From 60e01dc17967479f31a3669d2a5ef306d1b48750 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 26 Apr 2012 04:34:15 +0000
Subject: [PATCH] Add k5test.py helpers for running kadmin

Add K5Realm.prep_kadmin() to create a ccache and K5Realm.run_kadmin()
to run a kadmin query using it.  Modify t_stringattr.py to use these
helpers instead of its own.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25826 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/tests/t_stringattr.py | 18 +++++++-----------
 src/util/k5test.py        | 25 +++++++++++++++++++++++++
 2 files changed, 32 insertions(+), 11 deletions(-)

diff --git a/src/tests/t_stringattr.py b/src/tests/t_stringattr.py
index 3f5c506df..459151fa9 100644
--- a/src/tests/t_stringattr.py
+++ b/src/tests/t_stringattr.py
@@ -23,32 +23,28 @@
 #!/usr/bin/python
 from k5test import *
 
-def run_kadmin(query):
-    global realm
-    return realm.run_as_master([kadmin, '-c', realm.ccache, '-q', query])
-
 realm = K5Realm(start_kadmind=True, create_host=False, get_creds=False)
 
-realm.kinit(realm.admin_princ, password('admin'), flags=['-S', 'kadmin/admin'])
+realm.prep_kadmin()
 
-output = run_kadmin('getstrs user')
+output = realm.run_kadmin('getstrs user')
 if '(No string attributes.)' not in output:
     fail('Empty attribute query')
 
-output = run_kadmin('setstr user attr1 value1')
+output = realm.run_kadmin('setstr user attr1 value1')
 if 'Attribute set for principal' not in output:
     fail('Setting attr1')
-output = run_kadmin('setstr user attr2 value2')
+output = realm.run_kadmin('setstr user attr2 value2')
 if 'Attribute set for principal' not in output:
     fail('Setting attr2')
-output = run_kadmin('delstr user attr1')
+output = realm.run_kadmin('delstr user attr1')
 if 'Attribute removed from principal' not in output:
     fail('Deleting attr1')
-output = run_kadmin('setstr user attr3 value3')
+output = realm.run_kadmin('setstr user attr3 value3')
 if 'Attribute set for principal' not in output:
     fail('Setting attr3')
 
-output = run_kadmin('getstrs user')
+output = realm.run_kadmin('getstrs user')
 if 'attr2: value2' not in output or 'attr3: value3' not in output or \
         'attr1:' in output:
     fail('Final attribute query')
diff --git a/src/util/k5test.py b/src/util/k5test.py
index 0d0405290..6097c9be9 100644
--- a/src/util/k5test.py
+++ b/src/util/k5test.py
@@ -279,6 +279,15 @@ Scripts may use the following realm methods and attributes:
 
 * realm.run_kadminl(query): Run the specified query in kadmin.local.
 
+* realm.prep_kadmin(princname=None, password=None, flags=[]): Populate
+  realm.kadmin_ccache with a ticket which can be used to run kadmin.
+  If princname is not specified, realm.admin_princ and its default
+  password will be used.
+
+* realm.run_kadmin(query, **keywords): Run the specified query in
+  kadmin, using realm.kadmin_ccache to authenticate.  Accepts the same
+  keyword arguments as run_as_client.
+
 * realm.realm: The realm's name.
 
 * realm.testdir: The realm's storage directory (absolute path).
@@ -301,6 +310,9 @@ Scripts may use the following realm methods and attributes:
   credentials for user unless disabled by the realm construction
   options.
 
+* realm.kadmin_ccache: The ccache file initialized by prep_kadmin and
+  used by run_kadmin.
+
 * Attributes for the client, server, master, and slave environments.
   These environments are extensions of os.environ.
   - realm.env_client
@@ -689,6 +701,7 @@ class K5Realm(object):
         self.krbtgt_princ = 'krbtgt/%s@%s' % (self.realm, self.realm)
         self.keytab = os.path.join(self.testdir, 'keytab')
         self.ccache = os.path.join(self.testdir, 'ccache')
+        self.kadmin_ccache = os.path.join(self.testdir, 'kadmin_ccache')
         self._krb5_conf = _cfg_merge(_default_krb5_conf, krb5_conf)
         self._kdc_conf = _cfg_merge(_default_kdc_conf, kdc_conf)
         self._kdc_proc = None
@@ -917,6 +930,18 @@ class K5Realm(object):
         global kadmin_local
         return self.run_as_master([kadmin_local, '-q', query])
 
+    def prep_kadmin(self, princname=None, pw=None, flags=[]):
+        if princname is None:
+            princname = self.admin_princ
+            pw = password('admin')
+        return self.kinit(princname, pw,
+                          flags=['-S', 'kadmin/admin',
+                                 '-c', self.kadmin_ccache] + flags)
+
+    def run_kadmin(self, query, **keywords):
+        return self.run_as_client([kadmin, '-c', self.kadmin_ccache,
+                                   '-q', query], **keywords)
+
 
 def multipass_realms(**keywords):
     global _current_pass, _passes, testpass
-- 
2.26.2