2015-05-12 01:26:57 +02:00
|
|
|
#!/usr/bin/env python
|
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
|
|
|
from __future__ import with_statement
|
|
|
|
from __future__ import unicode_literals
|
|
|
|
|
|
|
|
import pytest
|
|
|
|
import sys
|
2015-05-16 19:15:20 +02:00
|
|
|
from sets import Set
|
2015-05-12 01:26:57 +02:00
|
|
|
from ldapcherry.roles import Roles
|
2015-05-16 23:52:59 +02:00
|
|
|
from ldapcherry.exceptions import DumplicateRoleKey, MissingKey, DumplicateRoleContent, MissingRolesFile, MissingRole
|
2015-05-12 01:26:57 +02:00
|
|
|
from ldapcherry.pyyamlwrapper import DumplicatedKey, RelationError
|
|
|
|
|
|
|
|
class TestError(object):
|
|
|
|
|
|
|
|
def testNominal(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
print inv.roles
|
|
|
|
return True
|
|
|
|
|
|
|
|
def testMissingDisplayName(self):
|
|
|
|
try:
|
2015-05-12 01:41:32 +02:00
|
|
|
inv = Roles('./tests/cfg/roles_missing_diplay_name.yml')
|
2015-05-12 01:26:57 +02:00
|
|
|
except MissingKey:
|
|
|
|
return
|
|
|
|
else:
|
|
|
|
raise AssertionError("expected an exception")
|
|
|
|
|
2015-05-15 01:03:31 +02:00
|
|
|
def testMissingBackends(self):
|
|
|
|
try:
|
|
|
|
inv = Roles('./tests/cfg/roles_missing_backends.yml')
|
|
|
|
except MissingKey:
|
|
|
|
return
|
|
|
|
else:
|
|
|
|
raise AssertionError("expected an exception")
|
|
|
|
|
2015-05-12 01:26:57 +02:00
|
|
|
def testRoleKeyDuplication(self):
|
|
|
|
try:
|
|
|
|
inv = Roles('./tests/cfg/roles_key_dup.yml')
|
|
|
|
except DumplicateRoleKey:
|
|
|
|
return
|
|
|
|
else:
|
|
|
|
raise AssertionError("expected an exception")
|
|
|
|
|
2015-05-12 11:34:28 +02:00
|
|
|
def testNoFile(self):
|
|
|
|
try:
|
|
|
|
inv = Roles('./tests/cfg/dontexist')
|
|
|
|
except MissingRolesFile:
|
|
|
|
return
|
|
|
|
else:
|
|
|
|
raise AssertionError("expected an exception")
|
|
|
|
|
2015-05-12 01:26:57 +02:00
|
|
|
def testRoleContentDuplication(self):
|
|
|
|
try:
|
2015-05-15 01:03:31 +02:00
|
|
|
inv = Roles('./tests/cfg/roles_content_dup.yml')
|
2015-05-12 01:26:57 +02:00
|
|
|
except DumplicateRoleContent:
|
|
|
|
return
|
|
|
|
else:
|
|
|
|
raise AssertionError("expected an exception")
|
|
|
|
|
2015-05-16 23:52:59 +02:00
|
|
|
def testGetGroup(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
res = inv.get_groups('users')
|
|
|
|
expected = {
|
2015-06-04 23:34:31 +02:00
|
|
|
'ad': ['Domain Users'],
|
|
|
|
'ldap': ['cn=users,ou=group,dc=example,dc=com']
|
2015-05-16 23:52:59 +02:00
|
|
|
}
|
|
|
|
assert res == expected
|
|
|
|
|
|
|
|
def testGetGroupMissingRole(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
try:
|
|
|
|
res = inv.get_groups('notarole')
|
|
|
|
except MissingRole:
|
|
|
|
return
|
|
|
|
else:
|
|
|
|
raise AssertionError("expected an exception")
|
|
|
|
|
2015-05-17 01:22:53 +02:00
|
|
|
def testGetDisplayNameMissingRole(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
try:
|
|
|
|
res = inv.get_display_name('notarole')
|
|
|
|
except MissingRole:
|
|
|
|
return
|
|
|
|
else:
|
|
|
|
raise AssertionError("expected an exception")
|
|
|
|
|
|
|
|
def testGetDisplayName(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
res = inv.get_display_name('users')
|
|
|
|
expected = 'Simple Users'
|
|
|
|
assert res == expected
|
|
|
|
|
|
|
|
def testGetAllRoles(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
res = inv.get_allroles()
|
|
|
|
expected = ['developpers', 'admin-lv3', 'admin-lv2', 'users']
|
|
|
|
assert res == expected
|
|
|
|
|
|
|
|
def testGetAllRoles(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
res = inv.get_backends()
|
|
|
|
expected = Set(['ad', 'ldap'])
|
|
|
|
assert res == expected
|
|
|
|
|
|
|
|
def testDumpNested(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
inv.dump_nest()
|
|
|
|
|
2015-05-16 23:52:59 +02:00
|
|
|
def testAdminRoles(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
res = inv.get_admin_roles()
|
|
|
|
expected = ['admin-lv2', 'admin-lv3']
|
|
|
|
assert res == expected
|
|
|
|
|
|
|
|
def testIsAdmin(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
res = inv.is_admin(['admin-lv3', 'users'])
|
|
|
|
assert res == True
|
|
|
|
|
|
|
|
def testIsNotAdmin(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
res = inv.is_admin(['users'])
|
|
|
|
assert res == False
|
|
|
|
|
2015-05-16 19:15:20 +02:00
|
|
|
def testGetRole(self):
|
|
|
|
inv = Roles('./tests/cfg/roles.yml')
|
|
|
|
groups = {
|
2015-05-16 19:40:16 +02:00
|
|
|
'ad' : ['Domain Users', 'Domain Users 2'],
|
|
|
|
'ldap': ['cn=users,ou=group,dc=example,dc=com',
|
|
|
|
'cn=nagios admins,ou=group,dc=example,dc=com',
|
|
|
|
'cn=developpers,ou=group,dc=example,dc=com',
|
|
|
|
],
|
|
|
|
'toto': ['not a group'],
|
|
|
|
}
|
|
|
|
expected = {'unusedgroups': {'toto': Set(['not a group']), 'ad': Set(['Domain Users 2'])}, 'roles': Set(['developpers', 'admin-lv2'])}
|
2015-05-16 19:15:20 +02:00
|
|
|
assert inv.get_roles(groups) == expected
|