def test_reselect_system_type_while_add_sys(core_admin_ui): """ TC:C2163 Reselect system type while add system. :param core_admin_ui: Return a browser session. """ # Launch UI. ui = core_admin_ui ui.navigate('Resources', 'Systems') ui.launch_modal('Add System') system_name = f'test_system{guid()}' ui.input('Name', system_name) ui.select_option('SystemProfileId', 'Check Point Gaia') fqdn = f'fqdn{guid()}' ui.input('FQDN', fqdn) ui.step('Next >') ui.step('Next >') # Validating the UI. ui.expect(Modal('Add System'), f'Expect to find modal title"Add System" but could not') logger.info(f'Successfully find modal title"Add System" on UI.') ui.expect( FieldLabel('Add expert mode account for this system'), f'Expect to find "Use a proxy account to manage this system." but could not' ) logger.info( f'Successfully find find "Use a proxy account to manage this system." on UI.' ) assert ui.button_exists("Next >"), "Next button is not Enabled" logger.info('Successfully find "Next button" is enabled and visible') assert ui.button_exists("< Back"), "Back button is not Enabled" logger.info('Successfully find "Back button" is enabled and visible') ui.step('< Back') ui.step('< Back') # Changing the Computer Class to Unix. ui.select_option('SystemProfileId', 'Unix') ui.step('Next >') ui.step('Next >') # Validating the UI. assert ui.button_exists("Finish"), "finish button is not Enabled" logger.info('Successfully find "finish button" is enabled and visible') assert ui.button_exists("< Back"), "Back button is not Enabled" logger.info('Successfully find "back button" is enabled and visible') ui.expect(Modal('Add System'), f'Expect to find modal title"Add System" but could not') logger.info(f'Successfully find modal title"Add System" on UI.') ui.expect(FieldLabel('Verify System Settings'), f'Expect to find "Verify System Settings." but could not') logger.info(f'Successfully find "Verify System Settings". on UI.')
def test_only_support_select_statement_when_create_report_using_sql_script( core_session, create_report, core_admin_ui): """ TCID: C6368 Cannot create report using other sql statement (delete/update/create...) except "select" :param core_session: Centrify Session :param create_report: To Create the report :param core_admin_ui: To open the browser """ my_report = create_report(core_session, "Select * From Role") core_admin_ui.navigate("Reports") core_admin_ui.check_row(my_report['Name']) core_admin_ui.action("Modify") core_admin_ui.clear_codemirror() core_admin_ui.write_to_codemirror("Delete role") core_admin_ui.expect(Anchor(button_text="Save"), f'Failed to get the save button').try_click() core_admin_ui._waitUntilSettled() core_admin_ui.expect(ErrorModal(), f'Failed to get the error modal') core_admin_ui.switch_context(Modal()) core_admin_ui.expect( Div("Query has failed:"), f'Failed to get expected error "Query has failed:xxx"') logger.info( f'It supports ONLY the "SELECT" SQL statement, and complies to the syntax that SQLite supports.' f' Please refer to http://www.sqlite.org/lang_select.html for the details.' )
def test_cancel_update_password(core_session, pas_windows_setup, core_admin_ui): """ TC:C2203 Cancel to update password :param core_admin_ui: Return a browser session. :param core_session: Return API session. :param:pas_windows_setup: Returning a fixture. """ # Creating a system and account. system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup( ) # UI Launch. ui = core_admin_ui ui.navigate('Resources', 'Accounts') ui.search(sys_info[0]) ui.right_click_action(GridRow(sys_info[0]), "Update Password") ui.switch_context(Modal()) update_password = f'{"test1@"}{guid()}' ui.input("Password", update_password) ui.button('Cancel') result = ui.check_exists(Div('An unknown error occurred')) assert result is False, f'Error message popups appears.' logger.info("Successfully cancel without pop error message")
def test_cannot_edit_reports_permissions_under_my_reports(core_session, create_report, core_admin_ui, cleanup_reports): """ TCID: C6337 Cannot edit report's permissions under My reports :param core_session: Centrify Authentication session :param create_report: To create a report :param core_admin_ui: To open the browser :param cleanup_reports: To clean the shared report """ my_report = create_report(core_session, "Select Name From Server") report_name = my_report['Name'] logger.info(f'Successfully created reports:{my_report}') ui = core_admin_ui ui.navigate("Reports") ui.check_actions(["Copy", "Move", "Delete", "Modify", "Export Report", "Email Report"], report_name) ui.navigate("Reports") ui.action("Modify", report_name) ui.tab("Permissions") expected_msg = "The current report must be moved out of the home " \ "directory before permissions can be set for other users and roles." ui.expect(Div(expected_msg), f'Failed to get the expected message:{expected_msg}') logger.info(f'Expectation message is:{expected_msg}') ui.expect(DisabledButton("Add"), f'Add button is enable and can edit the permission') ui.navigate("Reports") ui.action("Copy", report_name) copy_modal = f'Copy : Copy {report_name}' ui.switch_context(Modal(copy_modal)) ui.expect(Button("Save File"), f"Expected to see a Save File button but could not") # Down method is used select the Shared Reports folder ui.down() ui.close_modal("Save File") ui.navigate("Reports") ui.expect_disappear(LoadingMask(), f'Report page did not load properly') ui.expect(TreeFolder("Shared Reports"), f'Expected to see the Shared Reports but could not') shared_reports_button = ui._searchAndExpect(TreeFolder("Shared Reports"), f'Expected find shared Folder but could not') shared_reports_button.try_click() logger.info(f'Successfully copy report to shared reports folder "Copy {report_name}"') ui.action("Modify", "Copy " + report_name) ui.tab("Permissions") ui.expect(Button("Add"), f'Add button is disable, Report permissions can not be edited under "Shared Reports" folder') reports = Reports(core_session, f"Copy {report_name}.report") found_report = reports.get_report_by_name(core_session, f"Copy {report_name}.report", dir="/Reports/") cleanup_reports.append(found_report['Path'])
def test_check_ui_system_login_dialog(core_session, core_admin_ui, pas_setup): """ TC : C2072 Check UI on system login dialog param:core_admin_ui: Returns browser Session param: core_session: Returns Api session. param: pas_setup: Return fixture """ # Launch UI. ui = core_admin_ui created_system_id, created_account_id, system_details = pas_setup system_name = system_details[0] ui.navigate('Resources', 'Systems') ui.search(system_name) ui.right_click_action(GridCell(system_name), 'Select/Request Account') ui.expect_disappear(LoadingMask(), 'Expected to find account but it did not', 30) ui.switch_context(Modal(system_name + ' Login')) logger.info("Successfully show loading before all account display")
def test_cannot_copy_report_to_invalid_report_name(core_session, create_report, core_admin_ui, cleanup_reports): """ TCID C6365: Cannot copy report to a invalid report name :param core_session: Centrify Authentication Session :param create_report: Fixture to create the report :param core_admin_ui: To Open the browser :param cleanup_reports: Fixture to clean the reports """ # As per the test case: Need 2 reports my_report = [] for i in range(2): my_report.append(create_report(core_session, "Select Name From Server")) report_1 = my_report[0]['Name'] report_2 = my_report[1]['Name'] logger.info(f'Successfully created reports are:{my_report}') ui = core_admin_ui ui.navigate("Reports") ui.check_row(report_1) ui.check_row(report_2) ui.check_actions(['Delete']) logger.info("No copy action in list (cannot copy two reports one time)") ui.navigate("Reports") ui.check_row(report_1) ui.action("Copy") modal = "Copy : Copy" + ' ' + report_1 move_modal = Modal(modal) ui.switch_context(move_modal) ui.input("file-name", "<>") ui.expect(Anchor(button_text="Save File"), "Failed to find the Save File button").try_click() alert_text = "The report name can " \ "include alpha numeric and special characters " ui.expect(InvalidInputAlert(alert_text), "Did not display warning icon").mouse_hover() ui.expect(WarningModal(), f'Did not populate the warning modal') logger.info("Display warning icon") for i in range(len(my_report)): cleanup_reports.append(my_report[i]['Path'])
def _request_pe_permission(ui, request_settings, server_id): reason = f'I need to run commands on system {server_id}' ui.switch_context(ActiveMainContentArea()) request_modal = Modal('Request Privilege Elevation Permission') ui.action('Request Privilege Elevation', expected_selector=request_modal) ui.switch_context(request_modal) ui.input('Reason', reason) ui.select_option('AssignmentType', request_settings['assignment_type']) ui.input('StartGrantValue', request_settings['start_grant_value']) ui.input('EndGrantValue', request_settings['end_grant_value']) ui.select_option('StartTimeInterval', request_settings['start_time_interval']) ui.select_option('EndTimeInterval', request_settings['end_time_interval']) ui.input('Ticket', request_settings['ticket']) ui.button( 'Submit', expectations={ 'click_element_should_dissapear': True, 'seconds_to_wait': 60 #because Azure })
def test_cannot_export_report_with_invalid_name(core_session, create_report, core_admin_ui): """ TCID: C6366 Cannot export report with invalid file name :param core_session: Centrify Session :param create_report: To create the report :param core_admin_ui: To Open the browser """ my_report = create_report(core_session, "Select Name From Server") report_name = my_report['Name'] ui = core_admin_ui ui.navigate("Reports") ui.check_row(report_name) ui.action("Export Report") modal = "Export Report" ui.switch_context(Modal(modal)) ui.input("fileName", "<123#") ui.expect(Anchor(button_text="OK"), "Button is not present").try_click() ui.expect(WarningModal(), "No warning message for incorrect file name") logger.info(f'Invalid file name')
def test_cannot_export_report_with_invalid_name(core_session, create_report, core_admin_ui): """ TCID: C6367 Cannot email report to a invalid email address :param core_session: Centrify Session :param create_report: To create the report :param core_admin_ui: To open the browser """ my_report = create_report(core_session, "Select Name From Server") report_name = my_report['Name'] ui = core_admin_ui ui.navigate("Reports") ui.check_row(report_name) ui.action("Email Report") modal = "Email Report" ui.switch_context(Modal(modal)) ui.input("emailTo", "<123#") ui.expect(Anchor(button_text="OK"), "Button is not present").try_click() ui.expect(WarningModal(), "Failed to get any warning message (Modal)") logger.info(f'Email is Invalid')
def test_enable_workflow_without_approve(core_session, pas_windows_setup, core_admin_ui): """ TC:C2192 Enable workflow without approver. :param core_session: Returns a API session. :param pas_windows_setup: Returns a fixture. :param core_admin_ui: Return a browser session. """ # Creating a system and account. system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup( ) # Launch UI. ui = core_admin_ui ui.navigate('Resources', 'Systems') ui.search(sys_info[0]) ui.click_row(GridRowByGuid(system_id)) ui.click_row(GridRowByGuid(account_id)) ui.tab('Workflow') ui.select_option('WorkflowEnabled', 'Yes') ui.switch_context(ActiveMainContentArea()) ui.expect(TreeFolder('Permissions'), 'Expect to permission tab but failed to find it.').try_click( Modal()) ui.switch_context(WarningModal()) warning_message = "Please correct the errors before leaving the page." ui.check_exists(Div(warning_message)) logger.info( 'Successfully found warning modal when try to navigate to another page.' ) ui.close_modal('Close') ui.switch_context(RenderedTab('Workflow')) ui.button('Save') ui.switch_context(WarningModal()) save_warning_message = "Please correct the errors in your form before submitting." ui.check_exists(Div(save_warning_message)) logger.info( 'Successfully found warning modal containing "Please correct the errors in your form before ' 'submitting".')
def test_add_unmanaged_account_using_proxy_account(core_session, cleanup_accounts, setup_pas_system_for_unix, core_admin_ui): """ TC- C2500: Add unmanaged account using proxy account :param core_session: Authenticated Centrify session. :param setup_pas_system_for_unix: Adds and yields GUID for a unix system and account associated with it. :param core_admin_ui: Authenticated Centrify browser session. """ added_system_id, account_id, sys_info = setup_pas_system_for_unix test_data = Configs.get_environment_node('resources_data', 'automation_main') unix_data = test_data['Unix_infrastructure_data'] user_name = f"{unix_data['account_name']}{guid()}" ui = core_admin_ui accounts_list = cleanup_accounts[0] result, success = ResourceManager.update_system(core_session, added_system_id, sys_info[0], sys_info[1], sys_info[2], proxyuser=unix_data['proxy_user'], proxyuserpassword=unix_data['proxy_password'], proxyuserismanaged=False) assert success, f"Unable to add a managed proxy user for {sys_info[0]}. API response result: {result}" logger.info(f"Proxy account {unix_data['proxy_user']} added to Unix system: {sys_info[0]}") ui.navigate('Resources', 'Systems') ui.search(sys_info[0]) ui.click_row(sys_info[0]) ui.launch_modal("Add", "Add Account") ui.switch_context(Modal()) ui.input('User', user_name) ui.input('Password', unix_data['password']) ui.check('UseWheel') ui.button('Add') ui._waitUntilSettled() ui.remove_context() assert ui.check_exists(('XPATH', f'//div[text()="{user_name}"]')), \ f"Account {user_name} couldn't be added to system: {sys_info[0]} using proxy account: {unix_data['proxy_user']}" logger.info(f"Account {user_name} added to system: {sys_info[0]} using proxy account: {unix_data['proxy_user']}.") # Teardown for the added account added_account_id = RedrockController.get_account_id_by_username(core_session, user_name) accounts_list.append(added_account_id)
def test_cannot_create_folder_with_invalid_name(core_admin_ui): """ TCID: #C6364 Cannot create folder with invalid folder name :param core_admin_ui: To open the browser """ ui = core_admin_ui ui.navigate("Reports") ui.expect_disappear(LoadingMask(), 'Reports page did not load properly') ui.expect(TreeFolder("My Reports"), "Unable to find My Reports Tab under Reports") ui.right_click_action(TreeFolder("My Reports"), "New folder") # 1st Case folder_name = "<new_folder>" ui.switch_context(Modal("Create new folder")) ui.input('file-name', folder_name) ui.expect(Anchor(button_text="Save"), "Folder Name is created").try_click() alert_text = "The report name can include alpha numeric and special characters " ui.expect(InvalidInputAlert(alert_text), "Invalid Input alert tooltip appears") logger.info(f'Invalid file name') # 2nd Case folder_name = ' ' ui.input('file-name', folder_name) ui.expect(Anchor(button_text="Save"), "Failed to find the save button").try_click() ui.expect(WarningModal(), "Folder is created with space") logger.info(f'Invalid file name') ui.switch_context(WarningModal()) ui.button("Close") ui.remove_context() # 3rd Case folder_name = " name" ui.input('file-name', folder_name) ui.expect(Anchor(button_text="Save"), "Failed to find the save button").try_click() ui.expect(WarningModal(), "Folder is created space with name") logger.info(f'Invalid file name') ui.switch_context(WarningModal()) ui.button("Close") ui.remove_context() ui.close_modal("Cancel")
def test_clear_password_complexity_profile_description( core_session, core_admin_ui, create_basic_pass_profile): """ Test case C1661 :param core_session: Centrify session :param core_admin_ui: Creates random user and login in browser. :param create_basic_pass_profile: Created a basic password complexity profile. """ # Creating a basic password profile profile = create_basic_pass_profile(core_session, 1)[0] cps_prof_id = profile[0]['_RowKey'] profile_name_cps = profile[0]['Name'] ui = core_admin_ui ui.navigate("Settings", "Resources", "Password Profiles") ui.search(profile_name_cps) # Modify the password profile of description ui.right_click_action(GridCell(profile_name_cps, data_content=True), 'Modify Profile') ui.switch_context(Modal("Password Complexity Profile")) ui.input("Description", " ") ui.close_modal("Save") # Getting all the profiles and checking for the updated profile all_profiles, success = ResourceManager.get_profiles(core_session, type="All", rr_format=True) complex_password_profile = [] for row in all_profiles['Results']: if row['Row']['Name'] == profile_name_cps: complex_password_profile.append(row['Row']['Description']) # checking the description of the profile saved successfully after clearing the description field. assert complex_password_profile[0] == '', \ f"Profile with id {cps_prof_id} not saved successfully with description{success}" logger.info( f"Updated description of profile {profile_name_cps} successfully with {complex_password_profile[0]}" )
def test_check_system_icon(setup_pas_system_for_unix, core_admin_ui): """ Test Case ID: C2091 Test Case Description: Check system icon on system Settings page :param setup_pas_system_for_unix: Creates Unix System and Account :param core_admin_ui: Authenticates Centrify UI session """ system_id, account_id, sys_info = setup_pas_system_for_unix system_name = sys_info[0] account_name = sys_info[4] ui = core_admin_ui ui.navigate('Resources', 'Systems') ui.search(system_name) ui.switch_context(ActiveMainContentArea()) ui.click_row(GridRowByGuid(system_id)) ui.right_click_action(GridRowByGuid(account_id), 'Checkout') ui.switch_context(Modal(text=account_name)) ui.button('Show Password') assert ui.check_exists(UnixIconAlert()) is False, 'Alert Icon ! is present' logger.info("System icon shows correctly without alert icon i.e. '!'.") ui.close_modal('Close') assert ui.check_exists(UnixIconAlert()) is False, 'Alert Icon ! is present' logger.info("System icon shows correctly without alert icon i.e. '!' after closing the modal.")
def test_login_stored_account(core_session, setup_pas_system_for_unix, set_cleaner, core_admin_ui): """ Test Case ID: C2087 Test Case Description: Login as stored account after proxy account enabled :param core_session: Returns API session :param setup_pas_system_for_unix: Creates Unix System and Account :param set_cleaner: Delete Set :param core_admin_ui: Authenticates Centrify UI session """ system_id, account_id, sys_info = setup_pas_system_for_unix system_name = sys_info[0] FQDN = sys_info[1] computer_class = sys_info[2] account_name = sys_info[4] systems_data = Configs.get_environment_node('resources_data', 'automation_main') expected_system_class = systems_data['Unix_infrastructure_data'] result, success = ResourceManager.update_system( core_session, system_id, system_name, FQDN, computer_class, proxyuser=expected_system_class['proxy_user'], proxyuserpassword=expected_system_class['proxy_password'], proxyuserismanaged=False, allowremote=True) assert success, 'Failed to update system' logger.info(f'System successfully updated with result: {result}') ui = core_admin_ui name_of_set = f'Set{guid()}' ui.navigate('Resources', 'Systems') ui.launch_add('Add', 'Create Set') ui.input('Name', name_of_set) ui.tab('Members') ui.launch_modal('Add', 'Add System') ui.search(system_name) ui.check_row(system_name) ui.close_modal('Add') ui.save() id_of_set = SetsManager.get_collection_id(core_session, name_of_set, 'Server') assert id_of_set, 'Set creation Failed' logger.info(f"Set: '{name_of_set}' created successfully") set_cleaner.append(id_of_set) # Login into Stored Account ui._waitUntilSettled() ui.switch_context(ActiveMainContentArea()) ui.right_click_action(Div(system_name), 'Select/Request Account') ui.switch_context(Modal(system_name + ' Login')) ui.expect_disappear(LoadingMask(), 'Expected to find account but it did not', 30) ui.search(account_name) ui.expect(GridCell(account_name), 'Expected to find account name but it did not.').try_click() ui.close_modal('Select') ui.switch_to_pop_up_window() ui.expect_disappear(LoadingMask(), 'Expected to login in account but it did not', 30) logger.info(f'Successfully logged in Account:{account_name}.') ui.switch_to_main_window()
def test_retrieve_mfa_policy_on_parent_folder_verify_challenged( core_session, core_admin_ui, pas_general_secrets, create_secret_inside_folder, clean_up_policy): """ C2985: MFA policy on Parent folder, verify challenged 1) Set MFA on MFAonParent 2) Right click "MFAonSecret" then Retrieve. 3) Verify challenged with MFA popups, 4) Enter password & verify you can retrieve secret :param core_session: Authenticated Centrify Session :param core_admin_ui: Fixture to launch ui session for cloud admin :param pas_general_secrets: Fixture to read secret data from yaml file :param create_secret_inside_folder: Fixture to create secret "MFAOnSecret" inside folder "MFAOnParentFolder" :param clean_up_policy: Fixture to clean up the policy created """ secrets_params = pas_general_secrets suffix = guid() folder_list, folder_name, secret_list = create_secret_inside_folder verify_text = secrets_params['secret_text'] # Getting details of the secret replaced found_secret = get_secret(core_session, secret_list[0]) assert found_secret['success'], \ f'Failed to get the details of the secret updated, API response result:{found_secret["Message"]}' logger.info(f'Getting details of the secret: {found_secret}') secret_name = found_secret['Result']['SecretName'] challenges = ["UP", ""] # Creating new policy policy_result = PolicyManager.create_new_auth_profile( core_session, secrets_params['policy_name'] + suffix, challenges, 0, 0) assert policy_result, f'Failed to create policy, API response result:{policy_result}' logger.info(f' Creating new policy:{policy_result}') clean_up_policy.append(policy_result) # Applying MFA on Folder result = update_folder(core_session, folder_list[0], folder_name, folder_name, policy_id=policy_result) assert result[ 'success'], f'Not Able to apply MFA, API response result: {result["Message"]} ' logger.info(f'Applying MFA for folder: {result}') ui = core_admin_ui password = ui.get_user().get_password() login = Login(ui) ui.navigate('Resources', 'Secrets') ui.search(folder_name) ui.click_row(GridRowByGuid(folder_list[0])) ui.click_row(GridRowByGuid(secret_list[0])) ui.action('Retrieve') ui.switch_context(Modal(text=secret_name)) ui.button('Show Text') ui.switch_context(NoTitleModal()) login.click_next_on_auth() login.enter_login_password(password) login.click_next_on_auth() ui.switch_context(ActiveMainContentArea()) ui.expect(InputBoxValue(verify_text), f'Expect to find {verify_text} in Retrieve but could not.') logger.info( f'Text Retrieved with MFA challenge(password only)i.e. MFAonParent successfully: {verify_text}' ) # Removing MFA on Folder result = update_folder( core_session, folder_list[0], folder_name, secrets_params['mfa_folder_name_update'] + suffix, description=secrets_params['mfa_folder_description']) assert result[ 'success'], f'Not Able to apply MFA, API response result: {result["Message"]} ' logger.info(f'Applying MFA for folder: {result}')
def step_5(self, uncheck_copy=False, root_account_login_default_profile=False, password_checkout_default_profile=False, root_account_login_conditional_profile=False, password_checkout_conditional_profile=False): """ Cloud And Root User Policy """ assert self.policies is not None or\ [root_account_login_default_profile, password_checkout_default_profile, root_account_login_conditional_profile, password_checkout_conditional_profile] == \ [False] * 4, "Policies must be initialized if any options are set to True" assert uncheck_copy or not password_checkout_default_profile, "password_checkout_default_profile must be False if uncheck_copy is False" assert uncheck_copy or not password_checkout_conditional_profile, "password_checkout_conditional_profile must be False if uncheck_copy is False" if root_account_login_default_profile: self.login_default_rules = self.policies[0] if root_account_login_conditional_profile: self.login_conditional_rules = self.policies[1] if password_checkout_default_profile: self.checkout_default_rules = self.policies[2] if password_checkout_conditional_profile: self.checkout_conditional_rules = self.policies[3] if uncheck_copy is False: self.checkout_default_rules = self.login_default_rules self.checkout_conditional_rules = self.login_conditional_rules self.ui.step("Next") # go to step 5 if uncheck_copy: self.ui.uncheck("SameAsLoginRules") if root_account_login_default_profile: self.ui.select_option("LoginDefaultProfile", self.login_default_rules) if password_checkout_default_profile: self.ui.select_option("RootAccountLoginDefaultProfile", self.checkout_default_rules) if root_account_login_conditional_profile: self.ui.remove_context() self.ui.switch_context(GridField("LoginRules")) self.ui.button("Add Rule") self.ui.switch_context(Modal("Root Account Login Challenge Rules")) self.ui.select_option("ProfileId", self.login_conditional_rules) self.ui.button("Add Filter") self.ui.select_option("Prop", "IP Address") self.ui.select_option("Op", "inside corporate IP range") self.ui.button("Add") self.ui.button("OK") self.ui.remove_context() self.ui.switch_context(ActiveMainContentArea()) if password_checkout_conditional_profile: self.ui.remove_context() self.ui.switch_context(GridField("RootAccountLoginRules")) self.ui.button("Add Rule") self.ui.remove_context() self.ui.switch_context(Modal("Password Checkout Challenge Rules")) self.ui.select_option("ProfileId", self.checkout_conditional_rules) self.ui.button("Add Filter") self.ui.select_option("Prop", "IP Address") self.ui.select_option("Op", "inside corporate IP range") self.ui.button("Add") self.ui.button("OK") self.ui.remove_context() self.ui.switch_context(ActiveMainContentArea())
def step_3(self, populate_user=False, rotation=None, prompt=None, reminder=None, min_days=None, mfa_code=None): """ Root Account and MFA """ self.ui.step("Next") # go to step 3 assert prompt is None or rotation, "Cannot set prompt if rotation is not set" assert reminder is None or rotation, "Cannot set reminder if rotation is not set" assert min_days is None or reminder, "Cannot set min days if reminder is not set" assert mfa_code != '', "Use None for no MFA code or _click_mfa_button to click and abort setting MFA" assert mfa_code is None or populate_user, "Cannot click MFA without a user" assert min_days is None or int(min_days) > 0, "invalid value for min_days" if populate_user: self.root_email = f'fake_email{guid()}@fun.net' self.root_password = f'fake.Pass{guid()}word!' self.ui.input('User', self.root_email) self.ui.input('Password', self.root_password) values = {True: "Yes", False: "No"} self.enable_rotation = rotation self.prompt_to_change = prompt self.enable_reminder = reminder self.minimum_days = min_days if self.enable_rotation is not None: self.ui.select_option('EnableUnmanagedPasswordRotation', values[self.enable_rotation]) else: self.ui.expect(DisabledCombobox('EnableUnmanagedPasswordRotationPrompt'), "Disabled EnableUnmanagedPasswordRotationPrompt not found") self.ui.expect(DisabledCombobox('EnableUnmanagedPasswordRotationReminder'), "Disabled EnableUnmanagedPasswordRotationReminder not found") if self.prompt_to_change is not None: self.ui.select_option('EnableUnmanagedPasswordRotationPrompt', values[self.prompt_to_change]) if self.enable_reminder is not None: self.ui.select_option('EnableUnmanagedPasswordRotationReminder', values[self.enable_reminder]) else: self.ui._waitUntilSettled() # check failing but the control isn't visible #self.ui.expect(DisabledTextBox('UnmanagedPasswordRotationReminderDuration'), f'UnmanagedPasswordRotationReminderDuration is not disabled.') if self.minimum_days is not None: self.ui.input('UnmanagedPasswordRotationReminderDuration', self.minimum_days) if mfa_code is not None: self.ui.card("Root Account Virtual MFA Device", "Add Provider") self.ui.switch_context(Modal("Add Provider")) if not mfa_code: self.mfa_code = False self.ui.button("Cancel") self.ui.remove_context() self.ui.switch_context(ActiveMainContentArea()) else: self.mfa_code = f"OTEQ25NK6S{''.join([random.choice(string.ascii_uppercase) for _ in range(20)])}XLFSQQXQZSBGBNJXITMIXPATP5NKFTC33I" self.ui.input('SharedSecret', self.mfa_code) self.ui.button("Next") self.ui.button("Confirm") self.ui.remove_context() self.ui.switch_context(ActiveMainContentArea())
def test_check_total_session(core_session, pas_setup, get_admin_user_function, users_and_roles): """ Test case: C2117 :param core_session: Authenticated Centrify session manager :param pas_setup: fixture to create system with accounts :param users_and_roles: fixture to create user with roles """ system_id, account_id, sys_info = pas_setup cloud_user_session, user = get_admin_user_function cloud_user, user_id, user_password = user.get_login_name(), user.get_id( ), user.get_password() user = {"Username": cloud_user, "Password": user_password} result, status = ResourceManager.assign_system_permissions( core_session, "View", principal=cloud_user, principalid=user_id, pvid=system_id) assert status, f'failed to assign view permission to user {cloud_user} for system {sys_info[0]}' logger.info( f'View permission assigned to user {cloud_user} for system {sys_info[0]}' ) result, status = ResourceManager.assign_account_permissions( core_session, "View,Login", principal=cloud_user, principalid=user_id, pvid=account_id) assert status, f'failed to assign view permission to user {cloud_user} for account {sys_info[4]}' logger.info( f'View permission assigned to user {cloud_user} for account {sys_info[4]}' ) # update system to allow system for RDP connections result, success = ResourceManager.update_system(core_session, system_id, sys_info[0], sys_info[1], sys_info[2], allowremote=True) assert success, f"failed to update system {sys_info[0]}, result is {result}" logger.info('system updated for remote connection') ui = users_and_roles.get_ui_as_user(user_properties=user, user_already_exists=True) ui.navigate('Resources', 'Systems') ui.search(sys_info[0]) ui.right_click_action(GridRowByGuid(system_id), 'Select/Request Account') ui.switch_context(Modal(text=f'{sys_info[0]} Login')) account_row = ui.expect( GridCell(sys_info[4]), f'Expected to find account row {sys_info[4]} but did not.') account_row.try_click() ui.close_modal('Select') ui.switch_to_pop_up_window() ui.expect_disappear(LoadingMask(), f'RDP session never exited loading state', time_to_wait=60) ui.switch_to_main_window() ui.user_menu('Reload Rights') # Api call to get details of account active session result, success = ResourceManager.get_active_sessions(core_session) active_session_list = [] for i in range(len(result)): if result[i]["HostName"] == sys_info[0]: active_session_list.append(result[i]["SessionID"]) assert active_session_list, f'Failed to find the login record with "System Name: {active_session_list}"' logger.info(f'Active session details:{active_session_list}')