diff options
| author | Ondrej Hamada <ohamada@redhat.com> | 2012-02-07 13:07:09 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-02-08 10:43:25 +0100 |
| commit | 616d543a54833a1fde6b0098d91ac0f4e14f7a57 (patch) | |
| tree | 6b88c2a83ccf1f02c6e1204240105392f396b25f /tests/test_xmlrpc/test_permission_plugin.py | |
| parent | 304b70843a96ce2e4effbc1d45144f79fd761d63 (diff) | |
| download | freeipa-616d543a54833a1fde6b0098d91ac0f4e14f7a57.tar.gz freeipa-616d543a54833a1fde6b0098d91ac0f4e14f7a57.tar.xz freeipa-616d543a54833a1fde6b0098d91ac0f4e14f7a57.zip | |
Memberof attribute control and update
Checking of parameters used by _make_aci funcion was rewritten.
Additional attributes of ACI(type, attribute, memberof, targetgroup,
subtree, filter) could be unset.
Permission plugin now allows to unset memberof value.
https://fedorahosted.org/freeipa/ticket/2255
Added checking of existence of groups that are specified in permission
and delegation module.
https://fedorahosted.org/freeipa/ticket/2286
https://fedorahosted.org/freeipa/ticket/2305
Diffstat (limited to 'tests/test_xmlrpc/test_permission_plugin.py')
| -rw-r--r-- | tests/test_xmlrpc/test_permission_plugin.py | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/tests/test_xmlrpc/test_permission_plugin.py b/tests/test_xmlrpc/test_permission_plugin.py index 50d368197..e8e6bebcd 100644 --- a/tests/test_xmlrpc/test_permission_plugin.py +++ b/tests/test_xmlrpc/test_permission_plugin.py @@ -500,6 +500,16 @@ class test_permission(Declarative): ) ), + dict( + desc='Try to create permission %r with non-existing memberof' % permission1, + command=( + 'permission_add', [permission1], dict( + memberof=u'nonexisting', + permissions=u'write', + ) + ), + expected=errors.NotFound(reason='group not found'), + ), dict( desc='Create memberof permission %r' % permission1, @@ -507,6 +517,7 @@ class test_permission(Declarative): 'permission_add', [permission1], dict( memberof=u'editors', permissions=u'write', + type=u'user', ) ), expected=dict( @@ -518,6 +529,52 @@ class test_permission(Declarative): objectclass=objectclasses.permission, memberof=u'editors', permissions=[u'write'], + type=u'user', + ), + ), + ), + + dict( + desc='Try to update non-existent memberof of %r' % permission1, + command=('permission_mod', [permission1], dict(memberof=u'nonexisting')), + expected=errors.NotFound(reason='group not found'), + ), + + dict( + desc='Update memberof permission %r' % permission1, + command=( + 'permission_mod', [permission1], dict( + memberof=u'admins', + ) + ), + expected=dict( + value=permission1, + summary=u'Modified permission "%s"' % permission1, + result=dict( + dn=lambda x: DN(x) == permission1_dn, + cn=[permission1], + memberof=u'admins', + permissions=[u'write'], + type=u'user', + ), + ), + ), + + dict( + desc='Unset memberof of permission %r' % permission1, + command=( + 'permission_mod', [permission1], dict( + memberof=None, + ) + ), + expected=dict( + summary=u'Modified permission "%s"' % permission1, + value=permission1, + result=dict( + dn=lambda x: DN(x) == permission1_dn, + cn=[permission1], + permissions=[u'write'], + type=u'user', ), ), ), |