diff options
-rw-r--r-- | keystone/tests/test_backend_ldap.py | 43 |
1 files changed, 37 insertions, 6 deletions
diff --git a/keystone/tests/test_backend_ldap.py b/keystone/tests/test_backend_ldap.py index e40e0565..442ec8d9 100644 --- a/keystone/tests/test_backend_ldap.py +++ b/keystone/tests/test_backend_ldap.py @@ -17,6 +17,8 @@ import uuid +import ldap + from keystone import assignment from keystone.common.ldap import fakeldap from keystone.common import sql @@ -480,21 +482,50 @@ class LDAPIdentity(test.TestCase, BaseLDAPIdentity): self.load_backends() self.load_fixtures(default_fixtures) + ldap_ = self.identity_api.driver.user.get_connection() + + def get_enabled_vals(): + user_dn = self.identity_api.driver.user._id_to_dn_string('fake1') + enabled_attr_name = CONF.ldap.user_enabled_attribute + + res = ldap_.search_s(user_dn, + ldap.SCOPE_BASE, + query='(sn=fake1)') + return res[0][1][enabled_attr_name] + user = {'id': 'fake1', 'name': 'fake1', 'enabled': True, 'domain_id': CONF.identity.default_domain_id} - self.identity_api.create_user('fake1', user) + + user_ref = self.identity_api.create_user('fake1', user) + + self.assertEqual(user_ref['enabled'], 512) + # TODO(blk-u): 512 seems wrong, should it be True? + + enabled_vals = get_enabled_vals() + self.assertEqual(enabled_vals, [512]) + user_ref = self.identity_api.get_user('fake1') - self.assertEqual(user_ref['enabled'], True) + self.assertIs(user_ref['enabled'], True) user['enabled'] = False - self.identity_api.update_user('fake1', user) + user_ref = self.identity_api.update_user('fake1', user) + self.assertIs(user_ref['enabled'], False) + + enabled_vals = get_enabled_vals() + self.assertEqual(enabled_vals, [514]) + user_ref = self.identity_api.get_user('fake1') - self.assertEqual(user_ref['enabled'], False) + self.assertIs(user_ref['enabled'], False) user['enabled'] = True - self.identity_api.update_user('fake1', user) + user_ref = self.identity_api.update_user('fake1', user) + self.assertIs(user_ref['enabled'], True) + + enabled_vals = get_enabled_vals() + self.assertEqual(enabled_vals, [512]) + user_ref = self.identity_api.get_user('fake1') - self.assertEqual(user_ref['enabled'], True) + self.assertIs(user_ref['enabled'], True) def test_user_api_get_connection_no_user_password(self): """Don't bind in case the user and password are blank.""" |