mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
6c5f2bcb30
In IPA framework we don't properly convert to Python bool type and just
return a string (TRUE or FALSE). This can be seen with many boolean
attributes, like
Bool('idnsallowdynupdate?',
cli_name='dynamic_update',
label=_('Dynamic update'),
doc=_('Allow dynamic updates.'),
attribute=True,
default=False,
autofill=True
),
in 'ipa dnszone-show':
> > > api.Command.dnszone_show('ipa.test')['result']['idnsallowdynupdate']
['TRUE']
This is because we don't have the reverse (from LDAP to Python) mapping
for the LDAP boolean OID 1.3.6.1.4.1.1466.115.121.1.7.
When Web UI asks for the entry, it gets back JSON output that contains
this 'TRUE' value:
"idnsallowdynupdate": [
"TRUE"
],
Add proper mapping from LDAP to Python bool type. With this, a simple
'checkbox' type can be used in Web UI instead of a complex radio-box
setup.
Note that when IPA API is asked to return raw values, 'TRUE' and 'FALSE'
still returned. These are the actual LDAP boolean attribute values. Care
needs to be done in tests:
- if output is from a command with --raw option, 'TRUE' or 'FALSE'
should be expected
- if output if from a normal (non-raw) command, True or False would be
returned
Fixes: https://pagure.io/freeipa/issue/9171
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
226 lines
7.1 KiB
Python
226 lines
7.1 KiB
Python
#
|
|
# Copyright (C) 2017 FreeIPA Contributors see COPYING for license
|
|
#
|
|
|
|
from ipapython.dn import DN
|
|
from ipatests.test_xmlrpc.tracker.base import Tracker
|
|
from ipatests.test_xmlrpc.tracker.base import ConfigurationTracker, EnableTracker
|
|
from ipatests.test_xmlrpc import objectclasses
|
|
from ipatests.test_xmlrpc.xmlrpc_test import fuzzy_string
|
|
from ipatests.util import assert_deepequal
|
|
|
|
|
|
class CertmapruleTracker(Tracker, EnableTracker):
|
|
""" Tracker for testin certmaprule plugin """
|
|
retrieve_keys = {
|
|
u'dn',
|
|
u'cn',
|
|
u'description',
|
|
u'ipacertmapmaprule',
|
|
u'ipacertmapmatchrule',
|
|
u'associateddomain',
|
|
u'ipacertmappriority',
|
|
u'ipaenabledflag'
|
|
}
|
|
retrieve_all_keys = retrieve_keys | {u'objectclass'}
|
|
create_keys = retrieve_keys | {u'objectclass'}
|
|
update_keys = retrieve_keys - {u'dn'}
|
|
|
|
def __init__(self, cn, description, ipacertmapmaprule,
|
|
ipacertmapmatchrule, associateddomain, ipacertmappriority,
|
|
default_version=None):
|
|
super(CertmapruleTracker, self).__init__(
|
|
default_version=default_version)
|
|
|
|
self.dn = DN((u'cn', cn,),
|
|
self.api.env.container_certmaprules,
|
|
self.api.env.basedn)
|
|
self.options = {
|
|
u'description': description,
|
|
u'ipacertmapmaprule': ipacertmapmaprule,
|
|
u'ipacertmapmatchrule': ipacertmapmatchrule,
|
|
u'associateddomain': associateddomain,
|
|
u'ipacertmappriority': ipacertmappriority,
|
|
}
|
|
|
|
def make_create_command(self, dont_fill=()):
|
|
kwargs = {k: v for k, v in self.options.items() if k not in dont_fill}
|
|
|
|
return self.make_command('certmaprule_add', self.name, **kwargs)
|
|
|
|
def track_create(self, dont_fill=()):
|
|
self.attrs = {
|
|
'dn': self.dn,
|
|
'cn': [self.name],
|
|
'ipaenabledflag': [True],
|
|
'objectclass': objectclasses.certmaprule,
|
|
}
|
|
self.attrs.update({
|
|
k: [v] for k, v in self.options.items() if k not in dont_fill
|
|
})
|
|
self.exists = True
|
|
|
|
def check_create(self, result):
|
|
assert_deepequal(dict(
|
|
value=self.name,
|
|
summary=u'Added Certificate Identity Mapping Rule "{}"'
|
|
u''.format(self.name),
|
|
result=self.filter_attrs(self.create_keys),
|
|
), result)
|
|
|
|
def create(self, dont_fill=()):
|
|
self.track_create(dont_fill)
|
|
command = self.make_create_command(dont_fill)
|
|
result = command()
|
|
self.check_create(result)
|
|
|
|
def make_delete_command(self):
|
|
return self.make_command('certmaprule_del', self.name)
|
|
|
|
def check_delete(self, result):
|
|
assert_deepequal(
|
|
dict(
|
|
value=[self.name],
|
|
summary=u'Deleted Certificate Identity Mapping Rule "{}"'
|
|
''.format(self.name),
|
|
result=dict(failed=[]),
|
|
),
|
|
result
|
|
)
|
|
|
|
def make_retrieve_command(self, all=False, raw=False):
|
|
return self.make_command('certmaprule_show', self.name, all=all,
|
|
raw=raw)
|
|
|
|
def check_retrieve(self, result, all=False, raw=False):
|
|
if all:
|
|
expected = self.filter_attrs(self.retrieve_all_keys)
|
|
else:
|
|
expected = self.filter_attrs(self.retrieve_keys)
|
|
assert_deepequal(
|
|
dict(
|
|
value=self.name,
|
|
summary=None,
|
|
result=expected,
|
|
),
|
|
result
|
|
)
|
|
|
|
def make_find_command(self, *args, **kwargs):
|
|
return self.make_command('certmaprule_find', *args, **kwargs)
|
|
|
|
def check_find(self, result, all=False, raw=False):
|
|
if all:
|
|
expected = self.filter_attrs(self.retrieve_all_keys)
|
|
else:
|
|
expected = self.filter_attrs(self.retrieve_keys)
|
|
assert_deepequal(
|
|
dict(
|
|
count=1,
|
|
truncated=False,
|
|
summary=u'1 Certificate Identity Mapping Rule matched',
|
|
result=[expected],
|
|
),
|
|
result
|
|
)
|
|
|
|
def make_update_command(self, updates):
|
|
return self.make_command('certmaprule_mod', self.name, **updates)
|
|
|
|
def check_update(self, result, extra_keys=()):
|
|
assert_deepequal(
|
|
dict(
|
|
value=self.name,
|
|
summary=u'Modified Certificate Identity Mapping Rule "{}"'
|
|
u''.format(self.name),
|
|
result=self.filter_attrs(self.update_keys | set(extra_keys)),
|
|
),
|
|
result
|
|
)
|
|
|
|
def make_enable_command(self):
|
|
return self.make_command('certmaprule_enable', self.name)
|
|
|
|
def check_enable(self, result):
|
|
assert_deepequal(
|
|
dict(
|
|
value=self.name,
|
|
summary=u'Enabled Certificate Identity Mapping Rule "{}"'
|
|
u''.format(self.name),
|
|
result=True,
|
|
),
|
|
result
|
|
)
|
|
|
|
def make_disable_command(self):
|
|
return self.make_command('certmaprule_disable', self.name)
|
|
|
|
def check_disable(self, result):
|
|
assert_deepequal(
|
|
dict(
|
|
value=self.name,
|
|
summary=u'Disabled Certificate Identity Mapping Rule "{}"'
|
|
u''.format(self.name),
|
|
result=True,
|
|
),
|
|
result
|
|
)
|
|
|
|
|
|
class CertmapconfigTracker(ConfigurationTracker):
|
|
retrieve_keys = {
|
|
u'dn',
|
|
u'ipacertmappromptusername',
|
|
}
|
|
|
|
retrieve_all_keys = retrieve_keys | {
|
|
u'cn',
|
|
u'objectclass',
|
|
u'aci',
|
|
}
|
|
update_keys = retrieve_keys - {u'dn'}
|
|
singlevalue_keys = {u'ipacertmappromptusername'}
|
|
|
|
def __init__(self, default_version=None):
|
|
super(CertmapconfigTracker, self).__init__(
|
|
default_version=default_version)
|
|
|
|
self.attrs = {
|
|
u'dn': DN(self.api.env.container_certmap, self.api.env.basedn),
|
|
u'cn': [self.api.env.container_certmap[0].value],
|
|
u'objectclass': objectclasses.certmapconfig,
|
|
u'aci': [fuzzy_string],
|
|
u'ipacertmappromptusername': self.api.Command.certmapconfig_show(
|
|
)[u'result'][u'ipacertmappromptusername']
|
|
}
|
|
|
|
def make_update_command(self, updates):
|
|
return self.make_command('certmapconfig_mod', **updates)
|
|
|
|
def check_update(self, result, extra_keys=()):
|
|
assert_deepequal(
|
|
dict(
|
|
value=None,
|
|
summary=None,
|
|
result=self.filter_attrs(self.update_keys | set(extra_keys)),
|
|
),
|
|
result
|
|
)
|
|
|
|
def make_retrieve_command(self, all=False, raw=False):
|
|
return self.make_command('certmapconfig_show', all=all, raw=raw)
|
|
|
|
def check_retrieve(self, result, all=False, raw=False):
|
|
if all:
|
|
expected = self.filter_attrs(self.retrieve_all_keys)
|
|
else:
|
|
expected = self.filter_attrs(self.retrieve_keys)
|
|
assert_deepequal(
|
|
dict(
|
|
value=None,
|
|
summary=None,
|
|
result=expected,
|
|
),
|
|
result
|
|
)
|