def test_negative_update_to_invalid(shared_client, cleanup,
isolated_filesystem):
"""Attempt to update valid credential with invalid data.
:id: c34ea917-ee36-4b93-8907-24a5f87bbed3
:description: Create valid network credentials, then attempt to update to
be invalid.
:steps:
1) Create valid credentials with passwords or sshkey.
2) Update the network credentials:
a) using both password and sshkey
b) missing both password and sshkey
:expectedresults: Error codes are returned and the network credentials are
not updated.
"""
sshkeyfile_name = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
cred = Credential(
cred_type="network",
client=shared_client,
ssh_keyfile=f"/sshkeys/{tmp_dir}/{sshkeyfile_name}",
)
cred.create()
# add the id to the list to destroy after the test is done
cleanup.append(cred)
assert_matches_server(cred)
cred.client = api.Client(api.echo_handler)
# Try to update with both sshkeyfile and password
cred.password = uuid4()
response = cred.update()
assert response.status_code == 400
assert "either a password or an ssh_keyfile, not both" in response.text
cred.password = None
assert_matches_server(cred)
# Try to update with both sshkeyfile and password missing
old = cred.ssh_keyfile
del cred.ssh_keyfile
response = cred.update()
assert response.status_code == 400
assert "must have either a password or an ssh_keyfile" in response.text
cred.ssh_keyfile = old
assert_matches_server(cred)
def test_update_password_to_sshkeyfile(shared_client, cleanup,
isolated_filesystem):
"""Create a network credential using password and switch it to use sshkey.
:id: 6e557092-192b-4f75-babc-abc5774fe965
:description: Create a network credential with password, then update it
to use a sshkey.
:steps:
1) Create a network credential with a username and password.
2) Update the network credential deleting password and adding sshkey.
3) Confirm network credential has been updated.
:expectedresults: The network credential is updated.
"""
cred = Credential(cred_type="network",
client=shared_client,
password=uuid4())
cred.create()
# add the id to the list to destroy after the test is done
cleanup.append(cred)
assert_matches_server(cred)
sshkeyfile_name = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
cred.ssh_keyfile = f"/sshkeys/{tmp_dir}/{sshkeyfile_name}"
cred.password = None
cred.update()
assert_matches_server(cred)
def test_update_sshkey_to_password(shared_client, cleanup,
isolated_filesystem):
"""Create a network credential using password and switch it to use sshkey.
:id: d24a54b5-3d8c-44e4-a0ae-61584a15b127
:description: Create a network credential with a sshkey, then update it
to use a password.
:steps:
1) Create a network credential with a username and sshkey.
2) Update the network credential deleting sshkey and updating
password.
3) Confirm network credential has been updated.
:expectedresults: The network credential is updated.
"""
sshkeyfile_name = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
cred = Credential(cred_type="network",
ssh_keyfile=f"/sshkeys/{tmp_dir}/{sshkeyfile_name}")
cred.create()
# add the id to the list to destroy after the test is done
cleanup.append(cred)
assert_matches_server(cred)
cred.client.response_handler = api.echo_handler
cred.password = uuid4()
cred.ssh_keyfile = None
cred.update()
assert_matches_server(cred)
def get_source(source_type, cleanup):
"""Retrieve a single network source if available from config file.
:param source_type: The type of source to be created. This function
retreives one source of matching type from the config file.
:param cleanup: The "cleanup" list that tests use to destroy objects after
a test has run. The "cleanup" list is provided by the py.test fixture
of the same name defined in camayoc/tests/qpc/conftest.py.
Sources are retreived from the following section and are assumed to be
available on demand and do not require their power state to be managed.
The expected configuration in the Camayoc's configuration file is as
follows::
qpc:
# other needed qpc config data
sources:
- hosts:
- '127.0.0.1'
name: local
type: network
credentials:
- root
The credential listed is assumed to be in the top level 'credentials'
section.
This source is meant to be used for tests where we do not care about the
results of the scan, for example tests that assert we can pause and restart
a scan.
:returns: camayoc.qpc_models.Source of the same type that was requested
with the 'source_type' parameter. The returned source has been created
on server and has all credentials listed in config file created and
associtated with it.
"""
cfg = config.get_config()
cred_list = cfg.get("credentials", [])
src_list = cfg.get("qpc", {}).get("sources", [])
config_src = {}
if not (src_list and cred_list):
return
for src in src_list:
if src.get("type") == source_type:
config_src = src
if config_src:
config_src.setdefault("credential_ids", [])
src_creds = config_src.get("credentials")
for cred in src_creds:
for config_cred in cred_list:
if cred == config_cred["name"]:
server_cred = Credential(cred_type=source_type,
username=config_cred["username"])
if config_cred.get("password"):
server_cred.password = config_cred["password"]
else:
server_cred.ssh_keyfile = config_cred["sshkeyfile"]
server_cred.create()
cleanup.append(server_cred)
config_src["credential_ids"].append(server_cred._id)
server_src = Source(
hosts=config_src["hosts"],
credential_ids=config_src["credential_ids"],
source_type=source_type,
)
if config_src.get("options"):
server_src.options = config_src.get("options")
server_src.create()
cleanup.append(server_src)
return server_src