Added modifications to the sudorule plugin to reflect the schema update.

author: Jr Aquino <jr.aquino@citrixonline.com> 2010-10-04 15:56:40 -0700
committer: Rob Crittenden <rcritten@redhat.com> 2010-10-05 21:37:59 -0400
commit: bfd2e383dcb0cd5ce156775982e87d6ac32513a3 (patch)
tree: a65f666dbb982cdd8c1f957469fabdbe6307a401 /tests/test_xmlrpc
parent: 7058df65ac4ed9cc45468d17f607f625434283ca (diff)
download: freeipa-bfd2e383dcb0cd5ce156775982e87d6ac32513a3.tar.gz
freeipa-bfd2e383dcb0cd5ce156775982e87d6ac32513a3.tar.xz
freeipa-bfd2e383dcb0cd5ce156775982e87d6ac32513a3.zip
1 files changed, 77 insertions, 35 deletions
diff --git a/tests/test_xmlrpc/test_sudorule_plugin.py b/tests/test_xmlrpc/test_sudorule_plugin.py
index 7ab372b79..b047899af 100644
--- a/tests/test_xmlrpc/test_sudorule_plugin.py
+++ b/tests/test_xmlrpc/test_sudorule_plugin.py
@@ -31,8 +31,6 @@ class test_sudorule(XMLRPC_test):
     Test the `sudorule` plugin.
     """
     rule_name = u'testing_sudorule1'
-    rule_type = u'allow'
-    rule_type_fail = u'value not allowed'
     rule_command = u'/usr/bin/testsudocmd1'
     rule_desc = u'description'
     rule_desc_mod = u'description modified'
@@ -41,8 +39,10 @@ class test_sudorule(XMLRPC_test):
     test_group = u'sudorule_test_group'
     test_host = u'sudorule._test_host'
     test_hostgroup = u'sudorule_test_hostgroup'
-    test_sudocmdgroup = u'sudorule_test_cmdgroup'
+    test_sudoallowcmdgroup = u'sudorule_test_allowcmdgroup'
+    test_sudodenycmdgroup = u'sudorule_test_denycmdgroup'
     test_command = u'/usr/bin/testsudocmd1'
+    test_denycommand = u'/usr/bin/testdenysudocmd1'
 
     def test_0_sudorule_add(self):
         """
@@ -50,12 +50,10 @@ class test_sudorule(XMLRPC_test):
         """
         ret = self.failsafe_add(api.Object.sudorule,
             self.rule_name,
-            accessruletype=self.rule_type,
             description=self.rule_desc,
         )
         entry = ret['result']
         assert_attr_equal(entry, 'cn', self.rule_name)
-        assert_attr_equal(entry, 'accessruletype', self.rule_type)
         assert_attr_equal(entry, 'description', self.rule_desc)
 
     def test_1_sudorule_add(self):
@@ -64,7 +62,7 @@ class test_sudorule(XMLRPC_test):
         """
         try:
             api.Command['sudorule_add'](
-                self.rule_name, accessruletype=self.rule_type
+                self.rule_name
             )
         except errors.DuplicateEntry:
             pass
@@ -77,7 +75,6 @@ class test_sudorule(XMLRPC_test):
         """
         entry = api.Command['sudorule_show'](self.rule_name)['result']
         assert_attr_equal(entry, 'cn', self.rule_name)
-        assert_attr_equal(entry, 'accessruletype', self.rule_type)
         assert_attr_equal(entry, 'description', self.rule_desc)
 
     def test_3_sudorule_mod(self):
@@ -95,13 +92,12 @@ class test_sudorule(XMLRPC_test):
         Test searching for Sudo rules using `xmlrpc.sudorule_find`.
         """
         ret = api.Command['sudorule_find'](
-            name=self.rule_name, accessruletype=self.rule_type,
+            name=self.rule_name,
             description=self.rule_desc_mod
         )
         assert ret['truncated'] is False
         entries = ret['result']
         assert_attr_equal(entries[0], 'cn', self.rule_name)
-        assert_attr_equal(entries[0], 'accessruletype', self.rule_type)
         assert_attr_equal(entries[0], 'description', self.rule_desc_mod)
 
     def test_7_sudorule_init_testing_data(self):
@@ -121,7 +117,10 @@ class test_sudorule(XMLRPC_test):
             self.test_hostgroup, description=u'description'
         )
         self.failsafe_add(api.Object.sudocmdgroup,
-            self.test_sudocmdgroup, description=u'desc'
+            self.test_sudoallowcmdgroup, description=u'desc'
+        )
+        self.failsafe_add(api.Object.sudocmdgroup,
+            self.test_sudodenycmdgroup, description=u'desc'
         )
         self.failsafe_add(api.Object.sudocmd,
             self.test_command, description=u'desc', force=True
@@ -203,46 +202,87 @@ class test_sudorule(XMLRPC_test):
         assert 'memberhost_host' not in entry
         assert 'memberhost_hostgroup' not in entry
 
-    def test_a_sudorule_add_command(self):
+    def test_a_sudorule_add_allow_command(self):
         """
-        Test adding command and cmdgroup to Sudo rule using
-        `xmlrpc.sudorule_add_command`.
+        Test adding allow command and cmdgroup to Sudo rule using
+        `xmlrpc.sudorule_add_allow_command`.
         """
-        ret = api.Command['sudorule_add_command'](
+        ret = api.Command['sudorule_add_allow_command'](
             self.rule_name, sudocmd=self.test_command,
-            sudocmdgroup=self.test_sudocmdgroup
+            sudocmdgroup=self.test_sudoallowcmdgroup
         )
         assert ret['completed'] == 2
         failed = ret['failed']
-        assert 'membercmd' in failed
-        assert 'sudocmd' in failed['membercmd']
-        assert not failed['membercmd']['sudocmd']
-        assert 'sudocmdgroup' in failed['membercmd']
-        assert not failed['membercmd']['sudocmdgroup']
+        assert 'memberallowcmd' in failed
+        assert 'sudocmd' in failed['memberallowcmd']
+        assert not failed['memberallowcmd']['sudocmd']
+        assert 'sudocmdgroup' in failed['memberallowcmd']
+        assert not failed['memberallowcmd']['sudocmdgroup']
         entry = ret['result']
-        assert_attr_equal(entry, 'membercmd_sudocmd', self.test_command)
-        assert_attr_equal(entry, 'membercmd_sudocmdgroup',
-            self.test_sudocmdgroup)
+        assert_attr_equal(entry, 'memberallowcmd_sudocmd', self.test_command)
+        assert_attr_equal(entry, 'memberallowcmd_sudocmdgroup',
+            self.test_sudoallowcmdgroup)
 
-    def test_a_sudorule_remove_command(self):
+    def test_a_sudorule_remove_allow_command(self):
         """
-        Test removing command and sudocmdgroup from Sudo rule using
+        Test removing allow command and sudocmdgroup from Sudo rule using
         `xmlrpc.sudorule_remove_command`.
         """
-        ret = api.Command['sudorule_remove_command'](
+        ret = api.Command['sudorule_remove_allow_command'](
+            self.rule_name, sudocmd=self.test_command,
+            sudocmdgroup=self.test_sudoallowcmdgroup
+        )
+        assert ret['completed'] == 2
+        failed = ret['failed']
+        assert 'memberallowcmd' in failed
+        assert 'sudocmd' in failed['memberallowcmd']
+        assert not failed['memberallowcmd']['sudocmd']
+        assert 'sudocmdgroup' in failed['memberallowcmd']
+        assert not failed['memberallowcmd']['sudocmdgroup']
+        entry = ret['result']
+        assert 'memberallowcmd_sudocmd' not in entry
+        assert 'memberallowcmd_sudocmdgroup' not in entry
+
+    def test_b_sudorule_add_deny_command(self):
+        """
+        Test adding deny command and cmdgroup to Sudo rule using
+        `xmlrpc.sudorule_add_deny_command`.
+        """
+        ret = api.Command['sudorule_add_deny_command'](
             self.rule_name, sudocmd=self.test_command,
-            sudocmdgroup=self.test_sudocmdgroup
+            sudocmdgroup=self.test_sudodenycmdgroup
         )
         assert ret['completed'] == 2
         failed = ret['failed']
-        assert 'membercmd' in failed
-        assert 'sudocmd' in failed['membercmd']
-        assert not failed['membercmd']['sudocmd']
-        assert 'sudocmdgroup' in failed['membercmd']
-        assert not failed['membercmd']['sudocmdgroup']
+        assert 'memberdenycmd' in failed
+        assert 'sudocmd' in failed['memberdenycmd']
+        assert not failed['memberdenycmd']['sudocmd']
+        assert 'sudocmdgroup' in failed['memberdenycmd']
+        assert not failed['memberdenycmd']['sudocmdgroup']
         entry = ret['result']
-        assert 'membercmd_sudocmd' not in entry
-        assert 'membercmd_sudocmdgroup' not in entry
+        assert_attr_equal(entry, 'memberdenycmd_sudocmd', self.test_command)
+        assert_attr_equal(entry, 'memberdenycmd_sudocmdgroup',
+            self.test_sudodenycmdgroup)
+
+    def test_b_sudorule_remove_deny_command(self):
+        """
+        Test removing deny command and sudocmdgroup from Sudo rule using
+        `xmlrpc.sudorule_remove_deny_command`.
+        """
+        ret = api.Command['sudorule_remove_deny_command'](
+            self.rule_name, sudocmd=self.test_command,
+            sudocmdgroup=self.test_sudodenycmdgroup
+        )
+        assert ret['completed'] == 2
+        failed = ret['failed']
+        assert 'memberdenycmd' in failed
+        assert 'sudocmd' in failed['memberdenycmd']
+        assert not failed['memberdenycmd']['sudocmd']
+        assert 'sudocmdgroup' in failed['memberdenycmd']
+        assert not failed['memberdenycmd']['sudocmdgroup']
+        entry = ret['result']
+        assert 'memberdenycmd_sudocmd' not in entry
+        assert 'memberdenycmd_sudocmdgroup' not in entry
 
     def test_c_sudorule_clear_testing_data(self):
         """
@@ -253,7 +293,9 @@ class test_sudorule(XMLRPC_test):
         api.Command['host_del'](self.test_host)
         api.Command['hostgroup_del'](self.test_hostgroup)
         api.Command['sudocmd_del'](self.test_command)
-        api.Command['sudocmdgroup_del'](self.test_sudocmdgroup)
+        api.Command['sudocmdgroup_del'](self.test_sudoallowcmdgroup)
+        api.Command['sudocmdgroup_del'](self.test_sudodenycmdgroup)
+
 
     def test_f_sudorule_del(self):
         """
author	Jr Aquino <jr.aquino@citrixonline.com>	2010-10-04 15:56:40 -0700
committer	Rob Crittenden <rcritten@redhat.com>	2010-10-05 21:37:59 -0400
commit	bfd2e383dcb0cd5ce156775982e87d6ac32513a3 (patch)
tree	a65f666dbb982cdd8c1f957469fabdbe6307a401 /tests/test_xmlrpc
parent	7058df65ac4ed9cc45468d17f607f625434283ca (diff)
download	freeipa-bfd2e383dcb0cd5ce156775982e87d6ac32513a3.tar.gz freeipa-bfd2e383dcb0cd5ce156775982e87d6ac32513a3.tar.xz freeipa-bfd2e383dcb0cd5ce156775982e87d6ac32513a3.zip