def test_group_context(self):
""" Test Group Context Consistency With Service Options """
filter = ldapclient.GroupFilter(
slapd.BASEDN, ldap.SCOPE_SUBTREE,
'(&(objectClass=groupOfUniqueNames)(cn=developers))',
'uniqueMember')
self.hc.addGroup(filter)
self.assertEquals(self.hc.groupsCtx[filter].makehome, True)
self.assertEquals(self.hc.groupsCtx[filter].minuid, 0)
def test_isMember(self):
# Matching member
filter = ldapclient.GroupFilter(
slapd.BASEDN, ldap.SCOPE_SUBTREE,
'(&(objectClass=groupOfUniqueNames)(cn=developers))')
self.assert_(filter.isMember(self.conn, self.entry.dn))
# Should not match
filter = ldapclient.GroupFilter(
slapd.BASEDN, ldap.SCOPE_SUBTREE,
'(&(objectClass=groupOfUniqueNames)(cn=administrators))')
self.assert_(not filter.isMember(self.conn, self.entry.dn))
# Try with a custom matching attribute
filter = ldapclient.GroupFilter(
slapd.BASEDN, ldap.SCOPE_SUBTREE,
'(&(objectClass=groupOfNames)(cn=notunique))', 'member')
self.assert_(filter.isMember(self.conn, self.entry.dn))
def test_requireGroupNoMatch(self):
self.hc.requireGroup = True
# Add a group that will not match, and again ensure that the worker
# is not called
filter = ldapclient.GroupFilter(
slapd.BASEDN, ldap.SCOPE_SUBTREE,
'(&(objectClass=groupOfUniqueNames)(cn=administrators))',
'uniqueMember')
self.hc.addGroup(filter, {'test': 'value', 'group': 'administrators'})
self.hc.work(self.conn)
self.assertEquals(MockHelper.success, False)
def test_addGroup(self):
self.hc.requireGroup = True
# Add a group that will match. Ensure that the worker is called with the
# correct context
filter = ldapclient.GroupFilter(
slapd.BASEDN, ldap.SCOPE_SUBTREE,
'(&(objectClass=groupOfUniqueNames)(cn=developers))',
'uniqueMember')
self.hc.addGroup(filter, {'test': 'value', 'group': 'developers'})
self.hc.work(self.conn)
self.assertEquals(MockHelper.success, True)
self.assertEquals(MockHelper.context['group'], 'developers')
# Add an additional group. Ensure that only the first group matches
filter = ldapclient.GroupFilter(
slapd.BASEDN, ldap.SCOPE_SUBTREE,
'(&(objectClass=groupOfUniqueNames)(cn=developers))',
'uniqueMember')
self.hc.addGroup(filter, {'test': 'value', 'group': 'developers2'})
self.hc.work(self.conn)
self.assertEquals(MockHelper.success, True)
self.assertEquals(MockHelper.context['group'], 'developers')
def test_group_context_custom(self):
""" Test Group Context Consistency With Group Specific Options """
options = self.options
# Run parseOptions here to make sure the options dictionary is not
# being modified by it.
self.hc.helperClass.parseOptions(options)
# Now update with a custom option for this group.
options['command'] = '/bin/csh'
filter = ldapclient.GroupFilter(slapd.BASEDN, ldap.SCOPE_SUBTREE, '(&(objectClass=groupOfUniqueNames)(cn=developers))', 'uniqueMember')
self.hc.addGroup(filter, options)
self.assertEquals(self.hc.groupsCtx[filter].command, '/bin/csh')
self.assertEquals(self.hc.groupsCtx[filter].makehome, True)
self.assertEquals(self.hc.groupsCtx[filter].minuid, 0)
def test_modifyGroup(self):
# Add a filter for a group that the user isn't in yet.
self.hc.requireGroup = True
filter = ldapclient.GroupFilter(
slapd.BASEDN, ldap.SCOPE_SUBTREE,
'(&(objectClass=groupOfUniqueNames)(cn=administrators))',
'uniqueMember')
self.hc.addGroup(filter, {'test': 'value', 'group': 'administrators'})
# Acquire write privs
self.conn.simple_bind(slapd.ROOTDN, slapd.ROOTPW)
# Find group and modify it
entry = self.conn.search(slapd.BASEDN, ldap.SCOPE_SUBTREE,
'cn=administrators', None)[0]
mod = ldapclient.Modification(entry.dn)
mod.add('uniqueMember', 'uid=john,ou=People,dc=example,dc=com')
self.conn.modify(mod)
# Again we have to wait a second so the modifyTimestamp for the group
# is older then the time that will be saved to self.hc._lastRun on the
# next call to self.hc.work()
time.sleep(1)
# Make sure the user was really added to the group for good measure
self.assertTrue(
filter.isMember(self.conn, 'uid=john,ou=People,dc=example,dc=com'))
# Ensure now that the group has been modified that the entry looks
# that way too.
self.hc.work(self.conn)
self.assertEquals(MockHelper.success, True)
self.assertEquals(MockHelper.context['group'], 'administrators')
self.assertEquals(MockHelper.modified, True)
# Try again, making sure the entry isn't modified this time
self.hc.work(self.conn)
self.assertEquals(MockHelper.modified, False)
