diff options
author | Endi S. Dewata <edewata@redhat.com> | 2014-10-17 12:05:34 -0400 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-07-08 06:30:23 +0000 |
commit | bf6df3df9b388753a52a0040d9c15b1eabce41ca (patch) | |
tree | 9fa7083c38dc5b0a80ffda26cbb36c7463a18163 /ipatests | |
parent | 5017726ebaf6eea3dedb1325efe00c0d6c4b6187 (diff) | |
download | freeipa-bf6df3df9b388753a52a0040d9c15b1eabce41ca.tar.gz freeipa-bf6df3df9b388753a52a0040d9c15b1eabce41ca.tar.xz freeipa-bf6df3df9b388753a52a0040d9c15b1eabce41ca.zip |
Added vault access control.
New LDAP ACIs have been added to allow vault owners to manage the
vaults and to allow members to access the vaults. New CLIs have
been added to manage the owner and member list. The LDAP schema
has been updated as well.
https://fedorahosted.org/freeipa/ticket/3872
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipatests')
-rw-r--r-- | ipatests/test_xmlrpc/test_vault_plugin.py | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/ipatests/test_xmlrpc/test_vault_plugin.py b/ipatests/test_xmlrpc/test_vault_plugin.py index 3db93b207..fe2f2f67d 100644 --- a/ipatests/test_xmlrpc/test_vault_plugin.py +++ b/ipatests/test_xmlrpc/test_vault_plugin.py @@ -89,7 +89,7 @@ class test_vault_plugin(Declarative): 'continue': True }), ('vault_del', [vault_name], {'shared': True, 'continue': True}), - ('vault_del', [vault_name], {'user': user_name, 'continue': True}), + ('vault_del', [vault_name], {'username': user_name, 'continue': True}), ('vault_del', [standard_vault_name], {'continue': True}), ('vault_del', [symmetric_vault_name], {'continue': True}), ('vault_del', [asymmetric_vault_name], {'continue': True}), @@ -113,6 +113,7 @@ class test_vault_plugin(Declarative): 'objectclass': [u'top', u'ipaVault'], 'cn': [vault_name], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -154,6 +155,7 @@ class test_vault_plugin(Declarative): % (vault_name, api.env.basedn), 'cn': [vault_name], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -174,6 +176,7 @@ class test_vault_plugin(Declarative): 'cn': [vault_name], 'description': [u'Test vault'], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -212,6 +215,7 @@ class test_vault_plugin(Declarative): 'objectclass': [u'top', u'ipaVault'], 'cn': [vault_name], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -257,6 +261,7 @@ class test_vault_plugin(Declarative): % (vault_name, service_name, api.env.basedn), 'cn': [vault_name], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -278,6 +283,7 @@ class test_vault_plugin(Declarative): 'cn': [vault_name], 'description': [u'Test vault'], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -318,6 +324,7 @@ class test_vault_plugin(Declarative): 'objectclass': [u'top', u'ipaVault'], 'cn': [vault_name], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -363,6 +370,7 @@ class test_vault_plugin(Declarative): % (vault_name, api.env.basedn), 'cn': [vault_name], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -384,6 +392,7 @@ class test_vault_plugin(Declarative): 'cn': [vault_name], 'description': [u'Test vault'], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -412,7 +421,7 @@ class test_vault_plugin(Declarative): 'vault_add', [vault_name], { - 'user': user_name, + 'username': user_name, }, ), 'expected': { @@ -424,6 +433,7 @@ class test_vault_plugin(Declarative): 'objectclass': [u'top', u'ipaVault'], 'cn': [vault_name], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -434,7 +444,7 @@ class test_vault_plugin(Declarative): 'vault_find', [], { - 'user': user_name, + 'username': user_name, }, ), 'expected': { @@ -458,7 +468,7 @@ class test_vault_plugin(Declarative): 'vault_show', [vault_name], { - 'user': user_name, + 'username': user_name, }, ), 'expected': { @@ -469,6 +479,7 @@ class test_vault_plugin(Declarative): % (vault_name, user_name, api.env.basedn), 'cn': [vault_name], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -479,7 +490,7 @@ class test_vault_plugin(Declarative): 'vault_mod', [vault_name], { - 'user': user_name, + 'username': user_name, 'description': u'Test vault', }, ), @@ -490,6 +501,7 @@ class test_vault_plugin(Declarative): 'cn': [vault_name], 'description': [u'Test vault'], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -500,7 +512,7 @@ class test_vault_plugin(Declarative): 'vault_del', [vault_name], { - 'user': user_name, + 'username': user_name, }, ), 'expected': { @@ -528,6 +540,7 @@ class test_vault_plugin(Declarative): 'objectclass': [u'top', u'ipaVault'], 'cn': [standard_vault_name], 'ipavaulttype': [u'standard'], + 'owner_user': [u'admin'], }, }, }, @@ -586,6 +599,7 @@ class test_vault_plugin(Declarative): 'cn': [symmetric_vault_name], 'ipavaulttype': [u'symmetric'], 'ipavaultsalt': [fuzzy_string], + 'owner_user': [u'admin'], }, }, }, @@ -647,6 +661,7 @@ class test_vault_plugin(Declarative): 'cn': [asymmetric_vault_name], 'ipavaulttype': [u'asymmetric'], 'ipavaultpublickey': [public_key], + 'owner_user': [u'admin'], }, }, }, |