diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-11-21 16:18:27 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-11-21 16:18:27 -0500 |
| commit | 119281156097a9da659ce5a7c06f0d517994781c (patch) | |
| tree | a92b2d2526608902740cc5ca2b410fb3e8f69559 | |
| parent | 8eb9e6fe1b01faa875dcf91b618ad4cd7793438a (diff) | |
| download | krb5-119281156097a9da659ce5a7c06f0d517994781c.tar.gz krb5-119281156097a9da659ce5a7c06f0d517994781c.tar.xz krb5-119281156097a9da659ce5a7c06f0d517994781c.zip | |
Add another kadmin ACL test for backreferences
Add a test using backreferences which don't correspond directly to
principal components, to verify that *N refers to the Nth wildcard and
not the Nth component.
| -rw-r--r-- | src/tests/t_kadmin_acl.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/tests/t_kadmin_acl.py b/src/tests/t_kadmin_acl.py index 32e57b8965..c4b8465d8d 100644 --- a/src/tests/t_kadmin_acl.py +++ b/src/tests/t_kadmin_acl.py @@ -40,6 +40,7 @@ wctarget = make_client('wctarget') admin = make_client('user/admin') none = make_client('none') restrictions = make_client('restrictions') +onetwothreefour = make_client('one/two/three/four') realm.run_kadminl('addpol -minlife "1 day" minlife') @@ -64,6 +65,7 @@ restricted_modify im * +preauth restricted_rename ad * +preauth */* d *2/*1 +*/two/*/* d *3/*1/*2 */admin a wctarget a wild/* restrictions a type1 -policy minlife @@ -328,6 +330,10 @@ if 'Principal "admin/user@KRBTEST.COM" deleted.' not in out: out = kadmin_as(admin, 'delprinc -force none') if 'Operation requires' not in out: fail('delprinc failure (wildcard backreferences not matched)') +realm.addprinc('four/one/three', 'pw') +out = kadmin_as(onetwothreefour, 'delprinc -force four/one/three') +if 'Principal "four/one/three@KRBTEST.COM" deleted.' not in out: + fail('delprinc success (wildcard backreferences 2)') kadmin_as(restrictions, 'addprinc -pw pw type1') out = realm.run_kadminl('getprinc type1') |