#!/usr/bin/env python
# -*- coding: utf-8 -*-
from __future__ import with_statement
from __future__ import unicode_literals
import pytest
import sys
from ldapcherry.roles import Roles
from ldapcherry.exceptions import DumplicateRoleKey, MissingKey, DumplicateRoleContent, MissingRolesFile, MissingRole
from ldapcherry.pyyamlwrapper import DumplicatedKey, RelationError
if sys.version < '3':
from sets import Set as set
class TestError(object):
def testNominal(self):
inv = Roles('./tests/cfg/roles.yml')
print(inv.roles)
return True
def testMissingDisplayName(self):
try:
inv = Roles('./tests/cfg/roles_missing_diplay_name.yml')
except MissingKey:
return
else:
raise AssertionError("expected an exception")
def testMissingBackends(self):
try:
inv = Roles('./tests/cfg/roles_missing_backends.yml')
except MissingKey:
return
else:
raise AssertionError("expected an exception")
def testRoleKeyDuplication(self):
try:
inv = Roles('./tests/cfg/roles_key_dup.yml')
except DumplicateRoleKey:
return
else:
raise AssertionError("expected an exception")
def testNoFile(self):
try:
inv = Roles('./tests/cfg/dontexist')
except MissingRolesFile:
return
else:
raise AssertionError("expected an exception")
def testRoleContentDuplication(self):
try:
inv = Roles('./tests/cfg/roles_content_dup.yml')
except DumplicateRoleContent:
return
else:
raise AssertionError("expected an exception")
def testGroupsRemove(self):
inv = Roles('./tests/cfg/roles.yml')
groups = inv.get_groups_to_remove(
['admin-lv2', 'admin-lv3', 'users'],
['admin-lv2']
)
expected = {'ad': set(['Administrators', 'Domain Controllers']), 'ldap': set(['cn=nagios admins,ou=group,dc=example,dc=com', 'cn=puppet admins,ou=group,dc=example,dc=com', 'cn=dns admins,ou=group,dc=example,dc=com'])}
assert groups == expected
def testGetGroup(self):
inv = Roles('./tests/cfg/roles.yml')
res = inv.get_groups(['users'])
expected = {
'ad': ['Domain Users'],
'ldap': ['cn=users,ou=group,dc=example,dc=com']
}
assert res == expected
def testNested(self):
inv = Roles('./tests/cfg/nested.yml')
expected = {
'admin-lv2': {
'LC_admins': True,
'backends_groups': {
'ad': ['Domain Users'],
'ldap': ['cn=nagios '
'admins,ou=group,dc=example,dc=com',
'cn=users,ou=group,dc=example,dc=com']
},
'description': 'description',
'display_name': 'Administrators Level 2'
},
'admin-lv3': {
'backends_groups': {
'ad': ['Administrators',
'Domain Controllers',
'Domain Users'],
'ldap': ['cn=dns '
'admins,ou=group,dc=example,dc=com',
'cn=nagios '
'admins,ou=group,dc=example,dc=com',
'cn=puppet '
'admins,ou=group,dc=example,dc=com',
'cn=users,ou=group,dc=example,dc=com']
},
'description': 'description',
'display_name': 'Administrators Level 3'
},
'developpers': {
'backends_groups': {
'ad': ['Domain Users'],
'ldap': ['cn=developpers,ou=group,dc=example,dc=com',
'cn=users,ou=group,dc=example,dc=com']},
'description': 'description',
'display_name': 'Developpers'
},
'users': {
'backends_groups': {
'ad': ['Domain Users'],
'ldap': ['cn=users,ou=group,dc=example,dc=com']},
'description': 'description',
'display_name': 'Simple Users'
}
}
assert expected == inv.flatten
def testGetGroupMissingRole(self):
inv = Roles('./tests/cfg/roles.yml')
try:
res = inv.get_groups('notarole')
except MissingRole:
return
else:
raise AssertionError("expected an exception")
def testGetDisplayNameMissingRole(self):
inv = Roles('./tests/cfg/roles.yml')
try:
res = inv.get_display_name('notarole')
except MissingRole:
return
else:
raise AssertionError("expected an exception")
def testGetDisplayName(self):
inv = Roles('./tests/cfg/roles.yml')
res = inv.get_display_name('users')
expected = 'Simple Users'
assert res == expected
def testGetAllRoles(self):
inv = Roles('./tests/cfg/roles.yml')
res = inv.get_allroles()
expected = ['developpers', 'admin-lv3', 'admin-lv2', 'users']
assert res == expected
def testGetAllRoles(self):
inv = Roles('./tests/cfg/roles.yml')
res = inv.get_backends()
expected = set(['ad', 'ldap'])
assert res == expected
def testDumpNested(self):
inv = Roles('./tests/cfg/roles.yml')
inv.dump_nest()
def testAdminRoles(self):
inv = Roles('./tests/cfg/roles.yml')
res = inv.get_admin_roles()
expected = ['admin-lv2', 'admin-lv3']
assert res == expected
def testIsAdmin(self):
inv = Roles('./tests/cfg/roles.yml')
res = inv.is_admin(['admin-lv3', 'users'])
assert res == True
def testIsNotAdmin(self):
inv = Roles('./tests/cfg/roles.yml')
res = inv.is_admin(['users'])
assert res == False
def testGetRole(self):
inv = Roles('./tests/cfg/roles.yml')
groups = {
'ad' : ['Domain Users', 'Domain Users 2'],
'ldap': ['cn=users,ou=group,dc=example,dc=com',
'cn=nagios admins,ou=group,dc=example,dc=com',
'cn=developpers,ou=group,dc=example,dc=com',
],
'toto': ['not a group'],
}
expected = {'unusedgroups': {'toto': set(['not a group']), 'ad': set(['Domain Users 2'])}, 'roles': set(['developpers', 'admin-lv2', 'users'])}
assert inv.get_roles(groups) == expected
kakwa