diff options
| author | David Mulder <dmulder@suse.com> | 2021-03-03 12:28:07 -0700 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2021-03-18 18:50:28 +0000 |
| commit | 90acb3cf99125f53abd2efceaf04a6f63b796a84 (patch) | |
| tree | 56c9dc504debe4c5de3f2b6a3186bf1164acc56d /python | |
| parent | 482046c56ba2bbc4a464bbc518877501598e4e31 (diff) | |
| download | samba-90acb3cf99125f53abd2efceaf04a6f63b796a84.tar.gz | |
samba-tool: Test gpo manage access remove command
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'python')
| -rw-r--r-- | python/samba/netcmd/gpo.py | 30 | ||||
| -rw-r--r-- | python/samba/tests/samba_tool/gpo_exts.py | 34 |
2 files changed, 64 insertions, 0 deletions
diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py index f9a17f64a2b..ce838551442 100644 --- a/python/samba/netcmd/gpo.py +++ b/python/samba/netcmd/gpo.py @@ -3884,11 +3884,41 @@ samba-tool gpo manage access add {31B2F340-016D-11D2-945F-00C04FB984F9} allow go "not have sufficient privileges") raise +class cmd_remove_access(Command): + """Remove a VGP Host Access Group Policy from the sysvol + +This command removes a host access setting from the sysvol for applying to +winbind clients. + +Example: +samba-tool gpo manage access remove {31B2F340-016D-11D2-945F-00C04FB984F9} allow goodguy example.com + """ + + synopsis = "%prog <gpo> <allow/deny> <name> <domain> [options]" + + takes_optiongroups = { + "sambaopts": options.SambaOptions, + "versionopts": options.VersionOptions, + "credopts": options.CredentialsOptions, + } + + takes_options = [ + Option("-H", "--URL", help="LDB URL for database or target server", type=str, + metavar="URL", dest="H"), + ] + + takes_args = ["gpo", "etype", "name", "domain"] + + def run(self, gpo, etype, name, domain, H=None, sambaopts=None, + credopts=None, versionopts=None): + pass + class cmd_access(SuperCommand): """Manage Host Access Group Policy Objects""" subcommands = {} subcommands["list"] = cmd_list_access() subcommands["add"] = cmd_add_access() + subcommands["remove"] = cmd_remove_access() class cmd_manage(SuperCommand): """Manage Group Policy Objects""" diff --git a/python/samba/tests/samba_tool/gpo_exts.py b/python/samba/tests/samba_tool/gpo_exts.py index e4cef47513f..99c970f35ce 100644 --- a/python/samba/tests/samba_tool/gpo_exts.py +++ b/python/samba/tests/samba_tool/gpo_exts.py @@ -135,6 +135,40 @@ class GpoCmdTestCase(SambaToolCmdTest): self.assertIn(allow_entry, out, 'The test entry was not found!') self.assertIn(deny_entry, out, 'The test entry was not found!') + (result, out, err) = self.runsublevelcmd("gpo", ("manage", + "access", "remove"), + self.gpo_guid, + "allow", self.test_user, + lp.get('realm').lower(), + "-H", "ldap://%s" % + os.environ["SERVER"], + "-U%s%%%s" % + (os.environ["USERNAME"], + os.environ["PASSWORD"])) + self.assertCmdSuccess(result, out, err, 'Access remove failed') + (result, out, err) = self.runsublevelcmd("gpo", ("manage", + "access", "remove"), + self.gpo_guid, + "deny", self.test_group, + lp.get('realm').lower(), + "-H", "ldap://%s" % + os.environ["SERVER"], + "-U%s%%%s" % + (os.environ["USERNAME"], + os.environ["PASSWORD"])) + self.assertCmdSuccess(result, out, err, 'Access remove failed') + + (result, out, err) = self.runsublevelcmd("gpo", ("manage", + "access", "list"), + self.gpo_guid, "-H", + "ldap://%s" % + os.environ["SERVER"], + "-U%s%%%s" % + (os.environ["USERNAME"], + os.environ["PASSWORD"])) + self.assertNotIn(allow_entry, out, 'The test entry was still found!') + self.assertNotIn(deny_entry, out, 'The test entry was still found!') + def setUp(self): """set up a temporary GPO to work with""" super(GpoCmdTestCase, self).setUp() |