'Privileges: New Root User: preamble, Admin adding new root user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'entryToBeAdded' : '%s/privileges/add_new_root_user.ldif' % logsRemoteDataDir } 'Privileges: New Root User: bypass-acl, alternative root user removing search global ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'remove' } 'Privileges: New Root User: bypass-acl, new root user searching entry' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'cn sn uid' } { 'returnString' : returnString , 'testString' : 'dn: uid=scarter,ou=People,o=Privileges Tests' , 'expectedResult' : '1' } { 'returnString' : returnString , 'testString' : 'sn: Carter' , 'expectedResult' : '1' } 'Privileges: New Root User: bypass-acl, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-bypass-acl' , 'changetype' : 'add' } 'Privileges: New Root User: bypass-acl, new root user searching entry' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'cn sn uid'} { 'returnString' : returnString , 'testString' : 'dn: uid=scarter,ou=People,o=Privileges Tests' , 'expectedResult' : '0' } 'Privileges: New Root User: bypass-acl, alternative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-bypass-acl' , 'changetype' : 'delete' } 'Privileges: New Root User: bypass-acl, new root user searching entry' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'cn sn uid'} { 'returnString' : returnString , 'testString' : 'dn: uid=scarter,ou=People,o=Privileges Tests' , 'expectedResult' : '1' } { 'returnString' : returnString , 'testString' : 'sn: Carter' , 'expectedResult' : '1' } 'Privileges: New Root User: bypass-acl, alternative root user putting back global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'add' } 'Privileges: New Root User: bypass-acl, new root user searching entry' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'cn sn uid'} { 'returnString' : returnString , 'expectedString' : 'dn: uid=scarter,ou=People,o=Privileges Tests' } 'Privileges: New Root User: bypass-acl, alternate bind DN, alternative root user removing search global ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'remove' } 'Privileges: New Root User: bypass-acl, alternate bind DN, new root user searching entry' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'cn sn uid'} { 'returnString' : returnString , 'testString' : 'dn: uid=scarter,ou=People,o=Privileges Tests' , 'expectedResult' : '1' } { 'returnString' : returnString , 'testString' : 'sn: Carter' , 'expectedResult' : '1' } 'Privileges: New Root User: bypass-acl, alternate bind DN, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-bypass-acl' , 'changetype' : 'add' , 'expectedRC' : 32 } 'Privileges: New Root User: bypass-acl, alternate bind DN, alternative root user putting back global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'add' } 'Privileges: New Root User: bypass-acl, alternate bind DN, new root user searching entry' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'cn sn uid'} { 'returnString' : returnString , 'expectedString' : 'dn: uid=scarter,ou=People,o=Privileges Tests' } 'Privileges: New Root User: modify-acl - add aci, check default, new root user adding ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search_aci , 'changetype' : 'add' } 'Privileges: New Root User: modify-acl - add aci, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-modify-acl' , 'changetype' : 'add' } 'Privileges: New Root User: modify-acl - add aci, new root user adding second ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search2_aci , 'changetype' : 'add' , 'expectedRC' : 50 } 'Privileges: New Root User: modify-acl - add aci, alternative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-modify-acl' , 'changetype' : 'delete' } 'Privileges: New Root User: modify-acl - add aci, new root user adding second ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search2_aci , 'changetype' : 'add' } 'Privileges: New Root User: modify-acl - add aci, alternative root user deleting ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search_aci , 'changetype' : 'delete' } 'Privileges: New Root User: modify-acl - add aci, alternative root user deleting ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search2_aci , 'changetype' : 'delete' } 'Privileges: New Root User: modify-acl - replace aci, preamble, check default, new root user replacing ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search_aci , 'changetype' : 'replace' } 'Privileges: New Root User: modify-acl - replace aci, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-modify-acl' , 'changetype' : 'add' } 'Privileges: New Root User: modify-acl - replace aci, new root user replacing ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search_aci , 'changetype' : 'replace' , 'expectedRC' : 50 } 'Privileges: New Root User: modify-acl - replace aci, alternative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-modify-acl' , 'changetype' : 'delete' } 'Privileges: New Root User: modify-acl - replace aci, new root user replacing ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=tmorris, ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search_aci , 'changetype' : 'replace' } 'Privileges: New Root User: modify-acl - delete aci, preamble, check default, new root user deleting ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=gfarmer, ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search_aci , 'changetype' : 'delete' } 'Privileges: New Root User: modify-acl - delete aci, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-modify-acl' , 'changetype' : 'add' } 'Privileges: New Root User: modify-acl - delete aci, new root user delete ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=abergin, ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search2_aci , 'changetype' : 'delete' , 'expectedRC' : 50 } 'Privileges: New Root User: modify-acl - delete aci, alternative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-modify-acl' , 'changetype' : 'delete' } 'Privileges: New Root User: config-read, new root user searching cn=config' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'cn=config' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'ds-cfg-check-schema' , 'extraParams' : '-s base' } { 'returnString' : returnString , 'testString' : 'dn: cn=config' , 'expectedResult' : '1' } { 'returnString' : returnString , 'testString' : 'ds-cfg-check-schema:' , 'expectedResult' : '1' } 'Privileges: New Root User: config-read, alternative root removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-read' , 'changetype' : 'add' } 'Privileges: New Root User: config-read, new root user searching cn=config' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'cn=config' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'ds-cfg-check-schema' , 'extraParams' : '-s base' , 'expectedRC' : 50 } 'Privileges: New Root User: config-read, alternative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-read' , 'changetype' : 'delete' } 'Privileges: New Root User: config-read, new root user searching cn=config' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'cn=config' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'ds-cfg-check-schema' , 'extraParams' : '-s base' } { 'returnString' : returnString , 'expectedString' : 'dn: cn=config' } 'Privileges: New Root User: config-write, new root user modifying cn=config' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=config' , 'attributeName' : 'ds-cfg-check-schema' , 'newAttributeValue' : 'true' , 'changetype' : 'replace' } 'Privileges: New Root User: config-write, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-read' , 'changetype' : 'add' } 'Privileges: New Root User: config-write, new root user modifying cn=config' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=config' , 'attributeName' : 'ds-cfg-check-schema' , 'newAttributeValue' : 'true' , 'changetype' : 'replace' , 'expectedRC' : 50 } 'Privileges: New Root User: config-write, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-write' , 'changetype' : 'add' } 'Privileges: New Root User: config-write, new root user modifying cn=config' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=config' , 'attributeName' : 'ds-cfg-check-schema' , 'newAttributeValue' : 'true' , 'changetype' : 'replace' , 'expectedRC' : 50 } 'Privileges: New Root User: config-write, altrnative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-read' , 'changetype' : 'delete' } 'Privileges: New Root User: config-write, new root user modifying cn=config' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=config' , 'attributeName' : 'ds-cfg-check-schema' , 'newAttributeValue' : 'true' , 'changetype' : 'replace' , 'expectedRC' : 50 } 'Privileges: New Root User: config-write, alternative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-write' , 'changetype' : 'delete' } 'Privileges: New Root User: config-write, new root user modifying cn=config' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=config' , 'attributeName' : 'ds-cfg-check-schema' , 'newAttributeValue' : 'true' , 'changetype' : 'replace' } 'Privileges: New Root User: config-write - add global aci, new root user adding global ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Access Control Handler,cn=config' , 'attributeName' : 'ds-cfg-global-aci' , 'newAttributeValue' : another_aci , 'changetype' : 'add' } 'Privileges: New Root User: config-write - add global aci, alternative root user removing config-read privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-read' , 'changetype' : 'add' } 'Privileges: New Root User: config-write - add global aci, new root user adding ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Access Control Handler,cn=config' , 'attributeName' : 'ds-cfg-global-aci' , 'newAttributeValue' : global2_aci , 'changetype' : 'add' , 'expectedRC' : 50 } 'Privileges: New Root User: config-write - add global aci, altrnative user removing config-write privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-write' , 'changetype' : 'add' } 'Privileges: New Root User: config-write - add global aci, alternative root user putting back config-read privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-read' , 'changetype' : 'delete' } 'Privileges: New Root User: config-write - add global aci, new root user adding global ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Access Control Handler,cn=config' , 'attributeName' : 'ds-cfg-global-aci' , 'newAttributeValue' : global2_aci , 'changetype' : 'add' , 'expectedRC' : 50 } 'Privileges: New Root User: config-write - add global aci, alternative root user putting back config-write privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-config-write' , 'changetype' : 'delete' } 'Privileges: New Root User: config-write - add global aci, new root user adding global ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Access Control Handler,cn=config' , 'attributeName' : 'ds-cfg-global-aci' , 'newAttributeValue' : global2_aci , 'changetype' : 'add' } 'Privileges: New Root User: config-write - add global aci, new root user deleting write global ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Access Control Handler,cn=config' , 'attributeName' : 'ds-cfg-global-aci' , 'newAttributeValue' : another_aci , 'changetype' : 'delete' } 'Privileges: New Root User: config-write - add global aci, new root user deleting write global ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Access Control Handler,cn=config' , 'attributeName' : 'ds-cfg-global-aci' , 'newAttributeValue' : global2_aci , 'changetype' : 'delete' } 'Privileges: New Root User: password-reset, new root user resetting password' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=tmason, ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'userpassword' , 'newAttributeValue' : 'pickles' , 'changetype' : 'replace' } 'Privileges: New Root User: password-reset, alternative root user adding privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-password-reset' , 'changetype' : 'add' } 'Privileges: New Root User: password-reset, new root user resetting password' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=tmason, ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'userpassword' , 'newAttributeValue' : 'pickles' , 'changetype' : 'replace', 'expectedRC' : 50 } 'Privileges: New Root User: password-reset, alternative root user deleting privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-password-reset' , 'changetype' : 'delete' } 'Privileges: New Root User: password-reset, new root user resetting password' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=tmason, ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'userpassword' , 'newAttributeValue' : 'pickles' , 'changetype' : 'replace' } 'Privileges: New Root User: update-schema, alternate root user adding entry that users new object class' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'entryToBeAdded' : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir , 'expectedRC' : 65 } 'Privileges: New Root User: update-schema, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-update-schema' , 'changetype' : 'add' } 'Privileges: New Root User: update-schema, new root user adding new schema object' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'entryToBeModified' : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir , 'expectedRC' : 50 } 'Privileges: New Root User: update-schema, alternative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-update-schema' , 'changetype' : 'delete' } 'Privileges: New Root User: update-schema, new root user adding new schema object' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'entryToBeModified' : '%s/privileges/addmozobj.ldif' % logsRemoteDataDir } 'Privileges: New Root User: update-schema, alternate root user adding entry that users new object class' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'entryToBeAdded' : '%s/privileges/add_entry_with_new_objclass.ldif' % logsRemoteDataDir } 'Privileges: New Root User: update-schema, alternate root user searching entry' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'uid=sfish,ou=People,o=Privileges Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'uid'} { 'returnString' : returnString , 'testString' : 'dn: uid=sfish,ou=People,o=Privileges Tests' , 'expectedResult' : '1' } { 'returnString' : returnString , 'expectedString' : 'uid: sfish' } 'Privileges: New Root User: privilege-change, alternative root user adding write ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : write_aci , 'changetype' : 'add' } 'Privileges: New Root User: privilege-change, alternative root user removing privilege from new root user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-privilege-change' , 'changetype' : 'add' } 'Privileges: New Root User: privilege-change, new root user adding privilege to second user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=buser,o=Privileges Tests,dc=example,dc=com' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : 'modify-acl' , 'changetype' : 'add' , 'expectedRC' : 50 } 'Privileges: New Root User: privilege-change, alternative root user putting back privilege to new root user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-privilege-change' , 'changetype' : 'delete' } 'Privileges: New Root User: privilege-change, new root user adding privilege to second user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=buser,o=Privileges Tests,dc=example,dc=com' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : 'modify-acl' , 'changetype' : 'add' } 'Privileges: New Root User: privilege-change, second user adding ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=buser,o=Privileges Tests,dc=example,dc=com' , 'dsInstancePswd' : 'ACIRules' , 'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search_aci , 'changetype' : 'add' } 'Privileges: New Root User: privilege-change, new root user removing privilege to second user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'uid=buser,o=Privileges Tests,dc=example,dc=com' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : 'modify-acl' , 'changetype' : 'delete' } 'Privileges: New Root User: privilege-change, alternative root user deleting ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'ou=People, o=Privileges Tests, dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : search_aci , 'changetype' : 'delete' } 'Privileges: New Root User: privilege-change, alternative root user deleting write ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : write_aci , 'changetype' : 'delete' } 'Privileges: New Root User: server-shutdown, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-server-shutdown' , 'changetype' : 'add' } 'Privileges: New Root User: server-shutdown, new root user adding server shutdown task' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'taskID' : STAXCurrentTestcase, 'expectedRC' : 50 } 'Privileges: New Root User: server-shutdown, alternative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-server-shutdown' , 'changetype' : 'delete' } 'Privileges: New Root User: server-shutdown, new root user adding server shutdown task' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'taskID' : STAXCurrentTestcase, } 'Start DS to run on port %s' % (DIRECTORY_INSTANCE_PORT) { 'location' : STAF_REMOTE_HOSTNAME } { 'returncode' : RC , 'result' : STAXResult } { 'noOfLoops' : 5 , 'noOfMilliSeconds' : 2000 } 'Privileges: New Root User: server-shutdown, new root user searching entry' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'dsBaseDN' : 'uid=scarter,ou=People,o=Privileges Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'cn sn uid'} { 'returnString' : returnString , 'expectedString' : 'dn: uid=scarter,ou=People,o=Privileges Tests' } 'Privileges: New Root User: server-restart, alternative root user removing privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-server-restart' , 'changetype' : 'add' } 'Privileges: New Root User: server-restart, new root user adding server restart task' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'taskID' : STAXCurrentTestcase, 'expectedRC' : 50 } 'Privileges: New Root User: server-restart, alternative root user putting back privilege' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Aroot' , 'dsInstancePswd' : 'PrivsRule' , 'DNToModify' : 'cn=Zroot Manager,cn=Root DNs,cn=config' , 'attributeName' : 'ds-privilege-name' , 'newAttributeValue' : '-server-restart' , 'changetype' : 'delete' } 'Privileges: New Root User: server-restart, new root user adding server restart task' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'cn=Zroot' , 'dsInstancePswd' : 'PrivsRule' , 'taskID' : STAXCurrentTestcase }