def check_rights(session, ui_user, api_user, expected_rights):
assert ui_user == api_user, f'UI and API fixtures should return the same user'
response = UserManager.get_user_role_rights(session, api_user.get_id())
if expected_rights[0] is not None:
assert response['Result'][
'Count'] == 2, f'User should be in everybody role, and a role with admin rights'
else:
assert response['Result'][
'Count'] == 1, f'User should be in everybody role only'
rights_role_found = False
everbody_found = False
for result in response['Result']['Results']:
row = result['Row']
if len(row['AdministrativeRights']) > 0:
rights_found = list(
map(lambda right: right['Description'],
row['AdministrativeRights']))
rights_found.sort()
expected_rights.sort()
assert rights_found == expected_rights, f'Role with administrative rights does not have expected rights {expected_rights}, instead has {rights_found}'
rights_role_found = True
elif row['Name'] == 'Everybody':
everbody_found = True
else:
assert False, f'Unexpected role found {row}'
if expected_rights[0] is not None:
assert rights_role_found is True, f'Role containing expected rights found'
assert everbody_found is True, f'Everybody role not found'
def test_assign_view_permission_to_shared_report(core_session, create_report,
users_and_roles):
"""
TCID: C6351 Assign 'View' permission to shared report
:param core_session: Centrify Authentication session
:param create_report: To create the report
:param users_and_roles: To open an UI and assign specific right to user
"""
my_report = create_report(core_session,
"Select Name From Server",
dir="/Reports")
report_name = my_report['Name']
grant_str = "0000000000000000000000000000000000000000000000000000000010000100"
ui = users_and_roles.get_ui_as_user("Application Management")
user_details = ui.get_user()
user_name = user_details.get_login_name()
user_id = user_details.get_id()
role = UserManager.get_user_role_rights(core_session, user_id)
assign_result = ReportsManager.assign_directory_rights_to_role(
core_session, "/Reports",
[{
"Role": role['Result']['Results'][0]['Entities'][0]['Key'],
"Rights": ["Read"]
}, {
"Role": "Everybody",
"Rights": ["Read"]
}])
assert assign_result, f'Failed to give the read the permission to Shared Folder'
result, success, message = ReportsManager.update_report_permission(
core_session, user_name, user_id, grant_str, report_name, ['Read'])
assert success, f'Failed to assign View permission to Application Management user:{message}'
logger.info(
f'Successfully assign the View permission to Application Management user:{result}'
)
ui.navigate("Reports", check_rendered_tab=False)
ui.expect_disappear(LoadingMask(), "Reports page did not loaded properly")
ui.expect(RestCallComplete(), "Expected rest call to complete.")
ui.expect(TreeFolder("Shared Reports"),
"Failed to find shared Reports Tab under Reports",
time_to_wait=60)
shared_reports_button = ui._searchAndExpect(
TreeFolder("Shared Reports"),
f'Expected find Shared Reports Folder in Tree',
time_to_wait=60)
shared_reports_button.try_click()
ui.expect(
GridCell(report_name),
f'Can not see the shared report which assigned View permission to federation user'
)
ui.check_actions(["Copy", "Details", "Export Report", "Email Report"],
report_name)
ui.action("Details", report_name)
session = users_and_roles.get_session_for_user('Application Management')
query = "Select * from role"
result, success, message = ReportsManager.modify_report(
session, "/Reports", report_name, query)
assert success is False, f'Report modified:{result}'
logger.info(f'Report can not modified, API response: {message}')
def test_assign_edit_permission_to_shared_report(core_session, create_report, users_and_roles):
"""
TCID: C6352 Assign 'Edit' permission to shared report
:param core_session: Centrify Authentication session
:param create_report: To create the report
:param users_and_roles: To open an UI and assign specific right to user
"""
my_report = create_report(core_session, "Select Name From Server", dir="/Reports")
report_name = my_report['Name']
grant_str = "0000000000000000000000000000000000000000000000000000000011101100"
ui = users_and_roles.get_ui_as_user("MFA Unlock")
user = ui.get_user()
user_name = user.get_login_name()
user_id = user.get_id()
role = UserManager.get_user_role_rights(core_session, user_id)
assign_result = ReportsManager.assign_directory_rights_to_role(core_session, "/Reports",
[{"Role":
role['Result']['Results'][0]['Entities'][0][
'Key'],
"Rights": ["Read"]},
{"Role": "Everybody",
"Rights": ["Read"]
}])
assert assign_result, f'Failed to give the read the permission to Shared Folder'
result, success, message = ReportsManager.update_report_permission(core_session, user_name,
user_id, grant_str, report_name, ['ReadWrite'])
assert success, f'Failed to assign Edit permission to MFA user:{message}'
logger.info(f'Successfully assign the Edit permission to MFA user:{result}')
ui.navigate("Reports", check_rendered_tab=False)
ui.expect_disappear(LoadingMask(), "Report page did not load properly", 60)
ui.expect(RestCallComplete(), "Expected rest call to complete.")
ui.expect(TreeFolder("Shared Reports"), "Failed to find shared Reports Tab under Reports", time_to_wait=60)
shared_reports_button = ui._searchAndExpect(TreeFolder("Shared Reports"),
f'Expected find Shared Reports Folder in Tree', time_to_wait=60)
shared_reports_button.try_click()
ui.expect(GridCell(report_name),
f'Can not see the shared report which assigned Edit permission to MFA user')
ui.check_actions(["Copy", "Move", "Delete", "Modify", "Export Report", "Email Report"], report_name)
ui.action("Modify", report_name)
session = users_and_roles.get_session_for_user('MFA Unlock')
query = "Select * From role"
result, success, message = ReportsManager.modify_report(session, "/Reports", report_name, query)
assert success, f'Script editor could not modified successfully:{message}'
logger.info(f'Script editor could not modified successfully:{result}')
ui.tab("Permissions")
ui.expect(DisabledButton("Add"), "Add is not grey can edit the permission")
logger.info(f"'Add' button is grey, and cannot modify the existing permission")
def test_assign_grant_permission_to_shared_reports(core_session, create_report, users_and_roles):
"""
TCID: C6353 Assign 'Grant' permission to shared report
:param core_session: Centrify Authentication Session
"""
my_report = create_report(core_session, "Select Name From Server", dir="/Reports")
report_name = my_report['Name']
session_user = core_session.get_user()
session_user_name = session_user.get_login_name()
session_user_id = session_user.get_id()
grant_str = "0000000000000000000000000000000000000000000000000000000011101101"
ui = users_and_roles.get_ui_as_user("Federation Management")
user_details = ui.get_user()
user_name = user_details.get_login_name()
user_id = user_details.get_id()
role = UserManager.get_user_role_rights(core_session, user_id)
assign_result = ReportsManager.assign_directory_rights_to_role(core_session, "/Reports",
[{"Role": role['Result']['Results'][0]['Entities'][0][
'Key'],
"Rights": ["Read"]},
{"Role": "Everybody",
"Rights": ["Read"]
}])
assert assign_result, f'Failed to give the read the permission to Shared Folder'
result, success, message = ReportsManager.update_report_permission(core_session, user_name, user_id, grant_str,
report_name, ['Owner'])
assert success, f'Failed to assign grant permission to Federation user:{message}'
logger.info(f'Successfully assign the grant permission to federation user:{result}')
ui.navigate("Reports", check_rendered_tab=False)
ui.expect_disappear(LoadingMask(), 'Report page did not load properly')
ui.expect(TreeFolder("My Reports"), "Failed to find Shared Reports Tab under Reports", time_to_wait=30)
ui.expect(TreeFolder("Shared Reports"), f'Expected find Shared Reports Folder in Tree', time_to_wait=30).try_click()
ui.expect(GridCell(report_name),
f'Can not see the shared report which assigned grant permission to federation user')
ui.check_actions(["Copy", "Move", "Delete", "Modify", "Export Report", "Email Report"], report_name)
ui.action("Modify", report_name)
ui.expect(Div("Report Builder"), f'Failed to enter report detail page')
session = users_and_roles.get_session_for_user('Federation Management')
result, success, message = ReportsManager.update_report_permission(session,
session_user_name, session_user_id,
grant_str, report_name, ['Owner'])
assert success, f'Failed to save permission, API response: {message}'
logger.info(f'Permission saved successfully:{result}')