#!/usr/share/ucs-test/runner bash
## desc: "Do a 'net rpc group members' on group with equally named user"
## exposure: safe
## packages:
##  - univention-config
##  - univention-samba
## roles:
##  - domaincontroller_master

. "$TESTLIBPATH/base.sh" || exit 137
. "$TESTLIBPATH/group.sh" || exit 137
. "$TESTLIBPATH/user.sh" || exit 137

SAMBA="true"
MAIL="false"
KERBEROS="false"
PERSON="true"
POSIX="true"

uname="$(random_chars)"
gname="$(random_chars)"
password="univention"

trap 'user_remove "$uname" ; group_remove "$gname"' INT TERM EXIT

admin_account="$(echo ${tests_domainadmin_account} | sed -e 's|uid=||;s|,.*||')"

echo "----create group"
udm-test groups/group create \
	--position="cn=groups,$ldap_base" \
	--set name="$gname"
if [ $? != 0 ]; then
	fail_fast 1 "Group could not be created"
fi

echo "----create user"
user_create "$uname"
if [ $? != 0 ];then
	fail_fast 1 "User could not be created"
fi


echo "----add user to group"
group_adduser "$uname" "$gname"

if ! [ -x /usr/bin/net ]; then
	fail_fast 1 "net is not available";
fi;

wait_for_replication_and_postrun

info "Querying group members"

echo "----query group members"
OUTPUT="$(net rpc -d1 group members "$gname" -U "$admin_account%$tests_domainadmin_pwd" 2>&1)"

info "Got the following answer:"
info "$OUTPUT"

if echo "$OUTPUT" | grep -qs NT_STATUS_LOGON_FAILURE; then
	fail_test 137 "Credentials for login not accepted. Probably they're different from the \$admin_account%\$admin_account ($admin_account%$admin_account) on this system"
fi

if echo "$OUTPUT" | grep -qs NT_STATUS_NO_SUCH_GROUP; then
	fail_test 121 "Got NT_STATUS_NO_SUCH_GROUP although group exists.See #18642"
fi

exit "$RETVAL"
