On 04/25/2014 11:10 AM, Jan Cholasta wrote:
> On 22.4.2014 13:34, Tomas Babej wrote:
>> Updated, rebased patch attached.
>>
>
> This API.txt change belongs in the previous patch:
>
> +capability: datetime_values 2.84
>

Fixed, updated patch attached.

I also added several tests for the user plugin that cover the feature
(and related refactoring).

-- 
Tomas Babej
Associate Software Engineer | Red Hat | Identity Management
RHCE | Brno Site | IRC: tbabej | freeipa.org 

>From 3f31eb59310fe73663108f7c4fd931b24af35a75 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Thu, 9 Jan 2014 11:26:44 +0100
Subject: [PATCH] ipalib: Expose krbPrincipalExpiration in CLI

Adds a krbPrincipalExpiration attribute to the user class
in user.py ipalib plugin as a DateTime parameter.

Part of: https://fedorahosted.org/freeipa/ticket/3306
---
 API.txt                | 9 ++++++---
 VERSION                | 4 ++--
 ipalib/plugins/user.py | 9 +++++++--
 3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/API.txt b/API.txt
index eb8a61f645235610eba8dc6d3452a835a7af8b1a..e674dfebeb924cb16e9b7fdb0520365774ac50d9 100644
--- a/API.txt
+++ b/API.txt
@@ -3794,7 +3794,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: PrimaryKey('value', None, None)
 command: user_add
-args: 1,43,3
+args: 1,44,3
 arg: Str('uid', attribute=True, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', primary_key=True, required=True)
 option: Str('addattr*', cli_name='addattr', exclude='webui')
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
@@ -3814,6 +3814,7 @@ option: Str('ipasshpubkey', attribute=True, cli_name='sshpubkey', csv=True, mult
 option: Str('ipatokenradiusconfiglink', attribute=True, cli_name='radius', multivalue=False, required=False)
 option: Str('ipatokenradiususername', attribute=True, cli_name='radius_username', multivalue=False, required=False)
 option: StrEnum('ipauserauthtype', attribute=True, cli_name='user_auth_type', csv=True, multivalue=True, required=False, values=(u'password', u'radius', u'otp'))
+option: DateTime('krbprincipalexpiration', attribute=True, cli_name='principal_expiration', multivalue=False, required=False)
 option: Str('krbprincipalname', attribute=True, autofill=True, cli_name='principal', multivalue=False, required=False)
 option: Str('l', attribute=True, cli_name='city', multivalue=False, required=False)
 option: Str('loginshell', attribute=True, cli_name='shell', multivalue=False, required=False)
@@ -3865,7 +3866,7 @@ output: Output('result', <type 'bool'>, None)
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: PrimaryKey('value', None, None)
 command: user_find
-args: 1,53,4
+args: 1,54,4
 arg: Str('criteria?', noextrawhitespace=False)
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
 option: Str('carlicense', attribute=True, autofill=False, cli_name='carlicense', multivalue=True, query=True, required=False)
@@ -3888,6 +3889,7 @@ option: Str('initials', attribute=True, autofill=False, cli_name='initials', mul
 option: Str('ipatokenradiusconfiglink', attribute=True, autofill=False, cli_name='radius', multivalue=False, query=True, required=False)
 option: Str('ipatokenradiususername', attribute=True, autofill=False, cli_name='radius_username', multivalue=False, query=True, required=False)
 option: StrEnum('ipauserauthtype', attribute=True, autofill=False, cli_name='user_auth_type', csv=True, multivalue=True, query=True, required=False, values=(u'password', u'radius', u'otp'))
+option: DateTime('krbprincipalexpiration', attribute=True, autofill=False, cli_name='principal_expiration', multivalue=False, query=True, required=False)
 option: Str('krbprincipalname', attribute=True, autofill=False, cli_name='principal', multivalue=False, query=True, required=False)
 option: Str('l', attribute=True, autofill=False, cli_name='city', multivalue=False, query=True, required=False)
 option: Str('loginshell', attribute=True, autofill=False, cli_name='shell', multivalue=False, query=True, required=False)
@@ -3925,7 +3927,7 @@ output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: Output('truncated', <type 'bool'>, None)
 command: user_mod
-args: 1,44,3
+args: 1,45,3
 arg: Str('uid', attribute=True, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', primary_key=True, query=True, required=True)
 option: Str('addattr*', cli_name='addattr', exclude='webui')
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
@@ -3946,6 +3948,7 @@ option: Str('ipasshpubkey', attribute=True, autofill=False, cli_name='sshpubkey'
 option: Str('ipatokenradiusconfiglink', attribute=True, autofill=False, cli_name='radius', multivalue=False, required=False)
 option: Str('ipatokenradiususername', attribute=True, autofill=False, cli_name='radius_username', multivalue=False, required=False)
 option: StrEnum('ipauserauthtype', attribute=True, autofill=False, cli_name='user_auth_type', csv=True, multivalue=True, required=False, values=(u'password', u'radius', u'otp'))
+option: DateTime('krbprincipalexpiration', attribute=True, autofill=False, cli_name='principal_expiration', multivalue=False, required=False)
 option: Str('l', attribute=True, autofill=False, cli_name='city', multivalue=False, required=False)
 option: Str('loginshell', attribute=True, autofill=False, cli_name='shell', multivalue=False, required=False)
 option: Str('mail', attribute=True, autofill=False, cli_name='email', multivalue=True, required=False)
diff --git a/VERSION b/VERSION
index 32bddcf9dd0640e8b2710831fced0d6c1c3f23d8..9a47a23a287faf25f973c8b3f0706d23f4cd8504 100644
--- a/VERSION
+++ b/VERSION
@@ -89,5 +89,5 @@ IPA_DATA_VERSION=20100614120000
 #                                                      #
 ########################################################
 IPA_API_VERSION_MAJOR=2
-IPA_API_VERSION_MINOR=84
-# Last change: tbabej - added datetime value support
+IPA_API_VERSION_MINOR=85
+# Last change: tbabej - expose krbPrincipalExpiration
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
index 166955933b2fd8b1cd1cddd5e4d48f4c97b2d7cd..d9c7c6c858aa0a4927efc01fb41b535b7bb04ba2 100644
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@@ -24,7 +24,7 @@ import posixpath
 import os
 
 from ipalib import api, errors
-from ipalib import Flag, Int, Password, Str, Bool, StrEnum
+from ipalib import Flag, Int, Password, Str, Bool, StrEnum, DateTime
 from ipalib.plugins.baseldap import *
 from ipalib.plugins import baseldap
 from ipalib.request import context
@@ -216,7 +216,8 @@ class user(LDAPObject):
         'uidnumber', 'gidnumber', 'mail', 'ou',
         'telephonenumber', 'title', 'memberof', 'nsaccountlock',
         'memberofindirect', 'ipauserauthtype', 'userclass',
-        'ipatokenradiusconfiglink', 'ipatokenradiususername'
+        'ipatokenradiusconfiglink', 'ipatokenradiususername',
+        'krbprincipalexpiration'
     ]
     search_display_attributes = [
         'uid', 'givenname', 'sn', 'homedirectory', 'loginshell',
@@ -291,6 +292,10 @@ class user(LDAPObject):
             flags=['no_update'],
             normalizer=lambda value: normalize_principal(value),
         ),
+        DateTime('krbprincipalexpiration?',
+            cli_name='principal_expiration',
+            label=_('Kerberos principal expiration'),
+        ),
         Str('mail*',
             cli_name='email',
             label=_('Email address'),
-- 
1.8.5.3


>From 02c6d0b82852befd39f434cb81aab9e8d0d891a1 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Tue, 29 Apr 2014 17:04:29 +0200
Subject: [PATCH] ipatests: Add coverage for setting krbPrincipalExpiration

Part of: https://fedorahosted.org/freeipa/ticket/3306
---
 ipatests/test_xmlrpc/test_user_plugin.py | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/ipatests/test_xmlrpc/test_user_plugin.py b/ipatests/test_xmlrpc/test_user_plugin.py
index c4ae123f95f1b35615adb103fb15cead7025d76e..49554134132be1c024da66e8fa308203f2edb49a 100644
--- a/ipatests/test_xmlrpc/test_user_plugin.py
+++ b/ipatests/test_xmlrpc/test_user_plugin.py
@@ -23,6 +23,7 @@
 Test the `ipalib/plugins/user.py` module.
 """
 
+import datetime
 import re
 
 from ipalib import api, errors
@@ -63,6 +64,11 @@ invalidlanguage3 = u'en-us;q=0.1234'
 invalidlanguage4 = u'en-us;q=1.1'
 invalidlanguage5 = u'en-us;q=1.0000'
 
+principal_expiration_string = "2020-12-07T19:54:13Z"
+principal_expiration_date = datetime.datetime(2020, 12, 7, 19, 54, 13)
+
+invalid_expiration_string = "2020-12-07 19:54:13"
+expired_expiration_string = "1991-12-07T19:54:13Z"
 
 # Date in ISO format (2013-12-10T12:00:00)
 isodate_re = re.compile('^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z$')
@@ -1551,4 +1557,28 @@ class test_user(Declarative):
             ),
         ),
 
+        dict(
+            desc='Set principal expiration "%s"' % principal_expiration_string,
+            command=('user_mod', [user1],
+                     dict(krbprincipalexpiration=principal_expiration_string)),
+            expected=dict(
+                result=get_user_result(user1, u'Test', u'User1', 'mod',
+                    krbprincipalexpiration=[principal_expiration_date],
+                ),
+                value=user1,
+                summary='Modified user "%s"' % user1,
+            ),
+        ),
+
+        dict(
+            desc='Set principal expiration "%s"' % invalid_expiration_string,
+            command=('user_mod', [user1],
+                     dict(krbprincipalexpiration=invalid_expiration_string)),
+            expected=errors.ConversionError(name='principal_expiration',
+                error=(u'does not match any of accepted formats: '
+                        '%Y%m%d%H%M%SZ, %Y-%m-%dT%H:%M:%SZ, %Y-%m-%dT%H:%MZ, '
+                        '%Y-%m-%dZ, %Y-%m-%d %H:%M:%SZ, %Y-%m-%d %H:%MZ')
+            ),
+        ),
+
     ]
-- 
1.8.5.3


>From 19b0869027cb0b243cadff5044d98dca015db1b7 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Tue, 29 Apr 2014 17:02:34 +0200
Subject: [PATCH] ipatests: Fix formatting errors in test_user_plugin.py

---
 ipatests/test_xmlrpc/test_user_plugin.py | 245 +++++++++++++++----------------
 1 file changed, 117 insertions(+), 128 deletions(-)

diff --git a/ipatests/test_xmlrpc/test_user_plugin.py b/ipatests/test_xmlrpc/test_user_plugin.py
index edeebc96539e3058cc47d7fd90f5aa4104142802..c4ae123f95f1b35615adb103fb15cead7025d76e 100644
--- a/ipatests/test_xmlrpc/test_user_plugin.py
+++ b/ipatests/test_xmlrpc/test_user_plugin.py
@@ -33,28 +33,36 @@ from xmlrpc_test import (Declarative, fuzzy_digits, fuzzy_uuid, fuzzy_password,
                          add_oc)
 from ipapython.dn import DN
 
-user1=u'tuser1'
-user2=u'tuser2'
-admin1=u'admin'
-admin2=u'admin2'
-renameduser1=u'tuser'
-group1=u'group1'
-admins_group=u'admins'
+user1 = u'tuser1'
+user2 = u'tuser2'
+admin1 = u'admin'
+admin2 = u'admin2'
+renameduser1 = u'tuser'
+group1 = u'group1'
+admins_group = u'admins'
 
-invaliduser1=u'+tuser1'
-invaliduser2=u'tuser1234567890123456789012345678901234567890'
+invaliduser1 = u'+tuser1'
+invaliduser2 = u'tuser1234567890123456789012345678901234567890'
 
-sshpubkey = u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGAX3xAeLeaJggwTqMjxNwa6XHBUAikXPGMzEpVrlLDCZtv00djsFTBi38PkgxBJVkgRWMrcBsr/35lq7P6w8KGIwA8GI48Z0qBS2NBMJ2u9WQ2hjLN6GdMlo77O0uJY3251p12pCVIS/bHRSq8kHO2No8g7KA9fGGcagPfQH+ee3t7HUkpbQkFTmbPPN++r3V8oVUk5LxbryB3UIIVzNmcSIn3JrXynlvui4MixvrtX6zx+O/bBo68o8/eZD26QrahVbA09fivrn/4h3TM019Eu/c2jOdckfU3cHUV/3Tno5d6JicibyaoDDK7S/yjdn5jhaz8MSEayQvFkZkiF0L public key test'
-sshpubkeyfp = u'13:67:6B:BF:4E:A2:05:8E:AE:25:8B:A1:31:DE:6F:1B public key test (ssh-rsa)'
+sshpubkey = (u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGAX3xAeLeaJggwTqMjxNwa6X'
+              'HBUAikXPGMzEpVrlLDCZtv00djsFTBi38PkgxBJVkgRWMrcBsr/35lq7P6w8KGI'
+              'wA8GI48Z0qBS2NBMJ2u9WQ2hjLN6GdMlo77O0uJY3251p12pCVIS/bHRSq8kHO2'
+              'No8g7KA9fGGcagPfQH+ee3t7HUkpbQkFTmbPPN++r3V8oVUk5LxbryB3UIIVzNm'
+              'cSIn3JrXynlvui4MixvrtX6zx+O/bBo68o8/eZD26QrahVbA09fivrn/4h3TM01'
+              '9Eu/c2jOdckfU3cHUV/3Tno5d6JicibyaoDDK7S/yjdn5jhaz8MSEayQvFkZkiF'
+              '0L public key test')
+sshpubkeyfp = (u'13:67:6B:BF:4E:A2:05:8E:AE:25:8B:A1:31:DE:6F:1B '
+                'public key test (ssh-rsa)')
 
-validlanguage1=u'en-US;q=0.987 , en, abcdfgh-abcdefgh;q=1        , a;q=1.000'
-validlanguage2=u'*'
+validlanguage1 = u'en-US;q=0.987 , en, abcdfgh-abcdefgh;q=1        , a;q=1.000'
+validlanguage2 = u'*'
+
+invalidlanguage1 = u'abcdfghji-abcdfghji'
+invalidlanguage2 = u'en-us;q=0,123'
+invalidlanguage3 = u'en-us;q=0.1234'
+invalidlanguage4 = u'en-us;q=1.1'
+invalidlanguage5 = u'en-us;q=1.0000'
 
-invalidlanguage1=u'abcdfghji-abcdfghji'
-invalidlanguage2=u'en-us;q=0,123'
-invalidlanguage3=u'en-us;q=0.1234'
-invalidlanguage4=u'en-us;q=1.1'
-invalidlanguage5=u'en-us;q=1.0000'
 
 # Date in ISO format (2013-12-10T12:00:00)
 isodate_re = re.compile('^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z$')
@@ -137,21 +145,27 @@ def get_admin_result(operation='show', **overrides):
     return result
 
 
-
 def get_user_dn(uid):
     return DN(('uid', uid), api.env.container_user, api.env.basedn)
 
+
 def get_group_dn(cn):
     return DN(('cn', cn), api.env.container_group, api.env.basedn)
 
+
 def upg_check(response):
     """Check that the user was assigned to the corresponding private group."""
     assert_equal(response['result']['uidnumber'],
                  response['result']['gidnumber'])
     return True
 
+
 def not_upg_check(response):
-    """Check that the user was not assigned to the corresponding private group."""
+    """
+    Check that the user was not assigned to the corresponding
+    private group.
+    """
+
     assert_not_equal(response['result']['uidnumber'],
                      response['result']['gidnumber'])
     return True
@@ -190,7 +204,8 @@ class test_user(Declarative):
 
         dict(
             desc='Try to rename non-existent "%s"' % user1,
-            command=('user_mod', [user1], dict(setattr=u'uid=%s' % renameduser1)),
+            command=('user_mod', [user1],
+                     dict(setattr=u'uid=%s' % renameduser1)),
             expected=errors.NotFound(reason=u'%s: user not found' % user1),
         ),
 
@@ -377,7 +392,7 @@ class test_user(Declarative):
         ),
 
         dict(
-            desc='Enable "%s"'  % user1,
+            desc='Enable "%s"' % user1,
             command=(
                 'user_enable', [user1], {}
             ),
@@ -485,7 +500,8 @@ class test_user(Declarative):
 
         dict(
             desc='Rename "%s"' % user1,
-            command=('user_mod', [user1], dict(setattr=u'uid=%s' % renameduser1)),
+            command=('user_mod', [user1],
+                     dict(setattr=u'uid=%s' % renameduser1)),
             expected=dict(
                 result=get_user_result(
                     renameduser1, u'Finkle', u'User1', 'mod',
@@ -499,14 +515,16 @@ class test_user(Declarative):
 
         dict(
             desc='Rename "%s" to same value' % renameduser1,
-            command=('user_mod', [renameduser1], dict(setattr=u'uid=%s' % renameduser1)),
+            command=('user_mod', [renameduser1],
+                     dict(setattr=u'uid=%s' % renameduser1)),
             expected=errors.EmptyModlist(),
         ),
 
 
         dict(
             desc='Rename back "%s"' % renameduser1,
-            command=('user_mod', [renameduser1], dict(setattr=u'uid=%s' % user1)),
+            command=('user_mod', [renameduser1],
+                     dict(setattr=u'uid=%s' % user1)),
             expected=dict(
                 result=get_user_result(user1, u'Finkle', u'User1', 'mod'),
                 summary=u'Modified user "%s"' % renameduser1,
@@ -539,14 +557,16 @@ class test_user(Declarative):
                 'user_add', [user1], dict(givenname=u'Test', sn=u'User1',
                 setattr=u'krbmaxticketlife=88000')
             ),
-            expected=errors.ObjectclassViolation(info='attribute "krbmaxticketlife" not allowed'),
+            expected=errors.ObjectclassViolation(
+                info='attribute "krbmaxticketlife" not allowed'),
         ),
 
 
         dict(
             desc='Create "%s" with SSH public key' % user1,
             command=(
-                'user_add', [user1], dict(givenname=u'Test', sn=u'User1', ipasshpubkey=[sshpubkey])
+                'user_add', [user1], dict(givenname=u'Test', sn=u'User1',
+                                          ipasshpubkey=[sshpubkey])
             ),
             expected=dict(
                 value=user1,
@@ -564,7 +584,9 @@ class test_user(Declarative):
 
         dict(
             desc='Add an illegal SSH public key to "%r"' % user1,
-            command=('user_mod', [user1], dict(ipasshpubkey=[u"anal nathrach orth' bhais's bethad do che'l de'nmha"])),
+            command=('user_mod', [user1],
+                     dict(ipasshpubkey=[u"anal nathrach orth' bhais's bethad "
+                                         "do che'l de'nmha"])),
             expected=errors.ValidationError(name='sshpubkey',
                 error=u'invalid SSH public key'),
         ),
@@ -610,7 +632,8 @@ class test_user(Declarative):
 
 
         dict(
-            desc='Make non-existent "%s" the manager of "%s"' % (renameduser1, user2),
+            desc='Make non-existent "%s" the manager of "%s"' % (renameduser1,
+                                                                 user2),
             command=('user_mod', [user2], dict(manager=renameduser1)),
             expected=errors.NotFound(
                 reason=u'manager %s not found' % renameduser1),
@@ -668,7 +691,8 @@ class test_user(Declarative):
 
         dict(
             desc='Test an invalid login name "%s"' % invaliduser1,
-            command=('user_add', [invaliduser1], dict(givenname=u'Test', sn=u'User1')),
+            command=('user_add', [invaliduser1], dict(givenname=u'Test',
+                                                      sn=u'User1')),
             expected=errors.ValidationError(name='login',
                 error=u'may only include letters, numbers, _, -, . and $'),
         ),
@@ -791,7 +815,8 @@ class test_user(Declarative):
         dict(
             desc='Create "%s" with random password' % user1,
             command=(
-                'user_add', [user1], dict(givenname=u'Test', sn=u'User1', random=True)
+                'user_add', [user1], dict(givenname=u'Test', sn=u'User1',
+                                          random=True)
             ),
             expected=dict(
                 value=user1,
@@ -885,7 +910,8 @@ class test_user(Declarative):
                 'user_add', [user1], dict(givenname=u'Test', sn=u'User1',
                 krbprincipalname='%s@b...@notfound.org' % user1)
             ),
-            expected=errors.MalformedUserPrincipal(principal='%s@b...@notfound.org' % user1),
+            expected=errors.MalformedUserPrincipal(
+                principal='%s@b...@notfound.org' % user1),
         ),
 
         dict(
@@ -907,7 +933,8 @@ class test_user(Declarative):
         ),
 
         dict(
-            desc='Create user "%s" with different default home directory' % user1,
+            desc=('Create user "%s" with different default '
+                  'home directory' % user1),
             command=(
                 'user_add', [user1], dict(givenname=u'Test', sn=u'User1')
             ),
@@ -941,7 +968,8 @@ class test_user(Declarative):
         dict(
             desc='Change default login shell',
             command=(
-                'config_mod', [], dict(ipadefaultloginshell=u'/usr/bin/ipython'),
+                'config_mod', [],
+                dict(ipadefaultloginshell=u'/usr/bin/ipython'),
             ),
             expected=lambda x, output: x is None,
         ),
@@ -980,15 +1008,18 @@ class test_user(Declarative):
         dict(
             desc='Create "%s" without UPG' % user1,
             command=(
-                'user_add', [user1], dict(givenname=u'Test', sn=u'User1', noprivate=True)
+                'user_add', [user1], dict(givenname=u'Test', sn=u'User1',
+                                          noprivate=True)
             ),
-            expected=errors.NotFound(reason='Default group for new users is not POSIX'),
+            expected=errors.NotFound(
+                reason='Default group for new users is not POSIX'),
         ),
 
         dict(
             desc='Create "%s" without UPG with GID explicitly set' % user2,
             command=(
-                'user_add', [user2], dict(givenname=u'Test', sn=u'User2', noprivate=True, gidnumber=1000)
+                'user_add', [user2], dict(givenname=u'Test', sn=u'User2',
+                                          noprivate=True, gidnumber=1000)
             ),
             expected=dict(
                 value=user2,
@@ -1025,7 +1056,8 @@ class test_user(Declarative):
         dict(
             desc='Create "%s" without UPG' % user1,
             command=(
-                'user_add', [user1], dict(givenname=u'Test', sn=u'User1', noprivate=True)
+                'user_add', [user1], dict(givenname=u'Test', sn=u'User1',
+                                          noprivate=True)
             ),
             expected=dict(
                 value=user1,
@@ -1045,7 +1077,8 @@ class test_user(Declarative):
         dict(
             desc='Create "%s" without UPG with GID explicitly set' % user2,
             command=(
-                'user_add', [user2], dict(givenname=u'Test', sn=u'User2', noprivate=True, gidnumber=1000)
+                'user_add', [user2], dict(givenname=u'Test', sn=u'User2',
+                                          noprivate=True, gidnumber=1000)
             ),
             expected=dict(
                 value=user2,
@@ -1199,7 +1232,8 @@ class test_user(Declarative):
 
 
         dict(
-            desc='Retrieve admins group "%s" to verify membership is "%s","%s"' % (admins_group, admin1, admin2),
+            desc=('Retrieve admins group "%s" to verify membership is '
+                  '"%s","%s"' % (admins_group, admin1, admin2)),
             command=('group_show', [admins_group], {}),
             expected=dict(
                 value=admins_group,
@@ -1215,7 +1249,8 @@ class test_user(Declarative):
         ),
 
         dict(
-            desc='Disable 2nd admin user "%s", admins group "%s" should also contain enabled "%s"' % (admin2, admins_group, admin1),
+            desc=('Disable 2nd admin user "%s", admins group "%s" should also '
+                  'contain enabled "%s"' % (admin2, admins_group, admin1)),
             command=(
                 'user_disable', [admin2], {}
             ),
@@ -1230,7 +1265,7 @@ class test_user(Declarative):
             desc='Assert 2nd admin user "%s" is disabled' % admin2,
             command=('user_find', [admin2], {}),
             expected=dict(
-                result=[lambda d: d['nsaccountlock'] == True],
+                result=[lambda d: d['nsaccountlock'] is True],
                 summary=u'1 user matched',
                 count=1,
                 truncated=False,
@@ -1262,7 +1297,8 @@ class test_user(Declarative):
         ),
 
         dict(
-            desc='Retrieve admins group "%s" to verify membership is "%s"' % (admins_group, admin1),
+            desc=('Retrieve admins group "%s" to verify membership is "%s"'
+                  % (admins_group, admin1)),
             command=('group_show', [admins_group], {}),
             expected=dict(
                 value=admins_group,
@@ -1281,7 +1317,7 @@ class test_user(Declarative):
             desc='Assert original admin user "%s" is enabled' % admin1,
             command=('user_find', [admin1], {}),
             expected=dict(
-                result=[lambda d: d['nsaccountlock'] == False],
+                result=[lambda d: d['nsaccountlock'] is False],
                 summary=u'1 user matched',
                 count=1,
                 truncated=False,
@@ -1313,7 +1349,10 @@ class test_user(Declarative):
             expected=dict(
                 result=dict(
                     cn=[u'Group'],
-                    automemberdefaultgroup=[DN(('cn', 'ipausers'), ('cn', 'groups'), ('cn', 'accounts'), api.env.basedn)],
+                    automemberdefaultgroup=[DN(('cn', 'ipausers'),
+                                               ('cn', 'groups'),
+                                               ('cn', 'accounts'),
+                                               api.env.basedn)],
                 ),
                 value=u'group',
                 summary=u'Set default (fallback) group for automember "group"',
@@ -1391,20 +1430,8 @@ class test_user(Declarative):
             desc='Set ipauserauthtype for "%s"' % user1,
             command=('user_mod', [user1], dict(ipauserauthtype=u'password')),
             expected=dict(
-                result=dict(
-                    givenname=[u'Test'],
-                    homedirectory=[u'/home/tuser1'],
-                    loginshell=[u'/bin/sh'],
-                    sn=[u'User1'],
-                    uid=[user1],
-                    uidnumber=[fuzzy_digits],
-                    gidnumber=[fuzzy_digits],
-                    mail=[u'%s@%s' % (user1, api.env.domain)],
-                    memberof_group=[u'ipausers'],
-                    nsaccountlock=False,
-                    has_keytab=False,
-                    has_password=False,
-                    ipauserauthtype=[u'password'],
+                result=get_user_result(user1, u'Test', u'User1', 'mod',
+                                       ipauserauthtype=[u'password'],
                 ),
                 value=user1,
                 summary='Modified user "%s"' % user1,
@@ -1415,21 +1442,8 @@ class test_user(Declarative):
             desc='Retrieve "%s" to verify ipauserauthtype' % user1,
             command=('user_show', [user1], {}),
             expected=dict(
-                result=dict(
-                    dn=get_user_dn(user1),
-                    givenname=[u'Test'],
-                    homedirectory=[u'/home/tuser1'],
-                    loginshell=[u'/bin/sh'],
-                    sn=[u'User1'],
-                    uid=[user1],
-                    uidnumber=[fuzzy_digits],
-                    gidnumber=[fuzzy_digits],
-                    mail=[u'%s@%s' % (user1, api.env.domain)],
-                    memberof_group=[u'ipausers'],
-                    nsaccountlock=False,
-                    has_keytab=False,
-                    has_password=False,
-                    ipauserauthtype=[u'password'],
+                result=get_user_result(user1, u'Test', u'User1', 'show',
+                                       ipauserauthtype=[u'password'],
                 ),
                 value=user1,
                 summary=None,
@@ -1440,20 +1454,7 @@ class test_user(Declarative):
             desc='Unset ipauserauthtype for "%s"' % user1,
             command=('user_mod', [user1], dict(ipauserauthtype=None)),
             expected=dict(
-                result=dict(
-                    givenname=[u'Test'],
-                    homedirectory=[u'/home/tuser1'],
-                    loginshell=[u'/bin/sh'],
-                    sn=[u'User1'],
-                    uid=[user1],
-                    uidnumber=[fuzzy_digits],
-                    gidnumber=[fuzzy_digits],
-                    mail=[u'%s@%s' % (user1, api.env.domain)],
-                    memberof_group=[u'ipausers'],
-                    nsaccountlock=False,
-                    has_keytab=False,
-                    has_password=False,
-                ),
+                result=get_user_result(user1, u'Test', u'User1', 'mod'),
                 value=user1,
                 summary='Modified user "%s"' % user1,
             ),
@@ -1481,57 +1482,56 @@ class test_user(Declarative):
 
         dict(
             desc='Test an invalid preferredlanguage "%s"' % invalidlanguage1,
-            command=('user_mod', [user1], dict(preferredlanguage=invalidlanguage1)),
+            command=('user_mod', [user1],
+                     dict(preferredlanguage=invalidlanguage1)),
             expected=errors.ValidationError(name='preferredlanguage',
-                error=u'must match RFC 2068 - 14.4, e.g., "da, en-gb;q=0.8, en;q=0.7"'),
+                error=(u'must match RFC 2068 - 14.4, e.g., '
+                        '"da, en-gb;q=0.8, en;q=0.7"')),
         ),
 
         dict(
             desc='Test an invalid preferredlanguage "%s"' % invalidlanguage2,
-            command=('user_mod', [user1], dict(preferredlanguage=invalidlanguage2)),
+            command=('user_mod', [user1],
+                     dict(preferredlanguage=invalidlanguage2)),
             expected=errors.ValidationError(name='preferredlanguage',
-                error=u'must match RFC 2068 - 14.4, e.g., "da, en-gb;q=0.8, en;q=0.7"'),
+                error=(u'must match RFC 2068 - 14.4, e.g., '
+                        '"da, en-gb;q=0.8, en;q=0.7"')),
         ),
 
         dict(
             desc='Test an invalid preferredlanguage "%s"' % invalidlanguage3,
-            command=('user_mod', [user1], dict(preferredlanguage=invalidlanguage3)),
+            command=('user_mod', [user1],
+                     dict(preferredlanguage=invalidlanguage3)),
             expected=errors.ValidationError(name='preferredlanguage',
-                error=u'must match RFC 2068 - 14.4, e.g., "da, en-gb;q=0.8, en;q=0.7"'),
+                error=(u'must match RFC 2068 - 14.4, e.g., '
+                        '"da, en-gb;q=0.8, en;q=0.7"')),
         ),
 
         dict(
             desc='Test an invalid preferredlanguage "%s"' % invalidlanguage4,
-            command=('user_mod', [user1], dict(preferredlanguage=invalidlanguage4)),
+            command=('user_mod', [user1],
+                     dict(preferredlanguage=invalidlanguage4)),
             expected=errors.ValidationError(name='preferredlanguage',
-                error=u'must match RFC 2068 - 14.4, e.g., "da, en-gb;q=0.8, en;q=0.7"'),
+                error=(u'must match RFC 2068 - 14.4, e.g., '
+                        '"da, en-gb;q=0.8, en;q=0.7"')),
         ),
 
         dict(
             desc='Test an invalid preferredlanguage "%s"' % invalidlanguage5,
-            command=('user_mod', [user1], dict(preferredlanguage=invalidlanguage5)),
+            command=('user_mod', [user1],
+                     dict(preferredlanguage=invalidlanguage5)),
             expected=errors.ValidationError(name='preferredlanguage',
-                error=u'must match RFC 2068 - 14.4, e.g., "da, en-gb;q=0.8, en;q=0.7"'),
+                error=(u'must match RFC 2068 - 14.4, e.g., '
+                        '"da, en-gb;q=0.8, en;q=0.7"')),
         ),
 
         dict(
             desc='Set preferredlanguage "%s"' % validlanguage1,
-            command=('user_mod', [user1], dict(preferredlanguage=validlanguage1)),
+            command=('user_mod', [user1],
+                     dict(preferredlanguage=validlanguage1)),
             expected=dict(
-                result=dict(
-                    givenname=[u'Test'],
-                    homedirectory=[u'/home/tuser1'],
-                    loginshell=[u'/bin/sh'],
-                    sn=[u'User1'],
-                    uid=[user1],
-                    uidnumber=[fuzzy_digits],
-                    gidnumber=[fuzzy_digits],
-                    mail=[u'%s@%s' % (user1, api.env.domain)],
-                    memberof_group=[u'ipausers'],
-                    nsaccountlock=False,
-                    has_keytab=False,
-                    has_password=False,
-                    preferredlanguage=[validlanguage1],
+                result=get_user_result(user1, u'Test', u'User1', 'mod',
+                                       preferredlanguage=[validlanguage1],
                 ),
                 value=user1,
                 summary='Modified user "%s"' % user1,
@@ -1540,22 +1540,11 @@ class test_user(Declarative):
 
         dict(
             desc='Set preferredlanguage "%s"' % validlanguage2,
-            command=('user_mod', [user1], dict(preferredlanguage=validlanguage2)),
+            command=('user_mod', [user1],
+                     dict(preferredlanguage=validlanguage2)),
             expected=dict(
-                result=dict(
-                    givenname=[u'Test'],
-                    homedirectory=[u'/home/tuser1'],
-                    loginshell=[u'/bin/sh'],
-                    sn=[u'User1'],
-                    uid=[user1],
-                    uidnumber=[fuzzy_digits],
-                    gidnumber=[fuzzy_digits],
-                    mail=[u'%s@%s' % (user1, api.env.domain)],
-                    memberof_group=[u'ipausers'],
-                    nsaccountlock=False,
-                    has_keytab=False,
-                    has_password=False,
-                    preferredlanguage=[validlanguage2],
+                result=get_user_result(user1, u'Test', u'User1', 'mod',
+                                       preferredlanguage=[validlanguage2],
                 ),
                 value=user1,
                 summary='Modified user "%s"' % user1,
-- 
1.8.5.3


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to