+        """Test that ipapwdpolicy objectclass is added to all policies"""
+        entry_ldif = textwrap.dedent("""
+            dn: cn=global_policy,cn={realm},cn=kerberos,{base_dn}
+            changetype: modify
+            delete: objectclass
+            objectclass: ipapwdpolicy
+        """).format(
+            base_dn=str(self.master.domain.basedn),
+            realm=self.master.domain.realm)
+        tasks.ldapmodify_dm(self.master, entry_ldif)
+
+        tasks.kinit_admin(self.master)
+        self.master.run_command(['ipa-server-upgrade'])
+        result = self.master.run_command(["ipa", "pwpolicy-find"])
+        # if it is still missing the oc it won't be displayed
+        assert 'global_policy' in result.stdout_text