#!/usr/share/ucs-test/runner python3
## desc: Check whether a simple-auth-account can authenticate against LDAP and UMC
## tags: [udm, apptest]
## roles: [domaincontroller_master, domaincontroller_slave]
## exposure: careful
## packages:
##   - univention-config
##   - univention-directory-manager-tools


from __future__ import print_function
import univention.testing.ucr as ucr_test
import univention.testing.utils as utils
import univention.testing.udm as udm_test

import univention.admin.uldap
from univention.testing.umc import Client


if __name__ == '__main__':
	ucr = ucr_test.UCSTestConfigRegistry()
	ucr.load()
	with udm_test.UCSTestUDM() as udm:
		password = 'univention'
		dn, username = udm.create_ldap_user(password=password)
		utils.verify_ldap_object(dn)

		print('created user %r with dn=%r' % (username, dn))
		lo = univention.admin.uldap.access(binddn=dn, bindpw=password)
		assert dn in lo.lo.lo.whoami_s()
		assert username == lo.get(dn)['uid'][0].decode('utf-8')
		print('successfully did LDAP bind.')

		client = Client(ucr['hostname'], username, password)
		ldap_base = client.umc_get('ucr', ['ldap/base']).result
		print(ldap_base)
		assert ldap_base, 'Could not do any random UMC request'
		print('successfully did UMC authentication')
