SSSDConfigTest.py revision edaa983d094c239c3e1ba667bcd20ed3934be3b8
a8c5a86d183db25a57bf193c06b41e092ec2e151Timo Sirainen#!/usr/bin/python
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen'''
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo SirainenCreated on Sep 18, 2009
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
fab850a6aee4aaef4f4795bd7946807a3ba45041Timo Sirainen@author: sgallagh
28b8434ca4cba2e310d13ffc55e895d658725f43Timo Sirainen'''
28b8434ca4cba2e310d13ffc55e895d658725f43Timo Sirainenimport unittest
06af65f82453bb976cf8aa6fe2507e3a6253a04fTimo Sirainenimport os
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainenfrom stat import *
e5d7056b6ef069e228f8ad3c9467662955cab3c6Timo Sirainen
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainenimport sys
134582c78f038b4d9b9fde127399aefa50935a53Timo Sirainen
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainensrcdir = os.getenv('srcdir')
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainenif srcdir:
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen sys.path.append("./src/config")
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen srcdir = srcdir + "/src/config"
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainenelse:
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen srcdir = "."
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainenimport SSSDConfig
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen
8aa6fe58b1832da498b49de4383f9f1ef458945dTimo Sirainen
8aa6fe58b1832da498b49de4383f9f1ef458945dTimo Sirainenclass SSSDConfigTestValid(unittest.TestCase):
8aa6fe58b1832da498b49de4383f9f1ef458945dTimo Sirainen def setUp(self):
8aa6fe58b1832da498b49de4383f9f1ef458945dTimo Sirainen pass
8aa6fe58b1832da498b49de4383f9f1ef458945dTimo Sirainen
8aa6fe58b1832da498b49de4383f9f1ef458945dTimo Sirainen def tearDown(self):
8aa6fe58b1832da498b49de4383f9f1ef458945dTimo Sirainen pass
8aa6fe58b1832da498b49de4383f9f1ef458945dTimo Sirainen
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen def testServices(self):
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
4ee00532a265bdfb38539d811fcd12d51210ac35Timo Sirainen srcdir + "/etc/sssd.api.d")
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen # Validate services
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen services = sssdconfig.list_services()
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen self.assertTrue('sssd' in services)
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen self.assertTrue('nss' in services)
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen self.assertTrue('pam' in services)
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen #Verify service attributes
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen sssd_service = sssdconfig.get_service('sssd')
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen service_opts = sssd_service.list_options()
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen self.assertTrue('services' in service_opts.keys())
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen service_list = sssd_service.get_option('services')
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen self.assertTrue('nss' in service_list)
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen self.assertTrue('pam' in service_list)
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen self.assertTrue('domains' in service_opts)
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen self.assertTrue('reconnection_retries' in service_opts)
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen del sssdconfig
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen srcdir + "/etc/sssd.api.d")
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen sssdconfig.new_config()
27a44fcfd8d19bffe0f267f20a2b5d3fe7600fddTimo Sirainen sssdconfig.delete_service('sssd')
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen new_sssd_service = sssdconfig.new_service('sssd');
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen new_options = new_sssd_service.list_options();
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
27a44fcfd8d19bffe0f267f20a2b5d3fe7600fddTimo Sirainen self.assertTrue('debug_level' in new_options)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertEquals(new_options['debug_level'][0], int)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('command' in new_options)
27a44fcfd8d19bffe0f267f20a2b5d3fe7600fddTimo Sirainen self.assertEquals(new_options['command'][0], str)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('reconnection_retries' in new_options)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertEquals(new_options['reconnection_retries'][0], int)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('services' in new_options)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertEquals(new_options['debug_level'][0], int)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('domains' in new_options)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertEquals(new_options['domains'][0], list)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertEquals(new_options['domains'][1], str)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('sbus_timeout' in new_options)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertEquals(new_options['sbus_timeout'][0], int)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('re_expression' in new_options)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertEquals(new_options['re_expression'][0], str)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('full_name_format' in new_options)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertEquals(new_options['full_name_format'][0], str)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('default_domain_suffix' in new_options)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertEquals(new_options['default_domain_suffix'][0], str)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen del sssdconfig
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen def testDomains(self):
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen srcdir + "/etc/sssd.api.d")
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen #Validate domain list
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen domains = sssdconfig.list_domains()
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('LOCAL' in domains)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('LDAP' in domains)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('PROXY' in domains)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('IPA' in domains)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen #Verify domain attributes
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen ipa_domain = sssdconfig.get_domain('IPA')
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen domain_opts = ipa_domain.list_options()
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('debug_level' in domain_opts.keys())
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('id_provider' in domain_opts.keys())
767431e5084a037c4dbefdf30ebfa03c84b1f449Timo Sirainen self.assertTrue('auth_provider' in domain_opts.keys())
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen del sssdconfig
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen def testListProviders(self):
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
10635b60b6f7776cd4c1f364ae8dc94c3b9254ecPascal Volk srcdir + "/etc/sssd.api.d")
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen sssdconfig.new_config()
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen junk_domain = sssdconfig.new_domain('junk')
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen providers = junk_domain.list_providers()
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertTrue('ldap' in providers.keys())
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen def testCreateNewLocalConfig(self):
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen srcdir + "/etc/sssd.api.d")
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen sssdconfig.new_config()
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen local_domain = sssdconfig.new_domain('LOCAL')
767431e5084a037c4dbefdf30ebfa03c84b1f449Timo Sirainen local_domain.add_provider('local', 'id')
767431e5084a037c4dbefdf30ebfa03c84b1f449Timo Sirainen local_domain.set_option('debug_level', 1)
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen local_domain.set_option('default_shell', '/bin/tcsh')
767431e5084a037c4dbefdf30ebfa03c84b1f449Timo Sirainen local_domain.set_active(True)
767431e5084a037c4dbefdf30ebfa03c84b1f449Timo Sirainen sssdconfig.save_domain(local_domain)
9ce62fcb795a4bb57f1c003fc8cbd63bff6e5463Timo Sirainen
9ce62fcb795a4bb57f1c003fc8cbd63bff6e5463Timo Sirainen of = '/tmp/testCreateNewLocalConfig.conf'
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
9f3bb0e10835efb0c9b1eb9e09e16b614ec41b97Timo Sirainen #Ensure the output file doesn't exist
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen try:
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen os.unlink(of)
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen except:
9f3bb0e10835efb0c9b1eb9e09e16b614ec41b97Timo Sirainen pass
9f3bb0e10835efb0c9b1eb9e09e16b614ec41b97Timo Sirainen
9f3bb0e10835efb0c9b1eb9e09e16b614ec41b97Timo Sirainen #Write out the file
9f3bb0e10835efb0c9b1eb9e09e16b614ec41b97Timo Sirainen sssdconfig.write(of)
9f3bb0e10835efb0c9b1eb9e09e16b614ec41b97Timo Sirainen
28b8434ca4cba2e310d13ffc55e895d658725f43Timo Sirainen #Verify that the output file has the correct permissions
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen mode = os.stat(of)[ST_MODE]
28b8434ca4cba2e310d13ffc55e895d658725f43Timo Sirainen
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen #Output files should not be readable or writable by
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen #non-owners, and should not be executable by anyone
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen self.assertFalse(S_IMODE(mode) & 0177)
fab850a6aee4aaef4f4795bd7946807a3ba45041Timo Sirainen
28b8434ca4cba2e310d13ffc55e895d658725f43Timo Sirainen #Remove the output file
28b8434ca4cba2e310d13ffc55e895d658725f43Timo Sirainen os.unlink(of)
28b8434ca4cba2e310d13ffc55e895d658725f43Timo Sirainen
28b8434ca4cba2e310d13ffc55e895d658725f43Timo Sirainen
28b8434ca4cba2e310d13ffc55e895d658725f43Timo Sirainen def testCreateNewLDAPConfig(self):
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
0f9a8663b0ff6fe30389d02284a2b002c40914ebTimo Sirainen srcdir + "/etc/sssd.api.d")
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
bde78a7bf5f9000f1ae4dc7ce6cabd012e1f8b79Pascal Volk sssdconfig.new_config()
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen ldap_domain = sssdconfig.new_domain('LDAP')
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen ldap_domain.add_provider('ldap', 'id')
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen ldap_domain.set_option('debug_level', 1)
06af65f82453bb976cf8aa6fe2507e3a6253a04fTimo Sirainen ldap_domain.set_active(True)
06af65f82453bb976cf8aa6fe2507e3a6253a04fTimo Sirainen sssdconfig.save_domain(ldap_domain)
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen of = '/tmp/testCreateNewLDAPConfig.conf'
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen #Ensure the output file doesn't exist
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen try:
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen os.unlink(of)
bde78a7bf5f9000f1ae4dc7ce6cabd012e1f8b79Pascal Volk except:
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen pass
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen
cc52f19439f17c03e37fd65c6299a77d5c5e638aTimo Sirainen #Write out the file
cc52f19439f17c03e37fd65c6299a77d5c5e638aTimo Sirainen sssdconfig.write(of)
cc52f19439f17c03e37fd65c6299a77d5c5e638aTimo Sirainen
cc52f19439f17c03e37fd65c6299a77d5c5e638aTimo Sirainen #Verify that the output file has the correct permissions
cc52f19439f17c03e37fd65c6299a77d5c5e638aTimo Sirainen mode = os.stat(of)[ST_MODE]
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen #Output files should not be readable or writable by
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen #non-owners, and should not be executable by anyone
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen self.assertFalse(S_IMODE(mode) & 0177)
cc52f19439f17c03e37fd65c6299a77d5c5e638aTimo Sirainen
cc52f19439f17c03e37fd65c6299a77d5c5e638aTimo Sirainen #Remove the output file
cc52f19439f17c03e37fd65c6299a77d5c5e638aTimo Sirainen os.unlink(of)
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen def testModifyExistingConfig(self):
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen srcdir + "/etc/sssd.api.d")
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen ldap_domain = sssdconfig.get_domain('LDAP')
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen ldap_domain.set_option('debug_level', 3)
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen ldap_domain.remove_provider('auth')
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen ldap_domain.add_provider('krb5', 'auth')
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen ldap_domain.set_active(True)
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen sssdconfig.save_domain(ldap_domain)
78ab753927acf4466f38e4a50694be3f4c4cc9abTimo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen of = '/tmp/testModifyExistingConfig.conf'
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen #Ensure the output file doesn't exist
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen try:
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen os.unlink(of)
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen except:
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen pass
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen #Write out the file
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen sssdconfig.write(of)
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen #Verify that the output file has the correct permissions
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen mode = os.stat(of)[ST_MODE]
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen #Output files should not be readable or writable by
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen #non-owners, and should not be executable by anyone
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen self.assertFalse(S_IMODE(mode) & 0177)
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen #Remove the output file
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen os.unlink(of)
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen def testSpaces(self):
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen srcdir + "/etc/sssd.api.d")
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen ldap_domain = sssdconfig.get_domain('LDAP')
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen self.assertEqual(ldap_domain.get_option('auth_provider'), 'ldap')
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen self.assertEqual(ldap_domain.get_option('id_provider'), 'ldap')
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainenclass SSSDConfigTestInvalid(unittest.TestCase):
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen def setUp(self):
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen pass
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen def tearDown(self):
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen pass
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen def testBadBool(self):
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen srcdir + "/etc/sssd.api.d")
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen sssdconfig.import_config(srcdir + "/testconfigs/sssd-invalid-badbool.conf")
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen self.assertRaises(TypeError,
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainen sssdconfig.get_domain,'IPA')
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
542a32ee5f4ca72626ec93b6313f909811c01534Timo Sirainenclass SSSDConfigTestSSSDService(unittest.TestCase):
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen def setUp(self):
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen self.schema = SSSDConfig.SSSDConfigSchema(srcdir + "/etc/sssd.api.conf",
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen srcdir + "/etc/sssd.api.d")
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainen def tearDown(self):
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen pass
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen def testInit(self):
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen # Positive test
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen service = SSSDConfig.SSSDService('sssd', self.schema)
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen # Type Error test
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen # Name is not a string
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen self.assertRaises(TypeError, SSSDConfig.SSSDService, 3, self.schema)
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainen
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainen # TypeError test
d5ef38077adbff5b3e4d0b3c94a2057581dc78b6Timo Sirainen # schema is not an SSSDSchema
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen self.assertRaises(TypeError, SSSDConfig.SSSDService, '3', self)
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen # ServiceNotRecognizedError test
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen self.assertRaises(SSSDConfig.ServiceNotRecognizedError,
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen SSSDConfig.SSSDService, 'ssd', self.schema)
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen def testListOptions(self):
d5ef38077adbff5b3e4d0b3c94a2057581dc78b6Timo Sirainen service = SSSDConfig.SSSDService('sssd', self.schema)
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen options = service.list_options()
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen control_list = [
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen 'services',
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen 'domains',
d5eb47a791ec56149fd711cd8e44efc8babeaae5Timo Sirainen 'timeout',
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen 'force_timeout',
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen 'sbus_timeout',
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen 're_expression',
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen 'full_name_format',
e5d7056b6ef069e228f8ad3c9467662955cab3c6Timo Sirainen 'krb5_rcache_dir',
2e533fb1283b5f06a4063b519e47f1861c910386Timo Sirainen 'default_domain_suffix',
2e533fb1283b5f06a4063b519e47f1861c910386Timo Sirainen 'debug_level',
2e533fb1283b5f06a4063b519e47f1861c910386Timo Sirainen 'debug_timestamps',
2e533fb1283b5f06a4063b519e47f1861c910386Timo Sirainen 'debug_microseconds',
d5ef38077adbff5b3e4d0b3c94a2057581dc78b6Timo Sirainen 'debug_to_files',
d5ef38077adbff5b3e4d0b3c94a2057581dc78b6Timo Sirainen 'command',
e5d7056b6ef069e228f8ad3c9467662955cab3c6Timo Sirainen 'reconnection_retries',
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen 'fd_limit',
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen 'client_idle_timeout']
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen self.assertTrue(type(options) == dict,
a3a55999bcfe2e57941cb64343f4ea80beabdab7Timo Sirainen "Options should be a dictionary")
f2a1955d993f67982bc40ad7bbae9a036dabfd64Timo Sirainen
169b1488b6eea7a968021afa4f929b2e26d75d98Timo Sirainen # Ensure that all of the expected defaults are there
169b1488b6eea7a968021afa4f929b2e26d75d98Timo Sirainen for option in control_list:
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen self.assertTrue(option in options.keys(),
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen "Option [%s] missing" %
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen option)
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen # Ensure that there aren't any unexpected options listed
75d9024d9409f4710e51dbe40ffb338a84bb1446Timo Sirainen for option in options.keys():
75d9024d9409f4710e51dbe40ffb338a84bb1446Timo Sirainen self.assertTrue(option in control_list,
6565fc65b6c12eeab52dabfbe7c60cb10c219d1eTimo Sirainen 'Option [%s] unexpectedly found' %
06e3d76a9780fabd0c1d0dca2c650aec84d4a9e8Timo Sirainen option)
4605cab1123700c52c515a433a2802fcbc827c62Timo Sirainen
4605cab1123700c52c515a433a2802fcbc827c62Timo Sirainen self.assertTrue(type(options['reconnection_retries']) == tuple,
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen "Option values should be a tuple")
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen self.assertTrue(options['reconnection_retries'][0] == int,
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen "reconnection_retries should require an int. " +
a672f99363d5f37060c1331d00d2ee3c4626310fTimo Sirainen "list_options is requiring a %s" %
a672f99363d5f37060c1331d00d2ee3c4626310fTimo Sirainen options['reconnection_retries'][0])
a672f99363d5f37060c1331d00d2ee3c4626310fTimo Sirainen
d5ef38077adbff5b3e4d0b3c94a2057581dc78b6Timo Sirainen self.assertTrue(options['reconnection_retries'][1] == None,
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen "reconnection_retries should not require a subtype. " +
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen "list_options is requiring a %s" %
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen options['reconnection_retries'][1])
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen self.assertTrue(options['reconnection_retries'][3] == None,
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen "reconnection_retries should have no default")
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen self.assertTrue(type(options['services']) == tuple,
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen "Option values should be a tuple")
a672f99363d5f37060c1331d00d2ee3c4626310fTimo Sirainen
d5ef38077adbff5b3e4d0b3c94a2057581dc78b6Timo Sirainen self.assertTrue(options['services'][0] == list,
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen "services should require an list. " +
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen "list_options is requiring a %s" %
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen options['services'][0])
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen self.assertTrue(options['services'][1] == str,
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen "services should require a subtype of str. " +
72c47a26f4ded49d4827dc64818b34bbc9606fc4Timo Sirainen "list_options is requiring a %s" %
7ed711d973b319320da100d3e905ef7b99ed69d6Timo Sirainen options['services'][1])
7ed711d973b319320da100d3e905ef7b99ed69d6Timo Sirainen
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen def testListMandatoryOptions(self):
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen service = SSSDConfig.SSSDService('sssd', self.schema)
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen options = service.list_mandatory_options()
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen control_list = [
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen 'services',
5296198635718c9bf5b2f972c9d5be52092d3d58Timo Sirainen 'domains']
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainen self.assertTrue(type(options) == dict,
4a26584a87ee0e986d23a224b3b3e85c44254d7fTimo Sirainen "Options should be a dictionary")
4a26584a87ee0e986d23a224b3b3e85c44254d7fTimo Sirainen
4a26584a87ee0e986d23a224b3b3e85c44254d7fTimo Sirainen # Ensure that all of the expected defaults are there
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen for option in control_list:
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen self.assertTrue(option in options.keys(),
d5ef38077adbff5b3e4d0b3c94a2057581dc78b6Timo Sirainen "Option [%s] missing" %
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen option)
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainen
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainen # Ensure that there aren't any unexpected options listed
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen for option in options.keys():
ff3337516aad9843599905aeeb29812ea67c09d1Timo Sirainen self.assertTrue(option in control_list,
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainen 'Option [%s] unexpectedly found' %
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen option)
2f896df28bbb7751c6d77219cb6675fa091d3c7aTimo Sirainen
968b2f633b7405bc2cf0596d04762994ceb279d0Timo Sirainen self.assertTrue(type(options['services']) == tuple,
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen "Option values should be a tuple")
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen self.assertTrue(options['services'][0] == list,
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen "services should require an list. " +
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen "list_options is requiring a %s" %
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen options['services'][0])
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen
a43145989f87ec68754e21234e7b6d892c4a4421Timo Sirainen self.assertTrue(options['services'][1] == str,
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen "services should require a subtype of str. " +
d47a87c927ca77e780480f4eaf575511698d42c8Timo Sirainen "list_options is requiring a %s" %
680e885bc8e13032e09d7fa0e12297a5e7cbf20cTimo Sirainen options['services'][1])
02aedbc20af0160091670233383d228f10b168afTimo Sirainen
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen def testSetOption(self):
d0695591414d27675914c7f6332d0ee56e8eeb72Timo Sirainen service = SSSDConfig.SSSDService('sssd', self.schema)
26f14cde12faa09df2de399e2384fd3d955d8bb4Timo Sirainen
51f750db859e62e2c58a61806b53e0adb13e0775Timo Sirainen # Positive test - Exactly right
134582c78f038b4d9b9fde127399aefa50935a53Timo Sirainen service.set_option('debug_level', 2)
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen self.assertEqual(service.get_option('debug_level'), 2)
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen # Positive test - Allow converting "safe" values
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen service.set_option('debug_level', '2')
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen self.assertEqual(service.get_option('debug_level'), 2)
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen # Positive test - Remove option if value is None
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen service.set_option('debug_level', None)
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen self.assertTrue('debug_level' not in service.options.keys())
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen # Negative test - Nonexistent Option
1d5dbb87f3485544db62896e2d56c663cb728c17Timo Sirainen self.assertRaises(SSSDConfig.NoOptionError, service.set_option, 'nosuchoption', 1)
1d5dbb87f3485544db62896e2d56c663cb728c17Timo Sirainen
1d5dbb87f3485544db62896e2d56c663cb728c17Timo Sirainen # Negative test - Incorrect type
1d5dbb87f3485544db62896e2d56c663cb728c17Timo Sirainen self.assertRaises(TypeError, service.set_option, 'debug_level', 'two')
dbcc7e1e5eaaad8a8cac6ee74076772c42a2649aTimo Sirainen
1d5dbb87f3485544db62896e2d56c663cb728c17Timo Sirainen def testGetOption(self):
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen service = SSSDConfig.SSSDService('sssd', self.schema)
cf0ad1a0bddb0787f3d7b408a96d721a8b2a98a3Timo Sirainen
aee3e2f7ab2b27572a90b9e7fd8fe60f13c6637eTimo Sirainen # Positive test - Single-valued
aee3e2f7ab2b27572a90b9e7fd8fe60f13c6637eTimo Sirainen self.assertEqual(service.get_option('config_file_version'), 2)
aee3e2f7ab2b27572a90b9e7fd8fe60f13c6637eTimo Sirainen
aee3e2f7ab2b27572a90b9e7fd8fe60f13c6637eTimo Sirainen # Positive test - List of values
aee3e2f7ab2b27572a90b9e7fd8fe60f13c6637eTimo Sirainen self.assertEqual(service.get_option('services'), ['nss', 'pam'])
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen # Negative Test - Bad Option
10515cb90514b169ab6c3693c72c4bf1017476dbTimo Sirainen self.assertRaises(SSSDConfig.NoOptionError, service.get_option, 'nosuchoption')
10515cb90514b169ab6c3693c72c4bf1017476dbTimo Sirainen
10515cb90514b169ab6c3693c72c4bf1017476dbTimo Sirainen def testGetAllOptions(self):
10515cb90514b169ab6c3693c72c4bf1017476dbTimo Sirainen service = SSSDConfig.SSSDService('sssd', self.schema)
10515cb90514b169ab6c3693c72c4bf1017476dbTimo Sirainen
10515cb90514b169ab6c3693c72c4bf1017476dbTimo Sirainen #Positive test
10515cb90514b169ab6c3693c72c4bf1017476dbTimo Sirainen options = service.get_all_options()
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen control_list = [
bd417d416988d11a6b555b9aa57779e7ed976951Timo Sirainen 'config_file_version',
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen 'services']
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen self.assertTrue(type(options) == dict,
134582c78f038b4d9b9fde127399aefa50935a53Timo Sirainen "Options should be a dictionary")
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen
7ed711d973b319320da100d3e905ef7b99ed69d6Timo Sirainen # Ensure that all of the expected defaults are there
a2857829c642e2671779576b00c37b7d04693731Timo Sirainen for option in control_list:
acc039dfc0b0f4588cf2feec04727b61e1c672a1Timo Sirainen self.assertTrue(option in options.keys(),
4909421ac41e143fe07a235c0d11e9f0452d716bTimo Sirainen "Option [%s] missing" %
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen option)
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
def testRemoveOption(self):
service = SSSDConfig.SSSDService('sssd', self.schema)
# Positive test - Remove an option that exists
self.assertEqual(service.get_option('services'), ['nss', 'pam'])
service.remove_option('services')
self.assertRaises(SSSDConfig.NoOptionError, service.get_option, 'debug_level')
# Positive test - Remove an option that doesn't exist
self.assertRaises(SSSDConfig.NoOptionError, service.get_option, 'nosuchentry')
service.remove_option('nosuchentry')
class SSSDConfigTestSSSDDomain(unittest.TestCase):
def setUp(self):
self.schema = SSSDConfig.SSSDConfigSchema(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
def tearDown(self):
pass
def testInit(self):
# Positive Test
domain = SSSDConfig.SSSDDomain('mydomain', self.schema)
# Negative Test - Name not a string
self.assertRaises(TypeError, SSSDConfig.SSSDDomain, 2, self.schema)
# Negative Test - Schema is not an SSSDSchema
self.assertRaises(TypeError, SSSDConfig.SSSDDomain, 'mydomain', self)
def testGetName(self):
# Positive Test
domain = SSSDConfig.SSSDDomain('mydomain', self.schema)
self.assertEqual(domain.get_name(), 'mydomain')
def testSetActive(self):
#Positive Test
domain = SSSDConfig.SSSDDomain('mydomain', self.schema)
# Should default to inactive
self.assertFalse(domain.active)
domain.set_active(True)
self.assertTrue(domain.active)
domain.set_active(False)
self.assertFalse(domain.active)
def testListOptions(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
# First test default options
options = domain.list_options()
control_list = [
'description',
'debug_level',
'debug_timestamps',
'min_id',
'max_id',
'timeout',
'force_timeout',
'try_inotify',
'command',
'enumerate',
'cache_credentials',
'store_legacy_passwords',
'use_fully_qualified_names',
'ignore_group_members',
'filter_users',
'filter_groups',
'entry_cache_timeout',
'entry_cache_user_timeout',
'entry_cache_group_timeout',
'entry_cache_netgroup_timeout',
'entry_cache_service_timeout',
'entry_cache_autofs_timeout',
'entry_cache_sudo_timeout',
'lookup_family_order',
'account_cache_expiration',
'dns_resolver_timeout',
'dns_discovery_domain',
'override_gid',
'case_sensitive',
'override_homedir',
'fallback_homedir',
'override_shell',
'default_shell',
'pwd_expiration_warning',
'id_provider',
'auth_provider',
'access_provider',
'chpass_provider',
'sudo_provider',
'autofs_provider',
'session_provider',
'hostid_provider',
'subdomains_provider']
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
self.assertTrue(type(options['max_id']) == tuple,
"Option values should be a tuple")
self.assertTrue(options['max_id'][0] == int,
"max_id should require an int. " +
"list_options is requiring a %s" %
options['max_id'][0])
self.assertTrue(options['max_id'][1] == None,
"max_id should not require a subtype. " +
"list_options is requiring a %s" %
options['max_id'][1])
# Add a provider and verify that the new options appear
domain.add_provider('local', 'id')
control_list.extend(
['default_shell',
'base_directory',
'create_homedir',
'remove_homedir',
'homedir_umask',
'skel_dir',
'mail_dir',
'userdel_cmd'])
options = domain.list_options()
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
# Add a provider that has global options and verify that
# The new options appear.
domain.add_provider('krb5', 'auth')
backup_list = control_list[:]
control_list.extend(
['krb5_server',
'krb5_backup_server',
'krb5_realm',
'krb5_kpasswd',
'krb5_backup_kpasswd',
'krb5_ccachedir',
'krb5_ccname_template',
'krb5_keytab',
'krb5_validate',
'krb5_store_password_if_offline',
'krb5_auth_timeout',
'krb5_renewable_lifetime',
'krb5_lifetime',
'krb5_renew_interval',
'krb5_use_fast',
'krb5_fast_principal',
'krb5_canonicalize',
'krb5_use_enterprise_principal'])
options = domain.list_options()
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
control_list.extend(['krb5_kdcip'])
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
# Remove the auth domain and verify that the options
# revert to the backup_list
domain.remove_provider('auth')
options = domain.list_options()
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in backup_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in backup_list,
'Option [%s] unexpectedly found' %
option)
def testListMandatoryOptions(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
# First test default options
options = domain.list_mandatory_options()
control_list = ['id_provider']
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
# Add a provider that has global options and verify that
# The new options appear.
domain.add_provider('krb5', 'auth')
backup_list = control_list[:]
control_list.extend(['krb5_realm'])
options = domain.list_mandatory_options()
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
# Remove the auth domain and verify that the options
# revert to the backup_list
domain.remove_provider('auth')
options = domain.list_mandatory_options()
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in backup_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in backup_list,
'Option [%s] unexpectedly found' %
option)
def testListProviders(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
control_provider_dict = {
'ipa': ['id', 'auth', 'access', 'chpass', 'autofs', 'session',
'hostid', 'subdomains'],
'ad': ['id', 'auth', 'access', 'chpass'],
'local': ['id', 'auth', 'chpass'],
'ldap': ['id', 'auth', 'access', 'chpass', 'sudo', 'autofs'],
'krb5': ['auth', 'access', 'chpass'],
'proxy': ['id', 'auth', 'chpass'],
'simple': ['access'],
'permit': ['access'],
'deny': ['access']}
providers = domain.list_providers()
# Ensure that all of the expected defaults are there
for provider in control_provider_dict.keys():
for ptype in control_provider_dict[provider]:
self.assertTrue(providers.has_key(provider))
self.assertTrue(ptype in providers[provider])
for provider in providers.keys():
for ptype in providers[provider]:
self.assertTrue(control_provider_dict.has_key(provider))
self.assertTrue(ptype in control_provider_dict[provider])
def testListProviderOptions(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
# Test looking up a specific provider type
options = domain.list_provider_options('krb5', 'auth')
control_list = [
'krb5_server',
'krb5_backup_server',
'krb5_kdcip',
'krb5_realm',
'krb5_kpasswd',
'krb5_backup_kpasswd',
'krb5_ccachedir',
'krb5_ccname_template',
'krb5_keytab',
'krb5_validate',
'krb5_store_password_if_offline',
'krb5_auth_timeout',
'krb5_renewable_lifetime',
'krb5_lifetime',
'krb5_renew_interval',
'krb5_use_fast',
'krb5_fast_principal',
'krb5_canonicalize',
'krb5_use_enterprise_principal']
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
#Test looking up all provider values
options = domain.list_provider_options('krb5')
control_list.extend(['krb5_kpasswd'])
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
def testAddProvider(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
# Positive Test
domain.add_provider('local', 'id')
# Negative Test - No such backend type
self.assertRaises(SSSDConfig.NoSuchProviderError,
domain.add_provider, 'nosuchbackend', 'auth')
# Negative Test - No such backend subtype
self.assertRaises(SSSDConfig.NoSuchProviderSubtypeError,
domain.add_provider, 'ldap', 'nosuchsubtype')
# Negative Test - Try to add a second provider of the same type
self.assertRaises(SSSDConfig.ProviderSubtypeInUse,
domain.add_provider, 'ldap', 'id')
def testRemoveProvider(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
# First test default options
options = domain.list_options()
control_list = [
'description',
'debug_level',
'debug_timestamps',
'min_id',
'max_id',
'timeout',
'force_timeout',
'try_inotify',
'command',
'enumerate',
'cache_credentials',
'store_legacy_passwords',
'use_fully_qualified_names',
'ignore_group_members',
'filter_users',
'filter_groups',
'entry_cache_timeout',
'entry_cache_user_timeout',
'entry_cache_group_timeout',
'entry_cache_netgroup_timeout',
'entry_cache_service_timeout',
'entry_cache_autofs_timeout',
'entry_cache_sudo_timeout',
'account_cache_expiration',
'lookup_family_order',
'dns_resolver_timeout',
'dns_discovery_domain',
'override_gid',
'case_sensitive',
'override_homedir',
'fallback_homedir',
'override_shell',
'default_shell',
'pwd_expiration_warning',
'id_provider',
'auth_provider',
'access_provider',
'chpass_provider',
'sudo_provider',
'autofs_provider',
'session_provider',
'hostid_provider',
'subdomains_provider']
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
self.assertTrue(type(options['max_id']) == tuple,
"Option values should be a tuple")
self.assertTrue(options['max_id'][0] == int,
"config_file_version should require an int. " +
"list_options is requiring a %s" %
options['max_id'][0])
self.assertTrue(options['max_id'][1] == None,
"config_file_version should not require a subtype. " +
"list_options is requiring a %s" %
options['max_id'][1])
# Add a provider and verify that the new options appear
domain.add_provider('local', 'id')
control_list.extend(
['default_shell',
'base_directory',
'create_homedir',
'remove_homedir',
'homedir_umask',
'skel_dir',
'mail_dir',
'userdel_cmd'])
options = domain.list_options()
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
# Add a provider that has global options and verify that
# The new options appear.
domain.add_provider('krb5', 'auth')
backup_list = control_list[:]
control_list.extend(
['krb5_server',
'krb5_backup_server',
'krb5_kdcip',
'krb5_realm',
'krb5_kpasswd',
'krb5_backup_kpasswd',
'krb5_ccachedir',
'krb5_ccname_template',
'krb5_keytab',
'krb5_validate',
'krb5_store_password_if_offline',
'krb5_auth_timeout',
'krb5_renewable_lifetime',
'krb5_lifetime',
'krb5_renew_interval',
'krb5_use_fast',
'krb5_fast_principal',
'krb5_canonicalize',
'krb5_use_enterprise_principal'])
options = domain.list_options()
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in control_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in control_list,
'Option [%s] unexpectedly found' %
option)
# Remove the local ID provider and add an LDAP one
# LDAP ID providers can also use the krb5_realm
domain.remove_provider('id')
self.assertFalse(domain.options.has_key('id_provider'))
domain.add_provider('ldap', 'id')
# Set the krb5_realm option and the ldap_uri option
domain.set_option('krb5_realm', 'EXAMPLE.COM')
domain.set_option('ldap_uri', 'ldap://ldap.example.com')
self.assertEquals(domain.get_option('krb5_realm'),
'EXAMPLE.COM')
self.assertEquals(domain.get_option('ldap_uri'),
'ldap://ldap.example.com')
# Remove the LDAP provider and verify that krb5_realm remains
domain.remove_provider('id')
self.assertEquals(domain.get_option('krb5_realm'),
'EXAMPLE.COM')
self.assertFalse(domain.options.has_key('ldap_uri'))
# Put the LOCAL provider back
domain.add_provider('local', 'id')
# Remove the auth domain and verify that the options
# revert to the backup_list
domain.remove_provider('auth')
self.assertFalse(domain.options.has_key('auth_provider'))
options = domain.list_options()
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
# Ensure that all of the expected defaults are there
for option in backup_list:
self.assertTrue(option in options.keys(),
"Option [%s] missing" %
option)
# Ensure that there aren't any unexpected options listed
for option in options.keys():
self.assertTrue(option in backup_list,
'Option [%s] unexpectedly found' %
option)
# Ensure that the krb5_realm option is now gone
self.assertFalse(domain.options.has_key('krb5_realm'))
# Test removing nonexistent provider - Real
domain.remove_provider('id')
self.assertFalse(domain.options.has_key('id_provider'))
# Test removing nonexistent provider - Bad backend type
# Should pass without complaint
domain.remove_provider('id')
self.assertFalse(domain.options.has_key('id_provider'))
# Test removing nonexistent provider - Bad provider type
# Should pass without complaint
domain.remove_provider('nosuchprovider')
self.assertFalse(domain.options.has_key('nosuchprovider_provider'))
def testGetOption(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
# Negative Test - Try to get valid option that is not set
self.assertRaises(SSSDConfig.NoOptionError, domain.get_option, 'max_id')
# Positive Test - Set the above option and get it
domain.set_option('max_id', 10000)
self.assertEqual(domain.get_option('max_id'), 10000)
# Negative Test - Try yo get invalid option
self.assertRaises(SSSDConfig.NoOptionError, domain.get_option, 'nosuchoption')
def testSetOption(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
# Positive Test
domain.set_option('max_id', 10000)
self.assertEqual(domain.get_option('max_id'), 10000)
# Positive Test - Remove option if value is None
domain.set_option('max_id', None)
self.assertTrue('max_id' not in domain.get_all_options().keys())
# Negative Test - invalid option
self.assertRaises(SSSDConfig.NoOptionError, domain.set_option, 'nosuchoption', 1)
# Negative Test - incorrect type
self.assertRaises(TypeError, domain.set_option, 'max_id', 'a string')
# Positive Test - Coax options to appropriate type
domain.set_option('max_id', '10000')
self.assertEqual(domain.get_option('max_id'), 10000)
domain.set_option('max_id', 30.2)
self.assertEqual(domain.get_option('max_id'), 30)
def testRemoveOption(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
# Positive test - Remove unset but valid option
self.assertFalse('max_id' in domain.get_all_options().keys())
domain.remove_option('max_id')
self.assertFalse('max_id' in domain.get_all_options().keys())
# Positive test - Remove unset and unknown option
self.assertFalse('nosuchoption' in domain.get_all_options().keys())
domain.remove_option('nosuchoption')
self.assertFalse('nosuchoption' in domain.get_all_options().keys())
def testSetName(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
# Positive test - Change the name once
domain.set_name('sssd2');
self.assertEqual(domain.get_name(), 'sssd2')
self.assertEqual(domain.oldname, 'sssd')
# Positive test - Change the name a second time
domain.set_name('sssd3')
self.assertEqual(domain.get_name(), 'sssd3')
self.assertEqual(domain.oldname, 'sssd')
# Negative test - try setting the name to a non-string
self.assertRaises(TypeError,
domain.set_name, 4)
class SSSDConfigTestSSSDConfig(unittest.TestCase):
def setUp(self):
pass
def tearDown(self):
pass
def testInit(self):
# Positive test
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - No Such File
self.assertRaises(IOError,
SSSDConfig.SSSDConfig, "nosuchfile.api.conf", srcdir + "/etc/sssd.api.d")
# Negative Test - Schema is not parsable
self.assertRaises(SSSDConfig.ParsingError,
SSSDConfig.SSSDConfig, srcdir + "/testconfigs/noparse.api.conf", srcdir + "/etc/sssd.api.d")
def testImportConfig(self):
# Positive Test
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
# Verify that all sections were imported
control_list = [
'sssd',
'nss',
'pam',
'sudo',
'domain/PROXY',
'domain/IPA',
'domain/LOCAL',
'domain/LDAP',
'domain/INVALIDPROVIDER',
'domain/INVALIDOPTION',
]
for section in control_list:
self.assertTrue(sssdconfig.has_section(section),
"Section [%s] missing" %
section)
for section in sssdconfig.sections():
self.assertTrue(section['name'] in control_list)
# Verify that all options were imported for a section
control_list = [
'services',
'reconnection_retries',
'domains',
'debug_timestamps',
'config_file_version']
for option in control_list:
self.assertTrue(sssdconfig.has_option('sssd', option),
"Option [%s] missing from [sssd]" %
option)
for option in sssdconfig.options('sssd'):
if option['type'] in ('empty', 'comment'):
continue
self.assertTrue(option['name'] in control_list,
"Option [%s] unexpectedly found" %
option)
#TODO: Check the types and values of the settings
# Negative Test - Missing config file
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
self.assertRaises(IOError, sssdconfig.import_config, "nosuchfile.conf")
# Negative Test - Invalid config file
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
self.assertRaises(SSSDConfig.ParsingError, sssdconfig.import_config, srcdir + "/testconfigs/sssd-invalid.conf")
# Negative Test - Invalid config file version
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
self.assertRaises(SSSDConfig.ParsingError, sssdconfig.import_config, srcdir + "/testconfigs/sssd-badversion.conf")
# Negative Test - No config file version
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
self.assertRaises(SSSDConfig.ParsingError, sssdconfig.import_config, srcdir + "/testconfigs/sssd-noversion.conf")
# Negative Test - Already initialized
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
self.assertRaises(SSSDConfig.AlreadyInitializedError,
sssdconfig.import_config, srcdir + "/testconfigs/sssd-valid.conf")
def testNewConfig(self):
# Positive Test
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
sssdconfig.new_config()
# Check that the defaults were set
control_list = [
'sssd',
'nss',
'pam',
'sudo',
'autofs',
'ssh',
'pac']
for section in control_list:
self.assertTrue(sssdconfig.has_section(section),
"Section [%s] missing" %
section)
for section in sssdconfig.sections():
self.assertTrue(section['name'] in control_list)
control_list = [
'config_file_version',
'services']
for option in control_list:
self.assertTrue(sssdconfig.has_option('sssd', option),
"Option [%s] missing from [sssd]" %
option)
for option in sssdconfig.options('sssd'):
if option['type'] in ('empty', 'comment'):
continue
self.assertTrue(option['name'] in control_list,
"Option [%s] unexpectedly found" %
option)
# Negative Test - Already Initialized
self.assertRaises(SSSDConfig.AlreadyInitializedError, sssdconfig.new_config)
def testWrite(self):
#TODO Write tests to compare output files
pass
def testListActiveServices(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not Initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.list_active_services)
# Positive Test
sssdconfig.import_config(srcdir + '/testconfigs/sssd-valid.conf')
control_list = [
'nss',
'pam']
active_services = sssdconfig.list_active_services()
for service in control_list:
self.assertTrue(service in active_services,
"Service [%s] missing" %
service)
for service in active_services:
self.assertTrue(service in control_list,
"Service [%s] unexpectedly found" %
service)
def testListInactiveServices(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not Initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.list_inactive_services)
# Positive Test
sssdconfig.import_config(srcdir + '/testconfigs/sssd-valid.conf')
control_list = [
'sssd',
'sudo']
inactive_services = sssdconfig.list_inactive_services()
for service in control_list:
self.assertTrue(service in inactive_services,
"Service [%s] missing" %
service)
for service in inactive_services:
self.assertTrue(service in control_list,
"Service [%s] unexpectedly found" %
service)
def testListServices(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - sssdconfig not initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.list_services)
sssdconfig.new_config()
control_list = [
'sssd',
'pam',
'nss',
'sudo',
'autofs',
'ssh',
'pac']
service_list = sssdconfig.list_services()
for service in control_list:
self.assertTrue(service in service_list,
"Service [%s] missing" %
service)
for service in service_list:
self.assertTrue(service in control_list,
"Service [%s] unexpectedly found" %
service)
def testGetService(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.get_service, 'sssd')
sssdconfig.import_config(srcdir + '/testconfigs/sssd-valid.conf')
service = sssdconfig.get_service('sssd')
self.assertTrue(isinstance(service, SSSDConfig.SSSDService))
# Verify the contents of this service
self.assertEqual(type(service.get_option('debug_timestamps')), bool)
self.assertFalse(service.get_option('debug_timestamps'))
# Negative Test - No such service
self.assertRaises(SSSDConfig.NoServiceError, sssdconfig.get_service, 'nosuchservice')
# Positive test - Service with invalid option loads
# but ignores the invalid option
service = sssdconfig.get_service('pam')
self.assertFalse(service.options.has_key('nosuchoption'))
def testNewService(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.new_service, 'sssd')
sssdconfig.new_config()
# Positive Test
# First need to remove the existing service
sssdconfig.delete_service('sssd')
service = sssdconfig.new_service('sssd')
self.failUnless(service.get_name() in sssdconfig.list_services())
# TODO: check that the values of this new service
# are set to the defaults from the schema
def testDeleteService(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.delete_service, 'sssd')
sssdconfig.new_config()
# Positive Test
service = sssdconfig.delete_service('sssd')
def testSaveService(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
new_service = SSSDConfig.SSSDService('sssd', sssdconfig.schema)
# Negative Test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.save_service, new_service)
# Positive Test
sssdconfig.new_config()
sssdconfig.save_service(new_service)
# TODO: check that all entries were saved correctly (change a few)
# Negative Test - Type Error
self.assertRaises(TypeError, sssdconfig.save_service, self)
def testActivateService(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
service_name = 'sudo'
# Negative test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError,
sssdconfig.activate_service, service_name)
sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
# Positive test - Activate an inactive service
self.assertTrue(service_name in sssdconfig.list_services())
self.assertFalse(service_name in sssdconfig.list_active_services())
self.assertTrue(service_name in sssdconfig.list_inactive_services())
sssdconfig.activate_service(service_name)
self.assertTrue(service_name in sssdconfig.list_services())
self.assertTrue(service_name in sssdconfig.list_active_services())
self.assertFalse(service_name in sssdconfig.list_inactive_services())
# Positive test - Activate an active service
# This should succeed
sssdconfig.activate_service(service_name)
self.assertTrue(service_name in sssdconfig.list_services())
self.assertTrue(service_name in sssdconfig.list_active_services())
self.assertFalse(service_name in sssdconfig.list_inactive_services())
# Negative test - Invalid service name
self.assertRaises(SSSDConfig.NoServiceError,
sssdconfig.activate_service, 'nosuchservice')
# Negative test - Invalid service name type
self.assertRaises(SSSDConfig.NoServiceError,
sssdconfig.activate_service, self)
def testDeactivateService(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
service_name = 'pam'
# Negative test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError,
sssdconfig.activate_service, service_name)
sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
# Positive test -Deactivate an active service
self.assertTrue(service_name in sssdconfig.list_services())
self.assertTrue(service_name in sssdconfig.list_active_services())
self.assertFalse(service_name in sssdconfig.list_inactive_services())
sssdconfig.deactivate_service(service_name)
self.assertTrue(service_name in sssdconfig.list_services())
self.assertFalse(service_name in sssdconfig.list_active_services())
self.assertTrue(service_name in sssdconfig.list_inactive_services())
# Positive test - Deactivate an inactive service
# This should succeed
sssdconfig.deactivate_service(service_name)
self.assertTrue(service_name in sssdconfig.list_services())
self.assertFalse(service_name in sssdconfig.list_active_services())
self.assertTrue(service_name in sssdconfig.list_inactive_services())
# Negative test - Invalid service name
self.assertRaises(SSSDConfig.NoServiceError,
sssdconfig.activate_service, 'nosuchservice')
# Negative test - Invalid service name type
self.assertRaises(SSSDConfig.NoServiceError,
sssdconfig.activate_service, self)
def testListActiveDomains(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not Initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.list_active_domains)
# Positive Test
sssdconfig.import_config(srcdir + '/testconfigs/sssd-valid.conf')
control_list = [
'IPA',
'LOCAL']
active_domains = sssdconfig.list_active_domains()
for domain in control_list:
self.assertTrue(domain in active_domains,
"Domain [%s] missing" %
domain)
for domain in active_domains:
self.assertTrue(domain in control_list,
"Domain [%s] unexpectedly found" %
domain)
def testListInactiveDomains(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not Initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.list_inactive_domains)
# Positive Test
sssdconfig.import_config(srcdir + '/testconfigs/sssd-valid.conf')
control_list = [
'PROXY',
'LDAP',
'INVALIDPROVIDER',
'INVALIDOPTION',
]
inactive_domains = sssdconfig.list_inactive_domains()
for domain in control_list:
self.assertTrue(domain in inactive_domains,
"Domain [%s] missing" %
domain)
for domain in inactive_domains:
self.assertTrue(domain in control_list,
"Domain [%s] unexpectedly found" %
domain)
def testListDomains(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not Initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.list_domains)
# Positive Test
sssdconfig.import_config(srcdir + '/testconfigs/sssd-valid.conf')
control_list = [
'IPA',
'LOCAL',
'PROXY',
'LDAP',
'INVALIDPROVIDER',
'INVALIDOPTION',
]
domains = sssdconfig.list_domains()
for domain in control_list:
self.assertTrue(domain in domains,
"Domain [%s] missing" %
domain)
for domain in domains:
self.assertTrue(domain in control_list,
"Domain [%s] unexpectedly found" %
domain)
def testGetDomain(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.get_domain, 'sssd')
sssdconfig.import_config(srcdir + '/testconfigs/sssd-valid.conf')
domain = sssdconfig.get_domain('IPA')
self.assertTrue(isinstance(domain, SSSDConfig.SSSDDomain))
self.assertTrue(domain.active)
domain = sssdconfig.get_domain('LDAP')
self.assertTrue(isinstance(domain, SSSDConfig.SSSDDomain))
self.assertFalse(domain.active)
# TODO verify the contents of this domain
self.assertTrue(domain.get_option('ldap_id_use_start_tls'))
# Negative Test - No such domain
self.assertRaises(SSSDConfig.NoDomainError, sssdconfig.get_domain, 'nosuchdomain')
# Positive Test - Domain with unknown provider
# Expected result: Domain is imported, but does not contain the
# unknown provider entry
domain = sssdconfig.get_domain('INVALIDPROVIDER')
self.assertFalse(domain.options.has_key('chpass_provider'))
# Positive Test - Domain with unknown option
# Expected result: Domain is imported, but does not contain the
# unknown option entry
domain = sssdconfig.get_domain('INVALIDOPTION')
self.assertFalse(domain.options.has_key('nosuchoption'))
def testNewDomain(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.new_domain, 'example.com')
sssdconfig.new_config()
# Positive Test
domain = sssdconfig.new_domain('example.com')
self.assertTrue(isinstance(domain, SSSDConfig.SSSDDomain))
self.failUnless(domain.get_name() in sssdconfig.list_domains())
self.failUnless(domain.get_name() in sssdconfig.list_inactive_domains())
# TODO: check that the values of this new domain
# are set to the defaults from the schema
def testDeleteDomain(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.delete_domain, 'IPA')
# Positive Test
sssdconfig.import_config(srcdir + '/testconfigs/sssd-valid.conf')
self.assertTrue('IPA' in sssdconfig.list_domains())
self.assertTrue('IPA' in sssdconfig.list_active_domains())
self.assertTrue(sssdconfig.has_section('domain/IPA'))
sssdconfig.delete_domain('IPA')
self.assertFalse('IPA' in sssdconfig.list_domains())
self.assertFalse('IPA' in sssdconfig.list_active_domains())
self.assertFalse(sssdconfig.has_section('domain/IPA'))
def testSaveDomain(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
# Negative Test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError, sssdconfig.save_domain, 'IPA')
# Positive Test
sssdconfig.new_config()
domain = sssdconfig.new_domain('example.com')
domain.add_provider('ldap', 'id')
domain.set_option('ldap_uri', 'ldap://ldap.example.com')
domain.set_active(True)
sssdconfig.save_domain(domain)
self.assertTrue('example.com' in sssdconfig.list_domains())
self.assertTrue('example.com' in sssdconfig.list_active_domains())
self.assertEqual(sssdconfig.get('domain/example.com', 'ldap_uri'),
'ldap://ldap.example.com')
# Negative Test - Type Error
self.assertRaises(TypeError, sssdconfig.save_domain, self)
# Positive test - Change the domain name and save it
domain.set_name('example.com2')
self.assertEqual(domain.name,'example.com2')
self.assertEqual(domain.oldname,'example.com')
sssdconfig.save_domain(domain)
self.assertTrue('example.com2' in sssdconfig.list_domains())
self.assertTrue('example.com2' in sssdconfig.list_active_domains())
self.assertTrue(sssdconfig.has_section('domain/example.com2'))
self.assertEqual(sssdconfig.get('domain/example.com2',
'ldap_uri'),
'ldap://ldap.example.com')
self.assertFalse('example.com' in sssdconfig.list_domains())
self.assertFalse('example.com' in sssdconfig.list_active_domains())
self.assertFalse('example.com' in sssdconfig.list_inactive_domains())
self.assertFalse(sssdconfig.has_section('domain/example.com'))
self.assertEquals(domain.oldname, None)
# Positive test - Set the domain inactive and save it
activelist = sssdconfig.list_active_domains()
inactivelist = sssdconfig.list_inactive_domains()
domain.set_active(False)
sssdconfig.save_domain(domain)
self.assertFalse('example.com2' in sssdconfig.list_active_domains())
self.assertTrue('example.com2' in sssdconfig.list_inactive_domains())
self.assertEquals(len(sssdconfig.list_active_domains()),
len(activelist)-1)
self.assertEquals(len(sssdconfig.list_inactive_domains()),
len(inactivelist)+1)
# Positive test - Set the domain active and save it
activelist = sssdconfig.list_active_domains()
inactivelist = sssdconfig.list_inactive_domains()
domain.set_active(True)
sssdconfig.save_domain(domain)
self.assertTrue('example.com2' in sssdconfig.list_active_domains())
self.assertFalse('example.com2' in sssdconfig.list_inactive_domains())
self.assertEquals(len(sssdconfig.list_active_domains()),
len(activelist)+1)
self.assertEquals(len(sssdconfig.list_inactive_domains()),
len(inactivelist)-1)
# Positive test - Set the domain inactive and save it
activelist = sssdconfig.list_active_domains()
inactivelist = sssdconfig.list_inactive_domains()
sssdconfig.deactivate_domain(domain.get_name())
self.assertFalse('example.com2' in sssdconfig.list_active_domains())
self.assertTrue('example.com2' in sssdconfig.list_inactive_domains())
self.assertEquals(len(sssdconfig.list_active_domains()),
len(activelist)-1)
self.assertEquals(len(sssdconfig.list_inactive_domains()),
len(inactivelist)+1)
# Positive test - Set the domain active and save it
activelist = sssdconfig.list_active_domains()
inactivelist = sssdconfig.list_inactive_domains()
sssdconfig.activate_domain(domain.get_name())
self.assertTrue('example.com2' in sssdconfig.list_active_domains())
self.assertFalse('example.com2' in sssdconfig.list_inactive_domains())
self.assertEquals(len(sssdconfig.list_active_domains()),
len(activelist)+1)
self.assertEquals(len(sssdconfig.list_inactive_domains()),
len(inactivelist)-1)
# Positive test - Ensure that saved domains retain values
domain.set_option('ldap_krb5_init_creds', True)
domain.set_option('ldap_id_use_start_tls', False)
domain.set_option('ldap_user_search_base',
'cn=accounts, dc=example, dc=com')
self.assertTrue(domain.get_option('ldap_krb5_init_creds'))
self.assertFalse(domain.get_option('ldap_id_use_start_tls'))
self.assertEqual(domain.get_option('ldap_user_search_base'),
'cn=accounts, dc=example, dc=com')
sssdconfig.save_domain(domain)
of = '/tmp/testSaveDomain.out'
#Ensure the output file doesn't exist
try:
os.unlink(of)
except:
pass
#Write out the file
sssdconfig.write(of)
#Verify that the output file has the correct permissions
mode = os.stat(of)[ST_MODE]
#Output files should not be readable or writable by
#non-owners, and should not be executable by anyone
self.assertFalse(S_IMODE(mode) & 0177)
#Remove the output file
os.unlink(of)
domain2 = sssdconfig.get_domain('example.com2')
self.assertTrue(domain2.get_option('ldap_krb5_init_creds'))
self.assertFalse(domain2.get_option('ldap_id_use_start_tls'))
def testActivateDomain(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
domain_name = 'PROXY'
# Negative test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError,
sssdconfig.activate_domain, domain_name)
sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
# Positive test - Activate an inactive domain
self.assertTrue(domain_name in sssdconfig.list_domains())
self.assertFalse(domain_name in sssdconfig.list_active_domains())
self.assertTrue(domain_name in sssdconfig.list_inactive_domains())
sssdconfig.activate_domain('PROXY')
self.assertTrue(domain_name in sssdconfig.list_domains())
self.assertTrue(domain_name in sssdconfig.list_active_domains())
self.assertFalse(domain_name in sssdconfig.list_inactive_domains())
# Positive test - Activate an active domain
# This should succeed
sssdconfig.activate_domain('PROXY')
self.assertTrue(domain_name in sssdconfig.list_domains())
self.assertTrue(domain_name in sssdconfig.list_active_domains())
self.assertFalse(domain_name in sssdconfig.list_inactive_domains())
# Negative test - Invalid domain name
self.assertRaises(SSSDConfig.NoDomainError,
sssdconfig.activate_domain, 'nosuchdomain')
# Negative test - Invalid domain name type
self.assertRaises(SSSDConfig.NoDomainError,
sssdconfig.activate_domain, self)
def testDeactivateDomain(self):
sssdconfig = SSSDConfig.SSSDConfig(srcdir + "/etc/sssd.api.conf",
srcdir + "/etc/sssd.api.d")
domain_name = 'IPA'
# Negative test - Not initialized
self.assertRaises(SSSDConfig.NotInitializedError,
sssdconfig.activate_domain, domain_name)
sssdconfig.import_config(srcdir + "/testconfigs/sssd-valid.conf")
# Positive test -Deactivate an active domain
self.assertTrue(domain_name in sssdconfig.list_domains())
self.assertTrue(domain_name in sssdconfig.list_active_domains())
self.assertFalse(domain_name in sssdconfig.list_inactive_domains())
sssdconfig.deactivate_domain(domain_name)
self.assertTrue(domain_name in sssdconfig.list_domains())
self.assertFalse(domain_name in sssdconfig.list_active_domains())
self.assertTrue(domain_name in sssdconfig.list_inactive_domains())
# Positive test - Deactivate an inactive domain
# This should succeed
sssdconfig.deactivate_domain(domain_name)
self.assertTrue(domain_name in sssdconfig.list_domains())
self.assertFalse(domain_name in sssdconfig.list_active_domains())
self.assertTrue(domain_name in sssdconfig.list_inactive_domains())
# Negative test - Invalid domain name
self.assertRaises(SSSDConfig.NoDomainError,
sssdconfig.activate_domain, 'nosuchdomain')
# Negative test - Invalid domain name type
self.assertRaises(SSSDConfig.NoDomainError,
sssdconfig.activate_domain, self)
if __name__ == "__main__":
error = 0
suite = unittest.TestLoader().loadTestsFromTestCase(SSSDConfigTestSSSDService)
res = unittest.TextTestRunner().run(suite)
if not res.wasSuccessful():
error |= 0x1
suite = unittest.TestLoader().loadTestsFromTestCase(SSSDConfigTestSSSDDomain)
res = unittest.TextTestRunner().run(suite)
if not res.wasSuccessful():
error |= 0x2
suite = unittest.TestLoader().loadTestsFromTestCase(SSSDConfigTestSSSDConfig)
res = unittest.TextTestRunner().run(suite)
if not res.wasSuccessful():
error |= 0x4
suite = unittest.TestLoader().loadTestsFromTestCase(SSSDConfigTestValid)
res = unittest.TextTestRunner().run(suite)
if not res.wasSuccessful():
error |= 0x8
suite = unittest.TestLoader().loadTestsFromTestCase(SSSDConfigTestInvalid)
res = unittest.TextTestRunner().run(suite)
if not res.wasSuccessful():
error |= 0x10
sys.exit(error)