adding subid management to the ipa role

Author: Dan Lavu

sssd_test_framework/roles/ipa.py

@@ -19,6 +19,7 @@
 from ..misc import (
     attrs_include_value,
     attrs_parse,
+    delimiter_parse,
     get_attr,
     ip_version,
     to_list,
@@ -359,6 +360,27 @@ def test_example_group(client: Client, ipa: IPA):
         """
         return IPAGroup(self, name)
 
+    def subid(self, name: str = "admin") -> IPASubID:
+        """
+        IPA subid management.
+
+        .. code-block:: python
+            :caption: Example usage
+
+            @pytest.mark.topology(KnownTopology.IPA)
+            def test_ipa__subids_configured(ipa: IPA):
+                ipa.user("user1").add()
+                user = ipa.subid("user1")
+                user.generate()
+
+                assert user.uid_start is not None
+                assert user.uid_range is not None
+                assert user.gid_start is not None
+                assert user.gid_range is not None
+                assert user.uid is not None
+        """
+        return IPASubID(self, name)
+
     def netgroup(self, name: str) -> IPANetgroup:
         """
         Get netgroup object.
@@ -1332,6 +1354,90 @@ def show_override(self, idview_name: str) -> dict[str, list[str]]:
         return attrs_parse(lines)
 
 
+class IPASubID(IPAObject):
+    """
+    IPA sub id management.
+    """
+
+    def __init__(self, role: IPA, owner: str = "admin"):
+        """
+        :param role: IPA role object.
+        :type role: IPA
+        :param owner:  Owner or username.
+        :type owner: str
+        """
+        super().__init__(role, owner, command_group="subid")
+
+        self.owner = owner
+        """ SubID owner."""
+
+        self.uid: str | None = None
+        """ SubUID, set during generate. """
+
+        self.uid_start: int | None = None
+        """ SubUID range start, set when found."""
+
+        self.uid_range: int | None = None
+        """ SubUID range size, set when found."""
+
+        self.gid_start: int | None = None
+        """ SubGID range start, set when found."""
+
+        self.gid_range: int | None = None
+        """ SubGID range size, set when found."""
+
+    def generate(self) -> IPASubID:
+        """
+        Generate subordinate id.
+        """
+        result = self.host.conn.run(f"ipa subid-generate --owner {self.owner}").stdout_lines
+        result = [item for item in result if ":" in item]
+        subids = delimiter_parse(result)
+
+        self.uid = subids.get("Unique ID")
+        self.uid_start = int(s) if (s := subids.get("SubUID range start")) else None
+        self.uid_range = int(s) if (s := subids.get("SubUID range size")) else None
+        self.gid_start = int(s) if (s := subids.get("SubGID range start")) else None
+        self.gid_range = int(s) if (s := subids.get("SubGID range size")) else None
+
+        return self
+
+    def show(self, subid: str) -> dict[str, str]:
+        """
+        Show subid info.
+
+        :param subid: Subordinate id.
+        :type subid: str
+        :return:  Subordinate id information.
+        :rtype: dict[str, str]
+        """
+        result = self.host.conn.run(f"ipa subid-show {subid}").stdout_lines
+        result = [item for item in result if ":" in item]
+        out = delimiter_parse(result)
+
+        return out
+
+    def find(self, subid: str | None = None) -> dict[str, str]:
+        """
+        Find subid.
+
+        :param subid: Subordinate id, optional
+        :type subid: str | None = None
+        :return:  Subordinate id information.
+        :rtype: dict[str, str]
+        """
+        if subid is not None:
+            args = subid
+        else:
+            args = f"--owner {self.owner}"
+
+        result = self.host.conn.run(f"ipa subid-find {args}", raise_on_error=False).stdout_lines
+        result = [item for item in result if ":" in item]
+        out = delimiter_parse(result)
+
+        return out
+
+
 class IPAGroup(IPAObject):
     """
     IPA group management.