URL: https://github.com/freeipa/freeipa/pull/225 Author: ofayans Title: #225: tests: Added basic tests for certs in idoverrides Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/225/head:pr225 git checkout pr225
From 3a406f25c98cc16c9b068d26f5bc2798d1e0c7bb Mon Sep 17 00:00:00 2001 From: Oleg Fayans <ofay...@redhat.com> Date: Fri, 21 Oct 2016 10:53:19 +0200 Subject: [PATCH 1/2] tests: Added basic tests for certs in idoverrides https://fedorahosted.org/freeipa/ticket/6412 --- ipatests/test_xmlrpc/test_add_remove_cert_cmd.py | 109 +++++++++++++++++++++++ 1 file changed, 109 insertions(+) diff --git a/ipatests/test_xmlrpc/test_add_remove_cert_cmd.py b/ipatests/test_xmlrpc/test_add_remove_cert_cmd.py index edc97f0..bd365ef 100644 --- a/ipatests/test_xmlrpc/test_add_remove_cert_cmd.py +++ b/ipatests/test_xmlrpc/test_add_remove_cert_cmd.py @@ -11,6 +11,30 @@ from ipatests.util import assert_deepequal, raises from ipatests.test_xmlrpc.xmlrpc_test import XMLRPC_test from ipatests.test_xmlrpc.testcert import get_testcert +from ipatests.test_xmlrpc.tracker.user_plugin import UserTracker +from ipatests.test_xmlrpc.tracker.idview_plugin import IdviewTracker + + +@pytest.fixture(scope='class') +def idview(request): + tracker = IdviewTracker(cn=u'MyView') + return tracker.make_fixture(request) + + +@pytest.fixture(scope='class') +def testuser(request): + tracker = UserTracker(name=u'testuser', givenname=u'John', sn=u'Donne') + return tracker.make_fixture(request) + + +@pytest.fixture(scope='class') +def cert1(request): + return get_testcert(DN(('CN', u'testuser')), u'testuser') + + +@pytest.fixture(scope='class') +def cert2(request): + return get_testcert(DN(('CN', u'testuser')), u'testuser') @pytest.mark.tier1 @@ -352,3 +376,88 @@ def delete_entity(cls): api.Command.host_del(TestCertManipCmdHost.entity_pkey) except errors.NotFound: pass + + +@pytest.mark.tier1 +class TestCertManipIdOverride(XMLRPC_test): + entity_subject = u'testuser' + entity_principal = u'testuser' + + cert_add_cmd = api.Command.idoverrideuser_add_cert + cert_del_cmd = api.Command.idoverrideuser_remove_cert + + def del_cert_from_idoverride(self, username, view_name, cert): + result = self.cert_del_cmd(view_name, + username, + usercertificate=cert) + return dict( + usercertificate=result['result'].get('usercertificate', []), + value=result.get('value'), + summary=result.get('summary') + ) + + def add_cert_to_idoverride(self, username, view_name, cert): + result = self.cert_add_cmd(view_name, + username, + usercertificate=cert) + return dict( + usercertificate=result['result'].get('usercertificate', []), + value=result.get('value'), + summary=result.get('summary') + ) + + def test_00_add_idoverrideuser(self, testuser, idview): + testuser.create() + idview.create() + idview.idoverrideuser_add(testuser) + + def test_01_add_cert_to_idoverride(self, testuser, idview, cert1): + assert_deepequal( + dict(usercertificate=(base64.b64decode(cert1),), + summary=u'Added certificates to' + ' idoverrideuser \"%s\"' % testuser.name, + value=testuser.name, + ), + self.add_cert_to_idoverride(testuser.name, + idview.cn, + cert1) + ) + + def test_02_add_second_cert_to_idoverride(self, testuser, + idview, cert1, cert2): + assert_deepequal( + dict( + usercertificate=(base64.b64decode(cert1), + base64.b64decode(cert2)), + summary=u'Added certificates to' + ' idoverrideuser \"%s\"' % testuser.name, + value=testuser.name, + ), + self.add_cert_to_idoverride(testuser.name, + idview.cn, + cert2) + ) + + def test_03_add_the_same_cert_to_idoverride(self, testuser, + idview, cert1, cert2): + raises(errors.ExecutionError, + self.add_cert_to_idoverride, + testuser.name, idview.cn, cert1) + + def test_04_user_show_displays_cert(self, testuser, idview, cert1, cert2): + result = api.Command.idoverrideuser_show(idview.cn, testuser.name) + assert_deepequal((base64.b64decode(cert1), + base64.b64decode(cert2)), + result['result']['usercertificate'] + ) + + def test_05_remove_cert(self, testuser, idview, cert1, cert2): + assert_deepequal( + dict( + usercertificate=(base64.b64decode(cert2),), + value=testuser.name, + summary=u'Removed certificates from' + ' idoverrideuser "%s"' % testuser.name + ), + self.del_cert_from_idoverride(testuser.name, idview.cn, cert1) + ) From 3de875f0d06d24c995f26e501a5b78ed078a6fb8 Mon Sep 17 00:00:00 2001 From: Oleg Fayans <ofay...@redhat.com> Date: Wed, 16 Nov 2016 12:57:49 +0100 Subject: [PATCH 2/2] Created idview tracker Needed for basic certs in idoverrides tests https://fedorahosted.org/freeipa/ticket/6412 --- ipatests/test_xmlrpc/tracker/idview_plugin.py | 95 +++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 ipatests/test_xmlrpc/tracker/idview_plugin.py diff --git a/ipatests/test_xmlrpc/tracker/idview_plugin.py b/ipatests/test_xmlrpc/tracker/idview_plugin.py new file mode 100644 index 0000000..3a842b7 --- /dev/null +++ b/ipatests/test_xmlrpc/tracker/idview_plugin.py @@ -0,0 +1,95 @@ +# +# Copyright (C) 2016 FreeIPA Contributors see COPYING for license +# + +from ipalib import api +from ipapython.dn import DN +from ipatests.test_xmlrpc.tracker.base import Tracker +from ipatests.util import assert_deepequal + +import six + +if six.PY3: + unicode = str + + +class IdviewTracker(Tracker): + """Class for idview tests""" + + retrieve_keys = { + u'cn' + } + + retrieve_all_keys = retrieve_keys | { + u'description', u'objectclass', u'dn' + } + + create_keys = retrieve_all_keys + find_all_keys = retrieve_all_keys + + def __init__(self, cn, **kwargs): + super(IdviewTracker, self).__init__(default_version=None) + self.cn = cn + self.dn = DN(('cn', cn), 'cn=views', 'cn=accounts', api.env.basedn) + self.kwargs = kwargs + + def make_create_command(self): + return self.make_command( + 'idview_add', self.cn, **self.kwargs + ) + + def make_delete_command(self): + return self.make_command( + 'idview_del', self.cn, **self.kwargs + ) + + def make_retrieve_command(self, all=False, raw=False): + """ Make function that retrieves a idview using idview-show """ + return self.make_command('idview_show', self.cn, all=all) + + def make_find_command(self, *args, **kwargs): + """ Make function that finds idview using idview-find """ + return self.make_command('idview_find', *args, **kwargs) + + def make_update_command(self, updates): + """ Make function that updates idview using idview-mod """ + return self.make_command('idview_mod', self.cn, **updates) + + def track_create(self): + self.attrs = dict( + cn=(self.cn,), + dn=unicode(self.dn), + idoverrideusers=[], + objectclass=(u'ipaIDView', u'top', u'nsContainer') + ) + if 'description' in self.kwargs: + self.attrs['description'] = self.kwargs['description'] + self.exists = True + + def make_add_idoverrideuser_command(self, username, options=None): + options = options or {} + """ Make function that adds a member to a group """ + return self.make_command('idoverrideuser_add', self.cn, username, + **options) + + def idoverrideuser_add(self, user): + command = self.make_add_idoverrideuser_command(user.name) + result = command() + self.attrs['idoverrideusers'].append(result['value']) + self.check_idoverrideuser_add(result, user) + + def check_create(self, result, extra_keys=()): + """ Check 'user-add' command result """ + expected = self.filter_attrs(self.create_keys | set(extra_keys)) + assert_deepequal(dict( + summary=u'Added ID View "%s"' % self.cn, + result=self.filter_attrs(expected), + value=self.cn + ), result) + + def check_idoverrideuser_add(self, result, user): + """ Checks 'group_add_member' command result """ + assert_deepequal( + u'Added User ID override "%s"' % user.name, + result['summary'] + )
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code