def random_line_stu_tea(school):
"""create random line to import random student/teacher/teacher and staff"""
return '%s,%s,%s,%s%s.%s%s.%s,%s,%s,%s\n' % (
uts.random_username(),
uts.random_name(),
uts.random_name(),
uts.random_int(1, 2),
uts.random_int(1, 8),
uts.random_int(0, 0),
uts.random_int(1, 9),
uts.random_int(1980, 2014),
uts.random_name(),
random_email(),
"{}-{}".format(school, uts.random_string()),
)
def self_service_user(email=None, **kwargs):
with udm_test.UCSTestUDM() as udm:
if 'mailPrimaryAddress' in kwargs:
udm.create_object('mail/domain',
ignore_exists=True,
wait_for_replication=True,
check_for_drs_replication=False,
name=kwargs['mailPrimaryAddress'].split('@',
1)[1])
password = uts.random_string()
if email:
kwargs['PasswordRecoveryEmail'] = email
dn, username = udm.create_user(password=password, **kwargs)
utils.verify_ldap_object(dn)
yield SelfServiceUser(username, password)
def test_dhcp_pool_creation_append_addressranges(self, udm):
"""Append ranges during dhcp/pool creation"""
dhcp_service = udm.create_object('dhcp/service',
service=uts.random_name())
dhcp_subnet = udm.create_object('dhcp/subnet',
subnet=SUBNET_IP4,
subnetmask=SUBNET_MASK_IP4,
superordinate=dhcp_service)
ranges = ['10.20.30.11 10.20.30.15', '10.20.30.16 10.20.30.20']
dhcp_pool = udm.create_object('dhcp/pool',
name=uts.random_string(),
append={'range': ranges},
superordinate=dhcp_subnet)
utils.verify_ldap_object(dhcp_pool, {'dhcpRange': ranges})
def test_group_different_case(udm):
"""Check different case in LDAP DN of group modifications"""
user = udm.create_user()[0]
nested_group = udm.create_group()[0]
computer = udm.create_object('computers/windows', name=uts.random_string())
group = udm.create_group(hosts=computer,
users=user,
nestedGroup=nested_group,
wait_for=True)[0]
utils.verify_ldap_object(group,
{'uniqueMember': [user, nested_group, computer]})
def changed_cases(members):
def mixed_case(attr):
return attr[0].lower() + attr[1:].upper()
variants = []
for transform in (str.lower, str.upper, mixed_case):
result = {}
for key, dn in members.items():
dn = str2dn(dn)
rdn = dn.pop(0)
rdn = [tuple([transform(str(rdn[0][0]))] + list(rdn[0][1:]))]
dn.insert(0, rdn)
result[key] = [dn2str(dn)]
variants.append(result)
return variants
for members in changed_cases(
dict(hosts=computer, users=user, nestedGroup=nested_group)):
print('Modifying group with changed members: %r' % (members, ))
udm.modify_object('groups/group',
dn=group,
remove=dict(hosts=[computer],
users=[user],
nestedGroup=[nested_group]),
wait_for=True)
# FIXME: Bug #43286: udm.modify_object('groups/group', dn=group, remove=members)
utils.verify_ldap_object(group, {'uniqueMember': []})
udm.modify_object('groups/group',
dn=group,
append=members,
wait_for=True)
utils.verify_ldap_object(
group, {'uniqueMember': [user, nested_group, computer]})
def test_container(parent, add_user):
if parent is None:
parent = ucr.get('ldap/base')
user_name = 'X' + uts.random_string(
) # test preserving name (case sensitivity)
cn_name = uts.random_name_special_characters()
cn_name_new = cn_name.upper()
cn = udm.create_object('container/cn',
position=parent,
name=cn_name)
if add_user:
udm.create_user(position=cn, username=user_name)
try:
udm.modify_object('container/cn', dn=cn, name=cn_name_new)
except AssertionError:
pass
lo = utils.get_ldap_connection()
for dn, entry in lo.search(filter='ou=temporary_move_container_*'):
to_be_removed = udm._cleanup.setdefault('container/ou', [])
to_be_removed.append(dn)
assert False, 'ou = %s remained' % dn
new_cn = 'cn=%s,%s' % (ldap.dn.escape_dn_chars(cn_name_new),
parent)
new_user = '******' % (ldap.dn.escape_dn_chars(user_name),
new_cn)
utils.verify_ldap_object(new_cn, should_exist=True)
if add_user:
for dn, entry in lo.search(filter=ldap.filter.filter_format(
'uid=%s', [user_name])):
assert entry.get('uid')[0] == user_name.encode(
'UTF-8'
), 'CASE SENSITIVITY: uid = %s; expected: %s' % (
entry.get('uid')[0], user_name)
utils.verify_ldap_object(new_user, should_exist=True)
for dn, entry in lo.search(
filter=ldap.filter.filter_format('cn=%s', [cn_name_new])):
assert entry.get('cn')[0] == cn_name_new.encode(
'UTF-8'), 'cn = %s; expected: %s' % (entry.get('cn')[0],
cn_name_new)
return new_cn
def test_organizational_unit(parent, add_user):
if parent is None:
parent = ucr.get('ldap/base')
user_name = 'X' + uts.random_string(
) # test preserving name (case sensitivity)
ou_name = uts.random_name_special_characters()
ou_name_new = ou_name.upper()
ou = udm.create_object('container/ou',
position=parent,
name=ou_name,
wait_for=True)
if add_user:
udm.create_user(position=ou, username=user_name)
try:
udm.modify_object('container/ou',
dn=ou,
name=ou_name_new,
wait_for=True)
except AssertionError:
pass
for dn, entry in lo.search(filter='ou=temporary_move_container_*'):
if dn not in existing_temporary_ous:
to_be_removed = udm._cleanup.setdefault('container/ou', [])
to_be_removed.append(dn)
assert dn in existing_temporary_ous, 'ou = %s remained' % dn
new_ou = 'ou=%s,%s' % (ldap.dn.escape_dn_chars(ou_name_new),
parent)
new_user = '******' % (ldap.dn.escape_dn_chars(user_name),
new_ou)
utils.verify_ldap_object(new_ou, {'ou': [ou_name_new]},
should_exist=True)
if add_user:
for dn, entry in lo.search(filter=ldap.filter.filter_format(
'uid=%s', [user_name])):
assert entry.get('uid')[0] == user_name.encode(
'UTF-8'
), 'CASE SENSITIVITY: uid = %s; expected: %s' % (
entry.get('uid')[0], user_name)
utils.verify_ldap_object(new_user, should_exist=True)
return new_ou
def test_modify_user_homePostalAddress_as_dict(self):
addresses = [
PostalAddress(random_string(), random_string(), random_string()),
PostalAddress(random_string(), random_string(), random_string()),
PostalAddress(random_string(), random_string(), random_string()),
]
dn, username = self.udm_test.create_user()
utils.verify_ldap_object(
dn,
expected_attr={
'uid': [username],
'homePostalAddress': [],
},
)
obj = UDM.admin().version(1).get('users/user').get(dn)
assert username == obj.props.username
obj.props.homePostalAddress.extend([ad._asdict() for ad in addresses])
obj.save()
utils.verify_ldap_object(
dn,
expected_attr={
'homePostalAddress': ['{street}${zipcode}${city}'.format(**ad.__dict__) for ad in addresses],
},
)
def test_printMode_settings(self, school, user, ip_address, client, ucr):
ucr = ucr_test.UCSTestConfigRegistry()
ucr.load()
self.aquire_room(client)
printer = uts.random_string()
add_printer(printer, school, ucr.get('hostname'),
ucr.get('domainname'), ucr.get('ldap/base'))
try:
# generate all the possible combinations for (rule, printmode, sharemode)
white_page = 'univention.de'
rules = ['none', 'Kein Internet', 'Unbeschränkt', 'custom']
printmodes = ['default', 'all', 'none']
sharemodes = ['all', 'home']
settings = itertools.product(rules, printmodes, sharemodes)
settings_len = len(printmodes) * len(sharemodes) * len(rules)
t = 120
# Testing loop
for i in xrange(settings_len):
period = datetime.time.strftime(
(datetime.datetime.now() +
datetime.timedelta(0, t)).time(), '%H:%M')
t += 60
rule, printMode, shareMode = next(settings)
print
print '***', i, '-(internetRule, printMode, shareMode) = (', \
rule, ',', printMode, ',', shareMode, ')', '-' * 10
new_settings = {
'customRule': white_page,
'printMode': printMode,
'internetRule': rule,
'shareMode': shareMode,
'period': period
}
self.aquire_room(client)
self.set_room_settings(client, new_settings)
# check if displayed values match
self.check_room_settings(client, new_settings)
self.check_print_behavior(user, ip_address, printer, printMode)
finally:
remove_printer(printer, school, ucr.get('ldap/base'))
def test_container_cn_rename_with_special_characters(self, udm, ucr):
"""Rename a container/cn with subobjects"""
user_name = uts.random_string()
cn_name = uts.random_name_special_characters()
cn_name_new = uts.random_name_special_characters()
cn = udm.create_object('container/cn', name=cn_name)
user = udm.create_user(position=cn, username=user_name)
udm.modify_object('container/cn', dn=cn, name=cn_name_new)
utils.verify_ldap_object(cn, should_exist=False)
utils.verify_ldap_object(user[0], should_exist=False)
new_cn = 'cn=%s,%s' % (ldap.dn.escape_dn_chars(cn_name_new),
ucr.get('ldap/base'))
new_user = '******' % (ldap.dn.escape_dn_chars(user_name),
ldap.dn.escape_dn_chars(cn_name_new),
ucr.get('ldap/base'))
utils.verify_ldap_object(new_cn, should_exist=True)
utils.verify_ldap_object(new_user, should_exist=True)
def test_container_ou_rename_with_special_characters(self, udm, ucr):
"""Rename a container/ou with subobjects with special characters"""
# bugs: [35959]
user_name = uts.random_string()
ou_name = uts.random_name_special_characters()
ou_name_new = uts.random_name_special_characters()
ou = udm.create_object('container/ou', name=ou_name)
user = udm.create_user(position=ou, username=user_name)
udm.modify_object('container/ou', dn=ou, name=ou_name_new)
utils.verify_ldap_object(ou, should_exist=False)
utils.verify_ldap_object(user[0], should_exist=False)
new_ou = 'ou=%s,%s' % (ldap.dn.escape_dn_chars(ou_name_new),
ucr.get('ldap/base'))
new_user = '******' % (ldap.dn.escape_dn_chars(user_name),
ldap.dn.escape_dn_chars(ou_name_new),
ucr.get('ldap/base'))
utils.verify_ldap_object(new_ou, should_exist=True)
utils.verify_ldap_object(new_user, should_exist=True)
def test__dns_txt_record_check_resolve(self, udm):
"""Creates DNS pointer record entry and try to resolve it"""
zone = '%s.%s.' % (uts.random_name(), uts.random_name())
pos = 'cn=dns,%s' % (udm.LDAP_BASE, )
txt = uts.random_string()
forward_zone_properties = {
'zone':
zone,
'nameserver':
udm.FQHN,
'contact':
'%s@%s.%s' %
(uts.random_name(), uts.random_name(), uts.random_name()),
'serial':
'%s' % (uts.random_int()),
'zonettl':
'%s' % (uts.random_int(bottom_end=100, top_end=999)),
'refresh':
'%s' % (uts.random_int(bottom_end=10, top_end=99)),
'expire':
'%s' % (uts.random_int(bottom_end=10, top_end=99)),
'ttl':
'%s' % (uts.random_int(bottom_end=10, top_end=99)),
'retry':
'%s' % (uts.random_int()),
'txt':
txt,
}
udm.create_object('dns/forward_zone',
position=pos,
**forward_zone_properties)
time.sleep(5)
answers = resolve_dns_entry(zone, 'TXT')
# FIXME PMH-2017-01-14: returned TXT data is enclosed in "
answer = [rdata.to_text().strip('"') for rdata in answers]
assert answer == [
txt
], 'resolved name "%s" != created ldap-object "%s"' % (answer, [txt])
def test_ucr_register_api():
package_name = random_string()
package_version = random_version()
package = DebianPackage(name=package_name, version=package_version)
package.create_debian_file_from_buffer(
'/etc/univention/templates/modules/%s.py' % (package_name, ),
UCR_MODULE)
package.create_debian_file_from_buffer(
'/etc/univention/templates/info/%s.info' % (package_name, ),
UCR_INFO % (package_name, package_name))
try:
package.build()
package.install()
with UCSTestConfigRegistry():
subprocess.call(['ucr', 'set', '%s/foo=bar' % (package_name, )])
changes = json.loads(
subprocess.check_output(['ucr', 'register',
package_name]).split(b'####')[1])
expected = {
'%s/.*$' % (package_name, ): [None, None],
'%s/foo' % (package_name, ): [None, 'bar'],
}
assert changes == expected, changes
changes = json.loads(
subprocess.check_output(
['ucr', 'set',
'%s/foo=blub' % (package_name, )]).split(b'####')[1])
expected = {'%s/foo' % (package_name, ): ['bar', 'blub']}
assert changes == expected, changes
finally:
package.uninstall()
package.remove()
def test_displayName_update(stopped_s4_connector, udm):
"""Check automatic update of displayName"""
# bugs: [38385]
print('>>> create user with default settings')
firstname = uts.random_string()
lastname = uts.random_string()
userdn = udm.create_user(firstname=firstname,
lastname=lastname,
check_for_drs_replication=False)[0]
utils.verify_ldap_object(
userdn, {'displayName': ['%s %s' % (firstname, lastname)]})
print('>>> change firstname and then lastname')
firstname2 = uts.random_string()
lastname2 = uts.random_string()
udm.modify_object('users/user',
dn=userdn,
firstname=firstname2,
check_for_drs_replication=False)
utils.verify_ldap_object(
userdn, {'displayName': ['%s %s' % (firstname2, lastname)]})
udm.modify_object('users/user',
dn=userdn,
lastname=lastname2,
check_for_drs_replication=False)
utils.verify_ldap_object(
userdn, {'displayName': ['%s %s' % (firstname2, lastname2)]})
print('>>> create user with default settings')
firstname = uts.random_string()
lastname = uts.random_string()
userdn = udm.create_user(firstname=firstname,
lastname=lastname,
check_for_drs_replication=False)[0]
utils.verify_ldap_object(
userdn, {'displayName': ['%s %s' % (firstname, lastname)]})
print('>>> change firstname and lastname in one step')
firstname2 = uts.random_string()
lastname2 = uts.random_string()
udm.modify_object('users/user',
dn=userdn,
firstname=firstname2,
lastname=lastname2,
check_for_drs_replication=False)
utils.verify_ldap_object(
userdn, {'displayName': ['%s %s' % (firstname2, lastname2)]})
print('>>> create user with default settings')
lastname = uts.random_string()
userdn = udm.create_user(firstname='',
lastname=lastname,
check_for_drs_replication=False)[0]
utils.verify_ldap_object(userdn, {'displayName': [lastname]})
print('>>> change lastname')
lastname2 = uts.random_string()
udm.modify_object('users/user',
dn=userdn,
lastname=lastname2,
check_for_drs_replication=False)
utils.verify_ldap_object(userdn, {'displayName': [lastname2]})
print('>>> create user with custom displayName')
firstname = uts.random_string()
lastname = uts.random_string()
displayName = uts.random_string()
userdn = udm.create_user(firstname=firstname,
lastname=lastname,
displayName=displayName,
check_for_drs_replication=False)[0]
utils.verify_ldap_object(userdn, {'displayName': [displayName]})
print('>>> change firstname and then lastname')
firstname2 = uts.random_string()
lastname2 = uts.random_string()
udm.modify_object('users/user',
dn=userdn,
firstname=firstname2,
check_for_drs_replication=False)
utils.verify_ldap_object(userdn, {'displayName': [displayName]})
udm.modify_object('users/user',
dn=userdn,
lastname=lastname2,
check_for_drs_replication=False)
utils.verify_ldap_object(userdn, {'displayName': [displayName]})
print('>>> create user with custom displayName')
firstname = uts.random_string()
lastname = uts.random_string()
displayName = uts.random_string()
userdn = udm.create_user(firstname=firstname,
lastname=lastname,
displayName=displayName,
check_for_drs_replication=False)[0]
utils.verify_ldap_object(userdn, {'displayName': [displayName]})
print('>>> change firstname and lastname in one step')
firstname2 = uts.random_string()
lastname2 = uts.random_string()
udm.modify_object('users/user',
dn=userdn,
firstname=firstname2,
lastname=lastname2,
check_for_drs_replication=False)
utils.verify_ldap_object(userdn, {'displayName': [displayName]})
print('>>> change firstname and lastname in one step and set displayName')
firstname3 = uts.random_string()
lastname3 = uts.random_string()
displayName3 = uts.random_string()
udm.modify_object('users/user',
dn=userdn,
firstname=firstname3,
lastname=lastname3,
displayName=displayName3,
check_for_drs_replication=False)
utils.verify_ldap_object(userdn, {'displayName': [displayName3]})
print('>>> change displayName back to default')
displayName4 = '%s %s' % (firstname3, lastname3)
udm.modify_object('users/user',
dn=userdn,
displayName=displayName4,
check_for_drs_replication=False)
utils.verify_ldap_object(userdn, {'displayName': [displayName4]})
print('>>> change firstname and lastname in one step')
firstname4 = uts.random_string()
lastname4 = uts.random_string()
udm.modify_object('users/user',
dn=userdn,
firstname=firstname4,
lastname=lastname4,
check_for_drs_replication=False)
utils.verify_ldap_object(
userdn, {'displayName': ['%s %s' % (firstname4, lastname4)]})
def azure_user_args(azure_handler, minimal=True):
local_part_email = uts.random_username()
domain = azure_handler.get_verified_domain_from_disk()
res = dict(accountEnabled=True,
displayName=uts.random_string(),
immutableId=base64.b64encode(uts.random_string()),
mailNickname=local_part_email,
passwordProfile=dict(password=azure_handler.create_random_pw(),
forceChangePasswordNextLogin=False),
userPrincipalName="{0}@{1}".format(local_part_email, domain))
if not minimal:
res.update(
dict(
city=uts.random_string(),
country=random.choice(
map(itemgetter(0), udm_syntax.Country.choices)),
givenName=uts.random_string(),
jobTitle=uts.random_string(),
otherMails=[
"{}@{}".format(uts.random_string(), uts.random_string()),
"{}@{}".format(uts.random_string(), uts.random_string())
],
mobile=uts.random_string(),
postalCode=uts.random_string(),
physicalDeliveryOfficeName=uts.random_string(),
usageLocation=random.choice(
map(itemgetter(0), udm_syntax.Country.choices)),
streetAddress=uts.random_string(),
surname=uts.random_string(),
telephoneNumber=uts.random_string(),
))
return res
def create_user(
self, ou_name, schools=None, username=None, firstname=None, lastname=None, classes=None,
mailaddress=None, is_teacher=False, is_staff=False, is_active=True, password='******',
use_cli=False, wait_for_replication=True
):
"""
Create a user in specified OU with given attributes. If attributes are not specified, random
values will be used for username, firstname and lastname. If password is not None, the given
password will be set for this user.
Return value: (user_name, user_dn)
user_name: name of the created user
user_dn: DN of the created user object
"""
if not ou_name:
raise SchoolMissingOU('No OU name specified')
# set default values
if username is None:
username = uts.random_username()
if firstname is None:
firstname = uts.random_string(length=10, numeric=False)
if lastname is None:
lastname = uts.random_string(length=10, numeric=False)
if mailaddress is None:
mailaddress = ''
if schools is None:
schools = [ou_name]
user_dn = 'uid=%s,%s' % (username, self.get_user_container(ou_name, is_teacher, is_staff))
if use_cli:
if classes is None:
classes = ''
if classes:
if not all(["-" in c for c in classes.split(',')]):
utils.fail('*** Class names must be <school-ou>-<class-name>.')
# create import file
line = 'A\t%s\t%s\t%s\t%s\t%s\t\t%s\t%d\t%d\t%d\n' % (username, lastname, firstname, ou_name, classes, mailaddress, int(is_teacher), int(is_active), int(is_staff))
with tempfile.NamedTemporaryFile() as tmp_file:
tmp_file.write(line)
tmp_file.flush()
cmd = [self.PATH_CMD_IMPORT_USER, tmp_file.name]
print '*** Calling following command: %r' % cmd
retval = subprocess.call(cmd)
if retval:
utils.fail('create_ou failed with exitcode %s' % retval)
if password is not None:
self._set_password(user_dn, password)
else:
school_classes = defaultdict(list)
if classes:
for kls in classes.split(','):
school_classes[kls.partition('-')[0]].append(kls)
kwargs = {
'school': ou_name,
'schools': schools,
'name': username,
'firstname': firstname,
'lastname': lastname,
'email': mailaddress,
'password': password,
'disabled': not is_active,
"school_classes": dict(school_classes)
}
print '*** Creating new user %r with %r.' % (username, kwargs)
lo = self.open_ldap_connection()
User.invalidate_all_caches()
User.init_udm_module(lo) # TODO FIXME has to be fixed in ucs-school-lib - should be done automatically
cls = Student
if is_teacher and is_staff:
cls = TeachersAndStaff
elif is_teacher and not is_staff:
cls = Teacher
elif not is_teacher and is_staff:
cls = Staff
result = cls(**kwargs).create(lo)
print '*** Result of %s(...).create(): %r' % (cls.__name__, result,)
if wait_for_replication:
utils.wait_for_replication()
return username, user_dn
def create_ou(self, ou_name=None, name_edudc=None, name_admindc=None, displayName='', name_share_file_server=None, use_cli=False, wait_for_replication=True):
"""
Creates a new OU with random or specified name. The function may also set a specified
displayName. If "displayName" is None, a random displayName will be set. If "displayName"
equals to the empty string (''), the displayName won't be set. "name_edudc" may contain
the optional name for an educational dc slave. "name_admindc" may contain
the optional name for an administrative dc slave. If name_share_file_server is set, the
class share file server and the home share file server will be set.
If use_cli is set to True, the old CLI interface is used. Otherwise the UCS@school python
library is used.
PLEASE NOTE: if name_edudc is set to the hostname of the master or backup, name_edudc will be unset automatically,
because it's not allowed to specify the hostname of the master or any backup in any situation!
Return value: (ou_name, ou_dn)
ou_name: name of the created OU
ou_dn: DN of the created OU object
"""
# create random display name for OU
charset = uts.STR_ALPHANUMDOTDASH + uts.STR_ALPHA.upper() + '()[]/,;:_#"+*@<>~ßöäüÖÄÜ$%&! '
if displayName is None:
displayName = uts.random_string(length=random.randint(5, 50), charset=charset)
# it is not allowed to set the master as name_edudc ==> resetting name_edudc
if isinstance(name_edudc, str):
if name_edudc.lower() == self._ucr.get('ldap/master', '').split('.', 1)[0].lower():
print '*** It is not allowed to set the master as name_edudc ==> resetting name_edudc'
name_edudc = None
elif any([name_edudc.lower() == backup.split('.', 1)[0].lower() for backup in self._ucr.get('ldap/backup', '').split(' ')]):
print '*** It is not allowed to set any backup as name_edudc ==> resetting name_edudc'
name_edudc = None
# create random OU name
if not ou_name:
ou_name = uts.random_string(length=random.randint(3, 12))
# remember OU name for cleanup
self._cleanup_ou_names.add(ou_name)
if not use_cli:
kwargs = {
'name': ou_name,
'dc_name': name_edudc
}
if name_admindc:
kwargs['dc_name_administrative'] = name_admindc
if name_share_file_server:
kwargs['class_share_file_server'] = name_share_file_server
kwargs['home_share_file_server'] = name_share_file_server
if displayName:
kwargs['display_name'] = displayName
print ''
print '*** Creating new OU %r' % (ou_name,)
lo = self.open_ldap_connection()
School.invalidate_all_caches()
School.init_udm_module(lo) # TODO FIXME has to be fixed in ucs-school-lib - should be done automatically
result = School(**kwargs).create(lo)
print '*** Result of School(...).create(): %r' % (result,)
print '\n\n'
else:
# build command line
cmd = [self.PATH_CMD_CREATE_OU]
if displayName:
cmd += ['--displayName', displayName]
cmd += [ou_name]
if name_edudc:
cmd += [name_edudc]
print '*** Calling following command: %r' % cmd
retval = subprocess.call(cmd)
if retval:
utils.fail('create_ou failed with exitcode %s' % retval)
if wait_for_replication:
utils.wait_for_replication()
ou_dn = 'ou=%s,%s' % (ou_name, self.LDAP_BASE)
return ou_name, ou_dn
def udm_user_args(ucr, minimal=True):
res = dict(firstname=uts.random_string(),
lastname=uts.random_string(),
set=dict(
displayName=uts.random_string(),
password=uts.random_string(),
mailHomeServer="{}.{}".format(ucr["hostname"],
ucr["domainname"]),
mailPrimaryAddress="{}@{}".format(uts.random_username(),
ucr["domainname"]),
))
res["append"] = dict()
if not minimal:
res["set"].update(
dict(birthday="19{}-0{}-{}{}".format(2 * uts.random_int(),
uts.random_int(1, 9),
uts.random_int(0, 2),
uts.random_int(1)),
city=uts.random_string(),
country=random.choice(
map(itemgetter(0), udm_syntax.Country.choices)),
departmentNumber=uts.random_string(),
description=uts.random_string(),
employeeNumber=3 * uts.random_int(),
employeeType=uts.random_string(),
organisation=uts.random_string(),
postcode=3 * uts.random_int(),
roomNumber=3 * uts.random_int(),
street=uts.random_string(),
title=uts.random_string()))
res["append"].update(
dict(
homePostalAddress=[
'"{}" "{}" "{}"'.format(uts.random_string(),
uts.random_string(),
uts.random_string()),
'"{}" "{}" "{}"'.format(uts.random_string(),
uts.random_string(),
uts.random_string())
],
homeTelephoneNumber=[uts.random_string(),
uts.random_string()],
mailAlternativeAddress=[
"{}@{}".format(uts.random_username(), ucr["domainname"]),
"{}@{}".format(uts.random_username(), ucr["domainname"])
],
mobileTelephoneNumber=[
uts.random_string(),
uts.random_string()
],
pagerTelephoneNumber=[
uts.random_string(),
uts.random_string()
],
phone=[12 * uts.random_int(), 12 * uts.random_int()],
secretary=[
"uid=Administrator,cn=users,{}".format(ucr["ldap/base"]),
"uid=Guest,cn=users,{}".format(ucr["ldap/base"])
]))
# func arg name with '-' not allowed
res["append"]["e-mail"] = [
"{}@{}".format(uts.random_username(), uts.random_username()),
"{}@{}".format(uts.random_username(), uts.random_username())
]
return res
def test_create_printer_and_check_printing_works(ucr, udm):
"""Create shares/printer and check if print access works"""
ucr.load()
admin_dn = ucr.get(
'tests/domainadmin/account',
'uid=Administrator,cn=users,%s' % (ucr.get('ldap/base'), ))
admin_name = ldap.dn.str2dn(admin_dn)[0][0][1]
password = ucr.get('tests/domainadmin/pwd', 'univention')
spoolhost = '.'.join([ucr['hostname'], ucr['domainname']])
acltype = random.choice(['allow all', 'allow'])
properties = {
'name': uts.random_name(),
'location': uts.random_string(),
'description': uts.random_name(),
'spoolHost': spoolhost,
'uri': '%s %s' % (
random.choice(PRINTER_PROTOCOLS),
uts.random_ip(),
),
'model': 'hp-ppd/HP/HP_Business_Inkjet_2500C_Series.ppd',
'producer':
'cn=Generic,cn=cups,cn=univention,%s' % (ucr.get('ldap/base'), ),
'sambaName': uts.random_name(),
'ACLtype': acltype,
'ACLUsers': admin_dn,
'ACLGroups':
'cn=Printer Admins,cn=groups,%s' % (ucr.get('ldap/base'), ),
}
print('*** Create shares/printer object')
print_share_dn = udm.create_object('shares/printer',
position='cn=printers,%s' %
(ucr['ldap/base'], ),
**properties)
utils.verify_ldap_object(print_share_dn, {
'cn': [properties['name']],
'description': [properties['description']],
'univentionObjectType': ['shares/printer'],
'univentionPrinterACLGroups': [properties['ACLGroups']],
'univentionPrinterACLUsers': [properties['ACLUsers']],
'univentionPrinterACLtype': [properties['ACLtype']],
'univentionPrinterLocation': [properties['location']],
'univentionPrinterModel': [properties['model']],
'univentionPrinterSambaName': [properties['sambaName']],
'univentionPrinterSpoolHost': [properties['spoolHost']],
'univentionPrinterURI': [properties['uri'].replace(' ', '')],
},
delay=1)
print('*** Modify shares/printer samba share name')
properties['sambaName'] = uts.random_name()
udm.modify_object('shares/printer',
dn=print_share_dn,
sambaName=properties['sambaName'])
utils.verify_ldap_object(
print_share_dn,
{'univentionPrinterSambaName': [properties['sambaName']]},
delay=1)
delay = 15
print('*** Wait %s seconds for listener postrun' % delay)
time.sleep(delay)
p = subprocess.Popen(['lpq', '-P', properties['name']], close_fds=True)
p.wait()
assert not p.returncode, "CUPS printer {} not created after {} seconds".format(
properties['name'], delay)
p = subprocess.Popen(
['su', admin_name, '-c',
'lpr -P %s /etc/hosts' % properties['name']],
close_fds=True)
p.wait()
assert not p.returncode, "Printing to CUPS printer {} as {} failed".format(
properties['name'], admin_name)
s4_dc_installed = utils.package_installed("univention-samba4")
s3_file_and_print_server_installed = utils.package_installed(
"univention-samba")
smb_server = s3_file_and_print_server_installed or s4_dc_installed
if smb_server:
delay = 1
time.sleep(delay)
cmd = [
'smbclient',
'//localhost/%s' % properties['sambaName'], '-U',
'%'.join([admin_name, password]), '-c', 'print /etc/hosts'
]
print('\nRunning: %s' % ' '.join(cmd))
p = subprocess.Popen(cmd, close_fds=True)
p.wait()
if p.returncode:
share_definition = '/etc/samba/printers.conf.d/%s' % properties[
'sambaName']
with open(share_definition) as f:
print('### Samba share file %s :' % share_definition)
print(f.read())
print('### testpam for that smb.conf section:')
p = subprocess.Popen(
['testparm', '-s', '--section-name', properties['sambaName']],
close_fds=True)
p.wait()
assert False, 'Samba printer share {} not accessible'.format(
properties['sambaName'])
p = subprocess.Popen(['lprm', '-P', properties['name'], '-'],
close_fds=True)
p.wait()
def test__dns_host_record_check_resolve(self, udm):
"""Creates DNS host record entry and try to resolve it"""
zone = '%s.%s.' % (uts.random_name(), uts.random_name())
pos = 'cn=dns,%s' % (udm.LDAP_BASE, )
forward_zone_properties = {
'zone':
zone,
'nameserver':
udm.FQHN,
'contact':
'%s@%s.%s' %
(uts.random_name(), uts.random_name(), uts.random_name()),
'serial':
'%s' % (uts.random_int()),
'zonettl':
'%s' % (uts.random_int(bottom_end=100, top_end=999)),
'refresh':
'%s' % (uts.random_int(bottom_end=10, top_end=99)),
'expire':
'%s' % (uts.random_int(bottom_end=10, top_end=99)),
'ttl':
'%s' % (uts.random_int(bottom_end=10, top_end=99)),
'retry':
'%s' % (uts.random_int()),
}
forward_zone = udm.create_object('dns/forward_zone',
position=pos,
**forward_zone_properties)
# IPv4
ip = uts.random_ip()
host = uts.random_name()
host_record_properties = {
'name': host,
'zonettl': '%s' % (uts.random_int(bottom_end=100, top_end=999)),
'a': ip,
'mx': '50 %s' % uts.random_string(),
'txt': uts.random_string()
}
udm.create_object('dns/host_record',
superordinate=forward_zone,
**host_record_properties)
qname = '%s.%s' % (host, zone)
answers = resolve_dns_entry(qname, 'A')
answer = [ip_address(u'%s' % (rdata.address, )) for rdata in answers]
assert answer == [
ip_address(u'%s' % (ip, ))
], 'resolved name "%s" != created ldap-object "%s"' % (answer, [ip])
# IPv6
ip = '2011:06f8:13dc:0002:19b7:d592:09dd:1041' # create random_ipv6()-method?
host = uts.random_name()
host_record_properties.update({
'name': host,
'a': ip,
})
udm.create_object('dns/host_record',
superordinate=forward_zone,
**host_record_properties)
qname = '%s.%s' % (host, zone)
time.sleep(5)
answers = resolve_dns_entry(qname, 'AAAA')
answer = [ip_address(u'%s' % (rdata.address, )) for rdata in answers]
assert answer == [
ip_address(u'%s' % (ip, ))
], 'resolved name "%s" != created ldap-object "%s"' % (answer, [ip])
def test_settings(self, school, user, user_dn, ip_address, ucr, client):
printer = uts.random_string()
# Create new workgroup and assign new internet rule to it
group = Workgroup(school, client, members=[user_dn])
group.create()
try:
global_domains = ['univention.de', 'google.de']
rule = InternetRule(typ='whitelist', domains=global_domains)
rule.define()
rule.assign(school, group.name, 'workgroup')
self.check_internetRules(client)
# Add new hardware printer
add_printer(printer, school, ucr.get('hostname'),
ucr.get('domainname'), ucr.get('ldap/base'))
# generate all the possible combinations for (rule, printmode, sharemode)
white_page = 'univention.de'
rules = ['none', 'Kein Internet', 'Unbeschränkt', 'custom']
printmodes = ['default', 'all', 'none']
sharemodes = ['all', 'home']
settings = itertools.product(rules, printmodes, sharemodes)
t = 120
utils.wait_for_replication()
# Testing loop
for i, (rule, printMode, shareMode) in enumerate(settings):
period = datetime.time.strftime(
(datetime.datetime.now() +
datetime.timedelta(0, t)).time(), '%H:%M')
print
print '*** %d -(internetRule, printMode, shareMode, period) = (%r, %r, %r, %r) ----------' % (
i, rule, printMode, shareMode, period)
new_settings = {
'customRule': white_page,
'printMode': printMode,
'internetRule': rule,
'shareMode': shareMode,
'period': period
}
self.aquire_room(client)
old_settings = self.get_room_settings(client)
self.set_room_settings(client, new_settings)
utils.wait_for_replication_and_postrun()
wait_for_s4connector()
# give the CUPS and Samba server a little bit more time
time.sleep(15)
# check if displayed values match
self.check_room_settings(client, new_settings)
# old_period = old_settings['period']
partial_old_settings = {
'period': old_settings['period'],
'printMode': old_settings['printMode'],
'shareMode': old_settings['shareMode'],
'internetRule': old_settings['internetRule']
}
self.check_behavior(partial_old_settings, new_settings, user,
ip_address, printer, white_page,
global_domains, ucr)
t += 60
finally:
group.remove()
remove_printer(printer, school, ucr.get('ldap/base'))
def test__dns_srv_record_check_resolve(self, udm):
"""Creates DNS srv record and try to resolve it"""
zone = '%s.%s.' % (uts.random_name(), uts.random_name())
pos = 'cn=dns,%s' % (udm.LDAP_BASE, )
forward_zone_properties = {
'zone':
zone,
'nameserver':
udm.FQHN,
'contact':
'%s@%s.%s' %
(uts.random_name(), uts.random_name(), uts.random_name()),
'serial':
'%s' % (uts.random_int()),
'zonettl':
'%s' % (uts.random_int(bottom_end=100, top_end=999)),
'refresh':
'%s' % (uts.random_int(bottom_end=10, top_end=99)),
'expire':
'%s' % (uts.random_int(bottom_end=10, top_end=99)),
'ttl':
'%s' % (uts.random_int(bottom_end=10, top_end=99)),
'retry':
'%s' % (uts.random_int()),
}
forward_zone = udm.create_object('dns/forward_zone',
position=pos,
**forward_zone_properties)
# IPv4 / IPv6
host = uts.random_name()
ipv4 = uts.random_ip()
ipv6 = '2011:06f8:13dc:0002:19b7:d592:09dd:1041' # create random_ipv6()-method?
host_record_properties = {
'name': host,
'zonettl': '%s' % (uts.random_int(bottom_end=100, top_end=999)),
'a': [ipv4, ipv6],
'mx': '50 %s' % uts.random_string(),
'txt': uts.random_string()
}
udm.create_object('dns/host_record',
superordinate=forward_zone,
**host_record_properties)
service = uts.random_string()
protocol = 'tcp'
extension = uts.random_string()
priority = 1
weight = 100
port = uts.random_int(top_end=65535)
fqhn = '%s.%s' % (host, zone)
srv_record_properties = {
'name': '%s %s %s' % (service, protocol, extension),
'location': '%d %d %s %s' % (priority, weight, port, fqhn),
'zonettl': '128'
}
udm.create_object('dns/srv_record',
superordinate=forward_zone,
**srv_record_properties)
zoneName = '_%s._%s.%s.%s' % (service, protocol, extension, zone)
answers = resolve_dns_entry(zoneName, 'SRV')
answer = [rdata.target.to_text() for rdata in answers]
assert answer == [
fqhn
], 'resolved name "%s" != created ldap-object "%s"' % (answer, [fqhn])
def append_random_class(self, schools=None):
if not schools:
schools = [self.school]
for school in schools:
self.school_classes.setdefault(school, []).append('%s-%s%s%s' % (school, uts.random_int(), uts.random_int(), uts.random_string(length=2, alpha=True, numeric=False)))
def random_string(length=10,
alpha=False,
numeric=False,
charset=None,
encoding='utf-8'):
return tstrings.random_string(length, alpha, numeric, charset, encoding)
def test_filename_validation(modify, prefix, path, position, attr, ocs, name):
lo = utils.get_ldap_connection()
with udm_test.UCSTestUDM() as udm:
pos = '%s,%s' % (
position,
udm.LDAP_BASE,
)
filename = filename_modify = '%s%s%s' % (prefix, name,
strings.random_string())
if modify:
dn_modify = '%s=%s,%s' % (attr, ldap.dn.escape_dn_chars(filename),
pos)
filename = filename.replace('/', '').replace('.', '')
dn = '%s=%s,%s' % (attr, ldap.dn.escape_dn_chars(filename), pos)
fullpath = os.path.join(path, filename)
fullpath_modify = os.path.join(path, filename_modify)
attrs = {
attr: [filename],
'cn': [filename],
'objectClass': ['top', 'univentionObjectMetadata', ocs],
'univentionOwnedByPackage': ['foo'],
'univentionOwnedByPackageVersion': ['1'],
attr.replace('Filename', 'Data'): [
bz2.compress(
'\n' if modify else
'root:$6$5cAInBgG$7rdZuEujGK1QFoprcNspXsXHsymW3Txp0kDyHFsE.omI.3T0xek3KIneFPZ99Z8dwZnZ2I2O/Tk8x4mNNGSE4.:16965:0:99999:7:::'
)
],
attr.replace('Filename', 'Active'): ['TRUE'],
}
al = [(key, [v for v in val]) for key, val in attrs.items()]
print(('Creating', dn))
dn = lo.add(dn, al) or dn
try:
utils.wait_for_replication_and_postrun()
if modify:
assert os.path.exists(fullpath)
if ocs == 'univentionLDAPExtensionACL':
assert os.path.exists(fullpath + '.info')
print(('Modifying into', dn_modify))
dn = lo.modify(dn, [
(attr, filename, filename_modify),
('cn', filename, filename_modify),
]) or dn
print(('Modified', dn))
assert dn == dn_modify
utils.wait_for_replication_and_postrun()
# object was renamed (if modify). make sure the old files do not exists anymore.
assert not os.path.exists(fullpath_modify), err(fullpath_modify)
assert not os.path.exists(fullpath), err(fullpath)
if ocs == 'univentionLDAPExtensionACL':
assert not os.path.exists(fullpath + '.info'), err(fullpath +
'.info')
assert not os.path.exists(fullpath_modify +
'.info'), err(fullpath_modify +
'.info')
# create fake files and see if the listener would remove them.
with open(fullpath_modify, 'w') as fd:
fd.write('TEMP')
if ocs == 'univentionLDAPExtensionACL':
with open(fullpath_modify + '.info', 'w') as fd:
fd.write('TEMP')
finally:
lo.delete(dn)
utils.wait_for_replication_and_postrun()
assert os.path.exists(fullpath_modify), err(fullpath_modify)
assert 'TEMP' in err(fullpath_modify)
os.unlink(fullpath_modify)
if ocs == 'univentionLDAPExtensionACL':
assert os.path.exists(fullpath_modify +
'.info'), err(fullpath_modify)
assert 'TEMP' in err(fullpath_modify + '.info')
os.unlink(fullpath_modify + '.info')
def random_zone():
random_zone = '{0}.{1}'.format(uts.random_string(), uts.random_string())
return random_zone
def import_ou_basics(use_cli_api=True, use_python_api=False):
with univention.testing.ucr.UCSTestConfigRegistry() as ucr:
with univention.testing.udm.UCSTestUDM() as udm:
create_mail_domain(ucr, udm)
for dc_administrative in [None, 'generate']:
for dc in [None, 'generate']:
for singlemaster in [True, False]:
for noneducational_create_object in [True, False]:
for district_enable in [True, False]:
for default_dcs in [
None, 'edukativ',
uts.random_string()
]:
for dhcp_dns_clearou in [True, False]:
for sharefileserver in [
None, 'generate'
]:
if singlemaster and dc == 'generate':
continue
if not dc and dc_administrative:
continue # cannot specify administrative dc without educational dc
if not noneducational_create_object and dc_administrative:
print 'NOTE: cannot create administrative DC without administrative objects in LDAP'
continue
if sharefileserver:
sharefileserver = uts.random_name(
)
udm.create_object(
'computers/domaincontroller_slave',
name=sharefileserver)
ou_name = uts.random_name()
# character set contains multiple whitespaces to increase chance to get several words
charset = uts.STR_ALPHANUMDOTDASH + uts.STR_ALPHA.upper(
) + '()[]/,;:_#"+*@<>~ßöäüÖÄÜ$%&! '
ou_displayname = uts.random_string(
length=random.randint(1, 50),
charset=charset)
try:
create_and_verify_ou(
ucr,
ou=ou_name,
ou_displayname=
ou_displayname,
dc=(uts.random_name()
if dc else None),
dc_administrative=(
uts.random_name()
if dc_administrative
else None),
sharefileserver=
sharefileserver,
singlemaster=singlemaster,
noneducational_create_objects
=noneducational_create_object,
district_enable=
district_enable,
default_dcs=default_dcs,
dhcp_dns_clearou=
dhcp_dns_clearou,
use_cli_api=use_cli_api,
use_python_api=
use_python_api,
)
finally:
remove_ou(ou_name)
utils.wait_for_replication()
def test_all_roles_modification_set_network(ip_subnet, ip_network, ip_netmask, ip_range):
ucr = configRegistry.ConfigRegistry()
ucr.load()
for role in udm_test.UCSTestUDM.COMPUTER_MODULES:
computerProperties = {
'mac': '01:23:45:67:89:ab',
'name': uts.random_name()
}
with udm_test.UCSTestUDM() as udm:
dNSCn = 'cn=dns,%s' % (ucr.get('ldap/base'),)
forwardZoneName = '%s.%s' % (uts.random_name(), uts.random_name())
forwardZone = udm.create_object('dns/forward_zone', zone=forwardZoneName, position=dNSCn, nameserver=uts.random_string(numeric=False))
reverseZone = udm.create_object('dns/reverse_zone', subnet=ip_subnet, position=dNSCn, nameserver=uts.random_string(numeric=False))
dhcpService = udm.create_object('dhcp/service', service=uts.random_name())
networkProperties = {
'name': uts.random_name(),
'network': ip_network,
'netmask': ip_netmask,
'dnsEntryZoneForward': forwardZone,
'dnsEntryZoneReverse': reverseZone,
'dhcpEntryZone': dhcpService,
'ipRange': ip_range,
}
network = udm.create_object('networks/network', **networkProperties)
computer = udm.create_object(role, **computerProperties)
udm.modify_object(role, dn=computer, network=network)
aRecord = (utils.get_ldap_connection().getAttr(computer, 'aRecord') or [b''])[0].decode('ASCII')
aaaRecord = (utils.get_ldap_connection().getAttr(computer, 'aAAARecord') or [b''])[0].decode('ASCII')
# FIXME: workaround for possibly remaining locks
if aaaRecord:
udm.addCleanupLock('aAAARecord', aaaRecord)
if aRecord:
udm.addCleanupLock('aRecord', aRecord)
udm.addCleanupLock('mac', '01:23:45:67:89:ab')
utils.verify_ldap_object(computer, {'univentionNetworkLink': [network]})
assert aRecord or aaaRecord
if aRecord:
assert aRecord in ['%s.%s' % (ip_subnet, oktett) for oktett in range(2, 255)], 'IP address of computer not in range of its network'
if aaaRecord:
assert aaaRecord in ['%s:0000:0000:0000:%0.4x' % (ip_subnet, oktett) for oktett in range(2, 255)], 'IP address of computer not in range of its network'
if aRecord:
utils.verify_ldap_object('relativeDomainName=%s,%s' % (computerProperties['name'], forwardZone), {'aRecord': [aRecord]})
utils.verify_ldap_object('relativeDomainName=%s,%s' % (aRecord.split(".")[-1], reverseZone), {'pTRRecord': ['%s.%s.' % (computerProperties['name'], forwardZoneName)]})
utils.verify_ldap_object('cn=%s,%s' % (computerProperties['name'], dhcpService), {'univentionDhcpFixedAddress': [aRecord]})
if aaaRecord:
utils.verify_ldap_object('relativeDomainName=%s,%s' % (computerProperties['name'], forwardZone), {'aAAARecord': [aaaRecord]})
utils.verify_ldap_object('relativeDomainName=%s,%s' % ('.'.join(reversed(''.join(aaaRecord.split(':')[4:]))), reverseZone), {'pTRRecord': ['%s.%s.' % (computerProperties['name'], forwardZoneName)]})
utils.verify_ldap_object('cn=%s,%s' % (computerProperties['name'], dhcpService), {'univentionDhcpFixedAddress': [str(ipaddress.IPv6Address(aaaRecord))]})
