1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
|
# Authors:
# Rob Crittenden <rcritten@redhat.com>
# Filip Skola <fskola@redhat.com>
#
# Copyright (C) 2010 Red Hat
# see file 'COPYING' for use and warranty information
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
Test --setattr and --addattr and other attribute-specific issues
"""
from ipalib import errors
from ipatests.test_xmlrpc.xmlrpc_test import XMLRPC_test, raises_exact
from ipatests.test_xmlrpc.tracker.user_plugin import UserTracker
import pytest
@pytest.fixture(scope='class')
def user(request):
tracker = UserTracker(name=u'user1', givenname=u'Test', sn=u'User1')
return tracker.make_fixture(request)
@pytest.mark.tier1
class TestAttrOnUser(XMLRPC_test):
def test_add_user_with_singlevalue_addattr(self):
""" Try to add a user with single-value attribute
set via option and --addattr """
user = UserTracker(name=u'user', givenname=u'Test', sn=u'User1',
addattr=u'sn=User2')
command = user.make_create_command()
with raises_exact(errors.OnlyOneValueAllowed(attr='sn')):
command()
def test_create_user(self, user):
""" Create a test user """
user.ensure_exists()
def test_change_givenname_add_mail_user(self, user):
""" Change givenname, add mail to user """
user.ensure_exists()
user.update(
dict(setattr=(u'givenname=Finkle', u'mail=test@example.com')),
dict(givenname=[u'Finkle'], mail=[u'test@example.com'], setattr='')
)
def test_add_another_mail_user(self, user):
""" Add another mail to user """
user.ensure_exists()
update = u'test2@example.com'
user.attrs['mail'].append(update)
user.update(dict(addattr='mail='+update),
dict(addattr=''))
def test_add_two_phone_numbers_at_once_user(self, user):
""" Add two phone numbers at once to user """
user.ensure_exists()
update1 = u'410-555-1212'
update2 = u'301-555-1212'
user.update(
dict(setattr=u'telephoneNumber='+update1,
addattr=u'telephoneNumber='+update2),
dict(addattr='', setattr='',
telephonenumber=[update1, update2]))
def test_go_from_two_phone_numbers_to_one(self, user):
""" Go from two phone numbers to one for user """
update = u'301-555-1212'
user.ensure_exists()
user.update(dict(setattr=u'telephoneNumber='+update),
dict(setattr='', telephonenumber=[update]))
def test_add_two_more_phone_numbers(self, user):
""" Add two more phone numbers to user """
user.ensure_exists()
update1 = u'703-555-1212'
update2 = u'202-888-9833'
user.attrs['telephonenumber'].extend([update1, update2])
user.update(dict(addattr=(u'telephoneNumber='+update1,
u'telephoneNumber='+update2)),
dict(addattr=''))
def test_delete_one_phone_number(self, user):
""" Delete one phone number for user """
user.ensure_exists()
update = u'301-555-1212'
user.attrs['telephonenumber'].remove(update)
user.update(dict(delattr=u'telephoneNumber='+update), dict(delattr=''))
def test_delete_the_number_again(self, user):
""" Try deleting the number again for user """
user.ensure_exists()
update = u'301-555-1212'
command = user.make_update_command(
dict(delattr=u'telephoneNumber='+update))
with raises_exact(errors.AttrValueNotFound(
attr=u'telephonenumber', value=update)):
command()
def test_add_and_delete_one_phone_number(self, user):
""" Add and delete one phone number for user """
user.ensure_exists()
update1 = u'202-888-9833'
update2 = u'301-555-1212'
user.attrs['telephonenumber'].remove(update1)
user.attrs['telephonenumber'].append(update2)
user.update(dict(addattr=u'telephoneNumber='+update2,
delattr=u'telephoneNumber='+update1),
dict(addattr='', delattr=''))
def test_add_and_delete_the_same_phone_number(self, user):
""" Add and delete the same phone number for user """
user.ensure_exists()
update1 = u'301-555-1212'
update2 = u'202-888-9833'
user.attrs['telephonenumber'].append(update2)
user.update(dict(addattr=(u'telephoneNumber='+update1,
u'telephoneNumber='+update2),
delattr=u'telephoneNumber='+update1),
dict(addattr='', delattr=''))
def test_set_and_delete_a_phone_number(self, user):
""" Set and delete a phone number for user """
user.ensure_exists()
update1 = u'301-555-1212'
update2 = u'202-888-9833'
user.attrs.update(telephonenumber=[update2])
user.update(dict(setattr=(u'telephoneNumber='+update1,
u'telephoneNumber='+update2),
delattr=u'telephoneNumber='+update1),
dict(setattr='', delattr=''))
def test_set_givenname_to_none_with_setattr(self, user):
""" Try setting givenname to None with setattr in user """
user.ensure_exists()
command = user.make_update_command(dict(setattr=(u'givenname=')))
with raises_exact(errors.RequirementError(name='first')):
command()
def test_set_givenname_to_none_with_option(self, user):
""" Try setting givenname to None with option in user """
user.ensure_exists()
command = user.make_update_command(dict(givenname=None))
with raises_exact(errors.RequirementError(name='first')):
command()
def test_set_givenname_with_option_in_user(self, user):
""" Make sure setting givenname works with option in user """
user.ensure_exists()
user.update(dict(givenname=u'Fred'))
def test_set_givenname_with_setattr_in_user(self, user):
""" Make sure setting givenname works with setattr in user """
user.ensure_exists()
user.update(dict(setattr=u'givenname=Finkle'),
dict(givenname=[u'Finkle'], setattr=''))
def test_remove_empty_location_from_user(self, user):
""" Try to "remove" empty location from user """
user.ensure_exists()
command = user.make_update_command(dict(l=None))
with raises_exact(errors.EmptyModlist()):
command()
def test_lock_user_using_setattr(self, user):
""" Lock user using setattr """
user.ensure_exists()
user.update(dict(setattr=u'nsaccountlock=TrUe'),
dict(nsaccountlock=True, setattr=''))
def test_unlock_user_using_addattr_delattr(self, user):
""" Unlock user using addattr&delattr """
user.ensure_exists()
user.update(dict(addattr=u'nsaccountlock=FaLsE',
delattr=u'nsaccountlock=TRUE'),
dict(addattr='', delattr='', nsaccountlock=False))
@pytest.mark.tier1
class TestAttrOnConfigs(XMLRPC_test):
def test_add_new_group_search_fields_config_entry(self, user):
""" Try adding a new group search fields config entry """
command = user.make_command(
'config_mod', **dict(addattr=u'ipagroupsearchfields=newattr')
)
with raises_exact(errors.OnlyOneValueAllowed(
attr='ipagroupsearchfields')):
command()
def test_add_a_new_cert_subject_base_config_entry(self, user):
""" Try adding a new cert subject base config entry """
command = user.make_command(
'config_mod',
**dict(
addattr=u'ipacertificatesubjectbase=0=DOMAIN.COM')
)
with raises_exact(errors.ValidationError(
name='ipacertificatesubjectbase',
error='attribute is not configurable')):
command()
def test_delete_required_config_entry(self, user):
""" Try deleting a required config entry """
command = user.make_command(
'config_mod',
**dict(delattr=u'ipasearchrecordslimit=100')
)
with raises_exact(errors.RequirementError(
name='searchrecordslimit')):
command()
def test_set_nonexistent_attribute(self, user):
""" Try setting a nonexistent attribute """
command = user.make_command(
'config_mod', **dict(setattr=u'invalid_attr=false')
)
with raises_exact(errors.ObjectclassViolation(
info='attribute "invalid_attr" not allowed')):
command()
def test_set_outofrange_krbpwdmaxfailure(self, user):
""" Try setting out-of-range krbpwdmaxfailure """
command = user.make_command(
'pwpolicy_mod', **dict(setattr=u'krbpwdmaxfailure=-1')
)
with raises_exact(errors.ValidationError(
name='krbpwdmaxfailure', error='must be at least 0')):
command()
def test_set_outofrange_maxfail(self, user):
""" Try setting out-of-range maxfail """
command = user.make_command(
'pwpolicy_mod', **dict(krbpwdmaxfailure=u'-1')
)
with raises_exact(errors.ValidationError(
name='maxfail', error='must be at least 0')):
command()
def test_set_nonnumeric_krbpwdmaxfailure(self, user):
""" Try setting non-numeric krbpwdmaxfailure """
command = user.make_command(
'pwpolicy_mod', **dict(setattr=u'krbpwdmaxfailure=abc')
)
with raises_exact(errors.ConversionError(
name='krbpwdmaxfailure', error='must be an integer')):
command()
def test_set_nonnumeric_maxfail(self, user):
""" Try setting non-numeric maxfail """
command = user.make_command(
'pwpolicy_mod', **dict(krbpwdmaxfailure=u'abc')
)
with raises_exact(errors.ConversionError(
name='maxfail', error='must be an integer')):
command()
def test_delete_bogus_attribute(self, user):
""" Try deleting bogus attribute """
command = user.make_command(
'config_mod', **dict(delattr=u'bogusattribute=xyz')
)
with raises_exact(errors.ValidationError(
name='bogusattribute',
error='No such attribute on this entry')):
command()
def test_delete_empty_attribute(self, user):
""" Try deleting empty attribute """
command = user.make_command(
'config_mod',
**dict(delattr=u'ipaCustomFields=See Also,seealso,false')
)
with raises_exact(errors.ValidationError(
name='ipacustomfields',
error='No such attribute on this entry')):
command()
def test_set_and_del_value_and_del_missing_one(self, user):
""" Set and delete one value, plus try deleting a missing one """
command = user.make_command(
'config_mod', **dict(
delattr=[u'ipaCustomFields=See Also,seealso,false',
u'ipaCustomFields=Country,c,false'],
addattr=u'ipaCustomFields=See Also,seealso,false')
)
with raises_exact(errors.AttrValueNotFound(
attr='ipacustomfields', value='Country,c,false')):
command()
def test_delete_an_operational_attribute_with_delattr(self, user):
""" Try to delete an operational attribute with --delattr """
command = user.make_command(
'config_mod', **dict(
delattr=u'creatorsName=cn=directory manager')
)
with raises_exact(errors.DatabaseError(
desc='Server is unwilling to perform', info='')):
command()
|
