def test_positive_automate_bz1426957(ldap_auth_source, function_user_group):
"""Verify role is properly reflected on AD user.
:id: 1c1209a6-5bb8-489c-a151-bb2fce4dbbfc
:expectedresults: Roles from usergroup is applied on AD user successfully.
:CaseLevel: Integration
:BZ: 1426957, 1667704
"""
ext_user_group = make_usergroup_external({
'auth-source-id':
ldap_auth_source['id'],
'user-group-id':
function_user_group['id'],
'name':
'foobargroup',
})
assert ext_user_group['auth-source'] == ldap_auth_source['ldap_hostname']
role = make_role()
UserGroup.add_role({
'id': function_user_group['id'],
'role-id': role['id']
})
Task.with_user(username=ldap_auth_source['user_name'],
password=ldap_auth_source['user_password']).list()
UserGroupExternal.refresh({
'user-group-id': function_user_group['id'],
'name': 'foobargroup'
})
assert role['name'] in User.info({'login': ldap_auth_source['user_name']
})['user-groups']
User.delete({'login': ldap_auth_source['user_name']})
def test_negative_synchronize_auth_yum_repo(self):
"""Check if secured repo fails to synchronize with invalid credentials
@id: 809905ae-fb76-465d-9468-1f99c4274aeb
@Assert: Repository is created but synchronization fails
@CaseLevel: Integration
"""
url = FAKE_5_YUM_REPO
for creds in [cred for cred in valid_http_credentials(url_encoded=True)
if not cred['http_valid']]:
url_encoded = url.format(
creds['login'], creds['pass']
)
with self.subTest(url):
new_repo = self._make_repository({
u'content-type': u'yum',
u'url': url_encoded,
})
# Try to synchronize it
repo_sync = Repository.synchronize(
{'id': new_repo['id'], u'async': True}
)
Task.progress({u'id': repo_sync[0]['id']})
self.assertEqual(
Task.progress({u'id': repo_sync[0]['id']})[0],
u'Yum Metadata: Unauthorized'
)
def test_rhsso_timeout_using_hammer(
self,
enable_external_auth_rhsso,
rhsso_setting_setup_with_timeout,
rh_sso_hammer_auth_setup,
):
"""verify the hammer auth timeout using RHSSO auth source
:id: d014cc98-d198-11ea-b526-d46d6dd3b5b2
:expectedresults: hammer auth login timeout should be suceessful for a rhsso user
:CaseImportance: Medium
"""
result = AuthLogin.oauth({
'oidc-token-endpoint':
get_oidc_token_endpoint(),
'oidc-client-id':
get_oidc_client_id(),
'username':
settings.rhsso.rhsso_user,
'password':
settings.rhsso.password,
})
assert f"Successfully logged in as '{settings.rhsso.rhsso_user}'." == result[
0]['message']
sleep(70)
with pytest.raises(CLIReturnCodeError) as error:
Task.with_user(username=settings.rhsso.rhsso_user,
password=settings.rhsso.password).list()
assert 'Unable to authenticate user sat_admin' in error.value.message
def test_positive_automate_bz1426957(self):
"""Verify role is properly reflected on AD user.
:id: 1c1209a6-5bb8-489c-a151-bb2fce4dbbfc
:expectedresults: Roles from usergroup is applied on AD user successfully.
:CaseLevel: Integration
:BZ: 1426957, 1667704
"""
ext_user_group = make_usergroup_external(
{
'auth-source-id': self.auth['server']['id'],
'user-group-id': self.user_group['id'],
'name': 'foobargroup',
}
)
self.assertEqual(ext_user_group['auth-source'], self.auth['server']['name'])
role = make_role()
UserGroup.add_role({'id': self.user_group['id'], 'role-id': role['id']})
with self.assertNotRaises(CLIReturnCodeError):
Task.with_user(username=self.ldap_user_name, password=self.ldap_user_passwd).list()
UserGroupExternal.refresh(
{'user-group-id': self.user_group['id'], 'name': 'foobargroup'}
)
self.assertEqual(User.info({'login': self.ldap_user_name})['user-groups'][1], role['name'])
User.delete({'login': self.ldap_user_name})
def test_negative_synchronize_auth_yum_repo(self):
"""Check if secured repo fails to synchronize with invalid credentials
@id: 809905ae-fb76-465d-9468-1f99c4274aeb
@Assert: Repository is created but synchronization fails
@CaseLevel: Integration
"""
url = FAKE_5_YUM_REPO
for creds in [
cred for cred in valid_http_credentials(url_encoded=True)
if not cred['http_valid']
]:
url_encoded = url.format(creds['login'], creds['pass'])
with self.subTest(url):
new_repo = self._make_repository({
u'content-type': u'yum',
u'url': url_encoded,
})
# Try to synchronize it
repo_sync = Repository.synchronize({
'id': new_repo['id'],
u'async': True
})
Task.progress({u'id': repo_sync[0]['id']})
self.assertEqual(
Task.progress({u'id': repo_sync[0]['id']})[0],
u'Yum Metadata: Unauthorized')
def test_positive_automate_bz1426957(self):
"""Verify role is properly reflected on AD user.
:id: 1c1209a6-5bb8-489c-a151-bb2fce4dbbfc
:expectedresults: Roles from usergroup is applied on AD user successfully.
:CaseLevel: Integration
:BZ: 1426957
"""
ext_user_group = make_usergroup_external({
'auth-source-id': self.auth['server']['id'],
'user-group-id': self.user_group['id'],
'name': 'foobargroup'
})
self.assertEqual(
ext_user_group['auth-source'], self.auth['server']['name']
)
role = make_role()
UserGroup.add_role({'id': self.user_group['id'], 'role-id': role['id']})
with self.assertNotRaises(CLIReturnCodeError):
Task.with_user(username=self.ldap_user_name, password=self.ldap_user_passwd).list()
UserGroupExternal.refresh({
'user-group-id': self.user_group['id'],
'name': 'foobargroup'
})
self.assertEqual(User.info({'login': self.ldap_user_name})['user-groups'][1],
role['name'])
User.delete({'login': self.ldap_user_name})
def test_positive_use_alternate_directory(self, fixture_vmsetup,
module_org, default_sat):
"""Use alternate working directory on client to execute rex jobs
:id: a0181f18-d3dc-4bd9-a2a6-430c2a49809e
:expectedresults: Verify the job was successfully ran against the host
:customerscenario: true
:parametrized: yes
"""
client = fixture_vmsetup
testdir = gen_string('alpha')
result = client.run(f'mkdir /{testdir}')
assert result.status == 0
result = client.run(f'chcon --reference=/var /{testdir}')
assert result.status == 0
result = default_sat.execute(
f"sed -i r's/^:remote_working_dir:.*/:remote_working_dir: \\/{testdir}/' \
/etc/foreman-proxy/settings.d/remote_execution_ssh.yml", )
assert result.status == 0
result = default_sat.execute('systemctl restart foreman-proxy')
assert result.status == 0
command = f'echo {gen_string("alpha")}'
invocation_command = make_job_invocation({
'job-template':
'Run Command - SSH Default',
'inputs':
f'command={command}',
'search-query':
f"name ~ {client.hostname}",
})
result = JobInvocation.info({'id': invocation_command['id']})
try:
assert result['success'] == '1'
except AssertionError:
output = ' '.join(
JobInvocation.get_output({
'id': invocation_command['id'],
'host': client.hostname
}))
result = f'host output: {output}'
raise AssertionError(result)
task = Task.list_tasks({"search": command})[0]
search = Task.list_tasks({"search": f'id={task["id"]}'})
assert search[0]["action"] == task["action"]
def test_rhsso_login_using_hammer(self, enable_external_auth_rhsso,
rhsso_setting_setup,
rh_sso_hammer_auth_setup):
"""verify the hammer auth login using RHSSO auth source
:id: 56c09a1a-d0e5-11ea-9024-d46d6dd3b5b2
:expectedresults: hammer auth login should be suceessful for a rhsso user
:CaseImportance: High
"""
result = AuthLogin.oauth({
'oidc-token-endpoint':
get_oidc_token_endpoint(),
'oidc-client-id':
get_oidc_client_id(),
'username':
settings.rhsso.rhsso_user,
'password':
settings.rhsso.password,
})
assert f"Successfully logged in as '{settings.rhsso.rhsso_user}'." == result[
0]['message']
result = Auth.with_user(username=settings.rhsso.rhsso_user,
password=settings.rhsso.password).status()
assert (
f"Session exists, currently logged in as '{settings.rhsso.rhsso_user}'."
== result[0]['message'])
task_list = Task.with_user(username=settings.rhsso.rhsso_user,
password=settings.rhsso.password).list()
assert len(task_list) >= 0
with pytest.raises(CLIReturnCodeError) as error:
Role.with_user(username=settings.rhsso.rhsso_user,
password=settings.rhsso.password).list()
assert 'Missing one of the required permissions' in error.value.message
def test_positive_run_default_job_template_by_ip(self, fixture_vmsetup, fixture_org):
"""Run default template on host connected by ip and list task
:id: 811c7747-bec6-4a2d-8e5c-b5045d3fbc0d
:expectedresults: Verify the job was successfully ran against the host
and task can be listed by name and ID
:BZ: 1647582
:parametrized: yes
"""
self.org = fixture_org
self.client = fixture_vmsetup
# set connecting to host via ip
Host.set_parameter(
{
'host': self.client.hostname,
'name': 'remote_execution_connect_by_ip',
'value': 'True',
}
)
command = "echo {}".format(gen_string('alpha'))
invocation_command = make_job_invocation(
{
'job-template': 'Run Command - SSH Default',
'inputs': f'command={command}',
'search-query': f"name ~ {self.client.hostname}",
}
)
try:
assert invocation_command['success'] == '1'
except AssertionError:
result = 'host output: {}'.format(
' '.join(
JobInvocation.get_output(
{'id': invocation_command['id'], 'host': self.client.hostname}
)
)
)
raise AssertionError(result)
task = Task.list_tasks({"search": command})[0]
search = Task.list_tasks({"search": 'id={}'.format(task["id"])})
assert search[0]["action"] == task["action"]
def test_negative_synchronize_auth_yum_repo(self):
"""Check if secured repo fails to synchronize with invalid credentials
@id: 809905ae-fb76-465d-9468-1f99c4274aeb
@Assert: Repository is created but synchronization fails
@CaseLevel: Integration
"""
url = FAKE_5_YUM_REPO
for creds in [cred for cred in valid_http_credentials(url_encoded=True) if not cred["http_valid"]]:
url_encoded = url.format(creds["login"], creds["pass"])
with self.subTest(url):
new_repo = self._make_repository({u"content-type": u"yum", u"url": url_encoded})
# Try to synchronize it
repo_sync = Repository.synchronize({"id": new_repo["id"], u"async": True})
Task.progress({u"id": repo_sync[0]["id"]})
self.assertEqual(Task.progress({u"id": repo_sync[0]["id"]})[0], u"Yum Metadata: Unauthorized")
def test_install_errata_to_one_host(module_org, errata_hosts, host_collection):
"""Install an erratum to one of the hosts in a host collection.
:id: bfcee2de-3448-497e-a696-fcd30cea9d33
:expectedresults: Errata was successfully installed in only one of the hosts in
the host collection
:Setup: Errata synced on satellite server, custom package installed on errata hosts.
:Steps:
1. Remove packages from one host.
2. host-collection erratum install --errata <errata> --id <id>
--organization <org_name>
3. Assert first host does not have the package.
4. Assert second host does have the new package.
:expectedresults: Erratum is only installed on one host.
:BZ: 1810774
"""
errata = REPO_WITH_ERRATA['errata'][0]
# Remove the package on first host to remove need for errata.
result = errata_hosts[0].execute(f'yum erase -y {errata["package_name"]}')
assert result.status == 0, f'Failed to erase the rpm: {result.stdout}'
# Apply errata to the host collection.
install_task = HostCollection.erratum_install({
'id': host_collection['id'],
'organization': module_org.name,
'errata': [errata['id']],
})
Task.progress({'id': install_task[0]['id']})
assert not is_rpm_installed(
errata_hosts[0],
rpm=errata['package_name']), 'Package should not be installed on host.'
assert is_rpm_installed(
errata_hosts[1],
rpm=errata['new_package']), 'Package should be installed on host.'
def test_positive_install_by_host_collection_and_org(module_org,
host_collection,
errata_hosts,
filter_by_hc,
filter_by_org):
"""Use host collection id or name and org id, name, or label to install an update on the host
collection.
:id: 1b063f76-c85f-42fb-a919-5de319b09b99
:parametrized: yes
:Setup: Errata synced on satellite server.
:Steps: host-collection erratum install --errata <errata>
(--id <hc_id>|--name <hc_name>)
(--organization-id <org_id>|--organization <org_name>|--organization-label <org_label>)
:expectedresults: Erratum is installed.
:CaseLevel: System
:BZ: 1457977
"""
param = {'errata': [REPO_WITH_ERRATA['errata'][0]['id']]}
if filter_by_hc == 'id':
param['id'] = host_collection['id']
elif filter_by_hc == 'name':
param['name'] = host_collection['name']
if filter_by_org == 'id':
param['organization-id'] = module_org.id
elif filter_by_org == 'name':
param['organization'] = module_org.name
elif filter_by_org == 'label':
param['organization-label'] = module_org.label
install_task = HostCollection.erratum_install(param)
Task.progress({'id': install_task[0]['id']})
for host in errata_hosts:
assert is_rpm_installed(host)
def test_positive_run_default_job_template_by_ip(self, rex_contenthost):
"""Run default template on host connected by ip and list task
:id: 811c7747-bec6-4a2d-8e5c-b5045d3fbc0d
:expectedresults: Verify the job was successfully ran against the host
and task can be listed by name and ID
:BZ: 1647582
:customerscenario: true
:parametrized: yes
"""
client = rex_contenthost
command = f'echo {gen_string("alpha")}'
invocation_command = make_job_invocation({
'job-template':
'Run Command - SSH Default',
'inputs':
f'command={command}',
'search-query':
f"name ~ {client.hostname}",
})
result = JobInvocation.info({'id': invocation_command['id']})
try:
assert result['success'] == '1'
except AssertionError:
result = 'host output: {}'.format(' '.join(
JobInvocation.get_output({
'id': invocation_command['id'],
'host': client.hostname
})))
raise AssertionError(result)
task = Task.list_tasks({'search': command})[0]
search = Task.list_tasks({'search': f'id={task["id"]}'})
assert search[0]['action'] == task['action']
