def test_create_artifact(self, mongo, clean_mongo):
tenant, username, password = (
"test.mender.io",
"*****@*****.**",
"secretsecret",
)
create_org(tenant, username, password)
self.run_create_artifact_test(username, password)
def test_create_artifact(self, mongo, clean_mongo):
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
create_org(tenant, username, password)
self.run_create_artifact_test(username, password)
def test_verify_email(self, clean_mongo, smtp_mock):
uuidv4 = str(uuid.uuid4())
tenant, email, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
create_org(tenant, email, password)
# login and try to enable two factor authentication
# it shouldn't be possible since the user email address
# has not been verified
r = self.uc.call("POST", useradm.URL_LOGIN, auth=(email, password))
assert r.status_code == 200
utoken = r.text
r = self.uc.with_auth(utoken).call(
"POST", useradm.URL_SETTINGS, body={"2fa": "enabled"}
)
assert r.status_code == 403
# verify user email address
r = self.uc.post(useradm.URL_VERIFY_EMAIL_START, body={"email": email})
assert r.status_code == 202
# wait for the verification email
message = None
for i in range(15):
messages = smtp_mock.filtered_messages(email)
if len(messages) > 0:
message = messages[0]
break
time.sleep(1)
# be sure we received the email
assert message is not None
assert message.data != ""
# extract the secret hash from the link
match = re.search(
r"https://hosted.mender.io/ui/#/activate/([a-z0-9\-]+)",
message.data.decode("utf-8"),
)
secret_hash = match.group(1)
assert secret_hash != ""
# complete the email address
r = self.uc.post(
useradm.URL_VERIFY_EMAIL_COMPLETE, body={"secret_hash": secret_hash},
)
assert r.status_code == 204
# try to enable two factor authentication after email address verification
# now it should be possible
r = self.uc.with_auth(utoken).call(
"POST", useradm.URL_SETTINGS, body={"2fa": "enabled"}
)
assert r.status_code == 201
def test_valid_tenant_not_duplicated_for_default_tenant(self, clean_mongo):
"""Verify that a valid tenant-token login does not show up in the default tenant's account"""
default_tenant = create_org("default-tenant", "*****@*****.**", "foobarbaz")
default_tenant_user = default_tenant.users[0]
# Restart the deviceauth service with the new token belonging to `default-tenant`
deviceauth_cli = CliDeviceauth()
deviceauth_cli.add_default_tenant_token(default_tenant.tenant_token)
# Get default user token for management api
r = self.uc.call(
"POST",
useradm.URL_LOGIN,
auth=(default_tenant_user.name, default_tenant_user.pwd),
)
assert r.status_code == 200
default_utoken = r.text
# Create a second user, which has it's own tenant token
tenant1 = create_org("tenant1", "*****@*****.**", "foobarbaz")
tenant1_user = tenant1.users[0]
r = self.uc.call(
"POST", useradm.URL_LOGIN, auth=(tenant1_user.name, tenant1_user.pwd)
)
assert r.status_code == 200
tenant1_utoken = r.text
# Create a device, and try to authorize
create_random_authset(
self.devauthd, self.devauthm, tenant1_utoken, tenant1.tenant_token
)
# Device should show up in the 'tenant1's account
r = self.devauthm.with_auth(tenant1_utoken).call(
"GET", deviceauth_v2.URL_DEVICES
)
assert r.status_code == 200
api_devs = r.json()
assert len(api_devs) == 1
api_dev = api_devs[0]
assert api_dev["status"] == "pending"
# Device must not show up in the default tenant's account
r = self.devauthm.with_auth(default_utoken).call(
"GET", deviceauth_v2.URL_DEVICES
)
assert r.status_code == 200
api_devs = r.json()
assert len(api_devs) == 0
def test_invalid_tenant_token_added_to_default_account(self, clean_mongo):
"""Verify that an invalid tenant token does show up in the default tenant account"""
default_tenant = create_org("default-tenant", "*****@*****.**", "foobarbaz")
default_tenant_user = default_tenant.users[0]
# Restart the deviceauth service with the new token belonging to `default-tenant`
deviceauth_cli = CliDeviceauth()
deviceauth_cli.add_default_tenant_token(default_tenant.tenant_token)
# Get default user auth token for management api
r = self.uc.call(
"POST",
useradm.URL_LOGIN,
auth=(default_tenant_user.name, default_tenant_user.pwd),
)
assert r.status_code == 200
default_utoken = r.text
# Create a second user, which has it's own tenant token
tenant1 = create_org("tenant1", "*****@*****.**", "foobarbaz")
tenant1_user = tenant1.users[0]
r = self.uc.call(
"POST", useradm.URL_LOGIN, auth=(tenant1_user.name, tenant1_user.pwd)
)
assert r.status_code == 200
tenant1_utoken = r.text
# Device must not show up in the 'tenant1's account, so the authset will not be pending
with pytest.raises(AssertionError) as e:
create_random_authset(
self.devauthd, self.devauthm, tenant1_utoken, "mumbojumbotoken"
)
assert "assert 0 == 1" in str(e.value)
# Double check that it is not added to tenant1
r = self.devauthm.with_auth(tenant1_utoken).call(
"GET", deviceauth_v2.URL_DEVICES
)
assert r.status_code == 200
api_devs = r.json()
assert len(api_devs) == 0
# Device must show up in the default tenant's account
r = self.devauthm.with_auth(default_utoken).call(
"GET", deviceauth_v2.URL_DEVICES
)
assert r.status_code == 200
api_devs = r.json()
assert len(api_devs) == 1
def test_contact_support_bad_request(self, clean_mongo):
uuidv4 = str(uuid.uuid4())
tenant, email, password = (
"test.mender.io-" + uuidv4,
"some.user-" + uuidv4 + "@example.com",
"secretsecret",
)
create_org(tenant, email, password)
r = api_useradm.call("POST", useradm.URL_LOGIN, auth=(email, password))
assert r.status_code == 200
utoken = r.text
r = api_tadm_v2.with_auth(utoken).call(
"POST", tenantadm_v2.URL_CONTACT_SUPPORT, body={"foo": "bar"})
assert r.status_code == 400
def setup_ent_compat(request):
env = container_factory.get_compatibility_setup(enterprise=True)
request.addfinalizer(env.teardown)
env.setup()
env.tenant = create_org(
"Mender",
"*****@*****.**",
"correcthorse",
containers_namespace=env.name,
container_manager=env,
)
env.user = env.tenant.users[0]
env.populate_clients(tenant_token=env.tenant.tenant_token)
clients = env.get_mender_clients()
assert len(clients) > 0, "Failed to setup clients"
env.devices = []
for client in clients:
dev = MenderDevice(client)
dev.ssh_is_opened()
env.devices.append(dev)
return env
def test_default_tenant_token(self, clean_mongo):
"""Connect with a device without a tenant-token, and make sure it shows up in the default tenant account"""
default_tenant = create_org(
name="default-tenant", username="******", password="******"
)
default_tenant_user = default_tenant.users[0]
# Restart the deviceauth service with the new token belonging to `default-tenant`
deviceauth_cli = CliDeviceauth()
deviceauth_cli.add_default_tenant_token(default_tenant.tenant_token)
# Retrieve user token for management API
r = self.uc.call(
"POST",
useradm.URL_LOGIN,
auth=(default_tenant_user.name, default_tenant_user.pwd),
)
assert r.status_code == 200
default_utoken = r.text
# Create a device with an empty tenant token, and try to authorize
create_random_authset(
self.devauthd, self.devauthm, default_utoken, ""
) # Emty tenant token
# Device must show up in the default tenant's account
r = self.devauthm.with_auth(default_utoken).call(
"GET", deviceauth_v2.URL_DEVICES
)
assert r.status_code == 200
api_devs = r.json()
assert len(api_devs) == 1
api_dev = api_devs[0]
assert api_dev["status"] == "pending"
def setup_devices_and_management(nr_devices=100):
"""
Sets up user and tenant and creates authorized devices.
"""
tenant = create_org('acme', '*****@*****.**', "correcthorse")
user = tenant.users[0]
useradmm = ApiClient(useradm.URL_MGMT)
devauthd = ApiClient(deviceauth_v1.URL_DEVICES)
invm = ApiClient(inventory.URL_MGMT)
api_mgmt_deploy = ApiClient(deployments.URL_MGMT)
# log in user
r = useradmm.call('POST', useradm.URL_LOGIN,
auth=(user.name, user.pwd))
assert r.status_code == 200
utoken = r.text
# Upload a dummy artifact to the server
upload_image("/tests/test-artifact.mender", utoken)
# prepare accepted devices
devs = make_accepted_devices(utoken, devauthd, nr_devices,
tenant.tenant_token)
# wait for devices to be provisioned
time.sleep(3)
# Check that the number of devices were created
r = invm.with_auth(utoken).call(
'GET', inventory.URL_DEVICES, qs_params={
'per_page': nr_devices
})
assert r.status_code == 200
api_devs = r.json()
assert len(api_devs) == nr_devices
return user, tenant, utoken, devs
def create_tenant_test_setup(user_name, tenant_name, nr_deployments=3, nr_devices=100):
"""
Creates a tenant, and a user belonging to the tenant
with 'nr_deployments', and 'nr_devices'
"""
api_mgmt_deploy = ApiClient(deployments.URL_MGMT)
tenant = create_org(tenant_name, user_name, "correcthorse")
user = tenant.users[0]
r = ApiClient(useradm.URL_MGMT).call(
'POST', useradm.URL_LOGIN, auth=(user.name, user.pwd))
assert r.status_code == 200
user.utoken = r.text
tenant.users = [user]
upload_image("/tests/test-artifact.mender", user.utoken)
# Create three deployments for the user
for i in range(nr_deployments):
request_body = {
"name": str(i) + "st-dummy-deployment",
"artifact_name": "deployments-phase-testing",
"devices": ["uuid not needed" + str(i) for i in range(nr_devices)],
}
resp = api_mgmt_deploy.with_auth(user.utoken).call(
'POST',
'/deployments',
body=request_body,
)
assert resp.status_code == 201
# Verify that the 'nr_deployments' expected deployments have been created
resp = api_mgmt_deploy.with_auth(user.utoken).call('GET', '/deployments')
assert resp.status_code == 200
assert len(resp.json()) == nr_deployments
return tenant
def tenant_users(clean_migrated_mongo):
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
tenant = create_org(tenant, username, password, "enterprise")
user = create_user("foo+" + uuidv4 + "@user.com",
"correcthorsebatterystaple",
tid=tenant.id)
tenant.users.append(user)
update_tenant(tenant.id, addons=["troubleshoot"])
for u in tenant.users:
r = ApiClient(useradm.URL_MGMT).call("POST",
useradm.URL_LOGIN,
auth=(u.name, u.pwd))
assert r.status_code == 200
assert r.text is not None
assert r.text != ""
u.token = r.text
yield tenant
def setup_ent_mtls(request):
env = container_factory.get_mtls_setup()
request.addfinalizer(env.teardown)
env.setup()
mtls_username = "******"
mtls_password = "******"
env.tenant = create_org(
"Mender",
mtls_username,
mtls_password,
containers_namespace=env.name,
container_manager=env,
)
env.user = env.tenant.users[0]
env.start_mtls_ambassador()
reset_mender_api(env)
auth.username = mtls_username
auth.password = mtls_password
auth.multitenancy = True
auth.current_tenant = env.tenant
env.stop_api_gateway()
# start a new mender client
env.new_mtls_client("mender-client", env.tenant.tenant_token)
env.device = MenderDevice(env.get_mender_clients()[0])
env.device.ssh_is_opened()
env.start_api_gateway()
return env
def tenant_pro(clean_mongo):
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
tenant_pro = create_org(tenant, username, password, "professional")
add_devices_to_tenant(
tenant_pro,
[
{"artifact": "v2", "idx": 0},
{"artifact": "v2", "idx": 1},
{"artifact": "v2", "idx": 2},
{"artifact": "v2", "idx": 3},
{"artifact": "v2", "idx": 4},
{"artifact": "v2", "idx": 5},
{"artifact": ["v2", "v3"], "idx": 6},
{"artifact": ["v2", "v3"], "idx": 7},
{"artifact": ["v2", "v3"], "idx": 8},
],
)
# sleep a few seconds waiting for the data propagation to the reporting service
# and the Elasticsearch indexing to complete
time.sleep(reporting.REPORTING_DATA_PROPAGATION_SLEEP_TIME_SECS)
return tenant_pro
def test_deploy_to_group(self, clean_mongo, test_case):
"""
Tests adding group restrinction to roles and checking that users
are not allowed to deploy to devices outside the restricted
groups.
"""
dplmnt_MGMT = ApiClient(deployments.URL_MGMT)
i = 0
self.logger.info("RUN: %s", test_case["name"])
tenant = create_org("org%d" % i,
"*****@*****.**" % i,
"password",
plan="enterprise")
test_user = create_user(tid=tenant.id, **test_case["user"])
tenant.users.append(test_user)
login_tenant_users(tenant)
# Initialize tenant's devices
grouped_devices = setup_tenant_devices(tenant,
test_case["device_groups"])
# Add user to deployment group
role = UserRole("RBAC_DEVGRP", test_case["permissions"])
add_user_to_role(test_user, tenant, role)
# Upload a bogus artifact
artifact = Artifact("tester", ["qemux86-64"], payload="bogus")
rsp = dplmnt_MGMT.with_auth(test_user.token).call(
"POST",
deployments.URL_DEPLOYMENTS_ARTIFACTS,
files=((
"artifact",
(
"artifact.mender",
artifact.make(),
"application/octet-stream",
),
), ),
)
assert rsp.status_code == 201, rsp.text
# Attempt to create deployment with test user
devices = []
for group in test_case["deploy_groups"]:
for device in grouped_devices[group]:
devices.append(device.id)
rsp = dplmnt_MGMT.with_auth(test_user.token).call(
"POST",
deployments.URL_DEPLOYMENTS,
body={
"artifact_name": "tester",
"name": "dplmnt",
"devices": devices
},
)
assert rsp.status_code == test_case["status_code"], rsp.text
self.logger.info("PASS: %s" % test_case["name"])
def get_tenant_username_and_password(self, plan):
tenant, username, password = (
"test.mender.io",
"*****@*****.**",
"secretsecret",
)
tenant = create_org(tenant, username, password, plan)
return tenant, username, password
def tenants(clean_mongo):
tenants = []
for n in ['tenant1', 'tenant2']:
username = "******"+n+".com"
password = "******"
tenants.append(create_org(n, username, password))
yield tenants
def get_tenant_username_and_password(self, plan):
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
tenant = create_org(tenant, username, password, plan)
return tenant, username, password
def tenants(clean_migrated_mongo_mt):
tenants = []
for n in ["tenant1", "tenant2"]:
username = "******" + n + ".com"
password = "******"
tenants.append(create_org(n, username, password))
yield tenants
def test_password_reset(self, clean_mongo, smtp_mock):
uuidv4 = str(uuid.uuid4())
tenant, email, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
create_org(tenant, email, password)
new_password = "******"
r = self.uc.post(useradm.URL_PASSWORD_RESET_START,
body={"email": email})
assert r.status_code == 202
# wait for the password reset email
message = None
for i in range(15):
messages = smtp_mock.filtered_messages(email)
if len(messages) > 0:
message = messages[0]
break
time.sleep(1)
# be sure we received the email
assert message is not None
assert message.data != ""
# extract the secret hash from the link
match = re.search(
r"https://hosted.mender.io/ui/#/password/([a-z0-9\-]+)",
message.data.decode("utf-8"),
)
secret_hash = match.group(1)
assert secret_hash != ""
# reset the password
r = self.uc.post(
useradm.URL_PASSWORD_RESET_COMPLETE,
body={
"secret_hash": secret_hash,
"password": new_password
},
)
assert r.status_code == 202
# try to login using the new password
r = self.uc.call("POST", useradm.URL_LOGIN, auth=(email, new_password))
assert r.status_code == 200
assert bool(r.text)
def test_deploy_to_devices(self, clean_mongo, test_case):
"""
Tests adding group restrinction to roles and checking that users
are not allowed to deploy to devices by providing list of device IDs.
The only exception is single device deployment.
"""
self.logger.info("RUN: %s", test_case["name"])
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
tenant = create_org(tenant, username, password, "enterprise")
test_case["user"]["name"] = test_case["user"]["name"].replace("UUID", uuidv4)
test_user = create_user(tid=tenant.id, **test_case["user"])
tenant.users.append(test_user)
login_tenant_users(tenant)
# Initialize tenant's devices
grouped_devices = setup_tenant_devices(tenant, test_case["device_groups"])
# Add user to deployment group
role = UserRole("RBAC_DEVGRP", test_case["permissions"])
add_user_to_role(test_user, tenant, role)
# Upload a bogus artifact
artifact = Artifact("tester", ["qemux86-64"], payload="bogus")
dplmnt_MGMT = ApiClient(deployments.URL_MGMT)
rsp = dplmnt_MGMT.with_auth(test_user.token).call(
"POST",
deployments.URL_DEPLOYMENTS_ARTIFACTS,
files=(
(
"artifact",
("artifact.mender", artifact.make(), "application/octet-stream"),
),
),
)
assert rsp.status_code == 201, rsp.text
# Attempt to create deployment with test user
devices = []
for group in test_case["deploy_groups"]:
for device in grouped_devices[group]:
devices.append(device.id)
rsp = dplmnt_MGMT.with_auth(test_user.token).call(
"POST",
deployments.URL_DEPLOYMENTS,
body={"artifact_name": "tester", "name": "dplmnt", "devices": devices},
)
assert rsp.status_code == test_case["status_code"], rsp.text
self.logger.info("PASS: %s" % test_case["name"])
def test_set_and_deploy_configuration(self, clean_mongo, test_case):
"""
Tests adding group restrinction to roles and checking that users
are not allowed to set and deploy configuration to devices outside the restricted
groups.
"""
self.logger.info("RUN: %s", test_case["name"])
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
tenant = create_org(tenant, username, password, "enterprise")
update_tenant(tenant.id, addons=["configure"])
test_case["user"]["name"] = test_case["user"]["name"].replace(
"UUID", uuidv4)
test_user = create_user(tid=tenant.id, **test_case["user"])
tenant.users.append(test_user)
login_tenant_users(tenant)
# Initialize tenant's devices
grouped_devices = setup_tenant_devices(tenant,
test_case["device_groups"])
# Add user to deployment group
role = UserRole("RBAC_DEVGRP", test_case["permissions"])
add_user_to_role(test_user, tenant, role)
deviceconf_MGMT = ApiClient(deviceconfig.URL_MGMT)
device_id = grouped_devices[test_case["deploy_group"]][0].id
# Attempt to set configuration
rsp = deviceconf_MGMT.with_auth(test_user.token).call(
"PUT",
deviceconfig.URL_MGMT_DEVICE_CONFIGURATION.format(id=device_id),
body={"foo": "bar"},
)
assert rsp.status_code == test_case[
"set_configuration_status_code"], rsp.text
# Attempt to deploy the configuration
rsp = deviceconf_MGMT.with_auth(test_user.token).call(
"POST",
deviceconfig.URL_MGMT_DEVICE_CONFIGURATION_DEPLOY.format(
id=device_id),
body={"retries": 0},
)
assert (rsp.status_code ==
test_case["deploy_configuration_status_code"]), rsp.text
self.logger.info("PASS: %s" % test_case["name"])
def tenants_users(clean_migrated_mongo):
tenants = []
for n in range(2):
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
tenants.append(create_org(tenant, username, password))
yield tenants
def tenants_users(clean_migrated_mongo_mt):
cli = CliTenantadm()
api = ApiClient(tenantadm.URL_INTERNAL)
names = ["tenant1", "tenant2"]
tenants = []
for n in names:
username = "******" % n
password = "******"
tenant = create_org(n, username, password)
yield tenants
def test_contact_support(self, clean_mongo, smtp_mock):
uuidv4 = str(uuid.uuid4())
tenant, email, password = (
"test.mender.io-" + uuidv4,
"some.user-" + uuidv4 + "@example.com",
"secretsecret",
)
org = create_org(tenant, email, password)
r = api_useradm.call("POST", useradm.URL_LOGIN, auth=(email, password))
assert r.status_code == 200
utoken = r.text
r = api_tadm_v2.with_auth(utoken).call(
"POST",
tenantadm_v2.URL_CONTACT_SUPPORT,
body={
"subject": "foo",
"body": "bar"
},
)
assert r.status_code == 202
# wait for the email
message = None
for i in range(15):
messages = smtp_mock.filtered_messages("*****@*****.**")
if len(messages) > 0:
message = messages[0]
break
time.sleep(1)
# be sure we received the email
assert message is not None
assert message.data != ""
# and the email is properly formatted
data = message.data.decode("utf-8")
match = re.search(
r"Subject: ([a-z0-9\-]+)",
data,
)
subject = match.group(1)
assert re.search(r"Subject: foo", data) is not None
assert re.search(r"From: [email protected]", data) is not None
assert re.search(r"To: [email protected]", data) is not None
assert re.search(r"Organization ID: " + org.id, data) is not None
assert re.search(r"Organization name: " + tenant, data) is not None
assert re.search(r"Plan name: os", data) is not None
assert re.search(r"User ID: " + org.users[0].id, data) is not None
assert re.search(r"User Email: " + email, data) is not None
assert re.search(r"bar", data) is not None
def tenants_users(clean_migrated_mongo):
tenants = []
cli = CliTenantadm()
api = ApiClient(tenantadm.URL_INTERNAL)
for n in ["tenant1", "tenant2"]:
username = "******" # user[12]@tenant[12].com
password = "******"
# Create tenant with two users
tenant = create_org(n, username % (1, n), "123password", plan="enterprise")
tenant.users.append(create_user(username % (2, n), password, tenant.id))
tenants.append(tenant)
yield tenants
def test_get_emails_by_group(self, clean_mongo, test_case):
"""
Tests endpoint for retrieving list of users emails with access
to devices from given group.
"""
self.logger.info("RUN: %s", test_case["name"])
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"admin+" + uuidv4 + "@example.com",
"secretsecret",
)
tenant = create_org(tenant, username, password, "enterprise")
for i in range(len(test_case["users"])):
test_case["users"][i]["name"] = test_case["users"][i][
"name"].replace("UUID", uuidv4)
test_user = create_user(
test_case["users"][i]["name"],
test_case["users"][i]["pwd"],
tid=tenant.id,
roles=test_case["users"][i]["roles"],
)
tenant.users.append(test_user)
# Initialize tenant's devices
grouped_devices = setup_tenant_devices(tenant,
test_case["device_groups"])
device_id = grouped_devices[test_case["device_group"]][0].id
useradm_INT = ApiClient(useradm.URL_INTERNAL,
host=useradm.HOST,
schema="http://")
rsp = useradm_INT.call(
"GET",
useradm.URL_EMAILS,
path_params={
"tenant_id": tenant.id,
"device_id": device_id
},
)
assert rsp.status_code == test_case["status_code"], rsp.text
emails = rsp.json()["emails"]
assert len(emails) == test_case["emails_count"] + 1
for email in emails:
assert email.startswith(
test_case["emails_prefix"]) or email.startswith("admin")
def tenants_users(clean_migrated_mongo):
tenants = []
for n in range(2):
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@foo.com",
"secretsecret",
)
# Create tenant with two users
tenant = create_org(tenant, username, password, "enterprise")
tenant.users.append(
create_user("some.other.user+" + uuidv4 + "@foo.com", password,
tenant.id))
tenants.append(tenant)
yield tenants
def tenants_users(clean_migrated_mongo):
tenants = []
for _ in range(2):
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"ci.email.tests+" + uuidv4 + "@mender.io",
"secretsecret",
)
# Create tenant with two users
tenant = create_org(tenant, username, password, "enterprise")
tenant.users.append(
create_user("ci.email.tests+" + uuidv4 + "*****@*****.**",
password, tenant.id))
tenants.append(tenant)
yield tenants
def azure_user(clean_mongo) -> Optional[User]:
"""Create Mender user and create an Azure IoT Hub integration in iot-manager using the connection string."""
api_azure = ApiClient(base_url=iot.URL_MGMT)
uuidv4 = str(uuid.uuid4())
try:
tenant = create_org(
"test.mender.io-" + uuidv4,
f"user+{uuidv4}@example.com",
"password123",
)
user = tenant.users[0]
user.tenant = tenant
except RuntimeError: # If open-source
user = create_user(f"user+{uuidv4}@example.com", "password123")
# Authorize
rsp = ApiClient(useradm.URL_MGMT).call("POST",
useradm.URL_LOGIN,
auth=(user.name, user.pwd))
assert rsp.status_code == 200
user.token = rsp.text
connection_string = get_connection_string()
integration = {
"provider": "iot-hub",
"credentials": {
"connection_string": connection_string,
"type": "sas"
},
}
# create the integration in iot-manager
rsp = api_azure.with_auth(user.token).call("POST",
iot.URL_INTEGRATIONS,
body=integration)
assert rsp.status_code == 201
yield user
def setup_tenants(self, clean_mongo):
# Initialize tenants and devices
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
self.tenant_ent = create_org(tenant, username, password, "enterprise")
#
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
self.tenant_pro = create_org(tenant, username, password, "professional")
#
uuidv4 = str(uuid.uuid4())
tenant, username, password = (
"test.mender.io-" + uuidv4,
"some.user+" + uuidv4 + "@example.com",
"secretsecret",
)
self.tenant_os = create_org(tenant, username, password, "os")
#
add_devices_to_tenant(
self.tenant_ent,
[
{"artifact": ["v1"], "py3": "3.3", "py2": "2.7", "idx": 0},
{"artifact": ["v1", "v2"], "py3": "3.5", "py2": "2.7", "idx": 1},
{"artifact": ["v1", "v2"], "py2": "2.6", "idx": 2},
{"artifact": ["v1", "v2"], "py2": "2.7", "idx": 3},
{"artifact": ["v2"], "py3": "3.5", "py2": "2.7", "idx": 4},
{"artifact": ["v2"], "py3": "3.6", "py2": "2.7", "idx": 5},
{"artifact": ["v2", "v3"], "py3": "3.6", "idx": 6},
{"artifact": ["v2", "v3"], "py3": "3.7", "idx": 7},
{"artifact": ["v2", "v3"], "py3": "3.7", "idx": 8},
{"artifact": ["v1", "v2", "v3"], "py3": "3.8", "idx": 9},
],
)
add_devices_to_tenant(
self.tenant_pro,
[
{"artifact": ["v2"], "idx": 0},
{"artifact": ["v2"], "idx": 1},
{"artifact": ["v2"], "idx": 2},
{"artifact": ["v2"], "idx": 3},
{"artifact": ["v2"], "idx": 4},
{"artifact": ["v2"], "idx": 5},
{"artifact": ["v2", "v3"], "idx": 6},
{"artifact": ["v2", "v3"], "idx": 7},
{"artifact": ["v2", "v3"], "idx": 8},
],
)
add_devices_to_tenant(
self.tenant_os,
[
{"artifact": ["v1"], "idx": 0},
{"artifact": ["v1"], "idx": 1},
{"artifact": ["v1"], "idx": 2},
],
)