def test_principal_ok(self):
agent_dn = DN(('krbprincipalname', 'cifs/%s@%s' %
(m_api.env.host, m_api.env.realm)),
m_api.env.container_service, m_api.env.basedn)
group_dn = DN(('cn', 'adtrust agents'),
m_api.env.container_sysaccounts, m_api.env.basedn)
attrs = {
'memberof': [group_dn],
}
fake_conn = LDAPClient('ldap://localhost', no_schema=True)
ldapentry = LDAPEntry(fake_conn, agent_dn)
for attr, values in attrs.items():
ldapentry[attr] = values
framework = object()
registry.initialize(framework, config.Config)
registry.trust_controller = True
f = IPATrustControllerPrincipalCheck(registry)
f.conn = mock_ldap(ldapentry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustControllerPrincipalCheck'
assert result.kw.get('key') == 'cifs/%s@%s' % \
(m_api.env.host, m_api.env.realm)
def test_member_fail(self):
agent_dn = DN(('fqdn', m_api.env.host), m_api.env.container_host,
m_api.env.basedn)
attrs = {
'memberof': [agent_dn],
}
fake_conn = LDAPClient('ldap://localhost', no_schema=True)
ldapentry = LDAPEntry(fake_conn, agent_dn)
for attr, values in attrs.items():
ldapentry[attr] = values
framework = object()
registry.initialize(framework, config.Config)
registry.trust_controller = True
f = IPATrustControllerPrincipalCheck(registry)
f.conn = mock_ldap(ldapentry)
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.ERROR
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.kw.get('key') == 'cifs/%s@%s' % \
(m_api.env.host, m_api.env.realm)
def test_not_trust_controller(self):
framework = object()
registry.initialize(framework)
registry.trust_controller = False
f = IPATrustControllerPrincipalCheck(registry)
f.config = config.Config()
self.results = capture_results(f)
# Zero because the call was skipped altogether
assert len(self.results) == 0