source4/torture/drs/python/delete_object.py

   1 #!/usr/bin/env python
   2 # -*- coding: utf-8 -*-
   3 #
   4 # Unix SMB/CIFS implementation.
   5 # Copyright (C) Kamen Mazdrashki <kamenim@samba.org> 2010
   6 #
   7 # This program is free software; you can redistribute it and/or modify
   8 # it under the terms of the GNU General Public License as published by
   9 # the Free Software Foundation; either version 3 of the License, or
  10 # (at your option) any later version.
  11 #
  12 # This program is distributed in the hope that it will be useful,
  13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15 # GNU General Public License for more details.
  16 #
  17 # You should have received a copy of the GNU General Public License
  18 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19 #
  20
  21 #
  22 # Usage:
  23 #  export DC1=dc1_dns_name
  24 #  export DC2=dc2_dns_name
  25 #  export SUBUNITRUN=$samba4srcdir/scripting/bin/subunitrun
  26 #  PYTHONPATH="$PYTHONPATH:$samba4srcdir/torture/drs/python" $SUBUNITRUN delete_object -U"$DOMAIN/$DC_USERNAME"%"$DC_PASSWORD"
  27 #
  28
  29 import sys
  30 import time
  31 import os
  32
  33 sys.path.insert(0, "bin/python")
  34
  35 from ldb import (
  36     SCOPE_BASE,
  37     SCOPE_SUBTREE
  38     )
  39
  40 import drs_base
  41
  42
  43 class DrsDeleteObjectTestCase(drs_base.DrsBaseTestCase):
  44
  45     def setUp(self):
  46         super(DrsDeleteObjectTestCase, self).setUp()
  47
  48     def tearDown(self):
  49         super(DrsDeleteObjectTestCase, self).tearDown()
  50
  51     def _make_username(self):
  52         return "DrsDelObjUser_" + time.strftime("%s", time.gmtime())
  53
  54     def _check_user(self, sam_ldb, user_orig, is_deleted):
  55         # search the user by guid as it may be deleted
  56         guid_str = self._GUID_string(user_orig["objectGUID"][0])
  57         expression = "(objectGUID=%s)" % guid_str
  58         res = sam_ldb.search(base=self.domain_dn,
  59                              expression=expression,
  60                              controls=["show_deleted:1"])
  61         self.assertEquals(len(res), 1)
  62         user_cur = res[0]
  63         # Deleted Object base DN
  64         dodn = self._deleted_objects_dn(sam_ldb)
  65         # now check properties of the user
  66         name_orig = user_orig["cn"][0]
  67         name_cur  = user_cur["cn"][0]
  68         if is_deleted:
  69             self.assertEquals(user_cur["isDeleted"][0],"TRUE")
  70             self.assertTrue(not("objectCategory" in user_cur))
  71             self.assertTrue(not("sAMAccountType" in user_cur))
  72             self.assertTrue(dodn in str(user_cur["dn"]),
  73                             "User %s is deleted but it is not located under %s!" % (name_orig, dodn))
  74             self.assertEquals(name_cur, name_orig + "\nDEL:" + guid_str)
  75         else:
  76             self.assertTrue(not("isDeleted" in user_cur))
  77             self.assertEquals(name_cur, name_orig)
  78             self.assertEquals(user_orig["dn"], user_cur["dn"])
  79             self.assertTrue(dodn not in str(user_cur["dn"]))
  80
  81     def test_NetReplicateCmd(self):
  82         """Triggers replication from DC1 to DC2
  83            and vice versa so both DCs are synchronized
  84            before test_ReplicateDeteleteObject test"""
  85         # replicate Domain NC on DC2 from DC1
  86         self._net_drs_replicate(DC=self.dnsname_dc2, fromDC=self.dnsname_dc1)
  87         # replicate Domain NC on DC1 from DC2
  88         self._net_drs_replicate(DC=self.dnsname_dc1, fromDC=self.dnsname_dc2)
  89
  90     def test_ReplicateDeteleteObject(self):
  91         """Verifies how a deleted-object is replicated between two DCs.
  92            This test should verify that:
  93             - deleted-object is replicated properly
  94            TODO: We should verify that after replication,
  95                  object's state to conform to a deleted-object state
  96                  or tombstone -object, depending on DC's features
  97                  It will also be great if check replPropertyMetaData."""
  98         # work-out unique username to test with
  99         username = self._make_username()
 100
 101         # create user on DC1
 102         self.ldb_dc1.newuser(username=username, password="P@sswOrd!")
 103         ldb_res = self.ldb_dc1.search(base=self.domain_dn,
 104                                       scope=SCOPE_SUBTREE,
 105                                       expression="(samAccountName=%s)" % username)
 106         self.assertEquals(len(ldb_res), 1)
 107         user_orig = ldb_res[0]
 108         user_dn   = ldb_res[0]["dn"]
 109
 110         # check user info on DC1
 111         print "Testing for %s with GUID %s" % (username, self._GUID_string(user_orig["objectGUID"][0]))
 112         self._check_user(sam_ldb=self.ldb_dc1, user_orig=user_orig, is_deleted=False)
 113
 114         # trigger replication from DC1 to DC2
 115         self._net_drs_replicate(DC=self.dnsname_dc2, fromDC=self.dnsname_dc1)
 116
 117         # delete user on DC1
 118         self.ldb_dc1.delete(user_dn)
 119         # check user info on DC1 - should be deleted
 120         self._check_user(sam_ldb=self.ldb_dc1, user_orig=user_orig, is_deleted=True)
 121         # check user info on DC2 - should be valid user
 122         try:
 123             self._check_user(sam_ldb=self.ldb_dc2, user_orig=user_orig, is_deleted=False)
 124         except self.failureException:
 125             print ("Checking for not isDeleted user on %s failed, "
 126                    "probably because a replication took place. "
 127                    "Ideally we should block automatic replications during this test, "
 128                    "but until then, just ignore the error" % self.dnsname_dc2)
 129
 130         # trigger replication from DC2 to DC1
 131         # to check if deleted object gets restored
 132         self._net_drs_replicate(DC=self.dnsname_dc1, fromDC=self.dnsname_dc2)
 133         # check user info on DC1 - should be deleted
 134         self._check_user(sam_ldb=self.ldb_dc1, user_orig=user_orig, is_deleted=True)
 135         # check user info on DC2 - should be valid user
 136         try:
 137             self._check_user(sam_ldb=self.ldb_dc2, user_orig=user_orig, is_deleted=False)
 138         except self.failureException:
 139             print ("Checking for not isDeleted user on %s failed, "
 140                    "probably because a replication took place. "
 141                    "Ideally we should block automatic replications during this test, "
 142                    "but until then, just ignore the error" % self.dnsname_dc2)
 143
 144         # trigger replication from DC1 to DC2
 145         # to check if deleted object is replicated
 146         self._net_drs_replicate(DC=self.dnsname_dc2, fromDC=self.dnsname_dc1)
 147         # check user info on DC1 - should be deleted
 148         self._check_user(sam_ldb=self.ldb_dc1, user_orig=user_orig, is_deleted=True)
 149         # check user info on DC2 - should be deleted
 150         self._check_user(sam_ldb=self.ldb_dc2, user_orig=user_orig, is_deleted=True)
 151