def setUpClass(cls): """ Establishes a connection to TM1 and creates TM! objects to use across all tests """ # Connection to TM1 cls.config = configparser.ConfigParser() cls.config.read(Path(__file__).parent.joinpath('config.ini')) cls.tm1 = TM1Service(**cls.config['tm1srv01']) cls.user_name = PREFIX + "Us'er1" cls.read_only_user_name = PREFIX + "Read_Only_user" cls.user_name_exotic_password = "******" cls.enabled = True cls.user = User(name=cls.user_name, groups=[], password='******', enabled=cls.enabled) cls.read_only_user = User(name=cls.read_only_user_name, groups=[], password="******", enabled=True) cls.group_name1 = PREFIX + "Gro'up1" cls.group_name2 = PREFIX + "Group2" cls.user.add_group(cls.group_name1) if cls.user_name in CaseAndSpaceInsensitiveSet(*cls.tm1.security.get_all_user_names()): cls.tm1.security.delete_user(cls.user_name) for group in (cls.group_name1, cls.group_name2): if group in CaseAndSpaceInsensitiveSet(*cls.tm1.security.get_all_groups()): cls.tm1.security.delete_group(group)
class TestUserMethods(unittest.TestCase): tm1 = TM1Service(address=address, port=port, user=user, password=pwd, ssl=ssl) user_name = str(uuid.uuid4()) group_name = str(uuid.uuid4()) user = User(name=user_name, groups=[], password='******') # Create Group for unittests @classmethod def setup_class(cls): code = "AddGroup('{}');".format(cls.group_name) cls.tm1.processes.execute_ti_code([code]) def test1_create_user(self): all_users_before = self.tm1.security.get_all() self.tm1.security.create(self.user) all_users_after = self.tm1.security.get_all() # test it! self.assertEqual(len(all_users_before) + 1, len(all_users_after)) def test2_get_user(self): u = self.tm1.security.get(self.user_name) # Adjust it a little bit u.password = '******' u.friendly_name = None # test it ! self.assertEqual(u.body, self.user.body) def test3_update_user(self): # get user u = self.tm1.security.get(self.user_name) # update user. Add Group u.add_group(self.group_name) self.tm1.security.update(u) # test it ! groups = self.tm1.security.get_groups(u.name) self.assertIn(self.group_name, groups) # update user. Remove Group u.remove_group(self.group_name) self.tm1.security.update(u) # test it ! groups = self.tm1.security.get_groups(u.name) self.assertNotIn(self.group_name, groups) def test4_delete_user(self): users_before = self.tm1.security.get_all() self.tm1.security.delete(self.user_name) users_after = self.tm1.security.get_all() # test it ! self.assertEqual(len(users_before) - 1, len(users_after)) @classmethod def teardown_class(cls): # Delete Group code = "DeleteGroup('{}');".format(cls.group_name) cls.tm1.processes.execute_ti_code([code]) cls.tm1.logout()
def setup_class(cls): cls.tm1 = TM1Service(**test_config) cls.user_name = str(uuid.uuid4()) cls.user = User(name=cls.user_name, groups=[], password='******') # Create Group for unittests cls.group_name = str(uuid.uuid4()) code = "AddGroup('{}');".format(cls.group_name) cls.tm1.processes.execute_ti_code([code])
def test_create_and_delete_user(self): u = User(name=PREFIX + "User2", groups=()) all_users = self.tm1.security.get_all_user_names() if u.name not in CaseAndSpaceInsensitiveSet(*all_users): self.tm1.security.create_user(u) users_before_delete = self.tm1.security.get_all_user_names() response = self.tm1.security.delete_user(u.name) self.assertTrue(response.ok) users_after_delete = self.tm1.security.get_all_user_names() self.assertIn(u.name, CaseAndSpaceInsensitiveSet(*users_before_delete)) self.assertNotIn(u.name, CaseAndSpaceInsensitiveSet(*users_after_delete))
def test_tm1service_with_plain_password_fail(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) # test with random (wrong) password self.assertRaises(TM1pyRestException, TM1Service, user=user.name, password="******", base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) self.tm1.security.delete_user(user.name)
def setup_class(cls): cls.tm1 = TM1Service(**config['tm1srv01']) cls.user_name = PREFIX + "Us'er1" cls.user = User(name=cls.user_name, groups=[], password='******') cls.group_name1 = PREFIX + "Gro'up1" cls.group_name2 = PREFIX + "Group2" cls.user.add_group(cls.group_name1) if cls.user_name in CaseAndSpaceInsensitiveSet(*cls.tm1.security.get_all_user_names()): cls.tm1.security.delete_user(cls.user_name) for group in (cls.group_name1, cls.group_name2): if group in CaseAndSpaceInsensitiveSet(*cls.tm1.security.get_all_groups()): cls.tm1.security.delete_group(group)
def test_tm1service_with_plain_password(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) with TM1Service(user=user.name, password=user.password, base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) as _: # if no exception. Login was successful pass self.tm1.security.delete_user(user.name)
def test_tm1service_with_encrypted_password_fail(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) self.assertRaises(TM1pyRestException, TM1Service, user=user.name, password=b64encode(str.encode("banana")), decode_b64=True, base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) self.tm1.security.delete_user(user.name)
def test_tm1service_with_encrypted_password_decode_b64_as_string(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) with TM1Service(user=user.name, password=b64encode(str.encode(user._password)), decode_b64="True", base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) as _: # if no exception. Login was successful pass self.tm1.security.delete_user(user.name)
def test_auth_with_exotic_characters_in_password(self): exotic_password = "******" # create user user = User(name=self.user_name_exotic_password, groups=("ADMIN", ), password=exotic_password) self.tm1.security.create_user(user) # login as user with exotic password kwargs = dict(self.config["tm1srv01"]) kwargs["user"] = user.name kwargs["password"] = exotic_password # raises TM1pyException if login fails with TM1Service(**kwargs) as tm1_second_conn: self.assertEqual(tm1_second_conn.whoami.name, user.name)
def test_user_type_derive_operations_admin_from_groups(self): user = User("not_relevant", groups=["OperationsAdmin"], user_type=None) self.assertEqual(user.user_type, UserType.OperationsAdmin)
def test_user_type_derive_admin_from_groups(self): user = User("not_relevant", groups=["ADMIN"], user_type=None) self.assertEqual(user.user_type, UserType.Admin)
def test_user_type_derive_security_admin_from_groups(self): user = User("not_relevant", groups=["SecurityAdmin"], user_type=None) self.assertEqual(user.user_type, UserType.SecurityAdmin)
def test_user_type_derive_user_from_groups(self): user = User("not_relevant", groups=["Marketing"], user_type=None) self.assertEqual(user.user_type, UserType.User)
def test_user_type_invalid_str(self): with pytest.raises(ValueError): user = User("not_relevant", groups=["ADMIN"], user_type="not_a_valid_type")
""" Create a new user """ from TM1py.Objects import User from TM1py.Services import TM1Service with TM1Service(address='localhost', port=12354, user='******', password='******', ssl=True) as tm1: u = User(name='Hodor Hodor', friendly_name='Hodor', groups=['Admin'], password='******') tm1.security.create_user(u)
def test_user_type_invalid_str(self): with self.assertRaises(ValueError) as e: self.tm1.security.create_user( User("not_relevant", groups=["ADMIN"], user_type="not_a_valid_type"))
class TestSecurityService(unittest.TestCase): tm1: TM1Service prefix = "TM1py_Tests_" user_name = prefix + "Us'er1" read_only_user_name = prefix + "Read_Only_user" user_name_exotic_password = "******" enabled = True user = User(name=user_name, groups=[], password='******', enabled=enabled) read_only_user = User(name=read_only_user_name, groups=[], password="******", enabled=True) group_name1 = prefix + "Gro'up1" group_name2 = prefix + "Group2" user.add_group(group_name1) @classmethod def setUpClass(cls): """ Establishes a connection to TM1 and creates TM! objects to use across all tests """ # Connection to TM1 cls.config = configparser.ConfigParser() cls.config.read(Path(__file__).parent.joinpath('config.ini')) cls.tm1 = TM1Service(**cls.config['tm1srv01']) if cls.user_name in CaseAndSpaceInsensitiveSet( *cls.tm1.security.get_all_user_names()): cls.tm1.security.delete_user(cls.user_name) for group in (cls.group_name1, cls.group_name2): if group in CaseAndSpaceInsensitiveSet( *cls.tm1.security.get_all_groups()): cls.tm1.security.delete_group(group) def setUp(self): self.tm1.security.create_group(self.group_name1) self.tm1.security.create_group(self.group_name2) self.tm1.security.create_user(self.user) self.tm1.security.create_user(self.read_only_user) self.tm1.cells.write_values( cube_name="}ClientProperties", cellset_as_dict={(self.read_only_user_name, "ReadOnlyUser"): 1}) def tearDown(self): self.tm1.security.delete_user(self.user_name) self.tm1.security.delete_user(self.read_only_user_name) self.tm1.security.delete_group(self.group_name1) self.tm1.security.delete_group(self.group_name2) if self.user_name_exotic_password in self.tm1.security.get_all_user_names( ): self.tm1.security.delete_user(self.user_name_exotic_password) def test_get_user(self): u = self.tm1.security.get_user(self.user_name) # Adjust it a little bit u.password = '******' u.friendly_name = None self.assertEqual(u.body, self.user.body) def test_get_current_user(self): me = self.tm1.security.get_current_user() self.assertTrue( case_and_space_insensitive_equals(me.name, self.config['tm1srv01']['User'])) user = self.tm1.security.get_user(self.config['tm1srv01']['User']) self.assertEqual(me, user) def test_update_user(self): # get user u = self.tm1.security.get_user(self.user_name) # update user. Add Group u.add_group(self.group_name2) self.tm1.security.update_user(u) # test it ! groups = self.tm1.security.get_groups(u.name) self.assertIn(self.group_name2, groups) # update user. Remove Group u.remove_group(self.group_name2) self.tm1.security.update_user(u) # test it ! groups = self.tm1.security.get_groups(u.name) self.assertNotIn(self.group_name2, groups) def test_user_type_invalid_type(self): with self.assertRaises(ValueError) as _: self.tm1.security.create_user( User("not_relevant", groups=["ADMIN"], user_type=3)) def test_user_type_invalid_str(self): with self.assertRaises(ValueError) as e: self.tm1.security.create_user( User("not_relevant", groups=["ADMIN"], user_type="not_a_valid_type")) def test_user_type_derive_user_from_groups(self): user = User("not_relevant", groups=["Marketing"], user_type=None) self.assertEqual(user.user_type, UserType.User) def test_user_type_derive_security_admin_from_groups(self): user = User("not_relevant", groups=["SecurityAdmin"], user_type=None) self.assertEqual(user.user_type, UserType.SecurityAdmin) def test_user_type_derive_data_admin_from_groups(self): user = User("not_relevant", groups=["DataAdmin"], user_type=None) self.assertEqual(user.user_type, UserType.DataAdmin) def test_user_type_derive_admin_from_groups(self): user = User("not_relevant", groups=["ADMIN"], user_type=None) self.assertEqual(user.user_type, UserType.Admin) def test_user_type_derive_operations_admin_from_groups(self): user = User("not_relevant", groups=["OperationsAdmin"], user_type=None) self.assertEqual(user.user_type, UserType.OperationsAdmin) def test_update_user_properties(self): # get user u = self.tm1.security.get_user(self.user_name) self.assertNotIn("DataAdmin", u.groups) # update enabled u.enabled = False # update UserType u.user_type = UserType.DataAdmin # update user. Add Group u.add_group(self.group_name2) self.assertIn("DataAdmin", u.groups) self.tm1.security.update_user(u) u = self.tm1.security.get_user(u.name) self.assertFalse(u.enabled) self.assertEqual(u.user_type, UserType.DataAdmin) self.assertIn("DataAdmin", u.groups) def test_update_user_properties_with_type_as_str(self): # get user u = self.tm1.security.get_user(self.user_name) self.assertEqual(u.user_type, UserType.User) self.assertNotIn("DataAdmin", u.groups) # update enabled u.enabled = False # update UserType u.user_type = "dataadmin" # update user. Add Group u.add_group(self.group_name2) self.tm1.security.update_user(u) u = self.tm1.security.get_user(u.name) self.assertFalse(u.enabled) self.assertEqual(u.user_type, UserType.DataAdmin) self.assertIn("DataAdmin", u.groups) def test_get_all_users(self): all_users = [user.name for user in self.tm1.security.get_all_users()] all_clients = self.tm1.dimensions.hierarchies.elements.get_element_names( '}Clients', '}Clients') self.assertGreater(len(all_users), 0) self.assertIn(self.user_name, all_users) self.assertEqual(sorted(all_users), sorted(all_clients)) def test_get_all_user_names(self): all_users = self.tm1.security.get_all_user_names() all_clients = self.tm1.dimensions.hierarchies.elements.get_element_names( '}Clients', '}Clients') self.assertGreater(len(all_users), 0) self.assertIn(self.user_name, all_users) self.assertEqual(sorted(all_users), sorted(all_clients)) def test_add_user_to_groups(self): self.tm1.security.add_user_to_groups(self.user_name, (self.group_name2, )) user = self.tm1.security.get_user(self.user_name) self.assertIn(self.group_name2, user.groups) def test_remove_user_from_group(self): self.tm1.security.remove_user_from_group(self.group_name1, self.user_name) user = self.tm1.security.get_user(self.user_name) self.assertNotIn(self.group_name1, user.groups) def test_get_users_from_group(self): users = [ user.name for user in self.tm1.security.get_users_from_group("AdMiN") ] mdx = "{ FILTER ( { [}Clients].Members } , [}ClientGroups].([}Groups].[ADMIN]) = 'ADMIN' ) }" clients = self.tm1.dimensions.execute_mdx("}Clients", mdx) self.assertGreater(len(users), 0) self.assertGreater(len(clients), 0) self.assertEqual(sorted(users), sorted(clients)) def test_get_user_names_from_group(self): users = self.tm1.security.get_user_names_from_group(self.group_name1) mdx = "{ FILTER ( { [}Clients].Members } , [}ClientGroups].([}Groups].[" + self.group_name1 + "]) = '" + \ self.group_name1.replace("'", "''") + "' ) }" clients = self.tm1.dimensions.execute_mdx("}Clients", mdx) self.assertGreater(len(users), 0) self.assertGreater(len(clients), 0) self.assertEqual(sorted(users), sorted(clients)) def test_get_groups_from_user(self): groups = self.tm1.security.get_groups(self.user_name) self.assertIn(self.group_name1, groups) groups = self.tm1.security.get_groups(" ".join(self.user_name.upper())) self.assertIn(self.group_name1, groups) def test_get_groups(self): groups = self.tm1.security.get_all_groups() self.assertGreater(len(groups), 0) self.assertEqual( sorted(groups), sorted( self.tm1.dimensions.hierarchies.elements.get_element_names( "}Groups", "}Groups"))) def test_security_refresh(self): response = self.tm1.security.security_refresh() self.assertTrue(response.ok) def test_auth_with_exotic_characters_in_password(self): exotic_password = "******" # create user user = User(name=self.user_name_exotic_password, groups=("ADMIN", ), password=exotic_password) self.tm1.security.create_user(user) # login as user with exotic password kwargs = dict(self.config["tm1srv01"]) kwargs["user"] = user.name kwargs["password"] = exotic_password # raises TM1pyException if login fails with TM1Service(**kwargs) as tm1_second_conn: self.assertEqual(tm1_second_conn.whoami.name, user.name) def test_create_and_delete_user(self): u = User(name=self.prefix + "User2", groups=()) all_users = self.tm1.security.get_all_user_names() if u.name not in CaseAndSpaceInsensitiveSet(*all_users): self.tm1.security.create_user(u) users_before_delete = self.tm1.security.get_all_user_names() response = self.tm1.security.delete_user(u.name) self.assertTrue(response.ok) users_after_delete = self.tm1.security.get_all_user_names() self.assertIn(u.name, CaseAndSpaceInsensitiveSet(*users_before_delete)) self.assertNotIn(u.name, CaseAndSpaceInsensitiveSet(*users_after_delete)) def test_create_and_delete_group(self): group = self.prefix + "Group3" groups = self.tm1.security.get_all_groups() if group not in CaseAndSpaceInsensitiveSet(*groups): self.tm1.security.create_group(group) groups_before_delete = self.tm1.security.get_all_groups() response = self.tm1.security.delete_group(group) self.assertTrue(response.ok) groups_after_delete = self.tm1.security.get_all_groups() self.assertIn(group, groups_before_delete) self.assertNotIn(group, groups_after_delete) def test_tm1service_with_encrypted_password_decode_b64_as_string(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) with TM1Service(user=user.name, password=b64encode(str.encode(user._password)), decode_b64="True", base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) as _: # if no exception. Login was successful pass self.tm1.security.delete_user(user.name) def test_tm1service_without_encrypted_password(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) with TM1Service(user=user.name, password=user._password, decode_b64=False, base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) as _: # if no exception. Login was successful pass self.tm1.security.delete_user(user.name) def test_tm1service_with_encrypted_password(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) with TM1Service(user=user.name, password=b64encode(str.encode(user._password)), decode_b64=True, base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) as _: # if no exception. Login was successful pass self.tm1.security.delete_user(user.name) def test_tm1service_with_encrypted_password_fail(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) self.assertRaises(TM1pyRestException, TM1Service, user=user.name, password=b64encode(str.encode("banana")), decode_b64=True, base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) self.tm1.security.delete_user(user.name) def test_tm1service_with_plain_password(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) with TM1Service(user=user.name, password=user.password, base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) as _: # if no exception. Login was successful pass self.tm1.security.delete_user(user.name) def test_tm1service_with_plain_password_fail(self): user_name = "TM1py user name" user = User(name=user_name, groups=["ADMIN"], password="******") if user.name in self.tm1.security.get_all_user_names(): self.tm1.security.delete_user(user_name) self.tm1.security.create_user(user) # test with random (wrong) password self.assertRaises(TM1pyRestException, TM1Service, user=user.name, password="******", base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) self.tm1.security.delete_user(user.name) def test_user_exists_true(self): self.assertTrue( self.tm1.security.user_exists(user_name=self.user_name)) def test_user_exists_false(self): self.assertFalse( self.tm1.security.user_exists(user_name="NotAValidName")) def test_group_exists_true(self): self.assertTrue( self.tm1.security.group_exists(group_name=self.group_name1)) def test_group_exists_false(self): self.assertFalse( self.tm1.security.group_exists(group_name="NotAValidName")) def test_impersonate(self): tm1 = TM1Service(**self.config['tm1srv01']) self.assertNotEqual(self.user_name, tm1.whoami.name) tm1 = TM1Service(**self.config['tm1srv01'], impersonate=self.user_name) self.assertEqual(self.user_name, tm1.whoami.name) def test_get_custom_security_groups(self): custom_groups = self.tm1.security.get_custom_security_groups() self.assertNotIn("Admin", CaseAndSpaceInsensitiveSet(*custom_groups)) self.assertNotIn("DataAdmin", CaseAndSpaceInsensitiveSet(*custom_groups)) self.assertNotIn("SecurityAdmin", CaseAndSpaceInsensitiveSet(*custom_groups)) self.assertNotIn("OperationsAdmin", CaseAndSpaceInsensitiveSet(*custom_groups)) self.assertNotIn("}tp_Everyone", CaseAndSpaceInsensitiveSet(*custom_groups)) self.assertIn(self.group_name1, CaseAndSpaceInsensitiveSet(*custom_groups)) self.assertIn(self.group_name2, CaseAndSpaceInsensitiveSet(*custom_groups)) self.assertNotIn("NotExistingGroup", CaseAndSpaceInsensitiveSet(*custom_groups)) def test_get_read_only_users(self): read_only_users = self.tm1.security.get_read_only_users() self.assertEqual(1, len(read_only_users)) self.assertEqual(self.read_only_user_name, read_only_users[0]) def test_update_user_password(self): self.tm1.security.update_user_password(user_name=self.user.name, password="******") with TM1Service(user=self.user.name, password="******", base_url=self.tm1._tm1_rest._base_url, ssl=self.tm1._tm1_rest._ssl) as _: # if no exception. Login was successful pass @classmethod def teardown_class(cls): cls.tm1.logout()