def test_put_a_file_on_sysvol_as_administrator(s4_domainname):
account = utils.UCSTestDomainAdminCredentials()
rc = call(
'smbclient //localhost/sysvol -U"{}%{}" -c "put /etc/hosts {}/t1"'.
format(account.username, account.bindpw, s4_domainname),
shell=True)
assert rc == 0, "Could not put file on sysvol as Administrator"
def test_check_that_the_file_ownership_of_the_default_domain_policy_is_okay(
s4_domainname):
cmd = 'stat --printf "%%U" "/var/lib/samba/sysvol/%s/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}" 2>&1' % (
s4_domainname, )
output = check_output(cmd, shell=True).decode('UTF-8', 'replace').strip()
account = utils.UCSTestDomainAdminCredentials()
assert account.username == output, "The file ownership of the default domain policy is not okay"
def open_ldap_connection(self, binddn=None, bindpw=None, ldap_server=None, admin=False, machine=False):
'''Opens a new LDAP connection using the given user LDAP DN and
password. The connection is established to the given server or
(if None is given) to the server defined by the UCR variable
ldap/server/name is used.
If admin is set to True, a connection is setup by getAdminConnection().
If machine is set to True, a connection to the master is setup by getMachoneConnection().
'''
assert not (admin and machine)
account = utils.UCSTestDomainAdminCredentials()
if not ldap_server:
ldap_server = self._ucr.get('ldap/master')
port = int(self._ucr.get('ldap/server/port', 7389))
try:
if admin:
lo = udm_uldap.getAdminConnection()[0]
elif machine:
lo = udm_uldap.getMachineConnection(ldap_master=True)[0]
else:
lo = udm_uldap.access(host=ldap_server, port=port, base=self._ucr.get('ldap/base'), binddn=account.binddn, bindpw=account.bindpw, start_tls=2)
except udm_errors.noObject:
raise
except LDAPError as exc:
raise SchoolLDAPError('Opening LDAP connection failed: %s' % (exc,))
return lo
def __init__(self, quota_type="usrquota", fs_type="ext4"):
ucr = ucr_test.UCSTestConfigRegistry()
ucr.load()
self.my_fqdn = '%s.%s' % (ucr.get('hostname'), ucr.get('domainname'))
account = utils.UCSTestDomainAdminCredentials()
self.umc_client = Client(self.my_fqdn,
username=account.username,
password=account.bindpw)
self.share_name = uts.random_name()
self.username = uts.random_name()
self.quota_type = quota_type
self.fs_type = fs_type
self.quota_policy = {
"inodeSoftLimit":
'10',
"inodeHardLimit":
'15',
"spaceSoftLimit":
str(1024**2),
"spaceHardLimit":
str(2048**2),
"reapplyQuota":
'TRUE',
"name":
uts.random_name(),
"position":
'cn=userquota,cn=shares,cn=policies,%s' % ucr.get('ldap/base'),
}
def __init__(self, school, role, school_classes, mode='A', username=None, firstname=None, lastname=None, password=None, mail=None, schools=None):
super(User, self).__init__(school, role)
if username:
self.username = username
self.dn = self.make_dn()
if firstname:
self.firstname = firstname
if lastname:
self.lastname = lastname
if mail:
self.mail = mail
if school_classes:
self.school_classes = school_classes
self.schools = schools or [self.school]
self.typ = 'teachersAndStaff' if self.role == 'teacher_staff' else self.role
self.mode = mode
utils.wait_for_replication()
self.ucr = ucr_test.UCSTestConfigRegistry()
self.ucr.load()
host = self.ucr.get('ldap/master')
self.client = Client(host)
account = utils.UCSTestDomainAdminCredentials()
admin = account.username
passwd = account.bindpw
self.password = password if password else passwd
self.client.authenticate(admin, passwd)
def __enter__(self):
if self.selenium_grid:
self.driver = webdriver.Remote(
command_executor=
'http://jenkins.knut.univention.de:4444/wd/hub', # FIXME: url should be configurable via UCR
desired_capabilities={'browserName': self.browser})
else:
if self.browser == 'chrome':
chrome_options = webdriver.ChromeOptions()
chrome_options.add_argument(
'--no-sandbox'
) # chrome complains about being executed as root
self.driver = webdriver.Chrome(chrome_options=chrome_options)
else:
self.driver = webdriver.Firefox()
self.ldap_base = self._ucr.get('ldap/base')
self.account = utils.UCSTestDomainAdminCredentials()
self.umcLoginUsername = self.account.username
self.umcLoginPassword = self.account.bindpw
if not os.path.exists(self.screenshot_path):
os.makedirs(self.screenshot_path)
self.driver.get(self.base_url + 'univention/login/?lang=%s' %
(self.language, ))
# FIXME: Workaround for Bug #44718.
self.driver.execute_script(
'document.cookie = "UMCLang=%s; path=/univention/"' %
(self.language, ))
self.set_viewport_size(1200, 800)
return self
def check_collect(self):
account = utils.UCSTestDomainAdminCredentials()
admin = account.username
path = '/home/%s/Klassenarbeiten/%s' % (admin, self.name)
path_files = get_dir_files(path)
if not set(self.files).issubset(set(path_files)):
utils.fail('%r were not collected to %r' % (self.files, path))
def simple_udm(ucr): # type: () -> UDM
account = utils.UCSTestDomainAdminCredentials()
return UDM.credentials(
account.binddn,
account.bindpw,
ucr["ldap/base"],
ucr["ldap/master"],
ucr["ldap/master/port"],
).version(1)
def __init__(self, school, user_type):
self.school = school
self.user_type = user_type
self.ucr = ucr_test.UCSTestConfigRegistry()
self.ucr.load()
host = self.ucr.get('hostname')
self.client = Client(host)
account = utils.UCSTestDomainAdminCredentials()
admin = account.username
passwd = account.bindpw
self.client.authenticate(admin, passwd)
def test_run_diagnostic_checks():
client = Client.get_test_connection()
plugins = [plugin['id'] for plugin in client.umc_command('diagnostic/query').result if plugin['id'] not in SKIPPED_TESTS]
account = utils.UCSTestDomainAdminCredentials()
with tempfile.NamedTemporaryFile() as fd:
fd.write(account.bindpw)
fd.flush()
args = ['/usr/bin/univention-run-diagnostic-checks', '--username', account.username, '--bindpwdfile', fd.name, '-t'] + plugins
print(args)
returncode = subprocess.call(args)
assert 0 == returncode, 'Exit code != 0: %d' % (returncode,)
def __init__(self, quota_type="usrquota", fs_type="ext4"):
ucr = ucr_test.UCSTestConfigRegistry()
ucr.load()
self.ldap_base = ucr.get('ldap/base')
self.my_fqdn = '%s.%s' % (ucr.get('hostname'), ucr.get('domainname'))
account = utils.UCSTestDomainAdminCredentials()
self.umc_client = Client(self.my_fqdn, username=account.username, password=account.bindpw)
self.share_name = uts.random_name()
self.share_name2 = uts.random_name()
self.username = uts.random_name()
self.quota_type = quota_type
self.fs_type = fs_type
def test_request_license_admin(self): account = utils.UCSTestDomainAdminCredentials() ans = subprocess.check_output([ '/usr/sbin/umc-command', '--pretty-print', '--username', account.username, '--password', account.bindpw, 'udm/request_new_license', '--flavor', 'license-request', '--option', '[email protected]', ]).decode('UTF-8', 'replace') print(ans) assert 'STATUS : 200' in ans
def test_ip_bound_to_session(self, Client, Unauthorized, ucr,
restart_umc_server):
client = Client('%s.%s' % (ucr.get('hostname'), ucr.get('domainname')))
client.ConnectionType = HTTPConnection # workaround TLS hostname mismatch
account = utils.UCSTestDomainAdminCredentials()
client.authenticate(account.username, account.bindpw)
# make sure any UMC module is present (the session is not dropped to anonymous)
assert any(x['id'] == 'top'
for x in client.umc_get('modules').data['modules'])
# change the external IP address
with network.NetworkRedirector() as nethelper:
nethelper.add_loop('1.2.3.4', '4.3.2.1')
c = Client('1.2.3.4')
c.ConnectionType = HTTPConnection # workaround TLS hostname mismatch
c.cookies = copy.deepcopy(client.cookies)
with pytest.raises(Unauthorized) as exc:
c.umc_get('modules')
assert 'The current session is not valid with your IP address for security reasons.' in exc.value.message
# check if the session is still bound after the internal connection to the UMC-Server was lost
restart_umc_server()
c.cookies = copy.deepcopy(client.cookies)
with pytest.raises(Unauthorized) as exc:
c.umc_get('modules')
assert 'The current session is not valid with your IP address for security reasons.' in exc.value.message
# make sure any UMC module is present (the session is not dropped to anonymous)
assert any(x['id'] == 'top'
for x in client.umc_get('modules').data['modules'])
# make sure the same rules apply for localhost
c2 = Client('localhost')
c2.ConnectionType = HTTPConnection # workaround TLS hostname mismatch
c2.cookies = copy.deepcopy(client.cookies)
assert any(x['id'] == 'top'
for x in c2.umc_get('modules').data['modules'])
# check if the session is still bound after the internal connection to the UMC-Server was lost
restart_umc_server()
c2.cookies = copy.deepcopy(client.cookies)
assert any(x['id'] == 'top'
for x in c2.umc_get('modules').data['modules'])
# make sure any UMC module is present (the session is not dropped to anonymous)
assert any(x['id'] == 'top'
for x in client.umc_get('modules').data['modules'])
def __enter__(self):
# type: () -> UMCSeleniumTest
self.restart_umc()
self._ucr.__enter__()
if self.selenium_grid:
self.driver = webdriver.Remote(
command_executor=os.environ.get(
'SELENIUM_HUB',
'http://jenkins.knut.univention.de:4444/wd/hub'),
desired_capabilities={'browserName': self.browser})
else:
if self.browser == 'chrome':
chrome_options = webdriver.ChromeOptions()
chrome_options.add_argument(
'--no-sandbox'
) # chrome complains about being executed as root
chrome_options.add_argument('ignore-certificate-errors')
self.driver = webdriver.Chrome(chrome_options=chrome_options)
else:
self.driver = webdriver.Firefox()
self.ldap_base = self._ucr.get('ldap/base')
if self.suppress_notifications:
handler_set([
'umc/web/hooks/suppress_notifications=suppress_notifications'
])
self.account = utils.UCSTestDomainAdminCredentials()
self.umcLoginUsername = self.account.username
self.umcLoginPassword = self.account.bindpw
if not os.path.exists(self.screenshot_path):
os.makedirs(self.screenshot_path)
self.driver.get(self.base_url + 'univention/login/?lang=%s' %
(self.language, ))
# FIXME: Workaround for Bug #44718.
try:
self.driver.execute_script(
'document.cookie = "UMCLang=%s; path=/univention/"' %
(self.language, ))
except selenium_exceptions.WebDriverException as exc:
logger.warn('Setting language cookie failed: %s' % (exc, ))
self.set_viewport_size(1200, 800)
return self
def __init__(self,
school,
connection=None,
sender=None,
flavor=None,
ucr=None,
description=None,
name=None,
distributeType='manual',
distributeTime=None,
distributeDate=None,
collectType='manual',
collectTime=None,
collectDate=None,
files=[],
recipients=[]):
account = utils.UCSTestDomainAdminCredentials()
admin = account.username
passwd = account.bindpw
self.school = school
self.name = name if name else uts.random_string()
self.description = description if description else uts.random_string()
if distributeTime:
self.distributeTime = distributeTime
else:
self.distributeTime = time.strftime('%I:%M')
if distributeDate:
self.distributeDate = distributeDate
else:
self.distributeDate = time.strftime('%Y-%m-%d')
self.collectTime = collectTime if collectTime else time.strftime(
'%I:%M')
self.collectDate = collectDate if collectDate else time.strftime(
'%Y-%m-%d')
self.distributeType = distributeType
self.collectType = collectType
self.files = files
self.recipients = recipients
self.ucr = ucr if ucr else ucr_test.UCSTestConfigRegistry()
self.sender = sender if sender else admin
self.flavor = flavor if flavor else 'admin'
if connection:
self.client = connection
else:
self.client = Client(None, admin, passwd)
def __init__(self,
school,
typ,
name=None,
ip_address=None,
subnet_mask=None,
mac_address=None,
inventory_number=None):
self.school = school
self.typ = typ
self.name = name if name else uts.random_name()
self.ip_address = ip_address if ip_address else random_ip()
self.subnet_mask = subnet_mask if subnet_mask else '255.255.255.0'
self.mac_address = mac_address.lower() if mac_address else random_mac()
self.inventory_number = inventory_number if inventory_number else ''
self.ucr = ucr_test.UCSTestConfigRegistry()
self.ucr.load()
host = self.ucr.get('ldap/master')
self.client = Client(host)
account = utils.UCSTestDomainAdminCredentials()
admin = account.username
passwd = account.bindpw
self.client.authenticate(admin, passwd)
def test_create_printer_for_every_printer_URI(ucr, udm):
"""create printer for every printer URI"""
# bugs: [36267, 38812, 40591]
account = utils.UCSTestDomainAdminCredentials()
position = ucr.get('ldap/hostdn').split(',', 1)[1]
for uri in get_uirs():
printer_name = uts.random_name()
udm.create_object(modulename='shares/printer',
name=printer_name,
position='%s' % position,
binddn=account.binddn,
bindpwd=account.bindpw,
set={
'spoolHost': '%(hostname)s.%(domainname)s' % ucr,
'model': 'None',
'uri': '%s:// /tmp/%s' % (uri, printer_name)
})
if not printer_enabled(printer_name):
print('Wait for 30 seconds and try again')
time.sleep(30)
assert printer_enabled(
printer_name
), 'Printer (%s) is created but not enabled' % printer_name
def __init__(
self,
proxy,
username=None,
password=None,
bFollowLocation=1,
maxReDirs=5,
connectTimout=10,
timeOut=10,
port=3128,
auth=pycurl.HTTPAUTH_BASIC,
cookie=None,
user_agent=None,
):
# Perform basic authentication by default
self.curl = pycurl.Curl()
self.curl.setopt(pycurl.FOLLOWLOCATION, bFollowLocation)
self.curl.setopt(pycurl.MAXREDIRS, maxReDirs)
self.curl.setopt(pycurl.CONNECTTIMEOUT, connectTimout)
self.curl.setopt(pycurl.TIMEOUT, timeOut)
self.curl.setopt(pycurl.PROXY, proxy)
self.curl.setopt(pycurl.PROXYPORT, port)
if auth:
self.curl.setopt(pycurl.PROXYAUTH, auth)
account = utils.UCSTestDomainAdminCredentials()
self.curl.setopt(
pycurl.PROXYUSERPWD, "%s:%s" % (
username or account.username,
password or account.bindpw,
))
if user_agent:
self.curl.setopt(pycurl.USERAGENT, user_agent)
self.cookiefile = NamedTemporaryFile()
self.curl.setopt(pycurl.COOKIEJAR, self.cookiefile.name)
self.curl.setopt(pycurl.COOKIEFILE, self.cookiefile.name)
def test_login_as_root(self, Client):
client = Client()
# Actually this is the password of the Administrator account but probably in most test scenarios also the root password
client.authenticate('root',
utils.UCSTestDomainAdminCredentials().bindpw)
def __get_samlSession():
account = utils.UCSTestDomainAdminCredentials()
return samltest.SamlTest(account.username, account.bindpw)
