def test_trigger_no_systems_discovered_state(core_ui, pas_ad_discovery_config):
"""
C3187 : Trigger "No Systems Discovered" state.
:param core_session: Authenticated Centrify Session
:param core_ui: Authenticated Centrify Browser Session
"""
config_data = pas_ad_discovery_config
test_data = copy.deepcopy(config_data)
domain_name = test_data['domains'][0]['Name']
organizational_unit = test_data['ad_profile_data'][0]['organization_unit'][0]
ui = core_ui
ui.user_menu('Getting Started')
ui.step('Next')
if ui.check_exists(Span("Centrify Connector")):
ui.step('Next')
expand_domain = ui.expect(TreeExpander(domain_name), "Expand tree option not available for mentioned Domain")
expand_domain.try_click()
ui.expect(select_radio_button(organizational_unit), "Not able to select Organizational Unit").try_click()
ui.step('Next')
assert ui.check_exists(Div("No Systems Discovered")), f"System Discovered in selected Organizational Unit"
assert ui.check_exists(Div("We did not discover any systems within")), f"Failed to open 'We did not discover any " \
f"systems within the selected domain...' " \
f"page "
assert ui.check_exists(Button("Choose Domain")), f"'Choose Domain' button not exist on modal page"
assert ui.check_exists(Button("Next")), f"'Next' button not exist on modal page"
assert ui.check_exists(Button("Cancel")), f"'Cancel' button not exist on modal page"
def test_delete_used_profile(core_session, core_admin_ui, pas_setup,
create_basic_pass_profile):
"""
Test case: C1657
:param core_admin_ui: Centrify admin Ui session
:param pas_setup: Creates System and Account
:param create_basic_pass_profile: Created a basic password complexity profile.
"""
System_id, account_id, sys_info = pas_setup
system_name = sys_info[0]
FQDN = sys_info[1]
computer_class = sys_info[2]
# Creating a basic password profile
profile = create_basic_pass_profile(core_session, 1)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
# updating system to add created password profile
result, success = ResourceManager.update_system(
core_session,
System_id,
system_name,
FQDN,
computer_class,
passwordprofileid=cps_prof_id)
assert success, f'Failed to update system {result}'
logger.info(f'System successfully updated with result: {result}')
ui = core_admin_ui
ui.navigate("Settings", "Resources", "Password Profiles")
ui.search(profile_name_cps)
# Deleting the password profile which is assigned to a system.
ui.right_click_action(GridCell(profile_name_cps, data_content=True),
'Delete')
ui.expect(
Div('You are about to delete 1 Password Generation Profile. Are you sure you want to continue?'
), "Delete warning popup appears")
logger.info("Delete warning popup appears.")
ui.switch_context(ConfirmModal())
ui.close_modal(button_text='Yes')
ui.expect(
Div(f"The password profile cannot be deleted because it is being used by System '{system_name}'."
), "Profile delete error popup")
logger.info(f"Password complexity profile {profile_name_cps} not deleted")
# Removing password profile from the system for the clean up/deleting password profile.
result, success = ResourceManager.update_system(core_session, System_id,
system_name, FQDN,
computer_class)
assert success, f'Failed to update system {result}'
logger.info(
"Removed the profile assigned to system to clean up/delete the profile."
)
def test_delete_multiple_used_profile(core_session, core_admin_ui,
create_resources,
create_basic_pass_profile):
"""
Test case: C1659
:param core_session: Returns API session
:param core_admin_ui: Centrify admin Ui session
:param create_resources: Creates System and Account
:param create_basic_pass_profile: Created a basic password complexity profile.
"""
# Creating one password complexity profile
profile = create_basic_pass_profile(core_session, 1)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
systems_info = []
# Creating two windows systems
resources = create_resources(core_session, 2, "Windows")
for res in resources:
systems_info.append(res['ID'])
systems_info.append(res['Name'])
# Updating windows system with password complexity profile.
result, success = ResourceManager.update_system(
core_session,
res['ID'],
res['Name'],
res['FQDN'],
res['ComputerClass'],
passwordprofileid=cps_prof_id)
assert success, f'Failed to update system {result}'
logger.info(f'System successfully updated with result: {result}')
ui = core_admin_ui
ui.navigate("Settings", "Resources", "Password Profiles")
ui.search(profile_name_cps)
# Deleting the password profile which is assigned to a system.
ui.right_click_action(GridCell(profile_name_cps, data_content=True),
'Delete')
ui.expect(
Div('You are about to delete 1 Password Generation Profile. Are you sure you want to continue?'
), "Delete warning popup appears")
logger.info("Delete warning popup appears.")
ui.switch_context(ConfirmModal())
ui.close_modal(button_text='Yes')
# Delete warning message appears
ui.expect(
Div(f"The password profile cannot be deleted because it is being used by System 'automation_test_system"
), "Profile delete error popup")
logger.info(f"Password complexity profile {profile_name_cps} not deleted")
def test_unsaved_global_profile_mapping(core_session, core_admin_ui,
create_basic_pass_profile):
""" Test case: C1660
:param core_session: Creates core session
:param core_admin_ui: Creates random user and login in browser.
:param create_basic_pass_profile: Created a basic password complexity profile.
"""
profile = create_basic_pass_profile(core_session, 1)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
# Getting the global password profile mapping profiles
result, success = ResourceManager.get_global_pass_profile_mapping(
core_session)
profile_name = []
for row in result:
if row['TargetTypeDisplayName'] == "Unix System":
profile_name.append(row['Name'])
# UI navigating to Security Settings and updating the 'Unix' Type global password profile.
ui = core_admin_ui
ui.navigate("Settings", "Resources", "Security", "Security Settings")
ui.expect(GridCell(profile_name[0]),
"Unix type password profile not editable.").try_click(
Div("Security Settings"))
ui.switch_context(ActiveMainContentArea())
ui.select_option('Name', profile_name_cps)
ui.switch_context(ConfirmModal())
ui.button('Continue')
ui.expect(Span("Password Profiles"),
"Clicking Password Profiles").try_click(Div("Security Settings"))
assert ui.check_exists(Div('Unsaved Changes')), "Fail, as 'Confirmation Modal' i.e. 'Unsaved Changes dialog' " \
"didn't pop up even after clicking another tab."
logger.info(
"'Unsaved Changes dialog' popped up after clicking another tab without saving the new profile"
)
# Clicking 'Yes' button on 'Unsaved Changes' dialog box and expecting new profile to be saved.
ui.switch_context(ConfirmModal())
ui.close_modal("Yes")
# Getting all the global password profile mappings.
result, success = ResourceManager.get_global_pass_profile_mapping(
core_session)
for res in result:
if res['Name'] == profile_name_cps:
assert res[
'TargetType'] == 'Unix', f"Failed to update profile with id {cps_prof_id} Unix Type {result}"
logger.info("Updated the new profile to the 'Unix' Type")
def test_check_description_allow_access(core_admin_ui, add_single_system):
"""
Test Case ID: C2094
Test Case Description: Check description for Allow access from a public network
:param core_admin_ui: Authenticates Centrify Ui session
:param add_single_system: Creates a single system
"""
system_id, system_info = add_single_system
system_name = system_info[0]
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(system_name)
ui.click_row(GridRowByGuid(system_id))
ui.tab('Policy')
allow_access_description = "Allow access from a public network (web client only)"
# Checking the 'allow_access_description' is present in Label tag
assert ui.check_exists(
Label(allow_access_description
)), f'Text: {allow_access_description} is not present in page.'
logger.info(f'Text: {allow_access_description} is present in page.')
system_policy_tooltip = ui.expect(HoverToolTip(allow_access_description),
expectation_message='Expected to find '
'System Policy Tooltip'
' but it did not')
system_policy_tooltip.mouse_hover()
expected_text = 'Specifies whether remote connections are allowed from a public network for a selected system.'
# Checking the 'expected_text' is present in Div tag
ui.expect(Div(expected_text),
expectation_message=
f'expected to find Text: {expected_text}, but it did not.')
logger.info(f'Expected Text: {expected_text} is present inside tooltip.')
def test_system_action_button(pas_windows_setup, core_admin_ui):
"""
TC:C2161 Check system's Actions button.
:param core_admin_ui: Return a browser session.
:param pas_windows_setup: Returns a fixture.
:param core_session: Returns a API session.
"""
# Creating a system and account.
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(
)
# UI Launch.
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(sys_info[0])
ui.check_row_by_guid(system_id)
ui.expect(GridRowCheckboxByGuid(system_id, checked=True),
f'Expect to find system is checked but could not.')
logger.info(f'System checkbox {sys_info[0]} is checked.')
assert ui.button_exists("Actions"), "Action' is enabled and visible."
logger.info(f"'Action' button is enabled on UI.")
# Switching to other page and returning back to system page.
ui.navigate('Resources', 'Accounts')
ui.switch_context(PageTitle('Accounts'))
ui.navigate('Resources', 'Systems')
ui.expect(GridRowCheckboxByGuid(system_id, checked=False),
f'Expect to find system is unchecked but could not.')
logger.info(f'System checkbox {sys_info[0]} is unchecked ')
assert ui.check_exists(
Div('Actions')) is False, 'Actions is enabled and visible.'
logger.info('Actions is disabled on UI.')
def test_create_existing_password_complexity_profile(
core_session, core_admin_ui, create_basic_pass_profile):
"""
Test case: C1652
:param core_session: Centrify session
:param core_admin_ui: Creates random user and login in browser.
:param create_basic_pass_profile: Created a basic password complexity profile.
"""
ui = core_admin_ui
ui.navigate("Settings", "Resources", "Password Profiles")
profile = create_basic_pass_profile(core_session, 1, 8)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
ui = core_admin_ui
ui.navigate("Settings", "Resources", "Password Profiles")
ui.launch_modal("Add", modal_title="Password Complexity Profile")
profile_description = " AddNewProfile_Test"
ui.input("Name", profile_name_cps)
ui.input("Description", profile_description)
ui.input("MinimumPasswordLength", 12)
ui.input("MaximumPasswordLength", 24)
ui.check("ConsecutiveCharRepeatAllowed")
ui.check("undefined")
ui.input("MaximumCharOccurrenceCount", 3)
ui.check("undefined")
ui.check("undefined")
ui.input("MinimumAlphabeticCharacterCount", 2)
ui.input("MinimumNonAlphabeticCharacterCount", 2)
ui.button("Save")
ui.expect(Div("already exists."), "Profile is already exists")
logger.info(
f"Password complexity profile {profile_name_cps} with id {cps_prof_id} already exists"
)
def test_only_support_select_statement_when_create_report_using_sql_script(
core_session, create_report, core_admin_ui):
"""
TCID: C6368 Cannot create report using other sql statement (delete/update/create...) except "select"
:param core_session: Centrify Session
:param create_report: To Create the report
:param core_admin_ui: To open the browser
"""
my_report = create_report(core_session, "Select * From Role")
core_admin_ui.navigate("Reports")
core_admin_ui.check_row(my_report['Name'])
core_admin_ui.action("Modify")
core_admin_ui.clear_codemirror()
core_admin_ui.write_to_codemirror("Delete role")
core_admin_ui.expect(Anchor(button_text="Save"),
f'Failed to get the save button').try_click()
core_admin_ui._waitUntilSettled()
core_admin_ui.expect(ErrorModal(), f'Failed to get the error modal')
core_admin_ui.switch_context(Modal())
core_admin_ui.expect(
Div("Query has failed:"),
f'Failed to get expected error "Query has failed:xxx"')
logger.info(
f'It supports ONLY the "SELECT" SQL statement, and complies to the syntax that SQLite supports.'
f' Please refer to http://www.sqlite.org/lang_select.html for the details.'
)
def test_update_system_settings(core_session, pas_windows_setup, core_admin_ui):
"""
TC:C2166 Update system Settings.
:param core_session: Returns a API session.
:param pas_windows_setup: Returns a fixture.
:param core_admin_ui: Return a browser session.
"""
# Creating a system and account.
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup()
# Launch UI.
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(sys_info[0])
ui.click_row(GridRowByGuid(system_id))
ui.tab('Settings')
# Updating the system with new system name and validating that "Accounts" page shows normally.
new_system_name = f'test_system{guid()}'
ui.input('Name', new_system_name)
ui.save()
ui.tab('Policy')
ui.tab('Accounts')
ui.expect(Div('Accounts'), 'Expect to find the title "Accounts" in the Account Page but could not.')
logger.info('Successfully find the title "Accounts" in the Account Page.')
assert ui.button_exists("Add", time_to_wait=3), "Add button is not Enabled."
logger.info('Successfully find "Add button" is enabled and visible.')
ui.expect(GridRowByGuid(account_id), f"Expect to find account {sys_info[4]} in the Accounts page but "
f"could not.")
logger.info(f'Successfully find account {sys_info[4]} in the Accounts page.')
def test_cancel_update_password(core_session, pas_windows_setup,
core_admin_ui):
"""
TC:C2203 Cancel to update password
:param core_admin_ui: Return a browser session.
:param core_session: Return API session.
:param:pas_windows_setup: Returning a fixture.
"""
# Creating a system and account.
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(
)
# UI Launch.
ui = core_admin_ui
ui.navigate('Resources', 'Accounts')
ui.search(sys_info[0])
ui.right_click_action(GridRow(sys_info[0]), "Update Password")
ui.switch_context(Modal())
update_password = f'{"test1@"}{guid()}'
ui.input("Password", update_password)
ui.button('Cancel')
result = ui.check_exists(Div('An unknown error occurred'))
assert result is False, f'Error message popups appears.'
logger.info("Successfully cancel without pop error message")
def test_check_save_advanced_without_set_value(core_session, core_admin_ui):
"""
C1578 : Check save advanced without set value
:param core_session: Authenticated Centrify Session.
:param core_admin_ui: Authenticated Centrify Browser Session.
:return:
"""
# Navigating to Advanced tab
domain_details = ResourceManager.get_domains(core_session)
core_admin_ui.navigate('Resources', 'Domains')
core_admin_ui.click_row(GridRow(domain_details[0][0]['DomainName']))
core_admin_ui.tab('Advanced')
logger.info("Navigated to Resource -> Domain -> Advanced tab")
expected_alert_message = "Please correct the errors in your form before submitting."
core_admin_ui.select_option("AllowPasswordRotation", "Yes")
logger.info("Changed 'Enable periodic password rotation' field to Yes")
core_admin_ui.button('Save')
core_admin_ui.switch_context(WarningModal())
assert core_admin_ui.check_exists((Div(expected_alert_message))), f"pop up warning message for periodic password " \
f"rotation is not " \
f"same as : {expected_alert_message}"
logger.info(
"Correct pop up warning message displayed for Periodic Password Rotation. "
)
core_admin_ui.close_modal('Close')
core_admin_ui.select_option("AllowPasswordRotation", "--")
logger.info("Changed 'Enable periodic password rotation' field to default")
core_admin_ui.tab('Accounts')
core_admin_ui.tab('Advanced')
core_admin_ui.select_option("AllowPasswordHistoryCleanUp", "Yes")
logger.info(
"Changed 'Enable periodic password history cleanup' field to Yes")
core_admin_ui.button('Save')
expected_alert_message = "Please correct the errors in your form before submitting."
core_admin_ui.switch_context(WarningModal())
assert core_admin_ui.check_exists((Div(expected_alert_message))), \
f"Pop up warning message for periodic password history cleanup is not same as : {expected_alert_message}"
logger.info(
"Correct pop up warning message displayed for Periodic Password History Cleanup. "
)
core_admin_ui.close_modal('Close')
def test_enable_workflow_without_approve(core_session, pas_windows_setup,
core_admin_ui):
"""
TC:C2192 Enable workflow without approver.
:param core_session: Returns a API session.
:param pas_windows_setup: Returns a fixture.
:param core_admin_ui: Return a browser session.
"""
# Creating a system and account.
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(
)
# Launch UI.
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(sys_info[0])
ui.click_row(GridRowByGuid(system_id))
ui.click_row(GridRowByGuid(account_id))
ui.tab('Workflow')
ui.select_option('WorkflowEnabled', 'Yes')
ui.switch_context(ActiveMainContentArea())
ui.expect(TreeFolder('Permissions'),
'Expect to permission tab but failed to find it.').try_click(
Modal())
ui.switch_context(WarningModal())
warning_message = "Please correct the errors before leaving the page."
ui.check_exists(Div(warning_message))
logger.info(
'Successfully found warning modal when try to navigate to another page.'
)
ui.close_modal('Close')
ui.switch_context(RenderedTab('Workflow'))
ui.button('Save')
ui.switch_context(WarningModal())
save_warning_message = "Please correct the errors in your form before submitting."
ui.check_exists(Div(save_warning_message))
logger.info(
'Successfully found warning modal containing "Please correct the errors in your form before '
'submitting".')
def test_ui_check_job_details_page(core_session, core_admin_ui, list_of_created_systems):
"""
Test case: C1674
:param core_session: Returns API session
:param core_admin_ui: Centrify admin Ui session
:param list_of_created_systems: returns the empty systems list.
"""
account_name_prefix = f'account_test{guid()}'
# adding multiple systems with accounts
result = ResourceManager.add_multiple_systems_with_accounts(core_session, 1, 1, list_of_created_systems,
user_prefix=account_name_prefix)
# arranging the results in the lists
all_systems, all_accounts = DataManipulation.aggregate_lists_in_dict_values([result])
# Deleting systems for creating bulk delete scheduled report
result_acc, success_acc = ResourceManager.del_multiple_accounts(core_session, all_accounts)
assert success_acc, f"Api did not complete successfully for bulk account delete MSG:{result_acc}"
# Deleting accounts for creating bulk delete scheduled report
result, success = ResourceManager.del_multiple_systems(core_session, all_systems)
assert success, f'Delete systems job failed when expected success'
logger.info(f"Delete systems job executed successfully {result}")
# Going to password storage page and click on migration job status link.
ui = core_admin_ui
ui.navigate("Settings", "Resources", "Password Storage", check_rendered_tab=False)
ui.expect(Anchor("View Migration Job Status and Reports "), "Clicking migration job status").try_click(
Span(text="Type"))
ui.switch_to_newest_tab()
ui._waitUntilSettled()
ui.click_row(GridRowByGuid(result))
ui.expect(Span("Details"), "Clicking migration job status").try_click(Div("Job Details"))
ui.expect_value(Div(result), value=None, expected_value=result,
wrong_value_message="expected id value is not matched in the report",
text=True)
logger.info("Id value in the Job description appeared correctly")
def test_adding_default_profile_name(core_admin_ui):
"""
Test case: C1653
:param core_admin_ui: Centrify admin Ui session
"""
ui = core_admin_ui
ui.navigate("Settings", "Resources", "Password Profiles")
ui.launch_modal("Add", modal_title="Password Complexity Profile")
ui.input("Name", "--")
ui.button("Save")
ui.expect(Div("Invalid arguments passed to the server."),
"Profile throws error with invalid arguments.")
logger.info(
"Invalid arguments passed to the server error message appeared with default profile name '--'"
)
def test_ui_check_bulk_delete_account_scheduled(core_session, core_admin_ui,
list_of_created_systems):
"""
Test case: C3088
:param core_session: Returns API session
:param core_admin_ui: Centrify admin Ui session
:param list_of_created_systems: creating a empty list of created systems.
"""
account_name_prefix = f'account_test{guid()}'
# adding multiple systems with accounts
result = ResourceManager.add_multiple_systems_with_accounts(
core_session,
1,
2,
list_of_created_systems,
user_prefix=account_name_prefix)
# arranging the results in the lists
all_systems, all_accounts = DataManipulation.aggregate_lists_in_dict_values(
[result])
ui = core_admin_ui
ui.navigate('Resources', 'Accounts')
account_names = []
for account in all_accounts:
# getting the account information
query_result, query_success = ResourceManager.get_account_information(
core_session, account)
account_names.append(query_result['VaultAccount']['Row']['User'])
ui.search(account_name_prefix)
ui.action('Delete accounts', account_names)
ui.switch_context(Modal('Bulk Account Delete'))
ui.uncheck("SaveSecret")
ui.button('Delete')
ui.switch_context(ConfirmModal())
ui.button('Yes')
ui.switch_context(InfoModal())
ui.expect(
Div("A delete operation has been scheduled. You will receive an e-mail when the operation has been completed."
), "Expecting a info popup for delete schedule")
logger.info("Popup with delete operation has been scheduled appeared")
ui.button('Close')
result, success = ResourceManager.del_multiple_systems(
core_session, all_systems)
assert success is True, 'Delete systems job failed when expected success'
logger.info(f"Delete systems job executed successfully {result}")
def test_cannot_edit_reports_permissions_under_my_reports(core_session, create_report,
core_admin_ui, cleanup_reports):
"""
TCID: C6337 Cannot edit report's permissions under My reports
:param core_session: Centrify Authentication session
:param create_report: To create a report
:param core_admin_ui: To open the browser
:param cleanup_reports: To clean the shared report
"""
my_report = create_report(core_session, "Select Name From Server")
report_name = my_report['Name']
logger.info(f'Successfully created reports:{my_report}')
ui = core_admin_ui
ui.navigate("Reports")
ui.check_actions(["Copy", "Move", "Delete",
"Modify", "Export Report", "Email Report"], report_name)
ui.navigate("Reports")
ui.action("Modify", report_name)
ui.tab("Permissions")
expected_msg = "The current report must be moved out of the home " \
"directory before permissions can be set for other users and roles."
ui.expect(Div(expected_msg), f'Failed to get the expected message:{expected_msg}')
logger.info(f'Expectation message is:{expected_msg}')
ui.expect(DisabledButton("Add"), f'Add button is enable and can edit the permission')
ui.navigate("Reports")
ui.action("Copy", report_name)
copy_modal = f'Copy : Copy {report_name}'
ui.switch_context(Modal(copy_modal))
ui.expect(Button("Save File"), f"Expected to see a Save File button but could not")
# Down method is used select the Shared Reports folder
ui.down()
ui.close_modal("Save File")
ui.navigate("Reports")
ui.expect_disappear(LoadingMask(), f'Report page did not load properly')
ui.expect(TreeFolder("Shared Reports"), f'Expected to see the Shared Reports but could not')
shared_reports_button = ui._searchAndExpect(TreeFolder("Shared Reports"),
f'Expected find shared Folder but could not')
shared_reports_button.try_click()
logger.info(f'Successfully copy report to shared reports folder "Copy {report_name}"')
ui.action("Modify", "Copy " + report_name)
ui.tab("Permissions")
ui.expect(Button("Add"), f'Add button is disable, Report permissions can not be edited under "Shared Reports" folder')
reports = Reports(core_session, f"Copy {report_name}.report")
found_report = reports.get_report_by_name(core_session, f"Copy {report_name}.report", dir="/Reports/")
cleanup_reports.append(found_report['Path'])
def test_system_password_rotation(core_session, pas_setup, core_admin_ui):
"""
Test Case ID: C1671
:param core_session: Returns API session
:param pas_setup: Creates System and Account
:param core_admin_ui: Authenticates Centrify UI session
"""
# Creating windows system.
system_id, account_id, sys_info = pas_setup
system_name = sys_info[0]
# Navigating to System and enabling the "All Password Rotation" option with valid and invalid values.
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(system_name)
ui.click_row(GridRowByGuid(system_id))
ui.tab('Advanced')
ui.switch_context(RenderedTab("Advanced"))
ui.select_option("AllowPasswordRotation", "Yes")
expected_password_rotation_duration = 1
ui.input("PasswordRotateDuration", expected_password_rotation_duration)
ui.expect(Button("Save"), "Save button should enabled")
logger.info("Save button enabled")
ui.save()
logger.info("Valid value 1 is accepted and saved successfully")
# Checking the value is saved and reflected with the system's settings.
system_list = RedrockController.get_computers(core_session)
discovered_system = []
for system in system_list:
if system['Name'] == sys_info[0]:
discovered_system.append(system['ID'])
discovered_system.append(system['PasswordRotateDuration'])
actual_password_rotation_duration = discovered_system[1]
assert expected_password_rotation_duration == actual_password_rotation_duration, f"password rotation duration count {expected_password_rotation_duration} not matched with actual count {actual_password_rotation_duration}"
logger.info(
f"Password rotation duration of the system {system_name} with id {system_id} saved with count {actual_password_rotation_duration} ")
# Changing the value of password rotation duration with invalid value 0.
ui.tab('Advanced')
ui.switch_context(RenderedTab("Advanced"))
ui.select_option("AllowPasswordRotation", "Yes")
ui.input("PasswordRotateDuration", 0)
ui.save()
ui.switch_context(ErrorModal())
ui.expect(Div("Please correct the errors in your form before submitting."), " Error pop up should appear")
logger.info("Invalid value 0 is not accepted and thrown error popup successfully")
def test_check_accounts_checkout_lifetime_description(core_admin_ui,
add_single_system):
"""
C2099 : Check the account's checkout lifetime's description
:param core_admin_ui:
:param add_single_system:
"""
ui = core_admin_ui
added_system_id, sys_info = add_single_system
ui.navigate('Resources', 'Systems')
ui.search(sys_info[0])
ui.click_row(GridRowByGuid(added_system_id))
# Navigate Policy page
ui.tab('Policy')
ui.mouse_hover_element(HoverToolTip("Checkout lifetime"))
assert ui.check_exists(Div("Specifies the number of minutes")), f"Could not be able to find the tool tip value " \
f"Checkout lifetime"
def test_add_invalid_domain_with_verification(core_admin_ui):
"""
TC:C2202 Add invalid domain with verification.
:param core_admin_ui: Return a browser session.
"""
# UI Launch.
ui = core_admin_ui
ui.navigate("Resources", "Domains", check_rendered_tab=False)
ui.launch_modal("Add Domain", "Domain Settings")
domain_name = f'{"R1C1"}{guid()}'
ui.input('Name', domain_name)
ui.button('Add', WaitModal())
ui.switch_context(WaitModal())
warning_pop_message = 'Verification failed. The domain could not be reached.'
ui.expect(Div(warning_pop_message),
f'Warning modal did not contain correct text')
logger.info("Warning modal did contain correct text")
def test_ui_check_bulk_delete_account_caution(core_session, core_admin_ui,
list_of_created_systems):
"""
Test case: C3086
:param core_session: Returns API session
:param core_admin_ui: Centrify admin Ui session
:param list_of_created_systems: creating a empty list of created systems.
"""
account_name_prefix = f'account_test{guid()}'
# adding multiple systems with accounts
result = ResourceManager.add_multiple_systems_with_accounts(
core_session,
1,
2,
list_of_created_systems,
user_prefix=account_name_prefix)
# arranging the results in the lists
all_systems, all_accounts = DataManipulation.aggregate_lists_in_dict_values(
[result])
ui = core_admin_ui
ui.navigate('Resources', 'Accounts')
account_names = []
for account in all_accounts:
# getting the account information
query_result, query_success = ResourceManager.get_account_information(
core_session, account)
account_names.append(query_result['VaultAccount']['Row']['User'])
ui.search(account_name_prefix)
ui.action('Delete accounts', account_names)
ui.switch_context(Modal('Bulk Account Delete'))
ui.expect(Label("Save password to secret"),
"Expected to see the label of save the password")
ui.expect(
Div("Deleting an account means we will no longer know the password."
" Saving deleted account passwords to a secret is recommended until you are sure they are "
"no longer needed."), "Expected to see the Caution message.")
result, success = ResourceManager.del_multiple_systems(
core_session, all_systems)
assert success is True, f'Delete systems job failed when expected success'
logger.info(f"Delete systems job executed successfully {result}")
result_acc, success_acc = ResourceManager.del_multiple_accounts(
core_session, all_accounts)
assert success_acc, f"Api did not complete successfully for bulk account delete MSG:{result_acc}"
def test_ui_check_bulk_delete_account_confirm(core_session, core_admin_ui,
list_of_created_systems):
"""
Test case: C3087
:param core_session: Returns API session
:param core_admin_ui: Centrify admin Ui session
:param list_of_created_systems: creating a empty list of created systems.
"""
account_name_prefix = f'account_test{guid()}'
# adding multiple systems with accounts
result = ResourceManager.add_multiple_systems_with_accounts(
core_session,
1,
2,
list_of_created_systems,
user_prefix=account_name_prefix)
# arranging the results in the lists
all_systems, all_accounts = DataManipulation.aggregate_lists_in_dict_values(
[result])
ui = core_admin_ui
ui.navigate('Resources', 'Accounts')
account_names = []
for account in all_accounts:
# getting the account information
query_result, query_success = ResourceManager.get_account_information(
core_session, account)
account_names.append(query_result['VaultAccount']['Row']['User'])
ui.search(account_name_prefix)
ui.action('Delete accounts', account_names)
ui.switch_context(Modal('Bulk Account Delete'))
ui.uncheck("SaveSecret")
ui.button('Delete')
ui.switch_context(ConfirmModal())
ui.expect(
Div("You are about to delete accounts which contain passwords or SSH Keys. This cannot be undone. Are "
"you sure you want to continue?"),
"Expecting a confirm delete account popup")
logger.info("Confirm delete accounts popup appeared.")
ui.button('Yes')
result, success = ResourceManager.del_multiple_systems(
core_session, all_systems)
assert success is True, 'Delete systems job failed when expected success'
logger.info(f"Delete systems job executed successfully {result}")
def test_assign_grant_permission_to_shared_reports(core_session, create_report, users_and_roles):
"""
TCID: C6353 Assign 'Grant' permission to shared report
:param core_session: Centrify Authentication Session
"""
my_report = create_report(core_session, "Select Name From Server", dir="/Reports")
report_name = my_report['Name']
session_user = core_session.get_user()
session_user_name = session_user.get_login_name()
session_user_id = session_user.get_id()
grant_str = "0000000000000000000000000000000000000000000000000000000011101101"
ui = users_and_roles.get_ui_as_user("Federation Management")
user_details = ui.get_user()
user_name = user_details.get_login_name()
user_id = user_details.get_id()
role = UserManager.get_user_role_rights(core_session, user_id)
assign_result = ReportsManager.assign_directory_rights_to_role(core_session, "/Reports",
[{"Role": role['Result']['Results'][0]['Entities'][0][
'Key'],
"Rights": ["Read"]},
{"Role": "Everybody",
"Rights": ["Read"]
}])
assert assign_result, f'Failed to give the read the permission to Shared Folder'
result, success, message = ReportsManager.update_report_permission(core_session, user_name, user_id, grant_str,
report_name, ['Owner'])
assert success, f'Failed to assign grant permission to Federation user:{message}'
logger.info(f'Successfully assign the grant permission to federation user:{result}')
ui.navigate("Reports", check_rendered_tab=False)
ui.expect_disappear(LoadingMask(), 'Report page did not load properly')
ui.expect(TreeFolder("My Reports"), "Failed to find Shared Reports Tab under Reports", time_to_wait=30)
ui.expect(TreeFolder("Shared Reports"), f'Expected find Shared Reports Folder in Tree', time_to_wait=30).try_click()
ui.expect(GridCell(report_name),
f'Can not see the shared report which assigned grant permission to federation user')
ui.check_actions(["Copy", "Move", "Delete", "Modify", "Export Report", "Email Report"], report_name)
ui.action("Modify", report_name)
ui.expect(Div("Report Builder"), f'Failed to enter report detail page')
session = users_and_roles.get_session_for_user('Federation Management')
result, success, message = ReportsManager.update_report_permission(session,
session_user_name, session_user_id,
grant_str, report_name, ['Owner'])
assert success, f'Failed to save permission, API response: {message}'
logger.info(f'Permission saved successfully:{result}')
def test_search_specify_string_in_search_field(core_admin_ui):
"""
TC : C2073 Search specify string( & # ) in search field
param:core_admin_ui: Returns browser Session
"""
# Launch UI.
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search("&#")
ui.switch_context(ErrorModal())
error_text = "A potentially dangerous string is included in the request body."
ui.check_exists(Div(error_text),
f"Expected to find {error_text} message but it did not. ")
logger.info(f"Successfully shows the error text {error_text}.")
ui.close_modal('Close')
ui.navigate('Resources', 'Domains')
ui.search("&#")
assert ui.check_exists(ErrorModal()) is False, f"Error modal appears"
logger.info("No error text shown on Domain search field")
def test_apply_profile_not_exist(core_session, pas_setup,
create_basic_pass_profile, core_admin_ui):
"""
Test case: C1657
:param core_session: Centrify session.
:param core_admin_ui: Centrify admin Ui session
:param pas_setup: Creates System and Account
:param create_basic_pass_profile: Created a basic password complexity profile.
"""
# Creating windows system.
System_id, account_id, sys_info = pas_setup
system_name = sys_info[0]
fqdn = sys_info[1]
logger.info(f"Created windows system {system_name} with fqdn {fqdn}")
# Creating a basic password profile
profile = create_basic_pass_profile(core_session, 1)[0]
cps_prof_id = profile[0]['_RowKey']
profile_name_cps = profile[0]['Name']
logger.info(
f"Created password profile {profile_name_cps} with id {cps_prof_id}")
# ui starts from here.
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(system_name)
ui.click_row(system_name)
ui.tab('Advanced')
ui.select_option("PasswordProfileID", profile_name_cps)
ui.switch_context(ConfirmModal())
ui.close_modal('Continue')
ResourceManager.delete_password_profile(core_session, cps_prof_id)
ui.button("Save")
ui.expect(
Div("Password profile is not found."),
f"'password profile {profile_name_cps} already deleted' error popup not appeared"
)
logger.info(
f"password profile {profile_name_cps} with id {cps_prof_id} deleted")
def test_access_system_not_allow_from_public_network(core_session,
pas_windows_setup,
core_admin_ui,
update_tenant_remote):
"""
C1573 : 20180720-02:31:59 system Level
:param core_session: Authenticated Centrify Session
:param pas_windows_setup: Added Windows system with Account associated to it.
:param core_admin_ui: Authenticated Centrify Browser Session
"""
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(
)
ui = core_admin_ui
# Disable 'Allow access from a public network' policy on Global Security Setting page
result, success = update_tenant_remote(core_session, False)
assert success, f"Not able to disable 'Allow access from a public network' policy on Global Security Setting " \
f"page. API response result: {result}. "
logger.info(
f"'Allow access from a public network' policy disabled on Global Security Setting page"
)
# Navigating Resources - System page
ui.navigate("Resources", "Systems")
ui.search(sys_info[0])
ui.click_row(GridRowByGuid(system_id))
ui.check_row_by_guid(account_id)
ui.switch_context(RenderedTab("Accounts"))
# Login to Account using RDP session
ui.action('Login')
ui.wait_for_tab_with_name(f"Login session {sys_info[0]}")
expected_alert_message = "Remote access not allowed. Please enable the 'Allow access from a public network' " \
"policy if web login from a public network is required."
core_admin_ui.switch_context(WarningModal())
assert core_admin_ui.check_exists(
(Div(expected_alert_message))
), f"pop up warning message for Remote access is not same as : {expected_alert_message}"
logger.info(f"Correct pop up warning message displayed for Remote access.")
def test_check_safenet(core_admin_ui):
"""
Test Case ID: C1729
:param core_admin_ui: Authenticates Centrify UI session
"""
# Navigating to the Password Storage page and checking the tooptip and help pages.
ui = core_admin_ui
ui.navigate("Settings", "Resources", "Password Storage", check_rendered_tab=False)
# Clicking the help tooltip at the begin of the page.
ui.expect(Span(text="?"),
'tooltip ? to be enabled').try_click(Span(text="Migrate Passwords"))
ui.switch_to_newest_tab()
ui.expect(PageWithTitle("Configuring password storage"),
"Expecting a new page with title 'Configuring password storage'")
logger.info("Title with the page 'Configuring password storage' loaded successfully'")
ui.switch_to_main_window()
ui.switch_context(ActiveMainContentArea())
# Clicking the Learn more link in the password storage page.
ui.expect(Anchor(button_text="Learn more"), "expecting a link named 'Learn more'").try_click(
Span(text="Migrate Passwords"))
ui.switch_to_newest_tab()
ui.expect(PageWithTitle("Configuring password storage"),
"Expecting a new page with title 'Configuring password storage'")
logger.info("Title with the page 'Configuring password storage' loaded successfully'")
ui.switch_to_main_window()
ui.navigate("Settings", "Resources", ("SafeNet KeySecure Configuration", "SafeNet KeySecure Configuration"))
# Clicking the Learn more link in the SafeNet KeySecure Configuration page.
ui.expect(Anchor(button_text="Learn more"), "expecting a link named 'Learn more'").try_click(
Div(text="SafeNet KeySecure Configuration"))
ui.switch_to_newest_tab()
ui.expect(PageWithTitle("Configuring communication with SafeNet KeySecure"),
"Expecting a new page with title 'Configuring communication with SafeNet KeySecure'")
logger.info("Title with the page 'Configuring communication with SafeNet KeySecure' loaded successfully'")
def test_add_unreachable_sys_hostname_as_dns(core_admin_ui):
"""
TC:C2165 Add an unreachable system which hostname as DNS Name/IP Address.
:param core_admin_ui: Return a browser session.
"""
# Launch UI.
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.launch_modal('Add System')
# Trying to create system with unreachable DNS/IP Address.
system_name = f'test_system{guid()}'
ui.input('Name', system_name)
ui.select_option('SystemProfileId', 'Windows')
system_ip = f'fqdn{guid()}'
ui.input('FQDN', system_ip)
ui.step('Next >')
ui.step('Next >')
ui.step('Next >')
ui.step('Finish')
ui.expect(Div('Verification failed.'), 'Failed to find the error text.')
logger.info('Successfully find the error text.')
def test_actions_on_systems_domains_service(core_session, pas_windows_setup,
core_admin_ui):
"""
TC: C2055 Check action on Systems/Accounts/Domains/Services.
:param core_session: Authenticated Centrify session.
:param pas_windows_setup: Returning a fixture.
:param core_admin_ui: Authenticated Centrify UI session.
"""
# Creating a system and account.
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(
)
# UI Launch.
ui = core_admin_ui
ui.navigate('Resources', 'Systems')
ui.search(sys_info[0])
ui.right_click(Div(sys_info[0]))
expected_last_actions_value = 'Delete'
system_list_action = False
counter = 0
while system_list_action is False:
if counter is not 30:
list_action_element = ui.get_list_of_right_click_element_values(
'Login')
if expected_last_actions_value in list_action_element:
system_list_action = True
logger.info(
'expected_last_actions_value is in the list_action_element'
)
break
counter = +1
actual_last_action_element = list_action_element.pop()
assert actual_last_action_element == expected_last_actions_value, f"Delete is not the last element in Actions list"
logger.info(
f'Delete is the last element in Actions list: "{actual_last_action_element}."'
)
def test_add_system_invalid_proxy_account(pas_config, core_ui):
"""C1822 Add Windows resource after clearing valid managed account and invalid proxy account
validate the added invalid proxy and valid manage Account Activity log's
"""
core_ui = core_ui
account_details = pas_config
sys_data = account_details['Windows_infrastructure_data']
core_ui.navigate('Resources', 'Systems')
core_ui.launch_modal('Add System')
core_ui.input('Name', sys_data['system_name'])
core_ui.input('FQDN', sys_data['FQDN'])
core_ui.step('Next >')
core_ui.step('Next >')
core_ui.check('SetupProxyAccount')
core_ui.input('ProxyUser', sys_data['invalid_proxy_username'])
core_ui.input('ProxyUserPassword', sys_data['invalid_proxy_password'])
core_ui.check('ProxyUserIsManaged')
core_ui.step('Next >')
core_ui.step('Finish')
core_ui.expect_disappear(
Div('Verification failed. Bad proxy account credentials.'),
'worng pop message is not '
'getting launch',
time_to_wait=90)
def test_help_page_and_tip_message_check(core_admin_ui, add_single_system):
"""
C1546 : Help page and tip message check
:param core_admin_ui: Authenticated Centrify Browser Session
:param add_single_system: Add system and return system details.
"""
ui = core_admin_ui
added_system_id, sys_info = add_single_system
ui.navigate('Resources', 'Systems')
ui.search(sys_info[0])
ui.click_row(GridRowByGuid(added_system_id))
# Navigate Policy page
ui.tab('Policy')
ui.switch_context(ActiveMainContentArea())
ui.button('Learn more')
ui.wait_for_tab_with_name("Setting system‑specific policies",
max_seconds_to_wait=10)
assert ui.check_exists(PageWithTitle("Setting system‑specific policies")), "Setting system‑specific policies, " \
"page not found. "
logger.info(
"Clicking on 'Learn More' button launched 'Setting system‑specific policies' tab successfully"
)
ui.switch_first_tab()
ui.mouse_hover_element(HoverToolTip("Allow access from a public"))
assert ui.check_exists(Div("Specifies whether remote connections")), "Could not able to find the tool tip value " \
"for Allow access from a public network "
logger.info(
"'Specifies whether remote connections' tool tip message found")
ui.mouse_hover_element(HoverToolTip("Checkout lifetime"))
assert ui.check_exists(Div("Specifies the number of minutes")), "Could not able to find the tool tip value for " \
"Checkout lifetime "
logger.info("'Specifies the number of minutes' tool tip message found")
# Navigate Advanced page
ui.tab('Advanced')
ui.switch_context(ActiveMainContentArea())
ui.button('Learn more')
ui.wait_for_tab_with_name("Setting system‑specific advanced options",
max_seconds_to_wait=10)
assert ui.check_exists(PageWithTitle("Setting system‑specific advanced options")), "Setting system‑specific " \
"advanced options, " \
"page not found "
logger.info(
"Clicking on 'Learn More' button launched 'Setting system‑specific advanced options' tab successfully"
)
ui.switch_first_tab()
ui.mouse_hover_element(HoverToolTip("Allow multiple password"))
assert ui.check_exists(Div("Specifies whether multiple users")), "Could not able to find the tool tip value for " \
"Multiple password checkouts"
logger.info("'Specifies whether multiple users' tool tip message found")
ui.mouse_hover_element(HoverToolTip("password history cleanup"))
assert ui.check_exists(Div("Specifies whether retired passwords"), 30), "Could not able to find the tool tip " \
"value for Password History Cleanup"
logger.info("'Specifies whether retired passwords' tool tip message found")
ui.mouse_hover_element(HoverToolTip("Enable password rotation"))
assert ui.check_exists(Div("Specifies whether managed password")), "Could not able to find the tool tip value " \
"for Password rotation after checkin "
logger.info("'Specifies whether managed password' tool tip message found")
ui.mouse_hover_element(HoverToolTip("Enable periodic password"))
assert ui.check_exists(Div("Specifies whether managed password")), "Could not able to find the tool tip value " \
"for Periodic password rotation "
logger.info("'Specifies whether managed password' tool tip message found")
ui.mouse_hover_element(HoverToolTip("Minimum Password Age"))
assert ui.check_exists(Div("Minimum amount of days old")), "Could not able to find the tool tip value for " \
"Minimum Password Age "
logger.info("'Minimum amount of days old' tool tip message found")
ui.navigate('Settings', 'Resources', 'Security', 'Security Settings',
False)
ui.switch_context(ActiveMainContentArea())
ui.button('Learn more')
ui.wait_for_tab_with_name("Setting global security options", 20)
assert ui.check_exists(PageWithTitle("Setting global security options"), 20), "Setting global security options, " \
"page not found. "
logger.info(
"Clicking on 'Learn More' button launched 'Setting global security options' tab successfully"
)
ui.switch_first_tab()
ui.mouse_hover_element(
HoverCkeckboxToolTip("Enable periodic password history cleanup"))
assert ui.check_exists(Div("Specifies whether retired passwords"), 20), "Could not able to find the tool tip " \
"value for Password history cleanup "
logger.info("'Specifies whether retired passwords' tool tip message found")
ui.mouse_hover_element(
HoverCkeckboxToolTip("password rotation after checkin"))
assert ui.check_exists(Div("password should be rotated after it's checked"), 20), "Could not able to find the " \
"tool tip value for Password " \
"rotation after checkin "
logger.info(
"'Password should be rotated after it's checked' tool tip message found"
)
ui.mouse_hover_element(
HoverCkeckboxToolTip("password rotation at specified interval"))
assert ui.check_exists(Div("password should be rotated periodically"), 20), "Could not able to find the tool " \
"tip value for Password rotation at " \
"specified interval "
logger.info(
"'Password should be rotated periodically' tool tip message found")
ui.mouse_hover_element(HoverToolTip("password checkout lifetime"))
assert ui.check_exists(Div("Specifies the number of minutes"), 20), "Could not able to find the tool tip value " \
"for Default account password checkout " \
"lifetime "
logger.info("'Specifies the number of minutes' tool tip message found")
ui.mouse_hover_element(HoverToolTip("Minimum Password Age"))
assert ui.check_exists(Div("Minimum amount of days old"), 20), "Could not able to find the tool tip value for " \
"Minimum Password Age "
logger.info("'Minimum amount of days old' tool tip message found")
ui.mouse_hover_element(HoverToolTip("SSH Gateway"))
assert ui.check_exists(Div("message to users at SSH session login"), 20), "Could not able to find the tool tip " \
"value for SSH Gateway Banner "
logger.info(
"'Message to users at SSH session login' tool tip message found")
ui.mouse_hover_element(
HoverCkeckboxToolTip("requests for password checkouts"))
assert ui.check_exists(Div("allows users to request permanent access"), 20), "Could not able to find the tool " \
"tip value for Requests for " \
"password checkouts "
logger.info(
"'When enabled, allows users to request permanent access passwords' tool tip message found"
)
ui.mouse_hover_element(HoverCkeckboxToolTip("requests for login"))
assert ui.check_exists(Div("allows users to request permanent login access"), 20), "Could not able to find the " \
"tool tip value for Requests " \
"for login "
logger.info(
"'allows users to request permanent login access' tool tip message found"
)
ui.mouse_hover_element(
HoverCkeckboxToolTip("Allow multiple password checkouts"))
assert ui.check_exists(Div("Specifies whether multiple users can"), 20), "Could not able to find the tool tip " \
"value for Allow multiple password " \
"checkouts "
logger.info(
"'Specifies whether multiple users can' tool tip message found")
ui.mouse_hover_element(HoverCkeckboxToolTip("Allow access from"))
assert ui.check_exists(Div("Specifies whether remote connections"), 20), "Could not able to find the tool tip " \
"value for Allow access from a public" \
" network "
logger.info(
"'Specifies whether remote connections' tool tip message found")