diff options
| author | Jr Aquino <jr.aquino@citrix.com> | 2010-12-13 10:00:59 -0800 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2010-12-13 17:56:13 -0500 |
| commit | ced639eb990792dd01213063f23c3be265adcb3b (patch) | |
| tree | 77217ca336e457cd74fdc64fff35822988c69cc9 /tests/test_xmlrpc/test_sudorule_plugin.py | |
| parent | b23b3911d2cc9e6063d66f885600c3aec471def9 (diff) | |
| download | freeipa-ced639eb990792dd01213063f23c3be265adcb3b.tar.gz freeipa-ced639eb990792dd01213063f23c3be265adcb3b.tar.xz freeipa-ced639eb990792dd01213063f23c3be265adcb3b.zip | |
tests for sudo run as user or group https://fedorahosted.org/freeipa/ticket/570
Diffstat (limited to 'tests/test_xmlrpc/test_sudorule_plugin.py')
| -rw-r--r-- | tests/test_xmlrpc/test_sudorule_plugin.py | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/tests/test_xmlrpc/test_sudorule_plugin.py b/tests/test_xmlrpc/test_sudorule_plugin.py index b047899af..166f1cb80 100644 --- a/tests/test_xmlrpc/test_sudorule_plugin.py +++ b/tests/test_xmlrpc/test_sudorule_plugin.py @@ -43,6 +43,9 @@ class test_sudorule(XMLRPC_test): test_sudodenycmdgroup = u'sudorule_test_denycmdgroup' test_command = u'/usr/bin/testsudocmd1' test_denycommand = u'/usr/bin/testdenysudocmd1' + test_runasuser = u'manager' + test_runasgroup = u'manager' + test_catagory = u'all' def test_0_sudorule_add(self): """ @@ -107,6 +110,9 @@ class test_sudorule(XMLRPC_test): self.failsafe_add(api.Object.user, self.test_user, givenname=u'first', sn=u'last' ) + self.failsafe_add(api.Object.user, + self.test_runasuser, givenname=u'first', sn=u'last' + ) self.failsafe_add(api.Object.group, self.test_group, description=u'description' ) @@ -164,6 +170,71 @@ class test_sudorule(XMLRPC_test): assert 'memberuser_user' not in entry assert 'memberuser_group' not in entry + def test_a_sudorule_add_runasuser(self): + """ + Test adding run as user to Sudo rule using + `xmlrpc.sudorule_add_runasuser`. + """ + ret = api.Command['sudorule_add_runasuser']( + self.rule_name, user=self.test_runasuser + ) + assert ret['completed'] == 1 + failed = ret['failed'] + assert 'ipasudorunas' in failed + assert 'user' in failed['ipasudorunas'] + assert not failed['ipasudorunas']['user'] + entry = ret['result'] + assert_attr_equal(entry, 'ipasudorunas_user', self.test_runasuser) + + def test_b_sudorule_remove_runasuser(self): + """ + Test removing run as user to Sudo rule using + `xmlrpc.sudorule_remove_runasuser'. + """ + ret = api.Command['sudorule_remove_runasuser']( + self.rule_name, user=self.test_runasuser + ) + assert ret['completed'] == 1 + failed = ret['failed'] + assert 'ipasudorunas' in failed + assert 'user' in failed['ipasudorunas'] + assert not failed['ipasudorunas']['user'] + entry = ret['result'] + assert 'ipasudorunas_user' not in entry + + def test_a_sudorule_add_runasgroup(self): + """ + Test adding run as group to Sudo rule using + `xmlrpc.sudorule_add_runasgroup`. + """ + ret = api.Command['sudorule_add_runasgroup']( + self.rule_name, group=self.test_runasgroup + ) + print ret + assert ret['completed'] == 1 + failed = ret['failed'] + assert 'ipasudorunasgroup' in failed + assert 'group' in failed['ipasudorunasgroup'] + assert not failed['ipasudorunasgroup']['group'] + entry = ret['result'] + assert_attr_equal(entry, 'ipasudorunasgroup_group', self.test_runasgroup) + + def test_b_sudorule_remove_runasgroup(self): + """ + Test removing run as group to Sudo rule using + `xmlrpc.sudorule_remove_runasgroup'. + """ + ret = api.Command['sudorule_remove_runasgroup']( + self.rule_name, group=self.test_runasgroup + ) + assert ret['completed'] == 1 + failed = ret['failed'] + assert 'ipasudorunasgroup' in failed + assert 'group' in failed['ipasudorunasgroup'] + assert not failed['ipasudorunasgroup']['group'] + entry = ret['result'] + assert 'ipasudorunasgroup_group' not in entry + def test_a_sudorule_add_host(self): """ Test adding host and hostgroup to Sudo rule using @@ -289,6 +360,7 @@ class test_sudorule(XMLRPC_test): Clear data for Sudo rule plugin testing. """ api.Command['user_del'](self.test_user) + api.Command['user_del'](self.test_runasuser) api.Command['group_del'](self.test_group) api.Command['host_del'](self.test_host) api.Command['hostgroup_del'](self.test_hostgroup) |