s4:passwords.py - test empty password attributes behaviour

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 12:09:56 UTC 2010 on sn-devel-104
author: Matthias Dieter Wallnöfer <mdw@samba.org> 2010-11-01 19:54:07 +0100
committer: Matthias Dieter Wallnöfer <mdw@samba.org> 2010-11-08 12:09:56 +0000
commit: 58cfa5a82519e2850cb400bb9f1e76d3dbfd3ff2 (patch)
tree: 2e88e0b187172409b558f0a9dbbd8c111348890c /source4/dsdb/tests/python/passwords.py
parent: 0bfbf6d5264fb45d9b788a9dabad18826db1a875 (diff)
download: samba-58cfa5a82519e2850cb400bb9f1e76d3dbfd3ff2.tar.gz
samba-58cfa5a82519e2850cb400bb9f1e76d3dbfd3ff2.tar.bz2
samba-58cfa5a82519e2850cb400bb9f1e76d3dbfd3ff2.zip
1 files changed, 154 insertions, 1 deletions
diff --git a/source4/dsdb/tests/python/passwords.py b/source4/dsdb/tests/python/passwords.py
index 19ebfb5d49..bb2fbd5452 100755
--- a/source4/dsdb/tests/python/passwords.py
+++ b/source4/dsdb/tests/python/passwords.py
@@ -28,7 +28,7 @@ from ldb import ERR_UNWILLING_TO_PERFORM, ERR_INSUFFICIENT_ACCESS_RIGHTS
 from ldb import ERR_NO_SUCH_ATTRIBUTE
 from ldb import ERR_CONSTRAINT_VIOLATION
 from ldb import Message, MessageElement, Dn
-from ldb import FLAG_MOD_REPLACE, FLAG_MOD_DELETE
+from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
 from samba import gensec
 from samba.samdb import SamDB
 import samba.tests
@@ -668,6 +668,159 @@ userPassword: thatsAcomplPASS4
              "objectclass": "user",
              "userPassword": ["thatsAcomplPASS1", "thatsAcomplPASS1"] })
 
+    def test_empty_passwords(self):
+        print "Performs some empty passwords testing"
+
+        try:
+            self.ldb.add({
+                 "dn": "cn=testuser2,cn=users," + self.base_dn,
+                 "objectclass": "user",
+                 "unicodePwd": [] })
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+
+        try:
+            self.ldb.add({
+                 "dn": "cn=testuser2,cn=users," + self.base_dn,
+                 "objectclass": "user",
+                 "dBCSPwd": [] })
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+
+        try:
+            self.ldb.add({
+                 "dn": "cn=testuser2,cn=users," + self.base_dn,
+                 "objectclass": "user",
+                 "userPassword": [] })
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+
+        try:
+            self.ldb.add({
+                 "dn": "cn=testuser2,cn=users," + self.base_dn,
+                 "objectclass": "user",
+                 "clearTextPassword": [] })
+            self.fail()
+        except LdbError, (num, _):
+            self.assertTrue(num == ERR_CONSTRAINT_VIOLATION or
+                            num == ERR_NO_SUCH_ATTRIBUTE) # for Windows
+
+        self.delete_force(self.ldb, "cn=testuser2,cn=users," + self.base_dn)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["unicodePwd"] = MessageElement([], FLAG_MOD_ADD, "unicodePwd")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["dBCSPwd"] = MessageElement([], FLAG_MOD_ADD, "dBCSPwd")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["userPassword"] = MessageElement([], FLAG_MOD_ADD, "userPassword")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["clearTextPassword"] = MessageElement([], FLAG_MOD_ADD, "clearTextPassword")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertTrue(num == ERR_CONSTRAINT_VIOLATION or
+                            num == ERR_NO_SUCH_ATTRIBUTE) # for Windows
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["unicodePwd"] = MessageElement([], FLAG_MOD_REPLACE, "unicodePwd")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["dBCSPwd"] = MessageElement([], FLAG_MOD_REPLACE, "dBCSPwd")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["userPassword"] = MessageElement([], FLAG_MOD_REPLACE, "userPassword")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["clearTextPassword"] = MessageElement([], FLAG_MOD_REPLACE, "clearTextPassword")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertTrue(num == ERR_UNWILLING_TO_PERFORM or
+                            num == ERR_NO_SUCH_ATTRIBUTE) # for Windows
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["unicodePwd"] = MessageElement([], FLAG_MOD_DELETE, "unicodePwd")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["dBCSPwd"] = MessageElement([], FLAG_MOD_DELETE, "dBCSPwd")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["userPassword"] = MessageElement([], FLAG_MOD_DELETE, "userPassword")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+
+        m = Message()
+        m.dn = Dn(ldb, "cn=testuser,cn=users," + self.base_dn)
+        m["clearTextPassword"] = MessageElement([], FLAG_MOD_DELETE, "clearTextPassword")
+        try:
+            ldb.modify(m)
+            self.fail()
+        except LdbError, (num, _):
+            self.assertTrue(num == ERR_CONSTRAINT_VIOLATION or
+                            num == ERR_NO_SUCH_ATTRIBUTE) # for Windows
+
     def tearDown(self):
         super(PasswordTests, self).tearDown()
         self.delete_force(self.ldb, "cn=testuser,cn=users," + self.base_dn)
author	Matthias Dieter Wallnöfer <mdw@samba.org>	2010-11-01 19:54:07 +0100
committer	Matthias Dieter Wallnöfer <mdw@samba.org>	2010-11-08 12:09:56 +0000
commit	58cfa5a82519e2850cb400bb9f1e76d3dbfd3ff2 (patch)
tree	2e88e0b187172409b558f0a9dbbd8c111348890c /source4/dsdb/tests/python/passwords.py
parent	0bfbf6d5264fb45d9b788a9dabad18826db1a875 (diff)
download	samba-58cfa5a82519e2850cb400bb9f1e76d3dbfd3ff2.tar.gz samba-58cfa5a82519e2850cb400bb9f1e76d3dbfd3ff2.tar.bz2 samba-58cfa5a82519e2850cb400bb9f1e76d3dbfd3ff2.zip