def test_process_rolerule():
from ldap2pg.validators import rolerule
with pytest.raises(ValueError):
rolerule(None)
rule = rolerule('aline').as_dict()
assert 'aline' == rule['names'][0]
rule = rolerule(dict(name='rolname', parent='parent')).as_dict()
assert ['rolname'] == rule['names']
assert ['parent'] == rule['parents']
with pytest.raises(ValueError):
rolerule(dict(missing_name='noname'))
rule = rolerule(dict(name='r', options='LOGIN SUPERUSER')).as_dict()
assert rule['options']['LOGIN'] is True
assert rule['options']['SUPERUSER'] is True
rule = rolerule(dict(name='r', options=['LOGIN', 'SUPERUSER'])).as_dict()
assert rule['options']['LOGIN'] is True
assert rule['options']['SUPERUSER'] is True
rule = rolerule(dict(name='r', options=['NOLOGIN', 'SUPERUSER'])).as_dict()
assert rule['options']['LOGIN'] is False
assert rule['options']['SUPERUSER'] is True
with pytest.raises(ValueError) as ei:
rolerule(dict(name='r', options='OLOLOL'))
assert 'OLOLOL' in str(ei.value)
rule = rolerule(dict(name_attribute='cn')).as_dict()
assert 'name_attribute' not in rule
assert '{cn}' in rule['names']
def test_extract_static_rules_roles():
from ldap2pg.config import extract_static_rules
from ldap2pg.validators import rolerule
config = dict(sync_map=[
dict(
ldap=dict(filter="(filter)"),
roles=[
rolerule(dict(name="static-orphan")),
rolerule(dict(name="static", parent=["static"])),
rolerule(dict(name="{dynamic}")),
rolerule(dict(names=["mixed", "{dynamic}"])),
rolerule(dict(name="dynmember", members=["{dynamic}"])),
rolerule(dict(name="dynparent", parent=["{dynamic}"])),
rolerule(dict(name="dyncomment", comment="{dynamic}")),
],
),
])
extract_static_rules(config)
wanted = dict(sync_map=[
dict(roles=[
rolerule(dict(name="static-orphan")),
]),
dict(roles=[
rolerule(dict(name="static", parent=["static"])),
]),
dict(roles=[
rolerule(dict(name="mixed")),
]),
dict(
ldap=dict(filter="(filter)"),
roles=[
rolerule(dict(name="{dynamic}")),
rolerule(dict(names=["{dynamic}"])),
rolerule(dict(name="dynmember", members=["{dynamic}"])),
rolerule(dict(name="dynparent", parent=["{dynamic}"])),
rolerule(dict(name="dyncomment", comment="{dynamic}")),
],
),
])
assert wanted == config