python tests: fix format() strings for Python 2.6
authorDouglas Bagnall <douglas.bagnall@catalyst.net.nz>
Fri, 21 Sep 2018 01:22:56 +0000 (13:22 +1200)
committerAndrew Bartlett <abartlet@samba.org>
Fri, 21 Sep 2018 18:04:23 +0000 (20:04 +0200)
Python 2.6 wants "{0}".format(x), not "{}".format(x).

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
13 files changed:
python/samba/tests/blackbox/check_output.py
python/samba/tests/blackbox/samba_dnsupdate.py
python/samba/tests/dns.py
python/samba/tests/domain_backup_offline.py
python/samba/tests/kcc/kcc_utils.py
python/samba/tests/krb5_credentials.py
python/samba/tests/posixacl.py
python/samba/tests/pso.py
python/samba/tests/samba_tool/computer.py
python/samba/tests/samba_tool/demote.py
python/samba/tests/samba_tool/dnscmd.py
source4/dsdb/tests/python/confidential_attr.py
source4/dsdb/tests/python/password_settings.py

index 7b92d82fd8c8f2f49a76304074be4155a437776e..3483a082829aa98381961239937e193c7ea50643 100644 (file)
@@ -55,7 +55,9 @@ class TimeoutHelper():
 
 def _make_cmdline(data='$', repeat=(5 * 1024 * 1024), retcode=0):
     """Build a command to call gen_output.py to generate large output"""
-    return 'gen_output.py --data {} --repeat {} --retcode {}'.format(data, repeat, retcode)
+    return 'gen_output.py --data {0} --repeat {1} --retcode {2}'.format(data,
+                                                                        repeat,
+                                                                        retcode)
 
 
 class CheckOutputTests(BlackboxTestCase):
index d5f70ea52375b5a2c44cea73c4275385ac8c32e2..1e0c1649f2b8acd9e1ee47f911973d41b2a74014 100644 (file)
@@ -99,14 +99,14 @@ class SambaDnsUpdateTests(samba.tests.BlackboxTestCase):
 
         m = ldb.Message()
         m.dn = ldb.Dn(self.samdb, 'CN=DEFAULTIPSITELINK,CN=IP,'
-                      'CN=Inter-Site Transports,CN=Sites,{}'.format(
+                      'CN=Inter-Site Transports,CN=Sites,{0}'.format(
                           self.samdb.get_config_basedn()))
-        m['siteList'] = ldb.MessageElement("CN={},CN=Sites,{}".format(
+        m['siteList'] = ldb.MessageElement("CN={0},CN=Sites,{1}".format(
             site_name,
             self.samdb.get_config_basedn()),
             ldb.FLAG_MOD_ADD, "siteList")
 
-        dns_c = "samba_dnsupdate --verbose --use-file={}".format(tmp_uc)
+        dns_c = "samba_dnsupdate --verbose --use-file={0}".format(tmp_uc)
         out = self.check_output(dns_c)
         self.assertFalse(site_name.lower() in out, out)
 
index 50486f0591b1e251c51453bdb24edb41d05c8e38..1e6734f580c449c5528af6c233418ee5b20ccb1a 100644 (file)
@@ -1002,7 +1002,7 @@ class TestZones(DNSTest):
                 self.fail(str(e))
 
     def ldap_modify_dnsrecs(self, name, func):
-        dn = 'DC={},{}'.format(name, self.zone_dn)
+        dn = 'DC={0},{1}'.format(name, self.zone_dn)
         dns_recs = self.ldap_get_dns_records(name)
         for rec in dns_recs:
             func(rec)
@@ -1033,7 +1033,7 @@ class TestZones(DNSTest):
         # The use of SCOPE_SUBTREE here avoids raising an exception in the
         # 0 results case for a test below.
 
-        expr = "(&(objectClass=dnsNode)(name={}))".format(name)
+        expr = "(&(objectClass=dnsNode)(name={0}))".format(name)
         return self.samdb.search(base=self.zone_dn, scope=ldb.SCOPE_SUBTREE,
                                  expression=expr, attrs=["*"])
 
@@ -1045,7 +1045,7 @@ class TestZones(DNSTest):
     def ldap_get_zone_settings(self):
         records = self.samdb.search(base=self.zone_dn, scope=ldb.SCOPE_BASE,
                                     expression="(&(objectClass=dnsZone)" +
-                                    "(name={}))".format(self.zone),
+                                    "(name={0}))".format(self.zone),
                                     attrs=["dNSProperty"])
         self.assertEqual(len(records), 1)
         props = [ndr_unpack(dnsp.DnsProperty, r)
@@ -1259,7 +1259,7 @@ class TestZones(DNSTest):
         self.dns_tombstone(name5, txt5, self.zone)
 
         self.ldap_get_dns_records(name3)
-        expr = "(dnsRecord:1.3.6.1.4.1.7165.4.5.3:={})"
+        expr = "(dnsRecord:1.3.6.1.4.1.7165.4.5.3:={0})"
         expr = expr.format(int(last_update.dwTimeStamp) - 1)
         try:
             res = self.samdb.search(base=self.zone_dn, scope=ldb.SCOPE_SUBTREE,
@@ -1281,7 +1281,7 @@ class TestZones(DNSTest):
                         Aging=1, zone=self.zone,
                         AllowUpdate=dnsp.DNS_ZONE_UPDATE_UNSECURE)
 
-        expr = "(dnsRecord:1.3.6.1.4.1.7165.4.5.3:={})"
+        expr = "(dnsRecord:1.3.6.1.4.1.7165.4.5.3:={0})"
         expr = expr.format(1)
 
         try:
@@ -1328,7 +1328,7 @@ class TestZones(DNSTest):
 
         # Tombstone time longer than 64 characters
         try:
-            expr = "(dnsRecord:1.3.6.1.4.1.7165.4.5.3:={})"
+            expr = "(dnsRecord:1.3.6.1.4.1.7165.4.5.3:={0})"
             expr = expr.format("1" * 65)
             res = samdb.search(base=self.zone_dn, scope=ldb.SCOPE_SUBTREE,
                                expression=expr, attrs=["*"])
index 6762e885d1353d350fe36b46fdad9b30dd81e292..f5fa1561de2bf87ae2bbaee96372a42d0d56f61a 100644 (file)
@@ -111,7 +111,7 @@ class DomainBackupOfflineCmp(SambaToolCmdTest, TestCaseInTempDir):
                      fn.endswith(".tar.bz2")]
         if len(tar_files) != 1:
             raise CommandError("expected domain backup to create one tar" +
-                               " file but got {}".format(len(tar_files)))
+                               " file but got {0}".format(len(tar_files)))
 
         backup_file = os.path.join(prov_dir, tar_files[0])
         return prov_dir, backup_file
index ae0aee3456443786443697afa881229cf098d337..d8c084e9652e8242e89d67ad448bf2d9c43b09f1 100644 (file)
@@ -69,7 +69,7 @@ class SiteCoverageTests(samba.tests.TestCase):
         self.samdb.transaction_commit()
 
     def _add_server(self, name, site):
-        dn = "CN={},CN=Servers,{}".format(name, site)
+        dn = "CN={0},CN=Servers,{1}".format(name, site)
         self.samdb.add({
             "dn": dn,
             "objectClass": "server",
@@ -78,7 +78,7 @@ class SiteCoverageTests(samba.tests.TestCase):
         return dn
 
     def _add_site(self, name):
-        dn = "CN={},CN=Sites,{}".format(
+        dn = "CN={0},CN=Sites,{1}".format(
             name, self.samdb.get_config_basedn()
         )
         self.samdb.add({
@@ -94,7 +94,7 @@ class SiteCoverageTests(samba.tests.TestCase):
         return dn, name.lower()
 
     def _add_site_link(self, name, links=[], cost=100):
-        dn = "CN={},CN=IP,CN=Inter-Site Transports,CN=Sites,{}".format(
+        dn = "CN={0},CN=IP,CN=Inter-Site Transports,CN=Sites,{1}".format(
             name, self.samdb.get_config_basedn()
         )
         self.samdb.add({
index 58f951e3ff4a48c27075b87104c4011412ba10dd..6c30bef97af6a612ec61172a37cecbd96d157f1c 100644 (file)
@@ -95,7 +95,7 @@ class PyKrb5CredentialsTests(TestCase):
         delete_force(self.ldb, self.machine_dn)
         # get unicode str for both py2 and py3
         pass_unicode = self.machine_pass.encode('utf-8').decode('utf-8')
-        utf16pw = u'"{}"'.format(pass_unicode).encode('utf-16-le')
+        utf16pw = u'"{0}"'.format(pass_unicode).encode('utf-16-le')
         self.ldb.add({
             "dn": self.machine_dn,
             "objectclass": "computer",
index 982967f659ff1d15a168402d19ef9cf0dcd48d06..a758df9b19ebab0ee0e9017473be3afe26beec60 100644 (file)
@@ -823,7 +823,7 @@ class SessionedPosixAclMappingTests(PosixAclMappingTests):
             # fake it with admin session as domsid is not in local db
             return auth.admin_session(self.lp, str(domsid))
 
-        dn = '<SID={}-{}>'.format(domsid, security.DOMAIN_RID_ADMINISTRATOR)
+        dn = '<SID={0}-{1}>'.format(domsid, security.DOMAIN_RID_ADMINISTRATOR)
         flags = (auth.AUTH_SESSION_INFO_DEFAULT_GROUPS |
                  auth.AUTH_SESSION_INFO_AUTHENTICATED |
                  auth.AUTH_SESSION_INFO_SIMPLE_PRIVILEGES)
@@ -844,7 +844,7 @@ class UnixSessionedPosixAclMappingTests(PosixAclMappingTests):
             # fake it with admin session as domsid is not in local db
             return auth.admin_session(self.lp, str(domsid))
 
-        dn = '<SID={}-{}>'.format(domsid, security.DOMAIN_RID_ADMINISTRATOR)
+        dn = '<SID={0}-{1}>'.format(domsid, security.DOMAIN_RID_ADMINISTRATOR)
         flags = (auth.AUTH_SESSION_INFO_DEFAULT_GROUPS |
                  auth.AUTH_SESSION_INFO_AUTHENTICATED |
                  auth.AUTH_SESSION_INFO_SIMPLE_PRIVILEGES)
index af1cd7acaed5653335a6298329daff64d4812677..4038ee786e1f2097ce36d10e65b95bb14639cf52 100644 (file)
@@ -228,18 +228,18 @@ class PasswordSettings:
 
         # all the following fields are mandatory for the PSO object
         ldif = """
-dn: {}
+dn: {0}
 objectClass: msDS-PasswordSettings
-msDS-PasswordSettingsPrecedence: {}
-msDS-PasswordReversibleEncryptionEnabled: {}
-msDS-PasswordHistoryLength: {}
-msDS-PasswordComplexityEnabled: {}
-msDS-MinimumPasswordLength: {}
-msDS-MinimumPasswordAge: {}
-msDS-MaximumPasswordAge: {}
-msDS-LockoutThreshold: {}
-msDS-LockoutObservationWindow: {}
-msDS-LockoutDuration: {}
+msDS-PasswordSettingsPrecedence: {1}
+msDS-PasswordReversibleEncryptionEnabled: {2}
+msDS-PasswordHistoryLength: {3}
+msDS-PasswordComplexityEnabled: {4}
+msDS-MinimumPasswordLength: {5}
+msDS-MinimumPasswordAge: {6}
+msDS-MaximumPasswordAge: {7}
+msDS-LockoutThreshold: {8}
+msDS-LockoutObservationWindow: {9}
+msDS-LockoutDuration: {10}
 """.format(self.dn, self.precedence, plaintext_str, self.history_len,
            complexity_str, self.password_len, min_age, max_age,
            self.lockout_attempts, lockout_window, lockout_duration)
index 8c5f332d46150f59fb015e044b116a981c1333e0..94f62307cfd0302f6dd68891378b4656cf271b2c 100644 (file)
@@ -254,14 +254,14 @@ class ComputerCmdTestCase(SambaToolCmdTest):
         return ou
 
     def _create_computer(self, computer):
-        args = '{} {} --description={}'.format(
+        args = '{0} {1} --description={2}'.format(
             computer['name'], self.creds, computer["description"])
 
         for ip_address in computer.get('ip_address_list', []):
-            args += ' --ip-address={}'.format(ip_address)
+            args += ' --ip-address={0}'.format(ip_address)
 
         for service_principal_name in computer.get('service_principal_name_list', []):
-            args += ' --service-principal-name={}'.format(service_principal_name)
+            args += ' --service-principal-name={0}'.format(service_principal_name)
 
         args = args.split()
 
@@ -290,9 +290,9 @@ class ComputerCmdTestCase(SambaToolCmdTest):
     def _find_dns_record(self, name, ip_address):
         name = name.rstrip('$')  # computername
         records = self.samdb.search(
-            base="DC=DomainDnsZones,{}".format(self.samdb.get_default_basedn()),
+            base="DC=DomainDnsZones,{0}".format(self.samdb.get_default_basedn()),
             scope=ldb.SCOPE_SUBTREE,
-            expression="(&(objectClass=dnsNode)(name={}))".format(name),
+            expression="(&(objectClass=dnsNode)(name={0}))".format(name),
             attrs=['dnsRecord', 'dNSTombstoned'])
 
         # unpack data and compare
index 0726d2b15afb216dbd8a7895e73089263b8104f3..ce57ad16c41ab8bea2b310bd89987f0ae46c7a03 100644 (file)
@@ -25,7 +25,7 @@ class DemoteCmdTestCase(SambaToolCmdTest):
 
     def setUp(self):
         super(DemoteCmdTestCase, self).setUp()
-        self.creds_string = "-U{}%{}".format(
+        self.creds_string = "-U{0}%{1}".format(
             os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"])
 
         self.dc_server = os.environ['DC_SERVER']
@@ -58,10 +58,10 @@ class DemoteCmdTestCase(SambaToolCmdTest):
         self.assertCmdSuccess(result, out, err)
 
         # the above A record points to this host
-        dnshostname = '{}.{}'.format(server, zone)
+        dnshostname = '{0}.{1}'.format(server, zone)
 
         # add a SRV record points to above host
-        srv_record = "{} 65530 65530 65530".format(dnshostname)
+        srv_record = "{0} 65530 65530 65530".format(dnshostname)
         self.runsubcmd(
             "dns", "add", self.dc_server, zone, 'testrecord', "SRV",
             srv_record, self.creds_string)
index 64e34dc3af249d99edf1f90393d404264caeccfa..3d3d768c1d946ada3eccf6eb4cf98aa365d032d5 100644 (file)
@@ -670,7 +670,7 @@ class DnsCmdTestCase(SambaToolCmdTest):
                        'testa', "A", self.testip, self.creds_string)
 
         # the above A record points to this host
-        dnshostname = '{}.{}'.format('testa', self.zone.lower())
+        dnshostname = '{0}.{1}'.format('testa', self.zone.lower())
 
         # add a CNAME record points to above host
         self.runsubcmd("dns", "add", os.environ["SERVER"], self.zone,
@@ -685,7 +685,7 @@ class DnsCmdTestCase(SambaToolCmdTest):
                        'testptr', "PTR", dnshostname, self.creds_string)
 
         # add a SRV record points to above host
-        srv_record = "{} 65530 65530 65530".format(dnshostname)
+        srv_record = "{0} 65530 65530 65530".format(dnshostname)
         self.runsubcmd("dns", "add", os.environ["SERVER"], self.zone,
                        'testsrv', "SRV", srv_record, self.creds_string)
 
@@ -697,9 +697,9 @@ class DnsCmdTestCase(SambaToolCmdTest):
         for record_name in ['testa', 'testcname', 'testns', 'testptr', 'testsrv']:
 
             records = self.samdb.search(
-                base="DC=DomainDnsZones,{}".format(self.samdb.get_default_basedn()),
+                base="DC=DomainDnsZones,{0}".format(self.samdb.get_default_basedn()),
                 scope=ldb.SCOPE_SUBTREE,
-                expression="(&(objectClass=dnsNode)(name={}))".format(record_name),
+                expression="(&(objectClass=dnsNode)(name={0}))".format(record_name),
                 attrs=["dNSTombstoned"])
 
             self.assertEqual(len(records), 1)
@@ -716,7 +716,7 @@ class DnsCmdTestCase(SambaToolCmdTest):
                        'notesta', "A", self.testip, self.creds_string)
 
         # the above A record points to this host
-        dnshostname = '{}.{}'.format('testa', self.zone.lower())
+        dnshostname = '{0}.{1}'.format('testa', self.zone.lower())
 
         # add a CNAME record points to above host
         self.runsubcmd("dns", "add", os.environ["SERVER"], self.zone,
@@ -731,7 +731,7 @@ class DnsCmdTestCase(SambaToolCmdTest):
                        'notestptr', "PTR", dnshostname, self.creds_string)
 
         # add a SRV record points to above host
-        srv_record = "{} 65530 65530 65530".format(dnshostname)
+        srv_record = "{0} 65530 65530 65530".format(dnshostname)
         self.runsubcmd("dns", "add", os.environ["SERVER"], self.zone,
                        'notestsrv', "SRV", srv_record, self.creds_string)
 
@@ -747,9 +747,9 @@ class DnsCmdTestCase(SambaToolCmdTest):
         for record_name in ['notestcname', 'notestns', 'notestptr', 'notestsrv']:
 
             records = self.samdb.search(
-                base="DC=DomainDnsZones,{}".format(self.samdb.get_default_basedn()),
+                base="DC=DomainDnsZones,{0}".format(self.samdb.get_default_basedn()),
                 scope=ldb.SCOPE_SUBTREE,
-                expression="(&(objectClass=dnsNode)(name={}))".format(record_name),
+                expression="(&(objectClass=dnsNode)(name={0}))".format(record_name),
                 attrs=["dNSTombstoned"])
 
             self.assertEqual(len(records), 1)
@@ -776,30 +776,30 @@ class DnsCmdTestCase(SambaToolCmdTest):
                            host, "A", self.testip, self.creds_string)
 
             # the above A record points to this host
-            dnshostname = '{}.{}'.format(host, self.zone.lower())
+            dnshostname = '{0}.{1}'.format(host, self.zone.lower())
 
             # add a SRV record points to above host
-            srv_record = "{} 65530 65530 65530".format(dnshostname)
+            srv_record = "{0} 65530 65530 65530".format(dnshostname)
             self.runsubcmd("dns", "add", os.environ["SERVER"], self.zone,
                            srv_name, "SRV", srv_record, self.creds_string)
 
         records = self.samdb.search(
-            base="DC=DomainDnsZones,{}".format(self.samdb.get_default_basedn()),
+            base="DC=DomainDnsZones,{0}".format(self.samdb.get_default_basedn()),
             scope=ldb.SCOPE_SUBTREE,
-            expression="(&(objectClass=dnsNode)(name={}))".format(srv_name),
+            expression="(&(objectClass=dnsNode)(name={0}))".format(srv_name),
             attrs=['dnsRecord'])
         # should have 2 records here
         self.assertEqual(len(records[0]['dnsRecord']), 2)
 
         # cleanup record for dns host1
-        dnshostname1 = 'host1.{}'.format(self.zone.lower())
+        dnshostname1 = 'host1.{0}'.format(self.zone.lower())
         self.runsubcmd("dns", "cleanup", os.environ["SERVER"],
                        dnshostname1, self.creds_string)
 
         records = self.samdb.search(
-            base="DC=DomainDnsZones,{}".format(self.samdb.get_default_basedn()),
+            base="DC=DomainDnsZones,{0}".format(self.samdb.get_default_basedn()),
             scope=ldb.SCOPE_SUBTREE,
-            expression="(&(objectClass=dnsNode)(name={}))".format(srv_name),
+            expression="(&(objectClass=dnsNode)(name={0}))".format(srv_name),
             attrs=['dnsRecord', 'dNSTombstoned'])
 
         # dnsRecord for host1 should be deleted
@@ -810,7 +810,7 @@ class DnsCmdTestCase(SambaToolCmdTest):
         dns_record_obj = ndr_unpack(dnsp.DnssrvRpcRecord, dns_record_bin)
 
         # dnsRecord for host2 is still there and is the only one
-        dnshostname2 = 'host2.{}'.format(self.zone.lower())
+        dnshostname2 = 'host2.{0}'.format(self.zone.lower())
         self.assertEqual(dns_record_obj.data.nameTarget, dnshostname2)
 
         # assert that the record isn't spuriously tombstoned
index 3f82a359553012b2743d7c4683407fcc009b4ef2..97b5fc50297721e3b0e0a5d5aea8e29628bd0a06 100755 (executable)
@@ -106,10 +106,10 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
         # schemaIdGuid for homePostalAddress (used for ACE tests)
         self.conf_attr_guid = "16775781-47f3-11d1-a9c3-0000f80367c1"
         self.conf_attr_sec_guid = "77b5b886-944a-11d1-aebd-0000f80367c1"
-        self.attr_dn = "{},{}".format(attr_cn, self.schema_dn)
+        self.attr_dn = "{0},{1}".format(attr_cn, self.schema_dn)
 
         userou = "OU=conf-attr-test"
-        self.ou = "{},{}".format(userou, self.base_dn)
+        self.ou = "{0},{1}".format(userou, self.base_dn)
         self.ldb_admin.create_ou(self.ou)
 
         # use a common username prefix, so we can use sAMAccountName=CATC-* as
@@ -118,13 +118,13 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
 
         # add a test object with this attribute set
         self.conf_value = "abcdef"
-        self.conf_user = "{}conf-user".format(self.user_prefix)
+        self.conf_user = "{0}conf-user".format(self.user_prefix)
         self.ldb_admin.newuser(self.conf_user, self.user_pass, userou=userou)
         self.conf_dn = self.get_user_dn(self.conf_user)
         self.add_attr(self.conf_dn, self.conf_attr, self.conf_value)
 
         # add a sneaky user that will try to steal our secrets
-        self.user = "{}sneaky-user".format(self.user_prefix)
+        self.user = "{0}sneaky-user".format(self.user_prefix)
         self.ldb_admin.newuser(self.user, self.user_pass, userou=userou)
         self.ldb_user = self.get_ldb_connection(self.user, self.user_pass)
 
@@ -133,10 +133,10 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
         # add some other users that also have confidential attributes, so we can
         # check we don't disclose their details, particularly in '!' searches
         for i in range(1, 3):
-            username = "{}other-user{}".format(self.user_prefix, i)
+            username = "{0}other-user{1}".format(self.user_prefix, i)
             self.ldb_admin.newuser(username, self.user_pass, userou=userou)
             userdn = self.get_user_dn(username)
-            self.add_attr(userdn, self.conf_attr, "xyz{}".format(i))
+            self.add_attr(userdn, self.conf_attr, "xyz{0}".format(i))
             self.all_users.append(username)
 
         # there are 4 users in the OU, plus the OU itself
@@ -148,8 +148,8 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
         # previous test run didn't clean up properly)
         search_flags = self.get_attr_search_flags(self.attr_dn)
         self.assertTrue(int(search_flags) & SEARCH_FLAG_CONFIDENTIAL == 0,
-                        "{} searchFlags already {}".format(self.conf_attr,
-                                                           search_flags))
+                        "{0} searchFlags already {1}".format(self.conf_attr,
+                                                             search_flags))
 
     def tearDown(self):
         super(ConfidentialAttrCommon, self).tearDown()
@@ -210,7 +210,7 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
         return DC_MODE_RETURN_NONE
 
     def get_user_dn(self, name):
-        return "CN={},{}".format(name, self.ou)
+        return "CN={0},{1}".format(name, self.ou)
 
     def get_user_sid_string(self, username):
         user_dn = self.get_user_dn(username)
@@ -233,7 +233,7 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
     def assert_not_in_result(self, res, exclude_dn):
         for msg in res:
             self.assertNotEqual(msg.dn, exclude_dn,
-                                "Search revealed object {}".format(exclude_dn))
+                                "Search revealed object {0}".format(exclude_dn))
 
     def assert_search_result(self, expected_num, expr, samdb):
 
@@ -256,21 +256,21 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
         searches = [
             # search for the attribute using a sub-string wildcard
             # (which could reveal the attribute's actual value)
-            "({}={}*)".format(test_attr, first_char),
-            "({}=*{})".format(test_attr, last_char),
+            "({0}={1}*)".format(test_attr, first_char),
+            "({0}=*{1})".format(test_attr, last_char),
 
             # sanity-check equality against an exact match on value
-            "({}={})".format(test_attr, self.conf_value),
+            "({0}={1})".format(test_attr, self.conf_value),
 
             # '~=' searches don't work against Samba
             # sanity-check an approx search against an exact match on value
-            # "({}~={})".format(test_attr, self.conf_value),
+            # "({0}~={1})".format(test_attr, self.conf_value),
 
             # check wildcard in an AND search...
-            "(&({}={}*)(objectclass=*))".format(test_attr, first_char),
+            "(&({0}={1}*)(objectclass=*))".format(test_attr, first_char),
 
             # ...an OR search (against another term that will never match)
-            "(|({}={}*)(objectclass=banana))".format(test_attr, first_char)]
+            "(|({0}={1}*)(objectclass=banana))".format(test_attr, first_char)]
 
         return searches
 
@@ -279,17 +279,17 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
         searches = [
             # check a full wildcard against the confidential attribute
             # (which could reveal the attribute's presence/absence)
-            "({}=*)".format(self.conf_attr),
+            "({0}=*)".format(self.conf_attr),
 
             # check wildcard in an AND search...
-            "(&(objectclass=*)({}=*))".format(self.conf_attr),
+            "(&(objectclass=*)({0}=*))".format(self.conf_attr),
 
             # ...an OR search (against another term that will never match)
-            "(|(objectclass=banana)({}=*))".format(self.conf_attr),
+            "(|(objectclass=banana)({0}=*))".format(self.conf_attr),
 
             # check <=, and >= expressions that would normally find a match
-            "({}>=0)".format(self.conf_attr),
-            "({}<=ZZZZZZZZZZZ)".format(self.conf_attr)]
+            "({0}>=0)".format(self.conf_attr),
+            "({0}<=ZZZZZZZZZZZ)".format(self.conf_attr)]
 
         return searches
 
@@ -323,8 +323,8 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
         not_last_char = chr(ord(last_char) + 1)
 
         searches = [
-            "(!({}={}*))".format(self.conf_attr, not_first_char),
-            "(!({}=*{}))".format(self.conf_attr, not_last_char)]
+            "(!({0}={1}*))".format(self.conf_attr, not_first_char),
+            "(!({0}=*{1}))".format(self.conf_attr, not_last_char)]
         return searches
 
     # the following searches will not match against the test object(s). So
@@ -335,8 +335,8 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
         first_char = self.conf_value[:1]
         last_char = self.conf_value[-1:]
         searches = [
-            "(!({}={}*))".format(self.conf_attr, first_char),
-            "(!({}=*{}))".format(self.conf_attr, last_char)]
+            "(!({0}={1}*))".format(self.conf_attr, first_char),
+            "(!({0}=*{1}))".format(self.conf_attr, last_char)]
         return searches
 
     def negative_searches_all_rights(self, total_objects=None):
@@ -350,7 +350,7 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
             expected_results[search] = total_objects
 
         # a ! wildcard should only match the objects without the attribute
-        search = "(!({}=*))".format(self.conf_attr)
+        search = "(!({0}=*))".format(self.conf_attr)
         expected_results[search] = total_objects - self.objects_with_attr
 
         # whereas the inverse searches should match all objects *except* the
@@ -379,7 +379,7 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
         # if the search is matching on an inverse subset (everything except the
         # object under test), the
         inverse_searches = self.get_inverse_match_searches()
-        inverse_searches += ["(!({}=*))".format(self.conf_attr)]
+        inverse_searches += ["(!({0}=*))".format(self.conf_attr)]
 
         for search in inverse_searches:
             expected_results[search] = total_objects - has_rights_to
@@ -399,7 +399,7 @@ class ConfidentialAttrCommon(samba.tests.TestCase):
 
         # for inverse matches, we should NOT be told about any objects at all
         inverse_searches = self.get_inverse_match_searches()
-        inverse_searches += ["(!({}=*))".format(self.conf_attr)]
+        inverse_searches += ["(!({0}=*))".format(self.conf_attr)]
         for search in inverse_searches:
             expected_results[search] = 0
 
@@ -522,7 +522,7 @@ class ConfidentialAttrTest(ConfidentialAttrCommon):
         # set the SEC_ADS_CONTROL_ACCESS bit ('CR') for the user for the
         # attribute under test, so the user can see it once more
         user_sid = self.get_user_sid_string(self.user)
-        ace = "(OA;;CR;{};;{})".format(self.conf_attr_guid, user_sid)
+        ace = "(OA;;CR;{0};;{1})".format(self.conf_attr_guid, user_sid)
 
         self._test_search_with_allow_acl(ace)
 
@@ -533,7 +533,7 @@ class ConfidentialAttrTest(ConfidentialAttrCommon):
         # property-set containing the attribute under test (i.e. the
         # attributeSecurityGuid), so the user can see it once more
         user_sid = self.get_user_sid_string(self.user)
-        ace = "(OA;;CR;{};;{})".format(self.conf_attr_sec_guid, user_sid)
+        ace = "(OA;;CR;{0};;{1})".format(self.conf_attr_sec_guid, user_sid)
 
         self._test_search_with_allow_acl(ace)
 
@@ -542,7 +542,7 @@ class ConfidentialAttrTest(ConfidentialAttrCommon):
 
         # set the allow SEC_ADS_CONTROL_ACCESS bit ('CR') for the user
         user_sid = self.get_user_sid_string(self.user)
-        ace = "(A;;CR;;;{})".format(user_sid)
+        ace = "(A;;CR;;;{0})".format(user_sid)
 
         self._test_search_with_allow_acl(ace)
 
@@ -552,7 +552,7 @@ class ConfidentialAttrTest(ConfidentialAttrCommon):
         # this just checks that an Object Access (OA) ACE without a GUID
         # specified will work the same as an 'Access' (A) ACE
         user_sid = self.get_user_sid_string(self.user)
-        ace = "(OA;;CR;;;{})".format(user_sid)
+        ace = "(OA;;CR;;;{0})".format(user_sid)
 
         self._test_search_with_allow_acl(ace)
 
@@ -583,7 +583,7 @@ class ConfidentialAttrTest(ConfidentialAttrCommon):
 
         # give the user all rights *except* CR and check it makes no difference
         user_sid = self.get_user_sid_string(self.user)
-        ace = "(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;{})".format(user_sid)
+        ace = "(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;{0})".format(user_sid)
         self._test_search_with_neutral_acl(ace)
 
     def test_search_with_neutral_attr_acl(self):
@@ -592,7 +592,7 @@ class ConfidentialAttrTest(ConfidentialAttrCommon):
         # giving user all OA rights *except* CR should make no difference
         user_sid = self.get_user_sid_string(self.user)
         rights = "RPWPCCDCLCLORCWOWDSDDTSW"
-        ace = "(OA;;{};{};;{})".format(rights, self.conf_attr_guid, user_sid)
+        ace = "(OA;;{0};{1};;{2})".format(rights, self.conf_attr_guid, user_sid)
         self._test_search_with_neutral_acl(ace)
 
     def test_search_with_neutral_cr_acl(self):
@@ -602,7 +602,7 @@ class ConfidentialAttrTest(ConfidentialAttrCommon):
         user_sid = self.get_user_sid_string(self.user)
         # use the GUID for sAMAccountName here (for no particular reason)
         unrelated_attr = "3e0abfd0-126a-11d0-a060-00aa006c33ed"
-        ace = "(OA;;CR;{};;{})".format(unrelated_attr, user_sid)
+        ace = "(OA;;CR;{0};;{1})".format(unrelated_attr, user_sid)
         self._test_search_with_neutral_acl(ace)
 
 
@@ -612,7 +612,7 @@ class ConfidentialAttrTestDenyAcl(ConfidentialAttrCommon):
     def assert_not_in_result(self, res, exclude_dn):
         for msg in res:
             self.assertNotEqual(msg.dn, exclude_dn,
-                                "Search revealed object {}".format(exclude_dn))
+                                "Search revealed object {0}".format(exclude_dn))
 
     # deny ACL tests are slightly different as we are only denying access to
     # the one object under test (rather than any objects with that attribute).
@@ -677,7 +677,7 @@ class ConfidentialAttrTestDenyAcl(ConfidentialAttrCommon):
             expected_results[search] = self.total_objects - 1
 
         # The wildcard returns the objects without this attribute as normal.
-        search = "(!({}=*))".format(self.conf_attr)
+        search = "(!({0}=*))".format(self.conf_attr)
         expected_results[search] = self.total_objects - self.objects_with_attr
         return expected_results
 
@@ -694,7 +694,7 @@ class ConfidentialAttrTestDenyAcl(ConfidentialAttrCommon):
 
         # in the wildcard case, the one object we don't have rights to gets
         # bundled in with the objects that don't have the attribute at all
-        search = "(!({}=*))".format(self.conf_attr)
+        search = "(!({0}=*))".format(self.conf_attr)
         has_rights_to = self.objects_with_attr - 1
         expected_results[search] = self.total_objects - has_rights_to
         return expected_results
@@ -747,7 +747,7 @@ class ConfidentialAttrTestDenyAcl(ConfidentialAttrCommon):
         # add an ACE that denies the user Read Property (RP) access to the attr
         # (which is similar to making the attribute confidential)
         user_sid = self.get_user_sid_string(self.user)
-        ace = "(OD;;RP;{};;{})".format(self.conf_attr_guid, user_sid)
+        ace = "(OD;;RP;{0};;{1})".format(self.conf_attr_guid, user_sid)
 
         # check the user cannot see the attribute anymore
         self._test_search_with_deny_acl(ace)
@@ -758,7 +758,7 @@ class ConfidentialAttrTestDenyAcl(ConfidentialAttrCommon):
         # add an blanket deny ACE for Read Property (RP) rights
         user_dn = self.get_user_dn(self.user)
         user_sid = self.sd_utils.get_object_sid(user_dn)
-        ace = "(D;;RP;;;{})".format(str(user_sid))
+        ace = "(D;;RP;;;{0})".format(str(user_sid))
 
         # check the user cannot see the attribute anymore
         self._test_search_with_deny_acl(ace)
@@ -768,7 +768,7 @@ class ConfidentialAttrTestDenyAcl(ConfidentialAttrCommon):
 
         # add an blanket deny ACE for Read Property (RP) rights
         user_sid = self.get_user_sid_string(self.user)
-        ace = "(OD;;RP;{};;{})".format(self.conf_attr_sec_guid, user_sid)
+        ace = "(OD;;RP;{0};;{1})".format(self.conf_attr_sec_guid, user_sid)
 
         # check the user cannot see the attribute anymore
         self._test_search_with_deny_acl(ace)
@@ -779,7 +779,7 @@ class ConfidentialAttrTestDenyAcl(ConfidentialAttrCommon):
         # this just checks that adding a 'Object Deny' (OD) ACE without
         # specifying a GUID will work the same way as a 'Deny' (D) ACE
         user_sid = self.get_user_sid_string(self.user)
-        ace = "(OD;;RP;;;{})".format(user_sid)
+        ace = "(OD;;RP;;;{0})".format(user_sid)
 
         # check the user cannot see the attribute anymore
         self._test_search_with_deny_acl(ace)
@@ -796,9 +796,9 @@ class ConfidentialAttrTestDirsync(ConfidentialAttrCommon):
         # controls, we need an extra filter for the inverse ('!') search,
         # so we don't get thousands of objects returned
         self.extra_filter = \
-            "(&(samaccountname={}*)(!(isDeleted=*)))".format(self.user_prefix)
+            "(&(samaccountname={0}*)(!(isDeleted=*)))".format(self.user_prefix)
         self.single_obj_filter = \
-            "(&(samaccountname={})(!(isDeleted=*)))".format(self.conf_user)
+            "(&(samaccountname={0})(!(isDeleted=*)))".format(self.conf_user)
 
         self.attr_filters = [None, ["*"], ["name"]]
 
@@ -820,7 +820,7 @@ class ConfidentialAttrTestDirsync(ConfidentialAttrCommon):
         #   thousands of unrelated results, and
         # - we make the test attribute preserve-on-delete in one case, so we
         #   want to weed out results from any previous test runs
-        search = "(&{}{})".format(expr, self.extra_filter)
+        search = "(&{0}{1})".format(expr, self.extra_filter)
 
         for attr in self.attr_filters:
             res = samdb.search(base_dn, expression=search, scope=SCOPE_SUBTREE,
@@ -937,7 +937,7 @@ class ConfidentialAttrTestDirsync(ConfidentialAttrCommon):
     def change_attr_under_test(self, attr_name, attr_cn):
         # change the attribute that the test code uses
         self.conf_attr = attr_name
-        self.attr_dn = "{},{}".format(attr_cn, self.schema_dn)
+        self.attr_dn = "{0},{1}".format(attr_cn, self.schema_dn)
 
         # set the new attribute for the user-under-test
         self.add_attr(self.conf_dn, self.conf_attr, self.conf_value)
@@ -970,23 +970,23 @@ class ConfidentialAttrTestDirsync(ConfidentialAttrCommon):
         # this by matching lastKnownParent against this test case's OU, which
         # will match any deleted child objects.
         ou_guid = self.get_guid(self.ou)
-        deleted_filter = "(lastKnownParent=<GUID={}>)".format(ou_guid)
+        deleted_filter = "(lastKnownParent=<GUID={0}>)".format(ou_guid)
 
         # the extra-filter will get combined via AND with the search expression
         # we're testing, i.e. filter on the confidential attribute AND only
         # include non-deleted objects, OR deleted objects from this test run
         exclude_deleted_objs_filter = self.extra_filter
-        self.extra_filter = "(|{}{})".format(exclude_deleted_objs_filter,
-                                             deleted_filter)
+        self.extra_filter = "(|{0}{1})".format(exclude_deleted_objs_filter,
+                                               deleted_filter)
 
         # for matching on a single object, the search expresseion becomes:
         # match exactly by account-name AND either a non-deleted object OR a
         # deleted object from this test run
-        match_by_name = "(samaccountname={})".format(self.conf_user)
+        match_by_name = "(samaccountname={0})".format(self.conf_user)
         not_deleted = "(!(isDeleted=*))"
-        self.single_obj_filter = "(&{}(|{}{}))".format(match_by_name,
-                                                       not_deleted,
-                                                       deleted_filter)
+        self.single_obj_filter = "(&{0}(|{1}{2}))".format(match_by_name,
+                                                          not_deleted,
+                                                          deleted_filter)
 
         # check that the search filters work as expected
         self.assert_conf_attr_searches(has_rights_to="all")
index 87c00f41419d5e06dbd40d376ad59261da90999a..cdcc0dac1f38c5915508cb6e1f5017b8894ed55a 100644 (file)
@@ -712,7 +712,7 @@ class PasswordSettingsTestCase(PasswordTestCase):
 
     def format_password_for_ldif(self, password):
         """Encodes/decodes the password so that it's accepted in an LDIF"""
-        pwd = '"{}"'.format(password)
+        pwd = '"{0}"'.format(password)
         return base64.b64encode(pwd.encode('utf-16-le')).decode('utf8')
 
     # The 'user add' case is a bit more complicated as you can't really query