def test_group_remove_link_visibility(self):
with session.begin():
user = data_setup.create_user(password="******")
user.groups.append(self.group)
group = data_setup.create_group(owner=user)
b = self.browser
# login as admin
login(b)
b.get(get_server_base() + "groups/")
b.find_element_by_xpath("//input[@name='group.text']").clear()
b.find_element_by_xpath("//input[@name='group.text']").send_keys(self.group.group_name)
b.find_element_by_xpath("//input[@value='Search']").submit()
self.assert_(
"Remove (-)" in b.find_element_by_xpath("//tr[(td[1]/a[text()='%s'])]" % self.group.group_name).text
)
logout(b)
# login as another user
login(b, user=user.user_name, password="******")
b.get(get_server_base() + "groups/")
b.find_element_by_xpath("//input[@name='group.text']").clear()
b.find_element_by_xpath("//input[@name='group.text']").send_keys(self.group.group_name)
b.find_element_by_xpath("//input[@value='Search']").submit()
self.assert_(
"Remove (-)" not in b.find_element_by_xpath("//tr[(td[1]/a[text()='%s'])]" % self.group.group_name).text
)
b.find_element_by_xpath("//input[@name='group.text']").clear()
b.find_element_by_xpath("//input[@name='group.text']").send_keys(group.group_name)
b.find_element_by_xpath("//input[@value='Search']").submit()
self.assert_("Remove (-)" in b.find_element_by_xpath("//tr[(td[1]/a[text()='%s'])]" % group.group_name).text)
def test_add_group(self):
with session.begin():
group = data_setup.create_group()
user_password = '******'
user = data_setup.create_user(password=user_password)
data_setup.add_user_to_group(user, group)
orig_date_modified = self.system.date_modified
# as admin, assign the system to our test group
b = self.browser
login(b)
self.go_to_system_view(tab='Groups')
b.find_element_by_name('group.text').send_keys(group.group_name)
b.find_element_by_name('groups').submit()
b.find_element_by_xpath('//div[@id="groups"]'
'//td[normalize-space(text())="%s"]' %
group.group_name)
with session.begin():
session.refresh(self.system)
self.assert_(self.system.date_modified > orig_date_modified)
# as a user in the group, can we see it?
logout(b)
login(b, user.user_name, user_password)
click_menu_item(b, 'Systems', 'Available')
b.find_element_by_name('simplesearch').send_keys(self.system.fqdn)
b.find_element_by_name('systemsearch_simple').submit()
check_system_search_results(b, present=[self.system])
def test_group_remove_link_visibility(self):
with session.begin():
user = data_setup.create_user(password='******')
user.groups.append(self.group)
group = data_setup.create_group(owner=user)
b = self.browser
#login as admin
login(b)
b.get(get_server_base() + 'groups/')
b.find_element_by_xpath("//input[@name='group.text']").clear()
b.find_element_by_xpath("//input[@name='group.text']").send_keys(
self.group.group_name)
b.find_element_by_id('Search').submit()
self.assert_('Delete' in b.find_element_by_xpath(
"//tr[(td[1]/a[text()='%s'])]" % self.group.group_name).text)
logout(b)
# login as another user
login(b, user=user.user_name, password='******')
b.get(get_server_base() + 'groups/')
b.find_element_by_xpath("//input[@name='group.text']").clear()
b.find_element_by_xpath("//input[@name='group.text']").send_keys(
self.group.group_name)
b.find_element_by_id('Search').submit()
self.assert_('Delete' not in b.find_element_by_xpath(
"//tr[(td[1]/a[text()='%s'])]" % self.group.group_name).text)
b.find_element_by_xpath("//input[@name='group.text']").clear()
b.find_element_by_xpath("//input[@name='group.text']").send_keys(
group.group_name)
b.find_element_by_id('Search').submit()
self.assert_('Delete' in b.find_element_by_xpath(
"//tr[(td[1]/a[text()='%s'])]" % group.group_name).text)
def test_jobs_group_column(self):
with session.begin():
user = data_setup.create_user(password='******')
group1 = data_setup.create_group(owner=user)
group2 = data_setup.create_group()
user.groups.append(group2)
job1 = data_setup.create_job(owner=user, group=None)
job2 = data_setup.create_job(owner=user, group=group1)
job3 = data_setup.create_job(owner=user, group=group2)
b = self.browser
# jobs/mine
login(b, user=user.user_name, password='******')
b.find_element_by_link_text('My Jobs').click()
b.find_element_by_xpath('//title[normalize-space(text())="My Jobs"]')
self.check_job_row(rownum=1, job_t_id=job3.t_id, group=group2)
self.check_job_row(rownum=2, job_t_id=job2.t_id, group=group1)
self.check_job_row(rownum=3, job_t_id=job1.t_id, group=None)
# jobs
logout(b)
b.get(get_server_base() + 'jobs/')
self.check_job_row(rownum=1, job_t_id=job3.t_id, group=group2)
self.check_job_row(rownum=2, job_t_id=job2.t_id, group=group1)
self.check_job_row(rownum=3, job_t_id=job1.t_id, group=None)
def test_remove_self_admin_group(self):
with session.begin():
user = data_setup.create_admin(password='******')
b = self.browser
login(b, user=user.user_name, password='******')
# admin should be in groups/mine
b.get(get_server_base() + 'groups/mine')
b.find_element_by_link_text('admin').click()
# remove self
b.find_element_by_xpath('//td/a[text()="Remove (-)" and ../preceding-sibling::td[2]/text()="%s"]'
% user.user_name).click()
# admin should not be in groups/mine
b.get(get_server_base() + 'groups/mine')
self.assertTrue(not is_text_present(b, 'admin'))
logout(b)
# login as admin
login(b)
group = Group.by_name('admin')
group_users = group.users
# remove all other users from 'admin'
b.get(get_server_base() + 'groups/edit?group_id=1')
for usr in group_users:
if usr.user_id != 1:
b.find_element_by_xpath('//td/a[text()="Remove (-)" and ../preceding-sibling::td[2]/text()="%s"]'
% usr.user_name).click()
# attempt to remove admin user
b.find_element_by_xpath('//a[@href="removeUser?group_id=1&id=1"]').click()
self.assert_('Cannot remove member' in b.find_element_by_class_name('flash').text)
def test_jobs_group_column(self):
with session.begin():
user = data_setup.create_user(password='******')
group1 = data_setup.create_group(owner=user)
group2 = data_setup.create_group()
user.groups.append(group2)
job1 = data_setup.create_job(owner=user, group=None)
job2 = data_setup.create_job(owner=user, group=group1)
job3 = data_setup.create_job(owner=user, group=group2)
b = self.browser
# jobs/mine
login(b, user=user.user_name, password='******')
b.find_element_by_link_text('My Jobs').click()
b.find_element_by_xpath('//title[normalize-space(text())="My Jobs"]')
self.check_job_row(rownum=1, job_t_id=job3.t_id, group=group2)
self.check_job_row(rownum=2, job_t_id=job2.t_id, group=group1)
self.check_job_row(rownum=3, job_t_id=job1.t_id, group=None)
# jobs
logout(b)
b.get(get_server_base() + 'jobs/')
self.check_job_row(rownum=1, job_t_id=job3.t_id, group=group2)
self.check_job_row(rownum=2, job_t_id=job2.t_id, group=group1)
self.check_job_row(rownum=3, job_t_id=job1.t_id, group=None)
def test_add_group(self):
with session.begin():
group = data_setup.create_group()
user_password = '******'
user = data_setup.create_user(password=user_password)
data_setup.add_user_to_group(user, group)
orig_date_modified = self.system.date_modified
# as admin, assign the system to our test group
b = self.browser
login(b)
self.go_to_system_view(tab='Groups')
b.find_element_by_name('group.text').send_keys(group.group_name)
b.find_element_by_name('groups').submit()
b.find_element_by_xpath(
'//div[@id="groups"]'
'//td[normalize-space(text())="%s"]' % group.group_name)
with session.begin():
session.refresh(self.system)
self.assert_(self.system.date_modified > orig_date_modified)
# as a user in the group, can we see it?
logout(b)
login(b, user.user_name, user_password)
click_menu_item(b, 'Systems', 'Available')
b.find_element_by_name('simplesearch').send_keys(self.system.fqdn)
b.find_element_by_name('systemsearch_simple').submit()
check_system_search_results(b, present=[self.system])
def test_remove_user_job_cancel(self):
with session.begin():
user = data_setup.create_user(user_name =
data_setup.unique_name('aaaaa%s'))
job = data_setup.create_job(owner=user)
data_setup.mark_job_running(job)
b = self.browser
login(b)
b.get(get_server_base() + 'users')
b.find_element_by_xpath('//a[@href="remove?id=%d"]' %user.user_id).click()
# XXX: not necessary, but doing it here to buy time, since sometimes the
# job cancellation seems to take a while
logout(b)
# reflect the change in recipe task status when
# update_dirty_jobs() is called
session.expunge_all()
beakerd.update_dirty_jobs()
with session.begin():
job = Job.by_id(job.id)
self.assertEquals(job.status, TaskStatus.cancelled)
self.assertIn('User %s removed' % user.user_name,
job.recipesets[0].recipes[0].tasks[0].results[0].log)
def test_anonymous_cant_contact_owner(self):
b = self.browser
logout(b)
# Test can't access when not logged in
b.get(get_server_base() + 'view/%s' % self.system.fqdn)
b.find_element_by_link_text('Loan').click()
b.find_element_by_xpath('//div[@id="loan" and not(.//button[text()="Request Loan"])]')
def test_remove_user_job_cancel(self):
with session.begin():
user = data_setup.create_user(user_name =
data_setup.unique_name('aaaaa%s'))
job = data_setup.create_job(owner=user)
data_setup.mark_job_running(job)
b = self.browser
login(b)
b.get(get_server_base() + 'users')
b.find_element_by_xpath('//a[@href="remove?id=%d"]' %user.user_id).click()
# XXX: not necessary, but doing it here to buy time, since sometimes the
# job cancellation seems to take a while
logout(b)
# reflect the change in recipe task status when
# update_dirty_jobs() is called
session.expunge_all()
beakerd.update_dirty_jobs()
with session.begin():
job = Job.by_id(job.id)
self.assertEquals(job.status, TaskStatus.cancelled)
self.assertIn('User %s removed' % user.user_name,
job.recipesets[0].recipes[0].tasks[0].results[0].log)
def test_add_remove_owner_group(self):
with session.begin():
user = data_setup.create_user(password='******')
group = data_setup.create_group(owner=user)
user1 = data_setup.create_user(password='******')
b = self.browser
login(b, user=user.user_name, password='******')
b.get(get_server_base() + 'groups/mine')
# remove self (as only owner)
b.find_element_by_link_text(group.group_name).click()
b.find_element_by_xpath('//td[preceding-sibling::td/text()="%s"]' % user.user_name)\
.find_element_by_link_text('Remove').click()
flash_text = b.find_element_by_class_name('flash').text
self.assert_("Cannot remove the only owner" in flash_text)
# add a new user as owner
b.find_element_by_xpath('//input[@id="GroupUser_user_text"]').send_keys(user1.user_name)
b.find_element_by_id('GroupUser').submit()
b.find_element_by_xpath('//td[text()="%s"]' % user1.user_name)
b.find_element_by_xpath('//td[preceding-sibling::td/text()="%s"]' % user1.user_name)\
.find_element_by_link_text('Add').click()
b.find_element_by_xpath('//td[preceding-sibling::td/text()="%s"]' % user1.user_name)\
.find_element_by_link_text('Remove')
logout(b)
# login as the new user and check for ownership
login(b, user=user1.user_name, password='******')
b.get(get_server_base() + 'groups/mine')
b.find_element_by_link_text(group.group_name).click()
b.find_element_by_xpath('//input')
with session.begin():
self.assertEquals(Activity.query.filter_by(service=u'WEBUI',
field_name=u'Owner', action=u'Added',
new_value=user1.user_name).count(), 1)
group = Group.by_name(group.group_name)
self.assert_(group.has_owner(user1))
self.assertEquals(group.activity[-1].action, u'Added')
self.assertEquals(group.activity[-1].field_name, u'Owner')
self.assertEquals(group.activity[-1].new_value, user1.user_name)
self.assertEquals(group.activity[-1].service, u'WEBUI')
# remove self as owner
b.find_element_by_xpath('//td[preceding-sibling::td/text()="%s"]' % user1.user_name)\
.find_element_by_link_text('Remove').click()
b.find_element_by_xpath('//title[text()="My Groups"]')
with session.begin():
self.assertEquals(Activity.query.filter_by(service=u'WEBUI',
field_name=u'Owner', action=u'Removed',
old_value=user1.user_name).count(), 1)
session.refresh(group)
self.assertEquals(group.activity[-1].action, u'Removed')
self.assertEquals(group.activity[-1].field_name, u'Owner')
self.assertEquals(group.activity[-1].old_value, user1.user_name)
self.assertEquals(group.activity[-1].service, u'WEBUI')
def test_active_access_policy_selection(self):
with session.begin():
user = data_setup.create_user()
owner = data_setup.create_user(password='******')
system = data_setup.create_system(owner=owner)
data_setup.create_system_pool(systems=[system])
pool2 = data_setup.create_system_pool(systems=[system])
pool2.access_policy.add_rule(user=user,
permission=SystemPermission.edit_system)
b = self.browser
login(b, owner.user_name, password='******')
b.get(get_server_base() + 'view/%s/' % system.fqdn)
b.find_element_by_link_text('Access Policy').click()
pane = b.find_element_by_id('access-policy')
# Currently the system is using its custom access policy
self.assertTrue(pane.find_element_by_xpath(
'//label[contains(string(.), "Use custom access policy")]'
'/input[@type="radio"]').is_selected())
# change to pool policy
pane.find_element_by_xpath(
'//label[contains(string(.), "Use policy from pool:")]'
'/input[@type="radio"]').click()
Select(pane.find_element_by_name('pool_name')).select_by_visible_text(pool2.name)
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
# wait for the request to complete
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
# check if the policy change has persisted
b.get(get_server_base() + 'view/%s/' % system.fqdn)
b.find_element_by_link_text('Access Policy').click()
self.assertTrue(b.find_element_by_xpath(
'//label[contains(string(.), "Use policy from pool:")]'
'/input[@type="radio"]').is_selected())
selected_options = Select(b.find_element_by_name('pool_name')).\
all_selected_options
self.assertTrue(len(selected_options), 1)
self.assertEquals(selected_options[0].text, pool2.name)
self.assertFalse(b.find_element_by_xpath(
'//label[contains(string(.), "Use custom access policy")]'
'/input[@type="radio"]').is_selected())
with session.begin():
session.expire_all()
self.assertTrue(system.active_access_policy.grants(user,
SystemPermission.edit_system))
logout(b)
# no change allowed when not logged in/no right privileges
b.get(get_server_base() + 'view/%s/' % system.fqdn)
b.find_element_by_link_text('Access Policy').click()
self.assertFalse(b.find_element_by_xpath(
'//label[contains(string(.), "Use policy from pool:")]'
'/input[@type="radio"]').is_enabled())
selected_options = Select(b.find_element_by_name('pool_name')). \
all_selected_options
self.assertEquals(selected_options[0].text, pool2.name)
self.assertFalse(b.find_element_by_xpath(
'//label[contains(string(.), "Use custom access policy")]'
'/input[@type="radio"]').is_enabled())
def test_remove_user_from_owning_group(self):
with session.begin():
user = data_setup.create_user(password='******')
group_name = data_setup.unique_name('AAAAAA%s')
display_name = data_setup.unique_name('Group Display Name %s')
b = self.browser
login(b, user=self.user.user_name, password='******')
b.get(get_server_base() + 'groups/mine')
b.find_element_by_link_text('Add').click()
b.find_element_by_xpath('//input[@id="Group_display_name"]').send_keys(
display_name)
b.find_element_by_xpath('//input[@id="Group_group_name"]').send_keys(
group_name)
b.find_element_by_id('Group').submit()
b.find_element_by_xpath('//title[text()="My Groups"]')
b.find_element_by_link_text(group_name).click()
# add an user
b.find_element_by_xpath(
'//input[@id="GroupUser_user_text"]').send_keys(user.user_name)
b.find_element_by_id('GroupUser').submit()
self.mail_capture.captured_mails[:] = []
group_id = Group.by_name(group_name).group_id
username = user.user_name
user_id = user.user_id
b.find_element_by_xpath('//td[preceding-sibling::td[2]/text()="%s"]' % username)\
.find_element_by_link_text('Remove').click()
self.assertEquals(
b.find_element_by_class_name('flash').text,
'%s Removed' % username)
with session.begin():
group = Group.by_name(group_name)
self.check_notification(user, group, action='Removed')
# remove self when I am the only owner of the group
b.find_element_by_xpath('//td[preceding-sibling::td[2]/text()="%s"]' % self.user.user_name)\
.find_element_by_link_text('Remove').click()
self.assert_('Cannot remove member' in b.find_element_by_class_name(
'flash').text)
# admin should be able to remove an owner, even if only one
logout(b)
#login back as admin
login(b)
b.get(get_server_base() + 'groups/edit?group_id=%s' % group_id)
b.find_element_by_xpath('//td[preceding-sibling::td[2]/text()="%s"]' % self.user.user_name)\
.find_element_by_link_text('Remove').click()
self.assert_(
'%s Removed' %
self.user.user_name in b.find_element_by_class_name('flash').text)
def test_non_shared_system(self):
with session.begin():
user = data_setup.create_user(password=u'testing')
system = data_setup.create_system(status=SystemStatus.automated,
lab_controller=self.lc, shared=False)
b = self.browser
login(b, user=user.user_name, password='******')
self.check_system_is_not_available(system)
# same thing, as admin
logout(b)
login(b)
self.check_system_is_not_available(system)
def test_non_shared_system(self):
with session.begin():
user = data_setup.create_user(password=u'testing')
system = data_setup.create_system(status=SystemStatus.automated,
lab_controller=self.lc,
shared=False)
b = self.browser
login(b, user=user.user_name, password='******')
self.check_system_is_not_available(system)
# same thing, as admin
logout(b)
login(b)
self.check_system_is_not_available(system)
def test_modifying_beaker_password(self):
b = self.browser
pass_field = b.find_element_by_name("password")
pass_field.clear()
pass_field.send_keys('AlbiDoubleyou')
b.find_element_by_id('UserPrefs').submit()
self.assert_(is_text_present(b, 'Beaker password changed'))
# Test that we can login with new creds
# If we can't make the prefs page, we are not logged in
logout(b)
login(b, user=self.user.user_name, password='******')
self.browser.get(get_server_base() + 'prefs')
b.find_element_by_xpath('//h1[text()="User Preferences"]')
def test_modifying_beaker_password(self):
b = self.browser
pass_field = b.find_element_by_name("password")
pass_field.clear()
pass_field.send_keys('AlbiDoubleyou')
b.find_element_by_id('UserPrefs').submit()
self.assert_(is_text_present(b, 'Beaker password changed'))
# Test that we can login with new creds
# If we can't make the prefs page, we are not logged in
logout(b)
login(b, user=self.user.user_name, password='******')
self.browser.get(get_server_base() + 'prefs')
b.find_element_by_xpath('//h1[text()="User Preferences"]')
def test_remove_user_from_owning_group(self):
with session.begin():
user = data_setup.create_user(password='******')
group_name = data_setup.unique_name('AAAAAA%s')
display_name = data_setup.unique_name('Group Display Name %s')
b = self.browser
login(b, user=self.user.user_name, password='******')
b.get(get_server_base() + 'groups/mine')
b.find_element_by_link_text('Add').click()
b.find_element_by_xpath('//input[@id="Group_display_name"]').send_keys(display_name)
b.find_element_by_xpath('//input[@id="Group_group_name"]').send_keys(group_name)
b.find_element_by_id('Group').submit()
b.find_element_by_xpath('//title[text()="My Groups"]')
b.find_element_by_link_text(group_name).click()
# add an user
b.find_element_by_xpath('//input[@id="GroupUser_user_text"]').send_keys(user.user_name)
b.find_element_by_id('GroupUser').submit()
self.mail_capture.captured_mails[:] = []
group_id = Group.by_name(group_name).group_id
username = user.user_name
user_id = user.user_id
b.find_element_by_xpath('//td[preceding-sibling::td[2]/text()="%s"]' % username)\
.find_element_by_link_text('Remove').click()
self.assertEquals(b.find_element_by_class_name('flash').text,
'%s Removed' % username)
with session.begin():
group = Group.by_name(group_name)
self.check_notification(user, group, action='Removed')
# remove self when I am the only owner of the group
b.find_element_by_xpath('//td[preceding-sibling::td[2]/text()="%s"]' % self.user.user_name)\
.find_element_by_link_text('Remove').click()
self.assert_('Cannot remove member' in b.find_element_by_class_name('flash').text)
# admin should be able to remove an owner, even if only one
logout(b)
#login back as admin
login(b)
b.get(get_server_base() + 'groups/edit?group_id=%s' % group_id)
b.find_element_by_xpath('//td[preceding-sibling::td[2]/text()="%s"]' % self.user.user_name)\
.find_element_by_link_text('Remove').click()
self.assert_('%s Removed' % self.user.user_name in b.find_element_by_class_name('flash').text)
def test_return_loan(self):
with session.begin():
user = data_setup.create_user(password='******')
# Login as admin, loan to average Joe,
b = self.browser
login(b)
self.go_to_loan_page()
self.change_loan(user.user_name)
logout(b)
# Login as average Joe, and click 'Return Loan'
login(b, user.user_name, 'password')
self.go_to_loan_page()
b.find_element_by_name('update_loan.return').click()
self.verify_loan_update('')
logout(b)
# Login as admin, loan to self and add comment
login(b)
comment = u'As I pee, sir, I see Pisa!'
self.go_to_loan_page()
self.change_loan(u'admin', comment)
self.verify_loan_update(u'admin')
sys = self.system
# Test going from '' -> comment in SystemActivity
sys_activity_comment = sys.dyn_activity.filter(SystemActivity.field_name == \
u'Loan Comment').first()
self.assertEqual(sys_activity_comment.old_value, u'')
self.assertEqual(sys_activity_comment.new_value, comment)
# Let's clear the user field
b.find_element_by_name('update_loan.loaned').clear()
b.find_element_by_name('update_loan.update').click()
# This is equivalent to a loan return
b.find_element_by_xpath('//textarea[@name='
'"update_loan.loan_comment" and normalize-space(text())=""]')
self.verify_loan_update('')
# Test going from 'admin' -> '' in SystemActivity
sys = System.by_fqdn(self.system.fqdn, user)
sys_activity_name = sys.dyn_activity.filter(SystemActivity.field_name == \
u'Loaned To').first()
self.assertEqual(sys_activity_name.old_value, u'admin')
self.assertEqual(sys_activity_name.new_value, u'')
# Test going from comment -> '' in SystemActivity
sys_activity_comment2 = sys.dyn_activity.filter(SystemActivity.field_name == \
u'Loan Comment').first()
self.assertEqual(sys_activity_comment2.old_value, comment)
self.assertEqual(sys_activity_comment2.new_value, u'')
def test_export_power_does_not_leak_power_config(self):
with session.begin():
unprivileged_user = data_setup.create_user(password=u'asdf')
privileged_user = data_setup.create_user(password=u'asdf')
system = data_setup.create_system(shared=True)
system.custom_access_policy.add_rule(SystemPermission.view_power,
user=privileged_user)
b = self.browser
login(b, user=privileged_user.user_name, password=u'asdf')
csv_request = self.get_csv('power')
fqdns = [row['fqdn'] for row in csv.DictReader(csv_request)]
self.assertIn(system.fqdn, fqdns)
logout(b)
login(b, user=unprivileged_user.user_name, password=u'asdf')
csv_request = self.get_csv('power')
fqdns = [row['fqdn'] for row in csv.DictReader(csv_request)]
self.assertNotIn(system.fqdn, fqdns)
def test_loaned_not_used_system_not_shown(self):
with session.begin():
pass_ ='password'
user_1 = data_setup.create_user(password=pass_)
user_2 = data_setup.create_user(password=pass_)
self.system.loaned = user_1
b = self.browser
login(b, user=user_1.user_name, password=pass_)
go_to_reserve_systems(b, self.distro_tree)
b.find_element_by_xpath('//tr[normalize-space(string(td[1]))="%s"]'
'/td/a[text()="Reserve Now"]' % self.system.fqdn)
logout(b)
login(b, user=user_2.user_name, password=pass_)
go_to_reserve_systems(b, self.distro_tree)
b.find_element_by_xpath('//tr[normalize-space(string(td[1]))="%s"]'
'/td/a[text()="Queue Reservation"]' % self.system.fqdn)
def test_loaned_not_used_system_not_shown(self):
with session.begin():
pass_ ='password'
user_1 = data_setup.create_user(password=pass_)
user_2 = data_setup.create_user(password=pass_)
self.system.loaned = user_1
b = self.browser
login(b, user=user_1.user_name, password=pass_)
go_to_reserve_systems(b, self.distro_tree)
b.find_element_by_xpath('//tr[normalize-space(string(td[1]))="%s"]'
'/td/a[text()="Reserve Now"]' % self.system.fqdn)
logout(b)
login(b, user=user_2.user_name, password=pass_)
go_to_reserve_systems(b, self.distro_tree)
b.find_element_by_xpath('//tr[normalize-space(string(td[1]))="%s"]'
'/td/a[text()="Queue Reservation"]' % self.system.fqdn)
def test_system_restricted_to_group(self):
with session.begin():
system = data_setup.create_system(status=SystemStatus.automated,
shared=False, lab_controller=self.lc)
user = data_setup.create_user(password=u'testing')
group = data_setup.create_group()
# user is not in group
system.custom_access_policy.add_rule(
permission=SystemPermission.reserve, group=group)
b = self.browser
login(b, user=user.user_name, password='******')
self.check_system_is_not_available(system)
self.check_cannot_take(system)
# same thing, as admin
logout(b)
login(b)
self.check_system_is_not_available(system)
def test_loaned_not_used_system_not_shown(self):
with session.begin():
pass_ ='password'
user_1 = data_setup.create_user(password=pass_)
user_2 = data_setup.create_user(password=pass_)
self.system.loaned = user_1
b = self.browser
login(b, user=user_1.user_name, password=pass_)
go_to_reserve_systems(b, self.distro_tree)
search_for_system(b, self.system)
self.assert_(is_text_present(b, 'Reserve Now'))
logout(b)
login(b, user=user_2.user_name, password=pass_)
go_to_reserve_systems(b, self.distro_tree)
search_for_system(b, self.system)
self.assert_(is_text_present(b, 'Queue Reservation'))
def test_export_power_does_not_leak_power_config(self):
with session.begin():
unprivileged_user = data_setup.create_user(password=u'asdf')
privileged_user = data_setup.create_user(password=u'asdf')
system = data_setup.create_system(shared=True)
system.custom_access_policy.add_rule(SystemPermission.view_power,
user=privileged_user)
b = self.browser
login(b, user=privileged_user.user_name, password=u'asdf')
csv_request = self.get_csv('power')
fqdns = [row['fqdn'] for row in csv.DictReader(csv_request)]
self.assertIn(system.fqdn, fqdns)
logout(b)
login(b, user=unprivileged_user.user_name, password=u'asdf')
csv_request = self.get_csv('power')
fqdns = [row['fqdn'] for row in csv.DictReader(csv_request)]
self.assertNotIn(system.fqdn, fqdns)
def test_myjobs_group(self):
with session.begin():
user = data_setup.create_user(password='******')
user2 = data_setup.create_user(password='******')
group = data_setup.create_group()
user.groups.append(group)
user2.groups.append(group)
job = data_setup.create_job(owner=user, group=group)
b = self.browser
login(b, user=user2.user_name, password='******')
b.get(get_server_base() + 'jobs/mygroups')
b.find_element_by_xpath('//title[normalize-space(text())="My Group Jobs"]')
self.assertTrue(is_text_present(b, job.t_id))
logout(b)
login(b, user=user.user_name, password='******')
b.get(get_server_base() + 'jobs/mygroups')
b.find_element_by_xpath('//title[normalize-space(text())="My Group Jobs"]')
self.assertTrue(is_text_present(b, job.t_id))
def test_system_restricted_to_group(self):
with session.begin():
system = data_setup.create_system(status=SystemStatus.automated,
shared=False,
lab_controller=self.lc)
user = data_setup.create_user(password=u'testing')
group = data_setup.create_group()
# user is not in group
system.custom_access_policy.add_rule(
permission=SystemPermission.reserve, group=group)
b = self.browser
login(b, user=user.user_name, password='******')
self.check_system_is_not_available(system)
self.check_cannot_take(system)
# same thing, as admin
logout(b)
login(b)
self.check_system_is_not_available(system)
def test_myjobs_group(self):
with session.begin():
user = data_setup.create_user(password='******')
user2 = data_setup.create_user(password='******')
group = data_setup.create_group()
user.groups.append(group)
user2.groups.append(group)
job = data_setup.create_job(owner=user, group=group)
b = self.browser
login(b, user=user2.user_name, password='******')
b.get(get_server_base() + 'jobs/mygroups')
b.find_element_by_xpath('//title[normalize-space(text())="My Group Jobs"]')
self.assertTrue(is_text_present(b, job.t_id))
logout(b)
login(b, user=user.user_name, password='******')
b.get(get_server_base() + 'jobs/mygroups')
b.find_element_by_xpath('//title[normalize-space(text())="My Group Jobs"]')
self.assertTrue(is_text_present(b, job.t_id))
def test_return_loan(self):
with session.begin():
user = data_setup.create_user(password='******')
# Login as admin, loan to average Joe,
b = self.browser
login(b)
self.go_to_loan_page()
self.change_loan(user.user_name)
logout(b)
# Login as average Joe, and click 'Return Loan'
login(b, user.user_name, 'password')
self.go_to_loan_page()
self.return_loan()
self.verify_loan_update('')
logout(b)
# Login as admin, loan to self and add comment
login(b)
comment = u'As I pee, sir, I see Pisa!'
self.go_to_loan_page()
self.change_loan(u'admin', comment)
self.verify_loan_update(u'admin')
sys = self.system
# Test going from '' -> comment in SystemActivity
sys_activity_comment = sys.dyn_activity.filter(SystemActivity.field_name == \
u'Loan Comment').first()
self.assertEqual(sys_activity_comment.old_value, u'')
self.assertEqual(sys_activity_comment.new_value, comment)
# Let's return the loan
self.return_loan()
self.verify_loan_update('')
# Test going from 'admin' -> '' in SystemActivity
sys = System.by_fqdn(self.system.fqdn, user)
sys_activity_name = sys.dyn_activity.filter(SystemActivity.field_name == \
u'Loaned To').first()
self.assertEqual(sys_activity_name.old_value, u'admin')
self.assertEqual(sys_activity_name.new_value, u'')
# Test going from comment -> '' in SystemActivity
sys_activity_comment2 = sys.dyn_activity.filter(SystemActivity.field_name == \
u'Loan Comment').first()
self.assertEqual(sys_activity_comment2.old_value, comment)
self.assertEqual(sys_activity_comment2.new_value, u'')
def test_remove_self_admin_group(self):
with session.begin():
user = data_setup.create_admin(password='******')
b = self.browser
login(b, user=user.user_name, password='******')
# admin should be in groups/mine
b.get(get_server_base() + 'groups/mine')
b.find_element_by_link_text('admin').click()
# remove self
b.find_element_by_xpath('//td[preceding-sibling::td[2]/text()="%s"]' % user.user_name)\
.find_element_by_link_text('Remove').click()
self.assertEquals(
b.find_element_by_class_name('flash').text,
'%s Removed' % user.user_name)
# admin should not be in groups/mine
b.get(get_server_base() + 'groups/mine')
check_group_search_results(b, absent=[Group.by_name(u'admin')])
logout(b)
# login as admin
login(b)
group = Group.by_name('admin')
group_users = group.users
# remove all other users from 'admin'
b.get(get_server_base() + 'groups/edit?group_id=1')
for usr in group_users:
if usr.user_id != 1:
b.find_element_by_xpath('//td[preceding-sibling::td[2]/text()="%s"]' % usr.user_name)\
.find_element_by_link_text('Remove').click()
self.assertEquals(
b.find_element_by_class_name('flash').text,
'%s Removed' % usr.user_name)
# attempt to remove admin user
b.find_element_by_xpath(
'//a[@href="removeUser?group_id=1&id=1"]').click()
self.assert_('Cannot remove member' in b.find_element_by_class_name(
'flash').text)
def test_return_loan(self):
with session.begin():
user = data_setup.create_user(password='******')
# Login as admin, loan to average Joe,
b = self.browser
login(b)
self.go_to_loan_page()
self.change_loan(user.user_name)
logout(b)
# Login as average Joe, and click 'Return Loan'
login(b, user.user_name, 'password')
self.go_to_loan_page()
self.return_loan()
self.verify_loan_update('')
logout(b)
# Login as admin, loan to self and add comment
login(b)
comment = u'As I pee, sir, I see Pisa!'
self.go_to_loan_page()
self.change_loan(u'admin', comment)
self.verify_loan_update(u'admin')
sys = self.system
# Test going from '' -> comment in SystemActivity
sys_activity_comment = sys.dyn_activity.filter(SystemActivity.field_name == \
u'Loan Comment').first()
self.assertEqual(sys_activity_comment.old_value, u'')
self.assertEqual(sys_activity_comment.new_value, comment)
# Let's return the loan
self.return_loan()
self.verify_loan_update('')
# Test going from 'admin' -> '' in SystemActivity
sys = System.by_fqdn(self.system.fqdn, user)
sys_activity_name = sys.dyn_activity.filter(SystemActivity.field_name == \
u'Loaned To').first()
self.assertEqual(sys_activity_name.old_value, u'admin')
self.assertEqual(sys_activity_name.new_value, u'')
# Test going from comment -> '' in SystemActivity
sys_activity_comment2 = sys.dyn_activity.filter(SystemActivity.field_name == \
u'Loan Comment').first()
self.assertEqual(sys_activity_comment2.old_value, comment)
self.assertEqual(sys_activity_comment2.new_value, u'')
def test_notes_logged_out(self):
# Add a note by authorised user
login(self.browser)
note = self.add_note()
# Test that we cannot add another note without logging in
logout(self.browser)
try:
self.add_note()
except Exception:
pass
else:
raise AssertionError("User without credentials was able to add note")
# Try to delete the first added note
try:
self.delete_note(note)
except Exception:
pass
else:
raise AssertionError("User without credentials was able to delete a note")
def test_remove_self_edit_policy_permission(self):
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
pane = b.find_element_by_id('access-policy')
# grant anotherpoirot edit_policy permission
find_policy_checkbox(b, 'anotherpoirot', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
logout(b)
login(b, user='******', password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
pane = b.find_element_by_id('access-policy')
# remove self edit_policy permission
find_policy_checkbox(b, 'anotherpoirot', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
# the widget should be readonly
pane.find_element_by_xpath('.//table[not(.//input[@type="checkbox" and not(@disabled)])]')
pane.find_element_by_xpath('.//table[not(.//input[@type="text"])]')
def test_ackability(self):
# XXX If this test gets any more complicated, we should break
# it up
b = self.browser
login(b, user=self.user_1.user_name, password=self.password)
b.get(get_server_base() + 'jobs/%d' % self.job.id)
#This tests that the ack is there for owner
b.find_element_by_name("response_box_%d" % self.job.recipesets[0].id)
logout(b)
# Not there for non owner
login(b, user=self.user_2.user_name, password=self.password)
b.get(get_server_base() + 'jobs/%d' % self.job.id)
b.find_element_by_xpath("//td[normalize-space(text())='RS:%s' and "
"not(./input[@name='response_box_%s'])]" % (
self.job.recipesets[0].id, self.job.recipesets[0].id))
# Is there for job owner's group co-member.
with session.begin():
data_setup.add_user_to_group(self.user_1, self.group)
data_setup.add_user_to_group(self.user_3, self.group)
logout(b)
login(b, user=self.user_3.user_name, password=self.password)
b.get(get_server_base() + 'jobs/%d' % self.job.id)
b.find_element_by_xpath("//input[@name='response_box_%s']" %
self.job.recipesets[0].id)
# There for job's group member
with session.begin():
self.job.group = self.group
self.user_2.groups.append(self.group)
logout(b)
login(b, user=self.user_2.user_name, password=self.password)
b.get(get_server_base() + 'jobs/%s' % self.job.id)
b.find_element_by_name("response_box_%s" % self.job.recipesets[0].id)
def test_secret_system(self):
with session.begin():
user = data_setup.create_user(password='******')
system = data_setup.create_system()
pool = data_setup.create_system_pool()
pool.systems.append(system)
system.active_access_policy = pool.access_policy
b = self.browser
login(b)
self.go_to_pool_edit(system_pool=pool, tab='System Access Policy')
pane = b.find_element_by_id('access-policy')
find_policy_checkbox(b, 'Everybody', 'View').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
logout(b)
self.go_to_pool_edit(system_pool=pool, tab='Systems')
b.find_element_by_xpath('//div[@id="systems" and '
'not(.//a/text()="%s")]' % system.fqdn)
b.find_element_by_xpath('//li/em[contains(text(), "system with restricted visibility")]')
login(b, user.user_name, password='******')
self.go_to_pool_edit(system_pool=pool, tab='Systems')
# user has no access to see the system
b.find_element_by_xpath('//li/em[contains(text(), "system with restricted visibility")]')
def test_notes_as_nobody(self):
# Add a note by authorised user
login(self.browser)
note = self.add_note()
# Test that we cannot add another as unprivileged user
logout(self.browser)
login(self.browser, user=self.nobody.user_name, password="******")
try:
self.add_note()
except Exception:
pass
else:
raise AssertionError("Unprivileged user was able to add note")
# Try to delete the first added note
try:
self.delete_note(note)
except Exception:
pass
else:
raise AssertionError("Unprivileged user was able to delete a note")
def test_remove_self_edit_policy_permission(self):
b = self.browser
login(b, user=self.system_owner.user_name, password='******')
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
pane = b.find_element_by_id('access-policy')
# grant poirot edit_policy permission
find_policy_checkbox(b, 'poirot', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
logout(b)
login(b, user='******', password='******')
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
pane = b.find_element_by_id('access-policy')
# remove self edit_policy permission
find_policy_checkbox(b, 'poirot', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
# the widget should be readonly
pane.find_element_by_xpath('.//table[not(.//input[@type="checkbox" and not(@disabled)])]')
pane.find_element_by_xpath('.//table[not(.//input[@type="text"])]')
def test_password_visibility_members(self):
b = self.browser
login(b, user=self.user.user_name, password='******')
self._make_and_go_to_owner_page(self.user, self.group)
e = b.find_element_by_xpath('//input[@id="Group_root_password"]')
e.clear()
e.send_keys(self.clear_password)
b.find_element_by_id('Group').submit()
self.assertEquals(b.find_element_by_class_name('flash').text,
u'OK')
logout(b)
# add a new user as a group member
with session.begin():
user = data_setup.create_user(password='******')
user.groups.append(self.group)
# login as the new user
login(b, user=user.user_name, password='******')
b.get(get_server_base() + 'groups/mine')
b.find_element_by_link_text(self.group.group_name).click()
self.assertEquals(b.find_element_by_xpath("//div[@id='root_pw_display']/p").text,
"The group root password is: %s" % self.clear_password)
def test_password_visibility_members(self):
b = self.browser
login(b, user=self.user.user_name, password='******')
self._make_and_go_to_owner_page(self.user, self.group)
e = b.find_element_by_xpath('//input[@id="Group_root_password"]')
e.clear()
e.send_keys(self.clear_password)
b.find_element_by_id('Group').submit()
self.assertEquals(b.find_element_by_class_name('flash').text, u'OK')
logout(b)
# add a new user as a group member
with session.begin():
user = data_setup.create_user(password='******')
user.groups.append(self.group)
# login as the new user
login(b, user=user.user_name, password='******')
b.get(get_server_base() + 'groups/mine')
b.find_element_by_link_text(self.group.group_name).click()
self.assertEquals(
b.find_element_by_xpath("//div[@id='root_pw_display']/p").text,
"The group root password is: %s" % self.clear_password)
def test_secret_system(self):
with session.begin():
user = data_setup.create_user(password='******')
system = data_setup.create_system()
pool = data_setup.create_system_pool()
pool.systems.append(system)
system.active_access_policy = pool.access_policy
b = self.browser
login(b)
self.go_to_pool_edit(system_pool=pool, tab='System Access Policy')
pane = b.find_element_by_id('access-policy')
find_policy_checkbox(b, 'Everybody', 'View').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
logout(b)
self.go_to_pool_edit(system_pool=pool, tab='Systems')
b.find_element_by_xpath('//div[@id="systems" and '
'not(.//a/text()="%s")]' % system.fqdn)
b.find_element_by_xpath(
'//li/em[contains(text(), "system with restricted visibility")]')
login(b, user.user_name, password='******')
self.go_to_pool_edit(system_pool=pool, tab='Systems')
# user has no access to see the system
b.find_element_by_xpath(
'//li/em[contains(text(), "system with restricted visibility")]')
def test_disable(self):
user_pass = '******'
user_name = 'disabled'
email = '*****@*****.**'
b = self.browser
b.get(get_server_base())
click_menu_item(b, 'Admin', 'Accounts')
b.find_element_by_link_text('Add').click()
b.find_element_by_name('user_name').send_keys(user_name)
b.find_element_by_name('display_name').send_keys(user_name)
b.find_element_by_name('email_address').send_keys(email)
b.find_element_by_name('password').send_keys(user_pass)
b.find_element_by_id('User').submit()
#Test Saved message came up
self.assertEquals(
b.find_element_by_class_name('flash').text, '%s saved' % user_name)
logout(b)
# First verify you can login as user.
login(b, user=user_name, password=user_pass)
logout(b)
# Login as admin and disable user TEST 1
login(b)
b.get(get_server_base())
click_menu_item(b, 'Admin', 'Accounts')
b.find_element_by_link_text(user_name).click()
b.find_element_by_name('disabled').click()
b.find_element_by_id('User').submit()
self.assertEquals(
b.find_element_by_class_name('flash').text, '%s saved' % user_name)
logout(b)
# Try and login as Disabled User
login(b, user=user_name, password=user_pass)
self.failUnless(
is_text_present(
b,
"The credentials you supplied were not correct or did not grant access to this resource"
))
def test_disable(self):
user_pass = '******'
user_name = 'disabled'
email = '*****@*****.**'
b = self.browser
b.get(get_server_base())
click_menu_item(b, 'Admin', 'Accounts')
b.find_element_by_link_text('Add').click()
b.find_element_by_name('user_name').send_keys(user_name)
b.find_element_by_name('display_name').send_keys(user_name)
b.find_element_by_name('email_address').send_keys(email)
b.find_element_by_name('password').send_keys(user_pass)
b.find_element_by_id('User').submit()
#Test Saved message came up
self.assertEquals(b.find_element_by_class_name('flash').text,
'%s saved' % user_name)
logout(b)
# First verify you can login as user.
login(b, user=user_name, password=user_pass)
logout(b)
# Login as admin and disable user TEST 1
login(b)
b.get(get_server_base())
click_menu_item(b, 'Admin', 'Accounts')
b.find_element_by_link_text(user_name).click()
b.find_element_by_name('disabled').click()
b.find_element_by_id('User').submit()
self.assertEquals(b.find_element_by_class_name('flash').text,
'%s saved' % user_name)
logout(b)
# Try and login as Disabled User
login(b, user=user_name, password=user_pass)
self.failUnless(is_text_present(b, "The credentials you supplied were not correct or did not grant access to this resource" ))
def test_disable(self):
user_pass = "******"
user_name = "disabled"
email = "*****@*****.**"
b = self.browser
b.get(get_server_base())
click_menu_item(b, "Admin", "Accounts")
b.find_element_by_link_text("Add").click()
b.find_element_by_name("user_name").send_keys(user_name)
b.find_element_by_name("display_name").send_keys(user_name)
b.find_element_by_name("email_address").send_keys(email)
b.find_element_by_name("password").send_keys(user_pass)
b.find_element_by_id("User").submit()
# Test Saved message came up
self.assertEquals(b.find_element_by_class_name("flash").text, "%s saved" % user_name)
logout(b)
# First verify you can login as user.
login(b, user=user_name, password=user_pass)
logout(b)
# Login as admin and disable user TEST 1
login(b)
b.get(get_server_base())
click_menu_item(b, "Admin", "Accounts")
b.find_element_by_link_text(user_name).click()
b.find_element_by_name("disabled").click()
b.find_element_by_id("User").submit()
self.assertEquals(b.find_element_by_class_name("flash").text, "%s saved" % user_name)
logout(b)
# Try and login as Disabled User
login(b, user=user_name, password=user_pass)
self.failUnless(
is_text_present(b, "The credentials you supplied were not correct or did not grant access to this resource")
)
def test_add_remove_owner_group(self):
with session.begin():
user = data_setup.create_user(password='******')
group = data_setup.create_group(owner=user)
user1 = data_setup.create_user(password='******')
b = self.browser
login(b, user=user.user_name, password='******')
b.get(get_server_base() + 'groups/mine')
# remove self (as only owner)
b.find_element_by_link_text(group.group_name).click()
b.find_element_by_xpath('//td[preceding-sibling::td/text()="%s"]' % user.user_name)\
.find_element_by_link_text('Remove').click()
flash_text = b.find_element_by_class_name('flash').text
self.assert_("Cannot remove the only owner" in flash_text)
# add a new user as owner
b.find_element_by_xpath(
'//input[@id="GroupUser_user_text"]').send_keys(user1.user_name)
b.find_element_by_id('GroupUser').submit()
b.find_element_by_xpath('//td[text()="%s"]' % user1.user_name)
b.find_element_by_xpath('//td[preceding-sibling::td/text()="%s"]' % user1.user_name)\
.find_element_by_link_text('Add').click()
b.find_element_by_xpath('//td[preceding-sibling::td/text()="%s"]' % user1.user_name)\
.find_element_by_link_text('Remove')
logout(b)
# login as the new user and check for ownership
login(b, user=user1.user_name, password='******')
b.get(get_server_base() + 'groups/mine')
b.find_element_by_link_text(group.group_name).click()
b.find_element_by_xpath('//input')
with session.begin():
self.assertEquals(
Activity.query.filter_by(service=u'WEBUI',
field_name=u'Owner',
action=u'Added',
new_value=user1.user_name).count(), 1)
group = Group.by_name(group.group_name)
self.assert_(group.has_owner(user1))
self.assertEquals(group.activity[-1].action, u'Added')
self.assertEquals(group.activity[-1].field_name, u'Owner')
self.assertEquals(group.activity[-1].new_value, user1.user_name)
self.assertEquals(group.activity[-1].service, u'WEBUI')
# remove self as owner
b.find_element_by_xpath('//td[preceding-sibling::td/text()="%s"]' % user1.user_name)\
.find_element_by_link_text('Remove').click()
b.find_element_by_xpath('//title[text()="My Groups"]')
with session.begin():
self.assertEquals(
Activity.query.filter_by(service=u'WEBUI',
field_name=u'Owner',
action=u'Removed',
old_value=user1.user_name).count(), 1)
session.refresh(group)
self.assertEquals(group.activity[-1].action, u'Removed')
self.assertEquals(group.activity[-1].field_name, u'Owner')
self.assertEquals(group.activity[-1].old_value, user1.user_name)
self.assertEquals(group.activity[-1].service, u'WEBUI')
def test_anonymous_cant_contact_owner(self):
b = self.browser
logout(b)
# Test can't access when not logged in
b.get(get_server_base() + 'view/%s' % self.system.fqdn)
self.assertRaises(NoSuchElementException,lambda: b.find_element_by_link_text('(Contact Owner)'))
