URL: https://github.com/freeipa/freeipa/pull/4244
Author: amore17
Title: #4244: [Backport][ipa-4-7] ipatests: Test for ipa-extdom-extop plugin
should allow @ in group name.
Action: opened
PR body:
"""
This is manual back-port of : #4191
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/4244/head:pr4244
git checkout pr4244
From c31990459b266dc406ef727f528bc64de3d623c7 Mon Sep 17 00:00:00 2001
From: Anuja More <am...@redhat.com>
Date: Tue, 11 Feb 2020 13:34:57 +0530
Subject: [PATCH 1/2] Update topology for test_integration/test_sssd.py
Added changes in topology for test_sssd.py
As in test it needs client also.
Signed-off-by: Anuja More <am...@redhat.com>
---
ipatests/prci_definitions/nightly_ipa-4-7.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ipatests/prci_definitions/nightly_ipa-4-7.yaml b/ipatests/prci_definitions/nightly_ipa-4-7.yaml
index 578c44e713..64e1462e38 100644
--- a/ipatests/prci_definitions/nightly_ipa-4-7.yaml
+++ b/ipatests/prci_definitions/nightly_ipa-4-7.yaml
@@ -1287,7 +1287,7 @@ jobs:
test_suite: test_integration/test_sssd.py
template: *ci-master-f29
timeout: 4800
- topology: *ad_master
+ topology: *ad_master_2client
fedora-29/test_ca_custom_sdn:
requires: [fedora-29/build]
From 0baab3a8ac48b7eb8fe8815589a73298281a5897 Mon Sep 17 00:00:00 2001
From: Anuja More <am...@redhat.com>
Date: Mon, 3 Feb 2020 12:56:59 +0530
Subject: [PATCH 2/2] ipatests: Add test for ipa-extdom-extop plugin should
allow @ in group name
If group contains @ in group name on AD,
then it should fetch successfully on ipa-client.
Related to: https://bugzilla.redhat.com/1746951
Signed-off-by: Anuja More <am...@redhat.com>
---
ipatests/test_integration/test_sssd.py | 32 ++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
diff --git a/ipatests/test_integration/test_sssd.py b/ipatests/test_integration/test_sssd.py
index 4cfec0b43a..7495ed2eee 100644
--- a/ipatests/test_integration/test_sssd.py
+++ b/ipatests/test_integration/test_sssd.py
@@ -21,6 +21,7 @@ class TestSSSDWithAdTrust(IntegrationTest):
topology = 'star'
num_ad_domains = 1
+ num_clients = 1
users = {
'ipa': {
@@ -148,3 +149,34 @@ def test_is_user_filtered(self, user):
dp_req = ("Looking up [{0}] in data provider".format(
self.users[user]['name']))
assert not dp_req.encode() in sssd_log
+
+ def test_extdom_group(self):
+ """ipa-extdom-extop plugin should allow @ in group name.
+
+ Test for : https://bugzilla.redhat.com/show_bug.cgi?id=1746951
+
+ If group contains @ in group name from AD, eg. abc@pqr@AD.DOMAIN
+ then it should fetch successfully on ipa-client.
+ """
+ client = self.clients[0]
+ hosts = [self.master, client]
+ ad_group = 'group@group@{0}'.format(self.ad.domain.name)
+ expression = '((?P<name>.+)@(?P<domain>[^@]+$))'
+ master_conf_backup = tasks.FileBackup(self.master, paths.SSSD_CONF)
+ client_conf_backup = tasks.FileBackup(client, paths.SSSD_CONF)
+ for host in hosts:
+ with tasks.remote_ini_file(host, paths.SSSD_CONF) as sssd_conf:
+ sssd_conf.set('sssd', 're_expression', expression)
+ sssd_conf.set('sssd', 'use_fully_qualified_names', True)
+ tasks.clear_sssd_cache(host)
+ try:
+ cmd = ['getent', 'group', ad_group]
+ result = self.master.run_command(cmd)
+ assert ad_group in result.stdout_text
+ result2 = client.run_command(cmd)
+ assert ad_group in result2.stdout_text
+ finally:
+ master_conf_backup.restore()
+ client_conf_backup.restore()
+ tasks.clear_sssd_cache(self.master)
+ tasks.clear_sssd_cache(client)
_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
