From c69672dd9880abea579a26c95733e45cd88d0be6 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 17 Aug 2006 22:18:20 +0000 Subject: r17598: Patch from Martin Kühl to update the samba3sam test suite, which contains tests for the samba3sam and ldb_map modules, with a lot of tests for search requests. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The tests add a small set of known records to the database, half of them with only remote data, half of them split across the local and remote backends, and test searching these records by DN, by attribute and with a range of parse trees. This suite should be extensive enough to ensure that behaviour of search requests doesn't break. (This used to be commit 120f7891faf241057457db7234ce381bfe3fd847) --- testprogs/ejs/samba3sam.js | 615 +++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 570 insertions(+), 45 deletions(-) diff --git a/testprogs/ejs/samba3sam.js b/testprogs/ejs/samba3sam.js index b25ca88d1d..bac381fa01 100755 --- a/testprogs/ejs/samba3sam.js +++ b/testprogs/ejs/samba3sam.js @@ -8,58 +8,60 @@ var sys; var ldb = ldb_init(); -var smb3 = ldb_init(); -var smb4 = ldb_init(); var options = GetOptions(ARGV, "POPT_AUTOHELP", "POPT_COMMON_SAMBA"); if (options == undefined) { - println("Failed to parse options"); - return -1; + println("Failed to parse options"); + return -1; } libinclude("base.js"); if (options.ARGV.length != 2) { - println("Usage: samba3sam.js "); - return -1; + println("Usage: samba3sam.js "); + return -1; } -prefix = options.ARGV[0]; -datadir = options.ARGV[1]; +var prefix = options.ARGV[0]; +var datadir = options.ARGV[1]; -function setup_modules(sys, ldb, from, to) { - var ldif = sys.file_load(datadir + "/" + "provision_samba3sam.ldif"); - ldif = substitute_var(ldif, from); +function setup_data(obj, ldif) +{ + assert(ldif != undefined); + ldif = substitute_var(ldif, obj); + assert(ldif != undefined); + var ok = obj.db.add(ldif); + assert(ok); +} + +function setup_modules(ldb, s3, s4, ldif) +{ + assert(ldif != undefined); + ldif = substitute_var(ldif, s4); assert(ldif != undefined); var ok = ldb.add(ldif); assert(ok); - var ok = ldb.add(" + var ldif = " dn: @MAP=samba3sam -@FROM: " + from.BASEDN + " -@TO: " + to.BASEDN + " +@FROM: " + s4.BASEDN + " +@TO: " + s3.BASEDN + " dn: @MODULES @LIST: rootdse,paged_results,server_sort,extended_dn,asq,samldb,objectclass,password_hash,operational,objectguid,rdn_name,samba3sam,partition dn: @PARTITION -partition: " + from.BASEDN + ":" + from.URL + " -partition: " + to.BASEDN + ":" + to.URL + " +partition: " + s4.BASEDN + ":" + s4.url + " +partition: " + s3.BASEDN + ":" + s3.url + " replicateEntries: @SUBCLASSES replicateEntries: @ATTRIBUTES replicateEntries: @INDEXLIST -"); - assert(ok); -} - -function setup_data(sys, ldb, remote) { - var ldif = sys.file_load(datadir + "/" + "samba3.ldif"); - ldif = substitute_var(ldif, remote); - assert(ldif != undefined); +"; var ok = ldb.add(ldif); assert(ok); } -function search_tests(ldb) { +function test_s3sam_search(ldb) +{ println("Looking up by non-mapped attribute"); var msg = ldb.search("(cn=Administrator)"); assert(msg.length == 1); @@ -98,7 +100,8 @@ function search_tests(ldb) { } } -function modify_tests(ldb, remote) { +function test_s3sam_modify(ldb, s3) +{ println("Adding a record that will be fallbacked"); ok = ldb.add(" dn: cn=Foo,dc=idealx,dc=org @@ -139,19 +142,19 @@ cn: Niemand println("Checking for existence of record (local && remote)"); msg = ldb.search("(&(unixName=bin)(unicodePwd=geheim))", new Array('unixName','cn','dn', 'unicodePwd')); - assert(msg.length == 1); // TODO: should check with more records + assert(msg.length == 1); // TODO: should check with more records assert(msg[0].cn == "Niemand"); assert(msg[0].unixName == "bin"); assert(msg[0].unicodePwd == "geheim"); println("Checking for existence of record (local || remote)"); msg = ldb.search("(|(unixName=bin)(unicodePwd=geheim))", new Array('unixName','cn','dn', 'unicodePwd')); - assert(msg.length == 1); // TODO: should check with more records + assert(msg.length == 1); // TODO: should check with more records assert(msg[0].cn == "Niemand"); assert(msg[0].unixName == "bin" || msg[0].unicodePwd == "geheim"); println("Checking for data in destination database"); - msg = remote.search("(cn=Niemand)"); + msg = s3.db.search("(cn=Niemand)"); assert(msg.length >= 1); assert(msg[0].sambaSID == "S-1-5-21-4231626423-2410014848-2360679739-2001"); assert(msg[0].displayName == "Niemand"); @@ -215,45 +218,567 @@ delete: description assert(msg.length == 0); } +function test_map_search(ldb, s3, s4) +{ + println("Running search tests on mapped data"); + var res; + var dn; + var attrs; + + /* Add a set of split records */ + var ldif = " +dn: cn=X,sambaDomainName=TESTS,${BASEDN} +objectClass: user +cn: X +codePage: x +revision: x +objectCategory: x +nextRid: y +lastLogon: x +description: x +objectSid: S-1-5-21-4231626423-2410014848-2360679739-552 +primaryGroupID: 1-5-21-4231626423-2410014848-2360679739-512 + +dn: cn=Y,sambaDomainName=TESTS,${BASEDN} +objectClass: top +cn: Y +codePage: x +revision: x +objectCategory: y +nextRid: y +lastLogon: y +description: x + +dn: cn=Z,sambaDomainName=TESTS,${BASEDN} +objectClass: top +cn: Z +codePage: x +revision: y +objectCategory: z +nextRid: y +lastLogon: z +description: y +"; + ldif = substitute_var(ldif, s4); + assert(ldif != undefined); + var ok = ldb.add(ldif); + assert(ok); + + /* Add a set of remote records */ + var ldif = " +dn: cn=A,sambaDomainName=TESTS,${BASEDN} +objectClass: posixAccount +cn: A +sambaNextRid: x +sambaBadPasswordCount: x +sambaLogonTime: x +description: x +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-552 +sambaPrimaryGroupSID: S-1-5-21-4231626423-2410014848-2360679739-512 + +dn: cn=B,sambaDomainName=TESTS,${BASEDN} +objectClass: top +cn:B +sambaNextRid: x +sambaBadPasswordCount: x +sambaLogonTime: y +description: x + +dn: cn=C,sambaDomainName=TESTS,${BASEDN} +objectClass: top +cn: C +sambaNextRid: x +sambaBadPasswordCount: y +sambaLogonTime: z +description: y +"; + ldif = substitute_var(ldif, s3); + assert(ldif != undefined); + var ok = s3.db.add(ldif); + assert(ok); + + println("Testing search by DN"); + + /* Search remote record by local DN */ + dn = "cn=A,sambaDomainName=TESTS," + s4.BASEDN; + attrs = new Array("objectCategory", "lastLogon"); + res = ldb.search("", dn, ldb.SCOPE_BASE, attrs); + assert(res != undefined); + assert(res.length == 1); + assert(res[0].dn == dn); + assert(res[0].objectCategory == undefined); + assert(res[0].lastLogon == "x"); + + /* Search remote record by remote DN */ + dn = "cn=A,sambaDomainName=TESTS," + s3.BASEDN; + attrs = new Array("objectCategory", "lastLogon", "sambaLogonTime"); + res = s3.db.search("", dn, ldb.SCOPE_BASE, attrs); + assert(res != undefined); + assert(res.length == 1); + assert(res[0].dn == dn); + assert(res[0].objectCategory == undefined); + assert(res[0].lastLogon == undefined); + assert(res[0].sambaLogonTime == "x"); + + /* Search split record by local DN */ + dn = "cn=X,sambaDomainName=TESTS," + s4.BASEDN; + attrs = new Array("objectCategory", "lastLogon"); + res = ldb.search("", dn, ldb.SCOPE_BASE, attrs); + assert(res != undefined); + assert(res.length == 1); + assert(res[0].dn == dn); + assert(res[0].objectCategory == "x"); + assert(res[0].lastLogon == "x"); + + /* Search split record by remote DN */ + dn = "cn=X,sambaDomainName=TESTS," + s3.BASEDN; + attrs = new Array("objectCategory", "lastLogon", "sambaLogonTime"); + res = s3.db.search("", dn, ldb.SCOPE_BASE, attrs); + assert(res != undefined); + assert(res.length == 1); + assert(res[0].dn == dn); + assert(res[0].objectCategory == undefined); + assert(res[0].lastLogon == undefined); + assert(res[0].sambaLogonTime == "x"); + + println("Testing search by attribute"); + + /* Search by ignored attribute */ + attrs = new Array("objectCategory", "lastLogon"); + res = ldb.search("(revision=x)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res != undefined); + assert(res.length == 2); + assert(res[0].dn == ("cn=Y,sambaDomainName=TESTS," + s4.BASEDN)); + assert(res[0].objectCategory == "y"); + assert(res[0].lastLogon == "y"); + assert(res[1].dn == ("cn=X,sambaDomainName=TESTS," + s4.BASEDN)); + assert(res[1].objectCategory == "x"); + assert(res[1].lastLogon == "x"); + + /* Search by kept attribute */ + attrs = new Array("objectCategory", "lastLogon"); + res = ldb.search("(description=y)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res != undefined); + assert(res.length == 2); + assert(res[0].dn == ("cn=Z,sambaDomainName=TESTS," + s4.BASEDN)); + assert(res[0].objectCategory == "z"); + assert(res[0].lastLogon == "z"); + assert(res[1].dn == ("cn=C,sambaDomainName=TESTS," + s4.BASEDN)); + assert(res[1].objectCategory == undefined); + assert(res[1].lastLogon == "z"); + + /* Search by renamed attribute */ + attrs = new Array("objectCategory", "lastLogon"); + res = ldb.search("(badPwdCount=x)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res != undefined); + assert(res.length == 2); + assert(res[0].dn == ("cn=B,sambaDomainName=TESTS," + s4.BASEDN)); + assert(res[0].objectCategory == undefined); + assert(res[0].lastLogon == "y"); + assert(res[1].dn == ("cn=A,sambaDomainName=TESTS," + s4.BASEDN)); + assert(res[1].objectCategory == undefined); + assert(res[1].lastLogon == "x"); + + /* Search by converted attribute */ + attrs = new Array("objectCategory", "lastLogon", "objectSid"); + /* TODO: + Using the SID directly in the parse tree leads to conversion + errors, letting the search fail with no results. + res = ldb.search("(objectSid=S-1-5-21-4231626423-2410014848-2360679739-552)", NULL, ldb. SCOPE_DEFAULT, attrs); + */ + res = ldb.search("(objectSid=*)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res != undefined); + assert(res.length == 2); + assert(res[0].dn == ("cn=X,sambaDomainName=TESTS," + s4.BASEDN)); + assert(res[0].objectCategory == "x"); + assert(res[0].lastLogon == "x"); + assert(res[0].objectSid == "S-1-5-21-4231626423-2410014848-2360679739-552"); + assert(res[1].dn == ("cn=A,sambaDomainName=TESTS," + s4.BASEDN)); + assert(res[1].objectCategory == undefined); + assert(res[1].lastLogon == "x"); + assert(res[1].objectSid == "S-1-5-21-4231626423-2410014848-2360679739-552"); + + /* Search by generated attribute */ + /* In most cases, this even works when the mapping is missing + * a `convert_operator' by enumerating the remote db. */ + attrs = new Array("objectCategory", "lastLogon", "primaryGroupID"); + res = ldb.search("(primaryGroupID=1-5-21-4231626423-2410014848-2360679739-512)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res != undefined); + assert(res.length == 1); + assert(res[0].dn == ("cn=A,sambaDomainName=TESTS," + s4.BASEDN)); + assert(res[0].objectCategory == undefined); + assert(res[0].lastLogon == "x"); + assert(res[0].primaryGroupID == "1-5-21-4231626423-2410014848-2360679739-512"); + + /* TODO: There should actually be two results, A and X. The + * primaryGroupID of X seems to get corrupted somewhere, and the + * objectSid isn't available during the generation of remote (!) data, + * which can be observed with the following search. Also note that Xs + * objectSid seems to be fine in the previous search for objectSid... */ + /* + res = ldb.search("(primaryGroupID=*)", NULL, ldb. SCOPE_DEFAULT, attrs); + println(res.length + " results found"); + for (i=0;i