def test_user_change_password(request):
user = ac.User(
name="user {}".format(fauxfactory.gen_alphanumeric()),
credential=Credential(principal="user_principal_{}".format(
fauxfactory.gen_alphanumeric()),
secret="very_secret",
verify_secret="very_secret"),
email="*****@*****.**",
group=usergrp,
)
user.create()
request.addfinalizer(user.delete)
request.addfinalizer(login.login_admin)
with user:
assert not login.logged_in()
login.login(user)
assert login.current_full_name() == user.name
login.login_admin()
with update(user):
user.credential = Credential(
principal=user.credential.principal,
secret="another_very_secret",
verify_secret="another_very_secret",
)
with user:
assert not login.logged_in()
login.login(user)
assert login.current_full_name() == user.name
def test_userid_required_error_validation():
user = ac.User(name='user' + random.generate_random_string(),
credential=Credential(principal=None, secret='redhat'),
email='*****@*****.**',
group=group_user)
with error.expected("Userid can't be blank"):
user.create()
def login_admin(self, **kwargs):
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
from cfme.configure.access_control import User
user = User(credential=cred, name='Administrator')
return self.log_in(user, **kwargs)
def test_password_max_character_validation():
password = fauxfactory.gen_alphanumeric(51)
cred = Credential(
principal=fauxfactory.gen_alphanumeric(5),
secret=password,
verify_secret=password)
discover(cred, d_type="Amazon")
def user():
user = User(credential=Credential(principal=fauxfactory.gen_alphanumeric(),
secret=fauxfactory.gen_alphanumeric()),
name=fauxfactory.gen_alphanumeric(),
group=Group(description='EvmGroup-super_administrator'))
user.create()
return user
def test_userid_required_error_validation():
user = ac.User(name='user' + fauxfactory.gen_alphanumeric(),
credential=Credential(principal=None, secret='redhat'),
email='*****@*****.**',
group=group_user)
with error.expected("Userid can't be blank"):
user.create()
def test_password_mismatch_validation():
cred = Credential(principal=fauxfactory.gen_alphanumeric(5),
secret=fauxfactory.gen_alphanumeric(5),
verify_secret=fauxfactory.gen_alphanumeric(7))
discover(cred, d_type="Amazon")
flash.assert_message_match('Password/Verify Password do not match')
def test_edit_user_password(self, rest_api, users):
if "edit" not in rest_api.collections.users.action.all:
pytest.skip(
"Edit action for users is not implemented in this version")
user = users[0]
new_password = fauxfactory.gen_alphanumeric()
user.action.edit(password=new_password)
cred = Credential(principal=user.userid, secret=new_password)
new_user = User(credential=cred)
login(new_user)
def group():
data = cfme_data.get("openldap_test", {})
if not data:
pytest.skip("No openldap_test section in yaml")
credentials = Credential(
principal=data["username"],
secret=data["password"],
)
return Group(description=data["group_name"], role="EvmRole-user",
user_to_lookup=data['username'], ldap_credentials=credentials)
def test_bad_password():
""" Tests logging in with a bad password. """
pytest.sel.get(pytest.sel.base_url())
creds = Credential(principal=conf.credentials['default']['username'],
secret="badpassword@#$")
user = User(credential=creds)
with error.expected(
'Sorry, the username or password you entered is incorrect.'):
login.login(user)
assert login.page.is_displayed()
def test_user_password_required_error_validation():
user = ac.User(
name='user' + fauxfactory.gen_alphanumeric(),
credential=Credential(principal='uid' + fauxfactory.gen_alphanumeric(), secret=None),
email='*****@*****.**',
group=group_user)
if version.current_version() < "5.5":
check = "Password_digest can't be blank"
else:
check = "Password can't be blank"
with error.expected(check):
user.create()
def login(user, submit_method=_js_auth_fn):
"""
Login to CFME with the given username and password.
Optionally, submit_method can be press_enter_after_password
to use the enter key to login, rather than clicking the button.
Args:
user: The username to fill in the username field.
password: The password to fill in the password field.
submit_method: A function to call after the username and password have been input.
Raises:
RuntimeError: If the login fails, ie. if a flash message appears
"""
if not user:
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
user = User(credential=cred)
if not logged_in() or user.credential.principal is not current_username():
if logged_in():
logout()
# workaround for strange bug where we are logged out
# as soon as we click something on the dashboard
sel.sleep(1.0)
logger.debug('Logging in as user %s' % user.credential.principal)
try:
fill(form, {'username': user.credential.principal, 'password': user.credential.secret})
except sel.InvalidElementStateException as e:
logger.warning("Got an error. Details follow.")
msg = str(e).lower()
if "element is read-only" in msg:
logger.warning("Got a read-only login form, will reload the browser.")
# Reload browser
quit()
ensure_browser_open()
sel.sleep(1.0)
sel.wait_for_ajax()
# And try filling the form again
fill(form, {'username': user.credential.principal,
'password': user.credential.secret})
else:
logger.warning("Unknown error, reraising.")
logger.exception(e)
raise
with sel.ajax_timeout(90):
submit_method()
flash.assert_no_errors()
user.full_name = _full_name()
store.user = user
def copy(self):
navigate_to(self, 'Details')
tb.select('Configuration', 'Copy this User to a new User')
new_user = User(name=self.name + "copy",
credential=Credential(principal='redhat', secret='redhat'))
change_stored_password()
fill(self.user_form, {'name_txt': new_user.name,
'userid_txt': new_user.credential.principal,
'password_txt': new_user.credential.secret,
'password_verify_txt': new_user.credential.verify_secret},
action=form_buttons.add)
flash.assert_success_message('User "{}" was saved'.format(new_user.name))
return new_user
def test_edit_user_password(self, request, rest_api, users):
"""Tests editing user password.
Metadata:
test_flag: rest
"""
request.addfinalizer(login_admin)
user = users[0]
new_password = fauxfactory.gen_alphanumeric()
user.action.edit(password=new_password)
assert rest_api.response.status_code == 200
cred = Credential(principal=user.userid, secret=new_password)
new_user = User(credential=cred)
login(new_user)
def login_admin(**kwargs):
"""
Convenience function to log into CFME using the admin credentials from the yamls.
Args:
kwargs: A dict of keyword arguments to supply to the :py:meth:`login` method.
"""
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
from cfme.configure.access_control import User
user = User(credential=cred)
user.name = 'Administrator'
login(user, **kwargs)
def user(request, data, add_group):
if not data:
pytest.skip("No data specified for user")
username, password = data["username"], data["password"]
if 'evm_default_group' in add_group:
username, password = data['default_username'], data['default_password']
data['fullname'] = data['default_userfullname']
credentials = Credential(
principal=username,
secret=password,
verify_secret=password,
)
user_obj = User(name=data['fullname'], credential=credentials)
request.addfinalizer(user_obj.delete)
return user_obj
def login_admin(**kwargs):
"""
Convenience function to log into CFME using the admin credentials from the yamls.
Args:
kwargs: A dict of keyword arguments to supply to the :py:meth:`login` method.
"""
if current_full_name() != 'Administrator':
logout()
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
user = User(credential=cred)
login(user, **kwargs)
def test_edit_user_password(rest_api, user):
if "edit" not in rest_api.collections.users.action.all:
pytest.skip("Edit action for users is not implemented in this version")
try:
for cur_user in rest_api.collections.users:
if cur_user.userid != conf.credentials['default']['username']:
rest_user = cur_user
break
except:
pytest.skip("There is no user to change password")
new_password = fauxfactory.gen_alphanumeric()
rest_user.action.edit(password=new_password)
cred = Credential(principal=rest_user.userid, secret=new_password)
new_user = User(credential=cred)
login(new_user)
def test_bad_password(request, appliance):
""" Tests logging in with a bad password. """
request.addfinalizer(lambda: navigate_to(appliance.server, 'LoginScreen'))
login_page = navigate_to(appliance.server, 'LoginScreen')
username = conf.credentials['default']['username']
password = "******"
cred = Credential(principal=username, secret=password)
user = User(credential=cred)
user.name = 'Administrator'
with error.expected(
"Sorry, the username or password you entered is incorrect."):
login_page.log_in(user)
assert login_page.is_displayed
def test_openldap_auth(request, setup_first_provider,
configure_openldap_auth_mode):
data = cfme_data.get("openldap_test", {})
if not data:
pytest.skip("No openldap_test section in yaml")
group = Group(description=data["group_name"], role="EvmRole-user")
request.addfinalizer(group.delete)
group.create()
credentials = Credential(
principal=data["username"],
secret=data["password"],
verify_secret=data["password"],
)
user = User(name=data["fullname"], credential=credentials)
request.addfinalizer(user.delete)
request.addfinalizer(login.login_admin)
login.login(data["username"], data["password"])
assert login.current_full_name() == data["fullname"]
def group(request, data, auth_mode, add_group):
if not data:
pytest.skip("No data spcified for user group")
credentials = Credential(
principal=data["username"],
secret=data["password"],
)
user_group = Group(description=data['group_name'], role="EvmRole-user",
user_to_lookup=data["username"], ldap_credentials=credentials)
if add_group == RETRIEVE_GROUP:
if 'ext' in auth_mode:
user_group.add_group_from_ext_auth_lookup()
elif 'miq' in auth_mode:
user_group.add_group_from_ldap_lookup()
request.addfinalizer(user_group.delete)
elif add_group == CREATE_GROUP:
user_group.create()
request.addfinalizer(user_group.delete)
def login(user, submit_method=LOGIN_METHODS[-1]):
"""
Login to CFME with the given username and password.
Optionally, submit_method can be press_enter_after_password
to use the enter key to login, rather than clicking the button.
Args:
user: The username to fill in the username field.
password: The password to fill in the password field.
submit_method: A function to call after the username and password have been input.
Raises:
RuntimeError: If the login fails, ie. if a flash message appears
"""
# Circular import
if not user:
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
from cfme.configure.access_control import User
user = User(credential=cred, name='Administrator')
logged_in_view = store.current_appliance.browser.create_view(
BaseLoggedInPage)
if not logged_in_view.logged_in_as_user(user):
if logged_in_view.logged_in:
logged_in_view.logout()
from utils.appliance.implementations.ui import navigate_to
login_view = navigate_to(store.current_appliance.server, 'LoginScreen')
time.sleep(1)
logger.debug('Logging in as user %s', user.credential.principal)
login_view.flush_widget_cache()
login_view.log_in(user, method=submit_method)
logged_in_view.flush_widget_cache()
user.name = logged_in_view.current_fullname
assert logged_in_view.logged_in_as_user
logged_in_view.flash.assert_no_error()
store.current_appliance.user = user
def test_openldap_auth(request, group, add_from_ldap, configure_openldap_auth_mode):
data = cfme_data.get("openldap_test", {})
if add_from_ldap:
group.add_group_from_ldap_lookup()
else:
group.create()
request.addfinalizer(group.delete)
credentials = Credential(
principal=data["username"],
secret=data["password"],
verify_secret=data["password"],
)
user = User(name=data["fullname"], credential=credentials)
request.addfinalizer(user.delete)
request.addfinalizer(login.login_admin)
with user:
login.login(user)
assert login.current_full_name() == data["fullname"]
login.logout()
login.login_admin()
assert user.exists is True
def log_in(self, user, method='click_on_login'):
if not user:
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
from cfme.configure.access_control import User
user = User(credential=cred)
user.name = 'Administrator'
self.fill({
'username': user.credential.principal,
'password': user.credential.secret,
})
self.submit_login(method)
logged_in_view = self.browser.create_view(BaseLoggedInPage)
if logged_in_view.logged_in and user.name is None:
name = logged_in_view.current_fullname
self.logger.info(
'setting the appliance.user.name to %r because it was not specified',
name)
user.name = name
self.extra.appliance.user = user
def test_user_id_max_character_validation():
cred = Credential(principal=fauxfactory.gen_alphanumeric(51))
discover(cred, d_type="Amazon")
def new_credential():
return Credential(principal='uid' + fauxfactory.gen_alphanumeric(),
secret='redhat')
def simple_user(userid, password):
creds = Credential(principal=userid, secret=password)
return User(name=userid, credential=creds)
def new_credential():
return Credential(principal='uid' + random.generate_random_string(),
secret='redhat')