def new_user(group=usergrp):
return User(name='user' + fauxfactory.gen_alphanumeric(),
credential=new_credential(),
email='*****@*****.**',
group=group,
cost_center='Workload',
value_assign='Database')
def test_current_user_login_delete(request):
"""Test for deleting current user login.
Steps:
* Login as Admin user
* Create a new user
* Login with the new user
* Try deleting the user
"""
group_user = Group("EvmGroup-super_administrator")
user = User(name='user' + fauxfactory.gen_alphanumeric(),
credential=new_credential(),
email='*****@*****.**',
group=group_user)
user.create()
request.addfinalizer(user.delete)
request.addfinalizer(user.appliance.server.login_admin())
with user:
if version.current_version() >= '5.7':
navigate_to(user, 'Details')
menu_item = ('Configuration', 'Delete this User')
assert tb.exists(*menu_item) and tb.is_greyed(
*menu_item), "Delete User is not dimmed"
else:
with error.expected(
"Current EVM User \"{}\" cannot be deleted".format(
user.name)):
user.delete()
def login(self, user=None, **kwargs):
if not user:
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
user = User(credential=cred)
logged_in_view = self.appliance.ssui.create_view(SSUIBaseLoggedInPage)
if logged_in_view.logged_in_as_user(user):
return
if logged_in_view.logged_in:
logged_in_view.logout()
login_view = navigate_to(self.appliance.server, 'LoginScreen')
login_view.fill({
'username': user.credential.principal,
'password': user.credential.secret,
})
login_view.login.click()
# Without this the login screen just exits after logging in
time.sleep(3)
login_view.flash.assert_no_error()
self.browser.plugin.ensure_page_safe()
def test_user_group_error_validation():
user = User(name='user' + fauxfactory.gen_alphanumeric(),
credential=new_credential(),
email='*****@*****.**',
group='')
with error.expected("A User must be assigned to a Group"):
user.create()
def test_user_email_error_validation():
user = User(name='user' + fauxfactory.gen_alphanumeric(),
credential=new_credential(),
email='xyzdhat.com',
group=group_user)
with error.expected("Email must be a valid email address"):
user.create()
def test_username_required_error_validation():
user = User(name="",
credential=new_credential(),
email='*****@*****.**',
group=group_user)
with error.expected("Name can't be blank"):
user.create()
def test_userid_required_error_validation():
user = User(name='user' + fauxfactory.gen_alphanumeric(),
credential=Credential(principal='', secret='redhat'),
email='*****@*****.**',
group=group_user)
with error.expected("Userid can't be blank"):
user.create()
def user():
user = User(credential=Credential(principal=fauxfactory.gen_alphanumeric(),
secret=fauxfactory.gen_alphanumeric()),
name=fauxfactory.gen_alphanumeric(),
group=Group(description='EvmGroup-super_administrator'))
user.create()
return user
def login_admin(self, **kwargs):
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
from cfme.configure.access_control import User
user = User(credential=cred, name='Administrator')
return self.log_in(user, **kwargs)
def test_user_change_password(appliance, request):
user = User(
name="user {}".format(fauxfactory.gen_alphanumeric()),
credential=Credential(principal="user_principal_{}".format(
fauxfactory.gen_alphanumeric()),
secret="very_secret",
verify_secret="very_secret"),
email="*****@*****.**",
group=usergrp,
)
user.create()
request.addfinalizer(user.delete)
request.addfinalizer(appliance.server.login_admin())
with user:
appliance.server.logout()
appliance.server.login(user)
assert appliance.server.current_full_name() == user.name
appliance.server.login_admin()
with update(user):
user.credential = Credential(
principal=user.credential.principal,
secret="another_very_secret",
verify_secret="another_very_secret",
)
with user:
appliance.server.logout()
appliance.server.login(user)
assert appliance.server.current_full_name() == user.name
def test_delete_default_user():
"""Test for deleting default user Administrator.
Steps:
* Login as Administrator user
* Try deleting the user
"""
user = User(name='Administrator')
with pytest.raises(RBACOperationBlocked):
user.delete()
def test_edit_user_password(self, rest_api, users):
if "edit" not in rest_api.collections.users.action.all:
pytest.skip(
"Edit action for users is not implemented in this version")
user = users[0]
new_password = fauxfactory.gen_alphanumeric()
user.action.edit(password=new_password)
cred = Credential(principal=user.userid, secret=new_password)
new_user = User(credential=cred)
login(new_user)
def test_user_email_error_validation(group_collection):
group_name = 'EvmGroup-user'
group = group_collection.instantiate(description=group_name)
user = User(name='user{}'.format(fauxfactory.gen_alphanumeric()),
credential=new_credential(),
email='xyzdhat.com',
group=group)
with error.expected("Email must be a valid email address"):
user.create()
def test_username_required_error_validation(group_collection):
group_name = 'EvmGroup-user'
group = group_collection.instantiate(description=group_name)
user = User(name="",
credential=new_credential(),
email='*****@*****.**',
group=group)
with error.expected("Name can't be blank"):
user.create()
def test_userid_required_error_validation():
user = User(name='user' + fauxfactory.gen_alphanumeric(),
credential=Credential(principal='', secret='redhat'),
email='*****@*****.**',
group=group_user)
with error.expected("Userid can't be blank"):
user.create()
# Navigating away from this page will create an "Abandon Changes" alert
# Since group creation failed we need to reset the state of the page
navigate_to(user.appliance.server, 'Dashboard')
def test_bad_password():
""" Tests logging in with a bad password. """
pytest.sel.get(pytest.sel.base_url())
creds = Credential(principal=conf.credentials['default']['username'],
secret="badpassword@#$")
user = User(credential=creds)
with error.expected(
'Sorry, the username or password you entered is incorrect.'):
login.login(user)
assert login.page.is_displayed()
def test_user_password_required_error_validation():
user = User(
name='user' + fauxfactory.gen_alphanumeric(),
credential=Credential(principal='uid' + fauxfactory.gen_alphanumeric(), secret=None),
email='*****@*****.**',
group=group_user)
if version.current_version() < "5.5":
check = "Password_digest can't be blank"
else:
check = "Password can't be blank"
with error.expected(check):
user.create()
def login(user, submit_method=_js_auth_fn):
"""
Login to CFME with the given username and password.
Optionally, submit_method can be press_enter_after_password
to use the enter key to login, rather than clicking the button.
Args:
user: The username to fill in the username field.
password: The password to fill in the password field.
submit_method: A function to call after the username and password have been input.
Raises:
RuntimeError: If the login fails, ie. if a flash message appears
"""
if not user:
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
user = User(credential=cred)
if not logged_in() or user.credential.principal is not current_username():
if logged_in():
logout()
# workaround for strange bug where we are logged out
# as soon as we click something on the dashboard
sel.sleep(1.0)
logger.debug('Logging in as user %s' % user.credential.principal)
try:
fill(form, {'username': user.credential.principal, 'password': user.credential.secret})
except sel.InvalidElementStateException as e:
logger.warning("Got an error. Details follow.")
msg = str(e).lower()
if "element is read-only" in msg:
logger.warning("Got a read-only login form, will reload the browser.")
# Reload browser
quit()
ensure_browser_open()
sel.sleep(1.0)
sel.wait_for_ajax()
# And try filling the form again
fill(form, {'username': user.credential.principal,
'password': user.credential.secret})
else:
logger.warning("Unknown error, reraising.")
logger.exception(e)
raise
with sel.ajax_timeout(90):
submit_method()
flash.assert_no_errors()
user.full_name = _full_name()
store.user = user
def test_external_auth_ipa(request, setup_first_provider, configure_external_auth_ipa_module):
try:
data = cfme_data.get("ipa_test", {})
except KeyError:
pytest.skip("No ipa_test section in yaml")
group = Group(description='cfme', role="EvmRole-user")
request.addfinalizer(group.delete)
group.create()
user = User(name=data["fullname"])
request.addfinalizer(user.delete)
request.addfinalizer(login.login_admin)
login.login(data["username"], data["password"])
assert login.current_full_name() == data["fullname"]
def login_admin(self, **kwargs):
"""
Convenience function to log into CFME using the admin credentials from the yamls.
Args:
kwargs: A dict of keyword arguments to supply to the :py:meth:`login` method.
"""
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
from cfme.configure.access_control import User
user = User(credential=cred)
user.name = 'Administrator'
self.login(user, **kwargs)
def login(self, user=None, **kwargs):
if not user:
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
user = User(credential=cred)
login_view = navigate_to(self.appliance.server, 'LoginScreen')
login_view.fill({
'username': user.credential.principal,
'password': user.credential.secret,
})
login_view.login.click()
login_view.flash.assert_no_error()
def test_edit_user_password(self, request, appliance, users):
"""Tests editing user password.
Metadata:
test_flag: rest
"""
request.addfinalizer(appliance.server.login_admin)
user = users[0]
new_password = fauxfactory.gen_alphanumeric()
user.action.edit(password=new_password)
assert appliance.rest_api.response.status_code == 200
cred = Credential(principal=user.userid, secret=new_password)
new_user = User(credential=cred)
appliance.server.login(new_user)
def user_restricted(group_with_tag, new_credential):
"""
Returns restricted user object assigned
to group with tag filter used in test module
"""
user = User(name='user{}'.format(fauxfactory.gen_alphanumeric()),
credential=new_credential,
email='*****@*****.**',
group=group_with_tag,
cost_center='Workload',
value_assign='Database')
user.create()
yield user
user.delete()
def test_delete_default_user():
"""Test for deleting default user Administrator.
Steps:
* Login as Administrator user
* Try deleting the user
"""
user = User(name='Administrator')
navigate_to(User, 'All')
row = records_table.find_row_by_cells({'Full Name': user.name})
sel.check(sel.element(".//input[@type='checkbox']", root=row[0]))
tb.select('Configuration', 'Delete selected Users', invokes_alert=True)
sel.handle_alert()
flash.assert_message_match('Default EVM User "{}" cannot be deleted' .format(user.name))
def login_admin(**kwargs):
"""
Convenience function to log into CFME using the admin credentials from the yamls.
Args:
kwargs: A dict of keyword arguments to supply to the :py:meth:`login` method.
"""
if current_full_name() != 'Administrator':
logout()
username = conf.credentials['default']['username']
password = conf.credentials['default']['password']
cred = Credential(principal=username, secret=password)
user = User(credential=cred)
login(user, **kwargs)
def user(request, data, add_group):
if not data:
pytest.skip("No data specified for user")
username, password = data["username"], data["password"]
if 'evm_default_group' in add_group:
username, password = data['default_username'], data['default_password']
data['fullname'] = data['default_userfullname']
credentials = Credential(
principal=username,
secret=password,
verify_secret=password,
)
user_obj = User(name=data['fullname'], credential=credentials)
request.addfinalizer(user_obj.delete)
return user_obj
def test_edit_user_password(rest_api, user):
if "edit" not in rest_api.collections.users.action.all:
pytest.skip("Edit action for users is not implemented in this version")
try:
for cur_user in rest_api.collections.users:
if cur_user.userid != conf.credentials['default']['username']:
rest_user = cur_user
break
except:
pytest.skip("There is no user to change password")
new_password = fauxfactory.gen_alphanumeric()
rest_user.action.edit(password=new_password)
cred = Credential(principal=rest_user.userid, secret=new_password)
new_user = User(credential=cred)
login(new_user)
def test_bad_password(context, request, appliance):
""" Tests logging in with a bad password. """
username = conf.credentials['default']['username']
password = "******"
cred = Credential(principal=username, secret=password)
user = User(credential=cred)
user.name = 'Administrator'
if appliance.version.is_in_series('5.7'):
error_message = "Sorry, the username or password you entered is incorrect."
else:
error_message = "Incorrect username or password"
with appliance.context.use(context):
with error.expected(error_message):
appliance.server.login(user)
def new_user(group=usergrp):
from fixtures.blockers import bug
uppercase_username_bug = bug(1487199)
user = User(name='user' + fauxfactory.gen_alphanumeric(),
credential=new_credential(),
email='*****@*****.**',
group=group,
cost_center='Workload',
value_assign='Database')
# Version 5.8.2 has a regression blocking logins for usernames w/ uppercase chars
if '5.8.2' <= user.appliance.version < '5.9' and uppercase_username_bug:
user.credential.principal = user.credential.principal.lower()
return user
def test_bad_password(request, appliance):
""" Tests logging in with a bad password. """
request.addfinalizer(lambda: navigate_to(appliance.server, 'LoginScreen'))
login_page = navigate_to(appliance.server, 'LoginScreen')
username = conf.credentials['default']['username']
password = "******"
cred = Credential(principal=username, secret=password)
user = User(credential=cred)
user.name = 'Administrator'
with error.expected(
"Sorry, the username or password you entered is incorrect."):
login_page.log_in(user)
assert login_page.is_displayed
