[Freeipa-devel] cert profiles - test plan + patches
Tomas Babej
tbabej at redhat.com
Thu Sep 3 12:35:39 UTC 2015
On 09/03/2015 01:40 PM, Lenka Doudova wrote:
> Hi,
>
> I took a look at it at Milan's request.
>
> patch 0008 - tracker looks ok, ACK
> patch 0009 - test cases look ok as well, but can't get it to run, 10 out
> of 14 tests fail, starting with internal error, which I haven't been
> able to track down, nor fix it.
You can investigate the internal error by inspecting the
/var/log/httpd/error_log on the IPA server that executed the command.
There should be a traceback.
>
> Lenka
>
> =================================== FAILURES
> ===================================
> ____________________ TestProfileCRUD.test_create_duplicate
> _____________________
>
> self = <ipatests.test_xmlrpc.test_certprofile_plugin.TestProfileCRUD
> object at 0x7f36459e7110>
> user_profile =
> <ipatests.test_xmlrpc.test_certprofile_plugin.CertprofileTracker object
> at 0x7f36459e73d0>
>
> def test_create_duplicate(self, user_profile):
> msg = u'Certificate Profile with name "{}" already exists'
>> user_profile.ensure_exists()
>
> ipatests/test_xmlrpc/test_certprofile_plugin.py:178:
> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
> _ _ _ _
> ipatests/test_xmlrpc/ldaptracker.py:169: in ensure_exists
> self.create(force=True)
> ipatests/test_xmlrpc/ldaptracker.py:206: in create
> result = command()
> ipatests/test_xmlrpc/ldaptracker.py:127: in run_command
> result = cmd(*args, **options)
> ipalib/frontend.py:443: in __call__
> ret = self.run(*args, **options)
> ipalib/frontend.py:761: in run
> return self.forward(*args, **options)
> ipalib/frontend.py:782: in forward
> return self.Backend.rpcclient.forward(self.name, *args, **kw)
> ipalib/rpc.py:947: in forward
> return self._call_command(command, params)
> ipalib/rpc.py:924: in _call_command
> return command(*params)
> ipalib/rpc.py:1075: in _call
> return self.__request(name, args)
> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
> _ _ _ _
>
> self = <ipalib.rpc.JSONServerProxy object at 0x7f36459e71d0>
> name = 'certprofile_import'
> args = (('caIPAserviceCert_mod',), {'all': False, 'description':
> 'Storing copy of a profile', 'file': 'profileId=caIPAservice...sion Default
> policyset.serverCertSet.11.default.params.userExtOID=2.5.29.17
> ', 'ipacertprofilestoreissued': True, ...})
>
> def __request(self, name, args):
> payload = {'method': unicode(name), 'params': args, 'id': 0}
> version = args[1].get('version', VERSION_WITHOUT_CAPABILITIES)
> payload = json_encode_binary(payload, version)
>
> if self.__verbose >= 2:
> root_logger.info('Request: %s',
> json.dumps(payload, sort_keys=True, indent=4))
>
> response = self.__transport.request(
> self.__host,
> self.__handler,
> json.dumps(payload),
> verbose=self.__verbose >= 3,
> )
>
> try:
> response = json_decode_binary(json.loads(response))
> except ValueError as e:
> raise JSONError(str(e))
>
> if self.__verbose >= 2:
> root_logger.info(
> 'Response: %s',
> json.dumps(json_encode_binary(response, version),
> sort_keys=True, indent=4)
> )
> error = response.get('error')
> if error:
> try:
> error_class = errors_by_code[error['code']]
> except KeyError:
> raise UnknownError(
> code=error.get('code'),
> error=error.get('message'),
> server=self.__host,
> )
> else:
>> raise error_class(message=error['message'])
> E InternalError: an internal error has occurred
>
>
>
>
> On 08/31/2015 03:25 PM, Fraser Tweedale wrote:
>> On Mon, Aug 31, 2015 at 12:24:13PM +0200, Martin Basti wrote:
>>>
>>> On 08/18/2015 04:06 PM, Milan Kubík wrote:
>>>> On 08/11/2015 03:17 AM, Fraser Tweedale wrote:
>>>>> On Mon, Aug 10, 2015 at 11:36:31AM +0200, Milan Kubík wrote:
>>>>>> On 08/05/2015 02:57 PM, Milan Kubík wrote:
>>>>>>> Hi list,
>>>>>>>
>>>>>>> I'm sending the test plan [1] for certificate profiles and preliminary
>>>>>>> patches for it.
>>>>>>> The plan covers basic CRUD test and some corner cases. I'm open to
>>>>>>> more
>>>>>>> suggestions.
>>>>>>>
>>>>>>> More complicated tests involving certificate profiles will require the
>>>>>>> code (and tests)
>>>>>>> for CA ACLs merged, so it's not there at the moment.
>>>>>>>
>>>>>>> There are some unfinished test cases in places I wasn't sure what the
>>>>>>> result should be.
>>>>>>> We need to iterate through these to fix it.
>>>>>>>
>>>>>>>
>>>>>>> [1]: http://www.freeipa.org/page/V4/Certificate_Profiles/Test_Plan
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Milan
>>>>>> Hi all,
>>>>>>
>>>>>> have you had some time to look at the code and proposal?
>>>>>> Today I want to write a basic CRUD test for the ACLs as well as a few
>>>>>> test
>>>>>> cases to check if the ACL is being enforced. It should make it into
>>>>>> wiki
>>>>>> today or by tomorrow. I'll send an update then.
>>>>>>
>>>>>> Cheers,
>>>>>> Milan
>>>>>>
>>>>> Hi Milan,
>>>>>
>>>>> I have reviewed the V4/Certificate_Profiles/Test_Plan. Couple of
>>>>> comments:
>>>>>
>>>>> - Test case: Import profile with incorrect values
>>>>> - Expected result: refused with error.
>>>>> - A simple way to provoke this condition is to add a number to
>>>>> ``policyset.serverCertSet.list``.
>>>>> - A similar test case should exist for certprofile-mod.
>>>>>
>>>>> - Test case: Delete default profile
>>>>> - As discussed elsewhere, expected result should be failure.
>>>>> I filed ticket #5198 to make it so :)
>>>>>
>>>>> I will review the patch soon.
>>>>>
>>>>> Cheers,
>>>>> Fraser
>>>> Hello,
>>>>
>>>> how is the review going? I'd like to have at least the tracker (patch
>>>> 0008)
>>>> reviewed (and merged :) if possible. It will be needed in CA ACL tests.
>>>>
>>>> Cheers,
>>>> Milan
>>>>
>>> Fraser, do you review this patchset?
>> This fell off my radar, sorry! I eyeballed it a while back and
>> everything seemed fine; I have not (successfully) run the tests yet
>> though. I will complete the review tomorrow.
>>
>> Thanks,
>> Fraser
>>
>
>
>
More information about the Freeipa-devel
mailing list