def check_retrieve(self, result, all=False, raw=False): """Check `location-show` command result""" if all: expected = self.filter_attrs(self.retrieve_all_keys) else: expected = self.filter_attrs(self.retrieve_keys) assert_deepequal(dict(value=self.idnsname_obj, summary=None, result=expected, servers=self.servers), result)
def check_update(self, result, extra_keys=()): """ Check 'stageuser-mod' command result """ assert_deepequal(dict( value=self.uid, summary=u'Modified stage user "%s"' % self.uid, result=self.filter_attrs(self.update_keys | set(extra_keys)) ), result)
def check_create(self, result): """Check `host_add` command result""" assert_deepequal(dict( value=self.fqdn, summary=u'Added host "%s"' % self.fqdn, result=self.filter_attrs(self.create_keys), ), result)
def check_update(self, result, extra_keys=()): """Check the plugin's `find` command result""" assert_deepequal(dict( value=self.name, summary=u'Modified CA "{}"'.format(self.name), result=self.filter_attrs(self.update_keys | set(extra_keys)) ), result)
def test_add_ipv6_host_from_ip(self, dns_setup, ipv6_fromip_host): ipv6_fromip_host.ensure_missing() ipv6_fromip_host.track_create() command = ipv6_fromip_host.make_create_command(force=False) result = command(ip_address=ipv6_fromip_ipv6) ipv6_fromip_host.check_create(result) result = ipv6_fromip_host.run_command('dnsrecord_show', dnszone, ipv6_fromip_host.shortname) assert_deepequal(dict( value=ipv6_fromip_dnsname, summary=None, result=dict( dn=ipv6_fromip_dn, idnsname=[ipv6_fromip_dnsname], aaaarecord=[ipv6_fromip_aaaarec], ), ), result) result = ipv6_fromip_host.run_command('dnsrecord_show', revipv6zone, ipv6_fromip_ptr) assert_deepequal(dict( value=ipv6_fromip_ptr_dnsname, summary=None, result=dict( dn=ipv6_fromip_ptr_dn, idnsname=[ipv6_fromip_ptr_dnsname], ptrrecord=[ipv6_fromip_host.fqdn + '.'], ), ), result)
def check_delete(self, result): """ Checks 'automember_del' command result """ assert_deepequal(dict( value=[self.cn], summary=u'Deleted automember rule "%s"' % self.cn, result=dict(failed=[]), ), result)
def check_create(self, result): assert_deepequal(dict( value=self.name, summary=u'Added Certificate Identity Mapping Rule "{}"' u''.format(self.name), result=self.filter_attrs(self.create_keys), ), result)
def check_update(self, result, extra_keys=()): """ Check service-mod command result """ assert_deepequal({ u'value': u'{0}'.format(self.name), u'summary': u'Modified service "{0}"'.format(self.name), u'result': self.filter_attrs(self.update_keys | set(extra_keys)) }, result)
def check_delete(self, result): """ Checks 'sudocmdgroup_del' command result """ assert_deepequal(dict( value=[self.cn], summary=u'Deleted Sudo Command Group "%s"' % self.cn, result=dict(failed=[]), ), result)
def check_create(self, result): """ Check service-add command result """ assert_deepequal({ u'value': u'{0}'.format(self.name), u'summary': u'Added service "{0}"'.format(self.name), u'result': self.filter_attrs(self.create_keys) }, result)
def check_delete(self, result): """ Check service-del command result """ assert_deepequal({ u'value': [u'{0}'.format(self.name)], u'summary': u'Deleted service "{0}"'.format(self.name), u'result': {u'failed': []} }, result)
def check_find(self, result, all=False, raw=False): """Check `host_find` command result""" if all: expected = self.filter_attrs(self.find_all_keys) else: expected = self.filter_attrs(self.find_keys) assert_deepequal(dict(count=1, truncated=False, summary=u"1 host matched", result=[expected]), result)
def check_retrieve(self, result, all=False, raw=False): """Check `host_show` command result""" if all: expected = self.filter_attrs(self.retrieve_all_keys) else: expected = self.filter_attrs(self.retrieve_keys) assert_deepequal(dict(value=self.fqdn, summary=None, result=expected), result)
def check_update(self, result, extra_keys={}): """ Checks 'sudocmdgroup_mod' command result """ assert_deepequal(dict( value=self.cn, summary=u'Modified Sudo Command Group "%s"' % self.cn, result=self.filter_attrs(self.update_keys | set(extra_keys)) ), result)
def add_certmap(self, **kwargs): cmd = self._make_add_certmap() try: expected_certmapdata = self._data_from_options(**kwargs) except Exception as e: with pytest.raises(type(e)): cmd(**kwargs) else: result = cmd(**kwargs) self.attrs.setdefault(u'ipacertmapdata', []).extend( expected_certmapdata) expected = dict( summary=(u'Added certificate mappings to user ' u'"{}"'.format(self.name)), value=self.name, result=dict( uid=(self.name,), ), ) if self.attrs[u'ipacertmapdata']: expected[u'result'][u'ipacertmapdata'] = ( self.attrs[u'ipacertmapdata']) assert_deepequal(expected, result)
def check_create(self, result): """ Checks 'sudocmdgroup_add' command result """ assert_deepequal(dict( value=self.cn, summary=u'Added Sudo Command Group "%s"' % self.cn, result=self.filter_attrs(self.create_keys) ), result)
def check_create(self, result): """ Checks 'automember_add' command result """ assert_deepequal(dict( value=self.cn, summary=u'Added automember rule "%s"' % self.cn, result=self.filter_attrs(self.create_keys) ), result)
def check_undel(self, result): """ Check 'user-undel' command result """ assert_deepequal(dict( value=self.uid, summary=u'Undeleted user account "%s"' % self.uid, result=True ), result)
def check_update(self, result, extra_keys={}): """ Checks 'automember_mod' command result """ assert_deepequal(dict( value=self.cn, summary=u'Modified automember rule "%s"' % self.cn, result=self.filter_attrs(self.update_keys | set(extra_keys)) ), result)
def test_search_for_all_nonposix(self, group): """ Perform a search for all non-posix groups """ command = group.make_command( 'group_find', **dict(nonposix=True, all=True) ) result = command() assert_deepequal(dict( summary=u'3 groups matched', count=3, truncated=False, result=[ { 'dn': get_group_dn('ipausers'), 'cn': [u'ipausers'], 'description': [u'Default group for all users'], 'objectclass': fuzzy_set_ci(objectclasses.group), 'ipauniqueid': [fuzzy_uuid], }, { 'dn': get_group_dn(group.cn), 'cn': [group.cn], 'description': [u'New desc'], 'objectclass': fuzzy_set_ci(objectclasses.group), 'ipauniqueid': [fuzzy_uuid], }, { 'dn': get_group_dn('trust admins'), 'member_user': [u'admin'], 'cn': [u'trust admins'], 'description': [u'Trusts administrators group'], 'objectclass': fuzzy_set_ci(objectclasses.group), 'ipauniqueid': [fuzzy_uuid], }, ], ), result)
def check_delete(self, result): """ Check 'user-del' command result """ assert_deepequal(dict( value=[self.uid], summary=u'Deleted user "%s"' % self.uid, result=dict(failed=[]), ), result)
def check_disable(self, result): """ Check result of disable user operation """ assert_deepequal(dict( value=self.name, summary=u'Disabled user account "%s"' % self.name, result=True ), result)
def check_create(self, result): """ Check 'stageuser-add' command result """ assert_deepequal(dict( value=self.uid, summary=u'Added stage user "%s"' % self.uid, result=self.filter_attrs(self.create_keys), ), result)
def check_find(self, result, all=False, pkey_only=False, raw=False, expected_override=None): """ Check 'user-find' command result """ if all: if u'preserved' not in self.attrs: self.attrs.update(preserved=False) expected = self.filter_attrs(self.find_all_keys) elif pkey_only: expected = self.filter_attrs(self.primary_keys) else: expected = self.filter_attrs(self.find_keys) if all and self.attrs[u'preserved']: del expected[u'mepmanagedentry'] if u'nsaccountlock' in expected: if expected[u'nsaccountlock'] == [u'true']: expected[u'nsaccountlock'] = True elif expected[u'nsaccountlock'] == [u'false']: expected[u'nsaccountlock'] = False if expected_override: assert isinstance(expected_override, dict) expected.update(expected_override) assert_deepequal(dict( count=1, truncated=False, summary=u'1 user matched', result=[expected], ), result)
def check_update(self, result, extra_keys=()): """Check `host_update` command result""" assert_deepequal(dict( value=self.fqdn, summary=u'Modified host "%s"' % self.fqdn, result=self.filter_attrs(self.update_keys | set(extra_keys)) ), result)
def check_retrieve(self, result, all=False, raw=False): """ Check 'user-show' command result """ if u'preserved' in self.attrs and self.attrs[u'preserved']: self.retrieve_all_keys = self.retrieve_preserved_all_keys self.retrieve_keys = self.retrieve_preserved_keys elif u'preserved' not in self.attrs and all: self.attrs[u'preserved'] = False if all: expected = self.filter_attrs(self.retrieve_all_keys) else: expected = self.filter_attrs(self.retrieve_keys) # small override because stageuser-find returns different type # of nsaccountlock value than DS, but overall the value fits # expected result if u'nsaccountlock' in expected: if expected[u'nsaccountlock'] == [u'true']: expected[u'nsaccountlock'] = True elif expected[u'nsaccountlock'] == [u'false']: expected[u'nsaccountlock'] = False assert_deepequal(dict( value=self.uid, summary=None, result=expected, ), result)
def check_delete(self, result): """Check `host_del` command result""" assert_deepequal(dict( value=[self.fqdn], summary=u'Deleted host "%s"' % self.fqdn, result=dict(failed=[]), ), result)
def remove_certmap(self, **kwargs): cmd = self._make_remove_certmap() try: expected_certmapdata = self._data_from_options(**kwargs) except Exception as e: with pytest.raises(type(e)): cmd(**kwargs) else: result = cmd(**kwargs) for data in expected_certmapdata: self.attrs[u'ipacertmapdata'].remove(data) expected = dict( summary=(u'Removed certificate mappings from user ' u'"{}"'.format(self.name)), value=self.name, result=dict( uid=(self.name,), ), ) if self.attrs[u'ipacertmapdata']: expected[u'result'][u'ipacertmapdata'] = ( self.attrs[u'ipacertmapdata']) assert_deepequal(expected, result)
def test_user_allow_retrieve_keytab(self, allowedto_context, host): host.ensure_exists() result = host.run_command('host_allow_retrieve_keytab', host.fqdn, user=user1) host.attrs['ipaallowedtoperform_read_keys_user'] = [user1] assert_deepequal(dict( failed=dict( ipaallowedtoperform_read_keys=dict( group=[], host=[], hostgroup=[], user=[]), ), completed=1, result=host.filter_attrs(host.allowedto_keys), ), result) # Duplicates should not be accepted result = host.run_command('host_allow_retrieve_keytab', host.fqdn, user=user1) assert_deepequal(dict( failed=dict( ipaallowedtoperform_read_keys=dict( group=[], host=[], hostgroup=[], user=[[user1, u'This entry is already a member']], ), ), completed=0, result=host.filter_attrs(host.allowedto_keys), ), result)
def check_add_member(self, result): """ Checks 'sudocmdgroup_add_member' command result """ assert_deepequal(dict( completed=1, failed={u'member': {u'sudocmd': ()}}, result=self.filter_attrs(self.add_member_keys) ), result)
def test_topology_updated_on_replica_install_remove(self): """ Install and remove a replica and make sure topology information is updated on all other replicas Testcase: http://www.freeipa.org/page/V4/Manage_replication_topology/ Test_plan#Test_case: _Replication_topology_should_be_saved_in_the_LDAP_tree """ tasks.kinit_admin(self.master) result1 = self.master.run_command( ['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME]).stdout_text segment_name = self.segmentnames_re.findall(result1)[0] assert (self.master.hostname in segment_name), ( "Segment %s does not contain master hostname" % segment_name) assert (self.replicas[0].hostname in segment_name), ( "Segment %s does not contain replica hostname" % segment_name) tasks.install_replica(self.master, self.replicas[1], setup_ca=False, setup_dns=False) # We need to make sure topology information is consistent across all # replicas result2 = self.master.run_command( ['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME]) result3 = self.replicas[0].run_command( ['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME]) result4 = self.replicas[1].run_command( ['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME]) segments = self.tokenize_topologies(result2.stdout_text) assert (len(segments) == 2), "Unexpected number of segments found" assert_deepequal(result2.stdout_text, result3.stdout_text) assert_deepequal(result3.stdout_text, result4.stdout_text) # Now let's check that uninstalling the replica will update the topology # info on the rest of replicas. # first step of uninstallation is removal of the replica on other # master, then it can be uninstalled. Doing it the other way is also # possible, but not reliable - some data might not be replicated. tasks.clean_replication_agreement(self.master, self.replicas[1]) tasks.uninstall_master(self.replicas[1]) result5 = self.master.run_command( ['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME]) num_entries = self.noentries_re.search(result5.stdout_text).group(1) assert (num_entries == "1"), "Incorrect number of entries displayed"
def test_a2_automountmap_tofiles(self): """ Test the `automountlocation_tofiles` command. """ res = api.Command['automountlocation_tofiles'](self.locname, version=u'2.88') assert_deepequal( dict(result=dict( keys={'auto.direct': ()}, orphanmaps=(dict(dn=DN(('automountmapname', self.mapname), ( 'cn', self.locname), ('cn', 'automount'), api.env.basedn), description=(u'new description', ), automountmapname=(u'testmap', )), ), orphankeys=[(dict( dn=DN(('description', self.keyname2), ('automountmapname', 'testmap'), ('cn', self.locname), ( 'cn', 'automount'), api.env.basedn), automountkey=(self.keyname2, ), description=(self.keyname2, ), automountinformation=(u'ro', ), ), dict( dn=DN(('description', self.keyname_rename), ( 'automountmapname', 'testmap'), ('cn', self.locname), ( 'cn', 'automount'), api.env.basedn), automountkey=(self.keyname_rename, ), description=(self.keyname_rename, ), automountinformation=(u'rw', ), ))], maps=(dict(dn=DN(('description', '/- auto.direct'), ( 'automountmapname', 'auto.master'), ('cn', self.locname), ( 'cn', 'automount'), api.env.basedn), automountkey=(u'/-', ), description=(u'/- auto.direct', ), automountinformation=(u'auto.direct', )), ))), res) # Also check the CLI output self.check_tofiles()
def test_entry_to_dict(): class FakeAttributeType(object): def __init__(self, name, syntax): self.names = (name, ) self.syntax = syntax class FakeSchema(object): def get_obj(self, type, name): if type != ldap.schema.AttributeType: return if name == 'binaryattr': return FakeAttributeType(name, '1.3.6.1.4.1.1466.115.121.1.40') elif name == 'textattr': return FakeAttributeType(name, '1.3.6.1.4.1.1466.115.121.1.15') elif name == 'dnattr': return FakeAttributeType(name, '1.3.6.1.4.1.1466.115.121.1.12') class FakeLDAPClient(ipaldap.LDAPClient): def __init__(self): super(FakeLDAPClient, self).__init__('ldap://test', force_schema_updates=False) self._has_schema = True self._schema = FakeSchema() conn = FakeLDAPClient() rights = {'nothing': 'is'} entry = ipaldap.LDAPEntry(conn, DN('cn=test'), textattr=[u'text'], dnattr=[DN('cn=test')], binaryattr=[b'\xffabcd'], attributelevelrights=rights) the_dict = { u'dn': u'cn=test', u'textattr': [u'text'], u'dnattr': [u'cn=test'], u'binaryattr': [b'\xffabcd'], u'attributelevelrights': rights } assert_deepequal(baseldap.entry_to_dict(entry, all=True, raw=True), the_dict)
def test_set_default_group_for_automembers(self, defaultgroup1): """ Set new default group for group automembers """ result = api.Command['automember_default_group_set']( type=u'group', automemberdefaultgroup=defaultgroup1.cn ) assert_deepequal( dict( result=dict( cn=[u'Group'], automemberdefaultgroup=[DN(('cn', defaultgroup1.cn), ('cn', 'groups'), ('cn', 'accounts'), api.env.basedn)], ), value=u'group', summary=u'Set default (fallback) group for automember "group"' ), result) result = api.Command['automember_default_group_show']( type=u'group', ) assert_deepequal( dict( result=dict(dn=DN(('cn', 'group'), ('cn', 'automember'), ('cn', 'etc'), api.env.basedn), cn=[u'Group'], automemberdefaultgroup=[ DN(('cn', defaultgroup1.cn), ('cn', 'groups'), ('cn', 'accounts'), api.env.basedn) ], ), value=u'group', summary=None, ), result)
def check_retrieve(self, result, all=False, raw=False): """ Check 'stageuser-show' command result """ if all: expected = self.filter_attrs(self.retrieve_all_keys) else: expected = self.filter_attrs(self.retrieve_keys) # small override because stageuser-find returns different # type of nsaccountlock value than DS, but overall the value # fits expected result if expected[u'nsaccountlock'] == [u'true']: expected[u'nsaccountlock'] = True elif expected[u'nsaccountlock'] == [u'false']: expected[u'nsaccountlock'] = False assert_deepequal(dict( value=self.uid, summary=None, result=expected, ), result)
def check_find(self, result, all=False, raw=False): """ Check 'stageuser-find' command result """ if all: expected = self.filter_attrs(self.find_all_keys) else: expected = self.filter_attrs(self.find_keys) # small override because stageuser-find returns different # type of nsaccountlock value than DS, but overall the value # fits expected result if expected[u'nsaccountlock'] == [u'true']: expected[u'nsaccountlock'] = True elif expected[u'nsaccountlock'] == [u'false']: expected[u'nsaccountlock'] = False assert_deepequal(dict( count=1, truncated=False, summary=u'1 user matched', result=[expected], ), result)
def test_search_for_all_nonposix_with_criteria(self, group): """ Search for all non-posix groups with additional criteria filter """ command = group.make_command('group_find', *[u'users'], **dict(nonposix=True, all=True)) result = command() assert_deepequal( dict( summary=u'1 group matched', count=1, truncated=False, result=[ { 'dn': get_group_dn('ipausers'), 'cn': [u'ipausers'], 'description': [u'Default group for all users'], 'objectclass': fuzzy_set_ci(objectclasses.group), 'ipauniqueid': [fuzzy_uuid], }, ], ), result)
def check_exception(self, nice, cmd, args, options, expected): klass = expected.__class__ expected_name = klass.__name__ try: output = api.Command[cmd](*args, **options) except Exception as e: got = e else: raise AssertionError(EXPECTED % (cmd, expected_name, args, options, output)) if not isinstance(got, klass): raise AssertionError( UNEXPECTED % (cmd, expected_name, args, options, expected_name, expected, got.__class__.__name__, got)) # FIXME: the XML-RPC transport doesn't allow us to return structured # information through the exception, so we can't test the kw on the # client side. However, if we switch to using JSON-RPC for the default # transport, the exception is a free-form data structure (dict). # For now just compare the strings # pylint: disable=no-member assert_deepequal(expected.strerror, got.strerror)
def make_admin(self, admin_group=u'admins'): """ Add user to the administrator's group """ result = self.run_command('group_show', admin_group) admin_group_content = result[u'result'][u'member_user'] admin_group_expected = list(admin_group_content) + [self.name] command = self.make_group_add_member_command(admin_group, **dict(user=self.name)) result = command() assert_deepequal( dict( completed=1, failed=dict(member=dict(group=tuple(), user=tuple())), result={ 'dn': get_group_dn(admin_group), 'member_user': admin_group_expected, 'gidnumber': [fuzzy_digits], 'cn': [admin_group], 'description': [u'Account administrators group'], }, ), result)
def test_query_status(self, user): """ Query user_status on a user """ user.ensure_exists() result = user.run_command('user_status', user.uid) assert_deepequal( dict( count=1, result=[ dict( dn=user.dn, krblastfailedauth=[u'N/A'], krblastsuccessfulauth=[u'N/A'], krbloginfailedcount=u'0', now=isodate_re.match, server=api.env.host, ), ], summary=u'Account disabled: False', truncated=False, ), result) user.delete()
def test_host_with_service(self, host): host.ensure_exists() service1 = u'dns/%s@%s' % (host.fqdn, host.api.env.realm) service1dn = DN(('krbprincipalname', service1.lower()), ('cn', 'services'), ('cn', 'accounts'), host.api.env.basedn) try: result = host.run_command('service_add', service1, force=True) assert_deepequal( dict( value=service1, summary=u'Added service "%s"' % service1, result=dict( dn=service1dn, krbprincipalname=[service1], krbcanonicalname=[service1], objectclass=objectclasses.service, managedby_host=[host.fqdn], ipauniqueid=[fuzzy_uuid], ), ), result) host.delete() result = host.run_command('service_find', host.fqdn) assert_deepequal( dict( count=0, truncated=False, summary=u'0 services matched', result=[], ), result) finally: try: host.run_command('service_del', service1) except errors.NotFound: pass
def check_add_member_negative(self, result, options={}): """ Checks 'group_add_member' command result when expected result is failure of the operation""" expected = dict(completed=0, failed={u'member': { u'group': (), u'user': () }}, result=self.filter_attrs(self.add_member_keys)) if not options: try: options = self.adds except NameError: pass if u'user' in options: expected[u'failed'][u'member'][u'user'] = [(options[u'user'], u'no such entry')] elif u'group' in options: expected[u'failed'][u'member'][u'group'] = [(options[u'group'], u'no such entry')] assert_deepequal(expected, result)
def test_reset_automember_default_groups(self, defaultgroup1, user1, defaulthostgroup1, manager1): """ Reset automember group defaults """ manager1.delete() user1.delete() result = api.Command['automember_default_group_remove']( type=u'group', ) assert_deepequal( dict( result=dict( automemberdefaultgroup=u'No default (fallback) group set', cn=([u'Group']) ), value=u'group', summary=u'Removed default (fallback) group' ' for automember "group"'), result) result = api.Command['automember_default_group_remove']( type=u'hostgroup', ) assert_deepequal( dict( result=dict( automemberdefaultgroup=u'No default (fallback) group set', cn=([u'Hostgroup']) ), value=u'hostgroup', summary=u'Removed default (fallback) group' ' for automember "hostgroup"'), result) defaultgroup1.ensure_missing() defaulthostgroup1.ensure_missing()
def check_find(self, result, all=False, pkey_only=False, raw=False, expected_override=None): """ Check 'user-find' command result """ if all: if u'preserved' not in self.attrs: self.attrs.update(preserved=False) expected = self.filter_attrs(self.find_all_keys) elif pkey_only: expected = self.filter_attrs(self.primary_keys) else: expected = self.filter_attrs(self.find_keys) if all and self.attrs[u'preserved']: del expected[u'mepmanagedentry'] if u'nsaccountlock' in expected: if expected[u'nsaccountlock'] == [u'true']: expected[u'nsaccountlock'] = True elif expected[u'nsaccountlock'] == [u'false']: expected[u'nsaccountlock'] = False if expected_override: assert isinstance(expected_override, dict) expected.update(expected_override) assert_deepequal( dict( count=1, truncated=False, summary=u'1 user matched', result=[expected], ), result)
def test_group_allow_retrieve_keytab(self, allowedto_context, host, host3): host.ensure_exists() host3.ensure_exists() result = host.run_command('host_allow_retrieve_keytab', host.fqdn, group=[group1, group2], host=[host3.fqdn], hostgroup=[hostgroup1]) host.attrs['ipaallowedtoperform_read_keys_group'] = [group1, group2] host.attrs['ipaallowedtoperform_read_keys_host'] = [host3.fqdn] host.attrs['ipaallowedtoperform_read_keys_hostgroup'] = [hostgroup1] assert_deepequal( dict( failed=dict(ipaallowedtoperform_read_keys=dict(group=[], host=[], hostgroup=[], user=[]), ), completed=4, result=host.filter_attrs(host.allowedto_keys), ), result) # Non-members cannot be removed result = host.run_command('host_disallow_retrieve_keytab', host.fqdn, user=[user2]) assert_deepequal( dict( failed=dict(ipaallowedtoperform_read_keys=dict( group=[], host=[], hostgroup=[], user=[[user2, u'This entry is not a member']], ), ), completed=0, result=host.filter_attrs(host.allowedto_keys), ), result) # Disallow one of the existing allowed groups result = host.run_command('host_disallow_retrieve_keytab', host.fqdn, group=[group2]) host.attrs['ipaallowedtoperform_read_keys_group'] = [group1] assert_deepequal( dict( failed=dict(ipaallowedtoperform_read_keys=dict(group=[], host=[], hostgroup=[], user=[]), ), completed=1, result=host.filter_attrs(host.allowedto_keys), ), result) host.retrieve()
def check_create(self, result): assert_deepequal(dict( value=self.name, summary=u'Imported profile "{}"'.format(self.name), result=dict(self.filter_attrs(self.create_keys)) ), result)
def check_undel(self, result): """ Check 'user-undel' command result """ assert_deepequal( dict(value=self.uid, summary=u'Undeleted user account "%s"' % self.uid, result=True), result)
def test_search_for_all_posix(self, group, group2): """ Search for all posix groups """ command = group.make_command('group_find', **dict(posix=True, all=True)) result = command() assert_deepequal( dict(summary=u'4 groups matched', count=4, truncated=False, result=[ { 'dn': get_group_dn('admins'), 'member_user': [u'admin'], 'gidnumber': [fuzzy_digits], 'cn': [u'admins'], 'description': [u'Account administrators group'], 'objectclass': fuzzy_set_ci( add_oc(objectclasses.posixgroup, u'ipantgroupattrs')), 'ipauniqueid': [fuzzy_uuid], }, { 'dn': get_group_dn('editors'), 'gidnumber': [fuzzy_digits], 'cn': [u'editors'], 'description': [u'Limited admins who can edit other users'], 'objectclass': fuzzy_set_ci( add_oc(objectclasses.posixgroup, u'ipantgroupattrs')), 'ipauniqueid': [fuzzy_uuid], }, { 'dn': get_group_dn(group.cn), 'cn': [group.cn], 'description': [u'Test desc1'], 'gidnumber': [fuzzy_digits], 'objectclass': fuzzy_set_ci( add_oc(objectclasses.posixgroup, u'ipantgroupattrs')), 'ipauniqueid': [fuzzy_uuid], }, { 'dn': get_group_dn(group2.cn), 'cn': [group2.cn], 'description': [u'Test desc2'], 'gidnumber': [fuzzy_digits], 'objectclass': fuzzy_set_ci( add_oc(objectclasses.posixgroup, u'ipantgroupattrs')), 'ipauniqueid': [fuzzy_uuid], }, ]), result)
def check_update(self, result, extra_keys=()): assert_deepequal(dict( value=self.name, summary=u'Modified Certificate Profile "{}"'.format(self.name), result=self.filter_attrs(self.update_keys | set(extra_keys)) ), result)
try: output = api.Command[cmd](*args, **options) except StandardError, e: pass else: raise AssertionError(EXPECTED % (cmd, name, args, options, output)) if not isinstance(e, klass): raise AssertionError( UNEXPECTED % (cmd, name, args, options, e.__class__.__name__, e)) # FIXME: the XML-RPC transport doesn't allow us to return structured # information through the exception, so we can't test the kw on the # client side. However, if we switch to using JSON-RPC for the default # transport, the exception is a free-form data structure (dict). # For now just compare the strings assert_deepequal(expected.strerror, e.strerror) def check_callable(self, nice, cmd, args, options, expected): name = expected.__class__.__name__ output = dict() e = None try: output = api.Command[cmd](*args, **options) except StandardError, e: pass if not expected(e, output): raise AssertionError( UNEXPECTED % (cmd, name, args, options, e.__class__.__name__, e)) def check_output(self, nice, cmd, args, options, expected, extra_check):
def check_delete(self, result): assert_deepequal( dict(value=[self.name], summary=u'Deleted CA "{}"'.format(self.name), result=dict(failed=[])), result)
def check_restore_preserved(self, result): assert_deepequal(dict( value=[self.uid], summary=u'Staged user account "%s"' % self.uid, result=dict(failed=[]), ), result)
def test_04_user_show_displays_cert(self, testuser, idview, cert1, cert2): result = api.Command.idoverrideuser_show(idview.cn, testuser.name) assert_deepequal((base64.b64decode(cert1), base64.b64decode(cert2)), result['result']['usercertificate'])
def test_from_json_file(self): file = write_tmp_file(json.dumps(self.get_input_dict())) conf = config.Config.from_env({'IPATEST_JSON_CONFIG': file.name}) assert_deepequal(self.get_output_dict(), conf.to_dict()) self.check_config(conf)
def test_dict_roundtrip(self): conf = config.Config.from_dict(self.get_output_dict()) assert_deepequal(self.get_output_dict(), conf.to_dict()) self.check_config(conf)
def test_dict_to_env(self): conf = config.Config.from_dict(self.get_input_dict()) assert_deepequal(self.get_output_env(), dict(conf.to_env())) self.check_config(conf)
def assert_entries_equal(a, b): assert_deepequal(a.dn, b.dn) assert_deepequal(dict(a), dict(b))
def check_disable(self, result): """ Check result of disable user operation """ assert_deepequal( dict(value=self.name, summary=u'Disabled user account "%s"' % self.name, result=True), result)
def check_output(self, nice, cmd, args, options, expected, extra_check): got = api.Command[cmd](*args, **options) assert_deepequal(expected, got, nice) if extra_check and not extra_check(got): raise AssertionError('Extra check %s failed' % extra_check)
def check_delete(self, result): assert_deepequal(dict( value=[self.name], # correctly a list? summary=u'Deleted profile "{}"'.format(self.name), result=dict(failed=[]), ), result)