def test_principal_fail(self):
admins_dn = DN(('cn', 'admins'))
attrs = {
'ipantsecurityidentifier': ['S-1-5-21-1234-5678-1976041503-500'],
}
fake_conn = LDAPClient('ldap://localhost', no_schema=True)
ldapentry = LDAPEntry(fake_conn, admins_dn)
for attr, values in attrs.items():
ldapentry[attr] = values
framework = object()
registry.initialize(framework, config.Config)
registry.trust_controller = True
f = IPATrustControllerGroupSIDCheck(registry)
f.conn = mock_ldap(ldapentry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.ERROR
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustControllerGroupSIDCheck'
assert result.kw.get('key') == 'ipantsecurityidentifier'
assert result.kw.get('rid') == 'S-1-5-21-1234-5678-1976041503-500'
def test_not_trust_controller(self):
framework = object()
registry.initialize(framework)
registry.trust_controller = False
f = IPATrustControllerGroupSIDCheck(registry)
f.config = config.Config()
self.results = capture_results(f)
# Zero because the call was skipped altogether
assert len(self.results) == 0