diff options
author | Rob Crittenden <rcritten@redhat.com> | 2011-02-23 10:43:40 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-03-03 11:02:02 -0500 |
commit | f476c097d2ac5f0270ea3207955cd7184ffb9e1d (patch) | |
tree | a303189340b1ae907ae2fd826907ede7010b4d53 | |
parent | f785af4efea088466f8ec2259c79640b9f94e542 (diff) | |
download | freeipa-f476c097d2ac5f0270ea3207955cd7184ffb9e1d.tar.gz freeipa-f476c097d2ac5f0270ea3207955cd7184ffb9e1d.tar.xz freeipa-f476c097d2ac5f0270ea3207955cd7184ffb9e1d.zip |
Replace only if old and new have nothing in common
Jakub did the initial diagnosis of this, I added a fix for removing
the last entry when removing members and a test case.
ticket 1000
-rw-r--r-- | ipaserver/plugins/ldap2.py | 2 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_replace.py | 204 |
2 files changed, 205 insertions, 1 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 568792d1b..ebbca60e5 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -798,7 +798,7 @@ class ldap2(CrudBackend, Encoder): force_replace = False if k in self._FORCE_REPLACE_ON_UPDATE_ATTRS or is_single_value: force_replace = True - elif len(adds) == 1 and len(rems) == 1: + elif len(v) > 0 and len(v.intersection(old_v)) == 0: force_replace = True if adds: diff --git a/tests/test_xmlrpc/test_replace.py b/tests/test_xmlrpc/test_replace.py new file mode 100644 index 000000000..715a8661c --- /dev/null +++ b/tests/test_xmlrpc/test_replace.py @@ -0,0 +1,204 @@ +# Authors: +# Rob Crittenden <rcritten@redhat.com> +# +# Copyright (C) 2011 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +""" +Test the modlist replace logic. Some attributes require a MOD_REPLACE +while others are fine using ADD/DELETE. + +Note that member management in other tests also exercises the +gen_modlist code. +""" + +from ipalib import api, errors +from tests.test_xmlrpc import objectclasses +from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid + + +user_memberof = (u'cn=ipausers,cn=groups,cn=accounts,%s' % api.env.basedn,) +user1=u'tuser1' + + +class test_attr(Declarative): + + cleanup_commands = [ + ('user_del', [user1], {}), + ] + + tests = [ + + dict( + desc='Create %r with 2 e-mail accounts' % user1, + command=( + 'user_add', [user1], dict(givenname=u'Test', sn=u'User1', + mail=[u'test1@example.com', u'test2@example.com']) + ), + expected=dict( + value=user1, + summary=u'Added user "tuser1"', + result=dict( + gecos=[user1], + givenname=[u'Test'], + homedirectory=[u'/home/tuser1'], + krbprincipalname=[u'tuser1@' + api.env.realm], + loginshell=[u'/bin/sh'], + objectclass=objectclasses.user, + sn=[u'User1'], + uid=[user1], + uidnumber=[fuzzy_digits], + displayname=[u'Test User1'], + cn=[u'Test User1'], + initials=[u'TU'], + mail=[u'test1@example.com', u'test2@example.com'], + ipauniqueid=[fuzzy_uuid], + dn=u'uid=tuser1,cn=users,cn=accounts,' + api.env.basedn, + ), + ), + ), + + + dict( + desc='Drop one e-mail account, add another to %r' % user1, + command=( + 'user_mod', [user1], dict(mail=[u'test1@example.com', u'test3@example.com']) + ), + expected=dict( + result=dict( + givenname=[u'Test'], + homedirectory=[u'/home/tuser1'], + loginshell=[u'/bin/sh'], + sn=[u'User1'], + uid=[user1], + mail=[u'test1@example.com', u'test3@example.com'], + memberof_group=[u'ipausers'], + nsaccountlock=[u'False'], + ), + summary=u'Modified user "tuser1"', + value=user1, + ), + ), + + + dict( + desc='Set mail to a new single value %r' % user1, + command=( + 'user_mod', [user1], dict(mail=u'test4@example.com') + ), + expected=dict( + result=dict( + givenname=[u'Test'], + homedirectory=[u'/home/tuser1'], + loginshell=[u'/bin/sh'], + sn=[u'User1'], + uid=[user1], + mail=[u'test4@example.com'], + memberof_group=[u'ipausers'], + nsaccountlock=[u'False'], + ), + summary=u'Modified user "tuser1"', + value=user1, + ), + ), + + + dict( + desc='Set mail to three new values %r' % user1, + command=( + 'user_mod', [user1], dict(mail=[u'test5@example.com', u'test6@example.com', u'test7@example.com']) + ), + expected=dict( + result=dict( + givenname=[u'Test'], + homedirectory=[u'/home/tuser1'], + loginshell=[u'/bin/sh'], + sn=[u'User1'], + uid=[user1], + mail=[u'test6@example.com', u'test7@example.com', u'test5@example.com'], + memberof_group=[u'ipausers'], + nsaccountlock=[u'False'], + ), + summary=u'Modified user "tuser1"', + value=user1, + ), + ), + + + dict( + desc='Remove all mail values %r' % user1, + command=( + 'user_mod', [user1], dict(mail=u'') + ), + expected=dict( + result=dict( + givenname=[u'Test'], + homedirectory=[u'/home/tuser1'], + loginshell=[u'/bin/sh'], + sn=[u'User1'], + uid=[user1], + memberof_group=[u'ipausers'], + nsaccountlock=[u'False'], + ), + summary=u'Modified user "tuser1"', + value=user1, + ), + ), + + + dict( + desc='Ensure single-value mods work too, replace initials %r' % user1, + command=( + 'user_mod', [user1], dict(initials=u'ABC') + ), + expected=dict( + result=dict( + givenname=[u'Test'], + homedirectory=[u'/home/tuser1'], + loginshell=[u'/bin/sh'], + sn=[u'User1'], + uid=[user1], + initials=[u'ABC'], + memberof_group=[u'ipausers'], + nsaccountlock=[u'False'], + ), + summary=u'Modified user "tuser1"', + value=user1, + ), + ), + + + dict( + desc='Drop a single-value attribute %r' % user1, + command=( + 'user_mod', [user1], dict(initials=u'') + ), + expected=dict( + result=dict( + givenname=[u'Test'], + homedirectory=[u'/home/tuser1'], + loginshell=[u'/bin/sh'], + sn=[u'User1'], + uid=[user1], + memberof_group=[u'ipausers'], + nsaccountlock=[u'False'], + ), + summary=u'Modified user "tuser1"', + value=user1, + ), + ), + + ] |