diff options
author | Petr Viktorin <pviktori@redhat.com> | 2012-05-23 05:44:53 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2012-06-06 21:57:12 -0400 |
commit | f8e7b516d923142a23058cb23ee817522686cfe3 (patch) | |
tree | 9987a2ea8abd8579c4852ad813d00861351e54bf /tests | |
parent | cf72738b214d115bb930f4e323512fd57a426a63 (diff) | |
download | freeipa-f8e7b516d923142a23058cb23ee817522686cfe3.tar.gz freeipa-f8e7b516d923142a23058cb23ee817522686cfe3.tar.xz freeipa-f8e7b516d923142a23058cb23ee817522686cfe3.zip |
Prevent deletion of the last admin
Raise an error when trying to delete the last user in the
'admins' group, or remove the last member from the group,
or delete the group itself.
https://fedorahosted.org/freeipa/ticket/2564
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_xmlrpc/test_group_plugin.py | 55 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_user_plugin.py | 41 |
2 files changed, 96 insertions, 0 deletions
diff --git a/tests/test_xmlrpc/test_group_plugin.py b/tests/test_xmlrpc/test_group_plugin.py index c0abcb955..abee7bac7 100644 --- a/tests/test_xmlrpc/test_group_plugin.py +++ b/tests/test_xmlrpc/test_group_plugin.py @@ -797,4 +797,59 @@ class test_group(Declarative): expected=errors.NotFound(reason=u'%s: group not found' % user1), ), + dict( + desc='Try to remove the admin user from the admins group', + command=('group_remove_member', [u'admins'], dict(user=[u'admin'])), + expected=errors.LastMemberError(key=u'admin', label=u'group', + container='admins'), + ), + + dict( + desc='Add %r to the admins group' % user1, + command=('group_add_member', [u'admins'], dict(user=user1)), + expected=dict( + completed=1, + failed=dict( + member=dict( + group=tuple(), + user=tuple(), + ), + ), + result={ + 'dn': lambda x: DN(x) == \ + DN(('cn', 'admins'), ('cn', 'groups'), + ('cn', 'accounts'), api.env.basedn), + 'member_user': [u'admin', user1], + 'gidnumber': [fuzzy_digits], + 'cn': [u'admins'], + 'description': [u'Account administrators group'], + }, + ), + ), + + dict( + desc='Try to remove admin and %r from the admins group' % user1, + command=('group_remove_member', [u'admins'], + dict(user=[u'admin', user1])), + expected=errors.LastMemberError(key=u'admin', label=u'group', + container='admins'), + ), + + dict( + desc='Try to delete the admins group', + command=('group_del', [u'admins'], {}), + expected=errors.ProtectedEntryError(label=u'group', + key='admins', reason='privileged group'), + ), + + dict( + desc='Delete %r' % user1, + command=('user_del', [user1], {}), + expected=dict( + result=dict(failed=u''), + summary=u'Deleted user "%s"' % user1, + value=user1, + ), + ), + ] diff --git a/tests/test_xmlrpc/test_user_plugin.py b/tests/test_xmlrpc/test_user_plugin.py index 4b2be5c32..355a4cbbb 100644 --- a/tests/test_xmlrpc/test_user_plugin.py +++ b/tests/test_xmlrpc/test_user_plugin.py @@ -1330,4 +1330,45 @@ class test_user(Declarative): ), expected=lambda x: True, ), + + dict( + desc='Try to remove the admin user', + command=('user_del', [u'admin'], {}), + expected=errors.LastMemberError(key=u'admin', label=u'group', + container='admins'), + ), + + dict( + desc='Add %r to the admins group' % user2, + command=('group_add_member', [u'admins'], dict(user=user2)), + expected=dict( + completed=1, + failed=dict( + member=dict( + group=tuple(), + user=tuple(), + ), + ), + result={ + 'dn': lambda x: DN(x) == \ + DN(('cn', 'admins'), ('cn', 'groups'), + ('cn', 'accounts'), api.env.basedn), + 'member_user': [u'admin', user2], + 'gidnumber': [fuzzy_digits], + 'cn': [u'admins'], + 'description': [u'Account administrators group'], + }, + ), + ), + + dict( + desc='Delete %r' % user2, + command=('user_del', [user2], {}), + expected=dict( + result=dict(failed=u''), + summary=u'Deleted user "%s"' % user2, + value=user2, + ), + ), + ] |