def test_modify_existing_password_complex_profiles(core_session, create_basic_pass_profile):
"""
Test case: C1631
:param core_session: Centrify session
:param create_basic_pass_profile: Created a basic password complexity profile.
"""
profile = create_basic_pass_profile(core_session, 1, 8)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
# Getting the password profile by id
cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id(core_session, cps_prof_id)
assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
logger.info(f"Password profile created successfully with {cps_prof_result}")
# updates the exiting password profile.
update_cps_prof_success = ResourceManager.update_password_profile(core_session, cps_prof_id, profile_name_cps,
min_pwd_len=13, max_pwd_len=26,
special_char_set="!#$%&()*",
min_alphabetic_char=5, max_alphabetic_char=5)
assert update_cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
# Getting the password profile by id
cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id(core_session, cps_prof_id)
assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
expected_profile_update_values = [13, 26, '!#$%&()*', 5, 5]
actual_profile_update_values = [cps_prof_result['MinimumPasswordLength'], cps_prof_result['MaximumPasswordLength'],
cps_prof_result['SpecialCharSet'],
cps_prof_result['MinimumAlphabeticCharacterCount'],
cps_prof_result['MinimumNonAlphabeticCharacterCount']]
# Checking the password complexity profile field's value.
assert expected_profile_update_values == actual_profile_update_values, f"Getting Password profile update values " \
f"for Profile {cps_prof_id} for core user " \
f"did not match values " \
f"{actual_profile_update_values}"
logger.info(f"Password profile updated successfully with {cps_prof_result}")
def test_activity_about_password_profiles(core_session,
create_basic_pass_profile):
"""
Test case: C1665
:param core_session: Centrify session
:param create_basic_pass_profile: Created a basic password complexity profile.
"""
# Creating basic password profile.
profile = create_basic_pass_profile(core_session, 1, 8)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
username = core_session.__dict__["auth_details"]["User"]
cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id(
core_session, cps_prof_id)
# Checking the created custom password complexity profile.
assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
logger.info(
f"Password profile created successfully with {cps_prof_result}")
profile_delete = ResourceManager.delete_password_profile(
core_session, cps_prof_id)
# Deleting the custom password complexity profile.
assert profile_delete, f"Password complexity profile {profile_name_cps} not deleted"
logger.info(
f"Password complexity profile {profile_name_cps} deleted successfully")
recent_activity = ResourceManager.get_recent_activity(core_session)
# Get recent activity details and finding the recent delete activity.
recent_activity_list = []
for column in range(len(recent_activity)):
if recent_activity[column]["Row"]["Detail"].__contains__(
"deleted password profile"):
recent_activity_list.append(
recent_activity[column]["Row"]["Detail"])
assert f'{username} deleted password profile "{profile_name_cps}"' == recent_activity_list[0], \
f'Could not find the related activity about password profile deletion {recent_activity}'
logger.info(
f'Could find the related activity about password profile deletion {recent_activity_list}'
)
# Getting the recent administration activity details.
admin_report = ReportsManager.get_administration_activity(core_session,
system_name=None)
recent_admin_activity_list = []
for column in range(len(admin_report)):
if admin_report[column]["Detail"].__contains__(
"deleted password profile"):
recent_admin_activity_list.append(admin_report[column]["Detail"])
assert f'{username} deleted password profile "{profile_name_cps}"' == recent_admin_activity_list[0], \
f'Could not find the related activity about password profile deletion {recent_activity}'
logger.info(
f'Could find the related activity about password profile deletion {admin_report}'
)
def test_delete_password_complex_profile(core_session, core_admin_ui, create_basic_pass_profile):
"""
Test case: C1634
:param core_session: Centrify session
:param core_admin_ui: Creates random user and login in browser.
:param create_basic_pass_profile: Created a basic password complexity profile.
"""
ui = core_admin_ui
ui.navigate("Settings", "Resources", "Password Profiles")
profile = create_basic_pass_profile(core_session, 1, 8)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id(core_session, cps_prof_id)
# Checking the created custom password complexity profile.
assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
logger.info(f"Password profile created successfully with {cps_prof_result}")
profile_delete = ResourceManager.delete_password_profile(core_session, cps_prof_id)
# Deleting the custom password complexity profile.
assert profile_delete, f"Password complexity profile {profile_name_cps} not deleted"
logger.info(f"Password complexity profile {profile_name_cps} deleted successfully")
def test_clone_password_complex_profiles(core_session, core_admin_ui, create_basic_pass_profile,
create_clone_windows_pass_profile, create_clone_custom_pass_profile):
""" :param : C1633
:param core_session: Centrify session
:param core_admin_ui: Creates random user and login in browser.
:param create_basic_pass_profile: Created a basic password complexity profile.
:param create_clone_windows_pass_profile: Creates windows password profile
:param create_clone_custom_pass_profile: Creates custom password profile.
"""
ui = core_admin_ui
current_tenant_id = core_session.__dict__["tenant_id"]
ui.navigate("Settings", "Resources", "Password Profiles")
profile = create_basic_pass_profile(core_session, 1, 8)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
custom_profile_name_clone = f"{profile_name_cps} (Cloned)"
cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id(core_session, cps_prof_id)
assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
# Checking the cloned password complexity profile exists after cloned.
logger.info(f"Password profile created successfully with {cps_prof_result}")
profile_clone = create_clone_windows_pass_profile(core_session)
cloned_profiles_windows = list(profile_clone[0])
cloned_builtin_profile_id = cloned_profiles_windows[0]['_RowKey']
assert cloned_builtin_profile_id is not None, f"Cloned built-in password profile created successfully with id " \
f"{cloned_builtin_profile_id}"
logger.info(
f"Cloned built-in password profile created successfully {cloned_profiles_windows} with id "
f"{cloned_builtin_profile_id}")
# Checking the cloned password complexity profile exists after cloned.
create_clone_custom_profile = create_clone_custom_pass_profile(core_session,
name=custom_profile_name_clone,
tenant_id=current_tenant_id)
cloned_profiles = list(create_clone_custom_profile[0])
cloned_profile_id = cloned_profiles[0]['_RowKey']
assert cloned_profile_id is not None, f"Cloned password profile created successfully with id {cloned_profile_id}"
logger.info(f"Cloned Password profile created successfully {cloned_profiles} with id {cloned_profile_id}")
def test_verify_rule_restrict_character(core_session, cleanup_accounts,
create_basic_pass_profile, pas_setup,
remote_users_qty1):
"""
TC C281499: Verify the rule(Restrict number of character occurrences) work correct
:param core_session: Authenticates API session
:param create_basic_pass_profile: Creates a password profile
:param pas_setup: Creates system and account
:param remote_users_qty1: Creates account in target system
:param cleanup_accounts: Deletes Accounts
"""
accounts_list = cleanup_accounts[0]
added_system_id, account_id, sys_info = pas_setup
logger.info(
f"System: {sys_info[0]} successfully added with UUID: {added_system_id} and account: {sys_info[4]} "
f"with UUID: {account_id} associated with it.")
# Adding user in target machine
add_user_in_target_system = remote_users_qty1
user_password = "******"
# Adding account in portal
acc_result, acc_success = ResourceManager.add_account(
core_session,
add_user_in_target_system[0],
password=user_password,
host=added_system_id,
ismanaged=True)
assert acc_success, f"Failed to add account: {acc_result}"
logger.info("Successfully added account in system")
# Cleanup Account
accounts_list.append(acc_result)
# Creating Password Profile
profile = create_basic_pass_profile(core_session, 1)[0]
profile_name_cps = profile[0]['Name']
cps_prof_id = profile[0]['_RowKey']
cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id(
core_session, cps_prof_id)
assert cps_prof_success, f"Failed to create Profile due to {cps_prof_result}"
logger.info(f'System successfully updated with result: {cps_prof_result}')
# Updating Password Profile
update_cps_prof_success = ResourceManager.update_password_profile(
core_session,
cps_prof_id,
profile_name_cps,
58,
128,
one_lwr_case=False,
one_upp_case=False,
one_digit=False,
consecutive_chars=False,
one_special_char=False,
min_alphabetic_char=5,
max_alphabetic_char=3,
restrict_occurrence=1)
assert update_cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
logger.info(f'Profile {profile_name_cps} successfully updated')
cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id(
core_session, cps_prof_id)
assert cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
assert cps_prof_result['MinimumPasswordLength'] == 58, \
f"Getting Min Password length for Profile {cps_prof_id} is {cps_prof_result['MinimumPasswordLength']} " \
f"instead of 8"
logger.info("Successfully updated minimum password length as 8")
assert cps_prof_result['MaximumPasswordLength'] == 128, \
f"Getting Min Password length for Profile {cps_prof_id} is {cps_prof_result['MaximumPasswordLength']} " \
f"instead of 20"
logger.info("Successfully updated minimum password length as 20")
assert cps_prof_result['MinimumAlphabeticCharacterCount'] == 5, \
f"Getting Min Password length for Profile {cps_prof_id} is " \
f"{cps_prof_result['MinimumAlphabeticCharacterCount']} instead of 5"
logger.info("Updated Minimum Alphabetic Character Count successfully")
assert cps_prof_result['MinimumNonAlphabeticCharacterCount'] == 3, \
f"Getting Min Password length for Profile {cps_prof_id} is " \
f"{cps_prof_result['MinimumNonAlphabeticCharacterCount']} instead of 3"
logger.info("Updated Minimum Alphabetic Character Count successfully")
assert cps_prof_result['MaximumCharOccurrenceCount'] == 1, \
f"Getting Min Password length for Profile {cps_prof_id} is " \
f"{cps_prof_result['MinimumNonAlphabeticCharacterCount']} instead of 3"
logger.info("Updated Minimum Alphabetic Character Count successfully")
update_result, update_success = ResourceManager.update_system(
core_session,
added_system_id,
sys_info[0],
sys_info[1],
sys_info[2],
passwordprofileid=cps_prof_id)
assert update_success, f"Failed to update system sue to {update_result}"
logger.info(f"Successfully update system {sys_info[0]}")
# Rotate Password
rotate_password_result, rotate_password_success = ResourceManager.rotate_password(
core_session, acc_result)
assert rotate_password_success, f"Failed to rotate password due to {rotate_password_result}"
logger.info("Rotate password successfully")
# Checkout Password
check_out_password_result, check_out_password_success = ResourceManager.check_out_password(
core_session, lifetime=1, accountid=acc_result)
assert check_out_password_success, f"Failed to checkout password due to {check_out_password_result}"
logger.info("Password checkout successfully")
# Getting check out password value
co_password_value = check_out_password_result['Password']
# Getting all the alpha characters in password check out
get_alpha_characters = re.findall('[a-zA-Z]', co_password_value)
# Checking the maximum occurrence of characters in a list
count_alpha_chars = Counter(get_alpha_characters)
for item, ct in count_alpha_chars.items():
assert len(item) == 1, "Item is grater than 1"
logger.info('%s occurred %d times' % (item, ct))
# Removing password profile from system
update_result, update_success = ResourceManager.update_system(
core_session,
added_system_id,
sys_info[0],
sys_info[1],
sys_info[2],
passwordprofileid=None)
assert update_success, f"Failed to remove password profile from system {sys_info[0]}"
logger.info(
f"Successfully removed password profile from system {sys_info[0]}")
def test_verify_rule_work_correct(core_session, cleanup_accounts,
create_basic_pass_profile, pas_setup,
remote_users_qty1, cleanup_password_profile):
"""
TC C281498: Verify the rule (Min number of non-alpha characters)
:param core_session: Authenticates API session
:param create_basic_pass_profile: Creates a password profile
:param pas_setup: Creates system and account
:param remote_users_qty1: Creates account in target system
:param cleanup_password_profile: Deletes password profile
:param cleanup_accounts: Deletes Account
"""
accounts_list = cleanup_accounts[0]
added_system_id, account_id, sys_info = pas_setup
logger.info(
f"System: {sys_info[0]} successfully added with UUID: {added_system_id} and account: {sys_info[4]} "
f"with UUID: {account_id} associated with it.")
profile_list = cleanup_password_profile
# Adding user in target machine
add_user_in_target_system = remote_users_qty1
user_password = "******"
# Adding account in portal
acc_result, acc_success = ResourceManager.add_account(
core_session,
add_user_in_target_system[0],
password=user_password,
host=added_system_id,
ismanaged=True)
assert acc_success, f"Failed to add account: {acc_result}"
logger.info("Successfully added account in system")
# Cleanup Account
accounts_list.append(acc_result)
# Creating Password Profile
profile = create_basic_pass_profile(core_session, 1)[0]
profile_name_cps = profile[0]['Name']
cps_prof_id = profile[0]['_RowKey']
# Deleting Password Profile
profile_list.append(cps_prof_id)
cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id(
core_session, cps_prof_id)
assert cps_prof_success, f"Failed to create Profile due to {cps_prof_result}"
logger.info(f'System successfully updated with result: {cps_prof_result}')
# Updating Password Profile
update_cps_prof_success = ResourceManager.update_password_profile(
core_session,
cps_prof_id,
profile_name_cps,
8,
20,
one_lwr_case=False,
one_upp_case=False,
one_digit=False,
consecutive_chars=False,
one_special_char=False,
min_alphabetic_char=5,
max_alphabetic_char=3,
)
assert update_cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
logger.info(f'Profile {profile_name_cps} successfully updated')
cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id(
core_session, cps_prof_id)
assert cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
assert cps_prof_result['MinimumPasswordLength'] == 8, \
f"Getting Min Password length for Profile {cps_prof_id} is {cps_prof_result['MinimumPasswordLength']} " \
f"instead of 8"
logger.info("Successfully updated minimum password length as 8")
assert cps_prof_result['MaximumPasswordLength'] == 20, \
f"Getting Min Password length for Profile {cps_prof_id} is {cps_prof_result['MaximumPasswordLength']} " \
f"instead of 20"
logger.info("Successfully updated minimum password length as 20")
assert cps_prof_result['MinimumAlphabeticCharacterCount'] == 5, \
f"Getting Min Password length for Profile {cps_prof_id} is " \
f"{cps_prof_result['MinimumAlphabeticCharacterCount']} instead of 5"
logger.info("Updated Minimum Alphabetic Character Count successfully")
assert cps_prof_result['MinimumNonAlphabeticCharacterCount'] == 3, \
f"Getting Min Password length for Profile {cps_prof_id} is " \
f"{cps_prof_result['MinimumNonAlphabeticCharacterCount']} instead of 3"
logger.info("Updated Minimum Alphabetic Character Count successfully")
update_result, update_success = ResourceManager.update_system(
core_session,
added_system_id,
sys_info[0],
sys_info[1],
sys_info[2],
passwordprofileid=cps_prof_id)
assert update_success, f"Failed to update system sue to {update_result}"
logger.info(f"Successfully update system {sys_info[0]}")
# Rotate Password
rotate_password_result, rotate_password_success = ResourceManager.rotate_password(
core_session, acc_result)
assert rotate_password_success, f"Failed to rotate password due to {rotate_password_result}"
logger.info("Rotate password successfully")
# Checkout Password
check_out_password_result, check_out_password_success = ResourceManager.check_out_password(
core_session, lifetime=1, accountid=acc_result)
assert check_out_password_success, f"Failed to checkout password due to {check_out_password_result}"
logger.info("Password checkout successfully")
# Getting password value after checkout
co_password_value = check_out_password_result['Password']
# Finding all non alpha characters after check out password
get_non_alpha_characters = re.findall('[^a-zA-Z]', co_password_value)
assert len(
get_non_alpha_characters
) >= 3, "Length of Minimum Alphabetic Character Count is less than 3"
logger.info(
"Minimum Non Alphabetic Character Count is greater than or equal to 3")
# Removing Password Profile from system so that profile can be deleted
update_result, update_success = ResourceManager.update_system(
core_session,
added_system_id,
sys_info[0],
sys_info[1],
sys_info[2],
passwordprofileid=None)
assert update_success, f"Failed to remove password profile from system {sys_info[0]}"
logger.info(
f"Successfully removed password profile from system {sys_info[0]}")
def test_modify_password_profile(core_session, create_basic_pass_profile):
"""
Test Case ID: C281492
Test Case: Modify Password Complex Profile
:param core_session: Authenticates API session.
:param create_basic_pass_profile: Creates a Password Profile
"""
profile = create_basic_pass_profile(core_session, 1)[0]
profile_name_cps = profile[0]['Name']
cps_prof_id = profile[0]['_RowKey']
cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id(
core_session, cps_prof_id)
assert cps_prof_success, f"Failed to create Profile due to {cps_prof_result}"
logger.info(f'System successfully updated with result: {cps_prof_result}')
update_cps_prof_success = ResourceManager.update_password_profile(
core_session,
cps_prof_id,
profile_name_cps,
13,
26,
one_lwr_case=False,
one_upp_case=False,
one_digit=False,
consecutive_chars=False,
one_special_char=False,
max_alphabetic_char=5,
min_alphabetic_char=5)
assert update_cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
logger.info(f'Profile {profile_name_cps} successfully updated')
cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id(
core_session, cps_prof_id)
assert cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user"
logger.info(f"Getting Password Profile successfully {cps_prof_id}")
assert cps_prof_result['MinimumPasswordLength'] == 13, \
f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens"
logger.info("Successfully updated minimum password length as 13")
assert cps_prof_result['MaximumPasswordLength'] == 26, \
f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens"
logger.info("Successfully updated minimum password length as 26")
assert cps_prof_result['AtLeastOneLowercase'] is False, \
f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens"
logger.info("Updated At Least One Lower Case successfully as False")
assert cps_prof_result['AtLeastOneUppercase'] is False, \
f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens"
logger.info("Updated At Least One Upper Case successfully as False")
assert cps_prof_result['AtLeastOneDigit'] is False, \
f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens"
logger.info("Updated At Least One Digit successfully as False")
assert cps_prof_result['ConsecutiveCharRepeatAllowed'] is False, \
f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens"
logger.info(
"Updated Consecutive Char Repeat Allowed successfully as False")
assert cps_prof_result['AtLeastOneSpecial'] is False, \
f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens"
logger.info("Updated At Least One Special Character successfully as False")
assert cps_prof_result['MinimumAlphabeticCharacterCount'] == 5, \
f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens"
logger.info(
"Updated Minimum Alphabetic Character Count successfully as False")
def test_not_apply_password_profile_global(core_session,
create_basic_pass_profile):
"""
Test case: C1647
:param core_session: Returns API session
:param core_admin_ui: Centrify admin Ui session
:param create_basic_pass_profile: Created a basic password complexity profile.
"""
unix_profile_id = None
profile_result, profile_success = ResourceManager.get_password_prof_for_target_types(
core_session, 'Unix')
assert profile_success, f'failed to get all profile for target unix type.'
for row in profile_result:
if row['Name'] == "Unix Profile":
unix_profile_id = row['_RowKey']
# Setting password profile mapping to default.
result, success = ResourceManager.update_global_pass_profile_mapping(
core_session, "Unix", unix_profile_id)
assert success, f"failed to update global password profile mapping {result}"
# Creating one password complexity profile
profile = create_basic_pass_profile(core_session, 1)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
logger.info(
f"Created password complex profile {profile_name_cps} with Id {cps_prof_id}"
)
# getting and updating global password profile default value to Unix Profile
result, success = ResourceManager.get_global_pass_profile_mapping(
core_session)
profile_name = []
for row in result:
if row['Name'] == "Unix Profile":
profile_name.append(row['_RowKey'])
profile_name.append(row['Name'])
result, success = ResourceManager.update_global_pass_profile_mapping(
core_session, "Unix", profile_name[0])
assert success, f"failed to update global password profile mapping {result}"
logger.info(f"Password complexity profile {profile_name_cps} not deleted")
update_profile = []
profile_result, profile_success = ResourceManager.get_password_prof_for_target_types(
core_session, 'Unix')
assert profile_success, f'failed to get all profile for target unix type.'
for row in profile_result:
if row['Name'] == profile_name_cps:
update_profile.append(row['_RowKey'])
# Setting password profile mapping to default.
result, success = ResourceManager.update_global_pass_profile_mapping(
core_session, "Unix", None)
assert success is False, f"failed to update global password profile mapping {result}"
# Getting the global password profile mapping profiles
result, success = ResourceManager.get_global_pass_profile_mapping(
core_session)
profile_names = []
for row in result:
if row['Name'] == "Unix Profile":
profile_names.append(row['_RowKey'])
profile_names.append(row['TargetType'])
# Getting the password profile by id
cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id(
core_session, profile_names[0])
assert cps_prof_result['ProfileType'] == profile_names[1], \
f"Global Password Profile not saved with Profile {profile_names[0]} with the result {cps_prof_result}"
logger.info(
f"Password profile created successfully with {cps_prof_result}")
