Netgroup nisdomain and hosts validation

nisdomain validation: Added pattern to the 'nisdomain' parameter to validate the specified nisdomain name. According to most common use cases the same pattern as for netgroup should fit. Unit-tests added. https://fedorahosted.org/freeipa/ticket/2448 'add_external_pre_callback' function was created to allow validation of all external members. Validation is based on usage of objects primary key parameter. The 'add_external_pre_callback' fucntion has to be called directly from in the 'pre_callback' function. This change affects netgroup, hbacrule and sudorule commands. For hostname, the validator allows non-fqdn and underscore characters. validate_hostname function in ipalib.util was modified and contains additional option that allows hostname to contain underscore characters. This option is disabled by default. Unit-tests added. https://fedorahosted.org/freeipa/ticket/2447
author: Ondrej Hamada <ohamada@redhat.com> 2012-03-27 15:15:20 +0200
committer: Martin Kosek <mkosek@redhat.com> 2012-03-28 16:23:37 +0200
commit: 5cfee2338d548035151926c5c235f3426fca0499 (patch)
tree: bfaf5b0b796d398386e971c1ba272bb748e91145 /tests/test_xmlrpc/test_sudorule_plugin.py
parent: 159e848d85779e8fb3a9b2ed84490423014bf609 (diff)
download: freeipa-5cfee2338d548035151926c5c235f3426fca0499.tar.gz
freeipa-5cfee2338d548035151926c5c235f3426fca0499.tar.xz
freeipa-5cfee2338d548035151926c5c235f3426fca0499.zip
1 files changed, 60 insertions, 0 deletions
diff --git a/tests/test_xmlrpc/test_sudorule_plugin.py b/tests/test_xmlrpc/test_sudorule_plugin.py
index 7c45256ec..6aabd2b27 100644
--- a/tests/test_xmlrpc/test_sudorule_plugin.py
+++ b/tests/test_xmlrpc/test_sudorule_plugin.py
@@ -53,6 +53,10 @@ class test_sudorule(XMLRPC_test):
     test_category = u'all'
     test_option = u'authenticate'
 
+    test_invalid_user = u'+invalid#user'
+    test_invalid_host = u'+invalid&host.nonexist.com'
+    test_invalid_group = u'+invalid#group'
+
     def test_0_sudorule_add(self):
         """
         Test adding a new Sudo rule using `xmlrpc.sudorule_add`.
@@ -206,6 +210,20 @@ class test_sudorule(XMLRPC_test):
         entry = ret['result']
         assert_attr_equal(entry, 'ipasudorunas_user', self.test_runasuser)
 
+    def test_a_sudorule_add_runasuser_invalid(self):
+        """
+        Test adding run as invalid user to Sudo rule using
+        `xmlrpc.sudorule_add_runasuser`.
+        """
+        try:
+            api.Command['sudorule_add_runasuser'](
+                self.rule_name, user=self.test_invalid_user
+            )
+        except errors.ValidationError:
+            pass
+        else:
+            assert False
+
     def test_b_sudorule_remove_runasuser(self):
         """
         Test removing run as user to Sudo rule using
@@ -239,6 +257,20 @@ class test_sudorule(XMLRPC_test):
         assert_attr_equal(entry, 'ipasudorunasgroup_group',
             self.test_runasgroup)
 
+    def test_a_sudorule_add_runasgroup_invalid(self):
+        """
+        Test adding run as invalid user to Sudo rule using
+        `xmlrpc.sudorule_add_runasuser`.
+        """
+        try:
+            api.Command['sudorule_add_runasgroup'](
+                self.rule_name, group=self.test_invalid_group
+            )
+        except errors.ValidationError:
+            pass
+        else:
+            assert False
+
     def test_b_sudorule_remove_runasgroup(self):
         """
         Test removing run as group to Sudo rule using
@@ -268,6 +300,20 @@ class test_sudorule(XMLRPC_test):
         entry = ret['result']
         assert_attr_equal(entry, 'externaluser', self.test_external_user)
 
+    def test_a_sudorule_add_externaluser_invalid(self):
+        """
+        Test adding an invalid external user to Sudo rule using
+        `xmlrpc.sudorule_add_user`.
+        """
+        try:
+            api.Command['sudorule_add_user'](
+                self.rule_name, user=self.test_invalid_user
+            )
+        except errors.ValidationError:
+            pass
+        else:
+            assert False
+
     def test_b_sudorule_remove_externaluser(self):
         """
         Test removing an external user from Sudo rule using
@@ -424,6 +470,20 @@ class test_sudorule(XMLRPC_test):
         entry = ret['result']
         assert_attr_equal(entry, 'externalhost', self.test_external_host)
 
+    def test_a_sudorule_add_externalhost_invalid(self):
+        """
+        Test adding an invalid external host to Sudo rule using
+        `xmlrpc.sudorule_add_host`.
+        """
+        try:
+            api.Command['sudorule_add_host'](
+                self.rule_name, host=self.test_invalid_host
+            )
+        except errors.ValidationError:
+            pass
+        else:
+            assert False
+
     def test_b_sudorule_remove_externalhost(self):
         """
         Test removing an external host from Sudo rule using
author	Ondrej Hamada <ohamada@redhat.com>	2012-03-27 15:15:20 +0200
committer	Martin Kosek <mkosek@redhat.com>	2012-03-28 16:23:37 +0200
commit	5cfee2338d548035151926c5c235f3426fca0499 (patch)
tree	bfaf5b0b796d398386e971c1ba272bb748e91145 /tests/test_xmlrpc/test_sudorule_plugin.py
parent	159e848d85779e8fb3a9b2ed84490423014bf609 (diff)
download	freeipa-5cfee2338d548035151926c5c235f3426fca0499.tar.gz freeipa-5cfee2338d548035151926c5c235f3426fca0499.tar.xz freeipa-5cfee2338d548035151926c5c235f3426fca0499.zip