def test_role_rule(): from ldap2pg.role import RoleRule from ldap2pg.utils import Settable r = RoleRule( names=['static', 'prefix_{cn}', '{uid}_{member}'], parents=['{uid}', '{member.cn}'], members=[], comment='From {dn}', options={'SUPERUSER': True}, ) assert 5 == len(r.all_fields) assert repr(r) d = r.as_dict() assert 'SUPERUSER' in d['options'] assert ['static', 'prefix_{cn}', '{uid}_{member}'] == d['names'] assert [] == d['members'] assert ['{uid}', '{member.cn}'] == d['parents'] assert 'From {dn}' == d['comment'] vars_ = dict( dn=['cn=group,ou=groups'], cn=['cn'], uid=['uid'], member=[ Settable(_str='cn=m0', cn=['m0']), Settable(_str='cn=m1', cn=['m1']), ], ) roles = list(r.generate(vars_)) assert 4 == len(roles)
def test_role_rule_not_enough_comment(): from ldap2pg.role import RoleRule, CommentError r = RoleRule( names=['{member}'], comment='From {less}', ) vars_ = dict(dn=['cn=group,ou=groups'], member=['m0', 'm1', 'm2'], less=['l0', 'l1']) with pytest.raises(CommentError): list(r.generate(vars_))
def test_role_rule_multiple_comment(): from ldap2pg.role import RoleRule r = RoleRule( names=['{member}'], comment='From {member}', ) vars_ = dict( dn=['cn=group,ou=groups'], member=['m0', 'm1'], ) roles = list(r.generate(vars_)) assert 2 == len(roles)
def test_role_rule_no_comment(): from ldap2pg.role import RoleRule, CommentError r = RoleRule( names=['{member}'], comment='From {desc}', ) vars_ = dict( dn=['cn=group,ou=groups'], desc=[], member=['m0', 'm1'], ) with pytest.raises(CommentError): list(r.generate(vars_))
def test_role_rule_too_many_comments(): from ldap2pg.role import RoleRule, CommentError r = RoleRule( names=['{member}'], comment='From {more}', ) vars_ = dict( dn=['cn=group,ou=groups'], member=['m0', 'm1'], more=['0', '1', '2'], ) with pytest.raises(CommentError): list(r.generate(vars_))
def test_rule(): from ldap2pg.role import RoleRule r = RoleRule( names=['static', 'prefix_{cn}', '{uid}_{member}'], parents=['{uid}', '{member.cn}'], members=[], comment='From {dn}', options={'SUPERUSER': True}, ) map_ = r.attributes_map assert '__self__' in map_ assert 'uid' in map_['__self__'] assert 'member' not in map_['__self__'] assert 'member' in map_ assert 5 == len(r.all_fields) assert repr(r) d = r.as_dict() assert 'SUPERUSER' in d['options'] assert ['static', 'prefix_{cn}', '{uid}_{member}'] == d['names'] assert [] == d['members'] assert ['{uid}', '{member.cn}'] == d['parents'] assert 'From {dn}' == d['comment'] vars_ = dict( __self__=[dict( dn=['cn=group,ou=groups'], cn=['cn'], uid=['uid'], )], member=[ dict( dn=['cn=m0'], cn=['m0'], ), dict( dn=['cn=m1'], cn=['m1'], ), ], ) roles = list(r.generate(vars_)) assert 4 == len(roles)
def test_role_rule_dynamic_comments(): from ldap2pg.role import RoleRule r = RoleRule( names=['{member}'], comment='From {member}', ) vars_ = dict( __self__=[dict( dn=['cn=group,ou=groups'], member=['m0', 'm1'], )]) roles = list(r.generate(vars_)) assert 2 == len(roles) for role in roles: assert role.name in role.comment