From 5585591b2e6959bebb005966ad72eb7af4bf1760 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Fri, 12 Nov 2010 18:57:57 +0100 Subject: s4:samldb/objectclass_attrs LDB modules - move "description" logic from "objectclass_attrs" into "samldb" This according to an answer from dochelp is SAM specific behaviour. --- source4/dsdb/tests/python/ldap.py | 163 +++----------------------------------- source4/dsdb/tests/python/sam.py | 156 +++++++++++++++++++++++++++++++++++- 2 files changed, 164 insertions(+), 155 deletions(-) (limited to 'source4/dsdb/tests/python') diff --git a/source4/dsdb/tests/python/ldap.py b/source4/dsdb/tests/python/ldap.py index 833e141b7d..26a0d720c5 100755 --- a/source4/dsdb/tests/python/ldap.py +++ b/source4/dsdb/tests/python/ldap.py @@ -618,160 +618,6 @@ class BasicTests(unittest.TestCase): self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - def test_description_attribute(self): - """Test description attribute""" - print "Test description attribute""" - - self.ldb.add({ - "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, - "description": "desc2", - "objectclass": "group", - "description": "desc1"}) - - res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, - scope=SCOPE_BASE, attrs=["description"]) - self.assertTrue(len(res) == 1) - self.assertTrue("description" in res[0]) - self.assertTrue(len(res[0]["description"]) == 1) - self.assertEquals(res[0]["description"][0], "desc1") - - self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - - self.ldb.add({ - "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, - "objectclass": "group", - "description": ["desc1", "desc2"]}) - - res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, - scope=SCOPE_BASE, attrs=["description"]) - self.assertTrue(len(res) == 1) - self.assertTrue("description" in res[0]) - self.assertTrue(len(res[0]["description"]) == 2) - self.assertTrue(res[0]["description"][0] == "desc1" or - res[0]["description"][1] == "desc1") - self.assertTrue(res[0]["description"][0] == "desc2" or - res[0]["description"][1] == "desc2") - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement(["desc1","desc2"], FLAG_MOD_REPLACE, - "description") - try: - ldb.modify(m) - self.fail() - except LdbError, (num, _): - self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS) - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement(["desc1","desc2"], FLAG_MOD_DELETE, - "description") - ldb.modify(m) - - self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - - self.ldb.add({ - "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, - "objectclass": "group" }) - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement("desc1", FLAG_MOD_REPLACE, - "description") - ldb.modify(m) - - res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, - scope=SCOPE_BASE, attrs=["description"]) - self.assertTrue(len(res) == 1) - self.assertTrue("description" in res[0]) - self.assertTrue(len(res[0]["description"]) == 1) - self.assertEquals(res[0]["description"][0], "desc1") - - self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - - self.ldb.add({ - "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, - "objectclass": "group", - "description": ["desc1", "desc2"]}) - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement("desc1", FLAG_MOD_REPLACE, - "description") - ldb.modify(m) - - res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, - scope=SCOPE_BASE, attrs=["description"]) - self.assertTrue(len(res) == 1) - self.assertTrue("description" in res[0]) - self.assertTrue(len(res[0]["description"]) == 1) - self.assertEquals(res[0]["description"][0], "desc1") - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement("desc3", FLAG_MOD_ADD, - "description") - try: - ldb.modify(m) - self.fail() - except LdbError, (num, _): - self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS) - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement(["desc1","desc2"], FLAG_MOD_DELETE, - "description") - try: - ldb.modify(m) - self.fail() - except LdbError, (num, _): - self.assertEquals(num, ERR_NO_SUCH_ATTRIBUTE) - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement("desc1", FLAG_MOD_DELETE, - "description") - ldb.modify(m) - res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, - scope=SCOPE_BASE, attrs=["description"]) - self.assertTrue(len(res) == 1) - self.assertFalse("description" in res[0]) - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement(["desc1","desc2"], FLAG_MOD_REPLACE, - "description") - try: - ldb.modify(m) - self.fail() - except LdbError, (num, _): - self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS) - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement(["desc3", "desc4"], FLAG_MOD_ADD, - "description") - try: - ldb.modify(m) - self.fail() - except LdbError, (num, _): - self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS) - - m = Message() - m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - m["description"] = MessageElement("desc1", FLAG_MOD_ADD, - "description") - ldb.modify(m) - - res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, - scope=SCOPE_BASE, attrs=["description"]) - self.assertTrue(len(res) == 1) - self.assertTrue("description" in res[0]) - self.assertTrue(len(res[0]["description"]) == 1) - self.assertEquals(res[0]["description"][0], "desc1") - - self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) - def test_attribute_ranges(self): """Test attribute ranges""" print "Test attribute ranges""" @@ -1943,6 +1789,15 @@ servicePrincipalName: host/ldaptest2computer29 "objectClass": "user", "cn": "LDAPtestUSER4"}) + # Here we don't enforce these hard "description" constraints + ldb.modify_ldif(""" +dn: cn=ldaptestcontainer,""" + self.base_dn + """ +changetype: modify +replace: description +description: desc1 +description: desc2 +""") + ldb.modify_ldif(""" dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify diff --git a/source4/dsdb/tests/python/sam.py b/source4/dsdb/tests/python/sam.py index 245d051659..b64cce1c3f 100755 --- a/source4/dsdb/tests/python/sam.py +++ b/source4/dsdb/tests/python/sam.py @@ -17,7 +17,7 @@ from samba.auth import system_session from ldb import SCOPE_BASE, LdbError from ldb import ERR_NO_SUCH_OBJECT, ERR_ATTRIBUTE_OR_VALUE_EXISTS from ldb import ERR_ENTRY_ALREADY_EXISTS, ERR_UNWILLING_TO_PERFORM -from ldb import ERR_OTHER +from ldb import ERR_OTHER, ERR_NO_SUCH_ATTRIBUTE from ldb import ERR_OBJECT_CLASS_VIOLATION from ldb import ERR_CONSTRAINT_VIOLATION from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE @@ -2251,6 +2251,160 @@ class SamTests(unittest.TestCase): self.delete_force(self.ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn) + def test_sam_description_attribute(self): + """Test SAM description attribute""" + print "Test SAM description attribute""" + + self.ldb.add({ + "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, + "description": "desc2", + "objectclass": "group", + "description": "desc1"}) + + res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["description"]) + self.assertTrue(len(res) == 1) + self.assertTrue("description" in res[0]) + self.assertTrue(len(res[0]["description"]) == 1) + self.assertEquals(res[0]["description"][0], "desc1") + + self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + + self.ldb.add({ + "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, + "objectclass": "group", + "description": ["desc1", "desc2"]}) + + res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["description"]) + self.assertTrue(len(res) == 1) + self.assertTrue("description" in res[0]) + self.assertTrue(len(res[0]["description"]) == 2) + self.assertTrue(res[0]["description"][0] == "desc1" or + res[0]["description"][1] == "desc1") + self.assertTrue(res[0]["description"][0] == "desc2" or + res[0]["description"][1] == "desc2") + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement(["desc1","desc2"], FLAG_MOD_REPLACE, + "description") + try: + ldb.modify(m) + self.fail() + except LdbError, (num, _): + self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement(["desc1","desc2"], FLAG_MOD_DELETE, + "description") + ldb.modify(m) + + self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + + self.ldb.add({ + "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, + "objectclass": "group" }) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement("desc1", FLAG_MOD_REPLACE, + "description") + ldb.modify(m) + + res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["description"]) + self.assertTrue(len(res) == 1) + self.assertTrue("description" in res[0]) + self.assertTrue(len(res[0]["description"]) == 1) + self.assertEquals(res[0]["description"][0], "desc1") + + self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + + self.ldb.add({ + "dn": "cn=ldaptestgroup,cn=users," + self.base_dn, + "objectclass": "group", + "description": ["desc1", "desc2"]}) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement("desc1", FLAG_MOD_REPLACE, + "description") + ldb.modify(m) + + res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["description"]) + self.assertTrue(len(res) == 1) + self.assertTrue("description" in res[0]) + self.assertTrue(len(res[0]["description"]) == 1) + self.assertEquals(res[0]["description"][0], "desc1") + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement("desc3", FLAG_MOD_ADD, + "description") + try: + ldb.modify(m) + self.fail() + except LdbError, (num, _): + self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement(["desc1","desc2"], FLAG_MOD_DELETE, + "description") + try: + ldb.modify(m) + self.fail() + except LdbError, (num, _): + self.assertEquals(num, ERR_NO_SUCH_ATTRIBUTE) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement("desc1", FLAG_MOD_DELETE, + "description") + ldb.modify(m) + res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["description"]) + self.assertTrue(len(res) == 1) + self.assertFalse("description" in res[0]) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement(["desc1","desc2"], FLAG_MOD_REPLACE, + "description") + try: + ldb.modify(m) + self.fail() + except LdbError, (num, _): + self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement(["desc3", "desc4"], FLAG_MOD_ADD, + "description") + try: + ldb.modify(m) + self.fail() + except LdbError, (num, _): + self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS) + + m = Message() + m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + m["description"] = MessageElement("desc1", FLAG_MOD_ADD, + "description") + ldb.modify(m) + + res = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn, + scope=SCOPE_BASE, attrs=["description"]) + self.assertTrue(len(res) == 1) + self.assertTrue("description" in res[0]) + self.assertTrue(len(res[0]["description"]) == 1) + self.assertEquals(res[0]["description"][0], "desc1") + + self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + if not "://" in host: if os.path.isfile(host): -- cgit