Issue 5965 - UI, CLI - Fix Account Policy Plugin functionality issues (…

…#6323) Description: Make state attributes creatable. Fix existing accpol_check_all_state_attrs_test test. Add new notification modal - WarningModal. Fix configArea to nsslapd-pluginarg0 in UI and CLI. Fix various minor UI issues. Note: CoS entry and Account Policy configuration entry can be created using LDAP Browser. Fixes: #5965 Reviewed by: @progier389 (Thanks!)
389ds · Sep 18, 2024 · 2ccff06 · 2ccff06
1 parent 1b08847
commit 2ccff06
Show file tree

Hide file tree

Showing 4 changed files with 155 additions and 70 deletions.
diff --git a/dirsrvtests/tests/suites/plugins/accpol_check_all_state_attrs_test.py b/dirsrvtests/tests/suites/plugins/accpol_check_all_state_attrs_test.py
@@ -1,5 +1,5 @@
 # --- BEGIN COPYRIGHT BLOCK ---
-# Copyright (C) 2023 Red Hat, Inc.
+# Copyright (C) 2024 Red Hat, Inc.
 # All rights reserved.
 #
 # License: GPL (version 3 or any later version).
@@ -36,7 +36,6 @@
 USER_SELF_MOD_ACI = '(targetattr="userpassword")(version 3.0; acl "pwp test"; allow (all) userdn="ldap:///self";)'
 ANON_ACI = "(targetattr=\"*\")(version 3.0; acl \"Anonymous Read access\"; allow (read,search,compare) userdn = \"ldap:///anyone\";)"
 
-@pytest.mark.xfail(reason='https://github.com/389ds/389-ds-base/issues/5998')
 def test_inactivty_and_expiration(topo):
     """Test account expiration works when we are checking all state attributes
 
@@ -61,12 +60,14 @@ def test_inactivty_and_expiration(topo):
         7. Success
     """
 
-    INACTIVITY_LIMIT = 60
+    # passwordMaxAge should be less than accountInactivityLimit divided by 2
+    INACTIVITY_LIMIT = 12
+    MAX_AGE = 2
 
     # Configure instance
     inst = topo.standalone
     inst.config.set('passwordexp', 'on')
-    inst.config.set('passwordmaxage', '2')
+    inst.config.set('passwordmaxage', str(MAX_AGE))
     inst.config.set('passwordGraceLimit', '5')
     inst.config.set('nsslapd-errorlog-level', str(LOG_PLUGIN + LOG_DEFAULT))
 
@@ -87,15 +88,6 @@ def test_inactivty_and_expiration(topo):
         'homeDirectory': '/home/test',
     })
 
-    # Reset test user password to reset passwordExpirationtime
-    conn = test_user.bind(PASSWORD)
-    test_user = UserAccount(conn, TEST_ENTRY_DN)
-    date_pw_is_set = datetime.now()
-    test_user.replace('userpassword', NEW_PASSWORD)
-
-    # Sleep a little bit, we'll sleep the remaining 10 seconds later
-    time.sleep(3)
-
     # Configure account policy plugin
     plugin = AccountPolicyPlugin(inst)
     plugin.enable()
@@ -110,20 +102,19 @@ def test_inactivty_and_expiration(topo):
     accp.set('checkAllStateAttrs', 'on')
     inst.restart()
 
-    # Bind as test user to reset lastLoginTime
-    conn = test_user.bind(NEW_PASSWORD)
+    # Reset test user password to reset passwordExpirationtime
+    conn = test_user.bind(PASSWORD)
     test_user = UserAccount(conn, TEST_ENTRY_DN)
+    test_user.reset_password(NEW_PASSWORD)
+
+    # Sleep a little bit, we'll sleep the remaining time later
+    time.sleep(INACTIVITY_LIMIT / 2)
+
+    # Bind as test user to reset lastLoginTime
+    test_user.bind(NEW_PASSWORD)
 
-    # Sleep to exceed passwordexprattiontime over INACTIVITY_LIMIT seconds, but less than
-    # INACTIVITY_LIMIT seconds for lastLoginTime
-    # Based on real time because inst.restart() time is unknown
-    limit = timedelta(seconds=INACTIVITY_LIMIT+1)
-    now = datetime.now()
-    if now - date_pw_is_set >= limit:
-         pytest.mark.skip(reason="instance restart time was greater than inactivity limit")
-         return
-    deltat = limit + date_pw_is_set - now
-    time.sleep(deltat.total_seconds())
+    # Sleep the remaining time plus extra double passwordMaxAge seconds
+    time.sleep(INACTIVITY_LIMIT / 2 + MAX_AGE * 2)
 
     # Try to bind, but password expiration should reject this as lastLogintTime
     # has not exceeded the inactivity limit

diff --git a/src/cockpit/389-console/src/lib/notifications.jsx b/src/cockpit/389-console/src/lib/notifications.jsx
@@ -97,6 +97,54 @@ export class DoubleConfirmModal extends React.Component {
     }
 }
 
+export class WarningModal extends React.Component {
+    render() {
+        const {
+            showModal,
+            closeHandler,
+            mTitle,
+            mMsg,
+        } = this.props;
+
+        return (
+            <Modal
+                variant={ModalVariant.small}
+                title={mTitle}
+                titleIconVariant="warning"
+                isOpen={showModal}
+                aria-labelledby="warning-modal"
+                onClose={closeHandler}
+                actions={[
+                    <Button key="ok" variant="primary" onClick={closeHandler}>
+                        {_("Okay")}
+                    </Button>
+                ]}
+            >
+                <Form isHorizontal autoComplete="off">
+                    <TextContent>
+                        <Text className="ds-margin-top ds-margin-bottom" component={TextVariants.h3}>
+                            {mMsg}
+                        </Text>
+                    </TextContent>
+                </Form>
+            </Modal>
+        );
+    }
+}
+
+WarningModal.propTypes = {
+    showModal: PropTypes.bool,
+    closeHandler: PropTypes.func,
+    mTitle: PropTypes.string,
+    mMsg: PropTypes.string,
+};
+
+WarningModal.defaultProps = {
+    showModal: false,
+    mTitle: "",
+    mMsg: "",
+};
+
 DoubleConfirmModal.propTypes = {
     showModal: PropTypes.bool,
     closeHandler: PropTypes.func,