freeipa.git/ipatests, branch pwdpolicy FreeIPA patches User Tracker: Test to create user with minimal values 2017-01-19T16:39:08+00:00 Ganna Kaihorodova gkaihoro@redhat.com 2016-12-08T14:08:41+00:00 91c050b4e093802d8c6b510a22d6e435faba965f Test to create user with minimal values, where uid is not specified https://fedorahosted.org/freeipa/ticket/6126 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com> Reviewed-By: Milan Kubik <mkubik@redhat.com> Reviewed-By: Lenka Doudova <ldoudova@redhat.com> 
Test to create user with minimal values, where uid is not specified

https://fedorahosted.org/freeipa/ticket/6126

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Reviewed-By: Milan Kubik <mkubik@redhat.com>
Reviewed-By: Lenka Doudova <ldoudova@redhat.com>
User Tracker: creation of user with minimal values 2017-01-19T16:39:08+00:00 Ganna Kaihorodova gkaihoro@redhat.com 2016-12-08T14:06:36+00:00 fa7aaef1de2c97ac9d24925ca9adb25c7151055f Fix provide possibility to create user-add test with minimal values, where uid is not specified, to provide better coverage. Also provide check for non-empty unicode string for attributes required in init method https://fedorahosted.org/freeipa/ticket/6126 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com> Reviewed-By: Milan Kubik <mkubik@redhat.com> Reviewed-By: Lenka Doudova <ldoudova@redhat.com> 
Fix provide possibility to create user-add test with minimal values,
where uid is not specified, to provide better coverage. Also provide
check for non-empty unicode string for attributes required in init method

https://fedorahosted.org/freeipa/ticket/6126

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Reviewed-By: Milan Kubik <mkubik@redhat.com>
Reviewed-By: Lenka Doudova <ldoudova@redhat.com>
Stage User: Test to create stage user with minimal values 2017-01-19T16:36:46+00:00 Ganna Kaihorodova gkaihoro@redhat.com 2016-12-12T13:11:52+00:00 c391f6ba58a61e046e49e1b4526b62d7ce250301 Test to create stage user with minimal values, where uid is not specified https://fedorahosted.org/freeipa/ticket/6448 Reviewed-By: Lenka Doudova <ldoudova@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com> 
Test to create stage user with minimal values, where uid is not specified

https://fedorahosted.org/freeipa/ticket/6448

Reviewed-By: Lenka Doudova <ldoudova@redhat.com>
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Tests: Stage User Tracker implementation 2017-01-19T16:36:46+00:00 Ganna Kaihorodova gkaihoro@redhat.com 2016-11-02T14:02:30+00:00 a336de630e9d1ef95a507cc3ee9200c001ab9193 Fix provide possibility of creation stage user with minimal values, with uid not specified and check for non-empty unicode string for attributes requested in init method https://fedorahosted.org/freeipa/ticket/6448 Reviewed-By: Lenka Doudova <ldoudova@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com> 
Fix provide possibility of creation stage user with minimal values,
with uid not specified and check for non-empty unicode string
for attributes requested in init method

https://fedorahosted.org/freeipa/ticket/6448

Reviewed-By: Lenka Doudova <ldoudova@redhat.com>
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Tests: Add tree root domain role in legacy client tests 2017-01-18T15:40:28+00:00 Ganna Kaihorodova gkaihoro@redhat.com 2017-01-10T14:17:40+00:00 822a119100f8ab93aacdb14b982609f1dc69531d Legacy client tests inherits test cases from trust tests, that have role for tree root domain. That role was missing in legacy client tests. https://fedorahosted.org/freeipa/ticket/6600 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com> 
Legacy client tests inherits test cases from trust tests, that have
role for tree root domain. That role was missing in legacy client tests.

https://fedorahosted.org/freeipa/ticket/6600

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
pytest: set rules to find test files and functions 2017-01-12T10:17:54+00:00 Christian Heimes cheimes@redhat.com 2017-01-05T18:29:22+00:00 68cb4d2b0f6b28f20513371e46b279d80c0b3070 1e06a5195bafe0224d77371987f2509f5508ca2f removed pytest.ini. Without the ini file, pytest 3.x has suboptimal settings and no longer picks up all test functions and test files. Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Milan Kubik <mkubik@redhat.com> 
1e06a5195bafe0224d77371987f2509f5508ca2f removed pytest.ini. Without the
ini file, pytest 3.x has suboptimal settings and no longer picks up all
test functions and test files.

Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Milan Kubik <mkubik@redhat.com>
Generate sha256 ssh pubkey fingerprints for hosts 2017-01-12T10:09:46+00:00 Stanislav Laznicka slaznick@redhat.com 2016-12-12T15:59:48+00:00 721105c53de6fbc0abc7799ec7f48920e02089bd Replace md5 with sha256 for host ssh pubkey fingerprints https://fedorahosted.org/freeipa/ticket/5695 Reviewed-By: Christian Heimes <cheimes@redhat.com> 
Replace md5 with sha256 for host ssh pubkey fingerprints

https://fedorahosted.org/freeipa/ticket/5695

Reviewed-By: Christian Heimes <cheimes@redhat.com>
Use pytest conftest.py and drop pytest.ini 2017-01-05T16:37:02+00:00 Christian Heimes cheimes@redhat.com 2017-01-03T17:04:53+00:00 1e06a5195bafe0224d77371987f2509f5508ca2f Let's replace some ugly hacks with proper pytest conftest.py hooks. Test initialization of ipalib.api is now handled in pytest_cmdline_main(). Pytest plugins, markers and ignores are also moved into conftest.py. Additional guards make it possible to run tests without ipaserver installed. I added confcutdir to ensure that pytest does not leave our project space. Pytest used pytest.ini or setup.py before but pytest.ini is gone. Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Milan Kubik <mkubik@redhat.com> 
Let's replace some ugly hacks with proper pytest conftest.py hooks.
Test initialization of ipalib.api is now handled in
pytest_cmdline_main(). Pytest plugins, markers and ignores are also
moved into conftest.py. Additional guards make it possible to run tests
without ipaserver installed.

I added confcutdir to ensure that pytest does not leave our project
space. Pytest used pytest.ini or setup.py before but pytest.ini is gone.

Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Milan Kubik <mkubik@redhat.com>
Catch ValueError raised by pytest.config.getoption() 2017-01-05T16:35:33+00:00 Christian Heimes cheimes@redhat.com 2017-01-03T17:08:05+00:00 3387734e6c6d47a756b5e914e7e515d2610a424f pytest.config.getoption() can raise ValueError for unknown options, too. Reviewed-By: Milan Kubik <mkubik@redhat.com> 
pytest.config.getoption() can raise ValueError for unknown options, too.

Reviewed-By: Milan Kubik <mkubik@redhat.com>
Remove "Request Certificate with SubjectAltName" permission 2016-12-21T16:04:18+00:00 Fraser Tweedale ftweedal@redhat.com 2016-12-01T04:28:03+00:00 bdbb1c34a2f5ef864cd3a943dcd047cde20de681 subjectAltName is required or relevant in most certificate use cases (esp. TLS, where carrying DNS name in Subject DN CN attribute is deprecated). Therefore it does not really make sense to have a special permission for this, over and above "request certificate" permission. Furthermore, we already do rigorously validate SAN contents again the subject principal, and the permission is waived for self-service requests or if the operator is a host principal. So remove the permission, the associated virtual operation, and the associated code in cert_request. Fixes: https://fedorahosted.org/freeipa/ticket/6526 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com> 
subjectAltName is required or relevant in most certificate use cases
(esp. TLS, where carrying DNS name in Subject DN CN attribute is
deprecated).  Therefore it does not really make sense to have a
special permission for this, over and above "request certificate"
permission.

Furthermore, we already do rigorously validate SAN contents again
the subject principal, and the permission is waived for self-service
requests or if the operator is a host principal.

So remove the permission, the associated virtual operation, and the
associated code in cert_request.

Fixes: https://fedorahosted.org/freeipa/ticket/6526
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>