diff options
Diffstat (limited to 'tests/test_xmlrpc')
-rw-r--r-- | tests/test_xmlrpc/objectclasses.py | 10 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_aci_plugin.py | 321 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_group_plugin.py | 11 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_netgroup_plugin.py | 18 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_permission_plugin.py | 400 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_privilege_plugin.py | 365 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_role_plugin.py | 566 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_rolegroup_plugin.py | 467 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_sudocmdgroup_plugin.py | 2 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_taskgroup_plugin.py | 496 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_user_plugin.py | 4 |
11 files changed, 1350 insertions, 1310 deletions
diff --git a/tests/test_xmlrpc/objectclasses.py b/tests/test_xmlrpc/objectclasses.py index 8aa0b0d9b..54c8c280e 100644 --- a/tests/test_xmlrpc/objectclasses.py +++ b/tests/test_xmlrpc/objectclasses.py @@ -61,13 +61,19 @@ hostgroup = [ u'top', ] -rolegroup = [ +role = [ u'groupofnames', u'nestedgroup', u'top', ] -taskgroup = [ +permission = [ + u'groupofnames', + u'top' +] + +privilege = [ + u'nestedgroup', u'groupofnames', u'top' ] diff --git a/tests/test_xmlrpc/test_aci_plugin.py b/tests/test_xmlrpc/test_aci_plugin.py deleted file mode 100644 index c287a4349..000000000 --- a/tests/test_xmlrpc/test_aci_plugin.py +++ /dev/null @@ -1,321 +0,0 @@ -# Authors: -# Rob Crittenden <rcritten@redhat.com> -# -# Copyright (C) 2010 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -""" -Test the `ipalib/plugins/aci.py` module. -""" - -from ipalib import api, errors -from tests.test_xmlrpc import objectclasses -from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid - - -aci1=u'test1' -taskgroup = u'testtaskgroup' - -aci2=u'selftest1' - - -class test_aci(Declarative): - - cleanup_commands = [ - ('aci_del', [aci1], {}), - ('aci_del', [aci2], {}), - ] - - tests = [ - - dict( - desc='Try to retrieve non-existent %r' % aci1, - command=('aci_show', [aci1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to update non-existent %r' % aci1, - command=('aci_mod', [aci1], dict(permissions=u'write')), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to delete non-existent %r' % aci1, - command=('aci_del', [aci1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Create %r' % aci1, - command=( - 'aci_add', [aci1], dict(permissions=u'add', type=u'user', taskgroup=taskgroup) - ), - expected=dict( - value=aci1, - summary=u'Created ACI "%s"' % aci1, - result=dict( - aciname=u'%s' % aci1, - type=u'user', - taskgroup=u'%s' % taskgroup, - permissions=[u'add'], - ), - ), - ), - - - dict( - desc='Try to create duplicate %r' % aci1, - command=( - 'aci_add', [aci1], dict(permissions=u'add', type=u'user', taskgroup=taskgroup) - ), - expected=errors.DuplicateEntry(), - ), - - - dict( - desc='Retrieve %r' % aci1, - command=( - 'aci_show', [aci1], {} - ), - expected=dict( - value=aci1, - summary=None, - result=dict( - aciname=u'%s' % aci1, - type=u'user', - taskgroup=u'%s' % taskgroup, - permissions=[u'add'], - ), - ), - ), - - - dict( - desc='Search for %r with all=True' % aci1, - command=( - 'aci_find', [aci1], {'all': True} - ), - expected=dict( - result=[ - dict( - aciname=u'%s' % aci1, - type=u'user', - taskgroup=u'%s' % taskgroup, - permissions=[u'add'], - ), - ], - summary=u'1 ACI matched', - count=1, - truncated=False, - ), - ), - - - dict( - desc='Search for %r with minimal attributes' % aci1, - command=( - 'aci_find', [aci1], {} - ), - expected=dict( - result=[ - dict( - aciname=u'%s' % aci1, - type=u'user', - taskgroup=u'%s' % taskgroup, - permissions=[u'add'], - ), - ], - summary=u'1 ACI matched', - count=1, - truncated=False, - ), - ), - - - dict( - desc='Update permissions in %r' % aci1, - command=( - 'aci_mod', [aci1], dict(permissions=u'add,write') - ), - expected=dict( - value=aci1, - summary=u'Modified ACI "%s"' % aci1, - result=dict( - aciname=u'%s' % aci1, - type=u'user', - taskgroup=u'%s' % taskgroup, - permissions=[u'add', u'write'], - ), - ), - ), - - - dict( - desc='Retrieve %r to verify update' % aci1, - command=('aci_show', [aci1], {}), - expected=dict( - value=aci1, - summary=None, - result=dict( - aciname=u'%s' % aci1, - type=u'user', - taskgroup=u'%s' % taskgroup, - permissions=[u'add', u'write'], - ), - ), - - ), - - dict( - desc='Update attributes in %r' % aci1, - command=( - 'aci_mod', [aci1], dict(attrs=u'cn, sn,givenName') - ), - expected=dict( - value=aci1, - summary=u'Modified ACI "%s"' % aci1, - result=dict( - aciname=u'%s' % aci1, - attrs=[u'cn', u'sn', u'givenName'], - type=u'user', - taskgroup=u'%s' % taskgroup, - permissions=[u'add', u'write'], - ), - ), - ), - - - dict( - desc='Update type in %r' % aci1, - command=( - 'aci_mod', [aci1], dict(type=u'group') - ), - expected=dict( - value=aci1, - summary=u'Modified ACI "%s"' % aci1, - result=dict( - aciname=u'%s' % aci1, - attrs=[u'cn', u'sn', u'givenName'], - type=u'group', - taskgroup=u'%s' % taskgroup, - permissions=[u'add', u'write'], - ), - ), - ), - - - dict( - desc='Update memberOf in %r' % aci1, - command=( - 'aci_mod', [aci1], dict(memberof=u'ipausers') - ), - expected=dict( - value=aci1, - summary=u'Modified ACI "%s"' % aci1, - result=dict( - aciname=u'%s' % aci1, - taskgroup=u'%s' % taskgroup, - filter=u'(memberOf=cn=%s,cn=taskgroups,cn=accounts,%s)' % (taskgroup, api.env.basedn), - attrs=[u'cn', u'sn', u'givenName'], - type=u'group', - permissions=[u'add', u'write'], - ), - ), - ), - - - dict( - desc='Delete %r' % aci1, - command=('aci_del', [aci1], {}), - expected=dict( - result=True, - summary=u'Deleted ACI "%s"' % aci1, - value=aci1, - ), - ), - - - dict( - desc='Try to delete non-existent %r' % aci1, - command=('aci_del', [aci1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to retrieve non-existent %r' % aci1, - command=('aci_show', [aci1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to update non-existent %r' % aci1, - command=('aci_mod', [aci1], dict(givenname=u'Foo')), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Create %r' % aci2, - command=( - 'aci_add', [aci2], dict(permissions=u'write', attrs=(u'givenName',u'sn',u'cn'), selfaci=True) - ), - expected=dict( - value=aci2, - summary=u'Created ACI "%s"' % aci2, - result=dict( - selfaci=True, - aciname=u'%s' % aci2, - attrs=[u'givenName', u'sn', u'cn'], - permissions=[u'write'], - ), - ), - ), - - - dict( - desc='Update attributes in %r' % aci2, - command=( - 'aci_mod', [aci2], dict(attrs=(u'givenName',u'sn',u'cn',u'uidNumber')) - ), - expected=dict( - value=aci2, - summary=u'Modified ACI "%s"' % aci2, - result=dict( - selfaci=True, - aciname=u'%s' % aci2, - attrs=[u'givenName', u'sn', u'cn', u'uidNumber'], - permissions=[u'write'], - ), - ), - ), - - - dict( - desc='Update self ACI with a taskgroup %r' % aci2, - command=( - 'aci_mod', [aci2], dict(attrs=(u'givenName',u'sn',u'cn',u'uidNumber'), taskgroup=taskgroup) - ), - expected=errors.ValidationError(name='target', error='group, taskgroup and self are mutually exclusive'), - ), - - - ] diff --git a/tests/test_xmlrpc/test_group_plugin.py b/tests/test_xmlrpc/test_group_plugin.py index 3ec17b30e..acfaa6c45 100644 --- a/tests/test_xmlrpc/test_group_plugin.py +++ b/tests/test_xmlrpc/test_group_plugin.py @@ -31,7 +31,6 @@ renamedgroup1 = u'testgroup' user1 = u'tuser1' invalidgroup1=u'+tgroup1' -invalidgroup2=u'tgroup1234567890123456789012345678901234567890' class test_group(Declarative): @@ -335,8 +334,6 @@ class test_group(Declarative): 'gidnumber': [fuzzy_digits], 'cn': [u'admins'], 'description': [u'Account administrators group'], - 'memberof_rolegroup': [u'hostadmin', u'replicaadmin'], - 'memberof_taskgroup': [u'addhosts', u'removehosts', u'modifyhosts', u'manage_host_keytab', u'enroll_host', u'managereplica', u'deletereplica'], }, { 'dn': u'cn=ipausers,cn=groups,cn=accounts,%s' % api.env.basedn, @@ -449,7 +446,7 @@ class test_group(Declarative): completed=0, failed=dict( member=dict( - group=[(u'notfound', u'This entry is not a member of the group')], + group=[(u'notfound', u'This entry is not a member')], user=tuple(), ), ), @@ -569,12 +566,6 @@ class test_group(Declarative): ), - dict( - desc='Test a group name that is too long %r' % invalidgroup2, - command=('group_add', [invalidgroup2], dict(description=u'Test')), - expected=errors.ValidationError(name='cn', error='can be at most 33 characters'), - ), - ##### managed entry tests dict( desc='Create %r' % user1, diff --git a/tests/test_xmlrpc/test_netgroup_plugin.py b/tests/test_xmlrpc/test_netgroup_plugin.py index 4c3aeafc0..f5b4f1e1f 100644 --- a/tests/test_xmlrpc/test_netgroup_plugin.py +++ b/tests/test_xmlrpc/test_netgroup_plugin.py @@ -495,7 +495,7 @@ class test_netgroup(Declarative): ), memberuser=dict( group=tuple(), - user=[('%s' % user1, u'This entry is already a member of the group')], + user=[('%s' % user1, u'This entry is already a member')], ), memberhost=dict( hostgroup=tuple(), @@ -528,7 +528,7 @@ class test_netgroup(Declarative): netgroup=tuple(), ), memberuser=dict( - group=[('%s' % group1, u'This entry is already a member of the group')], + group=[('%s' % group1, u'This entry is already a member')], user=tuple(), ), memberhost=dict( @@ -568,7 +568,7 @@ class test_netgroup(Declarative): ), memberhost=dict( hostgroup=tuple(), - host=[('%s' % host1, u'This entry is already a member of the group')], + host=[('%s' % host1, u'This entry is already a member')], ), ), result={ @@ -602,7 +602,7 @@ class test_netgroup(Declarative): user=tuple(), ), memberhost=dict( - hostgroup=[('%s' % hostgroup1, u'This entry is already a member of the group')], + hostgroup=[('%s' % hostgroup1, u'This entry is already a member')], host=tuple(), ), ), @@ -907,7 +907,7 @@ class test_netgroup(Declarative): ), memberhost=dict( hostgroup=tuple(), - host=[('%s' % host1, u'This entry is not a member of the group')] + host=[('%s' % host1, u'This entry is not a member')] ), ), result={ @@ -937,7 +937,7 @@ class test_netgroup(Declarative): user=tuple(), ), memberhost=dict( - hostgroup=[('%s' % hostgroup1, u'This entry is not a member of the group')], + hostgroup=[('%s' % hostgroup1, u'This entry is not a member')], host=tuple(), ), ), @@ -965,7 +965,7 @@ class test_netgroup(Declarative): ), memberuser=dict( group=tuple(), - user=[('%s' % user1, u'This entry is not a member of the group')], + user=[('%s' % user1, u'This entry is not a member')], ), memberhost=dict( hostgroup=tuple(), @@ -995,7 +995,7 @@ class test_netgroup(Declarative): netgroup=tuple(), ), memberuser=dict( - group= [('%s' % group1, u'This entry is not a member of the group')], + group= [('%s' % group1, u'This entry is not a member')], user=tuple(), ), memberhost=dict( @@ -1023,7 +1023,7 @@ class test_netgroup(Declarative): completed=0, failed=dict( member=dict( - netgroup=[('%s' % netgroup2, u'This entry is not a member of the group')], + netgroup=[('%s' % netgroup2, u'This entry is not a member')], ), memberuser=dict( group=tuple(), diff --git a/tests/test_xmlrpc/test_permission_plugin.py b/tests/test_xmlrpc/test_permission_plugin.py new file mode 100644 index 000000000..46c312545 --- /dev/null +++ b/tests/test_xmlrpc/test_permission_plugin.py @@ -0,0 +1,400 @@ +# Authors: +# Rob Crittenden <rcritten@redhat.com> +# Pavel Zuna <pzuna@redhat.com> +# +# Copyright (C) 2010 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +""" +Test the `ipalib/plugins/permission.py` module. +""" + +from ipalib import api, errors +from tests.test_xmlrpc import objectclasses +from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid + +permission1 = u'testperm' +permission1_dn = u'cn=%s,%s,%s' % (permission1, + api.env.container_permission,api.env.basedn, +) + + +permission2 = u'testperm2' +permission2_dn = u'cn=%s,%s,%s' % (permission2, + api.env.container_permission,api.env.basedn, +) + +privilege1 = u'testpriv1' +privilege1_dn = u'cn=%s,%s,%s' % ( + privilege1, api.env.container_privilege, api.env.basedn +) + + +class test_permission(Declarative): + + cleanup_commands = [ + ('permission_del', [permission1], {}), + ('permission_del', [permission2], {}), + ('privilege_del', [privilege1], {}), + ] + + tests = [ + + dict( + desc='Try to retrieve non-existent %r' % permission1, + command=('permission_show', [permission1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to update non-existent %r' % permission1, + command=('permission_mod', [permission1], dict(description=u'Foo')), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to delete non-existent %r' % permission1, + command=('permission_del', [permission1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Search for non-existent %r' % permission1, + command=('permission_find', [permission1], {}), + expected=dict( + count=0, + truncated=False, + summary=u'0 permissions matched', + result=[], + ), + ), + + + dict( + desc='Create %r' % permission1, + command=( + 'permission_add', [permission1], dict( + description=u'Test desc 1', + type=u'user', + permissions=u'write', + ) + ), + expected=dict( + value=permission1, + summary=u'Added permission "%s"' % permission1, + result=dict( + dn=permission1_dn, + cn=[permission1], + description=[u'Test desc 1'], + objectclass=objectclasses.permission, + type=u'user', + permissions=[u'write'], + ), + ), + ), + + + dict( + desc='Try to create duplicate %r' % permission1, + command=( + 'permission_add', [permission1], dict( + description=u'Test desc 1', + type=u'user', + permissions=u'write', + ), + ), + expected=errors.DuplicateEntry(), + ), + + + dict( + desc='Create %r' % privilege1, + command=('privilege_add', [privilege1], + dict(description=u'privilege desc. 1') + ), + expected=dict( + value=privilege1, + summary=u'Added privilege "%s"' % privilege1, + result=dict( + dn=privilege1_dn, + cn=[privilege1], + description=[u'privilege desc. 1'], + objectclass=objectclasses.privilege, + ), + ), + ), + + + dict( + desc='Add permission %r to privilege %r' % (permission1, privilege1), + command=('privilege_add_permission', [privilege1], + dict(permission=permission1) + ), + expected=dict( + completed=1, + failed=dict( + member=dict( + permission=[], + ), + ), + result={ + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'privilege desc. 1'], + 'memberof_permission': [permission1], + } + ), + ), + + + dict( + desc='Retrieve %r' % permission1, + command=('permission_show', [permission1], {}), + expected=dict( + value=permission1, + summary=None, + result={ + 'dn': permission1_dn, + 'cn': [permission1], + 'description': [u'Test desc 1'], + 'member_privilege': [privilege1], + 'type': u'user', + 'permissions': [u'write'], + }, + ), + ), + + + dict( + desc='Search for %r' % permission1, + command=('permission_find', [permission1], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 permission matched', + result=[ + { + 'dn': permission1_dn, + 'cn': [permission1], + 'description': [u'Test desc 1'], + 'member_privilege': [privilege1], + 'type': u'user', + 'permissions': [u'write'], + }, + ], + ), + ), + + + dict( + desc='Search for %r' % privilege1, + command=('permission_find', [privilege1], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 permission matched', + result=[ + { + 'dn': permission1_dn, + 'cn': [permission1], + 'description': [u'Test desc 1'], + 'member_privilege': [privilege1], + 'type': u'user', + 'permissions': [u'write'], + }, + ], + ), + ), + + + dict( + desc='Create %r' % permission2, + command=( + 'permission_add', [permission2], dict( + description=u'Test desc 2', + type=u'user', + permissions=u'write', + ) + ), + expected=dict( + value=permission2, + summary=u'Added permission "%s"' % permission2, + result=dict( + dn=permission2_dn, + cn=[permission2], + description=[u'Test desc 2'], + objectclass=objectclasses.permission, + type=u'user', + permissions=[u'write'], + ), + ), + ), + + + dict( + desc='Search for %r' % permission1, + command=('permission_find', [permission1], {}), + expected=dict( + count=2, + truncated=False, + summary=u'2 permissions matched', + result=[ + { + 'dn': permission1_dn, + 'cn': [permission1], + 'description': [u'Test desc 1'], + 'member_privilege': [privilege1], + 'type': u'user', + 'permissions': [u'write'], + }, + { + 'dn': permission2_dn, + 'cn': [permission2], + 'description': [u'Test desc 2'], + 'type': u'user', + 'permissions': [u'write'], + }, + ], + ), + ), + + + dict( + desc='Search for %r' % privilege1, + command=('privilege_find', [privilege1], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 privilege matched', + result=[ + { + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'privilege desc. 1'], + 'memberof_permission': [permission1], + }, + ], + ), + ), + + + dict( + desc='Update %r' % permission1, + command=( + 'permission_mod', [permission1], dict(description=u'New desc 1') + ), + expected=dict( + value=permission1, + summary=u'Modified permission "%s"' % permission1, + result=dict( + dn=permission1_dn, + cn=[permission1], + description=[u'New desc 1'], + member_privilege=[privilege1], + type=u'user', + permissions=[u'write'], + ), + ), + ), + + + dict( + desc='Retrieve %r to verify update' % permission1, + command=('permission_show', [permission1], {}), + expected=dict( + value=permission1, + summary=None, + result={ + 'dn': permission1_dn, + 'cn': [permission1], + 'description': [u'New desc 1'], + 'member_privilege': [privilege1], + 'type': u'user', + 'permissions': [u'write'], + }, + ), + ), + + + dict( + desc='Delete %r' % permission1, + command=('permission_del', [permission1], {}), + expected=dict( + result=True, + value=permission1, + summary=u'Deleted permission "%s"' % permission1, + ) + ), + + + dict( + desc='Try to delete non-existent %r' % permission1, + command=('permission_del', [permission1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to retrieve non-existent %r' % permission1, + command=('permission_show', [permission1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to update non-existent %r' % permission1, + command=('permission_mod', [permission1], dict(description=u'Foo')), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Delete %r' % permission2, + command=('permission_del', [permission2], {}), + expected=dict( + result=True, + value=permission2, + summary=u'Deleted permission "%s"' % permission2, + ) + ), + + + dict( + desc='Search for %r' % permission1, + command=('permission_find', [permission1], {}), + expected=dict( + count=0, + truncated=False, + summary=u'0 permissions matched', + result=[], + ), + ), + + + dict( + desc='Delete %r' % privilege1, + command=('privilege_del', [privilege1], {}), + expected=dict( + result=True, + value=privilege1, + summary=u'Deleted privilege "%s"' % privilege1, + ) + ), + + ] diff --git a/tests/test_xmlrpc/test_privilege_plugin.py b/tests/test_xmlrpc/test_privilege_plugin.py new file mode 100644 index 000000000..b3bd7af8b --- /dev/null +++ b/tests/test_xmlrpc/test_privilege_plugin.py @@ -0,0 +1,365 @@ +# Authors: +# Rob Crittenden <rcritten@redhat.com> +# +# Copyright (C) 2010 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +""" +Test the `ipalib/plugins/privilege.py` module. +""" + +from ipalib import api, errors +from tests.test_xmlrpc import objectclasses +from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid + +permission1 = u'testperm' +permission1_dn = u'cn=%s,%s,%s' % (permission1, + api.env.container_permission,api.env.basedn, +) + + +permission2 = u'testperm2' +permission2_dn = u'cn=%s,%s,%s' % (permission2, + api.env.container_permission,api.env.basedn, +) + +privilege1 = u'testpriv1' +privilege1_dn = u'cn=%s,%s,%s' % ( + privilege1, api.env.container_privilege, api.env.basedn +) + + +class test_privilege(Declarative): + + cleanup_commands = [ + ('permission_del', [permission1], {}), + ('permission_del', [permission2], {}), + ('privilege_del', [privilege1], {}), + ] + + tests = [ + + dict( + desc='Try to retrieve non-existent %r' % privilege1, + command=('privilege_show', [privilege1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to update non-existent %r' % privilege1, + command=('privilege_mod', [privilege1], dict(description=u'Foo')), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to delete non-existent %r' % privilege1, + command=('privilege_del', [privilege1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Search for non-existent %r' % privilege1, + command=('privilege_find', [privilege1], {}), + expected=dict( + count=0, + truncated=False, + summary=u'0 privileges matched', + result=[], + ), + ), + + + dict( + desc='Create %r' % permission1, + command=( + 'permission_add', [permission1], dict( + description=u'Test desc 1', + type=u'user', + permissions=u'add, delete', + ) + ), + expected=dict( + value=permission1, + summary=u'Added permission "%s"' % permission1, + result=dict( + dn=permission1_dn, + cn=[permission1], + description=[u'Test desc 1'], + objectclass=objectclasses.permission, + type=u'user', + permissions=[u'add', u'delete'], + ), + ), + ), + + + dict( + desc='Create %r' % privilege1, + command=('privilege_add', [privilege1], + dict(description=u'privilege desc. 1') + ), + expected=dict( + value=privilege1, + summary=u'Added privilege "%s"' % privilege1, + result=dict( + dn=privilege1_dn, + cn=[privilege1], + description=[u'privilege desc. 1'], + objectclass=objectclasses.privilege, + ), + ), + ), + + + dict( + desc='Add permission %r to privilege %r' % (permission1, privilege1), + command=('privilege_add_permission', [privilege1], + dict(permission=permission1) + ), + expected=dict( + completed=1, + failed=dict( + member=dict( + permission=[], + ), + ), + result={ + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'privilege desc. 1'], + 'memberof_permission': [permission1], + } + ), + ), + + + dict( + desc='Retrieve %r' % privilege1, + command=('privilege_show', [privilege1], {}), + expected=dict( + value=privilege1, + summary=None, + result={ + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'privilege desc. 1'], + 'memberof_permission': [permission1], + }, + ), + ), + + + dict( + desc='Search for %r' % privilege1, + command=('privilege_find', [privilege1], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 privilege matched', + result=[ + { + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'privilege desc. 1'], + 'memberof_permission': [permission1], + }, + ], + ), + ), + + + dict( + desc='Search for %r' % privilege1, + command=('privilege_find', [privilege1], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 privilege matched', + result=[ + { + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'privilege desc. 1'], + 'memberof_permission': [permission1], + }, + ], + ), + ), + + + dict( + desc='Create %r' % permission2, + command=( + 'permission_add', [permission2], dict( + description=u'Test desc 2', + type=u'user', + permissions=u'write', + ) + ), + expected=dict( + value=permission2, + summary=u'Added permission "%s"' % permission2, + result=dict( + dn=permission2_dn, + cn=[permission2], + description=[u'Test desc 2'], + objectclass=objectclasses.permission, + type=u'user', + permissions=[u'write'], + ), + ), + ), + + + dict( + desc='Add permission %r to privilege %r' % (permission2, privilege1), + command=('privilege_add_permission', [privilege1], + dict(permission=permission2) + ), + expected=dict( + completed=1, + failed=dict( + member=dict( + permission=[], + ), + ), + result={ + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'privilege desc. 1'], + 'memberof_permission': [permission1, permission2], + } + ), + ), + + + dict( + desc='Add permission %r to privilege %r again' % (permission2, privilege1), + command=('privilege_add_permission', [privilege1], + dict(permission=permission2) + ), + expected=dict( + completed=0, + failed=dict( + member=dict( + permission=[(u'testperm2', u'This entry is already a member'),], + ), + ), + result={ + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'privilege desc. 1'], + 'memberof_permission': [permission1, permission2], + } + ), + ), + + + dict( + desc='Search for %r' % privilege1, + command=('privilege_find', [privilege1], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 privilege matched', + result=[ + { + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'privilege desc. 1'], + 'memberof_permission': [permission1, permission2], + }, + ], + ), + ), + + + dict( + desc='Update %r' % privilege1, + command=( + 'privilege_mod', [privilege1], dict(description=u'New desc 1') + ), + expected=dict( + value=privilege1, + summary=u'Modified privilege "%s"' % privilege1, + result=dict( + cn=[privilege1], + description=[u'New desc 1'], + memberof_permission=[permission1, permission2], + ), + ), + ), + + + dict( + desc='Remove permission from %r' % privilege1, + command=('privilege_remove_permission', [privilege1], + dict(permission=permission1), + ), + expected=dict( + completed=1, + failed=dict( + member=dict( + permission=[], + ), + ), + result={ + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'New desc 1'], + 'memberof_permission': [permission2], + } + ), + ), + + + dict( + desc='Remove permission from %r again' % privilege1, + command=('privilege_remove_permission', [privilege1], + dict(permission=permission1), + ), + expected=dict( + completed=0, + failed=dict( + member=dict( + permission=[(u'testperm', u'This entry is not a member'),], + ), + ), + result={ + 'dn': privilege1_dn, + 'cn': [privilege1], + 'description': [u'New desc 1'], + 'memberof_permission': [permission2], + } + ), + ), + + + dict( + desc='Delete %r' % privilege1, + command=('privilege_del', [privilege1], {}), + expected=dict( + result=True, + value=privilege1, + summary=u'Deleted privilege "%s"' % privilege1, + ) + ), + + + ] diff --git a/tests/test_xmlrpc/test_role_plugin.py b/tests/test_xmlrpc/test_role_plugin.py new file mode 100644 index 000000000..e739ec65e --- /dev/null +++ b/tests/test_xmlrpc/test_role_plugin.py @@ -0,0 +1,566 @@ +# Authors: +# Rob Crittenden <rcritten@redhat.com> +# Pavel Zuna <pzuna@redhat.com> +# +# Copyright (C) 2009 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +""" +Test the `ipalib/plugins/role.py` module. +""" + +from ipalib import api, errors +from tests.test_xmlrpc import objectclasses +from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid + +search = u'test-role' + +role1 = u'test-role-1' +role1_dn = u'cn=%s,%s,%s' % ( + role1, api.env.container_rolegroup, api.env.basedn +) +renamedrole1 = u'test-role' + +role2 = u'test-role-2' +role2_dn = u'cn=%s,%s,%s' % ( + role2, api.env.container_rolegroup, api.env.basedn +) + +group1 = u'testgroup1' +group1_dn = u'cn=%s,%s,%s' % (group1, api.env.container_group, api.env.basedn) + +privilege1 = u'testpriv1' +privilege1_dn = u'cn=%s,%s,%s' % (privilege1, api.env.container_privilege, api.env.basedn) + + +class test_role(Declarative): + + cleanup_commands = [ + ('role_del', [role1], {}), + ('role_del', [role2], {}), + ('group_del', [group1], {}), + ('privilege_del', [privilege1], {}), + ] + + tests = [ + + dict( + desc='Try to retrieve non-existent %r' % role1, + command=('role_show', [role1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to update non-existent %r' % role1, + command=('role_mod', [role1], dict(description=u'Foo')), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to delete non-existent %r' % role1, + command=('role_del', [role1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to rename non-existent %r' % role1, + command=('role_del', [role1], dict(setattr=u'cn=%s' % renamedrole1)), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Search for non-existent %r' % role1, + command=('role_find', [role1], {}), + expected=dict( + count=0, + truncated=False, + summary=u'0 roles matched', + result=[], + ), + ), + + + dict( + desc='Create %r' % role1, + command=('role_add', [role1], + dict(description=u'role desc 1') + ), + expected=dict( + value=role1, + summary=u'Added role "%s"' % role1, + result=dict( + dn=role1_dn, + cn=[role1], + description=[u'role desc 1'], + objectclass=objectclasses.role, + ), + ), + ), + + + dict( + desc='Retrieve %r' % role1, + command=('role_show', [role1], {}), + expected=dict( + value=role1, + summary=None, + result=dict( + dn=role1_dn, + cn=[role1], + description=[u'role desc 1'], + ), + ), + ), + + + dict( + desc='Create %r' % group1, + command=( + 'group_add', [group1], dict(description=u'group desc 1', + nonposix=True,) + ), + expected=dict( + value=group1, + summary=u'Added group "testgroup1"', + result=dict( + dn=group1_dn, + cn=[group1], + description=[u'group desc 1'], + objectclass=objectclasses.group, + ipauniqueid=[fuzzy_uuid], + ), + ), + ), + + + dict( + desc='Create %r' % privilege1, + command=('privilege_add', [privilege1], + dict(description=u'privilege desc. 1') + ), + expected=dict( + value=privilege1, + summary=u'Added privilege "%s"' % privilege1, + result=dict( + dn=privilege1_dn, + cn=[privilege1], + description=[u'privilege desc. 1'], + objectclass=objectclasses.privilege, + ), + ), + ), + + + dict( + desc='Add privilege %r to role %r' % (privilege1, role1), + command=('role_add_privilege', [role1], + dict(privilege=privilege1) + ), + expected=dict( + completed=1, + failed=dict( + member=dict( + privilege=[], + ), + ), + result={ + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'role desc 1'], + 'memberof_privilege': [privilege1], + } + ), + ), + + + dict( + desc='Add member %r to %r' % (group1, role1), + command=('role_add_member', [role1], dict(group=group1)), + expected=dict( + completed=1, + failed=dict( + member=dict( + user=[], + group=[], + host=[], + hostgroup=[], + ), + ), + result={ + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'role desc 1'], + 'member_group': [group1], + 'memberof_privilege': [privilege1], + } + ), + ), + + + dict( + desc='Retrieve %r to verify member-add' % role1, + command=('role_show', [role1], {}), + expected=dict( + value=role1, + summary=None, + result={ + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'role desc 1'], + 'member_group': [group1], + 'memberof_privilege': [privilege1], + }, + ), + ), + + + dict( + desc='Search for %r' % role1, + command=('role_find', [role1], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 role matched', + result=[ + { + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'role desc 1'], + 'member_group': [group1], + 'memberof_privilege': [privilege1], + }, + ], + ), + ), + + + dict( + desc='Search for %r' % search, + command=('role_find', [search], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 role matched', + result=[ + { + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'role desc 1'], + 'member_group': [group1], + 'memberof_privilege': [privilege1], + }, + ], + ), + ), + + + dict( + desc='Create %r' % role2, + command=('role_add', [role2], + dict(description=u'role desc 2') + ), + expected=dict( + value=role2, + summary=u'Added role "%s"' % role2, + result=dict( + dn=role2_dn, + cn=[role2], + description=[u'role desc 2'], + objectclass=objectclasses.role, + ), + ), + ), + + + dict( + desc='Search for %r' % role1, + command=('role_find', [role1], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 role matched', + result=[ + { + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'role desc 1'], + 'member_group': [group1], + 'memberof_privilege': [privilege1], + }, + ], + ), + ), + + + dict( + desc='Search for %r' % search, + command=('role_find', [search], {}), + expected=dict( + count=2, + truncated=False, + summary=u'2 roles matched', + result=[ + { + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'role desc 1'], + 'member_group': [group1], + 'memberof_privilege': [privilege1], + }, + { + 'dn': role2_dn, + 'cn': [role2], + 'description': [u'role desc 2'], + }, + ], + ), + ), + + + dict( + desc='Update %r' % role1, + command=( + 'role_mod', [role1], dict(description=u'New desc 1') + ), + expected=dict( + value=role1, + summary=u'Modified role "%s"' % role1, + result=dict( + cn=[role1], + description=[u'New desc 1'], + member_group=[group1], + memberof_privilege=[privilege1], + ), + ), + ), + + + dict( + desc='Retrieve %r to verify update' % role1, + command=('role_show', [role1], {}), + expected=dict( + value=role1, + summary=None, + result={ + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'New desc 1'], + 'member_group': [group1], + 'memberof_privilege': [privilege1], + }, + ), + ), + + + dict( + desc='Remove member %r from %r' % (group1, role1), + command=('role_remove_member', [role1], dict(group=group1)), + expected=dict( + completed=1, + failed=dict( + member=dict( + user=[], + group=[], + host=[], + hostgroup=[], + ), + ), + result={ + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'New desc 1'], + 'memberof_privilege': [privilege1], + }, + ), + ), + + + dict( + desc='Retrieve %r to verify member-del' % role1, + command=('role_show', [role1], {}), + expected=dict( + value=role1, + summary=None, + result={ + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'New desc 1'], + 'memberof_privilege': [privilege1], + }, + ), + ), + + + dict( + desc='Delete %r' % group1, + command=('group_del', [group1], {}), + expected=dict( + result=True, + value=group1, + summary=u'Deleted group "testgroup1"', + ) + ), + + + dict( + desc='Rename %r' % role1, + command=('role_mod', [role1], dict(setattr=u'cn=%s' % renamedrole1)), + expected=dict( + value=role1, + result=dict( + cn=[renamedrole1], + description=[u'New desc 1'], + memberof_privilege=[privilege1], + ), + summary=u'Modified role "%s"' % role1 + ) + ), + + + dict( + desc='Rename %r back' % renamedrole1, + command=('role_mod', [renamedrole1], dict(setattr=u'cn=%s' % role1)), + expected=dict( + value=renamedrole1, + result=dict( + cn=[role1], + description=[u'New desc 1'], + memberof_privilege=[privilege1], + ), + summary=u'Modified role "%s"' % renamedrole1 + ) + ), + + + dict( + desc='Remove privilege %r from role %r' % (privilege1, role1), + command=('role_remove_privilege', [role1], + dict(privilege=privilege1) + ), + expected=dict( + completed=1, + failed=dict( + member=dict( + privilege=[], + ), + ), + result={ + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'New desc 1'], + } + ), + ), + + + dict( + desc='Remove privilege %r from role %r again' % (privilege1, role1), + command=('role_remove_privilege', [role1], + dict(privilege=privilege1) + ), + expected=dict( + completed=0, + failed=dict( + member=dict( + privilege=[(u'%s' % privilege1, u'This entry is not a member'),], + ), + ), + result={ + 'dn': role1_dn, + 'cn': [role1], + 'description': [u'New desc 1'], + } + ), + ), + + + + dict( + desc='Delete %r' % role1, + command=('role_del', [role1], {}), + expected=dict( + result=True, + value=role1, + summary=u'Deleted role "%s"' % role1, + ) + ), + + + dict( + desc='Try to delete non-existent %r' % role1, + command=('role_del', [role1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to retrieve non-existent %r' % role1, + command=('role_show', [group1], {}), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Try to update non-existent %r' % role1, + command=('role_mod', [role1], dict(description=u'Foo')), + expected=errors.NotFound(reason='no such entry'), + ), + + + dict( + desc='Search for %r' % search, + command=('role_find', [search], {}), + expected=dict( + count=1, + truncated=False, + summary=u'1 role matched', + result=[ + { + 'dn': role2_dn, + 'cn': [role2], + 'description': [u'role desc 2'], + }, + ], + ), + ), + + + dict( + desc='Delete %r' % role2, + command=('role_del', [role2], {}), + expected=dict( + result=True, + value=role2, + summary=u'Deleted role "%s"' % role2, + ) + ), + + + dict( + desc='Search for %r' % search, + command=('role_find', [search], {}), + expected=dict( + count=0, + truncated=False, + summary=u'0 roles matched', + result=[], + ), + ), + + ] diff --git a/tests/test_xmlrpc/test_rolegroup_plugin.py b/tests/test_xmlrpc/test_rolegroup_plugin.py deleted file mode 100644 index 46922cd4e..000000000 --- a/tests/test_xmlrpc/test_rolegroup_plugin.py +++ /dev/null @@ -1,467 +0,0 @@ -# Authors: -# Rob Crittenden <rcritten@redhat.com> -# Pavel Zuna <pzuna@redhat.com> -# -# Copyright (C) 2009 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -""" -Test the `ipalib/plugins/rolegroup.py` module. -""" - -from ipalib import api, errors -from tests.test_xmlrpc import objectclasses -from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid - -search = u'test-rolegroup' - -rolegroup1 = u'test-rolegroup-1' -rolegroup1_dn = u'cn=%s,cn=rolegroups,cn=accounts,%s' % ( - rolegroup1, api.env.basedn -) -renamedrolegroup1 = u'test-rolegroup' - -rolegroup2 = u'test-rolegroup-2' -rolegroup2_dn = u'cn=%s,cn=rolegroups,cn=accounts,%s' % ( - rolegroup2, api.env.basedn -) - -group1 = u'testgroup1' -group1_dn = u'cn=%s,cn=groups,cn=accounts,%s' % (group1, api.env.basedn) - - -class test_rolegroup(Declarative): - - cleanup_commands = [ - ('rolegroup_del', [rolegroup1], {}), - ('rolegroup_del', [rolegroup2], {}), - ('group_del', [group1], {}), - ] - - tests = [ - - dict( - desc='Try to retrieve non-existent %r' % rolegroup1, - command=('rolegroup_show', [rolegroup1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to update non-existent %r' % rolegroup1, - command=('rolegroup_mod', [rolegroup1], dict(description=u'Foo')), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to delete non-existent %r' % rolegroup1, - command=('rolegroup_del', [rolegroup1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to rename non-existent %r' % rolegroup1, - command=('rolegroup_del', [rolegroup1], dict(setattr=u'cn=%s' % renamedrolegroup1)), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Search for non-existent %r' % rolegroup1, - command=('rolegroup_find', [rolegroup1], {}), - expected=dict( - count=0, - truncated=False, - summary=u'0 rolegroups matched', - result=[], - ), - ), - - - dict( - desc='Create %r' % rolegroup1, - command=('rolegroup_add', [rolegroup1], - dict(description=u'rolegroup desc 1') - ), - expected=dict( - value=rolegroup1, - summary=u'Added rolegroup "test-rolegroup-1"', - result=dict( - dn=rolegroup1_dn, - cn=[rolegroup1], - description=[u'rolegroup desc 1'], - objectclass=objectclasses.rolegroup, - ), - ), - ), - - - dict( - desc='Retrieve %r' % rolegroup1, - command=('rolegroup_show', [rolegroup1], {}), - expected=dict( - value=rolegroup1, - summary=None, - result=dict( - dn=rolegroup1_dn, - cn=[rolegroup1], - description=[u'rolegroup desc 1'], - ), - ), - ), - - - dict( - desc='Create %r' % group1, - command=( - 'group_add', [group1], dict(description=u'group desc 1', - nonposix=True,) - ), - expected=dict( - value=group1, - summary=u'Added group "testgroup1"', - result=dict( - dn=group1_dn, - cn=[group1], - description=[u'group desc 1'], - objectclass=objectclasses.group, - ipauniqueid=[fuzzy_uuid], - ), - ), - ), - - - dict( - desc='Add member %r to %r' % (group1, rolegroup1), - command=('rolegroup_add_member', [rolegroup1], dict(group=group1)), - expected=dict( - completed=1, - failed=dict( - member=dict( - user=[], - group=[], - host=[], - hostgroup=[], - ), - ), - result={ - 'dn': rolegroup1_dn, - 'cn': [rolegroup1], - 'description': [u'rolegroup desc 1'], - 'member_group': [group1], - } - ), - ), - - - dict( - desc='Retrieve %r to verify member-add' % rolegroup1, - command=('rolegroup_show', [rolegroup1], {}), - expected=dict( - value=rolegroup1, - summary=None, - result={ - 'dn': rolegroup1_dn, - 'cn': [rolegroup1], - 'description': [u'rolegroup desc 1'], - 'member_group': [group1], - }, - ), - ), - - - dict( - desc='Search for %r' % rolegroup1, - command=('rolegroup_find', [rolegroup1], {}), - expected=dict( - count=1, - truncated=False, - summary=u'1 rolegroup matched', - result=[ - { - 'dn': rolegroup1_dn, - 'cn': [rolegroup1], - 'description': [u'rolegroup desc 1'], - 'member_group': [group1], - }, - ], - ), - ), - - - dict( - desc='Search for %r' % search, - command=('rolegroup_find', [search], {}), - expected=dict( - count=1, - truncated=False, - summary=u'1 rolegroup matched', - result=[ - { - 'dn': rolegroup1_dn, - 'cn': [rolegroup1], - 'description': [u'rolegroup desc 1'], - 'member_group': [group1], - }, - ], - ), - ), - - - dict( - desc='Create %r' % rolegroup2, - command=('rolegroup_add', [rolegroup2], - dict(description=u'rolegroup desc 2') - ), - expected=dict( - value=rolegroup2, - summary=u'Added rolegroup "test-rolegroup-2"', - result=dict( - dn=rolegroup2_dn, - cn=[rolegroup2], - description=[u'rolegroup desc 2'], - objectclass=objectclasses.rolegroup, - ), - ), - ), - - - dict( - desc='Search for %r' % rolegroup1, - command=('rolegroup_find', [rolegroup1], {}), - expected=dict( - count=1, - truncated=False, - summary=u'1 rolegroup matched', - result=[ - { - 'dn': rolegroup1_dn, - 'cn': [rolegroup1], - 'description': [u'rolegroup desc 1'], - 'member_group': [group1], - }, - ], - ), - ), - - - dict( - desc='Search for %r' % search, - command=('rolegroup_find', [search], {}), - expected=dict( - count=2, - truncated=False, - summary=u'2 rolegroups matched', - result=[ - { - 'dn': rolegroup1_dn, - 'cn': [rolegroup1], - 'description': [u'rolegroup desc 1'], - 'member_group': [group1], - }, - { - 'dn': rolegroup2_dn, - 'cn': [rolegroup2], - 'description': [u'rolegroup desc 2'], - }, - ], - ), - ), - - - dict( - desc='Updated %r' % rolegroup1, - command=( - 'rolegroup_mod', [rolegroup1], dict(description=u'New desc 1') - ), - expected=dict( - value=rolegroup1, - summary=u'Modified rolegroup "test-rolegroup-1"', - result=dict( - cn=[rolegroup1], - description=[u'New desc 1'], - member_group=[group1], - ), - ), - ), - - - dict( - desc='Retrieve %r to verify update' % rolegroup1, - command=('rolegroup_show', [rolegroup1], {}), - expected=dict( - value=rolegroup1, - summary=None, - result={ - 'dn': rolegroup1_dn, - 'cn': [rolegroup1], - 'description': [u'New desc 1'], - 'member_group': [group1], - }, - ), - ), - - - dict( - desc='Remove member %r from %r' % (group1, rolegroup1), - command=('rolegroup_remove_member', [rolegroup1], dict(group=group1)), - expected=dict( - completed=1, - failed=dict( - member=dict( - user=[], - group=[], - host=[], - hostgroup=[], - ), - ), - result={ - 'dn': rolegroup1_dn, - 'cn': [rolegroup1], - 'description': [u'New desc 1'], - }, - ), - ), - - - dict( - desc='Retrieve %r to verify member-del' % rolegroup1, - command=('rolegroup_show', [rolegroup1], {}), - expected=dict( - value=rolegroup1, - summary=None, - result={ - 'dn': rolegroup1_dn, - 'cn': [rolegroup1], - 'description': [u'New desc 1'], - }, - ), - ), - - - dict( - desc='Delete %r' % group1, - command=('group_del', [group1], {}), - expected=dict( - result=True, - value=group1, - summary=u'Deleted group "testgroup1"', - ) - ), - - - dict( - desc='Rename %r' % rolegroup1, - command=('rolegroup_mod', [rolegroup1], dict(setattr=u'cn=%s' % renamedrolegroup1)), - expected=dict( - value=rolegroup1, - result=dict( - cn=[renamedrolegroup1], - description=[u'New desc 1'], - ), - summary=u'Modified rolegroup "%s"' % rolegroup1 - ) - ), - - - dict( - desc='Rename %r back' % renamedrolegroup1, - command=('rolegroup_mod', [renamedrolegroup1], dict(setattr=u'cn=%s' % rolegroup1)), - expected=dict( - value=renamedrolegroup1, - result=dict( - cn=[rolegroup1], - description=[u'New desc 1'], - ), - summary=u'Modified rolegroup "%s"' % renamedrolegroup1 - ) - ), - - - dict( - desc='Delete %r' % rolegroup1, - command=('rolegroup_del', [rolegroup1], {}), - expected=dict( - result=True, - value=rolegroup1, - summary=u'Deleted rolegroup "test-rolegroup-1"', - ) - ), - - - dict( - desc='Try to delete non-existent %r' % rolegroup1, - command=('rolegroup_del', [rolegroup1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to retrieve non-existent %r' % rolegroup1, - command=('rolegroup_show', [group1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to update non-existent %r' % rolegroup1, - command=('rolegroup_mod', [rolegroup1], dict(description=u'Foo')), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Search for %r' % search, - command=('rolegroup_find', [search], {}), - expected=dict( - count=1, - truncated=False, - summary=u'1 rolegroup matched', - result=[ - { - 'dn': rolegroup2_dn, - 'cn': [rolegroup2], - 'description': [u'rolegroup desc 2'], - }, - ], - ), - ), - - - dict( - desc='Delete %r' % rolegroup2, - command=('rolegroup_del', [rolegroup2], {}), - expected=dict( - result=True, - value=rolegroup2, - summary=u'Deleted rolegroup "test-rolegroup-2"', - ) - ), - - - dict( - desc='Search for %r' % search, - command=('rolegroup_find', [search], {}), - expected=dict( - count=0, - truncated=False, - summary=u'0 rolegroups matched', - result=[], - ), - ), - - ] diff --git a/tests/test_xmlrpc/test_sudocmdgroup_plugin.py b/tests/test_xmlrpc/test_sudocmdgroup_plugin.py index a6b4ab2a2..564d956e2 100644 --- a/tests/test_xmlrpc/test_sudocmdgroup_plugin.py +++ b/tests/test_xmlrpc/test_sudocmdgroup_plugin.py @@ -430,7 +430,7 @@ class test_sudocmdgroup(Declarative): failed=dict( member=dict( sudocmdgroup=tuple(), - sudocmd=[(u'notfound', u'This entry is not a member of the group')], + sudocmd=[(u'notfound', u'This entry is not a member')], ), ), result={ diff --git a/tests/test_xmlrpc/test_taskgroup_plugin.py b/tests/test_xmlrpc/test_taskgroup_plugin.py deleted file mode 100644 index ce3166020..000000000 --- a/tests/test_xmlrpc/test_taskgroup_plugin.py +++ /dev/null @@ -1,496 +0,0 @@ -# Authors: -# Rob Crittenden <rcritten@redhat.com> -# Pavel Zuna <pzuna@redhat.com> -# -# Copyright (C) 2009 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; version 2 only -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -""" -Test the `ipalib/plugins/taskgroup.py` module. -""" - -from ipalib import api, errors -from tests.test_xmlrpc import objectclasses -from xmlrpc_test import Declarative, fuzzy_digits, fuzzy_uuid - -search = u'test-taskgroup' - -taskgroup1 = u'test-taskgroup-1' -taskgroup1_dn = u'cn=%s,cn=taskgroups,cn=accounts,%s' % ( - taskgroup1, api.env.basedn -) -renamedtaskgroup1 = u'test-taskgroup1' - -taskgroup2 = u'test-taskgroup-2' -taskgroup2_dn = u'cn=%s,cn=taskgroups,cn=accounts,%s' % ( - taskgroup2, api.env.basedn -) - -group1 = u'testgroup1' -group1_dn = u'cn=%s,cn=groups,cn=accounts,%s' % (group1, api.env.basedn) - -rolegroup1 = u'test-rolegroup-1' -rolegroup1_dn = u'cn=%s,cn=rolegroups,cn=accounts,%s' % ( - rolegroup1, api.env.basedn -) - - -class test_taskgroup(Declarative): - - cleanup_commands = [ - ('taskgroup_del', [taskgroup1], {}), - ('taskgroup_del', [taskgroup2], {}), - ('group_del', [group1], {}), - ('rolegroup_del', [rolegroup1], {}), - ] - - tests = [ - - dict( - desc='Try to retrieve non-existent %r' % taskgroup1, - command=('taskgroup_show', [taskgroup1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to update non-existent %r' % taskgroup1, - command=('taskgroup_mod', [taskgroup1], dict(description=u'Foo')), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to delete non-existent %r' % taskgroup1, - command=('taskgroup_del', [taskgroup1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to rename non-existent %r' % taskgroup1, - command=('taskgroup_del', [taskgroup1], dict(setattr=u'cn=%s' % renamedtaskgroup1)), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Search for non-existent %r' % taskgroup1, - command=('taskgroup_find', [taskgroup1], {}), - expected=dict( - count=0, - truncated=False, - summary=u'0 taskgroups matched', - result=[], - ), - ), - - - dict( - desc='Create %r' % taskgroup1, - command=( - 'taskgroup_add', [taskgroup1], dict(description=u'Test desc 1') - ), - expected=dict( - value=taskgroup1, - summary=u'Added taskgroup "test-taskgroup-1"', - result=dict( - dn=taskgroup1_dn, - cn=[taskgroup1], - description=[u'Test desc 1'], - objectclass=objectclasses.taskgroup, - ), - ), - ), - - - dict( - desc='Try to create duplicate %r' % taskgroup1, - command=( - 'taskgroup_add', [taskgroup1], dict(description=u'Test desc 1') - ), - expected=errors.DuplicateEntry(), - ), - - - dict( - desc='Create %r' % rolegroup1, - command=('rolegroup_add', [rolegroup1], - dict(description=u'rolegroup desc. 1') - ), - expected=dict( - value=rolegroup1, - summary=u'Added rolegroup "test-rolegroup-1"', - result=dict( - dn=rolegroup1_dn, - cn=[rolegroup1], - description=[u'rolegroup desc. 1'], - objectclass=objectclasses.rolegroup, - ), - ), - ), - - - dict( - desc='Create %r' % group1, - command=( - 'group_add', [group1], dict(description=u'Test group desc 1', - nonposix=True,) - ), - expected=dict( - value=group1, - summary=u'Added group "testgroup1"', - result=dict( - dn=group1_dn, - cn=[group1], - description=[u'Test group desc 1'], - objectclass=objectclasses.group, - ipauniqueid=[fuzzy_uuid], - ), - ), - ), - - - dict( - desc='Add member to %r' % taskgroup1, - command=('taskgroup_add_member', [taskgroup1], - dict(rolegroup=rolegroup1, group=group1) - ), - expected=dict( - completed=2, - failed=dict( - member=dict( - rolegroup=[], - group=[], - user=[], - ), - ), - result={ - 'dn': taskgroup1_dn, - 'cn': [taskgroup1], - 'description': [u'Test desc 1'], - 'member_rolegroup': [rolegroup1], - 'member_group': [group1], - } - ), - ), - - - dict( - desc='Retrieve %r' % taskgroup1, - command=('taskgroup_show', [taskgroup1], {}), - expected=dict( - value=taskgroup1, - summary=None, - result={ - 'dn': taskgroup1_dn, - 'cn': [taskgroup1], - 'description': [u'Test desc 1'], - 'member_rolegroup': [rolegroup1], - 'member_group': [group1], - }, - ), - ), - - - dict( - desc='Search for %r' % taskgroup1, - command=('taskgroup_find', [taskgroup1], {}), - expected=dict( - count=1, - truncated=False, - summary=u'1 taskgroup matched', - result=[ - { - 'dn': taskgroup1_dn, - 'cn': [taskgroup1], - 'description': [u'Test desc 1'], - 'member_rolegroup': [rolegroup1], - 'member_group': [group1], - }, - ], - ), - ), - - - dict( - desc='Search for %r' % search, - command=('taskgroup_find', [search], {}), - expected=dict( - count=1, - truncated=False, - summary=u'1 taskgroup matched', - result=[ - { - 'dn': taskgroup1_dn, - 'cn': [taskgroup1], - 'description': [u'Test desc 1'], - 'member_rolegroup': [rolegroup1], - 'member_group': [group1], - }, - ], - ), - ), - - - dict( - desc='Create %r' % taskgroup2, - command=( - 'taskgroup_add', [taskgroup2], dict(description=u'Test desc 2') - ), - expected=dict( - value=taskgroup2, - summary=u'Added taskgroup "test-taskgroup-2"', - result=dict( - dn=taskgroup2_dn, - cn=[taskgroup2], - description=[u'Test desc 2'], - objectclass=objectclasses.taskgroup, - ), - ), - ), - - - dict( - desc='Search for %r' % taskgroup1, - command=('taskgroup_find', [taskgroup1], {}), - expected=dict( - count=1, - truncated=False, - summary=u'1 taskgroup matched', - result=[ - { - 'dn': taskgroup1_dn, - 'cn': [taskgroup1], - 'description': [u'Test desc 1'], - 'member_rolegroup': [rolegroup1], - 'member_group': [group1], - }, - ], - ), - ), - - - dict( - desc='Search for %r' % search, - command=('taskgroup_find', [search], {}), - expected=dict( - count=2, - truncated=False, - summary=u'2 taskgroups matched', - result=[ - { - 'dn': taskgroup1_dn, - 'cn': [taskgroup1], - 'description': [u'Test desc 1'], - 'member_rolegroup': [rolegroup1], - 'member_group': [group1], - }, - { - 'dn': taskgroup2_dn, - 'cn': [taskgroup2], - 'description': [u'Test desc 2'], - }, - ], - ), - ), - - - dict( - desc='Updated %r' % taskgroup1, - command=( - 'taskgroup_mod', [taskgroup1], dict(description=u'New desc 1') - ), - expected=dict( - value=taskgroup1, - summary=u'Modified taskgroup "test-taskgroup-1"', - result=dict( - cn=[taskgroup1], - description=[u'New desc 1'], - member_rolegroup=[rolegroup1], - member_group=[group1], - - ), - ), - ), - - - dict( - desc='Retrieve %r to verify update' % taskgroup1, - command=('taskgroup_show', [taskgroup1], {}), - expected=dict( - value=taskgroup1, - summary=None, - result={ - 'dn': taskgroup1_dn, - 'cn': [taskgroup1], - 'description': [u'New desc 1'], - 'member_rolegroup': [rolegroup1], - 'member_group': [group1], - }, - ), - ), - - - dict( - desc='Remove member from %r' % taskgroup1, - command=('taskgroup_remove_member', [taskgroup1], - dict(group=group1), - ), - expected=dict( - completed=1, - failed=dict( - member=dict( - rolegroup=[], - group=[], - user=[], - ), - ), - result={ - 'dn': taskgroup1_dn, - 'cn': [taskgroup1], - 'description': [u'New desc 1'], - 'member_rolegroup': [rolegroup1], - } - ), - ), - - - dict( - desc='Rename %r' % taskgroup1, - command=('taskgroup_mod', [taskgroup1], dict(setattr=u'cn=%s' % renamedtaskgroup1)), - expected=dict( - value=taskgroup1, - result=dict( - cn=[renamedtaskgroup1], - description=[u'New desc 1'], - member_rolegroup=[u'test-rolegroup-1'], - ), - summary=u'Modified taskgroup "%s"' % taskgroup1 - ) - ), - - - dict( - desc='Rename %r back' % renamedtaskgroup1, - command=('taskgroup_mod', [renamedtaskgroup1], dict(setattr=u'cn=%s' % taskgroup1)), - expected=dict( - value=renamedtaskgroup1, - result=dict( - cn=[taskgroup1], - description=[u'New desc 1'], - member_rolegroup=[u'test-rolegroup-1'], - ), - summary=u'Modified taskgroup "%s"' % renamedtaskgroup1 - ) - ), - - - dict( - desc='Delete %r' % taskgroup1, - command=('taskgroup_del', [taskgroup1], {}), - expected=dict( - result=True, - value=taskgroup1, - summary=u'Deleted taskgroup "test-taskgroup-1"', - ) - ), - - - dict( - desc='Try to delete non-existent %r' % taskgroup1, - command=('taskgroup_del', [taskgroup1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to retrieve non-existent %r' % taskgroup1, - command=('taskgroup_show', [group1], {}), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Try to update non-existent %r' % taskgroup1, - command=('taskgroup_mod', [taskgroup1], dict(description=u'Foo')), - expected=errors.NotFound(reason='no such entry'), - ), - - - dict( - desc='Search for %r' % search, - command=('taskgroup_find', [search], {}), - expected=dict( - count=1, - truncated=False, - summary=u'1 taskgroup matched', - result=[ - { - 'dn': taskgroup2_dn, - 'cn': [taskgroup2], - 'description': [u'Test desc 2'], - }, - ], - ), - ), - - - dict( - desc='Delete %r' % taskgroup2, - command=('taskgroup_del', [taskgroup2], {}), - expected=dict( - result=True, - value=taskgroup2, - summary=u'Deleted taskgroup "test-taskgroup-2"', - ) - ), - - - dict( - desc='Search for %r' % search, - command=('taskgroup_find', [search], {}), - expected=dict( - count=0, - truncated=False, - summary=u'0 taskgroups matched', - result=[], - ), - ), - - - dict( - desc='Delete %r' % group1, - command=('group_del', [group1], {}), - expected=dict( - result=True, - value=group1, - summary=u'Deleted group "testgroup1"', - ) - ), - - - dict( - desc='Delete %r' % rolegroup1, - command=('rolegroup_del', [rolegroup1], {}), - expected=dict( - result=True, - value=rolegroup1, - summary=u'Deleted rolegroup "test-rolegroup-1"', - ) - ), - - ] diff --git a/tests/test_xmlrpc/test_user_plugin.py b/tests/test_xmlrpc/test_user_plugin.py index 340963858..9849953ee 100644 --- a/tests/test_xmlrpc/test_user_plugin.py +++ b/tests/test_xmlrpc/test_user_plugin.py @@ -201,8 +201,6 @@ class test_user(Declarative): sn=[u'Administrator'], uid=[u'admin'], memberof_group=[u'admins'], - memberof_rolegroup=[u'hostadmin', u'replicaadmin'], - memberof_taskgroup=[u'addhosts', u'removehosts', u'modifyhosts', u'manage_host_keytab', u'enroll_host', u'managereplica', u'deletereplica'], nsaccountlock=[u'False'], ), dict( @@ -237,8 +235,6 @@ class test_user(Declarative): sn=[u'Administrator'], uid=[u'admin'], memberof_group=[u'admins'], - memberof_rolegroup=[u'hostadmin', u'replicaadmin'], - memberof_taskgroup=[u'addhosts', u'removehosts', u'modifyhosts', u'manage_host_keytab', u'enroll_host', u'managereplica', u'deletereplica'], nsaccountlock=[u'False'], ), ], |