def test_positive_create_product_with_limited_user_permission(
session, default_sat, test_name, module_org, module_location
):
"""A user with all permissions in Product and Repositories should be able to
create a new product
:id: 534a16f9-2d66-4fa1-aa5b-560f00eb4f67
:expectedresults: User successfully creates new product
:customerscenario: true
:CaseLevel: Component
:CaseImportance: High
:BZ: 1771937
"""
username = gen_string('alpha')
password = gen_string('alpha')
product_name = gen_string('alpha')
product_label = gen_string('alpha')
product_description = gen_string('alpha')
role = default_sat.api.Role().create()
# Calling Products and Repositoy to get all the permissions in it
create_role_permissions(role, {'Katello::Product': PERMISSIONS['Katello::Product']})
default_sat.api.User(
default_organization=module_org,
organization=[module_org],
firstname='sample',
lastname='test',
role=[role],
login=username,
password=password,
mail='*****@*****.**',
).create()
with Session(test_name, username, password) as newsession:
newsession.product.create(
{'name': product_name, 'label': product_label, 'description': product_description}
)
assert newsession.product.search(product_name)[0]['Name'] == product_name
def test_positive_list_permission(test_name, module_org, module_repos_col,
module_rhva_repos_col):
"""Show errata only if the User has permissions to view them
:id: cdb28f6a-23df-47a2-88ab-cd3b492126b2
:Setup:
1. Create two products with one repo each. Sync them.
2. Make sure that they both have errata.
3. Create a user with view access on one product and not on the other.
:Steps: Go to Content -> Errata.
:expectedresults: Check that the new user is able to see errata for one
product only.
:CaseLevel: Integration
"""
role = entities.Role().create()
entities.Filter(
organization=[module_org],
permission=entities.Permission().search(
query={'search': 'resource_type="Katello::Product"'}),
role=role,
search='name = "{}"'.format(PRDS['rhel']),
).create()
user_password = gen_string('alphanumeric')
user = entities.User(
default_organization=module_org,
organization=[module_org],
role=[role],
password=user_password,
).create()
with Session(test_name, user=user.login,
password=user_password) as session:
assert (session.errata.search(
RHVA_ERRATA_ID,
applicable=False)[0]['Errata ID'] == RHVA_ERRATA_ID)
assert not session.errata.search(CUSTOM_REPO_ERRATA_ID,
applicable=False)
def test_positive_content_host_errata_details(session, erratatype_vm, module_org, test_name):
"""Read for errata details on a content_host by user with only viewer permission
:id: 236de56f-8035-4072-b0fa-03abbf3fc692
:Steps:
1. Content Host with applicable security errata.
2. Create a User with 'Viewer' Permission.
3. Go to Content Hosts -> Select content host -> Errata Tab -> Select Errata_Id.
:expectedresults: The errata details page should be displayed for User.
:BZ: 1655130
:CaseLevel: Integration
"""
login = gen_string('alpha')
password = gen_string('alpha')
viewer_role = entities.Role().search(query={'search': 'name="Viewer"'})
default_loc_id = entities.Location().search(query={'search': f'name="{DEFAULT_LOC}"'})[0].id
default_loc = entities.Location(id=default_loc_id).read()
entities.User(
role=viewer_role,
login=login,
password=password,
default_location=default_loc,
organization=[module_org],
).create()
pkgs = ' '.join(FAKE_9_YUM_OUTDATED_PACKAGES)
assert _install_client_package(erratatype_vm, pkgs, errata_applicability=True)
with Session(test_name, login, password) as session:
session.organization.select(org_name=module_org.name)
erratum_details = session.contenthost.read_errata_details(
erratatype_vm.hostname, errata_id=CUSTOM_REPO_ERRATA_ID
)
assert erratum_details['advisory'] == CUSTOM_REPO_ERRATA_ID
assert erratum_details['type'] == 'security'
def test_positive_create_bookmark_public(session, random_entity,
module_viewer_user, test_name):
"""Create and check visibility of the (non)public bookmarks
:id: 93139529-7690-429b-83fe-3dcbac4f91dc
:Setup: Create a non-admin user with 'viewer' role
:Steps:
1. Navigate to the entity page
2. Choose "bookmark this search" from the search drop-down menu
3. Input a random name and query for a bookmark
4. Uncheck 'Public' checkbox for the bookmark
5. Click the create button
6. Repeat steps 2-5 with 'Public' checked off
7. Verify the bookmarks are listed at Administer -> Bookmarks
8. Login as the pre-created user
9. Verify that the non-public bookmark is not listed at Administer ->
Bookmarks
:expectedresults: No errors, public bookmarks is displayed for all users,
non-public bookmark is displayed for creator but not for different user
:CaseLevel: Integration
"""
public_name = gen_string('alphanumeric')
nonpublic_name = gen_string('alphanumeric')
with session:
ui_lib = getattr(session, random_entity['name'].lower())
for name in (public_name, nonpublic_name):
ui_lib.create_bookmark({
'name': name,
'query': gen_string('alphanumeric'),
'public': name == public_name,
})
assert session.bookmark.search(name)[0]['Name'] == name
with Session(test_name, module_viewer_user.login,
module_viewer_user.password) as session:
assert session.bookmark.search(public_name)[0]['Name'] == public_name
assert not session.bookmark.search(nonpublic_name)
def test_positive_add_host_collection_non_admin(module_org, test_name):
"""Test that host collection can be associated to Activation Keys by
non-admin user.
:id: 417f0b36-fd49-4414-87ab-6f72a09696f2
:expectedresults: Activation key is created, added host collection is
listed
:BZ: 1473212
:CaseLevel: Integration
"""
ak_name = gen_string('alpha')
hc = entities.HostCollection(organization=module_org).create()
# Create non-admin user with specified permissions
roles = [entities.Role().create()]
user_permissions = {
'Katello::ActivationKey': PERMISSIONS['Katello::ActivationKey'],
'Katello::HostCollection': PERMISSIONS['Katello::HostCollection'],
}
viewer_role = entities.Role().search(query={'search': 'name="Viewer"'})[0]
roles.append(viewer_role)
create_role_permissions(roles[0], user_permissions)
password = gen_string('alphanumeric')
user = entities.User(
admin=False,
role=roles,
password=password,
organization=[module_org],
).create()
with Session(test_name, user=user.login, password=password) as session:
session.activationkey.create({
'name': ak_name,
'lce': {ENVIRONMENT: True},
})
assert session.activationkey.search(ak_name) == ak_name
session.activationkey.add_host_collection(ak_name, hc.name)
ak = session.activationkey.read(ak_name)
assert ak[
'host_collections']['resources']['assigned'][0]['Name'] == hc.name
def test_negative_login_user_with_invalid_password_otp(
auth_source_ipa, test_name, ldap_tear_down, ipa_data
):
"""Login with password with time based OTP
:id: 3718c86e-5976-4fb8-9c80-4685d53bd955
:setup: Assure properly functioning IPA server for authentication
:steps: Login to server with an IPA user with invalid OTP.
:expectedresults: Log in to foreman UI should be failed
"""
password_with_otp = "{0}{1}".format(
ipa_data['ldap_ipa_user_passwd'], gen_string(str_type='numeric', length=6)
)
with Session(test_name, ipa_data['ipa_otp_username'], password_with_otp) as ldapsession:
with raises(NavigationTriesExceeded) as error:
ldapsession.user.search('')
assert error.typename == "NavigationTriesExceeded"
def test_negative_delete_rule_with_non_admin_user(
module_location, module_org, reader_user, test_name
):
"""Delete rule with non-admin user by associating discovery_reader role
:id: 23a7627c-6a9b-493b-871f-698543adf1d2
:expectedresults: User should validation error and rule should not be
deleted successfully.
:CaseLevel: Integration
"""
hg = entities.HostGroup(organization=[module_org]).create()
dr = entities.DiscoveryRule(
hostgroup=hg, organization=[module_org], location=[module_location]
).create()
with Session(test_name, user=reader_user.login, password=reader_user.password) as session:
with pytest.raises(ValueError):
session.discoveryrule.delete(dr.name)
dr_val = session.discoveryrule.read_all()
assert dr.name in [rule['Name'] for rule in dr_val]
def test_positive_search_with_non_admin_user(test_name, sc_params_list):
"""Search for specific smart class parameter using non admin user
:id: 79bd4071-1baa-44af-91dd-1e093445af29
:expectedresults: Specified smart class parameter can be found in the
system
:BZ: 1391556
:CaseLevel: Integration
"""
sc_param = sc_params_list.pop()
username = gen_string('alpha')
password = gen_string('alpha')
required_user_permissions = {
'Puppetclass': [
'view_puppetclasses',
],
'PuppetclassLookupKey': [
'view_external_parameters',
'create_external_parameters',
'edit_external_parameters',
'destroy_external_parameters',
],
}
role = entities.Role().create()
create_role_permissions(role, required_user_permissions)
entities.User(login=username, password=password, role=[role],
admin=False).create()
# assert that the user is not an admin one and cannot read the current
# role info (note: view_roles is not in the required permissions)
cfg = get_nailgun_config()
cfg.auth = (username, password)
with raises(HTTPError) as context:
entities.Role(cfg, id=role.id).read()
assert '403 Client Error: Forbidden' in str(context.value)
with Session(test_name, user=username, password=password) as session:
assert session.sc_parameter.search(
sc_param.parameter)[0]['Parameter'] == sc_param.parameter
def test_positive_add_katello_role(
test_name, session, auth_source, ldap_usergroup_name, ldap_tear_down, ldap_data
):
"""Associate katello roles to User Group.
[belonging to external AD User Group.]
:id: aa5e3bf4-cb42-43a4-93ea-a2eea54b847a
:Steps:
1. Create an UserGroup.
2. Assign some foreman roles to UserGroup.
3. Create and associate an External AD UserGroup.
:expectedresults: Whether a User belonging to User Group is able to
access katello entities as per roles.
"""
ak_name = gen_string('alpha')
auth_source_name = 'LDAP-' + auth_source.name
user_permissions = {'Katello::ActivationKey': PERMISSIONS['Katello::ActivationKey']}
katello_role = entities.Role().create()
create_role_permissions(katello_role, user_permissions)
with session:
session.usergroup.create(
{
'usergroup.name': ldap_usergroup_name,
'roles.resources.assigned': [katello_role.name],
'external_groups.name': EXTERNAL_GROUP_NAME,
'external_groups.auth_source': auth_source_name,
}
)
assert session.usergroup.search(ldap_usergroup_name)[0]['Name'] == ldap_usergroup_name
session.usergroup.refresh_external_group(ldap_usergroup_name, EXTERNAL_GROUP_NAME)
with Session(test_name, ldap_data['ldap_user_name'], ldap_data['ldap_user_passwd']) as session:
with raises(NavigationTriesExceeded):
session.architecture.search('')
session.activationkey.create({'name': ak_name})
assert session.activationkey.search(ak_name)[0]['Name'] == ak_name
current_user = session.activationkey.read(ak_name, 'current_user')['current_user']
assert current_user == ldap_data['ldap_user_name']
def test_positive_remove_user(session, module_org, test_name):
"""Delete any user who has previously created an activation key
and check that activation key still exists
:id: f0504bd8-52d2-40cd-91c6-64d71b14c876
:expectedresults: Activation Key can be read
:BZ: 1291271
"""
ak_name = gen_string('alpha')
# Create user
password = gen_string('alpha')
user = entities.User(admin=True, default_organization=module_org, password=password).create()
# Create Activation Key using new user credentials
with Session(test_name, user.login, password) as non_admin_session:
non_admin_session.activationkey.create({'name': ak_name, 'lce': {ENVIRONMENT: True}})
assert non_admin_session.activationkey.search(ak_name)[0]['Name'] == ak_name
# Remove user and check that AK still exists
user.delete()
with session:
assert session.activationkey.search(ak_name)[0]['Name'] == ak_name
def test_positive_delete_rule_with_non_admin_user(manager_loc, manager_user,
module_org, test_name):
"""Delete rule with non-admin user by associating discovery_manager role
:id: 7fa56bab-82d7-46c9-a4fa-c44ef173c703
:expectedresults: Rule should be deleted successfully.
:CaseLevel: Integration
"""
hg = entities.HostGroup(organization=[module_org]).create()
dr = entities.DiscoveryRule(hostgroup=hg,
organization=[module_org],
location=[manager_loc]).create()
with Session(test_name,
user=manager_user.login,
password=manager_user.password) as session:
dr_val = session.discoveryrule.read_all()
assert dr.name in [rule['Name'] for rule in dr_val]
session.discoveryrule.delete(dr.name)
dr_val = session.discoveryrule.read_all()
assert dr.name not in [rule['Name'] for rule in dr_val]
def test_positive_login_ad_user_no_roles(test_name, ldap_data, ldap_user_name,
auth_source):
"""Login with LDAP Auth- AD for user with no roles/rights
:id: 7dc8d9a7-ff08-4d8e-a842-d370ffd69741
:setup: assure properly functioning AD server for authentication
:steps: Login to server with an AD user.
:expectedresults: Log in to foreman UI successfully but cannot access
functional areas of UI
"""
with Session(
test_name,
ldap_data['ldap_user_name'],
ldap_data['ldap_user_passwd'],
) as ldapsession:
with raises(NavigationTriesExceeded):
ldapsession.user.search('')
assert ldapsession.task.read_all(
)['current_user'] == ldap_data['ldap_user_name']
def test_positive_create_filter_admin_user_with_locs(test_name):
"""Attempt to create a role filter by admin user, who has 6+ locations assigned.
:id: 688ecb7d-1d49-494c-97cc-0d5e715f3bb1
:customerscenario: true
:expectedresults: filter was successfully created.
:BZ: 1315580
:CaseImportance: Critical
"""
role_name = gen_string('alpha')
resource_type = 'Architecture'
permissions = ['view_architectures', 'edit_architectures']
org = entities.Organization().create()
locations = [
entities.Location(organization=[org]).create() for _ in range(6)
]
password = gen_string('alphanumeric')
user = entities.User(
admin=True,
organization=[org],
location=locations,
default_organization=org,
default_location=locations[0],
password=password,
).create()
with Session(test_name, user=user.login, password=password) as session:
session.role.create({'name': role_name})
assert session.role.search(role_name)[0]['Name'] == role_name
session.filter.create(role_name, {
'resource_type': resource_type,
'permission.assigned': permissions
})
assigned_permissions = session.filter.read_permissions(role_name)
assert set(assigned_permissions[resource_type]) == set(permissions)
def test_positive_remove_host_collection_non_admin(module_org, test_name):
"""Test that host collection can be removed from Activation Keys by
non-admin user.
:id: 187456ec-5690-4524-9701-8bdb74c7912a
:expectedresults: Activation key is created, removed host collection is not
listed
:CaseLevel: Integration
"""
ak_name = gen_string('alpha')
hc = entities.HostCollection(organization=module_org).create()
# Create non-admin user with specified permissions
roles = [entities.Role().create()]
user_permissions = {
'Katello::ActivationKey': PERMISSIONS['Katello::ActivationKey'],
'Katello::HostCollection': PERMISSIONS['Katello::HostCollection'],
}
viewer_role = entities.Role().search(query={'search': 'name="Viewer"'})[0]
roles.append(viewer_role)
create_role_permissions(roles[0], user_permissions)
password = gen_string('alphanumeric')
user = entities.User(
admin=False, role=roles, password=password, organization=[module_org]
).create()
with Session(test_name, user=user.login, password=password) as session:
session.activationkey.create({'name': ak_name, 'lce': {ENVIRONMENT: True}})
assert session.activationkey.search(ak_name)[0]['Name'] == ak_name
session.activationkey.add_host_collection(ak_name, hc.name)
ak = session.activationkey.read(ak_name, widget_names='host_collections')
assert ak['host_collections']['resources']['assigned'][0]['Name'] == hc.name
# remove Host Collection
session.activationkey.remove_host_collection(ak_name, hc.name)
ak = session.activationkey.read(ak_name, widget_names='host_collections')
assert not ak['host_collections']['resources']['assigned']
def test_positive_create_filter_admin_user_with_orgs(test_name):
"""Attempt to create a role filter by admin user, who has 10 organizations assigned.
:id: 04208e17-34b5-46b1-84dd-b8a973521d30
:customerscenario: true
:expectedresults: filter was successfully created.
:BZ: 1389795
:CaseImportance: Critical
"""
role_name = gen_string('alpha')
resource_type = 'Architecture'
permissions = ['view_architectures', 'edit_architectures']
password = gen_string('alphanumeric')
organizations = [entities.Organization().create() for _ in range(10)]
loc = entities.Location(organization=[organizations[0]]).create()
user = entities.User(
admin=True,
organization=organizations,
location=[loc],
default_organization=organizations[0],
default_location=loc,
password=password,
).create()
with Session(test_name, user=user.login, password=password) as session:
session.role.create({'name': role_name})
assert session.role.search(role_name)[0]['Name'] == role_name
session.filter.create(role_name, {
'resource_type': resource_type,
'permission.assigned': permissions
})
assigned_permissions = session.filter.read_permissions(role_name)
assert set(assigned_permissions[resource_type]) == set(permissions)
def test_positive_search_errata_non_admin(session, vm, module_org, test_name,
module_viewer_user):
"""Search for host's errata by non-admin user with enough permissions
:id: 5b8887d2-987f-4bce-86a1-8f65ca7e1195
:customerscenario: true
:BZ: 1255515, 1662405, 1652938
:expectedresults: User can access errata page and proper errata is
listed
:CaseLevel: System
"""
vm.run('yum install -y {0}'.format(FAKE_1_CUSTOM_PACKAGE))
with Session(test_name,
user=module_viewer_user.login,
password=module_viewer_user.password) as session:
chost = session.contenthost.read(vm.hostname, widget_names='errata')
assert FAKE_2_ERRATA_ID in {
errata['Id']
for errata in chost['errata']['table']
}
def test_positive_login_user_password_otp(auth_source_ipa, test_name, ldap_tear_down, ipa_data):
"""Login with password with time based OTP
:id: be7eb5d6-3228-4660-aa64-c56f9f3ec5e0
:setup: Assure properly functioning IPA server for authentication
:steps: Login to server with an IPA user with time_based OTP.
:expectedresults: Log in to foreman UI successfully
"""
password_with_otp = "{0}{1}".format(
ipa_data['ldap_ipa_user_passwd'], generate_otp(ipa_data['time_based_secret'])
)
with Session(test_name, ipa_data['ipa_otp_username'], password_with_otp) as ldapsession:
with raises(NavigationTriesExceeded):
ldapsession.user.search('')
expected_user = "******".format(ipa_data['ipa_otp_username'], ipa_data['ipa_otp_username'])
assert ldapsession.task.read_all()['current_user'] == expected_user
users = entities.User().search(
query={'search': 'login="******"'.format(ipa_data['ipa_otp_username'])}
)
assert users[0].login == ipa_data['ipa_otp_username']
def test_positive_access_with_non_admin_user_with_manifest(test_name):
"""Access subscription page with user that has only view_subscriptions
permission and organization that has a manifest uploaded.
:id: 9184fcf6-36be-42c8-984c-3c5d7834b3b4
:expectedresults: Subscription page is rendered properly without errors
and the default subscription is visible
:BZ: 1417082, 1651981
:customerscenario: true
:CaseLevel: Integration
:CaseImportance: Critical
"""
org = entities.Organization().create()
manifests.upload_manifest_locked(org.id)
role = entities.Role(organization=[org]).create()
create_role_permissions(role, {'Katello::Subscription': ['view_subscriptions']})
user_password = gen_string('alphanumeric')
user = entities.User(
admin=False,
role=[role],
password=user_password,
organization=[org],
default_organization=org,
).create()
with Session(test_name, user=user.login, password=user_password) as session:
assert (
session.subscription.search('name = "{0}"'.format(DEFAULT_SUBSCRIPTION_NAME))[0][
'Name'
]
== DEFAULT_SUBSCRIPTION_NAME
)
def test_positive_custom_user_view_lce(session, test_name):
"""As a custom user attempt to view a lifecycle environment created
by admin user
:id: 768b647b-c530-4eca-9caa-38cf8622f36d
:BZ: 1420511
:Steps:
As an admin user:
1. Create an additional lifecycle environments other than Library
2. Create a user without administrator privileges
3. Create a role with the the following permissions:
* (Miscellaneous): access_dashboard
* Lifecycle Environment:
* edit_lifecycle_environments
* promote_or_remove_content_views_to_environment
* view_lifecycle_environments
* Location: view_locations
* Organization: view_organizations
4. Assign the created role to the custom user
As a custom user:
1. Log in
2. Navigate to Content -> Lifecycle Environments
:expectedresults: The additional lifecycle environment is viewable and
accessible by the custom user.
:CaseLevel: Integration
"""
role_name = gen_string('alpha')
lce_name = gen_string('alpha')
user_login = gen_string('alpha')
user_password = gen_string('alpha')
org = entities.Organization().create()
role = entities.Role(name=role_name).create()
permissions_types_names = {
None: ['access_dashboard'],
'Organization': ['view_organizations'],
'Location': ['view_locations'],
'Katello::KTEnvironment': [
'view_lifecycle_environments', 'edit_lifecycle_environments',
'promote_or_remove_content_views_to_environments'
]
}
create_role_permissions(role, permissions_types_names)
entities.User(default_organization=org,
organization=[org],
role=[role],
login=user_login,
password=user_password).create()
# create a life cycle environment as admin user and ensure it's visible
with session:
session.organization.select(org.name)
session.lifecycleenvironment.create(values={'name': lce_name})
lce_values = session.lifecycleenvironment.read_all()
assert lce_name in lce_values['lce']
# ensure the created user also can find the created lifecycle environment link
with Session(test_name, user_login, user_password) as non_admin_session:
# to ensure that the created user has only the assigned
# permissions, check that hosts menu tab does not exist
with raises(NavigationTriesExceeded):
assert not non_admin_session.host.read_all()
# assert that the user can view the lvce created by admin user
lce_values = non_admin_session.lifecycleenvironment.read_all()
assert lce_name in lce_values['lce']
def test_positive_create_as_non_admin_user_with_cv_published(
module_org, test_name):
"""Create a repository as a non admin user in a product that already
contain a repository that is used in a published content view.
:id: 407864eb-50b8-4bc8-bbc7-0e6f8136d89f
:expectedresults: New repository successfully created by non admin user
:BZ: 1447829
:CaseLevel: Integration
"""
user_login = gen_string('alpha')
user_password = gen_string('alphanumeric')
repo_name = gen_string('alpha')
user_permissions = {
None: ['access_dashboard'],
'Katello::Product': [
'view_products',
'create_products',
'edit_products',
'destroy_products',
'sync_products',
'export_products',
],
}
role = entities.Role().create()
create_role_permissions(role, user_permissions)
entities.User(
login=user_login,
password=user_password,
role=[role],
admin=False,
default_organization=module_org,
organization=[module_org],
).create()
prod = entities.Product(organization=module_org).create()
repo = entities.Repository(product=prod, url=FAKE_2_YUM_REPO).create()
repo.sync()
content_view = entities.ContentView(organization=module_org).create()
content_view.repository = [repo]
content_view = content_view.update(['repository'])
content_view.publish()
with Session(test_name, user_login, user_password) as session:
# ensure that the created user is not a global admin user
# check administer->users page
with raises(NavigationTriesExceeded):
pswd = gen_string('alphanumeric')
session.user.create({
'user.login': gen_string('alphanumeric'),
'user.auth': 'INTERNAL',
'user.password': pswd,
'user.confirm': pswd,
})
# ensure that the created user has only the assigned permissions
# check that host collections menu tab does not exist
with raises(NavigationTriesExceeded):
session.hostcollection.create({'name': gen_string('alphanumeric')})
session.repository.create(
prod.name, {
'name': repo_name,
'repo_type': REPO_TYPE['yum'],
'repo_content.upstream_url': FAKE_1_YUM_REPO,
})
assert session.repository.search(prod.name,
repo.name)[0]['Name'] == repo.name
def test_positive_virtwho_manager_role(self, default_org, session,
test_name, form_data):
"""Verify the virt-who manager role can TRULY work.
:id: a72023fb-7b23-4582-9adc-c5227dc7859c
:expectedresults:
Virt-who Manager Role granting all permissions to manage virt-who configurations,
user needs this role to create, delete or update configurations.
"""
username = gen_string('alpha')
password = gen_string('alpha')
config_name = gen_string('alpha')
with session:
# Create an user
session.user.create({
'user.login': username,
'user.mail': valid_emails_list()[0],
'user.auth': 'INTERNAL',
'user.password': password,
'user.confirm': password,
})
# Create a virt-who config plugin
form_data['name'] = config_name
session.virtwho_configure.create(form_data)
values = session.virtwho_configure.read(config_name)
command = values['deploy']['command']
deploy_configure_by_command(command,
form_data['hypervisor_type'],
org=default_org.label)
assert session.virtwho_configure.search(
config_name)[0]['Status'] == 'ok'
# Check the permissioin of Virt-who Manager
session.user.update(
username, {'roles.resources.assigned': ['Virt-who Manager']})
user = session.user.read(username)
assert user['roles']['resources']['assigned'] == [
'Virt-who Manager'
]
with Session(test_name, username, password) as newsession:
# create_virt_who_config
new_virt_who_name = gen_string('alpha')
form_data['name'] = new_virt_who_name
newsession.virtwho_configure.create(form_data)
# view_virt_who_config
values = newsession.virtwho_configure.read(new_virt_who_name)
command = values['deploy']['command']
deploy_configure_by_command(command,
form_data['hypervisor_type'],
org=default_org.label)
assert newsession.virtwho_configure.search(
new_virt_who_name)[0]['Status'] == 'ok'
# edit_virt_who_config
modify_name = gen_string('alpha')
newsession.virtwho_configure.edit(new_virt_who_name,
{'name': modify_name})
newsession.virtwho_configure.search(modify_name)
# destroy_virt_who_config
newsession.virtwho_configure.delete(modify_name)
assert not newsession.virtwho_configure.search(modify_name)
# Delete the created user
session.user.delete(username)
assert not session.user.search(username)
def test_positive_virtwho_viewer_role(self, default_org, session,
test_name, form_data):
"""Verify the virt-who viewer role can TRULY work.
:id: bf3be2e4-3853-41cc-9b3e-c8677f0b8c5f
:expectedresults:
Virt-who Viewer Role granting permissions to see all configurations
including their configuration scripts, which means viewers could still
deploy the virt-who instances for existing virt-who configurations.
"""
username = gen_string('alpha')
password = gen_string('alpha')
config_name = gen_string('alpha')
with session:
# Create an user
session.user.create({
'user.login': username,
'user.mail': valid_emails_list()[0],
'user.auth': 'INTERNAL',
'user.password': password,
'user.confirm': password,
})
# Create a virt-who config plugin
form_data['name'] = config_name
session.virtwho_configure.create(form_data)
values = session.virtwho_configure.read(config_name)
command = values['deploy']['command']
deploy_configure_by_command(command,
form_data['hypervisor_type'],
org=default_org.label)
assert session.virtwho_configure.search(
config_name)[0]['Status'] == 'ok'
# Check the permissioin of Virt-who Viewer
session.user.update(
username, {'roles.resources.assigned': ['Virt-who Viewer']})
user = session.user.read(username)
assert user['roles']['resources']['assigned'] == [
'Virt-who Viewer'
]
# Update the virt-who config file
config_id = get_configure_id(config_name)
config_file = get_configure_file(config_id)
update_configure_option('rhsm_username', username, config_file)
delete_configure_option('rhsm_encrypted_password', config_file)
add_configure_option('rhsm_password', password, config_file)
restart_virtwho_service()
assert get_virtwho_status() == 'logerror'
with Session(test_name, username, password) as newsession:
create_permission = newsession.virtwho_configure.check_create_permission(
)
update_permission = newsession.virtwho_configure.check_update_permission(
config_name)
assert create_permission['can_view']
assert not create_permission['can_create']
assert not update_permission['can_delete']
assert not update_permission['can_edit']
newsession.virtwho_configure.read(config_name)
# Delete the created user
session.user.delete(username)
assert not session.user.search(username)
def test_positive_end_to_end(session, test_name, module_org, module_loc):
"""Perform end to end testing for user component
:id: 2794fdd0-cfe3-4f1a-aa5f-25b2d211ae12
:expectedresults: All expected CRUD actions finished successfully
:CaseLevel: Integration
:CaseImportance: High
"""
name = gen_string('alpha')
new_name = gen_string('alpha')
ak_name = gen_string('alpha')
firstname = gen_string('alpha')
lastname = gen_string('alpha')
password = gen_string('alpha')
email = gen_email()
description = gen_string('alphanumeric')
language = 'English (United States)'
timezone = '(GMT+00:00) UTC'
role = entities.Role().create().name
with session:
# Create new user and validate its values
session.user.create({
'user.login':
name,
'user.firstname':
firstname,
'user.lastname':
lastname,
'user.mail':
email,
'user.description':
description,
'user.language':
language,
'user.timezone':
timezone,
'user.auth':
'INTERNAL',
'user.password':
password,
'user.confirm':
password,
'locations.resources.assigned': [module_loc.name],
'organizations.resources.assigned': [module_org.name],
'roles.admin':
True,
'roles.resources.assigned': [role],
})
assert session.user.search(name)[0]['Username'] == name
user_values = session.user.read(name)
assert user_values['user']['login'] == name
assert user_values['user']['firstname'] == firstname
assert user_values['user']['lastname'] == lastname
assert user_values['user']['mail'] == email
assert user_values['user']['description'] == description
assert user_values['user']['language'] == language
assert user_values['user']['timezone'] == timezone
assert user_values['user']['auth'] == 'INTERNAL'
assert user_values['locations']['resources']['assigned'] == [
module_loc.name
]
assert user_values['organizations']['resources']['assigned'] == [
module_org.name
]
assert user_values['roles']['admin'] is True
assert user_values['roles']['resources']['assigned'] == [role]
# Update user with new name
session.user.update(name, {'user.login': new_name})
assert session.user.search(new_name)[0]['Username'] == new_name
assert not session.user.search(name)
# Login into application using new user
with Session(test_name, new_name, password) as newsession:
newsession.organization.select(module_org.name)
newsession.location.select(module_loc.name)
newsession.activationkey.create({'name': ak_name})
assert newsession.activationkey.search(
ak_name)[0]['Name'] == ak_name
current_user = newsession.activationkey.read(
ak_name, 'current_user')['current_user']
assert current_user == '{} {}'.format(firstname, lastname)
# Delete user
session.user.delete(new_name)
assert not session.user.search(new_name)
def test_rhcloud_inventory_e2e(inventory_settings, organization_ak_setup,
rhcloud_registered_hosts, rhcloud_sat_host):
"""Generate report and verify its basic properties
:id: 833bd61d-d6e7-4575-887a-9e0729d0fa76
:customerscenario: true
:expectedresults:
1. Report can be generated
2. Report can be downloaded
3. Report has non-zero size
4. Report can be extracted
5. JSON files inside report can be parsed
6. metadata.json lists all and only slice JSON files in tar
7. Host counts in metadata matches host counts in slices
8. Assert Hostnames, IP addresses, and installed packages are present in report.
:CaseImportance: Critical
:BZ: 1807829, 1926100
"""
org, ak = organization_ak_setup
virtual_host, baremetal_host = rhcloud_registered_hosts
with Session(hostname=rhcloud_sat_host.hostname) as session:
session.organization.select(org_name=org.name)
session.location.select(loc_name=DEFAULT_LOC)
timestamp = (datetime.utcnow() -
timedelta(minutes=2)).strftime('%Y-%m-%d %H:%M')
session.cloudinventory.generate_report(org.name)
wait_for(
lambda: rhcloud_sat_host.api.ForemanTask().search(
query={
'search':
f'label = ForemanInventoryUpload::Async::GenerateReportJob '
f'and started_at >= "{timestamp}"'
})[0].result == 'success',
timeout=400,
delay=15,
silent_failure=True,
handle_exception=True,
)
report_path = session.cloudinventory.download_report(org.name)
inventory_data = session.cloudinventory.read(org.name)
common_assertion(report_path, inventory_data, org, rhcloud_sat_host)
json_data = get_report_data(report_path)
hostnames = [host['fqdn'] for host in json_data['hosts']]
assert virtual_host.hostname in hostnames
assert baremetal_host.hostname in hostnames
ip_addresses = [
host['system_profile']['network_interfaces'][0]['ipv4_addresses'][0]
for host in json_data['hosts']
]
ipv4_addresses = [host['ip_addresses'][0] for host in json_data['hosts']]
assert virtual_host.ip_addr in ip_addresses
assert baremetal_host.ip_addr in ip_addresses
assert virtual_host.ip_addr in ipv4_addresses
assert baremetal_host.ip_addr in ipv4_addresses
all_host_profiles = [host['system_profile'] for host in json_data['hosts']]
for host_profiles in all_host_profiles:
assert 'installed_packages' in host_profiles
assert len(host_profiles['installed_packages']) > 1
def test_exclude_packages_setting(rhcloud_sat_host, inventory_settings,
organization_ak_setup,
rhcloud_registered_hosts):
"""Test whether `Exclude Packages` setting works as expected.
:id: 646093fa-fdd6-4f70-82aa-725e31fa3f12
:customerscenario: true
:Steps:
1. Prepare machine and upload its data to Insights
2. Add Cloud API key in Satellite
3. Go to Configure > Inventory upload > enable “Exclude Packages” setting.
4. Generate report after enabling the setting.
5. Check if packages are excluded from generated reports.
6. Disable previous setting.
7. Go to Administer > Settings > RH Cloud and enable
"Don't upload installed packages" setting.
8. Generate report after enabling the setting.
9. Check if packages are excluded from generated reports.
:expectedresults:
1. Packages are excluded from reports generated.
:BZ: 1852594
:CaseAutomation: Automated
"""
org, ak = organization_ak_setup
virtual_host, baremetal_host = rhcloud_registered_hosts
with Session(hostname=rhcloud_sat_host.hostname) as session:
session.organization.select(org_name=org.name)
session.location.select(loc_name=DEFAULT_LOC)
# Enable exclude_packages setting on inventory page.
session.cloudinventory.update({'exclude_packages': True})
timestamp = (datetime.utcnow() -
timedelta(minutes=2)).strftime('%Y-%m-%d %H:%M')
session.cloudinventory.generate_report(org.name)
wait_for(
lambda: rhcloud_sat_host.api.ForemanTask().search(
query={
'search':
f'label = ForemanInventoryUpload::Async::GenerateReportJob '
f'and started_at >= "{timestamp}"'
})[0].result == 'success',
timeout=400,
delay=15,
silent_failure=True,
handle_exception=True,
)
report_path = session.cloudinventory.download_report(org.name)
inventory_data = session.cloudinventory.read(org.name)
assert inventory_data['exclude_packages'] is True
# Disable exclude_packages setting on inventory page.
session.cloudinventory.update({'exclude_packages': False})
# Assert that generated archive is valid.
common_assertion(report_path, inventory_data, org, rhcloud_sat_host)
# Get report data for assertion
json_data = get_report_data(report_path)
# Assert that right hosts are present in report.
hostnames = [host['fqdn'] for host in json_data['hosts']]
assert virtual_host.hostname in hostnames
assert baremetal_host.hostname in hostnames
# Assert that packages are excluded from report
all_host_profiles = [
host['system_profile'] for host in json_data['hosts']
]
for host_profiles in all_host_profiles:
assert 'installed_packages' not in host_profiles
# Enable exclude_installed_packages setting.
rhcloud_sat_host.update_setting('exclude_installed_packages', True)
timestamp = (datetime.utcnow() -
timedelta(minutes=2)).strftime('%Y-%m-%d %H:%M')
session.cloudinventory.generate_report(org.name)
wait_for(
lambda: rhcloud_sat_host.api.ForemanTask().search(
query={
'search':
f'label = ForemanInventoryUpload::Async::GenerateReportJob '
f'and started_at >= "{timestamp}"'
})[0].result == 'success',
timeout=400,
delay=15,
silent_failure=True,
handle_exception=True,
)
report_path = session.cloudinventory.download_report(org.name)
inventory_data = session.cloudinventory.read(org.name)
assert inventory_data['exclude_packages'] is True
json_data = get_report_data(report_path)
hostnames = [host['fqdn'] for host in json_data['hosts']]
assert virtual_host.hostname in hostnames
assert baremetal_host.hostname in hostnames
all_host_profiles = [
host['system_profile'] for host in json_data['hosts']
]
for host_profiles in all_host_profiles:
assert 'installed_packages' not in host_profiles
def test_positive_create_filter_without_override(session, module_org, module_loc, test_name):
"""Create filter in role w/o overriding it
:id: a7f76f6e-6c13-4b34-b38c-19501b65786f
:steps:
1. Create a role with taxonomies (location and organization)
assigned
2. Create filter in role without overriding it
3. Create user and assign new role to it
4. Re-login into application using new user with a role
:expectedresults:
1. Filter w/o override is created in role
2. The taxonomies of role are inherited to filter
3. User can access application sections specified in a filter
"""
role_name = gen_string('alpha')
username = gen_string('alpha')
password = gen_string('alpha')
subnet = entities.Subnet()
subnet.create_missing()
subnet_name = subnet.name
with session:
session.role.create(
{
'name': role_name,
'organizations.assigned': [module_org.name],
'locations.assigned': [module_loc.name],
}
)
assert session.role.search(role_name)[0]['Name'] == role_name
session.filter.create(
role_name,
{'resource_type': 'Subnet', 'permission.assigned': ['view_subnets', 'create_subnets']},
)
filter_values = session.filter.read(role_name, 'Subnet')
assert filter_values['override'] is False
session.filter.create(
role_name,
{
'resource_type': 'Organization',
'permission.assigned': ['assign_organizations', 'view_organizations'],
},
)
session.filter.create(
role_name,
{
'resource_type': 'Location',
'permission.assigned': ['assign_locations', 'view_locations'],
},
)
session.user.create(
{
'user.login': username,
'user.auth': 'INTERNAL',
'user.password': password,
'user.confirm': password,
'user.mail': '*****@*****.**',
'roles.resources.assigned': [role_name],
'organizations.resources.assigned': [module_org.name],
'locations.resources.assigned': [module_loc.name],
}
)
with Session(test_name, user=username, password=password) as session:
session.subnet.create(
{
'subnet.name': subnet_name,
'subnet.protocol': 'IPv4',
'subnet.network_address': subnet.network,
'subnet.network_mask': subnet.mask,
'subnet.boot_mode': 'Static',
}
)
assert session.subnet.search(subnet_name)[0]['Name'] == subnet_name
with pytest.raises(NavigationTriesExceeded):
session.architecture.create({'name': gen_string('alpha')})
def test_positive_update_bookmark_public(session, random_entity,
module_viewer_user, module_user,
test_name):
"""Update and save a bookmark public state
:id: 63646c41-5441-4547-a4d0-744286122405
:Setup:
1. Create 2 bookmarks of a random name with random query, one
public and one private
2. Create a non-admin user with 'viewer' role
:Steps:
1. Login to Satellite server (establish a UI session) as the
pre-created user
2. Navigate to the entity
3. List the bookmarks by clicking the drop down menu
4. Verify that only the public bookmark is listed
5. Log out
6. Login to Satellite server (establish a UI session) as the admin
user
7. List the bookmarks (Navigate to Administer -> Bookmarks)
8. Click the public pre-created bookmark
9. Uncheck 'public'
10. Submit
11. Click the private pre-created bookmark
12. Check 'public'
13. Submit
14. Logout
15. Login to Satellite server (establish a UI session) as the
pre-created user
16. Navigate to the entity
17. List the bookmarks by clicking the drop down menu
:expectedresults: New public bookmark is listed, and the private one is
hidden
:CaseLevel: Integration
"""
public_name = gen_string('alphanumeric')
nonpublic_name = gen_string('alphanumeric')
cfg = get_nailgun_config()
cfg.auth = (module_user.login, module_user.password)
for name in (public_name, nonpublic_name):
entities.Bookmark(
cfg,
name=name,
controller=random_entity['controller'],
public=name == public_name,
).create()
with Session(test_name, module_viewer_user.login,
module_viewer_user.password) as non_admin_session:
assert non_admin_session.bookmark.search(
public_name)[0]['Name'] == public_name
assert not non_admin_session.bookmark.search(nonpublic_name)
with session:
session.bookmark.update(public_name, {'public': False})
session.bookmark.update(nonpublic_name, {'public': True})
with Session(test_name, module_viewer_user.login,
module_viewer_user.password) as non_admin_session:
assert non_admin_session.bookmark.search(
nonpublic_name)[0]['Name'] == nonpublic_name
assert not non_admin_session.bookmark.search(public_name)
def test_positive_user_access_with_host_filter(test_name, module_loc,
rhel7_contenthost):
"""Check if user with necessary host permissions can access dashboard
and required widgets are rendered with proper values
:id: 24b4b371-cba0-4bc8-bc6a-294c62e0586d
:Steps:
1. Specify proper filter with permission for your role
2. Create new user and assign role to it
3. Login into application using this new user
4. Check dashboard and widgets on it
5. Register new content host to populate some values into dashboard widgets
:expectedresults: Dashboard and Errata Widget rendered without errors and
contain proper values
:BZ: 1417114
:CaseLevel: System
"""
user_login = gen_string('alpha')
user_password = gen_string('alphanumeric')
org = entities.Organization().create()
lce = entities.LifecycleEnvironment(organization=org).create()
# create a role with necessary permissions
role = entities.Role().create()
user_permissions = {
'Organization': ['view_organizations'],
'Location': ['view_locations'],
None: ['access_dashboard'],
'Host': ['view_hosts'],
}
create_role_permissions(role, user_permissions)
# create a user and assign the above created role
entities.User(
default_organization=org,
organization=[org],
default_location=module_loc,
location=[module_loc],
role=[role],
login=user_login,
password=user_password,
).create()
with Session(test_name, user=user_login,
password=user_password) as session:
assert session.dashboard.read(
'HostConfigurationStatus')['total_count'] == 0
assert len(session.dashboard.read('LatestErrata')) == 0
repos_collection = RepositoryCollection(
distro=DISTRO_RHEL7,
repositories=[
SatelliteToolsRepository(),
YumRepository(url=FAKE_6_YUM_REPO)
],
)
repos_collection.setup_content(org.id, lce.id, upload_manifest=True)
repos_collection.setup_virtual_machine(rhel7_contenthost)
result = rhel7_contenthost.run(
f'yum install -y {FAKE_1_CUSTOM_PACKAGE}')
assert result.status == 0
hostname = rhel7_contenthost.hostname
# Check UI for values
assert session.host.search(hostname)[0]['Name'] == hostname
hosts_values = session.dashboard.read('HostConfigurationStatus')
assert hosts_values['total_count'] == 1
errata_values = session.dashboard.read('LatestErrata')['erratas']
assert len(errata_values) == 1
assert errata_values[0]['Type'] == 'security'
assert FAKE_2_ERRATA_ID in errata_values[0]['Errata']
def test_positive_create_overridable_filter(session, module_org, module_loc, test_name):
"""Create overridden filter in role
:id: 325e7e3e-60fc-4182-9585-0449d9660e8d
:steps:
1. Create a role with some taxonomies (organizations and locations)
2. Create a filter in role to which taxonomies can be associated
e.g Subnet filter
3. Override a filter with some taxonomies which doesnt match the
taxonomies of role
4. Create user with taxonomies including filter taxonomies and
assign role to it
5. Login with user and attempt to access the resources
:expectedresults:
1. Filter is created with taxonomies
2. User can access resources, permissions specified in filter
3. User have access only in taxonomies specified in filter
"""
role_name = gen_string('alpha')
username = gen_string('alpha')
password = gen_string('alpha')
role_org = entities.Organization().create()
role_loc = entities.Location().create()
subnet = entities.Subnet()
subnet.create_missing()
subnet_name = subnet.name
new_subnet_name = gen_string('alpha')
with session:
session.role.create(
{
'name': role_name,
'organizations.assigned': [role_org.name, module_org.name],
'locations.assigned': [role_loc.name, module_loc.name],
}
)
assert session.role.search(role_name)[0]['Name'] == role_name
session.filter.create(
role_name,
{
'resource_type': 'Subnet',
'permission.assigned': ['view_subnets', 'create_subnets'],
'override': True,
'taxonomies_tabs.locations.resources.assigned': [module_loc.name],
'taxonomies_tabs.organizations.resources.assigned': [module_org.name],
},
)
session.filter.create(
role_name,
{
'resource_type': 'Organization',
'permission.assigned': ['assign_organizations', 'view_organizations'],
},
)
session.filter.create(
role_name,
{
'resource_type': 'Location',
'permission.assigned': ['assign_locations', 'view_locations'],
},
)
session.user.create(
{
'user.login': username,
'user.auth': 'INTERNAL',
'user.password': password,
'user.confirm': password,
'user.mail': '*****@*****.**',
'roles.resources.assigned': [role_name],
'organizations.resources.assigned': [role_org.name, module_org.name],
'locations.resources.assigned': [role_loc.name, module_loc.name],
}
)
with Session(test_name, user=username, password=password) as session:
session.organization.select(org_name=module_org.name)
session.location.select(loc_name=module_loc.name)
session.subnet.create(
{
'subnet.name': subnet_name,
'subnet.protocol': 'IPv4',
'subnet.network_address': subnet.network,
'subnet.network_mask': subnet.mask,
'subnet.boot_mode': 'Static',
}
)
assert session.subnet.search(subnet_name)[0]['Name'] == subnet_name
session.organization.select(org_name=role_org.name)
session.location.select(loc_name=role_loc.name)
with pytest.raises(AssertionError) as context:
session.subnet.create(
{
'subnet.name': new_subnet_name,
'subnet.protocol': 'IPv4',
'subnet.network_address': subnet.network,
'subnet.network_mask': subnet.mask,
'subnet.boot_mode': 'Static',
}
)
assert (
"You don't have permission create_subnets with attributes"
" that you have specified or you don't have access to"
" specified organizations or locations" in str(context.value)
)
def test_obfuscate_host_ipv4_addresses(rhcloud_sat_host, inventory_settings,
organization_ak_setup,
rhcloud_registered_hosts):
"""Test whether `Obfuscate host ipv4 addresses` setting works as expected.
:id: c0fc4ee9-a6a1-42c0-83f0-0f131ca9ab41
:customerscenario: true
:Steps:
1. Prepare machine and upload its data to Insights
2. Add Cloud API key in Satellite
3. Go to Configure > Inventory upload > enable “Obfuscate host ipv4 addresses” setting.
4. Generate report after enabling the setting.
5. Check if hosts ipv4 addresses are obfuscated in generated reports.
6. Disable previous setting.
7. Go to Administer > Settings > RH Cloud and enable "Obfuscate IPs" setting.
8. Generate report after enabling the setting.
9. Check if hosts ipv4 addresses are obfuscated in generated reports.
:expectedresults:
1. Obfuscated host ipv4 addresses in generated reports.
:BZ: 1852594, 1889690
:CaseAutomation: Automated
"""
org, ak = organization_ak_setup
virtual_host, baremetal_host = rhcloud_registered_hosts
with Session(hostname=rhcloud_sat_host.hostname) as session:
session.organization.select(org_name=org.name)
session.location.select(loc_name=DEFAULT_LOC)
# Enable obfuscate_ips setting on inventory page.
session.cloudinventory.update({'obfuscate_ips': True})
timestamp = (datetime.utcnow() -
timedelta(minutes=2)).strftime('%Y-%m-%d %H:%M')
session.cloudinventory.generate_report(org.name)
# wait_for_tasks report generation task to finish.
wait_for(
lambda: rhcloud_sat_host.api.ForemanTask().search(
query={
'search':
f'label = ForemanInventoryUpload::Async::GenerateReportJob '
f'and started_at >= "{timestamp}"'
})[0].result == 'success',
timeout=400,
delay=15,
silent_failure=True,
handle_exception=True,
)
report_path = session.cloudinventory.download_report(org.name)
inventory_data = session.cloudinventory.read(org.name)
# Assert that obfuscate_ips is enabled.
assert inventory_data['obfuscate_ips'] is True
# Assert that generated archive is valid.
common_assertion(report_path, inventory_data, org, rhcloud_sat_host)
# Get report data for assertion
json_data = get_report_data(report_path)
hostnames = [host['fqdn'] for host in json_data['hosts']]
assert virtual_host.hostname in hostnames
assert baremetal_host.hostname in hostnames
# Assert that ip_addresses are obfuscated from report.
ip_addresses = [
host['system_profile']['network_interfaces'][0]['ipv4_addresses']
[0] for host in json_data['hosts']
]
ipv4_addresses = [
host['ip_addresses'][0] for host in json_data['hosts']
]
assert virtual_host.ip_addr not in ip_addresses
assert baremetal_host.ip_addr not in ip_addresses
assert virtual_host.ip_addr not in ipv4_addresses
assert baremetal_host.ip_addr not in ipv4_addresses
# Disable obfuscate_ips setting on inventory page.
session.cloudinventory.update({'obfuscate_ips': False})
# Enable obfuscate_inventory_ips setting.
rhcloud_sat_host.update_setting('obfuscate_inventory_ips', True)
timestamp = (datetime.utcnow() -
timedelta(minutes=2)).strftime('%Y-%m-%d %H:%M')
session.cloudinventory.generate_report(org.name)
# wait_for_tasks report generation task to finish.
wait_for(
lambda: rhcloud_sat_host.api.ForemanTask().search(
query={
'search':
f'label = ForemanInventoryUpload::Async::GenerateReportJob '
f'and started_at >= "{timestamp}"'
})[0].result == 'success',
timeout=400,
delay=15,
silent_failure=True,
handle_exception=True,
)
report_path = session.cloudinventory.download_report(org.name)
inventory_data = session.cloudinventory.read(org.name)
assert inventory_data['obfuscate_ips'] is True
# Get report data for assertion
json_data = get_report_data(report_path)
hostnames = [host['fqdn'] for host in json_data['hosts']]
assert virtual_host.hostname in hostnames
assert baremetal_host.hostname in hostnames
ip_addresses = [
host['system_profile']['network_interfaces'][0]['ipv4_addresses']
[0] for host in json_data['hosts']
]
ipv4_addresses = [
host['ip_addresses'][0] for host in json_data['hosts']
]
assert virtual_host.ip_addr not in ip_addresses
assert baremetal_host.ip_addr not in ip_addresses
assert virtual_host.ip_addr not in ipv4_addresses
assert baremetal_host.ip_addr not in ipv4_addresses
