def test_import_system_and_health_check(core_session, pas_windows_setup):
"""
C1554 : Import system and check health
:param core_session: Authenticated Centrify Session.
:param pas_windows_setup:
"""
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup()
system_details = RedrockController.get_computer_with_ID(core_session, system_id)
system_counter = 1
while system_counter < 60:
if system_details['HealthStatus'] == 'OK' and system_details['LastHealthCheck']:
break
system_counter += 1
ResourceManager.get_date(system_details['LastHealthCheck'])
assert system_details['HealthStatus'] == 'OK', "System not reachable because connector is not up."
logger.info(f"System is reachable successfully: {system_details}")
account_counter = 1
account_details = None
while account_counter < 60:
account_details = ResourceManager.get_account_information(core_session, account_id)
if account_details[0]['VaultAccount']['Row']['Healthy'] == 'OK' and \
account_details[0]['VaultAccount']['Row']['LastHealthCheck']:
break
account_counter += 1
ResourceManager.get_date(account_details[0]['VaultAccount']['Row']['LastHealthCheck'])
assert account_details[0]['VaultAccount']['Row']['Healthy'] == 'OK', \
"System not reachable because connector is not up."
logger.info(f"Account is reachable successfully: {account_details}")
def test_system_with_managed_account(core_session, setup_pas_system_for_unix):
"""
Test case : C279339
:param core_session: Centrify session manager
:param setup_pas_system_for_unix: fixture that provide created unix system data
"""
system_id, account_id, system_info = setup_pas_system_for_unix
system_rows = RedrockController.get_computer_with_ID(
core_session, system_id)
assert system_rows['Name'] == system_info[
0], f"failed to find system {system_info[0]} in portal as returned system result is {system_rows}"
logger.info(f"system found {system_rows}")
account, status = ResourceManager.get_accounts_from_resource(
core_session, system_id)
assert status, f"failed to find accounts in system {system_info[0]} as returned account result is {account}"
logger.info(f"Account found {account}")
# Fetching account information to validate desired account is unmanaged
result, status = ResourceManager.get_account_information(
core_session, account_id)
assert status, f"failed to retrieve account information, returned result is {result}"
is_managed = result['VaultAccount']['Row']['IsManaged']
assert is_managed is False, f"Added account is not managed account"
def test_verify_no_unexpected_nulls_from_aws_cloudproviders_accounts(
core_session, fake_cloud_provider, fake_cloud_provider_iam_account,
fake_cloud_provider_root_account):
name, desc, cloud_provider_id, cloud_account_id, test_did_cleaning = fake_cloud_provider
iam_account_id, iam_username = fake_cloud_provider_iam_account
root_account_id, root_username, root_password, root_cloud_provider_id, test_did_cleaning = fake_cloud_provider_root_account
for acc_id, acc_username in [(iam_account_id, iam_username),
(root_account_id, root_username)]:
result, success = ResourceManager.get_account_information(
core_session, acc_id)
msg = f"Incorrect or incomplete information returned from get_account_information {result}"
assert success and 'VaultAccount' in result, msg
assert result['VaultAccount'] is not None and 'Row' in result[
'VaultAccount'], msg
assert result['VaultAccount']['Row']['User'] == acc_username, msg
assert 'RelatedResource' in result and result[
'RelatedResource'] is not None, msg
assert 'Rsop' in result and 'EnableUnmanagedPasswordRotationReminder' in result[
'Rsop'], msg
assert 'Workflow' in result and 'WorkflowApprover' in result[
'Workflow'], msg
assert 'Row' in result['RelatedResource'], msg
assert 'ID' in result['RelatedResource']['Row'], msg
assert result['RelatedResource']['Row']['ID'] == cloud_provider_id, msg
def test_manage_account_for_valid_domain_account(domain_config_data, core_ui,
core_session):
"""
TCID: C1330: Manage password using administrative account for a valid domain account
:param core_ui: To Open the UI
:param core_session: To create the session
"""
conf = domain_config_data
name = conf['pas_bat_scenario1_infrastructure_data'][0]
domain_name = name["Domain_name3"]
data = conf['pas_scenario1_new_accounts'][0]
account_name = data['Managed_account']
ui = core_ui
ui.navigate("Resources", "Domains")
ui.search(domain_name)
ui.click_row(GridRow(domain_name))
ui.user_menu("Reload Rights")
ui._waitUntilSettled()
ui.launch_modal("Add", modal_title="Add Account")
ui.input("User", account_name)
ui.uncheck("IsManaged")
ui.input("Password", "aaa")
ui.check("IsManaged")
check_disabled_textbox = ui.expect(DisabledTextBox("Password"),
f'Text box is still enabled')
assert check_disabled_textbox, f'Password Text Box is not disabled'
ui.button("Add")
ui.user_menu("Reload Rights")
ui._waitUntilSettled()
account_id = None
results = ServerManager.get_all_accounts(core_session)
for result in results:
if result['User'] == account_name:
account_id = result['ID']
while True:
result, success = ResourceManager.get_account_information(
core_session, account_id)
if result['VaultAccount']['Row']['Status'] != "Missing Password":
break
else:
continue
activity = RedrockController.get_account_activity(core_session, account_id)
detail = []
for activity_detail in activity:
detail.append(activity_detail['Detail'])
assert f'SYSTEM$ changed domain account "{account_name}" password for {domain_name}' in detail[
0], f'could not able to change password'
logger.info(f"detail list are: , {detail}")
result, success = ResourceManager.del_account(core_session, account_id)
assert success, f'Account did not get delete '
logger.info(f"result is, {result}")
def test_add_unmanaged_account(core_session, pas_setup):
"""
Test case: C279346
:param core_session: Centrify session
:param pas_setup: add system with account and yeild system ID, account ID, and system information
"""
system_id, account_id, system_info = pas_setup
# Fetching account information to validate desired account is unmanaged
result, status = ResourceManager.get_account_information(
core_session, account_id)
assert status, f"failed to retrieve account information, returned result is {result}"
is_managed = result['VaultAccount']['Row']['IsManaged']
assert is_managed is False, "Added account is not unmanaged account"
def test_ui_check_bulk_delete_account_scheduled(core_session, core_admin_ui,
list_of_created_systems):
"""
Test case: C3088
:param core_session: Returns API session
:param core_admin_ui: Centrify admin Ui session
:param list_of_created_systems: creating a empty list of created systems.
"""
account_name_prefix = f'account_test{guid()}'
# adding multiple systems with accounts
result = ResourceManager.add_multiple_systems_with_accounts(
core_session,
1,
2,
list_of_created_systems,
user_prefix=account_name_prefix)
# arranging the results in the lists
all_systems, all_accounts = DataManipulation.aggregate_lists_in_dict_values(
[result])
ui = core_admin_ui
ui.navigate('Resources', 'Accounts')
account_names = []
for account in all_accounts:
# getting the account information
query_result, query_success = ResourceManager.get_account_information(
core_session, account)
account_names.append(query_result['VaultAccount']['Row']['User'])
ui.search(account_name_prefix)
ui.action('Delete accounts', account_names)
ui.switch_context(Modal('Bulk Account Delete'))
ui.uncheck("SaveSecret")
ui.button('Delete')
ui.switch_context(ConfirmModal())
ui.button('Yes')
ui.switch_context(InfoModal())
ui.expect(
Div("A delete operation has been scheduled. You will receive an e-mail when the operation has been completed."
), "Expecting a info popup for delete schedule")
logger.info("Popup with delete operation has been scheduled appeared")
ui.button('Close')
result, success = ResourceManager.del_multiple_systems(
core_session, all_systems)
assert success is True, 'Delete systems job failed when expected success'
logger.info(f"Delete systems job executed successfully {result}")
def test_ui_check_bulk_delete_account_caution(core_session, core_admin_ui,
list_of_created_systems):
"""
Test case: C3086
:param core_session: Returns API session
:param core_admin_ui: Centrify admin Ui session
:param list_of_created_systems: creating a empty list of created systems.
"""
account_name_prefix = f'account_test{guid()}'
# adding multiple systems with accounts
result = ResourceManager.add_multiple_systems_with_accounts(
core_session,
1,
2,
list_of_created_systems,
user_prefix=account_name_prefix)
# arranging the results in the lists
all_systems, all_accounts = DataManipulation.aggregate_lists_in_dict_values(
[result])
ui = core_admin_ui
ui.navigate('Resources', 'Accounts')
account_names = []
for account in all_accounts:
# getting the account information
query_result, query_success = ResourceManager.get_account_information(
core_session, account)
account_names.append(query_result['VaultAccount']['Row']['User'])
ui.search(account_name_prefix)
ui.action('Delete accounts', account_names)
ui.switch_context(Modal('Bulk Account Delete'))
ui.expect(Label("Save password to secret"),
"Expected to see the label of save the password")
ui.expect(
Div("Deleting an account means we will no longer know the password."
" Saving deleted account passwords to a secret is recommended until you are sure they are "
"no longer needed."), "Expected to see the Caution message.")
result, success = ResourceManager.del_multiple_systems(
core_session, all_systems)
assert success is True, f'Delete systems job failed when expected success'
logger.info(f"Delete systems job executed successfully {result}")
result_acc, success_acc = ResourceManager.del_multiple_accounts(
core_session, all_accounts)
assert success_acc, f"Api did not complete successfully for bulk account delete MSG:{result_acc}"
def test_ui_check_bulk_delete_account_confirm(core_session, core_admin_ui,
list_of_created_systems):
"""
Test case: C3087
:param core_session: Returns API session
:param core_admin_ui: Centrify admin Ui session
:param list_of_created_systems: creating a empty list of created systems.
"""
account_name_prefix = f'account_test{guid()}'
# adding multiple systems with accounts
result = ResourceManager.add_multiple_systems_with_accounts(
core_session,
1,
2,
list_of_created_systems,
user_prefix=account_name_prefix)
# arranging the results in the lists
all_systems, all_accounts = DataManipulation.aggregate_lists_in_dict_values(
[result])
ui = core_admin_ui
ui.navigate('Resources', 'Accounts')
account_names = []
for account in all_accounts:
# getting the account information
query_result, query_success = ResourceManager.get_account_information(
core_session, account)
account_names.append(query_result['VaultAccount']['Row']['User'])
ui.search(account_name_prefix)
ui.action('Delete accounts', account_names)
ui.switch_context(Modal('Bulk Account Delete'))
ui.uncheck("SaveSecret")
ui.button('Delete')
ui.switch_context(ConfirmModal())
ui.expect(
Div("You are about to delete accounts which contain passwords or SSH Keys. This cannot be undone. Are "
"you sure you want to continue?"),
"Expecting a confirm delete account popup")
logger.info("Confirm delete accounts popup appeared.")
ui.button('Yes')
result, success = ResourceManager.del_multiple_systems(
core_session, all_systems)
assert success is True, 'Delete systems job failed when expected success'
logger.info(f"Delete systems job executed successfully {result}")
def test_add_managed_account(core_session, unix_machine_environment_config,
ssh_session_as_root, create_unix_users,
cleanup_resources_with_admin, cleanup_accounts):
"""
Test case: C279345
:param core_session: Centrify session
:param ssh_session_as_root: session to create a user_account in unix
:param cleanup_accounts: to delete all accounts
:param cleanup_resources_with_admin: to delete the all the systems from portal
:param unix_machine_environment_config: to get the unix system details
:param create_unix_users: add system with account and yeild system ID, account ID, and system information
"""
systems_list = cleanup_resources_with_admin
accounts_list = cleanup_accounts[0]
conf = unix_machine_environment_config
hostname = conf['host'] + "_" + Util.random_string(5)
# add users on target system
users = create_unix_users(ssh_session_as_root, "manage-unix", 1)
logger.info("Users created " + str(len(users)))
accountuser = users[0]
new_system_id, add_system_success = ResourceManager.add_system(
core_session, hostname, conf["ipaddress"], "Unix", "Ssh",
"Unix system")
assert add_system_success, "Add System Failed"
logger.info(f"Added system Id {new_system_id}")
systems_list.append(new_system_id)
admin_account_id, add_account_success = ResourceManager.add_account(
core_session,
accountuser['Name'],
accountuser['Password'],
new_system_id,
ismanaged=True)
assert add_account_success, "Failed to create Account user: root"
logger.info(f"Added root Account. Id {admin_account_id}")
accounts_list.append(admin_account_id)
# Fetching account information to validate desired account is managed or not
result, status = ResourceManager.get_account_information(
core_session, admin_account_id)
assert status, f"failed to retrieve account information, returned result is {result}"
is_managed = result['VaultAccount']['Row']['IsManaged']
assert is_managed, "Added account is not managed account"
def test_update_account_policy(core_session, pas_windows_setup):
"""
TC:C2168 Update account policy.
:param core_session: Returns a API session.
:param pas_windows_setup: Returns a fixture.
"""
# Creating a system and account.
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(
)
# verify account checkout
result, success = ResourceManager.get_account_information(
core_session, account_id)
assert result['Workflow'][
'WorkflowEnabled'] is False, f"account workflow is enabled:{account_id}"
profile_id = []
profiles = PolicyManager.get_auth_profiles(core_session)
for profile in profiles:
if profile['Row']['Name'] == 'Default New Device Login Profile':
profile_id.append(profile['Row']['Uuid'])
# assign policy profile
update_acc_res, update_acc_success = ResourceManager.update_account(
core_session,
account_id,
sys_info[4],
system_id,
policy_id=profile_id[0])
assert update_acc_success, \
f"failed to update account policy profile {account_id}, result is: {update_acc_res}"
logger.info('account updated for policy profile')
# Get account details
result = ResourceManager.get_account_challenges(core_session, account_id)
assert result['Result']['PasswordCheckoutDefaultProfile'] == profile_id[0], \
f" account policy profile is mismatch: {account_id}"
logger.info(f'get account information details successfully: {result}')
def test_check_policy_page(core_session, setup_pas_system_for_unix,
core_admin_ui):
"""
Test Case ID: C2089
Test Case Description: Check policy page after changing account workflow
:param core_session: Creates API session
:param setup_pas_system_for_unix: Creates a Unix System with Account.
:param core_admin_ui: Authenticates Centrify UI session.
"""
system_id, account_id, sys_info = setup_pas_system_for_unix
system_name = sys_info[0]
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(system_name)
ui.click_row(GridRowByGuid(system_id))
ui.click_row(GridRowByGuid(account_id))
ui.tab('Policy')
expected_checkout_lifetime_value = 16
ui.input('DefaultCheckoutTime', expected_checkout_lifetime_value)
ui.save()
ui.tab('Workflow')
ui.select_option('WorkflowEnabled', 'No')
ui.save()
ui.tab('Policy')
ui.refresh()
account_info = ResourceManager.get_account_information(
core_session, account_id)
# Getting Checkout Time value
actual_checkout_lifetime_value = account_info[0]['VaultAccount']['Row'][
'DefaultCheckoutTime']
assert expected_checkout_lifetime_value == actual_checkout_lifetime_value, f'{expected_checkout_lifetime_value} ' \
f'is not equal to ' \
f'{actual_checkout_lifetime_value} '
logger.info(
f'Checkout Lifetime value i.e.{expected_checkout_lifetime_value} did not get removed after refreshing '
f'the page.')
def test_checkout_lifetime_to_blank(core_session, pas_windows_setup):
"""
TC:C2213 Set the Checkout lifetime to blank.
:param core_session: Returns a API session.
:param pas_windows_setup: Returns a fixture
"""
# Getting the Id of the user.
user_details = core_session.__dict__
user_id = user_details['auth_details']['UserId']
# Adding a system with account.
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(
)
# Setting the lifetime checkout to 15 min.
checkout_lifetime = 15
updated_account_result, update_account_success = \
ResourceManager.update_account(core_session,
account_id,
sys_info[4],
host=system_id,
ismanaged=False,
default_checkout_time=checkout_lifetime)
assert update_account_success, f"Failed to add default checkout time: API response result:{updated_account_result}"
logger.info(
f'Successfully added default checkout time: {updated_account_result}"')
# Checking the lifetime checkout value.
account_info_result, account_info_success = ResourceManager.get_account_information(
core_session, account_id)
account_checkout_lifetime = account_info_result['VaultAccount']['Row'][
'DefaultCheckoutTime']
assert account_checkout_lifetime == checkout_lifetime, f'Failed to found default checkout time in account info: ' \
f'API response ' \
f'result:{account_info_result} '
logger.info(
f"Successfully Found check out time in account info: {account_checkout_lifetime}"
)
# Setting the lifetime checkout to blank.
updated_account_result, update_account_success = ResourceManager.update_account(
core_session,
account_id,
sys_info[4],
host=system_id,
ismanaged=False,
default_checkout_time=None)
assert update_account_success, f"Failed to update default checkout time to blank: " \
f"API response result:{updated_account_result} "
logger.info(
f'Successfully updated default checkout time to blank:{updated_account_result}. '
)
# Checking the lifetime checkout value.
account_info_result, account_info_success = ResourceManager.get_account_information(
core_session, account_id)
updated_account_checkout_lifetime = account_info_result['VaultAccount'][
'Row']
assert 'DefaultCheckoutTime' not in updated_account_checkout_lifetime, "DefaultCheckoutTime is present"
logger.info(
f"'DefaultCheckoutTime' is not present in account info: {updated_account_checkout_lifetime}"
)
# Refreshing the page.
refresh_result = UserManager.refresh_token(core_session, user_id)
assert refresh_result[
"success"], f"Failed to reload:API response result:{refresh_result}"
# Checking the lifetime value after refresh.
modified_account_info_result, modified_account_info_success = ResourceManager. \
get_account_information(core_session, account_id)
modified_account_checkout_lifetime = modified_account_info_result[
'VaultAccount']['Row']
assert 'DefaultCheckoutTime' not in modified_account_checkout_lifetime, "DefaultCheckoutTime is present"
logger.info(
f"'DefaultCheckoutTime' is not present in account info: {updated_account_checkout_lifetime}"
)
def test_check_menu_two_sys_under_password_checkouts(core_session,
list_of_created_systems,
core_admin_ui,
cleanup_resources,
cleanup_accounts):
"""
TC:C2174 Check menu when choosing two systems under My Password Checkouts.
:param:core_session: Returns Authenticated Centrify session.
:param:list_of_created_systems:Container for created system.
:param:core_admin_ui: Returns browser session.
:param:cleanup_resources: Cleans up system.
:param:cleanup_accounts:Cleans up accounts.
"""
system_list = cleanup_resources[0]
accounts_list = cleanup_accounts[0]
# Creating multiple system and accounts.
batches = ResourceManager.add_multiple_systems_with_accounts(
core_session, 2, 1, list_of_created_systems)
all_systems, all_accounts = DataManipulation.aggregate_lists_in_dict_values(
[batches])
assert len(
ResourceManager.get_multi_added_system_ids(core_session, all_systems)) == 2, f"Failed to create multiple " \
f"system with accounts: API " \
f"response result: {batches} "
assert len(ResourceManager.get_multi_added_account_ids(core_session,
all_systems)) == 2, f"Failed to create multiple system " \
f"with accounts: API response result: " \
f"{batches} "
logger.info(
f'Successfully Created multiple system with accounts.:{batches}')
# Appending the created system and accounts id for cleanup.
for all_account in all_accounts:
accounts_list.append(all_account)
for all_system in all_systems:
system_list.append(all_system)
# Checking out password for the account created.
accounts_password_checkout = []
for account_id in all_accounts:
result, status = ResourceManager.check_out_password(
core_session, 1, account_id, 'test checkout account')
accounts_password_checkout.append(result['COID'])
assert status, f'Failed to checkout password: API response result: {result}'
# Getting the account name.
accounts_name = []
for account_id in all_accounts:
result, success = ResourceManager.get_account_information(
core_session, account_id)
accounts_name.append(result["VaultAccount"]["Row"]['User'])
# Validating "No actions available" after selecting two accounts from My Password Checkout Title in workspace.
ui = core_admin_ui
ui.navigate(("Workspace", "My Password Checkouts"))
ui.switch_context(RenderedTab('My Password Checkouts'))
ui.check_actions_by_guid([], accounts_password_checkout)
logger.info(
'Successfully found "No actions available." after password account checkout.'
)
def test_add_managed_account_without_password(domain_config_data, core_session,
core_ui):
"""
TCID: C1329: Add a managed account without password
:param core_ui: To Open the UI
:param core_session: To create the session
"""
conf = domain_config_data
name = conf['pas_bat_scenario1_infrastructure_data'][0]
domain_name = name["Domain_name3"]
data = conf['pas_scenario1_new_accounts'][0]
account_name = data['Managed_account']
ui = core_ui
ui.navigate("Resources", "Domains")
ui.search(domain_name)
ui.click_row(GridRow(domain_name))
ui.user_menu("Reload Rights")
ui._waitUntilSettled()
ui.launch_modal("Add", modal_title="Add Account")
ui.expect(CheckedCheckbox("IsManaged"), f'Checkbox is not checked already')
expected_tooltip_value = "When enabled, the domain administrative account is used to set and manage a password for this account."
ui.input("User", account_name)
tooltip_element = ui._searchAndExpect(
HoverOnToolTip("x-img tooltip-icon x-box-item x-img-default"),
f'Could not able to get the tooltip value')
tooltip_element.try_click()
actual_tooltip_value = ui._searchAndExpect(
Div(expected_tooltip_value),
f'could not able to find the tool tip value')
actual_tooltip_message = actual_tooltip_value.text
assert expected_tooltip_value in actual_tooltip_message, f'tooltip text is not matching'
logger.info(f"ToolTip text: {actual_tooltip_value}")
ui.button("Add")
ui.user_menu("Reload Rights")
ui._waitUntilSettled()
account_id = None
results = ServerManager.get_all_accounts(core_session)
for result in results:
if result['User'] == account_name:
account_id = result['ID']
ui.expect(GridCell("Missing Password"), f'Password is not missing')
while True:
result, success = ResourceManager.get_account_information(
core_session, account_id)
if result['VaultAccount']['Row']['Status'] != "Missing Password":
break
else:
continue
activity = RedrockController.get_account_activity(core_session, account_id)
detail = []
for activity_logs in activity:
detail.append(activity_logs['Detail'])
assert f'SYSTEM$ changed domain account "{account_name}" password for {domain_name}' in detail[0], \
f'could not able to change password'
logger.info(f"ToolTip text: {detail}")
result, success = ResourceManager.del_account(core_session, account_id)
assert success, f"Account did not get deleted"
logger.info(f"deleted account response: {success}")
def test_check_permission_name_on_portal(core_session, pas_setup, clean_up_collections):
"""
Test case: C2059
:param core_session: Authenticated Centrify Session
:param pas_setup: fixture to create system with accounts in portal
:param core_admin_ui: Authenticated Centrify ui session
"""
system_id, account_id, sys_info = pas_setup
# Getting the Id of the user.
user_details = core_session.__dict__
user_id = user_details['auth_details']['UserId']
User_name = user_details['auth_details']['User']
# Assigning 'UserPortalLogin' permission to user for account.
account_result, account_success = ResourceManager.assign_account_permissions(core_session, 'UserPortalLogin',
User_name,
user_id, 'User',
account_id)
assert account_success, f"Failed to give 'UserPortalLogin' permission to user: {User_name} for " \
f"Account: {account_id}. API response 'Result': {account_result}"
logger.info(f"'UserPortalLogin' permission given to user: {User_name} for Account:{account_id}.")
# Fetching account information to validate desired account is un managed
result, status = ResourceManager.get_account_information(core_session, account_id)
assert status, f"failed to retrieve account information, returned result is {result}"
set_name = f"test_setname{guid()}"
status, set_result = SetsManager.create_manual_collection(core_session, set_name, "VaultAccount",
object_ids=[account_id])
assert status, f"failed to create set {set_name}, returned result is {set_result}"
logger.info(f"set {set_name} created for account {sys_info[4]} of system {sys_info[0]}")
clean_up_collections.append(set_result) # Set cleanup list
# "Workspace Login" rather than "Portal Login" in granted permission activity
result, success = ResourceManager.assign_account_permissions(core_session, "UserPortalLogin",
User_name, user_id,
pvid=account_id)
assert success, f'failed to assign permissions "UserPortalLogin" to ' \
f'{User_name} for account {sys_info[4]} ' \
f'for system {sys_info[0]}'
activity = RedrockController.get_account_activity(core_session, account_id)
assert activity[0]['Detail'] == f'{User_name} granted User "{User_name}" to have "Workspace Login" permissions ' \
f'on local account "{sys_info[4]}" for "{sys_info[0]}"({sys_info[1]})' \
f' with credential type Password ', 'No Workspace Login keyword found in ' \
'retrieved permission activity '
logger.info(f'Displayed "Workspace Login" rather than "Portal Login" in granted permission activity for '
f'account {sys_info[4]}')
status, result, SetsManager.set_collection_member_permission(core_session, User_name,
user_id,
"UserPortalLogin", set_result)
assert status, f'failed to assign workspace login permission to ' \
f'user {User_name} for set {set_name}'
logger.info(f'successfully assigned work space login permission to user {User_name}.')
# "Workspace Login" in set activity
set_activity_rows = ResourceManager.get_activity_for_collection(core_session, set_result)
assert set_activity_rows[0]['Detail'] == f'{User_name} granted User ' \
f'"{User_name}" to have ' \
f'"Workspace Login" permissions on the account set "{set_name}"', \
f'failed to get {set_name} activity for permissions'
logger.info(f'displayed "Workspace Login" in activity in set {set_name} activity')
# displayed "Workspace Login" in user profile activity
user_profile_activity = RedrockController.get_user_activity_profile(core_session, user_id)
counter = 0
while counter < 10:
user_profile_activity = RedrockController.get_user_activity_profile(core_session, user_id)
if user_profile_activity[0]['EventMessage'].__contains__(sys_info[0]):
break
counter += 1
assert user_profile_activity[0]['EventMessage'] == f'{User_name} ' \
f'granted User "{User_name}" to have "Workspace Login" ' \
f'permissions on local account "{sys_info[4]}" ' \
f'for "{sys_info[0]}"({sys_info[1]}) with credential type ' \
f'Password ', \
f'No Workspace Login keyword found in retrieved permission activity '
logger.info('displayed "Workspace Login" in user profile activity')
