certprofile: add tests for config profileId scenarios

Update the certprofile tests to cover the various scenarios concerning the profileId property in the profile configuration. The scenarios now explicitly tested are: - profileId not specified (should succeed) - mismatched profileId property (should fail) - multiple profileId properties (should fail) - one profileId property, matching given ID (should succeed) https://pagure.io/freeipa/issue/7503 Reviewed-By: Rob Crittenden <rcritten@redhat.com>
author: Fraser Tweedale <ftweedal@redhat.com> 2018-04-18 19:35:49 +1000
committer: Rob Crittenden <rcritten@redhat.com> 2018-04-19 08:57:53 -0400
commit: 0f8593354d8008a501a6e7fa5f142d970face65a (patch)
tree: b9ef8485d42d9f103593dc97d4517b2d5969db49
parent: a7b18372ed0f6be95e382194ad599b8a35113351 (diff)
download: freeipa-0f8593354d8008a501a6e7fa5f142d970face65a.tar.gz
freeipa-0f8593354d8008a501a6e7fa5f142d970face65a.tar.xz
freeipa-0f8593354d8008a501a6e7fa5f142d970face65a.zip
3 files changed, 42 insertions, 3 deletions
diff --git a/ipatests/test_xmlrpc/data/caIPAserviceCert_mod.cfg.tmpl b/ipatests/test_xmlrpc/data/caIPAserviceCert_mod.cfg.tmpl
index cff154462..f9e8ce441 100644
--- a/ipatests/test_xmlrpc/data/caIPAserviceCert_mod.cfg.tmpl
+++ b/ipatests/test_xmlrpc/data/caIPAserviceCert_mod.cfg.tmpl
@@ -1,6 +1,5 @@
 auth.instance_id=raCertAuth
 classId=caEnrollImpl
-profileId=caIPAserviceCert_mod
 visible=false
 desc=This certificate profile is for enrolling server certificates with IPA-RA agent authentication.
 enable=true
diff --git a/ipatests/test_xmlrpc/test_certprofile_plugin.py b/ipatests/test_xmlrpc/test_certprofile_plugin.py
index 1b3edda89..7cefd0a8d 100644
--- a/ipatests/test_xmlrpc/test_certprofile_plugin.py
+++ b/ipatests/test_xmlrpc/test_certprofile_plugin.py
@@ -222,3 +222,36 @@ class TestImportFromXML(XMLRPC_test):
     def test_import_xml(self, xmlprofile):
         with pytest.raises(errors.ExecutionError):
             xmlprofile.ensure_exists()
+
+
+# The initial user_profile configuration does not specify profileId.
+# This is fine (it gets derived from the profile-id CLI argument),
+# but this case was already tested in TestProfileCRUD.
+#
+# This test case tests various scenarios where the profileId *is*
+# specified in the profile configuration.  These are:
+#
+# - mismatched profileId property (should fail)
+# - multiple profileId properties (should fail)
+# - one profileId property, matching given ID (should succeed)
+#
+@pytest.mark.tier1
+class TestImportProfileIdHandling(XMLRPC_test):
+    def test_import_with_mismatched_profile_id(self, user_profile):
+        command = user_profile.make_create_command(
+            extra_lines=['profileId=bogus']
+        )
+        with pytest.raises(errors.ValidationError):
+            command()
+
+    def test_import_with_multiple_profile_id(self, user_profile):
+        # correct profile id, but two occurrences
+        prop = u'profileId={}'.format(user_profile.name)
+        command = user_profile.make_create_command(extra_lines=[prop, prop])
+        with pytest.raises(errors.ValidationError):
+            command()
+
+    def test_import_with_correct_profile_id(self, user_profile):
+        prop = u'profileId={}'.format(user_profile.name)
+        command = user_profile.make_create_command(extra_lines=[prop])
+        command()
diff --git a/ipatests/test_xmlrpc/tracker/certprofile_plugin.py b/ipatests/test_xmlrpc/tracker/certprofile_plugin.py
index d9aa30202..a573c2288 100644
--- a/ipatests/test_xmlrpc/tracker/certprofile_plugin.py
+++ b/ipatests/test_xmlrpc/tracker/certprofile_plugin.py
@@ -57,7 +57,14 @@ class CertprofileTracker(Tracker):
             content = f.read()
         return unicode(content)
 
-    def make_create_command(self):
+    def make_create_command(self, extra_lines=None):
+        """
+        :param extra_lines: list of extra lines to append to profile config.
+
+        """
+        if extra_lines is None:
+            extra_lines = []
+
         if not self.profile:
             raise RuntimeError('Tracker object without path to profile '
                                'cannot be used to create profile entry.')
@@ -65,7 +72,7 @@ class CertprofileTracker(Tracker):
         return self.make_command('certprofile_import', self.name,
                                  description=self.description,
                                  ipacertprofilestoreissued=self.store,
-                                 file=self.profile)
+                                 file=u'\n'.join([self.profile] + extra_lines))
 
     def check_create(self, result):
         assert_deepequal(dict(
author	Fraser Tweedale <ftweedal@redhat.com>	2018-04-18 19:35:49 +1000
committer	Rob Crittenden <rcritten@redhat.com>	2018-04-19 08:57:53 -0400
commit	0f8593354d8008a501a6e7fa5f142d970face65a (patch)
tree	b9ef8485d42d9f103593dc97d4517b2d5969db49
parent	a7b18372ed0f6be95e382194ad599b8a35113351 (diff)
download	freeipa-0f8593354d8008a501a6e7fa5f142d970face65a.tar.gz freeipa-0f8593354d8008a501a6e7fa5f142d970face65a.tar.xz freeipa-0f8593354d8008a501a6e7fa5f142d970face65a.zip