Hi,

On 29.10.2012 10:44, Martin Kosek wrote:
ldap2 server plugin generates a modlist for every IPA command entry
modification. However, encoding of attributes entry_attrs generated
by our framework still does not  match entry read from LDAP (until
ticket #2265 is addressed), convert compared values to common ground
so that the comparison does not report false positives when encoding
do not match (e.g. 'int' and 'unicode').

https://fedorahosted.org/freeipa/ticket/3220


This doesn't work, unfortunately:

======================================================================
ERROR: test_attr[17]: user_mod: Unlock u'tuser1' using addattr&delattr
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/nose/case.py", line 197, in runTest
    self.test(*self.arg)
File "/home/jcholast/freeipa/tests/test_xmlrpc/xmlrpc_test.py", line 249, in <lambda>
    func = lambda: self.check(nice, **test)
File "/home/jcholast/freeipa/tests/test_xmlrpc/xmlrpc_test.py", line 266, in check
    self.check_output(nice, cmd, args, options, expected, extra_check)
File "/home/jcholast/freeipa/tests/test_xmlrpc/xmlrpc_test.py", line 303, in check_output
    got = api.Command[cmd](*args, **options)
  File "/home/jcholast/freeipa/ipalib/frontend.py", line 435, in __call__
    ret = self.run(*args, **options)
  File "/home/jcholast/freeipa/ipalib/frontend.py", line 748, in run
    return self.forward(*args, **options)
  File "/home/jcholast/freeipa/ipalib/frontend.py", line 769, in forward
    return self.Backend.xmlclient.forward(self.name, *args, **kw)
  File "/home/jcholast/freeipa/ipalib/rpc.py", line 545, in forward
    raise error(message=e.faultString)
AttrValueNotFound: nsaccountlock does not contain 'TRUE'

======================================================================
ERROR: Test disabling HBAC rule using setattr
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/nose/case.py", line 197, in runTest
    self.test(*self.arg)
File "/home/jcholast/freeipa/tests/test_xmlrpc/test_hbac_plugin.py", line 447, in test_ea_hbacrule_disable_setattr
    self.rule_name, setattr=u'ipaenabledflag=false')
  File "/home/jcholast/freeipa/ipalib/frontend.py", line 435, in __call__
    ret = self.run(*args, **options)
  File "/home/jcholast/freeipa/ipalib/frontend.py", line 748, in run
    return self.forward(*args, **options)
  File "/home/jcholast/freeipa/ipalib/frontend.py", line 769, in forward
    return self.Backend.xmlclient.forward(self.name, *args, **kw)
  File "/home/jcholast/freeipa/ipalib/rpc.py", line 545, in forward
    raise error(message=e.faultString)
InvalidSyntax: ipaEnabledFlag: value #0 invalid per syntax: Invalid syntax.

======================================================================
ERROR: Test enabling HBAC rule using setattr
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/nose/case.py", line 197, in runTest
    self.test(*self.arg)
File "/home/jcholast/freeipa/tests/test_xmlrpc/test_hbac_plugin.py", line 457, in test_eb_hbacrule_enable_setattr
    self.rule_name, setattr=u'ipaenabledflag=1')
  File "/home/jcholast/freeipa/ipalib/frontend.py", line 435, in __call__
    ret = self.run(*args, **options)
  File "/home/jcholast/freeipa/ipalib/frontend.py", line 748, in run
    return self.forward(*args, **options)
  File "/home/jcholast/freeipa/ipalib/frontend.py", line 769, in forward
    return self.Backend.xmlclient.forward(self.name, *args, **kw)
  File "/home/jcholast/freeipa/ipalib/rpc.py", line 545, in forward
    raise error(message=e.faultString)
InvalidSyntax: ipaEnabledFlag: value #0 invalid per syntax: Invalid syntax.

This is caused by:

+                    v = set(unicode(value)
+                        if not isinstance(value, (DN, str, unicode))
+                        else value for value in v)

You can't use "unicode(value)", as it does not properly encode boolean values. Use "unicode_from_utf8(self.conn.encode(value))" instead - this will encode the value to LDAP-formatted str and then convert it back to unicode.

Honza

--
Jan Cholasta

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to