security-and-privacy/ldapcherry
security-and-privacy/ldapcherry
1
0
Fork 0
mirror of https://github.com/kakwa/ldapcherry synced 2025-07-04 20:37:48 +02:00
Code Releases Activity

implementing nesting roles

Browse source
This commit is contained in:
kakwa 2015-05-15 01:03:31 +02:00
parent d74893d104
commit 7524a189fe
11 changed files with 295 additions and 163 deletions
Download patch file Download diff file Expand all files Collapse all files

48
tests/cfg/roles.yml
View file

@ -1,48 +0,0 @@
admin-lv3:
display_name: Administrators Level 3
LC_admins: True
backends:
- name: ldap
groups:
- cn=dns admins,ou=group,dc=example,dc=com
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=puppet admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
- name: ad
groups:
- Domain Users
- Administrators
- Domain Controllers
admin-lv2:
display_name: Administrators Level 2
backends:
- name: ldap
groups:
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
- name: ad
groups:
- Domain Users
developpers:
display_name: Developpers
backends:
- name: ldap
groups:
- cn=nagios user,ou=group,dc=example,dc=com
- cn=developpers,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
- name: ad
groups:
- Domain Users
users:
display_name: Simple Users
backends:
- name: ldap
groups:
- cn=users,ou=group,dc=example,dc=com
- name: ad
groups:
- Domain Users

1
tests/cfg/roles.yml Symbolic link
View file

@ -0,0 +1 @@
../../conf/roles.yml

19
tests/cfg/roles_content_dump.yml
View file

@ -1,19 +0,0 @@
users2:
diplay_name: Simple Users2
backends:
- backend_name: ldap
groups:
- cn=users,ou=group,dc=example,dc=com
- backend_name: ad
groups:
- Domain Users
users:
diplay_name: Simple Users
LC_admins: True
backends:
- backend_name: ldap
groups:
- cn=users,ou=group,dc=example,dc=com
- backend_name: ad
groups:
- Domain Users

57
tests/cfg/roles_content_dup.yml Normal file
View file

@ -0,0 +1,57 @@
admin-lv3:
display_name: Administrators Level 3
LC_admins: True
backends:
ldap:
groups:
- cn=dns admins,ou=group,dc=example,dc=com
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=puppet admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
- Administrators
- Domain Controllers
admin-lv2:
display_name: Administrators Level 2
backends:
ldap:
groups:
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
developpers:
display_name: Developpers
backends:
ldap:
groups:
- cn=developpers,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
users:
display_name: Simple Users
backends:
ldap:
groups:
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
users2:
display_name: Simple Users 2
backends:
ldap:
groups:
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users

61
tests/cfg/roles_key_dup.yml
View file

@ -1,26 +1,47 @@
admin-lv2:
admin-lv3:
display_name: Administrators Level 3
LC_admins: True
backends:
- backend_name: ldap
groups:
- cn=dns admins,ou=group,dc=example,dc=com
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=puppet admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
- backend_name: ad
groups:
- Domain Users
- Administrators
- Domain Controllers
ldap:
groups:
- cn=dns admins,ou=group,dc=example,dc=com
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=puppet admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
- Administrators
- Domain Controllers
admin-lv2:
admin-lv3:
display_name: Administrators Level 2
backends:
- backend_name: ldap
groups:
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
- backend_name: ad
groups:
- Domain Users
ldap:
groups:
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
developpers:
display_name: Developpers
backends:
ldap:
groups:
- cn=developpers,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
users:
display_name: Simple Users
backends:
ldap:
groups:
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users

39
tests/cfg/roles_missing_backends.yml Normal file
View file

@ -0,0 +1,39 @@
admin-lv3:
display_name: Administrators Level 3
LC_admins: True
backends:
ldap:
groups:
- cn=dns admins,ou=group,dc=example,dc=com
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=puppet admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
- Administrators
- Domain Controllers
admin-lv2:
display_name: Administrators Level 2
developpers:
display_name: Developpers
backends:
ldap:
groups:
- cn=developpers,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
users:
display_name: Simple Users
backends:
ldap:
groups:
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users

70
tests/cfg/roles_missing_diplay_name.yml
View file

@ -2,43 +2,45 @@ admin-lv3:
display_name: Administrators Level 3
LC_admins: True
backends:
- backend_name: ldap
groups:
- cn=dns admins,ou=group,dc=example,dc=com
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=puppet admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
- backend_name: ad
groups:
- Domain Users
- Administrators
- Domain Controllers
ldap:
groups:
- cn=dns admins,ou=group,dc=example,dc=com
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=puppet admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
- Administrators
- Domain Controllers
admin-lv2:
display_name: Administrators Level 2
backends:
- backend_name: ldap
groups:
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
- backend_name: ad
groups:
- Domain Users
ldap:
groups:
- cn=nagios admins,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
developpers:
display_name: Developpers
backends:
- backend_name: ldap
groups:
- cn=nagios user,ou=group,dc=example,dc=com
- cn=developpers,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
- backend_name: ad
groups:
- Domain Users
ldap:
groups:
- cn=developpers,ou=group,dc=example,dc=com
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users
users:
diplay_name: Simple Users
display_name: Simple Users
backends:
- backend_name: ldap
groups:
- cn=users,ou=group,dc=example,dc=com
- backend_name: ad
groups:
- Domain Users
ldap:
groups:
- cn=users,ou=group,dc=example,dc=com
ad:
groups:
- Domain Users

11
tests/test_Roles.py
View file

@ -10,7 +10,6 @@ from ldapcherry.roles import Roles
from ldapcherry.exceptions import DumplicateRoleKey, MissingKey, DumplicateRoleContent, MissingRolesFile
from ldapcherry.pyyamlwrapper import DumplicatedKey, RelationError
class TestError(object):
def testNominal(self):
@ -26,6 +25,14 @@ class TestError(object):
else:
raise AssertionError("expected an exception")
def testMissingBackends(self):
try:
inv = Roles('./tests/cfg/roles_missing_backends.yml')
except MissingKey:
return
else:
raise AssertionError("expected an exception")
def testRoleKeyDuplication(self):
try:
inv = Roles('./tests/cfg/roles_key_dup.yml')
@ -45,7 +52,7 @@ class TestError(object):
def testRoleContentDuplication(self):
try:
inv = Roles('./tests/cfg/roles_content_dump.yml')
inv = Roles('./tests/cfg/roles_content_dup.yml')
except DumplicateRoleContent:
return
else: