def remove_added_data(self):
"""
removes added data specific to these tests
:param self: MainController class object
"""
self.log('2.1.9-del Removing data')
# Logout, login. no need for logout functionality testing at this point so we can logout from url
self.driver.get(self.url + 'login/logout')
self.login()
# Open clients
clients_table_vm.open_acl_subjects_popup(self)
self.wait_jquery()
clients_with_services_table = self.wait_until_visible(type=By.ID,
element=popups.CLIENT_DETAILS_POPUP_ACL_SUBJECTS_TABLE_ID)
self.log('Selecting previously added client')
# Select previously added client
select_subjects_from_table(self, subjects_table=clients_with_services_table, subjects=self.selected_id)
self.log('Opening access rights of the selected client')
# Open client access rights
self.by_id(popups.CLIENT_DETAILS_POPUP_ACL_SUBJECTS_OPEN_CLIENTS_SERVICES_ID).click()
# wait for services table to be visible possible ajax call
self.wait_jquery()
# remove all added services data
self.by_id(popups.ACL_SUBJECT_OPEN_SERVICES_ADD_POPUP_REMOVE_ALL_SERVICES_BTN_ID).click()
popups.confirm_dialog_click(self)
self.driver.get(self.url + 'login/logout')
def user_3_actions(self, user, client):
'''
Executes actions with user3.
:param self: MainController object
:param user: dict - user data
:param client: dict - client data
:return: None
'''
# TEST PLAN 2.10.1-7 log out, log in with user3
self.log('2.10.1-7 log out, then log in with user3')
if self.driver is None:
return
self.logout()
self.login(username=user[USERNAME], password=user[PASSWORD])
# TEST PLAN 2.10.1-8 delete client
self.log('2.10.1-8 delete client')
client_row = added_client_row(self=self, client=client)
self.log('Opening client details')
client_row.find_element_by_css_selector(
clients_table_vm.DETAILS_TAB_CSS).click()
self.wait_jquery()
self.log('Deleting client')
self.wait_until_visible(
type=By.ID,
element=popups.CLIENT_DETAILS_POPUP_DELETE_BUTTON_ID).click()
popups.confirm_dialog_click(self)
self.log('CLIENT DELETED')
def remove_subjects_from_acl(self, service_subjects, select_duplicate=False):
'''
Removes subjects from ACL.
:param self: MainController class object
:param service_subjects: List of strings - X-Road IDs
:param select_duplicate: Boolean to allow selecting duplicate rows from the table (if there are duplicate IDs)
:return: None
'''
# Wait until first ACL row is visible (this means that the data has been parsed and loaded into a table)
self.log('Waiting until visible: {0}'.format(
popups.CLIENT_DETAILS_POPUP_EXISTING_ACL_SUBJECTS_FIRST_SUBJECT_ROW_CSS
))
self.wait_until_visible(
popups.
CLIENT_DETAILS_POPUP_EXISTING_ACL_SUBJECTS_FIRST_SUBJECT_ROW_CSS,
type=By.CSS_SELECTOR)
self.log('Removing subjects: {0}'.format(', '.join(service_subjects)))
if service_subjects:
# If subject list is not empty, select the subjects in it (click on them)
select_existing_acl_subjects(self,
service_subjects,
select_duplicate=select_duplicate)
# Find the "Remove selected" button and click it.
remove_selected_button = self.by_id(
popups.CLIENT_DETAILS_POPUP_ACL_SUBJECTS_REMOVE_SELECTED_BTN_ID)
remove_selected_button.click()
# A confirmation dialog should open, confirm what you're asked.
popups.confirm_dialog_click(self)
else:
# Subject list empty, do not remove anything.
self.log('Nothing to be removed')
def remove_group(self, group):
'''
Removes a global group from the system.
:param self: MainController object
:param group: str - group name
:return: None
'''
# Open global groups
self.log('Open Global Groups tab')
self.wait_until_visible(type=By.CSS_SELECTOR,
element=sidebar.GLOBAL_GROUPS_CSS).click()
self.wait_jquery()
# Find and select the group
self.log('Select added group')
table = self.wait_until_visible(type=By.ID,
element=groups_table.GROUP_TABLE_ID)
rows = table.find_elements_by_tag_name('tr')
for row in rows:
if row.text != '':
if row.find_element_by_tag_name('td').text == group:
row.click()
self.wait_jquery()
# Open group details and delete the group
self.log('Open group details')
self.wait_until_visible(type=By.ID,
element=groups_table.GROUP_DETAILS_BTN_ID).click()
self.wait_jquery()
self.log('Click on "DELETE GROUP" button')
self.wait_until_visible(type=By.XPATH,
element=groups_table.DELETE_GROUP_BTN_ID).click()
self.wait_jquery()
self.log('Confirm deletion')
popups.confirm_dialog_click(self)
def add_all_subjects_to_acl(self, return_list=True):
'''
Adds all subjects in the list to the ACL.
:param self: MainController class object
:param return_list: Boolean - do we need to return a list of subjects that should have been added.
:return: List of subjects or if return_list is False, an empty list.
'''
added_subjects = []
# We return the actual list only if we are instructed to (by default actually but can still be disabled).
# This is because, with long lists, it is quite slow to loop over every element and check its ID.
if return_list:
# Find all selectable elements that have class xroad-id
selectable_xroad_elements = self.by_css(
popups.XROAD_ID_SELECTABLE_ROW_CSS, multiple=True)
# Loop over the found elements and save their IDs for returning.
self.log(
'Looping over results list and collecting ids. May be slow, elements: {0}'
.format(len(selectable_xroad_elements)))
for element in selectable_xroad_elements:
added_subjects.append(element.text)
self.log('Loop finished')
# Find the "Add all to ACL" button and click it
add_all_to_acl_button = self.by_id(
popups.ACL_SUBJECTS_SEARCH_POPUP_ADD_ALL_TO_ACL_BUTTON_ID)
add_all_to_acl_button.click()
# A dialog box should open. Wait until the button "Confirm" is visible, then click it.
popups.confirm_dialog_click(self)
# Return the list of added subjects or an empty list
return added_subjects
def user_3_actions(self, client):
'''
Executes actions with user3.
:param self: MainController object
:param client: dict - member data
:return: None
'''
# TEST PLAN 2.9.1-7 log in with user3
self.log('2.9.1-7 log in with user3')
self.logout()
self.login(username=self.users['user3'][USERNAME], password=self.users['user3'][PASSWORD])
# TEST PLAN 2.9.1-8 delete member
self.log('2.9.1-8 delete member')
member_row = added_member_row(self, client)
if member_row:
member_row.click()
else:
self.log('Could not find row')
pass
self.log('Opening client details')
self.wait_until_visible(type=By.ID, element=members_table.MEMBERS_DETATILS_BTN_ID).click()
self.log('Deleting client')
self.wait_until_visible(type=By.XPATH, element=members_table.MEMBER_EDIT_DELETE_BTN_XPATH).click()
popups.confirm_dialog_click(self)
self.log('2.9.1-8 member deleted')
self.gui_data_deleted = True
def delete_client(self, ssh_client, user, member):
'''
Deletes a member from the system. Checks if the action was logged.
:param self: MainController object
:param ssh_client: SSHClient object
:param user: dict - user data
:param member: dict - member data
:return: None
'''
self.driver.get(self.url)
self.wait_jquery()
# Open member details
open_member_details(self, member=member)
# Delete the member
self.wait_until_visible(
type=By.XPATH,
element=members_table.MEMBER_EDIT_DELETE_BTN_XPATH).click()
self.wait_jquery()
# Confirm deletion
popups.confirm_dialog_click(self)
time.sleep(10)
# TEST PLAN 2.11.1-13/2.11.1-14 check if deleting the member was logged
bool_value, data, date_time = check_logs_for(ssh_client, DELETE_MEMBER,
user[USERNAME])
self.is_true(
bool_value, test_name,
'2.11.1-13/2.11.1-14 log check for deleting the member - check failed',
'2.11.1-13/2.11.1-14 log check for deleting the member')
def delete_service():
"""
:param self: MainController class object
:return: None
''"""
self.log('2.2.8 delete_service')
# Delete WSDL that we added to restore original state.
# Open client popup using shortcut button to open it directly at Services tab.
clients_table_vm.open_client_popup_services(self,
client_name=client_name,
client_id=client_id)
# Find the table that lists all WSDL files and services
services_table = self.by_id(
popups.CLIENT_DETAILS_POPUP_SERVICES_TABLE_ID)
# Wait until that table is visible (opened in a popup)
self.wait_until_visible(services_table)
self.wait_jquery()
time.sleep(3)
# Find the service under the specified WSDL in service list (and expand the WSDL services list if not open yet)
wsdl_element = clients_table_vm.client_services_popup_select_wsdl(
self, wsdl_index=wsdl_index, wsdl_url=wsdl_url)
# Get the WSDL URL from wsdl_element text
if wsdl_url is None:
wsdl_text = wsdl_element.find_elements_by_tag_name('td')[1].text
# print wsdl_text
matches = re.search(popups.CLIENT_DETAILS_POPUP_WSDL_URL_REGEX,
wsdl_text)
wsdl_found_url = matches.group(2)
# print wsdl_found_url
self.log('Found WSDL URL: {0}'.format(wsdl_found_url))
else:
wsdl_found_url = wsdl_url
# Find and click the "Delete" button to enable the WSDL.
self.by_id(popups.CLIENT_DETAILS_POPUP_DELETE_WSDL_BTN_ID).click()
# A confirmation dialog should open. Confirm the deletion.
popups.confirm_dialog_click(self)
# Wait until ajax query finishes
self.wait_jquery()
# Now check if we can find the same wsdl or not
wsdl_found_index = clients_table_vm.find_wsdl_by_name(
self, wsdl_found_url)
self.is_none(wsdl_found_index,
msg='WSDL {0} was not deleted.'.format(wsdl_found_url))
def delete_central_service():
self.log('2.2.8-del remove central service')
# Find "Central Services" menu item, click on it.
central_services_menu = self.by_css(sidebar.CENTRAL_SERVICES_CSS)
central_services_menu.click()
# Wait until central services table appears (page has been loaded and table initialized)
self.wait_until_visible(central_services.SERVICES_TABLE_ID, type=By.ID)
# Wait until jquery has finished loading the list
self.wait_jquery()
# Find the service we're looking for. If nothing is found, cancel everything with assertion - no need to waste time.
service_row = get_central_service_row(self, central_service_name)
self.is_not_none(service_row,
msg='2.2.8-del Central service not found: {0}'.format(
central_service_name))
# Click the row to select it
service_row.click()
# Find and click the "Delete" button to delete the service
delete_button = self.by_id(central_services.SERVICE_DELETE_BUTTON_ID)
delete_button.click()
# A confirmation dialog should open. Confirm the deletion.
popups.confirm_dialog_click(self)
# Wait until ajax query finishes.
self.wait_jquery()
# Test if the service was deleted.
service_row = get_central_service_row(self, central_service_name)
self.is_none(service_row,
msg='2.2.8-del Central service not deleted: {0}'.format(
central_service_name))
# TEST PLAN 2.2.8-remove test query from TS1 client CLIENT1:sub to CENTRAL service. Query should succeed.
self.log(
'2.2.8-del test query {0} to central service {1}. Query should fail.'
.format(query_filename, central_service_name))
self.is_equal(testclient_central.check_fail(),
True,
msg='2.2.8-del Test query to central service succeeded')
def remove_certificate(self, client):
'''
Remove certificate from server.
:param self: MainController object
:param client: client data
:return: None
'''
self.log('REMOVE CERTIFICATE')
# Click on generated key row
self.log('Click on generated key row')
self.wait_until_visible(type=By.XPATH,
element=keyscertificates_constants.get_generated_key_row_xpath(client['code'],
client[
'class'])).click()
# Click on Delete button and confirm deletion.
self.wait_until_visible(type=By.ID, element=keyscertificates_constants.DELETE_BTN_ID).click()
popups.confirm_dialog_click(self)
def remove_client(self, client):
'''
Removes client from the system.
:param self: MainController object
:param client: dict - client data
:return: None
'''
self.wait_jquery()
# Open client details and unregister client
self.log('Opening client details')
added_client_row(self, client).find_element_by_css_selector(
clients_table.DETAILS_TAB_CSS).click()
self.wait_jquery()
time.sleep(1)
self.log('Unregister Client')
is_delete_needed = False
try:
# Try to unregister
self.wait_until_visible(
type=By.ID,
element=popups.CLIENT_DETAILS_POPUP_UNREGISTER_BUTTON_ID).click()
popups.confirm_dialog_click(self)
except:
# Unregister failed
is_delete_needed = True
self.log('Not unregistering')
self.wait_jquery()
try:
# Try to delete
self.log('Deleting client')
if is_delete_needed:
self.wait_until_visible(
type=By.ID,
element=popups.CLIENT_DETAILS_POPUP_DELETE_BUTTON_ID).click()
self.wait_jquery()
popups.confirm_dialog_click(self)
except:
# Delete failed
traceback.print_exc()
self.log('CLIENT DELETED')
def add_client(self, client):
'''
Add a temporary client for testing.
:param self: MainController object
:param client: client information
:return: None
'''
# Start adding client
self.driver.get(self.url)
self.wait_until_visible(type=By.ID, element=clients_table_vm.ADD_CLIENT_BTN_ID).click()
# Set client class, code, subsystem information
self.log('Select {0} from "CLIENT CLASS" dropdown'.format(client['class']))
member_class = Select(
self.wait_until_visible(type=By.ID, element=popups.ADD_CLIENT_POPUP_MEMBER_CLASS_DROPDOWN_ID))
member_class.select_by_visible_text(client['class'])
self.log('Insert {0} into "CLIENT CODE" area'.format(client['code']))
member_code = self.wait_until_visible(type=By.ID, element=popups.ADD_CLIENT_POPUP_MEMBER_CODE_AREA_ID)
self.input(member_code, client['code'])
self.log('Insert {0} into "SUBSYSTEM CODE" area'.format(client['subsystem_code']))
member_sub_code = self.wait_until_visible(type=By.ID, element=popups.ADD_CLIENT_POPUP_SUBSYSTEM_CODE_AREA_ID)
self.input(member_sub_code, client['subsystem_code'])
# Save client data
self.log('Click "OK" to add client')
self.wait_until_visible(type=By.XPATH, element=popups.ADD_CLIENT_POPUP_OK_BTN_XPATH).click()
self.wait_jquery()
try:
# If we get a warning, click "Continue"
self.log('Confirming warning')
if self.wait_until_visible(type=By.XPATH, element=popups.WARNING_POPUP):
self.wait_until_visible(type=By.XPATH, element=popups.WARNING_POPUP_CONTINUE_XPATH).click()
except:
# If no warning, there is still no problem.
self.log('No warning')
self.wait_jquery()
time.sleep(2)
# Confirm adding the client
popups.confirm_dialog_click(self)
def remove_certificate(self, client):
'''
Removes certificate from client.
:param self: MainController object
:param client: dict - client data
:return: None
'''
self.log('Open "Keys and Certificates tab"')
self.wait_until_visible(
type=By.CSS_SELECTOR,
element=sidebar.KEYSANDCERTIFICATES_BTN_CSS).click()
self.log('Click on generated key row')
self.wait_until_visible(
type=By.XPATH,
element=keys_and_certificates_table.get_generated_key_row_xpath(
client['code'], client['class'])).click()
self.wait_until_visible(
type=By.ID, element=keys_and_certificates_table.DELETE_BTN_ID).click()
popups.confirm_dialog_click(self)
self.wait_jquery()
def remove_all_subjects_from_acl(self):
'''
Removes ALL subjects from ACL by clicking the "Remove all" button.
:param self: MainController class object
:return: None
'''
# Wait until first ACL row is visible (this means that the data has been parsed and loaded into a table)
self.wait_until_visible(
popups.
CLIENT_DETAILS_POPUP_EXISTING_ACL_SUBJECTS_FIRST_SUBJECT_ROW_CSS,
type=By.CSS_SELECTOR)
# Find the "Remove all" button and click it
remove_all_button = self.by_id(
popups.CLIENT_DETAILS_POPUP_ACL_SUBJECTS_REMOVE_ALL_BTN_ID)
remove_all_button.click()
# A confirmation dialog should open, confirm what you're asked.
popups.confirm_dialog_click(self)
def remove_member(self, cent_host, cent_username, cent_password, member):
'''
Removes member from the system.
:param self: MainController object
:param cent_host: str - central server hostname
:param cent_username: str - central server UI username
:param cent_password: str - central server UI password
:param member: dict - member data
:return: None
'''
self.reset_webdriver(cent_host, cent_username, cent_password)
# Find members table
self.log('Wait for members table')
self.wait_jquery()
table = self.wait_until_visible(type=By.ID,
element=members_table.MEMBERS_TABLE_ID)
# Get member row
self.log('Get row by row values')
row = members_table.get_row_by_columns(
table, [member['name'], member['class'], member['code']])
if row is None:
self.log('Did not find member row')
raise
# Click on the row, open details and delete member
row.click()
self.log('Click on "DETAILS" button')
self.wait_until_visible(
type=By.ID, element=members_table.MEMBERS_DETATILS_BTN_ID).click()
self.log('Click on "DELETE" button')
self.wait_until_visible(
type=By.XPATH,
element=members_table.MEMBER_EDIT_DELETE_BTN_XPATH).click()
self.log('Confirm deleting member')
popups.confirm_dialog_click(self)
def remove_client(self, client):
'''
Remove the temporary client.
:param self: MainController object
:param client: client data
:return:
'''
self.log('Removing client from server')
self.driver.get(self.url)
self.wait_jquery()
# Find client and click on the table row
client_row = added_client_row(self, client)
client_row.find_element_by_css_selector(clients_table_vm.DETAILS_TAB_CSS).click()
try:
# Click the "Unregister" button
self.log('Finding and clicking unregister button')
self.wait_until_visible(type=By.ID, element=popups.CLIENT_DETAILS_POPUP_UNREGISTER_BUTTON_ID).click()
self.wait_jquery()
# Confirm unregistering
self.log('Confirm unregistering')
popups.confirm_dialog_click(self)
self.wait_jquery()
time.sleep(3)
# Confirm deletion
self.log('Confirm deleting')
popups.confirm_dialog_click(self)
except:
# Exception may occur if the client has not been fully registered. As we still need to remove
# temporary data, delete the client anyway.
self.wait_until_visible(type=By.ID, element=popups.CLIENT_DETAILS_POPUP_DELETE_BUTTON_ID).click()
self.wait_jquery()
# Confirm deletion
popups.confirm_dialog_click(self)
def add_client_to_ss(self, sec_host, sec_username, sec_password, ssh_host,
ssh_username, ssh_password, client):
'''
Logs in to security server as user, adds a new subsystem as a client. Checks if the actions were logged.
:param self: MainController object
:param sec_host: str - security server hostname
:param sec_username: str - security server UI username
:param sec_password: str - security server UI password
:param ssh_host: str - SSH server hostname
:param ssh_username: str - SSH server username
:param ssh_password: str - SSH server password
:param client: dict - client data
:return: None
'''
# TEST PLAN 2.11.2-3 log in to security server
self.log('2.11.2-3 log in to security server')
self.driver.get(sec_host)
self.login(username=sec_username, password=sec_password)
# TEST PLAN 2.11.2-3/2.11.2-14 check logs for login
bool_value, log_data, date_time = check_logs_for(self, ssh_host,
ssh_username,
ssh_password, LOGIN,
sec_username)
self.is_true(bool_value)
# Add client
self.log('Click on "ADD CLIENT" button')
self.wait_until_visible(type=By.ID,
element=clients_table.ADD_CLIENT_BTN_ID).click()
self.log('Wait until ADD CLIENT dialog is open')
self.wait_until_visible(type=By.XPATH,
element=popups.ADD_CLIENT_POPUP_XPATH)
# Set data
self.log('Select {0} from "CLIENT CLASS" dropdown'.format(client['class']))
member_class = Select(
self.wait_until_visible(
type=By.ID,
element=popups.ADD_CLIENT_POPUP_MEMBER_CLASS_DROPDOWN_ID))
member_class.select_by_visible_text(client['class'])
self.log('Insert {0} to "MEMBER CODE" area'.format(client['code']))
member_code = self.wait_until_visible(
type=By.ID, element=popups.ADD_CLIENT_POPUP_MEMBER_CODE_AREA_ID)
self.input(member_code, client['code'])
self.log('Insert {0} into "SUBSYSTEM CODE" area'.format(
client['subsystem']))
member_sub_code = self.wait_until_visible(
type=By.ID, element=popups.ADD_CLIENT_POPUP_SUBSYSTEM_CODE_AREA_ID)
self.input(member_sub_code, client['subsystem'])
# Save data
self.log('Click "OK" to add client')
self.wait_until_visible(
type=By.XPATH, element=popups.ADD_CLIENT_POPUP_OK_BTN_XPATH).click()
self.wait_jquery()
# TEST PLAN 2.11.2-4/2.11.2-14 check logs for adding client
bool_value, log_data, date_time = check_logs_for(self, ssh_host,
ssh_username,
ssh_password, ADD_CLIENT,
sec_username)
self.is_true(
bool_value, test_name,
'2.11.2-4/2.11.2-14 log check for adding client - check failed',
'2.11.2-4/2.11.2-14 log check for adding client')
time.sleep(5)
self.log('Confirm registration')
popups.confirm_dialog_click(self)
def remove_subsystem_registration_request(self, ssh_client, user, server_id):
'''
Revokes a registration request for a client and checks if it was logged.
:param self: MainController object
:param ssh_client: SSHClient object
:param user: dict - user data
:param server_id: str - server identifier
:return:
'''
# Go to UI main page
self.driver.get(self.url)
self.wait_jquery()
# Open security server details popup
self.log('Open Security server details popup')
self.wait_until_visible(type=By.CSS_SELECTOR,
element=sidebar.SECURITY_SERVERS_CSS).click()
self.wait_jquery()
self.wait_until_visible(
type=By.XPATH,
element=members_table.get_row_by_td_text(server_id)).click()
self.wait_jquery()
self.wait_until_visible(type=By.ID,
element=cs_security_servers.
SECURITY_SERVER_CLIENT_DETAILS_BTN_ID).click()
self.wait_jquery()
self.wait_until_visible(
type=By.XPATH,
element=cs_security_servers.SERVER_MANAGEMENT_REQUESTS_TAB).click()
self.wait_jquery()
# Open management requests
self.log('Open management requests tab')
table = self.wait_until_visible(
type=By.ID,
element=cs_security_servers.SECURITYSERVER_MANAGEMENT_REQUESTS_TABLE_ID
)
self.wait_jquery()
# Get the latest requests
tr = table.find_elements_by_tag_name('tr')[1]
self.log('Clicking request index')
tr.find_element_by_tag_name('a').click()
# Revoke the request
self.log('Revoke request by clicking "REVOKE" button')
self.wait_jquery()
self.wait_until_visible(type=By.XPATH,
element=cs_security_servers.
REVOKE_MANAGEMENT_REQUEST_BTN_XPATH).click()
# Confirm
self.log('Confirm revoking request')
popups.confirm_dialog_click(self)
# TEST PLAN 2.11.1-14 check if revoking the request was logged
bool_value, data, date_time = check_logs_for(
ssh_client, REVOKE_CLIENT_REGISTRATION_REQUEST, user[USERNAME])
self.is_true(
bool_value,
test_name,
'2.11.1-12/2.11.1-14 log check for revoking request - check failed',
'2.11.1-12/2.11.1-14 log check for revoking request',
)
def test_case(self):
# TEST PLAN 2.11.1 logging maintenance actions in central server
self.log('*** 2.11.1 / XT-518')
# Save users to MainController
self.users = users
# Get the first user
user = users['user1']
# Extract client parameters from ID, save names
client = xroad.split_xroad_subsystem(client_id)
client['name'] = client_name
client['name2'] = client_name2
# Create SSH session
ssh_client = ssh_server_actions.get_client(ssh_host, ssh_username,
ssh_password)
self.log('Adding users to system')
# Add test users to the system so the test can be run separately from others
add_users_to_system(self, ssh_client)
# By default, there is no error.
error = False
try:
# TEST PLAN 2.11.1-1 log in to central server UI as user1
self.log('2.11.1-1 logging in to central server as user1')
check_login(self, ssh_client, None, users['user1'])
# TEST PLAN 2.11.1-2 adding new member to central server
self.log('2.11.1-2 adding new member to central server')
add_member_to_cs(self, ssh_client, user, member=client)
# TEST PLAN 2.11.1-3 adding new subsystem to the member
self.log('2.11.1-3 adding new subsystem to the member')
add_subsystem_to_member(self, ssh_client, user, member=client)
# TEST PLAN 2.11.1-4, 2.11.1-5 change member name (empty and non-empty)
self.log(
'2.11.1-4, 2.11.1-5 change member name (empty and non-empty)')
change_member_name(self, ssh_client, user, member=client)
# TEST PLAN 2.11.1-6 log out and then log in to central server UI as user2
self.log('2.11.1-6 logging out, then logging in as user2')
user = users['user2']
check_login(self,
ssh_client,
logout_user=users['user1'],
login_user=user)
# TEST PLAN 2.11.1-7, 2.11.1-8 add new group (failure and success test)
self.log(
'2.11.1-7, 2.11.1-8 add new group (failure and success test)')
add_group(self, ssh_client, user, group)
# TEST PLAN 2.11.1-9 add the new subsystem to the new group
self.log('2.11.1-9 add the subsystem to the new group')
add_client_to_group(self,
ssh_client,
user,
member=client,
group=group)
# TEST PLAN 2.11.1-10 add new registration request for the new subsystem
self.log(
'2.11.1-10 add new registration request for the new subsystem')
self.driver.get(self.url)
register_subsystem_to_security_server(self,
ssh_client,
user,
member=client,
server_id=server_id)
# TEST PLAN 2.11.1-11 log out, then log in to central server as user3
self.log(
'2.11.1-11 log out, then log in to central server as user3')
user = users['user3']
check_login(self,
ssh_client,
logout_user=users['user2'],
login_user=user)
# TEST PLAN 2.11.1-12 remove the registration request for the new subsystem
self.log(
'2.11.1-12 remove the registration request for the new subsystem'
)
remove_subsystem_registration_request(self, ssh_client, user,
server_id)
# TEST PLAN 2.11.1-13 delete the member from central server
self.log('2.11.1-13 delete the member from central server')
delete_client(self, ssh_client, user, member=client)
# TEST PLAN 2.11.1-14 checks are done in the corresponding functions.
except:
# Had an error, set error to be True and print traceback.
traceback.print_exc()
error = True
finally:
# Always remove data
try:
# Remove test data that may have been partially created on error
if error:
# Remove member
try:
self.log('2.11.1-del remove member')
delete_client(self, ssh_client, user, member=client)
except:
self.log('2.11.1-del removing member failed')
# Revoke all requests (loop until done)
try:
self.log('2.11.1-del revoking requests')
self.reset_webdriver(self.config.get('cs.host'),
self.config.get('cs.user'),
self.config.get('cs.pass'))
self.wait_jquery()
self.wait_until_visible(
type=By.CSS_SELECTOR,
element=sidebar.MANAGEMENT_REQUESTS_CSS).click()
self.wait_jquery()
time.sleep(5)
try:
td = self.by_xpath(
members_table.get_requests_row_by_td_text(
'SUBMITTED FOR APPROVAL'))
except:
td = None
try:
while td is not None:
td.click()
self.wait_until_visible(
type=By.ID,
element=members_table.
MANAGEMENT_REQUEST_DETAILS_BTN_ID).click()
self.wait_jquery()
time.sleep(1)
self.log('2.11.1-del revoking request')
self.wait_until_visible(
type=By.XPATH,
element=members_table.
DECLINE_REQUEST_BTN_XPATH).click()
self.wait_jquery()
popups.confirm_dialog_click(self)
time.sleep(5)
try:
td = self.by_xpath(
members_table.
get_requests_row_by_td_text(
'SUBMITTED FOR APPROVAL'))
except:
td = None
except:
traceback.print_exc()
except:
self.log('2.11.1-del Deleting client failed')
except:
self.log('2.11.1-del Deleting client failed')
try:
self.log('2.11.1-del Deleting group')
remove_group(self, group)
except:
self.log('2.11.1-del Deleting group failed')
self.log('2.11.1-del closing SSH connection')
ssh_client.close()
if error:
# Got an error before, fail the test
assert False, '2.11.1 failed'
def local_tls():
"""
:param self: MainController class object
:return: None
''"""
# TEST PLAN 2.2.7 test local TLS
self.log('*** 2.2.7 / XT-471')
self.reload_webdriver(url=ss1_host,
username=ss1_user,
password=ss1_pass)
certs_filename = self.get_download_path(certs_download_filename)
ss1_filename = self.get_download_path(certs_ss1_filename)
ss2_filename = self.get_download_path(certs_ss2_filename)
ss2_certs_directory_abs = self.get_download_path(ss2_certs_directory)
# Create directory if not exists
if not os.path.isdir(ss2_certs_directory_abs):
os.mkdir(ss2_certs_directory_abs)
self.remove_files([
certs_filename, ss1_filename, ss2_filename, ss2_certs_directory_abs
])
created_files = [certs_filename]
self.start_mock_service()
# TEST PLAN 2.2.7-1 generate new internal TLS key.
self.log('2.2.7-1 generate new internal TLS key.')
# Click "System Parameters" in sidebar
self.by_css(sidebar.SYSTEM_PARAMETERS_BTN_CSS).click()
# Click "Generate New TLS Key" button
self.wait_until_visible(
ss_system_parameters.GENERATE_INTERNAL_TLS_KEY_BUTTON_ID,
type=By.ID).click()
# A confirmation dialog should open. Confirm the question.
popups.confirm_dialog_click(self)
# Wait until the TLS certificate has been generated.
self.wait_jquery()
self.log('2.2.7-1 new key has been generated, downloading certificate')
# If file already exists, delete it first
if os.path.isfile(certs_filename):
os.remove(certs_filename)
# Find and click the "Export" button. Download should start automatically.
self.by_id(
ss_system_parameters.EXPORT_INTERNAL_TLS_CERT_BUTTON_ID).click()
# Check if file exists every 0.5 seconds or until limit has passed.
start_time = time.time()
while True:
if os.path.isfile(certs_filename):
break
if time.time() - start_time > download_time_limit:
# Raise AssertionError
raise AssertionError(
'Download time limit of {0} seconds passed for file {1}'.
format(download_time_limit, certs_download_filename))
time.sleep(download_check_interval)
os.rename(certs_filename, ss1_filename)
created_files.append(ss1_filename)
self.log('2.2.7-1 certificate archive has been downloaded, extracting')
# We're here, so download succeeded.
# Extract the archive (tgz format) to downloads directory.
with tarfile.open(ss1_filename, 'r:gz') as tar:
# tarfile.extractall does not overwrite files so we need to extract them one by one.
for fileobj in tar:
filename = os.path.join(os.path.dirname(fileobj.name),
os.path.basename(fileobj.name))
file_target = self.get_download_path(filename)
if os.path.isfile(file_target):
os.remove(file_target)
created_files.append(file_target)
tar.extract(fileobj, self.get_download_path())
self.log('2.2.7-1 certificate archive has been extracted')
# TEST PLAN 2.2.7-2 setting connection type to HTTPS_NO_AUTH
self.log('2.2.7-2 setting {0} connection type to HTTPS_NO_AUTH'.format(
client_id))
# Open "Security Server Clients" page
self.by_css(sidebar.CLIENTS_BTN_CSS).click()
# Wait until list is loaded
self.wait_jquery()
# Open client popup using shortcut button to open it directly at Services tab.
clients_table_vm.open_client_popup_internal_servers(
self, client_id=client_id)
# Set connection type to HTTPS_NO_AUTH (SSLNOAUTH)
case.is_true(clients_table_vm.client_servers_popup_set_connection(
self, 'SSLNOAUTH'),
msg='2.2.7-2 Failed to set connection type')
# TEST PLAN 2.2.7-3 test query from TS1:CLIENT1:sub to test service. Query should fail.
self.log('2.2.7-3 test query {0} to test service. Query should fail.'.
format(query_filename))
case.is_true(testclient_http.check_fail(),
msg='2.2.7-3 test query succeeded')
# TEST PLAN 2.2.7-4/5 test query to test service using SSL and client certificate. Query should succeed.
self.log(
'2.2.7-4/5 test query to test service using SSL and client certificate. Query should succeed.'
)
case.is_true(testclient_https.check_success(),
msg='2.2.7-5 test query failed')
# TEST PLAN 2.2.7-6 setting connection type to HTTPS
self.log(
'2.2.7-6 setting {0} connection type to HTTPS'.format(client_id))
# Set connection type to HTTPS (SSLAUTH)
case.is_true(clients_table_vm.client_servers_popup_set_connection(
self, 'SSLAUTH'),
msg='2.2.7-6 Failed to set connection type')
# TEST PLAN 2.2.7-7 test query to test service using SSL and client certificate. Query should fail.
self.log(
'2.2.7-7 test query to test service using SSL and client certificate. Query should fail.'
)
case.is_true(testclient_https.check_fail(),
msg='2.2.7-7 test query succeeded')
# TEST PLAN 2.2.7-8 upload certificate to TS1 client CLIENT1:sub
self.log(
'2.2.7-8 upload certificate to TS1 client {0}'.format(client_id))
# Find the "Add" button and click it.
self.by_id(
popups.CLIENT_DETAILS_POPUP_INTERNAL_SERVERS_ADD_CERTIFICATE_BTN_ID
).click()
# Get the upload button
upload_button = self.by_id(popups.FILE_UPLOAD_BROWSE_BUTTON_ID)
xroad.fill_upload_input(self, upload_button, client_cert_path)
submit_button = self.by_id(popups.FILE_UPLOAD_SUBMIT_BUTTON_ID)
submit_button.click()
# TEST PLAN 2.2.7-9 test query to test service using SSL and client certificate. Query should succeed.
self.log(
'2.2.7-9 test query to test service using SSL and client certificate. Query should succeed.'
)
# Set client certificate and key
testclient_https.client_certificate = (client_cert_path,
client_key_path)
case.is_true(testclient_https.check_success(),
msg='2.2.7-9 test query failed')
# TEST PLAN 2.2.7-10 set test client to use TS2 TLS certificate
self.log('2.2.7-10 set test client to use TS2 TLS certificate')
# First, get the certificate. For this, we need to get webdriver to go to TS2
self.reload_webdriver(url=ss2_host,
username=ss2_user,
password=ss2_pass)
# Click "System Parameters" in sidebar
self.by_css(sidebar.SYSTEM_PARAMETERS_BTN_CSS).click()
self.wait_jquery()
self.log('2.2.7-10 downloading TS2 certificate')
if os.path.isfile(certs_filename):
os.remove(certs_filename)
# Find and click the "Export" button. Download should start automatically.
self.by_id(
ss_system_parameters.EXPORT_INTERNAL_TLS_CERT_BUTTON_ID).click()
# Check if file exists every 0.5 seconds or until limit has passed.
start_time = time.time()
while True:
if os.path.isfile(certs_filename):
break
if time.time() - start_time > download_time_limit:
# Raise AssertionError
raise AssertionError(
'Download time limit of {0} seconds passed for file {1}'.
format(download_time_limit, certs_download_filename))
time.sleep(download_check_interval)
os.rename(certs_filename, ss2_filename)
created_files.append(ss2_filename)
self.log(
'2.2.7-10 certificate archive has been downloaded, extracting')
# We're here, so download succeeded.
# Extract the archive (tgz format) to downloads directory.
with tarfile.open(ss2_filename, 'r:gz') as tar:
# tarfile.extractall does not overwrite files so we need to extract them one by one.
for fileobj in tar:
filename = self.get_download_path(
os.path.join(ss2_certs_directory,
os.path.dirname(fileobj.name),
os.path.basename(fileobj.name)))
file_target = self.get_download_path(filename)
if os.path.isfile(file_target):
os.remove(file_target)
created_files.append(file_target)
tar.extract(fileobj,
self.get_download_path(ss2_certs_directory))
self.log('2.2.7-10 certificate archive has been extracted')
# TEST PLAN 2.2.7-11 test query to test service using SSL and TS2 certificate. Query should fail.
self.log(
'2.2.7-11 test query to test service using SSL and client certificate, verify TS2. Query should fail.'
)
try:
testclient_https_ss2.check_fail()
case.is_true(
False,
msg='2.2.7-11 test query failed but not with an SSLError.')
except SSLError:
# We're actually hoping to get an SSLError so we're good.
pass
# TEST PLAN 2.2.7-12/13 test query to test service using SSL and TS1 certificate. Query should succeed.
self.log(
'2.2.7-12/13 test query to test service using SSL and client certificate, verify TS1. Query should succeed.'
)
case.is_true(testclient_https.check_success(),
msg='2.2.7-13 test query failed')
# TEST PLAN 2.2.7-14 TS2 test service is configured from http to https. TLS check disabled.
self.log(
'2.2.7-14 TS2 test service is configured from http to https. TLS check disabled.'
.format(new_service_url))
# Open "Security Server Clients" page
self.by_css(sidebar.CLIENTS_BTN_CSS).click()
# Wait until list is loaded
self.wait_jquery()
# Open client popup using shortcut button to open it directly at Services tab.
clients_table_vm.open_client_popup_services(self,
client_id=provider_id)
# Find the service under the specified WSDL in service list (and expand the WSDL services list if not open yet)
service_row = clients_table_vm.client_services_popup_find_service(
self, wsdl_url=wsdl_url, service_name=testservice_name)
# Click on the service row to select it
service_row.click()
# Open service parameters by finding the "Edit" button and clicking it.
edit_service_button = self.by_id(
popups.CLIENT_DETAILS_POPUP_EDIT_WSDL_BTN_ID)
# Click the "Edit" button to open "Edit Service Parameters" popup
edit_service_button.click()
warning, error = configure_service_2_2_2.edit_service(
self, service_url=new_service_url, verify_tls=False)
case.is_none(
error, msg='2.2.7-14 Got error when trying to update service URL')
# TEST PLAN 2.2.7-15 test query to test service using SSL and TS1 certificate. Query should succeed.
self.log(
'2.2.7-15 test query to test service using SSL and client certificate. Query should succeed.'
)
case.is_true(testclient_https.check_success(),
msg='2.2.7-15 test query failed')
# TEST PLAN 2.2.7-16 TS2 test service is as https with TLS certificate check enabled.
# Click the "Edit" button to open "Edit Service Parameters" popup
edit_service_button.click()
configure_service_2_2_2.edit_service(self,
service_url=new_service_url,
verify_tls=True)
# TEST PLAN 2.2.7-17 test query to test service using SSL and TS1 certificate. Query should succeed.
self.log(
'2.2.7-17 test query to test service using SSL and client certificate. Query should fail.'
)
case.is_true(testclient_https.check_fail(faults=[
'Server.ServerProxy.ServiceFailed.SslAuthenticationFailed'
]),
msg='2.2.7-17 test query succeeded')
# TEST PLAN 2.2.7-18 import test service TLS certificate to security server TS2
self.log(
'2.2.7-18 import test service TLS certificate to security server TS2'
)
# Click tab "Internal Servers"
self.by_css(clients_table_vm.INTERNAL_CERTS_TAB_TITLE_CSS).click()
# Wait until everything is loaded.
self.wait_jquery()
# Find the "Add" button and click it.
self.by_id(
popups.CLIENT_DETAILS_POPUP_INTERNAL_SERVERS_ADD_CERTIFICATE_BTN_ID
).click()
# Get the upload button
upload_button = self.by_id(popups.FILE_UPLOAD_BROWSE_BUTTON_ID)
xroad.fill_upload_input(self, upload_button, mock_cert_path)
submit_button = self.by_id(popups.FILE_UPLOAD_SUBMIT_BUTTON_ID)
submit_button.click()
# TEST PLAN 2.2.7-19 test query to test service using SSL and client certificate. Should succeed.
self.log(
'2.2.7-19 test query to test service using SSL and client certificate. Query should succeed.'
)
case.is_true(testclient_https.check_success(),
msg='2.2.7-19 test query failed')
# Remove all created files
if delete_created_files:
self.log('2.2.7 removing downloaded files')
self.remove_files(created_files)
def not_valid_ca_error(self, client):
'''
Test for trying to add a certificate that was not issued by a valid certification authority (2.1.3.1-1)
Expectation: certificate not added.
:param self: MainController object
:param client: client data
:return: None
'''
# TEST PLAN 2.1.3.1-1 certificate is issued by a certification authority that is not in the allow list
self.log('2.1.3.1-1 certificate is issued by a certification authority that is not in the allow list')
error = False
try:
remote_csr_path = 'temp.der'
cert_path = 'temp.pem'
# Get local certificate path
local_cert_path = self.get_download_path(cert_path)
server_name = ssh_server_actions.get_server_name(self)
# Remove temporary files
for fpath in glob.glob(self.get_download_path('*')):
os.remove(fpath)
# Generate CSR for the client
self.log('2.1.3.1-1 Generate CSR for the client')
generate_csr(self, client['code'], client['class'], ssh_server_actions.get_server_name(self))
file_path = \
glob.glob(
self.get_download_path('_'.join(['*', server_name, client['class'], client['code']]) + '.der'))[0]
# Create a new SSH connection to CA
sshclient = ssh_client.SSHClient(self.config.get('ca.ssh_host'), self.config.get('ca.ssh_user'),
self.config.get('ca.ssh_pass'))
# Get the signing certificate from our CSR
self.log('2.1.3.1-1 Get the signing certificate from the certificate request')
get_cert(sshclient, 'sign-sign', file_path, local_cert_path, cert_path, remote_csr_path)
time.sleep(6)
file_cert_path = glob.glob(local_cert_path)[0]
# Remove CA from central server
self.log('2.1.3.1-1 Removing ca from central server')
# Relogin
self.logout(self.config.get('cs.host'))
self.login(self.config.get('cs.user'), self.config.get('cs.pass'))
# Go to certification services in the UI
self.wait_until_visible(type=By.CSS_SELECTOR, element=sidebar_constants.CERTIFICATION_SERVICES_CSS).click()
table = self.wait_until_visible(type=By.ID, element=certification_services.CERTIFICATION_SERVICES_TABLE_ID)
rows = table.find_element_by_tag_name('tbody').find_elements_by_tag_name('tr')
# Find our CA and remove it
for row in rows:
if self.config.get('ca.ssh_host') in row.text:
row.click()
self.wait_until_visible(type=By.ID, element=certification_services.DELETE_BTN_ID).click()
popups.confirm_dialog_click(self)
self.log('Wait 240 seconds for changes')
time.sleep(240)
self.log('Reloading page after changes')
# Reload page and wait until additional data is loaded using jQuery
self.driver.refresh()
self.wait_jquery()
# Try to import the certificate
self.log('2.1.3.1-1 Trying to import certificate')
import_cert(self, file_cert_path)
self.wait_jquery()
time.sleep(2)
# Check if we got an error message
assert messages.get_error_message(self) == messages.CA_NOT_VALID_AS_SERVICE
self.log('2.1.3.1-1 got correct error message')
except:
# Test failed
self.log('2.1.3.1-1 failed')
# Print traceback
traceback.print_exc()
error = True
finally:
# After testing, re-add the CA and restore the state the server was in
self.log('2.1.3.1-1-del restoring previous state')
# Login to Central Server
self.driver.get(self.config.get('cs.host'))
if not login.check_login(self, self.config.get('cs.user')):
self.login(self.config.get('cs.user'), self.config.get('cs.pass'))
# Create SSH connection to CA
sshclient = ssh_client.SSHClient(self.config.get('ca.ssh_host'),
self.config.get('ca.ssh_user'),
self.config.get('ca.ssh_pass'))
target_ca_cert_path = self.get_download_path("ca.pem")
target_ocsp_cert_path = self.get_download_path("ocsp.pem")
# Get CA certificates using SSH
self.log('2.1.3.1-1-del Getting CA certificates')
get_ca_certificate(sshclient, 'ca.cert.pem', target_ca_cert_path)
get_ca_certificate(sshclient, 'ocsp.cert.pem', target_ocsp_cert_path)
sshclient.close()
# Go to Central Server UI main page
self.driver.get(self.config.get('cs.host'))
self.wait_until_visible(type=By.CSS_SELECTOR, element=sidebar_constants.CERTIFICATION_SERVICES_CSS).click()
self.wait_jquery()
time.sleep(3)
table = self.wait_until_visible(type=By.ID, element=certification_services.CERTIFICATION_SERVICES_TABLE_ID)
rows = table.find_element_by_tag_name('tbody').find_elements_by_tag_name('tr')
# If CA server is not listed, re-add it
if self.config.get('ca.ssh_host') not in map(lambda x: x.text, rows):
self.log('2.1.3.1-1-del CA not found, re-adding')
self.wait_until_visible(type=By.ID, element=certification_services.ADD_BTN_ID).click()
import_cert_btn = self.wait_until_visible(type=By.ID,
element=certification_services.IMPORT_CA_CERT_BTN_ID)
# Upload CA certificate and submit the form
xroad.fill_upload_input(self, import_cert_btn, target_ca_cert_path)
self.wait_until_visible(type=By.ID, element=certification_services.SUBMIT_CA_CERT_BTN_ID).click()
# Set CA additional information
profile_info_area = self.wait_until_visible(type=By.CSS_SELECTOR,
element=certification_services.CETIFICATE_PROFILE_INFO_AREA_CSS)
self.input(profile_info_area,
'ee.ria.xroad.common.certificateprofile.impl.EjbcaCertificateProfileInfoProvider')
# Save the settings
self.wait_until_visible(type=By.ID, element=certification_services.SUBMIT_CA_SETTINGS_BTN_ID).click()
self.wait_jquery()
# Open OCSP tab
self.wait_until_visible(type=By.XPATH, element=certification_services.OCSP_RESPONSE_TAB).click()
self.log('2.1.3.1-1-del Add OCSP responder')
self.wait_until_visible(type=By.ID, element=certification_services.OCSP_RESONDER_ADD_BTN_ID).click()
# Import OCSP certificate
import_cert_btn = self.wait_until_visible(type=By.ID,
element=certification_services.IMPORT_OCSP_CERT_BTN_ID)
xroad.fill_upload_input(self, import_cert_btn, target_ocsp_cert_path)
url_area = self.wait_until_visible(type=By.ID, element=certification_services.OCS_RESPONSE_URL_AREA_ID)
self.input(url_area, self.config.get('ca.ocs_host'))
# Save OCSP information
self.wait_until_visible(type=By.ID,
element=certification_services.SUBMIT_OCSP_CERT_AND_URL_BTN_ID).click()
# Reload CS main page
self.driver.get(self.url)
# Open keys and certificates
self.wait_until_visible(type=By.CSS_SELECTOR, element=sidebar_constants.KEYSANDCERTIFICATES_BTN_CSS).click()
# Remove the testing certificate
remove_certificate(self, client)
self.log('Wait 120 seconds for changes')
time.sleep(120)
if error:
# If, at some point, we got an error, fail the test now
assert False, '2.1.3.1-1 test failed'
