diff options
-rw-r--r-- | ipatests/test_xmlrpc/test_old_permission_plugin.py | 26 | ||||
-rw-r--r-- | ipatests/test_xmlrpc/test_permission_plugin.py | 46 |
2 files changed, 28 insertions, 44 deletions
diff --git a/ipatests/test_xmlrpc/test_old_permission_plugin.py b/ipatests/test_xmlrpc/test_old_permission_plugin.py index 67c0a1c3f..56dd4435c 100644 --- a/ipatests/test_xmlrpc/test_old_permission_plugin.py +++ b/ipatests/test_xmlrpc/test_old_permission_plugin.py @@ -554,31 +554,19 @@ class test_old_permission(Declarative): # This tests setting truncated to True in the post_callback of # permission_find(). The return order in LDAP is not guaranteed - # but in practice this is the first entry it finds. This is subject - # to change. + # so do not check the actual entry. dict( desc='Search for permissions by attr with a limit of 1 (truncated)', - command=('permission_find', [], dict(attrs=u'ipaenabledflag', - sizelimit=1)), + command=('permission_find', [u'Modify'], + dict(attrs=u'ipaenabledflag', sizelimit=1)), expected=dict( count=1, truncated=True, summary=u'1 permission matched', - result=[ - { - 'dn': DN(('cn', 'Modify HBAC rule'), - api.env.container_permission, api.env.basedn), - 'cn': [u'Modify HBAC rule'], - 'objectclass': objectclasses.permission, - 'member_privilege': [u'HBAC Administrator'], - 'memberindirect_role': [u'IT Security Specialist'], - 'permissions' : [u'write'], - 'attrs': [u'servicecategory', u'sourcehostcategory', u'cn', u'description', u'ipaenabledflag', u'accesstime', u'usercategory', u'hostcategory', u'accessruletype', u'sourcehost'], - 'ipapermbindruletype': [u'permission'], - 'ipapermtarget': [DN('ipauniqueid=*', hbac_dn)], - 'subtree': u'ldap:///%s' % api.env.basedn, - }, - ], + result=[lambda res: + DN(res['dn']).endswith(DN(api.env.container_permission, + api.env.basedn)) and + 'ipapermission' in res['objectclass']], ), ), diff --git a/ipatests/test_xmlrpc/test_permission_plugin.py b/ipatests/test_xmlrpc/test_permission_plugin.py index 251305e80..5f305aa54 100644 --- a/ipatests/test_xmlrpc/test_permission_plugin.py +++ b/ipatests/test_xmlrpc/test_permission_plugin.py @@ -836,36 +836,19 @@ class test_permission(Declarative): # This tests setting truncated to True in the post_callback of # permission_find(). The return order in LDAP is not guaranteed - # but in practice this is the first entry it finds. This is subject - # to change. + # so do not check the actual entry. dict( desc='Search for permissions by attr with a limit of 1 (truncated)', - command=('permission_find', [], dict(attrs=u'ipaenabledflag', - sizelimit=1)), + command=('permission_find', [u'Modify'], + dict(attrs=u'ipaenabledflag', sizelimit=1)), expected=dict( count=1, truncated=True, summary=u'1 permission matched', - result=[ - { - 'dn': DN(('cn', 'Modify HBAC rule'), - api.env.container_permission, api.env.basedn), - 'cn': [u'Modify HBAC rule'], - 'objectclass': objectclasses.permission, - 'member_privilege': [u'HBAC Administrator'], - 'memberindirect_role': [u'IT Security Specialist'], - 'ipapermright' : [u'write'], - 'attrs': [u'servicecategory', u'sourcehostcategory', - u'cn', u'description', u'ipaenabledflag', - u'accesstime', u'usercategory', - u'hostcategory', u'accessruletype', - u'sourcehost'], - 'ipapermtarget': [DN(('ipauniqueid', '*'), - ('cn', 'hbac'), api.env.basedn)], - 'ipapermbindruletype': [u'permission'], - 'ipapermlocation': [api.env.basedn], - }, - ], + result=[lambda res: + DN(res['dn']).endswith(DN(api.env.container_permission, + api.env.basedn)) and + 'ipapermission' in res['objectclass']], ), ), @@ -2830,7 +2813,8 @@ class test_permission_bindtype(Declarative): dict( desc='Search for %r using --bindtype' % permission1, - command=('permission_find', [], {'ipapermbindruletype': u'all'}), + command=('permission_find', [permission1], + {'ipapermbindruletype': u'all'}), expected=dict( count=1, truncated=False, @@ -2851,6 +2835,18 @@ class test_permission_bindtype(Declarative): ), dict( + desc='Search for %r using bad --bindtype' % permission1, + command=('permission_find', [permission1], + {'ipapermbindruletype': u'anonymous'}), + expected=dict( + count=0, + truncated=False, + summary=u'0 permissions matched', + result=[], + ), + ), + + dict( desc='Add zero permissions to %r' % (privilege1), command=('privilege_add_permission', [privilege1], {}), expected=dict( |