def test_positive_automate_bz1426957(ldap_auth_source, function_user_group): """Verify role is properly reflected on AD user. :id: 1c1209a6-5bb8-489c-a151-bb2fce4dbbfc :expectedresults: Roles from usergroup is applied on AD user successfully. :CaseLevel: Integration :BZ: 1426957, 1667704 """ ext_user_group = make_usergroup_external({ 'auth-source-id': ldap_auth_source['id'], 'user-group-id': function_user_group['id'], 'name': 'foobargroup', }) assert ext_user_group['auth-source'] == ldap_auth_source['ldap_hostname'] role = make_role() UserGroup.add_role({ 'id': function_user_group['id'], 'role-id': role['id'] }) Task.with_user(username=ldap_auth_source['user_name'], password=ldap_auth_source['user_password']).list() UserGroupExternal.refresh({ 'user-group-id': function_user_group['id'], 'name': 'foobargroup' }) assert role['name'] in User.info({'login': ldap_auth_source['user_name'] })['user-groups'] User.delete({'login': ldap_auth_source['user_name']})
def test_negative_synchronize_auth_yum_repo(self): """Check if secured repo fails to synchronize with invalid credentials @id: 809905ae-fb76-465d-9468-1f99c4274aeb @Assert: Repository is created but synchronization fails @CaseLevel: Integration """ url = FAKE_5_YUM_REPO for creds in [cred for cred in valid_http_credentials(url_encoded=True) if not cred['http_valid']]: url_encoded = url.format( creds['login'], creds['pass'] ) with self.subTest(url): new_repo = self._make_repository({ u'content-type': u'yum', u'url': url_encoded, }) # Try to synchronize it repo_sync = Repository.synchronize( {'id': new_repo['id'], u'async': True} ) Task.progress({u'id': repo_sync[0]['id']}) self.assertEqual( Task.progress({u'id': repo_sync[0]['id']})[0], u'Yum Metadata: Unauthorized' )
def test_rhsso_timeout_using_hammer( self, enable_external_auth_rhsso, rhsso_setting_setup_with_timeout, rh_sso_hammer_auth_setup, ): """verify the hammer auth timeout using RHSSO auth source :id: d014cc98-d198-11ea-b526-d46d6dd3b5b2 :expectedresults: hammer auth login timeout should be suceessful for a rhsso user :CaseImportance: Medium """ result = AuthLogin.oauth({ 'oidc-token-endpoint': get_oidc_token_endpoint(), 'oidc-client-id': get_oidc_client_id(), 'username': settings.rhsso.rhsso_user, 'password': settings.rhsso.password, }) assert f"Successfully logged in as '{settings.rhsso.rhsso_user}'." == result[ 0]['message'] sleep(70) with pytest.raises(CLIReturnCodeError) as error: Task.with_user(username=settings.rhsso.rhsso_user, password=settings.rhsso.password).list() assert 'Unable to authenticate user sat_admin' in error.value.message
def test_positive_automate_bz1426957(self): """Verify role is properly reflected on AD user. :id: 1c1209a6-5bb8-489c-a151-bb2fce4dbbfc :expectedresults: Roles from usergroup is applied on AD user successfully. :CaseLevel: Integration :BZ: 1426957, 1667704 """ ext_user_group = make_usergroup_external( { 'auth-source-id': self.auth['server']['id'], 'user-group-id': self.user_group['id'], 'name': 'foobargroup', } ) self.assertEqual(ext_user_group['auth-source'], self.auth['server']['name']) role = make_role() UserGroup.add_role({'id': self.user_group['id'], 'role-id': role['id']}) with self.assertNotRaises(CLIReturnCodeError): Task.with_user(username=self.ldap_user_name, password=self.ldap_user_passwd).list() UserGroupExternal.refresh( {'user-group-id': self.user_group['id'], 'name': 'foobargroup'} ) self.assertEqual(User.info({'login': self.ldap_user_name})['user-groups'][1], role['name']) User.delete({'login': self.ldap_user_name})
def test_negative_synchronize_auth_yum_repo(self): """Check if secured repo fails to synchronize with invalid credentials @id: 809905ae-fb76-465d-9468-1f99c4274aeb @Assert: Repository is created but synchronization fails @CaseLevel: Integration """ url = FAKE_5_YUM_REPO for creds in [ cred for cred in valid_http_credentials(url_encoded=True) if not cred['http_valid'] ]: url_encoded = url.format(creds['login'], creds['pass']) with self.subTest(url): new_repo = self._make_repository({ u'content-type': u'yum', u'url': url_encoded, }) # Try to synchronize it repo_sync = Repository.synchronize({ 'id': new_repo['id'], u'async': True }) Task.progress({u'id': repo_sync[0]['id']}) self.assertEqual( Task.progress({u'id': repo_sync[0]['id']})[0], u'Yum Metadata: Unauthorized')
def test_positive_automate_bz1426957(self): """Verify role is properly reflected on AD user. :id: 1c1209a6-5bb8-489c-a151-bb2fce4dbbfc :expectedresults: Roles from usergroup is applied on AD user successfully. :CaseLevel: Integration :BZ: 1426957 """ ext_user_group = make_usergroup_external({ 'auth-source-id': self.auth['server']['id'], 'user-group-id': self.user_group['id'], 'name': 'foobargroup' }) self.assertEqual( ext_user_group['auth-source'], self.auth['server']['name'] ) role = make_role() UserGroup.add_role({'id': self.user_group['id'], 'role-id': role['id']}) with self.assertNotRaises(CLIReturnCodeError): Task.with_user(username=self.ldap_user_name, password=self.ldap_user_passwd).list() UserGroupExternal.refresh({ 'user-group-id': self.user_group['id'], 'name': 'foobargroup' }) self.assertEqual(User.info({'login': self.ldap_user_name})['user-groups'][1], role['name']) User.delete({'login': self.ldap_user_name})
def test_positive_use_alternate_directory(self, fixture_vmsetup, module_org, default_sat): """Use alternate working directory on client to execute rex jobs :id: a0181f18-d3dc-4bd9-a2a6-430c2a49809e :expectedresults: Verify the job was successfully ran against the host :customerscenario: true :parametrized: yes """ client = fixture_vmsetup testdir = gen_string('alpha') result = client.run(f'mkdir /{testdir}') assert result.status == 0 result = client.run(f'chcon --reference=/var /{testdir}') assert result.status == 0 result = default_sat.execute( f"sed -i r's/^:remote_working_dir:.*/:remote_working_dir: \\/{testdir}/' \ /etc/foreman-proxy/settings.d/remote_execution_ssh.yml", ) assert result.status == 0 result = default_sat.execute('systemctl restart foreman-proxy') assert result.status == 0 command = f'echo {gen_string("alpha")}' invocation_command = make_job_invocation({ 'job-template': 'Run Command - SSH Default', 'inputs': f'command={command}', 'search-query': f"name ~ {client.hostname}", }) result = JobInvocation.info({'id': invocation_command['id']}) try: assert result['success'] == '1' except AssertionError: output = ' '.join( JobInvocation.get_output({ 'id': invocation_command['id'], 'host': client.hostname })) result = f'host output: {output}' raise AssertionError(result) task = Task.list_tasks({"search": command})[0] search = Task.list_tasks({"search": f'id={task["id"]}'}) assert search[0]["action"] == task["action"]
def test_rhsso_login_using_hammer(self, enable_external_auth_rhsso, rhsso_setting_setup, rh_sso_hammer_auth_setup): """verify the hammer auth login using RHSSO auth source :id: 56c09a1a-d0e5-11ea-9024-d46d6dd3b5b2 :expectedresults: hammer auth login should be suceessful for a rhsso user :CaseImportance: High """ result = AuthLogin.oauth({ 'oidc-token-endpoint': get_oidc_token_endpoint(), 'oidc-client-id': get_oidc_client_id(), 'username': settings.rhsso.rhsso_user, 'password': settings.rhsso.password, }) assert f"Successfully logged in as '{settings.rhsso.rhsso_user}'." == result[ 0]['message'] result = Auth.with_user(username=settings.rhsso.rhsso_user, password=settings.rhsso.password).status() assert ( f"Session exists, currently logged in as '{settings.rhsso.rhsso_user}'." == result[0]['message']) task_list = Task.with_user(username=settings.rhsso.rhsso_user, password=settings.rhsso.password).list() assert len(task_list) >= 0 with pytest.raises(CLIReturnCodeError) as error: Role.with_user(username=settings.rhsso.rhsso_user, password=settings.rhsso.password).list() assert 'Missing one of the required permissions' in error.value.message
def test_positive_run_default_job_template_by_ip(self, fixture_vmsetup, fixture_org): """Run default template on host connected by ip and list task :id: 811c7747-bec6-4a2d-8e5c-b5045d3fbc0d :expectedresults: Verify the job was successfully ran against the host and task can be listed by name and ID :BZ: 1647582 :parametrized: yes """ self.org = fixture_org self.client = fixture_vmsetup # set connecting to host via ip Host.set_parameter( { 'host': self.client.hostname, 'name': 'remote_execution_connect_by_ip', 'value': 'True', } ) command = "echo {}".format(gen_string('alpha')) invocation_command = make_job_invocation( { 'job-template': 'Run Command - SSH Default', 'inputs': f'command={command}', 'search-query': f"name ~ {self.client.hostname}", } ) try: assert invocation_command['success'] == '1' except AssertionError: result = 'host output: {}'.format( ' '.join( JobInvocation.get_output( {'id': invocation_command['id'], 'host': self.client.hostname} ) ) ) raise AssertionError(result) task = Task.list_tasks({"search": command})[0] search = Task.list_tasks({"search": 'id={}'.format(task["id"])}) assert search[0]["action"] == task["action"]
def test_negative_synchronize_auth_yum_repo(self): """Check if secured repo fails to synchronize with invalid credentials @id: 809905ae-fb76-465d-9468-1f99c4274aeb @Assert: Repository is created but synchronization fails @CaseLevel: Integration """ url = FAKE_5_YUM_REPO for creds in [cred for cred in valid_http_credentials(url_encoded=True) if not cred["http_valid"]]: url_encoded = url.format(creds["login"], creds["pass"]) with self.subTest(url): new_repo = self._make_repository({u"content-type": u"yum", u"url": url_encoded}) # Try to synchronize it repo_sync = Repository.synchronize({"id": new_repo["id"], u"async": True}) Task.progress({u"id": repo_sync[0]["id"]}) self.assertEqual(Task.progress({u"id": repo_sync[0]["id"]})[0], u"Yum Metadata: Unauthorized")
def test_install_errata_to_one_host(module_org, errata_hosts, host_collection): """Install an erratum to one of the hosts in a host collection. :id: bfcee2de-3448-497e-a696-fcd30cea9d33 :expectedresults: Errata was successfully installed in only one of the hosts in the host collection :Setup: Errata synced on satellite server, custom package installed on errata hosts. :Steps: 1. Remove packages from one host. 2. host-collection erratum install --errata <errata> --id <id> --organization <org_name> 3. Assert first host does not have the package. 4. Assert second host does have the new package. :expectedresults: Erratum is only installed on one host. :BZ: 1810774 """ errata = REPO_WITH_ERRATA['errata'][0] # Remove the package on first host to remove need for errata. result = errata_hosts[0].execute(f'yum erase -y {errata["package_name"]}') assert result.status == 0, f'Failed to erase the rpm: {result.stdout}' # Apply errata to the host collection. install_task = HostCollection.erratum_install({ 'id': host_collection['id'], 'organization': module_org.name, 'errata': [errata['id']], }) Task.progress({'id': install_task[0]['id']}) assert not is_rpm_installed( errata_hosts[0], rpm=errata['package_name']), 'Package should not be installed on host.' assert is_rpm_installed( errata_hosts[1], rpm=errata['new_package']), 'Package should be installed on host.'
def test_positive_install_by_host_collection_and_org(module_org, host_collection, errata_hosts, filter_by_hc, filter_by_org): """Use host collection id or name and org id, name, or label to install an update on the host collection. :id: 1b063f76-c85f-42fb-a919-5de319b09b99 :parametrized: yes :Setup: Errata synced on satellite server. :Steps: host-collection erratum install --errata <errata> (--id <hc_id>|--name <hc_name>) (--organization-id <org_id>|--organization <org_name>|--organization-label <org_label>) :expectedresults: Erratum is installed. :CaseLevel: System :BZ: 1457977 """ param = {'errata': [REPO_WITH_ERRATA['errata'][0]['id']]} if filter_by_hc == 'id': param['id'] = host_collection['id'] elif filter_by_hc == 'name': param['name'] = host_collection['name'] if filter_by_org == 'id': param['organization-id'] = module_org.id elif filter_by_org == 'name': param['organization'] = module_org.name elif filter_by_org == 'label': param['organization-label'] = module_org.label install_task = HostCollection.erratum_install(param) Task.progress({'id': install_task[0]['id']}) for host in errata_hosts: assert is_rpm_installed(host)
def test_positive_run_default_job_template_by_ip(self, rex_contenthost): """Run default template on host connected by ip and list task :id: 811c7747-bec6-4a2d-8e5c-b5045d3fbc0d :expectedresults: Verify the job was successfully ran against the host and task can be listed by name and ID :BZ: 1647582 :customerscenario: true :parametrized: yes """ client = rex_contenthost command = f'echo {gen_string("alpha")}' invocation_command = make_job_invocation({ 'job-template': 'Run Command - SSH Default', 'inputs': f'command={command}', 'search-query': f"name ~ {client.hostname}", }) result = JobInvocation.info({'id': invocation_command['id']}) try: assert result['success'] == '1' except AssertionError: result = 'host output: {}'.format(' '.join( JobInvocation.get_output({ 'id': invocation_command['id'], 'host': client.hostname }))) raise AssertionError(result) task = Task.list_tasks({'search': command})[0] search = Task.list_tasks({'search': f'id={task["id"]}'}) assert search[0]['action'] == task['action']