diff options
-rwxr-xr-x | source4/lib/ldb/tests/python/ldap.py | 68 | ||||
-rw-r--r-- | source4/scripting/python/pyglue.c | 23 |
2 files changed, 81 insertions, 10 deletions
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py index 7bc4b3f08f..00fb307689 100755 --- a/source4/lib/ldb/tests/python/ldap.py +++ b/source4/lib/ldb/tests/python/ldap.py @@ -17,9 +17,11 @@ from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError from ldb import ERR_NO_SUCH_OBJECT, ERR_ATTRIBUTE_OR_VALUE_EXISTS from ldb import ERR_ENTRY_ALREADY_EXISTS, ERR_UNWILLING_TO_PERFORM from ldb import ERR_NOT_ALLOWED_ON_NON_LEAF, ERR_OTHER, ERR_INVALID_DN_SYNTAX +from ldb import Message, Dn from samba import Ldb from subunit import SubunitTestRunner from samba import param +from samba import glue import unittest parser = optparse.OptionParser("ldap [options] <host>") @@ -125,21 +127,67 @@ class BasicTests(unittest.TestCase): ldb.delete("cn=testotherusers," + self.base_dn) def test_groupType(self): - """Test groupType behaviour - (should appear to be casted to a 32 bit signed integer before comparsion)""" + """Test groupType behaviour (should appear to be casted to a 32 bit signed integer before comparsion)""" print "Testing groupType behaviour\n" res1 = ldb.search(base=self.base_dn, scope=SCOPE_SUBTREE, - attrs=["groupType"], expression="groupType=2147483650"); + attrs=["groupType"], expression="groupType=2147483653"); res2 = ldb.search(base=self.base_dn, scope=SCOPE_SUBTREE, - attrs=["groupType"], expression="groupType=-2147483646"); + attrs=["groupType"], expression="groupType=-2147483643"); self.assertEquals(len(res1), len(res2)) self.assertTrue(res1.count > 0) - self.assertEquals(res1[0]["groupType"][0], "-2147483646") + self.assertEquals(res1[0]["groupType"][0], "-2147483643") + + def test_primary_group_token(self): + """Test the primary group token behaviour (hidden-generated-readonly attribute on groups)""" + print "Testing primary group token behaviour\n" + + ldb.add({ + "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn, + "objectclass": ["user", "person"], + "cN": "LDAPtestUSER", + "givenname": "ldap", + "sn": "testy"}) + + ldb.add({ + "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn, + "objectclass": "group", + "member": "cn=ldaptestuser,cn=useRs," + self.base_dn}) + + res1 = ldb.search("cn=ldaptestuser, cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["primaryGroupToken"]) + self.assertTrue(len(res1) == 1) + self.assertFalse("primaryGroupToken" in res1[0]) + + res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, + scope=SCOPE_BASE) + self.assertTrue(len(res1) == 1) + self.assertFalse("primaryGroupToken" in res1[0]) + + res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["primaryGroupToken", "objectSID"]) + self.assertTrue(len(res1) == 1) + primary_group_token = int(res1[0]["primaryGroupToken"][0]) + + rid = glue.dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0])) + self.assertEquals(primary_group_token, rid) + +# Has to wait until we support read-only generated attributes correctly +# m = Message() +# m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) +# m["primaryGroupToken"] = "100" +# try: +# ldb.modify(m) +# self.fail() +# except LdbError, (num, msg): +# print msg + + self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn) def test_all(self): """Basic tests""" @@ -148,11 +196,11 @@ class BasicTests(unittest.TestCase): print "Testing user add" ldb.add({ - "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn, - "objectclass": ["user", "person"], - "cN": "LDAPtestUSER", - "givenname": "ldap", - "sn": "testy"}) + "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn, + "objectclass": ["user", "person"], + "cN": "LDAPtestUSER", + "givenname": "ldap", + "sn": "testy"}) ldb.add({ "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn, diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c index 0869d2feac..95255dc1f6 100644 --- a/source4/scripting/python/pyglue.c +++ b/source4/scripting/python/pyglue.c @@ -327,6 +327,27 @@ static PyObject *py_dsdb_convert_schema_to_openldap(PyObject *self, PyObject *ar return ret; } +static PyObject *py_dom_sid_to_rid(PyLdbObject *self, PyObject *args) +{ + PyObject *py_sid; + struct dom_sid *sid; + uint32_t rid; + NTSTATUS status; + + if(!PyArg_ParseTuple(args, "O", &py_sid)) + return NULL; + + sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid)); + + status = dom_sid_split_rid(NULL, sid, NULL, &rid); + if (!NT_STATUS_IS_OK(status)) { + PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed"); + return NULL; + } + + return PyInt_FromLong(rid); +} + static PyMethodDef py_misc_methods[] = { { "generate_random_str", (PyCFunction)py_generate_random_str, METH_VARARGS, "random_password(len) -> string\n" @@ -358,6 +379,8 @@ static PyMethodDef py_misc_methods[] = { NULL }, { "dsdb_convert_schema_to_openldap", (PyCFunction)py_dsdb_convert_schema_to_openldap, METH_VARARGS, NULL }, + { "dom_sid_to_rid", (PyCFunction)py_dom_sid_to_rid, METH_VARARGS, + NULL }, { NULL } }; |