Require that hosts be resolvable in DNS. Use --force to ignore warnings.

This also requires a resolvable hostname on services as well. I want
people to think long and hard about adding things that aren't resolvable.

The cert plugin can automatically create services on the user's behalf when
issuing a cert. It will always set the force flag to True.

We use a lot of made-up host names in the test system, all of which require
the force flag now.

ticket #25

7 files changed, 53 insertions, 17 deletions

diff --git a/tests/test_cmdline/test_ipagetkeytab.py b/tests/test_cmdline/test_ipagetkeytab.py
index 5c9d58cd..2c51102e 100644
--- a/tests/test_cmdline/test_ipagetkeytab.py
+++ b/tests/test_cmdline/test_ipagetkeytab.py
@@ -70,7 +70,7 @@ class test_ipagetkeytab(cmdline_test):
         """
         # Create the service
         try:
-            api.Command['host_add'](self.host_fqdn)
+            api.Command['host_add'](self.host_fqdn, force=True)
         except errors.DuplicateEntry:
             # it already exists, no problem
             pass
@@ -93,7 +93,7 @@ class test_ipagetkeytab(cmdline_test):
         """
         # Create the service
         try:
-            api.Command['service_add'](self.service_princ)
+            api.Command['service_add'](self.service_princ, force=True)
         except errors.DuplicateEntry:
             # it already exists, no problem
             pass
diff --git a/tests/test_xmlrpc/test_cert.py b/tests/test_xmlrpc/test_cert.py
index 5d594891..9ea1744a 100644
--- a/tests/test_xmlrpc/test_cert.py
+++ b/tests/test_xmlrpc/test_cert.py
@@ -101,7 +101,7 @@ class test_cert(XMLRPC_test):
         This should fail because the service principal doesn't exist
         """
         # First create the host that will use this policy
-        res = api.Command['host_add'](self.host_fqdn)['result']
+        res = api.Command['host_add'](self.host_fqdn, force= True)['result']
 
         csr = unicode(self.generateCSR(self.subject))
         try:
diff --git a/tests/test_xmlrpc/test_hbac_plugin.py b/tests/test_xmlrpc/test_hbac_plugin.py
index cc6e2f55..d9083741 100644
--- a/tests/test_xmlrpc/test_hbac_plugin.py
+++ b/tests/test_xmlrpc/test_hbac_plugin.py
@@ -149,19 +149,19 @@ class test_hbac(XMLRPC_test):
             self.test_group, description=u'description'
         )
         self.failsafe_add(api.Object.host,
-            self.test_host
+            self.test_host, force=True
         )
         self.failsafe_add(api.Object.hostgroup,
             self.test_hostgroup, description=u'description'
         )
         self.failsafe_add(api.Object.host,
-            self.test_sourcehost
+            self.test_sourcehost, force=True
         )
         self.failsafe_add(api.Object.hostgroup,
             self.test_sourcehostgroup, description=u'desc'
         )
         self.failsafe_add(api.Object.hbacsvc,
-            self.test_service, description=u'desc'
+            self.test_service, description=u'desc', force=True
         )
 
     def test_8_hbac_add_user(self):
diff --git a/tests/test_xmlrpc/test_host_plugin.py b/tests/test_xmlrpc/test_host_plugin.py
index 7ae068c3..8c2224b5 100644
--- a/tests/test_xmlrpc/test_host_plugin.py
+++ b/tests/test_xmlrpc/test_host_plugin.py
@@ -32,12 +32,15 @@ short1 = u'testhost1'
 dn1 = u'fqdn=%s,cn=computers,cn=accounts,%s' % (fqdn1, api.env.basedn)
 service1 = u'dns/%s@%s' % (fqdn1, api.env.realm)
 service1dn = u'krbprincipalname=%s,cn=services,cn=accounts,%s' % (service1.lower(), api.env.basedn)
+fqdn2 = u'shouldnotexist.%s' % api.env.domain
+dn2 = u'fqdn=%s,cn=computers,cn=accounts,%s' % (fqdn2, api.env.basedn)
 
 
 class test_host(Declarative):
 
     cleanup_commands = [
         ('host_del', [fqdn1], {}),
+        ('host_del', [fqdn2], {}),
         ('service_del', [service1], {}),
     ]
 
@@ -70,6 +73,7 @@ class test_host(Declarative):
                 dict(
                     description=u'Test host 1',
                     l=u'Undisclosed location 1',
+                    force=True,
                 ),
             ),
             expected=dict(
@@ -94,6 +98,7 @@ class test_host(Declarative):
                 dict(
                     description=u'Test host 1',
                     localityname=u'Undisclosed location 1',
+                    force=True,
                 ),
             ),
             expected=errors.DuplicateEntry(),
@@ -267,6 +272,7 @@ class test_host(Declarative):
                 dict(
                     description=u'Test host 1',
                     l=u'Undisclosed location 1',
+                    force=True,
                 ),
             ),
             expected=dict(
@@ -286,7 +292,7 @@ class test_host(Declarative):
 
         dict(
             desc='Add a service to host %r' % fqdn1,
-            command=('service_add', [service1], {}),
+            command=('service_add', [service1], {'force': True}),
             expected=dict(
                 value=service1,
                 summary=u'Added service "%s"' % service1,
@@ -321,4 +327,36 @@ class test_host(Declarative):
             ),
         ),
 
+
+        dict(
+            desc='Try to add host not in DNS %r without force' % fqdn2,
+            command=('host_add', [fqdn2], {}),
+            expected=errors.DNSNotARecordError(reason='Host does not have corresponding DNS A record'),
+        ),
+
+
+        dict(
+            desc='Try to add host not in DNS %r with force' % fqdn2,
+            command=('host_add', [fqdn2],
+                dict(
+                    description=u'Test host 2',
+                    l=u'Undisclosed location 2',
+                    force=True,
+                ),
+            ),
+            expected=dict(
+                value=fqdn2,
+                summary=u'Added host "%s"' % fqdn2,
+                result=dict(
+                    dn=dn2,
+                    fqdn=[fqdn2],
+                    description=[u'Test host 2'],
+                    l=[u'Undisclosed location 2'],
+                    krbprincipalname=[u'host/%s@%s' % (fqdn2, api.env.realm)],
+                    objectclass=objectclasses.host,
+                    ipauniqueid=[fuzzy_uuid],
+                ),
+            ),
+        ),
+
     ]
diff --git a/tests/test_xmlrpc/test_hostgroup_plugin.py b/tests/test_xmlrpc/test_hostgroup_plugin.py
index 407d9ba1..70cbe3d4 100644
--- a/tests/test_xmlrpc/test_hostgroup_plugin.py
+++ b/tests/test_xmlrpc/test_hostgroup_plugin.py
@@ -99,6 +99,7 @@ class test_hostgroup(Declarative):
                 dict(
                     description=u'Test host 1',
                     l=u'Undisclosed location 1',
+                    force=True,
                 ),
             ),
             expected=dict(
diff --git a/tests/test_xmlrpc/test_netgroup_plugin.py b/tests/test_xmlrpc/test_netgroup_plugin.py
index 3363883a..3c1fc34d 100644
--- a/tests/test_xmlrpc/test_netgroup_plugin.py
+++ b/tests/test_xmlrpc/test_netgroup_plugin.py
@@ -46,7 +46,7 @@ class test_netgroup(XMLRPC_test):
     host_fqdn = u'ipatesthost.%s' % api.env.domain
     host_description = u'Test host'
     host_localityname = u'Undisclosed location'
-    host_kw = {'fqdn': host_fqdn, 'description': host_description, 'localityname': host_localityname, 'raw': True}
+    host_kw = {'fqdn': host_fqdn, 'description': host_description, 'localityname': host_localityname, 'raw': True, 'force': True}
 
     hg_cn = u'hg1'
     hg_description = u'Netgroup'
diff --git a/tests/test_xmlrpc/test_service_plugin.py b/tests/test_xmlrpc/test_service_plugin.py
index 299c64fc..96827e4c 100644
--- a/tests/test_xmlrpc/test_service_plugin.py
+++ b/tests/test_xmlrpc/test_service_plugin.py
@@ -40,8 +40,8 @@ class test_service(XMLRPC_test):
         """
         Test adding a HTTP principal using the `xmlrpc.service_add` method.
         """
-        self.failsafe_add(api.Object.host, self.host)
-        entry = self.failsafe_add(api.Object.service, self.principal)['result']
+        self.failsafe_add(api.Object.host, self.host, force=True)
+        entry = self.failsafe_add(api.Object.service, self.principal, force=True)['result']
         assert_attr_equal(entry, 'krbprincipalname', self.principal)
         assert_attr_equal(entry, 'objectclass', 'ipaobject')
 
@@ -50,11 +50,6 @@ class test_service(XMLRPC_test):
         Test adding a host principal using `xmlrpc.service_add`. Host
         services are not allowed.
         """
-        # FIXME: Are host principals not allowed still?  Running this test gives
-        # this error:
-        #
-        # NotFound: The host 'ipatest.example.com' does not exist to add a service to.
-
         kw = {'krbprincipalname': self.hostprincipal}
         try:
             api.Command['service_add'](**kw)
@@ -67,7 +62,7 @@ class test_service(XMLRPC_test):
         """
         Test adding a malformed principal ('foo').
         """
-        kw = {'krbprincipalname': u'foo'}
+        kw = {'krbprincipalname': u'foo', 'force': True}
         try:
             api.Command['service_add'](**kw)
         except errors.MalformedServicePrincipal:
@@ -79,7 +74,7 @@ class test_service(XMLRPC_test):
         """
         Test adding a malformed principal ('HTTP/foo@FOO.NET').
         """
-        kw = {'krbprincipalname': u'HTTP/foo@FOO.NET'}
+        kw = {'krbprincipalname': u'HTTP/foo@FOO.NET', 'force': True}
         try:
             api.Command['service_add'](**kw)
         except errors.RealmMismatch:
@@ -115,3 +110,5 @@ class test_service(XMLRPC_test):
             pass
         else:
             assert False
+
+        api.Command['host_del'](self.host)