IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
7,788 Commits 11 Branches 60 Tags
d0a781b9c6911f1875df4b0c7da5e6ae030d36de
Commit Graph

125 Commits

Author SHA1 Message Date
Petr Vobornik
026c9eca09 add --hosts and --hostgroup options to allow/retrieve keytab methods 
`--hosts` and `--hostgroup` options added to:
* service-allow-create-keytab
* service-allow-retrieve-keytab
* service-disallow-create-keytab
* service-disallow-retrieve-keytab
* host-allow-create-keytab
* host-allow-retrieve-keytab
* host-disallow-create-keytab
* host-disallow-retrieve-keytab

in order to allow hosts to retrieve keytab of their services or related hosts as described on http://www.freeipa.org/page/V4/Keytab_Retrieval design page

https://fedorahosted.org/freeipa/ticket/4777

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2014-12-03 11:34:10 +00:00
David Kupka
56ca47d535 Fix error message for nonexistent members and add tests. 
https://fedorahosted.org/freeipa/ticket/4643

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2014-11-24 16:04:57 +01:00
Petr Viktorin
0cb12f3cde Declarative tests: Switch to pytest 
Provide a local pytest plugin to generate tests.

The Declarative tests can now only be run with pytest

https://fedorahosted.org/freeipa/ticket/4610

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2014-11-21 12:14:44 +01:00
Petr Viktorin
07def0b275 Declarative tests: Move cleanup to setup_class/teardown_class 
https://fedorahosted.org/freeipa/ticket/4610

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2014-11-21 12:14:44 +01:00
Petr Viktorin
93c69b5127 Use setup_class/teardown_class in Declarative tests 
Pytest will consider each Declarative test individually, running
setup/teardown for each one.
Move the setup and teardown to the class level.

https://fedorahosted.org/freeipa/ticket/4610

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2014-11-21 12:14:44 +01:00
Petr Viktorin
84bd4c1246 test_automount_plugin: Fix test ordering 
Nose ran the `test_a_*` and `test_a2_*` tests in opposite order
than the source suggested. Fix this.

https://fedorahosted.org/freeipa/ticket/4610

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2014-11-21 12:14:44 +01:00
Petr Viktorin
375e9f7c4b tests: Use PEP8-compliant setup/teardown method names 
The setUp/dearDown names are used in the unittest module, but there is no reason
to use them in non-`unittest` test cases.
Nose supports both styles (but mixing them can cause trouble when
calling super()'s methods).
Pytest only supports the new ones.

https://fedorahosted.org/freeipa/ticket/4610

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2014-11-21 12:14:44 +01:00
Martin Basti
310e46452c Fix warning message should not contain CLI commands 
Message is now universal for both CLI and WebUI

Ticket: https://fedorahosted.org/freeipa/ticket/4647
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
 2014-11-19 15:20:55 +01:00
Petr Vobornik
3d11de4849 idrange: include raw range type in output 
iparangetype output is a localized human-readable value which is not suitable for machine-based API consumers

Solved by new iparangetyperaw output attribute which contains iparangetype's raw value

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2014-11-11 10:56:16 +01:00
Petr Vobornik
feea9047be unittests: baserid for ipa-ad-trust-posix idranges 
https://fedorahosted.org/freeipa/ticket/4221

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2014-11-11 10:56:16 +01:00
Martin Basti
5e1172f560 fix forwarder validation errors 
Fix tests, validation in dnsconfig mod, wuser warning

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2014-10-21 15:55:09 +02:00
Petr Vobornik
b69a8dad2e tests: management of keytab permissions 
https://fedorahosted.org/freeipa/ticket/4419

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2014-10-17 14:11:35 +02:00
Martin Basti
41015e6c9c DNS missing tests 
* try to remove non-existent permission
* try to remove idnssoamname using dnszone-mod --name-server=

Reviewed-By: David Kupka <dkupka@redhat.com>
 2014-10-09 10:02:22 +02:00
Petr Viktorin
3eca0ff2fe test_service_plugin: Do not lowercase memberof_role 
This adjusts the test for the change in commit 792c3f9c8c

Related ticket: https://fedorahosted.org/freeipa/ticket/4192
 2014-10-01 12:43:40 +02:00
Tomas Babej
8fb0e3a2b4 ipatests: Add xmlrpc tests for idviews plugin 
Add coverage for the ID views and ID overrides.

Part of: https://fedorahosted.org/freeipa/ticket/3979

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2014-09-30 10:42:06 +02:00
Tomas Babej
d83af7d38d baseldap: Properly handle the case of renaming object to the same name 
When renaming a object to the same name, errors.EmptyModList is raised.
This is not properly handled, and can cause other modifications in the
LDAPUpdate command to be ignored.

https://fedorahosted.org/freeipa/ticket/4548

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2014-09-29 15:24:58 +02:00
David Kupka
cd9a4cca1f Do not require description in UI. 
Description attribute is not required in LDAP schema so there is no reason to
require it in UI. Modified tests to reflect this change.

https://fedorahosted.org/freeipa/ticket/4387

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-09-29 12:53:43 +02:00
Martin Basti
bc2eaa1456 DNS tests: tests update to due to change in options 
Affected options --name-server, --ip-address

Part of ticket: https://fedorahosted.org/freeipa/ticket/4149

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2014-09-25 16:38:02 +02:00
Martin Basti
94743a3f26 DNS test: allow '.' as zone name 
https://fedorahosted.org/freeipa/ticket/4149

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2014-09-25 16:38:02 +02:00
Petr Viktorin
f3b1471af9 test_permission_plugin: Check legacy permissions 
Currently a number of v2 permissions are in $SUFFIX, which the original
test did not anticipate.

Properly check that legacy permissions are found.

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-09-25 13:21:28 +02:00
Tomas Babej
1f8f762b84 ipalib: host_del: Extend LDAPDelete's takes_options instead of overriding 
The host-del command did not accept --continue option, since the
takes_options was overriden and did not take the options from LDAPDelete.

Fix the behaviour.

https://fedorahosted.org/freeipa/ticket/4473

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2014-09-17 09:36:27 +02:00
Petr Viktorin
6ce44c4f05 permission plugin: Auto-add operational atttributes to read permissions 
The attributes entryusn, createtimestamp, and modifytimestamp
should be readable whenever thir entry is, i.e. when we allow reading
the objectclass.
Automatically add them to every read permission that includes objectclass.

https://fedorahosted.org/freeipa/ticket/4534

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-09-12 18:22:17 +02:00
Martin Basti
028b3d1009 Tests: DNS wildcard records 
Ticket: https://fedorahosted.org/freeipa/ticket/4488
Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2014-09-05 12:29:29 +02:00
Martin Basti
7e76bba512 Fix DNS record rename test 
bind-dyndb-ldap's bug caused test failure
https://fedorahosted.org/bind-dyndb-ldap/ticket/123

Owners with NS record works with the bug

Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-09-05 12:11:39 +02:00
Martin Basti
2b3be21b25 Test: DNS NS validation 
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-09-05 12:11:39 +02:00
Martin Basti
155126b524 Tests: DNS dsrecord validation 
Part of: https://fedorahosted.org/freeipa/ticket/3801

Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-09-05 12:11:39 +02:00
Martin Basti
62a2559493 Fix dnsrecord-mod raise error if last record attr is removed 
Removing last record attribute causes output type validation error

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2014-09-05 10:34:11 +02:00
Petr Viktorin
a8ba6b3b8c service: Normalize service principal in get_dn 
This will make any lookup go through the normalization.

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-08-21 14:07:01 +02:00
Petr Viktorin
8fabd6dde1 Support delegating RBAC roles to service principals 
https://fedorahosted.org/freeipa/ticket/3164

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-08-21 14:07:01 +02:00
Martin Basti
4b5a488249 Tests: host tests with dns 
Test for: https://fedorahosted.org/freeipa/ticket/4164

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2014-08-11 16:01:38 +02:00
Martin Basti
ca001814ab Allow to add host if AAAA record exists 
http://fedorahosted.org/freeipa/ticket/4164

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2014-08-11 16:01:38 +02:00
Jan Cholasta
34de95545d Add test for baseldap.entry_to_dict. 
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2014-08-04 11:21:32 +02:00
David Kupka
f7e00b9ad6 test group: remove group from protected group. 
Related to https://fedorahosted.org/freeipa/ticket/4448

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2014-07-29 17:07:11 +02:00
Petr Viktorin
cd4fd60c0e test_xmlrpc: Update tests 
- The number of permissions in $SUFFIX changed.
- A new ACI was added to realmdomains

Update the tests.

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-07-18 15:03:12 +02:00
Martin Basti
80cb95da36 Test DNS: add zone with consecutive dash characters 
Test for ticket: https://fedorahosted.org/freeipa/ticket/4268

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2014-07-04 18:45:01 +02:00
Martin Basti
2203abfca8 Test DNS: TLSA record 
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2014-07-04 18:45:01 +02:00
Martin Basti
c48cee99a2 Test DNS: test zone normalization 
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
 2014-07-04 18:45:00 +02:00
Martin Basti
2637116eab Allow to add managed permission for reverse zones 
Ticket: https://fedorahosted.org/freeipa/ticket/4422
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2014-07-04 16:10:33 +02:00
Martin Basti
52bcf5345c Fix tests dns_realmdomains_integration 
Added warning message about forwarders

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-07-04 10:22:30 +02:00
Martin Basti
01b95805ab NSEC3PARAM tests 
Ticket: https://fedorahosted.org/freeipa/ticket/4413
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
 2014-07-02 14:54:42 +02:00
Martin Basti
ff7b44e3b0 Remove NSEC3PARAM record 
Revert 5b95be802c

Ticket: https://fedorahosted.org/freeipa/ticket/4413
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
 2014-07-02 14:54:41 +02:00
Martin Basti
152c8f210b Check normalization only for IDNA domains 
Backward compability with older IPA versions which allow to use uppper
case. Only IDNA domains will be checked.

https://fedorahosted.org/freeipa/ticket/4382

Reviewed-By: Martin Kosek <mkosek@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2014-07-01 09:58:42 +02:00
Petr Viktorin
fdef2e1bd8 permission plugin: Ignore unparseable ACIs 
When manipulating a permission for an entry that has an ACI
that the parser cannot process, skip this ACI instead of
failing.

Add a test that manipulates permission in cn=accounts,
where there are complex ipaAllowedOperation-based ACIs.

Workaround for: https://fedorahosted.org/freeipa/ticket/4376

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-07-01 09:35:38 +02:00
Petr Viktorin
628bed8673 test_permission_plugin: Fix permission_find test for legacy permissions 
Most of the legacy permissions have been removed.
Do not test that there are many of them.

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-06-24 13:53:41 +02:00
Petr Viktorin
ac8539bd34 Add posixgroup to groups' permission object filter 
Private groups don't have the 'ipausergroup' objectclass.
Add posixgroup to the objectclass filters to make
"--type group" permissions apply to all groups.

https://fedorahosted.org/freeipa/ticket/4372

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-06-23 10:54:43 +02:00
Petr Viktorin
013bf3d4e2 Test and docstring fixes 
The recent conversions to managed permissions left behind a few
failing tests. Fix them.

Also fix a now incorrect docstring in ipalib.config.

Reviewed-By: Martin Kosek <mkosek@redhat.com>
 2014-06-23 10:54:42 +02:00
Martin Basti
ee6e634c28 DNSSEC: Test: DLV record 
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
 2014-06-20 16:46:03 +02:00
Martin Basti
4c88fdd904 Tests: tests for NSEC3PARAM records 
Ticket: https://fedorahosted.org/freeipa/ticket/4328
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
 2014-06-20 15:41:40 +02:00
Martin Basti
cbc64454b0 Tests: remove unused records from tests 
Ticket: https://fedorahosted.org/freeipa/ticket/4328
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
 2014-06-20 15:41:40 +02:00
Martin Basti
11c250a612 Tests DNS: forward zones 
design: http://www.freeipa.org/page/V4/Forward_zones

Ticket: https://fedorahosted.org/freeipa/ticket/3210
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
 2014-06-20 13:14:45 +02:00