diff options
author | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-06-16 14:51:05 +0200 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-06-16 15:34:42 +0200 |
commit | 12fdfc94307b5f1b7982fc82c525b260806c8323 (patch) | |
tree | 1742ef764cf8660ca2713bf799c7ba50d44a6fca /source4/lib/ldb | |
parent | 53afe4e018cb3bd8728e68699910ec4501fd658d (diff) | |
download | samba-12fdfc94307b5f1b7982fc82c525b260806c8323.tar.gz samba-12fdfc94307b5f1b7982fc82c525b260806c8323.tar.bz2 samba-12fdfc94307b5f1b7982fc82c525b260806c8323.zip |
s4:ldap.py - add another test about linked attributes
In addition this test makes sure that the bug regarding the search with deleted
linked attributes in the filter has been fixed.
Diffstat (limited to 'source4/lib/ldb')
-rwxr-xr-x | source4/lib/ldb/tests/python/ldap.py | 91 |
1 files changed, 90 insertions, 1 deletions
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py index ddf0254c21..40cbb9feb3 100755 --- a/source4/lib/ldb/tests/python/ldap.py +++ b/source4/lib/ldb/tests/python/ldap.py @@ -969,6 +969,95 @@ objectClass: container self.assertEquals(res1[0]["groupType"][0], "-2147483643") + def test_linked_attributes(self): + """This tests the linked attribute behaviour""" + print "Testing linked attribute behaviour\n" + + ldb.add({ + "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, + "objectclass": "group"}) + + # This should not work since "memberOf" is linked to "member" + try: + ldb.add({ + "dn": "cn=ldaptestuser,cn=users," + self.base_dn, + "objectclass": ["user", "person"], + "memberOf": "cn=ldaptestgroup,cn=users," + self.base_dn}) + except LdbError, (num, _): + self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) + + ldb.add({ + "dn": "cn=ldaptestuser,cn=users," + self.base_dn, + "objectclass": ["user", "person"]}) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn) + m["memberOf"] = MessageElement("cn=ldaptestgroup,cn=users," + self.base_dn, + FLAG_MOD_ADD, "memberOf") + try: + ldb.modify(m) + self.fail() + except LdbError, (num, _): + self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["member"] = MessageElement("cn=ldaptestuser,cn=users," + self.base_dn, + FLAG_MOD_ADD, "member") + ldb.modify(m) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn) + m["memberOf"] = MessageElement("cn=ldaptestgroup,cn=users," + self.base_dn, + FLAG_MOD_REPLACE, "memberOf") + try: + ldb.modify(m) + self.fail() + except LdbError, (num, _): + self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn) + m["memberOf"] = MessageElement("cn=ldaptestgroup,cn=users," + self.base_dn, + FLAG_MOD_DELETE, "memberOf") + try: + ldb.modify(m) + self.fail() + except LdbError, (num, _): + self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["member"] = MessageElement("cn=ldaptestuser,cn=users," + self.base_dn, + FLAG_MOD_DELETE, "member") + ldb.modify(m) + + # This should yield no results since the member attribute for + # "ldaptestuser" should have been deleted + res1 = ldb.search("cn=ldaptestgroup, cn=users," + self.base_dn, + scope=SCOPE_BASE, + expression="(member=cn=ldaptestuser,cn=users," + self.base_dn + ")", + attrs=[]) + self.assertTrue(len(res1) == 0) + + self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + + ldb.add({ + "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, + "objectclass": "group", + "member": "cn=ldaptestuser,cn=users," + self.base_dn}) + + self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn) + + # Make sure that the "member" attribute for "ldaptestuser" has been + # removed + res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["member"]) + self.assertTrue(len(res) == 1) + self.assertFalse("member" in res[0]) + + self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + def test_groups(self): """This tests the group behaviour (setting, changing) of a user account""" print "Testing group behaviour\n" @@ -2072,7 +2161,7 @@ member: cn=ldaptestuser2,cn=users,""" + self.base_dn + """ self.assertTrue(("<GUID=" + ldb.schema_format_value("objectGUID", ldaptestuser2_guid) + ">;<SID=" + ldb.schema_format_value("objectSid", ldaptestuser2_sid) + ">;CN=ldaptestuser2,CN=Users," + self.base_dn).upper() in memberUP) - print "Testing Linked attribute behaviours" + print "Quicktest for linked attributes" ldb.modify_ldif(""" dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify |