from ldb import ERR_NO_SUCH_OBJECT, ERR_ATTRIBUTE_OR_VALUE_EXISTS
from ldb import ERR_ENTRY_ALREADY_EXISTS, ERR_UNWILLING_TO_PERFORM
from ldb import ERR_NOT_ALLOWED_ON_NON_LEAF, ERR_OTHER, ERR_INVALID_DN_SYNTAX
+from ldb import Message, Dn
from samba import Ldb
from subunit import SubunitTestRunner
from samba import param
+from samba import glue
import unittest
parser = optparse.OptionParser("ldap [options] <host>")
ldb.delete("cn=testotherusers," + self.base_dn)
def test_groupType(self):
- """Test groupType behaviour
- (should appear to be casted to a 32 bit signed integer before comparsion)"""
+ """Test groupType behaviour (should appear to be casted to a 32 bit signed integer before comparsion)"""
print "Testing groupType behaviour\n"
res1 = ldb.search(base=self.base_dn, scope=SCOPE_SUBTREE,
- attrs=["groupType"], expression="groupType=2147483650");
+ attrs=["groupType"], expression="groupType=2147483653");
res2 = ldb.search(base=self.base_dn, scope=SCOPE_SUBTREE,
- attrs=["groupType"], expression="groupType=-2147483646");
+ attrs=["groupType"], expression="groupType=-2147483643");
self.assertEquals(len(res1), len(res2))
self.assertTrue(res1.count > 0)
- self.assertEquals(res1[0]["groupType"][0], "-2147483646")
+ self.assertEquals(res1[0]["groupType"][0], "-2147483643")
+
+ def test_primary_group_token(self):
+ """Test the primary group token behaviour (hidden-generated-readonly attribute on groups)"""
+ print "Testing primary group token behaviour\n"
+
+ ldb.add({
+ "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn,
+ "objectclass": ["user", "person"],
+ "cN": "LDAPtestUSER",
+ "givenname": "ldap",
+ "sn": "testy"})
+
+ ldb.add({
+ "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
+ "objectclass": "group",
+ "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
+
+ res1 = ldb.search("cn=ldaptestuser, cn=users," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["primaryGroupToken"])
+ self.assertTrue(len(res1) == 1)
+ self.assertFalse("primaryGroupToken" in res1[0])
+
+ res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
+ scope=SCOPE_BASE)
+ self.assertTrue(len(res1) == 1)
+ self.assertFalse("primaryGroupToken" in res1[0])
+
+ res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["primaryGroupToken", "objectSID"])
+ self.assertTrue(len(res1) == 1)
+ primary_group_token = int(res1[0]["primaryGroupToken"][0])
+
+ rid = glue.dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0]))
+ self.assertEquals(primary_group_token, rid)
+
+# Has to wait until we support read-only generated attributes correctly
+# m = Message()
+# m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
+# m["primaryGroupToken"] = "100"
+# try:
+# ldb.modify(m)
+# self.fail()
+# except LdbError, (num, msg):
+# print msg
+
+ self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
+ self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
def test_all(self):
"""Basic tests"""
print "Testing user add"
ldb.add({
- "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn,
- "objectclass": ["user", "person"],
- "cN": "LDAPtestUSER",
- "givenname": "ldap",
- "sn": "testy"})
+ "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn,
+ "objectclass": ["user", "person"],
+ "cN": "LDAPtestUSER",
+ "givenname": "ldap",
+ "sn": "testy"})
ldb.add({
"dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
return ret;
}
+static PyObject *py_dom_sid_to_rid(PyLdbObject *self, PyObject *args)
+{
+ PyObject *py_sid;
+ struct dom_sid *sid;
+ uint32_t rid;
+ NTSTATUS status;
+
+ if(!PyArg_ParseTuple(args, "O", &py_sid))
+ return NULL;
+
+ sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid));
+
+ status = dom_sid_split_rid(NULL, sid, NULL, &rid);
+ if (!NT_STATUS_IS_OK(status)) {
+ PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed");
+ return NULL;
+ }
+
+ return PyInt_FromLong(rid);
+}
+
static PyMethodDef py_misc_methods[] = {
{ "generate_random_str", (PyCFunction)py_generate_random_str, METH_VARARGS,
"random_password(len) -> string\n"
NULL },
{ "dsdb_convert_schema_to_openldap", (PyCFunction)py_dsdb_convert_schema_to_openldap, METH_VARARGS,
NULL },
+ { "dom_sid_to_rid", (PyCFunction)py_dom_sid_to_rid, METH_VARARGS,
+ NULL },
{ NULL }
};
git.samba.org / amitay / samba.git / commitdiff