sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-12-21 20:23:50 +03:00
Code Activity

netcmd: tests: modify auth silo cli tests setup their own test data

Browse Source 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Rob van der Linde
2023-09-28 17:26:22 +13:00
committed by Andrew Bartlett
parent 2a33355459
commit 27cd598208
1 changed files with 29 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
python/samba/tests/samba_tool/domain_auth_silo.py
View File

@@ -231,59 +231,73 @@ class AuthSiloCmdTestCase(BaseAuthCmdTest):
def test_authentication_silo_modify_description(self): def test_authentication_silo_modify_description(self):
"""Test modify authentication silo changing the description field.""" """Test modify authentication silo changing the description field."""
# check original value # Create a silo to modify for this test.
silo = self.get_authentication_silo("qa") name = "modifyDescription"
self.assertNotEqual(str(silo["description"]), "Testing Team") self.runcmd("domain", "auth", "silo", "create", "--name", name)
self.addCleanup(self.delete_authentication_silo,
name=name, force=True)
result, out, err = self.runcmd("domain", "auth", "silo", "modify", result, out, err = self.runcmd("domain", "auth", "silo", "modify",
"--name", "qa", "--name", name,
"--description", "Testing Team") "--description", "New Description")
self.assertIsNone(result, msg=err) self.assertIsNone(result, msg=err)
# check new value # check new value
silo = self.get_authentication_silo("qa") silo = self.get_authentication_silo(name)
self.assertEqual(str(silo["description"]), "Testing Team") self.assertEqual(str(silo["description"]), "New Description")
def test_authentication_silo_modify_audit_enforce(self): def test_authentication_silo_modify_audit_enforce(self):
"""Test modify authentication silo setting --audit and --enforce.""" """Test modify authentication silo setting --audit and --enforce."""
# Create a silo to modify for this test.
name = "modifyEnforce"
self.runcmd("domain", "auth", "silo", "create", "--name", name)
self.addCleanup(self.delete_authentication_silo,
name=name, force=True)
result, out, err = self.runcmd("domain", "auth", "silo", "modify", result, out, err = self.runcmd("domain", "auth", "silo", "modify",
"--name", "Developers", "--name", name,
"--audit") "--audit")
self.assertIsNone(result, msg=err) self.assertIsNone(result, msg=err)
# Check silo is set to audit. # Check silo is set to audit.
silo = self.get_authentication_silo("developers") silo = self.get_authentication_silo(name)
self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "FALSE") self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "FALSE")
result, out, err = self.runcmd("domain", "auth", "silo", "modify", result, out, err = self.runcmd("domain", "auth", "silo", "modify",
"--name", "Developers", "--name", name,
"--enforce") "--enforce")
self.assertIsNone(result, msg=err) self.assertIsNone(result, msg=err)
# Check is set to enforce. # Check is set to enforce.
silo = self.get_authentication_silo("developers") silo = self.get_authentication_silo(name)
self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "TRUE") self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "TRUE")
def test_authentication_silo_modify_protect_unprotect(self): def test_authentication_silo_modify_protect_unprotect(self):
"""Test modify un-protecting and protecting an authentication silo.""" """Test modify un-protecting and protecting an authentication silo."""
# Create a silo to modify for this test.
name = "modifyProtect"
self.runcmd("domain", "auth", "silo", "create", "--name", name)
self.addCleanup(self.delete_authentication_silo,
name=name, force=True)
utils = SDUtils(self.samdb) utils = SDUtils(self.samdb)
result, out, err = self.runcmd("domain", "auth", "silo", "modify", result, out, err = self.runcmd("domain", "auth", "silo", "modify",
"--name", "managers", "--name", name,
"--protect") "--protect")
self.assertIsNone(result, msg=err) self.assertIsNone(result, msg=err)
# Check that silo was protected. # Check that silo was protected.
silo = self.get_authentication_silo("managers") silo = self.get_authentication_silo(name)
desc = utils.get_sd_as_sddl(silo["dn"]) desc = utils.get_sd_as_sddl(silo["dn"])
self.assertIn("(D;;DTSD;;;WD)", desc) self.assertIn("(D;;DTSD;;;WD)", desc)
result, out, err = self.runcmd("domain", "auth", "silo", "modify", result, out, err = self.runcmd("domain", "auth", "silo", "modify",
"--name", "managers", "--name", name,
"--unprotect") "--unprotect")
self.assertIsNone(result, msg=err) self.assertIsNone(result, msg=err)
# Check that silo was unprotected. # Check that silo was unprotected.
silo = self.get_authentication_silo("managers") silo = self.get_authentication_silo(name)
desc = utils.get_sd_as_sddl(silo["dn"]) desc = utils.get_sd_as_sddl(silo["dn"])
self.assertNotIn("(D;;DTSD;;;WD)", desc) self.assertNotIn("(D;;DTSD;;;WD)", desc)