def test_healthcheck_virtual_attr_incorrectly_indexed(topology_st):
"""Check if HealthCheck returns DSVIRTLE0001 code
:id: 1055173b-21aa-4aaa-9e91-4dc6c5e0c01f
:setup: Standalone instance
:steps:
1. Create DS instance
2. Create a CoS definition entry
3. Create the matching CoS template entry, with postalcode as virtual attribute
4. Create an index for postalcode
5. Use HealthCheck without --json option
6. Use HealthCheck with --json option
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Healthcheck reports DSVIRTLE0001 code and related details
6. Healthcheck reports DSVIRTLE0001 code and related details
"""
RET_CODE = 'DSVIRTLE0001'
standalone = topology_st.standalone
postal_index_properties = {
'cn': 'postalcode',
'nsSystemIndex': 'False',
'nsIndexType': ['eq', 'sub', 'pres'],
}
log.info(
'Add cosPointer, cosTemplate and test entry to default suffix, where virtual attribute is postal code'
)
cos_pointer_properties = {
'cn': 'cosPointer',
'description': 'cosPointer example',
'cosTemplateDn': 'cn=cosTemplateExample,ou=People,dc=example,dc=com',
'cosAttribute': 'postalcode',
}
cos_pointer_definitions = CosPointerDefinitions(standalone, DEFAULT_SUFFIX,
'ou=People')
cos_pointer_definitions.create(properties=cos_pointer_properties)
log.info('Create CoS template')
cos_template_properties = {'cn': 'cosTemplateExample', 'postalcode': '117'}
cos_templates = CosTemplates(standalone, DEFAULT_SUFFIX, 'ou=People')
cos_templates.create(properties=cos_template_properties)
log.info('Create an index for postalcode')
backends = Backends(topology_st.standalone)
ur_indexes = backends.get('userRoot').get_indexes()
ur_indexes.create(properties=postal_index_properties)
run_healthcheck_and_flush_log(topology_st,
standalone,
RET_CODE,
json=False)
run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=True)
def create_subtree_policy(self, dn, properties):
"""Creates all entries which are needed for the subtree
password policy
:param dn: Entry DN for the subtree pwpolicy
:type dn: str
:param properties: A dict with password policy settings
:type properties: dict
:returns: PwPolicyEntry instance
"""
# Verify target dn exists before getting started
subtree_entry = Account(self._instance, dn)
if not subtree_entry.exists():
raise ValueError('Can not create subtree password policy because the target dn does not exist')
# Create the pwp container if needed
pwp_containers = nsContainers(self._instance, basedn=dn)
pwp_container = pwp_containers.ensure_state(properties={'cn': 'nsPwPolicyContainer'})
# Create policy entry
pwp_entry = None
properties['cn'] = 'cn=nsPwPolicyEntry_subtree,%s' % dn
pwp_entries = PwPolicyEntries(self._instance, pwp_container.dn)
pwp_entry = pwp_entries.create(properties=properties)
try:
# The CoS template entry (nsPwTemplateEntry) that has the pwdpolicysubentry
# value pointing to the above (nsPwPolicyEntry) entry
cos_template = None
cos_templates = CosTemplates(self._instance, pwp_container.dn)
cos_template = cos_templates.create(properties={'cosPriority': '1',
'pwdpolicysubentry': pwp_entry.dn,
'cn': 'cn=nsPwTemplateEntry,%s' % dn})
# The CoS specification entry at the subtree level
cos_pointer_defs = CosPointerDefinitions(self._instance, dn)
cos_pointer_defs.create(properties={'cosAttribute': 'pwdpolicysubentry default operational',
'cosTemplateDn': cos_template.dn,
'cn': 'nsPwPolicy_CoS'})
except ldap.LDAPError as e:
# Something went wrong, remove what we have done
if pwp_entry is not None:
pwp_entry.delete()
if cos_template is not None:
cos_template.delete()
raise e
# make sure that local policies are enabled
self.set_global_policy({'nsslapd-pwpolicy-local': 'on'})
return pwp_entry
def test_ignore_virtual_attrs(topo):
"""Test nsslapd-ignore-virtual-attrs configuration attribute
:id: 9915d71b-2c71-4ac0-91d7-92655d53541b
:setup: Standalone instance
:steps:
1. Check the attribute nsslapd-ignore-virtual-attrs is present in cn=config
2. Check the default value of attribute nsslapd-ignore-virtual-attrs should be OFF
3. Set the valid values i.e. on/ON and off/OFF for nsslapd-ignore-virtual-attrs
4. Set invalid value for attribute nsslapd-ignore-virtual-attrs
5. Set nsslapd-ignore-virtual-attrs=off
6. Add cosPointer, cosTemplate and test entry to default suffix, where virtual attribute is postal code
7. Test if virtual attribute i.e. postal code shown in test entry while nsslapd-ignore-virtual-attrs: off
8. Set nsslapd-ignore-virtual-attrs=on
9. Test if virtual attribute i.e. postal code not shown while nsslapd-ignore-virtual-attrs: on
:expectedresults:
1. This should be successful
2. This should be successful
3. This should be successful
4. This should fail
5. This should be successful
6. This should be successful
7. Postal code should be present
8. This should be successful
9. Postal code should not be present
"""
log.info("Check the attribute nsslapd-ignore-virtual-attrs is present in cn=config")
assert topo.standalone.config.present('nsslapd-ignore-virtual-attrs')
log.info("Check the default value of attribute nsslapd-ignore-virtual-attrs should be OFF")
assert topo.standalone.config.get_attr_val_utf8('nsslapd-ignore-virtual-attrs') == "off"
log.info("Set the valid values i.e. on/ON and off/OFF for nsslapd-ignore-virtual-attrs")
for attribute_value in ['on', 'off', 'ON', 'OFF']:
topo.standalone.config.set('nsslapd-ignore-virtual-attrs', attribute_value)
assert topo.standalone.config.present('nsslapd-ignore-virtual-attrs', attribute_value)
log.info("Set invalid value for attribute nsslapd-ignore-virtual-attrs")
with pytest.raises(ldap.OPERATIONS_ERROR):
topo.standalone.config.set('nsslapd-ignore-virtual-attrs', 'invalid_value')
cos_template_properties = {
'cn': 'cosTemplateExample',
'postalcode': '117'
}
cos_templates = CosTemplates(topo.standalone, DEFAULT_SUFFIX, 'ou=People')
test_cos_template = cos_templates.create(properties=cos_template_properties)
log.info("Add cosPointer, cosTemplate and test entry to default suffix, where virtual attribute is postal code")
cos_pointer_properties = {
'cn': 'cosPointer',
'description': 'cosPointer example',
'cosTemplateDn': 'cn=cosTemplateExample,ou=People,dc=example,dc=com',
'cosAttribute': 'postalcode',
}
cos_pointer_definitions = CosPointerDefinitions(topo.standalone, DEFAULT_SUFFIX, 'ou=People')
test_cos_pointer_definition = cos_pointer_definitions.create(properties=cos_pointer_properties)
test_users = UserAccounts(topo.standalone, DEFAULT_SUFFIX)
test_user = test_users.create(properties=TEST_USER_PROPERTIES)
log.info("Test if virtual attribute i.e. postal code shown in test entry while nsslapd-ignore-virtual-attrs: off")
assert test_user.present('postalcode', '117')
log.info("Set nsslapd-ignore-virtual-attrs=on")
topo.standalone.config.set('nsslapd-ignore-virtual-attrs', 'on')
log.info("Test if virtual attribute i.e. postal code not shown while nsslapd-ignore-virtual-attrs: on")
assert not test_user.present('postalcode', '117')