URL: https://github.com/freeipa/freeipa/pull/448 Author: gkaihorodova Title: #448: Tests: Basic coverage with tree root domain Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/448/head:pr448 git checkout pr448
From 9ec4a2d23e40e0949ac135519439a8b459455201 Mon Sep 17 00:00:00 2001 From: Ganna Kaihorodova <gkaih...@redhat.com> Date: Wed, 8 Feb 2017 11:38:08 +0100 Subject: [PATCH] Tests: Basic coverage with tree root domain Extend existing legacy client tests to cover test cases with tree root domain. https://fedorahosted.org/freeipa/ticket/6489 --- ipatests/test_integration/test_legacy_clients.py | 91 +++++++++++++++++++++++- 1 file changed, 90 insertions(+), 1 deletion(-) diff --git a/ipatests/test_integration/test_legacy_clients.py b/ipatests/test_integration/test_legacy_clients.py index 8bd680a..3f33ac0 100644 --- a/ipatests/test_integration/test_legacy_clients.py +++ b/ipatests/test_integration/test_legacy_clients.py @@ -58,6 +58,8 @@ class BaseTestLegacyClient(object): testuser_gid_regex = None subdomain_testuser_uid_regex = None subdomain_testuser_gid_regex = None + treedomain_testuser_uid_regex = None + treedomain_testuser_gid_regex = None # To allow custom validation dependent on the trust type posix_trust = False @@ -326,6 +328,81 @@ def test_login_disabled_subdomain_ad_user(self): assert result.returncode != 0 + def test_getent_treedomain_ad_user(self): + if not self.ad_treedomain: + raise nose.SkipTest('AD tree root domain is not available.') + + self.clear_sssd_caches() + testuser = 'treetestuser@{0}'.format(self.ad_treedomain) + result = self.legacy_client.run_command(['getent', 'passwd', testuser]) + + testuser_regex = ("treetestuser@{0}:\*:{1}:{2}:TreeTest User:" + "/home/{0}/treetestuser:/bin/sh".format( + re.escape(self.ad_treedomain), + self.treedomain_testuser_uid_regex, + self.treedomain_testuser_gid_regex)) + + assert re.search(testuser_regex, result.stdout_text) + + def test_getent_treedomain_ad_group(self): + if not self.ad_treedomain: + raise nose.SkipTest('AD tree root domain is not available') + + self.clear_sssd_caches() + testgroup = 'treetestgroup@{0}'.format(self.ad_treedomain) + result = self.legacy_client.run_command(['getent', 'group', testgroup]) + + testgroup_stdout = "{0}:\*:{1}:".format( + testgroup, self.treedomain_testuser_gid_regex) + + assert re.search(testgroup_stdout, result.stdout_text) + + def test_id_treedomain_ad_user(self): + if not self.ad_treedomain: + raise nose.SkipTest('AD tree root domain is not available') + + self.clear_sssd_caches() + + testuser = 'treetestuser@{0}'.format(self.ad_treedomain) + testgroup = 'treetestgroup@{0}'.format(self.ad_treedomain) + + result = self.legacy_client.run_command(['id', testuser]) + + # Only for POSIX trust testing does the testuser belong to the + # testgroup + + group_name = '\({}\)'.format(testgroup) if self.posix_trust else '' + + uid_regex = "uid={0}\({1}\)".format( + self.treedomain_testuser_uid_regex, testuser) + + gid_regex = "gid={0}{1}".format( + self.treedomain_testuser_gid_regex, group_name) + + group_regex = "groups={0}{1}".format( + self.treedomain_testuser_gid_regex, group_name) + + assert re.search(uid_regex, result.stdout_text) + assert re.search(gid_regex, result.stdout_text) + assert re.search(group_regex, result.stdout_text) + + def test_login_treedomain_ad_user(self): + if not self.ad_treedomain: + raise nose.SkipTest('AD tree root domain is not available.') + + if not self.master.transport.file_exists('/usr/bin/sshpass'): + raise nose.SkipTest('Package sshpass not available on {}'.format( + self.master.hostname)) + + result = self.master.run_command( + 'sshpass -p {0} ssh -o StrictHostKeyChecking=no ' + '-l admin {1} "echo test"'.format( + self.legacy_client.config.admin_password, + self.legacy_client.external_hostname)) + + assert "test" in result.stdout_text + + @classmethod def install(cls, mh): super(BaseTestLegacyClient, cls).install(mh) @@ -354,10 +431,18 @@ def install(cls, mh): try: child_ad = cls.host_by_role(cls.optional_extra_roles[0]) cls.ad_subdomain = '.'.join( - child_ad.hostname.split('.')[1:]) + child_ad.hostname.split('.')[1:]) except LookupError: cls.ad_subdomain = None + # Determine whether the tree domain AD is available + try: + cls.tree_ad = cls.host_by_role(cls.optional_extra_roles[1]) + cls.ad_treedomain = '.'.join( + cls.tree_ad.hostname.split('.')[1:]) + except LookupError: + cls.ad_treedomain = None + tasks.apply_common_fixes(cls.legacy_client) for f in cls.backup_files: @@ -418,6 +503,8 @@ class BaseTestLegacyClientPosix(BaseTestLegacyClient, testuser_gid_regex = '10047' subdomain_testuser_uid_regex = '10142' subdomain_testuser_gid_regex = '10147' + treedomain_testuser_uid_regex = '10242' + treedomain_testuser_gid_regex = '10247' posix_trust = True def test_remove_trust_with_posix_attributes(self): @@ -431,6 +518,8 @@ class BaseTestLegacyClientNonPosix(BaseTestLegacyClient, testuser_gid_regex = '(?!10047)(\d+)' subdomain_testuser_uid_regex = '(?!10142)(\d+)' subdomain_testuser_gid_regex = '(?!10147)(\d+)' + treedomain_testuser_uid_regex = '(?!10242)(\d+)' + treedomain_testuser_gid_regex = '(?!10247)(\d+)' def test_remove_nonposix_trust(self): pass
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code