diff options
author | Ondrej Hamada <ohamada@redhat.com> | 2012-03-27 15:15:20 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2012-03-28 16:23:37 +0200 |
commit | 5cfee2338d548035151926c5c235f3426fca0499 (patch) | |
tree | bfaf5b0b796d398386e971c1ba272bb748e91145 /tests/test_xmlrpc/test_sudorule_plugin.py | |
parent | 159e848d85779e8fb3a9b2ed84490423014bf609 (diff) | |
download | freeipa-5cfee2338d548035151926c5c235f3426fca0499.tar.gz freeipa-5cfee2338d548035151926c5c235f3426fca0499.tar.xz freeipa-5cfee2338d548035151926c5c235f3426fca0499.zip |
Netgroup nisdomain and hosts validation
nisdomain validation:
Added pattern to the 'nisdomain' parameter to validate the specified
nisdomain name. According to most common use cases the same pattern as
for netgroup should fit. Unit-tests added.
https://fedorahosted.org/freeipa/ticket/2448
'add_external_pre_callback' function was created to allow validation of
all external members. Validation is based on usage of objects primary
key parameter. The 'add_external_pre_callback' fucntion has to be called
directly from in the 'pre_callback' function. This change affects
netgroup, hbacrule and sudorule commands.
For hostname, the validator allows non-fqdn and underscore characters.
validate_hostname function in ipalib.util was modified and contains
additional option that allows hostname to contain underscore characters.
This option is disabled by default.
Unit-tests added.
https://fedorahosted.org/freeipa/ticket/2447
Diffstat (limited to 'tests/test_xmlrpc/test_sudorule_plugin.py')
-rw-r--r-- | tests/test_xmlrpc/test_sudorule_plugin.py | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/tests/test_xmlrpc/test_sudorule_plugin.py b/tests/test_xmlrpc/test_sudorule_plugin.py index 7c45256ec..6aabd2b27 100644 --- a/tests/test_xmlrpc/test_sudorule_plugin.py +++ b/tests/test_xmlrpc/test_sudorule_plugin.py @@ -53,6 +53,10 @@ class test_sudorule(XMLRPC_test): test_category = u'all' test_option = u'authenticate' + test_invalid_user = u'+invalid#user' + test_invalid_host = u'+invalid&host.nonexist.com' + test_invalid_group = u'+invalid#group' + def test_0_sudorule_add(self): """ Test adding a new Sudo rule using `xmlrpc.sudorule_add`. @@ -206,6 +210,20 @@ class test_sudorule(XMLRPC_test): entry = ret['result'] assert_attr_equal(entry, 'ipasudorunas_user', self.test_runasuser) + def test_a_sudorule_add_runasuser_invalid(self): + """ + Test adding run as invalid user to Sudo rule using + `xmlrpc.sudorule_add_runasuser`. + """ + try: + api.Command['sudorule_add_runasuser']( + self.rule_name, user=self.test_invalid_user + ) + except errors.ValidationError: + pass + else: + assert False + def test_b_sudorule_remove_runasuser(self): """ Test removing run as user to Sudo rule using @@ -239,6 +257,20 @@ class test_sudorule(XMLRPC_test): assert_attr_equal(entry, 'ipasudorunasgroup_group', self.test_runasgroup) + def test_a_sudorule_add_runasgroup_invalid(self): + """ + Test adding run as invalid user to Sudo rule using + `xmlrpc.sudorule_add_runasuser`. + """ + try: + api.Command['sudorule_add_runasgroup']( + self.rule_name, group=self.test_invalid_group + ) + except errors.ValidationError: + pass + else: + assert False + def test_b_sudorule_remove_runasgroup(self): """ Test removing run as group to Sudo rule using @@ -268,6 +300,20 @@ class test_sudorule(XMLRPC_test): entry = ret['result'] assert_attr_equal(entry, 'externaluser', self.test_external_user) + def test_a_sudorule_add_externaluser_invalid(self): + """ + Test adding an invalid external user to Sudo rule using + `xmlrpc.sudorule_add_user`. + """ + try: + api.Command['sudorule_add_user']( + self.rule_name, user=self.test_invalid_user + ) + except errors.ValidationError: + pass + else: + assert False + def test_b_sudorule_remove_externaluser(self): """ Test removing an external user from Sudo rule using @@ -424,6 +470,20 @@ class test_sudorule(XMLRPC_test): entry = ret['result'] assert_attr_equal(entry, 'externalhost', self.test_external_host) + def test_a_sudorule_add_externalhost_invalid(self): + """ + Test adding an invalid external host to Sudo rule using + `xmlrpc.sudorule_add_host`. + """ + try: + api.Command['sudorule_add_host']( + self.rule_name, host=self.test_invalid_host + ) + except errors.ValidationError: + pass + else: + assert False + def test_b_sudorule_remove_externalhost(self): """ Test removing an external host from Sudo rule using |