URL: https://github.com/freeipa/freeipa/pull/4483 Author: mrizwan93 Title: #4483: [Backport][ipa-4-8]ipatests:Test if proper error thrown when AD user tries to run IPA commands Action: opened
PR body: """ Before fix the error used to implies that the ipa setup is broken. Fix is to throw the proper error. This test is to check that the error with 'Invalid credentials' thrown when AD user tries to run IPA commands. related: https://pagure.io/freeipa/issue/8163 Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com> Reviewed-By: Alexander Bokovoy <aboko...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/4483/head:pr4483 git checkout pr4483
From a7fc4e6c3817408ed42a10bfa9a4bb4fa183a61e Mon Sep 17 00:00:00 2001 From: Mohammad Rizwan Yusuf <myu...@redhat.com> Date: Fri, 6 Mar 2020 17:02:32 +0530 Subject: [PATCH] ipatests:Test if proper error thrown when AD user tries to run IPA commands Before fix the error used to implies that the ipa setup is broken. Fix is to throw the proper error. This test is to check that the error with 'Invalid credentials' thrown when AD user tries to run IPA commands. related: https://pagure.io/freeipa/issue/8163 Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com> Reviewed-By: Alexander Bokovoy <aboko...@redhat.com> --- ipatests/test_integration/test_trust.py | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/ipatests/test_integration/test_trust.py b/ipatests/test_integration/test_trust.py index a81fbe3c30..0f31927dd5 100644 --- a/ipatests/test_integration/test_trust.py +++ b/ipatests/test_integration/test_trust.py @@ -127,6 +127,28 @@ def test_user_gid_uid_resolution_in_nonposix_trust(self): assert re.search( testuser_regex, result.stdout_text), result.stdout_text + def test_ipa_commands_run_as_aduser(self): + """Test if proper error thrown when AD user tries to run IPA commands + + Before fix the error used to implies that the ipa setup is broken. + Fix is to throw the proper error. This test is to check that the + error with 'Invalid credentials' thrown when AD user tries to run + IPA commands. + + related: https://pagure.io/freeipa/issue/8163 + """ + tasks.kdestroy_all(self.master) + ad_admin = 'Administrator@%s' % self.ad_domain + tasks.kinit_as_user(self.master, ad_admin, + self.master.config.ad_admin_password) + err_string = ('ipa: ERROR: Insufficient access: SASL(-14):' + ' authorization failure: Invalid credentials') + result = self.master.run_command(['ipa', 'ping'], raiseonerr=False) + assert err_string in result.stderr_text + + tasks.kdestroy_all(self.master) + tasks.kinit_admin(self.master) + def test_ipauser_authentication_with_nonposix_trust(self): ipauser = u'tuser' original_passwd = 'Secret123'
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org