diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2016-10-31 12:30:34 +0100 |
---|---|---|
committer | Martin Babinsky <mbabinsk@redhat.com> | 2016-11-08 17:02:44 +0100 |
commit | 8480d0e3333f6813439e7b3321a0e33ce80d30f1 (patch) | |
tree | 74fa434b81c33aadc32836cf684e9a8c80b25248 | |
parent | 0c68c27e51c2a30265a760382d7d4fab7d21937b (diff) | |
download | freeipa-8480d0e3333f6813439e7b3321a0e33ce80d30f1.tar.gz freeipa-8480d0e3333f6813439e7b3321a0e33ce80d30f1.tar.xz freeipa-8480d0e3333f6813439e7b3321a0e33ce80d30f1.zip |
Modernize ipa-getkeytab test suite
The test suite is now leveraging host/service tracker objects as test case
fixture, removing much of ad-hoc setup/teardown.
https://fedorahosted.org/freeipa/ticket/6409
Reviewed-By: Simo Sorce <ssorce@redhat.com>
-rw-r--r-- | ipatests/test_cmdline/test_ipagetkeytab.py | 128 | ||||
-rw-r--r-- | ipatests/test_xmlrpc/tracker/service_plugin.py | 4 |
2 files changed, 71 insertions, 61 deletions
diff --git a/ipatests/test_cmdline/test_ipagetkeytab.py b/ipatests/test_cmdline/test_ipagetkeytab.py index b3c8491a1..1f4581a75 100644 --- a/ipatests/test_cmdline/test_ipagetkeytab.py +++ b/ipatests/test_cmdline/test_ipagetkeytab.py @@ -28,10 +28,10 @@ import gssapi import pytest from ipalib import api -from ipalib import errors from ipapython import ipautil, ipaldap from ipaserver.plugins.ldap2 import ldap2 from ipatests.test_cmdline.cmdline import cmdline_test +from ipatests.test_xmlrpc.tracker import host_plugin, service_plugin def use_keytab(principal, keytab): try: @@ -53,104 +53,110 @@ def use_keytab(principal, keytab): shutil.rmtree(tmpdir) +@pytest.fixture(scope='class') +def test_host(request): + host_tracker = host_plugin.HostTracker(u'test-host') + return host_tracker.make_fixture(request) + + +@pytest.fixture(scope='class') +def test_service(request, test_host): + service_tracker = service_plugin.ServiceTracker(u'srv', test_host.name) + test_host.ensure_exists() + return service_tracker.make_fixture(request) + + @pytest.mark.tier0 class test_ipagetkeytab(cmdline_test): """ Test `ipa-getkeytab`. """ command = "ipa-getkeytab" - host_fqdn = u'ipatest.%s' % api.env.domain - service_princ = u'test/%s@%s' % (host_fqdn, api.env.realm) - [keytabfd, keytabname] = tempfile.mkstemp() - os.close(keytabfd) + keytabname = None + + @classmethod + def setup_class(cls): + super(test_ipagetkeytab, cls).setup_class() + + keytabfd, keytabname = tempfile.mkstemp() + + os.close(keytabfd) + os.unlink(keytabname) + + cls.keytabname = keytabname + + @classmethod + def teardown_class(cls): + super(test_ipagetkeytab, cls).teardown_class() - def test_0_setup(self): - """ - Create a host to test against. - """ - # Create the service try: - api.Command['host_add'](self.host_fqdn, force=True) - except errors.DuplicateEntry: - # it already exists, no problem + os.unlink(cls.keytabname) + except OSError: pass - def test_1_run(self): + def run_ipagetkeytab(self, service_principal, raiseonerr=False): + new_args = [self.command, + "-s", api.env.host, + "-p", service_principal, + "-k", self.keytabname] + return ipautil.run( + new_args, + stdin=None, + raiseonerr=raiseonerr, + capture_error=True) + + def test_1_run(self, test_service): """ Create a keytab with `ipa-getkeytab` for a non-existent service. """ - new_args = [self.command, - "-s", api.env.host, - "-p", "test/notfound.example.com", - "-k", self.keytabname, - ] - result = ipautil.run(new_args, stdin=None, raiseonerr=False, - capture_error=True) + test_service.ensure_missing() + result = self.run_ipagetkeytab(test_service.name) err = result.error_output + assert 'Failed to parse result: PrincipalName not found.\n' in err, err rc = result.returncode assert rc > 0, rc - def test_2_run(self): + def test_2_run(self, test_service): """ Create a keytab with `ipa-getkeytab` for an existing service. """ - # Create the service - try: - api.Command['service_add'](self.service_princ, force=True) - except errors.DuplicateEntry: - # it already exists, no problem - pass + test_service.ensure_exists() - os.unlink(self.keytabname) - new_args = [self.command, - "-s", api.env.host, - "-p", self.service_princ, - "-k", self.keytabname, - ] - try: - result = ipautil.run(new_args, None, capture_error=True) - expected = 'Keytab successfully retrieved and stored in: %s\n' % ( - self.keytabname) - assert expected in result.error_output, ( - 'Success message not in output:\n%s' % result.error_output) - except ipautil.CalledProcessError: - assert (False) - - def test_3_use(self): + result = self.run_ipagetkeytab(test_service.name, raiseonerr=True) + expected = 'Keytab successfully retrieved and stored in: %s\n' % ( + self.keytabname) + assert expected in result.error_output, ( + 'Success message not in output:\n%s' % result.error_output) + + def test_3_use(self, test_service): """ Try to use the service keytab. """ - use_keytab(self.service_princ, self.keytabname) + use_keytab(test_service.name, self.keytabname) - def test_4_disable(self): + def test_4_disable(self, test_service): """ Disable a kerberos principal """ + retrieve_cmd = test_service.make_retrieve_command() + result = retrieve_cmd() # Verify that it has a principal key - entry = api.Command['service_show'](self.service_princ)['result'] - assert(entry['has_keytab'] == True) + assert result[u'result'][u'has_keytab'] # Disable it - api.Command['service_disable'](self.service_princ) + disable_cmd = test_service.make_disable_command() + disable_cmd() # Verify that it looks disabled - entry = api.Command['service_show'](self.service_princ)['result'] - assert(entry['has_keytab'] == False) + result = retrieve_cmd() + assert not result[u'result'][u'has_keytab'] - def test_5_use_disabled(self): + def test_5_use_disabled(self, test_service): """ Try to use the disabled keytab """ try: - use_keytab(self.service_princ, self.keytabname) + use_keytab(test_service.name, self.keytabname) except Exception as errmsg: assert('Unable to bind to LDAP. Error initializing principal' in str(errmsg)) - - def test_9_cleanup(self): - """ - Clean up test data - """ - # First create the host that will use this policy - os.unlink(self.keytabname) - api.Command['host_del'](self.host_fqdn) diff --git a/ipatests/test_xmlrpc/tracker/service_plugin.py b/ipatests/test_xmlrpc/tracker/service_plugin.py index 0a90115b3..7e51aca5d 100644 --- a/ipatests/test_xmlrpc/tracker/service_plugin.py +++ b/ipatests/test_xmlrpc/tracker/service_plugin.py @@ -85,6 +85,10 @@ class ServiceTracker(KerberosAliasMixin, Tracker): return self.make_command('service_mod', self.name, **updates) + def make_disable_command(self): + """ make command that disables the service principal """ + return self.make_command('service_disable', self.name) + def create(self, force=True): """Helper function to create an entry and check the result""" self.ensure_missing() |