Tests: alltests/test_ldap_extra_attrs.py converted

src/tests/multihost/alltests/test_ldap_extra_attrs.py

@@ -76,6 +76,7 @@ def test_0002_givenmail(self, multihost):
         assert result is not None
 
     @pytest.mark.tier1
+    @pytest.mark.converted('test_schema.py', 'test_schema__ldap_extra_attrs_check_ldb')
     def test_0003_checkldb(self, multihost):
         """
         :title: IDM-SSSD-TC: ldap_extra_attrs: Verify recently added
@@ -112,6 +113,7 @@ def test_0003_checkldb(self, multihost):
             assert result is not None
 
     @pytest.mark.tier1
+    @pytest.mark.converted('test_schema.py', 'test_schema__ldap_extra_attrs_negative_cache')
     def test_0004_negativecache(self, multihost):
         """
         :title: IDM-SSSD-TC: ldap_extra_attrs: Check whether, not added
@@ -141,6 +143,7 @@ def test_0004_negativecache(self, multihost):
         assert result is None
 
     @pytest.mark.tier1
+    @pytest.mark.converted('test_schema.py', 'test_schema__ldap_extra_attrs_extra_email')
     def test_0005_ldapextraattrs(self, multihost):
         """
         :title: IDM-SSSD-TC: ldap_extra_attrs: Check sssd should start with
@@ -178,6 +181,7 @@ def test_0005_ldapextraattrs(self, multihost):
             assert result is not None
 
     @pytest.mark.tier1
+    @pytest.mark.converted('test_schema.py', 'test_schema__ldap_extra_attrs_ifp')
     def test_0006_bz1667252(self, multihost):
         """
         :title: ifp: crash when requesting extra attributes

src/tests/system/tests/test_schema.py

@@ -9,7 +9,8 @@
 import pytest
 from sssd_test_framework.roles.client import Client
 from sssd_test_framework.roles.generic import GenericProvider
-from sssd_test_framework.topology import KnownTopologyGroup
+from sssd_test_framework.roles.ldap import LDAP
+from sssd_test_framework.topology import KnownTopology, KnownTopologyGroup
 
 
 @pytest.mark.importance("high")
@@ -42,3 +43,143 @@ def test_schema__ldap_extra_attrs_filled(client: Client, provider: GenericProvid
     result = client.tools.getent.passwd("tuser")
     assert result is not None
     assert result.name == "tuser"
+
+
+@pytest.mark.topology(KnownTopologyGroup.AnyProvider)
+def test_schema__ldap_extra_attrs_check_ldb(client: Client, provider: GenericProvider):
+    """
+    :title: Recently added extra attributes should be in cache db along with their value
+    :setup:
+        1. Create new user "user1"
+        2. Add "description:gecos, userID:uidNumber, shell:loginShell, groupID:gidNumber" to ldap_user_extra_attrs
+        3. Add "ldap_id_mapping" to domain config, to ensure correct ids on all topologies
+        4. Start SSSD
+    :steps:
+        1. Run "getent passwd user1" to store user attributes to cache
+        2. Run ldbsearch command
+    :expectedresults:
+        1. User is found
+        2. Result has correct values
+    :customerscenario: True
+    """
+    provider.user("user1").add(gid=111111, uid=100110, gecos="gecos user1", shell="/bin/sh", home="/home/user1")
+    client.sssd.domain[
+        "ldap_user_extra_attrs"
+    ] = "description:gecos, userID:uidNumber, shell:loginShell, groupID:gidNumber"
+    client.sssd.domain["ldap_id_mapping"] = "false"
+    client.sssd.start()
+
+    result = client.tools.getent.passwd("user1")
+    assert result is not None, "getent passwd user1 failed"
+
+    search = client.ldb.search(
+        f"/var/lib/sss/db/cache_{client.sssd.default_domain}.ldb", f"cn=users,cn={client.sssd.default_domain},cn=sysdb"
+    )
+
+    user_dict = search["name=user1@test,cn=users,cn=test,cn=sysdb"]
+    assert user_dict["description"] == ["gecos user1"], "attribute 'description' was not correct"
+    assert user_dict["shell"] == ["/bin/sh"], "attribute 'shell' was not correct"
+    assert user_dict["userID"] == ["100110"], "attribute 'userID' was not correct"
+    assert user_dict["groupID"] == ["111111"], "attribute 'groupID' was not correct"
+
+
+@pytest.mark.topology(KnownTopologyGroup.AnyProvider)
+def test_schema__ldap_extra_attrs_negative_cache(client: Client, provider: GenericProvider):
+    """
+    :title: When extra attribute of user is added but not assigned, it is neither cached nor displayed
+    :setup:
+        1. Create new user "user1"
+        2. Add "number:telephonenumber" to ldap_user_extra_attrs
+        3. Start SSSD
+    :steps:
+        1. Run "getent passwd user1" to store user to cache
+        2. Run ldbsearch command
+    :expectedresults:
+        1. User is found
+        2. "number" is not in the output
+    :customerscenario: False
+    """
+    provider.user("user1").add()
+
+    client.sssd.domain["ldap_user_extra_attrs"] = "number:telephonenumber"
+
+    client.sssd.start()
+
+    result = client.tools.getent.passwd("user1")
+    assert result is not None, "User is not found"
+    assert result.name == "user1", "User has wrong name"
+
+    search = client.ldb.search(
+        f"/var/lib/sss/db/cache_{client.sssd.default_domain}.ldb", f"cn=users,cn={client.sssd.default_domain},cn=sysdb"
+    )
+
+    user_dict = search["name=user1@test,cn=users,cn=test,cn=sysdb"]
+    with pytest.raises(KeyError):
+        user_dict["number"]
+
+
+@pytest.mark.topology(KnownTopology.LDAP)
+def test_schema__ldap_extra_attrs_extra_email(client: Client, ldap: LDAP):
+    """
+    :title: SSSD starts with ldap_user_email and ldap_user_extra_attrs and checks cached attributes
+    :setup:
+        1. Create new user "user1", set them mail and gecos
+        2. Edit config - ldap_user_extra_attrs = "email:mail, description:gecos" and ldap_user_email = "mail"
+        3. Start SSSD
+    :steps:
+        1. Run "getent passwd user1" to store user to cache
+        2. Run ldbsearch command to get cached info
+    :expectedresults:
+        1. User is found
+        2. "mail" and "email" are in the output with correct value
+    :customerscenario: False
+    """
+    ldap.user("user1").add(gecos="gecos1", mail="[email protected]")
+
+    client.sssd.domain["ldap_user_email"] = "mail"
+    client.sssd.domain["ldap_user_extra_attrs"] = "email:mail, description:gecos"
+    client.sssd.sssd["services"] = "nss, pam, ifp"
+    client.sssd.start()
+
+    result = client.tools.getent.passwd("user1")
+    assert result is not None, "User is not found"
+    assert result.name == "user1", "User has wrong name"
+
+    search = client.ldb.search(
+        f"/var/lib/sss/db/cache_{client.sssd.default_domain}.ldb", f"cn=users,cn={client.sssd.default_domain},cn=sysdb"
+    )
+
+    user_dict = search["name=user1@test,cn=users,cn=test,cn=sysdb"]
+    assert user_dict["description"] == ["gecos1"], "attribute 'descripion' was not correct"
+    assert user_dict["mail"] == ["[email protected]"], "attribute 'mail' was not correct"
+    assert user_dict["email"] == ["[email protected]"], "attribute 'email' was not correct"
+
+
+@pytest.mark.ticket(bz=1667252)
+@pytest.mark.topology(KnownTopologyGroup.AnyProvider)
+def test_schema__ldap_extra_attrs_ifp(client: Client, provider: GenericProvider):
+    """
+    :title: ifp do not crash when requesting extra attributes
+    :setup:
+        1. Create new user "user1"
+        2. Configure 'test' ldap user extra attribute
+        3. Start SSSD
+    :steps:
+        1. Run "sssctl user-checks user1"
+        2. Check SSSD status
+    :expectedresults:
+        1. Command succeeded
+        2. Checked successfully
+    :customerscenario: True
+    """
+    provider.user("user1").add()
+    client.sssd.sssd["services"] = "nss, pam, ifp"
+    client.sssd.domain["ldap_user_extra_attrs"] = "test:homeDirectory"
+    client.sssd.ifp["user_attributes"] = "+test"
+    client.sssd.start()
+
+    result = client.sssctl.user_checks("user1")
+    assert result.rc == 0, "sssctl user-checks command failed"
+
+    result = client.sssd.svc.status("sssd")
+    assert result.rc == 0, "service status sssd failed"