s4:ldap.py - add a test which shows the modification behaviour of important attributes

This shows how important attributes of SAM objects do behave when you launch add and delete modify requests on them.
author: Matthias Dieter Wallnöfer <mdw@samba.org> 2010-05-11 21:35:46 +0200
committer: Matthias Dieter Wallnöfer <mdw@samba.org> 2010-05-30 23:13:08 +0200
commit: 092331d2d8c39ccfbd97c5e357705efb54f1ab6f (patch)
tree: 2975017cebf44ccff233a2c055fa10d45f2a805e
parent: 08653ac9c26a4456d9ca7365c1773d021e5be51c (diff)
download: samba-092331d2d8c39ccfbd97c5e357705efb54f1ab6f.tar.gz
samba-092331d2d8c39ccfbd97c5e357705efb54f1ab6f.tar.bz2
samba-092331d2d8c39ccfbd97c5e357705efb54f1ab6f.zip
1 files changed, 104 insertions, 0 deletions
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index a34801be94..51ba341e16 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -795,6 +795,110 @@ objectClass: container
         self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
         self.delete_force(self.ldb, "cn=ldaptestgroup2,cn=users," + self.base_dn)
 
+    def test_sam_attributes(self):
+        """Test the behaviour of special attributes of SAM objects"""
+        print "Testing the behaviour of special attributes of SAM objects\n"""
+
+        ldb.add({
+            "dn": "cn=ldaptestuser,cn=users," + self.base_dn,
+            "objectclass": ["user", "person"]})
+        ldb.add({
+            "dn": "cn=ldaptestgroup,cn=users," + self.base_dn,
+            "objectclass": "group"})
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
+        m["groupType"] = MessageElement("0", FLAG_MOD_ADD,
+          "groupType")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
+        m["groupType"] = MessageElement([], FLAG_MOD_DELETE,
+          "groupType")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+        m["primaryGroupID"] = MessageElement("0", FLAG_MOD_ADD,
+          "primaryGroupID")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+        m["primaryGroupID"] = MessageElement([], FLAG_MOD_DELETE,
+          "primaryGroupID")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+        m["userAccountControl"] = MessageElement("0", FLAG_MOD_ADD,
+          "userAccountControl")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+        m["userAccountControl"] = MessageElement([], FLAG_MOD_DELETE,
+          "userAccountControl")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+        m["sAMAccountType"] = MessageElement("0", FLAG_MOD_ADD,
+          "sAMAccountType")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+        m["sAMAccountType"] = MessageElement([], FLAG_MOD_REPLACE,
+          "sAMAccountType")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+        m["sAMAccountType"] = MessageElement([], FLAG_MOD_DELETE,
+          "sAMAccountType")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+        self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
+
     def test_primary_group_token_constructed(self):
         """Test the primary group token behaviour (hidden-generated-readonly attribute on groups) and some other constructed attributes"""
         print "Testing primary group token behaviour and other constructed attributes\n"
author	Matthias Dieter Wallnöfer <mdw@samba.org>	2010-05-11 21:35:46 +0200
committer	Matthias Dieter Wallnöfer <mdw@samba.org>	2010-05-30 23:13:08 +0200
commit	092331d2d8c39ccfbd97c5e357705efb54f1ab6f (patch)
tree	2975017cebf44ccff233a2c055fa10d45f2a805e
parent	08653ac9c26a4456d9ca7365c1773d021e5be51c (diff)
download	samba-092331d2d8c39ccfbd97c5e357705efb54f1ab6f.tar.gz samba-092331d2d8c39ccfbd97c5e357705efb54f1ab6f.tar.bz2 samba-092331d2d8c39ccfbd97c5e357705efb54f1ab6f.zip