https://fedorahosted.org/freeipa/ticket/4750
Patches need rebase and minor pytest modification to apply on master, I will do that after review.
Patches for ipa-4-1 attached. -- Martin Basti
From 74c21768cbf33b14e099cc2cdad39fb67ba7fca8 Mon Sep 17 00:00:00 2001 From: Martin Basti <mba...@redhat.com> Date: Fri, 5 Dec 2014 16:12:54 +0100 Subject: [PATCH 1/2] DNS tests: separate current forward zone tests Ticket: https://fedorahosted.org/freeipa/ticket/4750 --- ipatests/test_xmlrpc/test_dns_plugin.py | 748 ++++++++++++++++++-------------- 1 file changed, 432 insertions(+), 316 deletions(-) diff --git a/ipatests/test_xmlrpc/test_dns_plugin.py b/ipatests/test_xmlrpc/test_dns_plugin.py index fb53853147ecf663cf7015867131445f32364cfb..422f7ebd17e84488783ab13d31c7d6fc63a485c8 100644 --- a/ipatests/test_xmlrpc/test_dns_plugin.py +++ b/ipatests/test_xmlrpc/test_dns_plugin.py @@ -290,6 +290,21 @@ zone_findtest_forward_dn = DN(('idnsname', zone_findtest_forward), api.env.conta zone_fw_wildcard = u'*.wildcardforwardzone.test.' +zone_root = u'.' +zone_root_dnsname = DNSName(zone_root) +zone_root_ip = u'172.16.29.222' +zone_root_dn = DN(('idnsname', zone_root), + api.env.container_dns, api.env.basedn) +zone_root_ns = u'ns' +zone_root_ns_dnsname = DNSName(zone_root_ns) +zone_root_ns_dn = DN(('idnsname', zone_root_ns), zone_root_dn) +zone_root_rname = u'root.example.com.' +zone_root_rname_dnsname = DNSName(zone_root_rname) +zone_root_permission = u'Manage DNS zone %s' % zone_root +zone_root_permission_dn = DN(('cn', zone_root_permission), + api.env.container_permission, api.env.basedn) + + def _get_nameservers_ldap(conn): base_dn = DN(('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), api.env.basedn) ldap_filter = '(&(objectClass=ipaConfigObject)(cn=DNS))' @@ -359,17 +374,13 @@ class test_dns(Declarative): cleanup_commands = [ ('dnszone_del', [zone1, zone2, zone3, zone4, zone5, revzone1, revzone2, revzone3_classless1, revzone3_classless2, - idnzone1, revidnzone1, zone_findtest_master], - {'continue': True}), - ('dnsforwardzone_del', [fwzone1, zone_findtest_forward, - zone_fw_wildcard], + idnzone1, revidnzone1], {'continue': True}), ('dnsconfig_mod', [], {'idnsforwarders' : None, 'idnsforwardpolicy' : None, 'idnsallowsyncptr' : None, }), ('permission_del', [zone1_permission, idnzone1_permission, - fwzone1_permission, revzone3_classless2_permission], {'force': True} ), ] @@ -2841,6 +2852,280 @@ class test_dns(Declarative): dict( + desc='Disable zone %r' % zone1, + command=('dnszone_disable', [zone1], {}), + expected={ + 'value': zone1_absolute_dnsname, + 'summary': u'Disabled DNS zone "%s"' % zone1_absolute, + 'result': True, + }, + ), + + + dict( + desc='Check if zone %r is really disabled' % zone1, + command=('dnszone_show', [zone1], {}), + expected={ + 'value': zone1_absolute_dnsname, + 'summary': None, + 'result': { + 'dn': zone1_dn, + 'idnsname': [zone1_absolute_dnsname], + 'idnszoneactive': [u'FALSE'], + 'nsrecord': nameservers, + 'idnssoamname': [self_server_ns_dnsname], + 'idnssoarname': [zone1_rname_dnsname], + 'idnssoaserial': [fuzzy_digits], + 'idnssoarefresh': [fuzzy_digits], + 'idnssoaretry': [fuzzy_digits], + 'idnssoaexpire': [fuzzy_digits], + 'idnssoaminimum': [fuzzy_digits], + 'idnsallowtransfer': [u'172.16.31.80;'], + 'idnsallowquery': [u'!192.0.2.0/24;any;'], + 'mxrecord': [u'0 ns1.dnszone.test.'], + 'locrecord': [u"49 11 42.400 N 16 36 29.600 E 227.64 10.00 10.00 0.10"], + }, + }, + ), + + + dict( + desc='Enable zone %r' % zone1, + command=('dnszone_enable', [zone1], {}), + expected={ + 'value': zone1_absolute_dnsname, + 'summary': u'Enabled DNS zone "%s"' % zone1_absolute, + 'result': True, + }, + ), + + + dict( + desc='Check if zone %r is really enabled' % zone1, + command=('dnszone_show', [zone1_absolute], {}), + expected={ + 'value': zone1_absolute_dnsname, + 'summary': None, + 'result': { + 'dn': zone1_dn, + 'idnsname': [zone1_absolute_dnsname], + 'idnszoneactive': [u'TRUE'], + 'nsrecord': nameservers, + 'idnssoamname': [self_server_ns_dnsname], + 'idnssoarname': [zone1_rname_dnsname], + 'idnssoaserial': [fuzzy_digits], + 'idnssoarefresh': [fuzzy_digits], + 'idnssoaretry': [fuzzy_digits], + 'idnssoaexpire': [fuzzy_digits], + 'idnssoaminimum': [fuzzy_digits], + 'idnsallowtransfer': [u'172.16.31.80;'], + 'idnsallowquery': [u'!192.0.2.0/24;any;'], + 'mxrecord': [u'0 ns1.dnszone.test.'], + 'locrecord': [u"49 11 42.400 N 16 36 29.600 E 227.64 10.00 10.00 0.10"], + }, + }, + ), + + dict( + desc='Disable zone %r' % idnzone1, + command=('dnszone_disable', [idnzone1], {}), + expected={ + 'value': idnzone1_dnsname, + 'summary': u'Disabled DNS zone "%s"' % idnzone1, + 'result': True, + }, + ), + + + dict( + desc='Check if zone %r is really disabled' % idnzone1, + command=('dnszone_show', [idnzone1], {}), + expected={ + 'value': idnzone1_dnsname, + 'summary': None, + 'result': { + 'dn': idnzone1_dn, + 'idnsname': [idnzone1_dnsname], + 'idnszoneactive': [u'FALSE'], + 'nsrecord': nameservers, + 'idnssoamname': [self_server_ns_dnsname], + 'idnssoarname': [idnzone1_rname_dnsname], + 'idnssoaserial': [fuzzy_digits], + 'idnssoarefresh': [fuzzy_digits], + 'idnssoaretry': [fuzzy_digits], + 'idnssoaexpire': [fuzzy_digits], + 'idnssoaminimum': [fuzzy_digits], + 'idnsallowtransfer': [u'none;'], + 'idnsallowquery': [u'any;'], + 'mxrecord': [u"0 %s" % idnzone1_mname], + 'kxrecord': [u"0 %s" % idnzone1_mname], + }, + }, + ), + + + dict( + desc='Enable zone %r' % idnzone1, + command=('dnszone_enable', [idnzone1], {}), + expected={ + 'value': idnzone1_dnsname, + 'summary': u'Enabled DNS zone "%s"' % idnzone1, + 'result': True, + }, + ), + + + dict( + desc='Check if zone %r is really enabled' % idnzone1, + command=('dnszone_show', [idnzone1], {}), + expected={ + 'value': idnzone1_dnsname, + 'summary': None, + 'result': { + 'dn': idnzone1_dn, + 'idnsname': [idnzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'nsrecord': nameservers, + 'idnssoamname': [self_server_ns_dnsname], + 'idnssoarname': [idnzone1_rname_dnsname], + 'idnssoaserial': [fuzzy_digits], + 'idnssoarefresh': [fuzzy_digits], + 'idnssoaretry': [fuzzy_digits], + 'idnssoaexpire': [fuzzy_digits], + 'idnssoaminimum': [fuzzy_digits], + 'idnsallowtransfer': [u'none;'], + 'idnsallowquery': [u'any;'], + 'mxrecord': [u"0 %s" % idnzone1_mname], + 'kxrecord': [u"0 %s" % idnzone1_mname], + }, + }, + ), + + + dict( + desc='Delete zone %r' % zone1, + command=('dnszone_del', [zone1], {}), + expected={ + 'value': [zone1_absolute_dnsname], + 'summary': u'Deleted DNS zone "%s"' % zone1_absolute, + 'result': {'failed': []}, + }, + ), + + ] + + +class test_root_zone(Declarative): + + @classmethod + def setUpClass(cls): + super(test_root_zone, cls).setUpClass() + + if not api.Backend.rpcclient.isconnected(): + api.Backend.rpcclient.connect(fallback=False) + + if not have_ldap2: + raise nose.SkipTest('server plugin not available') + + if get_nameservers_error is not None: + raise nose.SkipTest('unable to get list of nameservers (%s)' % get_nameservers_error) + + try: + api.Command['dnszone_add'](zone1, idnssoarname=zone1_rname,) + api.Command['dnszone_del'](zone1) + except errors.NotFound: + raise nose.SkipTest('DNS is not configured') + except errors.DuplicateEntry: + pass + + cleanup_commands = [ + ('dnszone_del', [zone_root, ], + {'continue': True}), + ('permission_del', [zone_root_permission, ], {'force': True}), + ] + + tests = [ + + dict( + desc='Create zone %r' % zone_root, + command=( + 'dnszone_add', [zone_root], { + 'idnssoarname': zone_root_rname, + } + ), + expected={ + 'value': zone_root_dnsname, + 'summary': None, + 'result': { + 'dn': zone_root_dn, + 'idnsname': [zone_root_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnssoamname': [self_server_ns_dnsname], + 'nsrecord': nameservers, + 'idnssoarname': [zone_root_rname_dnsname], + 'idnssoaserial': [fuzzy_digits], + 'idnssoarefresh': [fuzzy_digits], + 'idnssoaretry': [fuzzy_digits], + 'idnssoaexpire': [fuzzy_digits], + 'idnssoaminimum': [fuzzy_digits], + 'idnsallowdynupdate': [u'FALSE'], + 'idnsupdatepolicy': [u'grant %(realm)s krb5-self * A; ' + u'grant %(realm)s krb5-self * AAAA; ' + u'grant %(realm)s krb5-self * SSHFP;' + % dict(realm=api.env.realm)], + 'idnsallowtransfer': [u'none;'], + 'idnsallowquery': [u'any;'], + 'objectclass': objectclasses.dnszone, + }, + }, + ), + + dict( + desc='Add per-zone permission for zone %r' % zone_root, + command=( + 'dnszone_add_permission', [zone_root], {} + ), + expected=dict( + result=True, + value=zone_root_permission, + summary=u'Added system permission "%s"' % zone_root_permission, + ), + ), + + ] + + +class test_forward_zones(Declarative): + # https://fedorahosted.org/freeipa/ticket/4750 + + @classmethod + def setUpClass(cls): + super(test_forward_zones, cls).setUpClass() + + if not api.Backend.rpcclient.isconnected(): + api.Backend.rpcclient.connect(fallback=False) + + if not have_ldap2: + raise nose.SkipTest('server plugin not available') + + try: + api.Command['dnszone_add'](zone1, idnssoarname=zone1_rname,) + api.Command['dnszone_del'](zone1) + except errors.NotFound: + raise nose.SkipTest('DNS is not configured') + except errors.DuplicateEntry: + pass + + + cleanup_commands = [ + ('dnsforwardzone_del', [zone_fw_wildcard, fwzone1], + {'continue': True}), + ('permission_del', [fwzone1_permission, ], {'force': True}), + ] + + tests = [ + + dict( desc='Try to create forward zone %r with wildcard domain name' % zone_fw_wildcard, command=( 'dnsforwardzone_add', [zone_fw_wildcard], {'idnsforwardpolicy': u'none'} @@ -3196,6 +3481,148 @@ class test_dns(Declarative): ), + + + dict( + desc='Disable forward zone %r' % fwzone1, + command=('dnsforwardzone_disable', [fwzone1], {}), + expected={ + 'value': fwzone1_dnsname, + 'summary': u'Disabled DNS forward zone "%s"' % fwzone1, + 'result': True, + }, + ), + + + dict( + desc='Check if forward zone %r is really disabled' % fwzone1, + command=('dnsforwardzone_show', [fwzone1], {}), + expected={ + 'value': fwzone1_dnsname, + 'summary': None, + 'result': { + 'dn': fwzone1_dn, + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'FALSE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder1, forwarder2], + }, + }, + ), + + + dict( + desc='Enable forward zone %r' % fwzone1, + command=('dnsforwardzone_enable', [fwzone1], {}), + expected={ + 'value': fwzone1_dnsname, + 'summary': u'Enabled DNS forward zone "%s"' % fwzone1, + 'result': True, + }, + ), + + + dict( + desc='Check if forward zone %r is really enabled' % fwzone1, + command=('dnsforwardzone_show', [fwzone1], {}), + expected={ + 'value': fwzone1_dnsname, + 'summary': None, + 'result': { + 'dn': fwzone1_dn, + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder1, forwarder2], + }, + }, + ), + + ] + + +class test_forward_master_zones_mutual_exlusion(Declarative): + # https://fedorahosted.org/freeipa/ticket/4750 + + @classmethod + def setUpClass(cls): + super(test_forward_master_zones_mutual_exlusion, cls).setUpClass() + + if not api.Backend.rpcclient.isconnected(): + api.Backend.rpcclient.connect(fallback=False) + + if not have_ldap2: + raise nose.SkipTest('server plugin not available') + + try: + api.Command['dnszone_add'](zone1, idnssoarname=zone1_rname,) + api.Command['dnszone_del'](zone1) + except errors.NotFound: + raise nose.SkipTest('DNS is not configured') + except errors.DuplicateEntry: + pass + + + cleanup_commands = [ + ('dnszone_del', [zone1, zone_findtest_master], {'continue': True}), + ('dnsforwardzone_del', [zone_fw_wildcard, fwzone1, + zone_findtest_forward], + {'continue': True}), + ('permission_del', [fwzone1_permission, ], {'force': True}), + ] + + tests = [ + dict( + desc='Create zone %r' % zone1, + command=( + 'dnszone_add', [zone1], { + 'idnssoarname': zone1_rname, + } + ), + expected={ + 'value': zone1_absolute_dnsname, + 'summary': None, + 'result': { + 'dn': zone1_dn, + 'idnsname': [zone1_absolute_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnssoamname': lambda x: True, # don't care in this test + 'nsrecord': lambda x: True, # don't care in this test + 'idnssoarname': lambda x: True, # don't care in this test + 'idnssoaserial': [fuzzy_digits], + 'idnssoarefresh': [fuzzy_digits], + 'idnssoaretry': [fuzzy_digits], + 'idnssoaexpire': [fuzzy_digits], + 'idnssoaminimum': [fuzzy_digits], + 'idnsallowdynupdate': [u'FALSE'], + 'idnsupdatepolicy': lambda x: True, # don't care in this test + 'idnsallowtransfer': [u'none;'], + 'idnsallowquery': [u'any;'], + 'objectclass': objectclasses.dnszone, + }, + }, + ), + + + dict( + desc='Create forward zone %r without forwarders with "none" policy' % fwzone1, + command=( + 'dnsforwardzone_add', [fwzone1], {'idnsforwardpolicy': u'none'} + ), + expected={ + 'value': fwzone1_dnsname, + 'summary': None, + 'result': { + 'dn': fwzone1_dn, + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'none'], + 'objectclass': objectclasses.dnsforwardzone, + }, + }, + ), + + dict( desc='Try to create duplicate zone which is already forward zone %r' % fwzone1, command=( @@ -3489,315 +3916,4 @@ class test_dns(Declarative): ), ), - - dict( - desc='Disable zone %r' % zone1, - command=('dnszone_disable', [zone1], {}), - expected={ - 'value': zone1_absolute_dnsname, - 'summary': u'Disabled DNS zone "%s"' % zone1_absolute, - 'result': True, - }, - ), - - - dict( - desc='Check if zone %r is really disabled' % zone1, - command=('dnszone_show', [zone1], {}), - expected={ - 'value': zone1_absolute_dnsname, - 'summary': None, - 'result': { - 'dn': zone1_dn, - 'idnsname': [zone1_absolute_dnsname], - 'idnszoneactive': [u'FALSE'], - 'nsrecord': nameservers, - 'idnssoamname': [self_server_ns_dnsname], - 'idnssoarname': [zone1_rname_dnsname], - 'idnssoaserial': [fuzzy_digits], - 'idnssoarefresh': [fuzzy_digits], - 'idnssoaretry': [fuzzy_digits], - 'idnssoaexpire': [fuzzy_digits], - 'idnssoaminimum': [fuzzy_digits], - 'idnsallowtransfer': [u'172.16.31.80;'], - 'idnsallowquery': [u'!192.0.2.0/24;any;'], - 'mxrecord': [u'0 ns1.dnszone.test.'], - 'locrecord': [u"49 11 42.400 N 16 36 29.600 E 227.64 10.00 10.00 0.10"], - }, - }, - ), - - - dict( - desc='Enable zone %r' % zone1, - command=('dnszone_enable', [zone1], {}), - expected={ - 'value': zone1_absolute_dnsname, - 'summary': u'Enabled DNS zone "%s"' % zone1_absolute, - 'result': True, - }, - ), - - - dict( - desc='Check if zone %r is really enabled' % zone1, - command=('dnszone_show', [zone1_absolute], {}), - expected={ - 'value': zone1_absolute_dnsname, - 'summary': None, - 'result': { - 'dn': zone1_dn, - 'idnsname': [zone1_absolute_dnsname], - 'idnszoneactive': [u'TRUE'], - 'nsrecord': nameservers, - 'idnssoamname': [self_server_ns_dnsname], - 'idnssoarname': [zone1_rname_dnsname], - 'idnssoaserial': [fuzzy_digits], - 'idnssoarefresh': [fuzzy_digits], - 'idnssoaretry': [fuzzy_digits], - 'idnssoaexpire': [fuzzy_digits], - 'idnssoaminimum': [fuzzy_digits], - 'idnsallowtransfer': [u'172.16.31.80;'], - 'idnsallowquery': [u'!192.0.2.0/24;any;'], - 'mxrecord': [u'0 ns1.dnszone.test.'], - 'locrecord': [u"49 11 42.400 N 16 36 29.600 E 227.64 10.00 10.00 0.10"], - }, - }, - ), - - dict( - desc='Disable zone %r' % idnzone1, - command=('dnszone_disable', [idnzone1], {}), - expected={ - 'value': idnzone1_dnsname, - 'summary': u'Disabled DNS zone "%s"' % idnzone1, - 'result': True, - }, - ), - - - dict( - desc='Check if zone %r is really disabled' % idnzone1, - command=('dnszone_show', [idnzone1], {}), - expected={ - 'value': idnzone1_dnsname, - 'summary': None, - 'result': { - 'dn': idnzone1_dn, - 'idnsname': [idnzone1_dnsname], - 'idnszoneactive': [u'FALSE'], - 'nsrecord': nameservers, - 'idnssoamname': [self_server_ns_dnsname], - 'idnssoarname': [idnzone1_rname_dnsname], - 'idnssoaserial': [fuzzy_digits], - 'idnssoarefresh': [fuzzy_digits], - 'idnssoaretry': [fuzzy_digits], - 'idnssoaexpire': [fuzzy_digits], - 'idnssoaminimum': [fuzzy_digits], - 'idnsallowtransfer': [u'none;'], - 'idnsallowquery': [u'any;'], - 'mxrecord': [u"0 %s" % idnzone1_mname], - 'kxrecord': [u"0 %s" % idnzone1_mname], - }, - }, - ), - - - dict( - desc='Enable zone %r' % idnzone1, - command=('dnszone_enable', [idnzone1], {}), - expected={ - 'value': idnzone1_dnsname, - 'summary': u'Enabled DNS zone "%s"' % idnzone1, - 'result': True, - }, - ), - - - dict( - desc='Check if zone %r is really enabled' % idnzone1, - command=('dnszone_show', [idnzone1], {}), - expected={ - 'value': idnzone1_dnsname, - 'summary': None, - 'result': { - 'dn': idnzone1_dn, - 'idnsname': [idnzone1_dnsname], - 'idnszoneactive': [u'TRUE'], - 'nsrecord': nameservers, - 'idnssoamname': [self_server_ns_dnsname], - 'idnssoarname': [idnzone1_rname_dnsname], - 'idnssoaserial': [fuzzy_digits], - 'idnssoarefresh': [fuzzy_digits], - 'idnssoaretry': [fuzzy_digits], - 'idnssoaexpire': [fuzzy_digits], - 'idnssoaminimum': [fuzzy_digits], - 'idnsallowtransfer': [u'none;'], - 'idnsallowquery': [u'any;'], - 'mxrecord': [u"0 %s" % idnzone1_mname], - 'kxrecord': [u"0 %s" % idnzone1_mname], - }, - }, - ), - - - dict( - desc='Disable forward zone %r' % fwzone1, - command=('dnsforwardzone_disable', [fwzone1], {}), - expected={ - 'value': fwzone1_dnsname, - 'summary': u'Disabled DNS forward zone "%s"' % fwzone1, - 'result': True, - }, - ), - - - dict( - desc='Check if forward zone %r is really disabled' % fwzone1, - command=('dnsforwardzone_show', [fwzone1], {}), - expected={ - 'value': fwzone1_dnsname, - 'summary': None, - 'result': { - 'dn': fwzone1_dn, - 'idnsname': [fwzone1_dnsname], - 'idnszoneactive': [u'FALSE'], - 'idnsforwardpolicy': [u'first'], - 'idnsforwarders': [forwarder1, forwarder2], - }, - }, - ), - - dict( - desc='Enable forward zone %r' % fwzone1, - command=('dnsforwardzone_enable', [fwzone1], {}), - expected={ - 'value': fwzone1_dnsname, - 'summary': u'Enabled DNS forward zone "%s"' % fwzone1, - 'result': True, - }, - ), - - - dict( - desc='Check if forward zone %r is really enabled' % fwzone1, - command=('dnsforwardzone_show', [fwzone1], {}), - expected={ - 'value': fwzone1_dnsname, - 'summary': None, - 'result': { - 'dn': fwzone1_dn, - 'idnsname': [fwzone1_dnsname], - 'idnszoneactive': [u'TRUE'], - 'idnsforwardpolicy': [u'first'], - 'idnsforwarders': [forwarder1, forwarder2], - }, - }, - ), - - dict( - desc='Delete zone %r' % zone1, - command=('dnszone_del', [zone1], {}), - expected={ - 'value': [zone1_absolute_dnsname], - 'summary': u'Deleted DNS zone "%s"' % zone1_absolute, - 'result': {'failed': []}, - }, - ), - - ] - - -zone_root = u'.' -zone_root_dnsname = DNSName(zone_root) -zone_root_ip = u'172.16.29.222' -zone_root_dn = DN(('idnsname', zone_root), - api.env.container_dns, api.env.basedn) -zone_root_ns = u'ns' -zone_root_ns_dnsname = DNSName(zone_root_ns) -zone_root_ns_dn = DN(('idnsname', zone_root_ns), zone_root_dn) -zone_root_rname = u'root.example.com.' -zone_root_rname_dnsname = DNSName(zone_root_rname) -zone_root_permission = u'Manage DNS zone %s' % zone_root -zone_root_permission_dn = DN(('cn', zone_root_permission), - api.env.container_permission, api.env.basedn) - - -class test_root_zone(Declarative): - - @classmethod - def setUpClass(cls): - super(test_root_zone, cls).setUpClass() - - if not api.Backend.rpcclient.isconnected(): - api.Backend.rpcclient.connect(fallback=False) - - if not have_ldap2: - raise nose.SkipTest('server plugin not available') - - if get_nameservers_error is not None: - raise nose.SkipTest('unable to get list of nameservers (%s)' % get_nameservers_error) - - try: - api.Command['dnszone_add'](zone1, idnssoarname=zone1_rname,) - api.Command['dnszone_del'](zone1) - except errors.NotFound: - raise nose.SkipTest('DNS is not configured') - except errors.DuplicateEntry: - pass - - cleanup_commands = [ - ('dnszone_del', [zone_root, ], - {'continue': True}), - ('permission_del', [zone_root_permission, ], {'force': True}), - ] - - tests = [ - - dict( - desc='Create zone %r' % zone_root, - command=( - 'dnszone_add', [zone_root], { - 'idnssoarname': zone_root_rname, - } - ), - expected={ - 'value': zone_root_dnsname, - 'summary': None, - 'result': { - 'dn': zone_root_dn, - 'idnsname': [zone_root_dnsname], - 'idnszoneactive': [u'TRUE'], - 'idnssoamname': [self_server_ns_dnsname], - 'nsrecord': nameservers, - 'idnssoarname': [zone_root_rname_dnsname], - 'idnssoaserial': [fuzzy_digits], - 'idnssoarefresh': [fuzzy_digits], - 'idnssoaretry': [fuzzy_digits], - 'idnssoaexpire': [fuzzy_digits], - 'idnssoaminimum': [fuzzy_digits], - 'idnsallowdynupdate': [u'FALSE'], - 'idnsupdatepolicy': [u'grant %(realm)s krb5-self * A; ' - u'grant %(realm)s krb5-self * AAAA; ' - u'grant %(realm)s krb5-self * SSHFP;' - % dict(realm=api.env.realm)], - 'idnsallowtransfer': [u'none;'], - 'idnsallowquery': [u'any;'], - 'objectclass': objectclasses.dnszone, - }, - }, - ), - - dict( - desc='Add per-zone permission for zone %r' % zone_root, - command=( - 'dnszone_add_permission', [zone_root], {} - ), - expected=dict( - result=True, - value=zone_root_permission, - summary=u'Added system permission "%s"' % zone_root_permission, - ), - ), - ] -- 1.8.3.1
From f722bb658f439462f2b3a748a3c6b6d6843d955f Mon Sep 17 00:00:00 2001 From: Martin Basti <mba...@redhat.com> Date: Mon, 15 Dec 2014 18:51:30 +0100 Subject: [PATCH 2/2] New test cases for Forward_zones https://fedorahosted.org/freeipa/ticket/4750 --- ipatests/test_xmlrpc/test_dns_plugin.py | 849 +++++++++++++++++++++++++++++--- 1 file changed, 767 insertions(+), 82 deletions(-) diff --git a/ipatests/test_xmlrpc/test_dns_plugin.py b/ipatests/test_xmlrpc/test_dns_plugin.py index 422f7ebd17e84488783ab13d31c7d6fc63a485c8..01f89798817e7942ab18c174aa78da7563592dc3 100644 --- a/ipatests/test_xmlrpc/test_dns_plugin.py +++ b/ipatests/test_xmlrpc/test_dns_plugin.py @@ -269,9 +269,20 @@ fwzone1_permission = u'Manage DNS zone %s' % fwzone1 fwzone1_permission_dn = DN(('cn', fwzone1_permission), api.env.container_permission, api.env.basedn) +fwzone2 = u'fwzone2.test.' +fwzone2_dnsname = DNSName(fwzone2) +fwzone2_dn = DN(('idnsname', fwzone2), api.env.container_dns, api.env.basedn) + +fwzone3 = u'fwzone3.test.' +fwzone3_dnsname = DNSName(fwzone3) +fwzone3_dn = DN(('idnsname', fwzone3), api.env.container_dns, api.env.basedn) + +fwzone_search_all_name = u'fwzone' + forwarder1 = u'172.16.15.1' forwarder2 = u'172.16.15.2' forwarder3 = u'172.16.15.3' +forwarder4 = u'172.16.15.4' zone_findtest = u'.find.test.' @@ -290,6 +301,8 @@ zone_findtest_forward_dn = DN(('idnsname', zone_findtest_forward), api.env.conta zone_fw_wildcard = u'*.wildcardforwardzone.test.' +nonexistent_fwzone = u'non-existent.fwzone.test.' + zone_root = u'.' zone_root_dnsname = DNSName(zone_root) zone_root_ip = u'172.16.29.222' @@ -3118,7 +3131,7 @@ class test_forward_zones(Declarative): cleanup_commands = [ - ('dnsforwardzone_del', [zone_fw_wildcard, fwzone1], + ('dnsforwardzone_del', [zone_fw_wildcard, fwzone1, fwzone2, fwzone3], {'continue': True}), ('permission_del', [fwzone1_permission, ], {'force': True}), ] @@ -3136,6 +3149,26 @@ class test_forward_zones(Declarative): dict( + desc='Try to create forward zone with empty name', + command=( + 'dnsforwardzone_add', [u''], {} + ), + expected=errors.RequirementError(name='name') + ), + + + dict( + desc='Try to create forward zone %r with invalid name' % 'invalid..name.fwzone.test.', + command=( + 'dnsforwardzone_add', [u'invalid..name.fwzone.test.', ], {} + ), + expected=errors.ConversionError( + name='name', + error=u'empty DNS label') + ), + + + dict( desc='Try to create forward zone %r without forwarders with default "(first)" policy' % fwzone1, command=( 'dnsforwardzone_add', [fwzone1], {} @@ -3146,7 +3179,7 @@ class test_forward_zones(Declarative): dict( - desc='Try to create forward %r zone without forwarders with "only" policy' % fwzone1, + desc='Try to create forward zone %r without forwarders with "only" policy' % fwzone1, command=( 'dnsforwardzone_add', [fwzone1], {'idnsforwardpolicy': u'only'} ), @@ -3156,6 +3189,58 @@ class test_forward_zones(Declarative): dict( + desc='Try to create forward zone %r without forwarders with "first" policy' % fwzone1, + command=( + 'dnsforwardzone_add', [fwzone1], {'idnsforwardpolicy': u'first'} + ), + expected=errors.ValidationError( + name='idnsforwarders', + error=u'Please specify forwarders.') + ), + + + dict( + desc='Try to create forward zone %r with "only" policy and invalid IP address' % fwzone1, + command=( + 'dnsforwardzone_add', [fwzone1], { + 'idnsforwardpolicy': u'only', + 'idnsforwarders': [u'127.0.0.999', ] + } + ), + expected=errors.ValidationError( + name='forwarder', + error=u'invalid IP address format') + ), + + + dict( + desc='Try to create forward zone %r with "first" policy and invalid IP address' % fwzone1, + command=( + 'dnsforwardzone_add', [fwzone1], { + 'idnsforwardpolicy': u'first', + 'idnsforwarders': [u'127.0.0.999', ] + } + ), + expected=errors.ValidationError( + name='forwarder', + error=u'invalid IP address format') + ), + + + dict( + desc='Try to create forward zone %r with invalid policy' % fwzone1, + command=( + 'dnsforwardzone_add', [fwzone1], { + 'idnsforwardpolicy': u'invalid', + } + ), + expected=errors.ValidationError( + name='forward_policy', + error=u"must be one of 'only', 'first', 'none'") + ), + + + dict( desc='Create forward zone %r without forwarders with "none" policy' % fwzone1, command=( 'dnsforwardzone_add', [fwzone1], {'idnsforwardpolicy': u'none'} @@ -3185,30 +3270,109 @@ class test_forward_zones(Declarative): dict( - desc='Delete forward zone %r' % fwzone1, - command=('dnsforwardzone_del', [fwzone1], {}), + desc='Create forward zone %r with forwarders with default ("first") policy' % fwzone2, + command=( + 'dnsforwardzone_add', [fwzone2], {'idnsforwarders': [forwarder1]} + ), + expected={ + 'value': fwzone2_dnsname, + 'summary': None, + 'result': { + 'dn': fwzone2_dn, + 'idnsname': [fwzone2_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder1], + 'objectclass': objectclasses.dnsforwardzone, + }, + }, + ), + + + dict( + desc='Delete forward zone %r (cleanup)' % fwzone2, + command=('dnsforwardzone_del', [fwzone2], {}), expected={ - 'value': [fwzone1_dnsname], - 'summary': u'Deleted DNS forward zone "%s"' % fwzone1, + 'value': [fwzone2_dnsname], + 'summary': u'Deleted DNS forward zone "%s"' % fwzone2, 'result': {'failed': []}, }, ), dict( - desc='Create forward zone %r with forwarders with default ("first") policy' % fwzone1, + desc='Create forward zone %r with three forwarders with "only" policy' % fwzone2, command=( - 'dnsforwardzone_add', [fwzone1], {'idnsforwarders': [forwarder1]} + 'dnsforwardzone_add', [fwzone2], { + 'idnsforwarders': [forwarder1, forwarder2, forwarder3], + 'idnsforwardpolicy': u'only' + } ), expected={ - 'value': fwzone1_dnsname, + 'value': fwzone2_dnsname, 'summary': None, 'result': { - 'dn': fwzone1_dn, - 'idnsname': [fwzone1_dnsname], + 'dn': fwzone2_dn, + 'idnsname': [fwzone2_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'only'], + 'idnsforwarders': [forwarder1, forwarder2, forwarder3], + 'objectclass': objectclasses.dnsforwardzone, + }, + }, + ), + + + dict( + desc='Delete forward zone %r (cleanup)' % fwzone2, + command=('dnsforwardzone_del', [fwzone2], {}), + expected={ + 'value': [fwzone2_dnsname], + 'summary': u'Deleted DNS forward zone "%s"' % fwzone2, + 'result': {'failed': []}, + }, + ), + + + dict( + desc='Create forward zone %r with one forwarder with "only" policy' % fwzone2, + command=( + 'dnsforwardzone_add', [fwzone2], { + 'idnsforwarders': forwarder2, 'idnsforwardpolicy': u'only' + } + ), + expected={ + 'value': fwzone2_dnsname, + 'summary': None, + 'result': { + 'dn': fwzone2_dn, + 'idnsname': [fwzone2_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'only'], + 'idnsforwarders': [forwarder2], + 'objectclass': objectclasses.dnsforwardzone, + }, + }, + ), + + + dict( + desc='Create forward zone %r with three forwarders with "first" policy' % fwzone3, + command=( + 'dnsforwardzone_add', [fwzone3], { + 'idnsforwarders': [forwarder1, forwarder2, forwarder3], + 'idnsforwardpolicy': u'first' + } + ), + expected={ + 'value': fwzone3_dnsname, + 'summary': None, + 'result': { + 'dn': fwzone3_dn, + 'idnsname': [fwzone3_dnsname], 'idnszoneactive': [u'TRUE'], 'idnsforwardpolicy': [u'first'], - 'idnsforwarders': [forwarder1], + 'idnsforwarders': [forwarder1, forwarder2, forwarder3], 'objectclass': objectclasses.dnsforwardzone, }, }, @@ -3216,40 +3380,284 @@ class test_forward_zones(Declarative): dict( - desc='Delete forward zone %r' % fwzone1, - command=('dnsforwardzone_del', [fwzone1], {}), + desc='Delete forward zone %r (cleanup)' % fwzone3, + command=('dnsforwardzone_del', [fwzone3], {}), expected={ - 'value': [fwzone1_dnsname], - 'summary': u'Deleted DNS forward zone "%s"' % fwzone1, + 'value': [fwzone3_dnsname], + 'summary': u'Deleted DNS forward zone "%s"' % fwzone3, 'result': {'failed': []}, }, ), dict( - desc='Create forward zone %r with forwarders with "only" policy' % fwzone1, + desc='Create forward zone %r with one forwarder with "first" policy' % fwzone3, + command=( + 'dnsforwardzone_add', [fwzone3], { + 'idnsforwarders': forwarder3, 'idnsforwardpolicy': u'first' + } + ), + expected={ + 'value': fwzone3_dnsname, + 'summary': None, + 'result': { + 'dn': fwzone3_dn, + 'idnsname': [fwzone3_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder3], + 'objectclass': objectclasses.dnsforwardzone, + }, + }, + ), + + + + dict( + desc='Modify forward zone %r change one forwarder' % fwzone3, + command=( + 'dnsforwardzone_mod', [fwzone3], { + 'idnsforwarders': forwarder1, + } + ), + expected={ + 'value': fwzone3_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone3_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder1], + }, + }, + ), + + + dict( + desc='Modify forward zone %r add one forwarder' % fwzone3, + command=( + 'dnsforwardzone_mod', [fwzone3], { + 'idnsforwarders': [forwarder1, forwarder2] + } + ), + expected={ + 'value': fwzone3_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone3_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder1, forwarder2], + }, + }, + ), + + + dict( + desc='Modify forward zone %r change one forwarder if two exists' % fwzone3, + command=( + 'dnsforwardzone_mod', [fwzone3], { + 'idnsforwarders': [forwarder1, forwarder3] + } + ), + expected={ + 'value': fwzone3_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone3_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder1, forwarder3], + }, + }, + ), + + + dict( + desc='Modify forward zone %r change two forwarders if two exists' % fwzone3, + command=( + 'dnsforwardzone_mod', [fwzone3], { + 'idnsforwarders': [forwarder2, forwarder4] + } + ), + expected={ + 'value': fwzone3_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone3_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder2, forwarder4], + }, + }, + ), + + + dict( + desc='Modify forward zone %r with --policy=none, add forwarders' % fwzone1, command=( - 'dnsforwardzone_add', [fwzone1], { - 'idnsforwarders': forwarder1, 'idnsforwardpolicy': u'only' + 'dnsforwardzone_mod', [fwzone1], { + 'idnsforwardpolicy': u'none', + 'idnsforwarders': [forwarder3], } ), expected={ 'value': fwzone1_dnsname, 'summary': None, 'result': { - 'dn': fwzone1_dn, 'idnsname': [fwzone1_dnsname], 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'none'], + 'idnsforwarders': [forwarder3], + }, + }, + ), + + + dict( + desc='Modify forward zone %r change --policy=none' % fwzone2, + command=( + 'dnsforwardzone_mod', [fwzone2], { + 'idnsforwardpolicy': u'none', + } + ), + expected={ + 'value': fwzone2_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone2_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'none'], + 'idnsforwarders': [forwarder2], + }, + }, + ), + + + dict( + desc='Modify forward zone %r change --policy=only (was "none", FW exists)' % fwzone2, + command=( + 'dnsforwardzone_mod', [fwzone2], { + 'idnsforwardpolicy': u'only', + } + ), + expected={ + 'value': fwzone2_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone2_dnsname], + 'idnszoneactive': [u'TRUE'], 'idnsforwardpolicy': [u'only'], - 'idnsforwarders': [forwarder1], - 'objectclass': objectclasses.dnsforwardzone, + 'idnsforwarders': [forwarder2], + }, + }, + ), + + + dict( + desc='Modify forward zone %r with --policy=first (was "none", FW exists)' % fwzone1, + command=( + 'dnsforwardzone_mod', [fwzone1], { + 'idnsforwardpolicy': u'first', + 'idnsforwarders': [forwarder3], + } + ), + expected={ + 'value': fwzone1_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder3], + }, + }, + ), + + + dict( + desc='Modify forward zone %r with --policy=none, forwarder empty' % fwzone1, + command=( + 'dnsforwardzone_mod', [fwzone1], { + 'idnsforwardpolicy': u'none', + 'idnsforwarders': [], + } + ), + expected={ + 'value': fwzone1_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'none'], + }, + }, + ), + + + dict( + desc='Modify forward zone %r --policy=only, add forwarders"' % fwzone1, + command=( + 'dnsforwardzone_mod', [fwzone1], { + 'idnsforwardpolicy': u'only', + 'idnsforwarders': [forwarder1, forwarder2] + } + ), + expected={ + 'value': fwzone1_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'only'], + 'idnsforwarders': [forwarder1, forwarder2], + }, + }, + ), + + + dict( + desc='Modify forward zone %r --policy=first (was "only")' % fwzone1, + command=( + 'dnsforwardzone_mod', [fwzone1], { + 'idnsforwardpolicy': u'first', + } + ), + expected={ + 'value': fwzone1_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder1, forwarder2], + }, + }, + ), + + + dict( + desc='Modify forward zone %r --policy=only (was "first")' % fwzone1, + command=( + 'dnsforwardzone_mod', [fwzone1], { + 'idnsforwardpolicy': u'only', + } + ), + expected={ + 'value': fwzone1_dnsname, + 'summary': None, + 'result': { + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'only'], + 'idnsforwarders': [forwarder1, forwarder2], }, }, ), dict( - desc='Modify forward zone %r -- policy "none", no forwarders' % fwzone1, + desc='Modify forward zone %r with --policy=none, forwarder empty (cleanup)' % fwzone1, command=( 'dnsforwardzone_mod', [fwzone1], { 'idnsforwardpolicy': u'none', @@ -3269,6 +3677,18 @@ class test_forward_zones(Declarative): dict( + desc='Try to modify non-existent forward zone %r' % nonexistent_fwzone, + command=( + 'dnsforwardzone_mod', [nonexistent_fwzone], { + 'idnsforwardpolicy': u'only' + } + ), + expected=errors.NotFound(reason="%s: DNS forward zone not found" % + nonexistent_fwzone) + ), + + + dict( desc='Try to modify forward zone %r without forwarders with "only" policy' % fwzone1, command=( 'dnsforwardzone_mod', [fwzone1], { @@ -3293,79 +3713,67 @@ class test_forward_zones(Declarative): dict( - desc='Modify forward zone %r -- add forwarders' % fwzone1, + desc='Try to modify forward zone %r with "only" policy change empty forwarders' % fwzone2, command=( - 'dnsforwardzone_mod', [fwzone1], { - 'idnsforwarders': [forwarder1, forwarder2], + 'dnsforwardzone_mod', [fwzone2], { + 'idnsforwarders': [], } ), - expected={ - 'value': fwzone1_dnsname, - 'summary': None, - 'result': { - 'idnsname': [fwzone1_dnsname], - 'idnszoneactive': [u'TRUE'], - 'idnsforwardpolicy': [u'none'], - 'idnsforwarders': [forwarder1, forwarder2], - }, - }, + expected=errors.ValidationError( + name='idnsforwarders', + error=u'Please specify forwarders.') ), + dict( - desc='Modify forward zone %r -- policy "only"' % fwzone1, + desc='Try to modify forward zone %r with "first" policy change empty forwarders' % fwzone3, command=( - 'dnsforwardzone_mod', [fwzone1], { - 'idnsforwardpolicy': u'only', + 'dnsforwardzone_mod', [fwzone3], { + 'idnsforwarders': [], } ), - expected={ - 'value': fwzone1_dnsname, - 'summary': None, - 'result': { - 'idnsname': [fwzone1_dnsname], - 'idnszoneactive': [u'TRUE'], - 'idnsforwardpolicy': [u'only'], - 'idnsforwarders': [forwarder1, forwarder2], - }, - }, + expected=errors.ValidationError( + name='idnsforwarders', + error=u'Please specify forwarders.') ), dict( - desc='Modify forward zone %r -- policy "first"' % fwzone1, + desc='Try to modify forward zone %r with "only" policy change invalid forwarder IP' % fwzone2, command=( - 'dnsforwardzone_mod', [fwzone1], { - 'idnsforwardpolicy': u'first', + 'dnsforwardzone_mod', [fwzone2], { + 'idnsforwarders': [u'127.0.0.999', ], } ), - expected={ - 'value': fwzone1_dnsname, - 'summary': None, - 'result': { - 'idnsname': [fwzone1_dnsname], - 'idnszoneactive': [u'TRUE'], - 'idnsforwardpolicy': [u'first'], - 'idnsforwarders': [forwarder1, forwarder2], - }, - }, + expected=errors.ValidationError( + name='forwarder', + error=u'invalid IP address format') ), dict( - desc='Search for forward zone %r' % fwzone1, - command=('dnsforwardzone_find', [fwzone1], {}), - expected={ - 'summary': None, - 'count': 1, - 'truncated': False, - 'result': [{ - 'dn': fwzone1_dn, - 'idnsname': [fwzone1_dnsname], - 'idnszoneactive': [u'TRUE'], - 'idnsforwardpolicy': [u'first'], - 'idnsforwarders': [forwarder1, forwarder2], - }], - }, + desc='Try to modify forward zone %r with "first" policy change invalid forwarder IP' % fwzone3, + command=( + 'dnsforwardzone_mod', [fwzone3], { + 'idnsforwarders': [u'127.0.0.999', ], + } + ), + expected=errors.ValidationError( + name='forwarder', + error=u'invalid IP address format') + ), + + + dict( + desc='Try to modify forward zone %r with invalid policy' % fwzone1, + command=( + 'dnsforwardzone_mod', [fwzone1], { + 'idnsforwardpolicy': u'invalid', + } + ), + expected=errors.ValidationError( + name='forward_policy', + error=u"must be one of 'only', 'first', 'none'") ), @@ -3381,14 +3789,271 @@ class test_forward_zones(Declarative): 'dn': fwzone1_dn, 'idnsname': [fwzone1_dnsname], 'idnszoneactive': [u'TRUE'], - 'idnsforwardpolicy': [u'first'], - 'idnsforwarders': [forwarder1, forwarder2], + 'idnsforwardpolicy': [u'none'], }, }, ), dict( + desc='Try to retrieve nonexistent forward zone %r' % nonexistent_fwzone, + command=( + 'dnsforwardzone_show', [nonexistent_fwzone], {} + ), + expected=errors.NotFound(reason="%s: DNS forward zone not found" % + nonexistent_fwzone) + ), + + + dict( + desc='Search for all forward zones', + command=('dnsforwardzone_find', [], {}), + expected={ + 'summary': None, + 'count': 3, + 'truncated': False, + 'result': [ + { + 'dn': fwzone1_dn, + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'none'], + }, + { + 'dn': fwzone2_dn, + 'idnsname': [fwzone2_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'only'], + 'idnsforwarders': [forwarder2], + }, + { + 'dn': fwzone3_dn, + 'idnsname': [fwzone3_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder2, forwarder4], + }, + ], + }, + ), + + + dict( + desc='Search for all forward zones with --pkey-only', + command=('dnsforwardzone_find', [], {'pkey_only': True}), + expected={ + 'summary': None, + 'count': 3, + 'truncated': False, + 'result': [ + { + 'dn': fwzone1_dn, + 'idnsname': [fwzone1_dnsname], + }, + { + 'dn': fwzone2_dn, + 'idnsname': [fwzone2_dnsname], + }, + { + 'dn': fwzone3_dn, + 'idnsname': [fwzone3_dnsname], + }, + ], + }, + ), + + + dict( + desc='Search for forward zone %r' % fwzone1, + command=('dnsforwardzone_find', [fwzone1], {}), + expected={ + 'summary': None, + 'count': 1, + 'truncated': False, + 'result': [{ + 'dn': fwzone1_dn, + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'none'], + }], + }, + ), + + + dict( + desc='Search for 3 forward zones search with criteria "%r"' % fwzone_search_all_name, + command=('dnsforwardzone_find', [fwzone_search_all_name], {}), + expected={ + 'summary': None, + 'count': 3, + 'truncated': False, + 'result': [ + { + 'dn': fwzone1_dn, + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'none'], + }, + { + 'dn': fwzone2_dn, + 'idnsname': [fwzone2_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'only'], + 'idnsforwarders': [forwarder2], + }, + { + 'dn': fwzone3_dn, + 'idnsname': [fwzone3_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder2, forwarder4], + }, + ], + }, + ), + + + dict( + desc='Search for forward zone with --name %r' % fwzone1, + command=('dnsforwardzone_find', [], {'idnsname': fwzone1}), + expected={ + 'summary': None, + 'count': 1, + 'truncated': False, + 'result': [ + { + 'dn': fwzone1_dn, + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'none'], + } + ], + }, + ), + + + dict( + desc='Search for forward zone with --forward-policy=none', + command=('dnsforwardzone_find', [], {'idnsforwardpolicy': u'none'}), + expected={ + 'summary': None, + 'count': 1, + 'truncated': False, + 'result': [ + { + 'dn': fwzone1_dn, + 'idnsname': [fwzone1_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'none'], + } + ], + }, + ), + + + dict( + desc='Search for forward zone with --forward-policy=only', + command=('dnsforwardzone_find', [], {'idnsforwardpolicy': u'only'}), + expected={ + 'summary': None, + 'count': 1, + 'truncated': False, + 'result': [ + { + 'dn': fwzone2_dn, + 'idnsname': [fwzone2_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'only'], + 'idnsforwarders': [forwarder2], + } + ], + }, + ), + + + dict( + desc='Search for forward zone with --forward-policy=first', + command=('dnsforwardzone_find', [], {'idnsforwardpolicy': u'first'}), + expected={ + 'summary': None, + 'count': 1, + 'truncated': False, + 'result': [ + { + 'dn': fwzone3_dn, + 'idnsname': [fwzone3_dnsname], + 'idnszoneactive': [u'TRUE'], + 'idnsforwardpolicy': [u'first'], + 'idnsforwarders': [forwarder2, forwarder4], + } + ], + }, + ), + + + dict( + desc='Try to search for non-existent forward zone', + command=('dnsforwardzone_find', [nonexistent_fwzone], {}), + expected={ + 'summary': None, + 'count': 0, + 'truncated': False, + 'result': [], + }, + ), + + + dict( + desc='Try to search for non-existent forward zone with --name', + command=('dnsforwardzone_find', [], {'idnsname': nonexistent_fwzone}), + expected={ + 'summary': None, + 'count': 0, + 'truncated': False, + 'result': [], + }, + ), + + + dict( + desc='Delete forward zone %r' % fwzone2, + command=('dnsforwardzone_del', [fwzone2], {}), + expected={ + 'value': [fwzone2_dnsname], + 'summary': u'Deleted DNS forward zone "%s"' % fwzone2, + 'result': {'failed': []}, + }, + ), + + + dict( + desc='Delete forward zone %r with --continue' % fwzone3, + command=('dnsforwardzone_del', [fwzone3], {'continue': True}), + expected={ + 'value': [fwzone3_dnsname], + 'summary': u'Deleted DNS forward zone "%s"' % fwzone3, + 'result': {'failed': []}, + }, + ), + + + dict( + desc='Try to delete non-existent forward zone', + command=('dnsforwardzone_del', [nonexistent_fwzone], {}), + expected=errors.NotFound(reason="%s: DNS forward zone not found" % + nonexistent_fwzone) + ), + + + dict( + desc='Try to delete non-existent forward zone with --continue', + command=('dnsforwardzone_del', [nonexistent_fwzone], {'continue': True}), + expected=errors.NotFound(reason="%s: DNS forward zone not found" % + nonexistent_fwzone) + ), + + + dict( desc='Try to add per-zone permission for unknown forward zone', command=('dnsforwardzone_add_permission', [absnxname], {}), expected=errors.NotFound(reason=u'%s: DNS forward zone not found' % absnxname) @@ -3481,6 +4146,14 @@ class test_forward_zones(Declarative): ), + dict( + desc='Try to remove per-zone permission for forward zone %r (permission does not exist)' % fwzone1, + command=( + 'dnsforwardzone_remove_permission', [fwzone1], {} + ), + expected=errors.NotFound(reason=u'%s: permission not found' + % fwzone1_permission) + ), dict( @@ -3504,14 +4177,20 @@ class test_forward_zones(Declarative): 'dn': fwzone1_dn, 'idnsname': [fwzone1_dnsname], 'idnszoneactive': [u'FALSE'], - 'idnsforwardpolicy': [u'first'], - 'idnsforwarders': [forwarder1, forwarder2], + 'idnsforwardpolicy': [u'none'], }, }, ), dict( + desc='Try to disable non-existent forward zone', + command=('dnsforwardzone_disable', [nonexistent_fwzone], {}), + expected=errors.NotFound(reason="no such entry") + ), + + + dict( desc='Enable forward zone %r' % fwzone1, command=('dnsforwardzone_enable', [fwzone1], {}), expected={ @@ -3532,12 +4211,18 @@ class test_forward_zones(Declarative): 'dn': fwzone1_dn, 'idnsname': [fwzone1_dnsname], 'idnszoneactive': [u'TRUE'], - 'idnsforwardpolicy': [u'first'], - 'idnsforwarders': [forwarder1, forwarder2], + 'idnsforwardpolicy': [u'none'], }, }, ), + + dict( + desc='Try to enable non-existent forward zone', + command=('dnsforwardzone_enable', [nonexistent_fwzone], {}), + expected=errors.NotFound(reason="no such entry") + ), + ] -- 1.8.3.1
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel