diff --git a/tests/api2/test_smb_groupmap.py b/tests/api2/test_smb_groupmap.py new file mode 100644 index 0000000000000..bb04f799697e5 --- /dev/null +++ b/tests/api2/test_smb_groupmap.py @@ -0,0 +1,56 @@ +import pytest + +from middlewared.test.integration.utils import call +from middlewared.test.integration.assets.account import group + +BASE_RID_GROUP = 200000 + + +@pytest.mark.parametrize('groupname,expected_memberof,expected_rid', [ + ('builtin_administrators', 'S-1-5-32-544', '512'), + ('builtin_guests', 'S-1-5-32-546', '514') +]) +test__builtin_accounts(groupname, expected_memberof, expected_rid): + entry = call('group.query', [['group', '=', groupname]], {'get': True}) + rid = int(entry['sid'].split('-')[-1]) + assert rid == expected_rid + + groupmap = call('smb.groupmap_list') + + +test__builtin_users_account(): + entry = call('group.query', [['group', '=', 'builtin_users']], {'get': True}) + + rid = int(entry['sid'].split('-')[-1]) + assert rid == entry['id'] + BASE_RID_GROUP + + +test__new_group(): + with group({"name": "group1"}) as g: + # Validate GID is being assigned as expected + assert g['sid'] is not None + rid = int(g['sid'].split('-')[-1]) + assert rid == g['id'] + BASE_RID_GROUP + + groupmap = call('smb.groupmap_list') + + assert groupmap['local'][g['gid']]['sid'] == g['sid'] + + # Validate that disabling SMB removes SID value from query results + call('group.update', g['id'], {'smb': False}) + + new = call('group.get_instance', g['id']) + assert new['sid'] is None + + # Check for presence in group_mapping.tdb + groupmap = call('smb.groupmap_list') + assert new['gid'] not in groupmap['local'] + + # Validate that re-enabling restores SID value + call('group.update', g['id'], {'smb': True}) + new = call('group.get_instance', g['id']) + assert new['sid'] == g['sid'] + + # + groupmap = call('smb.groupmap_list') + assert new['gid'] in groupmap['local']