#!/usr/share/ucs-test/runner bash 
# shellcheck shell=bash
## desc: "Create and delete GPO"
## exposure: dangerous
## packages:
## - univention-s4-connector
## tags:
##  - basic

# shellcheck source=../../lib/base.sh
. "$TESTLIBPATH/base.sh" || exit 137
# shellcheck source=../../lib/udm.sh
. "$TESTLIBPATH/udm.sh" || exit 137
# shellcheck source=../../lib/random.sh
. "$TESTLIBPATH/random.sh" || exit 137

. /usr/share/univention-lib/ucr.sh
. /usr/share/univention-lib/ldap.sh

. "s4connector.sh" || exit 137
test -n "$connector_s4_ldap_host" || exit 137
connector_running_on_this_host || exit 137

SYNCMODE="$(ad_get_sync_mode)"
ad_set_sync_mode "sync"

admin_account="$(ucs_convertDN2UID "$tests_domainadmin_account")"

gpo_display_name="$(random_chars)"

# create GPO
samba-tool gpo create "$gpo_display_name" \
		-k no \
		-H ldap://"$hostname.$domainname" \
		-U "$admin_account%$tests_domainadmin_pwd" || fail_bool 0 110
UDM_container_msgpo_name="$(univention-s4search "(&(displayName=$gpo_display_name)(objectClass=groupPolicyContainer))" cn | sed -ne 's|^cn: ||p')"
if [ -z "$UDM_container_msgpo_name" ]; then
	fail_fast 110 "New GPO not found in local Samba Directory service"
fi
ad_wait_for_synchronization; fail_bool 0 110
udm_exists "container/msgpo" "" "" "cn=Policies,cn=System,$ldap_base"; fail_bool 0 110

# delete GPO
samba-tool gpo del "$UDM_container_msgpo_name" \
		-k no \
		-H ldap://"$hostname.$domainname" \
		-U "$admin_account%$tests_domainadmin_pwd" || fail_bool 0 110
ad_wait_for_synchronization; fail_bool 0 110
udm_exists "container/msgpo" "" "" "cn=Policies,cn=System,$ldap_base"; fail_bool 1 110

exit "$RETVAL"

