def test_modify_existing_password_complex_profiles(core_session, create_basic_pass_profile): """ Test case: C1631 :param core_session: Centrify session :param create_basic_pass_profile: Created a basic password complexity profile. """ profile = create_basic_pass_profile(core_session, 1, 8)[0] cps_prof_id = profile[0]['_RowKey'] profile_name_cps = profile[0]['Name'] # Getting the password profile by id cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id(core_session, cps_prof_id) assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" logger.info(f"Password profile created successfully with {cps_prof_result}") # updates the exiting password profile. update_cps_prof_success = ResourceManager.update_password_profile(core_session, cps_prof_id, profile_name_cps, min_pwd_len=13, max_pwd_len=26, special_char_set="!#$%&()*", min_alphabetic_char=5, max_alphabetic_char=5) assert update_cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" # Getting the password profile by id cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id(core_session, cps_prof_id) assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" expected_profile_update_values = [13, 26, '!#$%&()*', 5, 5] actual_profile_update_values = [cps_prof_result['MinimumPasswordLength'], cps_prof_result['MaximumPasswordLength'], cps_prof_result['SpecialCharSet'], cps_prof_result['MinimumAlphabeticCharacterCount'], cps_prof_result['MinimumNonAlphabeticCharacterCount']] # Checking the password complexity profile field's value. assert expected_profile_update_values == actual_profile_update_values, f"Getting Password profile update values " \ f"for Profile {cps_prof_id} for core user " \ f"did not match values " \ f"{actual_profile_update_values}" logger.info(f"Password profile updated successfully with {cps_prof_result}")
def test_activity_about_password_profiles(core_session, create_basic_pass_profile): """ Test case: C1665 :param core_session: Centrify session :param create_basic_pass_profile: Created a basic password complexity profile. """ # Creating basic password profile. profile = create_basic_pass_profile(core_session, 1, 8)[0] cps_prof_id = profile[0]['_RowKey'] profile_name_cps = profile[0]['Name'] username = core_session.__dict__["auth_details"]["User"] cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id( core_session, cps_prof_id) # Checking the created custom password complexity profile. assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" logger.info( f"Password profile created successfully with {cps_prof_result}") profile_delete = ResourceManager.delete_password_profile( core_session, cps_prof_id) # Deleting the custom password complexity profile. assert profile_delete, f"Password complexity profile {profile_name_cps} not deleted" logger.info( f"Password complexity profile {profile_name_cps} deleted successfully") recent_activity = ResourceManager.get_recent_activity(core_session) # Get recent activity details and finding the recent delete activity. recent_activity_list = [] for column in range(len(recent_activity)): if recent_activity[column]["Row"]["Detail"].__contains__( "deleted password profile"): recent_activity_list.append( recent_activity[column]["Row"]["Detail"]) assert f'{username} deleted password profile "{profile_name_cps}"' == recent_activity_list[0], \ f'Could not find the related activity about password profile deletion {recent_activity}' logger.info( f'Could find the related activity about password profile deletion {recent_activity_list}' ) # Getting the recent administration activity details. admin_report = ReportsManager.get_administration_activity(core_session, system_name=None) recent_admin_activity_list = [] for column in range(len(admin_report)): if admin_report[column]["Detail"].__contains__( "deleted password profile"): recent_admin_activity_list.append(admin_report[column]["Detail"]) assert f'{username} deleted password profile "{profile_name_cps}"' == recent_admin_activity_list[0], \ f'Could not find the related activity about password profile deletion {recent_activity}' logger.info( f'Could find the related activity about password profile deletion {admin_report}' )
def test_delete_password_complex_profile(core_session, core_admin_ui, create_basic_pass_profile): """ Test case: C1634 :param core_session: Centrify session :param core_admin_ui: Creates random user and login in browser. :param create_basic_pass_profile: Created a basic password complexity profile. """ ui = core_admin_ui ui.navigate("Settings", "Resources", "Password Profiles") profile = create_basic_pass_profile(core_session, 1, 8)[0] cps_prof_id = profile[0]['_RowKey'] profile_name_cps = profile[0]['Name'] cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id(core_session, cps_prof_id) # Checking the created custom password complexity profile. assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" logger.info(f"Password profile created successfully with {cps_prof_result}") profile_delete = ResourceManager.delete_password_profile(core_session, cps_prof_id) # Deleting the custom password complexity profile. assert profile_delete, f"Password complexity profile {profile_name_cps} not deleted" logger.info(f"Password complexity profile {profile_name_cps} deleted successfully")
def test_clone_password_complex_profiles(core_session, core_admin_ui, create_basic_pass_profile, create_clone_windows_pass_profile, create_clone_custom_pass_profile): """ :param : C1633 :param core_session: Centrify session :param core_admin_ui: Creates random user and login in browser. :param create_basic_pass_profile: Created a basic password complexity profile. :param create_clone_windows_pass_profile: Creates windows password profile :param create_clone_custom_pass_profile: Creates custom password profile. """ ui = core_admin_ui current_tenant_id = core_session.__dict__["tenant_id"] ui.navigate("Settings", "Resources", "Password Profiles") profile = create_basic_pass_profile(core_session, 1, 8)[0] cps_prof_id = profile[0]['_RowKey'] profile_name_cps = profile[0]['Name'] custom_profile_name_clone = f"{profile_name_cps} (Cloned)" cps_prof_result, cps_prof_succcess = ResourceManager.get_password_profile_by_id(core_session, cps_prof_id) assert cps_prof_succcess, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" # Checking the cloned password complexity profile exists after cloned. logger.info(f"Password profile created successfully with {cps_prof_result}") profile_clone = create_clone_windows_pass_profile(core_session) cloned_profiles_windows = list(profile_clone[0]) cloned_builtin_profile_id = cloned_profiles_windows[0]['_RowKey'] assert cloned_builtin_profile_id is not None, f"Cloned built-in password profile created successfully with id " \ f"{cloned_builtin_profile_id}" logger.info( f"Cloned built-in password profile created successfully {cloned_profiles_windows} with id " f"{cloned_builtin_profile_id}") # Checking the cloned password complexity profile exists after cloned. create_clone_custom_profile = create_clone_custom_pass_profile(core_session, name=custom_profile_name_clone, tenant_id=current_tenant_id) cloned_profiles = list(create_clone_custom_profile[0]) cloned_profile_id = cloned_profiles[0]['_RowKey'] assert cloned_profile_id is not None, f"Cloned password profile created successfully with id {cloned_profile_id}" logger.info(f"Cloned Password profile created successfully {cloned_profiles} with id {cloned_profile_id}")
def test_verify_rule_restrict_character(core_session, cleanup_accounts, create_basic_pass_profile, pas_setup, remote_users_qty1): """ TC C281499: Verify the rule(Restrict number of character occurrences) work correct :param core_session: Authenticates API session :param create_basic_pass_profile: Creates a password profile :param pas_setup: Creates system and account :param remote_users_qty1: Creates account in target system :param cleanup_accounts: Deletes Accounts """ accounts_list = cleanup_accounts[0] added_system_id, account_id, sys_info = pas_setup logger.info( f"System: {sys_info[0]} successfully added with UUID: {added_system_id} and account: {sys_info[4]} " f"with UUID: {account_id} associated with it.") # Adding user in target machine add_user_in_target_system = remote_users_qty1 user_password = "******" # Adding account in portal acc_result, acc_success = ResourceManager.add_account( core_session, add_user_in_target_system[0], password=user_password, host=added_system_id, ismanaged=True) assert acc_success, f"Failed to add account: {acc_result}" logger.info("Successfully added account in system") # Cleanup Account accounts_list.append(acc_result) # Creating Password Profile profile = create_basic_pass_profile(core_session, 1)[0] profile_name_cps = profile[0]['Name'] cps_prof_id = profile[0]['_RowKey'] cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id( core_session, cps_prof_id) assert cps_prof_success, f"Failed to create Profile due to {cps_prof_result}" logger.info(f'System successfully updated with result: {cps_prof_result}') # Updating Password Profile update_cps_prof_success = ResourceManager.update_password_profile( core_session, cps_prof_id, profile_name_cps, 58, 128, one_lwr_case=False, one_upp_case=False, one_digit=False, consecutive_chars=False, one_special_char=False, min_alphabetic_char=5, max_alphabetic_char=3, restrict_occurrence=1) assert update_cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" logger.info(f'Profile {profile_name_cps} successfully updated') cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id( core_session, cps_prof_id) assert cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" assert cps_prof_result['MinimumPasswordLength'] == 58, \ f"Getting Min Password length for Profile {cps_prof_id} is {cps_prof_result['MinimumPasswordLength']} " \ f"instead of 8" logger.info("Successfully updated minimum password length as 8") assert cps_prof_result['MaximumPasswordLength'] == 128, \ f"Getting Min Password length for Profile {cps_prof_id} is {cps_prof_result['MaximumPasswordLength']} " \ f"instead of 20" logger.info("Successfully updated minimum password length as 20") assert cps_prof_result['MinimumAlphabeticCharacterCount'] == 5, \ f"Getting Min Password length for Profile {cps_prof_id} is " \ f"{cps_prof_result['MinimumAlphabeticCharacterCount']} instead of 5" logger.info("Updated Minimum Alphabetic Character Count successfully") assert cps_prof_result['MinimumNonAlphabeticCharacterCount'] == 3, \ f"Getting Min Password length for Profile {cps_prof_id} is " \ f"{cps_prof_result['MinimumNonAlphabeticCharacterCount']} instead of 3" logger.info("Updated Minimum Alphabetic Character Count successfully") assert cps_prof_result['MaximumCharOccurrenceCount'] == 1, \ f"Getting Min Password length for Profile {cps_prof_id} is " \ f"{cps_prof_result['MinimumNonAlphabeticCharacterCount']} instead of 3" logger.info("Updated Minimum Alphabetic Character Count successfully") update_result, update_success = ResourceManager.update_system( core_session, added_system_id, sys_info[0], sys_info[1], sys_info[2], passwordprofileid=cps_prof_id) assert update_success, f"Failed to update system sue to {update_result}" logger.info(f"Successfully update system {sys_info[0]}") # Rotate Password rotate_password_result, rotate_password_success = ResourceManager.rotate_password( core_session, acc_result) assert rotate_password_success, f"Failed to rotate password due to {rotate_password_result}" logger.info("Rotate password successfully") # Checkout Password check_out_password_result, check_out_password_success = ResourceManager.check_out_password( core_session, lifetime=1, accountid=acc_result) assert check_out_password_success, f"Failed to checkout password due to {check_out_password_result}" logger.info("Password checkout successfully") # Getting check out password value co_password_value = check_out_password_result['Password'] # Getting all the alpha characters in password check out get_alpha_characters = re.findall('[a-zA-Z]', co_password_value) # Checking the maximum occurrence of characters in a list count_alpha_chars = Counter(get_alpha_characters) for item, ct in count_alpha_chars.items(): assert len(item) == 1, "Item is grater than 1" logger.info('%s occurred %d times' % (item, ct)) # Removing password profile from system update_result, update_success = ResourceManager.update_system( core_session, added_system_id, sys_info[0], sys_info[1], sys_info[2], passwordprofileid=None) assert update_success, f"Failed to remove password profile from system {sys_info[0]}" logger.info( f"Successfully removed password profile from system {sys_info[0]}")
def test_verify_rule_work_correct(core_session, cleanup_accounts, create_basic_pass_profile, pas_setup, remote_users_qty1, cleanup_password_profile): """ TC C281498: Verify the rule (Min number of non-alpha characters) :param core_session: Authenticates API session :param create_basic_pass_profile: Creates a password profile :param pas_setup: Creates system and account :param remote_users_qty1: Creates account in target system :param cleanup_password_profile: Deletes password profile :param cleanup_accounts: Deletes Account """ accounts_list = cleanup_accounts[0] added_system_id, account_id, sys_info = pas_setup logger.info( f"System: {sys_info[0]} successfully added with UUID: {added_system_id} and account: {sys_info[4]} " f"with UUID: {account_id} associated with it.") profile_list = cleanup_password_profile # Adding user in target machine add_user_in_target_system = remote_users_qty1 user_password = "******" # Adding account in portal acc_result, acc_success = ResourceManager.add_account( core_session, add_user_in_target_system[0], password=user_password, host=added_system_id, ismanaged=True) assert acc_success, f"Failed to add account: {acc_result}" logger.info("Successfully added account in system") # Cleanup Account accounts_list.append(acc_result) # Creating Password Profile profile = create_basic_pass_profile(core_session, 1)[0] profile_name_cps = profile[0]['Name'] cps_prof_id = profile[0]['_RowKey'] # Deleting Password Profile profile_list.append(cps_prof_id) cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id( core_session, cps_prof_id) assert cps_prof_success, f"Failed to create Profile due to {cps_prof_result}" logger.info(f'System successfully updated with result: {cps_prof_result}') # Updating Password Profile update_cps_prof_success = ResourceManager.update_password_profile( core_session, cps_prof_id, profile_name_cps, 8, 20, one_lwr_case=False, one_upp_case=False, one_digit=False, consecutive_chars=False, one_special_char=False, min_alphabetic_char=5, max_alphabetic_char=3, ) assert update_cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" logger.info(f'Profile {profile_name_cps} successfully updated') cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id( core_session, cps_prof_id) assert cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" assert cps_prof_result['MinimumPasswordLength'] == 8, \ f"Getting Min Password length for Profile {cps_prof_id} is {cps_prof_result['MinimumPasswordLength']} " \ f"instead of 8" logger.info("Successfully updated minimum password length as 8") assert cps_prof_result['MaximumPasswordLength'] == 20, \ f"Getting Min Password length for Profile {cps_prof_id} is {cps_prof_result['MaximumPasswordLength']} " \ f"instead of 20" logger.info("Successfully updated minimum password length as 20") assert cps_prof_result['MinimumAlphabeticCharacterCount'] == 5, \ f"Getting Min Password length for Profile {cps_prof_id} is " \ f"{cps_prof_result['MinimumAlphabeticCharacterCount']} instead of 5" logger.info("Updated Minimum Alphabetic Character Count successfully") assert cps_prof_result['MinimumNonAlphabeticCharacterCount'] == 3, \ f"Getting Min Password length for Profile {cps_prof_id} is " \ f"{cps_prof_result['MinimumNonAlphabeticCharacterCount']} instead of 3" logger.info("Updated Minimum Alphabetic Character Count successfully") update_result, update_success = ResourceManager.update_system( core_session, added_system_id, sys_info[0], sys_info[1], sys_info[2], passwordprofileid=cps_prof_id) assert update_success, f"Failed to update system sue to {update_result}" logger.info(f"Successfully update system {sys_info[0]}") # Rotate Password rotate_password_result, rotate_password_success = ResourceManager.rotate_password( core_session, acc_result) assert rotate_password_success, f"Failed to rotate password due to {rotate_password_result}" logger.info("Rotate password successfully") # Checkout Password check_out_password_result, check_out_password_success = ResourceManager.check_out_password( core_session, lifetime=1, accountid=acc_result) assert check_out_password_success, f"Failed to checkout password due to {check_out_password_result}" logger.info("Password checkout successfully") # Getting password value after checkout co_password_value = check_out_password_result['Password'] # Finding all non alpha characters after check out password get_non_alpha_characters = re.findall('[^a-zA-Z]', co_password_value) assert len( get_non_alpha_characters ) >= 3, "Length of Minimum Alphabetic Character Count is less than 3" logger.info( "Minimum Non Alphabetic Character Count is greater than or equal to 3") # Removing Password Profile from system so that profile can be deleted update_result, update_success = ResourceManager.update_system( core_session, added_system_id, sys_info[0], sys_info[1], sys_info[2], passwordprofileid=None) assert update_success, f"Failed to remove password profile from system {sys_info[0]}" logger.info( f"Successfully removed password profile from system {sys_info[0]}")
def test_modify_password_profile(core_session, create_basic_pass_profile): """ Test Case ID: C281492 Test Case: Modify Password Complex Profile :param core_session: Authenticates API session. :param create_basic_pass_profile: Creates a Password Profile """ profile = create_basic_pass_profile(core_session, 1)[0] profile_name_cps = profile[0]['Name'] cps_prof_id = profile[0]['_RowKey'] cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id( core_session, cps_prof_id) assert cps_prof_success, f"Failed to create Profile due to {cps_prof_result}" logger.info(f'System successfully updated with result: {cps_prof_result}') update_cps_prof_success = ResourceManager.update_password_profile( core_session, cps_prof_id, profile_name_cps, 13, 26, one_lwr_case=False, one_upp_case=False, one_digit=False, consecutive_chars=False, one_special_char=False, max_alphabetic_char=5, min_alphabetic_char=5) assert update_cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" logger.info(f'Profile {profile_name_cps} successfully updated') cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id( core_session, cps_prof_id) assert cps_prof_success, f"Getting Password Profile Failed for Profile {cps_prof_id} for core user" logger.info(f"Getting Password Profile successfully {cps_prof_id}") assert cps_prof_result['MinimumPasswordLength'] == 13, \ f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens" logger.info("Successfully updated minimum password length as 13") assert cps_prof_result['MaximumPasswordLength'] == 26, \ f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens" logger.info("Successfully updated minimum password length as 26") assert cps_prof_result['AtLeastOneLowercase'] is False, \ f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens" logger.info("Updated At Least One Lower Case successfully as False") assert cps_prof_result['AtLeastOneUppercase'] is False, \ f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens" logger.info("Updated At Least One Upper Case successfully as False") assert cps_prof_result['AtLeastOneDigit'] is False, \ f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens" logger.info("Updated At Least One Digit successfully as False") assert cps_prof_result['ConsecutiveCharRepeatAllowed'] is False, \ f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens" logger.info( "Updated Consecutive Char Repeat Allowed successfully as False") assert cps_prof_result['AtLeastOneSpecial'] is False, \ f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens" logger.info("Updated At Least One Special Character successfully as False") assert cps_prof_result['MinimumAlphabeticCharacterCount'] == 5, \ f"Getting Min Password for Profile {cps_prof_id} for core user did not match lens" logger.info( "Updated Minimum Alphabetic Character Count successfully as False")
def test_not_apply_password_profile_global(core_session, create_basic_pass_profile): """ Test case: C1647 :param core_session: Returns API session :param core_admin_ui: Centrify admin Ui session :param create_basic_pass_profile: Created a basic password complexity profile. """ unix_profile_id = None profile_result, profile_success = ResourceManager.get_password_prof_for_target_types( core_session, 'Unix') assert profile_success, f'failed to get all profile for target unix type.' for row in profile_result: if row['Name'] == "Unix Profile": unix_profile_id = row['_RowKey'] # Setting password profile mapping to default. result, success = ResourceManager.update_global_pass_profile_mapping( core_session, "Unix", unix_profile_id) assert success, f"failed to update global password profile mapping {result}" # Creating one password complexity profile profile = create_basic_pass_profile(core_session, 1)[0] cps_prof_id = profile[0]['_RowKey'] profile_name_cps = profile[0]['Name'] logger.info( f"Created password complex profile {profile_name_cps} with Id {cps_prof_id}" ) # getting and updating global password profile default value to Unix Profile result, success = ResourceManager.get_global_pass_profile_mapping( core_session) profile_name = [] for row in result: if row['Name'] == "Unix Profile": profile_name.append(row['_RowKey']) profile_name.append(row['Name']) result, success = ResourceManager.update_global_pass_profile_mapping( core_session, "Unix", profile_name[0]) assert success, f"failed to update global password profile mapping {result}" logger.info(f"Password complexity profile {profile_name_cps} not deleted") update_profile = [] profile_result, profile_success = ResourceManager.get_password_prof_for_target_types( core_session, 'Unix') assert profile_success, f'failed to get all profile for target unix type.' for row in profile_result: if row['Name'] == profile_name_cps: update_profile.append(row['_RowKey']) # Setting password profile mapping to default. result, success = ResourceManager.update_global_pass_profile_mapping( core_session, "Unix", None) assert success is False, f"failed to update global password profile mapping {result}" # Getting the global password profile mapping profiles result, success = ResourceManager.get_global_pass_profile_mapping( core_session) profile_names = [] for row in result: if row['Name'] == "Unix Profile": profile_names.append(row['_RowKey']) profile_names.append(row['TargetType']) # Getting the password profile by id cps_prof_result, cps_prof_success = ResourceManager.get_password_profile_by_id( core_session, profile_names[0]) assert cps_prof_result['ProfileType'] == profile_names[1], \ f"Global Password Profile not saved with Profile {profile_names[0]} with the result {cps_prof_result}" logger.info( f"Password profile created successfully with {cps_prof_result}")