On 09/24/2015 02:49 PM, Milan Kubík wrote:
Hi all,

an update for CA ACL tests!

I, with help from M. Babinsky, managed to find a way how to change the identity during acceptance cest run, which allows to test CA ACLs (and perhaps other areas with some form of access controll).

This allowed me to write a test for CA ACLs and certificate profiles that checks if the ACL/profile is being used and enforced. The first several tests are based on Fraser's blogpost using SMIME profile [1].

The master and ipa-4-2 branches diverged a bit, so I had to change two commits when rebasing to ipa-4-2 branch.

Commits should be applied in the order (including rebased patches I sent in an earlier email):

master:
    * 12 - 17

ipa-4-2:
    * 18, 13 - 15, 19, 17

For convenience:
patches on top of master: https://github.com/apophys/freeipa/tree/acl-profile-functional
patches on top of ipa-4-2: https://github.com/apophys/freeipa/tree/acl-42


[1]: https://blog-ftweedal.rhcloud.com/2015/08/user-certificates-and-custom-profiles-with-freeipa-4-2/

Cheers,
Milan



NACK

0)
rpm file does not contain test_xmlrpc/data directory, please modify setup.py.in.

1)
Code contains to much todo for my taste.

2)
Please do not use filter function, use dict comprehension.

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to