#50522 Issue 50521 - Fix regressions in CI tests
Closed 2 months ago by spichugi. Opened a year ago by mreynolds.
mreynolds/389-ds-base 81gating  into  master

@@ -665,6 +665,7 @@ 

      log.info('Delete the previous access logs for the next test')

      topo.deleteAccessLogs()

  

+ @pytest.mark.skipif(ds_is_older('1.4.1.6'), reason="Not implemented")

  @pytest.mark.bz1732053

  @pytest.mark.ds50510

  def test_etime_at_border_of_second(topology_st):
@@ -709,7 +710,7 @@ 

              log.error('It remains invalid or weird etime: %s' % invalid_etime[i])

      assert not invalid_etime

  

-     

+ 

  if __name__ == '__main__':

      # Run isolated

      # -s for DEBUG mode

@@ -12,7 +12,7 @@ 

  from lib389.tasks import *

  from lib389.topologies import topology_st

  from lib389.idm.user import UserAccounts, TEST_USER_PROPERTIES

- from lib389._constants import DN_CONFIG, DEFAULT_SUFFIX

+ from lib389._constants import DEFAULT_SUFFIX

  

  pytestmark = pytest.mark.tier1

  
@@ -53,6 +53,7 @@ 

  

      # Allow the unhashed password to be written to audit log

      topology_st.standalone.config.set('nsslapd-auditlog-logging-hide-unhashed-pw', 'off')

+     topology_st.standalone.config.set('nsslapd-unhashed-pw-switch', 'on')

  

      # Set new password, and check the audit log

      user.reset_password('mypassword')

@@ -8,12 +8,14 @@ 

  #

  import pytest

  import time

+ import logging

  from lib389.tasks import *

- from lib389.utils import *

+ from lib389.utils import ds_is_newer

  from lib389.topologies import topology_st

  from lib389.idm.user import UserAccounts, TEST_USER_PROPERTIES

+ from lib389.idm.directorymanager import DirectoryManager

  from lib389.idm.organizationalunit import OrganizationalUnits

- from lib389._constants import DN_DM, DEFAULT_SUFFIX, PASSWORD

+ from lib389._constants import DEFAULT_SUFFIX

  

  pytestmark = pytest.mark.tier1

  
@@ -105,13 +107,16 @@ 

      #

      user.set('userpassword', 'password1')

      user.rebind('password1')

+     time.sleep(.5)

      user.set('userpassword', 'password2')

      user.rebind('password2')

+     time.sleep(.5)

      user.set('userpassword', 'password3')

      user.rebind('password3')

+     time.sleep(.5)

      user.set('userpassword', 'password4')

      user.rebind('password4')

-     time.sleep(1)

+     time.sleep(.5)

  

      #

      # Check that we only have 3 passwords stored in history
@@ -131,7 +136,7 @@ 

      try:

          user.set('userpassword', 'password1')

          log.fatal('Incorrectly able to to set password to previous password1.')

-         log.error('password history: ' + str(user.get_attr_vals('passwordhistory')))

+         log.fatal('password history: ' + str(user.get_attr_vals('passwordhistory')))

          assert False

      except ldap.CONSTRAINT_VIOLATION:

          log.info('Password change correctly rejected')
@@ -141,7 +146,7 @@ 

      try:

          user.set('userpassword', 'password2')

          log.fatal('Incorrectly able to to set password to previous password2.')

-         log.error('password history: ' + str(user.get_attr_vals('passwordhistory')))

+         log.fatal('password history: ' + str(user.get_attr_vals('passwordhistory')))

          assert False

      except ldap.CONSTRAINT_VIOLATION:

          log.info('Password change correctly rejected')
@@ -151,7 +156,7 @@ 

      try:

          user.set('userpassword', 'password3')

          log.fatal('Incorrectly able to to set password to previous password3.')

-         log.error('password history: ' + str(user.get_attr_vals('passwordhistory')))

+         log.fatal('password history: ' + str(user.get_attr_vals('passwordhistory')))

          assert False

      except ldap.CONSTRAINT_VIOLATION:

          log.info('Password change correctly rejected')
@@ -162,11 +167,9 @@ 

      #

      # Reset password by Directory Manager(admin reset)

      #

-     try:

-         topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

-     except ldap.LDAPError as e:

-         log.fatal('Failed to bind as rootDN: ' + str(e))

-         assert False

+     dm = DirectoryManager(topology_st.standalone)

+     dm.rebind()

+     time.sleep(.5)

      user.set('userpassword', 'password-reset')

      time.sleep(1)

  
@@ -175,7 +178,7 @@ 

          user.rebind('password-reset')

          user.set('userpassword', 'password4')

          log.fatal('Incorrectly able to to set password to previous password4.')

-         log.error('password history: ' + str(user.get_attr_vals('passwordhistory')))

+         log.fatal('password history: ' + str(user.get_attr_vals('passwordhistory')))

          assert False

      except ldap.CONSTRAINT_VIOLATION:

          log.info('Password change correctly rejected')
@@ -187,26 +190,24 @@ 

          #

          # Test passwordInHistory to 0

          #

-         try:

-             topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

-         except ldap.LDAPError as e:

-             log.fatal('Failed to bind as rootDN: ' + str(e))

-             assert False

- 

+         dm = DirectoryManager(topology_st.standalone)

+         dm.rebind()

          try:

              topology_st.standalone.config.replace('passwordInHistory', '0')

              log.info('Configured passwordInHistory to 0.')

          except ldap.LDAPError as e:

              log.fatal('Failed to configure password policy (passwordInHistory to 0): ' + str(e))

              assert False

+         time.sleep(1)

  

          # Verify the older passwords in the entry (passwordhistory) are ignored

          user.rebind('password-reset')

          user.set('userpassword', 'password4')

+         time.sleep(.5)

          try:

              user.set('userpassword', 'password4')

              log.fatal('Incorrectly able to to set password to current password4.')

-             log.error('password history: ' + str(user.get_attr_vals('passwordhistory')))

+             log.fatal('password history: ' + str(user.get_attr_vals('passwordhistory')))

              assert False

          except ldap.CONSTRAINT_VIOLATION:

              log.info('Password change correctly rejected')
@@ -221,12 +222,8 @@ 

      # Set the history count back to a positive value and make sure things still work

      # as expected

      #

-     try:

-         topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

-     except ldap.LDAPError as e:

-         log.fatal('Failed to bind as rootDN: ' + str(e))

-         assert False

- 

+     dm = DirectoryManager(topology_st.standalone)

+     dm.rebind()

      try:

          topology_st.standalone.config.replace('passwordInHistory', '2')

          log.info('Configured passwordInHistory to 2.')
@@ -239,7 +236,7 @@ 

          user.rebind('password5')

          user.set('userpassword', 'password5')

          log.fatal('Incorrectly able to to set password to current password5.')

-         log.error('password history: ' + str(user.get_attr_vals('passwordhistory')))

+         log.fatal('password history: ' + str(user.get_attr_vals('passwordhistory')))

          assert False

      except ldap.CONSTRAINT_VIOLATION:

          log.info('Password change correctly rejected')
@@ -252,7 +249,7 @@ 

          user.set('userpassword', 'password1')

      except ldap.LDAPError as e:

          log.fatal('Failed to attempt to change password: ' + str(e))

-         log.error('password history: ' + str(user.get_attr_vals('passwordhistory')))

+         log.fatal('password history: ' + str(user.get_attr_vals('passwordhistory')))

          assert False

  

      # Done

@@ -11,8 +11,9 @@ 

  from lib389.tasks import *

  from lib389.utils import *

  from lib389.topologies import topology_st

- from lib389.idm.user import UserAccounts

- 

+ from lib389.idm.user import (UserAccount, UserAccounts)

+ from lib389.plugins import (AccountPolicyPlugin, AccountPolicyConfig)

+ from lib389.cos import (CosTemplate, CosPointerDefinition)

  from lib389._constants import (PLUGIN_ACCT_POLICY, DN_PLUGIN, DN_DM, PASSWORD, DEFAULT_SUFFIX,

                                 DN_CONFIG, SERVERID_STANDALONE)

  
@@ -32,16 +33,19 @@ 

      """Configure Global account policy plugin and restart the server"""

  

      log.info('Configuring Global account policy plugin, pwpolicy attributes and restarting the server')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

+     plugin = AccountPolicyPlugin(topology_st.standalone)

      try:

-         topology_st.standalone.plugins.enable(name=PLUGIN_ACCT_POLICY)

-         topology_st.standalone.modify_s(ACCPOL_DN, [(ldap.MOD_REPLACE, 'nsslapd-pluginarg0', ensure_bytes(ACCP_CONF))])

-         topology_st.standalone.modify_s(ACCP_CONF, [(ldap.MOD_REPLACE, 'alwaysrecordlogin', b'yes')])

-         topology_st.standalone.modify_s(ACCP_CONF, [(ldap.MOD_REPLACE, 'stateattrname', b'lastLoginTime')])

-         topology_st.standalone.modify_s(ACCP_CONF, [(ldap.MOD_REPLACE, 'altstateattrname', b'createTimestamp')])

-         topology_st.standalone.modify_s(ACCP_CONF, [(ldap.MOD_REPLACE, 'specattrname', b'acctPolicySubentry')])

-         topology_st.standalone.modify_s(ACCP_CONF, [(ldap.MOD_REPLACE, 'limitattrname', b'accountInactivityLimit')])

-         topology_st.standalone.modify_s(ACCP_CONF, [(ldap.MOD_REPLACE, 'accountInactivityLimit', b'12')])

+         if DEBUGGING:

+             topology_st.standalone.config.set('nsslapd-auditlog-logging-enabled', 'on')

+         plugin.enable()

+         plugin.set('nsslapd-pluginarg0', ACCP_CONF)

+         accp = AccountPolicyConfig(topology_st.standalone, dn=ACCP_CONF)

+         accp.set('alwaysrecordlogin', 'yes')

+         accp.set('stateattrname', 'lastLoginTime')

+         accp.set('altstateattrname', 'createTimestamp')

+         accp.set('specattrname', 'acctPolicySubentry')

+         accp.set('limitattrname', 'accountInactivityLimit')

+         accp.set('accountInactivityLimit', '12')

          topology_st.standalone.config.set('passwordexp', 'on')

          topology_st.standalone.config.set('passwordmaxage', '400')

          topology_st.standalone.config.set('passwordwarning', '1')
@@ -56,9 +60,9 @@ 

  

      def fin():

          log.info('Disabling Global accpolicy plugin and removing pwpolicy attrs')

-         topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

          try:

-             topology_st.standalone.plugins.disable(name=PLUGIN_ACCT_POLICY)

+             plugin = AccountPolicyPlugin(topology_st.standalone)

+             plugin.disable()

              topology_st.standalone.config.set('passwordexp', 'off')

              topology_st.standalone.config.set('passwordlockout', 'off')

          except ldap.LDAPError as e:
@@ -74,20 +78,19 @@ 

      """Configure Local account policy plugin for ou=people subtree and restart the server"""

  

      log.info('Adding Local account policy plugin configuration entries')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

      try:

-         topology_st.standalone.modify_s(ACCP_CONF, [(ldap.MOD_DELETE, 'accountInactivityLimit', None)])

          topology_st.standalone.config.set('passwordmaxage', '400')

-         topology_st.standalone.add_s(Entry((LOCL_CONF, {

-             'objectclass': ['top', 'ldapsubentry', 'extensibleObject', 'accountpolicy'],

-             'accountInactivityLimit': '10'})))

-         topology_st.standalone.add_s(Entry((TEMPL_COS, {

-             'objectclass': ['top', 'ldapsubentry', 'extensibleObject', 'cosTemplate'],

-             'acctPolicySubentry': LOCL_CONF})))

-         topology_st.standalone.add_s(Entry((DEFIN_COS, {

-             'objectclass': ['top', 'ldapsubentry', 'cosSuperDefinition', 'cosPointerDefinition'],

+         accp = AccountPolicyConfig(topology_st.standalone, dn=ACCP_CONF)

+         accp.remove_all('accountInactivityLimit')

+         locl_conf = AccountPolicyConfig(topology_st.standalone, dn=LOCL_CONF)

+         locl_conf.create(properties={'cn': 'AccountPolicy1', 'accountInactivityLimit': '10'})

+         cos_template = CosTemplate(topology_st.standalone, dn=TEMPL_COS)

+         cos_template.create(properties={'cn': 'TempltCoS', 'acctPolicySubentry': LOCL_CONF})

+         cos_def = CosPointerDefinition(topology_st.standalone,  dn=DEFIN_COS)

+         cos_def.create(properties={

+             'cn': 'DefnCoS',

              'cosTemplateDn': TEMPL_COS,

-             'cosAttribute': 'acctPolicySubentry default operational-default'})))

+             'cosAttribute': 'acctPolicySubentry default operational-default'})

      except ldap.LDAPError as e:

          log.error('Failed to configure Local account policy plugin')

          log.error('Failed to add entry {}, {}, {}:'.format(LOCL_CONF, TEMPL_COS, DEFIN_COS))
@@ -96,12 +99,11 @@ 

  

      def fin():

          log.info('Disabling Local accpolicy plugin and removing pwpolicy attrs')

-         topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

          try:

              topology_st.standalone.plugins.disable(name=PLUGIN_ACCT_POLICY)

-             topology_st.standalone.delete_s(LOCL_CONF)

-             topology_st.standalone.delete_s(TEMPL_COS)

-             topology_st.standalone.delete_s(DEFIN_COS)

+             for entry_dn in [LOCL_CONF, TEMPL_COS, DEFIN_COS]:

+                 entry = UserAccount(topology_st.standalone, dn=entry_dn)

+                 entry.delete()

          except ldap.LDAPError as e:

              log.error('Failed to disable Local accpolicy plugin, {}'.format(e.message['desc']))

              assert False
@@ -117,12 +119,13 @@ 

      while (nousrs > 0):

          usrrdn = '{}{}'.format(userid, nousrs)

          userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)

+         user = UserAccount(topology_st.standalone,  dn=userdn)

          for i in range(3):

              with pytest.raises(ldap.INVALID_CREDENTIALS):

-                 topology_st.standalone.simple_bind_s(userdn, INVL_PASW)

+                 user.bind(INVL_PASW)

                  log.error('No invalid credentials error for User {}'.format(userdn))

          with pytest.raises(ldap.CONSTRAINT_VIOLATION):

-             topology_st.standalone.simple_bind_s(userdn, USER_PASW)

+             user.bind(USER_PASW)

              log.error('User {} is not locked, expected error 19'.format(userdn))

          nousrs = nousrs - 1

          time.sleep(1)
@@ -134,18 +137,18 @@ 

      while (nousrs > 0):

          usrrdn = '{}{}'.format(userid, nousrs)

          userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)

+         user = UserAccount(topology_st.standalone,  dn=userdn)

          log.info('Reset user password for user-{}'.format(userdn))

          if (bindusr == "DirMgr"):

-             topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

              try:

-                 topology_st.standalone.modify_s(userdn, [(ldap.MOD_REPLACE, 'userPassword', ensure_bytes(newpasw))])

+                 user.replace('userPassword', newpasw)

              except ldap.LDAPError as e:

                  log.error('Unable to reset userPassword for user-{}'.format(userdn))

                  raise e

          elif (bindusr == "RegUsr"):

-             topology_st.standalone.simple_bind_s(userdn, bindpw)

+             user_conn = user.bind(bindpw)

              try:

-                 topology_st.standalone.modify_s(userdn, [(ldap.MOD_REPLACE, 'userPassword', ensure_bytes(newpasw))])

+                 user_conn.replace('userPassword', newpasw)

              except ldap.LDAPError as e:

                  log.error('Unable to reset userPassword for user-{}'.format(userdn))

                  raise e
@@ -184,9 +187,9 @@ 

      """Modify attribute value for a given DN"""

  

      log.info('Modify attribute value for a given DN')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

      try:

-         topology_st.standalone.modify_s(base_dn, [(ldap.MOD_REPLACE, attr_name, ensure_bytes(attr_val))])

+         entry = UserAccount(topology_st.standalone, dn=base_dn)

+         entry.replace(attr_name, attr_val)

      except ldap.LDAPError as e:

          log.error('Failed to replace lastLoginTime attribute for user-{} {}'.format(userdn, e.message['desc']))

          assert False
@@ -197,12 +200,12 @@ 

      """Check ModifyTimeStamp attribute present for user"""

  

      log.info('Check ModifyTimeStamp attribute present for user')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

      while (nousrs > 0):

          usrrdn = '{}{}'.format(userid, nousrs)

          userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)

+         user = UserAccount(topology_st.standalone, dn=userdn)

          try:

-             topology_st.standalone.search_s(userdn, ldap.SCOPE_BASE, attr_name)

+             user.get_attr_val(attr_name)

          except ldap.LDAPError as e:

              log.error('ModifyTimeStamp attribute is not present for user-{} {}'.format(userdn, e.message['desc']))

              assert False
@@ -214,12 +217,12 @@ 

  

      new_attr_val = time.strftime("%Y%m%d%H%M%S", time.gmtime()) + 'Z'

      log.info('Enable account by replacing lastLoginTime/createTimeStamp/ModifyTimeStamp attribute')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

      while (nousrs > 0):

          usrrdn = '{}{}'.format(userid, nousrs)

          userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)

+         user = UserAccount(topology_st.standalone, dn=userdn)

          try:

-             topology_st.standalone.modify_s(userdn, [(ldap.MOD_REPLACE, attr_name, ensure_bytes(new_attr_val))])

+             user.replace(attr_name, new_attr_val)

          except ldap.LDAPError as e:

              log.error('Failed to add/replace {} attribute to-{}, for user-{}'.format(attr_name, new_attr_val, userdn))

              raise e
@@ -232,12 +235,12 @@ 

      """Enable account by replacing cn attribute value, value of modifyTimeStamp changed"""

  

      log.info('Enable account by replacing cn attribute value, value of modifyTimeStamp changed')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

      while (nousrs > 0):

          usrrdn = '{}{}'.format(userid, nousrs)

          userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)

+         user = UserAccount(topology_st.standalone, dn=userdn)

          try:

-             topology_st.standalone.modify_s(userdn, [(ldap.MOD_REPLACE, attr_name, ensure_bytes(attr_value))])

+             user.replace(attr_name, attr_value)

          except ldap.LDAPError as e:

              log.error('Failed to add/replace {} attribute to-{}, for user-{}'.format(attr_name, attr_value, userdn))

              raise e
@@ -249,12 +252,12 @@ 

      """Delete lastLoginTime/createTimeStamp/ModifyTimeStamp attribute from user account"""

  

      log.info('Delete lastLoginTime/createTimeStamp/ModifyTimeStamp attribute from user account')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

      while (nousrs > 0):

          usrrdn = '{}{}'.format(userid, nousrs)

          userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)

+         user = UserAccount(topology_st.standalone, dn=userdn)

          try:

-             topology_st.standalone.modify_s(userdn, [(ldap.MOD_DELETE, attr_name, None)])

+             user.remove_all(attr_name)

          except ldap.LDAPError as e:

              log.error('Failed to delete {} attribute for user-{}'.format(attr_name, userdn))

              raise e
@@ -285,7 +288,6 @@ 

      """Delete users from default test instance with given suffix, subtree, userid and nousrs"""

  

      log.info('del_users: Pass all of these as parameters suffix, subtree, userid and nousrs')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

      users = UserAccounts(topology_st.standalone, suffix, rdn=subtree)

      while (nousrs > 0):

          usrrdn = '{}{}'.format(userid, nousrs)
@@ -300,19 +302,20 @@ 

      while (nousrs > ulimit):

          usrrdn = '{}{}'.format(userid, nousrs)

          userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)

+         user = UserAccount(topology_st.standalone,  dn=userdn)

          if (tochck == "Enabled"):

              try:

-                 topology_st.standalone.simple_bind_s(userdn, USER_PASW)

+                 user.bind(USER_PASW)

              except ldap.LDAPError as e:

                  log.error('User {} failed to login, expected 0'.format(userdn))

                  raise e

          elif (tochck == "Expired"):

              with pytest.raises(ldap.INVALID_CREDENTIALS):

-                 topology_st.standalone.simple_bind_s(userdn, USER_PASW)

+                 user.bind(USER_PASW)

                  log.error('User {} password not expired , expected error 49'.format(userdn))

          elif (tochck == "Disabled"):

              with pytest.raises(ldap.CONSTRAINT_VIOLATION):

-                 topology_st.standalone.simple_bind_s(userdn, USER_PASW)

+                 user.bind(USER_PASW)

                  log.error('User {} is not inactivated, expected error 19'.format(userdn))

          nousrs = nousrs - 1

          time.sleep(1)
@@ -344,13 +347,16 @@ 

      nousrs = 3

      log.info('AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs')

      add_users(topology_st, suffix, subtree, userid, nousrs, 0)

+ 

      log.info('Sleep for 10 secs to check if account is not inactivated, expected value 0')

      time.sleep(10)

      log.info('Account should not be inactivated since AccountInactivityLimit not exceeded')

      account_status(topology_st, suffix, subtree, userid, 3, 2, "Enabled")

+ 

      log.info('Sleep for 3 more secs to check if account is inactivated')

      time.sleep(3)

      account_status(topology_st, suffix, subtree, userid, 2, 0, "Disabled")

+ 

      log.info('Sleep +10 secs to check if account {}3 is inactivated'.format(userid))

      time.sleep(10)

      account_status(topology_st, suffix, subtree, userid, 3, 2, "Disabled")
@@ -894,7 +900,6 @@ 

      subtree = "ou=groups"

      userid = "pwexpusr"

      nousrs = 1

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

      try:

          topology_st.standalone.config.set('passwordmaxage', '9')

      except ldap.LDAPError as e:
@@ -938,7 +943,6 @@ 

      account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")

  

      # Reset maxage

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

      try:

          topology_st.standalone.config.set('passwordmaxage', '400')

      except ldap.LDAPError as e:
@@ -1025,10 +1029,9 @@ 

      time.sleep(11)

      account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")

      log.info('Moving users from ou=groups to ou=people subtree')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

+     user = UserAccount(topology_st.standalone, dn='uid=nolockusr1,ou=groups,dc=example,dc=com')

      try:

-         topology_st.standalone.rename_s('uid=nolockusr1,ou=groups,dc=example,dc=com', 'uid=nolockusr1',

-                                         'ou=people,dc=example,dc=com')

+         user.rename('uid=nolockusr1', newsuperior='ou=people,dc=example,dc=com')

      except ldap.LDAPError as e:

          log.error('Failed to move user uid=nolockusr1 from ou=groups to ou=people')

          raise e
@@ -1071,12 +1074,11 @@ 

      time.sleep(11)

      account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Disabled")

      log.info('Moving users from ou=people to ou=groups subtree')

-     topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

+     user = UserAccount(topology_st.standalone, dn='uid=lockusr1,ou=people,dc=example,dc=com')

      try:

-         topology_st.standalone.rename_s('uid=lockusr1,ou=people,dc=example,dc=com', 'uid=lockusr1',

-                                         'ou=groups,dc=example,dc=com')

+         user.rename('uid=lockusr1', newsuperior='ou=groups,dc=example,dc=com')

      except ldap.LDAPError as e:

-         log.error('Failed to move user uid=lockusr1 from ou=groups to ou=people')

+         log.error('Failed to move user uid=lockusr1 from ou=people to ou=groups')

          raise e

      log.info('Sleep for +2 secs and check users from both ou=people and ou=groups subtree')

      time.sleep(2)

@@ -104,6 +104,8 @@ 

  

      m1 = topology_with_tls.ms['master1']

      m2 = topology_with_tls.ms['master2']

+     m1.config.set('nsslapd-unhashed-pw-switch', 'on')

+     m2.config.set('nsslapd-unhashed-pw-switch', 'on')

      test_passw = 'm2Test199'

  

      _enable_changelog_encryption(m1, encryption)

Description:

Port accpol_test.py to DSLdapObject. The other tests are all related to a change with hiding unhashed passwords by default in the logs.

relates: https://pagure.io/389-ds-base/issue/50521

The rest of the tests pass for me, ack.

rebased onto b07be1e

a year ago

Pull-Request has been merged by mreynolds

a year ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This pull request has been cloned to Github as issue and is available here:
- https://github.com/389ds/389-ds-base/issues/3578

If you want to continue to work on the PR, please navigate to the github issue,
download the patch from the attachments and file a new pull request.

Thank you for understanding. We apologize for all inconvenience.

Pull-Request has been closed by spichugi

2 months ago