def test_trust_get_trust_domains_fail(self, mock_trust, mock_run):
# sssctl domain-list
run_result = namedtuple('run', ['returncode', 'error_log'])
run_result.returncode = 0
run_result.error_log = ''
run_result.output = 'implicit_files\nipa.example\nad.example\n'
mock_run.return_value = run_result
mock_trust.side_effect = errors.NotFound(reason='bad')
framework = object()
registry.initialize(framework)
registry.trust_agent = True
f = IPATrustDomainsCheck(registry)
f.config = config.Config()
self.results = capture_results(f)
# There are more than one result I just care about this particular
# value. The error is not fatal.
result = self.results.results[0]
assert result.result == constants.WARNING
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustDomainsCheck'
assert result.kw.get('key') == 'trust-find'
def test_trust_get_trust_domains_mismatch(self, mock_run):
# sssctl domain-list
dlresult = namedtuple('run', ['returncode', 'error_log'])
dlresult.returncode = 0
dlresult.error_log = ''
dlresult.output = 'implicit_files\nipa.example\n' \
'child.example\n'
olresult = namedtuple('run', ['returncode', 'error_log'])
olresult.returncode = 0
olresult.error_log = ''
olresult.output = 'Online status: Online\n\n'
mock_run.side_effect = [dlresult, olresult, olresult]
# get_trust_domains()
m_api.Command.trust_find.side_effect = [{
'result': [
{
'cn': ['ad.example'],
'ipantflatname': ['ADROOT'],
'ipanttrusteddomainsid': ['S-1-5-21-abc'],
'trusttype': ['Active Directory domain'],
},
{
'cn': ['child.example'],
'ipantflatname': ['ADROOT'],
'ipanttrusteddomainsid': ['S-1-5-21-def'],
'trusttype': ['Active Directory domain'],
},
]
}]
framework = object()
registry.initialize(framework)
registry.trust_agent = True
f = IPATrustDomainsCheck(registry)
f.config = config.Config()
self.results = capture_results(f)
assert len(self.results) == 2
result = self.results.results[0]
assert result.result == constants.ERROR
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustDomainsCheck'
assert result.kw.get('key') == 'domain-list'
assert result.kw.get('trust_domains') == 'ad.example, child.example'
assert result.kw.get('sssd_domains') == 'child.example'
result = self.results.results[1]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustDomainsCheck'
assert result.kw.get('key') == 'domain-status'
assert result.kw.get('domain') == 'child.example'
def test_no_trust_agent(self):
framework = object()
registry.initialize(framework)
registry.trust_agent = False
f = IPATrustDomainsCheck(registry)
f.config = config.Config()
self.results = capture_results(f)
# Zero because the call was skipped altogether
assert len(self.results) == 0
def test_trust_get_trust_domains_ok(self, mock_run):
# sssctl domain-list
dlresult = namedtuple('run', ['returncode', 'error_log'])
dlresult.returncode = 0
dlresult.error_log = ''
dlresult.output = 'implicit_files\nipa.example\nad.example\n' \
'child.ad.example\nchild.example\n'
olresult = namedtuple('run', ['returncode', 'error_log'])
olresult.returncode = 0
olresult.error_log = ''
olresult.output = 'Online status: Online\n\n'
mock_run.side_effect = [dlresult, olresult, olresult, olresult]
# get_trust_domains()
m_api.Command.trust_find.side_effect = trust_find()
m_api.Command.trustdomain_find.side_effect = trustdomain_find()
framework = object()
registry.initialize(framework, config.Config)
registry.trust_agent = True
f = IPATrustDomainsCheck(registry)
self.results = capture_results(f)
assert len(self.results) == 4
result = self.results.results[0]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustDomainsCheck'
assert result.kw.get('key') == 'domain-list'
assert result.kw.get('trust_domains') == \
'ad.example, child.ad.example, child.example'
assert result.kw.get('sssd_domains') == \
'ad.example, child.ad.example, child.example'
result = self.results.results[1]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustDomainsCheck'
assert result.kw.get('key') == 'domain-status'
assert result.kw.get('domain') == 'ad.example'
result = self.results.results[2]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustDomainsCheck'
assert result.kw.get('key') == 'domain-status'
assert result.kw.get('domain') == 'child.ad.example'
result = self.results.results[3]
assert result.result == constants.SUCCESS
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustDomainsCheck'
assert result.kw.get('key') == 'domain-status'
assert result.kw.get('domain') == 'child.example'
def test_trust_domain_list_fail(self, mock_run):
run_result = namedtuple('run', ['returncode', 'error_log'])
run_result.returncode = 1
run_result.error_log = 'error'
mock_run.return_value = run_result
framework = object()
registry.initialize(framework)
registry.trust_agent = True
f = IPATrustDomainsCheck(registry)
f.config = config.Config()
self.results = capture_results(f)
assert len(self.results) == 1
result = self.results.results[0]
assert result.result == constants.ERROR
assert result.source == 'ipahealthcheck.ipa.trust'
assert result.check == 'IPATrustDomainsCheck'
assert result.kw.get('key') == 'domain_list_error'
