PR#49708: Issue 49381 - Add docstrings to plugin test suites - Part 1 - 389-ds-base

389-ds-base

#49708 Issue 49381 - Add docstrings to plugin test suites - Part 1

Closed 3 years ago by spichugi. Opened 5 years ago by spichugi.

spichugi/389-ds-base plugin_docs into master

Issue 49381 - Add docstrings to plugin test suites - Part 1

Simon Pichugin • 5 years ago

791e5aa

dirsrvtests/tests/suites/dynamic_plugins/dynamic_plugins_test.py

file modified

+86 -12

		`@@ -71,10 +71,24 @@`
		`"""Exercise each plugin and its main features, while`
		`changing the configuration without restarting the server.`

		`- Make sure that as configuration changes are made they take`
		`- effect immediately. Cross plugin interaction (e.g. automember/memberOf)`
		`- needs to tested, as well as plugin tasks. Need to test plugin`
		`- config validation(dependencies, etc).`
		`+ :id: 96136538-0151-4b09-9933-0e0cbf2c786c`
		`+ :setup: 2 Master Instances`
		`+ :steps:`
		`+ 1. Pause all replication`
		`+ 2. Set nsslapd-dynamic-plugins to on`
		`+ 3. Try to update LDBM config entry`
		`+ 4. Go through all plugin basic functionality`
		`+ 5. Resume replication`
		`+ 6. Go through all plugin basic functionality again`
		`+ 7. Check that data in sync and replication is working`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`"""`

		`m1 = topology_m2.ms["master1"]`
		`@@ -126,9 +140,32 @@`


		`def test_memory_corruption(topology_m2):`
		`- """Memory Corruption - Restart the plugins many times, and in different orders and test`
		`- functionality, and stability. This will excerise the internal`
		`- plugin linked lists, dse callbacks, and task handlers.`
		`+ """Check the plugins for memory corruption issues while`
		`+ dynamic plugins option is enabled`
		`+`
		`+ :id: 96136538-0151-4b09-9933-0e0cbf2c7862`
		`+ :setup: 2 Master Instances`
		`+ :steps:`
		`+ 1. Pause all replication`
		`+ 2. Set nsslapd-dynamic-plugins to on`
		`+ 3. Try to update LDBM config entry`
		`+ 4. Restart the plugin many times in a linked list fashion`
		`+ restarting previous and preprevious plugins in the list of all plugins`
		`+ 5. Run the functional test`
		`+ 6. Repeat 4 and 5 steps for all plugins`
		`+ 7. Resume replication`
		`+ 8. Go through 4-6 steps once more`
		`+ 9. Check that data in sync and replication is working`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`"""`


		`@@ -205,11 +242,48 @@`


		`def test_stress(topology_m2):`
		`- """Test dynamic plugins got`
		`-`
		`- Stress - Put the server under load that will trigger multiple plugins(MO, RI, DNA, etc)`
		`- Restart various plugins while these operations are going on. Perform this test`
		`- 5 times(stress_max_run).`
		`+ """Test plugins while under a big load. Perform the test 5 times`
		`+`
		`+ :id: 96136538-0151-4b09-9933-0e0cbf2c7863`
		`+ :setup: 2 Master Instances`
		`+ :steps:`
		`+ 1. Pause all replication`
		`+ 2. Set nsslapd-dynamic-plugins to on`
		`+ 3. Try to update LDBM config entry`
		`+ 4. Do one run through all tests`
		`+ 5. Enable Referential integrity and MemberOf plugins`
		`+ 6. Launch three new threads to add a bunch of users`
		`+ 7. While we are adding users restart the MemberOf and`
		`+ Linked Attributes plugins many times`
		`+ 8. Wait for the 'adding' threads to complete`
		`+ 9. Now launch three threads to delete the users`
		`+ 10. Restart both the MemberOf, Referential integrity and`
		`+ Linked Attributes plugins during these deletes`
		`+ 11. Wait for the 'deleting' threads to complete`
		`+ 12. Now make sure both the MemberOf and Referential integrity plugins still work correctly`
		`+ 13. Cleanup the stress tests (delete the group entry)`
		`+ 14. Perform 4-13 steps five times`
		`+ 15. Resume replication`
		`+ 16. Go through 4-14 steps once more`
		`+ 17. Check that data in sync and replication is working`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ 12. Success`
		`+ 13. Success`
		`+ 14. Success`
		`+ 15. Success`
		`+ 16. Success`
		`+ 17. Success`
		`"""`

		`m1 = topology_m2.ms["master1"]`

dirsrvtests/tests/suites/plugins/acceptance_test.py

file modified

+446 -62

		`@@ -47,11 +47,6 @@`
		`'''`


		`- ################################################################################`
		`- #`
		`- # Test Plugin Dependency`
		`- #`
		`- ################################################################################`
		`def check_dependency(inst, plugin, online=True):`
		`"""Set the "account usability" plugin to depend on this plugin.`
		`This plugin is generic, always enabled, and perfect for our testing`
		`@@ -75,12 +70,37 @@`
		`inst.start()`


		`- ################################################################################`
		`- #`
		`- # Test Account Policy Plugin (0)`
		`- #`
		`- ################################################################################`
		`def test_acctpolicy(topo, args=None):`
		`+ """Test Account policy basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d829`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Add a config entry for 'lastLoginTime'`
		`+ 4. Add a user`
		`+ 5. Bind as the user`
		`+ 6. Check testLastLoginTime was added to the user`
		`+ 7. Replace 'stateattrname': 'testLastLoginTime'`
		`+ 8. Bind as the user`
		`+ 9. Check testLastLoginTime was added to the user`
		`+ 10. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 11. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`
		`@@ -162,12 +182,37 @@`
		`return`


		`- ################################################################################`
		`- #`
		`- # Test Attribute Uniqueness Plugin (1)`
		`- #`
		`- ################################################################################`
		`def test_attruniq(topo, args=None):`
		`+ """Test Attribute uniqueness basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d801`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Add a user: with 'mail' and 'mailAlternateAddress' attributes`
		`+ 4. Replace 'uniqueness-attribute-name': 'cn'`
		`+ 5. Try to add a user with the same 'cn'`
		`+ 6. Replace 'uniqueness-attribute-name': 'mail'`
		`+ 7. Try to add a user with the same 'mail'`
		`+ 8. Add 'uniqueness-attribute-name': 'mailAlternateAddress'`
		`+ 9. Try to add a user with the same 'mailAlternateAddress'`
		`+ 10. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 11. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Should fail`
		`+ 6. Success`
		`+ 7. Should fail`
		`+ 8. Success`
		`+ 9. Should fail`
		`+ 10. Success`
		`+ 11. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`
		`@@ -284,12 +329,50 @@`
		`return`


		`- ################################################################################`
		`- #`
		`- # Test Auto Membership Plugin (2)`
		`- #`
		`- ################################################################################`
		`def test_automember(topo, args=None):`
		`+ """Test Auto Membership basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d802`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Add a group`
		`+ 4. Add two Organisation Units entries`
		`+ 5. Add a config entry for the group and one branch`
		`+ 6. Add a user that should get added to the group`
		`+ 7. Check the entry is in group`
		`+ 8. Set groupattr to 'uniquemember:dn' and scope to branch2`
		`+ 9. Add a user that should get added to the group`
		`+ 10. Check the group`
		`+ 11. Disable plugin and restart`
		`+ 12. Add an entry that should be picked up by automember`
		`+ 13. Verify that the entry is not picked up by automember (yet)`
		`+ 14. Check the group - uniquemember should not exist`
		`+ 15. Enable plugin and restart`
		`+ 16. Verify the fixup task worked`
		`+ 17. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 18. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ 12. Success`
		`+ 13. Success`
		`+ 14. Success`
		`+ 15. Success`
		`+ 16. Success`
		`+ 17. Success`
		`+ 18. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`
		`@@ -304,8 +387,6 @@`
		`if args is None:`
		`inst.restart()`

		`- CONFIG_DN = 'cn=config,cn=' + PLUGIN_AUTOMEMBER + ',cn=plugins,cn=config'`
		`-`
		`log.info('Testing ' + PLUGIN_AUTOMEMBER + '...')`

		`############################################################################`
		`@@ -413,12 +494,38 @@`
		`return`


		`- ################################################################################`
		`- #`
		`- # Test DNA Plugin (3)`
		`- #`
		`- ################################################################################`
		`def test_dna(topo, args=None):`
		`+ """Test DNA basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d803`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Configure plugin for uidNumber`
		`+ 4. Add a user`
		`+ 5. See if the entry now has the new uidNumber assignment - uidNumber=1`
		`+ 6. Test the magic regen value`
		`+ 7. See if the entry now has the new uidNumber assignment - uidNumber=2`
		`+ 8. Set 'dnaMagicRegen': '-2'`
		`+ 9. Test the magic regen value`
		`+ 10. See if the entry now has the new uidNumber assignment - uidNumber=3`
		`+ 11. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 12. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 12. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`
		`@@ -507,12 +614,61 @@`
		`return`


		`- ################################################################################`
		`- #`
		`- # Test Linked Attrs Plugin (4)`
		`- #`
		`- ################################################################################`
		`def test_linkedattrs(topo, args=None):`
		`+ """Test Linked Attributes basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d804`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Add a config entry for directReport`
		`+ 4. Add test entries`
		`+ 5. Add the linked attrs config entry`
		`+ 6. User1 - Set "directReport" to user2`
		`+ 7. See if manager was added to the other entry`
		`+ 8. User1 - Remove "directReport"`
		`+ 9. See if manager was removed`
		`+ 10. Change the config - using linkType "indirectReport" now`
		`+ 11. Make sure the old linkType(directManager) is not working`
		`+ 12. See if manager was added to the other entry, better not be...`
		`+ 13. Now, set the new linkType "indirectReport", which should add "manager" to the other entry`
		`+ 14. See if manager was added to the other entry, better not be`
		`+ 15. Remove "indirectReport" should remove "manager" to the other entry`
		`+ 16. See if manager was removed`
		`+ 17. Disable plugin and make some updates that would of triggered the plugin`
		`+ 18. The entry should not have a manager attribute`
		`+ 19. Enable the plugin and rerun the task entry`
		`+ 20. Add the task again`
		`+ 21. Check if user2 now has a manager attribute now`
		`+ 22. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 23. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ 12. Success`
		`+ 13. Success`
		`+ 14. Success`
		`+ 15. Success`
		`+ 16. Success`
		`+ 17. Success`
		`+ 18. Success`
		`+ 19. Success`
		`+ 20. Success`
		`+ 21. Success`
		`+ 22. Success`
		`+ 23. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`
		`@@ -642,12 +798,81 @@`
		`return`


		`- ################################################################################`
		`- #`
		`- # Test MemberOf Plugin (5)`
		`- #`
		`- ################################################################################`
		`def test_memberof(topo, args=None):`
		`+ """Test MemberOf basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d805`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Replace groupattr with 'member'`
		`+ 4. Add our test entries`
		`+ 5. Check if the user now has a "memberOf" attribute`
		`+ 6. Remove "member" should remove "memberOf" from the entry`
		`+ 7. Check that "memberOf" was removed`
		`+ 8. Replace 'memberofgroupattr': 'uniquemember'`
		`+ 9. Replace 'uniquemember': user1`
		`+ 10. Check if the user now has a "memberOf" attribute`
		`+ 11. Remove "uniquemember" should remove "memberOf" from the entry`
		`+ 12. Check that "memberOf" was removed`
		`+ 13. The shared config entry uses "member" - the above test uses "uniquemember"`
		`+ 14. Delete the test entries then read them to start with a clean slate`
		`+ 15. Check if the user now has a "memberOf" attribute`
		`+ 16. Check that "memberOf" was removed`
		`+ 17. Replace 'memberofgroupattr': 'uniquemember'`
		`+ 18. Check if the user now has a "memberOf" attribute`
		`+ 19. Remove "uniquemember" should remove "memberOf" from the entry`
		`+ 20. Check that "memberOf" was removed`
		`+ 21. Replace 'memberofgroupattr': 'member'`
		`+ 22. Remove shared config from plugin`
		`+ 23. Check if the user now has a "memberOf" attribute`
		`+ 24. Remove "uniquemember" should remove "memberOf" from the entry`
		`+ 25. Check that "memberOf" was removed`
		`+ 26. First change the plugin to use uniquemember`
		`+ 27. Add uniquemember, should not update user1`
		`+ 28. Check for "memberOf"`
		`+ 29. Enable memberof plugin`
		`+ 30. Run the task and validate that it worked`
		`+ 31. Check for "memberOf"`
		`+ 32. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 33. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ 12. Success`
		`+ 13. Success`
		`+ 14. Success`
		`+ 15. Success`
		`+ 16. Success`
		`+ 17. Success`
		`+ 18. Success`
		`+ 19. Success`
		`+ 20. Success`
		`+ 21. Success`
		`+ 22. Success`
		`+ 23. Success`
		`+ 24. Success`
		`+ 25. Success`
		`+ 26. Success`
		`+ 27. Success`
		`+ 28. Success`
		`+ 29. Success`
		`+ 30. Success`
		`+ 31. Success`
		`+ 32. Success`
		`+ 33. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`
		`@@ -853,12 +1078,37 @@`
		`return`


		`- ################################################################################`
		`- #`
		`- # Test Managed Entry Plugin (6)`
		`- #`
		`- ################################################################################`
		`def test_mep(topo, args=None):`
		`+ """Test Managed Entries basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d806`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Add our org units`
		`+ 4. Set up config entry and template entry for the org units`
		`+ 5. Add an entry that meets the MEP scope`
		`+ 6. Check if a managed group entry was created`
		`+ 7. Add a new template entry`
		`+ 8. Add an entry that meets the MEP scope`
		`+ 9. Check if a managed group entry was created`
		`+ 10. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 11. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`
		`@@ -955,12 +1205,41 @@`
		`return`


		`- ################################################################################`
		`- #`
		`- # Test Passthru Plugin (7)`
		`- #`
		`- ################################################################################`
		`def test_passthru(topo, args=None):`
		`+ """Test Passthrough Authentication basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d807`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Stop the plugin`
		`+ 2. Restart the instance`
		`+ 3. Create a second backend`
		`+ 4. Create the top of the tree`
		`+ 5. Add user to suffix1`
		`+ 6. Configure and start plugin`
		`+ 7. Login as user`
		`+ 8. Login as root DN`
		`+ 9. Replace 'nsslapd-pluginarg0': ldap uri for second instance`
		`+ 10. Login as user`
		`+ 11. Login as root DN`
		`+ 12. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 13. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ 12. Success`
		`+ 13. Success`
		`+ """`
		`+`
		`inst1 = topo[0]`
		`inst2 = topo[1]`

		`@@ -1061,12 +1340,67 @@`
		`return`


		`- ################################################################################`
		`- #`
		`- # Test Referential Integrity Plugin (8)`
		`- #`
		`- ################################################################################`
		`def test_referint(topo, args=None):`
		`+ """Test Referential Integrity basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d808`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Replace 'referint-membership-attr': 'member'`
		`+ 4. Add some users and a group`
		`+ 5. Grab the referint log file from the plugin`
		`+ 6. Add shared config entry`
		`+ 7. Delete one user`
		`+ 8. Check for integrity`
		`+ 9. Replace 'referint-membership-attr': 'uniquemember'`
		`+ 10. Delete second user`
		`+ 11. Check for integrity`
		`+ 12. The shared config entry uses "member" - the above test used "uniquemember"`
		`+ 13. Recreate users and a group`
		`+ 14. Delete one user`
		`+ 15. Check for integrity`
		`+ 16. Change the shared config entry to use 'uniquemember' and test the plugin`
		`+ 17. Delete second user`
		`+ 18. Check for integrity`
		`+ 19. First change the plugin to use member before we move the shared config that uses uniquemember`
		`+ 20. Remove shared config from plugin`
		`+ 21. Add test user`
		`+ 22. Add user to group`
		`+ 23. Delete a user`
		`+ 24. Check for integrity`
		`+ 25. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 26. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ 12. Success`
		`+ 13. Success`
		`+ 14. Success`
		`+ 15. Success`
		`+ 16. Success`
		`+ 17. Success`
		`+ 18. Success`
		`+ 19. Success`
		`+ 20. Success`
		`+ 21. Success`
		`+ 22. Success`
		`+ 23. Success`
		`+ 24. Success`
		`+ 25. Success`
		`+ 26. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`
		`@@ -1207,12 +1541,35 @@`
		`return`


		`- ################################################################################`
		`- #`
		`- # Test Retro Changelog Plugin (9)`
		`- #`
		`- ################################################################################`
		`def test_retrocl(topo, args=None):`
		`+ """Test Retro Changelog basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d810`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Gather the current change count (it's not 1 once we start the stability tests)`
		`+ 4. Add a user`
		`+ 5. Check we logged this in the retro cl`
		`+ 6. Change the config - disable plugin`
		`+ 7. Delete the user`
		`+ 8. Check we didn't log this in the retro cl`
		`+ 9. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 10. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`
		`@@ -1297,12 +1654,39 @@`
		`inst.state = DIRSRV_STATE_ONLINE`


		`- ################################################################################`
		`- #`
		`- # Test Root DN Access Control Plugin (10)`
		`- #`
		`- ################################################################################`
		`def test_rootdn(topo, args=None):`
		`+ """Test Root DNA Access control basic functionality`
		`+`
		`+ :id: 9b87493b-0493-46f9-8364-6099d0e5d811`
		`+ :setup: Standalone Instance`
		`+ :steps:`
		`+ 1. Enable the plugin`
		`+ 2. Restart the instance`
		`+ 3. Add an user and aci to open up cn=config`
		`+ 4. Set an aci so we can modify the plugin after we deny the root dn`
		`+ 5. Set allowed IP to an unknown host - blocks root dn`
		`+ 6. Bind as Root DN`
		`+ 7. Bind as the user who can make updates to the config`
		`+ 8. Test that invalid plugin changes are rejected`
		`+ 9. Remove the restriction`
		`+ 10. Bind as Root DN`
		`+ 11. Check nsslapd-plugin-depends-on-named for the plugin`
		`+ 12. Clean up`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ 12. Success`
		`+ """`
		`+`
		`inst = topo[0]`

		`# stop the plugin, and start it`

dirsrvtests/tests/suites/plugins/accpol_test.py

file modified

+276 -159

		`@@ -319,16 +319,21 @@`
		`def test_glact_inact(topology_st, accpol_global):`
		`"""Verify if user account is inactivated when accountInactivityLimit is exceeded.`

		`- :ID: 342af084-0ad0-442f-b6f6-5a8b8e5e4c28`
		`- :feature: Account Policy Plugin`
		`+ :id: 342af084-0ad0-442f-b6f6-5a8b8e5e4c28`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Add few users to ou=people subtree in the default suffix`
		`- 2. Check if users are active just before it reaches accountInactivityLimit.`
		`- 3. User accounts should not be inactivated, expected 0`
		`- 4. Check if users are inactivated when accountInactivityLimit is exceeded.`
		`- 5. User accounts should be inactivated, expected error 19.`
		`- :assert: Should return error code 19`
		`+ :steps:`
		`+ 1. Add few users to ou=people subtree in the default suffix`
		`+ 2. Check if users are active just before it reaches accountInactivityLimit.`
		`+ 3. User accounts should not be inactivated, expected 0`
		`+ 4. Check if users are inactivated when accountInactivityLimit is exceeded.`
		`+ 5. User accounts should be inactivated, expected error 19.`
		`+ :expectedresults:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Should return error code 19`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -353,18 +358,25 @@`
		`def test_glremv_lastlogin(topology_st, accpol_global):`
		`"""Verify if user account is inactivated by createTimeStamp, if lastLoginTime attribute is missing.`

		`- :ID: 8ded5d8e-ed93-4c22-9c8e-78c479189f84`
		`- :feature: Account Policy Plugin`
		`+ :id: 8ded5d8e-ed93-4c22-9c8e-78c479189f84`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Add few users to ou=people subtree in the default suffix`
		`- 2. Wait for few secs and bind as user to create lastLoginTime attribute.`
		`- 3. Remove the lastLoginTime attribute from the user.`
		`- 4. Wait till accountInactivityLimit exceeded based on createTimeStamp value`
		`- 5. Check if users are inactivated, expected error 19.`
		`- 6. Replace lastLoginTime attribute and check if account is activated`
		`- 7. User should be activated based on lastLoginTime attribute, expected 0`
		`- :assert: Should return error code 19`
		`+ :steps:`
		`+ 1. Add few users to ou=people subtree in the default suffix`
		`+ 2. Wait for few secs and bind as user to create lastLoginTime attribute.`
		`+ 3. Remove the lastLoginTime attribute from the user.`
		`+ 4. Wait till accountInactivityLimit exceeded based on createTimeStamp value`
		`+ 5. Check if users are inactivated, expected error 19.`
		`+ 6. Replace lastLoginTime attribute and check if account is activated`
		`+ 7. User should be activated based on lastLoginTime attribute, expected 0`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Should return error code 19`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -390,16 +402,21 @@`
		`def test_glact_login(topology_st, accpol_global):`
		`"""Verify if user account can be activated by replacing the lastLoginTime attribute.`

		`- :ID: f89897cc-c13e-4824-af08-3dd1039bab3c`
		`- :feature: Account Policy Plugin`
		`+ :id: f89897cc-c13e-4824-af08-3dd1039bab3c`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Add few users to ou=groups subtree in the default suffix`
		`- 2. Wait till accountInactivityLimit exceeded`
		`- 3. Run ldapsearch as normal user, expected error 19.`
		`- 4. Replace the lastLoginTime attribute and check if account is activated`
		`- 5. Run ldapsearch as normal user, expected 0.`
		`- :assert: Should return success once the user is activated`
		`+ :steps:`
		`+ 1. Add few users to ou=groups subtree in the default suffix`
		`+ 2. Wait till accountInactivityLimit exceeded`
		`+ 3. Run ldapsearch as normal user, expected error 19.`
		`+ 4. Replace the lastLoginTime attribute and check if account is activated`
		`+ 5. Run ldapsearch as normal user, expected 0.`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -420,27 +437,43 @@`
		`def test_glinact_limit(topology_st, accpol_global):`
		`"""Verify if account policy plugin functions well when changing accountInactivityLimit value.`

		`- :ID: 7fbc373f-a3d7-4774-8d34-89b057c5e74b`
		`- :feature: Account Policy Plugin`
		`+ :id: 7fbc373f-a3d7-4774-8d34-89b057c5e74b`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Add few users to ou=groups subtree in the default suffix`
		`- 2. Check if users are active just before reaching accountInactivityLimit`
		`- 3. Modify AccountInactivityLimit to a bigger value`
		`- 4. Wait for additional few secs, but check users before it reaches accountInactivityLimit`
		`- 5. Wait till accountInactivityLimit exceeded and check users, expected error 19`
		`- 6. Modify accountInactivityLimit to use the min value.`
		`- 7. Add few users to ou=groups subtree in the default suffix`
		`- 8. Wait till it reaches accountInactivityLimit and check users, expected error 19`
		`- 9. Modify accountInactivityLimit to 10 times(30 secs) bigger than the initial value.`
		`- 10. Add few users to ou=groups subtree in the default suffix`
		`- 11. Wait for 90 secs and check if account is not inactivated, expected 0`
		`- 12. Wait for +27 secs and check if account is not inactivated, expected 0`
		`- 13. Wait for +30 secs and check if account is inactivated, error 19`
		`- 14. Replace the lastLoginTime attribute and check if account is activated`
		`- 15. Modify accountInactivityLimit to 12 secs, which is the default`
		`- 16. Run ldapsearch as normal user, expected 0.`
		`- :assert: Should return success once the user is activated`
		`+ :steps:`
		`+ 1. Add few users to ou=groups subtree in the default suffix`
		`+ 2. Check if users are active just before reaching accountInactivityLimit`
		`+ 3. Modify AccountInactivityLimit to a bigger value`
		`+ 4. Wait for additional few secs, but check users before it reaches accountInactivityLimit`
		`+ 5. Wait till accountInactivityLimit exceeded and check users, expected error 19`
		`+ 6. Modify accountInactivityLimit to use the min value.`
		`+ 7. Add few users to ou=groups subtree in the default suffix`
		`+ 8. Wait till it reaches accountInactivityLimit and check users, expected error 19`
		`+ 9. Modify accountInactivityLimit to 10 times(30 secs) bigger than the initial value.`
		`+ 10. Add few users to ou=groups subtree in the default suffix`
		`+ 11. Wait for 90 secs and check if account is not inactivated, expected 0`
		`+ 12. Wait for +27 secs and check if account is not inactivated, expected 0`
		`+ 13. Wait for +30 secs and check if account is inactivated, error 19`
		`+ 14. Replace the lastLoginTime attribute and check if account is activated`
		`+ 15. Modify accountInactivityLimit to 12 secs, which is the default`
		`+ 16. Run ldapsearch as normal user, expected 0.`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ 12. Success`
		`+ 13. Success`
		`+ 14. Success`
		`+ 15. Success`
		`+ 16. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -483,29 +516,47 @@`
		`def test_glnologin_attr(topology_st, accpol_global):`
		`"""Verify if user account is inactivated based on createTimeStamp attribute, no lastLoginTime attribute present`

		`- :ID: 3032f670-705d-4f69-96f5-d75445cffcfb`
		`- :feature: Account Policy Plugin`
		`+ :id: 3032f670-705d-4f69-96f5-d75445cffcfb`
		`:setup: Standalone instance, Local account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Configure Global account policy plugin with createTimestamp as stateattrname`
		`- 2. lastLoginTime attribute will not be effective.`
		`- 3. Add few users to ou=groups subtree in the default suffix`
		`- 4. Wait for 10 secs and check if account is not inactivated, expected 0`
		`- 5. Modify AccountInactivityLimit to 20 secs`
		`- 6. Wait for +9 secs and check if account is not inactivated, expected 0`
		`- 7. Wait for +3 secs and check if account is inactivated, error 19`
		`- 8. Modify accountInactivityLimit to 3 secs`
		`- 9. Add few users to ou=groups subtree in the default suffix`
		`- 10. Wait for 3 secs and check if account is inactivated, error 19`
		`- 11. Modify accountInactivityLimit to 30 secs`
		`- 12. Add few users to ou=groups subtree in the default suffix`
		`- 13. Wait for 90 secs and check if account is not inactivated, expected 0`
		`- 14. Wait for +28 secs and check if account is not inactivated, expected 0`
		`- 15. Wait for +2 secs and check if account is inactivated, error 19`
		`- 16. Replace the lastLoginTime attribute and check if account is activated`
		`- 17. Modify accountInactivityLimit to 12 secs, which is the default`
		`- 18. Run ldapsearch as normal user, expected 0.`
		`- :assert: Should return success once the user is activated`
		`+ :steps:`
		`+ 1. Configure Global account policy plugin with createTimestamp as stateattrname`
		`+ 2. lastLoginTime attribute will not be effective.`
		`+ 3. Add few users to ou=groups subtree in the default suffix`
		`+ 4. Wait for 10 secs and check if account is not inactivated, expected 0`
		`+ 5. Modify AccountInactivityLimit to 20 secs`
		`+ 6. Wait for +9 secs and check if account is not inactivated, expected 0`
		`+ 7. Wait for +3 secs and check if account is inactivated, error 19`
		`+ 8. Modify accountInactivityLimit to 3 secs`
		`+ 9. Add few users to ou=groups subtree in the default suffix`
		`+ 10. Wait for 3 secs and check if account is inactivated, error 19`
		`+ 11. Modify accountInactivityLimit to 30 secs`
		`+ 12. Add few users to ou=groups subtree in the default suffix`
		`+ 13. Wait for 90 secs and check if account is not inactivated, expected 0`
		`+ 14. Wait for +28 secs and check if account is not inactivated, expected 0`
		`+ 15. Wait for +2 secs and check if account is inactivated, error 19`
		`+ 16. Replace the lastLoginTime attribute and check if account is activated`
		`+ 17. Modify accountInactivityLimit to 12 secs, which is the default`
		`+ 18. Run ldapsearch as normal user, expected 0.`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`+ 11. Success`
		`+ 12. Success`
		`+ 13. Success`
		`+ 14. Success`
		`+ 15. Success`
		`+ 16. Success`
		`+ 17. Success`
		`+ 18. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -555,17 +606,23 @@`
		`def test_glnoalt_stattr(topology_st, accpol_global):`
		`"""Verify if user account can be inactivated based on lastLoginTime attribute, altstateattrname set to 1.1`

		`- :ID: 8dcc3540-578f-422a-bb44-28c2cf20dbcd`
		`- :feature: Account Policy Plugin`
		`+ :id: 8dcc3540-578f-422a-bb44-28c2cf20dbcd`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Configure Global account policy plugin with altstateattrname to 1.1`
		`- 2. Add few users to ou=groups subtree in the default suffix`
		`- 3. Wait till it reaches accountInactivityLimit`
		`- 4. Remove lastLoginTime attribute from the user entry`
		`- 5. Run ldapsearch as normal user, expected 0. no lastLoginTime attribute present`
		`- 6. Wait till it reaches accountInactivityLimit and check users, expected error 19`
		`- :assert: Should return success once the user is activated`
		`+ :steps:`
		`+ 1. Configure Global account policy plugin with altstateattrname to 1.1`
		`+ 2. Add few users to ou=groups subtree in the default suffix`
		`+ 3. Wait till it reaches accountInactivityLimit`
		`+ 4. Remove lastLoginTime attribute from the user entry`
		`+ 5. Run ldapsearch as normal user, expected 0. no lastLoginTime attribute present`
		`+ 6. Wait till it reaches accountInactivityLimit and check users, expected error 19`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -594,18 +651,25 @@`
		`def test_glattr_modtime(topology_st, accpol_global):`
		`"""Verify if user account can be inactivated based on modifyTimeStamp attribute`

		`- :ID: 67380839-2966-45dc-848a-167a954153e1`
		`- :feature: Account Policy Plugin`
		`+ :id: 67380839-2966-45dc-848a-167a954153e1`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Configure Global account policy plugin with altstateattrname to modifyTimestamp`
		`- 2. Add few users to ou=groups subtree in the default suffix`
		`- 3. Wait till the accountInactivityLimit exceeded and check users, expected error 19`
		`- 4. Modify cn attribute for user, ModifyTimeStamp is updated.`
		`- 5. Check if user is activated based on ModifyTimeStamp attribute, expected 0`
		`- 6. Change the plugin to use createTimeStamp and remove lastLoginTime attribute`
		`- 7. Check if account is inactivated, expected error 19`
		`- :assert: Should return success once the user is activated`
		`+ :steps:`
		`+ 1. Configure Global account policy plugin with altstateattrname to modifyTimestamp`
		`+ 2. Add few users to ou=groups subtree in the default suffix`
		`+ 3. Wait till the accountInactivityLimit exceeded and check users, expected error 19`
		`+ 4. Modify cn attribute for user, ModifyTimeStamp is updated.`
		`+ 5. Check if user is activated based on ModifyTimeStamp attribute, expected 0`
		`+ 6. Change the plugin to use createTimeStamp and remove lastLoginTime attribute`
		`+ 7. Check if account is inactivated, expected error 19`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -636,21 +700,31 @@`
		`def test_glnoalt_nologin(topology_st, accpol_global):`
		`"""Verify if account policy plugin works if we set altstateattrname set to 1.1 and alwaysrecordlogin to NO`

		`- :ID: 49eda7db-84de-47ba-8f81-ac5e4de3a500`
		`- :feature: Account Policy Plugin`
		`+ :id: 49eda7db-84de-47ba-8f81-ac5e4de3a500`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Configure Global account policy plugin with altstateattrname to 1.1`
		`- 2. Set alwaysrecordlogin to NO.`
		`- 3. Add few users to ou=groups subtree in the default suffix`
		`- 4. Wait till accountInactivityLimit exceeded and check users, expected 0`
		`- 5. Check for lastLoginTime attribute, it should not be present`
		`- 6. Wait for few more secs and check if account is not inactivated, expected 0`
		`- 7. Run ldapsearch as normal user, expected 0. no lastLoginTime attribute present`
		`- 8. Set altstateattrname to createTimeStamp`
		`- 9. Check if user account is inactivated based on createTimeStamp attribute.`
		`- 10. Account should be inactivated, expected error 19`
		`- :assert: Should return success once the user is activated`
		`+ :steps:`
		`+ 1. Configure Global account policy plugin with altstateattrname to 1.1`
		`+ 2. Set alwaysrecordlogin to NO.`
		`+ 3. Add few users to ou=groups subtree in the default suffix`
		`+ 4. Wait till accountInactivityLimit exceeded and check users, expected 0`
		`+ 5. Check for lastLoginTime attribute, it should not be present`
		`+ 6. Wait for few more secs and check if account is not inactivated, expected 0`
		`+ 7. Run ldapsearch as normal user, expected 0. no lastLoginTime attribute present`
		`+ 8. Set altstateattrname to createTimeStamp`
		`+ 9. Check if user account is inactivated based on createTimeStamp attribute.`
		`+ 10. Account should be inactivated, expected error 19`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`+ 10. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -684,20 +758,29 @@`
		`def test_glinact_nsact(topology_st, accpol_global):`
		`"""Verify if user account can be activated using ns-activate.pl script.`

		`- :ID: 876a7a7c-0b3f-4cd2-9b45-1dc80846e334`
		`- :feature: Account Policy Plugin`
		`+ :id: 876a7a7c-0b3f-4cd2-9b45-1dc80846e334`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Configure Global account policy plugin`
		`- 2. Add few users to ou=groups subtree in the default suffix`
		`- 3. Wait for few secs and inactivate user using ns-inactivate.pl`
		`- 4. Wait till accountInactivityLimit exceeded.`
		`- 5. Run ldapsearch as normal user, expected error 19.`
		`- 6. Activate user using ns-activate.pl script`
		`- 7. Check if account is activated, expected error 19`
		`- 8. Replace the lastLoginTime attribute and check if account is activated`
		`- 9. Run ldapsearch as normal user, expected 0.`
		`- :assert: Should return success once the user is activated`
		`+ :steps:`
		`+ 1. Configure Global account policy plugin`
		`+ 2. Add few users to ou=groups subtree in the default suffix`
		`+ 3. Wait for few secs and inactivate user using ns-inactivate.pl`
		`+ 4. Wait till accountInactivityLimit exceeded.`
		`+ 5. Run ldapsearch as normal user, expected error 19.`
		`+ 6. Activate user using ns-activate.pl script`
		`+ 7. Check if account is activated, expected error 19`
		`+ 8. Replace the lastLoginTime attribute and check if account is activated`
		`+ 9. Run ldapsearch as normal user, expected 0.`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -724,18 +807,25 @@`
		`def test_glinact_acclock(topology_st, accpol_global):`
		`"""Verify if user account is activated when account is unlocked by passwordlockoutduration.`

		`- :ID: 43601a61-065c-4c80-a7c2-e4f6ae17beb8`
		`- :feature: Account Policy Plugin`
		`+ :id: 43601a61-065c-4c80-a7c2-e4f6ae17beb8`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Add few users to ou=groups subtree in the default suffix`
		`- 2. Wait for few secs and attempt invalid binds for user`
		`- 3. User account should be locked based on Account Lockout policy.`
		`- 4. Wait till accountInactivityLimit exceeded and check users, expected error 19`
		`- 5. Wait for passwordlockoutduration and check if account is active`
		`- 6. Check if account is unlocked, expected error 19, since account is inactivated`
		`- 7. Replace the lastLoginTime attribute and check users, expected 0`
		`- :assert: Should return success once the user is activated`
		`+ :steps:`
		`+ 1. Add few users to ou=groups subtree in the default suffix`
		`+ 2. Wait for few secs and attempt invalid binds for user`
		`+ 3. User account should be locked based on Account Lockout policy.`
		`+ 4. Wait till accountInactivityLimit exceeded and check users, expected error 19`
		`+ 5. Wait for passwordlockoutduration and check if account is active`
		`+ 6. Check if account is unlocked, expected error 19, since account is inactivated`
		`+ 7. Replace the lastLoginTime attribute and check users, expected 0`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -773,20 +863,29 @@`
		`def test_glnact_pwexp(topology_st, accpol_global):`
		`"""Verify if user account is activated when password is reset after password is expired`

		`- :ID: 3bb97992-101a-4e5a-b60a-4cc21adcc76e`
		`- :feature: Account Policy Plugin`
		`+ :id: 3bb97992-101a-4e5a-b60a-4cc21adcc76e`
		`:setup: Standalone instance, Global account policy plugin configuration,`
		`set accountInactivityLimit to few secs.`
		`- :steps: 1. Add few users to ou=groups subtree in the default suffix`
		`- 2. Set passwordmaxage to few secs`
		`- 3. Wait for passwordmaxage to reach and check if password expired`
		`- 4. Run ldapsearch as normal user, expected error 19.`
		`- 5. Reset the password for user account`
		`- 6. Wait till accountInactivityLimit exceeded and check users`
		`- 7. Run ldapsearch as normal user, expected error 19.`
		`- 8. Replace the lastLoginTime attribute and check if account is activated`
		`- 9. Run ldapsearch as normal user, expected 0.`
		`- :assert: Should return success once the user is activated`
		`+ :steps:`
		`+ 1. Add few users to ou=groups subtree in the default suffix`
		`+ 2. Set passwordmaxage to few secs`
		`+ 3. Wait for passwordmaxage to reach and check if password expired`
		`+ 4. Run ldapsearch as normal user, expected error 19.`
		`+ 5. Reset the password for user account`
		`+ 6. Wait till accountInactivityLimit exceeded and check users`
		`+ 7. Run ldapsearch as normal user, expected error 19.`
		`+ 8. Replace the lastLoginTime attribute and check if account is activated`
		`+ 9. Run ldapsearch as normal user, expected 0.`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Success`
		`+ 8. Success`
		`+ 9. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -849,17 +948,23 @@`
		`def test_locact_inact(topology_st, accpol_local):`
		`"""Verify if user account is inactivated when accountInactivityLimit is exceeded.`

		`- :ID: 02140e36-79eb-4d88-ba28-66478689289b`
		`- :feature: Account Policy Plugin`
		`+ :id: 02140e36-79eb-4d88-ba28-66478689289b`
		`:setup: Standalone instance, ou=people subtree configured for Local account`
		`policy plugin configuration, set accountInactivityLimit to few secs.`
		`- :steps: 1. Add few users to ou=people subtree in the default suffix`
		`- 2. Wait for few secs before it reaches accountInactivityLimit and check users.`
		`- 3. Run ldapsearch as normal user, expected 0`
		`- 4. Wait till accountInactivityLimit is exceeded`
		`- 5. Run ldapsearch as normal user and check if its inactivated, expected error 19.`
		`- 6. Replace user's lastLoginTime attribute and check if its activated, expected 0`
		`- :assert: Should return error code 19`
		`+ :steps:`
		`+ 1. Add few users to ou=people subtree in the default suffix`
		`+ 2. Wait for few secs before it reaches accountInactivityLimit and check users.`
		`+ 3. Run ldapsearch as normal user, expected 0`
		`+ 4. Wait till accountInactivityLimit is exceeded`
		`+ 5. Run ldapsearch as normal user and check if its inactivated, expected error 19.`
		`+ 6. Replace user's lastLoginTime attribute and check if its activated, expected 0`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Should return error code 19`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -887,18 +992,25 @@`
		`def test_locinact_modrdn(topology_st, accpol_local):`
		`"""Verify if user account is inactivated when moved from ou=groups to ou=people subtree.`

		`- :ID: 5f25bea3-fab0-4db4-b43d-2d47cc6e5ad1`
		`- :feature: Account Policy Plugin`
		`+ :id: 5f25bea3-fab0-4db4-b43d-2d47cc6e5ad1`
		`:setup: Standalone instance, ou=people subtree configured for Local account`
		`policy plugin configuration, set accountInactivityLimit to few secs.`
		`- :steps: 1. Add few users to ou=groups subtree in the default suffix`
		`- 2. Plugin configured to ou=people subtree only.`
		`- 3. Wait for few secs before it reaches accountInactivityLimit and check users.`
		`- 4. Run ldapsearch as normal user, expected 0`
		`- 5. Wait till accountInactivityLimit exceeded`
		`- 6. Move users from ou=groups subtree to ou=people subtree`
		`- 7. Check if users are inactivated, expected error 19`
		`- :assert: Should return error code 0 and 19`
		`+ :steps:`
		`+ 1. Add few users to ou=groups subtree in the default suffix`
		`+ 2. Plugin configured to ou=people subtree only.`
		`+ 3. Wait for few secs before it reaches accountInactivityLimit and check users.`
		`+ 4. Run ldapsearch as normal user, expected 0`
		`+ 5. Wait till accountInactivityLimit exceeded`
		`+ 6. Move users from ou=groups subtree to ou=people subtree`
		`+ 7. Check if users are inactivated, expected error 19`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`+ 6. Success`
		`+ 7. Should return error code 0 and 19`
		`"""`

		`suffix = DEFAULT_SUFFIX`
		`@@ -930,16 +1042,21 @@`
		`def test_locact_modrdn(topology_st, accpol_local):`
		`"""Verify if user account is inactivated when users moved from ou=people to ou=groups subtree.`

		`- :ID: e821cbae-bfc3-40d3-947d-b228c809987f`
		`- :feature: Account Policy Plugin`
		`+ :id: e821cbae-bfc3-40d3-947d-b228c809987f`
		`:setup: Standalone instance, ou=people subtree configured for Local account`
		`policy plugin configuration, set accountInactivityLimit to few secs.`
		`- :steps: 1. Add few users to ou=people subtree in the default suffix`
		`- 2. Wait for few secs and check if users not inactivated, expected 0.`
		`- 3. Move users from ou=people to ou=groups subtree`
		`- 4. Wait till accountInactivityLimit is exceeded`
		`- 5. Check if users are active in ou=groups subtree, expected 0`
		`- :assert: Should return error code 0`
		`+ :steps:`
		`+ 1. Add few users to ou=people subtree in the default suffix`
		`+ 2. Wait for few secs and check if users not inactivated, expected 0.`
		`+ 3. Move users from ou=people to ou=groups subtree`
		`+ 4. Wait till accountInactivityLimit is exceeded`
		`+ 5. Check if users are active in ou=groups subtree, expected 0`
		`+ :assert:`
		`+ 1. Success`
		`+ 2. Success`
		`+ 3. Success`
		`+ 4. Success`
		`+ 5. Success`
		`"""`

		`suffix = DEFAULT_SUFFIX`

spichugi commented 5 years ago

Description: Add and refactor the test case docstrings.
They should follow one exact format for communicating
with internal tool. Also it should be readable enough
to provide the main idea about the test case.

https://pagure.io/389-ds-base/issue/49381

Reviewed by: ?