git.samba.org / samba.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
testprogs/blackbox: PY3 bulk change for python scripts use correct python
[samba.git] / python / samba / tests / samba_tool / user_check_password_script.py
1 # Unix SMB/CIFS implementation.
2 # Copyright (C) Sean Dague <sdague@linux.vnet.ibm.com> 2011
3 # Copyright (C) Andrew Bartlett <abartlet@samba.org> 2016
4 #
5 # This program is free software; you can redistribute it and/or modify
6 # it under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
9 #
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13 # GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License
16 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
17 #
18
19 import os
20 import time
21 import ldb
22 from samba.tests.samba_tool.base import SambaToolCmdTest
23 from samba import (
24         nttime2unix,
25         dsdb
26         )
27
28
29 class UserCheckPwdTestCase(SambaToolCmdTest):
30     """Tests for samba-tool user subcommands"""
31     users = []
32     samdb = None
33
34     def setUp(self):
35         super(UserCheckPwdTestCase, self).setUp()
36         self.samdb = self.getSamDB("-H", "ldap://%s" % os.environ["DC_SERVER"],
37                                    "-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
38         self.old_min_pwd_age = self.samdb.get_minPwdAge()
39         self.samdb.set_minPwdAge("0")
40
41     def tearDown(self):
42         super(UserCheckPwdTestCase, self).tearDown()
43         self.samdb.set_minPwdAge(self.old_min_pwd_age)
44
45     def test_checkpassword(self):
46         # Add
47         user = self._randomUser()
48         bad_password = os.environ["UNACCEPTABLE_PASSWORD"]
49         good_password = bad_password[:-1]
50
51         (result, out, err) = self.runsubcmd("user", "add", user["name"], bad_password,
52                                             "-H", "ldap://%s" % os.environ["DC_SERVER"],
53                                             "-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
54         self.assertCmdFail(result, "Should fail adding a user with bad password.")
55         (result, out, err) = self.runsubcmd("user", "delete", user["name"],
56                                             "-H", "ldap://%s" % os.environ["DC_SERVER"],
57                                             "-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
58         self.assertCmdSuccess(result, out, err, "Should delete user with bad password.")
59
60         (result, out, err) = self.runsubcmd("user", "add", user["name"], good_password,
61                                             "-H", "ldap://%s" % os.environ["DC_SERVER"],
62                                             "-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
63         self.assertCmdSuccess(result, out, err, "Should succeed adding a user with good password.")
64
65         # Set password
66         (result, out, err) = self.runsubcmd("user", "setpassword", user["name"],
67                                             "--newpassword=%s" % bad_password,
68                                             "-H", "ldap://%s" % os.environ["DC_SERVER"],
69                                             "-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
70         self.assertCmdFail(result, "Should fail setting a user's password to a bad one.")
71
72         (result, out, err) = self.runsubcmd("user", "setpassword", user["name"],
73                                             "--newpassword=%s" % good_password,
74                                             "-H", "ldap://%s" % os.environ["DC_SERVER"],
75                                             "-U%s%%%s" % (os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
76         self.assertCmdSuccess(result, out, err, "Should succeed setting a user's password to a good one.")
77
78         # Password=
79
80         (result, out, err) = self.runsubcmd("user", "password",
81                                             "--newpassword=%s" % bad_password,
82                                             "--ipaddress", os.environ["DC_SERVER_IP"],
83                                             "-U%s%%%s" % (user["name"], good_password))
84         self.assertCmdFail(result, "A user setting their own password to a bad one should fail.")
85
86         (result, out, err) = self.runsubcmd("user", "password",
87                                             "--newpassword=%s" % good_password + 'XYZ',
88                                             "--ipaddress", os.environ["DC_SERVER_IP"],
89                                             "-U%s%%%s" % (user["name"], good_password))
90         self.assertCmdSuccess(result, out, err, "A user setting their own password to a good one should succeed.")
91
92     def _randomUser(self, base={}):
93         """create a user with random attribute values, you can specify base attributes"""
94         user = {
95             "name": self.randomName(),
96         }
97         user.update(base)
98         return user
Samba Shared Repository