2010-05-04 00:01:00 +04:00
# Unix SMB/CIFS implementation.
# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
2010-12-05 18:56:27 +03:00
""" Tests for samba.upgradeprovision. """
2010-05-04 00:01:00 +04:00
import os
2012-09-27 20:30:47 +04:00
from samba . upgradehelpers import ( usn_in_range , dn_sort ,
2013-03-22 09:19:27 +04:00
update_secrets ,
2010-06-15 12:53:18 +04:00
construct_existor_expr )
2013-03-22 09:19:27 +04:00
from samba . descriptor import get_diff_sds
2010-06-08 00:01:16 +04:00
from samba . tests . provision import create_dummy_secretsdb
2010-06-20 03:56:52 +04:00
from samba . tests import TestCaseInTempDir
2010-06-08 00:01:16 +04:00
from samba import Ldb
2011-07-13 07:05:19 +04:00
from ldb import SCOPE_BASE
2010-06-08 00:01:16 +04:00
import samba . tests
2013-02-17 15:03:18 +04:00
from samba . dcerpc import security
2010-05-04 00:01:00 +04:00
2018-07-30 09:20:39 +03:00
2010-06-08 00:01:16 +04:00
def dummymessage ( a = None , b = None ) :
2010-06-20 03:56:52 +04:00
pass
2010-06-08 00:01:16 +04:00
2010-05-04 00:01:00 +04:00
class UpgradeProvisionTestCase ( TestCaseInTempDir ) :
""" Some simple tests for individual functions in the provisioning code.
"""
def test_usn_in_range ( self ) :
2010-06-08 00:01:16 +04:00
range = [ 5 , 25 , 35 , 55 ]
2010-05-04 00:01:00 +04:00
2010-06-08 00:01:16 +04:00
vals = [ 3 , 26 , 56 ]
2010-05-04 00:01:00 +04:00
for v in vals :
self . assertFalse ( usn_in_range ( v , range ) )
2010-06-08 00:01:16 +04:00
vals = [ 5 , 20 , 25 , 35 , 36 ]
2010-05-04 00:01:00 +04:00
for v in vals :
self . assertTrue ( usn_in_range ( v , range ) )
def test_dn_sort ( self ) :
# higher level comes after lower even if lexicographicaly closer
# ie dc=tata,dc=toto (2 levels), comes after dc=toto
# even if dc=toto is lexicographicaly after dc=tata, dc=toto
2020-02-07 01:02:38 +03:00
self . assertEqual ( dn_sort ( " dc=tata,dc=toto " , " dc=toto " ) , 1 )
self . assertEqual ( dn_sort ( " dc=zata " , " dc=tata " ) , 1 )
self . assertEqual ( dn_sort ( " dc=toto,dc=tata " ,
2018-07-30 09:15:34 +03:00
" cn=foo,dc=toto,dc=tata " ) , - 1 )
2020-02-07 01:02:38 +03:00
self . assertEqual ( dn_sort ( " cn=bar, dc=toto,dc=tata " ,
2018-07-30 09:15:34 +03:00
" cn=foo, dc=toto,dc=tata " ) , - 1 )
2010-06-20 03:56:52 +04:00
2013-02-17 15:03:18 +04:00
def test_get_diff_sds ( self ) :
domsid = security . dom_sid ( ' S-1-5-21 ' )
2013-02-17 15:44:56 +04:00
sddl = " O:SAG:DUD:AI(A;CI;RPWPCRCCLCLORCWOWDSW;;;SA) \
( A ; CI ; RP LCLORC ; ; ; AU ) ( A ; CI ; RPWPCRCCDCLCLORCWOWDSDDTSW ; ; ; SY ) S : AI ( AU ; CISA ; WP ; ; ; WD ) "
sddl1 = " O:SAG:DUD:AI(A;CI;RPWPCRCCLCLORCWOWDSW;;;SA) \
( A ; CI ; RP LCLORC ; ; ; AU ) ( A ; CI ; RPWPCRCCDCLCLORCWOWDSDDTSW ; ; ; SY ) S : AI ( AU ; CISA ; WP ; ; ; WD ) "
sddl2 = " O:BAG:DUD:AI(A;CI;RPWPCRCCLCLORCWOWDSW;;;SA) \
( A ; CI ; RP LCLORC ; ; ; AU ) ( A ; CI ; RPWPCRCCDCLCLORCWOWDSDDTSW ; ; ; SY ) S : AI ( AU ; CISA ; WP ; ; ; WD ) "
sddl3 = " O:SAG:BAD:AI(A;CI;RPWPCRCCLCLORCWOWDSW;;;SA) \
( A ; CI ; RP LCLORC ; ; ; AU ) ( A ; CI ; RPWPCRCCDCLCLORCWOWDSDDTSW ; ; ; SY ) S : AI ( AU ; CISA ; WP ; ; ; WD ) "
sddl4 = " O:SAG:DUD:AI(A;CI;RPWPCRCCLCLORCWOWDSW;;;BA) \
( A ; CI ; RP LCLORC ; ; ; AU ) ( A ; CI ; RPWPCRCCDCLCLORCWOWDSDDTSW ; ; ; SY ) S : AI ( AU ; CISA ; WP ; ; ; WD ) "
sddl5 = " O:SAG:DUD:AI(A;CI;RPWPCRCCLCLORCWOWDSW;;;SA) \
( A ; CI ; RP LCLORC ; ; ; AU ) ( A ; CI ; RPWPCRCCDCLCLORCWOWDSDDTSW ; ; ; SY ) "
sddl6 = " O:SAG:DUD:AI(A;CIID;RPWPCRCCLCLORCWOWDSW;;;SA) \
( A ; CIID ; RP LCLORC ; ; ; AU ) ( A ; CIID ; RPWPCRCCDCLCLORCWOWDSDDTSW ; ; ; SY ) \
( A ; CI ; RPWPCRCCLCLORCWOWDSW ; ; ; SA ) \
( A ; CI ; RP LCLORC ; ; ; AU ) ( A ; CI ; RPWPCRCCDCLCLORCWOWDSDDTSW ; ; ; SY ) S : AI ( AU ; CISA ; WP ; ; ; WD ) ( AU ; CIIDSA ; WP ; ; ; WD ) "
2010-05-04 00:01:00 +04:00
2020-02-07 01:02:38 +03:00
self . assertEqual ( get_diff_sds ( security . descriptor . from_sddl ( sddl , domsid ) ,
2013-02-17 15:03:18 +04:00
security . descriptor . from_sddl ( sddl1 , domsid ) ,
domsid ) , " " )
txt = get_diff_sds ( security . descriptor . from_sddl ( sddl , domsid ) ,
security . descriptor . from_sddl ( sddl2 , domsid ) ,
domsid )
2020-02-07 01:02:38 +03:00
self . assertEqual ( txt , " \t Owner mismatch: SA (in ref) BA(in current) \n " )
2013-02-17 15:03:18 +04:00
txt = get_diff_sds ( security . descriptor . from_sddl ( sddl , domsid ) ,
security . descriptor . from_sddl ( sddl3 , domsid ) ,
domsid )
2020-02-07 01:02:38 +03:00
self . assertEqual ( txt , " \t Group mismatch: DU (in ref) BA(in current) \n " )
2013-02-17 15:03:18 +04:00
txt = get_diff_sds ( security . descriptor . from_sddl ( sddl , domsid ) ,
security . descriptor . from_sddl ( sddl4 , domsid ) ,
domsid )
2010-05-04 00:01:00 +04:00
txtmsg = " \t Part dacl is different between reference and current here \
2013-02-17 15:44:56 +04:00
is the detail : \n \t \t ( A ; CI ; RPWPCRCCLCLORCWOWDSW ; ; ; BA ) ACE is not present in \
the reference \n \t \t ( A ; CI ; RPWPCRCCLCLORCWOWDSW ; ; ; SA ) ACE is not present in \
2010-05-04 00:01:00 +04:00
the current \n "
2020-02-07 01:02:38 +03:00
self . assertEqual ( txt , txtmsg )
2013-02-17 15:44:56 +04:00
2013-02-17 15:03:18 +04:00
txt = get_diff_sds ( security . descriptor . from_sddl ( sddl , domsid ) ,
security . descriptor . from_sddl ( sddl5 , domsid ) ,
domsid )
2020-02-07 01:02:38 +03:00
self . assertEqual ( txt , " \t Current ACL hasn ' t a sacl part \n " )
self . assertEqual ( get_diff_sds ( security . descriptor . from_sddl ( sddl , domsid ) ,
2013-02-17 15:44:56 +04:00
security . descriptor . from_sddl ( sddl6 , domsid ) ,
domsid ) , " " )
2010-06-08 00:01:16 +04:00
2010-06-15 12:53:18 +04:00
def test_construct_existor_expr ( self ) :
res = construct_existor_expr ( [ ] )
2020-02-07 01:02:38 +03:00
self . assertEqual ( res , " " )
2010-06-15 12:53:18 +04:00
res = construct_existor_expr ( [ " foo " ] )
2020-02-07 01:02:38 +03:00
self . assertEqual ( res , " (|(foo=*)) " )
2010-06-15 12:53:18 +04:00
res = construct_existor_expr ( [ " foo " , " bar " ] )
2020-02-07 01:02:38 +03:00
self . assertEqual ( res , " (|(foo=*)(bar=*)) " )
2010-06-08 00:01:16 +04:00
2010-06-20 03:56:52 +04:00
2010-06-08 00:01:16 +04:00
class UpdateSecretsTests ( samba . tests . TestCaseInTempDir ) :
2010-06-20 03:56:52 +04:00
2010-06-08 00:01:16 +04:00
def setUp ( self ) :
super ( UpdateSecretsTests , self ) . setUp ( )
self . referencedb = create_dummy_secretsdb (
os . path . join ( self . tempdir , " ref.ldb " ) )
def _getEmptyDb ( self ) :
return Ldb ( os . path . join ( self . tempdir , " secrets.ldb " ) )
def _getCurrentFormatDb ( self ) :
return create_dummy_secretsdb (
os . path . join ( self . tempdir , " secrets.ldb " ) )
def test_trivial ( self ) :
# Test that updating an already up-to-date secretsdb works fine
self . secretsdb = self . _getCurrentFormatDb ( )
2020-02-07 01:02:38 +03:00
self . assertEqual ( None ,
2018-07-30 09:16:12 +03:00
update_secrets ( self . referencedb , self . secretsdb , dummymessage ) )
2010-06-08 00:01:16 +04:00
def test_update_modules ( self ) :
empty_db = self . _getEmptyDb ( )
update_secrets ( self . referencedb , empty_db , dummymessage )
2011-07-13 07:05:19 +04:00
newmodules = empty_db . search ( base = " @MODULES " , scope = SCOPE_BASE )
refmodules = self . referencedb . search ( base = " @MODULES " , scope = SCOPE_BASE )
2020-02-07 01:02:38 +03:00
self . assertEqual ( newmodules . msgs , refmodules . msgs )
2010-06-08 00:01:16 +04:00
def tearDown ( self ) :
2015-03-12 16:25:38 +03:00
for name in [ " ref.ldb " , " secrets.ldb " , " secrets.tdb " , " secrets.tdb.bak " , " secrets.ntdb " ] :
2010-06-08 00:01:16 +04:00
path = os . path . join ( self . tempdir , name )
if os . path . exists ( path ) :
os . unlink ( path )
super ( UpdateSecretsTests , self ) . tearDown ( )
