From e225ad4341b8f91b0aa3d4be3f93b9082716828e Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Tue, 10 Aug 2010 13:22:50 -0400 Subject: Add support for ldap:///self bind rules This is added mainly so the self service rules can be updated without resorting to ldapmodify. ticket 80 --- tests/test_xmlrpc/test_aci_plugin.py | 37 ++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) (limited to 'tests') diff --git a/tests/test_xmlrpc/test_aci_plugin.py b/tests/test_xmlrpc/test_aci_plugin.py index ddf2ed63..e05e53a5 100644 --- a/tests/test_xmlrpc/test_aci_plugin.py +++ b/tests/test_xmlrpc/test_aci_plugin.py @@ -29,11 +29,14 @@ from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid aci1=u'test1' taskgroup = u'testtaskgroup' +aci2=u'selftest1' + class test_aci(Declarative): cleanup_commands = [ ('aci_del', [aci1], {}), + ('aci_del', [aci2], {}), ] tests = [ @@ -219,4 +222,38 @@ class test_aci(Declarative): ), + dict( + desc='Create %r' % aci2, + command=( + 'aci_add', [aci2], dict(permissions=u'write', attrs=(u'givenName',u'sn',u'cn'), selfaci=True) + ), + expected=dict( + value=aci2, + summary=u'Created ACI "%s"' % aci2, + result=u'(targetattr = "givenName || sn || cn")(version 3.0;acl "selftest1";allow (write) userdn = "ldap:///self";)'), + ), + + + dict( + desc='Update attributes in %r' % aci2, + command=( + 'aci_mod', [aci2], dict(attrs=(u'givenName',u'sn',u'cn',u'uidNumber')) + ), + expected=dict( + value=aci2, + summary=u'Modified ACI "%s"' % aci2, + result=u'(targetattr = "givenName || sn || cn || uidNumber")(version 3.0;acl "selftest1";allow (write) userdn = "ldap:///self";)' + ), + ), + + + dict( + desc='Update self ACI with a taskgroup %r' % aci2, + command=( + 'aci_mod', [aci2], dict(attrs=(u'givenName',u'sn',u'cn',u'uidNumber'), taskgroup=taskgroup) + ), + expected=errors.ValidationError(name='target', error='group, taskgroup and self are mutually exclusive'), + ), + + ] -- cgit