9:27 p.m.
This is an automated email from the git hooks/post-receive script.
firstyear pushed a change to branch master
in repository 389-ds-base.
from f4d86bb Issue 49434 - RPM build errors
new 6ef4eb5 Ticket 3 - python 3 support - filter test
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../suites/filter/rfc3673_all_oper_attrs_test.py | 96 ++++++++++------------
.../lib389/configurations/config_001003006.py | 10 +--
2 files changed, 50 insertions(+), 56 deletions(-)
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
9:27 p.m.
New subject: [389-ds-base] 01/01: Ticket 3 - python 3 support - filter test
This is an automated email from the git hooks/post-receive script.
firstyear pushed a commit to branch master
in repository 389-ds-base.
commit 6ef4eb5ae3296303aa569ee56004eff0bc2464ea
Author: William Brown <firstyear(a)redhat.com>
Date: Tue Oct 31 15:09:57 2017 +1000
Ticket 3 - python 3 support - filter test
Bug Description: Filter suite did not work with python 3
Fix Description: Fix issue in default acis during configuration
and fix tests to work with python 3
https://pagure.io/lib389/issue/3
Author: wibrown
Review by: mreynolds (Thanks!)
---
.../suites/filter/rfc3673_all_oper_attrs_test.py | 96 ++++++++++------------
.../lib389/configurations/config_001003006.py | 10 +--
2 files changed, 50 insertions(+), 56 deletions(-)
diff --git a/dirsrvtests/tests/suites/filter/rfc3673_all_oper_attrs_test.py
b/dirsrvtests/tests/suites/filter/rfc3673_all_oper_attrs_test.py
index 625c333..e61ece1 100644
--- a/dirsrvtests/tests/suites/filter/rfc3673_all_oper_attrs_test.py
+++ b/dirsrvtests/tests/suites/filter/rfc3673_all_oper_attrs_test.py
@@ -10,6 +10,7 @@ import pytest
from lib389.tasks import *
from lib389.utils import *
from lib389.topologies import topology_st
+from lib389.idm.user import UserAccounts
from lib389._constants import DN_DM, DEFAULT_SUFFIX, DN_CONFIG, PASSWORD
@@ -21,77 +22,70 @@ TEST_USER_PWD = 'all_attrs_test'
# Suffix for search, Regular user boolean, List of expected attrs
TEST_PARAMS = [(DN_ROOT, False, [
- 'aci', 'createTimestamp', 'creatorsName',
- 'modifiersName', 'modifyTimestamp', 'namingContexts',
- 'nsBackendSuffix', 'nsUniqueId', 'subschemaSubentry',
- 'supportedControl', 'supportedExtension',
- 'supportedFeatures', 'supportedLDAPVersion',
- 'supportedSASLMechanisms', 'vendorName', 'vendorVersion'
+ 'aci', 'createTimestamp', 'creatorsName',
+ 'modifiersName', 'modifyTimestamp',
'namingContexts',
+ 'nsBackendSuffix', 'nsUniqueId',
'subschemaSubentry',
+ 'supportedControl', 'supportedExtension',
+ 'supportedFeatures', 'supportedLDAPVersion',
+ 'supportedSASLMechanisms', 'vendorName',
'vendorVersion'
]),
(DN_ROOT, True, [
- 'createTimestamp', 'creatorsName',
- 'modifiersName', 'modifyTimestamp',
'namingContexts',
- 'nsBackendSuffix', 'nsUniqueId',
'subschemaSubentry',
- 'supportedControl', 'supportedExtension',
- 'supportedFeatures', 'supportedLDAPVersion',
- 'supportedSASLMechanisms', 'vendorName',
'vendorVersion'
+ 'createTimestamp', 'creatorsName',
+ 'modifiersName', 'modifyTimestamp',
'namingContexts',
+ 'nsBackendSuffix', 'nsUniqueId',
'subschemaSubentry',
+ 'supportedControl', 'supportedExtension',
+ 'supportedFeatures', 'supportedLDAPVersion',
+ 'supportedSASLMechanisms', 'vendorName',
'vendorVersion'
]),
(DN_PEOPLE, False, [
- 'aci', 'createTimestamp', 'creatorsName',
'entrydn',
- 'entryid', 'modifiersName',
'modifyTimestamp',
- 'nsUniqueId', 'numSubordinates', 'parentid'
+ 'aci', 'createTimestamp', 'creatorsName',
'entrydn',
+ 'entryid', 'modifiersName', 'modifyTimestamp',
+ 'nsUniqueId', 'numSubordinates', 'parentid'
]),
(DN_PEOPLE, True, [
- 'createTimestamp', 'creatorsName', 'entrydn',
- 'entryid', 'modifyTimestamp', 'nsUniqueId',
- 'numSubordinates', 'parentid'
+ 'createTimestamp', 'creatorsName', 'entrydn',
+ 'entryid', 'modifyTimestamp', 'nsUniqueId',
+ 'numSubordinates', 'parentid'
]),
(TEST_USER_DN, False, [
- 'createTimestamp', 'creatorsName', 'entrydn',
- 'entryid', 'modifiersName',
'modifyTimestamp',
- 'nsUniqueId', 'parentid'
+ 'createTimestamp', 'creatorsName', 'entrydn',
+ 'entryid', 'modifiersName', 'modifyTimestamp',
+ 'nsUniqueId', 'parentid'
]),
(TEST_USER_DN, True, [
- 'createTimestamp', 'creatorsName', 'entrydn',
- 'entryid', 'modifyTimestamp', 'nsUniqueId',
'parentid'
+ 'createTimestamp', 'creatorsName', 'entrydn',
+ 'entryid', 'modifyTimestamp', 'nsUniqueId',
'parentid'
]),
- (DN_CONFIG, False, ['numSubordinates',
'passwordHistory'])]
+ (DN_CONFIG, False, [
+ 'numSubordinates', 'passwordHistory'
+ ])
+ ]
@pytest.fixture(scope="module")
def test_user(topology_st):
"""User for binding operation"""
- try:
- topology_st.standalone.add_s(Entry((TEST_USER_DN, {
- 'objectclass': 'top person'.split(),
- 'objectclass': 'organizationalPerson',
- 'objectclass': 'inetorgperson',
- 'cn': TEST_USER_NAME,
- 'sn': TEST_USER_NAME,
- 'userpassword': TEST_USER_PWD,
- 'mail': '%s(a)redhat.com' % TEST_USER_NAME,
- 'uid': TEST_USER_NAME
- })))
- except ldap.LDAPError as e:
- log.error('Failed to add user (%s): error (%s)' % (TEST_USER_DN,
- e.message['desc']))
- raise e
-
+ users = UserAccounts(topology_st.standalone, DEFAULT_SUFFIX)
+ users.create(properties={
+ 'cn': TEST_USER_NAME,
+ 'sn': TEST_USER_NAME,
+ 'userpassword': TEST_USER_PWD,
+ 'mail': '%s(a)redhat.com' % TEST_USER_NAME,
+ 'uid': TEST_USER_NAME,
+ 'uidNumber': '1000',
+ 'gidNumber': '1000',
+ 'homeDirectory': '/home/test'
+ })
@pytest.fixture(scope="module")
def user_aci(topology_st):
- """Deny modifiersName attribute for the test user
+ """Don't allow modifiersName attribute for the test user
under whole suffix
"""
- ACI_TARGET = '(targetattr= "modifiersName")'
- ACI_ALLOW = '(version 3.0; acl "Deny modifiersName for user"; deny
(read)'
- ACI_SUBJECT = ' userdn = "ldap:///%s";)' % TEST_USER_DN
- ACI_BODY = ACI_TARGET + ACI_ALLOW + ACI_SUBJECT
- topology_st.standalone.modify_s(DEFAULT_SUFFIX, [(ldap.MOD_ADD,
- 'aci',
- ACI_BODY)])
+ ACI_BODY = ensure_bytes('(targetattr= "objectClass || cn || sn || mail ||
uid || uidNumber || gidNumber || homeDirectory || creatorsName || createTimestamp ||
modifyTimestamp || nsUniqueId || parentid || entryid || entrydn || ou ||
numSubordinates")(version 3.0; acl "Allow read for user"; allow
(read,search,compare) userdn = "ldap:///%s";)' % TEST_USER_DN)
+ topology_st.standalone.modify_s(DEFAULT_SUFFIX, [(ldap.MOD_ADD, 'aci',
ACI_BODY)])
def test_supported_features(topology_st):
@@ -111,7 +105,7 @@ def test_supported_features(topology_st):
['supportedFeatures'])
supported_value = entries[0].data['supportedfeatures']
- assert supported_value == ['1.3.6.1.4.1.4203.1.5.1']
+ assert supported_value == [b'1.3.6.1.4.1.4203.1.5.1']
@pytest.mark.parametrize('add_attr', ['', '*',
'objectClass'])
@@ -142,10 +136,10 @@ def test_search_basic(topology_st, test_user, user_aci, add_attr,
if regular_user:
log.info("bound as: %s", TEST_USER_DN)
- topology_st.standalone.simple_bind_s(TEST_USER_DN, TEST_USER_PWD)
+ topology_st.standalone.simple_bind_s(TEST_USER_DN, ensure_bytes(TEST_USER_PWD))
else:
log.info("bound as: %s", DN_DM)
- topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
+ topology_st.standalone.simple_bind_s(DN_DM, ensure_bytes(PASSWORD))
search_filter = ['+']
if add_attr:
diff --git a/src/lib389/lib389/configurations/config_001003006.py
b/src/lib389/lib389/configurations/config_001003006.py
index 8c2895f..9ec80bf 100644
--- a/src/lib389/lib389/configurations/config_001003006.py
+++ b/src/lib389/lib389/configurations/config_001003006.py
@@ -34,7 +34,7 @@ class c001003006_sample_entries(sampleentries):
# I think in python 2 this forces unicode return ...
'dc': dc_ava,
'description': self._basedn,
- 'aci' : '(targetattr ="*")(version 3.0;acl
"Directory Administrators Group";allow (all) (groupdn =
"ldap:///cn=Directory Administrators,
%{BASEDN}");)'.format(BASEDN=self._basedn)
+ 'aci' : '(targetattr ="*")(version 3.0;acl
"Directory Administrators Group";allow (all) (groupdn =
"ldap:///cn=Directory
Administrators,{BASEDN}");)'.format(BASEDN=self._basedn)
})
# Create the OUs
ous = OrganisationalUnits(self._instance, self._basedn)
@@ -45,10 +45,10 @@ class c001003006_sample_entries(sampleentries):
'ou': 'People',
'aci' : [
'(targetattr ="userpassword || telephonenumber ||
facsimiletelephonenumber")(version 3.0;acl "Allow self entry
modification";allow (write)(userdn = "ldap:///self");)',
- '(targetattr !="cn || sn || uid")(targetfilter
="(ou=Accounting)")(version 3.0;acl "Accounting Managers Group
Permissions";allow (write)(groupdn = "ldap:///cn=Accounting
Managers,ou=groups,%{BASEDN}");)'.format(BASEDN=self._basedn),
- '(targetattr !="cn || sn || uid")(targetfilter
="(ou=Human Resources)")(version 3.0;acl "HR Group Permissions";allow
(write)(groupdn = "ldap:///cn=HR
Managers,ou=groups,%{BASEDN}");)'.format(BASEDN=self._basedn),
- '(targetattr !="cn ||sn || uid")(targetfilter
="(ou=Product Testing)")(version 3.0;acl "QA Group Permissions";allow
(write)(groupdn = "ldap:///cn=QA
Managers,ou=groups,%{BASEDN}");)'.format(BASEDN=self._basedn),
- '(targetattr !="cn || sn || uid")(targetfilter
="(ou=Product Development)")(version 3.0;acl "Engineering Group
Permissions";allow (write)(groupdn = "ldap:///cn=PD
Managers,ou=groups,%{BASEDN}");)'.format(BASEDN=self._basedn),
+ '(targetattr !="cn || sn || uid")(targetfilter
="(ou=Accounting)")(version 3.0;acl "Accounting Managers Group
Permissions";allow (write)(groupdn = "ldap:///cn=Accounting
Managers,ou=groups,{BASEDN}");)'.format(BASEDN=self._basedn),
+ '(targetattr !="cn || sn || uid")(targetfilter
="(ou=Human Resources)")(version 3.0;acl "HR Group Permissions";allow
(write)(groupdn = "ldap:///cn=HR
Managers,ou=groups,{BASEDN}");)'.format(BASEDN=self._basedn),
+ '(targetattr !="cn ||sn || uid")(targetfilter
="(ou=Product Testing)")(version 3.0;acl "QA Group Permissions";allow
(write)(groupdn = "ldap:///cn=QA
Managers,ou=groups,{BASEDN}");)'.format(BASEDN=self._basedn),
+ '(targetattr !="cn || sn || uid")(targetfilter
="(ou=Product Development)")(version 3.0;acl "Engineering Group
Permissions";allow (write)(groupdn = "ldap:///cn=PD
Managers,ou=groups,{BASEDN}");)'.format(BASEDN=self._basedn),
]
})
ous.create(properties = {
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
2366
days inactive
2366
days old
389-commits@lists.fedoraproject.org
1 comments
1 participants
participants (1)
-
git repository hosting