def test_create_printer(ucr, udm): """Create shares/printer and verify LDAP object""" ucr.load() properties = { 'name': uts.random_name(), 'location': uts.random_string(), 'description': uts.random_name(), 'spoolHost': random_fqdn(ucr), 'uri': '%s %s' % ( random.choice(PRINTER_PROTOCOLS), uts.random_ip(), ), 'model': 'foomatic-rip/Generic-PCL_4_Printer-gutenprint-ijs-simplified.5.2.ppd', 'producer': 'cn=Generic,cn=cups,cn=univention,%s' % (ucr.get('ldap/base'), ), 'sambaName': uts.random_name(), 'ACLtype': random.choice(['allow all', 'allow', 'deny']), 'ACLUsers': 'uid=Administrator,cn=users,%s' % (ucr.get('ldap/base'), ), 'ACLGroups': 'cn=Printer Admins,cn=groups,%s' % (ucr.get('ldap/base'), ), } print('*** Create shares/printer object') print_share_dn = udm.create_object('shares/printer', position='cn=printers,%s' % (ucr['ldap/base'], ), **properties) utils.verify_ldap_object(print_share_dn, { 'cn': [properties['name']], 'description': [properties['description']], 'univentionObjectType': ['shares/printer'], 'univentionPrinterACLGroups': [properties['ACLGroups']], 'univentionPrinterACLUsers': [properties['ACLUsers']], 'univentionPrinterACLtype': [properties['ACLtype']], 'univentionPrinterLocation': [properties['location']], 'univentionPrinterModel': [properties['model']], 'univentionPrinterSambaName': [properties['sambaName']], 'univentionPrinterSpoolHost': [properties['spoolHost']], 'univentionPrinterURI': [properties['uri'].replace(' ', '')], }, delay=1) print('*** Modify shares/printer object') properties['sambaName'] = uts.random_name() udm.modify_object('shares/printer', dn=print_share_dn, sambaName=properties['sambaName']) utils.verify_ldap_object( print_share_dn, {'univentionPrinterSambaName': [properties['sambaName']]}, delay=1)
def get_ou_base(ou, district_enable): ucr = univention.testing.ucr.UCSTestConfigRegistry() ucr.load() base_dn = ucr.get('ldap/base') if district_enable: ou_base = 'ou=%s,ou=%s,%s' % (ou, ou[0:2], base_dn) else: ou_base = 'ou=%s,%s' % (ou, base_dn) return ou_base
def create_mail_domain(ucr, udm): if not ucr.get('mail/hosteddomains'): try: maildomain = ucr["mail/hosteddomains"].split()[0] except (AttributeError, IndexError): maildomain = ucr["domainname"] print("\n\n*** Creating mail domain %r...\n", maildomain) udm.create_object('mail/domain', position='cn=domain,cn=mail,{}'.format( ucr['ldap/base']), name=maildomain)
def test_create_printer_for_every_printer_URI(ucr, udm): """create printer for every printer URI""" # bugs: [36267, 38812, 40591] account = utils.UCSTestDomainAdminCredentials() position = ucr.get('ldap/hostdn').split(',', 1)[1] for uri in get_uirs(): printer_name = uts.random_name() udm.create_object(modulename='shares/printer', name=printer_name, position='%s' % position, binddn=account.binddn, bindpwd=account.bindpw, set={ 'spoolHost': '%(hostname)s.%(domainname)s' % ucr, 'model': 'None', 'uri': '%s:// /tmp/%s' % (uri, printer_name) }) if not printer_enabled(printer_name): print('Wait for 30 seconds and try again') time.sleep(30) assert printer_enabled( printer_name ), 'Printer (%s) is created but not enabled' % printer_name
def verify_dc(ou, dc_name, dc_type, base_dn=None, must_exist=True): ''' Arguments: dc_name: name of the domaincontroller (cn) dc_type: type of the domaincontroller ('educational' or 'administrative') ''' assert (dc_type in (TYPE_DC_ADMINISTRATIVE, TYPE_DC_EDUCATIONAL)) ucr = univention.testing.ucr.UCSTestConfigRegistry() ucr.load() if not base_dn: base_dn = ucr.get('ldap/base') ou_base = get_ou_base(ou, ucr.is_true('ucsschool/ldap/district/enable', False)) dc_dn = 'cn=%s,cn=dc,cn=server,cn=computers,%s' % (dc_name, ou_base) # define list of (un-)desired group memberships ==> [(IS_MEMBER, GROUP_DN), ...] group_dn_list = [] if dc_type == TYPE_DC_ADMINISTRATIVE: group_dn_list += [ (True, 'cn=OU%s-DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (ou.lower(), base_dn)), (True, 'cn=DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (base_dn, )), (False, 'cn=Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % base_dn), (False, 'cn=OU%s-Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (ou, base_dn)), (False, 'cn=OU%s-DC-Edukativnetz,cn=ucsschool,cn=groups,%s' % (ou.lower(), base_dn)), (False, 'cn=DC-Edukativnetz,cn=ucsschool,cn=groups,%s' % (base_dn, )), (False, 'cn=Member-Edukativnetz,cn=ucsschool,cn=groups,%s' % base_dn), (False, 'cn=OU%s-Member-Edukativnetz,cn=ucsschool,cn=groups,%s' % (ou, base_dn)), ] else: group_dn_list += [ (True, 'cn=OU%s-DC-Edukativnetz,cn=ucsschool,cn=groups,%s' % (ou.lower(), base_dn)), (True, 'cn=DC-Edukativnetz,cn=ucsschool,cn=groups,%s' % (base_dn, )), (False, 'cn=Member-Edukativnetz,cn=ucsschool,cn=groups,%s' % base_dn), (False, 'cn=OU%s-Member-Edukativnetz,cn=ucsschool,cn=groups,%s' % (ou, base_dn)), ] if ucr.is_true('ucsschool/ldap/noneducational/create/objects', must_exist): group_dn_list += [ (False, 'cn=OU%s-DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (ou.lower(), base_dn)), (False, 'cn=DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (base_dn, )), (False, 'cn=Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % base_dn), (False, 'cn=OU%s-Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (ou, base_dn)), ] utils.verify_ldap_object(dc_dn, should_exist=must_exist) for (expected_membership, grpdn) in group_dn_list: try: if must_exist: utils.verify_ldap_object( grpdn, expected_attr={'uniqueMember': [dc_dn]}, strict=False, should_exist=True) if not expected_membership: raise DCisMemberOfGroup('%s DC %r is member of group %r' % (dc_type, dc_dn, grpdn)) except utils.LDAPObjectValueMissing: if expected_membership: raise
def verify_ou(ou, dc, ucr, sharefileserver, dc_administrative, must_exist): print '*** Verifying OU (%s) ... ' % ou ucr.load() dc_name = ucr.get('hostname') old_dhcpd_ldap_base = ucr.get('dhcpd/ldap/base') lo = univention.uldap.getMachineConnection() base_dn = ucr.get('ldap/base') cn_pupils = ucr.get('ucsschool/ldap/default/container/pupils', 'schueler') cn_teachers = ucr.get('ucsschool/ldap/default/container/teachers', 'lehrer') cn_teachers_staff = ucr.get( 'ucsschool/ldap/default/container/teachers-and-staff', 'lehrer und mitarbeiter') cn_admins = ucr.get('ucsschool/ldap/default/container/admins', 'admins') cn_staff = ucr.get('ucsschool/ldap/default/container/staff', 'mitarbeiter') singlemaster = ucr.is_true('ucsschool/singlemaster') noneducational_create_objects = ucr.is_true( 'ucsschool/ldap/noneducational/create/objects') district_enable = ucr.is_true('ucsschool/ldap/district/enable') # default_dcs = ucr.get('ucsschool/ldap/default/dcs') dhcp_dns_clearou = ucr.is_true( 'ucsschool/import/generate/policy/dhcp/dns/clearou') ou_base = get_ou_base(ou, district_enable) # does dc exist? if singlemaster: dc_dn = ucr.get('ldap/hostdn') dc_name = ucr.get('hostname') elif dc: dc_dn = 'cn=%s,cn=dc,cn=server,cn=computers,%s' % (dc, ou_base) dc_name = dc else: dc_dn = 'cn=dc%s-01,cn=dc,cn=server,cn=computers,%s' % (ou, ou_base) dc_name = 'dc%s-01' % ou sharefileserver_dn = dc_dn if sharefileserver: result = lo.search( filter='(&(objectClass=univentionDomainController)(cn=%s))' % sharefileserver, base=base_dn, attr=['cn']) if result: sharefileserver_dn = result[0][0] utils.verify_ldap_object(ou_base, expected_attr={ 'ou': [ou], 'ucsschoolClassShareFileServer': [sharefileserver_dn], 'ucsschoolHomeShareFileServer': [sharefileserver_dn] }, should_exist=must_exist) utils.verify_ldap_object('cn=printers,%s' % ou_base, expected_attr={'cn': ['printers']}, should_exist=must_exist) utils.verify_ldap_object('cn=users,%s' % ou_base, expected_attr={'cn': ['users']}, should_exist=must_exist) utils.verify_ldap_object('cn=%s,cn=users,%s' % (cn_pupils, ou_base), expected_attr={'cn': [cn_pupils]}, should_exist=must_exist) utils.verify_ldap_object('cn=%s,cn=users,%s' % (cn_teachers, ou_base), expected_attr={'cn': [cn_teachers]}, should_exist=must_exist) utils.verify_ldap_object('cn=%s,cn=users,%s' % (cn_admins, ou_base), expected_attr={'cn': [cn_admins]}, should_exist=must_exist) utils.verify_ldap_object('cn=%s,cn=users,%s' % (cn_admins, ou_base), expected_attr={'cn': [cn_admins]}, should_exist=must_exist) utils.verify_ldap_object('cn=computers,%s' % ou_base, expected_attr={'cn': ['computers']}, should_exist=must_exist) utils.verify_ldap_object('cn=server,cn=computers,%s' % ou_base, expected_attr={'cn': ['server']}, should_exist=must_exist) utils.verify_ldap_object('cn=dc,cn=server,cn=computers,%s' % ou_base, expected_attr={'cn': ['dc']}, should_exist=must_exist) utils.verify_ldap_object('cn=networks,%s' % ou_base, expected_attr={'cn': ['networks']}, should_exist=must_exist) utils.verify_ldap_object('cn=groups,%s' % ou_base, expected_attr={'cn': ['groups']}, should_exist=must_exist) utils.verify_ldap_object('cn=%s,cn=groups,%s' % (cn_pupils, ou_base), expected_attr={'cn': [cn_pupils]}, should_exist=must_exist) utils.verify_ldap_object('cn=%s,cn=groups,%s' % (cn_teachers, ou_base), expected_attr={'cn': [cn_teachers]}, should_exist=must_exist) utils.verify_ldap_object('cn=klassen,cn=%s,cn=groups,%s' % (cn_pupils, ou_base), expected_attr={'cn': ['klassen']}, should_exist=must_exist) utils.verify_ldap_object('cn=raeume,cn=groups,%s' % ou_base, expected_attr={'cn': ['raeume']}, should_exist=must_exist) utils.verify_ldap_object('cn=dhcp,%s' % ou_base, expected_attr={'cn': ['dhcp']}, should_exist=must_exist) utils.verify_ldap_object('cn=policies,%s' % ou_base, expected_attr={'cn': ['policies']}, should_exist=must_exist) utils.verify_ldap_object('cn=shares,%s' % ou_base, expected_attr={'cn': ['shares']}, should_exist=must_exist) utils.verify_ldap_object('cn=klassen,cn=shares,%s' % ou_base, expected_attr={'cn': ['klassen']}, should_exist=must_exist) utils.verify_ldap_object('cn=dc,cn=server,cn=computers,%s' % ou_base, expected_attr={'cn': ['dc']}, should_exist=must_exist) if noneducational_create_objects: utils.verify_ldap_object('cn=%s,cn=users,%s' % (cn_staff, ou_base), should_exist=must_exist) utils.verify_ldap_object('cn=%s,cn=users,%s' % (cn_teachers_staff, ou_base), should_exist=must_exist) utils.verify_ldap_object('cn=%s,cn=groups,%s' % (cn_staff, ou_base), should_exist=must_exist) else: utils.verify_ldap_object('cn=%s,cn=users,%s' % (cn_staff, ou_base), should_exist=False) utils.verify_ldap_object('cn=%s,cn=users,%s' % (cn_teachers_staff, ou_base), should_exist=False) utils.verify_ldap_object('cn=%s,cn=groups,%s' % (cn_staff, ou_base), should_exist=False) if noneducational_create_objects: utils.verify_ldap_object( 'cn=DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % base_dn, should_exist=True) utils.verify_ldap_object( 'cn=Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % base_dn, should_exist=True) utils.verify_ldap_object( 'cn=OU%s-DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (ou, base_dn), should_exist=True) utils.verify_ldap_object( 'cn=OU%s-Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (ou, base_dn), should_exist=True) # This will fail because we don't cleanup these groups in cleanup_ou # else: # utils.verify_ldap_object("cn=DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s" % base_dn, should_exist=False) # utils.verify_ldap_object("cn=Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s" % base_dn, should_exist=False) # utils.verify_ldap_object('cn=OU%s-DC-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (ou, base_dn), should_exist=False) # utils.verify_ldap_object('cn=OU%s-Member-Verwaltungsnetz,cn=ucsschool,cn=groups,%s' % (ou, base_dn), should_exist=False) if not singlemaster: verify_dc(ou, dc_name, TYPE_DC_EDUCATIONAL, base_dn, must_exist) if dc_administrative: verify_dc(ou, dc_administrative, TYPE_DC_ADMINISTRATIVE, base_dn, must_exist) grp_prefix_pupils = ucr.get('ucsschool/ldap/default/groupprefix/pupils', 'schueler-') grp_prefix_teachers = ucr.get( 'ucsschool/ldap/default/groupprefix/teachers', 'lehrer-') grp_prefix_admins = ucr.get('ucsschool/ldap/default/groupprefix/admins', 'admins-') grp_prefix_staff = ucr.get('ucsschool/ldap/default/groupprefix/staff', 'mitarbeiter-') grp_policy_pupils = ucr.get( 'ucsschool/ldap/default/policy/umc/pupils', 'cn=ucsschool-umc-pupils-default,cn=UMC,cn=policies,%s' % base_dn) grp_policy_teachers = ucr.get( 'ucsschool/ldap/default/policy/umc/teachers', 'cn=ucsschool-umc-teachers-default,cn=UMC,cn=policies,%s' % base_dn) grp_policy_admins = ucr.get( 'ucsschool/ldap/default/policy/umc/admins', 'cn=ucsschool-umc-admins-default,cn=UMC,cn=policies,%s' % base_dn) grp_policy_staff = ucr.get( 'ucsschool/ldap/default/policy/umc/staff', 'cn=ucsschool-umc-staff-default,cn=UMC,cn=policies,%s' % base_dn) utils.verify_ldap_object( "cn=%s%s,cn=ouadmins,cn=groups,%s" % (grp_prefix_admins, ou, base_dn), expected_attr={'univentionPolicyReference': [grp_policy_admins]}, should_exist=True) utils.verify_ldap_object( "cn=%s%s,cn=groups,%s" % (grp_prefix_pupils, ou, ou_base), expected_attr={'univentionPolicyReference': [grp_policy_pupils]}, should_exist=must_exist) utils.verify_ldap_object( "cn=%s%s,cn=groups,%s" % (grp_prefix_teachers, ou, ou_base), expected_attr={'univentionPolicyReference': [grp_policy_teachers]}, should_exist=must_exist) if noneducational_create_objects: utils.verify_ldap_object( "cn=%s%s,cn=groups,%s" % (grp_prefix_staff, ou, ou_base), expected_attr={'univentionPolicyReference': [grp_policy_staff]}, should_exist=must_exist) dcmaster_module = univention.admin.modules.get( "computers/domaincontroller_master") dcbackup_module = univention.admin.modules.get( "computers/domaincontroller_backup") dcslave_module = univention.admin.modules.get( "computers/domaincontroller_slave") masterobjs = univention.admin.modules.lookup( dcmaster_module, None, lo, scope='sub', superordinate=None, base=base_dn, filter=univention.admin.filter.expression('cn', dc_name)) backupobjs = univention.admin.modules.lookup( dcbackup_module, None, lo, scope='sub', superordinate=None, base=base_dn, filter=univention.admin.filter.expression('cn', dc_name)) slaveobjs = univention.admin.modules.lookup( dcslave_module, None, lo, scope='sub', superordinate=None, base=base_dn, filter=univention.admin.filter.expression('cn', dc_name)) # check group membership # slave should be member # master and backup should not be member dcgroups = [ "cn=OU%s-DC-Edukativnetz,cn=ucsschool,cn=groups,%s" % (ou, base_dn), "cn=DC-Edukativnetz,cn=ucsschool,cn=groups,%s" % (base_dn) ] if must_exist: if masterobjs: is_master_or_backup = True dcobject = masterobjs[0] elif backupobjs: is_master_or_backup = True dcobject = backupobjs[0] elif slaveobjs: is_master_or_backup = False dcobject = slaveobjs[0] else: raise DCNotFound() dcobject.open() groups = [] membership = False for group in dcobject.get('groups'): groups.append(group.lower()) for dcgroup in dcgroups: if dcgroup.lower() in groups: membership = True if is_master_or_backup and membership: raise DCMembership() elif not is_master_or_backup and not membership: raise DCMembership() ucr.load() if not singlemaster: # in multiserver setups all dhcp settings have to be checked dhcp_dn = "cn=dhcp,%s" % (ou_base) else: # in singleserver setup only the first OU sets dhcpd/ldap/base and all following OUs # should leave the UCR variable untouched. dhcpd_ldap_base = ucr.get('dhcpd/ldap/base') if not dhcpd_ldap_base or 'ou=' not in dhcpd_ldap_base: raise DhcpdLDAPBase('dhcpd/ldap/base=%r contains no "ou="' % (dhcpd_ldap_base, )) # use the UCR value and check if the DHCP service exists dhcp_dn = dhcpd_ldap_base # dhcp print 'LDAP base of dhcpd = %r' % dhcp_dn dhcp_service_dn = "cn=%s,%s" % (get_school_ou_from_dn(dhcp_dn, ucr), dhcp_dn) dhcp_server_dn = "cn=%s,%s" % (dc_name, dhcp_service_dn) if must_exist: utils.verify_ldap_object(dhcp_service_dn, expected_attr={ 'dhcpOption': [ 'wpad "http://%s.%s/proxy.pac"' % (dc_name, ucr.get('domainname')) ] }, should_exist=True) utils.verify_ldap_object(dhcp_server_dn, should_exist=True) dhcp_dns_clearou_dn = 'cn=dhcp-dns-clear,cn=policies,%s' % ou_base if dhcp_dns_clearou: utils.verify_ldap_object(dhcp_dns_clearou_dn, expected_attr={ 'emptyAttributes': ['univentionDhcpDomainNameServers'] }, should_exist=must_exist) try: utils.verify_ldap_object(ou_base, expected_attr={ 'univentionPolicyReference': [dhcp_dns_clearou_dn] }, should_exist=must_exist) except utils.LDAPObjectUnexpectedValue: # ignore other policies pass else: utils.verify_ldap_object(dhcp_dns_clearou_dn, should_exist=False)
def create_and_verify_ou(ucr, ou, dc, sharefileserver, dc_administrative=None, ou_displayname=None, singlemaster=False, noneducational_create_objects=False, district_enable=False, default_dcs=None, dhcp_dns_clearou=False, do_cleanup=True, unset_dhcpd_base=True, use_cli_api=True, use_python_api=False): assert (use_cli_api != use_python_api) print '******************************************************' print '**** create_and_verify_ou test run' print '**** ou=%s' % ou print '**** ou_displayname=%r' % ou_displayname print '**** dc=%s' % dc print '**** dc_administrative=%s' % dc_administrative print '**** sharefileserver=%s' % sharefileserver print '**** singlemaster=%s' % singlemaster print '**** noneducational_create_objects=%s' % noneducational_create_objects print '**** district_enable=%s' % district_enable print '**** default_dcs=%s' % default_dcs print '**** dhcp_dns_clearou=%s' % dhcp_dns_clearou print '******************************************************' ucr.load() lo = univention.uldap.getMachineConnection() # set UCR univention.config_registry.handler_set([ 'ucsschool/singlemaster=%s' % ('true' if singlemaster else 'false'), 'ucsschool/ldap/noneducational/create/objects=%s' % ('true' if noneducational_create_objects else 'false'), 'ucsschool/ldap/district/enable=%s' % ('true' if district_enable else 'false'), 'ucsschool/ldap/default/dcs=%s' % default_dcs, 'ucsschool/import/generate/policy/dhcp/dns/clearou=%s' % ('true' if dhcp_dns_clearou else 'false'), ]) if unset_dhcpd_base: univention.config_registry.handler_unset(['dhcpd/ldap/base']) ucr.load() base_dn = ucr.get('ldap/base') ou_base = get_ou_base(ou, district_enable) # create hooks (pre_hook, pre_hook_successful) = import_ou_create_pre_hook(ou, ou_base, dc, singlemaster) (post_hook, post_hook_successful) = import_ou_create_post_hook( ou, ou_base, dc, singlemaster) move_dc_after_create_ou = False # does dc exist? if singlemaster: dc_name = ucr.get('hostname') elif dc: result = lo.search( filter='(&(objectClass=univentionDomainController)(cn=%s))' % dc, base=base_dn, attr=['cn']) if result: move_dc_after_create_ou = True dc_name = dc else: dc_name = 'dc%s-01' % ou if use_cli_api: create_ou_cli(ou, dc, dc_administrative, sharefileserver, ou_displayname) if use_python_api: create_ou_python_api(ou, dc, dc_administrative, sharefileserver, ou_displayname) if move_dc_after_create_ou: move_domaincontroller_to_ou_cli(dc_name, ou) # cleanup hooks os.remove(pre_hook) os.remove(post_hook) if os.path.exists(pre_hook_successful): os.unlink(pre_hook_successful) else: raise PreHookFailed() if os.path.exists(post_hook_successful): os.unlink(post_hook_successful) else: raise PostHookFailed() verify_ou(ou, dc, ucr, sharefileserver, dc_administrative, must_exist=True) if do_cleanup: remove_ou(ou)
# create user dnUser, _username = udm.create_user() # stop CLI daemon udm.stop_cli_server() # create group _dnGroup, _groupname = udm.create_group() # modify user from above udm.modify_object('users/user', dn=dnUser, description='Foo Bar') # test with malformed arguments try: _dnUser, _username = udm.create_user(username='') except UCSTestUDM_CreateUDMObjectFailed as ex: print( 'Caught anticipated exception UCSTestUDM_CreateUDMObjectFailed - SUCCESS' ) # try to modify object not created by create_udm_object() try: udm.modify_object('users/user', dn='uid=Administrator,cn=users,%s' % ucr.get('ldap/base'), description='Foo Bar') except UCSTestUDM_CannotModifyExistingObject as ex: print( 'Caught anticipated exception UCSTestUDM_CannotModifyExistingObject - SUCCESS' )
def test_force_printername(ucr, udm, ucr_value): """Check state of "force printername" during UDM printer modify""" ucr_var = "samba/force_printername" ucr.load() previous_value = ucr.get(ucr_var) if ucr_value is None: univention.config_registry.handler_unset([ucr_var]) else: keyval = "%s=%s" % (ucr_var, ucr_value) univention.config_registry.handler_set([keyval]) if ucr_value != previous_value: subprocess.call( ["systemctl", "restart", "univention-directory-listener"], close_fds=True) ucr.load() expected_value = ucr.is_true( ucr_var, True) # This is the behavior of cups-printers.py printer_name = uts.random_name() printer_properties = { 'model': 'foomatic-ppds/Apple/Apple-12_640ps-Postscript.ppd.gz', 'uri': 'parallel /dev/lp0', 'spoolHost': '%s.%s' % (ucr['hostname'], ucr['domainname']), 'name': printer_name } printer = udm.create_object('shares/printer', position='cn=printers,%s' % ucr['ldap/base'], **printer_properties) utils.verify_ldap_object( printer, { 'univentionPrinterModel': [printer_properties['model']], 'univentionPrinterURI': [printer_properties['uri'].replace(' ', '')], 'univentionPrinterSpoolHost': [printer_properties['spoolHost']] }) utils.wait_for_replication() old_filename = '/etc/samba/printers.conf.d/%s' % printer_name samba_force_printername = _testparm_is_true(old_filename, printer_name, 'force printername') assert samba_force_printername == expected_value, "samba option \"force printername\" not set to %s" % ( expected_value, ) print("Ok, samba option \"force printername\" set to %s" % (expected_value, )) # Check behavior during UDM modification rename_share_and_check(udm, printer, expected_value) # And check again after inverting the UCR setting: if not expected_value: # This simulates the update case keyval = "%s=%s" % (ucr_var, "yes") univention.config_registry.handler_set([keyval]) else: keyval = "%s=%s" % (ucr_var, "no") univention.config_registry.handler_set([keyval]) subprocess.call(["systemctl", "restart", "univention-directory-listener"], close_fds=True) rename_share_and_check(udm, printer, expected_value) # restart listener with original UCR values: subprocess.call(["systemctl", "restart", "univention-directory-listener"], close_fds=True)
def random_fqdn( ucr): # type: (univention.testing.ucr.UCSTestConfigRegistry) -> str return '%s.%s' % (uts.random_name(), ucr.get('domainname'))
def test_create_printergroup(ucr, udm): """Create shares/printergroup and verify LDAP object""" ucr.load() spoolHost = random_fqdn(ucr) printer_properties1 = { 'name': uts.random_name(), 'spoolHost': spoolHost, 'uri': '%s %s' % ( random.choice(PRINTER_PROTOCOLS), uts.random_ip(), ), 'model': 'foomatic-rip/Generic-PCL_4_Printer-gutenprint-ijs-simplified.5.2.ppd', 'producer': 'cn=Generic,cn=cups,cn=univention,%s' % (ucr.get('ldap/base'), ), } print('*** Create shares/printer object') udm.create_object('shares/printer', position='cn=printers,%s' % (ucr['ldap/base'], ), **printer_properties1) printer_properties2 = { 'name': uts.random_name(), 'spoolHost': spoolHost, 'uri': '%s %s' % ( random.choice(PRINTER_PROTOCOLS), uts.random_ip(), ), 'model': 'foomatic-rip/Generic-PCL_4_Printer-gutenprint-ijs-simplified.5.2.ppd', 'producer': 'cn=Generic,cn=cups,cn=univention,%s' % (ucr.get('ldap/base'), ), } print('*** Create shares/printer object') udm.create_object('shares/printer', position='cn=printers,%s' % (ucr['ldap/base'], ), **printer_properties2) printergroup_properties = { 'name': uts.random_name(), 'spoolHost': spoolHost, 'groupMember': [printer_properties1['name'], printer_properties2['name']], 'sambaName': uts.random_name(), } print('*** Create shares/printergroup object') printergroup_share_dn = udm.create_object('shares/printergroup', position='cn=printers,%s' % (ucr['ldap/base'], ), **printergroup_properties) utils.verify_ldap_object(printergroup_share_dn, { 'cn': [printergroup_properties['name']], 'univentionObjectType': ['shares/printergroup'], 'univentionPrinterSambaName': [printergroup_properties['sambaName']], 'univentionPrinterSpoolHost': [printergroup_properties['spoolHost']], 'univentionPrinterGroupMember': printergroup_properties['groupMember'], }, delay=1) print('*** Modify shares/printergroup object') printergroup_properties['sambaName'] = uts.random_name() udm.modify_object('shares/printergroup', dn=printergroup_share_dn, sambaName=printergroup_properties['sambaName']) utils.verify_ldap_object( printergroup_share_dn, {'univentionPrinterSambaName': [printergroup_properties['sambaName']]}, delay=1)
def test_create_printer_and_check_printing_works(ucr, udm): """Create shares/printer and check if print access works""" ucr.load() admin_dn = ucr.get( 'tests/domainadmin/account', 'uid=Administrator,cn=users,%s' % (ucr.get('ldap/base'), )) admin_name = ldap.dn.str2dn(admin_dn)[0][0][1] password = ucr.get('tests/domainadmin/pwd', 'univention') spoolhost = '.'.join([ucr['hostname'], ucr['domainname']]) acltype = random.choice(['allow all', 'allow']) properties = { 'name': uts.random_name(), 'location': uts.random_string(), 'description': uts.random_name(), 'spoolHost': spoolhost, 'uri': '%s %s' % ( random.choice(PRINTER_PROTOCOLS), uts.random_ip(), ), 'model': 'hp-ppd/HP/HP_Business_Inkjet_2500C_Series.ppd', 'producer': 'cn=Generic,cn=cups,cn=univention,%s' % (ucr.get('ldap/base'), ), 'sambaName': uts.random_name(), 'ACLtype': acltype, 'ACLUsers': admin_dn, 'ACLGroups': 'cn=Printer Admins,cn=groups,%s' % (ucr.get('ldap/base'), ), } print('*** Create shares/printer object') print_share_dn = udm.create_object('shares/printer', position='cn=printers,%s' % (ucr['ldap/base'], ), **properties) utils.verify_ldap_object(print_share_dn, { 'cn': [properties['name']], 'description': [properties['description']], 'univentionObjectType': ['shares/printer'], 'univentionPrinterACLGroups': [properties['ACLGroups']], 'univentionPrinterACLUsers': [properties['ACLUsers']], 'univentionPrinterACLtype': [properties['ACLtype']], 'univentionPrinterLocation': [properties['location']], 'univentionPrinterModel': [properties['model']], 'univentionPrinterSambaName': [properties['sambaName']], 'univentionPrinterSpoolHost': [properties['spoolHost']], 'univentionPrinterURI': [properties['uri'].replace(' ', '')], }, delay=1) print('*** Modify shares/printer samba share name') properties['sambaName'] = uts.random_name() udm.modify_object('shares/printer', dn=print_share_dn, sambaName=properties['sambaName']) utils.verify_ldap_object( print_share_dn, {'univentionPrinterSambaName': [properties['sambaName']]}, delay=1) delay = 15 print('*** Wait %s seconds for listener postrun' % delay) time.sleep(delay) p = subprocess.Popen(['lpq', '-P', properties['name']], close_fds=True) p.wait() assert not p.returncode, "CUPS printer {} not created after {} seconds".format( properties['name'], delay) p = subprocess.Popen( ['su', admin_name, '-c', 'lpr -P %s /etc/hosts' % properties['name']], close_fds=True) p.wait() assert not p.returncode, "Printing to CUPS printer {} as {} failed".format( properties['name'], admin_name) s4_dc_installed = utils.package_installed("univention-samba4") s3_file_and_print_server_installed = utils.package_installed( "univention-samba") smb_server = s3_file_and_print_server_installed or s4_dc_installed if smb_server: delay = 1 time.sleep(delay) cmd = [ 'smbclient', '//localhost/%s' % properties['sambaName'], '-U', '%'.join([admin_name, password]), '-c', 'print /etc/hosts' ] print('\nRunning: %s' % ' '.join(cmd)) p = subprocess.Popen(cmd, close_fds=True) p.wait() if p.returncode: share_definition = '/etc/samba/printers.conf.d/%s' % properties[ 'sambaName'] with open(share_definition) as f: print('### Samba share file %s :' % share_definition) print(f.read()) print('### testpam for that smb.conf section:') p = subprocess.Popen( ['testparm', '-s', '--section-name', properties['sambaName']], close_fds=True) p.wait() assert False, 'Samba printer share {} not accessible'.format( properties['sambaName']) p = subprocess.Popen(['lprm', '-P', properties['name'], '-'], close_fds=True) p.wait()
import doctest print(doctest.testmod()) ucr = univention.testing.ucr.UCSTestConfigRegistry() ucr.load() with UCSTestUDM() as udm: # create user dnUser, _username = udm.create_user() # stop CLI daemon udm.stop_cli_server() # create group _dnGroup, _groupname = udm.create_group() # modify user from above udm.modify_object('users/user', dn=dnUser, description='Foo Bar') # test with malformed arguments try: _dnUser, _username = udm.create_user(username='') except UCSTestUDM_CreateUDMObjectFailed as ex: print('Caught anticipated exception UCSTestUDM_CreateUDMObjectFailed - SUCCESS') # try to modify object not created by create_udm_object() try: udm.modify_object('users/user', dn='uid=Administrator,cn=users,%s' % ucr.get('ldap/base'), description='Foo Bar') except UCSTestUDM_CannotModifyExistingObject as ex: print('Caught anticipated exception UCSTestUDM_CannotModifyExistingObject - SUCCESS')