summaryrefslogtreecommitdiffstats
path: root/tests/test_xmlrpc/test_netgroup_plugin.py
Commit message (Collapse)AuthorAgeFilesLines
* Suppress managed netgroups from showing as memberof hostgroups.Rob Crittenden2011-08-311-1/+0
| | | | | | | By design these managed netgroups are not supposed to show unless you specifically want to see them. https://fedorahosted.org/freeipa/ticket/1738
* Add netgroup as possible memberOf for hostgroupsRob Crittenden2011-08-291-0/+1
| | | | https://fedorahosted.org/freeipa/ticket/1563
* Change the way has_keytab is determined, also check for password.Rob Crittenden2011-08-241-0/+6
| | | | | | | | | | | | | | | | | | | | We need an indicator to see if a keytab has been set on host and service entries. We also need a way to know if a one-time password is set on a host. This adds an ACI that grants search on userPassword and krbPrincipalKey so we can do an existence search on them. This way we can tell if the attribute is set and create a fake attribute accordingly. When a userPassword is set on a host a keytab is generated against that password so we always set has_keytab to False if a password exists. This is fine because when keytab gets generated for the host the password is removed (hence one-time). This adds has_keytab/has_password to the user, host and service plugins. ticket https://fedorahosted.org/freeipa/ticket/1538
* ticket 1600 - convert unittests to use DN objectsJohn Dennis2011-08-161-14/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have a larger goal of replacing all DN creation via string formatting/concatenation with DN object operations because string operations are not a safe way to form a DN nor to compare a DN. This work needs to be broken into smaller chunks for easier review and testing. Addressing the unit tests first makes sense because we don't want to be modifying both the core code and the tests used to verify the core code simultaneously. If we modify the unittests first with existing core code and no regressions are found then we can move on to modifying parts of the core code with the belief the unittests can validate the changes in the core code. Also by doing the unittests first we also help to validate the DN objects are working correctly (although they do have an extensive unittest). The fundamental changes are: * replace string substitution & concatenation with DN object constructor * when comparing dn's the comparision is done after promotion to a DN object, then two DN objects are compared * when a list of string dn's are to be compared a new list is formed where each string dn is replaced by a DN object * because the unittest framework accepts a complex data structure of expected values where dn's are represeted as strings the unittest needs to express the expected value of a dn as a callable object (e.g. a lambda expression) which promotes the dn string to a DN object in order to do the comparision.
* Optionally wait for 389-ds postop plugins to completeRob Crittenden2011-07-191-0/+8
| | | | | | | | | | | Add a new command that lets you wait for an attribute to appear in a value. Using this you can do things like wait for a managed entry to be created, adding a new objectclass to the parent entry. This is controlled by a new booleon option, wait_for_attr, defaulting to False. https://fedorahosted.org/freeipa/ticket/1144
* Add UID, GID and e-mail to the user default attributes.Rob Crittenden2011-06-081-0/+2
| | | | ticket https://fedorahosted.org/freeipa/ticket/1265
* Change default gecos from uid to first and last name.Rob Crittenden2011-04-051-2/+2
| | | | ticket 1146
* Display the entries that failed when deleting with --continue.Rob Crittenden2011-01-101-1/+1
| | | | | | | | | | | | We collected the failures but didn't report it back. This changes the API of most delete commands so rather than returning a boolean it returns a dict with the only current key as failed. This also adds a new parameter flag, suppress_empty. This will try to not print values that are empty if included. This makes the output of the delete commands a bit prettier. ticket 687
* Change FreeIPA license to GPLv3+Jakub Hrozek2010-12-201-5/+5
| | | | | | | | | | The changes include: * Change license blobs in source files to mention GPLv3+ not GPLv2 only * Add GPLv3+ license text * Package COPYING not LICENSE as the license blobs (even the old ones) mention COPYING specifically, it is also more common, I think https://fedorahosted.org/freeipa/ticket/239
* Fix a slew of tests.Rob Crittenden2010-12-171-0/+6
| | | | | | | - Skip the DNS tests if DNS isn't configured - Add new attributes to user entries (displayname, cn and initials) - Make the nsaccountlock value consistent - Fix the cert subject for cert tests
* Re-implement access control using an updated model.Rob Crittenden2010-12-011-9/+9
| | | | | | | | | | | | | | | | | | | The new model is based on permssions, privileges and roles. Most importantly it corrects the reverse membership that caused problems in the previous implementation. You add permission to privileges and privileges to roles, not the other way around (even though it works that way behind the scenes). A permission object is a combination of a simple group and an aci. The linkage between the aci and the permission is the description of the permission. This shows as the name/description of the aci. ldap:///self and groups granting groups (v1-style) are not supported by this model (it will be provided separately). This makes the aci plugin internal only. ticket 445
* Add managedby to Host entriesRob Crittenden2010-11-191-0/+1
| | | | | | This will allow others to provision on behalf of the host. ticket 280
* Implement nested netgroups and include summaries for the commands.Rob Crittenden2010-10-291-366/+1042
| | | | | | | Replace the existing netgroup test cases with Declarative tests. This triples the number of tests we were doing. ticket 209
* Return reason for failure when updating group membership fails.Rob Crittenden2010-10-281-8/+18
| | | | | | | | | | | We used to return a list of dns that failed to be added. We now return a list of tuples instead. The tuple looks like (dn, reason) where reason is the exception that was returned. Also made the label we use for failures to be singular instead of plural since we now print them out individually instead of as comma-separated. ticket 270
* Require that hosts be resolvable in DNS. Use --force to ignore warnings.Rob Crittenden2010-08-061-1/+1
| | | | | | | | | | | | | This also requires a resolvable hostname on services as well. I want people to think long and hard about adding things that aren't resolvable. The cert plugin can automatically create services on the user's behalf when issuing a cert. It will always set the force flag to True. We use a lot of made-up host names in the test system, all of which require the force flag now. ticket #25
* Fix netgroup plugin to use correct member attribute names.Rob Crittenden2010-07-151-39/+107
| | | | | | | | | When the netgroup plugin was rebased it ended up using the member attribute for its memberships and not memberuser/memberhost. I also fixed this same attribute problem in the tests and tried to beef them up a little. If nis/schema compat are enabled it will try to compare the generated triplets with a known-good value.
* Take 2: Extensible return values and validation; steps toward a single ↵Jason Gerard DeRose2009-12-101-95/+84
| | | | output_for_cli(); enable more webUI stuff
* Fix unit tests for plugins using baseldap classes.Pavel Zuna2009-10-051-52/+69
|
* Add a new objectclass, ipaObject, that will add a UUID to many IPA objectsRob Crittenden2009-08-101-13/+14
| | | | | | | | | ipaObject is defined as an auxiliary objectclass so it is up to the plugin author to ensure that the objectclass is included an a UUID generated. ipaUniqueId is a MUST attribute so if you include the objectclass you must ensure that the uuid is generated. This also fixes up some unrelated unit test failures.
* Fix unit tests to handle new group-{add, del}-member semantics.Pavel Zuna2009-07-021-17/+25
|
* Add unit tests for new plugins.Pavel Zuna2009-07-021-0/+312
|
* Remove unit tests for old plugins.Pavel Zuna2009-07-021-317/+0
|
* Schema change so the nisnetgroup triples work properly.Rob Crittenden2009-05-191-12/+12
| | | | | | If we use cn for hostname there is no easy way to distinguish between a host and a hostgroup. So adding a fqdn attribute to be used to store the hostname instead.
* Add missing attribute to fix netgroups testRob Crittenden2009-05-071-1/+1
|
* Rename errors2.py to errors.py. Modify all affected files.Pavel Zuna2009-04-231-6/+6
|
* Fix remaining issues with XML-RPC test casesRob Crittenden2009-02-041-1/+1
| | | | | | Tied the make-test script into the test target of the top-level Makefile Added code to xmlrpc_test.py so that it configures the API if it isn't already done which enables individual tests to be executed.
* Fixed some of the test_xmlrpc unit testsJason Gerard DeRose2009-02-031-19/+19
|
* Applied Rob's errors patchRob Crittenden2009-02-031-14/+16
|
* Mostly got the test_xmlrpc/ tests working againJason Gerard DeRose2009-02-031-4/+0
|
* Finished reworked cli.CLI class into cli.cli pluginJason Gerard DeRose2009-02-031-1/+0
|
* Initial implementation of netgroupsRob Crittenden2009-01-191-0/+320
generated by cgit (git 2.34.1) at 2024-05-01 10:54:14 +0000