From 57a9001f8d12a5caec01c628089a4624499b76bc Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Wed, 14 Jul 2010 14:45:15 -0400 Subject: Fix netgroup plugin to use correct member attribute names. When the netgroup plugin was rebased it ended up using the member attribute for its memberships and not memberuser/memberhost. I also fixed this same attribute problem in the tests and tried to beef them up a little. If nis/schema compat are enabled it will try to compare the generated triplets with a known-good value. --- tests/test_xmlrpc/test_netgroup_plugin.py | 146 ++++++++++++++++++++++-------- 1 file changed, 107 insertions(+), 39 deletions(-) (limited to 'tests/test_xmlrpc') diff --git a/tests/test_xmlrpc/test_netgroup_plugin.py b/tests/test_xmlrpc/test_netgroup_plugin.py index 3e98f2654..3363883ae 100644 --- a/tests/test_xmlrpc/test_netgroup_plugin.py +++ b/tests/test_xmlrpc/test_netgroup_plugin.py @@ -22,10 +22,18 @@ Test the `ipalib/plugins/netgroup.py` module. """ import sys +import nose +import krbV from xmlrpc_test import XMLRPC_test, assert_attr_equal, assert_is_member from ipalib import api from ipalib import errors +from ipaserver.plugins.ldap2 import ldap2 +# Global so we can save the value between tests +netgroup_dn = None + +# See if our LDAP server is up and we can talk to it over GSSAPI +ccache = krbV.default_context().default_ccache().name class test_netgroup(XMLRPC_test): """ @@ -40,7 +48,7 @@ class test_netgroup(XMLRPC_test): host_localityname = u'Undisclosed location' host_kw = {'fqdn': host_fqdn, 'description': host_description, 'localityname': host_localityname, 'raw': True} - hg_cn = u'ng1' + hg_cn = u'hg1' hg_description = u'Netgroup' hg_kw = {'cn': hg_cn, 'description': hg_description, 'raw': True} @@ -50,6 +58,13 @@ class test_netgroup(XMLRPC_test): user_home = u'/home/%s' % user_uid user_kw = {'givenname': user_givenname,'sn': user_sn,'uid': user_uid,'homedirectory': user_home, 'raw': True} + # user2 is a member of testgroup + user2_uid = u'pexample' + user2_givenname = u'Pete' + user2_sn = u'Example' + user2_home = u'/home/%s' % user2_uid + user2_kw = {'givenname': user2_givenname,'sn': user2_sn,'uid': user2_uid,'homedirectory': user2_home, 'raw': True} + group_cn = u'testgroup' group_description = u'This is a test' group_kw = {'description': group_description,'cn': group_cn} @@ -81,11 +96,22 @@ class test_netgroup(XMLRPC_test): assert_attr_equal(entry, 'givenname', self.user_givenname) assert_attr_equal(entry, 'uid', self.user_uid) + # Add our second user + entry = api.Command['user_add'](**self.user2_kw)['result'] + assert_attr_equal(entry, 'givenname', self.user2_givenname) + assert_attr_equal(entry, 'uid', self.user2_uid) + # Add a group entry = api.Command['group_add'](**self.group_kw)['result'] assert_attr_equal(entry, 'description', self.group_description) assert_attr_equal(entry, 'cn', self.group_cn) + # Add a user to the group + kw = {'raw': True} + kw['user'] = self.user2_uid + res = api.Command['group_add_member'](self.group_cn, **kw) + assert res['completed'] == 1 + def test_3_netgroup_add_member(self): """ Test the `xmlrpc.netgroup_add_member` method. @@ -93,25 +119,25 @@ class test_netgroup(XMLRPC_test): kw = {'raw': True} kw['host'] = self.host_fqdn entry = api.Command['netgroup_add_member'](self.ng_cn, **kw)['result'] - assert_is_member(entry, 'fqdn=%s' % self.host_fqdn) + assert_is_member(entry, 'fqdn=%s' % self.host_fqdn, 'memberhost') kw = {'raw': True} kw['hostgroup'] = self.hg_cn ret = api.Command['netgroup_add_member'](self.ng_cn, **kw) assert ret['completed'] == 1 - assert_is_member(ret['result'], 'cn=%s' % self.hg_cn) + assert_is_member(ret['result'], 'cn=%s' % self.hg_cn, 'memberhost') kw = {'raw': True} kw['user'] = self.user_uid ret = api.Command['netgroup_add_member'](self.ng_cn, **kw) assert ret['completed'] == 1 - assert_is_member(ret['result'], 'uid=%s' % self.user_uid) + assert_is_member(ret['result'], 'uid=%s' % self.user_uid, 'memberuser') kw = {'raw': True} kw['group'] = self.group_cn ret = api.Command['netgroup_add_member'](self.ng_cn, **kw) assert ret['completed'] == 1 - assert_is_member(ret['result'], 'cn=%s' % self.group_cn) + assert_is_member(ret['result'], 'cn=%s' % self.group_cn, 'memberuser') def test_4_netgroup_add_member(self): """ @@ -122,36 +148,36 @@ class test_netgroup(XMLRPC_test): ret = api.Command['netgroup_add_member'](self.ng_cn, **kw) assert ret['completed'] == 0 failed = ret['failed'] - assert 'member' in failed - assert 'host' in failed['member'] - assert self.host_fqdn in failed['member']['host'] + assert 'memberhost' in failed + assert 'host' in failed['memberhost'] + assert self.host_fqdn in failed['memberhost']['host'] kw = {'raw': True} kw['hostgroup'] = self.hg_cn ret = api.Command['netgroup_add_member'](self.ng_cn, **kw) assert ret['completed'] == 0 failed = ret['failed'] - assert 'member' in failed - assert 'hostgroup' in failed['member'] - assert self.hg_cn in failed['member']['hostgroup'] + assert 'memberhost' in failed + assert 'hostgroup' in failed['memberhost'] + assert self.hg_cn in failed['memberhost']['hostgroup'] kw = {'raw': True} kw['user'] = self.user_uid ret = api.Command['netgroup_add_member'](self.ng_cn, **kw) assert ret['completed'] == 0 failed = ret['failed'] - assert 'member' in failed - assert 'user' in failed['member'] - assert self.user_uid in failed['member']['user'] + assert 'memberuser' in failed + assert 'user' in failed['memberuser'] + assert self.user_uid in failed['memberuser']['user'] kw = {'raw': True} kw['group'] = self.group_cn ret = api.Command['netgroup_add_member'](self.ng_cn, **kw) assert ret['completed'] == 0 failed = ret['failed'] - assert 'member' in failed - assert 'group' in failed['member'] - assert self.group_cn in failed['member']['group'] + assert 'memberuser' in failed + assert 'group' in failed['memberuser'] + assert self.group_cn in failed['memberuser']['group'] def test_5_netgroup_add_member(self): """ @@ -166,28 +192,69 @@ class test_netgroup(XMLRPC_test): def test_6_netgroup_show(self): """ - Test the `xmlrpc.netgroup_show` method. + Test the `xmlrpc.netgroup_show` method with --all. """ entry = api.Command['netgroup_show'](self.ng_cn, all=True, raw=True)['result'] assert_attr_equal(entry, 'description', self.ng_description) assert_attr_equal(entry, 'cn', self.ng_cn) - assert_is_member(entry, 'fqdn=%s' % self.host_fqdn) - assert_is_member(entry, 'cn=%s' % self.hg_cn) - assert_is_member(entry, 'uid=%s' % self.user_uid) - assert_is_member(entry, 'cn=%s' % self.group_cn) + assert_is_member(entry, 'fqdn=%s' % self.host_fqdn, 'memberhost') + assert_is_member(entry, 'cn=%s' % self.hg_cn, 'memberhost') + assert_is_member(entry, 'uid=%s' % self.user_uid, 'memberuser') + assert_is_member(entry, 'cn=%s' % self.group_cn, 'memberuser') assert_attr_equal(entry, 'objectclass', 'ipaobject') + assert_attr_equal(entry, 'objectclass', 'ipanisnetgroup') + assert_attr_equal(entry, 'objectclass', 'ipaassociation') + + def test_6a_netgroup_show(self): + """ + Test the `xmlrpc.netgroup_show` method. + """ + global netgroup_dn + entry = api.Command['netgroup_show'](self.ng_cn, all=False, raw=True)['result'] + assert_attr_equal(entry, 'description', self.ng_description) + assert_attr_equal(entry, 'cn', self.ng_cn) + assert_is_member(entry, 'fqdn=%s' % self.host_fqdn, 'memberhost') + assert_is_member(entry, 'cn=%s' % self.hg_cn, 'memberhost') + assert_is_member(entry, 'uid=%s' % self.user_uid, 'memberuser') + assert_is_member(entry, 'cn=%s' % self.group_cn, 'memberuser') + netgroup_dn = entry['dn'] + + def test_6b_netgroup_show(self): + """ + Confirm the underlying triples + """ + # Do an LDAP query to the compat area and verify that the entry + # is correct + conn = ldap2(shared_instance=False, ldap_uri=api.env.ldap_uri, base_dn=api.env.basedn) + conn.connect(ccache=ccache) + try: + entries = conn.find_entries('cn=%s' % self.ng_cn, + base_dn='cn=ng,cn=compat,%s' % api.env.basedn) + except errors.NotFound: + raise nose.SkipTest('compat and nis are not enabled, skipping test') + finally: + conn.disconnect() + triples = entries[0][0][1]['nisnetgrouptriple'] + + # This may not prove to be reliable since order is not guaranteed + # and even which user gets into which triple can be random. + assert '(nosuchhost,jexample,example.com)' in triples + assert '(ipatesthost.%s,pexample,example.com)' % api.env.domain in triples def test_7_netgroup_find(self): """ - Test the `xmlrpc.hostgroup_find` method. + Test the `xmlrpc.netgroup_find` method. """ - entries = api.Command.netgroup_find(self.ng_cn, raw=True)['result'] + result = api.Command.netgroup_find(self.ng_cn, raw=True) + entries = result['result'] + + assert(result['count'] == 1) assert_attr_equal(entries[0], 'description', self.ng_description) assert_attr_equal(entries[0], 'cn', self.ng_cn) def test_8_netgroup_mod(self): """ - Test the `xmlrpc.hostgroup_mod` method. + Test the `xmlrpc.netgroup_mod` method. """ newdesc = u'Updated host group' modkw = {'cn': self.ng_cn, 'description': newdesc, 'raw': True} @@ -201,7 +268,7 @@ class test_netgroup(XMLRPC_test): def test_9_netgroup_remove_member(self): """ - Test the `xmlrpc.hostgroup_remove_member` method. + Test the `xmlrpc.netgroup_remove_member` method. """ kw = {'raw': True} kw['host'] = self.host_fqdn @@ -232,18 +299,18 @@ class test_netgroup(XMLRPC_test): ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw) assert ret['completed'] == 0 failed = ret['failed'] - assert 'member' in failed - assert 'host' in failed['member'] - assert self.host_fqdn in failed['member']['host'] + assert 'memberhost' in failed + assert 'host' in failed['memberhost'] + assert self.host_fqdn in failed['memberhost']['host'] kw = {'raw': True} kw['hostgroup'] = self.hg_cn ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw) assert ret['completed'] == 0 failed = ret['failed'] - assert 'member' in failed - assert 'hostgroup' in failed['member'] - assert self.hg_cn in failed['member']['hostgroup'] + assert 'memberhost' in failed + assert 'hostgroup' in failed['memberhost'] + assert self.hg_cn in failed['memberhost']['hostgroup'] kw = {'raw': True} kw['user'] = self.user_uid @@ -251,18 +318,18 @@ class test_netgroup(XMLRPC_test): ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw) assert ret['completed'] == 0 failed = ret['failed'] - assert 'member' in failed - assert 'user' in failed['member'] - assert self.user_uid in failed['member']['user'] + assert 'memberuser' in failed + assert 'user' in failed['memberuser'] + assert self.user_uid in failed['memberuser']['user'] kw = {'raw': True} kw['group'] = self.group_cn ret = api.Command['netgroup_remove_member'](self.ng_cn, **kw) assert ret['completed'] == 0 failed = ret['failed'] - assert 'member' in failed - assert 'group' in failed['member'] - assert self.group_cn in failed['member']['group'] + assert 'memberuser' in failed + assert 'group' in failed['memberuser'] + assert self.group_cn in failed['memberuser']['group'] def test_b_netgroup_del(self): """ @@ -304,8 +371,9 @@ class test_netgroup(XMLRPC_test): else: assert False - # Remove the user + # Remove the users assert api.Command['user_del'](self.user_uid)['result'] is True + assert api.Command['user_del'](self.user2_uid)['result'] is True # Verify that it is gone try: -- cgit