def test_usandsconf_dbgen_cos_pointer(topology_st, set_log_file_and_ldif): """Test ldifgen (formerly dbgen) tool to create a COS definition :id: 6b26ca6d-226a-4f93-925e-faf95cc20211 :setup: Standalone instance :steps: 1. Create DS instance 2. Run ldifgen to generate ldif with pointer COS definition 3. Import generated ldif to database 4. Check it was properly imported :expectedresults: 1. Success 2. Success 3. Success 4. Success """ LDAP_RESULT = 'adding new entry "cn=My_Postal_Def_pointer,ou=cos pointer definitions,dc=example,dc=com"' standalone = topology_st.standalone args = FakeArgs() args.type = 'pointer' args.NAME = 'My_Postal_Def_pointer' args.parent = 'ou=cos pointer definitions,dc=example,dc=com' args.create_parent = True args.cos_specifier = None args.cos_attr = ['postalcode', 'telephonenumber'] args.cos_template = 'cn=sales,cn=pointerCoS,dc=example,dc=com' args.ldif_file = ldif_file content_list = [ 'Generating LDIF with the following options:', 'NAME={}'.format(args.NAME), 'type={}'.format(args.type), 'parent={}'.format(args.parent), 'create-parent={}'.format( args.create_parent), 'cos-template={}'.format(args.cos_template), 'cos-attr={}'.format(args.cos_attr), 'ldif-file={}'.format(args.ldif_file), 'Writing LDIF', 'Successfully created LDIF file: {}'.format(args.ldif_file) ] log.info('Run ldifgen to create COS definition ldif') dbgen_create_cos_def(standalone, log, args) log.info('Check if file exists') assert os.path.exists(ldif_file) check_value_in_log_and_reset(content_list) # Groups, COS, Roles and modification ldifs are designed to be used by ldapmodify, not ldif2db run_ldapmodify_from_file(standalone, ldif_file, LDAP_RESULT) log.info('Check that COS definition is imported') cos_def = CosPointerDefinitions(standalone, args.parent) assert cos_def.exists(args.NAME) new_cos = cos_def.get(args.NAME) assert new_cos.present('cosTemplateDN', args.cos_template) assert new_cos.present('cosAttribute', args.cos_attr[0]) assert new_cos.present('cosAttribute', args.cos_attr[1])
def test_healthcheck_virtual_attr_incorrectly_indexed(topology_st): """Check if HealthCheck returns DSVIRTLE0001 code :id: 1055173b-21aa-4aaa-9e91-4dc6c5e0c01f :setup: Standalone instance :steps: 1. Create DS instance 2. Create a CoS definition entry 3. Create the matching CoS template entry, with postalcode as virtual attribute 4. Create an index for postalcode 5. Use HealthCheck without --json option 6. Use HealthCheck with --json option :expectedresults: 1. Success 2. Success 3. Success 4. Success 5. Healthcheck reports DSVIRTLE0001 code and related details 6. Healthcheck reports DSVIRTLE0001 code and related details """ RET_CODE = 'DSVIRTLE0001' standalone = topology_st.standalone postal_index_properties = { 'cn': 'postalcode', 'nsSystemIndex': 'False', 'nsIndexType': ['eq', 'sub', 'pres'], } log.info( 'Add cosPointer, cosTemplate and test entry to default suffix, where virtual attribute is postal code' ) cos_pointer_properties = { 'cn': 'cosPointer', 'description': 'cosPointer example', 'cosTemplateDn': 'cn=cosTemplateExample,ou=People,dc=example,dc=com', 'cosAttribute': 'postalcode', } cos_pointer_definitions = CosPointerDefinitions(standalone, DEFAULT_SUFFIX, 'ou=People') cos_pointer_definitions.create(properties=cos_pointer_properties) log.info('Create CoS template') cos_template_properties = {'cn': 'cosTemplateExample', 'postalcode': '117'} cos_templates = CosTemplates(standalone, DEFAULT_SUFFIX, 'ou=People') cos_templates.create(properties=cos_template_properties) log.info('Create an index for postalcode') backends = Backends(topology_st.standalone) ur_indexes = backends.get('userRoot').get_indexes() ur_indexes.create(properties=postal_index_properties) run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=False) run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=True)
def create_subtree_policy(self, dn, properties): """Creates all entries which are needed for the subtree password policy :param dn: Entry DN for the subtree pwpolicy :type dn: str :param properties: A dict with password policy settings :type properties: dict :returns: PwPolicyEntry instance """ # Verify target dn exists before getting started subtree_entry = Account(self._instance, dn) if not subtree_entry.exists(): raise ValueError('Can not create subtree password policy because the target dn does not exist') # Create the pwp container if needed pwp_containers = nsContainers(self._instance, basedn=dn) pwp_container = pwp_containers.ensure_state(properties={'cn': 'nsPwPolicyContainer'}) # Create policy entry pwp_entry = None properties['cn'] = 'cn=nsPwPolicyEntry_subtree,%s' % dn pwp_entries = PwPolicyEntries(self._instance, pwp_container.dn) pwp_entry = pwp_entries.create(properties=properties) try: # The CoS template entry (nsPwTemplateEntry) that has the pwdpolicysubentry # value pointing to the above (nsPwPolicyEntry) entry cos_template = None cos_templates = CosTemplates(self._instance, pwp_container.dn) cos_template = cos_templates.create(properties={'cosPriority': '1', 'pwdpolicysubentry': pwp_entry.dn, 'cn': 'cn=nsPwTemplateEntry,%s' % dn}) # The CoS specification entry at the subtree level cos_pointer_defs = CosPointerDefinitions(self._instance, dn) cos_pointer_defs.create(properties={'cosAttribute': 'pwdpolicysubentry default operational', 'cosTemplateDn': cos_template.dn, 'cn': 'nsPwPolicy_CoS'}) except ldap.LDAPError as e: # Something went wrong, remove what we have done if pwp_entry is not None: pwp_entry.delete() if cos_template is not None: cos_template.delete() raise e # make sure that local policies are enabled self.set_global_policy({'nsslapd-pwpolicy-local': 'on'}) return pwp_entry
def test_ignore_virtual_attrs(topo): """Test nsslapd-ignore-virtual-attrs configuration attribute :id: 9915d71b-2c71-4ac0-91d7-92655d53541b :setup: Standalone instance :steps: 1. Check the attribute nsslapd-ignore-virtual-attrs is present in cn=config 2. Check the default value of attribute nsslapd-ignore-virtual-attrs should be OFF 3. Set the valid values i.e. on/ON and off/OFF for nsslapd-ignore-virtual-attrs 4. Set invalid value for attribute nsslapd-ignore-virtual-attrs 5. Set nsslapd-ignore-virtual-attrs=off 6. Add cosPointer, cosTemplate and test entry to default suffix, where virtual attribute is postal code 7. Test if virtual attribute i.e. postal code shown in test entry while nsslapd-ignore-virtual-attrs: off 8. Set nsslapd-ignore-virtual-attrs=on 9. Test if virtual attribute i.e. postal code not shown while nsslapd-ignore-virtual-attrs: on :expectedresults: 1. This should be successful 2. This should be successful 3. This should be successful 4. This should fail 5. This should be successful 6. This should be successful 7. Postal code should be present 8. This should be successful 9. Postal code should not be present """ log.info("Check the attribute nsslapd-ignore-virtual-attrs is present in cn=config") assert topo.standalone.config.present('nsslapd-ignore-virtual-attrs') log.info("Check the default value of attribute nsslapd-ignore-virtual-attrs should be OFF") assert topo.standalone.config.get_attr_val_utf8('nsslapd-ignore-virtual-attrs') == "off" log.info("Set the valid values i.e. on/ON and off/OFF for nsslapd-ignore-virtual-attrs") for attribute_value in ['on', 'off', 'ON', 'OFF']: topo.standalone.config.set('nsslapd-ignore-virtual-attrs', attribute_value) assert topo.standalone.config.present('nsslapd-ignore-virtual-attrs', attribute_value) log.info("Set invalid value for attribute nsslapd-ignore-virtual-attrs") with pytest.raises(ldap.OPERATIONS_ERROR): topo.standalone.config.set('nsslapd-ignore-virtual-attrs', 'invalid_value') cos_template_properties = { 'cn': 'cosTemplateExample', 'postalcode': '117' } cos_templates = CosTemplates(topo.standalone, DEFAULT_SUFFIX, 'ou=People') test_cos_template = cos_templates.create(properties=cos_template_properties) log.info("Add cosPointer, cosTemplate and test entry to default suffix, where virtual attribute is postal code") cos_pointer_properties = { 'cn': 'cosPointer', 'description': 'cosPointer example', 'cosTemplateDn': 'cn=cosTemplateExample,ou=People,dc=example,dc=com', 'cosAttribute': 'postalcode', } cos_pointer_definitions = CosPointerDefinitions(topo.standalone, DEFAULT_SUFFIX, 'ou=People') test_cos_pointer_definition = cos_pointer_definitions.create(properties=cos_pointer_properties) test_users = UserAccounts(topo.standalone, DEFAULT_SUFFIX) test_user = test_users.create(properties=TEST_USER_PROPERTIES) log.info("Test if virtual attribute i.e. postal code shown in test entry while nsslapd-ignore-virtual-attrs: off") assert test_user.present('postalcode', '117') log.info("Set nsslapd-ignore-virtual-attrs=on") topo.standalone.config.set('nsslapd-ignore-virtual-attrs', 'on') log.info("Test if virtual attribute i.e. postal code not shown while nsslapd-ignore-virtual-attrs: on") assert not test_user.present('postalcode', '117')
def get_cos_pointer_defs(self): return CosPointerDefinitions(self._instance, self._dn).list()