| |
@@ -14,13 +14,13 @@
|
| |
from lib389.topologies import topology_st
|
| |
|
| |
from lib389._constants import (DEFAULT_SUFFIX, DN_CONFIG, PASSWORD, DN_DM,
|
| |
- HOST_STANDALONE, PORT_STANDALONE, SERVERID_STANDALONE)
|
| |
+ HOST_STANDALONE, PORT_STANDALONE, SERVERID_STANDALONE)
|
| |
from dateutil.parser import parse as dt_parse
|
| |
import datetime
|
| |
|
| |
CONFIG_ATTR = 'passwordSendExpiringTime'
|
| |
- USER_DN = 'uid=tuser,{:s}'.format(DEFAULT_SUFFIX)
|
| |
- USER_PASSWD = 'secret123'
|
| |
+ USER_DN = 'uid=tuser,{}'.format(DEFAULT_SUFFIX)
|
| |
+ USER_PASSWD = b'secret123'
|
| |
|
| |
logging.getLogger(__name__).setLevel(logging.INFO)
|
| |
log = logging.getLogger(__name__)
|
| |
@@ -37,40 +37,28 @@
|
| |
'passwordMaxAge': '',
|
| |
'passwordWarning': '',
|
| |
CONFIG_ATTR: ''}
|
| |
- try:
|
| |
- log.info('Get the default values')
|
| |
- entry = topology_st.standalone.getEntry(DN_CONFIG, ldap.SCOPE_BASE,
|
| |
- '(objectClass=*)', attrs.keys())
|
| |
|
| |
- for key in attrs.keys():
|
| |
- attrs[key] = entry.getValue(key)
|
| |
-
|
| |
- log.info('Set the new values')
|
| |
- topology_st.standalone.modify_s(DN_CONFIG, [
|
| |
- (ldap.MOD_REPLACE, 'passwordExp', 'on'),
|
| |
- (ldap.MOD_REPLACE, 'passwordMaxAge', '172800'),
|
| |
- (ldap.MOD_REPLACE, 'passwordWarning', '86400'),
|
| |
- (ldap.MOD_REPLACE, CONFIG_ATTR, 'on')])
|
| |
+ log.info('Get the default values')
|
| |
+ entry = topology_st.standalone.getEntry(DN_CONFIG, ldap.SCOPE_BASE,
|
| |
+ '(objectClass=*)', attrs.keys())
|
| |
|
| |
- except ldap.LDAPError as ex:
|
| |
- log.error("Failed to set global password policy, error:{:s}" \
|
| |
- .format(ex.message['desc']))
|
| |
- raise ex
|
| |
+ for key in attrs.keys():
|
| |
+ attrs[key] = entry.getValue(key)
|
| |
|
| |
+ log.info('Set the new values')
|
| |
+ topology_st.standalone.config.replace_many(('passwordExp', 'on'),
|
| |
+ ('passwordMaxAge', '172800'),
|
| |
+ ('passwordWarning', '86400'),
|
| |
+ (CONFIG_ATTR, 'on'))
|
| |
def fin():
|
| |
"""Resets the defaults"""
|
| |
|
| |
- try:
|
| |
- log.info('Reset the defaults')
|
| |
- for key in attrs.keys():
|
| |
- topology_st.standalone.modify_s(DN_CONFIG, [
|
| |
- (ldap.MOD_REPLACE, key, attrs[key])])
|
| |
- except ldap.LDAPError as ex:
|
| |
- log.error("Failed to set defaults, error:{:s}".format(ex.message['desc']))
|
| |
- raise ex
|
| |
+ log.info('Reset the defaults')
|
| |
+ for key in attrs.keys():
|
| |
+ topology_st.standalone.modify_s(DN_CONFIG, [
|
| |
+ (ldap.MOD_REPLACE, key, ensure_bytes(attrs[key]))])
|
| |
|
| |
request.addfinalizer(fin)
|
| |
-
|
| |
# A short sleep is required after the modifying password policy or cn=config
|
| |
time.sleep(0.5)
|
| |
|
| |
@@ -86,40 +74,30 @@
|
| |
'passwordMaxAge': '',
|
| |
'passwordWarning': '',
|
| |
CONFIG_ATTR: ''}
|
| |
- try:
|
| |
- log.info('Get the default values')
|
| |
- entry = topology_st.standalone.getEntry(DN_CONFIG, ldap.SCOPE_BASE,
|
| |
- '(objectClass=*)', attrs.keys())
|
| |
- for key in attrs.keys():
|
| |
- attrs[key] = entry.getValue(key)
|
| |
-
|
| |
- log.info('Set the new values')
|
| |
- topology_st.standalone.modify_s(DN_CONFIG, [
|
| |
- (ldap.MOD_REPLACE, 'passwordExp', 'on'),
|
| |
- (ldap.MOD_REPLACE, 'passwordMaxAge', '8640000'),
|
| |
- (ldap.MOD_REPLACE, 'passwordWarning', '86400'),
|
| |
- (ldap.MOD_REPLACE, CONFIG_ATTR, 'off')])
|
| |
- except ldap.LDAPError as ex:
|
| |
- log.error("Failed to set global password policy, error:{:s}" \
|
| |
- .format(ex.message['desc']))
|
| |
- raise ex
|
| |
+
|
| |
+ log.info('Get the default values')
|
| |
+ entry = topology_st.standalone.getEntry(DN_CONFIG, ldap.SCOPE_BASE,
|
| |
+ '(objectClass=*)', attrs.keys())
|
| |
+ for key in attrs.keys():
|
| |
+ attrs[key] = entry.getValue(key)
|
| |
+
|
| |
+ log.info('Set the new values')
|
| |
+ topology_st.standalone.modify_s(DN_CONFIG, [
|
| |
+ (ldap.MOD_REPLACE, 'passwordExp', b'on'),
|
| |
+ (ldap.MOD_REPLACE, 'passwordMaxAge', b'8640000'),
|
| |
+ (ldap.MOD_REPLACE, 'passwordWarning', b'86400'),
|
| |
+ (ldap.MOD_REPLACE, CONFIG_ATTR, b'off')])
|
| |
|
| |
def fin():
|
| |
"""Resets the defaults"""
|
| |
|
| |
log.info('Reset the defaults')
|
| |
- try:
|
| |
- for key in attrs.keys():
|
| |
- topology_st.standalone.modify_s(DN_CONFIG, [
|
| |
- (ldap.MOD_REPLACE, key, attrs[key])
|
| |
- ])
|
| |
- except ldap.LDAPError as ex:
|
| |
- log.error("Failed to reset defaults, error:{:s}" \
|
| |
- .format(ex.message['desc']))
|
| |
- raise ex
|
| |
+ for key in attrs.keys():
|
| |
+ topology_st.standalone.modify_s(DN_CONFIG, [
|
| |
+ (ldap.MOD_REPLACE, key, ensure_bytes(attrs[key]))
|
| |
+ ])
|
| |
|
| |
request.addfinalizer(fin)
|
| |
-
|
| |
# A short sleep is required after modifying password policy or cn=config
|
| |
time.sleep(0.5)
|
| |
|
| |
@@ -128,29 +106,21 @@
|
| |
def add_user(topology_st, request):
|
| |
"""Adds a user for binding"""
|
| |
|
| |
- user_data = {'objectClass': 'top person inetOrgPerson'.split(),
|
| |
- 'uid': 'tuser',
|
| |
- 'cn': 'test user',
|
| |
- 'sn': 'user',
|
| |
+ user_data = {'objectClass': b'top person inetOrgPerson'.split(),
|
| |
+ 'uid': b'tuser',
|
| |
+ 'cn': b'test user',
|
| |
+ 'sn': b'user',
|
| |
'userPassword': USER_PASSWD}
|
| |
|
| |
log.info('Add the user')
|
| |
- try:
|
| |
- topology_st.standalone.add_s(Entry((USER_DN, user_data)))
|
| |
- except ldap.LDAPError as ex:
|
| |
- log.error("Failed to add user, error:{:s}".format(ex.message['desc']))
|
| |
- raise ex
|
| |
+
|
| |
+ topology_st.standalone.add_s(Entry((USER_DN, user_data)))
|
| |
|
| |
def fin():
|
| |
"""Removes the user entry"""
|
| |
|
| |
log.info('Remove the user entry')
|
| |
- try:
|
| |
- topology_st.standalone.delete_s(USER_DN)
|
| |
- except ldap.LDAPError as ex:
|
| |
- log.error("Failed to remove user, error:{:s}" \
|
| |
- .format(ex.message['desc']))
|
| |
- raise ex
|
| |
+ topology_st.standalone.delete_s(USER_DN)
|
| |
|
| |
request.addfinalizer(fin)
|
| |
|
| |
@@ -159,18 +129,13 @@
|
| |
def local_policy(topology_st, add_user):
|
| |
"""Sets fine grained policy for user entry"""
|
| |
|
| |
- log.info("Setting fine grained policy for user ({:s})".format(USER_DN))
|
| |
- try:
|
| |
- subprocess.call(['%s/ns-newpwpolicy.pl' % topology_st.standalone.get_sbin_dir(),
|
| |
- '-D', DN_DM,
|
| |
- '-w', PASSWORD, '-h', HOST_STANDALONE,
|
| |
- '-p', str(PORT_STANDALONE), '-U', USER_DN,
|
| |
- '-Z', SERVERID_STANDALONE])
|
| |
- except subprocess.CalledProcessError as ex:
|
| |
- log.error("Failed to set fine grained policy, error:{:s}" \
|
| |
- .format(str(ex)))
|
| |
- raise ex
|
| |
+ log.info("Setting fine grained policy for user ({})".format(USER_DN))
|
| |
|
| |
+ subprocess.call(['%s/ns-newpwpolicy.pl' % topology_st.standalone.get_sbin_dir(),
|
| |
+ '-D', DN_DM,
|
| |
+ '-w', PASSWORD, '-h', HOST_STANDALONE,
|
| |
+ '-p', str(PORT_STANDALONE), '-U', USER_DN,
|
| |
+ '-Z', SERVERID_STANDALONE])
|
| |
# A short sleep is required after modifying password policy
|
| |
time.sleep(0.5)
|
| |
|
| |
@@ -182,20 +147,11 @@
|
| |
result_id = ''
|
| |
|
| |
log.info('Bind with the user and request the password expiry warning time')
|
| |
- try:
|
| |
- result_id = topology_st.standalone.simple_bind(USER_DN, USER_PASSWD,
|
| |
- serverctrls=[PasswordPolicyControl()])
|
| |
- res_type, res_data, res_msgid, res_ctrls = \
|
| |
- topology_st.standalone.result3(result_id)
|
| |
-
|
| |
- # This exception will be thrown when the user's password has expired
|
| |
- except ldap.INVALID_CREDENTIALS as ex:
|
| |
- raise ex
|
| |
- except ldap.LDAPError as ex:
|
| |
- log.error("Failed to get password expiry warning time, error:{:s}" \
|
| |
- .format(ex.message['desc']))
|
| |
- raise ex
|
| |
|
| |
+ result_id = topology_st.standalone.simple_bind(USER_DN, USER_PASSWD,
|
| |
+ serverctrls=[PasswordPolicyControl()])
|
| |
+ res_type, res_data, res_msgid, res_ctrls = \
|
| |
+ topology_st.standalone.result3(result_id)
|
| |
# Return the control
|
| |
return res_ctrls
|
| |
|
| |
@@ -203,14 +159,8 @@
|
| |
def set_conf_attr(topology_st, attr, val):
|
| |
"""Sets the value of a given attribute under cn=config"""
|
| |
|
| |
- log.info("Setting {:s} to {:s}".format(attr, val))
|
| |
- try:
|
| |
- topology_st.standalone.modify_s(DN_CONFIG, [(ldap.MOD_REPLACE, attr, val)])
|
| |
- except ldap.LDAPError as ex:
|
| |
- log.error("Failed to set {:s} to {:s} error:{:s}" \
|
| |
- .format(attr, val, ex.message['desc']))
|
| |
- raise ex
|
| |
-
|
| |
+ log.info("Setting {} to {}".format(attr, val))
|
| |
+ topology_st.standalone.modify_s(DN_CONFIG, [(ldap.MOD_REPLACE, attr, ensure_bytes(val))])
|
| |
# A short sleep is required after modifying cn=config
|
| |
time.sleep(0.5)
|
| |
|
| |
@@ -220,15 +170,9 @@
|
| |
attribute under cn=config entry
|
| |
"""
|
| |
|
| |
- try:
|
| |
- entry = topology_st.standalone.getEntry(DN_CONFIG, ldap.SCOPE_BASE,
|
| |
- '(objectClass=*)', [attr])
|
| |
- val = entry.getValue(attr)
|
| |
- except ldap.LDAPError as ex:
|
| |
- log.error("Failed to get the value of {:s}, error:{:s}" \
|
| |
- .format(attr, ex.message['desc']))
|
| |
- raise ex
|
| |
-
|
| |
+ entry = topology_st.standalone.getEntry(DN_CONFIG, ldap.SCOPE_BASE,
|
| |
+ '(objectClass=*)', [attr])
|
| |
+ val = entry.getValue(attr)
|
| |
# Return the value if no exeception is raised
|
| |
return val
|
| |
|
| |
@@ -265,7 +209,7 @@
|
| |
log.info('Now check the value is unchanged')
|
| |
assert get_conf_attr(topology_st, CONFIG_ATTR) == defval
|
| |
|
| |
- log.info("Invalid value {:s} was rejected correctly".format(value))
|
| |
+ log.info("Invalid value {} was rejected correctly".format(value))
|
| |
else:
|
| |
log.info('A valid value is being tested')
|
| |
set_conf_attr(topology_st, CONFIG_ATTR, value)
|
| |
@@ -273,7 +217,53 @@
|
| |
log.info('Now check that the value has been changed')
|
| |
assert get_conf_attr(topology_st, CONFIG_ATTR) == value
|
| |
|
| |
- log.info("{:s} is now set to {:s}".format(CONFIG_ATTR, value))
|
| |
+ log.info("{} is now set to {}".format(CONFIG_ATTR, value))
|
| |
+
|
| |
+ log.info('Set passwordSendExpiringTime back to the default value')
|
| |
+ set_conf_attr(topology_st, CONFIG_ATTR, defval)
|
| |
+
|
| |
+
|
| |
+ @pytest.mark.parametrize("value", (' ', 'junk123', 'on', 'off'))
|
| |
+ def test_different_values(topology_st, value):
|
| |
+ """Try to set passwordSendExpiringTime attribute
|
| |
+ to various values both valid and invalid
|
| |
+
|
| |
+ :id: 3e6d79fb-b4c8-4860-897e-5b207815a75d
|
| |
+ :setup: Standalone instance
|
| |
+ :steps:
|
| |
+ 1. Try to set passwordSendExpiringTime to 'on' and 'off'
|
| |
+ under cn=config entry
|
| |
+ 2. Try to set passwordSendExpiringTime to ' ' and 'junk123'
|
| |
+ under cn=config entry
|
| |
+ 3. Run the search command to check the
|
| |
+ value of passwordSendExpiringTime attribute
|
| |
+ :expectedresults:
|
| |
+ 1. Valid values should be accepted and saved
|
| |
+ 2. Should be rejected with an OPERATIONS_ERROR
|
| |
+ 3. The attribute should be changed for valid values
|
| |
+ and unchanged for invalid
|
| |
+ """
|
| |
+
|
| |
+ log.info('Get the default value')
|
| |
+ defval = get_conf_attr(topology_st, CONFIG_ATTR)
|
| |
+
|
| |
+ if value not in ('on', 'off'):
|
| |
+ log.info('An invalid value is being tested')
|
| |
+ with pytest.raises(ldap.OPERATIONS_ERROR):
|
| |
+ set_conf_attr(topology_st, CONFIG_ATTR, value)
|
| |
+
|
| |
+ log.info('Now check the value is unchanged')
|
| |
+ assert get_conf_attr(topology_st, CONFIG_ATTR) == defval
|
| |
+
|
| |
+ log.info("Invalid value {} was rejected correctly".format(value))
|
| |
+ else:
|
| |
+ log.info('A valid value is being tested')
|
| |
+ set_conf_attr(topology_st, CONFIG_ATTR, value)
|
| |
+
|
| |
+ log.info('Now check that the value has been changed')
|
| |
+ assert str(get_conf_attr(topology_st, CONFIG_ATTR), 'utf-8') == value
|
| |
+
|
| |
+ log.info("{} is now set to {}".format(CONFIG_ATTR, value))
|
| |
|
| |
log.info('Set passwordSendExpiringTime back to the default value')
|
| |
set_conf_attr(topology_st, CONFIG_ATTR, defval)
|
| |
@@ -301,20 +291,20 @@
|
| |
"""
|
| |
|
| |
res_ctrls = None
|
| |
- try:
|
| |
- log.info('Get the password expiry warning time')
|
| |
- log.info("Binding with ({:s}) and requesting the password expiry warning time" \
|
| |
- .format(USER_DN))
|
| |
- res_ctrls = get_password_warning(topology_st)
|
| |
|
| |
- log.info('Check whether the time is returned')
|
| |
- assert res_ctrls
|
| |
+ log.info('Get the password expiry warning time')
|
| |
+ log.info("Binding with ({}) and requesting the password expiry warning time" \
|
| |
+ .format(USER_DN))
|
| |
+ res_ctrls = get_password_warning(topology_st)
|
| |
+
|
| |
+ log.info('Check whether the time is returned')
|
| |
+ assert res_ctrls
|
| |
+
|
| |
+ log.info("user's password will expire in {:d} seconds" \
|
| |
+ .format(res_ctrls[0].timeBeforeExpiration))
|
| |
|
| |
- log.info("user's password will expire in {:d} seconds" \
|
| |
- .format(res_ctrls[0].timeBeforeExpiration))
|
| |
- finally:
|
| |
- log.info("Rebinding as DM")
|
| |
- topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
+ log.info("Rebinding as DM")
|
| |
+ topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
|
| |
|
| |
@pytest.mark.parametrize("attr,val", [(CONFIG_ATTR, 'off'),
|
| |
@@ -344,24 +334,23 @@
|
| |
4. Bind should be successful
|
| |
"""
|
| |
|
| |
- try:
|
| |
- log.info('Set configuration parameter')
|
| |
- set_conf_attr(topology_st, attr, val)
|
| |
+ log.info('Set configuration parameter')
|
| |
+ set_conf_attr(topology_st, attr, val)
|
| |
|
| |
- log.info("Binding with ({:s}) and requesting password expiry warning time" \
|
| |
- .format(USER_DN))
|
| |
- res_ctrls = get_password_warning(topology_st)
|
| |
+ log.info("Binding with ({}) and requesting password expiry warning time" \
|
| |
+ .format(USER_DN))
|
| |
+ res_ctrls = get_password_warning(topology_st)
|
| |
+
|
| |
+ log.info('Check the state of the control')
|
| |
+ if not res_ctrls:
|
| |
+ log.info("Password Expiry warning time is not returned as {} is set to {}" \
|
| |
+ .format(attr, val))
|
| |
+ else:
|
| |
+ log.info("({}) password will expire in {:d} seconds" \
|
| |
+ .format(USER_DN, res_ctrls[0].timeBeforeExpiration))
|
| |
|
| |
- log.info('Check the state of the control')
|
| |
- if not res_ctrls:
|
| |
- log.info("Password Expiry warning time is not returned as {:s} is set to {:s}" \
|
| |
- .format(attr, val))
|
| |
- else:
|
| |
- log.info("({:s}) password will expire in {:d} seconds" \
|
| |
- .format(USER_DN, res_ctrls[0].timeBeforeExpiration))
|
| |
- finally:
|
| |
- log.info("Rebinding as DM")
|
| |
- topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
+ log.info("Rebinding as DM")
|
| |
+ topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
|
| |
|
| |
def test_with_different_password_states(topology_st, global_policy, add_user):
|
| |
@@ -396,40 +385,38 @@
|
| |
log.info("Expire user's password by changing" \
|
| |
"passwordExpirationTime timestamp")
|
| |
old_ts = topology_st.standalone.search_s(USER_DN, ldap.SCOPE_SUBTREE,
|
| |
- '(objectClass=*)', ['passwordExpirationTime'])[0].getValue('passwordExpirationTime')
|
| |
- log.info("Old passwordExpirationTime: {:s}".format(old_ts))
|
| |
+ '(objectClass=*)', ['passwordExpirationTime'])[0].getValue(
|
| |
+ 'passwordExpirationTime')
|
| |
+ log.info("Old passwordExpirationTime: {}".format(old_ts))
|
| |
new_ts = (dt_parse(old_ts) - datetime.timedelta(31)).strftime('%Y%m%d%H%M%SZ')
|
| |
- log.info("New passwordExpirationTime: {:s}".format(new_ts))
|
| |
- topology_st.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'passwordExpirationTime', new_ts)])
|
| |
+ log.info("New passwordExpirationTime: {}".format(new_ts))
|
| |
+ topology_st.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'passwordExpirationTime', ensure_bytes(new_ts))])
|
| |
|
| |
- try:
|
| |
- log.info("Attempting to bind with user {:s} and retrive the password" \
|
| |
- " expiry warning time".format(USER_DN))
|
| |
- with pytest.raises(ldap.INVALID_CREDENTIALS) as ex:
|
| |
- res_ctrls = get_password_warning(topology_st)
|
| |
+ log.info("Attempting to bind with user {} and retrive the password" \
|
| |
+ " expiry warning time".format(USER_DN))
|
| |
+ with pytest.raises(ldap.INVALID_CREDENTIALS) as ex:
|
| |
+ res_ctrls = get_password_warning(topology_st)
|
| |
|
| |
- log.info("Bind Failed, error: {:s}".format(str(ex)))
|
| |
+ log.info("Bind Failed, error: {}".format(str(ex)))
|
| |
|
| |
- finally:
|
| |
- log.info("Rebinding as DM")
|
| |
- topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
+ log.info("Rebinding as DM")
|
| |
+ topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
|
| |
log.info("Reverting back user's passwordExpirationTime")
|
| |
- topology_st.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'passwordExpirationTime', old_ts)])
|
| |
+ topology_st.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'passwordExpirationTime', ensure_bytes(old_ts))])
|
| |
|
| |
- try:
|
| |
- log.info("Rebinding with {:s} and retrieving the password" \
|
| |
- " expiry warning time".format(USER_DN))
|
| |
- res_ctrls = get_password_warning(topology_st)
|
| |
+ log.info("Rebinding with {} and retrieving the password" \
|
| |
+ " expiry warning time".format(USER_DN))
|
| |
+ res_ctrls = get_password_warning(topology_st)
|
| |
|
| |
- log.info('Check that the control is returned')
|
| |
- assert res_ctrls
|
| |
+ log.info('Check that the control is returned')
|
| |
+ assert res_ctrls
|
| |
|
| |
- log.info("user's password will expire in {:d} seconds" \
|
| |
- .format(res_ctrls[0].timeBeforeExpiration))
|
| |
- finally:
|
| |
- log.info("Rebinding as DM")
|
| |
- topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
+ log.info("user's password will expire in {:d} seconds" \
|
| |
+ .format(res_ctrls[0].timeBeforeExpiration))
|
| |
+
|
| |
+ log.info("Rebinding as DM")
|
| |
+ topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
|
| |
|
| |
def test_default_behavior(topology_st, global_policy_default, add_user):
|
| |
@@ -453,17 +440,16 @@
|
| |
"""
|
| |
|
| |
res_ctrls = None
|
| |
- try:
|
| |
- log.info("Binding with {:s} and requesting the password expiry warning time" \
|
| |
- .format(USER_DN))
|
| |
- res_ctrls = get_password_warning(topology_st)
|
| |
|
| |
- log.info('Check that no control is returned')
|
| |
- assert not res_ctrls
|
| |
+ log.info("Binding with {} and requesting the password expiry warning time" \
|
| |
+ .format(USER_DN))
|
| |
+ res_ctrls = get_password_warning(topology_st)
|
| |
|
| |
- finally:
|
| |
- log.info("Rebinding as DM")
|
| |
- topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
+ log.info('Check that no control is returned')
|
| |
+ assert not res_ctrls
|
| |
+
|
| |
+ log.info("Rebinding as DM")
|
| |
+ topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
|
| |
|
| |
def test_when_maxage_and_warning_are_the_same(topology_st, global_policy_default, add_user):
|
| |
@@ -492,28 +478,27 @@
|
| |
"""
|
| |
|
| |
log.info('Set the new values')
|
| |
- topology_st.standalone.modify_s(DN_CONFIG, [
|
| |
- (ldap.MOD_REPLACE, 'passwordMaxAge', '86400')])
|
| |
+ topology_st.standalone.config.set('passwordMaxAge', '86400')
|
| |
res_ctrls = None
|
| |
- try:
|
| |
- log.info("First change user's password to reset its password expiration time")
|
| |
- topology_st.standalone.simple_bind_s(USER_DN, USER_PASSWD)
|
| |
-
|
| |
- topology_st.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE,
|
| |
- 'userPassword', USER_PASSWD)])
|
| |
- log.info("Binding with {:s} and requesting the password expiry warning time" \
|
| |
- .format(USER_DN))
|
| |
- res_ctrls = get_password_warning(topology_st)
|
| |
|
| |
- log.info('Check that control is returned even'
|
| |
- 'if passwordSendExpiringTime is set to off')
|
| |
- assert res_ctrls
|
| |
+ log.info("First change user's password to reset its password expiration time")
|
| |
+ topology_st.standalone.simple_bind_s(USER_DN, USER_PASSWD)
|
| |
+
|
| |
+ topology_st.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE,
|
| |
+ 'userPassword', ensure_bytes(USER_PASSWD))])
|
| |
+ log.info("Binding with {} and requesting the password expiry warning time" \
|
| |
+ .format(USER_DN))
|
| |
+ res_ctrls = get_password_warning(topology_st)
|
| |
+
|
| |
+ log.info('Check that control is returned even'
|
| |
+ 'if passwordSendExpiringTime is set to off')
|
| |
+ assert res_ctrls
|
| |
|
| |
- log.info("user's password will expire in {:d} seconds" \
|
| |
- .format(res_ctrls[0].timeBeforeExpiration))
|
| |
- finally:
|
| |
- log.info("Rebinding as DM")
|
| |
- topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
+ log.info("user's password will expire in {:d} seconds" \
|
| |
+ .format(res_ctrls[0].timeBeforeExpiration))
|
| |
+
|
| |
+ log.info("Rebinding as DM")
|
| |
+ topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
|
| |
|
| |
def test_with_local_policy(topology_st, global_policy, local_policy):
|
| |
@@ -538,18 +523,18 @@
|
| |
"""
|
| |
|
| |
res_ctrls = None
|
| |
- try:
|
| |
- log.info("Attempting to get password expiry warning time for" \
|
| |
- " user {:s}".format(USER_DN))
|
| |
- res_ctrls = get_password_warning(topology_st)
|
| |
|
| |
- log.info('Check that the control is not returned')
|
| |
- assert not res_ctrls
|
| |
+ log.info("Attempting to get password expiry warning time for" \
|
| |
+ " user {}".format(USER_DN))
|
| |
+ res_ctrls = get_password_warning(topology_st)
|
| |
+
|
| |
+ log.info('Check that the control is not returned')
|
| |
+ assert not res_ctrls
|
| |
+
|
| |
+ log.info("Password expiry warning time is not returned")
|
| |
|
| |
- log.info("Password expiry warning time is not returned")
|
| |
- finally:
|
| |
- log.info("Rebinding as DM")
|
| |
- topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
+ log.info("Rebinding as DM")
|
| |
+ topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
|
| |
|
| |
|
| |
if __name__ == '__main__':
|
| |
Description: Added py3 support by explicitly changing strings to bytes.
https://pagure.io/389-ds-base/issue/49585
Reviewed by: ?