2023-08-14 12:47:49 +02:00
|
|
|
use kanidm_client::KanidmClient;
|
2023-09-16 04:11:06 +02:00
|
|
|
use kanidmd_lib::prelude::BUILTIN_GROUP_IDM_ADMINS_V1;
|
2023-08-14 12:47:49 +02:00
|
|
|
use kanidmd_testkit::*;
|
|
|
|
|
|
|
|
|
|
#[kanidmd_testkit::test]
|
|
|
|
|
async fn account_id_unix_token(rsclient: KanidmClient) {
|
|
|
|
|
login_put_admin_idm_admins(&rsclient).await;
|
|
|
|
|
|
|
|
|
|
create_user(&rsclient, "group_manager", "idm_group_manage_priv").await;
|
|
|
|
|
// create test user without creating new groups
|
2023-09-16 04:11:06 +02:00
|
|
|
create_user(
|
|
|
|
|
&rsclient,
|
|
|
|
|
NOT_ADMIN_TEST_USERNAME,
|
|
|
|
|
BUILTIN_GROUP_IDM_ADMINS_V1.name,
|
|
|
|
|
)
|
|
|
|
|
.await;
|
2023-08-14 12:47:49 +02:00
|
|
|
login_account(&rsclient, "group_manager").await;
|
|
|
|
|
|
|
|
|
|
let response = rsclient
|
|
|
|
|
.idm_account_unix_token_get(NOT_ADMIN_TEST_USERNAME)
|
|
|
|
|
.await;
|
|
|
|
|
assert!(response.is_err());
|
|
|
|
|
if let Err(val) = response {
|
|
|
|
|
assert!(format!("{:?}", val).contains("404"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let response = rsclient.idm_account_unix_token_get("lol").await;
|
|
|
|
|
assert!(response.is_err());
|
|
|
|
|
if let Err(val) = response {
|
|
|
|
|
assert!(format!("{:?}", val).contains("404"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// testing empty results
|
|
|
|
|
let response = rsclient.idm_account_unix_token_get("").await;
|
|
|
|
|
assert!(response.is_err());
|
|
|
|
|
if let Err(val) = response {
|
|
|
|
|
assert!(format!("{:?}", val).contains("400"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
login_put_admin_idm_admins(&rsclient).await;
|
|
|
|
|
|
|
|
|
|
rsclient
|
|
|
|
|
.idm_person_account_unix_extend(NOT_ADMIN_TEST_USERNAME, None, None)
|
|
|
|
|
.await
|
|
|
|
|
.unwrap();
|
|
|
|
|
|
|
|
|
|
// testing NOT_ADMIN_TEST_USERNAME has a token result, since we just added one
|
|
|
|
|
assert!(rsclient
|
|
|
|
|
.idm_account_unix_token_get(NOT_ADMIN_TEST_USERNAME)
|
|
|
|
|
.await
|
|
|
|
|
.is_ok());
|
|
|
|
|
}
|
