def test_user_mail_alt_equals_shared_folder_mail_address(): print( "### A user has mail@shared_folder as mail_alternative_address address" ) with udm_test.UCSTestUDM() as udm: folder_name = uts.random_name() shared_folder_mail = "%s@%s" % (folder_name, DOMAIN) user = random_mail_user(udm=udm, mail_alternative_address=shared_folder_mail) token = make_token() msgid = uts.random_name() folder_dn, folder_name, folder_mailaddress = create_shared_mailfolder( udm, FQDN, mailAddress=shared_folder_mail, user_permission=['"%s" "%s"' % ("anyone", "all")]) send_mail(recipients=shared_folder_mail, msg=token, debuglevel=DEBUG_LEVEL, messageid=msgid) check_delivery(token, user.mailPrimaryAddress, True) found = imap_search_mail(messageid=msgid, server=FQDN, imap_user=user.mailPrimaryAddress, imap_folder=folder_name, use_ssl=True) if not found: utils.fail("Mail sent with token = %r to %s un-expectedly".format( token, folder_name))
def test_udm_cli_policies_output(udm): """test UDM-CLI code for --policies={1,2}""" dhcp_service = udm.create_object('dhcp/service', service=uts.random_name()) subnet_mask = SUBNET_MASK_IP4 subnet = SUBNET_IP4 dhcp_subnet = udm.create_object('dhcp/subnet', superordinate=dhcp_service, subnet=subnet, subnetmask=subnet_mask) dhcp_host = udm.create_object('dhcp/host', superordinate=dhcp_subnet, host=uts.random_name(), hwaddress='ethernet 01:ff:78:38:ab:24', fixedaddress='10.20.30.123') host = udm.list_objects('dhcp/host', position=dhcp_host, policies=1)[0][1] pprint.pprint(host) required = { 'Policy-based Settings', 'Subnet-based Settings', 'Merged Settings' } assert set(host) & required == required host = udm.list_objects('dhcp/host', position=dhcp_host, policies=2)[0][1] pprint.pprint(host) required = {'univentionPWLength', 'univentionPWHistoryLen'} assert set(host['Policy-based Settings']) & required == required assert set(host['Subnet-based Settings']) & required == required assert set(host['Merged Settings']) & required == required
def test__dns_forward_zone_check_resolve(self, udm): """Creates DNS forward zone entry and try to resolve it""" zone = '%s.%s.' % (uts.random_name(), uts.random_name()) pos = 'cn=dns,%s' % (udm.LDAP_BASE, ) forward_zone_properties = { 'zone': zone, 'nameserver': udm.FQHN, 'contact': '%s@%s.%s' % (uts.random_name(), uts.random_name(), uts.random_name()), 'serial': '%s' % (uts.random_int()), 'zonettl': '%s' % (uts.random_int(bottom_end=100, top_end=999)), 'refresh': '%s' % (uts.random_int(bottom_end=10, top_end=99)), 'expire': '%s' % (uts.random_int(bottom_end=10, top_end=99)), 'ttl': '%s' % (uts.random_int(bottom_end=10, top_end=99)), 'retry': '%s' % (uts.random_int()), 'a': ['%s' % (uts.random_ip())] } udm.create_object('dns/forward_zone', position=pos, **forward_zone_properties) time.sleep(5) answers = resolve_dns_entry(zone, 'SOA') answer = answers.qname.to_text() assert answer == zone, 'resolved name "%s" != created ldap-object "%s"' % ( answer, zone)
def create_hooks(self): self.pre_hooks = [ os.path.join(os.path.join(HOOK_BASEDIR, 'computer_create_pre.d'), uts.random_name()), ] self.post_hooks = [ os.path.join(os.path.join(HOOK_BASEDIR, 'computer_create_post.d'), uts.random_name()), ] for pre_hook in self.pre_hooks: with open(pre_hook, 'w+') as fd: fd.write('''#!/bin/sh set -x test $# = 1 || exit 1 cat $1 >>%(pre_hook_result)s exit 0 ''' % {'pre_hook_result': self.pre_hook_result}) os.chmod(pre_hook, 0o755) for post_hook in self.post_hooks: with open(post_hook, 'w+') as fd: fd.write('''#!/bin/sh set -x dn="$2" name="$(cat $1 | awk -F '\t' '{print $2}')" type="$(cat $1 | awk -F '\t' '{print $1}')" ldap_dn="$(univention-ldapsearch "(&(cn=$name)(univentionObjectType=computers/$type))" | ldapsearch-wrapper | sed -ne 's|dn: ||p')" test "$dn" = "$ldap_dn" || exit 1 cat $1 >>%(post_hook_result)s exit 0 ''' % {'post_hook_result': self.post_hook_result}) os.chmod(post_hook, 0o755)
def test_user_creation_with_umlaut_in_username(self, udm): """Create users/user with umlaut in username""" # bugs: [11415] user = udm.create_user( username='******' % (uts.random_name(length=4), uts.random_name(length=4)))[0] utils.verify_ldap_object(user)
def create_user_in_container(container_dn): """Create random user in a specific container:\n :param container_dn: container dn to create the user in :type container_dn: ldap object dn """ cmd = [ 'udm', 'users/user', 'create', '--position', '%(container)s', '--set', 'username=%(username)s', '--set', 'firstname=%(firstname)s', '--set', 'lastname=%(lastname)s', '--set', 'password=%(password)s', ] out, err = run_commands( [cmd], { 'container': container_dn, 'username': uts.random_name(), 'firstname': uts.random_name(), 'lastname': uts.random_name(), 'password': uts.random_string(), })[0] if out: return out.split(': ')[1].strip()
def modify(self): for student in self.students: student.set_mode_to_modify() self.students[1].mail = '%s@%s' % (uts.random_name(), configRegistry.get('domainname')) self.students[2].firstname = uts.random_name() self.students[2].lastname = uts.random_name() self.students[2].set_inactive() for teacher in self.teachers: teacher.set_mode_to_modify() self.students[0].mail = '%s@%s' % (uts.random_name(), configRegistry.get('domainname')) self.students[2].firstname = uts.random_name() self.students[2].lastname = uts.random_name() for staff in self.staff: staff.set_mode_to_modify() self.students[0].set_inactive() self.students[2].firstname = uts.random_name() self.students[2].lastname = uts.random_name() for teacher_staff in self.teacher_staff: teacher_staff.set_mode_to_modify() self.students[0].set_inactive() self.students[2].firstname = uts.random_name() self.students[2].lastname = uts.random_name()
def create_user(self, wait_for_replication=True, check_for_drs_replication=True, wait_for=True, **kwargs): # :pylint: disable-msg=W0613 """ Creates a user via UDM CLI. Values for UDM properties can be passed via keyword arguments only and have to exactly match UDM property names (case-sensitive!). Some properties have default values: :param str position: 'cn=users,$ldap_base' :param str password: '******' :param str firstname: 'Foo Bar' :param str lastname: <random string> :param str username: <random string> If username is missing, a random user name will be used. :return: (dn, username) """ attr = self._set_module_default_attr( kwargs, (('position', 'cn=users,%s' % self.LDAP_BASE), ('password', 'univention'), ('username', uts.random_username()), ('lastname', uts.random_name()), ('firstname', uts.random_name()))) return (self.create_object('users/user', wait_for_replication, check_for_drs_replication, wait_for=wait_for, **attr), attr['username'])
def __init__(self, school, role): self.firstname = uts.random_name() self.lastname = uts.random_name() self.username = uts.random_name() self.legacy = False self.school = school self.schools = [school] self.role = role self.record_uid = None self.source_uid = None self.description = None self.mail = '%s@%s' % (self.username, configRegistry.get('domainname')) self.school_classes = {} if self.is_student(): self.cn = cn_pupils self.grp_prefix = grp_prefix_pupils elif self.is_teacher(): self.cn = cn_teachers self.grp_prefix = grp_prefix_teachers elif self.is_teacher_staff(): self.cn = cn_teachers_staff self.grp_prefix = grp_prefix_teachers elif self.is_staff(): self.cn = cn_staff self.grp_prefix = grp_prefix_staff self.mode = 'A' self.active = True self.password = None self.birthday = None self.school_base = self.make_school_base() self.dn = self.make_dn() self.append_random_groups()
def __init__(self, school_name=None, nr_students=20, nr_teachers=10, nr_staff=5, nr_teacher_staff=3): assert (nr_students > 2) assert (nr_teachers > 2) assert (nr_staff > 2) assert (nr_teacher_staff > 2) self.school = school_name self.students = [] for i in range(0, nr_students): self.students.append(Student(self.school)) self.students[2].set_inactive() self.students[0].password = uts.random_name() self.teachers = [] for i in range(0, nr_teachers): self.teachers.append(Teacher(self.school)) self.teachers[1].set_inactive() self.teachers[1].password = uts.random_name() self.staff = [] for i in range(0, nr_staff): self.staff.append(Staff(self.school)) self.staff[2].set_inactive() self.staff[1].password = uts.random_name() self.teacher_staff = [] for i in range(0, nr_teacher_staff): self.teacher_staff.append(TeacherStaff(self.school)) self.teacher_staff[1].set_inactive() self.teacher_staff[2].password = uts.random_name()
def __init__(self, quota_type="usrquota", fs_type="ext4"): ucr = ucr_test.UCSTestConfigRegistry() ucr.load() self.my_fqdn = '%s.%s' % (ucr.get('hostname'), ucr.get('domainname')) account = utils.UCSTestDomainAdminCredentials() self.umc_client = Client(self.my_fqdn, username=account.username, password=account.bindpw) self.share_name = uts.random_name() self.username = uts.random_name() self.quota_type = quota_type self.fs_type = fs_type self.quota_policy = { "inodeSoftLimit": '10', "inodeHardLimit": '15', "spaceSoftLimit": str(1024**2), "spaceHardLimit": str(2048**2), "reapplyQuota": 'TRUE', "name": uts.random_name(), "position": 'cn=userquota,cn=shares,cn=policies,%s' % ucr.get('ldap/base'), }
def test_dhcp_sharedsubnet_creation_with_all_attributes(self, udm): """Create dhcp/sharedsubnet with all attributes set""" dhcp_service = udm.create_object('dhcp/service', service=uts.random_name()) dhcp_shared_network = udm.create_object('dhcp/shared', name=uts.random_name(), superordinate=dhcp_service) dhcp_shared_subnet_properties = { 'subnet': SUBNET_IP4, 'subnetmask': SUBNET_MASK_IP4, 'broadcastaddress': '10.20.30.255', 'range': '10.20.30.1 10.20.30.254' } dhcp_shared_subnet = udm.create_object( 'dhcp/sharedsubnet', superordinate=dhcp_shared_network, **dhcp_shared_subnet_properties) utils.verify_ldap_object( dhcp_shared_subnet, { 'dhcpNetMask': [dhcp_shared_subnet_properties['subnetmask']], 'dhcpRange': [dhcp_shared_subnet_properties['range']], 'univentionDhcpBroadcastAddress': [dhcp_shared_subnet_properties['broadcastaddress']] })
def test_dhcp_sharednetwork_creation(self, udm): dhcp_service = udm.create_object('dhcp/service', service=uts.random_name()) dhcp_shared_network = udm.create_object('dhcp/shared', name=uts.random_name(), superordinate=dhcp_service) utils.verify_ldap_object(dhcp_shared_network)
def test_dhcp_server_creation(self, udm): """Create dhcp/server""" dhcp_service = udm.create_object('dhcp/service', service=uts.random_name()) dhcp_server = udm.create_object('dhcp/server', superordinate=dhcp_service, server=uts.random_name()) utils.verify_ldap_object(dhcp_server)
def create_ldap_user(self, wait_for_replication=True, check_for_drs_replication=False, **kwargs): # :pylint: disable-msg=W0613 # check_for_drs_replication=False -> ldap users are not replicated to s4 attr = self._set_module_default_attr(kwargs, (('position', 'cn=users,%s' % self.LDAP_BASE), ('password', 'univention'), ('username', uts.random_username()), ('lastname', uts.random_name()), ('name', uts.random_name()))) return (self.create_object('users/ldap', wait_for_replication, check_for_drs_replication, **attr), attr['username'])
def test__dns_reverse_zone_check_resolve(self, udm): """Creates DNS reverse zone entry and try to resolve it""" pos = 'cn=dns,%s' % (udm.LDAP_BASE, ) # IPv4 ipv4 = uts.random_ip().split('.') subnet = ipv4[:3] reverse_zone_properties = { 'subnet': '.'.join(subnet), 'nameserver': udm.FQHN, 'contact': '%s@%s.%s' % (uts.random_name(), uts.random_name(), uts.random_name()), 'serial': '%s' % (uts.random_int()), 'zonettl': '%s' % (uts.random_int(bottom_end=100, top_end=999)), 'refresh': '%s' % (uts.random_int(bottom_end=10, top_end=99)), 'expire': '%s' % (uts.random_int(bottom_end=10, top_end=99)), 'ttl': '%s' % (uts.random_int(bottom_end=10, top_end=99)), 'retry': '%s' % (uts.random_int()), } udm.create_object('dns/reverse_zone', position=pos, **reverse_zone_properties) zoneName = '.'.join(list(reversed(subnet)) + ['in-addr', 'arpa', '']) time.sleep(5) answers = resolve_dns_entry(zoneName, 'SOA') answer = answers.qname.to_text() assert answer == zoneName, 'IPv4: resolved name "%s" != created ldap-object "%s"' % ( answer, zoneName) # IPv6 ipv6 = '2011:06f8:13dc:0002:19b7:d592:09dd:1041'.split( ':') # create uts.random_ipV6()? subnet = ipv6[:7] reverse_zone_properties.update({ 'subnet': ':'.join(subnet), }) udm.create_object('dns/reverse_zone', position=pos, **reverse_zone_properties) zoneName = '.'.join( list(reversed([nibble for block in subnet for nibble in block])) + ['ip6', 'arpa', '']) time.sleep(5) answers = resolve_dns_entry(zoneName, 'SOA') answer = answers.qname.to_text() assert answer == zoneName, 'IPv6: resolved name "%s" != created ldap-object "%s"' % ( answer, zoneName)
def test_container_ou_relocation(self, udm): """Move container/ou into another container/ou""" ou_name = uts.random_name() ou = udm.create_object('container/ou', name=ou_name) ou2 = udm.create_object('container/ou', name=uts.random_name()) udm.move_object('container/ou', dn=ou, position=ou2) utils.verify_ldap_object('ou=%s,%s' % (ldap.dn.escape_dn_chars(ou_name), ou2))
def test_container_cn_relocation(self, udm): """Move container/cn into another container/cn""" cn_name = uts.random_name() cn = udm.create_object('container/cn', name=cn_name) cn2 = udm.create_object('container/cn', name=uts.random_name()) udm.move_object('container/cn', dn=cn, position=cn2) utils.verify_ldap_object('cn=%s,%s' % (ldap.dn.escape_dn_chars(cn_name), cn2))
def test_credentials_error(self): username = uts.random_name() password = uts.random_name() with self.assertRaises(ConnectionError) as cm: UDM.credentials(identity=username, password=password) assert str(cm.exception) == 'Cannot get DN for username' with self.assertRaises(ConnectionError) as cm: UDM.credentials(identity='Administrator', password=password) assert str(cm.exception) == 'Credentials invalid'
def test_user_creation_with_mailPrimaryAddress_already_in_use(self, udm): """Create users/user with mailPrimaryAddress which is already in use""" mailDomainName = '%s.%s' % (uts.random_name(), uts.random_name()) emailaddr = uts.random_name() udm.create_object('mail/domain', name=mailDomainName) udm.create_user(mailPrimaryAddress='%s@%s' % (emailaddr, mailDomainName)) with pytest.raises(udm_test.UCSTestUDM_CreateUDMObjectFailed): udm.create_user(mailPrimaryAddress='%s@%s' % (emailaddr, mailDomainName))
def test_credentials(self): password = uts.random_name() dn, username = self.udm_test.create_user(password=password) mod = UDM.credentials(identity=username, password=password).version(0).get('users/user') assert mod.connection.binddn == dn password = uts.random_name() dn, username = self.udm_test.create_user(password=password) mod = UDM.credentials(identity=dn, password=password).version(0).get('users/user') assert mod.connection.binddn == dn
def test_all_roles_modification_set_network(ip_subnet, ip_network, ip_netmask, ip_range): ucr = configRegistry.ConfigRegistry() ucr.load() for role in udm_test.UCSTestUDM.COMPUTER_MODULES: computerProperties = { 'mac': '01:23:45:67:89:ab', 'name': uts.random_name() } with udm_test.UCSTestUDM() as udm: dNSCn = 'cn=dns,%s' % (ucr.get('ldap/base'),) forwardZoneName = '%s.%s' % (uts.random_name(), uts.random_name()) forwardZone = udm.create_object('dns/forward_zone', zone=forwardZoneName, position=dNSCn, nameserver=uts.random_string(numeric=False)) reverseZone = udm.create_object('dns/reverse_zone', subnet=ip_subnet, position=dNSCn, nameserver=uts.random_string(numeric=False)) dhcpService = udm.create_object('dhcp/service', service=uts.random_name()) networkProperties = { 'name': uts.random_name(), 'network': ip_network, 'netmask': ip_netmask, 'dnsEntryZoneForward': forwardZone, 'dnsEntryZoneReverse': reverseZone, 'dhcpEntryZone': dhcpService, 'ipRange': ip_range, } network = udm.create_object('networks/network', **networkProperties) computer = udm.create_object(role, **computerProperties) udm.modify_object(role, dn=computer, network=network) aRecord = (utils.get_ldap_connection().getAttr(computer, 'aRecord') or [b''])[0].decode('ASCII') aaaRecord = (utils.get_ldap_connection().getAttr(computer, 'aAAARecord') or [b''])[0].decode('ASCII') # FIXME: workaround for possibly remaining locks if aaaRecord: udm.addCleanupLock('aAAARecord', aaaRecord) if aRecord: udm.addCleanupLock('aRecord', aRecord) udm.addCleanupLock('mac', '01:23:45:67:89:ab') utils.verify_ldap_object(computer, {'univentionNetworkLink': [network]}) assert aRecord or aaaRecord if aRecord: assert aRecord in ['%s.%s' % (ip_subnet, oktett) for oktett in range(2, 255)], 'IP address of computer not in range of its network' if aaaRecord: assert aaaRecord in ['%s:0000:0000:0000:%0.4x' % (ip_subnet, oktett) for oktett in range(2, 255)], 'IP address of computer not in range of its network' if aRecord: utils.verify_ldap_object('relativeDomainName=%s,%s' % (computerProperties['name'], forwardZone), {'aRecord': [aRecord]}) utils.verify_ldap_object('relativeDomainName=%s,%s' % (aRecord.split(".")[-1], reverseZone), {'pTRRecord': ['%s.%s.' % (computerProperties['name'], forwardZoneName)]}) utils.verify_ldap_object('cn=%s,%s' % (computerProperties['name'], dhcpService), {'univentionDhcpFixedAddress': [aRecord]}) if aaaRecord: utils.verify_ldap_object('relativeDomainName=%s,%s' % (computerProperties['name'], forwardZone), {'aAAARecord': [aaaRecord]}) utils.verify_ldap_object('relativeDomainName=%s,%s' % ('.'.join(reversed(''.join(aaaRecord.split(':')[4:]))), reverseZone), {'pTRRecord': ['%s.%s.' % (computerProperties['name'], forwardZoneName)]}) utils.verify_ldap_object('cn=%s,%s' % (computerProperties['name'], dhcpService), {'univentionDhcpFixedAddress': [str(ipaddress.IPv6Address(aaaRecord))]})
def test_user_creation_with_username_already_in_use(self, udm): """Create users/user with username which is already in use""" first_user_container = udm.create_object('container/cn', name=uts.random_name()) second_user_container = udm.create_object('container/cn', name=uts.random_name()) username = udm.create_user(position=first_user_container)[1] with pytest.raises(udm_test.UCSTestUDM_CreateUDMObjectFailed): udm.create_user(username=username, position=second_user_container)
def __init__(self, school): self.name = uts.random_name() self.spool_host = uts.random_name() self.uri = 'parallel:/dev/lp0' self.model = 'foomatic-ppds/Apple/Apple-12_640ps-Postscript.ppd.gz' self.school = school self.mode = 'A' self.school_base = get_school_base(self.school) self.dn = 'cn=%s,cn=printers,%s' % (self.name, self.school_base)
def test_create_printer(ucr, udm): """Create shares/printer and verify LDAP object""" ucr.load() properties = { 'name': uts.random_name(), 'location': uts.random_string(), 'description': uts.random_name(), 'spoolHost': random_fqdn(ucr), 'uri': '%s %s' % ( random.choice(PRINTER_PROTOCOLS), uts.random_ip(), ), 'model': 'foomatic-rip/Generic-PCL_4_Printer-gutenprint-ijs-simplified.5.2.ppd', 'producer': 'cn=Generic,cn=cups,cn=univention,%s' % (ucr.get('ldap/base'), ), 'sambaName': uts.random_name(), 'ACLtype': random.choice(['allow all', 'allow', 'deny']), 'ACLUsers': 'uid=Administrator,cn=users,%s' % (ucr.get('ldap/base'), ), 'ACLGroups': 'cn=Printer Admins,cn=groups,%s' % (ucr.get('ldap/base'), ), } print('*** Create shares/printer object') print_share_dn = udm.create_object('shares/printer', position='cn=printers,%s' % (ucr['ldap/base'], ), **properties) utils.verify_ldap_object(print_share_dn, { 'cn': [properties['name']], 'description': [properties['description']], 'univentionObjectType': ['shares/printer'], 'univentionPrinterACLGroups': [properties['ACLGroups']], 'univentionPrinterACLUsers': [properties['ACLUsers']], 'univentionPrinterACLtype': [properties['ACLtype']], 'univentionPrinterLocation': [properties['location']], 'univentionPrinterModel': [properties['model']], 'univentionPrinterSambaName': [properties['sambaName']], 'univentionPrinterSpoolHost': [properties['spoolHost']], 'univentionPrinterURI': [properties['uri'].replace(' ', '')], }, delay=1) print('*** Modify shares/printer object') properties['sambaName'] = uts.random_name() udm.modify_object('shares/printer', dn=print_share_dn, sambaName=properties['sambaName']) utils.verify_ldap_object( print_share_dn, {'univentionPrinterSambaName': [properties['sambaName']]}, delay=1)
def __init__(self, school): self.name = uts.random_name() self.description = uts.random_name() self.school = school self.mode = 'A' self.school_base = get_school_base(self.school) self.dn = 'cn=%s,cn=klassen,cn=%s,cn=groups,%s' % ( self.name, cn_pupils, self.school_base) self.share_dn = 'cn=%s,cn=klassen,cn=shares,%s' % (self.name, self.school_base)
def test_dhcp_host_creation(self, udm): """Create dhcp/host""" dhcp_service = udm.create_object('dhcp/service', service=uts.random_name()) mac = 'ethernet 01:ff:78:38:ab:24' dhcp_host = udm.create_object('dhcp/host', host=uts.random_name(), hwaddress=mac, superordinate=dhcp_service) utils.verify_ldap_object(dhcp_host, {'dhcpHWAddress': [mac]})
def __init__(self, quota_type="usrquota", fs_type="ext4"): ucr = ucr_test.UCSTestConfigRegistry() ucr.load() self.ldap_base = ucr.get('ldap/base') self.my_fqdn = '%s.%s' % (ucr.get('hostname'), ucr.get('domainname')) account = utils.UCSTestDomainAdminCredentials() self.umc_client = Client(self.my_fqdn, username=account.username, password=account.bindpw) self.share_name = uts.random_name() self.share_name2 = uts.random_name() self.username = uts.random_name() self.quota_type = quota_type self.fs_type = fs_type
def __init__(self, school, name=None, dn=None, description=None, host_members=None): self.school = school self.name = name if name else uts.random_name() self.dn = dn if dn else 'cn=%s-%s,cn=raeume,cn=groups,%s' % ( school, self.name, utu.UCSTestSchool().get_ou_base_dn(school)) self.description = description if description else uts.random_name() self.host_members = host_members or []
def test_dhcp_sharednetwork_removal(self, udm): """Remove dhcp/shared""" dhcp_service = udm.create_object('dhcp/service', service=uts.random_name()) dhcp_shared_network = udm.create_object('dhcp/shared', name=uts.random_name(), superordinate=dhcp_service) udm.remove_object('dhcp/shared', dn=dhcp_shared_network, superordinate=dhcp_service) utils.verify_ldap_object(dhcp_shared_network, should_exist=False)