def status(self):
"""Check if role is locked in nsDisabledRole (directly or indirectly)
:returns: a dict
"""
inst = self._instance
disabled_roles = {}
try:
mapping_trees = MappingTrees(inst)
root_suffix = mapping_trees.get_root_suffix_by_entry(self.dn)
roles = Roles(inst, root_suffix)
disabled_roles = roles.get_disabled_roles()
nested_roles = NestedRoles(inst, root_suffix)
disabled_role = nested_roles.get("nsDisabledRole")
inact_containers = nsContainers(inst, basedn=root_suffix)
inact_container = inact_containers.get('nsAccountInactivationTmp')
cos_templates = CosTemplates(inst, inact_container.dn)
cos_template = cos_templates.get(f'{disabled_role.dn}')
cos_template.present('cosPriority', '1')
cos_template.present('nsAccountLock', 'true')
cos_classic_defs = CosClassicDefinitions(inst, root_suffix)
cos_classic_def = cos_classic_defs.get('nsAccountInactivation_cos')
cos_classic_def.present('cosAttribute',
'nsAccountLock operational')
cos_classic_def.present('cosTemplateDn', inact_container.dn)
cos_classic_def.present('cosSpecifier', 'nsRole')
except ldap.NO_SUCH_OBJECT:
return self._format_status_message(RoleState.PROBABLY_ACTIVATED)
for role, parent in disabled_roles.items():
if str.lower(self.dn) == str.lower(role.dn):
if parent is None:
return self._format_status_message(
RoleState.DIRECTLY_LOCKED)
else:
return self._format_status_message(
RoleState.INDIRECTLY_LOCKED, parent)
return self._format_status_message(RoleState.ACTIVATED)
def test_usandsconf_dbgen_cos_classic(topology_st, set_log_file_and_ldif):
"""Test ldifgen (formerly dbgen) tool to create a COS definition
:id: 8557f994-8a91-4f8a-86f6-9cb826a0b8f1
:setup: Standalone instance
:steps:
1. Create DS instance
2. Run ldifgen to generate ldif with classic COS definition
3. Import generated ldif to database
4. Check it was properly imported
:expectedresults:
1. Success
2. Success
3. Success
4. Success
"""
LDAP_RESULT = 'adding new entry "cn=My_Postal_Def,ou=cos definitions,dc=example,dc=com"'
standalone = topology_st.standalone
args = FakeArgs()
args.type = 'classic'
args.NAME = 'My_Postal_Def'
args.parent = 'ou=cos definitions,dc=example,dc=com'
args.create_parent = True
args.cos_specifier = 'businessCategory'
args.cos_attr = ['postalcode', 'telephonenumber']
args.cos_template = 'cn=sales,cn=classicCoS,dc=example,dc=com'
args.ldif_file = ldif_file
content_list = [
'Generating LDIF with the following options:',
'NAME={}'.format(args.NAME), 'type={}'.format(args.type),
'parent={}'.format(args.parent), 'create-parent={}'.format(
args.create_parent), 'cos-specifier={}'.format(args.cos_specifier),
'cos-template={}'.format(args.cos_template),
'cos-attr={}'.format(args.cos_attr),
'ldif-file={}'.format(args.ldif_file), 'Writing LDIF',
'Successfully created LDIF file: {}'.format(args.ldif_file)
]
log.info('Run ldifgen to create COS definition ldif')
dbgen_create_cos_def(standalone, log, args)
log.info('Check if file exists')
assert os.path.exists(ldif_file)
check_value_in_log_and_reset(content_list)
# Groups, COS, Roles and modification ldifs are designed to be used by ldapmodify, not ldif2db
run_ldapmodify_from_file(standalone, ldif_file, LDAP_RESULT)
log.info('Check that COS definition is imported')
cos_def = CosClassicDefinitions(standalone, args.parent)
assert cos_def.exists(args.NAME)
new_cos = cos_def.get(args.NAME)
assert new_cos.present('cosTemplateDN', args.cos_template)
assert new_cos.present('cosSpecifier', args.cos_specifier)
assert new_cos.present('cosAttribute', args.cos_attr[0])
assert new_cos.present('cosAttribute', args.cos_attr[1])