1 # Unix SMB/CIFS implementation.
2 # Copyright (C) Michael Adam 2012
4 # This program is free software; you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License as published by
6 # the Free Software Foundation; either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
21 from samba
.tests
.samba_tool
.base
import SambaToolCmdTest
27 class GroupCmdTestCase(SambaToolCmdTest
):
28 """Tests for samba-tool group subcommands"""
33 super(GroupCmdTestCase
, self
).setUp()
34 self
.samdb
= self
.getSamDB("-H", "ldap://%s" % os
.environ
["DC_SERVER"],
35 "-U%s%%%s" % (os
.environ
["DC_USERNAME"], os
.environ
["DC_PASSWORD"]))
37 self
.groups
.append(self
._randomGroup
({"name": "testgroup1"}))
38 self
.groups
.append(self
._randomGroup
({"name": "testgroup2"}))
39 self
.groups
.append(self
._randomGroup
({"name": "testgroup3"}))
40 self
.groups
.append(self
._randomGroup
({"name": "testgroup4"}))
42 # setup the 4 groups and ensure they are correct
43 for group
in self
.groups
:
44 (result
, out
, err
) = self
._create
_group
(group
)
46 self
.assertCmdSuccess(result
)
47 self
.assertEquals(err
, "", "There shouldn't be any error message")
48 self
.assertIn("Added group %s" % group
["name"], out
)
50 found
= self
._find
_group
(group
["name"])
52 self
.assertIsNotNone(found
)
54 self
.assertEquals("%s" % found
.get("name"), group
["name"])
55 self
.assertEquals("%s" % found
.get("description"), group
["description"])
58 super(GroupCmdTestCase
, self
).tearDown()
59 # clean up all the left over groups, just in case
60 for group
in self
.groups
:
61 if self
._find
_group
(group
["name"]):
62 self
.runsubcmd("group", "delete", group
["name"])
65 def test_newgroup(self
):
66 """This tests the "group add" and "group delete" commands"""
67 # try to add all the groups again, this should fail
68 for group
in self
.groups
:
69 (result
, out
, err
) = self
._create
_group
(group
)
70 self
.assertCmdFail(result
, "Succeeded to create existing group")
71 self
.assertIn("LDAP error 68 LDAP_ENTRY_ALREADY_EXISTS", err
)
73 # try to delete all the groups we just added
74 for group
in self
.groups
:
75 (result
, out
, err
) = self
.runsubcmd("group", "delete", group
["name"])
76 self
.assertCmdSuccess(result
,
77 "Failed to delete group '%s'" % group
["name"])
78 found
= self
._find
_group
(group
["name"])
79 self
.assertIsNone(found
,
80 "Deleted group '%s' still exists" % group
["name"])
83 for group
in self
.groups
:
84 (result
, out
, err
) = self
.runsubcmd("group", "add", group
["name"],
85 "--description=%s" % group
["description"],
86 "-H", "ldap://%s" % os
.environ
["DC_SERVER"],
87 "-U%s%%%s" % (os
.environ
["DC_USERNAME"],
88 os
.environ
["DC_PASSWORD"]))
90 self
.assertCmdSuccess(result
)
91 self
.assertEquals(err
,"","There shouldn't be any error message")
92 self
.assertIn("Added group %s" % group
["name"], out
)
94 found
= self
._find
_group
(group
["name"])
96 self
.assertEquals("%s" % found
.get("samaccountname"),
101 (result
, out
, err
) = self
.runsubcmd("group", "list",
102 "-H", "ldap://%s" % os
.environ
["DC_SERVER"],
103 "-U%s%%%s" % (os
.environ
["DC_USERNAME"],
104 os
.environ
["DC_PASSWORD"]))
105 self
.assertCmdSuccess(result
, "Error running list")
107 search_filter
= "(objectClass=group)"
109 grouplist
= self
.samdb
.search(base
=self
.samdb
.domain_dn(),
110 scope
=ldb
.SCOPE_SUBTREE
,
111 expression
=search_filter
,
112 attrs
=["samaccountname"])
114 self
.assertTrue(len(grouplist
) > 0, "no groups found in samdb")
116 for groupobj
in grouplist
:
117 name
= groupobj
.get("samaccountname", idx
=0)
118 found
= self
.assertMatch(out
, name
,
119 "group '%s' not found" % name
)
121 def test_listmembers(self
):
122 (result
, out
, err
) = self
.runsubcmd("group", "listmembers", "Domain Users",
123 "-H", "ldap://%s" % os
.environ
["DC_SERVER"],
124 "-U%s%%%s" % (os
.environ
["DC_USERNAME"],
125 os
.environ
["DC_PASSWORD"]))
126 self
.assertCmdSuccess(result
, "Error running listmembers")
128 search_filter
= "(|(primaryGroupID=513)(memberOf=CN=Domain Users,CN=Users,%s))" % self
.samdb
.domain_dn()
130 grouplist
= self
.samdb
.search(base
=self
.samdb
.domain_dn(),
131 scope
=ldb
.SCOPE_SUBTREE
,
132 expression
=search_filter
,
133 attrs
=["samAccountName"])
135 self
.assertTrue(len(grouplist
) > 0, "no groups found in samdb")
137 for groupobj
in grouplist
:
138 name
= groupobj
.get("samAccountName", idx
=0)
139 found
= self
.assertMatch(out
, name
, "group '%s' not found" % name
)
141 def _randomGroup(self
, base
={}):
142 """create a group with random attribute values, you can specify base attributes"""
144 "name": self
.randomName(),
145 "description": self
.randomName(count
=100),
150 def _create_group(self
, group
):
151 return self
.runsubcmd("group", "add", group
["name"],
152 "--description=%s" % group
["description"],
153 "-H", "ldap://%s" % os
.environ
["DC_SERVER"],
154 "-U%s%%%s" % (os
.environ
["DC_USERNAME"],
155 os
.environ
["DC_PASSWORD"]))
157 def _find_group(self
, name
):
158 search_filter
= ("(&(sAMAccountName=%s)(objectCategory=%s,%s))" %
159 (ldb
.binary_encode(name
),
160 "CN=Group,CN=Schema,CN=Configuration",
161 self
.samdb
.domain_dn()))
162 grouplist
= self
.samdb
.search(base
=self
.samdb
.domain_dn(),
163 scope
=ldb
.SCOPE_SUBTREE
,
164 expression
=search_filter
,