def test_add_user_with_singlevalue_addattr(self):
""" Try to add a user with single-value attribute
set via option and --addattr """
user = UserTracker(name=u'user', givenname=u'Test', sn=u'User1',
addattr=u'sn=User2')
command = user.make_create_command()
with raises_exact(errors.OnlyOneValueAllowed(attr='sn')):
command()
def test_add_user_with_singlevalue_addattr(self):
""" Try to add a user with single-value attribute
set via option and --addattr """
user = UserTracker(name=u'user', givenname=u'Test', sn=u'User1',
addattr=u'sn=User2')
command = user.make_create_command()
with raises_exact(errors.OnlyOneValueAllowed(attr='sn')):
command()
def test_create_with_krb_ticket_policy(self):
""" Try to create user with krbmaxticketlife set """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test',
sn=u'Tuser1', setattr=u'krbmaxticketlife=88000'
)
command = testuser.make_create_command()
with raises_exact(errors.ObjectclassViolation(
info=u'attribute "%s" not allowed' % 'krbmaxticketlife')):
command()
def test_create_with_too_long_login(self):
""" Try to create user with too long login string """
testuser = UserTracker(
name=invaliduser2, givenname=u'Test', sn=u'User1'
)
command = testuser.make_create_command()
with raises_exact(errors.ValidationError(
name=u'login',
error=u'can be at most 255 characters')):
command()
def test_create_with_invalid_login(self):
""" Try to create user with an invalid login string """
testuser = UserTracker(
name=invaliduser1, givenname=u'Test', sn=u'User1'
)
command = testuser.make_create_command()
with raises_exact(errors.ValidationError(
name=u'login',
error=u'may only include letters, numbers, _, -, . and $')):
command()
def test_create_with_bad_realm_in_principal(self):
""" Try to create user with a bad realm in principal """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1',
krbprincipalname=u'*****@*****.**'
)
command = testuser.make_create_command()
with raises_exact(errors.RealmMismatch()):
command()
def test_create_with_krb_ticket_policy(self):
""" Try to create user with krbmaxticketlife set """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test',
sn=u'Tuser1', setattr=u'krbmaxticketlife=88000'
)
command = testuser.make_create_command()
with raises_exact(errors.ObjectclassViolation(
info=u'attribute "%s" not allowed' % 'krbmaxticketlife')):
command()
def test_create_with_too_long_login(self):
""" Try to create user with too long login string """
testuser = UserTracker(name=invaliduser2,
givenname=u'Test',
sn=u'User1')
command = testuser.make_create_command()
with raises_exact(
errors.ValidationError(
name=u'login', error=u'can be at most 255 characters')):
command()
def test_create_without_upg(self):
""" Try to create user without User's Primary GID """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1',
noprivate=True
)
command = testuser.make_create_command()
with raises_exact(errors.NotFound(
reason=u'Default group for new users is not POSIX')):
command()
def test_create_with_invalid_login(self):
""" Try to create user with an invalid login string """
testuser = UserTracker(
name=invaliduser1, givenname=u'Test', sn=u'User1'
)
command = testuser.make_create_command()
with raises_exact(errors.ValidationError(
name=u'login',
error=u'may only include letters, numbers, _, -, . and $')):
command()
def test_create_without_upg(self):
""" Try to create user without User's Primary GID """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1',
noprivate=True
)
command = testuser.make_create_command()
with raises_exact(errors.NotFound(
reason=u'Default group for new users is not POSIX')):
command()
def test_create_with_bad_realm_in_principal(self):
""" Try to create user with a bad realm in principal """
testuser = UserTracker(name=u'tuser1',
givenname=u'Test',
sn=u'Tuser1',
krbprincipalname=u'*****@*****.**')
command = testuser.make_create_command()
with raises_exact(errors.RealmMismatch()):
command()
def test_create_with_malformed_principal(self):
""" Try to create user with wrongly formed principal """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1',
krbprincipalname=u'tuser1@[email protected]'
)
command = testuser.make_create_command()
with raises_exact(errors.MalformedUserPrincipal(
principal=u'tuser1@[email protected]')):
command()
def test_create_with_malformed_principal(self):
""" Try to create user with wrongly formed principal """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1',
krbprincipalname=u'tuser1@[email protected]'
)
command = testuser.make_create_command()
with raises_exact(errors.ConversionError(
name='principal', error="Malformed principal: '{}'".format(
testuser.kwargs['krbprincipalname']))):
command()
def test_create_with_malformed_principal(self):
""" Try to create user with wrongly formed principal """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1',
krbprincipalname=u'tuser1@[email protected]'
)
command = testuser.make_create_command()
with raises_exact(errors.ConversionError(
name='principal', error="Malformed principal: '{}'".format(
testuser.kwargs['krbprincipalname']))):
command()
def test_create_with_uid_999(self):
""" Check that server return uid and gid 999
when a new client asks for uid 999 """
testuser = UserTracker(name=u'tuser1',
givenname=u'Test',
sn=u'Tuser1',
uidnumber=999)
testuser.track_create()
testuser.attrs.update(uidnumber=[u'999'], gidnumber=[u'999'])
command = testuser.make_create_command()
result = command()
testuser.check_create(result)
testuser.delete()
def test_create_with_ssh_pubkey(self):
""" Create user with an assigned SSH public key """
testuser = UserTracker(name=u'tuser1',
givenname=u'Test',
sn=u'Tuser1',
ipasshpubkey=sshpubkey)
testuser.track_create()
# fingerprint is expected in the tracker attrs
testuser.attrs.update(sshpubkeyfp=[sshpubkeyfp])
command = testuser.make_create_command()
result = command()
testuser.check_create(result)
testuser.delete()
def test_create_without_upg(self):
""" Try to create user without User's Primary GID
As the UPG plugin is disabled, the user gets assigned to the Default
Group for new users (ipausers) which is not POSIX and the command
is expected to fail
"""
testuser = UserTracker(name=u'tuser1', givenname=u'Test', sn=u'Tuser1')
command = testuser.make_create_command()
with raises_exact(
errors.NotFound(
reason=u'Default group for new users is not POSIX')):
command()
def test_create_with_ssh_pubkey(self):
""" Create user with an assigned SSH public key """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test',
sn=u'Tuser1', ipasshpubkey=sshpubkey
)
testuser.track_create()
# fingerprint is expected in the tracker attrs
testuser.attrs.update(sshpubkeyfp=[sshpubkeyfp])
command = testuser.make_create_command()
result = command()
testuser.check_create(result)
testuser.delete()
def test_create_with_uid_999(self):
""" Check that server return uid and gid 999
when a new client asks for uid 999 """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1', uidnumber=999
)
testuser.track_create()
testuser.attrs.update(
uidnumber=[u'999'],
gidnumber=[u'999']
)
command = testuser.make_create_command()
result = command()
testuser.check_create(result)
testuser.delete()
def test_create_with_old_DNA_MAGIC_999(self):
""" Check that server picks suitable uid and gid
when an old client asks for the magic uid 999 """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1',
uidnumber=999, version=u'2.49'
)
testuser.track_create()
testuser.attrs.update(
uidnumber=[lambda v: int(v) != 999],
gidnumber=[lambda v: int(v) != 999],
)
command = testuser.make_create_command()
result = command()
testuser.check_create(result)
testuser.delete()
def test_create_with_old_DNA_MAGIC_999(self):
""" Check that server picks suitable uid and gid
when an old client asks for the magic uid 999 """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1',
uidnumber=999, version=u'2.49'
)
testuser.track_create()
testuser.attrs.update(
uidnumber=[lambda v: int(v) != 999],
gidnumber=[lambda v: int(v) != 999],
)
command = testuser.make_create_command()
result = command()
testuser.check_create(result)
testuser.delete()
def test_create_without_upg_with_gid_set(self):
""" Create user without User's Primary GID with GID set """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1',
noprivate=True, gidnumber=1000
)
testuser.track_create()
del testuser.attrs['mepmanagedentry']
testuser.attrs.update(gidnumber=[u'1000'])
testuser.attrs.update(
description=[],
objectclass=add_oc(objectclasses.user_base, u'ipantuserattrs')
)
command = testuser.make_create_command()
result = command()
testuser.check_create(result, [u'description'])
testuser.delete()
def test_create_without_upg_with_gid_set(self):
""" Create user without User's Primary GID with GID set """
testuser = UserTracker(name=u'tuser1',
givenname=u'Test',
sn=u'Tuser1',
noprivate=True,
gidnumber=1000)
testuser.track_create()
del testuser.attrs['mepmanagedentry']
testuser.attrs.update(gidnumber=[u'1000'])
testuser.attrs.update(description=[],
objectclass=add_oc(objectclasses.user_base,
u'ipantuserattrs'))
command = testuser.make_create_command()
result = command()
testuser.check_create(result, [u'description'])
testuser.delete()
def test_create_with_random_passwd(self):
""" Create user with random password """
testuser = UserTracker(name=u'tuser1',
givenname=u'Test',
sn=u'Tuser1',
random=True)
testuser.track_create()
testuser.attrs.update(randompassword=fuzzy_password,
has_keytab=True,
has_password=True,
krbextradata=[Fuzzy(type=bytes)],
krbpasswordexpiration=[fuzzy_dergeneralizedtime],
krblastpwdchange=[fuzzy_dergeneralizedtime])
command = testuser.make_create_command()
result = command()
testuser.check_create(result)
testuser.delete()
def test_create_with_random_passwd(self):
""" Create user with random password """
testuser = UserTracker(
name=u'tuser1', givenname=u'Test', sn=u'Tuser1', random=True
)
testuser.track_create()
testuser.attrs.update(
randompassword=fuzzy_password,
has_keytab=True, has_password=True,
krbextradata=[Fuzzy(type=bytes)],
krbpasswordexpiration=[fuzzy_dergeneralizedtime],
krblastpwdchange=[fuzzy_dergeneralizedtime]
)
command = testuser.make_create_command()
result = command()
testuser.check_create(result)
testuser.delete()
def test_create_with_uid_999(self):
""" Check that server return uid and gid 999
when a new client asks for uid 999 """
testuser = UserTracker(name=u'tuser1',
givenname=u'Test',
sn=u'Tuser1',
uidnumber=999)
testuser.track_create()
# When uid is outside of IPA id range, no SID is generated
del testuser.attrs['ipantsecurityidentifier']
testuser.attrs.update(uidnumber=[u'999'],
gidnumber=[u'999'],
objectclass=objectclasses.user_base +
['mepOriginEntry'])
command = testuser.make_create_command()
result = command()
testuser.check_create(result)
testuser.delete()
def test_create_without_upg_with_gid_set(self):
""" Create user without User's Primary GID with GID set
The UPG plugin is disabled, but the user is provided with a group
"""
testuser = UserTracker(name=u'tuser1',
givenname=u'Test',
sn=u'Tuser1',
gidnumber=1000)
testuser.track_create()
del testuser.attrs['mepmanagedentry']
testuser.attrs.update(gidnumber=[u'1000'])
testuser.attrs.update(
description=[],
objectclass=objectclasses.user_base + [u'ipantuserattrs'],
)
command = testuser.make_create_command()
result = command()
testuser.check_create(result, [u'description'])
testuser.delete()
def test_create_where_managed_group_exists(self, user, group):
""" Create a managed group and then try to create user
with the same name the group has
As the UPG plugin is disabled, there is no conflict
"""
group.create()
testuser = UserTracker(name=group.cn,
givenname=u'Test',
sn=u'Tuser1',
gidnumber=1000)
testuser.track_create()
del testuser.attrs['mepmanagedentry']
testuser.attrs.update(gidnumber=[u'1000'])
testuser.attrs.update(description=[],
objectclass=add_oc(objectclasses.user_base,
u'ipantuserattrs'))
command = testuser.make_create_command()
result = command()
testuser.check_create(result, [u'description'])
testuser.delete()
