summaryrefslogtreecommitdiffstats
path: root/python/samba/tests/samba_tool/user_edit.sh
diff options
context:
space:
mode:
Diffstat (limited to 'python/samba/tests/samba_tool/user_edit.sh')
-rwxr-xr-xpython/samba/tests/samba_tool/user_edit.sh198
1 files changed, 198 insertions, 0 deletions
diff --git a/python/samba/tests/samba_tool/user_edit.sh b/python/samba/tests/samba_tool/user_edit.sh
new file mode 100755
index 0000000..342899f
--- /dev/null
+++ b/python/samba/tests/samba_tool/user_edit.sh
@@ -0,0 +1,198 @@
+#!/bin/sh
+#
+# Test for 'samba-tool user edit'
+
+if [ $# -lt 3 ]; then
+ cat <<EOF
+Usage: user_edit.sh SERVER USERNAME PASSWORD
+EOF
+ exit 1
+fi
+
+SERVER="$1"
+USERNAME="$2"
+PASSWORD="$3"
+
+samba_ldbsearch=ldbsearch
+if test -x $BINDIR/ldbsearch; then
+ samba_ldbsearch=$BINDIR/ldbsearch
+fi
+
+STpath=$(pwd)
+. $STpath/testprogs/blackbox/subunit.sh
+
+display_name="Björn"
+display_name_b64="QmrDtnJu"
+display_name_new="Renamed Bjoern"
+# attribute value including control character
+# echo -e "test \a string" | base64
+display_name_con_b64="dGVzdCAHIHN0cmluZwo="
+
+tmpeditor=$(mktemp --suffix .sh -p ${SELFTEST_TMPDIR} samba-tool-editor-XXXXXXXX)
+chmod +x $tmpeditor
+
+TEST_USER="$(mktemp -u sambatoolXXXXXX)"
+
+create_test_user()
+{
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool \
+ user create ${TEST_USER} --random-password \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+edit_user()
+{
+ # create editor.sh
+ cat >$tmpeditor <<-'EOF'
+#!/usr/bin/env bash
+user_ldif="$1"
+SED=$(which sed)
+$SED -i -e 's/userAccountControl: 512/userAccountControl: 514/' $user_ldif
+ EOF
+
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool \
+ user edit ${TEST_USER} --editor=$tmpeditor \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+# Test edit user - add base64 attributes
+add_attribute_base64()
+{
+ # create editor.sh
+ cat >$tmpeditor <<EOF
+#!/usr/bin/env bash
+user_ldif="\$1"
+
+grep -v '^\$' \$user_ldif > \${user_ldif}.tmp
+echo "displayName:: $display_name_b64" >> \${user_ldif}.tmp
+
+mv \${user_ldif}.tmp \$user_ldif
+EOF
+
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
+ ${TEST_USER} --editor=$tmpeditor \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+get_attribute_base64()
+{
+ $samba_ldbsearch "(sAMAccountName=${TEST_USER})" displayName \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+delete_attribute()
+{
+ # create editor.sh
+ cat >$tmpeditor <<EOF
+#!/usr/bin/env bash
+user_ldif="\$1"
+
+grep -v '^displayName' \$user_ldif >> \${user_ldif}.tmp
+mv \${user_ldif}.tmp \$user_ldif
+EOF
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
+ ${TEST_USER} --editor=$tmpeditor \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+# Test edit user - add base64 attribute value including control character
+add_attribute_base64_control()
+{
+ # create editor.sh
+ cat >$tmpeditor <<EOF
+#!/usr/bin/env bash
+user_ldif="\$1"
+
+grep -v '^\$' \$user_ldif > \${user_ldif}.tmp
+echo "displayName:: $display_name_con_b64" >> \${user_ldif}.tmp
+
+mv \${user_ldif}.tmp \$user_ldif
+EOF
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
+ ${TEST_USER} --editor=$tmpeditor \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+get_attribute_base64_control()
+{
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool user show \
+ ${TEST_USER} --attributes=displayName \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+get_attribute_force_no_base64()
+{
+ # LDB_FLAG_FORCE_NO_BASE64_LDIF should be used here.
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool user show \
+ ${TEST_USER} --attributes=displayName \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+# Test edit user - change base64 attribute value including control character
+change_attribute_base64_control()
+{
+ # create editor.sh
+ cat >$tmpeditor <<EOF
+#!/usr/bin/env bash
+user_ldif="\$1"
+
+sed -i -e 's/displayName:: $display_name_con_b64/displayName: $display_name/' \
+ \$user_ldif
+EOF
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
+ ${TEST_USER} --editor=$tmpeditor \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+# Test edit user - change attributes with LDB_FLAG_FORCE_NO_BASE64_LDIF
+change_attribute_force_no_base64()
+{
+ # create editor.sh
+ # Expects that the original attribute is available as clear text,
+ # because the LDB_FLAG_FORCE_NO_BASE64_LDIF should be used here.
+ cat >$tmpeditor <<EOF
+#!/usr/bin/env bash
+user_ldif="\$1"
+
+sed -i -e 's/displayName: $display_name/displayName: $display_name_new/' \
+ \$user_ldif
+EOF
+
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
+ ${TEST_USER} --editor=$tmpeditor \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+get_changed_attribute_force_no_base64()
+{
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool user show \
+ ${TEST_USER} --attributes=displayName \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+delete_user()
+{
+ $PYTHON ${STpath}/source4/scripting/bin/samba-tool \
+ user delete ${TEST_USER} \
+ -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
+}
+
+failed=0
+
+testit "create_test_user" create_test_user || failed=$(expr $failed + 1)
+testit "edit_user" edit_user || failed=$(expr $failed + 1)
+testit "add_attribute_base64" add_attribute_base64 || failed=$(expr $failed + 1)
+testit_grep "get_attribute_base64" "^displayName:: $display_name_b64" get_attribute_base64 || failed=$(expr $failed + 1)
+testit "delete_attribute" delete_attribute || failed=$(expr $failed + 1)
+testit "add_attribute_base64_control" add_attribute_base64_control || failed=$(expr $failed + 1)
+testit_grep "get_attribute_base64_control" "^displayName:: $display_name_con_b64" get_attribute_base64_control || failed=$(expr $failed + 1)
+testit "change_attribute_base64_control" change_attribute_base64_control || failed=$(expr $failed + 1)
+testit_grep "get_attribute_base64" "^displayName:: $display_name_b64" get_attribute_base64 || failed=$(expr $failed + 1)
+testit_grep "get_attribute_force_no_base64" "^displayName: $display_name" get_attribute_force_no_base64 || failed=$(expr $failed + 1)
+testit "change_attribute_force_no_base64" change_attribute_force_no_base64 || failed=$(expr $failed + 1)
+testit_grep "get_changed_attribute_force_no_base64" "^displayName: $display_name_new" get_changed_attribute_force_no_base64 || failed=$(expr $failed + 1)
+testit "delete_user" delete_user || failed=$(expr $failed + 1)
+
+rm -f $tmpeditor
+
+exit $failed
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-20 21:20:29 +0000