diff options
author | Tomas Babej <tbabej@redhat.com> | 2013-02-11 10:19:53 +0100 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2013-02-19 16:56:46 -0500 |
commit | 5b64cde92a84c2e8ad2f99fd139fa5d13598b096 (patch) | |
tree | 74e4af133106b4e2e55ef3a2258bf62c4837c656 /tests | |
parent | 462beacc9d13968128fa320d155016df2d72a20a (diff) | |
download | freeipa.git-5b64cde92a84c2e8ad2f99fd139fa5d13598b096.tar.gz freeipa.git-5b64cde92a84c2e8ad2f99fd139fa5d13598b096.tar.xz freeipa.git-5b64cde92a84c2e8ad2f99fd139fa5d13598b096.zip |
Prevent changing protected group's name using --setattr
The name of any protected group now cannot be changed by modifing
the cn attribute using --setattr. Unit tests have been added to
make sure there is no regression.
https://fedorahosted.org/freeipa/ticket/3354
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_xmlrpc/test_group_plugin.py | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/tests/test_xmlrpc/test_group_plugin.py b/tests/test_xmlrpc/test_group_plugin.py index a74a5e4c..2d6d2014 100644 --- a/tests/test_xmlrpc/test_group_plugin.py +++ b/tests/test_xmlrpc/test_group_plugin.py @@ -879,6 +879,13 @@ class test_group(Declarative): ), dict( + desc='Try to rename the admins group via setattr', + command=('group_mod', [u'admins'], {'setattr': u'cn=loosers'}), + expected=errors.ProtectedEntryError(label=u'group', + key='admins', reason='Cannot be renamed'), + ), + + dict( desc='Try to modify the admins group to support external membership', command=('group_mod', [u'admins'], dict(external=True)), expected=errors.ProtectedEntryError(label=u'group', @@ -900,6 +907,14 @@ class test_group(Declarative): ), dict( + desc='Try to rename the trust admins group via setattr', + command=('group_mod', [u'trust admins'], {'setattr': u'cn=loosers'}), + expected=errors.ProtectedEntryError(label=u'group', + key='trust admins', reason='Cannot be renamed'), + ), + + + dict( desc='Try to modify the trust admins group to support external membership', command=('group_mod', [u'trust admins'], dict(external=True)), expected=errors.ProtectedEntryError(label=u'group', |