<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 09/30/2015 02:47 PM, Martin Basti
wrote:<br>
</div>
<blockquote cite="mid:560BD9C8.2070205@redhat.com" type="cite"><br>
<br>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 09/24/2015 02:49 PM, Milan Kubík<br>
wrote:<br>
<br>
</div>
<br>
<blockquote cite="mid:5603F13E.4060805@redhat.com" type="cite">Hi<br>
all,<br>
<br>
<br>
<br>
<br>
an update for CA ACL tests!<br>
<br>
<br>
<br>
<br>
I, with help from M. Babinsky, managed to find a way how to
change<br>
the identity during acceptance cest run, which allows<br>
<br>
<br>
to test CA ACLs (and perhaps other areas with some form of
access<br>
controll).<br>
<br>
<br>
<br>
<br>
This allowed me to write a test for CA ACLs and certificate<br>
profiles that checks if the ACL/profile is being used and<br>
enforced.<br>
<br>
<br>
The first several tests are based on Fraser's blogpost using
SMIME<br>
profile [1].<br>
<br>
<br>
<br>
<br>
The master and ipa-4-2 branches diverged a bit, so I had to
change<br>
two commits when rebasing to ipa-4-2 branch.<br>
<br>
<br>
<br>
<br>
Commits should be applied in the order (including rebased
patches<br>
I sent in an earlier email):<br>
<br>
<br>
<br>
<br>
master:<br>
<br>
<br>
* 12 - 17<br>
<br>
<br>
<br>
<br>
ipa-4-2:<br>
<br>
<br>
* 18, 13 - 15, 19, 17<br>
<br>
<br>
<br>
<br>
For convenience:<br>
<br>
<br>
patches on top of master:<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="https://github.com/apophys/freeipa/tree/acl-profile-functional">https://github.com/apophys/freeipa/tree/acl-profile-functional</a><br>
<br>
<br>
patches on top of ipa-4-2:<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="https://github.com/apophys/freeipa/tree/acl-42">https://github.com/apophys/freeipa/tree/acl-42</a><br>
<br>
<br>
<br>
<br>
<br>
<br>
[1]:<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="https://blog-ftweedal.rhcloud.com/2015/08/user-certificates-and-custom-profiles-with-freeipa-4-2/">https://blog-ftweedal.rhcloud.com/2015/08/user-certificates-and-custom-profiles-with-freeipa-4-2/</a><br>
<br>
<br>
<br>
Cheers,<br>
<br>
<br>
Milan<br>
<br>
<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<br>
<br>
</blockquote>
<br>
<br>
<br>
NACK<br>
<br>
<br>
<br>
0)<br>
<br>
rpm file does not contain test_xmlrpc/data directory, please
modify<br>
setup.py.in.<br>
<br>
<br>
<br>
1)<br>
<br>
Code contains to much todo for my taste.<br>
<br>
<br>
<br>
2)<br>
<br>
Please do not use filter function, use dict comprehension.<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
</blockquote>
Hi,<br>
<br>
updated patches and the numbering mess somehow curbed. The patches
are rebased on top of current master and ipa-4-2.<br>
<br>
0) fixed by 0021<br>
<br>
1) docs for tracker extended, added more test cases<br>
<br>
2) changed<br>
<br>
<br>
<pre class="moz-signature" cols="72">--
Milan Kubik</pre>
</body>
</html>