diff options
author | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-09-29 19:49:57 +0200 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mdw@sn-devel-104.sn.samba.org> | 2010-10-03 16:50:06 +0000 |
commit | 24282adb9a0db872ba45e878fdbe019c6bc2602e (patch) | |
tree | a8291224426d1e7e08df73d5d91a296efcccfaa1 /source4/dsdb/tests | |
parent | ca08cde15029b6d8efdc562daf35d49f4fdbd4de (diff) | |
download | samba-24282adb9a0db872ba45e878fdbe019c6bc2602e.tar.gz samba-24282adb9a0db872ba45e878fdbe019c6bc2602e.tar.bz2 samba-24282adb9a0db872ba45e878fdbe019c6bc2602e.zip |
s4:ldap.py - test allowed system flags restriction
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/dsdb/tests')
-rwxr-xr-x | source4/dsdb/tests/python/ldap.py | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/source4/dsdb/tests/python/ldap.py b/source4/dsdb/tests/python/ldap.py index 8af9b11dbc..2b75bd617e 100755 --- a/source4/dsdb/tests/python/ldap.py +++ b/source4/dsdb/tests/python/ldap.py @@ -31,7 +31,9 @@ from samba.dsdb import (UF_NORMAL_ACCOUNT, UF_INTERDOMAIN_TRUST_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT, UF_SERVER_TRUST_ACCOUNT, UF_PARTIAL_SECRETS_ACCOUNT, UF_PASSWD_NOTREQD, UF_ACCOUNTDISABLE, ATYPE_NORMAL_ACCOUNT, - ATYPE_WORKSTATION_TRUST, SYSTEM_FLAG_DOMAIN_DISALLOW_MOVE) + ATYPE_WORKSTATION_TRUST, SYSTEM_FLAG_DOMAIN_DISALLOW_MOVE, + SYSTEM_FLAG_CONFIG_ALLOW_RENAME, SYSTEM_FLAG_CONFIG_ALLOW_MOVE, + SYSTEM_FLAG_CONFIG_ALLOW_LIMITED_MOVE) from samba.dcerpc.security import (DOMAIN_RID_USERS, DOMAIN_RID_DOMAIN_MEMBERS, DOMAIN_RID_DCS, DOMAIN_RID_READONLY_DCS) @@ -173,6 +175,19 @@ class BasicTests(unittest.TestCase): except LdbError, (num, _): self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) + # Test allowed system flags + self.ldb.add({ + "dn": "cn=ldaptestuser,cn=users," + self.base_dn, + "objectClass": "person", + "systemFlags": str(~(SYSTEM_FLAG_CONFIG_ALLOW_RENAME | SYSTEM_FLAG_CONFIG_ALLOW_MOVE | SYSTEM_FLAG_CONFIG_ALLOW_LIMITED_MOVE)) }) + + res = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["systemFlags"]) + self.assertTrue(len(res) == 1) + self.assertEquals(res[0]["systemFlags"][0], "0") + + self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn) + self.ldb.add({ "dn": "cn=ldaptestuser,cn=users," + self.base_dn, "objectClass": "person" }) |