TESTS: Add files provider tests that request a user and group by ID

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>

1 files changed, 91 insertions, 6 deletions

diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py
index b26977e06..e507ea10d 100644
--- a/src/tests/intg/test_files_provider.py
+++ b/src/tests/intg/test_files_provider.py
@@ -29,8 +29,10 @@ import pytest
 import ent
 import sssd_id
 from sssd_nss import NssReturnCode
-from sssd_passwd import call_sssd_getpwnam, call_sssd_enumeration
-from sssd_group import call_sssd_getgrnam
+from sssd_passwd import (call_sssd_getpwnam,
+                         call_sssd_enumeration,
+                         call_sssd_getpwuid)
+from sssd_group import call_sssd_getgrnam, call_sssd_getgrgid
 from files_ops import passwd_ops_setup, group_ops_setup
 from util import unindent
 
@@ -258,6 +260,14 @@ def sssd_getpwnam_sync(name):
     return call_sssd_getpwnam(name)
 
 
+def sssd_getpwuid_sync(uid):
+    ret = poll_canary(call_sssd_getpwnam, CANARY["name"])
+    if ret is False:
+        return NssReturnCode.NOTFOUND, None
+
+    return call_sssd_getpwuid(uid)
+
+
 def sssd_getgrnam_sync(name):
     ret = poll_canary(call_sssd_getgrnam, CANARY_GR["name"])
     if ret is False:
@@ -266,6 +276,14 @@ def sssd_getgrnam_sync(name):
     return call_sssd_getgrnam(name)
 
 
+def sssd_getgrgid_sync(name):
+    ret = poll_canary(call_sssd_getgrnam, CANARY_GR["name"])
+    if ret is False:
+        return NssReturnCode.NOTFOUND, None
+
+    return call_sssd_getgrgid(name)
+
+
 def sssd_id_sync(name):
     sssd_getpwnam_sync(CANARY["name"])
     res, _, groups = sssd_id.get_user_groups(name)
@@ -307,6 +325,15 @@ def check_group(exp_group, delay=1.0):
     assert found_group == exp_group
 
 
+def check_group_by_gid(exp_group, delay=1.0):
+    if delay > 0:
+        time.sleep(delay)
+
+    res, found_group = sssd_getgrgid_sync(exp_group["gid"])
+    assert res == NssReturnCode.SUCCESS
+    assert found_group == exp_group
+
+
 def check_group_list(exp_groups_list):
     for exp_group in exp_groups_list:
         check_group(exp_group)
@@ -349,6 +376,16 @@ def test_getpwnam_after_start(add_user_with_canary, files_domain_only):
     assert user == USER1
 
 
+def test_getpwuid_after_start(add_user_with_canary, files_domain_only):
+    """
+    Test that after startup without any additional operations, a user
+    can be resolved through sssd
+    """
+    res, user = sssd_getpwuid_sync(USER1["uid"])
+    assert res == NssReturnCode.SUCCESS
+    assert user == USER1
+
+
 def test_user_overriden(add_user_with_canary, files_domain_only):
     """
     Test that user override works with files domain only
@@ -373,8 +410,8 @@ def test_group_overriden(add_group_with_canary, files_domain_only):
     """
     # Override
     subprocess.check_call(["sss_override", "group-add", GROUP1["name"],
-                          "-n", OV_GROUP1["name"],
-                          "-g", str(OV_GROUP1["gid"])])
+                           "-n", OV_GROUP1["name"],
+                           "-g", str(OV_GROUP1["gid"])])
 
     restart_sssd()
 
@@ -383,12 +420,20 @@ def test_group_overriden(add_group_with_canary, files_domain_only):
 
 def test_getpwnam_neg(files_domain_only):
     """
-    Test that a nonexistant user cannot be resolved
+    Test that a nonexistant user cannot be resolved by name
     """
     res, _ = call_sssd_getpwnam("nosuchuser")
     assert res == NssReturnCode.NOTFOUND
 
 
+def test_getpwuid_neg(files_domain_only):
+    """
+    Test that a nonexistant user cannot be resolved by UID
+    """
+    res, _ = call_sssd_getpwuid(12345)
+    assert res == NssReturnCode.NOTFOUND
+
+
 def test_root_does_not_resolve(files_domain_only):
     """
     SSSD currently does not resolve the root user even though it can
@@ -401,6 +446,18 @@ def test_root_does_not_resolve(files_domain_only):
     assert res == NssReturnCode.NOTFOUND
 
 
+def test_uid_zero_does_not_resolve(files_domain_only):
+    """
+    SSSD currently does not resolve the UID 0 even though it can
+    be resolved through the NSS interface
+    """
+    nss_root = pwd.getpwuid(0)
+    assert nss_root is not None
+
+    res, _ = call_sssd_getpwuid(0)
+    assert res == NssReturnCode.NOTFOUND
+
+
 def test_add_remove_add_file_user(setup_pw_with_canary, files_domain_only):
     """
     Test that removing a user is detected and the user
@@ -522,11 +579,19 @@ def test_incomplete_user_fail(setup_pw_with_canary, files_domain_only):
 def test_getgrnam_after_start(add_group_with_canary, files_domain_only):
     """
     Test that after startup without any additional operations, a group
-    can be resolved through sssd
+    can be resolved through sssd by name
     """
     check_group(GROUP1)
 
 
+def test_getgrgid_after_start(add_group_with_canary, files_domain_only):
+    """
+    Test that after startup without any additional operations, a group
+    can be resolved through sssd by GID
+    """
+    check_group_by_gid(GROUP1)
+
+
 def test_getgrnam_neg(files_domain_only):
     """
     Test that a nonexistant group cannot be resolved
@@ -535,6 +600,14 @@ def test_getgrnam_neg(files_domain_only):
     assert res == NssReturnCode.NOTFOUND
 
 
+def test_getgrgid_neg(files_domain_only):
+    """
+    Test that a nonexistant group cannot be resolved
+    """
+    res, user = sssd_getgrgid_sync(123456)
+    assert res == NssReturnCode.NOTFOUND
+
+
 def test_root_group_does_not_resolve(files_domain_only):
     """
     SSSD currently does not resolve the root group even though it can
@@ -547,6 +620,18 @@ def test_root_group_does_not_resolve(files_domain_only):
     assert res == NssReturnCode.NOTFOUND
 
 
+def test_gid_zero_does_not_resolve(files_domain_only):
+    """
+    SSSD currently does not resolve the group with GID 0 even though it
+    can be resolved through the NSS interface
+    """
+    nss_root = grp.getgrgid(0)
+    assert nss_root is not None
+
+    res, user = call_sssd_getgrgid(0)
+    assert res == NssReturnCode.NOTFOUND
+
+
 def test_add_remove_add_file_group(setup_gr_with_canary, files_domain_only):
     """
     Test that removing a group is detected and the group