def test_ldb_add_nameless_element(self):
m = ldb.Message()
e = ldb.MessageElement('q')
try:
m.add(e)
except ldb.LdbError:
pass
str(m)
def copy(self, name):
""" Copy a share with a certain name on the selected backend
FIXME There is no way outside this method to test if the copied share
exsits.
"""
copied = False
#
# FIXME the LDB class does not like this parameter because its type
# is unicode instead of string so it need to be cast into a string.
#
name = str(name).strip()
try:
if len(name) == 0:
raise ShareError(_("You did not specify a Share to copy"), \
"critical")
if self.share_name_exists(name):
share = self.__get_share_from_backend(name)
else:
raise ShareError(_("The share you selected doesn't exist."))
copy_name = self._get_available_copy_name(name)
dn = "CN=" + name + ",CN=Shares"
copy_dn = "CN=" + copy_name + ",CN=Shares"
copy_share = ldb.Message(ldb.Dn(self.__shares_db, copy_dn))
for param, value in share.items():
if param == "dn":
continue
if param == "name":
value = copy_name
copy_share[param] = ldb.MessageElement(value, \
ldb.CHANGETYPE_ADD, \
param)
self.__shares_db.add(copy_share)
copied = True
except ShareError, error:
self._set_error(error.message, error.type)
def store(self, name, is_new=False, old_name=''):
""" Add/Save share information in LDB. If we are changing a Share's
name we need to use old_name to specify the old name so the necessary
renamings may be performed.
Keyword arguments:
name -- the name of the share to save the information
is_new -- indicates if the share if new or not
old_name -- the old share name (in case we are renaming)
Returns:
Sucess or insucess of the operation
"""
stored = False
name = str(name).strip()
old_name = str(old_name).strip()
if not is_new and len(old_name) == 0:
old_name = name
try:
if len(name) == 0:
raise ShareError(
_("You cannot add a Share with an empty name"))
if not is_new and len(old_name) == 0:
raise ShareError(
_("You are modifying a Share name but the old name is missing"
))
if is_new and self.share_name_exists(name):
raise ShareError(_("A Share with that name already exists"))
if not is_new and not self.share_name_exists(old_name):
raise ShareError(
_("You are editing a Share that doesn't exist anymore"))
dn = "CN=" + name + ",CN=Shares"
old_dn = "CN=" + old_name + ",CN=Shares"
# Rename the DN element before continuing
if not is_new and name != old_name:
self.__shares_db.rename(ldb.Dn(self.__shares_db, old_dn), dn)
if is_new:
share = ldb.Message(ldb.Dn(self.__shares_db, dn))
share["name"] = ldb.MessageElement(name, \
ldb.CHANGETYPE_ADD, \
"name")
else:
share = self.__get_share_from_backend(name)
modded_messages = ldb.Message(ldb.Dn(self.__shares_db, dn))
if not is_new and name != old_name:
modded_messages["name"] = ldb.MessageElement(name, \
ldb.FLAG_MOD_REPLACE, \
"name")
# Replace existing attribute values
for param, value in share.items():
if param == "dn":
continue
if param in self._params:
if len(self._params[param]) == 0:
self._params[param] = []
modded_messages[param] = ldb.MessageElement(self._params[param], \
ldb.FLAG_MOD_REPLACE, param)
del self._params[param]
# Add the new attributes passed by the form
for param, value in self._params.items():
if len(value) > 0:
modded_messages[param] = ldb.MessageElement(value, \
ldb.CHANGETYPE_ADD, \
param)
if is_new:
self.__shares_db.add(share)
self.__shares_db.modify(modded_messages)
stored = True
except ShareError, error:
self._set_error(error.message, error.type)
def test_timeout(self):
policy_dn = ldb.Dn(self.ldb,
'CN=Default Query Policy,CN=Query-Policies,'
'CN=Directory Service,CN=Windows NT,CN=Services,'
f'{self.ldb.get_config_basedn().get_linearized()}')
# Get the current value of lDAPAdminLimits.
res = self.ldb.search(base=policy_dn,
scope=ldb.SCOPE_BASE,
attrs=['lDAPAdminLimits'])
msg = res[0]
admin_limits = msg['lDAPAdminLimits']
# Ensure we restore the previous value of the attribute.
admin_limits.set_flags(ldb.FLAG_MOD_REPLACE)
self.addCleanup(self.ldb.modify, msg)
# Temporarily lower the value of MaxQueryDuration so we can test
# timeout behaviour.
timeout = 5
query_duration = f'MaxQueryDuration={timeout}'.encode()
admin_limits = [limit for limit in admin_limits
if not limit.lower().startswith(b'maxqueryduration=')]
admin_limits.append(query_duration)
# Set the new attribute value.
msg = ldb.Message(policy_dn)
msg['lDAPAdminLimits'] = ldb.MessageElement(admin_limits,
ldb.FLAG_MOD_REPLACE,
'lDAPAdminLimits')
self.ldb.modify(msg)
# Use a new connection so that the limits are reloaded.
samdb = SamDB(url, credentials=creds,
session_info=system_session(lp),
lp=lp)
# Create a large search expression that will take a long time to
# evaluate.
expression = '(anr=l)' * 10000
expression = f'(|{expression})'
# Perform the LDAP search.
prev = time.time()
with self.assertRaises(ldb.LdbError) as err:
samdb.search(base=self.ou_dn,
scope=ldb.SCOPE_SUBTREE,
expression=expression,
attrs=['objectGUID'])
now = time.time()
duration = now - prev
# Ensure that we timed out.
enum, _ = err.exception.args
self.assertEqual(ldb.ERR_TIME_LIMIT_EXCEEDED, enum)
# Ensure that the time spent searching is within the limit we
# set. We allow a margin of 100% over as the Samba timeout
# handling is not very accurate (and does not need to be)
self.assertLess(timeout - 1, duration)
self.assertLess(duration, timeout * 2)
