diff options
author | Petr Viktorin <pviktori@redhat.com> | 2014-02-21 12:29:39 +0100 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-03-25 14:18:12 +0100 |
commit | d0e83dbccfdb35b1cdd4963ce4ffb2ff0627b066 (patch) | |
tree | e8a66da1fd78297cf10702903f0755171fb4cab7 /ipatests/test_xmlrpc/test_old_permission_plugin.py | |
parent | 427317efa67c0f4b0dc27f7e605c30c944e64536 (diff) | |
download | freeipa-d0e83dbccfdb35b1cdd4963ce4ffb2ff0627b066.tar.gz freeipa-d0e83dbccfdb35b1cdd4963ce4ffb2ff0627b066.tar.xz freeipa-d0e83dbccfdb35b1cdd4963ce4ffb2ff0627b066.zip |
test_permission_plugin: Fix tests that make too broad assumptions
The test that searches with a limit of 1 assumes a specific order
LDAP returns entries in. Future patches will change this order.
Do not check the specific entry returned.
The test that searched for --bindtype assumed that no anonymous
permissions exist in a clean install. Again, this will be changed
in future patches.
Add a name to the bindtype test, and add a negatitive test to
verify the filtering works.
Reviewed-By: Martin Kosek <mkosek@redhat.com>
Diffstat (limited to 'ipatests/test_xmlrpc/test_old_permission_plugin.py')
-rw-r--r-- | ipatests/test_xmlrpc/test_old_permission_plugin.py | 26 |
1 files changed, 7 insertions, 19 deletions
diff --git a/ipatests/test_xmlrpc/test_old_permission_plugin.py b/ipatests/test_xmlrpc/test_old_permission_plugin.py index 67c0a1c3f..56dd4435c 100644 --- a/ipatests/test_xmlrpc/test_old_permission_plugin.py +++ b/ipatests/test_xmlrpc/test_old_permission_plugin.py @@ -554,31 +554,19 @@ class test_old_permission(Declarative): # This tests setting truncated to True in the post_callback of # permission_find(). The return order in LDAP is not guaranteed - # but in practice this is the first entry it finds. This is subject - # to change. + # so do not check the actual entry. dict( desc='Search for permissions by attr with a limit of 1 (truncated)', - command=('permission_find', [], dict(attrs=u'ipaenabledflag', - sizelimit=1)), + command=('permission_find', [u'Modify'], + dict(attrs=u'ipaenabledflag', sizelimit=1)), expected=dict( count=1, truncated=True, summary=u'1 permission matched', - result=[ - { - 'dn': DN(('cn', 'Modify HBAC rule'), - api.env.container_permission, api.env.basedn), - 'cn': [u'Modify HBAC rule'], - 'objectclass': objectclasses.permission, - 'member_privilege': [u'HBAC Administrator'], - 'memberindirect_role': [u'IT Security Specialist'], - 'permissions' : [u'write'], - 'attrs': [u'servicecategory', u'sourcehostcategory', u'cn', u'description', u'ipaenabledflag', u'accesstime', u'usercategory', u'hostcategory', u'accessruletype', u'sourcehost'], - 'ipapermbindruletype': [u'permission'], - 'ipapermtarget': [DN('ipauniqueid=*', hbac_dn)], - 'subtree': u'ldap:///%s' % api.env.basedn, - }, - ], + result=[lambda res: + DN(res['dn']).endswith(DN(api.env.container_permission, + api.env.basedn)) and + 'ipapermission' in res['objectclass']], ), ), |