#50434 Issue: 48851 - investigate and port TET matching rules filter tests(cert)
Closed 4 months ago by spichugi. Opened 2 years ago by aborah.
aborah/389-ds-base cert  into  master

@@ -0,0 +1,69 @@ 

+ # --- BEGIN COPYRIGHT BLOCK ---

+ # Copyright (C) 2019 Red Hat, Inc.

+ # All rights reserved.

+ #

+ # License: GPL (version 3 or any later version).

+ # See LICENSE for details.

+ # --- END COPYRIGHT BLOCK ----

+ 

+ 

+ """

+ verify and testing  Filter from a search

+ """

+ 

+ import os

+ import pytest

+ 

+ from lib389._constants import DEFAULT_SUFFIX

+ from lib389.topologies import topology_st as topo

+ from lib389.idm.user import UserAccounts

+ from lib389.idm.account import Accounts

+ from lib389.nss_ssl import NssSsl

+ from lib389.utils import search_filter_scape_bytes

+ 

+ pytestmark = pytest.mark.tier1

+ 

+ 

+ def test_positive(topo):

+     """Test User certificate field

+         :id: abe3e6de-9ecc-11e8-adf0-8c16451d917

+         :setup: Standalone

+         :steps:

+             1. Create entries with userCertificate field.

+             2. Try to search/filter them with userCertificate field.

+         :expected results:

+             1. Pass

+             2. Pass

+     """

+     # SETUP TLS

+     topo.standalone.stop()

+     NssSsl(topo.standalone).reinit()

+     NssSsl(topo.standalone).create_rsa_ca()

+     NssSsl(topo.standalone).create_rsa_key_and_cert()

+     # Create  user

+     NssSsl(topo.standalone).create_rsa_user('testuser1')

+     NssSsl(topo.standalone).create_rsa_user('testuser2')

+     # Creating cert users

+     topo.standalone.start()

+     users_people = UserAccounts(topo.standalone, DEFAULT_SUFFIX)

+     for count in range(1, 3):

+         user = users_people.create_test_user(uid=count, gid=count)

+         tls_locs = NssSsl(topo.standalone).get_rsa_user(f'testuser{count}')

+         #  {'ca': ca_path, 'key': key_path, 'crt': crt_path}

+         user.enroll_certificate(tls_locs['crt_der_path'])

+ 

+     assert Accounts(topo.standalone, DEFAULT_SUFFIX).filter("(usercertificate=*)")

+     assert Accounts(topo.standalone, DEFAULT_SUFFIX).filter("(userCertificate;binary=*)")

+     user1_cert = users_people.list()[0].get_attr_val("userCertificate;binary")

+     assert Accounts(topo.standalone, DEFAULT_SUFFIX).filter(

+         f'(userCertificate;binary={search_filter_scape_bytes(user1_cert)})')[0].dn == \

+            'uid=test_user_1,ou=People,dc=example,dc=com'

+     user2_cert = users_people.list()[1].get_attr_val("userCertificate;binary")

+     assert Accounts(topo.standalone, DEFAULT_SUFFIX).filter(

+         f'(userCertificate;binary={search_filter_scape_bytes(user2_cert)})')[0].dn == \

+            'uid=test_user_2,ou=People,dc=example,dc=com'

+ 

+ 

+ if __name__ == '__main__':

+     CURRENT_FILE = os.path.realpath(__file__)

+     pytest.main("-s -v %s" % CURRENT_FILE)

@@ -145,6 +145,35 @@ 

      assert display_log_data(before) == after

  

  

+ @pytest.mark.parametrize('ds_ver, cmp_ver', [

+     ('1.3.1', '1.3.2'),

+     ('1.3.1', '1.3.10'),

+     ('1.3.2', '1.3.10'),

+     ('1.3.9', ('1.3.10', '1.4.2.0')),

+     ('1.4.0.1', ('1.3.9', '1.4.1.0', '1.4.2.1')),

+     ('1.4.1', '1.4.2.0-20191115gitbadc0ffee' ),

+ ])

+ def test_ds_is_older_versions(ds_ver, cmp_ver):

+     if isinstance(cmp_ver, tuple):

+         assert ds_is_related('older', ds_ver, *cmp_ver)

+     else:

+         assert ds_is_related('older', ds_ver, cmp_ver)

+ 

+ @pytest.mark.parametrize('ds_ver, cmp_ver', [

+     ('1.3.2', '1.3.1'),

+     ('1.3.10', '1.3.1'),

+     ('1.3.10', '1.3.2'),

+     ('1.3.10', ('1.3.9', '1.4.2.0')),

+     ('1.4.2.1', ('1.3.9', '1.4.0.1', '1.4.2.0')),

+     ('1.4.2.0-20191115gitbadc0ffee', '1.4.1' ),

+ ])

+ def test_ds_is_newer_versions(ds_ver, cmp_ver):

+     if isinstance(cmp_ver, tuple):

+         assert ds_is_related('newer', ds_ver, *cmp_ver)

+     else:

+         assert ds_is_related('newer', ds_ver, cmp_ver)

+ 

+ 

  if __name__ == "__main__":

      CURRENT_FILE = os.path.realpath(__file__)

      pytest.main("-s -v %s" % CURRENT_FILE)

Investigate and port TET matching rules filter tests(cert)

Relates: https://pagure.io/389-ds-base/issue/48851

Author: aborah

Reviewed by: ???

rebased onto 4f592c2774f9391fe667e05d5fa0f94e4055047d

2 years ago

I saw the discussion on the mail list. So what is an update for this?

rebased onto bc1c4be0153687c7961a7d788eee893d3b6f5dac

2 years ago

@spichugi ready to review

Please, describe the resolution for the mail list discussion. What was the final agreement there?
I think it is important to have an overview and the explanation here. Please, don't ignore the questions...

rebased onto 09ece9834f4e23736210010262d342a68dce7c53

2 years ago

Please, describe the resolution for the mail list discussion. What was the final agreement there?
I think it is important to have an overview and the explanation here. Please, don't ignore the questions...

Resolution is done by @vashirov in the issue . Please take a look .

PR is ready to review.

Resolution is done by @vashirov in the issue . Please take a look .

In which issue? The one linked in the description is 3 years old and contains only a bunch of commit hashes listed. How am I supposed to find out what's going on? Simon was asking you for a summary, even a link would work better...

Also, again, you still keep rebasing which makes tracking changes very hard to follow. And there is no way to back-track what was the original commit. At least describe in the comments what changed with a rebase.

Resolution is done by @vashirov in the issue . Please take a look .

In which issue? The one linked in the description is 3 years old and contains only a bunch of commit hashes listed. How am I supposed to find out what's going on? Simon was asking you for a summary, even a link would work better...
Also, again, you still keep rebasing which makes tracking changes very hard to follow. And there is no way to back-track what was the original commit. At least describe in the comments what changed with a rebase.

Issue : https://pagure.io/389-ds-base/issue/50443
PR: https://pagure.io/389-ds-base/pull-request/50466

rebased onto 51f8169bcf6891c9acd1d2e02222638d63b7b07c

2 years ago

rebased onto f4af5f1a960058b2800e188699d1de74408cee36

a year ago

rebased onto 1423411e054a79e4a34ccf964912e0e253be6a58

a year ago

rebased onto 717194b

a year ago

Pull-Request has been closed by aborah

a year ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This pull request has been cloned to Github as issue and is available here:
- https://github.com/389ds/389-ds-base/issues/3492

If you want to continue to work on the PR, please navigate to the github issue,
download the patch from the attachments and file a new pull request.

Thank you for understanding. We apologize for all inconvenience.

Pull-Request has been closed by spichugi

4 months ago