| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The unlock_principal_password unlocks the (new) user by running
ldappasswd as the user.
change_principal is an context manager that changes identity
for the supplied api object by disconnecting and reconnecting
the rpcclient in and outside of requested kerberos context.
This context manager allows to run tests that cannot be
executed as an admin user which can for example override
an CA ACL.
https://fedorahosted.org/freeipa/ticket/57
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/57
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Also includes basic ACL manipulation and adding
and removing members to/from the acl.
https://fedorahosted.org/freeipa/ticket/57
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The patch implements the tracker for CA ACL feature.
The basic CRUD checkers has been implemented. The methods
for adding and removing the association of the resources
with the ACL do not have the check methods. These will be provided
as a separate test suite.
https://fedorahosted.org/freeipa/ticket/57
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/57
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
| |
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
|
| |
- Allow bytes or str in Fuzzy
- test_util: Fix indices in lists whose elements are unorderable in py3
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Python 3, the base64.b64decode function raises binascii.Error (a ValueError
subclass) when it finds incorrect padding. In Python 2 it raises TypeError.
Callers should usually handle ValueError; unless they are specifically
concerned with handling base64 padding issues).
In some cases, callers should handle ValueError:
- ipalib.pkcs10 (get_friendlyname, load_certificate_request): callers should
handle ValueError
- ipalib.x509 (load_certificate*, get_*): callers should handle ValueError
In other cases ValueError is handled:
- ipalib.parameters
- ipapython.ssh
- ipalib.rpc (json_decode_binary - callers already expect ValueError)
- ipaserver.install.ldapupdate
Elsewhere no error handling is done, because values come from trusted
sources, or are pre-validated:
- vault plugin
- ipaserver.install.cainstance
- ipaserver.install.certs
- ipaserver.install.ipa_otptoken_import
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
|
| |
In some cases replication may take much more time than we expected. This
patch adds explicit cech if DS records has been replicated.
Reviewed-By: Petr Spacek <pspacek@redhat.com>
|
| |
|
|
|
|
|
| |
See https://lintian.debian.org/tags/hyphen-used-as-minus-sign.html for
an explanation.
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/5368
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Option is renamed to be consistent with other options.
Affected tickets:
https://fedorahosted.org/freeipa/ticket/4949
https://fedorahosted.org/freeipa/ticket/4048
https://fedorahosted.org/freeipa/ticket/1930
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Test covers:
https://fedorahosted.org/freeipa/ticket/4949
https://fedorahosted.org/freeipa/ticket/4048
https://fedorahosted.org/freeipa/ticket/1930
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add a customized Custodia daemon and enable it after installation.
Generates server keys and loads them in LDAP autonomously on install
or update.
Provides client code classes too.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
As far as IPA objects are concerned, ID overrides are supposed
to be removed when the respective user/group is removed.
Adds a couple of tests to ensure this behaviour is covered.
https://fedorahosted.org/freeipa/ticket/5322
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
|
| |
|
|
|
|
| |
Mixing tabs and spaces is not allowed in python3
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
|
| |
|
|
| |
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
In Python 2, numbers prfixed with '0' are parsed as octal,
e.g. '020' -> 16. In Python 3, the prefix is '0o'.
Handle the old syntax for IPA's parameter conversion to keep
backwards compatibility.
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
| |
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
- Don't encode under Python 3, where shlex would choke on bytes
- Sort the attrs dictionary in export_to_string, so the tests are
deterministic. (The iteration order of dicts was always unspecified,
but was always the same in practice under CPython 2.)
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
|
| |
Python 3 uses plain function objects instead of unbound methods.
So, what was Class.method.__func__ is now just Class.method.
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Python 3, the variable with the currently handled exception is unset
at the end of the except block. (This is done to break reference
cycles, since exception instances now carry tracebacks, which contain
all locals.)
Fix this in baseldap's error handler.
Use a simpler structure for the ipatests.raises utility that only uses the
exception inside the except block.
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In python 3 , `bytes` has the buffer interface, and `buffer` was removed.
Also, invalid padding in base64-encoded data raises a ValueError rather
than TypeError.
In tests, use pytest.assert_raises for more correct exception assertions.
Also, get rid of unused imports in the tests
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
In Python 3, different types are generally not comparable (except for equality),
and None can't be compared to None.
Fix cases of these comparisons.
In ipatest.util, give up on sorting lists if the sorting raises a TypeError.
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/5302
Reviewed-By: Milan Kubik <mkubik@redhat.com>
|
| |
|
|
|
|
|
|
| |
Simple CI test for vault feature, including testing with replica
Covers https://fedorahosted.org/freeipa/ticket/5302
Reviewed-By: Milan Kubik <mkubik@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Nonexistent domains have to be added/deleted with force
* Warning messages are emitted
* Some error messages have been altered
https://fedorahosted.org/freeipa/ticket/5278
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
| |
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
| |
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Sort out the accepted types.
Handle Python 3's stricter separation between bytes and unicode.
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
In Python 3, the types module no longer provide alternate names for
built-in types, e.g. `types.StringType` can just be spelled `str`.
NoneType is also removed; it needs to be replaced with type(None)
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The StringIO class was moved to the io module.
(In Python 2, io.StringIO is available, but is Unicode-only.)
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
| |
The module was renamed in Python 3.
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
| |
The module is renamed to xmlrpc.client in Python 3.
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
| |
In Python 3, these modules are reorganized.
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In Python 3, integers don't have a maximum. The number called
"sys.maxint" is now "sys.maxsize" (defined as larger than the
largest possible list/string index).
The new spelling is also available in Python 2.7.
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
| |
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
| |
__cmp__ and cmp were removed from Python 3.
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
| |
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
For the duration of the test, makes resolv.conf unmanaged.
If NetworkManager is not running, nothing is changed.
https://fedorahosted.org/freeipa/ticket/5331
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
In FreeIPA CI-tests the install_master task automatically performs kinit after
successfull installation. This may break some backup/restore tests which
perform backup into previously installed IPA master. In this case it is
neccessary to re-kinit after restore.
https://fedorahosted.org/freeipa/ticket/5326
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In beaker lab the situation when master and replica have ip addresses from
different subnets is quite frequent. When a replica has ip from different
subnet than master's, ipa-replica-prepare looks up a proper reverse zone to
add a pointer record, and if it does not find it, it asks a user for permission
to create it automatically. It breaks the tests adding the unexpected input.
The workaround is to always create a reverse zone for a new replica.
Corresponding ticket is https://fedorahosted.org/freeipa/ticket/5306
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
| |
|
|
|
|
|
|
| |
StandardError was removed in Python3 and instead
Exception should be used.
Signed-off-by: Robert Kuska <rkuska@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
|
| |
|
|
| |
Reviewed-By: Milan Kubík <mkubik@redhat.com>
|
| |
|
|
| |
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
| |
|
|
|
|
| |
Under Python 2, "str" and "bytes" are synonyms.
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The six way of doing this is to replace all occurences of "unicode"
with "six.text_type". However, "unicode" is non-ambiguous and
(arguably) easier to read. Also, using it makes the patches smaller,
which should help with backporting.
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
|
| |
|
|
|
| |
Reviewed-By: Lenka Doudova <ldoudova@redhat.com>
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
|
| |
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/57
Reviewed-By: Lenka Doudova <ldoudova@redhat.com>
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
|
| |
|
|
| |
Reviewed-By: Milan Kubík <mkubik@redhat.com>
|
