def test_add_new_group_search_fields_config_entry(self, user): """ Try adding a new group search fields config entry """ command = user.make_command( 'config_mod', **dict(addattr=u'ipagroupsearchfields=newattr')) with raises_exact( errors.OnlyOneValueAllowed(attr='ipagroupsearchfields')): command()
def test_add_user_with_singlevalue_addattr(self): """ Try to add a user with single-value attribute set via option and --addattr """ user = UserTracker(name=u'user', givenname=u'Test', sn=u'User1', addattr=u'sn=User2') command = user.make_create_command() with raises_exact(errors.OnlyOneValueAllowed(attr='sn')): command()
def validate_nsaccountlock(entry_attrs): if 'nsaccountlock' in entry_attrs: nsaccountlock = entry_attrs['nsaccountlock'] if not isinstance(nsaccountlock, (bool, Bool)): if not isinstance(nsaccountlock, six.string_types): raise errors.OnlyOneValueAllowed(attr='nsaccountlock') if nsaccountlock.lower() not in ('true', 'false'): raise errors.ValidationError(name='nsaccountlock', error=_('must be TRUE or FALSE'))
class test_raduisproxy(Declarative): cleanup_commands = [ ('radiusproxy_del', [radius1], {}), ('user_del', [user1], {}), ] tests = [ dict( desc='Try to retrieve non-existent %r' % radius1, command=('radiusproxy_show', [radius1], {}), expected=errors.NotFound( reason=u'%s: RADIUS proxy server not found' % radius1), ), dict( desc='Try to update non-existent %r' % radius1, command=('radiusproxy_mod', [radius1], {}), expected=errors.NotFound( reason=_('%s: RADIUS proxy server not found') % radius1), ), dict( desc='Try to delete non-existent %r' % radius1, command=('radiusproxy_del', [radius1], {}), expected=errors.NotFound( reason=_('%s: RADIUS proxy server not found') % radius1), ), dict( desc='Try to add multiple radius proxy server %r' % radius1, command=('radiusproxy_add', [radius1], dict( ipatokenradiusserver=radius1_fqdn, addattr=u'ipatokenradiusserver=radius1_fqdn', ipatokenradiussecret=password1, ), ), expected=errors.OnlyOneValueAllowed(attr='ipatokenradiusserver') ), dict( desc='Create %r' % radius1, command=('radiusproxy_add', [radius1], dict( ipatokenradiusserver=radius1_fqdn, ipatokenradiussecret=password1, ), ), expected=dict( value=radius1, summary=u'Added RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], dn=radius1_dn, ipatokenradiussecret=[password1_bytes], ipatokenradiusserver=[radius1_fqdn], objectclass=objectclasses.radiusproxy, ), ), ), dict( desc='Try to create duplicate %r' % radius1, command=('radiusproxy_add', [radius1], dict( ipatokenradiusserver=radius1_fqdn, ipatokenradiussecret=password1, ), ), expected=errors.DuplicateEntry(message=_('RADIUS proxy server ' 'with name "%s" already exists') % radius1), ), dict( desc='Retrieve %r' % radius1, command=('radiusproxy_show', [radius1], {}), expected=dict( value=radius1, summary=None, result=dict( cn=[radius1], dn=radius1_dn, ipatokenradiusserver=[radius1_fqdn], ), ), ), dict( desc='Retrieve %r with all=True' % radius1, command=('radiusproxy_show', [radius1], dict(all=True)), expected=dict( value=radius1, summary=None, result=dict( cn=[radius1], dn=radius1_dn, ipatokenradiussecret=[password1_bytes], ipatokenradiusserver=[radius1_fqdn], objectclass=objectclasses.radiusproxy, ), ), ), ] + [ dict( desc='Set timeout of %s to %s (valid)' % (radius1, num), command=('radiusproxy_mod', [radius1], dict(ipatokenradiustimeout=num)), expected=dict( value=radius1, summary=u'Modified RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], ipatokenradiusserver=[radius1_fqdn], ipatokenradiustimeout=[unicode(num)], ), ), ) for num in (1, 100) ] + [ dict( desc='Set timeout of %s to 0 (invalid)' % radius1, command=('radiusproxy_mod', [radius1], dict(ipatokenradiustimeout=0)), expected=errors.ValidationError( name='timeout', error=_('must be at least 1')), ), dict( desc='Unset timeout of %s' % radius1, command=('radiusproxy_mod', [radius1], dict(ipatokenradiustimeout=None)), expected=dict( value=radius1, summary=u'Modified RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], ipatokenradiusserver=[radius1_fqdn], ), ), ), ] + [ dict( desc='Set retries of %s to %s (valid)' % (radius1, num), command=('radiusproxy_mod', [radius1], dict(ipatokenradiusretries=num)), expected=dict( value=radius1, summary=u'Modified RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], ipatokenradiusserver=[radius1_fqdn], ipatokenradiusretries=[unicode(num)], ), ), ) for num in (0, 4, 10) ] + [ dict( desc='Set retries of %s to %s (invalid)' % (radius1, num), command=('radiusproxy_mod', [radius1], dict(ipatokenradiusretries=num)), expected=errors.ValidationError( name='retries', error=reason), ) for num, reason in ((-1, 'must be at least 0'), (11, 'can be at most 10'), (100, 'can be at most 10')) ] + [ dict( desc='Unset retries of %s' % radius1, command=('radiusproxy_mod', [radius1], dict(ipatokenradiusretries=None)), expected=dict( value=radius1, summary=u'Modified RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], ipatokenradiusserver=[radius1_fqdn], ), ), ), ] + [ dict( desc='Set server string of %s to %s (valid)' % (radius1, fqdn), command=('radiusproxy_mod', [radius1], dict(ipatokenradiusserver=fqdn)), expected=dict( value=radius1, summary=u'Modified RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], ipatokenradiusserver=[fqdn], ), ), ) for fqdn in (radius1_fqdn + u':12345', radius1_fqdn) ] + [ dict( desc='Set server string of %s to %s (invalid)' % (radius1, fqdn), command=('radiusproxy_mod', [radius1], dict(ipatokenradiusserver=fqdn)), expected=errors.ValidationError(name='ipatokenradiusserver', error=error), ) for fqdn, error in ( (radius1_fqdn + u':0x5a', 'invalid port number'), (radius1_fqdn + u':1:2:3', "only letters, numbers, '_', '-' are allowed. DNS label may not " "start or end with '-'"), (u'bogus', 'not fully qualified'), ) ] + [ dict( desc='Try to unset server string of %s' % radius1, command=('radiusproxy_mod', [radius1], dict(ipatokenradiusserver=None)), expected=errors.RequirementError(name='server'), ), dict( desc='Set userattr of %s to %s (valid)' % (radius1, u'cn'), command=('radiusproxy_mod', [radius1], dict(ipatokenusermapattribute=u'cn')), expected=dict( value=radius1, summary=u'Modified RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], ipatokenradiusserver=[radius1_fqdn], ipatokenusermapattribute=[u'cn'], ), ), ), dict( desc='Set userattr of %s to %s (invalid)' % (radius1, u'$%^&*'), command=('radiusproxy_mod', [radius1], dict(ipatokenusermapattribute=u'$%^&*')), expected=errors.ValidationError(name='ipatokenusermapattribute', error=u'invalid attribute name'), ), dict( desc='Unset userattr of %s' % radius1, command=('radiusproxy_mod', [radius1], dict(ipatokenusermapattribute=None)), expected=dict( value=radius1, summary=u'Modified RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], ipatokenradiusserver=[radius1_fqdn], ), ), ), dict( desc='Set desc of %s' % radius1, command=('radiusproxy_mod', [radius1], dict(description=u'a virtual radius server')), expected=dict( value=radius1, summary=u'Modified RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], ipatokenradiusserver=[radius1_fqdn], description=[u'a virtual radius server'], ), ), ), dict( desc='Unset desc of %s' % radius1, command=('radiusproxy_mod', [radius1], dict(description=None)), expected=dict( value=radius1, summary=u'Modified RADIUS proxy server "%s"' % radius1, result=dict( cn=[radius1], ipatokenradiusserver=[radius1_fqdn], ), ), ), dict( desc='Create "%s"' % user1, command=( 'user_add', [user1], dict(givenname=u'Test', sn=u'User1') ), expected=dict( value=user1, summary=u'Added user "%s"' % user1, result=get_user_result(user1, u'Test', u'User1', 'add'), ), ), dict( desc='Set radiusconfiglink of %r' % user1, command=('user_mod', [user1], dict(ipatokenradiusconfiglink=radius1,)), expected=dict( result=get_user_result(user1, u'Test', u'User1', 'mod', ipatokenradiusconfiglink=[radius1]), value=user1, summary='Modified user "%s"' % user1, ), ), dict( desc='Retrieve %r to verify %s is output' % (radius1, user1), command=('radiusproxy_show', [radius1], {}), expected=dict( value=radius1, summary=None, result=dict( cn=[radius1], dn=radius1_dn, ipatokenradiusserver=[radius1_fqdn], ), ), ), dict( desc='Retrieve %r to verify %s is output' % (user1, radius1), command=('user_show', [user1], {}), expected=dict( value=user1, summary=None, result=get_user_result(user1, u'Test', u'User1', 'show', ipatokenradiusconfiglink=[radius1]), ), ), dict( desc='Delete %r' % radius1, command=('radiusproxy_del', [radius1], {}), expected=dict( value=[radius1], summary=u'Deleted RADIUS proxy server "%s"' % radius1, result=dict(failed=[]), ), ), dict( desc='Retrieve %s to verify link is deleted' % user1, command=('user_show', [user1], {}), expected=dict( value=user1, summary=None, result=get_user_result(user1, u'Test', u'User1', 'show'), ), ), ]
class test_attr(Declarative): cleanup_commands = [ ('user_del', [user1], {}), ] tests = [ dict( desc='Try to add user %r with single-value attribute set via ' 'option and --addattr' % user1, command=('user_add', [user1], dict(givenname=u'Test', sn=u'User1', addattr=u'sn=User2')), expected=errors.OnlyOneValueAllowed(attr='sn'), ), dict( desc='Create %r' % user1, command=('user_add', [user1], dict(givenname=u'Test', sn=u'User1', setattr=None)), expected=dict( value=user1, summary=u'Added user "tuser1"', result=dict( gecos=[u'Test User1'], givenname=[u'Test'], homedirectory=[u'/home/tuser1'], krbprincipalname=[u'tuser1@' + api.env.realm], loginshell=[u'/bin/sh'], objectclass=objectclasses.user, sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'%s@%s' % (user1, api.env.domain)], displayname=[u'Test User1'], cn=[u'Test User1'], initials=[u'TU'], ipauniqueid=[fuzzy_uuid], krbpwdpolicyreference=[ DN(('cn', 'global_policy'), ('cn', api.env.realm), ('cn', 'kerberos'), api.env.basedn) ], mepmanagedentry=[ DN(('cn', user1), ('cn', 'groups'), ('cn', 'accounts'), api.env.basedn) ], memberof_group=[u'ipausers'], dn=DN(('uid', 'tuser1'), ('cn', 'users'), ('cn', 'accounts'), api.env.basedn), has_keytab=False, has_password=False, ), ), ), dict( desc='Change givenname, add mail %r' % user1, command=('user_mod', [user1], dict(setattr=(u'givenname=Finkle', u'[email protected]'))), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**'], memberof_group=[u'ipausers'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Add another mail %r' % user1, command=('user_mod', [user1], dict(addattr=u'[email protected]')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Add two phone numbers at once %r' % user1, command=('user_mod', [user1], dict(setattr=u'telephoneNumber=410-555-1212', addattr=u'telephoneNumber=301-555-1212')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[u'410-555-1212', u'301-555-1212'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Go from two phone numbers to one %r' % user1, command=('user_mod', [user1], dict(setattr=u'telephoneNumber=301-555-1212')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[u'301-555-1212'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Add two more phone numbers %r' % user1, command=('user_mod', [user1], dict(addattr=(u'telephoneNumber=703-555-1212', u'telephoneNumber=202-888-9833'))), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[ u'301-555-1212', u'202-888-9833', u'703-555-1212' ], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Delete one phone number for %r' % user1, command=('user_mod', [user1], dict(delattr=u'telephoneNumber=301-555-1212')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[u'202-888-9833', u'703-555-1212'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict(desc='Try deleting the number again for %r' % user1, command=('user_mod', [user1], dict(delattr=u'telephoneNumber=301-555-1212')), expected=errors.AttrValueNotFound(attr=u'telephonenumber', value=u'301-555-1212')), dict( desc='Add and delete one phone number for %r' % user1, command=('user_mod', [user1], dict(addattr=u'telephoneNumber=301-555-1212', delattr=u'telephoneNumber=202-888-9833')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[u'301-555-1212', u'703-555-1212'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Add and delete the same phone number for %r' % user1, command=('user_mod', [user1], dict(addattr=(u'telephoneNumber=301-555-1212', u'telephoneNumber=202-888-9833'), delattr=u'telephoneNumber=301-555-1212')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[ u'703-555-1212', u'301-555-1212', u'202-888-9833' ], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Set and delete a phone number for %r' % user1, command=('user_mod', [user1], dict(setattr=(u'telephoneNumber=301-555-1212', u'telephoneNumber=202-888-9833'), delattr=u'telephoneNumber=301-555-1212')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[u'202-888-9833'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Try setting givenname to None with setattr in %r' % user1, command=('user_mod', [user1], dict(setattr=(u'givenname='))), expected=errors.RequirementError(name='givenname'), ), dict( desc='Try setting givenname to None with option in %r' % user1, command=('user_mod', [user1], dict(givenname=None)), expected=errors.RequirementError(name='first'), ), dict( desc='Make sure setting givenname works with option in %r' % user1, command=('user_mod', [user1], dict(givenname=u'Fred')), expected=dict( result=dict( givenname=[u'Fred'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[u'202-888-9833'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Make sure setting givenname works with setattr in %r' % user1, command=('user_mod', [user1], dict(setattr=u'givenname=Finkle')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[u'202-888-9833'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Lock %r using setattr' % user1, command=('user_mod', [user1], dict(setattr=u'nsaccountlock=TrUe')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[u'202-888-9833'], nsaccountlock=True, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Unlock %r using addattr&delattr' % user1, command=('user_mod', [user1], dict(addattr=u'nsaccountlock=FaLsE', delattr=u'nsaccountlock=TRUE')), expected=dict( result=dict( givenname=[u'Finkle'], homedirectory=[u'/home/tuser1'], loginshell=[u'/bin/sh'], sn=[u'User1'], uid=[user1], uidnumber=[fuzzy_digits], gidnumber=[fuzzy_digits], mail=[u'*****@*****.**', u'*****@*****.**'], memberof_group=[u'ipausers'], telephonenumber=[u'202-888-9833'], nsaccountlock=False, has_keytab=False, has_password=False, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Try adding a new group search fields config entry', command=('config_mod', [], dict(addattr=u'ipagroupsearchfields=newattr')), expected=errors.OnlyOneValueAllowed(attr='ipagroupsearchfields'), ), dict( desc='Try adding a new cert subject base config entry', command=('config_mod', [], dict(addattr=u'ipacertificatesubjectbase=0=DOMAIN.COM')), expected=errors.ValidationError( name='ipacertificatesubjectbase', error='attribute is not configurable'), ), dict( desc='Try deleting a required config entry', command=('config_mod', [], dict(delattr=u'ipasearchrecordslimit=100')), expected=errors.RequirementError(name='ipasearchrecordslimit'), ), dict( desc='Try setting nonexistent attribute', command=('config_mod', [], dict(setattr=u'invalid_attr=false')), expected=errors.ObjectclassViolation( info='attribute "invalid_attr" not allowed'), ), dict( desc='Try setting out-of-range krbpwdmaxfailure', command=('pwpolicy_mod', [], dict(setattr=u'krbpwdmaxfailure=-1')), expected=errors.ValidationError(name='krbpwdmaxfailure', error='must be at least 0'), ), dict( desc='Try setting out-of-range maxfail', command=('pwpolicy_mod', [], dict(krbpwdmaxfailure=u'-1')), expected=errors.ValidationError(name='maxfail', error='must be at least 0'), ), dict( desc='Try setting non-numeric krbpwdmaxfailure', command=('pwpolicy_mod', [], dict(setattr=u'krbpwdmaxfailure=abc')), expected=errors.ConversionError(name='krbpwdmaxfailure', error='must be an integer'), ), dict( desc='Try setting non-numeric maxfail', command=('pwpolicy_mod', [], dict(krbpwdmaxfailure=u'abc')), expected=errors.ConversionError(name='maxfail', error='must be an integer'), ), dict( desc='Try deleting bogus attribute', command=('config_mod', [], dict(delattr=u'bogusattribute=xyz')), expected=errors.ValidationError( name='bogusattribute', error='No such attribute on this entry'), ), dict( desc='Try deleting empty attribute', command=('config_mod', [], dict(delattr=u'ipaCustomFields=See Also,seealso,false')), expected=errors.ValidationError( name='ipacustomfields', error='No such attribute on this entry'), ), dict( desc='Set and delete one value, plus try deleting a missing one', command=('config_mod', [], dict(delattr=[ u'ipaCustomFields=See Also,seealso,false', u'ipaCustomFields=Country,c,false' ], addattr=u'ipaCustomFields=See Also,seealso,false')), expected=errors.AttrValueNotFound(attr='ipacustomfields', value='Country,c,false'), ), dict( desc='Try to delete an operational attribute with --delattr', command=('config_mod', [], dict(delattr=u'creatorsName=cn=directory manager')), expected=errors.DatabaseError( desc='Server is unwilling to perform', info=''), ), ]
class test_attr(Declarative): cleanup_commands = [ ('user_del', [user1], {}), ] tests = [ dict( desc='Try to add user %r with single-value attribute set via ' 'option and --addattr' % user1, command=('user_add', [user1], dict(givenname=u'Test', sn=u'User1', addattr=u'sn=User2')), expected=errors.OnlyOneValueAllowed(attr='sn'), ), dict( desc='Create %r' % user1, command=('user_add', [user1], dict(givenname=u'Test', sn=u'User1', setattr=None)), expected=dict( value=user1, summary=u'Added user "tuser1"', result=get_user_result(user1, u'Test', u'User1', 'add'), ), ), dict( desc='Change givenname, add mail %r' % user1, command=('user_mod', [user1], dict(setattr=(u'givenname=Finkle', u'[email protected]'))), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Add another mail %r' % user1, command=('user_mod', [user1], dict(addattr=u'[email protected]')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Add two phone numbers at once %r' % user1, command=('user_mod', [user1], dict(setattr=u'telephoneNumber=410-555-1212', addattr=u'telephoneNumber=301-555-1212')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[u'410-555-1212', u'301-555-1212'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Go from two phone numbers to one %r' % user1, command=('user_mod', [user1], dict(setattr=u'telephoneNumber=301-555-1212')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[u'301-555-1212'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Add two more phone numbers %r' % user1, command=('user_mod', [user1], dict(addattr=(u'telephoneNumber=703-555-1212', u'telephoneNumber=202-888-9833'))), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[ u'301-555-1212', u'703-555-1212', u'202-888-9833' ], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Delete one phone number for %r' % user1, command=('user_mod', [user1], dict(delattr=u'telephoneNumber=301-555-1212')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[u'703-555-1212', u'202-888-9833'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict(desc='Try deleting the number again for %r' % user1, command=('user_mod', [user1], dict(delattr=u'telephoneNumber=301-555-1212')), expected=errors.AttrValueNotFound(attr=u'telephonenumber', value=u'301-555-1212')), dict( desc='Add and delete one phone number for %r' % user1, command=('user_mod', [user1], dict(addattr=u'telephoneNumber=301-555-1212', delattr=u'telephoneNumber=202-888-9833')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[u'703-555-1212', u'301-555-1212'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Add and delete the same phone number for %r' % user1, command=('user_mod', [user1], dict(addattr=(u'telephoneNumber=301-555-1212', u'telephoneNumber=202-888-9833'), delattr=u'telephoneNumber=301-555-1212')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[ u'703-555-1212', u'301-555-1212', u'202-888-9833' ], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Set and delete a phone number for %r' % user1, command=('user_mod', [user1], dict(setattr=(u'telephoneNumber=301-555-1212', u'telephoneNumber=202-888-9833'), delattr=u'telephoneNumber=301-555-1212')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[u'202-888-9833'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Try setting givenname to None with setattr in %r' % user1, command=('user_mod', [user1], dict(setattr=(u'givenname='))), expected=errors.RequirementError(name='givenname'), ), dict( desc='Try setting givenname to None with option in %r' % user1, command=('user_mod', [user1], dict(givenname=None)), expected=errors.RequirementError(name='first'), ), dict( desc='Make sure setting givenname works with option in %r' % user1, command=('user_mod', [user1], dict(givenname=u'Fred')), expected=dict( result=get_user_result( user1, u'Fred', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[u'202-888-9833'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Make sure setting givenname works with setattr in %r' % user1, command=('user_mod', [user1], dict(setattr=u'givenname=Finkle')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[u'202-888-9833'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Try to "remove" empty location from %r' % user1, command=('user_mod', [user1], dict(l=None)), expected=errors.EmptyModlist(), ), dict( desc='Lock %r using setattr' % user1, command=('user_mod', [user1], dict(setattr=u'nsaccountlock=TrUe')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[u'202-888-9833'], nsaccountlock=True, ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Unlock %r using addattr&delattr' % user1, command=('user_mod', [user1], dict(addattr=u'nsaccountlock=FaLsE', delattr=u'nsaccountlock=TRUE')), expected=dict( result=get_user_result( user1, u'Finkle', u'User1', 'mod', mail=[u'*****@*****.**', u'*****@*****.**'], telephonenumber=[u'202-888-9833'], ), summary=u'Modified user "tuser1"', value=user1, ), ), dict( desc='Try adding a new group search fields config entry', command=('config_mod', [], dict(addattr=u'ipagroupsearchfields=newattr')), expected=errors.OnlyOneValueAllowed(attr='ipagroupsearchfields'), ), dict( desc='Try adding a new cert subject base config entry', command=('config_mod', [], dict(addattr=u'ipacertificatesubjectbase=0=DOMAIN.COM')), expected=errors.ValidationError( name='ipacertificatesubjectbase', error='attribute is not configurable'), ), dict( desc='Try deleting a required config entry', command=('config_mod', [], dict(delattr=u'ipasearchrecordslimit=100')), expected=errors.RequirementError(name='ipasearchrecordslimit'), ), dict( desc='Try setting nonexistent attribute', command=('config_mod', [], dict(setattr=u'invalid_attr=false')), expected=errors.ObjectclassViolation( info='attribute "invalid_attr" not allowed'), ), dict( desc='Try setting out-of-range krbpwdmaxfailure', command=('pwpolicy_mod', [], dict(setattr=u'krbpwdmaxfailure=-1')), expected=errors.ValidationError(name='krbpwdmaxfailure', error='must be at least 0'), ), dict( desc='Try setting out-of-range maxfail', command=('pwpolicy_mod', [], dict(krbpwdmaxfailure=u'-1')), expected=errors.ValidationError(name='maxfail', error='must be at least 0'), ), dict( desc='Try setting non-numeric krbpwdmaxfailure', command=('pwpolicy_mod', [], dict(setattr=u'krbpwdmaxfailure=abc')), expected=errors.ConversionError(name='krbpwdmaxfailure', error='must be an integer'), ), dict( desc='Try setting non-numeric maxfail', command=('pwpolicy_mod', [], dict(krbpwdmaxfailure=u'abc')), expected=errors.ConversionError(name='maxfail', error='must be an integer'), ), dict( desc='Try deleting bogus attribute', command=('config_mod', [], dict(delattr=u'bogusattribute=xyz')), expected=errors.ValidationError( name='bogusattribute', error='No such attribute on this entry'), ), dict( desc='Try deleting empty attribute', command=('config_mod', [], dict(delattr=u'ipaCustomFields=See Also,seealso,false')), expected=errors.ValidationError( name='ipacustomfields', error='No such attribute on this entry'), ), dict( desc='Set and delete one value, plus try deleting a missing one', command=('config_mod', [], dict(delattr=[ u'ipaCustomFields=See Also,seealso,false', u'ipaCustomFields=Country,c,false' ], addattr=u'ipaCustomFields=See Also,seealso,false')), expected=errors.AttrValueNotFound(attr='ipacustomfields', value='Country,c,false'), ), dict( desc='Try to delete an operational attribute with --delattr', command=('config_mod', [], dict(delattr=u'creatorsName=cn=directory manager')), expected=errors.DatabaseError( desc='Server is unwilling to perform', info=''), ), ]