def test_search_people_embedded(session):
# with embedded person
r = search.people(
session,
by="employeenumber",
search_filter="1015463230",
limit=1,
embedded=["manager", "erparent"],
)
# with other possibly embedded stuff
r = search.people(
session,
by="employeenumber",
search_filter="1015463230",
limit=1,
embedded=[
"erroles",
"description",
"manager",
], # only manager gets embedded here bc of api limitations
roles=True,
)
# with no embeds
r = search.people(
session,
by="employeenumber",
search_filter="1015463230",
limit=1,
)
# wrong embed
r = search.people(
session,
by="employeenumber",
search_filter="1015463230",
embedded=["fiuhwe"],
limit=1,
)
# empty list
r = search.people(
session,
by="employeenumber",
search_filter="1015463230",
embedded=[],
limit=1,
)
print(r)
def test_new_rol(session):
parent = search.organizational_container(session, "organizations",
test_org)[0]
owners = [
p.dn for p in search.people(
session, by="employeenumber", search_filter="1015463230")
]
owners_roles = [
r.dn
for r in search.roles(session, search_filter="ITIM Administrators")
]
# creación
rolinfo = {
"name": "rol_prueba",
"description": "rol_prueba",
"parent": parent,
"classification": "role.classification.business",
"access_option": 2,
"access_category": "Role",
"owners": owners + owners_roles,
}
r = StaticRole(session, role_attrs=rolinfo)
print(r)
def test_modificar_dejar_huerfana_cuenta(session):
parent = search.organizational_container(session, "organizations",
test_org)[0]
service = search.service(session, parent,
search_filter=test_service_name)[0]
n = random.randint(0, 10000)
test_person_attrs = {
"cn": ".",
"givenname": "prueba",
"sn": n,
"employeenumber": n,
"manager": test_manager,
"description": test_description,
"departmentnumber": test_dep,
"title": test_title,
"mail": "*****@*****.**",
"mobile": "*****@*****.**",
}
# crea persona y la busca
p = Person(session, person_attrs=test_person_attrs)
p.add(session, parent, "test")
time.sleep(5)
owner = search.people(session, by="employeenumber", search_filter=n)[0]
justification = "ok"
# crear
attrs = get_account_defaults(session, service, owner)
cuenta = Account(session, account_attrs=attrs)
r = cuenta.add(session, owner, service, justification)
time.sleep(3)
# modificar
cuentas = owner.get_accounts(session)
cuenta_test = [c for c in cuentas
if c.service_name == test_service_name][0]
cuenta_test.title = "new title"
cuenta_test.sn = "nueva description"
changes = {
"title": "newer title",
"employeenumber": 347231
} # this should stay
cuenta_test.modify(session, justification, changes)
try:
cuenta_test.orphan(session)
time.sleep(5)
cuentas = owner.get_accounts(session)
cuenta_test = [
c for c in cuentas if c.service_name == test_service_name
]
assert len(cuenta_test) < 1
except Exception as e:
pass
def test_crear_modificar_eliminar_dynrol(session):
parent = search.organizational_container(session, "organizations",
test_org)[0]
owners = [
p.dn for p in search.people(
session, by="employeenumber", search_filter="1015463230")
]
owners_roles = [
r.dn
for r in search.roles(session, search_filter="ITIM Administrators")
]
# creación
name = "dynrol_prueba"
rolinfo = {
"name": name,
"description": "dynrol_prueba",
"parent": parent,
"classification": "role.classification.business",
"access_option": 2,
"access_category": "Role",
"owners": owners + owners_roles,
"rule": "(title=ROLETEST)",
}
rol = DynamicRole(session, role_attrs=rolinfo)
rol.add(session)
time.sleep(3)
rol_creado = search.roles(session, search_filter=name)
assert rol_creado[0].name == name
rol_creado = rol_creado[0]
# mod
changes = {
"name": "dynrol_prueba_mod",
"rule": "(departmentnumber=ROLETEST)"
}
rol_creado.description = "prueba_desc"
rol_creado.modify(session, changes)
time.sleep(3)
# esto hace lookup en SIM y compara con los atributos de acá
assert DynamicRole(session,
dn=rol_creado.dn).description == rol_creado.description
# del
rol_creado.delete(session)
time.sleep(3)
try:
DynamicRole(session, dn=rol_creado.dn)
except NotFoundError:
assert True
else:
assert False
def test_get_embedded(session):
r = search.people(
session,
by="employeenumber",
search_filter="1015463230",
limit=1,
)
r[0].get_embedded(session, ["manager"])
r[0].get_embedded(session, ["erparent"], roles=True)
print(r[0])
def test_get_pending_activities_abort(session):
# required attributes on the Person form (more can be included)
info_persona = {
"givenname": "te",
"sn": "st",
"cn": "test",
"initials": "CC",
"employeenumber": random.randint(1, 99999999),
"departmentnumber": test_dep,
"manager": test_manager,
"title": "test",
"description": test_description,
"businesscategory": "test",
"mobile": "*****@*****.**",
}
persona = Person(session, person_attrs=info_persona)
# crear y validar
parent = search.organizational_container(session, "organizations",
test_org)[0]
persona.add(session, parent, "ok")
time.sleep(5)
persona_creada = search.people(
session,
by="employeenumber",
search_filter=info_persona["employeenumber"],
attributes="*",
limit=1,
)[0]
assert persona_creada.employeenumber == str(info_persona["employeenumber"])
accesses = search.access(session, search_filter="*",
limit=2) # get two accesses
r = persona_creada.request_access(session, accesses, "ok")
time.sleep(3)
request_id = r.request.id
request = Request(session, id=request_id)
from_request = request.get_pending_activities(session)
from_search = search.activities(session, "requestId", request_id)
assert len(from_request) == len(from_search)
request.abort(session, "ok")
time.sleep(3)
aborted = Request(session, id=request_id)
assert aborted.process_state == "A"
def test_crear_cuenta(session):
parent = search.organizational_container(session, "organizations",
test_org)[0]
service = search.service(session,
parent,
search_filter="Directorio Activo")[0]
owner = search.people(session,
by="employeenumber",
search_filter="55608311080")[0]
justification = "ok"
attrs = get_account_defaults(session, service, owner)
cuenta = Account(session, account_attrs=attrs)
cuenta.add(session, owner, service, justification)
def test_request_access_approve(session):
# required attributes on the Person form (more can be included)
info_persona = {
"givenname": "te",
"sn": "st",
"cn": "test",
"initials": "CC",
"employeenumber": random.randint(1, 99999999),
"departmentnumber": test_dep,
"manager": test_manager,
"title": "test",
"description": test_description,
"businesscategory": "test",
"mobile": "*****@*****.**",
}
persona = Person(session, person_attrs=info_persona)
# crear y validar
parent = search.organizational_container(session, "organizations",
test_org)[0]
persona.add(session, parent, "ok")
time.sleep(5)
persona_creada = search.people(
session,
by="employeenumber",
search_filter=info_persona["employeenumber"],
attributes="*",
limit=1,
)[0]
assert persona_creada.employeenumber == str(info_persona["employeenumber"])
accesses = search.access(session, search_filter="*",
limit=2) # get two accesses
r = persona_creada.request_access(session, accesses, "ok")
time.sleep(3)
request_id = r.request.id
print(r)
actividades = search.activities(session, "requestId", request_id)
# complete
r2 = actividades[0].complete(session, "approve", "ok")
print(r2)
# now try to complete it again
r3 = actividades[0].complete(session, "approve", "ok")
print(r3)
def test_get_account_defaults(session):
parent = search.organizational_container(session, "organizations",
test_org)[0]
service = search.service(session,
parent,
search_filter="Directorio Activo")[0]
person = search.people(session,
by="employeenumber",
search_filter="1015463230")[0]
try:
r = get_account_defaults(session, service)
print(r)
except Exception as e:
print(e)
r = get_account_defaults(session, service, person)
print(r)
def test_crear_modificar_eliminar_rol_dataclasss(session):
parent = search.organizational_container(session, "organizations",
test_org)[0]
owners = [
p.dn for p in search.people(
session, by="employeenumber", search_filter="1015463230")
]
owners_roles = [
r.dn
for r in search.roles(session, search_filter="ITIM Administrators")
]
# creación
rolinfo = {
"name": "rol_prueba",
"description": "rol_prueba",
"parent": parent,
"classification": "role.classification.business",
"access_option": 2,
"access_category": "Role",
"owners": owners + owners_roles,
}
role_atrrs = RoleAttributes(**rolinfo)
rol = StaticRole(session, role_attrs=role_atrrs)
rol.add(session)
assert hasattr(rol, "dn")
# mod
changes = {"name": "rol_prueba_mod"}
rol.description = "prueba_desc"
rol.modify(session, changes)
assert (StaticRole(session, dn=rol.dn).name == rol.name
) # busca el rol en sim y lo compara con el nuevo
# del
rol.delete(session)
try:
StaticRole(session, dn=rol.dn)
except NotFoundError:
assert True
else:
assert False
def test_suspender_restaurar_eliminar_cuenta(session):
parent = search.organizational_container(session, "organizations",
test_org)[0]
service = search.service(session, parent,
search_filter=test_service_name)[0]
n = random.randint(0, 10000)
test_person_attrs = {
"cn": ".",
"givenname": "prueba",
"sn": n,
"employeenumber": n,
"manager": test_manager,
"description": test_description,
"departmentnumber": test_dep,
"title": test_title,
"mail": "*****@*****.**",
"mobile": "*****@*****.**",
}
p = Person(session, person_attrs=test_person_attrs)
p.add(session, parent, "test")
time.sleep(5)
owner = search.people(session, by="employeenumber", search_filter=n)[0]
justification = "ok"
# crear
attrs = get_account_defaults(session, service, owner)
cuenta = Account(session, account_attrs=attrs)
r = cuenta.add(session, owner, service, justification)
time.sleep(3)
# suspender y probar
cuentas = owner.get_accounts(session)
cuenta_test = [c for c in cuentas
if c.service_name == test_service_name][0]
cuenta_test.suspend(session, justification)
time.sleep(3)
cuentas = owner.get_accounts(session)
cuenta_test = [c for c in cuentas
if c.service_name == test_service_name][0]
assert cuenta_test.eraccountstatus == "1"
# restaurar y probar
cuentas = owner.get_accounts(session)
cuenta_test = [c for c in cuentas
if c.service_name == test_service_name][0]
cuenta_test.restore(session, "NewPassw0rd", justification)
time.sleep(3)
cuentas = owner.get_accounts(session)
cuenta_test = [c for c in cuentas
if c.service_name == test_service_name][0]
assert cuenta_test.eraccountstatus == "0"
# eliminar
try:
r = cuenta_test.delete(session, "ok")
time.sleep(3)
cuentas = owner.get_accounts(session)
cuenta_test = [
c for c in cuentas if c.service_name == test_service_name
]
assert len(cuenta_test) < 1
except Exception as e:
assert ("CTGIMI019E" in e.message
) # CTGIMI019E = can't delete because policy (but tried)
def test_search_people(session):
r = search.people(session,
by="employeenumber",
search_filter="1015463230",
limit=1)
assert len(r) > 0
def test_crear_modificar_suspender_restaurar_eliminar_persona(session):
# required attributes on the Person form (more can be included)
info_persona = {
"givenname": "test",
"sn": f"n{random.randint(0,10000)}",
"cn": "test",
"initials": "CC",
"employeenumber": random.randint(1, 99999999),
"departmentnumber": test_dep,
"manager": test_manager,
"title": test_title,
"description": test_description,
"businesscategory": "test",
"mobile": "*****@*****.**",
}
persona = Person(session, person_attrs=info_persona)
# crear y validar
parent = search.organizational_container(session, "organizations",
test_org)[0]
persona.add(session, parent, "ok")
time.sleep(5)
persona_creada = search.people(
session,
by="employeenumber",
search_filter=info_persona["employeenumber"],
attributes="*",
limit=1,
)[0]
assert persona_creada.employeenumber == str(info_persona["employeenumber"])
# modificar
persona_creada.title = "este no va" # se sobreescribe con changes
persona_creada.mobile = "*****@*****.**"
nuevo_cargo_real = "nuevo cargo si va"
changes = {"title": nuevo_cargo_real, "mail": "*****@*****.**"}
persona_creada.modify(session, "ok", changes)
time.sleep(3)
persona_mod = search.people(
session,
by="employeenumber",
search_filter=info_persona["employeenumber"],
attributes="*",
limit=1,
)[0]
assert persona_mod.title == nuevo_cargo_real
# suspender
persona_mod.suspend(session, "ok")
time.sleep(3)
persona_sus = search.people(
session,
by="employeenumber",
search_filter=info_persona["employeenumber"],
attributes="*",
limit=1,
)[0]
assert persona_sus.erpersonstatus == "INACTIVE"
# restaurar
persona_sus.restore(session, "ok")
time.sleep(3)
persona_res = search.people(
session,
by="employeenumber",
search_filter=info_persona["employeenumber"],
attributes="*",
limit=1,
)[0]
assert persona_res.erpersonstatus == "ACTIVE"
# eliminar
persona_res.delete(session, "ok")
time.sleep(5)
persona_elim = search.people(
session,
by="employeenumber",
search_filter=info_persona["employeenumber"],
limit=1,
)
assert len(persona_elim) == 0
