def test_system_default_management_port(core_session, network_device_setup,
core_admin_ui):
"""
TC: C2607 - System default management port
:param core_session: Authenticated Centrify session.
:param network_device_setup: Adds a network with account and returns UUID of both.
:param core_admin_ui: Authenticated Centrify browser session.
"""
system_id, account_id, device_data, system_list, account_list = network_device_setup(
'paloalto')
system_info = RedrockController.get_computer_with_ID(
core_session, system_id)
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(system_info['Name'])
ui.click_row(GridRowByGuid(system_id))
ui.tab('Settings')
ui.input("ManagementPort", "1")
ui.save()
ui.expect(TextField('ManagementPort'),
"Unable to locate management port input").clear()
ui.save()
management_port = RedrockController.get_computer_with_ID(
core_session, system_id)['ManagementPort']
assert management_port is None, "Management port value isn't 443 i.e. default."
logger.info(
f'Management port value retrieved via API is {management_port} i.e. placeholder 443 in UI.'
)
def test_add_managed_proxy_account(core_session, pas_windows_setup):
"""
:param core_session: Authenticated Centrify Session.
:param pas_windows_setup: Fixture for adding a system and an account associated with it.
TC: C2537 - Add system with managed account and Proxy account with WinRM https settings
trying to Add system with managed account and Proxy account with WinRM https settings
Steps:
Pre: Create system with 1 manage and proxy account
1. Try to fetch the management mode in setting page
-Assert Failure
2. Try to check out password from account
-Assert Failure
"""
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(True, True)
logger.info(f"System: {sys_info[0]} successfully added with UUID: {system_id} and account: {sys_info[4]} "
f"with UUID: {account_id} associated with it.")
managementmode = RedrockController.get_computer_with_ID(core_session, system_id)
assert managementmode['ManagementMode'] == "WinRMOverHttps", \
f"management mode is failed because of system doesnt have proxy account. API response result: {managementmode}"
logger.info(f"Fetch management mode successfully: {managementmode['ManagementMode']}")
password_checkout_result, password_checkout_success = ResourceManager.check_out_password(core_session, 1,
accountid=account_id)
assert password_checkout_result['Password'] is not user_password, \
f"password checkout Failed. API response result: {password_checkout_result}"
logger.info(f"password successfully checkout Account password: {password_checkout_result['COID']}")
def test_system_with_managed_account(core_session, setup_pas_system_for_unix):
"""
Test case : C279339
:param core_session: Centrify session manager
:param setup_pas_system_for_unix: fixture that provide created unix system data
"""
system_id, account_id, system_info = setup_pas_system_for_unix
system_rows = RedrockController.get_computer_with_ID(
core_session, system_id)
assert system_rows['Name'] == system_info[
0], f"failed to find system {system_info[0]} in portal as returned system result is {system_rows}"
logger.info(f"system found {system_rows}")
account, status = ResourceManager.get_accounts_from_resource(
core_session, system_id)
assert status, f"failed to find accounts in system {system_info[0]} as returned account result is {account}"
logger.info(f"Account found {account}")
# Fetching account information to validate desired account is unmanaged
result, status = ResourceManager.get_account_information(
core_session, account_id)
assert status, f"failed to retrieve account information, returned result is {result}"
is_managed = result['VaultAccount']['Row']['IsManaged']
assert is_managed is False, f"Added account is not managed account"
def test_import_system_and_health_check(core_session, pas_windows_setup):
"""
C1554 : Import system and check health
:param core_session: Authenticated Centrify Session.
:param pas_windows_setup:
"""
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup()
system_details = RedrockController.get_computer_with_ID(core_session, system_id)
system_counter = 1
while system_counter < 60:
if system_details['HealthStatus'] == 'OK' and system_details['LastHealthCheck']:
break
system_counter += 1
ResourceManager.get_date(system_details['LastHealthCheck'])
assert system_details['HealthStatus'] == 'OK', "System not reachable because connector is not up."
logger.info(f"System is reachable successfully: {system_details}")
account_counter = 1
account_details = None
while account_counter < 60:
account_details = ResourceManager.get_account_information(core_session, account_id)
if account_details[0]['VaultAccount']['Row']['Healthy'] == 'OK' and \
account_details[0]['VaultAccount']['Row']['LastHealthCheck']:
break
account_counter += 1
ResourceManager.get_date(account_details[0]['VaultAccount']['Row']['LastHealthCheck'])
assert account_details[0]['VaultAccount']['Row']['Healthy'] == 'OK', \
"System not reachable because connector is not up."
logger.info(f"Account is reachable successfully: {account_details}")
def test_add_system_account_with_win_rm(core_session, pas_windows_setup):
"""C2536 Add system with managed account with WinRM http setting
validate the added Account with win rm and check out password after 5 minutes"""
# Getting system details.
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(
True)
# Verifying Default management mode should be 'RpcOverTcp'
system_rows = RedrockController.get_computer_with_ID(
core_session, system_id)
assert system_rows[
'ManagementMode'] == 'RpcOverTcp', "Default Management mode is not RpcOverTcp"
logger.info("Default Management mode is RPC Over TCP")
# Checkout Password
checkout_password_result, checkout_password_success = ResourceManager. \
check_out_password(core_session,
lifetime=1,
accountid=account_id)
assert checkout_password_success, f"Failed to checkout password due to {checkout_password_result}"
logger.info("Password checkout successfully")
assert checkout_password_result[
'Password'] != user_password, "Password is same after adding managed account"
logger.info("Password updated after adding managed account")
success, response = ResourceManager.update_system(
core_session,
system_id,
sys_info[0],
sys_info[1],
'Windows',
proxycollectionlist=connector_id,
chooseConnector="on",
managementmode="WinRMOverHttp")
assert success, "Failed to update system"
logger.info(f"Successfully updated system '{sys_info[0]}'")
# Adding account in portal.
acc_result, acc_success = ResourceManager.add_account(
core_session,
sys_info[6],
password=user_password,
host=system_id,
ismanaged=True)
assert acc_success, f"Failed to add account in the portal: {acc_result}"
logger.info(f"Successfully added account {sys_info[6]} in the portal")
# Checkout Password after changing management mode to WinRMOverHttp
checkout_password_winrm, checkout_password_success = ResourceManager. \
check_out_password(core_session,
lifetime=1,
accountid=acc_result)
assert checkout_password_success, f"Failed to checkout password due to {checkout_password_winrm}"
logger.info("Password checkout successfully")
assert checkout_password_winrm[
'Password'] != user_password, "Password is same after adding managed account"
logger.info("Password updated after adding managed account")
def test_delete_administrative_account(core_session, network_device_setup):
"""
TC: C2623 - Delete administrative account
:param core_session: Authenticated Centrify session.
:param network_device_setup: Adds a network with account and returns UUID of both.
"""
system_id, account_id, device_data, system_list, account_list = network_device_setup(
'checkpoint')
system_info = RedrockController.get_computer_with_ID(
core_session, system_id)
# setting up Admin account for system
result, success, message = ResourceManager.set_system_administrative_account(
core_session, system_id, account_id)
assert success, f"Failed to update Administrative account for system {system_info['Name']}"
logger.info(
f"Successfully added an administrative account for system {system_info['Name']}"
)
# deleting administrative account
del_result, del_success = ResourceManager.del_account(
core_session, account_id)
assert del_success is False, f"Admin account deleted successfully, unexpected behaviour as Admin account " \
f"should not be deleted. API response result: {del_success}"
logger.info(
f'Admin account could not be deleted as expected, API response result: {del_success}'
)
# finding all systems for cleanup:
acc_script = "@/lib/server/get_accounts.js(mode:'AllAccounts', newcode:true, localOnly:true, colmemberfilter:" \
"'Select ID from VaultAccount WHERE Host IS NOT NULL')"
acc = RedrockController.redrock_query(core_session, acc_script)
for account in acc:
if account['Row']['FQDN'] == "Check.Point":
# Removing Admin Account for successful cleanup of system and account
result, success, message = ResourceManager.set_administrative_account(
core_session, systems=[account['Row']['Host']])
assert success, f"Failed to update Administrative account for system {account['Row']['Name']}"
# Removing Admin Account for successful cleanup of system and account
ResourceManager.update_system(
core_session,
account['Row']['Host'],
account['Row']['Name'],
account['Row']['FQDN'],
'CheckPointGaia',
sessiontype=account['Row']['SessionType'])
# deleting administrative account from this system
ResourceManager.del_account(core_session, account['Row']['ID'])
# Removing Admin Account for successful cleanup of system and account
result, success, message = ResourceManager.set_administrative_account(
core_session, systems=[account['Row']['Host']])
assert success, f"Failed to update Administrative account for system {account['Row']['Name']}"
def test_add_system_with_hostname_without_account(core_session, add_single_system):
"""
Test case : C279338
:param core_session: Centrify session manager
:param add_single_system: add system and provide it's ID and system basic information
:return:
"""
system_id, system_info = add_single_system
system_rows = RedrockController.get_computer_with_ID(core_session, system_id)
assert system_rows['Name'] == system_info[0], f"failed to find system {system_info[0]} in portal, returned row is {system_rows} "
logger.info(f"system found {system_rows}")
def test_system_health_check(core_session, pas_windows_setup):
"""
C1553 : Add System
:param core_session: Authenticated Centrify Session.
:param pas_windows_setup: Creates system with account
"""
sys_info = pas_windows_setup()
system_details = RedrockController.get_computer_with_ID(core_session, sys_info[0])
ResourceManager.get_date(system_details['LastHealthCheck'])
assert system_details['HealthStatus'] == 'OK', "Remote System is not reachable either system is down or system " \
"could not configured properly. "
logger.info(f"System is reachable successfully: {system_details}")
def test_linux_system_health_check(core_session, setup_pas_system_for_unix):
"""
C1556 : Linux system health check
:param core_session: Authenticated Centrify Session.
:param setup_pas_system_for_unix: create one system and return details associated to it.
"""
system_info = setup_pas_system_for_unix
system_details = RedrockController.get_computer_with_ID(
core_session, system_info[0])
ResourceManager.get_date(system_details['LastHealthCheck'])
assert system_details['HealthStatus'] == 'OK', "Remote System is not reachable either system is down or system " \
"could not configured properly. "
logger.info(f"Remote System is reachable successfully: {system_details}")
def test_add_account_without_configuration_proxy_account(
core_session, pas_config):
"""
TC:C2212 Add account without configuration proxy account.
:param core_session: Returns a API session.
:param pas_config: Read yaml data.
"""
# Adding a system without proxy.
payload_data = pas_config['Windows_infrastructure_data']
system_name = f'{payload_data["system_name"]}{guid()}'
added_system_id, system_success_status = ResourceManager.add_system(
core_session, system_name, payload_data['FQDN'],
payload_data['system_class'], payload_data['session_type'],
payload_data['description'])
assert system_success_status, f'Adding system failed returned status {system_success_status}'
logger.info(f'Successfully created system:{added_system_id}')
# Validating that no proxy account has added to the system.
system_details = RedrockController.get_computer_with_ID(
core_session, added_system_id)
assert system_details['ProxyUser'] is None, \
f'Expect proxy account none in computer info but found one: {system_details} '
logger.info(
"Successfully do not found 'Use proxy account' in on pop-up box.")
def test_save_changes_clicking_other_tab(core_session, setup_pas_system_for_unix, core_admin_ui):
"""
TC:C2186 Save the changes after clicking other tabs.
:param core_ui: Return a browser session.
:param core_session: Return API session.
:param: pas_setup: Returning a fixture.
"""
# Adding a system with account.
created_system_id, created_account_id, sys_info = setup_pas_system_for_unix
system_name = sys_info[0]
# Launch UI.
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(system_name)
ui.click_row(GridRowByGuid(created_system_id))
ui.tab('Settings')
modified_system_name = f'UnixServer{guid()}'
ui.input('Name', modified_system_name)
ui.save()
# Validating that system name is modified.
system_rows = RedrockController.get_computer_with_ID(core_session, created_system_id)
assert system_rows['Name'] == modified_system_name, f'Failed to modify system name:{system_rows}'
logger.info('Successfully modified system name.')
def test_update_manage_account_win_rm(pas_config, winrm_engine, core_session,
remote_users_qty1, cleanup_accounts,
test_proxy, cleanup_resources):
"""
:param pas_config: to get the data from yaml files.
:param remote_users_qty1: to create a manage account in windows system
:param cleanup_resources: cleanup the system from portal
:param cleanup_accounts: cleanup the accounts from portal
:param winrm_engine: session to update manage account
:param core_session: Authenticated Centrify Session.
TC: C2551 - Update managed account password with winRM https configured
trying to Update managed account password with winRM https configured
Steps:
Pre: Create system with 1 proxy and manage account hand
1. Try to update invalid password for manage account
-Assert Failure
"""
sys_details = pas_config
system_data_values = sys_details['Windows_infrastructure_data']
add_user_in_target_system = remote_users_qty1
password = "******"
# set a different password for the user
update_user_password(winrm_engine, add_user_in_target_system[0], password)
system_list = cleanup_resources[0]
accounts_list = cleanup_accounts[0]
# Getting system details.
sys_name = f'{"Win-2012"}{guid()}'
# Adding system.
add_sys_result, add_sys_success = ResourceManager.add_system(
core_session, sys_name, system_data_values['FQDN'], 'Windows', "Rdp")
assert add_sys_success, f"failed to add system:API response result:{add_sys_result}"
logger.info(f"Successfully added system:{add_sys_result}")
system_list.append(add_sys_result)
# Update system with management mode 'WinRMOverHttp'.
update_sys_success, update_sys_result = ResourceManager.update_system(
core_session,
add_sys_result,
sys_name,
system_data_values['FQDN'],
'Windows',
managementmode='WinRMOverHttps')
assert update_sys_success, f'Fail to update the system:API response result: {update_sys_result}'
logger.info(f"Successfully update the system:{update_sys_result}")
# Adding account in portal.
acc_result, acc_success = ResourceManager.add_account(
core_session,
add_user_in_target_system[0],
password=password,
host=add_sys_result,
ismanaged=True)
assert acc_success, f"Failed to add account in the portal: {acc_result}"
logger.info(
f"Successfully added account {add_user_in_target_system[0]} in the portal"
)
accounts_list.append(acc_result)
managementMode = RedrockController.get_computer_with_ID(
core_session, add_sys_result)
assert managementMode['ManagementMode'] == "WinRMOverHttps", \
f"management mode is failed because of system doesnt have proxy account. API response result: {managementMode}"
logger.info(
f"Fetch management mode successfully: {managementMode['ManagementMode']}"
)
Result, success = ResourceManager.update_password(core_session, acc_result,
guid())
assert success is False, f"Did not update password {Result}"
logger.info(f"user not able to update password API response: {Result}")
