IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
57a9001f8d
freeipa/tests/test_xmlrpc/test_netgroup_plugin.py
Rob Crittenden 57a9001f8d Fix netgroup plugin to use correct member attribute names. 
When the netgroup plugin was rebased it ended up using the member
attribute for its memberships and not memberuser/memberhost.

I also fixed this same attribute problem in the tests and tried to beef
them up a little. If nis/schema compat are enabled it will try to compare
the generated triplets with a known-good value.
2010-07-15 11:18:18 -04:00

396 lines
14 KiB
Python
Raw Blame History

# Authors:
# Rob Crittenden <rcritten@redhat.com>
# Pavel Zuna <pzuna@redhat.com>
#
# Copyright (C) 2009 Red Hat
# see file 'COPYING' for use and warranty information
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; version 2 only
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
"""
Test the `ipalib/plugins/netgroup.py` module.
"""
import sys
import nose
import krbV
from xmlrpc_test import XMLRPC_test, assert_attr_equal, assert_is_member
from ipalib import api
from ipalib import errors
from ipaserver.plugins.ldap2 import ldap2
# Global so we can save the value between tests
netgroup_dn = None
# See if our LDAP server is up and we can talk to it over GSSAPI
ccache = krbV.default_context().default_ccache().name
class test_netgroup(XMLRPC_test):
"""
Test the `netgroup` plugin.
"""
ng_cn = u'ng1'
ng_description = u'Netgroup'
ng_kw = {'cn': ng_cn, 'description': ng_description, 'nisdomainname': u'example.com', 'raw': True}
host_fqdn = u'ipatesthost.%s' % api.env.domain
host_description = u'Test host'
host_localityname = u'Undisclosed location'
host_kw = {'fqdn': host_fqdn, 'description': host_description, 'localityname': host_localityname, 'raw': True}
hg_cn = u'hg1'
hg_description = u'Netgroup'
hg_kw = {'cn': hg_cn, 'description': hg_description, 'raw': True}
user_uid = u'jexample'
user_givenname = u'Jim'
user_sn = u'Example'
user_home = u'/home/%s' % user_uid
user_kw = {'givenname': user_givenname,'sn': user_sn,'uid': user_uid,'homedirectory': user_home, 'raw': True}
# user2 is a member of testgroup
user2_uid = u'pexample'
user2_givenname = u'Pete'
user2_sn = u'Example'
user2_home = u'/home/%s' % user2_uid
user2_kw = {'givenname': user2_givenname,'sn': user2_sn,'uid': user2_uid,'homedirectory': user2_home, 'raw': True}
group_cn = u'testgroup'
group_description = u'This is a test'
group_kw = {'description': group_description,'cn': group_cn}
def test_1_netgroup_add(self):
"""
Test the `xmlrpc.netgroup_add` method.
"""
entry = api.Command['netgroup_add'](**self.ng_kw)['result']
assert_attr_equal(entry, 'description', self.ng_description)
assert_attr_equal(entry, 'cn', self.ng_cn)
def test_2_add_data(self):
"""
Add the data needed to do additional testing.
"""
# Add a host
entry = api.Command['host_add'](**self.host_kw)['result']
assert_attr_equal(entry, 'description', self.host_description)
assert_attr_equal(entry, 'fqdn', self.host_fqdn)
# Add a hostgroup
entry= api.Command['hostgroup_add'](**self.hg_kw)['result']
assert_attr_equal(entry, 'description', self.hg_description)
assert_attr_equal(entry, 'cn', self.hg_cn)
# Add a user
entry = api.Command['user_add'](**self.user_kw)['result']
assert_attr_equal(entry, 'givenname', self.user_givenname)
assert_attr_equal(entry, 'uid', self.user_uid)
# Add our second user
entry = api.Command['user_add'](**self.user2_kw)['result']
assert_attr_equal(entry, 'givenname', self.user2_givenname)
assert_attr_equal(entry, 'uid', self.user2_uid)
# Add a group
entry = api.Command['group_add'](**self.group_kw)['result']
assert_attr_equal(entry, 'description', self.group_description)
assert_attr_equal(entry, 'cn', self.group_cn)
# Add a user to the group
kw = {'raw': True}
kw['user'] = self.user2_uid
res = api.Command['group_add_member'](self.group_cn, **kw)
assert res['completed'] == 1
def test_3_netgroup_add_member(self):
"""
Test the `xmlrpc.netgroup_add_member` method.
"""
kw = {'raw': True}
kw['host'] = self.host_fqdn
entry = api.Command['netgroup_add_member'](self.ng_cn, **kw)['result']
assert_is_member(entry, 'fqdn=%s' % self.host_fqdn, 'memberhost')
kw = {'raw': True}
kw['hostgroup'] = self.hg_cn
ret = api.Command['netgroup_add_member'](self.ng_cn, **kw)
assert ret['completed'] == 1
assert_is_member(ret['result'], 'cn=%s' % self.hg_cn, 'memberhost')
kw = {'raw': True}
kw['user'] = self.user_uid
ret = api.Command['netgroup_add_member'](self.ng_cn, **kw)
assert ret['completed'] == 1
assert_is_member(ret['result'], 'uid=%s' % self.user_uid, 'memberuser')
kw = {'raw': True}
kw['group'] = self.group_cn
ret = api.Command['netgroup_add_member'](self.ng_cn, **kw)
assert ret['completed'] == 1
assert_is_member(ret['result'], 'cn=%s' % self.group_cn, 'memberuser')
def test_4_netgroup_add_member(self):
"""
Test the `xmlrpc.netgroup_add_member` method again to test dupes.
"""
kw = {'raw': True}
kw['host'] = self.host_fqdn
ret = api.Command['netgroup_add_member'](self.ng_cn, **kw)
assert ret['completed'] == 0
failed = ret['failed']
assert 'memberhost' in failed
assert 'host' in failed['memberhost']
assert self.host_fqdn in failed['memberhost']['host']
kw = {'raw': True}
kw['hostgroup'] = self.hg_cn
ret = api.Command['netgroup_add_member'](self.ng_cn, **kw)
assert ret['completed'] == 0
failed = ret['failed']
assert 'memberhost' in failed
assert 'hostgroup' in failed['memberhost']
assert self.hg_cn in failed['memberhost']['hostgroup']
kw = {'raw': True}
kw['user'] = self.user_uid
ret = api.Command['netgroup_add_member'](self.ng_cn, **kw)
assert ret['completed'] == 0
failed = ret['failed']
assert 'memberuser' in failed
assert 'user' in failed['memberuser']
assert self.user_uid in failed['memberuser']['user']
kw = {'raw': True}
kw['group'] = self.group_cn
ret = api.Command['netgroup_add_member'](self.ng_cn, **kw)
assert ret['completed'] == 0
failed = ret['failed']
assert 'memberuser' in failed
assert 'group' in failed['memberuser']
assert self.group_cn in failed['memberuser']['group']
def test_5_netgroup_add_member(self):
"""
Test adding external hosts.
"""
kw = {'raw': True}
kw['host'] = u'nosuchhost'
ret = api.Command['netgroup_add_member'](self.ng_cn, **kw)
assert ret['completed'] == 1, ret
entry = api.Command['netgroup_show'](self.ng_cn, all=True, raw=True)['result']
assert_is_member(entry, 'nosuchhost', 'externalhost')
def test_6_netgroup_show(self):
"""
Test the `xmlrpc.netgroup_show` method with --all.
"""
entry = api.Command['netgroup_show'](self.ng_cn, all=True, raw=True)['result']
assert_attr_equal(entry, 'description', self.ng_description)
assert_attr_equal(entry, 'cn', self.ng_cn)
assert_is_member(entry, 'fqdn=%s' % self.host_fqdn, 'memberhost')
assert_is_member(entry, 'cn=%s' % self.hg_cn, 'memberhost')
assert_is_member(entry, 'uid=%s' % self.user_uid, 'memberuser')
assert_is_member(entry, 'cn=%s' % self.group_cn, 'memberuser')
assert_attr_equal(entry, 'objectclass', 'ipaobject')
assert_attr_equal(entry, 'objectclass', 'ipanisnetgroup')
assert_attr_equal(entry, 'objectclass', 'ipaassociation')
def test_6a_netgroup_show(self):
"""
Test the `xmlrpc.netgroup_show` method.
"""
global netgroup_dn
entry = api.Command['netgroup_show'](self.ng_cn, all=False, raw=True)['result']
assert_attr_equal(entry, 'description', self.ng_description)
assert_attr_equal(entry, 'cn', self.ng_cn)
assert_is_member(entry, 'fqdn=%s' % self.host_fqdn, 'memberhost')
assert_is_member(entry, 'cn=%s' % self.hg_cn, 'memberhost')
assert_is_member(entry, 'uid=%s' % self.user_uid, 'memberuser')
assert_is_member(entry, 'cn=%s' % self.group_cn, 'memberuser')
netgroup_dn = entry['dn']
def test_6b_netgroup_show(self):
"""
Confirm the underlying triples
"""
# Do an LDAP query to the compat area and verify that the entry
# is correct
conn = ldap2(shared_instance=False, ldap_uri=api.env.ldap_uri, base_dn=api.env.basedn)
conn.connect(ccache=ccache)
try:
entries = conn.find_entries('cn=%s' % self.ng_cn,
base_dn='cn=ng,cn=compat,%s' % api.env.basedn)
except errors.NotFound:
raise nose.SkipTest('compat and nis are not enabled, skipping test')
finally:
conn.disconnect()
triples = entries[0][0][1]['nisnetgrouptriple']
# This may not prove to be reliable since order is not guaranteed
# and even which user gets into which triple can be random.
assert '(nosuchhost,jexample,example.com)' in triples
assert '(ipatesthost.%s,pexample,example.com)' % api.env.domain in triples
def test_7_netgroup_find(self):
"""
Test the `xmlrpc.netgroup_find` method.
"""
result = api.Command.netgroup_find(self.ng_cn, raw=True)
entries = result['result']
assert(result['count'] == 1)
assert_attr_equal(entries[0], 'description', self.ng_description)
assert_attr_equal(entries[0], 'cn', self.ng_cn)
def test_8_netgroup_mod(self):
"""
Test the `xmlrpc.netgroup_mod` method.
"""
newdesc = u'Updated host group'
modkw = {'cn': self.ng_cn, 'description': newdesc, 'raw': True}
entry = api.Command['netgroup_mod'](**modkw)['result']
assert_attr_equal(entry, 'description', newdesc)
# Ok, double-check that it was changed
entry = api.Command['netgroup_show'](self.ng_cn, raw=True)['result']
assert_attr_equal(entry, 'description', newdesc)
assert_attr_equal(entry, 'cn', self.ng_cn)
def test_9_netgroup_remove_member(self):
"""
Test the `xmlrpc.netgroup_remove_member` method.
"""
kw = {'raw': True}
kw['host'] = self.host_fqdn
ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw)
assert ret['completed'] == 1
kw = {'raw': True}
kw['hostgroup'] = self.hg_cn
ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw)
assert ret['completed'] == 1
kw = {'raw': True}
kw['user'] = self.user_uid
ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw)
assert ret['completed'] == 1
kw = {'raw': True}
kw['group'] = self.group_cn
ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw)
assert ret['completed'] == 1
def test_a_netgroup_remove_member(self):
"""
Test the `xmlrpc.netgroup_remove_member` method again to test not found.
"""
kw = {'raw': True}
kw['host'] = self.host_fqdn
ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw)
assert ret['completed'] == 0
failed = ret['failed']
assert 'memberhost' in failed
assert 'host' in failed['memberhost']
assert self.host_fqdn in failed['memberhost']['host']
kw = {'raw': True}
kw['hostgroup'] = self.hg_cn
ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw)
assert ret['completed'] == 0
failed = ret['failed']
assert 'memberhost' in failed
assert 'hostgroup' in failed['memberhost']
assert self.hg_cn in failed['memberhost']['hostgroup']
kw = {'raw': True}
kw['user'] = self.user_uid
api.Command['netgroup_show'](self.ng_cn, all=True)
ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw)
assert ret['completed'] == 0
failed = ret['failed']
assert 'memberuser' in failed
assert 'user' in failed['memberuser']
assert self.user_uid in failed['memberuser']['user']
kw = {'raw': True}
kw['group'] = self.group_cn
ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw)
assert ret['completed'] == 0
failed = ret['failed']
assert 'memberuser' in failed
assert 'group' in failed['memberuser']
assert self.group_cn in failed['memberuser']['group']
def test_b_netgroup_del(self):
"""
Test the `xmlrpc.netgroup_del` method.
"""
assert api.Command['netgroup_del'](self.ng_cn)['result'] is True
# Verify that it is gone
try:
api.Command['netgroup_show'](self.ng_cn)
except errors.NotFound:
pass
else:
assert False
def test_c_del_data(self):
"""
Remove the test data we added.
"""
# Remove the host
assert api.Command['host_del'](self.host_fqdn)['result'] is True
# Verify that it is gone
try:
api.Command['host_show'](self.host_fqdn)
except errors.NotFound:
pass
else:
assert False
# Remove the hostgroup
assert api.Command['hostgroup_del'](self.hg_cn)['result'] is True
# Verify that it is gone
try:
api.Command['hostgroup_show'](self.hg_cn)
except errors.NotFound:
pass
else:
assert False
# Remove the users
assert api.Command['user_del'](self.user_uid)['result'] is True
assert api.Command['user_del'](self.user2_uid)['result'] is True
# Verify that it is gone
try:
api.Command['user_show'](self.user_uid)
except errors.NotFound:
pass
else:
assert False
# Remove the group
assert api.Command['group_del'](self.group_cn)['result'] is True
# Verify that it is gone
try:
api.Command['group_show'](self.group_cn)
except errors.NotFound:
pass
else:
assert False
Reference in New Issue View Git Blame Copy Permalink