class TestProjects(unittest.TestCase): @classmethod def setUp(self): self.conf = Configurations() self.user = User() @classmethod def tearDown(self): print "Case completed" @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.") def test_ClearData(self): #1. Delete user(UA); self.user.delete_user(TestProjects.user_assign_sys_admin_id, **ADMIN_CLIENT) def testAssignSysAdmin(self): """ Test case: Assign Sys Admin Test step and expected result: 1. Create a new user(UA); 2. Set user(UA) has sysadmin role by admin, check user(UA) can modify system configuration; 3. 3. Set user(UA) has no sysadmin role by admin, check user(UA) can not modify system configuration; 4. Set user(UA) has sysadmin role by admin, check user(UA) can modify system configuration. Tear down: 1. Delete user(UA). """ url = ADMIN_CLIENT["endpoint"] user_assign_sys_admin_password = "******" #1. Create a new user(UA); TestProjects.user_assign_sys_admin_id, user_assign_sys_admin_name = self.user.create_user( user_password=user_assign_sys_admin_password, **ADMIN_CLIENT) USER_ASSIGN_SYS_ADMIN_CLIENT = dict( endpoint=url, username=user_assign_sys_admin_name, password=user_assign_sys_admin_password) #2. Set user(UA) has sysadmin role by admin, check user(UA) can modify system configuration; self.user.update_user_role_as_sysadmin( TestProjects.user_assign_sys_admin_id, True, **ADMIN_CLIENT) self.conf.set_configurations_of_token_expiration( 60, **USER_ASSIGN_SYS_ADMIN_CLIENT) #3. Set user(UA) has no sysadmin role by admin, check user(UA) can not modify system configuration; self.user.update_user_role_as_sysadmin( TestProjects.user_assign_sys_admin_id, False, **ADMIN_CLIENT) self.conf.set_configurations_of_token_expiration( 70, expect_status_code=403, **USER_ASSIGN_SYS_ADMIN_CLIENT) #4. Set user(UA) has sysadmin role by admin, check user(UA) can modify system configuration. self.user.update_user_role_as_sysadmin( TestProjects.user_assign_sys_admin_id, True, **ADMIN_CLIENT) self.conf.set_configurations_of_token_expiration( 80, **USER_ASSIGN_SYS_ADMIN_CLIENT)
class TestSysCVEAllowlist(unittest.TestCase): """ Test case: System Level CVE Allowlist Setup: Create user(RA) Test Steps: 1. User(RA) reads the system level CVE allowlist and it's empty. 2. User(RA) updates the system level CVE allowlist, verify it's failed. 3. Update user(RA) to system admin 4. User(RA) updates the system level CVE allowlist, verify it's successful. 5. User(RA) reads the system level CVE allowlist, verify the CVE list is updated. 6. User(RA) updates the expiration date of system level CVE allowlist. 7. User(RA) reads the system level CVE allowlist, verify the expiration date is updated. Tear Down: 1. Clear the system level CVE allowlist. 2. Delete User(RA) """ @suppress_urllib3_warning def setUp(self): self.user = User() self.system = System() user_ra_password = "******" print("Setup: Creating user for test") user_ra_id, user_ra_name = self.user.create_user( user_password=user_ra_password, **ADMIN_CLIENT) print("Created user: %s, id: %s" % (user_ra_name, user_ra_id)) self.USER_RA_CLIENT = dict(endpoint=ADMIN_CLIENT["endpoint"], username=user_ra_name, password=user_ra_password) self.user_ra_id = int(user_ra_id) @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.") def tearDown(self): print("TearDown: Clearing the Allowlist") self.system.set_cve_allowlist(**ADMIN_CLIENT) print("TearDown: Deleting user: %d" % self.user_ra_id) self.user.delete_user(self.user_ra_id, **ADMIN_CLIENT) def testSysCVEAllowlist(self): # 1. User(RA) reads the system level CVE allowlist and it's empty. wl = self.system.get_cve_allowlist(**self.USER_RA_CLIENT) self.assertEqual( 0, len(wl.items), "The initial system level CVE allowlist is not empty: %s" % wl.items) # 2. User(RA) updates the system level CVE allowlist, verify it's failed. cves = ['CVE-2019-12310'] self.system.set_cve_allowlist(None, 403, *cves, **self.USER_RA_CLIENT) # 3. Update user(RA) to system admin self.user.update_user_role_as_sysadmin(self.user_ra_id, True, **ADMIN_CLIENT) # 4. User(RA) updates the system level CVE allowlist, verify it's successful. self.system.set_cve_allowlist(None, 200, *cves, **self.USER_RA_CLIENT) # 5. User(RA) reads the system level CVE allowlist, verify the CVE list is updated. expect_wl = [swagger_client.CVEAllowlistItem(cve_id='CVE-2019-12310')] wl = self.system.get_cve_allowlist(**self.USER_RA_CLIENT) self.assertIsNone(wl.expires_at) self.assertEqual(expect_wl, wl.items) # 6. User(RA) updates the expiration date of system level CVE allowlist. exp = int(time.time()) + 3600 self.system.set_cve_allowlist(exp, 200, *cves, **self.USER_RA_CLIENT) # 7. User(RA) reads the system level CVE allowlist, verify the expiration date is updated. wl = self.system.get_cve_allowlist(**self.USER_RA_CLIENT) self.assertEqual(exp, wl.expires_at)