def test_whoami(data): def assert_whoami(client, user_data, org): user = client.users.whoami() utils.assert_user_data(user, user_data, org) def assert_whoami_fails(client): with pytest.raises(StatusCodeException) as e: client.users.whoami() utils.assert_status_code_exception( exception=e.value, status_code=401, method="GET", url=utils.get_url("whoami"), data={"msg": "Missing Authorization Header"}, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) assert_whoami(client, user_data, None) client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) assert_whoami(client, user_data, org_data["name"]) client.logout() client = utils.get_client_sysadmin() client.logout() assert_whoami_fails(client)
def test_logout(data): def assert_logout(client): utils.assert_access_token(client) client.logout() utils.assert_not_access_token(client) def assert_logout_fails(client): with pytest.raises(StatusCodeException) as e: client.logout() utils.assert_status_code_exception( exception=e.value, status_code=401, method="POST", url=utils.get_url("auth/logout"), data={"msg": "Missing Authorization Header"}, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) assert_logout(client) client = utils.get_client_org(user_data["username"], user_data["password"], None) assert_logout(client) for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) assert_logout(client) client = utils.get_client_sysadmin() client.logout() assert_logout_fails(client)
def test_list_orgs(data): def assert_list_orgs(client): orgs = client.organizations.list_organizations() expected_len = len(data["organizations"]) actual_len = len(orgs) assert actual_len == expected_len, f"len(orgs) {actual_len} != {expected_len}" for org_data in data["organizations"].values(): for org in orgs: if org.name == org_data["name"]: utils.assert_org_data(org, org_data) break else: assert False, f"Organization \"{org_data['name']}\" not found" def assert_list_orgs_fails(client): with pytest.raises(StatusCodeException) as e: client.organizations.list_organizations() utils.assert_status_code_exception( exception=e.value, status_code=401, method="GET", url=utils.get_url("organization/all"), data={"msg": "Missing Authorization Header"}, ) def assert_list_orgs_forbidden(client): with pytest.raises(StatusCodeException) as e: client.organizations.list_organizations() utils.assert_status_code_exception( exception=e.value, status_code=403, method="GET", url=utils.get_url("organization/all"), data={ "error": "You are not authorized to access this resource: system_admin required." }, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) assert_list_orgs(client) client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) assert_list_orgs_forbidden(client) client.logout() client = utils.get_client_sysadmin() client.logout() assert_list_orgs_fails(client)
def test_get_org_by_name(data): def assert_get_org_by_name(client, org_data): org = client.organizations.get_organization_by_name(org_data["name"]) utils.assert_org_data(org, org_data) def assert_get_org_by_name_invalid(client, name): with pytest.raises(ValueError) as e: client.organizations.get_organization_by_name(name) assert str(e.value) == f"Invalid organization {name}" def assert_get_org_by_name_fails(client, name): with pytest.raises(StatusCodeException) as e: client.organizations.get_organization_by_name(name) utils.assert_status_code_exception( exception=e.value, status_code=401, method="GET", url=utils.get_url("organization/all"), data={"msg": "Missing Authorization Header"}, ) def assert_get_org_by_name_forbidden(client, name): with pytest.raises(StatusCodeException) as e: client.organizations.get_organization_by_name(name) utils.assert_status_code_exception( exception=e.value, status_code=403, method="GET", url=utils.get_url("organization/all"), data={ "error": "You are not authorized to access this resource: system_admin required." }, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) for org in data["organizations"].values(): assert_get_org_by_name(client, org) assert_get_org_by_name_invalid(client, "invalid") client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) for org in data["organizations"].values(): assert_get_org_by_name_forbidden(client, org["name"]) assert_get_org_by_name_forbidden(client, "invalid") client.logout() client = utils.get_client_sysadmin() client.logout() assert_get_org_by_name_fails(client, "invalid")
def test_get_metadata(data, awslang): def assert_get_metadata(client): metalist = client.metadata.get_metadata() # uncommment this to serialize new test input data # with open("newlang.json", mode='w') as writer: # from securicad.enterprise.metadata import RiskTypeJsonEncoder # import json # json.dump(fp=writer, obj=metalist, indent=2, cls=RiskTypeJsonEncoder) expected_len = len(awslang) actual_len = len(metalist) assert (actual_len == expected_len ), f"len(metalist) {actual_len} != {expected_len}" for i in range(actual_len): expected_asset = awslang[i] actual_asset = metalist[i] assert ( actual_asset["name"] == expected_asset["name"] ), f"Unexpected asset name \"{actual_asset['name']}\" != \"{expected_asset['name']}\"" expected_attacksteps_len = len(expected_asset["attacksteps"]) actual_attacksteps_len = len(actual_asset["attacksteps"]) assert ( actual_attacksteps_len == expected_attacksteps_len ), f"len({expected_asset['name']}[\"attacksteps\"]) {actual_attacksteps_len} != {expected_attacksteps_len}" def assert_get_metadata_fails(client): with pytest.raises(StatusCodeException) as e: client.metadata.get_metadata() utils.assert_status_code_exception( exception=e.value, status_code=401, method="GET", url=utils.get_url("metadata"), data={"msg": "Missing Authorization Header"}, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) assert_get_metadata(client) client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) assert_get_metadata(client) client.logout() client = utils.get_client_sysadmin() client.logout() assert_get_metadata_fails(client)
def create_data() -> None: import utils client = utils.get_client_sysadmin() # Delete organizations for org in client.organizations.list_organizations(): org.delete() # Delete users except sysadmin for user in client.users.list_users(): if user.username != ADMIN_USERNAME: user.delete() # Create other sysadmins for user_data in DATA["users"].values(): if user_data["username"] != ADMIN_USERNAME: user = client.users.create_user( username=user_data["username"], password=user_data["password"], firstname=user_data["firstname"], lastname=user_data["lastname"], role=user_data["role"], ) user_data["uid"] = user.uid # Create organizations for org_data in DATA["organizations"].values(): org = client.organizations.create_organization(name=org_data["name"]) org_data["tag"] = org.tag # Create organization users for user_data in org_data["users"].values(): user = client.users.create_user( username=user_data["username"], password=user_data["password"], firstname=user_data["firstname"], lastname=user_data["lastname"], role=user_data["role"], organization=org, ) user_data["uid"] = user.uid # Create organization projects for project_data in org_data["projects"].values(): project = client.projects.create_project( name=project_data["name"], description=project_data["description"], organization=org, ) project_data["pid"] = project.pid client.logout()
def test_get_org_by_tag(data): def assert_get_org_by_tag(client, org_data): org = client.organizations.get_organization_by_tag(org_data["tag"]) utils.assert_org_data(org, org_data) def assert_get_org_by_tag_invalid(client, tag): with pytest.raises(StatusCodeException) as e: client.organizations.get_organization_by_tag(tag) utils.assert_status_code_exception( exception=e.value, status_code=503, method="GET", url=utils.get_url(f"organization/{tag}"), data={"error": "Failed to retrieve organization info"}, ) def assert_get_org_by_tag_fails(client, tag): with pytest.raises(StatusCodeException) as e: client.organizations.get_organization_by_tag(tag) utils.assert_status_code_exception( exception=e.value, status_code=401, method="GET", url=utils.get_url(f"organization/{tag}"), data={"msg": "Missing Authorization Header"}, ) def assert_get_org_by_tag_forbidden(client, tag): with pytest.raises(StatusCodeException) as e: client.organizations.get_organization_by_tag(tag) utils.assert_status_code_exception( exception=e.value, status_code=403, method="GET", url=utils.get_url(f"organization/{tag}"), data={ "error": "You are not authorized to access this resource: system_admin required." }, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) for org in data["organizations"].values(): assert_get_org_by_tag(client, org) assert_get_org_by_tag_invalid(client, "invalid") client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) for org in data["organizations"].values(): assert_get_org_by_tag_forbidden(client, org["tag"]) assert_get_org_by_tag_forbidden(client, "invalid") client.logout() client = utils.get_client_sysadmin() client.logout() assert_get_org_by_tag_fails(client, "invalid")
def test_org_list_projects(data): def assert_org_list_projects(org): projects = org.list_projects() expected_len = len(data["organizations"][org.name]["projects"]) actual_len = len(projects) assert (actual_len == expected_len ), f"len(projects) {actual_len} != {expected_len}" for project_data in data["organizations"][ org.name]["projects"].values(): for project in projects: if project.name == project_data["name"]: utils.assert_project_data(project, project_data, AccessLevel.ADMIN) break else: assert ( False ), f"Project \"{project_data['name']}\" not found in organization \"{org.name}\"" def assert_org_list_projects_invalid(org): with pytest.raises(StatusCodeException) as e: org.list_projects() utils.assert_status_code_exception( exception=e.value, status_code=503, method="GET", url=utils.get_url(f"organization/{org.tag}"), data={"error": "Failed to retrieve organization info"}, ) def assert_org_list_projects_fails(org): with pytest.raises(StatusCodeException) as e: org.list_projects() utils.assert_status_code_exception( exception=e.value, status_code=401, method="GET", url=utils.get_url(f"organization/{org.tag}"), data={"msg": "Missing Authorization Header"}, ) def assert_org_list_projects_forbidden(org): with pytest.raises(StatusCodeException) as e: org.list_projects() utils.assert_status_code_exception( exception=e.value, status_code=403, method="GET", url=utils.get_url(f"organization/{org.tag}"), data={ "error": "You are not authorized to access this resource: system_admin required." }, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) for org in data["organizations"].values(): org_ = Organization(client, org["tag"], org["name"]) assert_org_list_projects(org_) client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) for org in data["organizations"].values(): org_ = Organization(client, org["tag"], org["name"]) assert_org_list_projects_forbidden(org_) client.logout() client = utils.get_client_sysadmin() client.logout() for org in data["organizations"].values(): org_ = Organization(client, org["tag"], org["name"]) assert_org_list_projects_fails(org_) client = utils.get_client_sysadmin() org_ = client.organizations.create_organization("org3") org_.delete() assert_org_list_projects_invalid(org_) client.logout()
def test_org_delete(data): def assert_org(client, tag, name): org = client.organizations.get_organization_by_tag(tag) utils.assert_org_data(org, {"tag": tag, "name": name}) def assert_not_org(client, tag): with pytest.raises(StatusCodeException) as e: client.organizations.get_organization_by_tag(tag) utils.assert_status_code_exception( exception=e.value, status_code=503, method="GET", url=utils.get_url(f"organization/{tag}"), data={"error": "Failed to retrieve organization info"}, ) def assert_org_delete(client, name): org = client.organizations.create_organization(name) assert_org(client, org.tag, org.name) org.delete() assert_not_org(client, org.tag) def assert_org_delete_invalid(org): with pytest.raises(StatusCodeException) as e: org.delete() utils.assert_status_code_exception( exception=e.value, status_code=503, method="DELETE", url=utils.get_url("organization"), data={"error": "Organization not found"}, ) def assert_org_delete_fails(org): with pytest.raises(StatusCodeException) as e: org.delete() utils.assert_status_code_exception( exception=e.value, status_code=401, method="DELETE", url=utils.get_url("organization"), data={"msg": "Missing Authorization Header"}, ) def assert_org_delete_forbidden(org): with pytest.raises(StatusCodeException) as e: org.delete() utils.assert_status_code_exception( exception=e.value, status_code=403, method="DELETE", url=utils.get_url("organization"), data={ "error": "You are not authorized to access this resource: system_admin required." }, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) assert_org_delete(client, "org3") client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) for org in data["organizations"].values(): org_ = Organization(client, org["tag"], org["name"]) assert_org_delete_forbidden(org_) client.logout() client = utils.get_client_sysadmin() client.logout() for org in data["organizations"].values(): org_ = Organization(client, org["tag"], org["name"]) assert_org_delete_fails(org_) client = utils.get_client_sysadmin() org_ = client.organizations.create_organization("org3") org_.delete() assert_org_delete_invalid(org_) client.logout()
def test_org_update(data): def assert_org_update(client, tag, old_name, new_name): org = client.organizations.get_organization_by_tag(tag) utils.assert_org_data(org, {"tag": tag, "name": old_name}) org.update(name=new_name) utils.assert_org_data(org, {"tag": tag, "name": new_name}) org = client.organizations.get_organization_by_tag(tag) utils.assert_org_data(org, {"tag": tag, "name": new_name}) def assert_org_update_fails_exists(org, new_name): with pytest.raises(StatusCodeException) as e: org.update(name=new_name) utils.assert_status_code_exception( exception=e.value, status_code=400, method="POST", url=utils.get_url("organization"), data={"error": f"Organization {new_name} already exists"}, ) def assert_org_update_fails_missing_auth(org, new_name): with pytest.raises(StatusCodeException) as e: org.update(name=new_name) utils.assert_status_code_exception( exception=e.value, status_code=401, method="POST", url=utils.get_url("organization"), data={"msg": "Missing Authorization Header"}, ) def assert_org_update_fails_invalid_org(org, new_name): with pytest.raises(StatusCodeException) as e: org.update(name=new_name) utils.assert_status_code_exception( exception=e.value, status_code=500, method="POST", url=utils.get_url("organization"), data={"error": "Failed to update organization"}, ) def assert_org_update_fails_forbidden(org, new_name): with pytest.raises(StatusCodeException) as e: org.update(name=new_name) utils.assert_status_code_exception( exception=e.value, status_code=403, method="POST", url=utils.get_url("organization"), data={ "error": "You are not authorized to access this resource: system_admin required." }, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) for org in data["organizations"].values(): org_ = Organization(client, org["tag"], org["name"]) assert_org_update(client, org["tag"], org["name"], "org3") assert_org_update(client, org["tag"], "org3", org["name"]) for org_name in data["organizations"]: assert_org_update_fails_exists(org_, org_name) client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) for org in data["organizations"].values(): org_ = Organization(client, org["tag"], org["name"]) assert_org_update_fails_forbidden(org_, "org3") for org_name in data["organizations"]: assert_org_update_fails_forbidden(org_, org_name) client.logout() client = utils.get_client_sysadmin() client.logout() for org in data["organizations"].values(): org_ = Organization(client, org["tag"], org["name"]) assert_org_update_fails_missing_auth(org_, "org3") client = utils.get_client_sysadmin() org_ = client.organizations.create_organization("org3") org_.delete() assert_org_update_fails_invalid_org(org_, "org4") client.logout()
def test_create_org(data): def assert_create_org(client, name): org = client.organizations.create_organization(name) assert (org.name == name ), f'Unexpected organization name "{org.name}" != "{name}"' org.delete() def assert_create_org_invalid(client, name): with pytest.raises(StatusCodeException) as e: client.organizations.create_organization(name) utils.assert_status_code_exception( exception=e.value, status_code=400, method="PUT", url=utils.get_url("organization"), data={"error": f"Organization {name} already exists"}, ) def assert_create_org_fails(client, name): with pytest.raises(StatusCodeException) as e: client.organizations.create_organization(name) utils.assert_status_code_exception( exception=e.value, status_code=401, method="PUT", url=utils.get_url("organization"), data={"msg": "Missing Authorization Header"}, ) def assert_create_org_forbidden(client, name): with pytest.raises(StatusCodeException) as e: client.organizations.create_organization(name) utils.assert_status_code_exception( exception=e.value, status_code=403, method="PUT", url=utils.get_url("organization"), data={ "error": "You are not authorized to access this resource: system_admin required." }, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) assert_create_org(client, "org3") for org in data["organizations"].values(): assert_create_org_invalid(client, org["name"]) client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) assert_create_org_forbidden(client, "org3") for org in data["organizations"].values(): assert_create_org_forbidden(client, org["name"]) client.logout() client = utils.get_client_sysadmin() client.logout() assert_create_org_fails(client, "org3")
def test_change_password(data): def assert_password_correct(username, password, org): client = utils.get_client_org(username, password, org) def assert_password_incorrect(username, password, org): with pytest.raises(StatusCodeException) as e: utils.get_client_org(username, password, org) utils.assert_status_code_exception( exception=e.value, status_code=401, method="POST", url=utils.get_url("auth/login"), data={"error": "Invalid login"}, ) def assert_change_password(client, username, old_password, new_password, org): assert_password_correct(username, old_password, org) assert_password_incorrect(username, new_password, org) utils.assert_access_token(client) old_token = client._get_access_token() client.users.change_password(old_password, new_password) assert_password_incorrect(username, old_password, org) assert_password_correct(username, new_password, org) utils.assert_access_token(client) new_token = client._get_access_token() assert old_token != new_token def assert_change_password_invalid(client, old_password, new_password): with pytest.raises(StatusCodeException) as e: client.users.change_password(old_password, new_password) utils.assert_status_code_exception( exception=e.value, status_code=400, method="POST", url=utils.get_url("changepwd"), data={ "error": "Unable to update password: Old password does not match." }, ) def assert_change_password_fails(client, old_password, new_password): with pytest.raises(StatusCodeException) as e: client.users.change_password(old_password, new_password) utils.assert_status_code_exception( exception=e.value, status_code=401, method="POST", url=utils.get_url("changepwd"), data={"msg": "Missing Authorization Header"}, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) assert_change_password(client, user_data["username"], user_data["password"], "password", None) assert_change_password(client, user_data["username"], "password", user_data["password"], None) assert_change_password_invalid(client, "password", user_data["password"]) client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) assert_change_password( client, user_data["username"], user_data["password"], "password", org_data["name"], ) assert_change_password( client, user_data["username"], "password", user_data["password"], org_data["name"], ) assert_change_password_invalid(client, "password", user_data["password"]) client.logout() client = utils.get_client_sysadmin() client.logout() assert_change_password_fails(client, "old_password", "new_password")
def test_login(data): def assert_login(client, username, password): utils.assert_access_token(client) old_token = client._get_access_token() client.login(username, password) utils.assert_access_token(client) new_token = client._get_access_token() assert old_token != new_token def assert_logout_login(client, username, password): utils.assert_access_token(client) old_token = client._get_access_token() client.logout() utils.assert_not_access_token(client) client.login(username, password) utils.assert_access_token(client) new_token = client._get_access_token() assert old_token != new_token def assert_login_org(client, username, password, org): utils.assert_access_token(client) old_token = client._get_access_token() client.login(username, password, org) utils.assert_access_token(client) new_token = client._get_access_token() assert old_token != new_token def assert_logout_login_org(client, username, password, org): utils.assert_access_token(client) old_token = client._get_access_token() client.logout() utils.assert_not_access_token(client) client.login(username, password, org) utils.assert_access_token(client) new_token = client._get_access_token() assert old_token != new_token def assert_login_invalid(client, username, password): with pytest.raises(StatusCodeException) as e: client.login(username, password) utils.assert_status_code_exception( exception=e.value, status_code=401, method="POST", url=utils.get_url("auth/login"), data={"error": "Invalid login"}, ) def assert_login_org_invalid(client, username, password, org): with pytest.raises(StatusCodeException) as e: client.login(username, password, org) utils.assert_status_code_exception( exception=e.value, status_code=401, method="POST", url=utils.get_url("auth/login"), data={"error": "Invalid login"}, ) for user_data in data["users"].values(): client = utils.get_client_sysadmin() assert_login(client, user_data["username"], user_data["password"]) client.logout() client = utils.get_client_sysadmin() assert_logout_login(client, user_data["username"], user_data["password"]) client.logout() client = utils.get_client_sysadmin() assert_login_org(client, user_data["username"], user_data["password"], None) client.logout() client = utils.get_client_sysadmin() assert_logout_login_org(client, user_data["username"], user_data["password"], None) client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_sysadmin() assert_login_org(client, user_data["username"], user_data["password"], org_data["name"]) client.logout() client = utils.get_client_sysadmin() assert_logout_login_org(client, user_data["username"], user_data["password"], org_data["name"]) client.logout() client = utils.get_client_sysadmin() assert_login_invalid(client, "invalid", "invalid") client.logout() client = utils.get_client_sysadmin() assert_login_org_invalid(client, "invalid", "invalid", None) client.logout() client = utils.get_client_sysadmin() assert_login_org_invalid(client, "invalid", "invalid", "invalid") client.logout()
def client(): import utils return utils.get_client_sysadmin()
def test_list_parsers(data): def assert_lists_eq(list1_name, list1, list2_name, list2): if list1 is not None and list2 is not None: assert len(list1) == len( list2 ), f"len({list1_name}) != len({list2_name}), {len(list1)} != {len(list2)}" for item in list1: assert item in list2, f'Item "{item}" not in list "{list2_name}"' for item in list2: assert item in list1, f'Item "{item}" not in list "{list1_name}"' else: assert list1 is None assert list2 is None def assert_parsers_eq(actual_parsers, expected_parsers): assert len(actual_parsers) == len( expected_parsers ), f"len(actual_parsers) != len(expected_parsers), {len(actual_parsers)} == {len(expected_parsers)}" for actual_parser in actual_parsers: for expected_parser in expected_parsers: if actual_parser["name"] != expected_parser["name"]: continue assert_lists_eq( f"actual.{actual_parser['name']}.sub_parsers", actual_parser["sub_parsers"], f"expected.{expected_parser['name']}.sub_parsers", expected_parser["sub_parsers"], ) break else: assert ( False ), f"Parser {actual_parser['name']} not found in expected_parsers" for expected_parser in expected_parsers: for actual_parser in actual_parsers: if expected_parser["name"] != actual_parser["name"]: continue assert_lists_eq( f"expected.{expected_parser['name']}.sub_parsers", expected_parser["sub_parsers"], f"actual.{actual_parser['name']}.sub_parsers", actual_parser["sub_parsers"], ) break else: assert ( False ), f"Parser {expected_parser['name']} not found in actual_parsers" def assert_list_parsers(client): parsers = client.parsers.list_parsers() assert_parsers_eq(parsers, PARSERS) def assert_list_parsers_fails(client): with pytest.raises(StatusCodeException) as e: client.parsers.list_parsers() utils.assert_status_code_exception( exception=e.value, status_code=401, method="GET", url=utils.get_url("parsers"), data={"msg": "Missing Authorization Header"}, ) for user_data in data["users"].values(): client = utils.get_client(user_data["username"], user_data["password"]) assert_list_parsers(client) client.logout() for org_data in data["organizations"].values(): for user_data in org_data["users"].values(): client = utils.get_client_org(user_data["username"], user_data["password"], org_data["name"]) assert_list_parsers(client) client.logout() client = utils.get_client_sysadmin() client.logout() assert_list_parsers_fails(client)