def test_search_for_all_nonposix(self, group):
""" Perform a search for all non-posix groups """
command = group.make_command(
'group_find', **dict(nonposix=True, all=True)
)
result = command()
assert_deepequal(dict(
summary=u'3 groups matched',
count=3,
truncated=False,
result=[
{
'dn': get_group_dn('ipausers'),
'cn': [u'ipausers'],
'description': [u'Default group for all users'],
'objectclass': fuzzy_set_ci(objectclasses.group),
'ipauniqueid': [fuzzy_uuid],
},
{
'dn': get_group_dn(group.cn),
'cn': [group.cn],
'description': [u'New desc'],
'objectclass': fuzzy_set_ci(objectclasses.group),
'ipauniqueid': [fuzzy_uuid],
},
{
'dn': get_group_dn('trust admins'),
'member_user': [u'admin'],
'cn': [u'trust admins'],
'description': [u'Trusts administrators group'],
'objectclass': fuzzy_set_ci(objectclasses.group),
'ipauniqueid': [fuzzy_uuid],
},
],
), result)
def test_search_for_all_nonposix(self, group):
""" Perform a search for all non-posix groups """
command = group.make_command('group_find',
**dict(nonposix=True, all=True))
result = command()
assert_deepequal(
dict(
summary=u'3 groups matched',
count=3,
truncated=False,
result=[
{
'dn': get_group_dn('ipausers'),
'cn': [u'ipausers'],
'description': [u'Default group for all users'],
'objectclass': fuzzy_set_ci(objectclasses.group),
'ipauniqueid': [fuzzy_uuid],
},
{
'dn': get_group_dn(group.cn),
'cn': [group.cn],
'description': [u'New desc'],
'objectclass': fuzzy_set_ci(objectclasses.group),
'ipauniqueid': [fuzzy_uuid],
},
{
'dn': get_group_dn('trust admins'),
'member_user': [u'admin'],
'cn': [u'trust admins'],
'description': [u'Trusts administrators group'],
'objectclass': fuzzy_set_ci(objectclasses.group),
'ipauniqueid': [fuzzy_uuid],
},
],
), result)
def test_search_for_all_posix(self, group, group2):
""" Search for all posix groups """
command = group.make_command('group_find', **dict(posix=True,
all=True))
result = command()
assert_deepequal(
dict(summary=u'4 groups matched',
count=4,
truncated=False,
result=[
{
'dn': get_group_dn('admins'),
'member_user': [u'admin'],
'gidnumber': [fuzzy_digits],
'cn': [u'admins'],
'description': [u'Account administrators group'],
'objectclass': fuzzy_set_ci(objectclasses.posixgroup),
'ipauniqueid': [fuzzy_uuid],
'ipantsecurityidentifier': [fuzzy_user_or_group_sid],
},
{
'dn':
get_group_dn('editors'),
'gidnumber': [fuzzy_digits],
'cn': [u'editors'],
'description':
[u'Limited admins who can edit other users'],
'objectclass':
fuzzy_set_ci(objectclasses.posixgroup),
'ipauniqueid': [fuzzy_uuid],
'ipantsecurityidentifier': [fuzzy_user_or_group_sid],
},
{
'dn': get_group_dn(group.cn),
'cn': [group.cn],
'description': [u'Test desc1'],
'gidnumber': [fuzzy_digits],
'objectclass': fuzzy_set_ci(objectclasses.posixgroup),
'ipauniqueid': [fuzzy_uuid],
'ipantsecurityidentifier': [fuzzy_user_or_group_sid],
},
{
'dn': get_group_dn(group2.cn),
'cn': [group2.cn],
'description': [u'Test desc2'],
'gidnumber': [fuzzy_digits],
'objectclass': fuzzy_set_ci(objectclasses.posixgroup),
'ipauniqueid': [fuzzy_uuid],
'ipantsecurityidentifier': [fuzzy_user_or_group_sid],
},
]), result)
def test_search_for_all_posix(self, group, group2):
""" Search for all posix groups """
command = group.make_command(
'group_find', **dict(posix=True, all=True)
)
result = command()
assert_deepequal(dict(
summary=u'4 groups matched',
count=4,
truncated=False,
result=[
{
'dn': get_group_dn('admins'),
'member_user': [u'admin'],
'gidnumber': [fuzzy_digits],
'cn': [u'admins'],
'description': [u'Account administrators group'],
'objectclass': fuzzy_set_ci(add_oc(
objectclasses.posixgroup, u'ipantgroupattrs')),
'ipauniqueid': [fuzzy_uuid],
},
{
'dn': get_group_dn('editors'),
'gidnumber': [fuzzy_digits],
'cn': [u'editors'],
'description':
[u'Limited admins who can edit other users'],
'objectclass': fuzzy_set_ci(add_oc(
objectclasses.posixgroup, u'ipantgroupattrs')),
'ipauniqueid': [fuzzy_uuid],
},
{
'dn': get_group_dn(group.cn),
'cn': [group.cn],
'description': [u'Test desc1'],
'gidnumber': [fuzzy_digits],
'objectclass': fuzzy_set_ci(add_oc(
objectclasses.posixgroup, u'ipantgroupattrs')),
'ipauniqueid': [fuzzy_uuid],
},
{
'dn': get_group_dn(group2.cn),
'cn': [group2.cn],
'description': [u'Test desc2'],
'gidnumber': [fuzzy_digits],
'objectclass': fuzzy_set_ci(add_oc(
objectclasses.posixgroup, u'ipantgroupattrs')),
'ipauniqueid': [fuzzy_uuid],
},
]), result)
def track_create(self):
""" Updates expected state for group creation"""
self.attrs = dict(
dn=get_group_dn(self.cn),
cn=[self.cn],
gidnumber=[fuzzy_digits],
ipauniqueid=[fuzzy_uuid],
objectclass=objectclasses.posixgroup,
)
self.exists = True
def track_create(self):
""" Updates expected state for group creation"""
self.attrs = dict(
dn=get_group_dn(self.cn),
cn=[self.cn],
description=[self.description],
gidnumber=[fuzzy_digits],
ipauniqueid=[fuzzy_uuid],
objectclass=objectclasses.posixgroup,
)
self.exists = True
def track_create(self):
""" Update expected state for user creation """
self.attrs = dict(
dn=self.dn,
uid=[self.uid],
givenname=[self.givenname],
sn=[self.sn],
homedirectory=[u'/home/%s' % self.uid],
displayname=[u'%s %s' % (self.givenname, self.sn)],
cn=[u'%s %s' % (self.givenname, self.sn)],
initials=[u'%s%s' % (self.givenname[0], self.sn[0])],
objectclass=fuzzy_set_optional_oc(objectclasses.user,
'ipantuserattrs'),
description=[u'__no_upg__'],
ipauniqueid=[fuzzy_uuid],
uidnumber=[fuzzy_digits],
gidnumber=[fuzzy_digits],
krbprincipalname=[u'%s@%s' % (self.uid, self.api.env.realm)],
krbcanonicalname=[u'%s@%s' % (self.uid, self.api.env.realm)],
mail=[u'%s@%s' % (self.uid, self.api.env.domain)],
gecos=[u'%s %s' % (self.givenname, self.sn)],
loginshell=[platformconstants.DEFAULT_SHELL],
has_keytab=False,
has_password=False,
mepmanagedentry=[get_group_dn(self.uid)],
memberof_group=[u'ipausers'],
nsaccountlock=[u'false'],
ipantsecurityidentifier=[fuzzy_user_or_group_sid],
)
for key, value in self.kwargs.items():
if key == "krbprincipalname":
try:
princ_splitted = value.split("@", maxsplit=1)
self.attrs[key] = [
"{}@{}".format(
princ_splitted[0].lower(),
princ_splitted[1],
)
]
except IndexError:
# we can provide just principal part
self.attrs[key] = [
"{}@{}".format(value.lower(), self.api.env.realm)
]
else:
if not isinstance(value, list):
self.attrs[key] = [value]
else:
self.attrs[key] = value
self.exists = True
def track_create(self):
""" Updates expected state for group creation"""
self.attrs = dict(
dn=get_group_dn(self.cn),
cn=[self.cn],
description=[self.description],
gidnumber=[fuzzy_digits],
ipauniqueid=[fuzzy_uuid],
objectclass=fuzzy_set_optional_oc(objectclasses.posixgroup,
'ipantgroupattrs'),
ipantsecurityidentifier=[fuzzy_user_or_group_sid],
)
self.exists = True
def track_create(self):
""" Update expected state for user creation """
self.attrs = dict(
dn=self.dn,
uid=[self.uid],
givenname=[self.givenname],
sn=[self.sn],
homedirectory=[u'/home/%s' % self.uid],
displayname=[u'%s %s' % (self.givenname, self.sn)],
cn=[u'%s %s' % (self.givenname, self.sn)],
initials=[u'%s%s' % (self.givenname[0], self.sn[0])],
objectclass=objectclasses.user,
description=[u'__no_upg__'],
ipauniqueid=[fuzzy_uuid],
uidnumber=[fuzzy_digits],
gidnumber=[fuzzy_digits],
krbprincipalname=[u'%s@%s' % (self.uid, self.api.env.realm)],
krbcanonicalname=[u'%s@%s' % (self.uid, self.api.env.realm)],
mail=[u'%s@%s' % (self.uid, self.api.env.domain)],
gecos=[u'%s %s' % (self.givenname, self.sn)],
loginshell=[u'/bin/sh'],
has_keytab=False,
has_password=False,
mepmanagedentry=[get_group_dn(self.uid)],
memberof_group=[u'ipausers'],
nsaccountlock=[u'false'],
)
for key in self.kwargs:
if key == u'krbprincipalname':
try:
self.attrs[key] = [u'%s@%s' % (
(self.kwargs[key].split('@'))[0].lower(),
(self.kwargs[key].split('@'))[1]
)]
except IndexError:
# we can provide just principal part
self.attrs[key] = [u'%s@%s' % (
(self.kwargs[key].lower(),
self.api.env.realm)
)]
else:
if type(self.kwargs[key]) is not list:
self.attrs[key] = [self.kwargs[key]]
else:
self.attrs[key] = self.kwargs[key]
self.exists = True
def test_search_for_all_groups_with_members(self, group, group2):
""" Search for all groups """
group.ensure_exists()
group2.create()
command = group.make_command('group_find', no_members=False)
result = command()
assert_deepequal(
dict(summary=u'6 groups matched',
count=6,
truncated=False,
result=[
{
'dn': get_group_dn('admins'),
'member_user': [u'admin'],
'gidnumber': [fuzzy_digits],
'cn': [u'admins'],
'description': [u'Account administrators group'],
},
{
'dn':
get_group_dn('editors'),
'gidnumber': [fuzzy_digits],
'cn': [u'editors'],
'description':
[u'Limited admins who can edit other users'],
},
{
'dn': get_group_dn('ipausers'),
'cn': [u'ipausers'],
'description': [u'Default group for all users'],
},
{
'dn': get_group_dn(group.cn),
'cn': [group.cn],
'description': [u'Test desc1'],
'gidnumber': [fuzzy_digits],
},
{
'dn': get_group_dn(group2.cn),
'cn': [group2.cn],
'description': [u'Test desc2'],
'gidnumber': [fuzzy_digits],
},
{
'dn': get_group_dn('trust admins'),
'member_user': [u'admin'],
'cn': [u'trust admins'],
'description': [u'Trusts administrators group'],
},
]), result)
def test_search_for_all_groups_with_members(self, group, group2):
""" Search for all groups """
group.ensure_exists()
group2.create()
command = group.make_command('group_find', no_members=False)
result = command()
assert_deepequal(dict(
summary=u'6 groups matched',
count=6,
truncated=False,
result=[
{
'dn': get_group_dn('admins'),
'member_user': [u'admin'],
'gidnumber': [fuzzy_digits],
'cn': [u'admins'],
'description': [u'Account administrators group'],
},
{
'dn': get_group_dn('editors'),
'gidnumber': [fuzzy_digits],
'cn': [u'editors'],
'description':
[u'Limited admins who can edit other users'],
},
{
'dn': get_group_dn('ipausers'),
'cn': [u'ipausers'],
'description': [u'Default group for all users'],
},
{
'dn': get_group_dn(group.cn),
'cn': [group.cn],
'description': [u'Test desc1'],
'gidnumber': [fuzzy_digits],
},
{
'dn': get_group_dn(group2.cn),
'cn': [group2.cn],
'description': [u'Test desc2'],
'gidnumber': [fuzzy_digits],
},
{
'dn': get_group_dn('trust admins'),
'member_user': [u'admin'],
'cn': [u'trust admins'],
'description': [u'Trusts administrators group'],
},
]), result)
def make_admin(self, admin_group=u'admins'):
""" Add user to the administrator's group """
result = self.run_command('group_show', admin_group)
admin_group_content = result[u'result'][u'member_user']
admin_group_expected = list(admin_group_content) + [self.name]
command = self.make_group_add_member_command(admin_group,
**dict(user=self.name))
result = command()
assert_deepequal(
dict(
completed=1,
failed=dict(member=dict(group=tuple(), user=tuple())),
result={
'dn': get_group_dn(admin_group),
'member_user': admin_group_expected,
'gidnumber': [fuzzy_digits],
'cn': [admin_group],
'description': [u'Account administrators group'],
},
), result)
def test_search_for_all_nonposix_with_criteria(self, group):
""" Search for all non-posix groups with additional
criteria filter """
command = group.make_command(
'group_find', *[u'users'], **dict(nonposix=True, all=True)
)
result = command()
assert_deepequal(dict(
summary=u'1 group matched',
count=1,
truncated=False,
result=[
{
'dn': get_group_dn('ipausers'),
'cn': [u'ipausers'],
'description': [u'Default group for all users'],
'objectclass': fuzzy_set_ci(objectclasses.group),
'ipauniqueid': [fuzzy_uuid],
},
],
), result)
def test_search_for_all_nonposix_with_criteria(self, group):
""" Search for all non-posix groups with additional
criteria filter """
command = group.make_command('group_find', *[u'users'],
**dict(nonposix=True, all=True))
result = command()
assert_deepequal(
dict(
summary=u'1 group matched',
count=1,
truncated=False,
result=[
{
'dn': get_group_dn('ipausers'),
'cn': [u'ipausers'],
'description': [u'Default group for all users'],
'objectclass': fuzzy_set_ci(objectclasses.group),
'ipauniqueid': [fuzzy_uuid],
},
],
), result)
def make_admin(self, admin_group=u'admins'):
""" Add user to the administrator's group """
result = self.run_command('group_show', admin_group)
admin_group_content = result[u'result'][u'member_user']
admin_group_expected = list(admin_group_content) + [self.name]
command = self.make_group_add_member_command(
admin_group, **dict(user=self.name)
)
result = command()
assert_deepequal(dict(
completed=1,
failed=dict(
member=dict(group=tuple(), user=tuple(), service=tuple())
),
result={
'dn': get_group_dn(admin_group),
'member_user': admin_group_expected,
'gidnumber': [fuzzy_digits],
'cn': [admin_group],
'description': [u'Account administrators group'],
},
), result)
def __init__(self, name, description=u'Group desc'):
super(GroupTracker, self).__init__(default_version=None)
self.cn = name
self.description = description
self.dn = get_group_dn(self.cn)
def __init__(self, name, description=u'Group desc'):
super(GroupTracker, self).__init__(default_version=None)
self.cn = name
self.description = description
self.dn = get_group_dn(self.cn)
def __init__(self, name):
super(GroupTracker, self).__init__(default_version=None)
self.cn = name
self.dn = get_group_dn(name)
