Imported Debian patch 4.7.2-3

2019-05-06 08:43:34 +03:00
parent 27edeba051
commit 8bc559c5a1
917 changed files with 1068993 additions and 1184676 deletions
--- a/ipatests/test_integration/test_membermanager.py
+++ b/ipatests/test_integration/test_membermanager.py
@@ -1,214 +0,0 @@
-#
-# Copyright (C) 2019  FreeIPA Contributors see COPYING for license
-#
-"""Tests for member manager feature
-"""
-from ipatests.test_integration.base import IntegrationTest
-from ipatests.pytest_ipa.integration import tasks
-
-
-PASSWORD = "DummyPassword123"
-# direct member manager
-USER_MM = "mmuser"
-# indirect member manager through group membership
-USER_INDIRECT = "indirect_mmuser"
-GROUP_INDIRECT = "group_indirect"
-
-USER1 = "testuser1"
-USER2 = "testuser2"
-GROUP1 = "testgroup1"
-GROUP2 = "testgroup2"
-HOSTGROUP1 = "testhostgroup1"
-
-
-class TestMemberManager(IntegrationTest):
-    """Tests for member manager feature for groups and hostgroups
-    """
-    topology = "line"
-
-    @classmethod
-    def install(cls, mh):
-        super(TestMemberManager, cls).install(mh)
-        master = cls.master
-
-        tasks.create_active_user(master, USER_MM, PASSWORD)
-        tasks.create_active_user(master, USER_INDIRECT, PASSWORD)
-        tasks.create_active_user(master, USER1, PASSWORD)
-
-        tasks.kinit_admin(master)
-        tasks.group_add(master, GROUP_INDIRECT)
-        master.run_command([
-            'ipa', 'group-add-member', GROUP_INDIRECT, '--users', USER_INDIRECT
-        ])
-
-        tasks.user_add(master, USER2)
-        tasks.group_add(master, GROUP1)
-        tasks.group_add(master, GROUP2)
-        master.run_command(['ipa', 'hostgroup-add', HOSTGROUP1])
-
-        # make mmuser a member manager for group and hostgroup
-        master.run_command([
-            'ipa', 'group-add-member-manager', GROUP1,
-            '--users', USER_MM
-        ])
-        master.run_command([
-            'ipa', 'hostgroup-add-member-manager', HOSTGROUP1,
-            '--users', USER_MM
-        ])
-        # make indirect group member manager for group and hostgroup
-        master.run_command([
-            'ipa', 'group-add-member-manager', GROUP1,
-            '--groups', GROUP_INDIRECT
-        ])
-        master.run_command([
-            'ipa', 'hostgroup-add-member-manager', HOSTGROUP1,
-            '--groups', GROUP_INDIRECT
-        ])
-        tasks.kdestroy_all(master)
-
-    def test_show_member_manager(self):
-        master = self.master
-        tasks.kinit_admin(master)
-
-        result = master.run_command(['ipa', 'group-show', GROUP1])
-        out = result.stdout_text
-        assert f"Membership managed by groups: {GROUP_INDIRECT}" in out
-        assert f"Membership managed by users: {USER_MM}" in out
-
-        result = master.run_command(['ipa', 'hostgroup-show', HOSTGROUP1])
-        out = result.stdout_text
-        assert f"Membership managed by groups: {GROUP_INDIRECT}" in out
-        assert f"Membership managed by users: {USER_MM}" in out
-
-        tasks.kdestroy_all(master)
-
-    def test_find_by_member_manager(self):
-        master = self.master
-        tasks.kinit_admin(master)
-
-        result = master.run_command([
-            'ipa', 'group-find', '--membermanager-users', USER_MM
-        ])
-        assert GROUP1 in result.stdout_text
-
-        result = master.run_command([
-            'ipa', 'group-find', '--membermanager-groups', GROUP_INDIRECT
-        ])
-        assert GROUP1 in result.stdout_text
-
-        result = master.run_command(
-            [
-                'ipa', 'group-find', '--membermanager-users', USER1
-            ],
-            raiseonerr=False
-        )
-        assert result.returncode == 1
-        assert "0 groups matched" in result.stdout_text
-
-        result = master.run_command([
-            'ipa', 'hostgroup-find', '--membermanager-users', USER_MM
-        ])
-        assert HOSTGROUP1 in result.stdout_text
-
-        result = master.run_command([
-            'ipa', 'hostgroup-find', '--membermanager-groups', GROUP_INDIRECT
-        ])
-        assert HOSTGROUP1 in result.stdout_text
-
-        result = master.run_command(
-            [
-                'ipa', 'hostgroup-find', '--membermanager-users', USER1
-            ],
-            raiseonerr=False
-        )
-        assert result.returncode == 1
-        assert "0 hostgroups matched" in result.stdout_text
-
-    def test_group_member_manager_user(self):
-        master = self.master
-        # mmuser: add user1 to group
-        tasks.kinit_as_user(master, USER_MM, PASSWORD)
-        master.run_command([
-            'ipa', 'group-add-member', GROUP1, '--users', USER1
-        ])
-        result = master.run_command(['ipa', 'group-show', GROUP1])
-        assert USER1 in result.stdout_text
-
-        # indirect: add user2 to group
-        tasks.kinit_as_user(master, USER_INDIRECT, PASSWORD)
-        master.run_command([
-            'ipa', 'group-add-member', GROUP1, '--users', USER2
-        ])
-        # verify
-        master.run_command(['ipa', 'group-show', GROUP1])
-        result = master.run_command(['ipa', 'group-show', GROUP1])
-        assert USER2 in result.stdout_text
-
-    def test_group_member_manager_group(self):
-        master = self.master
-        # mmuser: add group2 to group
-        tasks.kinit_as_user(master, USER_MM, PASSWORD)
-        master.run_command([
-            'ipa', 'group-add-member', GROUP1, '--groups', GROUP2
-        ])
-        result = master.run_command(['ipa', 'group-show', GROUP1])
-        assert GROUP2 in result.stdout_text
-
-    def test_group_member_manager_nopermission(self):
-        master = self.master
-        tasks.kinit_as_user(master, USER1, PASSWORD)
-        result = master.run_command(
-            [
-                'ipa', 'group-add-member-manager', GROUP1, '--users', USER1
-            ],
-            raiseonerr=False
-        )
-        assert result.returncode != 0
-        expected = (
-            f"member user: {USER1}: Insufficient access: Insufficient "
-            "'write' privilege to the 'memberManager' attribute of entry"
-        )
-        assert expected in result.stdout_text
-
-    def test_hostgroup_member_manager_user(self):
-        master = self.master
-        # mmuser: add a host to host group
-        tasks.kinit_as_user(master, USER_MM, PASSWORD)
-        master.run_command([
-            'ipa', 'hostgroup-add-member', HOSTGROUP1,
-            '--hosts', master.hostname
-        ])
-        result = master.run_command(['ipa', 'hostgroup-show', HOSTGROUP1])
-        assert master.hostname in result.stdout_text
-        master.run_command([
-            'ipa', 'hostgroup-remove-member', HOSTGROUP1,
-            '--hosts', master.hostname
-        ])
-        result = master.run_command(['ipa', 'hostgroup-show', HOSTGROUP1])
-        assert master.hostname not in result.stdout_text
-
-        # indirect:
-        tasks.kinit_as_user(master, USER_INDIRECT, PASSWORD)
-        master.run_command([
-            'ipa', 'hostgroup-add-member', HOSTGROUP1,
-            '--hosts', master.hostname
-        ])
-        result = master.run_command(['ipa', 'hostgroup-show', HOSTGROUP1])
-        assert master.hostname in result.stdout_text
-
-    def test_hostgroup_member_manager_nopermission(self):
-        master = self.master
-        tasks.kinit_as_user(master, USER1, PASSWORD)
-        result = master.run_command(
-            [
-                'ipa', 'hostgroup-add-member-manager', HOSTGROUP1,
-                '--users', USER1
-            ],
-            raiseonerr=False
-        )
-        assert result.returncode != 0
-        expected = (
-            f"member user: {USER1}: Insufficient access: Insufficient "
-            "'write' privilege to the 'memberManager' attribute of entry"
-        )
-        assert expected in result.stdout_text