mirror of
https://github.com/samba-team/samba.git
synced 2025-08-04 08:22:08 +03:00
Tests for 'samba-tool user create' with RFC2307 attributes
Check if attributes are correctly set and read from SamDB Test automatic creation of attributes from getpwent (NSS) Check if overriding NSS attributes works getpwent will be skipped if the current UID of the user running the tests has no passwd entry (getpwuid(geteuid())). If a user with the name of the current UID already exists in the directory, the getpwent test will fail. If that should happen, the test would need to be updated to use a nonexistent UID that is visible to the Python 'pwd' module. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Alexander Wuerstlein
committed by
Andrew Bartlett
Andrew Bartlett
parent
bfdaaf2327
commit
071047e895
@ -103,6 +103,12 @@ class SambaToolCmdTest(samba.tests.TestCase):
|
||||
name += ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase+ string.digits) for x in range(count - 3))
|
||||
return name
|
||||
|
||||
def randomXid(self):
|
||||
# pick some hopefully unused, high UID/GID range to avoid interference
|
||||
# from the system the test runs on
|
||||
xid = random.randint(4711000, 4799000)
|
||||
return xid
|
||||
|
||||
def assertWithin(self, val1, val2, delta, msg=""):
|
||||
"""Assert that val1 is within delta of val2, useful for time computations"""
|
||||
self.assertTrue(((val1 + delta) > val2) and ((val1 - delta) < val2), msg)
|
||||
|
||||
@ -38,22 +38,21 @@ class UserCmdTestCase(SambaToolCmdTest):
|
||||
self.users.append(self._randomUser({"name": "sambatool2", "company": "comp1"}))
|
||||
self.users.append(self._randomUser({"name": "sambatool3", "company": "comp2"}))
|
||||
self.users.append(self._randomUser({"name": "sambatool4", "company": "comp2"}))
|
||||
self.users.append(self._randomPosixUser({"name": "posixuser1"}))
|
||||
self.users.append(self._randomPosixUser({"name": "posixuser2"}))
|
||||
self.users.append(self._randomPosixUser({"name": "posixuser3"}))
|
||||
self.users.append(self._randomPosixUser({"name": "posixuser4"}))
|
||||
|
||||
# setup the 4 users and ensure they are correct
|
||||
# setup the 8 users and ensure they are correct
|
||||
for user in self.users:
|
||||
(result, out, err) = self._create_user(user)
|
||||
(result, out, err) = user["createUserFn"](user)
|
||||
|
||||
self.assertCmdSuccess(result)
|
||||
self.assertEquals(err,"","Shouldn't be any error messages")
|
||||
self.assertIn("User '%s' created successfully" % user["name"], out)
|
||||
|
||||
found = self._find_user(user["name"])
|
||||
user["checkUserFn"](user)
|
||||
|
||||
self.assertEquals("%s" % found.get("name"), "%(given-name)s %(surname)s" % user)
|
||||
self.assertEquals("%s" % found.get("title"), user["job-title"])
|
||||
self.assertEquals("%s" % found.get("company"), user["company"])
|
||||
self.assertEquals("%s" % found.get("description"), user["description"])
|
||||
self.assertEquals("%s" % found.get("department"), user["department"])
|
||||
|
||||
def tearDown(self):
|
||||
super(UserCmdTestCase, self).tearDown()
|
||||
@ -198,7 +197,76 @@ class UserCmdTestCase(SambaToolCmdTest):
|
||||
name = userobj.get("samaccountname", idx=0)
|
||||
found = self.assertMatch(out, name,
|
||||
"user '%s' not found" % name)
|
||||
def test_getpwent(self):
|
||||
try:
|
||||
import pwd
|
||||
except ImportError:
|
||||
self.skipTest("Skipping getpwent test, no 'pwd' module available")
|
||||
return
|
||||
|
||||
# get the current user's data for the test
|
||||
uid = os.geteuid()
|
||||
try:
|
||||
u = pwd.getpwuid(uid)
|
||||
except KeyError:
|
||||
self.skipTest("Skipping getpwent test, current EUID not found in NSS")
|
||||
return
|
||||
|
||||
user = self._randomPosixUser({
|
||||
"name": u[0],
|
||||
"uid": u[0],
|
||||
"uidNumber": u[2],
|
||||
"gidNumber": u[3],
|
||||
"gecos": u[4],
|
||||
"loginShell": u[6],
|
||||
})
|
||||
# check if --rfc2307-from-nss sets the same values as we got from pwd.getpwuid()
|
||||
(result, out, err) = self.runsubcmd("user", "add", user["name"], user["password"],
|
||||
"--surname=%s" % user["surname"],
|
||||
"--given-name=%s" % user["given-name"],
|
||||
"--job-title=%s" % user["job-title"],
|
||||
"--department=%s" % user["department"],
|
||||
"--description=%s" % user["description"],
|
||||
"--company=%s" % user["company"],
|
||||
"--rfc2307-from-nss",
|
||||
"-H", "ldap://%s" % os.environ["DC_SERVER"],
|
||||
"-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
|
||||
|
||||
self.assertCmdSuccess(result)
|
||||
self.assertEquals(err,"","Shouldn't be any error messages")
|
||||
self.assertIn("User '%s' created successfully" % user["name"], out)
|
||||
|
||||
self._check_posix_user(user)
|
||||
self.runsubcmd("user", "delete", user["name"])
|
||||
|
||||
# Check if overriding the attributes from NSS with explicit values works
|
||||
#
|
||||
# get a user with all random posix attributes
|
||||
user = self._randomPosixUser({"name": u[0]})
|
||||
# create a user with posix attributes from nss but override all of them with the
|
||||
# random ones just obtained
|
||||
(result, out, err) = self.runsubcmd("user", "add", user["name"], user["password"],
|
||||
"--surname=%s" % user["surname"],
|
||||
"--given-name=%s" % user["given-name"],
|
||||
"--job-title=%s" % user["job-title"],
|
||||
"--department=%s" % user["department"],
|
||||
"--description=%s" % user["description"],
|
||||
"--company=%s" % user["company"],
|
||||
"--rfc2307-from-nss",
|
||||
"--gecos=%s" % user["gecos"],
|
||||
"--login-shell=%s" % user["loginShell"],
|
||||
"--uid=%s" % user["uid"],
|
||||
"--uid-number=%s" % user["uidNumber"],
|
||||
"--gid-number=%s" % user["gidNumber"],
|
||||
"-H", "ldap://%s" % os.environ["DC_SERVER"],
|
||||
"-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
|
||||
|
||||
self.assertCmdSuccess(result)
|
||||
self.assertEquals(err,"","Shouldn't be any error messages")
|
||||
self.assertIn("User '%s' created successfully" % user["name"], out)
|
||||
|
||||
self._check_posix_user(user)
|
||||
self.runsubcmd("user", "delete", user["name"])
|
||||
|
||||
def _randomUser(self, base={}):
|
||||
"""create a user with random attribute values, you can specify base attributes"""
|
||||
@ -211,10 +279,51 @@ class UserCmdTestCase(SambaToolCmdTest):
|
||||
"department": self.randomName(),
|
||||
"company": self.randomName(),
|
||||
"description": self.randomName(count=100),
|
||||
"createUserFn": self._create_user,
|
||||
"checkUserFn": self._check_user,
|
||||
}
|
||||
user.update(base)
|
||||
return user
|
||||
|
||||
def _randomPosixUser(self, base={}):
|
||||
"""create a user with random attribute values and additional RFC2307
|
||||
attributes, you can specify base attributes"""
|
||||
user = self._randomUser({})
|
||||
user.update(base)
|
||||
posixAttributes = {
|
||||
"uid": self.randomName(),
|
||||
"loginShell": self.randomName(),
|
||||
"gecos": self.randomName(),
|
||||
"uidNumber": self.randomXid(),
|
||||
"gidNumber": self.randomXid(),
|
||||
"createUserFn": self._create_posix_user,
|
||||
"checkUserFn": self._check_posix_user,
|
||||
}
|
||||
user.update(posixAttributes)
|
||||
user.update(base)
|
||||
return user
|
||||
|
||||
def _check_user(self, user):
|
||||
""" check if a user from SamDB has the same attributes as its template """
|
||||
found = self._find_user(user["name"])
|
||||
|
||||
self.assertEquals("%s" % found.get("name"), "%(given-name)s %(surname)s" % user)
|
||||
self.assertEquals("%s" % found.get("title"), user["job-title"])
|
||||
self.assertEquals("%s" % found.get("company"), user["company"])
|
||||
self.assertEquals("%s" % found.get("description"), user["description"])
|
||||
self.assertEquals("%s" % found.get("department"), user["department"])
|
||||
|
||||
def _check_posix_user(self, user):
|
||||
""" check if a posix_user from SamDB has the same attributes as its template """
|
||||
found = self._find_user(user["name"])
|
||||
|
||||
self.assertEquals("%s" % found.get("loginShell"), user["loginShell"])
|
||||
self.assertEquals("%s" % found.get("gecos"), user["gecos"])
|
||||
self.assertEquals("%s" % found.get("uidNumber"), "%s" % user["uidNumber"])
|
||||
self.assertEquals("%s" % found.get("gidNumber"), "%s" % user["gidNumber"])
|
||||
self.assertEquals("%s" % found.get("uid"), user["uid"])
|
||||
self._check_user(user)
|
||||
|
||||
def _create_user(self, user):
|
||||
return self.runsubcmd("user", "add", user["name"], user["password"],
|
||||
"--surname=%s" % user["surname"],
|
||||
@ -225,6 +334,22 @@ class UserCmdTestCase(SambaToolCmdTest):
|
||||
"--company=%s" % user["company"],
|
||||
"-H", "ldap://%s" % os.environ["DC_SERVER"],
|
||||
"-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
|
||||
def _create_posix_user(self, user):
|
||||
""" create a new user with RFC2307 attributes """
|
||||
return self.runsubcmd("user", "create", user["name"], user["password"],
|
||||
"--surname=%s" % user["surname"],
|
||||
"--given-name=%s" % user["given-name"],
|
||||
"--job-title=%s" % user["job-title"],
|
||||
"--department=%s" % user["department"],
|
||||
"--description=%s" % user["description"],
|
||||
"--company=%s" % user["company"],
|
||||
"--gecos=%s" % user["gecos"],
|
||||
"--login-shell=%s" % user["loginShell"],
|
||||
"--uid=%s" % user["uid"],
|
||||
"--uid-number=%s" % user["uidNumber"],
|
||||
"--gid-number=%s" % user["gidNumber"],
|
||||
"-H", "ldap://%s" % os.environ["DC_SERVER"],
|
||||
"-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
|
||||
|
||||
def _find_user(self, name):
|
||||
search_filter = "(&(sAMAccountName=%s)(objectCategory=%s,%s))" % (ldb.binary_encode(name), "CN=Person,CN=Schema,CN=Configuration", self.samdb.domain_dn())
|
||||
|
||||
Reference in New Issue
Block a user