summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-11-26 09:51:56 +0100
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-11-26 11:21:02 +0100
commit97553373d182671a8da1553cc47465c664ae69f0 (patch)
tree373b04de20be049b19da672f3700eb73cf4adbd6 /source4
parentb6efbd5b4c5ba3a2e2040033b6b634d60ed2d3f5 (diff)
downloadsamba-97553373d182671a8da1553cc47465c664ae69f0.tar.gz
samba-97553373d182671a8da1553cc47465c664ae69f0.tar.bz2
samba-97553373d182671a8da1553cc47465c664ae69f0.zip
s4:ldap.py - add a test for the enhanced operational attributes check
(Deny creation of entries with operational attributes specified)
Diffstat (limited to 'source4')
-rwxr-xr-xsource4/lib/ldb/tests/python/ldap.py11
1 files changed, 11 insertions, 0 deletions
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index 9a7976b694..a5a9d7cda6 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -23,6 +23,7 @@ from ldb import ERR_NOT_ALLOWED_ON_NON_LEAF, ERR_OTHER, ERR_INVALID_DN_SYNTAX
from ldb import ERR_NO_SUCH_ATTRIBUTE, ERR_INSUFFICIENT_ACCESS_RIGHTS
from ldb import ERR_OBJECT_CLASS_VIOLATION, ERR_NOT_ALLOWED_ON_RDN
from ldb import ERR_NAMING_VIOLATION, ERR_CONSTRAINT_VIOLATION
+from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE
from ldb import Message, MessageElement, Dn
from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
from samba import Ldb, param, dom_sid_to_rid
@@ -764,6 +765,16 @@ objectClass: container
"""Test the primary group token behaviour (hidden-generated-readonly attribute on groups)"""
print "Testing primary group token behaviour\n"
+ try:
+ ldb.add({
+ "dn": "cn=ldaptestgroup,cn=users," + self.base_dn,
+ "objectclass": "group",
+ "primaryGroupToken": "100"})
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_UNDEFINED_ATTRIBUTE_TYPE)
+ self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
+
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": ["user", "person"]})