summaryrefslogtreecommitdiff
path: root/source4/dsdb/tests
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2010-09-29 19:49:57 +0200
committerMatthias Dieter Wallnöfer <mdw@sn-devel-104.sn.samba.org>2010-10-03 16:50:06 +0000
commit24282adb9a0db872ba45e878fdbe019c6bc2602e (patch)
treea8291224426d1e7e08df73d5d91a296efcccfaa1 /source4/dsdb/tests
parentca08cde15029b6d8efdc562daf35d49f4fdbd4de (diff)
downloadsamba-24282adb9a0db872ba45e878fdbe019c6bc2602e.tar.gz
samba-24282adb9a0db872ba45e878fdbe019c6bc2602e.tar.bz2
samba-24282adb9a0db872ba45e878fdbe019c6bc2602e.zip
s4:ldap.py - test allowed system flags restriction
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/dsdb/tests')
-rwxr-xr-xsource4/dsdb/tests/python/ldap.py17
1 files changed, 16 insertions, 1 deletions
diff --git a/source4/dsdb/tests/python/ldap.py b/source4/dsdb/tests/python/ldap.py
index 8af9b11dbc..2b75bd617e 100755
--- a/source4/dsdb/tests/python/ldap.py
+++ b/source4/dsdb/tests/python/ldap.py
@@ -31,7 +31,9 @@ from samba.dsdb import (UF_NORMAL_ACCOUNT, UF_INTERDOMAIN_TRUST_ACCOUNT,
UF_WORKSTATION_TRUST_ACCOUNT, UF_SERVER_TRUST_ACCOUNT,
UF_PARTIAL_SECRETS_ACCOUNT,
UF_PASSWD_NOTREQD, UF_ACCOUNTDISABLE, ATYPE_NORMAL_ACCOUNT,
- ATYPE_WORKSTATION_TRUST, SYSTEM_FLAG_DOMAIN_DISALLOW_MOVE)
+ ATYPE_WORKSTATION_TRUST, SYSTEM_FLAG_DOMAIN_DISALLOW_MOVE,
+ SYSTEM_FLAG_CONFIG_ALLOW_RENAME, SYSTEM_FLAG_CONFIG_ALLOW_MOVE,
+ SYSTEM_FLAG_CONFIG_ALLOW_LIMITED_MOVE)
from samba.dcerpc.security import (DOMAIN_RID_USERS, DOMAIN_RID_DOMAIN_MEMBERS,
DOMAIN_RID_DCS, DOMAIN_RID_READONLY_DCS)
@@ -173,6 +175,19 @@ class BasicTests(unittest.TestCase):
except LdbError, (num, _):
self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+ # Test allowed system flags
+ self.ldb.add({
+ "dn": "cn=ldaptestuser,cn=users," + self.base_dn,
+ "objectClass": "person",
+ "systemFlags": str(~(SYSTEM_FLAG_CONFIG_ALLOW_RENAME | SYSTEM_FLAG_CONFIG_ALLOW_MOVE | SYSTEM_FLAG_CONFIG_ALLOW_LIMITED_MOVE)) })
+
+ res = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["systemFlags"])
+ self.assertTrue(len(res) == 1)
+ self.assertEquals(res[0]["systemFlags"][0], "0")
+
+ self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+
self.ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectClass": "person" })