def test_role_rule():
from ldap2pg.role import RoleRule
from ldap2pg.utils import Settable
r = RoleRule(
names=['static', 'prefix_{cn}', '{uid}_{member}'],
parents=['{uid}', '{member.cn}'],
members=[],
comment='From {dn}',
options={'SUPERUSER': True},
)
assert 5 == len(r.all_fields)
assert repr(r)
d = r.as_dict()
assert 'SUPERUSER' in d['options']
assert ['static', 'prefix_{cn}', '{uid}_{member}'] == d['names']
assert [] == d['members']
assert ['{uid}', '{member.cn}'] == d['parents']
assert 'From {dn}' == d['comment']
vars_ = dict(
dn=['cn=group,ou=groups'],
cn=['cn'],
uid=['uid'],
member=[
Settable(_str='cn=m0', cn=['m0']),
Settable(_str='cn=m1', cn=['m1']),
],
)
roles = list(r.generate(vars_))
assert 4 == len(roles)
def test_role_rule_not_enough_comment():
from ldap2pg.role import RoleRule, CommentError
r = RoleRule(
names=['{member}'],
comment='From {less}',
)
vars_ = dict(dn=['cn=group,ou=groups'],
member=['m0', 'm1', 'm2'],
less=['l0', 'l1'])
with pytest.raises(CommentError):
list(r.generate(vars_))
def test_role_rule_multiple_comment():
from ldap2pg.role import RoleRule
r = RoleRule(
names=['{member}'],
comment='From {member}',
)
vars_ = dict(
dn=['cn=group,ou=groups'],
member=['m0', 'm1'],
)
roles = list(r.generate(vars_))
assert 2 == len(roles)
def test_role_rule_no_comment():
from ldap2pg.role import RoleRule, CommentError
r = RoleRule(
names=['{member}'],
comment='From {desc}',
)
vars_ = dict(
dn=['cn=group,ou=groups'],
desc=[],
member=['m0', 'm1'],
)
with pytest.raises(CommentError):
list(r.generate(vars_))
def test_role_rule_too_many_comments():
from ldap2pg.role import RoleRule, CommentError
r = RoleRule(
names=['{member}'],
comment='From {more}',
)
vars_ = dict(
dn=['cn=group,ou=groups'],
member=['m0', 'm1'],
more=['0', '1', '2'],
)
with pytest.raises(CommentError):
list(r.generate(vars_))
def test_rule():
from ldap2pg.role import RoleRule
r = RoleRule(
names=['static', 'prefix_{cn}', '{uid}_{member}'],
parents=['{uid}', '{member.cn}'],
members=[],
comment='From {dn}',
options={'SUPERUSER': True},
)
map_ = r.attributes_map
assert '__self__' in map_
assert 'uid' in map_['__self__']
assert 'member' not in map_['__self__']
assert 'member' in map_
assert 5 == len(r.all_fields)
assert repr(r)
d = r.as_dict()
assert 'SUPERUSER' in d['options']
assert ['static', 'prefix_{cn}', '{uid}_{member}'] == d['names']
assert [] == d['members']
assert ['{uid}', '{member.cn}'] == d['parents']
assert 'From {dn}' == d['comment']
vars_ = dict(
__self__=[dict(
dn=['cn=group,ou=groups'],
cn=['cn'],
uid=['uid'],
)],
member=[
dict(
dn=['cn=m0'],
cn=['m0'],
),
dict(
dn=['cn=m1'],
cn=['m1'],
),
],
)
roles = list(r.generate(vars_))
assert 4 == len(roles)
def test_role_rule_dynamic_comments():
from ldap2pg.role import RoleRule
r = RoleRule(
names=['{member}'],
comment='From {member}',
)
vars_ = dict(
__self__=[dict(
dn=['cn=group,ou=groups'],
member=['m0', 'm1'],
)])
roles = list(r.generate(vars_))
assert 2 == len(roles)
for role in roles:
assert role.name in role.comment