URL: https://github.com/freeipa/freeipa/pull/448 Author: gkaihorodova Title: #448: Tests: Basic coverage with tree root domain Action: opened
PR body: """ Tests: Basic coverage with tree root domain Extend existing legacy client tests to cover test cases with tree root domain. https://fedorahosted.org/freeipa/ticket/6489 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/448/head:pr448 git checkout pr448
From ce9226930972e058b4007e126fb4f47c8a7e09f0 Mon Sep 17 00:00:00 2001 From: Ganna Kaihorodova <gkaih...@redhat.com> Date: Wed, 8 Feb 2017 11:38:08 +0100 Subject: [PATCH] Tests: Basic coverage with tree root domain Extend existing legacy client tests to cover test cases with tree root domain. https://fedorahosted.org/freeipa/ticket/6489 --- ipatests/test_integration/test_legacy_clients.py | 100 +++++++++++++++++++++++ 1 file changed, 100 insertions(+) diff --git a/ipatests/test_integration/test_legacy_clients.py b/ipatests/test_integration/test_legacy_clients.py index 8bd680a..56c6b19 100644 --- a/ipatests/test_integration/test_legacy_clients.py +++ b/ipatests/test_integration/test_legacy_clients.py @@ -58,6 +58,8 @@ class BaseTestLegacyClient(object): testuser_gid_regex = None subdomain_testuser_uid_regex = None subdomain_testuser_gid_regex = None + treedomain_testuser_uid_regex = None + treedomain_testuser_gid_regex = None # To allow custom validation dependent on the trust type posix_trust = False @@ -326,6 +328,91 @@ def test_login_disabled_subdomain_ad_user(self): assert result.returncode != 0 + def test_getent_treedomain_ad_user(self): + if not self.ad_treedomain: + raise nose.SkipTest('AD tree root domain is not available.') + + self.clear_sssd_caches() + testuser = 'treetestuser@{0}'.format(self.ad_treedomain) + result = self.legacy_client.run_command(['getent', 'passwd', testuser]) + + testuser_regex = "treetestuser@%s:\*:%s:%s:"\ + "TreeTest User:%s:"\ + "/bin/sh"\ + % (re.escape(self.ad_treedomain), + self.treedomain_testuser_uid_regex, + self.treedomain_testuser_gid_regex, + self.homedir_template.format( + username='treetestuser', + domain=re.escape(self.ad_treedomain)) + ) + + assert re.search(testuser_regex, result.stdout_text) + + def test_getent_treedomain_ad_group(self): + if not self.ad_treedomain: + raise nose.SkipTest('AD tree root domain is not available') + + self.clear_sssd_caches() + testgroup = 'treetestgroup@{0}'.format(self.ad_treedomain) + result = self.legacy_client.run_command(['getent', 'group', testgroup]) + + testgroup_stdout = "{0}:\*:{1}:".format(testgroup, + self.treedomain_testuser_gid_regex) + + assert re.search(testgroup_stdout, result.stdout_text) + + def test_id_treedomain_ad_user(self): + if not self.ad_treedomain: + raise nose.SkipTest('AD tree root domain is not available') + + self.clear_sssd_caches() + + testuser = 'treetestuser@{0}'.format(self.ad_treedomain) + testgroup = 'treetestgroup@{0}'.format(self.ad_treedomain) + + result = self.legacy_client.run_command(['id', testuser]) + + # Only for POSIX trust testing does the testuser belong to the + # testgroup + + group_name = '\({}\)'.format(testgroup) if self.posix_trust else '' + + uid_regex = "uid={0}\({1}\)".format(self.treedomain_testuser_uid_regex, + testuser) + + gid_regex = "gid={0}{1}".format(self.treedomain_testuser_gid_regex, + group_name) + + group_regex = "groups={0}{1}".format(self.treedomain_testuser_gid_regex, + group_name) + + assert re.search(uid_regex, result.stdout_text) + assert re.search(gid_regex, result.stdout_text) + assert re.search(group_regex, result.stdout_text) + + def test_login_treedomain_ad_user(self): + if not self.ad_treedomain: + raise nose.SkipTest('AD tree root domain is not available.') + + if not self.master.transport.file_exists('/usr/bin/sshpass'): + raise nose.SkipTest('Package sshpass not available on %s' + %self.master.hostname) + + testuser = 'treetestuser@{0}'.format(self.ad_treedomain) + result = self.master.run_command( + 'sshpass -p %s ' + 'ssh ' + '-o StrictHostKeyChecking=no ' + '-l admin ' + '%s ' + '"echo test"' % + (self.legacy_client.config.admin_password, + self.legacy_client.external_hostname)) + + assert "test" in result.stdout_text + + @classmethod def install(cls, mh): super(BaseTestLegacyClient, cls).install(mh) @@ -358,6 +445,15 @@ def install(cls, mh): except LookupError: cls.ad_subdomain = None + # Determine whether the tree domain AD is available + try: + cls.tree_ad = cls.host_by_role(cls.optional_extra_roles[1]) + cls.ad_treedomain = '.'.join( + cls.tree_ad.hostname.split('.')[1:]) + + except LookupError: + cls.ad_treedomain = None + tasks.apply_common_fixes(cls.legacy_client) for f in cls.backup_files: @@ -418,6 +514,8 @@ class BaseTestLegacyClientPosix(BaseTestLegacyClient, testuser_gid_regex = '10047' subdomain_testuser_uid_regex = '10142' subdomain_testuser_gid_regex = '10147' + treedomain_testuser_uid_regex = '10242' + treedomain_testuser_gid_regex = '10247' posix_trust = True def test_remove_trust_with_posix_attributes(self): @@ -431,6 +529,8 @@ class BaseTestLegacyClientNonPosix(BaseTestLegacyClient, testuser_gid_regex = '(?!10047)(\d+)' subdomain_testuser_uid_regex = '(?!10142)(\d+)' subdomain_testuser_gid_regex = '(?!10147)(\d+)' + treedomain_testuser_uid_regex = '(?!10242)(\d+)' + treedomain_testuser_gid_regex = '(?!10247)(\d+)' def test_remove_nonposix_trust(self): pass
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code