def test_add_with_username_sshkeyfile(isolated_filesystem, qpc_server_config):
"""Add an auth with username and sshkeyfile.
:id: 9bfb16a2-5a10-4a01-9f9d-b29445c1f4bf
:description: Add an auth entry providing the ``--name``, ``--username``
and ``--sshkeyfile`` options.
:steps: Run ``qpc cred add --name <name> --username <username> --sshkeyfile
<sshkeyfile>``
:expectedresults: A new auth entry is created with the data provided as
input.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile_name = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
# sshkeyfile = '/sshkeys/id_rsa'
cred_add_and_check({
"name": name,
"username": username,
"sshkeyfile": f"/sshkeys/{tmp_dir}/{sshkeyfile_name}"
})
cred_show_and_check(
{"name": name},
generate_show_output({
"name": name,
"ssh_keyfile": f"/sshkeys/{tmp_dir}/{sshkeyfile_name}",
"username": username
}),
)
def test_edit_sshkeyfile_negative(isolated_filesystem, qpc_server_config):
"""Edit the sshkeyfile of a not created auth entry.
:id: 97734b67-3d5e-4add-9282-22844fd436d1
:description: Edit the sshkeyfile of a not created auth entry.
:steps: Run ``qpc cred edit --name <invalidname> --sshkeyfile
<newsshkeyfile>``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile_name = utils.uuid4()
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
cred_add_and_check({
"name": name,
"username": username,
"sshkeyfile": f"/sshkeys/{tmp_dir}/{sshkeyfile_name}"
})
name = utils.uuid4()
sshkeyfile_name = utils.uuid4()
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
qpc_cred_edit = pexpect.spawn(
"{} cred edit --name={} --sshkeyfile {}".format(
client_cmd, name, f"/sshkeys/{tmp_dir}/{sshkeyfile_name}"))
qpc_cred_edit.logfile = BytesIO()
assert qpc_cred_edit.expect(
'Credential "{}" does not exist'.format(name)) == 0
assert qpc_cred_edit.expect(pexpect.EOF) == 0
qpc_cred_edit.close()
assert qpc_cred_edit.exitstatus != 0
def test_add_with_sshport_negative(isolated_filesystem):
"""Add a profile with auth, hosts and port.
:id: d95702be-17f7-4938-9f38-b1bca36ee27b
:description: Add a profile entry providing the ``--name``, ``--auth``,
``--hosts`` and ``--port`` options.
:steps: Run ``rho profile add --name <name> --auth <auth> --hosts <hosts>
--port <port>``
:expectedresults: A new profile entry is created with the data provided as
input.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
sshport = utils.uuid4()
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {} --sshport {}".format(
name, auth_name, hosts, sshport
)
)
assert (
rho_profile_add.expect(
r"Port value {} should be a positive integer in the valid range "
r"\(0-65535\)".format(sshport)
)
== 0
)
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 1
def test_edit_password_negative(isolated_filesystem):
"""Edit the password of a not created auth entry.
:id: 3469c05d-2dee-4b5a-84a8-e9f3ce391480
:description: Edit the password of a not created auth entry.
:steps: Run ``rho auth edit --name <invalidname> --password
<newpassword>``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
name = utils.uuid4()
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --password".format(name))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect('Auth "{}" does not exist'.format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus != 0
def test_negative_create_key_and_pass(cleanup, isolated_filesystem):
"""Attempt to create a network credential with sshkey and password.
The request should be met with a 4XX response.
:id: 22a2ca65-5f9d-4c43-89ad-d7ab53223896
:description: Create a network credential with username, sshkey, and
password.
:steps: Send POST with necessary data to the credential api endpoint.
:expectedresults: Error is thrown and no new network credential is created.
"""
ssh_keyfile = Path(uuid4())
ssh_keyfile.touch()
client = api.Client(api.echo_handler)
cred = Credential(
cred_type="network",
client=client,
ssh_keyfile=str(ssh_keyfile.resolve()),
password=uuid4(),
)
response = cred.create()
assert response.status_code == 400
assert "either a password or an ssh_keyfile, not both" in response.text
assert cred._id is None
def test_edit_sudo_password_negative(isolated_filesystem):
"""Edit the sudo password of a not created auth entry.
:id: abe8f6f3-6c45-42a1-abcf-ffd6952cf886
:description: Edit the sudo password of a not created auth entry.
:steps: Run ``rho auth edit --name <invalidname> --sudo-password``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
name = utils.uuid4()
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --sudo-password".format(name))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect('Auth "{}" does not exist'.format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus != 0
def test_edit_username_negative(isolated_filesystem):
"""Edit the username of a not created auth entry.
:id: 66abc87b-0e1b-4033-aae3-876f89aadfe3
:description: Edit the username of a not created auth entry.
:steps: Run ``rho auth edit --name <invalidname> --username <newusername>``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
name = utils.uuid4()
username = utils.uuid4()
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --username={}".format(name, username))
input_vault_password(rho_auth_edit)
rho_auth_edit.logfile = BytesIO()
assert rho_auth_edit.expect('Auth "{}" does not exist'.format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus != 0
def test_edit_sshkeyfile_negative(isolated_filesystem):
"""Edit the sshkeyfile of a not created auth entry.
:id: 4c43d7af-5dd8-4a97-8d48-9cd2e611844e
:description: Edit the sshkeyfile of a not created auth entry.
:steps: Run ``rho auth edit --name <invalidname> --sshkeyfile
<newsshkeyfile>``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
name = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --sshkeyfile {}".format(
name, sshkeyfile.name))
input_vault_password(rho_auth_edit)
rho_auth_edit.logfile = BytesIO()
assert rho_auth_edit.expect('Auth "{}" does not exist'.format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus != 0
def test_create_delete_credential_optional(browser, qpc_login):
"""Create and then delete a credential with optional parameters.
:id: 37632616-86e9-47d1-b1f6-78dd5dde0774
:description: Optional parameters are included in this test,
like Become User and Become Password. Afterwards, the new
credential is deleted.
:steps:
1) Log into the UI.
2) Go to the credentials page and open the Add Credential modal.
3) Fill in required and optional fields and save.
4) Delete the newly created credential.
:expectedresults: A new credential is created and then deleted.
"""
name = utils.uuid4()
username = utils.uuid4()
password = utils.uuid4()
become_user = utils.uuid4()
become_pass = utils.uuid4()
create_credential(
browser,
{
"name": name,
"username": username,
"password": password,
"source_type": "Network",
"become_user": become_user,
"become_pass": become_pass,
},
)
delete_credential(browser, {name})
def test_add_with_username_sshkeyfile(isolated_filesystem):
"""Add an auth with username and sshkeyfile.
:id: 0f709bf8-a1bf-4181-a392-428e6d9400b3
:description: Add an auth entry providing the ``--name``, ``--username``
and ``--sshkeyfile`` options.
:steps: Run ``rho auth add --name <name> --username <username> --sshkeyfile
<sshkeyfile>``
:expectedresults: A new auth entry is created with the data provided as
input.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_edit_credential_sshkey(browser, qpc_login, isolated_filesystem):
"""Edit the sshkeyfile of a credential.
:id: 77281d4c-de9f-4db9-9a9f-0c78b0d3811e
:description: Creates a credential, then attempts to edit the sshkeyfile
to use a new one. The edit is then verified.
:steps:
1) Log into the UI.
2) Go to the credentials page and open the Add Credential modal.
3) Fill required fields, using the SSH key option and save.
4) Edit the credential parameters and save, make sure it changed.
:expectedresults: A new credential is created and then edited.
"""
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
options = {
"name": utils.uuid4(),
"username": utils.uuid4(),
"sshkeyfile": str(sshkeyfile.resolve()),
"source_type": "Network",
}
create_credential(browser, options)
new_sshkeyfile = Path(utils.uuid4())
new_sshkeyfile.touch()
new_options = {
"sshkeyfile": str(new_sshkeyfile.resolve()),
"source_type": "Network",
}
edit_credential(browser, options["name"], new_options)
delete_credential(browser, {options["name"]})
def test_create_delete_credential(browser, qpc_login, source_type):
"""Create and then delete a credential in the quipucords UI.
:id: d9fd61f5-1e8e-4091-b8c5-bc787884c6be
:description: Go to the credentials page and follow the creation process.
:steps:
1) Log into the UI.
2) Go to the credentials page and open the Add Credential modal.
3) Fill in required fields and save.
4) Delete the newly created credential.
:expectedresults: A new credential is created and then deleted.
"""
name = utils.uuid4()
username = utils.uuid4()
password = utils.uuid4()
create_credential(
browser,
{
"name": name,
"username": username,
"password": password,
"source_type": source_type,
},
)
delete_credential(browser, {name})
def __init__(
self,
client=None,
name=None,
username=None,
password=None,
ssh_keyfile=None,
cred_type=None,
become_method=None,
become_password=None,
become_user=None,
_id=None,
):
"""Create a host credential with given data.
If no arguments are passed, then a api.Client will be initialized and a
uuid4 generated for the name and username.
For a Credential to be successfully created on the QPC server,
a password XOR a ssh_keyfile must be provided.
"""
super().__init__(client=client, _id=_id)
self.name = uuid4() if name is None else name
self.endpoint = QPC_CREDENTIALS_PATH
self.username = uuid4() if username is None else username
self.password = password
self.ssh_keyfile = ssh_keyfile
self.cred_type = cred_type
if become_method is not None:
self.become_method = become_method
if become_password is not None:
self.become_password = become_password
if become_user is not None:
self.become_user = become_user
def test_update_sshkey_to_password(shared_client, cleanup,
isolated_filesystem):
"""Create a network credential using password and switch it to use sshkey.
:id: d24a54b5-3d8c-44e4-a0ae-61584a15b127
:description: Create a network credential with a sshkey, then update it
to use a password.
:steps:
1) Create a network credential with a username and sshkey.
2) Update the network credential deleting sshkey and updating
password.
3) Confirm network credential has been updated.
:expectedresults: The network credential is updated.
"""
sshkeyfile_name = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
cred = Credential(cred_type="network",
ssh_keyfile=f"/sshkeys/{tmp_dir}/{sshkeyfile_name}")
cred.create()
# add the id to the list to destroy after the test is done
cleanup.append(cred)
assert_matches_server(cred)
cred.client.response_handler = api.echo_handler
cred.password = uuid4()
cred.ssh_keyfile = None
cred.update()
assert_matches_server(cred)
def test_update_password_to_sshkeyfile(shared_client, cleanup,
isolated_filesystem):
"""Create a network credential using password and switch it to use sshkey.
:id: 6e557092-192b-4f75-babc-abc5774fe965
:description: Create a network credential with password, then update it
to use a sshkey.
:steps:
1) Create a network credential with a username and password.
2) Update the network credential deleting password and adding sshkey.
3) Confirm network credential has been updated.
:expectedresults: The network credential is updated.
"""
cred = Credential(cred_type="network",
client=shared_client,
password=uuid4())
cred.create()
# add the id to the list to destroy after the test is done
cleanup.append(cred)
assert_matches_server(cred)
sshkeyfile_name = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
cred.ssh_keyfile = f"/sshkeys/{tmp_dir}/{sshkeyfile_name}"
cred.password = None
cred.update()
assert_matches_server(cred)
def test_edit_become_password_negative(isolated_filesystem, qpc_server_config):
"""Edit the become password of a not created auth entry.
:id: 6364d80b-97b1-404e-85fd-76eebb7c6b5e
:description: Edit the become password of a not created auth entry.
:steps: Run ``qpc cred edit --name <invalidname> --become-password``
:expectedresults: The command should fail with a proper message.
"""
name = utils.uuid4()
username = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile_name = utils.uuid4()
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
cred_add_and_check({
"name": name,
"username": username,
"sshkeyfile": f"/sshkeys/{tmp_dir}/{sshkeyfile_name}"
})
name = utils.uuid4()
qpc_cred_edit = pexpect.spawn(
"{} cred edit --name={} --become-password".format(client_cmd, name))
assert qpc_cred_edit.expect(
'Credential "{}" does not exist'.format(name)) == 0
assert qpc_cred_edit.expect(pexpect.EOF) == 0
qpc_cred_edit.close()
assert qpc_cred_edit.exitstatus != 0
def test_create_delete_credential_sshkey(isolated_filesystem, browser,
qpc_login):
"""Create and then delete a credential using an sshkey file.
:id: 5ec5847c-6d41-4e4a-9f22-cc433eb11078
:description: An SSH keyfile is created and used in this test
to create a credential, which is deleted afterwards.
:steps:
1) Log into the UI.
2) Go to the credentials page and open the Add Credential modal.
3) Fill in required fields, using the SSH key option and save.
4) Delete the newly created credential.
:expectedresults: A new credential is created and then deleted.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
passphrase = utils.uuid4()
create_credential(
browser,
{
"name": name,
"username": username,
"sshkeyfile": str(sshkeyfile.resolve()),
"passphrase": passphrase,
"source_type": "Network",
},
)
check_auth_type(name, "SSH Key")
delete_credential(browser, {name})
def test_add_with_username_password(isolated_filesystem, qpc_server_config,
source_type):
"""Add an auth with username and password.
:id: c935d34c-54f6-443f-a85c-344934bc0cfb
:description: Add an auth entry providing the ``--name``, ``--username``
and ``--pasword`` options.
:steps: Run ``qpc cred add --name <name> --username <username> --password``
:expectedresults: A new auth entry is created with the data provided as
input.
"""
name = utils.uuid4()
username = utils.uuid4()
cred_add_and_check(
{
"name": name,
"username": username,
"password": None,
"type": source_type
},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
cred_show_and_check(
{"name": name},
generate_show_output({
"cred_type": source_type,
"name": name,
"password": MASKED_PASSWORD_OUTPUT,
"username": username,
}),
)
def test_update(shared_client, cleanup, scan_host, src_type):
"""Create a {network, vcenter} source and then update it.
:id: 900dda70-6208-44f5-b64d-f6ca4db7dfa4
:description: Create {network, vcenter} source of single host and
credential
:steps:
1) Create host credential
2) Send POST with data to create {network, vcenter} source using the
host credential to the source endpoint.
3) Add a host and a new credential and send and PUT to the server with
the data
:expectedresults: The source entry is created and updated.
"""
cred = Credential(cred_type=src_type, client=shared_client, password=uuid4())
cred.create()
cleanup.append(cred)
src = Source(
source_type=src_type,
client=shared_client,
hosts=[scan_host],
credential_ids=[cred._id],
)
src.create()
cleanup.append(src)
assert_matches_server(src)
src.hosts = ["example.com"]
cred2 = Credential(cred_type=src_type, password=uuid4())
cred2.create()
cleanup.append(cred2)
src.credentials = [cred2._id]
src.update()
assert_matches_server(src)
def test_edit_password(isolated_filesystem):
"""Edit an auth's password.
:id: 78c80041-ad2c-461a-8d70-d4ee71645e93
:description: Edit the password of an auth entry.
:steps: Run ``rho auth edit --name <name> --password <newpassword>``
:expectedresults: The auth password must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
password = utils.uuid4()
new_password = utils.uuid4()
auth_add(
{
"name": name,
"username": username,
"password": None
},
[(CONNECTION_PASSWORD_INPUT, password)],
)
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": "******",\r\n'
' "ssh_key_file": null,\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, MASKED_PASSWORD_OUTPUT,
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --password".format(name))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect(CONNECTION_PASSWORD_INPUT) == 0
rho_auth_edit.sendline(new_password)
assert rho_auth_edit.expect("Auth '{}' updated".format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus == 0
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": "******",\r\n'
' "ssh_key_file": null,\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, MASKED_PASSWORD_OUTPUT,
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_edit_sshkeyfile(isolated_filesystem):
"""Edit an auth's sshkeyfile.
:id: 557dfcd0-56d8-4d82-bdd0-42caef5691a8
:description: Edit the sshkeyfile of an auth entry.
:steps: Run ``rho auth edit --name <name> --sshkeyfile <newsshkeyfile>``
:expectedresults: The auth sshkeyfile must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
new_sshkeyfile = Path(utils.uuid4())
new_sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --sshkeyfile {}".format(
name, new_sshkeyfile.name))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect("Auth '{}' updated".format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus == 0
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name,
new_sshkeyfile.resolve(),
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_add_with_auth_hosts_file(isolated_filesystem, hosts):
"""Add a profile with auth and hosts populated on a file.
:id: 3e5712b4-f53f-44f2-9083-df73f4b59fa4
:description: Add a profile entry providing the ``--name``, ``--auth`` and
``--hosts`` options, the value of the ``--hosts`` options should be a
file.
:steps: Run ``rho profile add --name <name> --auth <auth> --hosts
<hosts_file>``
:expectedresults: A new profile entry is created with the data provided as
input.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
with open("hosts_file", "w") as handler:
handler.write(hosts + "\n")
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {}".format(
name, auth_name, "hosts_file"
)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
if hosts.endswith("0/24"):
hosts = hosts.replace("0/24", r"\[0:255\]")
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "22"\r\n'
r"}}\r\n".format(auth_name, hosts, name)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
def test_success(self):
"""Assert the method returns a path when a config file is found."""
with mock.patch.object(xdg.BaseDirectory, "load_config_paths") as lcp:
lcp.return_value = ("an_iterable", "of_xdg", "config_paths")
with mock.patch.object(os.path, "isfile") as isfile:
isfile.return_value = True
# pylint:disable=protected-access
config._get_config_file_path(utils.uuid4(), utils.uuid4())
self.assertGreater(isfile.call_count, 0)
def test_edit_username(isolated_filesystem):
"""Edit an auth's username.
:id: 3849423c-60cd-473b-a305-7359a2d3477d
:description: Edit the username of an auth entry.
:steps: Run ``rho auth edit --name <name> --username <newusername>``
:expectedresults: The auth username must be updated and the ``credentials``
file must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
new_username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
rho_auth_edit = pexpect.spawn(
"rho auth edit --name={} --username={}".format(name, new_username))
input_vault_password(rho_auth_edit)
assert rho_auth_edit.expect("Auth '{}' updated".format(name)) == 0
assert rho_auth_edit.expect(pexpect.EOF) == 0
rho_auth_edit.close()
assert rho_auth_edit.exitstatus == 0
rho_auth_show = pexpect.spawn("rho auth show --name={}".format(name))
input_vault_password(rho_auth_show)
assert (rho_auth_show.expect("{{\r\n"
' "id": "(.*)",\r\n'
' "name": "{}",\r\n'
' "password": null,\r\n'
' "ssh_key_file": "{}",\r\n'
' "sudo_password": null,\r\n'
' "username": "******"\r\n'
"}}\r\n".format(name, sshkeyfile.resolve(),
new_username)) == 0)
assert rho_auth_show.expect(pexpect.EOF) == 0
rho_auth_show.close()
assert rho_auth_show.exitstatus == 0
def test_edit_become_password(isolated_filesystem, qpc_server_config):
"""Edit an auth's become password.
:id: e1230ce5-7cb5-40d5-8f50-ff33779eee9e
:description: Edit the password of an auth entry.
:steps: Run ``qpc cred edit --name <name> --become-password``
:expectedresults: The auth become password must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile_name = utils.uuid4()
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
become_password = utils.uuid4()
new_become_password = utils.uuid4()
cred_add_and_check(
{
"name": name,
"username": username,
"sshkeyfile": f"/sshkeys/{tmp_dir}/{sshkeyfile_name}",
"become-password": None,
},
[(BECOME_PASSWORD_INPUT, become_password)],
)
cred_show_and_check(
{"name": name},
generate_show_output({
"become_password": MASKED_PASSWORD_OUTPUT,
"name": name,
"ssh_keyfile": f"/sshkeys/{tmp_dir}/{sshkeyfile_name}",
"username": username,
}),
)
qpc_cred_edit = pexpect.spawn(
"{} cred edit --name={} --become-password".format(client_cmd, name))
assert qpc_cred_edit.expect(BECOME_PASSWORD_INPUT) == 0
qpc_cred_edit.sendline(new_become_password)
assert qpc_cred_edit.expect(
'Credential "{}" was updated'.format(name)) == 0
assert qpc_cred_edit.expect(pexpect.EOF) == 0
qpc_cred_edit.close()
assert qpc_cred_edit.exitstatus == 0
cred_show_and_check(
{"name": name},
generate_show_output({
"become_password": MASKED_PASSWORD_OUTPUT,
"name": name,
"ssh_keyfile": f"/sshkeys/{tmp_dir}/{sshkeyfile_name}",
"username": username,
}),
)
def test_failures(self):
"""Assert the method raises an exception when no config is found."""
with mock.patch.object(xdg.BaseDirectory, "load_config_paths") as lcp:
lcp.return_value = ("an_iterable", "of_xdg", "config_paths")
with mock.patch.object(os.path, "isfile") as isfile:
isfile.return_value = False
with self.assertRaises(exceptions.ConfigFileNotFoundError):
# pylint:disable=protected-access
config._get_config_file_path(utils.uuid4(), utils.uuid4())
self.assertGreater(isfile.call_count, 0)
def test_clear_all(isolated_filesystem):
"""Clear all auth entries.
:id: 1110b433-b5a2-45d3-bd7d-8440ae2a0bf8
:description: Clear multiple auth entries using the ``--all`` option.
:steps: Run ``rho auth clear --all``
:expectedresults: All auth entries are removed.
"""
auths = []
for _ in range(random.randint(2, 3)):
name = utils.uuid4()
username = utils.uuid4()
sshkeyfile = Path(utils.uuid4())
sshkeyfile.touch()
auth = {
"name": name,
"password": None,
"ssh_key_file": str(sshkeyfile.resolve()),
"sudo_password": None,
"username": username,
}
auths.append(auth)
auth_add({
"name": name,
"username": username,
"sshkeyfile": sshkeyfile.name
})
rho_auth_list = pexpect.spawn("rho auth list")
input_vault_password(rho_auth_list)
logfile = BytesIO()
rho_auth_list.logfile = logfile
assert rho_auth_list.expect(pexpect.EOF) == 0
rho_auth_list.close()
assert rho_auth_list.exitstatus == 0
output = json.loads(logfile.getvalue().decode("utf-8"))
logfile.close()
for auth in output:
del auth["id"]
assert auths == output
rho_auth_clear = pexpect.spawn("rho auth clear --all")
assert rho_auth_clear.expect("All authorization credentials removed") == 0
assert rho_auth_clear.expect(pexpect.EOF) == 0
rho_auth_clear.close()
assert rho_auth_clear.exitstatus == 0
rho_auth_list = pexpect.spawn("rho auth list")
input_vault_password(rho_auth_list)
assert rho_auth_list.expect("No credentials exist yet.") == 0
assert rho_auth_list.expect(pexpect.EOF) == 0
rho_auth_list.close()
assert rho_auth_list.exitstatus == 1
def test_add_with_sshport(isolated_filesystem):
"""Add a profile with auth, hosts and port.
:id: 487e0718-7553-4f8f-b454-a679dd34474c
:description: Add a profile entry providing the ``--name``, ``--auth``,
``--hosts`` and ``--port`` options.
:steps: Run ``rho profile add --name <name> --auth <auth> --hosts <hosts>
--port <port>``
:expectedresults: A new profile entry is created with the data provided as
input.
"""
auth_name = utils.uuid4()
name = utils.uuid4()
hosts = "127.0.0.1"
sshport = random.randint(0, 65535)
auth_add(
{"name": auth_name, "username": utils.uuid4(), "password": None},
[(CONNECTION_PASSWORD_INPUT, utils.uuid4())],
)
rho_profile_add = pexpect.spawn(
"rho profile add --name {} --auth {} --hosts {} --sshport {}".format(
name, auth_name, hosts, sshport
)
)
input_vault_password(rho_profile_add)
assert rho_profile_add.expect('Profile "{}" was added'.format(name)) == 0
assert rho_profile_add.expect(pexpect.EOF) == 0
rho_profile_add.close()
assert rho_profile_add.exitstatus == 0
rho_profile_show = pexpect.spawn("rho profile show --name={}".format(name))
input_vault_password(rho_profile_show)
assert (
rho_profile_show.expect(
r"{{\r\n"
r' "auth": \[\r\n'
r" {{\r\n"
r' "id": ".*",\r\n'
r' "name": "{}"\r\n'
r" }}\r\n"
r" \],\r\n"
r' "hosts": \[\r\n'
r' "{}"\r\n'
r" \],\r\n"
r' "name": "{}",\r\n'
r' "ssh_port": "{}"\r\n'
r"}}\r\n".format(auth_name, hosts, name, sshport)
)
== 0
), rho_profile_show.stdout
assert rho_profile_show.expect(pexpect.EOF) == 0
rho_profile_show.close()
assert rho_profile_show.exitstatus == 0
def test_edit_sshkeyfile(isolated_filesystem, qpc_server_config):
"""Edit an auth's sshkeyfile.
:id: 81975705-bc77-4d1c-a8dd-72d1b996e19d
:description: Edit the sshkeyfile of an auth entry.
:steps: Run ``qpc cred edit --name <name> --sshkeyfile <newsshkeyfile>``
:expectedresults: The auth sshkeyfile must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
tmp_dir = os.path.basename(os.getcwd())
sshkeyfile_name = utils.uuid4()
sshkeyfile = Path(sshkeyfile_name)
sshkeyfile.touch()
new_sshkeyfile_name = utils.uuid4()
new_sshkeyfile = Path(new_sshkeyfile_name)
new_sshkeyfile.touch()
cred_add_and_check({
"name": name,
"username": username,
"sshkeyfile": f"/sshkeys/{tmp_dir}/{sshkeyfile_name}"
})
cred_show_and_check(
{"name": name},
generate_show_output({
"name": name,
"ssh_keyfile": f"/sshkeys/{tmp_dir}/{sshkeyfile_name}",
"username": username
}),
)
qpc_cred_edit = pexpect.spawn(
"{} cred edit --name={} --sshkeyfile {}".format(
client_cmd, name, f"/sshkeys/{tmp_dir}/{new_sshkeyfile_name}"))
qpc_cred_edit.logfile = BytesIO()
assert qpc_cred_edit.expect(
'Credential "{}" was updated'.format(name)) == 0
assert qpc_cred_edit.expect(pexpect.EOF) == 0
qpc_cred_edit.close()
assert qpc_cred_edit.exitstatus == 0
cred_show_and_check(
{"name": name},
generate_show_output({
"name": name,
"ssh_keyfile": f"/sshkeys/{tmp_dir}/{new_sshkeyfile_name}",
"username": username,
}),
)
def test_edit_password(isolated_filesystem, qpc_server_config, source_type):
"""Edit an auth's password.
:id: 07bbe78d-d140-449d-b835-59b35d9e9a59
:description: Edit the password of an auth entry.
:steps: Run ``qpc cred edit --name <name> --password <newpassword>``
:expectedresults: The auth password must be updated.
"""
name = utils.uuid4()
username = utils.uuid4()
password = utils.uuid4()
new_password = utils.uuid4()
cred_add_and_check(
{
"name": name,
"username": username,
"password": None,
"type": source_type
},
[(CONNECTION_PASSWORD_INPUT, password)],
)
cred_show_and_check(
{"name": name},
generate_show_output({
"cred_type": source_type,
"name": name,
"password": MASKED_PASSWORD_OUTPUT,
"username": username,
}),
)
qpc_cred_edit = pexpect.spawn("{} cred edit --name={} --password".format(
client_cmd, name))
assert qpc_cred_edit.expect(CONNECTION_PASSWORD_INPUT) == 0
qpc_cred_edit.sendline(new_password)
assert qpc_cred_edit.expect(
'Credential "{}" was updated'.format(name)) == 0
assert qpc_cred_edit.expect(pexpect.EOF) == 0
qpc_cred_edit.close()
assert qpc_cred_edit.exitstatus == 0
cred_show_and_check(
{"name": name},
generate_show_output({
"cred_type": source_type,
"name": name,
"password": MASKED_PASSWORD_OUTPUT,
"username": username,
}),
)
