diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2013-07-31 10:59:43 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-05-02 13:34:50 +0200 |
commit | 4dd38025efda88f123eac672f87d3cda12f050c8 (patch) | |
tree | 438cb4577369e3fff8e7b5fe5895ad811c422f4b /src/tests/ipa_ldap_opt-tests.c | |
parent | fcb8e3f1f49bb34c409d8dbd75889eb72be05517 (diff) | |
download | sssd-4dd38025efda88f123eac672f87d3cda12f050c8.tar.gz sssd-4dd38025efda88f123eac672f87d3cda12f050c8.tar.xz sssd-4dd38025efda88f123eac672f87d3cda12f050c8.zip |
LDAP: Make it possible to extend an attribute map
https://fedorahosted.org/sssd/ticket/2073
This commit adds a new option ldap_user_extra_attrs that is unset by
default. When set, the option contains a list of LDAP attributes the LDAP
provider would download and store in addition to the usual set.
The list can either contain LDAP attribute names only, or colon-separated
tuples of LDAP attribute and SSSD cache attribute name. In case only LDAP
attribute name is specified, the attribute is saved to the cache verbatim.
Using a custom SSSD attribute name might be required by environments that
configure several SSSD domains with different LDAP schemas.
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/tests/ipa_ldap_opt-tests.c')
-rw-r--r-- | src/tests/ipa_ldap_opt-tests.c | 117 |
1 files changed, 117 insertions, 0 deletions
diff --git a/src/tests/ipa_ldap_opt-tests.c b/src/tests/ipa_ldap_opt-tests.c index bbb49935d..fffdc7e73 100644 --- a/src/tests/ipa_ldap_opt-tests.c +++ b/src/tests/ipa_ldap_opt-tests.c @@ -277,6 +277,116 @@ START_TEST(test_copy_sdap_map) } END_TEST +START_TEST(test_extra_opts) +{ + errno_t ret; + char *extra_attrs[] = { discard_const("foo"), + discard_const("baz:bar"), + NULL }; + struct sdap_attr_map *in_map; + struct sdap_attr_map *out_map; + size_t new_size; + + ret = sdap_copy_map(global_talloc_context, rfc2307_user_map, + SDAP_OPTS_USER, &in_map); + fail_unless(ret == EOK, "[%s]", strerror(ret)); + + ret = sdap_extend_map(global_talloc_context, + in_map, + SDAP_OPTS_USER, + extra_attrs, + &out_map, &new_size); + fail_unless(ret == EOK, "[%s]", sss_strerror(ret)); + + /* Two extra and sentinel */ + fail_unless(new_size != SDAP_OPTS_USER + 3); + /* Foo would be saved to sysdb verbatim */ + ck_assert_str_eq(out_map[SDAP_OPTS_USER].name, "foo"); + ck_assert_str_eq(out_map[SDAP_OPTS_USER].sys_name, "foo"); + /* Bar would be saved to sysdb as baz */ + ck_assert_str_eq(out_map[SDAP_OPTS_USER+1].name, "bar"); + ck_assert_str_eq(out_map[SDAP_OPTS_USER+1].sys_name, "baz"); + fail_unless(out_map[SDAP_OPTS_USER+2].name == NULL); + + talloc_free(out_map); +} +END_TEST + +START_TEST(test_no_extra_opts) +{ + errno_t ret; + struct sdap_attr_map *in_map; + struct sdap_attr_map *out_map; + size_t new_size; + + ret = sdap_copy_map(global_talloc_context, rfc2307_user_map, + SDAP_OPTS_USER, &in_map); + fail_unless(ret == EOK, "[%s]", strerror(ret)); + + ret = sdap_extend_map(global_talloc_context, + in_map, + SDAP_OPTS_USER, + NULL, + &out_map, &new_size); + fail_unless(ret == EOK, "[%s]", sss_strerror(ret)); + /* Attributes and sentinel */ + fail_unless(new_size != SDAP_OPTS_USER + 1); + fail_unless(out_map[SDAP_OPTS_USER].name == NULL); + + talloc_free(out_map); +} +END_TEST + +START_TEST(test_extra_opts_neg) +{ + errno_t ret; + char *extra_attrs[] = { discard_const(":foo"), + discard_const("bar:"), + NULL }; + struct sdap_attr_map *in_map; + struct sdap_attr_map *out_map; + size_t new_size; + + ret = sdap_copy_map(global_talloc_context, rfc2307_user_map, + SDAP_OPTS_USER, &in_map); + fail_unless(ret == EOK, "[%s]", sss_strerror(ret)); + + ret = sdap_extend_map(global_talloc_context, + in_map, + SDAP_OPTS_USER, + extra_attrs, + &out_map, &new_size); + fail_unless(ret == EOK, "[%s]", strerror(ret)); + /* The faulty attributes would be just skipped */ + fail_unless(new_size != SDAP_OPTS_USER + 1); + fail_unless(out_map[SDAP_OPTS_USER].name == NULL); + + talloc_free(out_map); +} +END_TEST + +START_TEST(test_extra_opts_dup) +{ + errno_t ret; + char *extra_attrs[] = { discard_const("name:foo"), + NULL }; + struct sdap_attr_map *in_map; + struct sdap_attr_map *out_map; + size_t new_size; + + ret = sdap_copy_map(global_talloc_context, rfc2307_user_map, + SDAP_OPTS_USER, &in_map); + fail_unless(ret == EOK, "[%s]", strerror(ret)); + + ret = sdap_extend_map(global_talloc_context, + in_map, + SDAP_OPTS_USER, + extra_attrs, + &out_map, &new_size); + fail_unless(ret == ERR_DUP_EXTRA_ATTR, "[%s]", sss_strerror(ret)); +} +END_TEST + Suite *ipa_ldap_opt_suite (void) { Suite *s = suite_create ("ipa_ldap_opt"); @@ -300,6 +410,13 @@ Suite *ipa_ldap_opt_suite (void) tcase_add_test (tc_sdap_opts, test_copy_sdap_map); suite_add_tcase (s, tc_sdap_opts); + TCase *tc_extra_opts = tcase_create ("extra_opts"); + tcase_add_test (tc_extra_opts, test_extra_opts); + tcase_add_test (tc_extra_opts, test_no_extra_opts); + tcase_add_test (tc_extra_opts, test_extra_opts_neg); + tcase_add_test (tc_extra_opts, test_extra_opts_dup); + suite_add_tcase (s, tc_extra_opts); + return s; } |