Beispiel #1
0
    def test_verify_bugzilla_1103157(self):
        """Create organization and add two compute resources one by one
        using different transactions and different users to see that they
        actually added, but not overwrite each other

        :id: 5f4fd2b7-d998-4980-b5e7-9822bd54156b

        :Steps:

            1. Use the admin user to create an organization and two compute
               resources. Make one compute resource point at / belong to the
               organization.
            2. Create a user and give them the ability to update compute
               resources and organizations. Have this user make the second
               compute resource point at / belong to the organization.
            3. Use the admin user to read information about the organization.
               Verify that both compute resources are pointing at / belong to
               the organization.

        :expectedresults: Organization contains both compute resources

        :CaseLevel: Integration
        """
        # setUpClass() creates an organization w/admin user. Here, we use admin
        # to make two compute resources and make first belong to organization.
        compute_resources = [
            entities.LibvirtComputeResource(
                name=gen_string('alpha'),
                url='qemu://host.example.com/system').create()
            for _ in range(2)
        ]
        self.organization.compute_resource = compute_resources[:1]  # list
        self.organization = self.organization.update(['compute_resource'])
        self.assertEqual(len(self.organization.compute_resource), 1)

        # Create a new user and give them minimal permissions.
        login = gen_alphanumeric()
        password = gen_alphanumeric()
        user = entities.User(login=login, password=password).create()
        role = entities.Role().create()
        for perm in ['edit_compute_resources', 'edit_organizations']:
            permissions = [
                entities.Permission(id=permission['id'])
                for permission in entities.Permission(name=perm).search()
            ]
            entities.Filter(permission=permissions, role=role).create()
        user.role = [role]
        user = user.update(['role'])

        # Make new user assign second compute resource to org.
        cfg = get_nailgun_config()
        cfg.auth = (login, password)
        entities.Organization(
            cfg,
            id=self.organization.id,
            compute_resource=compute_resources[1:],  # slice returns list
        ).update(['compute_resource'])

        # Use admin to verify both compute resources belong to organization.
        self.assertEqual(len(self.organization.read().compute_resource), 2)
Beispiel #2
0
    def test_positive_user_access_with_host_filter(self):
        """Check if user with necessary host permissions can access dashboard
        and required widgets are rendered

        :id: 24b4b371-cba0-4bc8-bc6a-294c62e0586d

        :Steps:

            1. Specify proper filter with permission for your role
            2. Create new user and assign role to it
            3. Login into application using this new user
            4. Check dashboard and widgets on it

        :expectedresults: Dashboard and Errata Widget rendered without errors

        :BZ: 1417114

        :CaseLevel: Integration
        """
        user_login = gen_string('alpha')
        user_password = gen_string('alphanumeric')
        org = entities.Organization().create()
        # create a role with necessary permissions
        role = entities.Role().create()
        entities.Filter(
            permission=entities.Permission(
                resource_type='Organization',
                name='view_organizations').search(),
            role=role,
            search=None
        ).create()
        entities.Filter(
            organization=[org],
            permission=entities.Permission(name='view_hosts').search(),
            role=role,
            search='compute_resource = RHEV'
        ).create()
        entities.Filter(
            permission=entities.Permission(
                resource_type=None, name='access_dashboard').search(),
            role=role,
            search=None
        ).create()
        # create a user and assign the above created role
        entities.User(
            default_organization=org,
            organization=[org],
            role=[role],
            login=user_login,
            password=user_password
        ).create()
        with Session(self.browser, user_login, user_password):
            self.assertEqual(
                self.dashboard.get_total_hosts_count(), 0)
            self.assertIsNotNone(self.dashboard.get_widget('Latest Errata'))
            self.assertIsNotNone(self.dashboard.wait_until_element(
                locators['dashboard.latest_errata.empty']))
Beispiel #3
0
    def test_positive_search_by_resource_type(self):
        """Search for permissions by resource type.

        :id: 29d9362b-1bf3-4722-b40f-a5e8b4d0d9ba

        :expectedresults: The permissions returned are equal to what is listed
            for that resource type in :data:`robottelo.constants.PERMISSIONS`.

        :CaseImportance: Critical
        """
        failures = {}
        for resource_type in self.permission_resource_types:
            if resource_type is None:
                continue
            perm_group = entities.Permission(
                resource_type=resource_type).search()
            permissions = {perm.name for perm in perm_group}
            expected_permissions = set(self.permissions[resource_type])
            added = tuple(permissions - expected_permissions)
            removed = tuple(expected_permissions - permissions)

            if added or removed:
                failures[resource_type] = {}
            if added or removed:
                failures[resource_type]['added'] = added
            if removed:
                failures[resource_type]['removed'] = removed

        if failures:
            self.fail(json.dumps(failures, indent=True, sort_keys=True))
Beispiel #4
0
    def test_positive_update_role_taxonomies(self):
        """Update role taxonomies which applies to its non-overrided filters

        :id: 902dcb32-2126-4ff4-b733-3e86749ccd1e

        :steps: Update existing role with different taxonomies

        :expectedresults: The taxonomies are applied only to non-overrided role
            filters

        :CaseImportance: Critical
        """
        role_name = gen_string('alpha')
        role = entities.Role(name=role_name,
                             organization=[self.role_org],
                             location=[self.role_loc]).create()
        self.assertEqual(role.name, role_name)
        dom_perm = entities.Permission(resource_type='Domain').search()
        filtr = entities.Filter(
            permission=dom_perm,
            role=role.id,
        ).create()
        self.assertEqual(role.id, filtr.role.id)
        role.organization = [self.filter_org]
        role.location = [self.filter_loc]
        role = role.update(['organization', 'location'])
        # Updated Role
        role = entities.Role(id=role.id).read()
        self.assertEqual(self.filter_org.id, role.organization[0].id)
        self.assertEqual(self.filter_loc.id, role.location[0].id)
        # Updated Filter
        filtr = entities.Filter(id=filtr.id).read()
        self.assertEqual(self.filter_org.id, filtr.organization[0].id)
        self.assertEqual(self.filter_loc.id, filtr.location[0].id)
Beispiel #5
0
    def test_positive_override_cloned_role_filter(self):
        """Cloned role filter overrides

        :id: 8a32ed5f-b93f-4f31-aff4-16602fbe7fab

        :steps:

            1. Create a role with overridden filter
            2. Clone above role
            3. Attempt to override the filter in cloned role

        :expectedresults: Filter in cloned role should be overridden

        :CaseLevel: Integration
        """
        role_name = gen_string('alpha')
        role = entities.Role(name=role_name).create()
        dom_perm = entities.Permission(resource_type='Domain').search()
        entities.Filter(permission=dom_perm, role=role.id).create()
        cloned_role_name = gen_string('alpha')
        cloned_role = entities.Role(id=role.id).clone(
            data={'name': cloned_role_name})
        self.assertEqual(cloned_role_name, cloned_role['name'])
        filter_cloned_id = entities.Role(
            id=cloned_role['id']).read().filters[0].id
        filter_cloned = entities.Filter(id=filter_cloned_id).read()
        filter_cloned.override = True
        filter_cloned.organization = [self.role_org]
        filter_cloned.location = [self.role_loc]
        filter_cloned.update(['override', 'organization', 'location'])
        # Updated Filter
        filter_cloned = entities.Filter(id=filter_cloned_id).read()
        self.assertTrue(filter_cloned.override)
        self.assertEqual(self.role_org.id, filter_cloned.organization[0].id)
        self.assertEqual(self.role_loc.id, filter_cloned.location[0].id)
Beispiel #6
0
 def setUpClass(cls):
     """Search for provisioning template permissions. Set ``cls.ct_perms``.
     """
     super(FilterTestCase, cls).setUpClass()
     cls.ct_perms = entities.Permission().search(
         query={'search': 'resource_type="ProvisioningTemplate"'}
     )
Beispiel #7
0
    def test_positive_search(self):
        """search with no parameters return all permissions

        @feature: Permission

        @assert: Search returns a list of all expected permissions
        """
        permissions = entities.Permission().search(query={'per_page': 1000})
        names = {perm.name for perm in permissions}
        resource_types = {perm.resource_type for perm in permissions}
        expected_names = set(self.permission_names)
        expected_resource_types = set(self.permission_resource_types)

        added_resource_types = tuple(resource_types - expected_resource_types)
        removed_resource_types = tuple(expected_resource_types -
                                       resource_types)
        added_names = tuple(names - expected_names)
        removed_names = tuple(expected_names - names)

        diff = {}
        if added_resource_types:
            diff['added_resource_types'] = added_resource_types
        if removed_resource_types:
            diff['removed_resource_types'] = removed_resource_types
        if added_names:
            diff['added_names'] = added_names
        if removed_names:
            diff['removed_names'] = removed_names

        if diff:
            self.fail(json.dumps(diff, indent=True, sort_keys=True))
Beispiel #8
0
    def test_positive_search_by_resource_type(self):
        """Search for permissions by resource type.

        @feature: Permissions

        @assert: The permissions returned are equal to what is listed for that
        resource type in :data:`robottelo.constants.PERMISSIONS`.
        """
        failures = {}
        for resource_type in self.permission_resource_types:
            if resource_type is None:
                continue
            perm_group = entities.Permission(
                resource_type=resource_type).search()
            permissions = {perm.name for perm in perm_group}
            expected_permissions = set(self.permissions[resource_type])
            added = tuple(permissions - expected_permissions)
            removed = tuple(expected_permissions - permissions)

            if added or removed:
                failures[resource_type] = {}
            if added or removed:
                failures[resource_type]['added'] = added
            if removed:
                failures[resource_type]['removed'] = removed

        if failures:
            self.fail(json.dumps(failures, indent=True, sort_keys=True))
Beispiel #9
0
    def test_positive_search(self):
        """search with no parameters return all permissions

        :id: e58308df-19ec-415d-8fa1-63ebf3cd0ad6

        :expectedresults: Search returns a list of all expected permissions

        :CaseImportance: Critical
        """
        permissions = entities.Permission().search(query={'per_page': 1000})
        names = {perm.name for perm in permissions}
        resource_types = {perm.resource_type for perm in permissions}
        expected_names = set(self.permission_names)
        expected_resource_types = set(self.permission_resource_types)

        added_resource_types = tuple(resource_types - expected_resource_types)
        removed_resource_types = tuple(expected_resource_types -
                                       resource_types)
        added_names = tuple(names - expected_names)
        removed_names = tuple(expected_names - names)

        diff = {}
        if added_resource_types:
            diff['added_resource_types'] = added_resource_types
        if removed_resource_types:
            diff['removed_resource_types'] = removed_resource_types
        if added_names:
            diff['added_names'] = added_names
        if removed_names:
            diff['removed_names'] = removed_names

        if diff:
            self.fail(json.dumps(diff, indent=True, sort_keys=True))
Beispiel #10
0
    def test_positive_create_filter_without_override(self):
        """Create filter in role w/o overriding it

        :id: 1aadb7ea-ff76-4171-850f-188ba6f87021

        :steps:

            1. Create a role with taxonomies assigned
            2. Create filter in role without overriding it

        :expectedresults:

            1. Filter w/o override is created in role
            2. The taxonomies of role are inherited to filter
            3. Override check is not marked by default in filters table

        :CaseImportance: Critical
        """
        role_name = gen_string('alpha')
        role = entities.Role(name=role_name,
                             organization=[self.role_org],
                             location=[self.role_loc]).create()
        self.assertEqual(role.name, role_name)
        dom_perm = entities.Permission(resource_type='Domain').search()
        filtr = entities.Filter(permission=dom_perm, role=role.id).create()
        self.assertEqual(role.id, filtr.role.id)
        self.assertEqual(self.role_org.id, filtr.organization[0].id)
        self.assertEqual(self.role_loc.id, filtr.location[0].id)
        self.assertFalse(filtr.override)
Beispiel #11
0
 def setUpClass(cls):
     """Search for provisioning template permissions. Set ``cls.ct_perms``.
     """
     super(FilterTestCase, cls).setUpClass()
     cls.ct_perms = (
         entities.Permission(resource_type='ProvisioningTemplate').search()
     )
Beispiel #12
0
def test_positive_delete_filter(session):
    resource_name = 'Architecture'
    role = entities.Role().create()
    permission = entities.Permission(resource_type=resource_name).search()
    entities.Filter(permission=permission, role=role.id).create()
    with session:
        assert session.filter.search(
            role.name, resource_name)[0]['Resource'] == resource_name
        session.filter.delete(role.name, resource_name)
        assert not session.filter.search(role.name, resource_name)
Beispiel #13
0
    def test_positive_permission_read(self):
        """Create an Permission entity and get it using
        ``nailgun.entity_mixins.EntityReadMixin.read``.

        @id: 5631a1eb-33ff-4abe-bf01-6c8d98c47a96

        @Assert: The just-read entity is an instance of the correct class and
        name and resource_type fields are populated
        """
        perm = entities.Permission().search(query={'per_page': 1})[0]
        self.assertGreater(len(perm.name), 0)
        self.assertGreater(len(perm.resource_type), 0)
Beispiel #14
0
    def test_positive_permission_read(self):
        """Create an Permission entity and get it using
        ``nailgun.entity_mixins.EntityReadMixin.read``.

        @Feature: Test multiple API paths

        @Assert: The just-read entity is an instance of the correct class and
        name and resource_type fields are populated
        """
        perm = entities.Permission().search(query={'per_page': 1})[0]
        self.assertGreater(len(perm.name), 0)
        self.assertGreater(len(perm.resource_type), 0)
Beispiel #15
0
    def test_positive_permission_read(self):
        """Create an Permission entity and get it using
        ``nailgun.entity_mixins.EntityReadMixin.read``.

        :id: 5631a1eb-33ff-4abe-bf01-6c8d98c47a96

        :expectedresults: The just-read entity is an instance of the correct
            class and name and resource_type fields are populated

        :CaseImportance: Critical
        """
        perm = entities.Permission().search(query={'per_page': '1'})[0]
        assert perm.name
        assert perm.resource_type
Beispiel #16
0
def test_positive_update_filter(session):
    resource_name = 'Architecture'
    permission_name = 'edit_architectures'
    role = entities.Role().create()
    permission = entities.Permission(resource_type=resource_name).search()
    entities.Filter(permission=permission, role=role.id).create()
    with session:
        filter_values = session.filter.read(role.name, resource_name)
        assert permission_name in filter_values['permission']['assigned']
        session.filter.update(
            role.name, resource_name,
            {'permission.unassigned': ['edit_architectures']})
        filter_values = session.filter.read(role.name, resource_name)
        assert permission_name in filter_values['permission']['unassigned']
Beispiel #17
0
    def test_pre_default_role_added_permission(self):
        """New permission is added to Default Role

        :steps: New permission is added to existing 'Default role'

        :expectedresults: Permission is added to existing 'Default role'.

        """
        defaultrole = entities.Role().search(
            query={'search': 'name="Default role"'})[0]
        subnetfilter = entities.Filter(permission=entities.Permission(
            resource_type='Subnet').search(filters={'name': 'view_subnets'}),
                                       role=defaultrole).create()
        self.assertIn(subnetfilter.id,
                      [filt.id for filt in defaultrole.read().filters])
Beispiel #18
0
def test_positive_list_permission(test_name, module_org, module_repos_col,
                                  module_rhva_repos_col):
    """Show errata only if the User has permissions to view them

    :id: cdb28f6a-23df-47a2-88ab-cd3b492126b2

    :Setup:

        1. Create two products with one repo each. Sync them.
        2. Make sure that they both have errata.
        3. Create a user with view access on one product and not on the other.

    :Steps: Go to Content -> Errata.

    :expectedresults: Check that the new user is able to see errata for one
        product only.

    :CaseLevel: Integration
    """
    role = entities.Role().create()
    entities.Filter(
        organization=[module_org],
        permission=entities.Permission(
            resource_type='Katello::Product').search(),
        role=role,
        search='name = "{0}"'.format(PRDS['rhel']),
    ).create()
    user_password = gen_string('alphanumeric')
    user = entities.User(
        default_organization=module_org,
        organization=[module_org],
        role=[role],
        password=user_password,
    ).create()
    with Session(test_name, user=user.login,
                 password=user_password) as session:
        if bz_bug_is_open(1652938):
            # The bug has a persistent effect when user has no access to dashboard and foreman
            # access denied page is shown directly after login.
            try:
                session.errata.search('')
            except NoSuchElementException:
                session.errata.browser.refresh()
        assert (session.errata.search(
            RHVA_ERRATA_ID,
            applicable=False)[0]['Errata ID'] == RHVA_ERRATA_ID)
        assert not session.errata.search(CUSTOM_REPO_ERRATA_ID,
                                         applicable=False)
Beispiel #19
0
    def test_pre_default_role_added_permission_with_filter(self):
        """New permission with filter is added to Default Role

        :steps: New permission is added to existing 'Default role' with filter

        :expectedresults: Permission with filter is added to existing
            'Default role'

        """
        defaultrole = entities.Role().search(
            query={'search': 'name="Default role"'})[0]
        domainfilter = entities.Filter(permission=entities.Permission(
            resource_type='Domain').search(filters={'name': 'view_domains'}),
                                       unlimited=False,
                                       role=defaultrole,
                                       search='name ~ a').create()
        self.assertIn(domainfilter.id,
                      [filt.id for filt in defaultrole.read().filters])
Beispiel #20
0
    def test_positive_search_by_name(self):
        """Search for a permission by name.

        @feature: Permissions

        @assert: Only one permission is returned, and the permission returned
        is the one searched for.
        """
        failures = {}
        for permission_name in self.permission_names:
            results = entities.Permission(name=permission_name).search()
            if (len(results) != 1 or len(results) == 1
                    and results[0].name != permission_name):
                failures[permission_name] = {
                    'length': len(results),
                    'returned_names': [result.name for result in results]
                }

        if failures:
            self.fail(json.dumps(failures, indent=True, sort_keys=True))
Beispiel #21
0
def test_positive_list_permission(test_name, module_org, module_repos_col,
                                  module_rhva_repos_col):
    """Show errata only if the User has permissions to view them

    :id: cdb28f6a-23df-47a2-88ab-cd3b492126b2

    :Setup:

        1. Create two products with one repo each. Sync them.
        2. Make sure that they both have errata.
        3. Create a user with view access on one product and not on the other.

    :Steps: Go to Content -> Errata.

    :expectedresults: Check that the new user is able to see errata for one
        product only.

    :CaseLevel: Integration
    """
    role = entities.Role().create()
    entities.Filter(
        organization=[module_org],
        permission=entities.Permission().search(
            query={'search': 'resource_type="Katello::Product"'}),
        role=role,
        search='name = "{}"'.format(PRDS['rhel']),
    ).create()
    user_password = gen_string('alphanumeric')
    user = entities.User(
        default_organization=module_org,
        organization=[module_org],
        role=[role],
        password=user_password,
    ).create()
    with Session(test_name, user=user.login,
                 password=user_password) as session:
        assert (session.errata.search(
            RHVA_ERRATA_ID,
            applicable=False)[0]['Errata ID'] == RHVA_ERRATA_ID)
        assert not session.errata.search(CUSTOM_REPO_ERRATA_ID,
                                         applicable=False)
Beispiel #22
0
    def test_pre_default_role_added_permission(self):
        """New permission is added to Default Role

        :id: preupgrade-3a350e4a-96b3-4033-b562-3130fc43a4bc

        :steps: New permission is added to existing 'Default role'

        :expectedresults: Permission is added to existing 'Default role'.

        """
        defaultrole = entities.Role().search(
            query={'search': 'name="Default role"'})[0]
        subnetfilter = entities.Filter(
            permission=entities.Permission().search(
                filters={'name': 'view_subnets'},
                query={'search': 'resource_type="Subnet"'}),
            role=defaultrole,
        ).create()
        assert subnetfilter.id in [
            filt.id for filt in defaultrole.read().filters
        ]
Beispiel #23
0
    def test_positive_search_by_name(self):
        """Search for a permission by name.

        :id: 1b6117f6-599d-4b2d-80a8-1e0764bdc04d

        :expectedresults: Only one permission is returned, and the permission
            returned is the one searched for.

        :CaseImportance: Critical
        """
        failures = {}
        for permission_name in self.permission_names:
            results = entities.Permission().search(query={'search': f'name="{permission_name}"'})
            if len(results) != 1 or len(results) == 1 and results[0].name != permission_name:
                failures[permission_name] = {
                    'length': len(results),
                    'returned_names': [result.name for result in results],
                }

        if failures:
            self.fail(json.dumps(failures, indent=True, sort_keys=True))
Beispiel #24
0
    def test_positive_list_permission(self):
        """Show errata only if the User has permissions to view them

        @id: cdb28f6a-23df-47a2-88ab-cd3b492126b2

        @Setup:

        1. Create two products with one repo each. Sync them.
        2. Make sure that they both have errata.
        3. Create a user with view access on one product and not on the other.

        @Steps:

        1. Go to Content -> Errata.

        @Assert: Check that the new user is able to see errata for one product
        only.

        @CaseLevel: Integration
        """
        role = entities.Role().create()
        entities.Filter(
            organization=[self.session_org],
            permission=entities.Permission(
                resource_type='Katello::Product').search(),
            role=role,
            search='name = "{0}"'.format(PRDS['rhel']),
        ).create()
        user_password = gen_string('alphanumeric')
        user = entities.User(
            default_organization=self.session_org,
            organization=[self.session_org],
            role=[role],
            password=user_password,
        ).create()
        with Session(self.browser, user.login, user_password) as session:
            session.nav.go_to_errata()
            self.errata.show_only_applicable(False)
            self.assertIsNotNone(self.errata.search(REAL_0_ERRATA_ID))
            self.assertIsNone(self.errata.search(CUSTOM_REPO_ERRATA_ID))
Beispiel #25
0
    def test_negative_update_role_taxonomies(self):
        """Update role taxonomies which doesnt applies to its overrided filters

        :id: 9f3bf95a-f71a-4063-b51c-12610bc655f2

        :steps:

            1. Update existing role with different taxonomies

        :expectedresults: The overridden role filters are not updated

        :CaseImportance: Critical
        """
        role_name = gen_string('alpha')
        role = entities.Role(name=role_name,
                             organization=[self.role_org],
                             location=[self.role_loc]).create()
        self.assertEqual(role.name, role_name)
        dom_perm = entities.Permission(resource_type='Domain').search()
        filtr = entities.Filter(permission=dom_perm,
                                role=role.id,
                                override=True,
                                organization=[self.filter_org],
                                location=[self.filter_loc]).create()
        self.assertEqual(role.id, filtr.role.id)
        # Creating new Taxonomies
        org_new = entities.Organization().create()
        loc_new = entities.Location().create()
        # Updating Taxonomies
        role.organization = [org_new]
        role.location = [loc_new]
        role = role.update(['organization', 'location'])
        # Updated Role
        role = entities.Role(id=role.id).read()
        self.assertEqual(org_new.id, role.organization[0].id)
        self.assertEqual(loc_new.id, role.location[0].id)
        # Updated Filter
        filtr = entities.Filter(id=filtr.id).read()
        self.assertNotEqual(org_new.id, filtr.organization[0].id)
        self.assertNotEqual(loc_new.id, filtr.location[0].id)
Beispiel #26
0
def get_role_by_bz(bz_id):
    """Create and configure custom role entity for the testing of specific bugs
     This function will read the dictionary of permissions and their associated
     bugzilla id's from robottelo.constants "PERMISSIONS_WITH_BZ",
     these permissions will create filter and a single role will be created
     from all the filters.

     :param bz_id: This is the bugzilla id that is specified in the
        PERMISSIONS_WITH_BZ list, all the permissions associated with the bz_id
        will be fetched and filters will be created
     :return: A single role entity will be created from all the created filters
     """
    role = entities.Role().create()
    for perms in PERMISSIONS_WITH_BZ.values():
        perms_with_bz = [x for x in perms if bz_id in x.get('bz', [])]
        if perms_with_bz:
            permissions = [
                entities.Permission(name=perm['name']).search()[0]
                for perm in perms_with_bz
            ]
            entities.Filter(permission=permissions, role=role).create()
    return role.read()
Beispiel #27
0
    def give_user_permission(self, perm_name):
        """Give ``self.user`` the ``perm_name`` permission.

        This method creates a role and filter to accomplish the above goal.
        When complete, the relevant relationhips look like this:

            user → role ← filter → permission

        :param str perm_name: The name of a permission. For example:
            'create_architectures'.
        :raises: ``AssertionError`` if more than one permission is found when
            searching for the permission with name ``perm_name``.
        :raises: ``requests.exceptions.HTTPError`` if an error occurs when
            updating ``self.user``'s roles.
        :returns: Nothing.
        """
        role = entities.Role().create()
        permissions = entities.Permission(name=perm_name).search()
        self.assertEqual(len(permissions), 1)
        entities.Filter(permission=permissions, role=role).create()
        self.user.role += [role]
        self.user = self.user.update(['role'])
Beispiel #28
0
    def test_positive_create_non_overridable_filter(self):
        """Create non overridable filter in role

        :id: f891e2e1-76f8-4edf-8c96-b41d05483298

        :steps: Create a filter to which taxonomies cannot be associated.
            e.g Architecture filter

        :expectedresults:

            1. Filter is created without taxonomies
            2. Override check is set to false

        :CaseImportance: Critical
        """
        role_name = gen_string('alpha')
        role = entities.Role(name=role_name).create()
        self.assertEqual(role.name, role_name)
        arch_perm = entities.Permission(resource_type='Architecture').search()
        filtr = entities.Filter(permission=arch_perm, role=role.id).create()
        self.assertEqual(role.id, filtr.role.id)
        self.assertFalse(filtr.override)
Beispiel #29
0
    def test_positive_search_errata_non_admin(self):
        """Search for host's errata by non-admin user with enough permissions

        :id: 5b8887d2-987f-4bce-86a1-8f65ca7e1195

        :customerscenario: true

        :BZ: 1255515

        :expectedresults: User can access errata page and proper errata is
            listed

        :CaseLevel: System
        """
        self.client.run('yum install -y {0}'.format(FAKE_1_CUSTOM_PACKAGE))
        user_login = gen_string('alpha')
        user_password = gen_string('alpha')
        default_loc = entities.Location().search(
            query={'search': 'name="{0}"'.format(DEFAULT_LOC)})[0]
        role = entities.Role().create()
        for permission_name in ('view_hosts', 'view_lifecycle_environments',
                                'view_content_views', 'view_organizations'):
            entities.Filter(
                permission=entities.Permission(name=permission_name).search(),
                role=role,
            ).create()
        entities.User(
            role=[role],
            admin=False,
            login=user_login,
            password=user_password,
            organization=[self.session_org],
            location=[default_loc],
            default_organization=self.session_org,
        ).create()
        with Session(self, user=user_login, password=user_password):
            result = self.contenthost.errata_search(self.client.hostname,
                                                    FAKE_2_ERRATA_ID)
            self.assertIsNotNone(result)
Beispiel #30
0
    def test_negative_override_non_overridable_filter(self):
        """Override non overridable filter

        :id: 7793be96-e8eb-451b-a986-51a46a1ab4f9

        :steps: Attempt to override a filter to which taxonomies cannot be
            associated.  e.g Architecture filter

        :expectedresults: Filter is not overrided as taxonomies cannot be
            applied to that filter

        :CaseImportance: Critical
        """
        role_name = gen_string('alpha')
        role = entities.Role(name=role_name).create()
        self.assertEqual(role.name, role_name)
        arch_perm = entities.Permission(resource_type='Architecture').search()
        with self.assertRaises(HTTPError):
            entities.Filter(permission=arch_perm,
                            role=[role.id],
                            override=True,
                            organization=[self.filter_org],
                            location=[self.filter_loc]).create()