diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-12-06 18:15:41 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2012-01-04 20:27:26 -0500 |
| commit | 64ee2464e8f21d070358d82f40b4ec13a9546c6b (patch) | |
| tree | 758cdd2ed18481bd9fd73165fbb4caf0c8fd4f1c /tests | |
| parent | de0444defea0868bc2b3ec1ee8624a514c67a04e (diff) | |
| download | freeipa-64ee2464e8f21d070358d82f40b4ec13a9546c6b.tar.gz freeipa-64ee2464e8f21d070358d82f40b4ec13a9546c6b.tar.xz freeipa-64ee2464e8f21d070358d82f40b4ec13a9546c6b.zip | |
Display the value of memberOf ACIs in permission plugin.
There were two problems:
1. memberof wasn't in the list of things we looked for in the return value
from aci_show()
2. The value wasn't being translated into a group name.
Use the DN class to retrieve the group name from the memberof URI.
Note that I changed the parsing for targetgroup as well. We now save a lookup
and potentially returning a NotFound if an aci points to a group that no
longer exists.
https://fedorahosted.org/freeipa/ticket/2100
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/test_xmlrpc/test_permission_plugin.py | 62 |
1 files changed, 61 insertions, 1 deletions
diff --git a/tests/test_xmlrpc/test_permission_plugin.py b/tests/test_xmlrpc/test_permission_plugin.py index a116a66ea..b0df80094 100644 --- a/tests/test_xmlrpc/test_permission_plugin.py +++ b/tests/test_xmlrpc/test_permission_plugin.py @@ -290,7 +290,7 @@ class test_permission(Declarative): dict( desc='Update %r' % permission1, command=( - 'permission_mod', [permission1], dict(permissions=u'read') + 'permission_mod', [permission1], dict(permissions=u'read', memberof=u'ipausers') ), expected=dict( value=permission1, @@ -301,6 +301,7 @@ class test_permission(Declarative): member_privilege=[privilege1], type=u'user', permissions=[u'read'], + memberof=u'ipausers', ), ), ), @@ -318,6 +319,7 @@ class test_permission(Declarative): 'member_privilege': [privilege1], 'type': u'user', 'permissions': [u'read'], + 'memberof': u'ipausers', }, ), ), @@ -347,6 +349,7 @@ class test_permission(Declarative): 'member_privilege': [privilege1], 'type': u'user', 'permissions': [u'read'], + 'memberof': u'ipausers', }, ), ), @@ -368,6 +371,7 @@ class test_permission(Declarative): 'member_privilege': [privilege1], 'type': u'user', 'permissions': [u'all'], + 'memberof': u'ipausers', }, ), ), @@ -438,4 +442,60 @@ class test_permission(Declarative): ) ), + + dict( + desc='Create memberof permission %r' % permission1, + command=( + 'permission_add', [permission1], dict( + memberof=u'editors', + permissions=u'write', + ) + ), + expected=dict( + value=permission1, + summary=u'Added permission "%s"' % permission1, + result=dict( + dn=lambda x: DN(x) == permission1_dn, + cn=[permission1], + objectclass=objectclasses.permission, + memberof=u'editors', + permissions=[u'write'], + ), + ), + ), + + + dict( + desc='Delete %r' % permission1, + command=('permission_del', [permission1], {}), + expected=dict( + result=dict(failed=u''), + value=permission1, + summary=u'Deleted permission "%s"' % permission1, + ) + ), + + + dict( + desc='Create targetgroup permission %r' % permission1, + command=( + 'permission_add', [permission1], dict( + targetgroup=u'editors', + permissions=u'write', + ) + ), + expected=dict( + value=permission1, + summary=u'Added permission "%s"' % permission1, + result=dict( + dn=lambda x: DN(x) == permission1_dn, + cn=[permission1], + objectclass=objectclasses.permission, + targetgroup=u'editors', + permissions=[u'write'], + ), + ), + ), + + ] |