From f44dbc296ea4f63fe194ca0b56bc552fca16a0d9 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 12 Feb 2008 01:42:58 +0100 Subject: Reintroduce samba3sam EJS test, at least until the Python test is ready. (This used to be commit 13deb25214b2711836e243a87166b63a4a87270b) --- testprogs/ejs/samba3sam.js | 1255 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1255 insertions(+) create mode 100644 testprogs/ejs/samba3sam.js (limited to 'testprogs/ejs/samba3sam.js') diff --git a/testprogs/ejs/samba3sam.js b/testprogs/ejs/samba3sam.js new file mode 100644 index 0000000000..e5639b8ec8 --- /dev/null +++ b/testprogs/ejs/samba3sam.js @@ -0,0 +1,1255 @@ +#!/usr/bin/env smbscript +/* + (C) Jelmer Vernooij 2005 + (C) Martin Kuehl 2006 + Published under the GNU GPL + Sponsored by Google Summer of Code + */ + +var sys; +var options = GetOptions(ARGV, "POPT_AUTOHELP", "POPT_COMMON_SAMBA"); +if (options == undefined) { + println("Failed to parse options"); + return -1; +} + +libinclude("base.js"); + +if (options.ARGV.length != 2) { + println("Usage: samba3sam.js "); + return -1; +} + +var prefix = options.ARGV[0]; +var datadir = options.ARGV[1]; + +function setup_data(obj, ldif) +{ + assert(ldif != undefined); + ldif = substitute_var(ldif, obj); + assert(ldif != undefined); + var ok = obj.db.add(ldif); + assert(ok.error == 0); +} + +function setup_modules(ldb, s3, s4, ldif) +{ + assert(ldif != undefined); + ldif = substitute_var(ldif, s4); + assert(ldif != undefined); + var ok = ldb.add(ldif); + assert(ok.error == 0); + + var ldif = " +dn: @MAP=samba3sam +@FROM: " + s4.BASEDN + " +@TO: sambaDomainName=TESTS," + s3.BASEDN + " + +dn: @MODULES +@LIST: rootdse,paged_results,server_sort,extended_dn,asq,samldb,password_hash,operational,objectguid,rdn_name,samba3sam,partition + +dn: @PARTITION +partition: " + s4.BASEDN + ":" + s4.url + " +partition: " + s3.BASEDN + ":" + s3.url + " +replicateEntries: @SUBCLASSES +replicateEntries: @ATTRIBUTES +replicateEntries: @INDEXLIST +"; + var ok = ldb.add(ldif); + assert(ok.error == 0); +} + +function test_s3sam_search(ldb) +{ + println("Looking up by non-mapped attribute"); + var msg = ldb.search("(cn=Administrator)"); + assert(msg.error == 0); + assert(msg.msgs.length == 1); + assert(msg.msgs[0].cn == "Administrator"); + + println("Looking up by mapped attribute"); + var msg = ldb.search("(name=Backup Operators)"); + assert(msg.error == 0); + assert(msg.msgs.length == 1); + assert(msg.msgs[0].name == "Backup Operators"); + + println("Looking up by old name of renamed attribute"); + var msg = ldb.search("(displayName=Backup Operators)"); + assert(msg.msgs.length == 0); + + println("Looking up mapped entry containing SID"); + var msg = ldb.search("(cn=Replicator)"); + assert(msg.error == 0); + assert(msg.msgs.length == 1); + println(msg.msgs[0].dn); + assert(msg.msgs[0].dn == "cn=Replicator,ou=Groups,dc=vernstok,dc=nl"); + assert(msg.msgs[0].objectSid == "S-1-5-21-4231626423-2410014848-2360679739-552"); + + println("Checking mapping of objectClass"); + var oc = msg.msgs[0].objectClass; + assert(oc != undefined); + for (var i in oc) { + assert(oc[i] == "posixGroup" || oc[i] == "group"); + } + + println("Looking up by objectClass"); + var msg = ldb.search("(|(objectClass=user)(cn=Administrator))"); + assert(msg.error == 0); + assert(msg.msgs.length == 2); + for (var i = 0; i < msg.msgs.length; i++) { + assert((msg.msgs[i].dn == "unixName=Administrator,ou=Users,dc=vernstok,dc=nl") || + (msg.msgs[i].dn == "unixName=nobody,ou=Users,dc=vernstok,dc=nl")); + } +} + +function test_s3sam_modify(ldb, s3) +{ + var msg, ok; + println("Adding a record that will be fallbacked"); + ok = ldb.add(" +dn: cn=Foo +foo: bar +blah: Blie +cn: Foo +showInAdvancedViewOnly: TRUE +"); + if (ok.error != 0) { + println(ok.errstr); + assert(ok.error == 0); + } + + println("Checking for existence of record (local)"); + /* TODO: This record must be searched in the local database, which is currently only supported for base searches + * msg = ldb.search("(cn=Foo)", new Array('foo','blah','cn','showInAdvancedViewOnly')); + * TODO: Actually, this version should work as well but doesn't... + * + */ + var attrs = new Array('foo','blah','cn','showInAdvancedViewOnly'); + msg = ldb.search("(cn=Foo)", "cn=Foo", ldb.LDB_SCOPE_BASE, attrs); + assert(msg.error == 0); + assert(msg.msgs.length == 1); + assert(msg.msgs[0].showInAdvancedViewOnly == "TRUE"); + assert(msg.msgs[0].foo == "bar"); + assert(msg.msgs[0].blah == "Blie"); + + println("Adding record that will be mapped"); + ok = ldb.add(" +dn: cn=Niemand,cn=Users,dc=vernstok,dc=nl +objectClass: user +unixName: bin +sambaUnicodePwd: geheim +cn: Niemand +"); + if (ok.error != 0) { + println(ok.errstr); + assert(ok.error == 0); + } + assert(ok.error == 0); + + println("Checking for existence of record (remote)"); + msg = ldb.search("(unixName=bin)", new Array('unixName','cn','dn', 'sambaUnicodePwd')); + assert(msg.error == 0); + assert(msg.msgs.length == 1); + assert(msg.msgs[0].cn == "Niemand"); + assert(msg.msgs[0].sambaUnicodePwd == "geheim"); + + println("Checking for existence of record (local && remote)"); + msg = ldb.search("(&(unixName=bin)(sambaUnicodePwd=geheim))", new Array('unixName','cn','dn', 'sambaUnicodePwd')); + assert(msg.error == 0); + assert(msg.msgs.length == 1); // TODO: should check with more records + assert(msg.msgs[0].cn == "Niemand"); + assert(msg.msgs[0].unixName == "bin"); + assert(msg.msgs[0].sambaUnicodePwd == "geheim"); + + println("Checking for existence of record (local || remote)"); + msg = ldb.search("(|(unixName=bin)(sambaUnicodePwd=geheim))", new Array('unixName','cn','dn', 'sambaUnicodePwd')); + println("got " + msg.msgs.length + " replies"); + assert(msg.error == 0); + assert(msg.msgs.length == 1); // TODO: should check with more records + assert(msg.msgs[0].cn == "Niemand"); + assert(msg.msgs[0].unixName == "bin" || msg.msgs[0].sambaUnicodePwd == "geheim"); + + println("Checking for data in destination database"); + msg = s3.db.search("(cn=Niemand)"); + assert(msg.error == 0); + assert(msg.msgs.length >= 1); + assert(msg.msgs[0].sambaSID == "S-1-5-21-4231626423-2410014848-2360679739-2001"); + assert(msg.msgs[0].displayName == "Niemand"); + + println("Adding attribute..."); + ok = ldb.modify(" +dn: cn=Niemand,cn=Users,dc=vernstok,dc=nl +changetype: modify +add: description +description: Blah +"); + if (ok.error != 0) { + println(ok.errstr); + assert(ok.error == 0); + } + assert(ok.error == 0); + + println("Checking whether changes are still there..."); + msg = ldb.search("(cn=Niemand)"); + assert(msg.error == 0); + assert(msg.msgs.length >= 1); + assert(msg.msgs[0].cn == "Niemand"); + assert(msg.msgs[0].description == "Blah"); + + println("Modifying attribute..."); + ok = ldb.modify(" +dn: cn=Niemand,cn=Users,dc=vernstok,dc=nl +changetype: modify +replace: description +description: Blie +"); + if (ok.error != 0) { + println(ok.errstr); + assert(ok.error == 0); + } + assert(ok.error == 0); + + println("Checking whether changes are still there..."); + msg = ldb.search("(cn=Niemand)"); + assert(msg.error == 0); + assert(msg.msgs.length >= 1); + assert(msg.msgs[0].description == "Blie"); + + println("Deleting attribute..."); + ok = ldb.modify(" +dn: cn=Niemand,cn=Users,dc=vernstok,dc=nl +changetype: modify +delete: description +"); + if (ok.error != 0) { + println(ok.errstr); + assert(ok.error == 0); + } + assert(ok.error == 0); + + println("Checking whether changes are no longer there..."); + msg = ldb.search("(cn=Niemand)"); + assert(msg.error == 0); + assert(msg.msgs.length >= 1); + assert(msg.msgs[0].description == undefined); + + println("Renaming record..."); + ok = ldb.rename("cn=Niemand,cn=Users,dc=vernstok,dc=nl", "cn=Niemand2,cn=Users,dc=vernstok,dc=nl"); + assert(ok.error == 0); + + println("Checking whether DN has changed..."); + msg = ldb.search("(cn=Niemand2)"); + assert(msg.error == 0); + assert(msg.msgs.length == 1); + assert(msg.msgs[0].dn == "cn=Niemand2,cn=Users,dc=vernstok,dc=nl"); + + println("Deleting record..."); + ok = ldb.del("cn=Niemand2,cn=Users,dc=vernstok,dc=nl"); + if (ok.error != 0) { + println(ok.errstr); + assert(ok.error == 0); + } + + println("Checking whether record is gone..."); + msg = ldb.search("(cn=Niemand2)"); + assert(msg.error == 0); + assert(msg.msgs.length == 0); +} + +function test_map_search(ldb, s3, s4) +{ + println("Running search tests on mapped data"); + var res; + var dn; + var attrs; + + + var ldif = " +dn: " + "sambaDomainName=TESTS," + s3.BASEDN + " +objectclass: sambaDomain +objectclass: top +sambaSID: S-1-5-21-4231626423-2410014848-2360679739 +sambaNextRid: 2000 +sambaDomainName: TESTS" + ldif = substitute_var(ldif, s3); + assert(ldif != undefined); + var ok = s3.db.add(ldif); + assert(ok.error == 0); + + printf("Add a set of split records"); + var ldif = " +dn: " + s4.dn("cn=X") + " +objectClass: user +cn: X +codePage: x +revision: x +dnsHostName: x +nextRid: y +lastLogon: x +description: x +objectSid: S-1-5-21-4231626423-2410014848-2360679739-552 +primaryGroupID: 1-5-21-4231626423-2410014848-2360679739-512 + +dn: " + s4.dn("cn=Y") + " +objectClass: top +cn: Y +codePage: x +revision: x +dnsHostName: y +nextRid: y +lastLogon: y +description: x + +dn: " + s4.dn("cn=Z") + " +objectClass: top +cn: Z +codePage: x +revision: y +dnsHostName: z +nextRid: y +lastLogon: z +description: y +"; + + ldif = substitute_var(ldif, s4); + assert(ldif != undefined); + var ok = ldb.add(ldif); + if (ok.error != 0) { + println(ok.errstr); + assert(ok.error == 0); + } + + println("Add a set of remote records"); + + var ldif = " +dn: " + s3.dn("cn=A") + " +objectClass: posixAccount +cn: A +sambaNextRid: x +sambaBadPasswordCount: x +sambaLogonTime: x +description: x +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-552 +sambaPrimaryGroupSID: S-1-5-21-4231626423-2410014848-2360679739-512 + +dn: " + s3.dn("cn=B") + " +objectClass: top +cn:B +sambaNextRid: x +sambaBadPasswordCount: x +sambaLogonTime: y +description: x + +dn: " + s3.dn("cn=C") + " +objectClass: top +cn: C +sambaNextRid: x +sambaBadPasswordCount: y +sambaLogonTime: z +description: y +"; + ldif = substitute_var(ldif, s3); + assert(ldif != undefined); + var ok = s3.db.add(ldif); + assert(ok.error == 0); + + println("Testing search by DN"); + + /* Search remote record by local DN */ + dn = s4.dn("cn=A"); + attrs = new Array("dnsHostName", "lastLogon"); + res = ldb.search("", dn, ldb.SCOPE_BASE, attrs); + assert(res.error == 0); + assert(res.msgs.length == 1); + assert(res.msgs[0].dn == dn); + assert(res.msgs[0].dnsHostName == undefined); + assert(res.msgs[0].lastLogon == "x"); + + /* Search remote record by remote DN */ + dn = s3.dn("cn=A"); + attrs = new Array("dnsHostName", "lastLogon", "sambaLogonTime"); + res = s3.db.search("", dn, ldb.SCOPE_BASE, attrs); + assert(res.error == 0); + assert(res.msgs.length == 1); + assert(res.msgs[0].dn == dn); + assert(res.msgs[0].dnsHostName == undefined); + assert(res.msgs[0].lastLogon == undefined); + assert(res.msgs[0].sambaLogonTime == "x"); + + /* Search split record by local DN */ + dn = s4.dn("cn=X"); + attrs = new Array("dnsHostName", "lastLogon"); + res = ldb.search("", dn, ldb.SCOPE_BASE, attrs); + assert(res.error == 0); + assert(res.msgs.length == 1); + assert(res.msgs[0].dn == dn); + assert(res.msgs[0].dnsHostName == "x"); + assert(res.msgs[0].lastLogon == "x"); + + /* Search split record by remote DN */ + dn = s3.dn("cn=X"); + attrs = new Array("dnsHostName", "lastLogon", "sambaLogonTime"); + res = s3.db.search("", dn, ldb.SCOPE_BASE, attrs); + assert(res.error == 0); + assert(res.msgs.length == 1); + assert(res.msgs[0].dn == dn); + assert(res.msgs[0].dnsHostName == undefined); + assert(res.msgs[0].lastLogon == undefined); + assert(res.msgs[0].sambaLogonTime == "x"); + + println("Testing search by attribute"); + + /* Search by ignored attribute */ + attrs = new Array("dnsHostName", "lastLogon"); + res = ldb.search("(revision=x)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res.error == 0); + assert(res.msgs.length == 2); + assert(res.msgs[0].dn == s4.dn("cn=Y")); + assert(res.msgs[0].dnsHostName == "y"); + assert(res.msgs[0].lastLogon == "y"); + assert(res.msgs[1].dn == s4.dn("cn=X")); + assert(res.msgs[1].dnsHostName == "x"); + assert(res.msgs[1].lastLogon == "x"); + + /* Search by kept attribute */ + attrs = new Array("dnsHostName", "lastLogon"); + res = ldb.search("(description=y)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res.error == 0); + assert(res.msgs.length == 2); + assert(res.msgs[0].dn == s4.dn("cn=Z")); + assert(res.msgs[0].dnsHostName == "z"); + assert(res.msgs[0].lastLogon == "z"); + assert(res.msgs[1].dn == s4.dn("cn=C")); + assert(res.msgs[1].dnsHostName == undefined); + assert(res.msgs[1].lastLogon == "z"); + + /* Search by renamed attribute */ + attrs = new Array("dnsHostName", "lastLogon"); + res = ldb.search("(badPwdCount=x)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res.error == 0); + assert(res.msgs.length == 2); + assert(res.msgs[0].dn == s4.dn("cn=B")); + assert(res.msgs[0].dnsHostName == undefined); + assert(res.msgs[0].lastLogon == "y"); + assert(res.msgs[1].dn == s4.dn("cn=A")); + assert(res.msgs[1].dnsHostName == undefined); + assert(res.msgs[1].lastLogon == "x"); + + /* Search by converted attribute */ + attrs = new Array("dnsHostName", "lastLogon", "objectSid"); + /* TODO: + Using the SID directly in the parse tree leads to conversion + errors, letting the search fail with no results. + res = ldb.search("(objectSid=S-1-5-21-4231626423-2410014848-2360679739-552)", NULL, ldb. SCOPE_DEFAULT, attrs); + */ + res = ldb.search("(objectSid=*)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res.error == 0); + assert(res.msgs.length == 3); + assert(res.msgs[0].dn == s4.dn("cn=X")); + assert(res.msgs[0].dnsHostName == "x"); + assert(res.msgs[0].lastLogon == "x"); + assert(res.msgs[0].objectSid == "S-1-5-21-4231626423-2410014848-2360679739-552"); + assert(res.msgs[1].dn == s4.dn("cn=A")); + assert(res.msgs[1].dnsHostName == undefined); + assert(res.msgs[1].lastLogon == "x"); + assert(res.msgs[1].objectSid == "S-1-5-21-4231626423-2410014848-2360679739-552"); + + /* Search by generated attribute */ + /* In most cases, this even works when the mapping is missing + * a `convert_operator' by enumerating the remote db. */ + attrs = new Array("dnsHostName", "lastLogon", "primaryGroupID"); + res = ldb.search("(primaryGroupID=512)", NULL, ldb. SCOPE_DEFAULT, attrs); + assert(res.error == 0); + assert(res.msgs.length == 1); + assert(res.msgs[0].dn == s4.dn("cn=A")); + assert(res.msgs[0].dnsHostName == undefined); + assert(res.msgs[0].lastLogon == "x"); + assert(res.msgs[0].primaryGroupID == "512"); + + /* TODO: There should actually be two results, A and X. The + * primaryGroupID of X seems to get corrupted somewhere, and the + * objectSid isn't available during the generation of remote (!) data, + * which can be observed with the following search. Also note that Xs + * objectSid seems to be fine in the previous search for objectSid... */ + /* + res = ldb.search("(primaryGroupID=*)", NULL, ldb. SCOPE_DEFAULT, attrs); + println(res.msgs.length + " results found"); + for (i=0;i