From a9617cff81c8a6352e2cbc3cf3fbef1a46123b3d Mon Sep 17 00:00:00 2001 From: Patrik Rosecky Date: Thu, 21 Sep 2023 12:42:45 +0200 Subject: [PATCH] Tests:alltests/test_rfc2307.py converted to test_ldap.py MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reviewed-by: Iker Pedrosa Reviewed-by: Jakub Vávra (cherry picked from commit 8ecfe20efca6696e94f64fbd2a024f6bcd7bb26d) --- src/tests/multihost/alltests/test_rfc2307.py | 1 + src/tests/system/tests/test_ldap.py | 44 ++++++++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/src/tests/multihost/alltests/test_rfc2307.py b/src/tests/multihost/alltests/test_rfc2307.py index a4f92aa0857..39fb4dfeea2 100644 --- a/src/tests/multihost/alltests/test_rfc2307.py +++ b/src/tests/multihost/alltests/test_rfc2307.py @@ -51,6 +51,7 @@ class Testrfc2307(object): 1. Configure SSSD to authenticate against directory server 2. Enable debug_level to 9 in the 'nss', 'pam' and domain section """ + @pytest.mark.converted('test_ldap.py', 'test_ldap__user_with_whitespace') @pytest.mark.tier2 def test_0001_bz1362023(self, multihost, backupsssdconf): """ diff --git a/src/tests/system/tests/test_ldap.py b/src/tests/system/tests/test_ldap.py index b94a7c6a96f..0c31963ff67 100644 --- a/src/tests/system/tests/test_ldap.py +++ b/src/tests/system/tests/test_ldap.py @@ -144,3 +144,47 @@ def test_ldap__change_password_wrong_current(client: Client, ldap: LDAP, modify_ client.sssd.start() assert not client.auth.passwd.password("user1", "wrong123", "Newpass123"), "Password change did not fail" + + +@pytest.mark.ticket(bz=[1067476, 1065534]) +@pytest.mark.topology(KnownTopology.LDAP) +def test_ldap__user_with_whitespace(client: Client, ldap: LDAP): + """ + :title: user with a whitespace at beginning is able to login and "id" + :setup: + 1. Add users " space1" and "user1" to LDAP + 2. Set uids and passwords to users + 3. Clear memcache, logs and db + 4. Start SSSD + :steps: + 1. Fetch user " space1" information using 'id' + 2. Login user " space1" via ssh + 3. Login user "space1" via ssh + 4. Fetch "user1" user information using 'id' + 5. Fetch " user1" user information using 'id' + :expectedresults: + 1. " space1" is fetched and has correct id + 2. " space1" is able to login + 3. "space1" is not able to login + 4. "user1" is fetched and has correct id + 5. " user1" is not fetched + :customerscenario: True + """ + ldap.user(" space1").add(uid=10011, password="Secret123") + ldap.user("user1").add(uid=10012, password="Secret123") + client.sssd.clear(db=True, memcache=True, logs=True) + client.sssd.start() + + result = client.tools.id(" space1") + assert result is not None, "User ' space1' was not found" + assert result.user.id == 10011, "User ' space1' has wrong id" + + assert client.auth.ssh.password(" space1", "Secret123"), "Authentication for user ' space1' failed" + assert not client.auth.ssh.password("space1", "Secret123"), "Authentication for user 'space1' did not fail" + + result = client.tools.id("user1") + assert result is not None, "User 'user1' was not found" + assert result.user.id == 10012, "User 'user1' has wrong id" + + result = client.tools.id(" user1") + assert result is None, "User ' user1' was found, not expected"