From d66898405b2a38244723555c5d9e1b8510919baa Mon Sep 17 00:00:00 2001 From: Petr Viktorin Date: Thu, 8 Mar 2012 07:55:00 -0500 Subject: Use ipauniqueid for the RDN of sudo commands Since sudo commands are case-sensitive, we can't use 'sudocmd' as the RDN. Tests for case-sensitive behavior included https://fedorahosted.org/freeipa/ticket/2482 --- tests/test_xmlrpc/test_sudocmd_plugin.py | 82 ++++++++++++++++++++++---- tests/test_xmlrpc/test_sudocmdgroup_plugin.py | 85 +++++++++++++++++++++++---- tests/test_xmlrpc/xmlrpc_test.py | 13 ++-- 3 files changed, 152 insertions(+), 28 deletions(-) (limited to 'tests') diff --git a/tests/test_xmlrpc/test_sudocmd_plugin.py b/tests/test_xmlrpc/test_sudocmd_plugin.py index 75b6bbccb..0ea8e10b8 100644 --- a/tests/test_xmlrpc/test_sudocmd_plugin.py +++ b/tests/test_xmlrpc/test_sudocmd_plugin.py @@ -21,18 +21,20 @@ Test the `ipalib/plugins/sudocmd.py` module. """ -from ipalib import api, errors -from tests.test_xmlrpc.xmlrpc_test import Declarative, fuzzy_uuid +from ipalib import errors +from tests.test_xmlrpc.xmlrpc_test import (Declarative, fuzzy_sudocmddn, + fuzzy_uuid) from tests.test_xmlrpc import objectclasses -from ipapython.dn import DN sudocmd1 = u'/usr/bin/sudotestcmd1' +sudocmd1_camelcase = u'/usr/bin/sudoTestCmd1' class test_sudocmd(Declarative): cleanup_commands = [ ('sudocmd_del', [sudocmd1], {}), + ('sudocmd_del', [sudocmd1_camelcase], {}), ] tests = [ @@ -72,8 +74,7 @@ class test_sudocmd(Declarative): value=sudocmd1, summary=u'Added Sudo Command "%s"' % sudocmd1, result=dict( - dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'), - api.env.basedn), + dn=fuzzy_sudocmddn, sudocmd=[sudocmd1], description=[u'Test sudo command 1'], objectclass=objectclasses.sudocmd, @@ -82,6 +83,26 @@ class test_sudocmd(Declarative): ), ), + dict( + desc='Create %r' % sudocmd1_camelcase, + command=('sudocmd_add', [sudocmd1_camelcase], + dict( + description=u'Test sudo command 2', + ), + ), + expected=dict( + value=sudocmd1_camelcase, + summary=u'Added Sudo Command "%s"' % sudocmd1_camelcase, + result=dict( + dn=fuzzy_sudocmddn, + sudocmd=[sudocmd1_camelcase], + description=[u'Test sudo command 2'], + objectclass=objectclasses.sudocmd, + ipauniqueid=[fuzzy_uuid], + ), + ), + ), + dict( desc='Try to create duplicate %r' % sudocmd1, @@ -94,6 +115,17 @@ class test_sudocmd(Declarative): u'name "%s" already exists' % sudocmd1), ), + dict( + desc='Try to create duplicate %r' % sudocmd1_camelcase, + command=('sudocmd_add', [sudocmd1_camelcase], + dict( + description=u'Test sudo command 2', + ), + ), + expected=errors.DuplicateEntry(message=u'sudo command with ' + + u'name "%s" already exists' % sudocmd1_camelcase), + ), + dict( desc='Retrieve %r' % sudocmd1, @@ -102,8 +134,7 @@ class test_sudocmd(Declarative): value=sudocmd1, summary=None, result=dict( - dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'), - api.env.basedn), + dn=fuzzy_sudocmddn, sudocmd=[sudocmd1], description=[u'Test sudo command 1'], ), @@ -120,8 +151,7 @@ class test_sudocmd(Declarative): summary=u'1 Sudo Command matched', result=[ dict( - dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'), - ('cn','sudo'),api.env.basedn), + dn=fuzzy_sudocmddn, sudocmd=[sudocmd1], description=[u'Test sudo command 1'], ), @@ -129,6 +159,23 @@ class test_sudocmd(Declarative): ), ), + dict( + desc='Search for %r' % sudocmd1_camelcase, + command=('sudocmd_find', [sudocmd1_camelcase], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 Sudo Command matched', + result=[ + dict( + dn=fuzzy_sudocmddn, + sudocmd=[sudocmd1_camelcase], + description=[u'Test sudo command 2'], + ), + ], + ), + ), + dict( desc='Update %r' % sudocmd1, @@ -152,8 +199,7 @@ class test_sudocmd(Declarative): value=sudocmd1, summary=None, result=dict( - dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'), - api.env.basedn), + dn=fuzzy_sudocmddn, sudocmd=[sudocmd1], description=[u'Updated sudo command 1'], ), @@ -194,4 +240,18 @@ class test_sudocmd(Declarative): expected=errors.NotFound( reason=u'%s: sudo command not found' % sudocmd1), ), + + dict( + desc='Retrieve %r' % sudocmd1_camelcase, + command=('sudocmd_show', [sudocmd1_camelcase], {}), + expected=dict( + value=sudocmd1_camelcase, + summary=None, + result=dict( + dn=fuzzy_sudocmddn, + sudocmd=[sudocmd1_camelcase], + description=[u'Test sudo command 2'], + ), + ), + ), ] diff --git a/tests/test_xmlrpc/test_sudocmdgroup_plugin.py b/tests/test_xmlrpc/test_sudocmdgroup_plugin.py index b8c15737d..7d688dc32 100644 --- a/tests/test_xmlrpc/test_sudocmdgroup_plugin.py +++ b/tests/test_xmlrpc/test_sudocmdgroup_plugin.py @@ -22,12 +22,13 @@ Test the `ipalib/plugins/sudocmdgroup.py` module. from ipalib import api, errors from tests.test_xmlrpc import objectclasses -from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid +from xmlrpc_test import Declarative, fuzzy_uuid, fuzzy_sudocmddn from ipapython.dn import DN sudocmdgroup1 = u'testsudocmdgroup1' sudocmdgroup2 = u'testsudocmdgroup2' sudocmd1 = u'/usr/bin/sudotestcmd1' +sudocmd1_camelcase = u'/usr/bin/sudoTestCmd1' sudocmd_plus = u'/bin/ls -l /lost+found/*' def create_command(sudocmd): @@ -43,10 +44,8 @@ def create_command(sudocmd): result=dict( objectclass=objectclasses.sudocmd, sudocmd=[sudocmd], - ipauniqueid=[fuzzy_uuid], - description=[u'Test sudo command'], - dn=DN(('sudocmd',sudocmd),('cn','sudocmds'),('cn','sudo'), - api.env.basedn), + ipauniqueid=[fuzzy_uuid], description=[u'Test sudo command'], + dn=fuzzy_sudocmddn, ), ), ) @@ -56,6 +55,7 @@ class test_sudocmdgroup(Declarative): ('sudocmdgroup_del', [sudocmdgroup1], {}), ('sudocmdgroup_del', [sudocmdgroup2], {}), ('sudocmd_del', [sudocmd1], {}), + ('sudocmd_del', [sudocmd1_camelcase], {}), ('sudocmd_del', [sudocmd_plus], {}), ] @@ -76,12 +76,28 @@ class test_sudocmdgroup(Declarative): sudocmd=[u'/usr/bin/sudotestcmd1'], ipauniqueid=[fuzzy_uuid], description=[u'Test sudo command 1'], - dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'), - api.env.basedn), + dn=fuzzy_sudocmddn, ), ), ), + dict( + desc='Create %r' % sudocmd1_camelcase, + command=( + 'sudocmd_add', [], dict(sudocmd=sudocmd1_camelcase, description=u'Test sudo command 2') + ), + expected=dict( + value=sudocmd1_camelcase, + summary=u'Added Sudo Command "%s"' % sudocmd1_camelcase, + result=dict( + objectclass=objectclasses.sudocmd, + sudocmd=[u'/usr/bin/sudoTestCmd1'], + ipauniqueid=[fuzzy_uuid], + description=[u'Test sudo command 2'], + dn=fuzzy_sudocmddn, + ), + ), + ), dict( desc='Verify the managed sudo command %r was created' % sudocmd1, @@ -92,8 +108,7 @@ class test_sudocmdgroup(Declarative): result=dict( sudocmd=[sudocmd1], description=[u'Test sudo command 1'], - dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'), - api.env.basedn), + dn=fuzzy_sudocmddn, ), ), ), @@ -413,11 +428,10 @@ class test_sudocmdgroup(Declarative): value=sudocmd1, summary=None, result=dict( - dn=DN(('sudocmd',sudocmd1),('cn','sudocmds'),('cn','sudo'), - api.env.basedn), + dn=fuzzy_sudocmddn, sudocmd=[sudocmd1], description=[u'Test sudo command 1'], - memberof_sudocmdgroup = [u'testsudocmdgroup1'], + memberof_sudocmdgroup=[u'testsudocmdgroup1'], ), ), ), @@ -445,6 +459,29 @@ class test_sudocmdgroup(Declarative): ), ), + dict( + desc='Add member %r to %r' % (sudocmd1_camelcase, sudocmdgroup1), + command=( + 'sudocmdgroup_add_member', [sudocmdgroup1], + dict(sudocmd=sudocmd1_camelcase) + ), + expected=dict( + completed=1, + failed=dict( + member=dict( + sudocmd=tuple(), + ), + ), + result={ + 'dn': DN(('cn',sudocmdgroup1),('cn','sudocmdgroups'), + ('cn','sudo'),api.env.basedn), + 'member_sudocmd': (sudocmd1, sudocmd1_camelcase), + 'cn': [sudocmdgroup1], + 'description': [u'New desc 1'], + }, + ), + ), + dict( desc='Remove member %r from %r' % (sudocmd1, sudocmdgroup1), command=('sudocmdgroup_remove_member', @@ -459,7 +496,29 @@ class test_sudocmdgroup(Declarative): ), result={ 'dn': DN(('cn',sudocmdgroup1),('cn','sudocmdgroups'), - ('cn','sudo'),api.env.basedn), + ('cn','sudo'),api.env.basedn), + 'member_sudocmd': (sudocmd1_camelcase,), + 'cn': [sudocmdgroup1], + 'description': [u'New desc 1'], + }, + ), + ), + + dict( + desc='Remove member %r from %r' % (sudocmd1_camelcase, sudocmdgroup1), + command=('sudocmdgroup_remove_member', + [sudocmdgroup1], dict(sudocmd=sudocmd1_camelcase) + ), + expected=dict( + completed=1, + failed=dict( + member=dict( + sudocmd=tuple(), + ), + ), + result={ + 'dn': DN(('cn',sudocmdgroup1),('cn','sudocmdgroups'), + ('cn','sudo'),api.env.basedn), 'cn': [sudocmdgroup1], 'description': [u'New desc 1'], }, diff --git a/tests/test_xmlrpc/xmlrpc_test.py b/tests/test_xmlrpc/xmlrpc_test.py index 610fa97c5..0a046b454 100644 --- a/tests/test_xmlrpc/xmlrpc_test.py +++ b/tests/test_xmlrpc/xmlrpc_test.py @@ -35,10 +35,10 @@ from ipalib.x509 import valid_issuer # or `long`? If not, we still need to return them as `unicode` instead of `str`. fuzzy_digits = Fuzzy('^\d+$', type=basestring) +uuid_re = '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + # Matches an ipauniqueid like u'784d85fd-eae7-11de-9d01-54520012478b' -fuzzy_uuid = Fuzzy( - '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$' -) +fuzzy_uuid = Fuzzy('^%s$' % uuid_re) # Matches trusted domain GUID, like u'463bf2be-3456-4a57-979e-120304f2a0eb' fuzzy_guid = fuzzy_uuid @@ -52,7 +52,12 @@ fuzzy_domain_sid = Fuzzy( # Matches netgroup dn. Note (?i) at the beginning of the regexp is the ingnore case flag fuzzy_netgroupdn = Fuzzy( - '(?i)ipauniqueid=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},cn=ng,cn=alt,%s' % api.env.basedn + '(?i)ipauniqueid=%s,cn=ng,cn=alt,%s' % (uuid_re, api.env.basedn) +) + +# Matches sudocmd dn +fuzzy_sudocmddn = Fuzzy( + '(?i)ipauniqueid=%s,cn=sudocmds,cn=sudo,%s' % (uuid_re, api.env.basedn) ) # Matches a hash signature, not enforcing length -- cgit