Rename test function names that were starting to get very long.
They were all prefixed with the test name, stop doing that and use double underscore for better separation.
e.g. AuthPolicyCmdTestCase.test_authentication_policy_list_json
becomes AuthPolicyCmdTestCase.test_list__json
The claim types and value types test cases have been split into two testcases.
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
class AuthPolicyCmdTestCase(BaseAuthCmdTest):
- def test_authentication_policy_list(self):
+ def test_list(self):
"""Test listing authentication policies in list format."""
result, out, err = self.runcmd("domain", "auth", "policy", "list")
self.assertIsNone(result, msg=err)
for policy in expected_policies:
self.assertIn(policy, out)
- def test_authentication_policy_list_json(self):
+ def test_list__json(self):
"""Test listing authentication policies in JSON format."""
result, out, err = self.runcmd("domain", "auth", "policy",
"list", "--json")
self.assertIn("msDS-StrongNTLMPolicy", policy)
self.assertIn("objectGUID", policy)
- def test_authentication_policy_view(self):
+ def test_view(self):
"""Test viewing a single authentication policy."""
result, out, err = self.runcmd("domain", "auth", "policy", "view",
"--name", "User Policy")
self.assertEqual(policy["cn"], "User Policy")
self.assertEqual(policy["msDS-AuthNPolicyEnforced"], True)
- def test_authentication_policy_view_notfound(self):
+ def test_view__notfound(self):
"""Test viewing an authentication policy that doesn't exist."""
result, out, err = self.runcmd("domain", "auth", "policy", "view",
"--name", "doesNotExist")
self.assertEqual(result, -1)
self.assertIn("Authentication policy doesNotExist not found.", err)
- def test_authentication_policy_view_name_required(self):
+ def test_view__name_required(self):
"""Test view authentication policy without --name argument."""
result, out, err = self.runcmd("domain", "auth", "policy", "view")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_authentication_policy_create(self):
+ def test_create__success(self):
"""Test creating a new authentication policy."""
self.addCleanup(self.delete_authentication_policy,
name="createTest", force=True)
self.assertEqual(str(policy["cn"]), "createTest")
self.assertEqual(str(policy["msDS-AuthNPolicyEnforced"]), "TRUE")
- def test_authentication_policy_create_description(self):
+ def test_create__description(self):
"""Test creating a new authentication policy with description set."""
self.addCleanup(self.delete_authentication_policy,
name="descriptionTest", force=True)
self.assertEqual(str(policy["cn"]), "descriptionTest")
self.assertEqual(str(policy["description"]), "Custom Description")
- def test_authentication_policy_create_user_tgt_lifetime(self):
+ def test_create__user_tgt_lifetime_mins(self):
"""Test create a new authentication policy with --user-tgt-lifetime-mins.
Also checks the upper and lower bounds are handled.
self.assertIn("--user-tgt-lifetime-mins must be between 45 and 2147483647",
err)
- def test_authentication_policy_create_service_tgt_lifetime(self):
+ def test_create__service_tgt_lifetime_mins(self):
"""Test create a new authentication policy with --service-tgt-lifetime-mins.
Also checks the upper and lower bounds are handled.
self.assertIn("--service-tgt-lifetime-mins must be between 45 and 2147483647",
err)
- def test_authentication_policy_create_computer_tgt_lifetime(self):
+ def test_create__computer_tgt_lifetime_mins(self):
"""Test create a new authentication policy with --computer-tgt-lifetime-mins.
Also checks the upper and lower bounds are handled.
self.assertIn("--computer-tgt-lifetime-mins must be between 45 and 2147483647",
err)
- def test_authentication_policy_create_valid_sddl(self):
+ def test_create__valid_sddl(self):
"""Test creating a new authentication policy with valid SDDL in a field."""
expected = "O:SYG:SYD:(XA;OICI;CR;;;WD;(Member_of {SID(AO)}))"
sddl = ndr_unpack(security.descriptor, desc).as_sddl()
self.assertEqual(sddl, expected)
- def test_authentication_policy_create_invalid_sddl(self):
+ def test_create__invalid_sddl(self):
"""Test creating a new authentication policy with invalid SDDL in a field."""
result, out, err = self.runcmd("domain", "auth", "policy", "create",
"--name", "invalidSDDLPolicy",
self.assertIn(
"msDS-UserAllowedToAuthenticateFrom: Unable to parse SDDL", err)
- def test_authentication_policy_create_already_exists(self):
+ def test_create__already_exists(self):
"""Test creating a new authentication policy that already exists."""
result, out, err = self.runcmd("domain", "auth", "policy", "create",
"--name", "User Policy")
self.assertEqual(result, -1)
self.assertIn("Authentication policy User Policy already exists", err)
- def test_authentication_policy_create_name_missing(self):
+ def test_create__name_missing(self):
"""Test create authentication policy without --name argument."""
result, out, err = self.runcmd("domain", "auth", "policy", "create")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_authentication_policy_create_audit(self):
+ def test_create__audit(self):
"""Test create authentication policy with --audit flag."""
result, out, err = self.runcmd("domain", "auth", "policy", "create",
"--name", "auditPolicy",
policy = self.get_authentication_policy("auditPolicy")
self.assertEqual(str(policy["msDS-AuthNPolicyEnforced"]), "FALSE")
- def test_authentication_policy_create_enforce(self):
+ def test_create__enforce(self):
"""Test create authentication policy with --enforce flag."""
result, out, err = self.runcmd("domain", "auth", "policy", "create",
"--name", "enforcePolicy",
policy = self.get_authentication_policy("enforcePolicy")
self.assertEqual(str(policy["msDS-AuthNPolicyEnforced"]), "TRUE")
- def test_authentication_policy_create_audit_enforce_together(self):
+ def test_create__audit_enforce_together(self):
"""Test create auth policy using both --audit and --enforce."""
result, out, err = self.runcmd("domain", "auth", "policy", "create",
"--name", "enforceTogether",
self.assertEqual(result, -1)
self.assertIn("--audit and --enforce cannot be used together.", err)
- def test_authentication_policy_create_protect_unprotect_together(self):
+ def test_create__protect_unprotect_together(self):
"""Test create authentication policy using --protect and --unprotect."""
result, out, err = self.runcmd("domain", "auth", "policy", "create",
"--name", "protectTogether",
self.assertEqual(result, -1)
self.assertIn("--protect and --unprotect cannot be used together.", err)
- def test_authentication_policy_create_fails(self):
+ def test_create__fails(self):
"""Test creating an authentication policy, but it fails."""
# Raise ModelError when ldb.add() is called.
with patch.object(SamDB, "add") as add_mock:
self.assertEqual(result, -1)
self.assertIn("Custom error message", err)
- def test_authentication_policy_modify_description(self):
+ def test_modify__description(self):
"""Test modifying an authentication policy description."""
# Create a policy to modify for this test.
name = "modifyDescription"
policy = self.get_authentication_policy(name)
self.assertEqual(str(policy["description"]), "NewDescription")
- def test_authentication_policy_modify_strong_ntlm_policy(self):
+ def test_modify__strong_ntlm_policy(self):
"""Test modify strong ntlm policy on the authentication policy."""
# Create a policy to modify for this test.
name = "modifyStrongNTLMPolicy"
# choices because inside optparse it will raise OptionValueError
# followed by raising SystemExit(2).
- def test_authentication_policy_modify_user_tgt_lifetime(self):
+ def test_modify__user_tgt_lifetime_mins(self):
"""Test modifying an authentication policy --user-tgt-lifetime-mins.
This includes checking the upper and lower bounds.
self.assertIn("--user-tgt-lifetime-mins must be between 45 and 2147483647",
err)
- def test_authentication_policy_modify_service_tgt_lifetime(self):
+ def test_modify__service_tgt_lifetime_mins(self):
"""Test modifying an authentication policy --service-tgt-lifetime-mins.
This includes checking the upper and lower bounds.
self.assertIn("--service-tgt-lifetime-mins must be between 45 and 2147483647",
err)
- def test_authentication_policy_modify_computer_tgt_lifetime(self):
+ def test_modify__computer_tgt_lifetime_mins(self):
"""Test modifying an authentication policy --computer-tgt-lifetime-mins.
This includes checking the upper and lower bounds.
self.assertIn("--computer-tgt-lifetime-mins must be between 45 and 2147483647",
err)
- def test_authentication_policy_modify_name_missing(self):
+ def test_modify__name_missing(self):
"""Test modify authentication but the --name argument is missing."""
result, out, err = self.runcmd("domain", "auth", "policy", "modify",
"--description", "NewDescription")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_authentication_policy_modify_notfound(self):
+ def test_modify__notfound(self):
"""Test modify an authentication silo that doesn't exist."""
result, out, err = self.runcmd("domain", "auth", "policy", "modify",
"--name", "doesNotExist",
self.assertEqual(result, -1)
self.assertIn("Authentication policy doesNotExist not found.", err)
- def test_authentication_policy_modify_audit_enforce(self):
+ def test_modify__audit_enforce(self):
"""Test modify authentication policy using --audit and --enforce."""
# Create a policy to modify for this test.
name = "modifyEnforce"
policy = self.get_authentication_policy(name)
self.assertEqual(str(policy["msDS-AuthNPolicyEnforced"]), "TRUE")
- def test_authentication_policy_modify_protect_unprotect(self):
+ def test_modify__protect_unprotect(self):
"""Test modify authentication policy using --protect and --unprotect."""
# Create a policy to modify for this test.
name = "modifyProtect"
desc = utils.get_sd_as_sddl(policy["dn"])
self.assertNotIn("(D;;DTSD;;;WD)", desc)
- def test_authentication_policy_modify_audit_enforce_together(self):
+ def test_modify__audit_enforce_together(self):
"""Test modify auth policy using both --audit and --enforce."""
result, out, err = self.runcmd("domain", "auth", "policy", "modify",
"--name", "User Policy",
self.assertEqual(result, -1)
self.assertIn("--audit and --enforce cannot be used together.", err)
- def test_authentication_policy_modify_protect_unprotect_together(self):
+ def test_modify__protect_unprotect_together(self):
"""Test modify authentication policy using --protect and --unprotect."""
result, out, err = self.runcmd("domain", "auth", "policy", "modify",
"--name", "User Policy",
self.assertEqual(result, -1)
self.assertIn("--protect and --unprotect cannot be used together.", err)
- def test_authentication_policy_modify_fails(self):
+ def test_modify__fails(self):
"""Test modifying an authentication policy, but it fails."""
# Raise ModelError when ldb.add() is called.
with patch.object(SamDB, "modify") as modify_mock:
self.assertEqual(result, -1)
self.assertIn("Custom error message", err)
- def test_authentication_policy_delete(self):
+ def test_delete__success(self):
"""Test deleting an authentication policy that is not protected."""
# Create non-protected authentication policy.
result, out, err = self.runcmd("domain", "auth", "policy", "create",
policy = self.get_authentication_policy("deleteTest")
self.assertIsNone(policy)
- def test_authentication_policy_delete_protected(self):
+ def test_delete__protected(self):
"""Test deleting a protected auth policy, with and without --force."""
# Create protected authentication policy.
result, out, err = self.runcmd("domain", "auth", "policy", "create",
policy = self.get_authentication_policy("deleteProtected")
self.assertIsNone(policy)
- def test_authentication_policy_delete_notfound(self):
+ def test_delete__notfound(self):
"""Test deleting an authentication policy that doesn't exist."""
result, out, err = self.runcmd("domain", "auth", "policy", "delete",
"--name", "doesNotExist")
self.assertEqual(result, -1)
self.assertIn("Authentication policy doesNotExist not found.", err)
- def test_authentication_policy_delete_name_required(self):
+ def test_delete__name_required(self):
"""Test deleting an authentication policy without --name argument."""
result, out, err = self.runcmd("domain", "auth", "policy", "delete")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_authentication_policy_delete_force_fails(self):
+ def test_delete__force_fails(self):
"""Test deleting an authentication policy with --force, but it fails."""
# Create protected authentication policy.
result, out, err = self.runcmd("domain", "auth", "policy", "create",
self.assertEqual(result, -1)
self.assertIn("Custom error message", err)
- def test_authentication_policy_delete_fails(self):
+ def test_delete__fails(self):
"""Test deleting an authentication policy, but it fails."""
# Create regular authentication policy.
result, out, err = self.runcmd("domain", "auth", "policy", "create",
# When not using --force we get a hint.
self.assertIn("Try --force", err)
- def test_authentication_policy_delete_protected_fails(self):
+ def test_delete__protected_fails(self):
"""Test deleting an authentication policy, but it fails."""
# Create protected authentication policy.
result, out, err = self.runcmd("domain", "auth", "policy", "create",
class AuthSiloCmdTestCase(BaseAuthCmdTest):
- def test_authentication_silo_list(self):
+ def test_list(self):
"""Test listing authentication silos in list format."""
result, out, err = self.runcmd("domain", "auth", "silo", "list")
self.assertIsNone(result, msg=err)
for silo in expected_silos:
self.assertIn(silo, out)
- def test_authentication_silo_list_json(self):
+ def test_list___json(self):
"""Test listing authentication silos in JSON format."""
result, out, err = self.runcmd("domain", "auth", "silo",
"list", "--json")
self.assertIn("msDS-UserAuthNPolicy", silo)
self.assertIn("objectGUID", silo)
- def test_authentication_silo_view(self):
+ def test_view(self):
"""Test viewing a single authentication silo."""
result, out, err = self.runcmd("domain", "auth", "silo", "view",
"--name", "Developers")
self.assertEqual(silo["cn"], "Developers")
self.assertEqual(silo["description"], "Developers, Developers")
- def test_authentication_silo_view_notfound(self):
+ def test_view__notfound(self):
"""Test viewing an authentication silo that doesn't exist."""
result, out, err = self.runcmd("domain", "auth", "silo", "view",
"--name", "doesNotExist")
self.assertEqual(result, -1)
self.assertIn("Authentication silo doesNotExist not found.", err)
- def test_authentication_silo_view_name_required(self):
+ def test_view__name_required(self):
"""Test view authentication silo without --name argument."""
result, out, err = self.runcmd("domain", "auth", "silo", "view")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_authentication_silo_create_single_policy(self):
+ def test_create__single_policy(self):
"""Test creating a new authentication silo with a single policy."""
self.addCleanup(self.delete_authentication_silo,
name="singlePolicy", force=True)
self.assertIn("User Policy", str(silo["msDS-UserAuthNPolicy"]))
self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "TRUE")
- def test_authentication_silo_create_multiple_policies(self):
+ def test_create__multiple_policies(self):
"""Test creating a new authentication silo with multiple policies."""
self.addCleanup(self.delete_authentication_silo,
name="multiplePolicies", force=True)
self.assertIn("Computer Policy", str(silo["msDS-ComputerAuthNPolicy"]))
self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "TRUE")
- def test_authentication_silo_create_policy_dn(self):
+ def test_create__policy_dn(self):
"""Test creating a new authentication silo when policy is a dn."""
policy = self.get_authentication_policy("User Policy")
self.assertIn(str(policy["name"]), str(silo["msDS-UserAuthNPolicy"]))
self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "TRUE")
- def test_authentication_silo_create_already_exists(self):
+ def test_create__already_exists(self):
"""Test creating a new authentication silo that already exists."""
result, out, err = self.runcmd("domain", "auth", "silo", "create",
"--name", "Developers",
self.assertEqual(result, -1)
self.assertIn("Authentication silo Developers already exists.", err)
- def test_authentication_silo_create_name_missing(self):
+ def test_create__name_missing(self):
"""Test create authentication silo without --name argument."""
result, out, err = self.runcmd("domain", "auth", "silo", "create",
"--user-authentication-policy", "User Policy")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_authentication_silo_create_audit(self):
+ def test_create__audit(self):
"""Test create authentication silo with --audit flag."""
self.addCleanup(self.delete_authentication_silo,
name="auditPolicies", force=True)
silo = self.get_authentication_silo("auditPolicies")
self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "FALSE")
- def test_authentication_silo_create_enforce(self):
+ def test_create__enforce(self):
"""Test create authentication silo with --enforce flag."""
self.addCleanup(self.delete_authentication_silo,
name="enforcePolicies", force=True)
silo = self.get_authentication_silo("enforcePolicies")
self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "TRUE")
- def test_authentication_silo_create_audit_enforce_together(self):
+ def test_create__audit_enforce_together(self):
"""Test create authentication silo using both --audit and --enforce."""
result, out, err = self.runcmd("domain", "auth", "silo", "create",
"--name", "enforceTogether",
self.assertEqual(result, -1)
self.assertIn("--audit and --enforce cannot be used together.", err)
- def test_authentication_silo_create_protect_unprotect_together(self):
+ def test_create__protect_unprotect_together(self):
"""Test create authentication silo using --protect and --unprotect."""
result, out, err = self.runcmd("domain", "auth", "silo",
"create", "--name", "protectTogether",
self.assertEqual(result, -1)
self.assertIn("--protect and --unprotect cannot be used together.", err)
- def test_authentication_silo_create_policy_notfound(self):
+ def test_create__policy_notfound(self):
"""Test create authentication silo with a policy that doesn't exist."""
result, out, err = self.runcmd("domain", "auth", "silo", "create",
"--name", "policyNotFound",
self.assertEqual(result, -1)
self.assertIn("Authentication policy Invalid Policy not found.", err)
- def test_authentication_silo_create_fails(self):
+ def test_create__fails(self):
"""Test creating an authentication silo, but it fails."""
# Raise ModelError when ldb.add() is called.
with patch.object(SamDB, "add") as add_mock:
self.assertEqual(result, -1)
self.assertIn("Custom error message", err)
- def test_authentication_silo_modify_description(self):
+ def test_modify__description(self):
"""Test modify authentication silo changing the description field."""
# Create a silo to modify for this test.
name = "modifyDescription"
silo = self.get_authentication_silo(name)
self.assertEqual(str(silo["description"]), "New Description")
- def test_authentication_silo_modify_audit_enforce(self):
+ def test_modify__audit_enforce(self):
"""Test modify authentication silo setting --audit and --enforce."""
# Create a silo to modify for this test.
name = "modifyEnforce"
silo = self.get_authentication_silo(name)
self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "TRUE")
- def test_authentication_silo_modify_protect_unprotect(self):
+ def test_modify__protect_unprotect(self):
"""Test modify un-protecting and protecting an authentication silo."""
# Create a silo to modify for this test.
name = "modifyProtect"
desc = utils.get_sd_as_sddl(silo["dn"])
self.assertNotIn("(D;;DTSD;;;WD)", desc)
- def test_authentication_silo_modify_audit_enforce_together(self):
+ def test_modify__audit_enforce_together(self):
"""Test modify silo doesn't allow both --audit and --enforce."""
result, out, err = self.runcmd("domain", "auth", "silo", "modify",
"--name", "qa",
self.assertEqual(result, -1)
self.assertIn("--audit and --enforce cannot be used together.", err)
- def test_authentication_silo_modify_protect_unprotect_together(self):
+ def test_modify__protect_unprotect_together(self):
"""Test modify silo using both --protect and --unprotect."""
result, out, err = self.runcmd("domain", "auth", "silo", "modify",
"--name", "developers",
self.assertEqual(result, -1)
self.assertIn("--protect and --unprotect cannot be used together.", err)
- def test_authentication_silo_modify_notfound(self):
+ def test_modify__notfound(self):
"""Test modify an authentication silo that doesn't exist."""
result, out, err = self.runcmd("domain", "auth", "silo", "modify",
"--name", "doesNotExist",
self.assertEqual(result, -1)
self.assertIn("Authentication silo doesNotExist not found.", err)
- def test_authentication_silo_modify_name_missing(self):
+ def test_modify__name_missing(self):
"""Test modify authentication silo without --name argument."""
result, out, err = self.runcmd("domain", "auth", "silo", "modify")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_authentication_silo_modify_fails(self):
+ def test_modify__fails(self):
"""Test modify authentication silo, but it fails."""
# Raise ModelError when ldb.modify() is called.
with patch.object(SamDB, "modify") as add_mock:
silo = self.get_authentication_silo("deleteTest")
self.assertIsNone(silo)
- def test_authentication_silo_delete_protected(self):
+ def test_delete__protected(self):
"""Test deleting a protected auth silo, with and without --force."""
# Create protected authentication silo.
result, out, err = self.runcmd("domain", "auth", "silo", "create",
silo = self.get_authentication_silo("deleteProtected")
self.assertIsNone(silo)
- def test_authentication_silo_delete_notfound(self):
+ def test_delete__notfound(self):
"""Test deleting an authentication silo that doesn't exist."""
result, out, err = self.runcmd("domain", "auth", "silo", "delete",
"--name", "doesNotExist")
self.assertEqual(result, -1)
self.assertIn("Authentication silo doesNotExist not found.", err)
- def test_authentication_silo_delete_name_required(self):
+ def test_delete__name_required(self):
"""Test deleting an authentication silo without --name argument."""
result, out, err = self.runcmd("domain", "auth", "silo", "delete")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_authentication_silo_delete_force_fails(self):
+ def test_delete__force_fails(self):
"""Test deleting an authentication silo with --force, but it fails."""
# Create protected authentication silo.
result, out, err = self.runcmd("domain", "auth", "silo", "create",
self.assertEqual(result, -1)
self.assertIn("Custom error message", err)
- def test_authentication_silo_delete_fails(self):
+ def test_delete__fails(self):
"""Test deleting an authentication silo, but it fails."""
# Create regular authentication silo.
result, out, err = self.runcmd("domain", "auth", "silo", "create",
# When not using --force we get a hint.
self.assertIn("Try --force", err)
- def test_authentication_silo_delete_protected_fails(self):
+ def test_delete__protected_fails(self):
"""Test deleting an authentication silo, but it fails."""
# Create protected authentication silo.
result, out, err = self.runcmd("domain", "auth", "silo", "create",
self.assertIsNone(result, msg=err)
- def test_authentication_silo_member_list(self):
+ def test_member_list(self):
"""Test listing authentication policy members in list format."""
alice = self.get_user("alice")
jane = self.get_user("jane")
self.assertIn(str(jane.dn), out)
self.assertNotIn(str(alice.dn), out)
- def test_authentication_silo_member_list_json(self):
+ def test_member_list___json(self):
"""Test listing authentication policy members list in json format."""
alice = self.get_user("alice")
jane = self.get_user("jane")
self.assertIn(str(jane.dn), members_dn)
self.assertNotIn(str(alice.dn), members_dn)
- def test_authentication_silo_member_list_name_missing(self):
+ def test_member_list__name_missing(self):
"""Test list authentication policy members without the name argument."""
result, out, err = self.runcmd("domain", "auth", "silo",
"member", "list")
self.assertIsNotNone(result)
self.assertIn("Argument --name is required.", err)
- def test_authentication_silo_member_add_user(self):
+ def test_member_add__user(self):
"""Test adding a user to an authentication silo."""
self.add_silo_member("Developers", "joe")
members = [str(member) for member in silo["msDS-AuthNPolicySiloMembers"]]
self.assertIn(str(user.dn), members)
- def test_authentication_silo_member_add_computer(self):
+ def test_member_add__computer(self):
"""Test adding a computer to an authentication silo"""
name = "AUTH_SILO_CMP"
computer = self.create_computer(name)
self.assertIsNone(result, msg=err)
self.assertIn(f"User '{name}' added to the {silo} silo.", out)
- def test_authentication_silo_member_add_unknown_user(self):
+ def test_member_add__unknown_user(self):
"""Test adding an unknown user to an authentication silo."""
result, out, err = self.runcmd("domain", "auth", "silo",
"member", "add",
CREDS = "-U{DC_USERNAME}%{DC_PASSWORD}".format(**os.environ)
-class ClaimCmdTestCase(SambaToolCmdTest):
+class BaseClaimCmdTest(SambaToolCmdTest):
+ """Base class for claim types and claim value types tests."""
@classmethod
def setUpClass(cls):
if len(result) == 1:
return result[0]
- def test_claim_type_list(self):
+
+class ClaimTypeCmdTestCase(BaseClaimCmdTest):
+ """Tests for the claim-type command."""
+
+ def test_list(self):
"""Test listing claim types in list format."""
result, out, err = self.runcmd("domain", "claim", "claim-type", "list")
self.assertIsNone(result, msg=err)
for claim_type in expected_claim_types:
self.assertIn(claim_type, out)
- def test_claim_type_list_json(self):
+ def test_list__json(self):
"""Test listing claim types in JSON format."""
result, out, err = self.runcmd("domain", "claim", "claim-type",
"list", "--json")
for claim_type in expected_claim_types:
self.assertIn(claim_type, claim_types)
- def test_claim_type_view(self):
+ def test_view(self):
"""Test viewing a single claim type."""
result, out, err = self.runcmd("domain", "claim", "claim-type",
"view", "--name", "expires")
self.assertEqual(claim_type["displayName"], "expires")
self.assertEqual(claim_type["description"], "Account-Expires")
- def test_claim_type_view_name_missing(self):
+ def test_view__name_missing(self):
"""Test view claim type without --name is handled."""
result, out, err = self.runcmd("domain", "claim", "claim-type", "view")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_claim_type_view_notfound(self):
+ def test_view__notfound(self):
"""Test viewing claim type that doesn't exist is handled."""
result, out, err = self.runcmd("domain", "claim", "claim-type",
"view", "--name", "doesNotExist")
self.assertEqual(result, -1)
self.assertIn("Claim type doesNotExist not found.", err)
- def test_claim_type_create(self):
+ def test_create(self):
"""Test creating several known attributes as claim types.
The point is to test it against the various datatypes that could
self.assertEqual(str(claim_type["objectClass"][-1]), "msDS-ClaimType")
self.assertEqual(str(claim_type["msDS-ClaimSourceType"]), "AD")
- def test_claim_type_create_boolean(self):
+ def test_create__boolean(self):
"""Test adding a known boolean attribute and check its type."""
self.addCleanup(self.delete_claim_type, name="boolAttr", force=True)
self.assertEqual(str(claim_type["displayName"]), "boolAttr")
self.assertEqual(str(claim_type["msDS-ClaimValueType"]), "6")
- def test_claim_type_create_number(self):
+ def test_create__number(self):
"""Test adding a known numeric attribute and check its type."""
self.addCleanup(self.delete_claim_type, name="intAttr", force=True)
self.assertEqual(str(claim_type["displayName"]), "intAttr")
self.assertEqual(str(claim_type["msDS-ClaimValueType"]), "1")
- def test_claim_type_create_text(self):
+ def test_create__text(self):
"""Test adding a known text attribute and check its type."""
self.addCleanup(self.delete_claim_type, name="textAttr", force=True)
self.assertEqual(str(claim_type["displayName"]), "textAttr")
self.assertEqual(str(claim_type["msDS-ClaimValueType"]), "3")
- def test_claim_type_create_disabled(self):
+ def test_create__disabled(self):
"""Test adding a disabled attribute."""
self.addCleanup(self.delete_claim_type, name="disabledAttr", force=True)
self.assertEqual(str(claim_type["displayName"]), "disabledAttr")
self.assertEqual(str(claim_type["Enabled"]), "FALSE")
- def test_claim_type_create_protected(self):
+ def test_create__protected(self):
"""Test adding a protected attribute."""
self.addCleanup(self.delete_claim_type, name="protectedAttr", force=True)
desc = utils.get_sd_as_sddl(claim_type["dn"])
self.assertIn("(D;;DTSD;;;WD)", desc)
- def test_claim_type_create_classes(self):
+ def test_create__classes(self):
"""Test adding an attribute applied to different classes."""
schema_dn = self.samdb.get_schema_basedn()
user_dn = f"CN=User,{schema_dn}"
self.assertEqual(result, -1)
self.assertIn("Argument --class is required.", err)
- def test_claim_type_delete(self):
+ def test__delete(self):
"""Test deleting a claim type that is not protected."""
# Create non-protected claim type.
result, out, err = self.runcmd("domain", "claim", "claim-type",
claim_type = self.get_claim_type("siteName")
self.assertIsNone(claim_type)
- def test_claim_type_delete_protected(self):
+ def test_delete__protected(self):
"""Test deleting a protected claim type, with and without --force."""
# Create protected claim type.
result, out, err = self.runcmd("domain", "claim", "claim-type",
claim_type = self.get_claim_type("siteName")
self.assertIsNone(claim_type)
- def test_claim_type_delete_notfound(self):
+ def test_delete__notfound(self):
"""Test deleting a claim type that doesn't exist."""
result, out, err = self.runcmd("domain", "claim", "claim-type",
"delete", "--name", "doesNotExist")
self.assertEqual(result, -1)
self.assertIn("Claim type doesNotExist not found.", err)
- def test_claim_type_modify_description(self):
+ def test_modify__description(self):
"""Test modifying a claim type description."""
self.addCleanup(self.delete_claim_type, name="company", force=True)
self.create_claim_type("company", classes=["user"])
claim_type = self.get_claim_type("company")
self.assertEqual(str(claim_type["description"]), "NewDescription")
- def test_claim_type_modify_classes(self):
+ def test_modify__classes(self):
"""Test modify claim type classes."""
schema_dn = self.samdb.get_schema_basedn()
user_dn = f"CN=User,{schema_dn}"
self.assertIn(user_dn, applies_to)
self.assertIn(computer_dn, applies_to)
- def test_claim_type_modify_enable_disable(self):
+ def test_modify__enable_disable(self):
"""Test modify disabling and enabling a claim type."""
self.addCleanup(self.delete_claim_type, name="catalogs", force=True)
self.create_claim_type("catalogs", classes=["user"])
claim_type = self.get_claim_type("catalogs")
self.assertEqual(str(claim_type["Enabled"]), "TRUE")
- def test_claim_type_modify_protect_unprotect(self):
+ def test_modify__protect_unprotect(self):
"""Test modify un-protecting and protecting a claim type."""
self.addCleanup(self.delete_claim_type, name="pager", force=True)
self.create_claim_type("pager", classes=["user"])
desc = utils.get_sd_as_sddl(claim_type["dn"])
self.assertNotIn("(D;;DTSD;;;WD)", desc)
- def test_claim_type_modify_enable_disable_together(self):
+ def test_modify__enable_disable_together(self):
"""Test modify claim type doesn't allow both --enable and --disable."""
self.addCleanup(self.delete_claim_type,
name="businessCategory", force=True)
self.assertEqual(result, -1)
self.assertIn("--enable and --disable cannot be used together.", err)
- def test_claim_type_modify_protect_unprotect_together(self):
+ def test_modify__protect_unprotect_together(self):
"""Test modify claim type using both --protect and --unprotect."""
self.addCleanup(self.delete_claim_type,
name="businessCategory", force=True)
self.assertEqual(result, -1)
self.assertIn("--protect and --unprotect cannot be used together.", err)
- def test_claim_type_modify_notfound(self):
+ def test_modify__notfound(self):
"""Test modify a claim type that doesn't exist."""
result, out, err = self.runcmd("domain", "claim", "claim-type",
"modify", "--name", "doesNotExist",
self.assertEqual(result, -1)
self.assertIn("Claim type doesNotExist not found.", err)
- def test_value_type_list(self):
+
+class ValueTypeCmdTestCase(BaseClaimCmdTest):
+ """Tests for the value-type command."""
+
+ def test_list(self):
"""Test listing claim value types in list format."""
result, out, err = self.runcmd("domain", "claim", "value-type", "list")
self.assertIsNone(result, msg=err)
for value_type in VALUE_TYPES:
self.assertIn(value_type, out)
- def test_value_type_list_json(self):
+ def test_list__json(self):
"""Test listing claim value types in JSON format."""
result, out, err = self.runcmd("domain", "claim", "value-type",
"list", "--json")
for value_type in VALUE_TYPES:
self.assertIn(value_type, value_types)
- def test_value_type_view(self):
+ def test_view(self):
"""Test viewing a single claim value type."""
result, out, err = self.runcmd("domain", "claim", "value-type",
"view", "--name", "Text")
self.assertEqual(value_type["displayName"], "Text")
self.assertEqual(value_type["msDS-ClaimValueType"], 3)
- def test_value_type_view_name_missing(self):
+ def test_view__name_missing(self):
"""Test viewing a claim value type with missing --name is handled."""
result, out, err = self.runcmd("domain", "claim", "value-type", "view")
self.assertEqual(result, -1)
self.assertIn("Argument --name is required.", err)
- def test_value_type_view_notfound(self):
+ def test_view__notfound(self):
"""Test viewing a claim value type that doesn't exist is handled."""
result, out, err = self.runcmd("domain", "claim", "value-type",
"view", "--name", "doesNotExist")
-^samba.tests.samba_tool.domain_claim.samba.tests.samba_tool.domain_claim.ClaimCmdTestCase.test_claim_type_delete_protected\(.*\)
+^samba.tests.samba_tool.domain_claim.samba.tests.samba_tool.domain_claim.ClaimTypeCmdTestCase.test_delete__protected\(.*\)
-^samba.tests.samba_tool.domain_auth_silo.samba.tests.samba_tool.domain_auth_silo.AuthSiloCmdTestCase.test_authentication_silo_delete_protected\(.*\)
-^samba.tests.samba_tool.domain_auth_policy.samba.tests.samba_tool.domain_auth_policy.AuthPolicyCmdTestCase.test_authentication_policy_delete_protected\(.*\)
+^samba.tests.samba_tool.domain_auth_silo.samba.tests.samba_tool.domain_auth_silo.AuthSiloCmdTestCase.test_delete__protected\(.*\)
+^samba.tests.samba_tool.domain_auth_policy.samba.tests.samba_tool.domain_auth_policy.AuthPolicyCmdTestCase.test_delete__protected\(.*\)
projects / thirdparty / samba.git / commitdiff
