The branch, master has been updated
via dfc10604dd6 python:tests: Take INTERDOMAIN_TRUST into account
via b694ca1f15b python:tests: Add debug output to
test_query_filter_enum()
via 7043c1a06c4 python:tests: Use random users for domain_auth_silo.py
via d9a64ed79c3 python:tests: Use random users for user_auth_silo.py
via a3411768747 python:tests: Use random users for user_auth_policy.py
via 7d0dd5063c7 selftest: Create libdir in setup_clusteredmember()
via 3bbbebb1731 selftest: Add blackbox claims test to knownfail_mit_kdc
from a485a910473 bootstrap: Remove libtracker-sparql-2
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit dfc10604dd64b5b7c390571e12ce28762abc2422
Author: Andreas Schneider <[email protected]>
Date: Tue Nov 11 07:26:16 2025 +0100
python:tests: Take INTERDOMAIN_TRUST into account
If we run e.g. fl2008rc2 env before we run this test, we have a trust
account
for this domain.
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Douglas Bagnall <[email protected]>
Autobuild-User(master): Andreas Schneider <[email protected]>
Autobuild-Date(master): Fri Nov 14 19:23:38 UTC 2025 on atb-devel-224
commit b694ca1f15b38749ab8c2f0b1b711bade9bd9712
Author: Andreas Schneider <[email protected]>
Date: Fri Nov 7 13:23:34 2025 +0100
python:tests: Add debug output to test_query_filter_enum()
This test runs relatively late in 'make test'. It finds some accounts which
are
neither a computer nor a user account and complains that the overall account
count doesn't match.
Add some debug so we can find out more about the accounts.
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Douglas Bagnall <[email protected]>
commit 7043c1a06c4c10a43d1fe6555646645aaa1f8f60
Author: Andreas Schneider <[email protected]>
Date: Mon Nov 10 11:11:28 2025 +0100
python:tests: Use random users for domain_auth_silo.py
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Jennifer Sutton <[email protected]>
Reviewed-by: Douglas Bagnall <[email protected]>
commit d9a64ed79c3d3f4306528c89be02f6dc82744269
Author: Andreas Schneider <[email protected]>
Date: Mon Nov 10 11:06:11 2025 +0100
python:tests: Use random users for user_auth_silo.py
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Jennifer Sutton <[email protected]>
Reviewed-by: Douglas Bagnall <[email protected]>
commit a34117687478858fb4f883db44463bc63524a8ee
Author: Andreas Schneider <[email protected]>
Date: Mon Nov 10 11:01:05 2025 +0100
python:tests: Use random users for user_auth_policy.py
We should not work on alice, bob and joe. We should use random user so we
can
clean up afterwards. If we don't do this the dbcheck tests will fails with:
UNEXPECTED(failure): samba4.blackbox.dbcheck(ad_dc).dbcheck(ad_dc:local)
REASON: Exception: Exception: Checking 21449 objects
WARNING: target DN is deleted for msDS-AssignedAuthNPolicy in object
CN=alice,CN=Users,DC=addom,DC=samba,DC=example,DC=com -
<GUID=66bd1f51-084f-4259-a769-efa59adb6e31>;<RMD_ADDTIM
E=134051822550000000>;<RMD_CHANGETIME=134051822550000000>;<RMD_FLAGS=1>;<RMD_INVOCID=b5064b02-c91e-40c0-bc1f-a92a0105a810>;<RMD_LOCAL_USN=14061>;<RMD_ORIGINATING_USN=14061>;<RMD_VE
RSION=2>;CN=User Policy,CN=AuthN Policies,CN=AuthN Policy
Configuration,CN=Services,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com
Target GUID points at deleted DN 'CN=User
Policy\\0ADEL:66bd1f51-084f-4259-a769-efa59adb6e31,CN=Deleted
Objects,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com'
Not removing
WARNING: target DN is deleted for msDS-AssignedAuthNPolicySilo in object
CN=alice,CN=Users,DC=addom,DC=samba,DC=example,DC=com -
<GUID=287d6c3d-bea8-4c06-bdf8-7d4b579bc0e9>;<RMD_AD
DTIME=134051822560000000>;<RMD_CHANGETIME=134051822560000000>;<RMD_FLAGS=1>;<RMD_INVOCID=b5064b02-c91e-40c0-bc1f-a92a0105a810>;<RMD_LOCAL_USN=14081>;<RMD_ORIGINATING_USN=14081>;<RM
D_VERSION=2>;CN=Developers,CN=AuthN Silos,CN=AuthN Policy
Configuration,CN=Services,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com
Target GUID points at deleted DN
'CN=Developers\\0ADEL:287d6c3d-bea8-4c06-bdf8-7d4b579bc0e9,CN=Deleted
Objects,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com'
Not removing
WARNING: target DN is deleted for msDS-AssignedAuthNPolicy in object
CN=bob,CN=Users,DC=addom,DC=samba,DC=example,DC=com -
<GUID=66bd1f51-084f-4259-a769-efa59adb6e31>;<RMD_ADDTIME=
134051822550000000>;<RMD_CHANGETIME=134051822550000000>;<RMD_FLAGS=1>;<RMD_INVOCID=b5064b02-c91e-40c0-bc1f-a92a0105a810>;<RMD_LOCAL_USN=14065>;<RMD_ORIGINATING_USN=14065>;<RMD_VERS
ION=4>;CN=User Policy,CN=AuthN Policies,CN=AuthN Policy
Configuration,CN=Services,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com
Target GUID points at deleted DN 'CN=User
Policy\\0ADEL:66bd1f51-084f-4259-a769-efa59adb6e31,CN=Deleted
Objects,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com'
Not removing
WARNING: target DN is deleted for msDS-AssignedAuthNPolicySilo in object
CN=bob,CN=Users,DC=addom,DC=samba,DC=example,DC=com -
<GUID=1a1e5cdf-b92e-4a80-bc35-cccad8e9f865>;<RMD_ADDT
IME=134051822560000000>;<RMD_CHANGETIME=134051822560000000>;<RMD_FLAGS=1>;<RMD_INVOCID=b5064b02-c91e-40c0-bc1f-a92a0105a810>;<RMD_LOCAL_USN=14085>;<RMD_ORIGINATING_USN=14085>;<RMD_
VERSION=4>;CN=QA,CN=AuthN Silos,CN=AuthN Policy
Configuration,CN=Services,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com
Target GUID points at deleted DN
'CN=QA\\0ADEL:1a1e5cdf-b92e-4a80-bc35-cccad8e9f865,CN=Deleted
Objects,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com'
Not removing
Checked 21449 objects (4 errors)
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Jennifer Sutton <[email protected]>
Reviewed-by: Douglas Bagnall <[email protected]>
commit 7d0dd5063c74e61e33083a1b8916534255d519e4
Author: Andreas Schneider <[email protected]>
Date: Mon Nov 10 15:49:59 2025 +0100
selftest: Create libdir in setup_clusteredmember()
This fixes:
can't open st/clusteredmember/lib/krb5.conf at selftest/target/Samba.pm
line 328.
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Jennifer Sutton <[email protected]>
Reviewed-by: Douglas Bagnall <[email protected]>
commit 3bbbebb1731e9564a430845ccd27dc215b66eed8
Author: Andreas Schneider <[email protected]>
Date: Mon Nov 10 10:40:52 2025 +0100
selftest: Add blackbox claims test to knownfail_mit_kdc
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Jennifer Sutton <[email protected]>
Reviewed-by: Douglas Bagnall <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
python/samba/tests/samba_tool/domain_auth_silo.py | 64 ++++++++----
python/samba/tests/samba_tool/domain_models.py | 53 ++++++++--
python/samba/tests/samba_tool/user_auth_policy.py | 115 +++++++++++++++++-----
python/samba/tests/samba_tool/user_auth_silo.py | 111 ++++++++++++++++-----
selftest/knownfail_mit_kdc.d/claims | 5 +
selftest/target/Samba3.pm | 4 +
6 files changed, 281 insertions(+), 71 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/samba_tool/domain_auth_silo.py
b/python/samba/tests/samba_tool/domain_auth_silo.py
index 2659c15c9af..b7111f6d0f4 100644
--- a/python/samba/tests/samba_tool/domain_auth_silo.py
+++ b/python/samba/tests/samba_tool/domain_auth_silo.py
@@ -503,6 +503,19 @@ class AuthSiloMemberCmdTestCase(SiloTest):
def setUp(self):
super().setUp()
+ # Create random test users
+ self.user1 = self.randomName() # alice
+ self.user2 = self.randomName() # bob
+ self.user3 = self.randomName() # jane
+ self.user4 = self.randomName() # joe
+
+ # Create the users with random passwords
+ password = self.random_password()
+ self.runcmd("user", "add", self.user1, password)
+ self.runcmd("user", "add", self.user2, password)
+ self.runcmd("user", "add", self.user3, password)
+ self.runcmd("user", "add", self.user4, password)
+
# Create an organisational unit to test in.
self.ou = self.samdb.get_default_basedn()
self.ou.add_child("OU=Domain Auth Tests")
@@ -510,9 +523,22 @@ class AuthSiloMemberCmdTestCase(SiloTest):
self.addCleanup(self.samdb.delete, self.ou, ["tree_delete:1"])
# Grant member access to silos
- self.grant_silo_access("Developers", "bob")
- self.grant_silo_access("Developers", "jane")
- self.grant_silo_access("Managers", "alice")
+ self.grant_silo_access("Developers", self.user2)
+ self.grant_silo_access("Developers", self.user3)
+ self.grant_silo_access("Managers", self.user1)
+
+ def tearDown(self):
+ # Revoke silo access granted in setUp() before deleting users
+ self.revoke_silo_access("Developers", self.user2)
+ self.revoke_silo_access("Developers", self.user3)
+ self.revoke_silo_access("Managers", self.user1)
+
+ # Delete the random test users
+ self.runcmd("user", "delete", self.user1)
+ self.runcmd("user", "delete", self.user2)
+ self.runcmd("user", "delete", self.user3)
+ self.runcmd("user", "delete", self.user4)
+ super().tearDown()
def create_computer(self, name):
"""Create a Computer and return the dn."""
@@ -530,7 +556,6 @@ class AuthSiloMemberCmdTestCase(SiloTest):
self.assertIn(
f"User {member} granted access to the authentication silo {silo}",
out)
- self.addCleanup(self.revoke_silo_access, silo, member)
def revoke_silo_access(self, silo, member):
"""Revoke a member from an authentication silo."""
@@ -542,24 +567,24 @@ class AuthSiloMemberCmdTestCase(SiloTest):
def test_member_list(self):
"""Test listing authentication policy members in list format."""
- alice = self.get_user("alice")
- jane = self.get_user("jane")
- bob = self.get_user("bob")
+ user1 = self.get_user(self.user1)
+ user3 = self.get_user(self.user3)
+ user2 = self.get_user(self.user2)
result, out, err = self.runcmd("domain", "auth", "silo",
"member", "list",
"--name", "Developers")
self.assertIsNone(result, msg=err)
- self.assertIn(str(bob.dn), out)
- self.assertIn(str(jane.dn), out)
- self.assertNotIn(str(alice.dn), out)
+ self.assertIn(str(user2.dn), out)
+ self.assertIn(str(user3.dn), out)
+ self.assertNotIn(str(user1.dn), out)
def test_member_list___json(self):
"""Test listing authentication policy members list in json format."""
- alice = self.get_user("alice")
- jane = self.get_user("jane")
- bob = self.get_user("bob")
+ user1 = self.get_user(self.user1)
+ user3 = self.get_user(self.user3)
+ user2 = self.get_user(self.user2)
result, out, err = self.runcmd("domain", "auth", "silo",
"member", "list",
@@ -568,9 +593,9 @@ class AuthSiloMemberCmdTestCase(SiloTest):
self.assertIsNone(result, msg=err)
members = json.loads(out)
members_dn = [member["dn"] for member in members]
- self.assertIn(str(bob.dn), members_dn)
- self.assertIn(str(jane.dn), members_dn)
- self.assertNotIn(str(alice.dn), members_dn)
+ self.assertIn(str(user2.dn), members_dn)
+ self.assertIn(str(user3.dn), members_dn)
+ self.assertNotIn(str(user1.dn), members_dn)
def test_member_list__name_missing(self):
"""Test list authentication policy members without the name
argument."""
@@ -582,14 +607,17 @@ class AuthSiloMemberCmdTestCase(SiloTest):
def test_member_grant__user(self):
"""Test adding a user to an authentication silo."""
- self.grant_silo_access("Developers", "joe")
+ self.grant_silo_access("Developers", self.user4)
# Check if member is in silo
- user = self.get_user("joe")
+ user = self.get_user(self.user4)
silo = self.get_authentication_silo("Developers")
members = [str(member) for member in
silo["msDS-AuthNPolicySiloMembers"]]
self.assertIn(str(user.dn), members)
+ # Clean up: revoke access before tearDown deletes the user
+ self.revoke_silo_access("Developers", self.user4)
+
def test_member_grant__computer(self):
"""Test adding a computer to an authentication silo"""
name = self.unique_name()
diff --git a/python/samba/tests/samba_tool/domain_models.py
b/python/samba/tests/samba_tool/domain_models.py
index 79b38377ddc..527fab01d5e 100644
--- a/python/samba/tests/samba_tool/domain_models.py
+++ b/python/samba/tests/samba_tool/domain_models.py
@@ -64,14 +64,55 @@ class ModelTests(SambaToolCmdTest):
def test_query_filter_enum(self):
"""Tests filtering by an EnumField."""
- robots_vs_humans = User.query(self.samdb).count
- robots = User.query(self.samdb,
- account_type=AccountType.WORKSTATION_TRUST).count
- humans = User.query(self.samdb,
- account_type=AccountType.NORMAL_ACCOUNT).count
+ all_users = list(User.query(self.samdb))
+ robots_vs_humans = len(all_users)
+
+ robots_list = list(
+ User.query(self.samdb, account_type=AccountType.WORKSTATION_TRUST)
+ )
+ robots = len(robots_list)
+
+ humans_list = list(
+ User.query(self.samdb, account_type=AccountType.NORMAL_ACCOUNT)
+ )
+ humans = len(humans_list)
+ trusts_list = list(
+ User.query(self.samdb, account_type=AccountType.INTERDOMAIN_TRUST)
+ )
+ trusts = len(trusts_list)
+
+ # Debug output
+ print("\n=== Debug Output for test_query_filter_enum ===")
+ print(f"Total users: {robots_vs_humans}")
+ print(f"Robots (WORKSTATION_TRUST): {robots}")
+ print(f"Humans (NORMAL_ACCOUNT): {humans}")
+ print(f"Trusts (INTERDOMAIN_TRUST): {trusts}")
+ print(f"Sum (robots + humans + trusts): {robots + humans + trusts}")
+ print(f"Difference: {robots_vs_humans - (robots + humans + trusts)}")
+
+ # Find users that are neither robots nor humans
+ robots_dns = {str(user.dn) for user in robots_list}
+ humans_dns = {str(user.dn) for user in humans_list}
+ trust_dns = {str(user.dn) for user in trusts_list}
+ all_dns = {str(user.dn) for user in all_users}
+ other_dns = all_dns - robots_dns - humans_dns - trust_dns
+
+ if other_dns:
+ print(f"\nUsers that are neither WORKSTATION_TRUST nor "
+ f"NORMAL_ACCOUNT nor INTERDOMAIN_TRUST ({len(other_dns)}):")
+ for user in all_users:
+ if str(user.dn) in other_dns:
+ account_type_value = user.account_type
+ print(f" - {user.account_name}: "
+ f"account_type={account_type_value}")
+
+ print("=== End Debug Output ===\n")
+
self.assertNotEqual(robots, 0)
self.assertNotEqual(humans, 0)
- self.assertEqual(robots + humans, robots_vs_humans)
+ # If we have domain trusts or not, depends if we have setup
+ # environments with domain trusts before.
+ self.assertEqual(robots + humans + trusts, robots_vs_humans)
def test_as_dict(self):
"""Test the as_dict method for serializing to dict then JSON."""
diff --git a/python/samba/tests/samba_tool/user_auth_policy.py
b/python/samba/tests/samba_tool/user_auth_policy.py
index 035a1f2941f..65ce8d8455f 100644
--- a/python/samba/tests/samba_tool/user_auth_policy.py
+++ b/python/samba/tests/samba_tool/user_auth_policy.py
@@ -26,61 +26,126 @@ from .silo_base import SiloTest
class AuthPolicyCmdTestCase(SiloTest):
+
+ def setUp(self):
+ super().setUp()
+ # Create random test users
+ self.user1 = self.randomName()
+ self.user2 = self.randomName()
+ self.user3 = self.randomName()
+
+ # Create the users with random passwords
+ password = self.random_password()
+ self.runcmd("user", "add", self.user1, password)
+ self.runcmd("user", "add", self.user2, password)
+ self.runcmd("user", "add", self.user3, password)
+
+ def tearDown(self):
+ # Remove policy assignments before deleting users
+ # (ignore errors if no assignment exists)
+ self.runcmd("user", "auth", "policy", "remove", self.user1)
+ self.runcmd("user", "auth", "policy", "remove", self.user2)
+
+ # Delete the random test users
+ self.runcmd("user", "delete", self.user1)
+ self.runcmd("user", "delete", self.user2)
+ self.runcmd("user", "delete", self.user3)
+ super().tearDown()
+
def test_assign(self):
"""Test assigning an authentication policy to a user."""
- self.addCleanup(self.runcmd, "user", "auth", "policy", "remove",
"alice")
- result, out, err = self.runcmd("user", "auth", "policy", "assign",
- "alice", "--policy", "User Policy")
+ self.addCleanup(
+ self.runcmd, "user", "auth", "policy", "remove", self.user1
+ )
+ result, out, err = self.runcmd(
+ "user",
+ "auth",
+ "policy",
+ "assign",
+ self.user1,
+ "--policy",
+ "User Policy",
+ )
self.assertIsNone(result, msg=err)
- # Assigned policy should be 'Developers'
- user = User.get(self.samdb, account_name="alice")
+ # Assigned policy should be 'User Policy'
+ user = User.get(self.samdb, account_name=self.user1)
policy = AuthenticationPolicy.get(self.samdb, dn=user.assigned_policy)
self.assertEqual(policy.name, "User Policy")
def test_assign__invalid_policy(self):
- """Test assigning a non-existing authentication policy to a user."""
- result, out, err = self.runcmd("user", "auth", "policy", "assign",
- "alice", "--policy", "doesNotExist")
+ """Test assigning a non-existing authentication policy."""
+ result, out, err = self.runcmd(
+ "user",
+ "auth",
+ "policy",
+ "assign",
+ self.user1,
+ "--policy",
+ "doesNotExist",
+ )
self.assertEqual(result, -1)
self.assertIn("Authentication policy doesNotExist not found.", err)
def test_remove(self):
- """Test removing the assigned authentication policy from a user."""
+ """Test removing the assigned authentication policy."""
# First assign a policy, so we can test removing it.
- self.runcmd("user", "auth", "policy", "assign", "bob", "--policy",
- "User Policy")
+ self.runcmd(
+ "user",
+ "auth",
+ "policy",
+ "assign",
+ self.user2,
+ "--policy",
+ "User Policy",
+ )
# Assigned policy should be set
- user = User.get(self.samdb, account_name="bob")
+ user = User.get(self.samdb, account_name=self.user2)
self.assertIsNotNone(user.assigned_policy)
# Now try removing it
- result, out, err = self.runcmd("user", "auth", "policy", "remove",
- "bob")
+ result, out, err = self.runcmd(
+ "user", "auth", "policy", "remove", self.user2
+ )
self.assertIsNone(result, msg=err)
# Assigned policy should be None
- user = User.get(self.samdb, account_name="bob")
+ user = User.get(self.samdb, account_name=self.user2)
self.assertIsNone(user.assigned_policy)
def test_view(self):
- """Test viewing the current assigned authentication policy on a
user."""
+ """Test viewing the assigned authentication policy."""
# Assign a policy on one of the users.
- self.addCleanup(self.runcmd, "user", "auth", "policy", "remove", "bob")
- self.runcmd("user", "auth", "policy", "assign", "bob", "--policy",
- "User Policy")
+ self.addCleanup(
+ self.runcmd, "user", "auth", "policy", "remove", self.user2
+ )
+ self.runcmd(
+ "user",
+ "auth",
+ "policy",
+ "assign",
+ self.user2,
+ "--policy",
+ "User Policy",
+ )
# Test user with a policy assigned.
- result, out, err = self.runcmd("user", "auth", "policy", "view",
- "bob")
+ result, out, err = self.runcmd(
+ "user", "auth", "policy", "view", self.user2
+ )
self.assertIsNone(result, msg=err)
self.assertEqual(
- out, "User bob assigned to authentication policy User Policy\n")
+ out,
+ f"User {self.user2} assigned to authentication policy "
+ f"User Policy\n",
+ )
# Test user without a policy assigned.
- result, out, err = self.runcmd("user", "auth", "policy", "view",
- "joe")
+ result, out, err = self.runcmd(
+ "user", "auth", "policy", "view", self.user3
+ )
self.assertIsNone(result, msg=err)
self.assertEqual(
- out, "User joe has no assigned authentication policy.\n")
+ out, f"User {self.user3} has no assigned authentication policy.\n"
+ )
diff --git a/python/samba/tests/samba_tool/user_auth_silo.py
b/python/samba/tests/samba_tool/user_auth_silo.py
index 8ffc80cfcf4..2f682115924 100644
--- a/python/samba/tests/samba_tool/user_auth_silo.py
+++ b/python/samba/tests/samba_tool/user_auth_silo.py
@@ -26,59 +26,126 @@ from .silo_base import SiloTest
class AuthPolicyCmdTestCase(SiloTest):
+
+ def setUp(self):
+ super().setUp()
+ # Create random test users
+ self.user1 = self.randomName()
+ self.user2 = self.randomName()
+ self.user3 = self.randomName()
+
+ # Create the users with random passwords
+ password = self.random_password()
+ self.runcmd("user", "add", self.user1, password)
+ self.runcmd("user", "add", self.user2, password)
+ self.runcmd("user", "add", self.user3, password)
+
+ def tearDown(self):
+ # Remove silo assignments before deleting users
+ # (ignore errors if no assignment exists)
+ self.runcmd("user", "auth", "silo", "remove", self.user1)
+ self.runcmd("user", "auth", "silo", "remove", self.user2)
+
+ # Delete the random test users
+ self.runcmd("user", "delete", self.user1)
+ self.runcmd("user", "delete", self.user2)
+ self.runcmd("user", "delete", self.user3)
+ super().tearDown()
+
def test_assign(self):
"""Test assigning an authentication silo to a user."""
- self.addCleanup(self.runcmd, "user", "auth", "silo", "remove", "alice")
- result, out, err = self.runcmd("user", "auth", "silo", "assign",
- "alice", "--silo", "Developers")
+ self.addCleanup(
+ self.runcmd, "user", "auth", "silo", "remove", self.user1
+ )
+ result, out, err = self.runcmd(
+ "user",
+ "auth",
+ "silo",
+ "assign",
+ self.user1,
+ "--silo",
+ "Developers",
+ )
self.assertIsNone(result, msg=err)
# Assigned silo should be 'Developers'
- user = User.get(self.samdb, account_name="alice")
+ user = User.get(self.samdb, account_name=self.user1)
silo = AuthenticationSilo.get(self.samdb, dn=user.assigned_silo)
self.assertEqual(silo.name, "Developers")
def test_assign__invalid_silo(self):
- """Test assigning a non-existing authentication silo to a user."""
- result, out, err = self.runcmd("user", "auth", "silo", "assign",
- "alice", "--silo", "doesNotExist")
+ """Test assigning a non-existing authentication silo."""
+ result, out, err = self.runcmd(
+ "user",
+ "auth",
+ "silo",
+ "assign",
+ self.user1,
+ "--silo",
+ "doesNotExist",
+ )
self.assertEqual(result, -1)
self.assertIn("Authentication silo doesNotExist not found.", err)
def test_remove(self):
- """Test removing the assigned authentication silo from a user."""
+ """Test removing the assigned authentication silo."""
# First assign a silo, so we can test removing it.
- self.runcmd("user", "auth", "silo", "assign", "bob", "--silo", "QA")
+ self.runcmd(
+ "user",
+ "auth",
+ "silo",
+ "assign",
+ self.user2,
+ "--silo",
+ "QA",
+ )
# Assigned silo should be set
- user = User.get(self.samdb, account_name="bob")
+ user = User.get(self.samdb, account_name=self.user2)
self.assertIsNotNone(user.assigned_silo)
# Now try removing it
- result, out, err = self.runcmd("user", "auth", "silo", "remove",
- "bob")
+ result, out, err = self.runcmd(
+ "user", "auth", "silo", "remove", self.user2
+ )
self.assertIsNone(result, msg=err)
# Assigned silo should be None
- user = User.get(self.samdb, account_name="bob")
+ user = User.get(self.samdb, account_name=self.user2)
self.assertIsNone(user.assigned_silo)
def test_view(self):
- """Test viewing the current assigned authentication silo on a user."""
+ """Test viewing the assigned authentication silo."""
# Assign a silo on one of the users.
- self.addCleanup(self.runcmd, "user", "auth", "silo", "remove", "bob")
- self.runcmd("user", "auth", "silo", "assign", "bob", "--silo", "QA")
+ self.addCleanup(
+ self.runcmd, "user", "auth", "silo", "remove", self.user2
+ )
+ self.runcmd(
+ "user",
+ "auth",
+ "silo",
+ "assign",
+ self.user2,
+ "--silo",
+ "QA",
+ )
# Test user with a silo assigned.
- result, out, err = self.runcmd("user", "auth", "silo", "view",
- "bob")
+ result, out, err = self.runcmd(
+ "user", "auth", "silo", "view", self.user2
+ )
self.assertIsNone(result, msg=err)
self.assertEqual(
- out, "User bob assigned to authentication silo QA (revoked)\n")
+ out,
+ f"User {self.user2} assigned to authentication silo "
+ f"QA (revoked)\n",
+ )
# Test user without a silo assigned.
- result, out, err = self.runcmd("user", "auth", "silo", "view",
- "joe")
+ result, out, err = self.runcmd(
+ "user", "auth", "silo", "view", self.user3
+ )
self.assertIsNone(result, msg=err)
self.assertEqual(
- out, "User joe has no assigned authentication silo.\n")
+ out, f"User {self.user3} has no assigned authentication silo.\n"
+ )
--
Samba Shared Repository
