def test_modify(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
dtime = datetime.utcnow().strftime('%Y%m%d%H%M%S.%fZ')
changes = [
('description', ['Modified at %s' % (dtime,)], LDAP_MOD_REPLACE)
]
ld.modify(self.env['modify_user'], changes)
def delitem(uri, bind_dn, base_dn, bind_pass):
print('call delitem')
ld = LDAP(URI)
ld.bind(BIND_DN, BIND_PASS)
result = ld.delitem(['gidNumber'])
result = 1
return result
def test_search_attributes_attrs_only(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
r = ld.search(self.env['suffix'],
LDAP_SCOPE_SUB,
filter='cn=auth',
attrsonly=True)
self.assertEqual(len(r[0]['cn']), 0)
def setUp(self):
server = os.environ.get('TEST_SERVER', 'ldap-server')
self.env = Environment[server]
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
(dn, attributes) = create_user_entry()
self.old_user_dn = dn
self.old_user_attributes = attributes
ld.add(self.old_user_dn, self.old_user_attributes)
def setUp(self):
server = os.environ.get('TEST_SERVER', 'ldap-server')
self.env = Environment[server]
self.compare_attribute = 'description'
self.compare_value = 'This value will be compared'
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
ld.modify(self.env['modify_user'],
[(self.compare_attribute, [self.compare_value], LDAP_MOD_REPLACE)])
def test_add_with_relax(self):
(dn, attributes) = create_user_entry(relax=True)
self.new_user_dn = dn
self.new_user_attributes = attributes
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
c = LDAPControl()
c.add_control(LDAP_CONTROL_RELAX)
ld.add(self.new_user_dn, self.new_user_attributes, controls=c)
def test_search_attributes(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
r = ld.search(self.env['suffix'],
LDAP_SCOPE_SUB,
filter='cn=auth',
attributes=['cn'])
self.assertIn('cn', r[0])
self.assertNotIn('objectClass', r[0])
def test_modify_async(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
dtime = datetime.utcnow().strftime('%Y%m%d%H%M%S.%fZ')
changes = [('description', ['Modified at %s' % (dtime, )],
LDAP_MOD_REPLACE)]
msgid = ld.modify(self.env['target_user'], changes, async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 0)
def test_modify_async(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
dtime = datetime.utcnow().strftime('%Y%m%d%H%M%S.%fZ')
changes = [
('description', ['Modified at %s' % (dtime,)], LDAP_MOD_REPLACE)
]
msgid = ld.modify(self.env['modify_user'], changes, async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 0)
def test_bind_controls(self):
ld = LDAP(self.env['uri_389'])
c = LDAPControl()
c.add_control(LDAP_CONTROL_PASSWORDPOLICYREQUEST)
msgid = ld.bind(self.env['auth_user'],
self.env['auth_pw'],
controls=c,
async=True)
result = ld.result(msgid, controls=c)
self.assertIn('ppolicy_msg', result)
def test_modify_with_relax(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
c = LDAPControl()
c.add_control(LDAP_CONTROL_RELAX)
dtime = datetime.utcnow().strftime('%Y%m%d%H%M%S.%fZ')
changes = [
('pwdAccountLockedTime', [dtime], LDAP_MOD_REPLACE)
]
ld.modify(self.env['modify_user'], changes, controls=c)
def test_bind_controls(self):
ld = LDAP(self.env['uri_389'])
c = LDAPControl()
c.add_control(LDAP_CONTROL_PASSWORDPOLICYREQUEST)
msgid = ld.bind(self.env['auth_user'],
self.env['auth_pw'],
controls=c,
async=True)
result = ld.result(msgid, controls=c)
self.assertIn('ppolicy_msg', result)
def ldapaddmiyabi():
print("call ldapaddmiyabi")
ld = LDAP(URI)
ld.bind(BIND_DN, BIND_PASS)
result = ld.add(
'uid=miyabi2,ou=Users,dc=example, dc=jp',
[('objectClass', ['top', 'person', 'inetOrgPerson', 'posixAccount']),
('uid', ['miyabi2']), ('cn', ['miyabi2']), ('sn', ['shibayama']),
('givenName', ['miyabi2']), ('uidNumber', ['1001']),
('gidNumber', ['1001']), ('homeDirectory', ['/home/miyabi2']),
('description', ['Test6']), ('loginShell', ['/bin/bash']),
('userPassword', ['miyabi123'])])
return result
def addtestuser(uri, bind_dn, bind_pass, min_uid, max_uid):
ld = LDAP(URI)
ld.bind(BIND_DN, BIND_PASS)
for uid in range(min_uid, max_uid + 1):
entry_dn = 'uid=test' + str(uid) + ',ou=users,dc=example,dc=jp'
entry = [('objectClass', ['person', 'posixAccount']),
('uid', [str(uid)]), ('uidNumber', [str(uid)]),
('gidNumber', [str(uid)]),
('homeDirectory', ['/home/test' + str(uid)]),
('cn', ['test' + str(uid)]), ('sn', ['test' + str(uid)]),
('userPassword', ['secret123'])]
result = ld.add(entry_dn, entry)
return result
def test_start_tls_bind(self):
ld = LDAP(self.env['uri_389'])
ld.set_option(LDAP_OPT_X_TLS_CACERTFILE,
str(cacert_file),
is_global=True)
ld.start_tls()
ld.bind(self.env['auth_user'], self.env['auth_pw'])
def test_rename_without_parent(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
(newrdn, newparent) = self.env['target_user'].split(',', 1)
newrdn += '-newrdn'
ld.rename(self.env['target_user'], newrdn)
# re-rename
ld.rename('%s,%s' % (newrdn, newparent),
self.env['target_user'].split(',', 1)[0], newparent)
def ldapmodify():
ld = LDAP(URI)
with LDAP(URI) as ld:
ld.bind(BIND_DN, BIND_PASS)
entry_dn = ('cn=sampleA' + str('cn') + 'ou=sampleB' + str('ou') +
',dc=example,dc=jp')
entry = ('cn=sampleA,ou=sampleB,dc=example,dc=jp', [
('entry_dn', (['user1'], LDAP_MOD_ADD),
('description', ['Test Group One'], LDAP_MOD_REPLACE),
('uid', [str('ou')]), ('uidNumber', [str('ou')]),
('gidNumber', [str('ou')]), ('homeDirectory',
['/home/test' + str('ou')
]), ('cn', ['test' + str('ou')]),
('sn', ['test' + str('ou')]), ('userPassword', ['secret123']))
])
result = (entry_dn, entry)
return result
def modifymiyabi():
ld = LDAP(URI)
ld.bind(BIND_DN, BIND_PASS)
result = ld.modify(('uid=miyabi2,ou=Users,dc=example,dc=jp'),
[('userPassword', ['miyabi321'], LDAP_MOD_REPLACE)])
ld.unbind()
return result
def ldapsearch_gid(uri, bind_dn, bind_pass, base_dn):
ldap = LDAP(URI)
ldap.bind(BIND_DN, BIND_PASS)
ldap.unbind()
result = ldap.search(BASE_DN, LDAP_SCOPE_SUB,
'(uidNumber=*)', ['gidNumber'])
return result
def delmiyabi2():
print("call dlmiyabi2")
ld = LDAP(URI)
ld.bind(BIND_DN, BIND_PASS)
result = ld.delete('uid=miyabi2,ou=Users,dc=example,dc=jp')
ld.unbind()
return result
def test_rename_oldrdn(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
(newrdn, newparent) = self.env['modify_user'].split(',', 1)
newrdn += '-newrdn'
ld.rename(self.env['modify_user'], newrdn, newparent, deleteoldrdn=False, async=True)
time.sleep(0.3)
entry = ld.search('%s,%s' % (newrdn, newparent), attributes=['uid'])[0]
self.assertEqual(len(entry['uid']), 2)
# re-rename
ld.rename('%s,%s' % (newrdn, newparent), self.env['modify_user'].split(',', 1)[0], newparent)
def test_rename_without_parent(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
(newrdn, newparent) = self.env['modify_user'].split(',', 1)
newrdn += '-newrdn'
ld.rename(self.env['modify_user'], newrdn)
# re-rename
ld.rename('%s,%s' % (newrdn, newparent), self.env['modify_user'].split(',', 1)[0], newparent)
def test_rename_oldrdn(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
(newrdn, newparent) = self.env['target_user'].split(',', 1)
newrdn += '-newrdn'
ld.rename(self.env['target_user'],
newrdn,
newparent,
deleteoldrdn=False,
async=True)
time.sleep(0.3)
entry = ld.search('%s,%s' % (newrdn, newparent), attributes=['uid'])[0]
self.assertEqual(len(entry['uid']), 2)
# re-rename
ld.rename('%s,%s' % (newrdn, newparent),
self.env['target_user'].split(',', 1)[0], newparent)
def test_rename_async(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
(newrdn, newparent) = self.env['modify_user'].split(',', 1)
newrdn += '-newrdn'
msgid = ld.rename(self.env['modify_user'], newrdn, newparent, async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 0)
# re-rename
ld.rename('%s,%s' % (newrdn, newparent), self.env['modify_user'].split(',', 1)[0], newparent)
def test_search_sizelimit(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
with self.assertRaises(LDAPError) as cm:
ld.search(self.env['suffix'], LDAP_SCOPE_SUB, sizelimit=1)
self.assertEqual(cm.exception.return_code,
4) # Size limit exceeded (4)
def test_modify(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
dtime = datetime.utcnow().strftime('%Y%m%d%H%M%S.%fZ')
changes = [('description', ['Modified at %s' % (dtime, )],
LDAP_MOD_REPLACE)]
ld.modify(self.env['target_user'], changes)
def test_modify_with_relax(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
c = LDAPControl()
c.add_control(LDAP_CONTROL_RELAX)
dtime = datetime.utcnow().strftime('%Y%m%d%H%M%S.%fZ')
changes = [('pwdAccountLockedTime', [dtime], LDAP_MOD_REPLACE)]
ld.modify(self.env['target_user'], changes, controls=c)
def test_add_with_relax(self):
(dn, attributes) = create_user_entry(relax=True)
self.new_user_dn = dn
self.new_user_attributes = attributes
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
c = LDAPControl()
c.add_control(LDAP_CONTROL_RELAX)
ld.add(self.new_user_dn, self.new_user_attributes, controls=c)
def setUp(self):
server = os.environ.get('TEST_SERVER', 'ldap-server')
self.env = Environment[server]
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
(dn, attributes) = create_user_entry()
self.old_user_dn = dn
self.old_user_attributes = attributes
ld.add(self.old_user_dn, self.old_user_attributes)
def setUp(self):
server = os.environ.get('TEST_SERVER', 'ldap-server')
self.env = Environment[server]
self.compare_attribute = 'description'
self.compare_value = 'This value will be compared'
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
ld.modify(
self.env['target_user'],
[(self.compare_attribute, [self.compare_value], LDAP_MOD_REPLACE)])
def test_rename_async(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
(newrdn, newparent) = self.env['target_user'].split(',', 1)
newrdn += '-newrdn'
msgid = ld.rename(self.env['target_user'],
newrdn,
newparent,
async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 0)
# re-rename
ld.rename('%s,%s' % (newrdn, newparent),
self.env['target_user'].split(',', 1)[0], newparent)
def test_search_attributes(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
r = ld.search(self.env['suffix'], LDAP_SCOPE_SUB, filter='cn=auth', attrsonly=True)
self.assertEqual(len(r[0]['cn']), 0)
def test_compare(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
result = ld.compare(self.env['target_user'], self.compare_attribute,
self.compare_value)
self.assertTrue(result)
def test_search_base(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
self.assertEqual(len(ld.search(self.env['suffix'])), 1)
def test_bind(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['auth_user'], self.env['auth_pw'])
def test_delete(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
ld.delete(self.old_user_dn)
def test_bind_error(self):
with self.assertRaises(LDAPError):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['auth_user'], 'bad password')
def test_passwd(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['auth_user'], self.env['auth_pw'])
newpassword = '******'
ld.passwd(self.env['auth_user'], self.env['auth_pw'], newpassword)
ld.bind(self.env['auth_user'], newpassword)
# re-passwd
ld.passwd(self.env['auth_user'], newpassword, self.env['auth_pw'])
ld.bind(self.env['auth_user'], self.env['auth_pw'])
def test_bind_async(self):
ld = LDAP(self.env['uri_389'])
msgid = ld.bind(self.env['auth_user'], self.env['auth_pw'], async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 0)
def test_bind_async(self):
ld = LDAP(self.env['uri_389'])
msgid = ld.bind(self.env['auth_user'], self.env['auth_pw'], async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 0)
def test_add_async(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
msgid = ld.add(self.new_user_dn, self.new_user_attributes, async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 0)
def test_start_tls_bind(self):
ld = LDAP(self.env['uri_389'])
ld.set_option(LDAP_OPT_X_TLS_CACERTFILE, str(cacert_file), is_global=True)
ld.start_tls()
ld.bind(self.env['auth_user'], self.env['auth_pw'])
def test_bind_error(self):
with self.assertRaises(LDAPError) as cm:
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['auth_user'], 'bad password')
def test_bind_error_async(self):
ld = LDAP(self.env['uri_389'])
msgid = ld.bind(self.env['auth_user'], 'bad password', async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 49)
def test_compare_fail(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
result = ld.compare(self.env['target_user'], self.compare_attribute,
'dummy')
self.assertFalse(result)
def test_compare_fail(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
result = ld.compare(self.env['modify_user'], self.compare_attribute, 'dummy')
self.assertFalse(result)
def test_whoami(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['auth_user'], self.env['auth_pw'])
result = ld.whoami()
self.assertEqual('dn:' + self.env['auth_user'], result)
def test_search_base(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
self.assertEqual(len(ld.search(self.env['suffix'])), 1)
def test_passwd(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['auth_user'], self.env['auth_pw'])
newpassword = '******'
ld.passwd(self.env['auth_user'], self.env['auth_pw'], newpassword)
ld.bind(self.env['auth_user'], newpassword)
# re-passwd
ld.passwd(self.env['auth_user'], newpassword, self.env['auth_pw'])
ld.bind(self.env['auth_user'], self.env['auth_pw'])
def test_search_attributes(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
r = ld.search(self.env['suffix'], LDAP_SCOPE_SUB, filter='cn=auth', attributes=['cn'])
self.assertIn('cn', r[0])
self.assertNotIn('objectClass', r[0])
def test_modify_mod_delete(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
changes = [('description', [], LDAP_MOD_DELETE)]
ld.modify(self.env['modify_user'], changes)
def test_whoami(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['auth_user'], self.env['auth_pw'])
result = ld.whoami()
self.assertEqual('dn:' + self.env['auth_user'], result)
def test_bind_error_async(self):
ld = LDAP(self.env['uri_389'])
msgid = ld.bind(self.env['auth_user'], 'bad password', async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 49)
def test_paged_search(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
gen = ld.paged_search(self.env['suffix'], LDAP_SCOPE_SUB, pagesize=1)
self.assertIsInstance(gen, GeneratorType)
[x for x in gen]
def test_search_filter(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
r = ld.search(self.env['suffix'], LDAP_SCOPE_SUB, filter='cn=auth')
self.assertEqual(len(r), 1)
def test_search_filter(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
r = ld.search(self.env['suffix'], LDAP_SCOPE_SUB, filter='cn=auth')
self.assertEqual(len(r), 1)
def test_add(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
ld.add(self.new_user_dn, self.new_user_attributes)
def test_delete_async(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
msgid = ld.delete(self.old_user_dn, async=True)
result = ld.result(msgid)
self.assertEqual(result['return_code'], 0)
def test_search_sizelimit(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
with self.assertRaises(LDAPError) as cm:
r = ld.search(self.env['suffix'], LDAP_SCOPE_SUB, sizelimit=1)
self.assertEqual(cm.exception.return_code, 4) # Size limit exceeded (4)
def test_compare(self):
ld = LDAP(self.env['uri_389'])
ld.bind(self.env['root_dn'], self.env['root_pw'])
result = ld.compare(self.env['modify_user'], self.compare_attribute, self.compare_value)
self.assertTrue(result)
