diff options
author | Jan Cholasta <jcholast@redhat.com> | 2013-03-18 12:31:23 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-03-29 16:34:46 +0100 |
commit | 5f26d2c6dbe878518963b5d8f9159ed3fcc71d58 (patch) | |
tree | d26dd5bac744b8f6110d7cd35a8201d0d312d46e /tests | |
parent | cc56723151c9ebf58d891e85617319d861af14a4 (diff) | |
download | freeipa-5f26d2c6dbe878518963b5d8f9159ed3fcc71d58.tar.gz freeipa-5f26d2c6dbe878518963b5d8f9159ed3fcc71d58.tar.xz freeipa-5f26d2c6dbe878518963b5d8f9159ed3fcc71d58.zip |
Add Kerberos ticket flags management to service and host plugins.
https://fedorahosted.org/freeipa/ticket/3329
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_xmlrpc/test_service_plugin.py | 84 |
1 files changed, 83 insertions, 1 deletions
diff --git a/tests/test_xmlrpc/test_service_plugin.py b/tests/test_xmlrpc/test_service_plugin.py index 29c94e310..6f8dbbee7 100644 --- a/tests/test_xmlrpc/test_service_plugin.py +++ b/tests/test_xmlrpc/test_service_plugin.py @@ -228,7 +228,9 @@ class test_service(Declarative): objectclass=objectclasses.service, ipauniqueid=[fuzzy_uuid], managedby_host=[fqdn1], - has_keytab=False + has_keytab=False, + ipakrbrequirespreauth=True, + ipakrbokasdelegate=False, ), ), ), @@ -269,6 +271,8 @@ class test_service(Declarative): ipauniqueid=[fuzzy_uuid], has_keytab=False, managedby_host=[fqdn1], + ipakrbrequirespreauth=True, + ipakrbokasdelegate=False, ), ], ), @@ -462,6 +466,84 @@ class test_service(Declarative): dict( + desc='Enable %r OK_AS_DELEGATE Kerberos ticket flag' % service1, + command=('service_mod', [service1], dict(ipakrbokasdelegate=True)), + expected=dict( + value=service1, + summary=u'Modified service "%s"' % service1, + result=dict( + usercertificate=[base64.b64decode(servercert)], + krbprincipalname=[service1], + managedby_host=[fqdn1], + ipakrbauthzdata=[u'MS-PAC'], + valid_not_before=fuzzy_date, + valid_not_after=fuzzy_date, + subject=DN(('CN',api.env.host),x509.subject_base()), + serial_number=fuzzy_digits, + serial_number_hex=fuzzy_hex, + md5_fingerprint=fuzzy_hash, + sha1_fingerprint=fuzzy_hash, + issuer=fuzzy_issuer, + krbticketflags=[u'1048704'], + ipakrbokasdelegate=True, + ), + ), + ), + + + dict( + desc='Update %r Kerberos ticket flags with setattr' % service1, + command=('service_mod', [service1], + dict(setattr=[u'krbTicketFlags=1048577'])), + expected=dict( + value=service1, + summary=u'Modified service "%s"' % service1, + result=dict( + usercertificate=[base64.b64decode(servercert)], + krbprincipalname=[service1], + managedby_host=[fqdn1], + ipakrbauthzdata=[u'MS-PAC'], + valid_not_before=fuzzy_date, + valid_not_after=fuzzy_date, + subject=DN(('CN',api.env.host),x509.subject_base()), + serial_number=fuzzy_digits, + serial_number_hex=fuzzy_hex, + md5_fingerprint=fuzzy_hash, + sha1_fingerprint=fuzzy_hash, + issuer=fuzzy_issuer, + krbticketflags=[u'1048577'], + ), + ), + ), + + + dict( + desc='Disable %r OK_AS_DELEGATE Kerberos ticket flag' % service1, + command=('service_mod', [service1], dict(ipakrbokasdelegate=False)), + expected=dict( + value=service1, + summary=u'Modified service "%s"' % service1, + result=dict( + usercertificate=[base64.b64decode(servercert)], + krbprincipalname=[service1], + managedby_host=[fqdn1], + ipakrbauthzdata=[u'MS-PAC'], + valid_not_before=fuzzy_date, + valid_not_after=fuzzy_date, + subject=DN(('CN',api.env.host),x509.subject_base()), + serial_number=fuzzy_digits, + serial_number_hex=fuzzy_hex, + md5_fingerprint=fuzzy_hash, + sha1_fingerprint=fuzzy_hash, + issuer=fuzzy_issuer, + krbticketflags=[u'1'], + ipakrbokasdelegate=False, + ), + ), + ), + + + dict( desc='Delete %r' % service1, command=('service_del', [service1], {}), expected=dict( |