summaryrefslogtreecommitdiffstats
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* Fix the ipa-ldap-updater tests.Rob Crittenden2010-09-101-2/+1
| | | | | | We dropped the schema for ipaContainer so use nsContainer instead. ticket 121
* Use global time and size limit values when searching.Rob Crittenden2010-08-191-0/+25
| | | | | | Add test to verify that limit is honored and truncated flag set. ticket #48
* Add support for ldap:///self bind rulesRob Crittenden2010-08-191-0/+37
| | | | | | | This is added mainly so the self service rules can be updated without resorting to ldapmodify. ticket 80
* Enable a host to retrieve a keytab for all its services.Rob Crittenden2010-08-162-92/+287
| | | | | | | | | | | | | | | | | | | | | | | | Using the host service principal one should be able to retrieve a keytab for other services for the host using ipa-getkeytab. This required a number of changes: - allow hosts in the service's managedby to write krbPrincipalKey - automatically add the host to managedby when a service is created - fix ipa-getkeytab to return the entire prinicpal and not just the first data element. It was returning "host" from the service tgt and not host/ipa.example.com - fix the display of the managedby attribute in the service plugin This led to a number of changes in the service unit tests. I took the opportunity to switch to the Declarative scheme and tripled the number of tests we were doing. This shed some light on a few bugs in the plugin: - if a service had a bad usercertificate it was impossible to delete the service. I made it a bit more flexible. - I added a summary for the mod and find commands - has_keytab wasn't being set in the find output ticket 68
* Add support for client failover to the ipa command-line.Rob Crittenden2010-08-162-3/+3
| | | | | | | | | | | | This adds a new global option to the ipa command, -f/--no-fallback. If this is included then just the server configured in /etc/ipa/default.conf is used. Otherwise that is tried first then all servers in DNS with the ldap SRV record are tried. Create a new Local() Command class for local-only commands. The help command is one of these. It shouldn't need a remote connection to execute. ticket #15
* Allow decoupling of user-private groups.Rob Crittenden2010-08-101-0/+78
| | | | | | | | | | | To do this we need to break the link manually on both sides, the user and the group. We also have to verify in advance that the user performing this is allowed to do both. Otherwise the user could be decoupled but not the group leaving it in a quasi broken state that only ldapmodify could fix. ticket 75
* Fix user tests to handle managed entriesRob Crittenden2010-08-101-1/+2
| | | | | We now enable managed entries by default and need to account for it in the expected output.
* Check to see if the command is available before running command tests.Rob Crittenden2010-08-062-2/+12
|
* Fix RPC tests. The method comes back as a unicode from xmlrpclib.Rob Crittenden2010-08-061-2/+2
|
* Add optional error message to pattern validatorRob Crittenden2010-08-062-0/+36
| | | | | | | | | The pattern validator by default displays the pattern that is being matched against. This isn't helpful, particularly for very hairy patterns. This adds a new parameter, pattern_errmsg, that is displayed on errors if set. ticket #11
* Skip the i18n test if the test language has not been builtRob Crittenden2010-08-061-0/+6
|
* Require that hosts be resolvable in DNS. Use --force to ignore warnings.Rob Crittenden2010-08-067-17/+53
| | | | | | | | | | | | | This also requires a resolvable hostname on services as well. I want people to think long and hard about adding things that aren't resolvable. The cert plugin can automatically create services on the user's behalf when issuing a cert. It will always set the force flag to True. We use a lot of made-up host names in the test system, all of which require the force flag now. ticket #25
* Fix replacing a certificate in a service.Rob Crittenden2010-08-061-3/+28
| | | | | | | | | | | | When a service has a certificate and the CA backend doesn't support revocation (like selfsign) then we simply drop the old certificate in preparation for adding a new one. We weren't setting the usercertificate attribute to None so there was nothing to do in ldap_update(). Added a test case for this situation to ensure that re-issuing a certificate works. ticket #88
* Add framework for other command-line tests, starting with ipa-getkeytab.Rob Crittenden2010-08-062-0/+210
|
* Fix this test to work from source tree rootRob Crittenden2010-08-061-2/+2
| | | | | | | | It would work if you ran the test from its location in tests/test_ipalib but this isn't the most common method. If you want to run it individually you can do: $ ./make-test tests/test_ipalib/test_text.py
* Drop our own PKCS#10 ASN.1 decoder and use the one from python-nssRob Crittenden2010-07-295-51/+83
| | | | | | | | | | | | | | | This patch: - bumps up the minimum version of python-nss - will initialize NSS with nodb if a CSR is loaded and it isn't already init'd - will shutdown NSS if initialized in the RPC subsystem so we use right db - updated and added a few more tests Relying more on NSS introduces a bit of a problem. For NSS to work you need to have initialized a database (either a real one or no_db). But once you've initialized one and want to use another you have to close down the first one. I've added some code to nsslib.py to do just that. This could potentially have some bad side-effects at some point, it works ok now.
* Add some basic tests for ipalib/x509Rob Crittenden2010-07-291-0/+139
|
* This patch removes the existing UI functionality, as a prep for adding the ↵Adam Young2010-07-292-45/+0
| | | | Javascript based ui.
* Fix netgroup plugin to use correct member attribute names.Rob Crittenden2010-07-151-39/+107
| | | | | | | | | When the netgroup plugin was rebased it ended up using the member attribute for its memberships and not memberuser/memberhost. I also fixed this same attribute problem in the tests and tried to beef them up a little. If nis/schema compat are enabled it will try to compare the generated triplets with a known-good value.
* Add API to delete a service principal key, service-disable.Rob Crittenden2010-07-133-0/+6
| | | | | | | | | | | | I have to do some pretty low-level LDAP work to achieve this. Since we can't read the key using our modlist generator won't work and lots of tricks would be needed to use the LDAPUpdate object in any case. I pulled usercertificate out of the global params and put into each appropriate function because it makes no sense for service-disable. This also adds a new variable, has_keytab, to service/host_show output. This flag tells us whether there is a krbprincipalkey.
* Add test to ensure that a certificate we issue is actually stored properly.Rob Crittenden2010-07-131-2/+32
|
* Change expected aci summary from Updated to Modify in test casesRob Crittenden2010-07-061-4/+4
|
* Fix aci_mod command. It should handle more complex operations now.Rob Crittenden2010-06-241-56/+201
| | | | | | | | | | | The problem was trying to operate directly on the ACI itself. I introduced a new function, _aci_to_kw(), that converts an ACI into a set of keywords. We can take these keywords, like those passed in when an ACI is created, to merge in any changes and then re-create the ACI. I also switched the ACI tests to be declarative and added a lot more cases around the modify operation.
* Add ipaUniqueID to HBAC services and service groupsRob Crittenden2010-05-272-0/+4
| | | | Also fix the memberOf attribute for the HBAC services
* Remove local get_dn() from hbacsvcgroup and add tests for hbacsvcgroupRob Crittenden2010-05-202-0/+259
|
* Use new service schema for HBAC testsRob Crittenden2010-05-171-3/+35
|
* Replace old pwpolicy plugin with new one using baseldap, fix tests.Rob Crittenden2010-05-172-201/+24
| | | | Fix deletion of policy when a group is removed.
* Add new password policy plugin based on baseldap.py classes.root2010-05-051-0/+171
|
* Add weekly periodic schedule to AccessTime param type.root2010-05-041-3/+2
| | | | Fix bug #588414
* Add test cases for AccessTime param and fix some problems in AccessTimeRob Crittenden2010-05-031-0/+40
|
* Add gettext translation test using test language.John Dennis2010-04-161-0/+88
|
* XML-RPC signature changeJason Gerard DeRose2010-03-302-5/+3
|
* Deleting a non-fully-qualified hostname should still delete its servicesRob Crittenden2010-03-302-0/+76
| | | | | We were being left with orphan services if the host entry was not removed using the FQDN.
* Ensure that the group policy priority is unique.Rob Crittenden2010-03-191-8/+35
| | | | | | We use CoS to determine the order in which group policy is applied. The behavior in CoS is undefined for multiple entries with the same cospriority.
* Finish deferred translation mechanismJason Gerard DeRose2010-03-162-15/+126
|
* localize doc stringsJohn Dennis2010-03-084-7/+6
| | | | | | | | | | | | A number of doc strings were not localized, wrap them in _(). Some messages were not localized, wrap them in _() Fix a couple of failing tests: The method name in RPC should not be unicode. The doc attribute must use the .msg attribute for comparison. Also clean up imports of _() The import should come from ipalib or ipalib.text, not ugettext from request.
* Consolidate to single WSGI entry pointJason Gerard DeRose2010-03-011-1/+95
|
* Fix unicode failures in Env tests and dn failures in XML-RPC testsRob Crittenden2010-02-267-44/+45
|
* Make the --all option work in Add/Remove Member commands.Pavel Zuna2010-02-244-6/+34
|
* Translatable Param.label, Param.docJason Gerard DeRose2010-02-241-3/+3
|
* Fix non XML-RPC testsJason Gerard DeRose2010-02-191-8/+13
|
* Use the Output tuple to determine the order of outputRob Crittenden2010-02-1510-86/+112
| | | | | | | | | | | | | | The attributes displayed is now dependant upon their definition in a Param. This enhances that, giving some level of control over how the result is displayed to the user. This also fixes displaying group membership, including failures of adding/removing entries. All tests pass now though there is still one problem. We need to return the dn as well. Once that is fixed we just need to comment out all the dn entries in the tests and they should once again pass.
* Add Object.label class attribute, enable in webUIJason Gerard DeRose2010-02-121-0/+19
|
* Allow one-character Param namesRob Crittenden2010-02-121-4/+0
| | | | This is done explicitly to support the l/localityname attribute.
* Command.output_params not contains params in Command.paramsJason Gerard DeRose2010-02-111-0/+27
|
* Fix the cert plugin testsRob Crittenden2010-02-091-8/+24
| | | | | | | | | These tests rely on the existence of a backend CA. It is easiest to test with a self-signed CA in ~/.ipa so that is what I documented. These tests are skipped if no CA is available. Improved robustness a bit by putting the cleanup as a separate test.
* Add support for the 'no_create', 'no_update', and 'no_search' Param flagsJason Gerard DeRose2010-02-051-3/+5
|
* Remove __public__ and __proxy__ hold-overs from Plugin classJason Gerard DeRose2010-01-283-118/+0
|
* Fixed xmlrpc_test.fuzzy_digits for Fedora12Jason Gerard DeRose2010-01-222-2/+2
|
* Fix backend.Executioner unit test.Pavel Zuna2010-01-131-6/+13
| | | | | | | | | | Before the patch that allows to create unshared instances of Connectible objects, all Connection object were deleted at once in destroy_context(). It made sense at the time, because there was always at most one Connection per Connectible subclass and Connectible.disconnect() was called only internally by the Executioner class. Now that we can make arbitrary connections, it makes more sense to delete the Connection object when Connectible.disconnect() is called.
generated by cgit (git 2.34.1) at 2024-05-19 12:15:57 +0000