#!/usr/share/ucs-test/runner bash
# shellcheck shell=bash
## desc: "Check renaming a windows computer"
## exposure: dangerous
## packages:
## - univention-s4-connector
## roles:
## - domaincontroller_master
## - domaincontroller_backup
## bugs:
##  - 43321

# shellcheck source=../../lib/base.sh
. "$TESTLIBPATH/base.sh" || exit 137
# shellcheck source=../../lib/udm.sh
. "$TESTLIBPATH/udm.sh" || exit 137
# shellcheck source=../../lib/random.sh
. "$TESTLIBPATH/random.sh" || exit 137
. "s4connector.sh" || exit 137

RETVAL=100

test -n "$connector_s4_ldap_host" || exit 137
connector_running_on_this_host || exit 137
SYNCMODE="$(ad_get_sync_mode)"
ad_set_sync_mode "sync"

# create computer object
#windows_name="$(random_chars)"
#UDM_computers_windows_name="$windows_name"
#windows_description="$(random_chars)"
windows_cn="MYWINPC"
windows_sam="mywinpc"
UDM_computers_windows_name="$windows_cn"
windows_description="desc"

# setup a object where uid == sAMAccountName
# but with a different cn (name)
echo -e "dn: CN=$windows_cn,CN=Computers,$samba4_ldap_base
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: computer
CN: $windows_cn
name: $windows_cn
userAccountControl: 4096
sAMAccountName: ${windows_sam}$
operatingSystem: Windows 8.1 Pro
operatingSystemVersion: 6.3 (9600)" | ldbadd --verbose --relax -H /var/lib/samba/private/sam.ldb
ad_wait_for_synchronization; fail_bool 0 110
echo "dn: cn=$windows_cn,cn=computers,$(ucr get ldap/base)
changetype: modify
replace: uid
uid: ${windows_sam}\$" | ldapmodify -D "cn=admin,$(ucr get ldap/base)" -w $(< /etc/ldap.secret) || fail_test 110
ad_wait_for_synchronization; fail_bool 0 110
udm_verify_ldap_attribute "cn" "$windows_cn" "computers/windows" || fail_test 110
udm_verify_ldap_attribute "uid" "${windows_sam}\$" "computers/windows" || fail_test 110

# check if sync works
udm-test 'computers/windows' modify \
	--dn "cn=$windows_cn,cn=computers,$(ucr get ldap/base)" \
	--set description="$windows_description" || fail_test 110
ad_wait_for_synchronization; fail_bool 0 110
AD_DN="CN=$UDM_computers_windows_name,CN=computers,$(ad_get_base)"
ad_verify_attribute "$AD_DN" "description" "$windows_description"; fail_bool 0 12

# now change name in windows
echo "dn: CN=$windows_cn,CN=Computers,$samba4_ldap_base
changetype: modify
replace: sAMAccountName
sAMAccountName: ${windows_sam}new\$" | ldbmodify --verbose --relax -H /var/lib/samba/private/sam.ldb
ad_wait_for_synchronization; fail_bool 0 110
UDM_computers_windows_name="${windows_cn}new"
AD_DN="CN=$UDM_computers_windows_name,CN=computers,$(ad_get_base)"
udm_verify_ldap_attribute "cn" "${windows_sam}new" "computers/windows" || fail_test 110
udm_verify_ldap_attribute "uid" "${windows_sam}new\$" "computers/windows" || fail_test 110
ad_verify_attribute "$AD_DN" "sAMAccountName" "${windows_sam}new\$" || fail_test 110

# cleanup
udm_remove 'computers/windows' || fail_test 110
ad_wait_for_synchronization; fail_bool 0 110
udm_exists 'computers/windows'; fail_bool 1 110
ad_set_sync_mode "$SYNCMODE"

exit "$RETVAL"
