def test_permission_edit(appliance, request, product_features, action): """ Ensures that changes in permissions are enforced on next login """ product_features = version.pick(product_features) request.addfinalizer(appliance.server.login_admin()) role_name = fauxfactory.gen_alphanumeric() role = Role( name=role_name, vm_restriction=None, product_features=[(['Everything'], False)] + # role_features [(k, True) for k in product_features]) role.create() group = new_group(role=role.name) group.create() user = new_user(group=group) user.create() with user: try: action() except Exception: pytest.fail('Incorrect permissions set') appliance.server.login_admin() role.update({ 'product_features': [(['Everything'], True)] + [(k, False) for k in product_features] }) with user: try: with error.expected(Exception): action() except error.UnexpectedSuccessException: pytest.Fails('Permissions have not been updated')
def test_permission_edit(request, product_features, action): """ Ensures that changes in permissions are enforced on next login """ product_features = version.pick(product_features) request.addfinalizer(login.login_admin) role_name = fauxfactory.gen_alphanumeric() role = Role(name=role_name, vm_restriction=None, product_features=[(['Everything'], False)] + # role_features [(k, True) for k in product_features]) role.create() group = new_group(role=role.name) group.create() user = new_user(group=group) user.create() with user: try: action() except Exception: pytest.fail('Incorrect permissions set') login.login_admin() role.update({'product_features': [(['Everything'], True)] + [(k, False) for k in product_features] }) with user: try: with error.expected(Exception): action() except error.UnexpectedSuccessException: pytest.Fails('Permissions have not been updated')
def test_edit_default_roles(): """Test that CFME prevents a user from editing a default role when selecting it from the Access Control EVM Role checklist Steps: * Login as Administrator user * Navigate to Configuration -> Role * Try editing the group EvmRole-auditor """ role = Role(name='EvmRole-auditor') newrole_name = "{}-{}".format(role.name, fauxfactory.gen_alphanumeric()) role_updates = {'name': newrole_name} with pytest.raises(RBACOperationBlocked): role.update(role_updates)
def test_permission_edit(appliance, request, product_features, action): """ Ensures that changes in permissions are enforced on next login Args: appliance: cfme appliance fixture request: pytest request fixture product_features: product features to set for test role action: reference to a function to execute under the test user context """ product_features = version.pick(product_features) request.addfinalizer(appliance.server.login_admin) role_name = fauxfactory.gen_alphanumeric() role = Role( name=role_name, vm_restriction=None, product_features=[(['Everything'], False)] + # role_features [(k, True) for k in product_features]) role.create() group_description = 'grp{}'.format(fauxfactory.gen_alphanumeric()) group = group_collection(appliance).create(description=group_description, role=role.name) user = new_user(group=group) user.create() with user: try: action() except Exception: pytest.fail('Incorrect permissions set') appliance.server.login_admin() role.update({ 'product_features': [(['Everything'], True)] + [(k, False) for k in product_features] }) with user: try: with error.expected(Exception): action() except error.UnexpectedSuccessException: pytest.Fails('Permissions have not been updated')
def test_permission_edit(appliance, request, product_features, action): """ Ensures that changes in permissions are enforced on next login Args: appliance: cfme appliance fixture request: pytest request fixture product_features: product features to set for test role action: reference to a function to execute under the test user context """ product_features = version.pick(product_features) request.addfinalizer(appliance.server.login_admin) role_name = fauxfactory.gen_alphanumeric() role = Role(name=role_name, vm_restriction=None, product_features=[(['Everything'], False)] + # role_features [(k, True) for k in product_features]) role.create() group_description = 'grp{}'.format(fauxfactory.gen_alphanumeric()) group = group_collection(appliance).create(description=group_description, role=role.name) user = new_user(group=group) user.create() with user: try: action() except Exception: pytest.fail('Incorrect permissions set') appliance.server.login_admin() role.update({'product_features': [(['Everything'], True)] + [(k, False) for k in product_features] }) with user: try: with error.expected(Exception): action() except error.UnexpectedSuccessException: pytest.Fails('Permissions have not been updated')