|
|
cdf651 |
From 0cbf6070bccb6c1f904cea596f00af0cc6328bae Mon Sep 17 00:00:00 2001
|
|
|
cdf651 |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
cdf651 |
Date: Thu, 21 Jun 2018 12:37:57 +0200
|
|
|
cdf651 |
Subject: [PATCH] TESTS: Add regression test for looking up users with
|
|
|
cdf651 |
conflicting e-mail addresses
|
|
|
cdf651 |
MIME-Version: 1.0
|
|
|
cdf651 |
Content-Type: text/plain; charset=UTF-8
|
|
|
cdf651 |
Content-Transfer-Encoding: 8bit
|
|
|
cdf651 |
|
|
|
cdf651 |
Related:
|
|
|
cdf651 |
https://pagure.io/SSSD/sssd/issue/3607
|
|
|
cdf651 |
|
|
|
cdf651 |
Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
|
|
|
cdf651 |
(cherry picked from commit 76ce965fc3abfdcf3a4a9518e57545ea060033d6)
|
|
|
cdf651 |
---
|
|
|
cdf651 |
src/tests/intg/test_ldap.py | 64 +++++++++++++++++++++++++++++++++++++
|
|
|
cdf651 |
1 file changed, 64 insertions(+)
|
|
|
cdf651 |
|
|
|
cdf651 |
diff --git a/src/tests/intg/test_ldap.py b/src/tests/intg/test_ldap.py
|
|
|
cdf651 |
index f71915a8086d395e9971a7c82e2744bdd7b931b6..d70ae39841f111fdf2d6c00c9acca8073725c5c5 100644
|
|
|
cdf651 |
--- a/src/tests/intg/test_ldap.py
|
|
|
cdf651 |
+++ b/src/tests/intg/test_ldap.py
|
|
|
cdf651 |
@@ -1736,3 +1736,67 @@ def test_local_negative_timeout_disabled(ldap_conn,
|
|
|
cdf651 |
assert res == NssReturnCode.SUCCESS
|
|
|
cdf651 |
|
|
|
cdf651 |
cleanup_ldap_entries(ldap_conn, ent_list)
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+@pytest.fixture
|
|
|
cdf651 |
+def users_with_email_setup(request, ldap_conn):
|
|
|
cdf651 |
+ ent_list = ldap_ent.List(ldap_conn.ds_inst.base_dn)
|
|
|
cdf651 |
+ ent_list.add_user("user1", 1001, 2001, mail="user1.email@LDAP")
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+ ent_list.add_user("emailuser", 1002, 2002)
|
|
|
cdf651 |
+ ent_list.add_user("emailuser2", 1003, 2003, mail="emailuser@LDAP")
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+ ent_list.add_user("userx", 1004, 2004, mail="userxy@LDAP")
|
|
|
cdf651 |
+ ent_list.add_user("usery", 1005, 2005, mail="userxy@LDAP")
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+ create_ldap_fixture(request, ldap_conn, ent_list)
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+ conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS)
|
|
|
cdf651 |
+ create_conf_fixture(request, conf)
|
|
|
cdf651 |
+ create_sssd_fixture(request)
|
|
|
cdf651 |
+ return None
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+def test_lookup_by_email(ldap_conn, users_with_email_setup):
|
|
|
cdf651 |
+ """
|
|
|
cdf651 |
+ Test the simple case of looking up a user by e-mail
|
|
|
cdf651 |
+ """
|
|
|
cdf651 |
+ ent.assert_passwd_by_name("user1.email@LDAP",
|
|
|
cdf651 |
+ dict(name="user1", uid=1001, gid=2001))
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+def test_conflicting_mail_addresses_and_fqdn(ldap_conn,
|
|
|
cdf651 |
+ users_with_email_setup):
|
|
|
cdf651 |
+ """
|
|
|
cdf651 |
+ Test that we handle the case where one user's mail address is the
|
|
|
cdf651 |
+ same as another user's FQDN
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+ This is a regression test for https://pagure.io/SSSD/sssd/issue/3607
|
|
|
cdf651 |
+ """
|
|
|
cdf651 |
+ # With #3607 unfixed, these two lookups would prime the cache with
|
|
|
cdf651 |
+ # nameAlias: emailuser@LDAP for both entries..
|
|
|
cdf651 |
+ ent.assert_passwd_by_name("emailuser@LDAP",
|
|
|
cdf651 |
+ dict(name="emailuser", uid=1002, gid=2002))
|
|
|
cdf651 |
+ ent.assert_passwd_by_name("emailuser2@LDAP",
|
|
|
cdf651 |
+ dict(name="emailuser2", uid=1003, gid=2003))
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+ # ..and subsequently, emailuser would not be returned because the cache
|
|
|
cdf651 |
+ # lookup would have had returned two entries which is an error
|
|
|
cdf651 |
+ ent.assert_passwd_by_name("emailuser@LDAP",
|
|
|
cdf651 |
+ dict(name="emailuser", uid=1002, gid=2002))
|
|
|
cdf651 |
+ ent.assert_passwd_by_name("emailuser2@LDAP",
|
|
|
cdf651 |
+ dict(name="emailuser2", uid=1003, gid=2003))
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+def test_conflicting_mail_addresses(ldap_conn,
|
|
|
cdf651 |
+ users_with_email_setup):
|
|
|
cdf651 |
+ """
|
|
|
cdf651 |
+ Negative test: looking up a user by e-mail which belongs to more than
|
|
|
cdf651 |
+ one account fails in the back end.
|
|
|
cdf651 |
+ """
|
|
|
cdf651 |
+ with pytest.raises(KeyError):
|
|
|
cdf651 |
+ pwd.getpwnam("userxy@LDAP")
|
|
|
cdf651 |
+
|
|
|
cdf651 |
+ # However resolving the users on their own must work
|
|
|
cdf651 |
+ ent.assert_passwd_by_name("userx", dict(name="userx", uid=1004, gid=2004))
|
|
|
cdf651 |
+ ent.assert_passwd_by_name("usery", dict(name="usery", uid=1005, gid=2005))
|
|
|
cdf651 |
--
|
|
|
cdf651 |
2.17.1
|
|
|
cdf651 |
|