def test_provision_unprovision_keytab(self):
"""
Test provision / unprovision keytab
Requires to run a ipa-get/rmkeytab on UI host.
"""
if not self.has_ca():
self.skip('CA is not configured')
hostname = self.config.get('ipa_server')
csr = generate_csr(hostname)
self.init_app()
pkey = self.get_service_pkey('cifs')
self.navigate_to_entity(ENTITY)
# provision service
self.add_service('cifs')
self.navigate_to_record(pkey, entity=ENTITY)
self.action_list_action('request_cert', confirm=False)
self.assert_dialog()
self.fill_text("textarea[name='csr'", csr)
self.dialog_button_click('issue')
self.run_keytab_on_host(pkey, 'get')
self.wait(1)
self.facet_button_click('refresh')
# assert key present
no_key_selector = 'div[name="kerberos-key-valid"] label'
provisioned_assert = 'Kerberos Key Present, Service Provisioned'
self.assert_text(no_key_selector, provisioned_assert)
# unprovision service
self.action_list_action('unprovision', confirm_btn='unprovision')
self.facet_button_click('refresh')
self.run_keytab_on_host(pkey, 'rm')
# assert key not present
no_key_selector = 'div[name="kerberos-key-missing"] label'
provisioned_assert = 'Kerberos Key Not Present'
self.assert_text(no_key_selector, provisioned_assert)
# service cleanup
self.navigate_to_entity(ENTITY)
self.delete_record(pkey)
def test_provision_unprovision_keytab(self):
"""
Test provision / unprovision keytab
Requires to run a ipa-get/rmkeytab on UI host.
"""
if not self.has_ca():
self.skip('CA is not configured')
hostname = self.config.get('ipa_server')
csr = generate_csr(hostname)
self.init_app()
pkey = self.get_service_pkey('cifs')
self.navigate_to_entity(ENTITY)
# provision service
self.add_service('cifs')
self.navigate_to_record(pkey, entity=ENTITY)
self.action_list_action('request_cert', confirm=False)
self.assert_dialog()
self.fill_text("textarea[name='csr'", csr)
self.dialog_button_click('issue')
self.run_keytab_on_host(pkey, 'get')
self.wait(1)
self.facet_button_click('refresh')
# assert key present
no_key_selector = 'div[name="kerberos-key-valid"] label'
provisioned_assert = 'Kerberos Key Present, Service Provisioned'
self.assert_text(no_key_selector, provisioned_assert)
# unprovision service
self.action_list_action('unprovision', confirm_btn='unprovision')
self.facet_button_click('refresh')
self.run_keytab_on_host(pkey, 'rm')
# assert key not present
no_key_selector = 'div[name="kerberos-key-missing"] label'
provisioned_assert = 'Kerberos Key Not Present'
self.assert_text(no_key_selector, provisioned_assert)
# service cleanup
self.navigate_to_entity(ENTITY)
self.delete_record(pkey)
def test_search_revocation_reason(self):
"""
Try to search certificates by revocation reason
"""
self.init_app()
self.navigate_to_entity(ENTITY)
# add a new cert
hostname = self.config.get('ipa_server')
csr = generate_csr(hostname)
record = add_cert(self, 'HTTP/{}'.format(hostname), csr)
# revoke added cert
revoke_cert(self, record, '1')
# search cert by revocation reason
self.navigate_to_entity(ENTITY)
self.select('select[name=search_option]', 'revocation_reason')
search_pkey(self, '1')
rows = self.get_rows()
assert len(rows) != 0
# search cert by string.
check_integer(self, 'nonexistent', 'revocation_reason')
# search cert by special char
check_integer(self, '<,>.?/', 'revocation_reason')
# search revocation reason negative Number.
self.navigate_to_entity(ENTITY)
self.select('select[name=search_option]', 'revocation_reason')
search_pkey(self, '-1')
rows = self.get_rows()
assert len(rows) == 0
# valid revocation reason can be value from 0 to 10
# try revocation reason as other than valid value
self.navigate_to_entity(ENTITY)
self.select('select[name=search_option]', 'revocation_reason')
search_pkey(self, '11')
rows = self.get_rows()
assert len(rows) == 0
def _add_and_revoke_cert(self, reason='1'):
hostname = self.config.get('ipa_server')
csr = generate_csr(hostname)
self.navigate_to_entity(ENTITY)
self.facet_button_click('request_cert')
self.fill_textbox('principal', 'HTTP/{}'.format(hostname))
self.check_option('add', 'checked')
self.fill_textarea('csr', csr)
self.dialog_button_click('issue')
self.assert_notification(assert_text='Certificate requested')
self.navigate_to_entity(ENTITY)
rows = self.get_rows()
cert = rows[-1]
self.navigate_to_row_record(cert)
self.action_list_action('revoke_cert', False)
self.select('select[name=revocation_reason]', reason)
self.dialog_button_click('ok')
self.navigate_to_entity(ENTITY)
return cert
def _add_and_revoke_cert(self, reason='1'):
hostname = self.config.get('ipa_server')
csr = generate_csr(hostname)
self.navigate_to_entity(ENTITY)
self.facet_button_click('request_cert')
self.fill_textbox('principal', 'HTTP/{}'.format(hostname))
self.check_option('add', 'checked')
self.fill_textarea('csr', csr)
self.dialog_button_click('issue')
self.assert_notification(assert_text='Certificate requested')
self.navigate_to_entity(ENTITY)
rows = self.get_rows()
cert = rows[-1]
self.navigate_to_row_record(cert)
self.action_list_action('revoke_cert', False)
self.select('select[name=revocation_reason]', reason)
self.dialog_button_click('ok')
self.navigate_to_entity(ENTITY)
return cert
def test_certificates(self):
"""
Test user certificate actions
Requires to have CA installed.
"""
if not self.has_ca():
self.skip('CA is not configured')
self.init_app()
cert_widget_sel = "div.certificate-widget"
self.add_record(user.ENTITY, user.DATA)
self.wait()
self.close_notifications()
self.navigate_to_record(user.PKEY)
# cert request
csr = generate_csr(user.PKEY, False)
self.action_list_action('request_cert', confirm=False)
self.wait(seconds=2)
self.assert_dialog()
self.fill_text("textarea[name='csr']", csr)
self.dialog_button_click('issue')
self.wait_for_request(n=2, d=3)
self.assert_visible(cert_widget_sel)
# cert view
self.action_list_action('view', confirm=False,
parents_css_sel=cert_widget_sel)
self.assert_dialog()
self.dialog_button_click('close')
# cert get
self.action_list_action('get', confirm=False,
parents_css_sel=cert_widget_sel)
self.assert_dialog()
# check that the textarea is not empty
self.assert_empty_value('textarea.certificate', negative=True)
self.dialog_button_click('close')
# cert download - we can only try to click the download action
self.action_list_action('download', confirm=False,
parents_css_sel=cert_widget_sel)
# check that revoke action is enabled
self.assert_action_list_action('revoke',
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action is not enabled
self.assert_action_list_action('remove_hold', enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cert revoke
self.action_list_action('revoke', confirm=False,
parents_css_sel=cert_widget_sel)
self.wait()
self.select('select', '6')
self.dialog_button_click('ok')
self.wait_for_request(n=2, d=3)
self.assert_visible(cert_widget_sel + " div.watermark")
# check that revoke action is not enabled
self.assert_action_list_action('revoke', enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action is enabled
self.assert_action_list_action('remove_hold',
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cert remove hold
self.action_list_action('remove_hold', confirm=False,
parents_css_sel=cert_widget_sel)
self.wait()
self.dialog_button_click('ok')
self.wait_for_request(n=2)
# check that revoke action is enabled
self.assert_action_list_action('revoke',
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action is not enabled
self.assert_action_list_action('remove_hold', enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cleanup
self.navigate_to_entity(user.ENTITY, 'search')
self.delete_record(user.PKEY, user.DATA.get('del'))
def test_certificates(self):
"""
Test service certificate actions
Requires to have CA installed.
"""
if not self.has_ca():
self.skip('CA is not configured')
self.init_app()
data = self.prep_data()
pkey = data.get('pkey')
hostname = self.config.get('ipa_server')
csr = generate_csr(hostname)
cert_widget_sel = "div.certificate-widget"
self.add_record(ENTITY, data)
self.navigate_to_record(pkey)
# cert request
self.action_list_action('request_cert', confirm=False)
# testing if cancel button works
self.dialog_button_click('cancel')
self.action_list_action('request_cert', confirm=False)
self.assert_dialog()
self.fill_text("textarea[name='csr'", csr)
self.dialog_button_click('issue')
self.wait_for_request(n=2, d=3)
self.assert_visible(cert_widget_sel)
widget = self.find(cert_widget_sel, By.CSS_SELECTOR)
# cert view
self.action_list_action('view', confirm=False,
parents_css_sel=cert_widget_sel)
self.assert_dialog()
self.dialog_button_click('close')
# cert get
self.action_list_action('get', confirm=False,
parents_css_sel=cert_widget_sel)
self.assert_dialog()
# check that text area is not empty
self.assert_empty_value('textarea.certificate', negative=True)
self.dialog_button_click('close')
# cert download - we can only try to click the download action
self.action_list_action('download', confirm=False,
parents_css_sel=cert_widget_sel)
# check that revoke action is enabled
self.assert_action_list_action('revoke',
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action is not enabled
self.assert_action_list_action('remove_hold', enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cert revoke/hold cancel
self.action_list_action('revoke', confirm=False,
parents_css_sel=cert_widget_sel)
self.wait()
self.select('select', '6')
self.dialog_button_click('cancel')
# cert revoke/hold
self.action_list_action('revoke', confirm=False,
parents_css_sel=cert_widget_sel)
self.wait()
self.select('select', '6')
self.dialog_button_click('ok')
self.wait_while_working(widget)
self.assert_visible(cert_widget_sel + " div.watermark")
# check that revoke action is not enabled
self.assert_action_list_action('revoke', enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action is enabled
self.assert_action_list_action('remove_hold',
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cert remove hold cancel
self.action_list_action('remove_hold', confirm=False,
parents_css_sel=cert_widget_sel)
self.dialog_button_click('cancel')
# cert remove hold
self.action_list_action('remove_hold', confirm=False,
parents_css_sel=cert_widget_sel)
self.wait()
self.dialog_button_click('ok')
self.wait_while_working(widget)
# check that revoke action is enabled
self.assert_action_list_action('revoke',
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action is not enabled
self.assert_action_list_action('remove_hold', enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cert revoke cancel
self.action_list_action('revoke', confirm=False,
parents_css_sel=cert_widget_sel)
self.wait()
self.select('select', '1')
self.dialog_button_click('cancel')
# cert revoke
self.action_list_action('revoke', confirm=False,
parents_css_sel=cert_widget_sel)
self.wait()
self.select('select', '1')
self.dialog_button_click('ok')
self.close_notifications()
self.wait_while_working(widget)
# check that revoke action is not enabled
self.assert_action_list_action('revoke', enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action not is enabled
self.assert_action_list_action('remove_hold', enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cleanup
self.navigate_to_entity(ENTITY, 'search')
self.delete_record(pkey, data.get('del'))
def test_certificates(self):
"""
Test host certificate actions
"""
if not self.has_ca():
self.skip('CA is not configured')
self.init_app()
cert_widget_sel = "div.certificate-widget"
self.add_record(ENTITY, self.data)
self.navigate_to_record(self.pkey)
# cert request
csr = generate_csr(self.pkey)
self.action_list_action('request_cert', confirm=False)
self.assert_dialog()
self.fill_text("textarea[name='csr']", csr)
self.dialog_button_click('issue')
self.wait_for_request(n=2, d=3)
self.assert_visible(cert_widget_sel)
widget = self.find(cert_widget_sel, By.CSS_SELECTOR)
# cert view
self.action_list_action('view',
confirm=False,
parents_css_sel=cert_widget_sel)
self.assert_dialog()
self.dialog_button_click('close')
# cert get
self.action_list_action('get',
confirm=False,
parents_css_sel=cert_widget_sel)
self.assert_dialog()
# check that the textarea is not empty
self.assert_empty_value('textarea.certificate', negative=True)
self.dialog_button_click('close')
# cert download - we can only try to click the download action
self.action_list_action('download',
confirm=False,
parents_css_sel=cert_widget_sel)
# check that revoke action is enabled
self.assert_action_list_action('revoke',
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action is not enabled
self.assert_action_list_action('remove_hold',
enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cert revoke
self.action_list_action('revoke',
confirm=False,
parents_css_sel=cert_widget_sel)
self.wait()
self.select('select', '6')
self.dialog_button_click('ok')
self.wait_while_working(widget)
self.assert_visible(cert_widget_sel + " div.watermark")
# check that revoke action is not enabled
self.assert_action_list_action('revoke',
enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action is enabled
self.assert_action_list_action('remove_hold',
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cert remove hold
self.action_list_action('remove_hold',
confirm=False,
parents_css_sel=cert_widget_sel)
self.wait()
self.dialog_button_click('ok')
self.wait_while_working(widget)
# check that revoke action is enabled
self.assert_action_list_action('revoke',
parents_css_sel=cert_widget_sel,
facet_actions=False)
# check that remove_hold action is not enabled
self.assert_action_list_action('remove_hold',
enabled=False,
parents_css_sel=cert_widget_sel,
facet_actions=False)
# cleanup
self.navigate_to_entity(ENTITY, 'search')
self.delete_record(self.pkey, self.data.get('del'))