sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-05 20:58:40 +03:00
Code

s4/dsdb/tests/python: PY3 port samba4.ldap.secdesc

Browse Source 
User str/bytes as needed for various asserts

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Noel Power 2018-10-10 21:48:38 +01:00 committed by Andrew Bartlett
parent 1715812915
commit e6ea052c8c
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
source4/dsdb/tests/python/sec_descriptor.py
View File

@ -342,7 +342,7 @@ class OwnerGroupDescriptorTests(DescriptorTests):
if groups != []:
# User is member of at least one additional group
res = self.ldb_admin.search(user_dn, attrs=["memberOf"])
res = [x.upper() for x in sorted(list(res[0]["memberOf"]))]
res = [str(x).upper() for x in sorted(list(res[0]["memberOf"]))]
expected = []
for x in groups:
expected.append(self.get_users_domain_dn(x))
@ -1986,7 +1986,7 @@ class RightsAttributesTests(DescriptorTests):
attrs=["sDRightsEffective"])
# user whould have no rights at all
self.assertEquals(len(res), 1)
self.assertEquals(res[0]["sDRightsEffective"][0], "0")
self.assertEquals(str(res[0]["sDRightsEffective"][0]), "0")
# give the user Write DACL and see what happens
mod = "(A;CI;WD;;;%s)" % str(user_sid)
self.sd_utils.dacl_add_ace(object_dn, mod)
@ -1994,7 +1994,7 @@ class RightsAttributesTests(DescriptorTests):
attrs=["sDRightsEffective"])
# user whould have DACL_SECURITY_INFORMATION
self.assertEquals(len(res), 1)
self.assertEquals(res[0]["sDRightsEffective"][0], ("%d") % SECINFO_DACL)
self.assertEquals(str(res[0]["sDRightsEffective"][0]), ("%d") % SECINFO_DACL)
# give the user Write Owners and see what happens
mod = "(A;CI;WO;;;%s)" % str(user_sid)
self.sd_utils.dacl_add_ace(object_dn, mod)
@ -2002,14 +2002,14 @@ class RightsAttributesTests(DescriptorTests):
attrs=["sDRightsEffective"])
# user whould have DACL_SECURITY_INFORMATION, OWNER_SECURITY_INFORMATION, GROUP_SECURITY_INFORMATION
self.assertEquals(len(res), 1)
self.assertEquals(res[0]["sDRightsEffective"][0], ("%d") % (SECINFO_DACL | SECINFO_GROUP | SECINFO_OWNER))
self.assertEquals(str(res[0]["sDRightsEffective"][0]), ("%d") % (SECINFO_DACL | SECINFO_GROUP | SECINFO_OWNER))
# no way to grant security privilege bu adding ACE's so we use a memeber of Domain Admins
_ldb = self.get_ldb_connection("testuser_attr2", "samba123@")
res = _ldb.search(base=object_dn, expression="", scope=SCOPE_BASE,
attrs=["sDRightsEffective"])
# user whould have DACL_SECURITY_INFORMATION, OWNER_SECURITY_INFORMATION, GROUP_SECURITY_INFORMATION
self.assertEquals(len(res), 1)
self.assertEquals(res[0]["sDRightsEffective"][0],
self.assertEquals(str(res[0]["sDRightsEffective"][0]),
("%d") % (SECINFO_DACL | SECINFO_GROUP | SECINFO_OWNER | SECINFO_SACL))
def test_allowedChildClassesEffective(self):
@ -2034,7 +2034,7 @@ class RightsAttributesTests(DescriptorTests):
# allowedChildClassesEffective should only have one value, user
self.assertEquals(len(res), 1)
self.assertEquals(len(res[0]["allowedChildClassesEffective"]), 1)
self.assertEquals(res[0]["allowedChildClassesEffective"][0], "user")
self.assertEquals(str(res[0]["allowedChildClassesEffective"][0]), "user")
def test_allowedAttributesEffective(self):
object_dn = "OU=test_domain_ou1," + self.base_dn
@ -2061,8 +2061,8 @@ class RightsAttributesTests(DescriptorTests):
# value should only contain user and managedBy
self.assertEquals(len(res), 1)
self.assertEquals(len(res[0]["allowedAttributesEffective"]), 2)
self.assertTrue("displayName" in res[0]["allowedAttributesEffective"])
self.assertTrue("managedBy" in res[0]["allowedAttributesEffective"])
self.assertTrue(b"displayName" in res[0]["allowedAttributesEffective"])
self.assertTrue(b"managedBy" in res[0]["allowedAttributesEffective"])
class SdAutoInheritTests(DescriptorTests):