The branch, master has been updated
via 469d15e s4-tests: Changed descriptor tests to use existing method
in samdb for adding users to a group.
via 82335b2 s4-tests: Changed acl tests to use existing method in samdb
for adding users to a group.
from fa1e866 Revert "s4:api.py - DN tests - test a bit more special DNs
and merge the comparison tests"
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 469d15e2653bceb669f2202c07f6024341f2e99f
Author: Nadezhda Ivanova <nivan...@samba.org>
Date: Thu Nov 18 19:13:41 2010 +0200
s4-tests: Changed descriptor tests to use existing method in samdb for
adding users to a group.
Autobuild-User: Nadezhda Ivanova <nivan...@samba.org>
Autobuild-Date: Thu Nov 18 18:30:55 UTC 2010 on sn-devel-104
commit 82335b25e7c9862d8e1a2294e7f633ed6bed110b
Author: Nadezhda Ivanova <nivan...@samba.org>
Date: Thu Nov 18 19:12:36 2010 +0200
s4-tests: Changed acl tests to use existing method in samdb for adding
users to a group.
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/tests/python/acl.py | 27 ++++---------
source4/dsdb/tests/python/sec_descriptor.py | 56 +++++++++++---------------
2 files changed, 32 insertions(+), 51 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/tests/python/acl.py b/source4/dsdb/tests/python/acl.py
index b448d65..2f9cf64 100755
--- a/source4/dsdb/tests/python/acl.py
+++ b/source4/dsdb/tests/python/acl.py
@@ -97,17 +97,6 @@ replace: nTSecurityDescriptor
elif isinstance(desc, security.descriptor):
mod += "nTSecurityDescriptor:: %s" %
base64.b64encode(ndr_pack(desc))
self.ldb_admin.modify_ldif(mod)
-
- def add_group_member(self, _ldb, group_dn, member_dn):
- """ Modify user to ge member of a group
- e.g. User to be 'Doamin Admin' group member
- """
- ldif = """
-dn: """ + group_dn + """
-changetype: modify
-add: member
-member: """ + member_dn
- _ldb.modify_ldif(ldif)
def create_ou(self, _ldb, ou_dn, desc=None):
ldif = """
@@ -267,10 +256,10 @@ class AclAddTests(AclTests):
self.create_enable_user(self.regular_user)
# add admins to the Domain Admins group
- self.add_group_member(self.ldb_admin, "CN=Domain Admins,CN=Users," +
self.base_dn, \
- self.get_user_dn(self.usr_admin_owner))
- self.add_group_member(self.ldb_admin, "CN=Domain Admins,CN=Users," +
self.base_dn, \
- self.get_user_dn(self.usr_admin_not_owner))
+ self.ldb_admin.add_remove_group_members("Domain Admins",
self.usr_admin_owner,
+ add_members_operation=True)
+ self.ldb_admin.add_remove_group_members("Domain Admins",
self.usr_admin_not_owner,
+ add_members_operation=True)
self.ldb_owner = self.get_ldb_connection(self.usr_admin_owner,
self.user_pass)
self.ldb_notowner = self.get_ldb_connection(self.usr_admin_not_owner,
self.user_pass)
@@ -727,8 +716,8 @@ class AclSearchTests(AclTests):
self.create_enable_user(self.u2)
self.create_enable_user(self.u3)
self.create_security_group(self.ldb_admin,
self.get_user_dn(self.group1))
- self.add_group_member(self.ldb_admin, self.get_user_dn(self.group1), \
- self.get_user_dn(self.u2))
+ self.ldb_admin.add_remove_group_members(self.group1, self.u2,
+ add_members_operation=True)
self.ldb_user = self.get_ldb_connection(self.u1, self.user_pass)
self.ldb_user2 = self.get_ldb_connection(self.u2, self.user_pass)
self.ldb_user3 = self.get_ldb_connection(self.u3, self.user_pass)
@@ -1639,8 +1628,8 @@ class AclExtendedTests(AclTests):
self.create_enable_user(self.u1)
self.create_enable_user(self.u2)
self.create_enable_user(self.u3)
- self.add_group_member(self.ldb_admin, "CN=Domain Admins,CN=Users," +
self.base_dn,
- self.get_user_dn(self.u3))
+ self.ldb_admin.add_remove_group_members("Domain Admins", self.u3,
+ add_members_operation=True)
self.ldb_user1 = self.get_ldb_connection(self.u1, self.user_pass)
self.ldb_user2 = self.get_ldb_connection(self.u2, self.user_pass)
self.ldb_user3 = self.get_ldb_connection(self.u3, self.user_pass)
diff --git a/source4/dsdb/tests/python/sec_descriptor.py
b/source4/dsdb/tests/python/sec_descriptor.py
index 5b3bb6a..175cc81 100755
--- a/source4/dsdb/tests/python/sec_descriptor.py
+++ b/source4/dsdb/tests/python/sec_descriptor.py
@@ -221,14 +221,6 @@ url: www.example.com
"""
_ldb.add_ldif(ldif)
- def add_user_to_group(self, _ldb, username, groupname):
- ldif = """
-dn: """ + self.get_users_domain_dn(groupname) + """
-changetype: modify
-add: member
-member: """ + self.get_users_domain_dn(username)
- _ldb.modify_ldif(ldif)
-
def get_ldb_connection(self, target_username, target_password):
creds_tmp = Credentials()
creds_tmp.set_username(target_username)
@@ -307,35 +299,33 @@ class OwnerGroupDescriptorTests(DescriptorTests):
def setUp(self):
super(OwnerGroupDescriptorTests, self).setUp()
self.deleteAll()
- ### Create users
- # User 1
+ ### Create users
+ # User 1 - Enterprise Admins
self.create_enable_user("testuser1")
- self.add_user_to_group(self.ldb_admin, "testuser1", "Enterprise
Admins")
- # User 2
+ # User 2 - Domain Admins
self.create_enable_user("testuser2")
- self.add_user_to_group(self.ldb_admin, "testuser2", "Domain Admins")
- # User 3
+ # User 3 - Schema Admins
self.create_enable_user("testuser3")
- self.add_user_to_group(self.ldb_admin, "testuser3", "Schema Admins")
- # User 4
+ # User 4 - regular user
self.create_enable_user("testuser4")
- # User 5
+ # User 5 - Enterprise Admins and Domain Admins
self.create_enable_user("testuser5")
- self.add_user_to_group(self.ldb_admin, "testuser5", "Enterprise
Admins")
- self.add_user_to_group(self.ldb_admin, "testuser5", "Domain Admins")
- # User 6
+ # User 6 - Enterprise Admins, Domain Admins, Schema Admins
self.create_enable_user("testuser6")
- self.add_user_to_group(self.ldb_admin, "testuser6", "Enterprise
Admins")
- self.add_user_to_group(self.ldb_admin, "testuser6", "Domain Admins")
- self.add_user_to_group(self.ldb_admin, "testuser6", "Schema Admins")
- # User 7
+ # User 7 - Domain Admins and Schema Admins
self.create_enable_user("testuser7")
- self.add_user_to_group(self.ldb_admin, "testuser7", "Domain Admins")
- self.add_user_to_group(self.ldb_admin, "testuser7", "Schema Admins")
- # User 8
+ # User 5 - Enterprise Admins and Schema Admins
self.create_enable_user("testuser8")
- self.add_user_to_group(self.ldb_admin, "testuser8", "Enterprise
Admins")
- self.add_user_to_group(self.ldb_admin, "testuser8", "Schema Admins")
+
+ self.ldb_admin.add_remove_group_members("Enterprise Admins",
+
"testuser1,testuser5,testuser6,testuser8",
+ add_members_operation=True)
+ self.ldb_admin.add_remove_group_members("Domain Admins",
+
"testuser2,testuser5,testuser6,testuser7",
+ add_members_operation=True)
+ self.ldb_admin.add_remove_group_members("Schema Admins",
+
"testuser3,testuser6,testuser7,testuser8",
+ add_members_operation=True)
self.results = {
# msDS-Behavior-Version < DS_DOMAIN_FUNCTION_2008
@@ -1853,12 +1843,14 @@ class RightsAttributesTests(DescriptorTests):
def setUp(self):
super(RightsAttributesTests, self).setUp()
self.deleteAll()
- ### Create users
- # User 1
+ ### Create users
+ # User 1
self.create_enable_user("testuser_attr")
# User 2, Domain Admins
self.create_enable_user("testuser_attr2")
- self.add_user_to_group(self.ldb_admin, "testuser_attr2", "Domain
Admins")
+ self.ldb_admin.add_remove_group_members("Domain Admins",
+ "testuser_attr2",
+ add_members_operation=True)
def test_sDRightsEffective(self):
object_dn = "OU=test_domain_ou1," + self.base_dn
--
Samba Shared Repository
