Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tests: ldap search base does not fully limit the Netgroup search base #7754

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Tests: ldap search base does not fully limit the Netgroup search base #7754

wants to merge 1 commit into from

Conversation

aborah-sudo
Copy link
Contributor

ldap search base does not fully limit the Netgroup search base

jakub-vavra-cz
jakub-vavra-cz requested changes Dec 10, 2024
View reviewed changes
Copy link
Contributor

@jakub-vavra-cz jakub-vavra-cz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. see inline comments
  2. Should this be backported to sssd-2-10 or/and other branches?

src/tests/system/tests/test_ldap.py Outdated
assert "(h1,QEuser,ldap.test)" in result.members

client.sssd.dom("test")["ldap_search_base"] = "ou=Netgroup1,dc=ldap,dc=test"
client.sssd.stop()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should have a function for restarting sssd with cleaning.

src/tests/system/tests/test_ldap.py Outdated
2. Members are added to netgroups
3. The ldap search base is reconfigured to only include ou=Netgroup1
:steps:
1. The provider role is ldap, "Seceng" should still be resolvable,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is Seceng?

src/tests/system/tests/test_ldap.py Outdated
client.sssd.start()
result = client.tools.getent.netgroup("Seceng")
assert result is not None
assert result.name == "Seceng"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

assert result is not None and result.name == "Seceng", "Netgroup Seceng was not found!"

src/tests/system/tests/test_ldap.py Outdated
1. The provider role is ldap, "Seceng" should still be resolvable,
validating that the ldap search base does not disrupt resolution of netgroups in ou1.
:expectedresults:
1. id look up should success
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please fix the steps to match meaningfully the asserts. setup 3. is probably test step as You are doing it in the middle of asserts.

src/tests/system/tests/test_ldap.py Outdated
result = client.tools.getent.netgroup("Seceng")
assert result is not None
assert result.name == "Seceng"
assert "(h1,QEuser,ldap.test)" in result.members
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a meaningful error message here.

@aborah-sudo aborah-sudo force-pushed the ldapp branch 3 times, most recently from 315c884 to 7b0ca0a Compare December 11, 2024 03:53
ikerexxe
ikerexxe reviewed Dec 12, 2024
View reviewed changes
Copy link
Contributor

@ikerexxe ikerexxe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had a set of inline comments prepared for this test case, but the more I went through it the less I understood, so I decided to remove them and ask the following question: What are you trying to test? Can you specify it in the form of a use case?

@aborah-sudo
Copy link
Contributor Author

I had a set of inline comments prepared for this test case, but the more I went through it the less I understood, so I decided to remove them and ask the following question: What are you trying to test? Can you specify it in the form of a use case?

Here sssd-ldap option "ldap_search_base" is being tested . Here in this test "ou=Netgroup1,dc=ldap,dc=test" is set as ldap_search_base and ldap_search should limit to this OU only

@aborah-sudo aborah-sudo force-pushed the ldapp branch 2 times, most recently from da07476 to 7cb4165 Compare December 12, 2024 09:11
@aborah-sudo aborah-sudo requested a review from ikerexxe December 12, 2024 09:11
@aborah-sudo aborah-sudo force-pushed the ldapp branch 3 times, most recently from f430949 to aed8c45 Compare December 12, 2024 09:17
@aborah-sudo
Tests: ldap search base does not fully limit the Netgroup search base
b29c702 
ldap search base does not fully limit the Netgroup search base
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jakub-vavra-cz jakub-vavra-cz Awaiting requested review from jakub-vavra-cz

@ikerexxe ikerexxe Awaiting requested review from ikerexxe

Assignees

@ikerexxe ikerexxe

@jakub-vavra-cz jakub-vavra-cz

Labels
Tests Waiting for review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aborah-sudo @ikerexxe @jakub-vavra-cz