git.samba.org / asn / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ba6f401)
pytest:sddl: allow tests to make negative assertions
authorDouglas Bagnall <douglas.bagnall@catalyst.net.nz>
Sat, 15 Apr 2023 08:42:12 +0000 (20:42 +1200)
committerAndrew Bartlett <abartlet@samba.org>
Fri, 28 Apr 2023 02:15:36 +0000 (02:15 +0000)
If the subclass has `should_succeed = False`, all the cases
in that class will be tested to ensure they can't be
successfully parsed.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
python/samba/tests/sddl.py patch | blob | history

diff --git a/python/samba/tests/sddl.py b/python/samba/tests/sddl.py
index 79ee611127afd612311fbf082edaa29ff8d37a1e..659038d1ed268d5e6d24def64b4c81853317467f 100644 (file)
--- a/python/samba/tests/sddl.py
+++ b/python/samba/tests/sddl.py
@@ -36,10 +36,16 @@ class SddlDecodeEncodeBase(TestCase):
                 print(f"seen {pair} after {len(seen)}")
             seen.add(pair)
             sddl, canonical = pair
+
             name = sddl
             if len(name) > 120:
                 name = f"{name[:100]}+{len(name) - 100}-more-characters"
-            cls.generate_dynamic_test('test_sddl', name, sddl, canonical)
+
+            if cls.should_succeed:
+                cls.generate_dynamic_test('test_sddl', name, sddl, canonical)
+            else:
+                cls.generate_dynamic_test('test_sddl_should_fail',
+                                          name, sddl, canonical)
 
     def _test_sddl_with_args(self, s, canonical):
         try:
@@ -52,6 +58,10 @@ class SddlDecodeEncodeBase(TestCase):
         self.assertEqual(sd1, sd2)
         self.assertEqual(sddl, canonical)
 
+    def _test_sddl_should_fail_with_args(self, s, canonical):
+        with self.assertRaises(ValueError):
+            security.descriptor.from_sddl(s, self.domain_sid)
+
 
 @DynamicTestCase
 class SddlNonCanonical(SddlDecodeEncodeBase):
@@ -60,6 +70,7 @@ class SddlNonCanonical(SddlDecodeEncodeBase):
     will be output.
     """
     name = "non_canonical"
+    should_succeed = True
     strings = [
         # format is (original, canonical); after passing through an SD
         # object, the SDDL will look like the canonical version.
@@ -465,6 +476,7 @@ class SddlCanonical(SddlDecodeEncodeBase):
     start in. Hence we only have one string for each example.
     """
     name = "canonical"
+    should_succeed = True
     strings = [
         # derived from GPO acl in provision, "-512D" could be misinterpreted
         ("O:S-1-5-21-1225132014-296224811-2507946102-512"
guru meditation