python/samba/tests/samba_tool/user_edit.sh

   1 #!/bin/sh
   2 #
   3 # Test for 'samba-tool user edit'
   4
   5 if [ $# -lt 3 ]; then
   6         cat <<EOF
   7 Usage: user_edit.sh SERVER USERNAME PASSWORD
   8 EOF
   9         exit 1
  10 fi
  11
  12 SERVER="$1"
  13 USERNAME="$2"
  14 PASSWORD="$3"
  15
  16 samba_ldbsearch=ldbsearch
  17 if test -x $BINDIR/ldbsearch; then
  18         samba_ldbsearch=$BINDIR/ldbsearch
  19 fi
  20
  21 STpath=$(pwd)
  22 . $STpath/testprogs/blackbox/subunit.sh
  23
  24 display_name="Björn"
  25 display_name_b64="QmrDtnJu"
  26 display_name_new="Renamed Bjoern"
  27 # attribute value including control character
  28 # echo -e "test \a string" | base64
  29 display_name_con_b64="dGVzdCAHIHN0cmluZwo="
  30
  31 tmpeditor=$(mktemp --suffix .sh -p ${SELFTEST_TMPDIR} samba-tool-editor-XXXXXXXX)
  32 chmod +x $tmpeditor
  33
  34 TEST_USER="$(mktemp -u sambatoolXXXXXX)"
  35
  36 create_test_user()
  37 {
  38         $PYTHON ${STpath}/source4/scripting/bin/samba-tool \
  39                 user create ${TEST_USER} --random-password \
  40                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
  41 }
  42
  43 edit_user()
  44 {
  45         # create editor.sh
  46         cat >$tmpeditor <<-'EOF'
  47 #!/usr/bin/env bash
  48 user_ldif="$1"
  49 SED=$(which sed)
  50 $SED -i -e 's/userAccountControl: 512/userAccountControl: 514/' $user_ldif
  51         EOF
  52
  53         $PYTHON ${STpath}/source4/scripting/bin/samba-tool \
  54                 user edit ${TEST_USER} --editor=$tmpeditor \
  55                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
  56 }
  57
  58 # Test edit user - add base64 attributes
  59 add_attribute_base64()
  60 {
  61         # create editor.sh
  62         cat >$tmpeditor <<EOF
  63 #!/usr/bin/env bash
  64 user_ldif="\$1"
  65
  66 grep -v '^\$' \$user_ldif > \${user_ldif}.tmp
  67 echo "displayName:: $display_name_b64" >> \${user_ldif}.tmp
  68
  69 mv \${user_ldif}.tmp \$user_ldif
  70 EOF
  71
  72         $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
  73                 ${TEST_USER} --editor=$tmpeditor \
  74                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
  75 }
  76
  77 get_attribute_base64()
  78 {
  79         $samba_ldbsearch "(sAMAccountName=${TEST_USER})" displayName \
  80                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
  81 }
  82
  83 delete_attribute()
  84 {
  85         # create editor.sh
  86         cat >$tmpeditor <<EOF
  87 #!/usr/bin/env bash
  88 user_ldif="\$1"
  89
  90 grep -v '^displayName' \$user_ldif >> \${user_ldif}.tmp
  91 mv \${user_ldif}.tmp \$user_ldif
  92 EOF
  93         $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
  94                 ${TEST_USER} --editor=$tmpeditor \
  95                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
  96 }
  97
  98 # Test edit user - add base64 attribute value including control character
  99 add_attribute_base64_control()
 100 {
 101         # create editor.sh
 102         cat >$tmpeditor <<EOF
 103 #!/usr/bin/env bash
 104 user_ldif="\$1"
 105
 106 grep -v '^\$' \$user_ldif > \${user_ldif}.tmp
 107 echo "displayName:: $display_name_con_b64" >> \${user_ldif}.tmp
 108
 109 mv \${user_ldif}.tmp \$user_ldif
 110 EOF
 111         $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
 112                 ${TEST_USER} --editor=$tmpeditor \
 113                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
 114 }
 115
 116 get_attribute_base64_control()
 117 {
 118         $PYTHON ${STpath}/source4/scripting/bin/samba-tool user show \
 119                 ${TEST_USER} --attributes=displayName \
 120                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
 121 }
 122
 123 get_attribute_force_no_base64()
 124 {
 125         # LDB_FLAG_FORCE_NO_BASE64_LDIF should be used here.
 126         $PYTHON ${STpath}/source4/scripting/bin/samba-tool user show \
 127                 ${TEST_USER} --attributes=displayName \
 128                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
 129 }
 130
 131 # Test edit user - change base64 attribute value including control character
 132 change_attribute_base64_control()
 133 {
 134         # create editor.sh
 135         cat >$tmpeditor <<EOF
 136 #!/usr/bin/env bash
 137 user_ldif="\$1"
 138
 139 sed -i -e 's/displayName:: $display_name_con_b64/displayName: $display_name/' \
 140         \$user_ldif
 141 EOF
 142         $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
 143                 ${TEST_USER} --editor=$tmpeditor \
 144                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
 145 }
 146
 147 # Test edit user - change attributes with LDB_FLAG_FORCE_NO_BASE64_LDIF
 148 change_attribute_force_no_base64()
 149 {
 150         # create editor.sh
 151         # Expects that the original attribute is available as clear text,
 152         # because the LDB_FLAG_FORCE_NO_BASE64_LDIF should be used here.
 153         cat >$tmpeditor <<EOF
 154 #!/usr/bin/env bash
 155 user_ldif="\$1"
 156
 157 sed -i -e 's/displayName: $display_name/displayName: $display_name_new/' \
 158         \$user_ldif
 159 EOF
 160
 161         $PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit \
 162                 ${TEST_USER} --editor=$tmpeditor \
 163                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
 164 }
 165
 166 get_changed_attribute_force_no_base64()
 167 {
 168         $PYTHON ${STpath}/source4/scripting/bin/samba-tool user show \
 169                 ${TEST_USER} --attributes=displayName \
 170                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
 171 }
 172
 173 delete_user()
 174 {
 175         $PYTHON ${STpath}/source4/scripting/bin/samba-tool \
 176                 user delete ${TEST_USER} \
 177                 -H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD"
 178 }
 179
 180 failed=0
 181
 182 testit "create_test_user" create_test_user || failed=$(expr $failed + 1)
 183 testit "edit_user" edit_user || failed=$(expr $failed + 1)
 184 testit "add_attribute_base64" add_attribute_base64 || failed=$(expr $failed + 1)
 185 testit_grep "get_attribute_base64" "^displayName:: $display_name_b64" get_attribute_base64 || failed=$(expr $failed + 1)
 186 testit "delete_attribute" delete_attribute || failed=$(expr $failed + 1)
 187 testit "add_attribute_base64_control" add_attribute_base64_control || failed=$(expr $failed + 1)
 188 testit_grep "get_attribute_base64_control" "^displayName:: $display_name_con_b64" get_attribute_base64_control || failed=$(expr $failed + 1)
 189 testit "change_attribute_base64_control" change_attribute_base64_control || failed=$(expr $failed + 1)
 190 testit_grep "get_attribute_base64" "^displayName:: $display_name_b64" get_attribute_base64 || failed=$(expr $failed + 1)
 191 testit_grep "get_attribute_force_no_base64" "^displayName: $display_name" get_attribute_force_no_base64 || failed=$(expr $failed + 1)
 192 testit "change_attribute_force_no_base64" change_attribute_force_no_base64 || failed=$(expr $failed + 1)
 193 testit_grep "get_changed_attribute_force_no_base64" "^displayName: $display_name_new" get_changed_attribute_force_no_base64 || failed=$(expr $failed + 1)
 194 testit "delete_user" delete_user || failed=$(expr $failed + 1)
 195
 196 rm -f $tmpeditor
 197
 198 exit $failed