From be68a48bc8bdecfdc2666c16bbe8172c7df5a87f Mon Sep 17 00:00:00 2001 From: Dan Lavu Date: Thu, 24 Aug 2023 22:54:14 -0400 Subject: [PATCH] tests: consolidation, refactoring and organizing, renaming of some tests --- src/tests/intg/test_memory_cache.py | 92 ++++++++-------- ..._sssctl_config_check.py => test_sssctl.py} | 6 +- src/tests/system/pytest.ini | 1 + .../{test_memory_cache.py => test_cache.py} | 57 +++++----- .../tests/{test_id.py => test_identity.py} | 26 ++--- src/tests/system/tests/test_ldap.py | 39 +++++++ ...est_ldap_extra_attrs.py => test_schema.py} | 4 +- src/tests/system/tests/test_shadow.py | 50 --------- src/tests/system/tests/test_sssctl.py | 92 +++++++++++++++- .../system/tests/test_sssctl_config_check.py | 100 ------------------ 10 files changed, 224 insertions(+), 243 deletions(-) rename src/tests/multihost/basic/{test_sssctl_config_check.py => test_sssctl.py} (92%) rename src/tests/system/tests/{test_memory_cache.py => test_cache.py} (96%) rename src/tests/system/tests/{test_id.py => test_identity.py} (93%) rename src/tests/system/tests/{test_ldap_extra_attrs.py => test_schema.py} (91%) delete mode 100644 src/tests/system/tests/test_shadow.py delete mode 100644 src/tests/system/tests/test_sssctl_config_check.py diff --git a/src/tests/intg/test_memory_cache.py b/src/tests/intg/test_memory_cache.py index b30c9024919..ef73855be89 100644 --- a/src/tests/intg/test_memory_cache.py +++ b/src/tests/intg/test_memory_cache.py @@ -358,8 +358,8 @@ def zero_timeout_rfc2307(request, ldap_conn): return None -@pytest.mark.converted('test_id.py', 'test_id__getpwuid') -@pytest.mark.converted('test_id.py', 'test_id__getpwnam') +@pytest.mark.converted('test_identity.py', 'test_identity__getpwuid') +@pytest.mark.converted('test_identity.py', 'test_identity__getpwnam') def test_getpwnam(ldap_conn, sanity_rfc2307): ent.assert_passwd_by_name( 'user1', @@ -443,15 +443,15 @@ def test_getpwnam(ldap_conn, sanity_rfc2307): gecos='1023', shell='/bin/bash')) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__getpwnam') +@pytest.mark.converted('test_cache.py', 'test_cache__getpwnam') def test_getpwnam_with_mc(ldap_conn, sanity_rfc2307): test_getpwnam(ldap_conn, sanity_rfc2307) stop_sssd() test_getpwnam(ldap_conn, sanity_rfc2307) -@pytest.mark.converted('test_id.py', 'test_id__getgrgid') -@pytest.mark.converted('test_id.py', 'test_id__getgrnam') +@pytest.mark.converted('test_identity.py', 'test_identity__getgrgid') +@pytest.mark.converted('test_identity.py', 'test_identity__getgrnam') def test_getgrnam_simple(ldap_conn, sanity_rfc2307): ent.assert_group_by_name("group1", dict(name="group1", gid=2001)) ent.assert_group_by_gid(2001, dict(name="group1", gid=2001)) @@ -472,21 +472,21 @@ def test_getgrnam_simple(ldap_conn, sanity_rfc2307): ent.assert_group_by_gid(2020, dict(name="group2x", gid=2020)) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__getgrnam') +@pytest.mark.converted('test_cache.py', 'test_cache__getgrnam') def test_getgrnam_simple_with_mc(ldap_conn, sanity_rfc2307): test_getgrnam_simple(ldap_conn, sanity_rfc2307) stop_sssd() test_getgrnam_simple(ldap_conn, sanity_rfc2307) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__disabled_passwd_getgrnam') +@pytest.mark.converted('test_cache.py', 'test_cache__disabled_passwd_getgrnam') def test_getgrnam_simple_disabled_pwd_mc(ldap_conn, disable_pwd_mc_rfc2307): test_getgrnam_simple(ldap_conn, disable_pwd_mc_rfc2307) stop_sssd() test_getgrnam_simple(ldap_conn, disable_pwd_mc_rfc2307) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__disabled_intitgroups_getgrnam') +@pytest.mark.converted('test_cache.py', 'test_cache__disabled_intitgroups_getgrnam') def test_getgrnam_simple_disabled_intitgr_mc(ldap_conn, disable_initgr_mc_rfc2307): test_getgrnam_simple(ldap_conn, disable_initgr_mc_rfc2307) @@ -494,8 +494,8 @@ def test_getgrnam_simple_disabled_intitgr_mc(ldap_conn, test_getgrnam_simple(ldap_conn, disable_initgr_mc_rfc2307) -@pytest.mark.converted('test_id.py', 'test_id__membership_by_group_id') -@pytest.mark.converted('test_id.py', 'test_id__membership_by_group_name') +@pytest.mark.converted('test_identity.py', 'test_identity__membership_by_group_id') +@pytest.mark.converted('test_identity.py', 'test_identity__membership_by_group_name') def test_getgrnam_membership(ldap_conn, sanity_rfc2307): ent.assert_group_by_name( "group1", @@ -540,8 +540,8 @@ def test_getgrnam_membership(ldap_conn, sanity_rfc2307): dict(mem=ent.contains_only("user21", "user22", "user23"))) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__membership_by_group_id') -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__membership_by_group_name') +@pytest.mark.converted('test_cache.py', 'test_cache__membership_by_group_id') +@pytest.mark.converted('test_cache.py', 'test_cache__membership_by_group_name') def test_getgrnam_membership_with_mc(ldap_conn, sanity_rfc2307): test_getgrnam_membership(ldap_conn, sanity_rfc2307) stop_sssd() @@ -560,7 +560,7 @@ def assert_user_gids_equal(user, expected_gids): ) -@pytest.mark.converted('test_id.py', 'test_id__initgroups') +@pytest.mark.converted('test_identity.py', 'test_identity__initgroups') def test_initgroups(ldap_conn, sanity_rfc2307): assert_user_gids_equal('user1', [2000, 2001]) assert_user_gids_equal('user2', [2000, 2002]) @@ -575,15 +575,15 @@ def test_initgroups(ldap_conn, sanity_rfc2307): assert_user_gids_equal('user23', [2020, 2003]) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__user_gids') +@pytest.mark.converted('test_cache.py', 'test_cache__user_gids') def test_initgroups_with_mc(ldap_conn, sanity_rfc2307): test_initgroups(ldap_conn, sanity_rfc2307) stop_sssd() test_initgroups(ldap_conn, sanity_rfc2307) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__getpwnam_fully_qualified_names') -@pytest.mark.converted('test_id.py', 'test_id__getpwnam_fully_qualified_names') +@pytest.mark.converted('test_cache.py', 'test_cache__getpwnam_fully_qualified_names') +@pytest.mark.converted('test_identity.py', 'test_identity__getpwnam_fully_qualified_names') def test_initgroups_fqname_with_mc(ldap_conn, fqname_rfc2307): assert_user_gids_equal('user1@LDAP', [2000, 2001]) stop_sssd() @@ -625,10 +625,10 @@ def assert_stored_last_initgroups(user1_case1, user1_case2, user1_case_last, assert_initgroups_equal(user1_case_last, primary_gid, expected_gids) -@pytest.mark.converted('test_id.py', 'test_id__fq_names_case_insensitive') -@pytest.mark.converted('test_id.py', 'test_id__case_insensitive') -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__fq_names_case_insensitive') -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__case_insensitive') +@pytest.mark.converted('test_identity.py', 'test_identity__fq_names_case_insensitive') +@pytest.mark.converted('test_identity.py', 'test_identity__case_insensitive') +@pytest.mark.converted('test_cache.py', 'test_cache__fq_names_case_insensitive') +@pytest.mark.converted('test_cache.py', 'test_cache__case_insensitive') def test_initgroups_case_insensitive_with_mc1(ldap_conn, fqname_case_insensitive_rfc2307): user1_case1 = 'User1@LDAP' @@ -641,10 +641,10 @@ def test_initgroups_case_insensitive_with_mc1(ldap_conn, primary_gid, expected_gids) -@pytest.mark.converted('test_id.py', 'test_id__fq_names_case_insensitive') -@pytest.mark.converted('test_id.py', 'test_id__case_insensitive') -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__fq_names_case_insensitive') -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__case_insensitive') +@pytest.mark.converted('test_identity.py', 'test_identity__fq_names_case_insensitive') +@pytest.mark.converted('test_identity.py', 'test_identity__case_insensitive') +@pytest.mark.converted('test_cache.py', 'test_cache__fq_names_case_insensitive') +@pytest.mark.converted('test_cache.py', 'test_cache__case_insensitive') def test_initgroups_case_insensitive_with_mc2(ldap_conn, fqname_case_insensitive_rfc2307): user1_case1 = 'usEr1@LDAP' @@ -657,10 +657,10 @@ def test_initgroups_case_insensitive_with_mc2(ldap_conn, primary_gid, expected_gids) -@pytest.mark.converted('test_id.py', 'test_id__fq_names_case_insensitive') -@pytest.mark.converted('test_id.py', 'test_id__case_insensitive') -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__fq_names_case_insensitive') -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__case_insensitive') +@pytest.mark.converted('test_identity.py', 'test_identity__fq_names_case_insensitive') +@pytest.mark.converted('test_identity.py', 'test_identity__case_insensitive') +@pytest.mark.converted('test_cache.py', 'test_cache__fq_names_case_insensitive') +@pytest.mark.converted('test_cache.py', 'test_cache__case_insensitive') def test_initgroups_case_insensitive_with_mc3(ldap_conn, fqname_case_insensitive_rfc2307): user1_case1 = 'uSer1@LDAP' @@ -701,7 +701,7 @@ def run_simple_test_with_initgroups(): assert_initgroups_equal("user1", 2001, [2000, 2001]) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidatation_of_gids_after_initgroups') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidatation_of_gids_after_initgroups') def test_invalidation_of_gids_after_initgroups(ldap_conn, sanity_rfc2307): # the sssd cache was empty and not all user's group were @@ -741,7 +741,7 @@ def test_invalidation_of_gids_after_initgroups(ldap_conn, sanity_rfc2307): grp.getgrgid(gid) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__initgroups_without_change_in_membership') +@pytest.mark.converted('test_cache.py', 'test_cache__initgroups_without_change_in_membership') def test_initgroups_without_change_in_membership(ldap_conn, sanity_rfc2307): # the sssd cache was empty and not all user's group were @@ -808,7 +808,7 @@ def assert_missing_mc_records_for_user1(): "User user1, errno:%d" % err -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_user_before_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_user_before_stop') def test_invalidate_user_before_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -822,7 +822,7 @@ def test_invalidate_user_before_stop(ldap_conn, sanity_rfc2307): assert_missing_mc_records_for_user1() -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_user_after_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_user_after_stop') def test_invalidate_user_after_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -836,7 +836,7 @@ def test_invalidate_user_after_stop(ldap_conn, sanity_rfc2307): assert_missing_mc_records_for_user1() -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_users_before_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_users_before_stop') def test_invalidate_users_before_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -850,7 +850,7 @@ def test_invalidate_users_before_stop(ldap_conn, sanity_rfc2307): assert_missing_mc_records_for_user1() -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_users_after_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_users_after_stop') def test_invalidate_users_after_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -864,7 +864,7 @@ def test_invalidate_users_after_stop(ldap_conn, sanity_rfc2307): assert_missing_mc_records_for_user1() -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_group_before_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_group_before_stop') def test_invalidate_group_before_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -878,7 +878,7 @@ def test_invalidate_group_before_stop(ldap_conn, sanity_rfc2307): assert_missing_mc_records_for_user1() -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_group_after_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_group_after_stop') def test_invalidate_group_after_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -892,7 +892,7 @@ def test_invalidate_group_after_stop(ldap_conn, sanity_rfc2307): assert_missing_mc_records_for_user1() -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_groups_before_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_groups_before_stop') def test_invalidate_groups_before_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -906,7 +906,7 @@ def test_invalidate_groups_before_stop(ldap_conn, sanity_rfc2307): assert_missing_mc_records_for_user1() -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_groups_after_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_groups_after_stop') def test_invalidate_groups_after_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -919,7 +919,7 @@ def test_invalidate_groups_after_stop(ldap_conn, sanity_rfc2307): assert_missing_mc_records_for_user1() -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_everything_before_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_everything_before_stop') def test_invalidate_everything_before_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -933,7 +933,7 @@ def test_invalidate_everything_before_stop(ldap_conn, sanity_rfc2307): assert_missing_mc_records_for_user1() -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__invalidate_everything_after_stop') +@pytest.mark.converted('test_cache.py', 'test_cache__invalidate_everything_after_stop') def test_invalidate_everything_after_stop(ldap_conn, sanity_rfc2307): # initialize cache with full ID (res, errno, _) = sssd_id.get_user_groups("user1") @@ -1023,7 +1023,7 @@ def test_colliding_hashes(ldap_conn, sanity_rfc2307): gecos='5001', shell='/bin/bash')) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__removed_cache_without_invalidation') +@pytest.mark.converted('test_cache.py', 'test_cache__removed_cache_without_invalidation') def test_removed_mc(ldap_conn, sanity_rfc2307): """ Regression test for ticket: @@ -1060,7 +1060,7 @@ def test_removed_mc(ldap_conn, sanity_rfc2307): grp.getgrgid(2001) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__memcache_timeout_zero') +@pytest.mark.converted('test_cache.py', 'test_cache__memcache_timeout_zero') def test_mc_zero_timeout(ldap_conn, zero_timeout_rfc2307): """ Test that the memory cache is not created at all with memcache_timeout=0 @@ -1094,7 +1094,7 @@ def test_mc_zero_timeout(ldap_conn, zero_timeout_rfc2307): grp.getgrgid(2001) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__disabled_cache') +@pytest.mark.converted('test_cache.py', 'test_cache__disabled_cache') def test_disabled_mc(ldap_conn, disable_memcache_rfc2307): ent.assert_passwd_by_name( 'user1', @@ -1128,7 +1128,7 @@ def test_disabled_mc(ldap_conn, disable_memcache_rfc2307): (res, errno, gids) = sssd_id.get_user_gids('user1') -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__disabled_passwd_getpwnam') +@pytest.mark.converted('test_cache.py', 'test_cache__disabled_passwd_getpwnam') def test_disabled_passwd_mc(ldap_conn, disable_pwd_mc_rfc2307): ent.assert_passwd_by_name( 'user1', @@ -1155,7 +1155,7 @@ def test_disabled_passwd_mc(ldap_conn, disable_pwd_mc_rfc2307): (res, errno, gids) = sssd_id.get_user_gids('user1') -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__disabled_group') +@pytest.mark.converted('test_cache.py', 'test_cache__disabled_group') def test_disabled_group_mc(ldap_conn, disable_grp_mc_rfc2307): ent.assert_passwd_by_name( 'user1', @@ -1191,7 +1191,7 @@ def test_disabled_group_mc(ldap_conn, disable_grp_mc_rfc2307): assert_user_gids_equal('user1', [2000, 2001]) -@pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__disabled_intitgroups_getpwnam') +@pytest.mark.converted('test_cache.py', 'test_cache__disabled_intitgroups_getpwnam') def test_disabled_initgr_mc(ldap_conn, disable_initgr_mc_rfc2307): # Even if initgroups is disabled, passwd should work ent.assert_passwd_by_name( diff --git a/src/tests/multihost/basic/test_sssctl_config_check.py b/src/tests/multihost/basic/test_sssctl.py similarity index 92% rename from src/tests/multihost/basic/test_sssctl_config_check.py rename to src/tests/multihost/basic/test_sssctl.py index f70967e6056..33d387866f2 100644 --- a/src/tests/multihost/basic/test_sssctl_config_check.py +++ b/src/tests/multihost/basic/test_sssctl.py @@ -13,7 +13,7 @@ class TestSssctlConfigCheck(object): - @pytest.mark.converted('test_sssctl_config_check.py', 'test_sssctl_config_check__typo_option_name') + @pytest.mark.converted('test_sssctl.py', 'test_sssctl__check_typo_option_name') def test_verify_typo_option_name(self, multihost): """ :title: sssctl: Verify typos in option name (not value) @@ -44,7 +44,7 @@ def test_verify_typo_option_name(self, multihost): multihost.master[0].run_command(['/bin/cp', '-a', cfgput, cfgget], raiseonerr=False) - @pytest.mark.converted('test_sssctl_config_check.py', 'test_sssctl_config_check__typo_domain_name') + @pytest.mark.converted('test_sssctl.py', 'test_sssctl__check_typo_domain_name') def test_verify_typo_domain_name(self, multihost): """ :title: sssctl: Verify typos in domain name of configuration file @@ -74,7 +74,7 @@ def test_verify_typo_domain_name(self, multihost): multihost.master[0].run_command(['/bin/cp', '-a', cfgput, cfgget], raiseonerr=False) - @pytest.mark.converted('test_sssctl_config_check.py', 'test_sssctl_config_check__misplaced_option') + @pytest.mark.converted('test_sssctl.py', 'test_sssctl__misplaced_option') def test_misplaced_option(self, multihost): """ :title: sssctl: Verify misplace options in default configuration file diff --git a/src/tests/system/pytest.ini b/src/tests/system/pytest.ini index 10a1afb7428..7768dbdfda4 100644 --- a/src/tests/system/pytest.ini +++ b/src/tests/system/pytest.ini @@ -15,6 +15,7 @@ markers = krb: marks krb test ldap: marks ldap test logging: marks logging test + netgroup: marks netgroup test pki: marks pki test performance: marks performance test referrals: marks referral test diff --git a/src/tests/system/tests/test_memory_cache.py b/src/tests/system/tests/test_cache.py similarity index 96% rename from src/tests/system/tests/test_memory_cache.py rename to src/tests/system/tests/test_cache.py index dcc0ff39d04..b9da2df086d 100644 --- a/src/tests/system/tests/test_memory_cache.py +++ b/src/tests/system/tests/test_cache.py @@ -15,7 +15,7 @@ @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__getpwnam(client: Client, provider: GenericProvider): +def test_cache__getpwnam(client: Client, provider: GenericProvider): """ :title: Lookup user by name uses memory cache when SSSD is stopped :setup: @@ -56,7 +56,7 @@ def check(users): @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__getgrnam(client: Client, provider: GenericProvider): +def test_cache__getgrnam(client: Client, provider: GenericProvider): """ :title: Lookup group by groupname uses memory cache when SSSD is stopped :setup: @@ -97,7 +97,7 @@ def check(groups): @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__disabled_passwd_getgrnam(client: Client, provider: GenericProvider): +def test_cache__disabled_passwd_getgrnam(client: Client, provider: GenericProvider): """ :title: Lookup group by groupname uses memory cache when SSSD is stopped and 'memcache_size_passwd' = 0 :setup: @@ -140,7 +140,7 @@ def check(groups): @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__disabled_passwd_getpwnam(client: Client, provider: GenericProvider): +def test_cache__disabled_passwd_getpwnam(client: Client, provider: GenericProvider): """ :title: Lookup user by name when SSSD is stopped and 'memcache_size_passwd' = 0 uses memory cache therefore user is not found @@ -187,7 +187,7 @@ def test_memory_cache__disabled_passwd_getpwnam(client: Client, provider: Generi @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__disabled_intitgroups_getgrnam(client: Client, provider: GenericProvider): +def test_cache__disabled_intitgroups_getgrnam(client: Client, provider: GenericProvider): """ :title: Lookup group by groupname when SSSD is stopped and 'memcache_size_initgroups' = 0 uses memory cache :setup: @@ -230,7 +230,7 @@ def check(groups): @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__disabled_intitgroups_getpwnam(client: Client, provider: GenericProvider): +def test_cache__disabled_intitgroups_getpwnam(client: Client, provider: GenericProvider): """ :title: Lookup user by name and id when SSSD is stopped and 'memcache_size_initgroups' = 0 uses memory cache :setup: @@ -285,7 +285,7 @@ def check(ids): @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__disabled_group(client: Client, provider: GenericProvider): +def test_cache__disabled_group(client: Client, provider: GenericProvider): """ :title: Lookup user by name and id when SSSD is stopped and 'memcache_size_group' = 0 uses memory cache, but lookup groups is not possible @@ -359,7 +359,7 @@ def check(users): @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__disabled_cache(client: Client, provider: GenericProvider): +def test_cache__disabled_cache(client: Client, provider: GenericProvider): """ :title: Lookup user and group when SSSD is stopped and whole cache disabled uses memory cache and therefore it is not possible @@ -436,7 +436,7 @@ def test_memory_cache__disabled_cache(client: Client, provider: GenericProvider) @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__membership_by_group_name(client: Client, provider: GenericProvider): +def test_cache__membership_by_group_name(client: Client, provider: GenericProvider): """ :title: Lookup user by name and test membership by name use memory cache when SSSD is stopped :setup: @@ -489,7 +489,7 @@ def check(): @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__membership_by_group_id(client: Client, provider: GenericProvider): +def test_cache__membership_by_group_id(client: Client, provider: GenericProvider): """ :title: Lookup user by name and test membership by gid use memory cache when SSSD is stopped :setup: @@ -545,7 +545,7 @@ def check(): @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__user_gids(client: Client, provider: GenericProvider): +def test_cache__user_gids(client: Client, provider: GenericProvider): """ :title: Lookup user by id and test membership by gid use memory cache when SSSD is stopped :setup: @@ -601,7 +601,7 @@ def check(): @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__getpwnam_fully_qualified_names(client: Client, provider: GenericProvider): +def test_cache__getpwnam_fully_qualified_names(client: Client, provider: GenericProvider): """ :title: Lookup user by full name when 'use_fully_qualified_names' is 'true' uses memory cache when sssd is stopped @@ -654,7 +654,7 @@ def check(): @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__case_insensitive(client: Client, provider: GenericProvider): +def test_cache__case_insensitive(client: Client, provider: GenericProvider): """ :title: Lookup user by case insensitive name when 'case_sensitive' is 'false' uses memory cache when SSSD is stopped @@ -717,7 +717,7 @@ def test_memory_cache__case_insensitive(client: Client, provider: GenericProvide @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__fq_names_case_insensitive(client: Client, provider: GenericProvider): +def test_cache__fq_names_case_insensitive(client: Client, provider: GenericProvider): """ :title: Lookup user by case insensitive fully qualified name when 'case_sensitive' is 'false' and 'use_fully_qualified_names' is 'true' uses memory cache when SSSD is stopped @@ -777,7 +777,7 @@ def test_memory_cache__fq_names_case_insensitive(client: Client, provider: Gener @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidation_of_gids_after_initgroups(client: Client, provider: GenericProvider): +def test_cache__invalidation_of_gids_after_initgroups(client: Client, provider: GenericProvider): """ :title: Invalidate groups after initgroups call when SSSD is stopped :setup: @@ -857,7 +857,7 @@ def check_group(name, gid): @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__initgroups_without_change_in_membership(client: Client, provider: GenericProvider): +def test_cache__initgroups_without_change_in_membership(client: Client, provider: GenericProvider): """ :title: Invalidated cache, after refresh and stopped SSSD, has everything loaded in memory :setup: @@ -942,10 +942,11 @@ def check(): client.sssd.stop() check() + @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_user_before_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_user_before_stop(client: Client, provider: GenericProvider): """ :title: Invalidate user cache before SSSD is stopped :setup: @@ -1001,7 +1002,7 @@ def test_memory_cache__invalidate_user_before_stop(client: Client, provider: Gen @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_user_after_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_user_after_stop(client: Client, provider: GenericProvider): """ :title: Invalidate user cache after SSSD is stopped :setup: @@ -1057,7 +1058,7 @@ def test_memory_cache__invalidate_user_after_stop(client: Client, provider: Gene @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_users_before_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_users_before_stop(client: Client, provider: GenericProvider): """ :title: Invalidate users cache before SSSD is stopped :setup: @@ -1121,7 +1122,7 @@ def test_memory_cache__invalidate_users_before_stop(client: Client, provider: Ge @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_users_after_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_users_after_stop(client: Client, provider: GenericProvider): """ :title: Invalidate users cache after SSSD is stopped :setup: @@ -1185,7 +1186,7 @@ def test_memory_cache__invalidate_users_after_stop(client: Client, provider: Gen @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_group_before_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_group_before_stop(client: Client, provider: GenericProvider): """ :title: Invalidate group cache before SSSD is stopped :setup: @@ -1228,7 +1229,7 @@ def test_memory_cache__invalidate_group_before_stop(client: Client, provider: Ge @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_group_after_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_group_after_stop(client: Client, provider: GenericProvider): """ :title: Invalidate group cache after SSSD is stopped :setup: @@ -1271,7 +1272,7 @@ def test_memory_cache__invalidate_group_after_stop(client: Client, provider: Gen @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_groups_before_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_groups_before_stop(client: Client, provider: GenericProvider): """ :title: Invalidate groups cache before SSSD is stopped :setup: @@ -1318,7 +1319,7 @@ def test_memory_cache__invalidate_groups_before_stop(client: Client, provider: G @pytest.mark.importance("high") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_groups_after_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_groups_after_stop(client: Client, provider: GenericProvider): """ :title: Invalidate groups cache after SSSD is stopped :setup: @@ -1365,7 +1366,7 @@ def test_memory_cache__invalidate_groups_after_stop(client: Client, provider: Ge @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_everything_before_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_everything_before_stop(client: Client, provider: GenericProvider): """ :title: Invalidate all parts of cache before SSSD is stopped :setup: @@ -1436,7 +1437,7 @@ def test_memory_cache__invalidate_everything_before_stop(client: Client, provide @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__invalidate_everything_after_stop(client: Client, provider: GenericProvider): +def test_cache__invalidate_everything_after_stop(client: Client, provider: GenericProvider): """ :title: Invalidate all parts of cache after SSSD is stopped :setup: @@ -1507,7 +1508,7 @@ def test_memory_cache__invalidate_everything_after_stop(client: Client, provider @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__memcache_timeout_zero(client: Client, provider: GenericProvider): +def test_cache__memcache_timeout_zero(client: Client, provider: GenericProvider): """ :title: Cache is not created at all when 'memcache_timeout' set to '0' :setup: @@ -1567,7 +1568,7 @@ def test_memory_cache__memcache_timeout_zero(client: Client, provider: GenericPr @pytest.mark.importance("critical") @pytest.mark.cache @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_memory_cache__removed_cache_without_invalidation(client: Client, provider: GenericProvider): +def test_cache__removed_cache_without_invalidation(client: Client, provider: GenericProvider): """ :title: SSSD is stopped, cache removed then users and groups cannot be lookedup :setup: diff --git a/src/tests/system/tests/test_id.py b/src/tests/system/tests/test_identity.py similarity index 93% rename from src/tests/system/tests/test_id.py rename to src/tests/system/tests/test_identity.py index 42305e1d9cd..00b2c8d35f9 100644 --- a/src/tests/system/tests/test_id.py +++ b/src/tests/system/tests/test_identity.py @@ -1,5 +1,5 @@ """ -SSSD Client identification +SSSD Client identity Lookups :requirement: IDM-SSSD-REQ: Client side performance improvements """ @@ -15,7 +15,7 @@ @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__getpwnam(client: Client, provider: GenericProvider): +def test_identity__lookup_username_with_id(client: Client, provider: GenericProvider): """ :title: Resolve user by name with id :setup: @@ -49,7 +49,7 @@ def test_id__getpwnam(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__getpwuid(client: Client, provider: GenericProvider): +def test_identity__lookup_uid_with_id(client: Client, provider: GenericProvider): """ :title: Resolve user by uid with id :setup: @@ -83,7 +83,7 @@ def test_id__getpwuid(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__getgrnam(client: Client, provider: GenericProvider): +def test_identity__lookup_groupname_with_getent(client: Client, provider: GenericProvider): """ :title: Resolve group by name with getent.group :setup: @@ -117,7 +117,7 @@ def test_id__getgrnam(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__getgrgid(client: Client, provider: GenericProvider): +def test_identity__lookup_gid_with_getent(client: Client, provider: GenericProvider): """ :title: Resolve group with by gid with getent.group :setup: @@ -151,7 +151,7 @@ def test_id__getgrgid(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__getent_passwd(client: Client, provider: GenericProvider): +def test_identity__lookup_user_with_getent(client: Client, provider: GenericProvider): """ :title: Resolve user with getent.passwd :setup: @@ -194,7 +194,7 @@ def test_id__getent_passwd(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__getent_group(client: Client, provider: GenericProvider): +def test_identity__lookup_user_by_group_with_getent(client: Client, provider: GenericProvider): """ :title: Resolve user with getent.group :setup: @@ -235,7 +235,7 @@ def test_id__getent_group(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__membership_by_group_name(client: Client, provider: GenericProvider): +def test_identity__lookup_group_membership_by_username_with_id(client: Client, provider: GenericProvider): """ :title: Check membership of user by group name with id :setup: @@ -269,7 +269,7 @@ def test_id__membership_by_group_name(client: Client, provider: GenericProvider) @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__membership_by_group_id(client: Client, provider: GenericProvider): +def test_identity__lookup_group_membership_by_group_with_id(client: Client, provider: GenericProvider): """ :title: Check membership of user by gid with id :setup: @@ -304,7 +304,7 @@ def test_id__membership_by_group_id(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__initgroups(client: Client, provider: GenericProvider): +def test_identity__lookup_initgroups_with_getent(client: Client, provider: GenericProvider): """ :title: Check initgroups of user :setup: @@ -344,7 +344,7 @@ def test_id__initgroups(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__getpwnam_fully_qualified_names(client: Client, provider: GenericProvider): +def test_identity__lookup_users_with_fully_qualified_name(client: Client, provider: GenericProvider): """ :title: Resolve user when 'use_fully_qualified_names' is 'true' :setup: @@ -388,7 +388,7 @@ def test_id__getpwnam_fully_qualified_names(client: Client, provider: GenericPro @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__case_insensitive(client: Client, provider: GenericProvider): +def test_identity__lookup_users_when_case_insensitive(client: Client, provider: GenericProvider): """ :title: Search user with case insensitive name when 'case_sensitive' is 'false' :setup: @@ -434,7 +434,7 @@ def test_id__case_insensitive(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.identity @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_id__fq_names_case_insensitive(client: Client, provider: GenericProvider): +def test_identity__lookup_users_fully_qualified_name_and_case_insensitive(client: Client, provider: GenericProvider): """ :title: Search user with fq case insensitive name when 'case_sensitive' is 'false' and 'use_fully_qualified_names' is 'true' diff --git a/src/tests/system/tests/test_ldap.py b/src/tests/system/tests/test_ldap.py index 1472129c724..42f891e73cc 100644 --- a/src/tests/system/tests/test_ldap.py +++ b/src/tests/system/tests/test_ldap.py @@ -53,3 +53,42 @@ def test_ldap__change_password(client: Client, ldap: LDAP, modify_mode: str): assert client.auth.ssh.password(user, new_pass), "Authentication with new correct password failed" assert not client.auth.ssh.password(user, old_pass), "Authentication with old incorrect password did not fail" + + +@pytest.mark.importance("high") +@pytest.mark.ldap +@pytest.mark.authentication +@pytest.mark.ticket(bz=1507035) +@pytest.mark.topology(KnownTopology.LDAP) +@pytest.mark.parametrize("method", ["su", "ssh"]) +def test_ldap__password_change(client: Client, ldap: LDAP, method: str): + """ + :title: Change password with shadow ldap password policy + :setup: + 1. Allow user to change its own password in LDAP + 2. Create LDAP user "tuser" with shadowLastChange = 0 + 3. Set ldap_pwd_policy to "shadow" + 4. Set ldap_chpass_update_last_change to "True" + 5. Start SSSD + :steps: + 1. Autheticate as "tuser" with old password + 2. Autheticate as "tuser" with new password + :expectedresults: + 1. Password was expired and new password was expected and provided + 2. Authentication with new password was successful + :customerscenario: True + """ + ldap.aci.add('(targetattr="userpassword")(version 3.0; acl "pwp test"; allow (all) userdn="ldap:///self";)') + ldap.user("tuser").add( + uid=999011, gid=999011, shadowMin=0, shadowMax=99999, shadowWarning=7, shadowLastChange=0, password="Secret123" + ) + + client.sssd.domain["ldap_pwd_policy"] = "shadow" + client.sssd.domain["ldap_chpass_update_last_change"] = "True" + client.sssd.start() + + # Password is expired, change it + assert client.auth.parametrize(method).password_expired("tuser", "Secret123", "Redhat@321") + + # Authenticate with new password + assert client.auth.parametrize(method).password("tuser", "Redhat@321") diff --git a/src/tests/system/tests/test_ldap_extra_attrs.py b/src/tests/system/tests/test_schema.py similarity index 91% rename from src/tests/system/tests/test_ldap_extra_attrs.py rename to src/tests/system/tests/test_schema.py index cf3e6ce097a..4a49e2d5def 100644 --- a/src/tests/system/tests/test_ldap_extra_attrs.py +++ b/src/tests/system/tests/test_schema.py @@ -1,5 +1,5 @@ """ -ldap_user_extra_attrs tests. +schema tests. :requirement: ldap_extra_attrs """ @@ -17,7 +17,7 @@ @pytest.mark.ticket(gh=4153, bz=1362023) @pytest.mark.topology(KnownTopologyGroup.AnyProvider) @pytest.mark.parametrize("attrs", ["mail, firstname:givenname, lastname:sn", "given_email:mail"]) -def test_ldap_extra_attrs__filled(client: Client, provider: GenericProvider, attrs: str): +def test_schema__ldap_extra_attrs_filled(client: Client, provider: GenericProvider, attrs: str): """ :title: SSSD starts correctly when ldap_user_extra_attrs is filled :setup: diff --git a/src/tests/system/tests/test_shadow.py b/src/tests/system/tests/test_shadow.py deleted file mode 100644 index 93af68125d4..00000000000 --- a/src/tests/system/tests/test_shadow.py +++ /dev/null @@ -1,50 +0,0 @@ -""" -LDAP Shadow attributes tests. - -:requirement: IDM-SSSD-REQ : LDAP Provider -""" - -from __future__ import annotations - -import pytest -from sssd_test_framework.roles.client import Client -from sssd_test_framework.roles.ldap import LDAP -from sssd_test_framework.topology import KnownTopology - - -@pytest.mark.importance("high") -@pytest.mark.ldap -@pytest.mark.ticket(bz=1507035) -@pytest.mark.topology(KnownTopology.LDAP) -@pytest.mark.parametrize("method", ["su", "ssh"]) -def test_shadow__password_change(client: Client, ldap: LDAP, method: str): - """ - :title: Change password with shadow ldap password policy - :setup: - 1. Allow user to change its own password in LDAP - 2. Create LDAP user "tuser" with shadowLastChange = 0 - 3. Set ldap_pwd_policy to "shadow" - 4. Set ldap_chpass_update_last_change to "True" - 5. Start SSSD - :steps: - 1. Autheticate as "tuser" with old password - 2. Autheticate as "tuser" with new password - :expectedresults: - 1. Password was expired and new password was expected and provided - 2. Authentication with new password was successful - :customerscenario: True - """ - ldap.aci.add('(targetattr="userpassword")(version 3.0; acl "pwp test"; allow (all) userdn="ldap:///self";)') - ldap.user("tuser").add( - uid=999011, gid=999011, shadowMin=0, shadowMax=99999, shadowWarning=7, shadowLastChange=0, password="Secret123" - ) - - client.sssd.domain["ldap_pwd_policy"] = "shadow" - client.sssd.domain["ldap_chpass_update_last_change"] = "True" - client.sssd.start() - - # Password is expired, change it - assert client.auth.parametrize(method).password_expired("tuser", "Secret123", "Redhat@321") - - # Authenticate with new password - assert client.auth.parametrize(method).password("tuser", "Redhat@321") diff --git a/src/tests/system/tests/test_sssctl.py b/src/tests/system/tests/test_sssctl.py index 4a082614ce7..68c9d34974a 100644 --- a/src/tests/system/tests/test_sssctl.py +++ b/src/tests/system/tests/test_sssctl.py @@ -2,11 +2,15 @@ SSSCTL tests. :requirement: IDM-SSSD-REQ: Status utility +:requirement: IDM-SSSD-REQ: Configuration validation """ from __future__ import annotations +import re + import pytest +from pytest_mh.ssh import SSHProcessError from sssd_test_framework.roles.client import Client from sssd_test_framework.topology import KnownTopology @@ -29,7 +33,7 @@ def test_sssctl__check_id_provider(client: Client): 2. Successfully get the error message. :customerscenario: False """ - # create sssd.conf and start the sssd, with deafult configuration with a LDAP server. + # create sssd.conf and start the sssd, with default configuration with a LDAP server. client.sssd.start() # remove id_provider parameter from domain section. @@ -73,3 +77,89 @@ def test_sssctl__check_invalid_id_provider(client: Client): "[rule/sssd_checks]: Attribute 'id_provider' in section 'domain/test' has an invalid value: invalid" in output.stdout_lines[1] ) + + +@pytest.mark.importance("high") +@pytest.mark.tools +@pytest.mark.sssctl +@pytest.mark.topology(KnownTopology.Client) +def test_sssctl__check_typo_option_name(client: Client): + """ + :title: sssctl config-check detects mistyped option name + :setup: + 1. Add wrong_option to domain section + 2. Start SSSD, without config check + :steps: + 1. Call sssctl config-check + 2. Check error message + :expectedresults: + 1. config-check detects an error in config + 2. Error message is properly set + :customerscenario: False + """ + client.sssd.common.local() + client.sssd.dom("test")["wrong_option"] = "true" + + client.sssd.start(check_config=False) + + result = client.sssctl.config_check() + assert result.rc != 0, "Config-check did not detect misconfigured config" + + pattern = re.compile(r"Attribute 'wrong_option' is not allowed.*") + assert pattern.search(result.stdout), "Wrong error message was returned" + + +@pytest.mark.importance("high") +@pytest.mark.tools +@pytest.mark.sssctl +@pytest.mark.topology(KnownTopology.Client) +def test_sssctl__check_typo_domain_name(client: Client): + """ + :title: sssctl config-check detects mistyped domain name + :setup: + 1. Create mistyped domain ("domain/") + 2. Start SSSD + :steps: + 1. Call sssctl config-check, implicitly + 2. Check error message + :expectedresults: + 1. config-check detects an error in config + 2. Error message is properly set + :customerscenario: False + """ + client.sssd.dom("")["debug_level"] = "9" + + with pytest.raises(SSHProcessError) as ex: + client.sssd.start(raise_on_error=True, check_config=True) + + assert ex.match(r"Section \[domain\/\] is not allowed. Check for typos.*"), "Wrong error message was returned" + + +@pytest.mark.importance("high") +@pytest.mark.tools +@pytest.mark.sssctl +@pytest.mark.topology(KnownTopology.Client) +def test_sssctl__check_misplaced_option(client: Client): + """ + :title: sssctl config-check detects misplaced option + :setup: + 1. In domain set "services" to "nss, pam" + 2. Start SSSD, without config check + :steps: + 1. Call sssctl config-check + 2. Check error message + :expectedresults: + 1. config-check detects an error in config + 2. Error message is properly set + :customerscenario: False + """ + client.sssd.common.local() + client.sssd.dom("test")["services"] = "nss, pam" + + client.sssd.start(check_config=False) + + result = client.sssctl.config_check() + assert result.rc != 0, "Config-check did not detect misconfigured config" + + pattern = re.compile(r".Attribute 'services' is not allowed in section .*") + assert pattern.search(result.stdout), "Wrong error message was returned" diff --git a/src/tests/system/tests/test_sssctl_config_check.py b/src/tests/system/tests/test_sssctl_config_check.py deleted file mode 100644 index 3d01a4ecb02..00000000000 --- a/src/tests/system/tests/test_sssctl_config_check.py +++ /dev/null @@ -1,100 +0,0 @@ -""" -sssctl config-check Test Cases - -:requirement: IDM-SSSD-REQ: Status utility -""" - -from __future__ import annotations - -import re - -import pytest -from pytest_mh.ssh import SSHProcessError -from sssd_test_framework.roles.client import Client -from sssd_test_framework.topology import KnownTopology - - -@pytest.mark.importance("high") -@pytest.mark.tools -@pytest.mark.sssctl -@pytest.mark.topology(KnownTopology.Client) -def test_sssctl_config_check__typo_option_name(client: Client): - """ - :title: sssctl config-check detects mistyped option name - :setup: - 1. Add wrong_option to domain section - 2. Start SSSD, without config check - :steps: - 1. Call sssctl config-check - 2. Check error message - :expectedresults: - 1. config-check detects an error in config - 2. Error message is properly set - :customerscenario: False - """ - client.sssd.common.local() - client.sssd.dom("test")["wrong_option"] = "true" - - client.sssd.start(check_config=False) - - result = client.sssctl.config_check() - assert result.rc != 0, "Config-check did not detect misconfigured config" - - pattern = re.compile(r"Attribute 'wrong_option' is not allowed.*") - assert pattern.search(result.stdout), "Wrong error message was returned" - - -@pytest.mark.importance("high") -@pytest.mark.tools -@pytest.mark.sssctl -@pytest.mark.topology(KnownTopology.Client) -def test_sssctl_config_check__typo_domain_name(client: Client): - """ - :title: sssctl config-check detects mistyped domain name - :setup: - 1. Create mistyped domain ("domain/") - 2. Start SSSD - :steps: - 1. Call sssctl config-check, implicitly - 2. Check error message - :expectedresults: - 1. config-check detects an error in config - 2. Error message is properly set - :customerscenario: False - """ - client.sssd.dom("")["debug_level"] = "9" - - with pytest.raises(SSHProcessError) as ex: - client.sssd.start(raise_on_error=True, check_config=True) - - assert ex.match(r"Section \[domain\/\] is not allowed. Check for typos.*"), "Wrong error message was returned" - - -@pytest.mark.importance("high") -@pytest.mark.tools -@pytest.mark.sssctl -@pytest.mark.topology(KnownTopology.Client) -def test_sssctl_config_check__misplaced_option(client: Client): - """ - :title: sssctl config-check detects misplaced option - :setup: - 1. In domain set "services" to "nss, pam" - 2. Start SSSD, without config check - :steps: - 1. Call sssctl config-check - 2. Check error message - :expectedresults: - 1. config-check detects an error in config - 2. Error message is properly set - :customerscenario: False - """ - client.sssd.common.local() - client.sssd.dom("test")["services"] = "nss, pam" - - client.sssd.start(check_config=False) - - result = client.sssctl.config_check() - assert result.rc != 0, "Config-check did not detect misconfigured config" - - pattern = re.compile(r".Attribute 'services' is not allowed in section .*") - assert pattern.search(result.stdout), "Wrong error message was returned"