Skip to content

Commit

Permalink
tests: housekeeping, test_files.py
Browse files Browse the repository at this point in the history
* fixed typos and standardized formatting
* renamed test cases to improve the clarity of what the test does
* improved docstring language, setup, steps and expected results
* added pytest.mark.importance to test cases
* the tests are simple, removed the error messages

* root lookup test updated with an additional assertion

Reviewed-by: Jakub Vávra <[email protected]>
Reviewed-by: Sumit Bose <[email protected]>
(cherry picked from commit f70411a)
  • Loading branch information
Dan Lavu authored and alexey-tikhonov committed Jul 24, 2024
1 parent 70ea950 commit 998d183
Showing 1 changed file with 54 additions and 42 deletions.
96 changes: 54 additions & 42 deletions src/tests/system/tests/test_files.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
"""
SSSD File Provider Test Case
Files Provider Test Cases
The files provider allows SSSD to use system users to authenticate.
This feature has been removed in SSSD 2.9.0 for the proxy provider.
:requirement: IDM-SSSD-REQ :: SSSD is default for local resolution
"""
Expand All @@ -13,108 +16,117 @@
from sssd_test_framework.topology import KnownTopology


@pytest.mark.importance("low")
@pytest.mark.builtwith("files-provider")
@pytest.mark.topology(KnownTopology.Client)
def test_files__lookup_root(client: Client):
def test_files__root_user_is_ignored_on_lookups(client: Client):
"""
:title: Getent call doesnt work on root, when service specified as "sss"
:title: The root user is always ignored on sss service lookups
:description: This ensures that the local root user is always returned
and cannot be tampered with.
:setup:
1. Enable files domain
1. Configure SSSD with files provider
2. Start SSSD
:steps:
1. getent passwd -s sss root
1. Lookup root user using sss service
2. Lookup root user without the sss service
:expectedresults:
1. Call failed
1. The root user is not found
2. The root user is found
:customerscenario: False
"""
client.sssd.sssd["enable_files_domain"] = "true"
client.sssd.start()

result = client.tools.getent.passwd("root", service="sss")
assert result is None, "Getent call was successful, which is not expected"
assert client.tools.getent.passwd("root", service="sss") is None, "Root user is found using 'sss' service!"
assert client.tools.getent.passwd("root"), "Root user is not found using all services!"


@pytest.mark.importance("low")
@pytest.mark.builtwith("files-provider")
@pytest.mark.topology(KnownTopology.Client)
def test_files__lookup_user(client: Client):
"""
:title: Simple getent call
:title: Lookup user
:setup:
1. Add local user "user1"
2. Enable files domain
1. Create user
2. Configure SSSD with files provider
3. Start SSSD
:steps:
1. getent passwd -s sss user1
2. Check uid of result
1. Lookup user
2. Check results
:expectedresults:
1. Call was successful
2. Uid is correct
1. User is found
2. The uid matches
:customerscenario: False
"""
client.local.user("user1").add(uid=10001)
client.sssd.sssd["enable_files_domain"] = "true"
client.sssd.start()

result = client.tools.getent.passwd("user1", service="sss")
assert result is not None, "Getent failed"
assert result.uid == 10001, "Uid is not correct"
assert result is not None, "User not found!"
assert result.uid == 10001, "UID does not match!"


@pytest.mark.importance("low")
@pytest.mark.builtwith("files-provider")
@pytest.mark.topology(KnownTopology.Client)
def test_files__lookup_should_not_enumerate_users(client: Client):
def test_files__enumeration_should_not_work(client: Client):
"""
:title: Files provider should not enumerate
:title: Enumeration should not work
:description: Enumeration pulls down the directory data and stores it locally.
Running an unspecified getent will return all users or groups.
:setup:
1. Enable files domain
1. Configure SSSD with files provider
2. Start SSSD
:steps:
1. getent passwd -s sss without specified user
1. Run getent with nothing specified
:expectedresults:
1. Output is empty
1. Nothing found
:customerscenario: False
"""
client.sssd.sssd["enable_files_domain"] = "true"
client.sssd.start()

result = client.host.ssh.run("getent passwd -s sss")
assert not result.stdout
assert not client.host.ssh.run("getent passwd -s sss").stdout, "Entries found!"


@pytest.mark.importance("low")
@pytest.mark.builtwith("files-provider")
@pytest.mark.topology(KnownTopology.Client)
def test_files__lookup_user_shows_updated_user_info(client: Client):
def test_files__lookup_returns_the_latest_data(client: Client):
"""
:title: User have his homedir updated, after passwd
:title: Looking up a user returns the latest data
:setup:
1. Add local user "user1" with specified homedir
2. Enable files domain
1. Create user and specify home directory
2. Configure SSSD with files provider
3. Start SSSD
:steps:
1. getent passwd -s sss user1
2. Check that homedir is correct
3. Modify user1's homedir
4. Wait for changes to be propagated
5. Check that homedir is correct
1. Lookup user
2. Check results
3. Change user's home directory
4. Lookup user again
5. Check results
:expectedresults:
1. Call is successful
2. homedir is correct
3. homedir modified successfully
4. Slept well
5. homedir is updated correctly
1. User is found
2. The homedir matches
3. Home directory is changed
4. User is found
5. Home directory reflects the new value
:customerscenario: False
"""
client.local.user("user1").add(password="Secret123", home="/home/user1-tmp")
client.sssd.sssd["enable_files_domain"] = "true"
client.sssd.start()

result = client.tools.getent.passwd("user1", service="sss")
assert result is not None
assert result.home == "/home/user1-tmp"
assert result is not None, "User not found!"
assert result.home == "/home/user1-tmp", "User's homedir is not correct!"

client.local.user("user1").modify(home="/home/user1")

time.sleep(1)
result = client.tools.getent.passwd("user1", service="sss")
assert result is not None
assert result.home == "/home/user1"
assert result is not None, "User not found!"
assert result.home == "/home/user1", "User's homedir is not correct!"

0 comments on commit 998d183

Please sign in to comment.