def check_and_mount_smb(): """1. Checks /proc/mounts to see if <cagent_constants.smbMountPath> is mounted 2. If not, mount it 3. Check if the entry is present in /etc/fstab 4. If not, add it """ logger.debug(" Check and Mount SMB") config = Configs().get_yaml_node_as_tuple("agents", "generic_cagent_unix") ssh_session = SshUtil(config) config = Configs().get_yaml_node_as_tuple("agents", "cagent_constants") testConfig = Configs().get_yaml_node_as_tuple("agents", "cagent_test_constants") retval, output, stderr = ssh_session.send_command( f"cat /proc/mounts | grep {testConfig.localMountPath}") assert len(stderr) == 0, f'Failure in Checking Mounted Drives: {stderr}' mountedFlag = re.findall(f"{testConfig.localMountPath}", output) if len(mountedFlag) == 0: retval, _, stderr = ssh_session.send_command( f"sudo mkdir -p {testConfig.localMountPath}") assert retval == 0 and len( stderr) == 0, f'Unable to Create local Mount Directory: {stderr}' retval, output, stderr = ssh_session.send_command( f"sudo mount -t cifs -o username={config.buildSystemFileAccessUserName},password={config.buildSystemFileAccessPassword} {testConfig.buildMountPath} {testConfig.localMountPath}" ) assert retval == 0 and len( stderr) == 0, f'Mounting Build Machine Path Failed: {stderr}' retval, output, stderr = ssh_session.send_command( f"cat /etc/fstab | grep {testConfig.localMountPath}") assert len(stderr) == 0, f'Failure in Checking /etc/fstab: {stderr}' if len(re.findall(f"{testConfig.localMountPath}", output)) == 0: # Create Credentails file retval, output, stderr = ssh_session.send_command( f"echo -e 'username={config.buildSystemFileAccessUserName}\npassword={config.buildSystemFileAccessPassword}' > /root/.smbcredentials" ) assert len(stderr) == 0, f'Failure in creating smbCredentials file' retval, output, stderr = ssh_session.send_command( f" chmod 600 /root/.smbcredentials") assert len( stderr) == 0, f'Failure in setting smbCrednetials file permissions' command = 'echo "' + testConfig.buildMountPath + " " + testConfig.localMountPath + \ ' cifs _netdev,credentials=/root/.smbcredentials,dir_mode=0755,file_mode=0755,uid=0,gid=0 0 0" | sudo tee -a /etc/fstab' retval, output, stderr = ssh_session.send_command(f"{command}") assert len(stderr) == 0, f'Failure in adding an entry to /etc/fstab' yield True
def test_check_ui_on_subnet_mapping_page(core_session, cleanup_system_subnet_mapping): """ TC:C2197 Check UI on Subnet Mappings page. 1) Login Admin Portal as cloud admin 2) Add System subnet mapping by calling API add_system_subnet_mapping 3) Checking through UI for assertion :param core_session: Authenticated Centrify session. :param core_admin_ui: Authenticated Centrify browser session. :param: cleanup_system_subnet_mapping: cleanup for created system subnet. """ subnet = Configs.get_environment_node('update_discovery_profile', 'automation_main')['port_scan_scope']['subnet_mask'] subnet_list = cleanup_system_subnet_mapping # Adding System Subnet Mapping. result, success, message = ResourceManager.add_system_subnet_mapping(core_session, subnet, chooseConnector="on") system_subnet_id = result['ID'] assert success, f'Failed to add System subnet mapping with API response: {message}' subnet_list.append(system_subnet_id) logger.info(f"System subnet mapping added successfully, {system_subnet_id}") # Checking on ui for assertion query = "select * from ProxyGroup" results = RedrockController.get_result_rows(RedrockController.redrock_query(core_session, query)) assert results[0]['Subnet'] == subnet, \ f'Failed to see the detail of System Subnet Mapping with API response: {message}'
def test_checkout_password_for_unmanaged_account_from_system_page( core_session, setup_pas_system_for_unix, core_admin_ui): """ TC: C2506 - Checkout password for unmanaged account from system page :param setup_pas_system_for_unix: Adds and yield UUID of a Unix system and account associated to it. :param core_admin_ui: Authenticated Centrify browser session with cloud admin credentials from core.yaml """ added_system_id, account_id, sys_info = setup_pas_system_for_unix resource_data = Configs.get_environment_node('resources_data', 'automation_main') acc_password = resource_data['Unix_infrastructure_data']['password'] ui = core_admin_ui ui.navigate('Resources', 'Systems') ui.search(sys_info[0]) ui.click_row(sys_info[0]) ui.right_click_action( Selector(By.XPATH, f'//tr[@test-id = "{account_id}"]'), 'Checkout') ui._waitUntilSettled() logger.info( f'checking out password for "test_user" account from Unix system {sys_info[0]}' ) logger.info( f"Password checkout successful for account: {account_id} from 'Systems' page." ) ui.switch_context(Modal()) ui.button('Show Password') logger.info( "Successfully clicked on 'Show password' button to reveal the password." ) password_field = ui.check_exists( ('XPATH', '//div[@itemid="passwordPlainText"]')) assert password_field, "Password field not available even after clicking 'Show password' button" logger.info(f"Password is visible after clicking 'Show password' button.")
def generic_cagent_enroll_root(): """Prepare SSH session for cagent enrollment test. :return: Returns SshUtil() object to be used to run commands.""" config = Configs().get_yaml_node_as_tuple("agents", "generic_cagent_unix") sshutil = SshUtil(config) yield sshutil logger.info("unenrolling the cagent") sshutil.send_command("cunenroll -md")
def generic_cagent_enroll_win_admin(): """ Provide a WinRM connection to the Windows server as Administrator """ sys_config = Configs().get_yaml_node_as_tuple("agents", "generic_cagent_win") winrm_config = collections.namedtuple('winrm_config', ('hostname username password')) config = winrm_config(hostname=sys_config.hostname, username=sys_config.admin_username, password=sys_config.admin_password) logger.debug(f"winrm instantiated, Hostname {sys_config.hostname}") winrm = WinRM(config) yield winrm winrm.send_command("cunenroll -md") winrm.close()
def test_add_unmanaged_account_using_proxy_account(core_session, cleanup_accounts, setup_pas_system_for_unix, core_admin_ui): """ TC- C2500: Add unmanaged account using proxy account :param core_session: Authenticated Centrify session. :param setup_pas_system_for_unix: Adds and yields GUID for a unix system and account associated with it. :param core_admin_ui: Authenticated Centrify browser session. """ added_system_id, account_id, sys_info = setup_pas_system_for_unix test_data = Configs.get_environment_node('resources_data', 'automation_main') unix_data = test_data['Unix_infrastructure_data'] user_name = f"{unix_data['account_name']}{guid()}" ui = core_admin_ui accounts_list = cleanup_accounts[0] result, success = ResourceManager.update_system(core_session, added_system_id, sys_info[0], sys_info[1], sys_info[2], proxyuser=unix_data['proxy_user'], proxyuserpassword=unix_data['proxy_password'], proxyuserismanaged=False) assert success, f"Unable to add a managed proxy user for {sys_info[0]}. API response result: {result}" logger.info(f"Proxy account {unix_data['proxy_user']} added to Unix system: {sys_info[0]}") ui.navigate('Resources', 'Systems') ui.search(sys_info[0]) ui.click_row(sys_info[0]) ui.launch_modal("Add", "Add Account") ui.switch_context(Modal()) ui.input('User', user_name) ui.input('Password', unix_data['password']) ui.check('UseWheel') ui.button('Add') ui._waitUntilSettled() ui.remove_context() assert ui.check_exists(('XPATH', f'//div[text()="{user_name}"]')), \ f"Account {user_name} couldn't be added to system: {sys_info[0]} using proxy account: {unix_data['proxy_user']}" logger.info(f"Account {user_name} added to system: {sys_info[0]} using proxy account: {unix_data['proxy_user']}.") # Teardown for the added account added_account_id = RedrockController.get_account_id_by_username(core_session, user_name) accounts_list.append(added_account_id)
def test_checkout_password_for_unmanaged_account_from_account_page( setup_pas_system_for_unix, core_session): """ TC: C2506 - Checkout password for unmanaged account from account page :param setup_pas_system_for_unix: Adds and yield UUID of a Unix system and account associated to it. :param core_admin_ui: Authenticated Centrify browser session with cloud admin credentials from core.yaml """ added_system_id, account_id, sys_info = setup_pas_system_for_unix automation_data = Configs.get_environment_node('resources_data', 'automation_main') password = automation_data['Unix_infrastructure_data']['password'] result, success = ResourceManager.check_out_password( core_session, 1, account_id, "Copy the password") assert success, f"Password checkout failed with API response result: {result}" logger.info( f"Password successfully checked out for account: '{sys_info[4]}'") assert result[ 'Password'] == password, "Clipboard contents didn't change after clicking 'Copy Password' button." logger.info( "Successfully clicked on 'Copy Password' button to copy the password.")
from Utils.config_loader import Configs PATHS = Configs.get_test_node("da_installation", "paths") DZWIN_PATHS = Configs.get_test_node("dz_win_mfa", "paths") remote_da_root_path = PATHS['remote_da_root_path'] repo_da_root_path = PATHS['repo_da_root_path'] remote_apps_root_path = PATHS['remote_apps_root_path'] repo_apps_root_path = PATHS['repo_apps_root_path'] remote_framework_path = PATHS['remote_framework_path'] remote_da_testscripts_dir = r'.\Tests\CSS\DA\DABAT' remote_dz_testscripts_dir = r'.\Tests\CSS\DZWin' remote_testees_root_dir = DZWIN_PATHS['remote_testees_root_dir'] remote_testagent_root_dir = DZWIN_PATHS['remote_testagent_root_dir'] remote_testframework_root_dir = DZWIN_PATHS['remote_testframework_root_dir'] remote_testscripts_root_dir = DZWIN_PATHS['remote_testscripts_root_dir'] remote_da_administrator_console_path = remote_da_root_path + r'\DirectAudit\Console\Centrify DirectAudit Administrator Console64.msi' repo_da_administrator_console_path = repo_da_root_path + r'\DirectAudit\Console\Centrify DirectAudit Administrator Console64.msi' da_administrator_startup_path = r'C:\Program Files\Centrify\Audit\AuditManager\Centrify Audit Manager.msc' remote_da_auditor_path = remote_da_root_path + r'\DirectAudit\Console\Centrify DirectAudit Auditor Console64.msi' repo_da_auditor_path = repo_da_root_path + r'\DirectAudit\Console\Centrify DirectAudit Auditor Console64.msi' da_auditor_startup_path = r'C:\Program Files\Centrify\Audit\AuditAnalyzer\Centrify Audit Analyzer.msc' remote_audit_manager_path = remote_da_root_path + r'\DirectAudit\Audit Management Server\Centrify DirectAudit Audit Management Server64.msi' repo_audit_manager_path = repo_da_root_path + r'\DirectAudit\Audit Management Server\Centrify DirectAudit Audit Management Server64.msi' audit_manager_startup_path = r'C:\Program Files\Centrify\Audit\AuditManagementServer\AuditManagementServer.configure.exe'
from time import sleep from appium import webdriver from appium.webdriver import WebElement from appium.webdriver.webdriver import WebDriver from selenium.common.exceptions import * from selenium.webdriver import ActionChains from selenium.webdriver.common.keys import Keys from Utils.config_loader import Configs from Fixtures.CSS.misc import * from Shared.css_utils import * logger = logging.getLogger('test') settings = Configs.get_test_node("da_installation", "settings") small_retry = settings['small_retry'] ###### Test helper functions ###### def rdp_session(user_name, password, public_ip): logger.info("Launch RDP session for user %s" % user_name) cmdline = 'cmdkey /generic:"%s" /user:"******" /pass:"******"' % \ (public_ip, user_name, password) # os.system(cmdline) os.system(cmdline + ' & start mstsc /f /v:%s' % public_ip) logger.info("Launch RDP session done")
def test_connector_setting(core_session, pas_windows_setup, users_and_roles, core_pas_admin_ui): """ TC:C2170 Check connectors setting. :param core_session: Returns a API session. :param pas_windows_setup: Returns a fixture. :param users_and_roles: Gets user and role on demand. :param core_pas_admin_ui: Returns browser session. """ # Creating a system and account. system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup( ) # Cloud user session with "Privileged Access Service Administrator". cloud_user_session = users_and_roles.get_session_for_user( 'Privileged Access Service Administrator') user_name = cloud_user_session.auth_details['User'] user_id = cloud_user_session.auth_details['UserId'] # Assigning "Edit" permission for system to limited user. assign_system_perm_res, assign_system_perm_success = ResourceManager.assign_system_permissions( core_session, "Edit", user_name, user_id, 'User', system_id) assert assign_system_perm_success, f"Failed to assign 'Edit' permissions to user for the system: API Response " \ f"result: {assign_system_perm_res}. " logger.info( f"Successfully assign 'Edit' permissions to user for the system: {assign_system_perm_res}." ) # Getting the connectors Details. connector_details = Configs.get_environment_node('connector_data', 'automation_main') connector_name = connector_details['connector'] list_connectors_id = [] connectors_details = RedrockController.get_all_proxy(cloud_user_session) for connector_detail in connectors_details: if connector_detail['Name'] == connector_name: list_connectors_id.append(connector_detail['ID']) # Choosing the connector for the system. update_system_result, update_system_success = ResourceManager.update_system( cloud_user_session, system_id=system_id, name=sys_info[0], fqdn=sys_info[1], computerclass=sys_info[2], proxycollectionlist=connector_id, chooseConnector="on", filterConnectorCombo="all", ) assert update_system_success, f'Failed to save the connector for the system:' \ f'API response result:{update_system_result}. ' logger.info( f'Successfully save the connector {update_system_result} for the system.' ) # UI Launch ui = core_pas_admin_ui ui.navigate('Resources', 'Systems') ui.search(sys_info[0]) ui.click_row(GridRowByGuid(system_id)) ui.tab('Connectors', check_rendered_tab=False) assert ui.check_exists(GridRowCheckbox(connector_name, checked=True)), 'Expect the find connector checked but ' \ 'failed to find it. ' logger.info( f'Successfully found the correct connector setting:{connector_name}.')
class AppiumGui(unittest.TestCase): system_data = Configs.get_environment_node('gui', 'automation_main') system_data_values = system_data['Windows_infrastructure_data'] remote_ip = system_data_values['remote_ip'] script_file = system_data_values['script_file_name'] remote_username = system_data_values['remote_username'] remote_password = system_data_values['remote_password'] local_server = system_data_values['local_appium_server'] remote_server = system_data_values['remote_appium_server'] remote_installation_path = system_data_values['remote_installation_path'] remote_setup_path = system_data_values['remote_setup_directory'] remote_headless_script = system_data_values['remote_headless_script'] def remoteDesktopConnection(self, class_name): desired_caps = {} desired_caps["app"] = "Root" self.DesktopSession = webdriver.Remote( command_executor=self.local_server, desired_capabilities=desired_caps) CortanaWindow = self.DesktopSession.find_element_by_class_name( class_name) CortanaTopLevelWindowHandle = CortanaWindow.get_attribute( "NativeWindowHandle") CortanaTopLevelWindowHandle1 = hex(int(CortanaTopLevelWindowHandle)) desired_caps1 = {} desired_caps1["appTopLevelWindow"] = CortanaTopLevelWindowHandle1 self.driver = webdriver.Remote(command_executor=self.local_server, desired_capabilities=desired_caps1) return self.driver def tearDown(self): self.driver.quit() def close_rdp_session(self): os.system("TASKKILL /F /IM mstsc.exe") def open_rdp_session(self): os.startfile(r"C:\Windows\system32\mstsc.exe") time.sleep(5) def remove_remote_file(self): powershell.remote_execute_using_ip_and_creds( self.remote_ip, self.remote_username, self.remote_password, f"Remove-Item {self.remote_installation_path}{self.script_file}") def run_remote_headless_installation(self): powershell.remote_execute_using_ip_and_creds( self.remote_ip, self.remote_username, self.remote_password, f"python {self.remote_headless_script}") def get_remote_installation_folder( self, password=remote_password, ad_user=remote_username, splitter=";", script_block1=f"Get-ChildItem {remote_setup_path}", computer_name=remote_ip): remote_command1 = f'$password = ConvertTo-SecureString “{password}” -AsPlainText -Force{splitter} ' \ f'$Cred = New-Object System.Management.Automation.PSCredential ("{ad_user}", $password){splitter}' \ f'Invoke-Command -ComputerName ' + computer_name + ' -ScriptBlock{' + script_block1 + '} -Credential $Cred;' command1 = self.build_powershell_command([remote_command1]) proc1 = Popen(command1, shell=True, stdout=PIPE, stderr=PIPE) _stdout_buff = proc1.communicate() return _stdout_buff def build_powershell_command(self, variables): """ Takes a list of variables and concatentaes them into a command line for powershell :param list variables: ['list', 'of', 'strings'] :return: Popen list of commands for powershell """ command = [] command.extend(['powershell.exe']) command.extend(['']) command.extend(variables) return command def copy_remote_sys_file( self, computer_name=remote_ip, ad_user=remote_username, password=remote_password, splitter=";", cp_file="", d_path=remote_installation_path, ): remote_command = f'$password = ConvertTo-SecureString “{password}” -AsPlainText -Force{splitter} ' \ f'$Cred = New-Object System.Management.Automation.PSCredential ("{ad_user}", $password){splitter}' \ f'$Session = New-PSSession -ComputerName {computer_name} -Credential $Cred{splitter}' \ f'Copy-Item "{cp_file}" -Destination "{d_path}" -ToSession $Session{splitter}' \ f'Remove-PSSession -Session $Session{splitter}' command = self.build_powershell_command([remote_command]) Popen(command, shell=True, stdout=PIPE, stderr=PIPE) def remote_ipconfig(self, file): desired_caps1 = {} desired_caps1["app"] = f'{self.remote_installation_path}{file}' self.driver = webdriver.Remote(command_executor=self.remote_server, desired_capabilities=desired_caps1) return self.driver def test_remote_rdp_script(self): self.open_rdp_session() screen = self.remoteDesktopConnection(class_name="#32770") screen.find_element_by_class_name("ComboBox").send_keys(self.remote_ip) screen.find_element_by_name("Connect").click() time.sleep(3) screen = self.remoteDesktopConnection("Credential Dialog Xaml Host") time.sleep(1) screen.find_element_by_class_name("PasswordBox").send_keys( self.remote_password) screen.find_element_by_name("OK").click() time.sleep(3) screen = self.remoteDesktopConnection("TscShellContainerClass") assert screen is not None, "Unable to get the Remote session." path = get_asset_path(self.script_file) self.copy_remote_sys_file(cp_file=path) time.sleep(4) screen = self.remote_ipconfig(self.script_file) assert screen is not None, "Unable to get the Remote session." time.sleep(30) self.remove_remote_file() installation_folder = self.get_remote_installation_folder() if "Centrify.DirectAudit.AuditDatabase" in installation_folder: assert True, "The installation is not successful" self.close_rdp_session() def test_remote_headless_installation(self): path = get_asset_path(self.remote_headless_script) self.copy_remote_sys_file(cp_file=path) time.sleep(4) self.run_remote_headless_installation() time.sleep(30) self.remove_remote_file() installation_folder = self.get_remote_installation_folder() if "Centrify.DirectAudit.AuditDatabase" in installation_folder: assert True, "The installation is not successful"
def agent_enrolled_unix_system_with_users(core_tenant, core_session_global, agent_enrolled_unix_system, users_and_roles, cleanup_accounts, create_unix_users, proxy_start_stop, detect_proxy): config = Configs().get_yaml_node_as_tuple("agents", "generic_cagent_unix") accounts_list = cleanup_accounts[0] proxycontrol = proxy_start_stop logger.info("adding users on the enrolled system") system_id = agent_enrolled_unix_system["ResourceId"] ssh_session = agent_enrolled_unix_system["Session"] adminuser = {"Name": config.username, "Password": config.password} # add users on target system accountusers = create_unix_users(ssh_session, "agent_", 2) logger.info("Users created " + str(len(accountusers))) for i, val in enumerate(accountusers): logger.info( str(i) + ", Name: " + val["Name"] + "Password:"******"Password"]) right_data = ("Privileged Access Service Power User", "role_Privileged Access Service Power User") requester_session = users_and_roles.get_session_for_user(right_data[0]) role_info = users_and_roles.get_role(right_data[0]) permission_string = 'Grant,View,Edit,Delete,ManageSession,AgentAuth,RequestZoneRole,AddAccount,UnlockAccount' result, success = ResourceManager.assign_system_permissions( core_session_global, permission_string, role_info['Name'], role_info['ID'], "Role", system_id) assert success, "Did not set system permissions " + result # Step 3 Create Accounts for testing logger.info("Adding root account") admin_account_id, add_account_success = ResourceManager.add_account( requester_session, adminuser['Name'], adminuser["Password"], system_id, ismanaged=False) assert add_account_success, "Failed to create Account user: root" logger.info(f"Added root Account. Id {admin_account_id}") accounts_list.append(admin_account_id) logger.info("Adding user for reconciliation") new_account_id, add_account_success = ResourceManager.add_account( requester_session, accountusers[0]['Name'], accountusers[0]['Password'], system_id, ismanaged=True) assert add_account_success, "Failed to create manged Account user: "******", Verify CC or agent settings and status" logger.info(f"Added Account for testing. Id {new_account_id}") accounts_list.append(new_account_id) permission_string = "Owner,View,Manage,Delete,Login,Naked,UpdatePassword,RotatePassword,FileTransfer,UserPortalLogin" result, success = ResourceManager.assign_account_permissions( core_session_global, permission_string, role_info['Name'], role_info['ID'], "Role", new_account_id) assert success, "Did not set account permissions " + result # Get computer details for update result = RedrockController.get_system(requester_session, system_id) system = result[0]["Row"] # wait for managed password change event filter = [['AccountName', accountusers[0]['Name']]] RedrockController.wait_for_event_by_type_filter( requester_session, "Cloud.Server.LocalAccount.PasswordChange", filter=filter, maximum_wait_second=120) # wait for 20 seonds accounts = [{ "Name": adminuser['Name'], "Password": adminuser["Password"], "Id": admin_account_id }, { "Name": accountusers[0]["Name"], "Password": accountusers[0]["Password"], "Id": new_account_id }] proxy = start_proxy_with_machinename(requester_session, proxycontrol, config.proxy_name) assert proxy != None, ( f'Failed to find the connector {config.proxy_name}, Setup the connector properly.' ) # Set Admin Account and enable local account maintenance result, success = ResourceManager.update_system( requester_session, system_id, system["Name"], system["FQDN"], 'Unix', proxycollectionlist=proxy, adminaccountid=admin_account_id, allowautomaticlocalaccountmaintenance=True) assert success, (f'Failed to set administrative account {result}') # return acount ids, computer, yield [{ "ResourceId": system_id, "ProxyId": proxy, "ResourceName": system["Name"], "Accounts": accounts, "Session": ssh_session }] result, success, message = ResourceManager.set_system_administrative_account( requester_session, system_id) assert success, f'Failed to remove administrative account on {message}'
def test_login_stored_account(core_session, setup_pas_system_for_unix, set_cleaner, core_admin_ui): """ Test Case ID: C2087 Test Case Description: Login as stored account after proxy account enabled :param core_session: Returns API session :param setup_pas_system_for_unix: Creates Unix System and Account :param set_cleaner: Delete Set :param core_admin_ui: Authenticates Centrify UI session """ system_id, account_id, sys_info = setup_pas_system_for_unix system_name = sys_info[0] FQDN = sys_info[1] computer_class = sys_info[2] account_name = sys_info[4] systems_data = Configs.get_environment_node('resources_data', 'automation_main') expected_system_class = systems_data['Unix_infrastructure_data'] result, success = ResourceManager.update_system( core_session, system_id, system_name, FQDN, computer_class, proxyuser=expected_system_class['proxy_user'], proxyuserpassword=expected_system_class['proxy_password'], proxyuserismanaged=False, allowremote=True) assert success, 'Failed to update system' logger.info(f'System successfully updated with result: {result}') ui = core_admin_ui name_of_set = f'Set{guid()}' ui.navigate('Resources', 'Systems') ui.launch_add('Add', 'Create Set') ui.input('Name', name_of_set) ui.tab('Members') ui.launch_modal('Add', 'Add System') ui.search(system_name) ui.check_row(system_name) ui.close_modal('Add') ui.save() id_of_set = SetsManager.get_collection_id(core_session, name_of_set, 'Server') assert id_of_set, 'Set creation Failed' logger.info(f"Set: '{name_of_set}' created successfully") set_cleaner.append(id_of_set) # Login into Stored Account ui._waitUntilSettled() ui.switch_context(ActiveMainContentArea()) ui.right_click_action(Div(system_name), 'Select/Request Account') ui.switch_context(Modal(system_name + ' Login')) ui.expect_disappear(LoadingMask(), 'Expected to find account but it did not', 30) ui.search(account_name) ui.expect(GridCell(account_name), 'Expected to find account name but it did not.').try_click() ui.close_modal('Select') ui.switch_to_pop_up_window() ui.expect_disappear(LoadingMask(), 'Expected to login in account but it did not', 30) logger.info(f'Successfully logged in Account:{account_name}.') ui.switch_to_main_window()
def test_update_un_managed_using_managed_proxy_account_check_password_history( core_session, pas_windows_setup, test_proxy, pas_config): """ TC: C2550 Update un managed account with using proxy account. :param core_session: Returns a API session. :param pas_windows_setup: Fixture for adding a system and an account associated with it. :param pas_config: fixture reading data from resource_data.yaml file. """ # Creating a system with un managed account using un managed proxy account. system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup( ) # Updating the proxy user password. payload_data = pas_config['Windows_infrastructure_data'] update_proxy_result, update_proxy_success = ResourceManager.update_system( core_session, system_id, sys_info[0], sys_info[1], sys_info[2], proxyuser=payload_data['proxy_username'], proxyuserpassword=payload_data['proxy_password'], proxyuserismanaged=False) assert update_proxy_success, f"Failed to update proxy user password:API response result:{update_proxy_result}." logger.info( f"Successfully able to update the proxy user password without error {update_proxy_result}." ) # Updating the un managed account with invalid password. invalid_data = Configs.get_test_node('invalid_resources_data', 'automation_main') invalid_payload_data = invalid_data['System_infrastructure_data'] invalid_acc_password = invalid_payload_data['invalid_password'] result_update_account, result_update_success = ResourceManager.update_password( core_session, account_id, invalid_acc_password) assert result_update_success, f"Failed to update account with invalid password:"******"API response result:{result_update_account}" logger.info(f"Successfully able to update the un managed " f"account with invalid password:{result_update_account}.") # Getting the Account information and validating the status. status = 'BadCredentials' get_account_info, get_account_status = ResourceManager.get_accounts_from_resource( core_session, system_id) assert get_account_info[0][ 'Healthy'] == status, f'Status does not change to Unknown: {status}' logger.info( f"Successfully able to change status to Unknown {get_account_info}.") # Updating the un managed account with correct password. updated_account_correct_result, updated_account_correct_success = ResourceManager.update_password( core_session, account_id, payload_data['password']) assert updated_account_correct_result, f"Failed to update account with correct password:{payload_data['password']}" logger.info( f"Successfully able to update the un managed account with correct password: {updated_account_correct_result}." ) # Getting the system activity and validating update local account password is done or not. username = core_session.get_user().get_login_name() result_activity = ResourceManager.get_system_activity( core_session, system_id) assert f'{username} updated local account "{sys_info[4]}" password for "{sys_info[0]}"' \ f'({sys_info[1]})' in result_activity[0]['Detail'], \ f"fail to update local account password :{sys_info[4]} " logger.info(f"Successfully update un managed password : {result_activity}")
def __init__(self, config=None): self.agent_gui = Configs().get_yaml_node_as_tuple( 'windows_agent', 'windows_agent_config') self.test_config = Configs().get_yaml_node_as_tuple( 'suvp_test_config', 'config') self.powershell_config = Configs().get_yaml_node_as_tuple( 'powershell', 'powershell') self.powershell_app = App(self.powershell_config) self.agent_app = App(self.agent_gui) self.desktop = WinGui() self.rdp_app = None if config: self.hostname = config.hostname self.username = config.username self.password = config.password self.admin = config.admin self.clwmfa = config.clwmfa self.endpoints = config.endpoints self.rwpmfa = config.rwpmfa self.rwpnomfa = config.rwpnomfa self.sdwmfa = config.sdwmfa self.rdp_window = config.rdp_window self.win_version = config.windows_version self.defaultwintrayx = config.defaultwintrayx self.defaultwintrayy = config.defaultwintrayy self.defaultdztrayx = config.defaultdztrayx self.defaultdztrayy = config.defaultdztrayy self.newdeskdztrayy = config.newdeskdztrayy self.newdeskdztrayx = config.newdeskdztrayx self.enrolldevicex = config.enrolldevicex self.enrolldevicey = config.enrolldevicey self.startmenux = config.startmenux self.startmenuy = config.startmenuy self.powershellx = config.powershellx self.servicemenux = config.servicemenux self.servicemenuy = config.servicemenuy self.altdefaultwintrayx = config.altdefaultwintrayx self.altdefaultwintrayy = config.altdefaultwintrayy self.winrm = WinRM(config) else: self.hostname = None self.username = None self.password = None self.admin = None self.clwmfa = None self.endpoints = None self.rwpmfa = None self.rwpnomfa = None self.sdwmfa = None self.rdp_window = None self.win_version = None self.defaultwintrayx = None self.defaultwintrayy = None self.defaultdztrayx = None self.defaultdztrayy = None self.newdeskdztrayx = None self.newdeskdztrayy = None self.startmenux = None self.startmenuy = None self.powershellx = None self.servicemenux = None self.servicemenuy = None self.altdefaultwintrayx = None self.altdefaultwintrayy = None
def agent_enrolled_windows_system_with_users( core_session_global, agent_enrolled_windows_system, users_and_roles, remote_users_qty1, cleanup_accounts, pas_ad_domain, pas_ad_administrative_account, cleanup_lapr_systems_and_domains, proxy_start_stop): config = Configs().get_yaml_node_as_tuple("agents", "generic_cagent_win") accounts_list = cleanup_accounts[0] domains_list = cleanup_lapr_systems_and_domains[1] systems_list = cleanup_lapr_systems_and_domains[0] user = remote_users_qty1 proxycontrol = proxy_start_stop accountusers = [{"Name": user[0], "Password": "******"}] logger.info("Users created " + str(len(accountusers))) for i, val in enumerate(accountusers): logger.info( str(i) + ", Name: " + val["Name"] + "Password:"******"Password"]) logger.info("adding users on the enrolled system") system_id = agent_enrolled_windows_system["ResourceId"] winrm_session_as_admin = agent_enrolled_windows_system["Session"] adminuser = { "Name": config.admin_username, "Password": config.admin_password } domain_id = pas_ad_domain['ID'] admin_id = pas_ad_administrative_account['ID'] right_data = ("Privileged Access Service Power User", "role_Privileged Access Service Power User") requester_session = users_and_roles.get_session_for_user(right_data[0]) role_info = users_and_roles.get_role(right_data[0]) domains_list.append(pas_ad_domain) systems_list.append(system_id) logger.info( "Setting Domain Administrator user as Administrative Account on domain." ) result, success, response = ResourceManager.set_administrative_account( core_session_global, [pas_ad_domain['Name']], pas_ad_administrative_account['User'], pas_ad_administrative_account['ID']) logger.info( "Setting Administrative Account on domain, but with no lapr settings enabled." ) result, success = ResourceManager.update_domain_accounts( core_session_global, pas_ad_domain['Name'], admin_id, domain_id, allowautomaticlocalaccountmaintenance=True, allowmanuallocalaccountunlock=True) permission_string = 'Grant,View,Edit,Delete,ManageSession,AgentAuth,RequestZoneRole,AddAccount,UnlockAccount' result, success = ResourceManager.assign_system_permissions( core_session_global, permission_string, role_info['Name'], role_info['ID'], "Role", system_id) assert success, f"Did not set system permissions {result}" # Step 3 Create Accounts for testing logger.info("Adding Admin account") admin_account_id, add_account_success = ResourceManager.add_account( requester_session, adminuser['Name'], adminuser["Password"], system_id, ismanaged=False) assert add_account_success, "Failed to create admin user" logger.info(f"Added root Account. Id {admin_account_id}") accounts_list.append(admin_account_id) logger.info("Adding user for reconciliation") new_account_id, add_account_success = ResourceManager.add_account( requester_session, accountusers[0]['Name'], accountusers[0]['Password'], system_id, ismanaged=True) assert add_account_success, "Failed to create manged Account user: "******", Verify CC or agent settings and status" logger.info(f"Added Account for testing. Id {new_account_id}") accounts_list.append(new_account_id) permission_string = "Owner,View,Manage,Delete,Login,Naked,UpdatePassword,RotatePassword,FileTransfer,UserPortalLogin" result, success = ResourceManager.assign_account_permissions( core_session_global, permission_string, role_info['Name'], role_info['ID'], "Role", new_account_id) assert success, "Did not set account permissions " + result # Get computer details for update result = RedrockController.get_system(requester_session, system_id) system = result[0]["Row"] # wait for managed password change event filter = [['AccountName', accountusers[0]['Name']]] RedrockController.wait_for_event_by_type_filter( requester_session, "Cloud.Server.LocalAccount.PasswordChange", filter=filter, maximum_wait_second=120) # wait for 120 seonds accounts = [{ "Name": adminuser['Name'], "Password": adminuser["Password"], "Id": admin_account_id }, { "Name": accountusers[0]["Name"], "Password": accountusers[0]["Password"], "Id": new_account_id }] # set proxy proxy = start_proxy_with_machinename(requester_session, proxycontrol, config.proxy_name) assert proxy != None, ( f'Failed to find the connector {config.proxy_name}, Setup the connector properly before the test' ) result, success = ResourceManager.update_system(requester_session, system_id, system["Name"], system["FQDN"], 'Windows', domainid=domain_id, proxycollectionlist=proxy) assert success, (f'Failed to set reconciliation settings {result}') result, success = ResourceManager.update_system( requester_session, system_id, system["Name"], system["FQDN"], 'Windows', proxycollectionlist=proxy, allowautomaticlocalaccountmaintenance=True, allowmanuallocalaccountunlock=True) assert success, (f'Failed to set reconciliation settings {result}') # update_system reset the proxycollectionlist setting? Set it again. result, success = ResourceManager.update_system(requester_session, system_id, system["Name"], system["FQDN"], 'Windows', domainid=domain_id, proxycollectionlist=proxy) assert success, (f'Failed to set reconciliation settings {result}') # return acount ids, computer, yield [{ "ResourceId": system_id, "ProxyId": proxy, "ResourceFQDN": system["FQDN"], "Accounts": accounts, "Session": winrm_session_as_admin }] result, success, message = ResourceManager.set_system_administrative_account( requester_session, system_id) assert success, f'Failed to remove administrative account on {message}'
class TestForWindowsAgent: """ To create shared query and report for new sessions """ settings = Configs.get_test_node("da_installation", "settings") med_retry = settings['med_retry'] vry_small_retry = settings['vry_small_retry'] small_retry = settings['small_retry'] filename = "test_DAWinBAT_test_for_windows_agent.py" class_name = "TestForWindowsAgent" @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_create_shared_query(self, dawin_testagent_uploaded, dawin_installed, css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_create_shared_query') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_create_report(self, css_testee_machine, css_testee_login_as_domain_admin): username = r"%s\%s" % (css_testee_machine['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, css_testee_machine['admin_password'], css_testee_machine['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_create_report') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat @pytest.mark.parametrize('admin', ['domain_admin', 'local_admin']) def test_master_remote_login_with_domain_and_local_admin_user( self, admin, css_testee_machine, css_testee_login_as_domain_admin): if admin == 'domain_admin': logger.info("--- Case C1238811") username = r"%s\%s" % (css_testee_machine['domain_name'], "administrator") password = css_testee_machine['admin_password'] else: logger.info("--- Case C1238814") username = r"%s\%s" % (css_testee_machine['hostname'], "administrator") password = css_testee_machine['local_password'] login_and_execute_cmds( username, password, css_testee_machine['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_remote_login_with_domain_and_local_admin_user') # To kill the WinAppDriver.exe rc, result, error = kill_application(css_testee_login_as_domain_admin, 'WinAppDriver.exe') assert rc == 0, "Failed to kill Winappdriver.exe" @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_replay_session_windows_agent( self, dawin_testagent_uploaded, dawin_installed, css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_replay_session_windows_agent') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_verify_audited_sessions_windows_agent( self, dawin_testagent_uploaded, dawin_installed, css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_verify_audited_sessions_windows_agent') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_run_ps_cmd_for_windows_session_data( self, dawin_testagent_uploaded, dawin_installed, css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds( username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_run_powershell_cmd_to_get_windows_session_data') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_run_ps_cmd_to_get_user_login_event( self, dawin_testagent_uploaded, dawin_installed, css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds( username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_run_powershell_cmd_to_get_user_login_event') # 2.1 New query and report for windows session def test_create_shared_query(self): logger.info("--- Case C1238808") query_name = 'Test_window_session_1' desktop = get_desktop() shared_query_itm = create_query_func(desktop, query_name, [SessionType.UNIX_session, \ SessionType.Linux_Desktop_session]) assert shared_query_itm is not None, f"{query_name} is not found" def test_create_report(self, css_testee_machine): logger.info("--- Case C1238809") report_name = "Test_report_1" desktop = get_desktop() reports_tr_itm, main_app_win, main_desktop, report_tr_itm = create_reports_func( ReportType.user_report, desktop) report_win = try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'ReportQueryCriteria', self.small_retry) # Select the machine box and enter full windows machine name try_find_element(report_win, FindElementBy.AUTOMATION_ID, 'cb_machine', self.small_retry).click() full_machine_name = r"%s.%s" % (css_testee_machine['hostname'], css_testee_machine['domain_name']) try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'm_machineName', self.med_retry).send_keys(full_machine_name) # Check the Event time checkbox and select the time try_find_element(report_win, FindElementBy.AUTOMATION_ID, 'cb_eventTime', self.med_retry).click() time_criteria_lst_item = try_find_element(report_win, FindElementBy.AUTOMATION_ID, 'm_timeNormalOpList', self.small_retry) click_hold(main_desktop, time_criteria_lst_item) time_attribute_itm = try_find_element(main_desktop, FindElementBy.NAME, 'Is after', self.small_retry) click_hold(main_desktop, time_attribute_itm) # Check the Event level checkbox and select the 'Succeeded' option try_find_element(report_win, FindElementBy.AUTOMATION_ID, 'cb_accessGranted', self.small_retry).click() # Save the query try_find_element(report_win, FindElementBy.AUTOMATION_ID, 'button1', self.small_retry).click() # Enter the Report name try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'textBox1', self.med_retry).send_keys("Test_report_1") try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'button2', self.small_retry).click() if try_find_element(reports_tr_itm, FindElementBy.NAME, report_name, \ self.small_retry, ignore_if_not_found=True) is None: double_click(main_desktop, reports_tr_itm) double_click(main_desktop, report_tr_itm) report_itm = try_find_element(reports_tr_itm, FindElementBy.NAME, report_name, self.small_retry) # Close the Audit Analyzer app click_hold( main_desktop, try_find_element(main_app_win, FindElementBy.NAME, 'Close', self.small_retry)) assert report_itm is not None, f"{report_name} is not found" def test_remote_login_with_domain_and_local_admin_user(self): launch_and_close_applications( css_win_constants.da_auditor_startup_path, 'MMCMainFrame', True) launch_and_close_applications( css_win_constants.wf_advanced_security_startup_path, 'MMCMainFrame') launch_and_close_applications( css_win_constants.event_viewer_startup_path, 'MMCMainFrame') launch_and_close_applications(css_win_constants.cmd_startup_path, 'ConsoleWindowClass') launch_and_close_applications(css_win_constants.rdp_startup_path, '#32770') launch_and_close_applications( css_win_constants.task_scheduler_startup_path, 'MMCMainFrame') launch_and_close_applications(css_win_constants.ie_startup_path, 'IEFrame') launch_and_close_applications(css_win_constants.notepad_startup_path, 'Notepad') launch_and_close_applications( css_win_constants.powershell_startup_path, 'ConsoleWindowClass') # 2.3 Verify audited data from Audit Analyzer def test_replay_session_windows_agent(self, css_test_machine, css_client_test_machine, get_aduser_from_yaml): logger.info("--- Case C1238818") query_name = 'Test_window_session_1' desktop = get_desktop() host_name = css_test_machine['hostname'] domain_name = css_client_test_machine['domain_name'] command_list = [ 'Notepad', 'Windows PowerShell', 'Task Scheduler', 'Event Viewer', 'Remote Desktop Connection' ] users = ['Administrator'] session_events = validate_sessions(query_name, command_list, host_name, domain_name, users, get_aduser_from_yaml, desktop, AuditType.audit_sessions.value, AuditType.shared_query.value) all_false_events = [ command for command in session_events if session_events[command] == False ] assert len( all_false_events ) == 0, f"Failed to create session for commands: {all_false_events}" def test_verify_audited_sessions_windows_agent(self, css_test_machine, css_client_test_machine, get_aduser_from_yaml): logger.info("--- Case C1238819") query_name = 'windows sessions' desktop = get_desktop() host_name = css_test_machine['hostname'] domain_name = css_client_test_machine['domain_name'] command_list = [ 'Notepad', 'Windows PowerShell', 'Task Scheduler', 'Event Viewer', 'Remote Desktop Connection' ] user = '******' audit_session_file, review_comment, review_status = validate_event_file( query_name, domain_name, user, get_aduser_from_yaml, desktop, host_name, True) # Verify session command list, review comment and status assert review_comment == True, "Review comment not found" assert review_status == True, "Review status not found" for command in command_list: substring_search = command in audit_session_file assert substring_search == True, f"Session for {command} command not created" # 2.4 Verify audited data from DA powershell def test_run_powershell_cmd_to_get_windows_session_data( self, css_testee_login_as_domain_admin): logger.info("--- Case C1238821") windows_events_file = os.path.join(os.environ["HOMEPATH"], "Desktop", "windowsevent.txt") rc, result, error = css_testee_login_as_domain_admin.send_command \ (("powershell.exe -command \".\windows.ps1\"")) windows_event_list = ["Windows Firewall", "Event Viewer", "Command Prompt", "Remote Desktop Connection", \ "Task Scheduler", "Untitled - Notepad", "Windows PowerShell"] events_file_content = file_read(windows_events_file, mode="rb").decode('utf-16-le') if rc == 0: not_found = [] for win_event in windows_event_list: if win_event not in events_file_content: not_found.append(win_event) assert len( not_found) == 0, f"Windows Event(s) {not_found} Not Found" else: assert False, f"Failed to execute the powershell script, {error,result}" def test_run_powershell_cmd_to_get_user_login_event( self, css_testee_machine, css_testee_login_as_domain_admin): logger.info("--- Case C1238822") domain_admin_user = "******" + "@" + css_testee_machine[ 'domain_name'] login_event_file = os.path.join(os.environ["HOMEPATH"], "Desktop", "windowsloginevents.txt") rc, result, error = css_testee_login_as_domain_admin.send_command \ (("powershell.exe -command \".\windows.ps1\"")) login_event_list = [ "Session auditing started", "Session auditing ended", domain_admin_user ] login_file_content = file_read(login_event_file, mode="rb").decode('utf-16-le') if rc == 0: not_found = [] for login_event in login_event_list: if login_event not in login_file_content: not_found.append(login_event) assert len(not_found) == 0, f"Login Event(s) {not_found} Not Found" else: assert False, f"Failed to execute the powershell script, {error, result}"
def test_user_type_parameter(core_session, cleanup_accounts, cleanup_reports): """ TCID: C6341 Create report with User type parameter required :param core_session: Centrify Authentication session """ user_list = cleanup_accounts[2] session_user = core_session.__dict__ display_name_1 = session_user['auth_details']['DisplayName'] user_create_data = Configs.get_test_node('platform_report_data', 'automation_main') prefix = user_create_data['prefix'] user_alias = core_session.auth_details['User'].split('@')[1] user_name_2 = prefix + guid() + "@" + user_alias user_props = { "Mail": user_create_data['user_email'], "Password": user_create_data['password'], "PasswordNeverExpire": True, "DisplayName": user_create_data['display_name'], "Username": user_name_2, "Name": user_name_2 } success, result_user_2 = UserManager.create_user_with_args( core_session, user_props) assert success, f'Failed to create an user:{result_user_2}' logger.info(f'Successfully created an user:{result_user_2}') reports = Reports(core_session, pop_prefix_base) report = reports.create_report({ "Name": "report_A", "Query": "select Username, LastLogin from user where DisplayName= @userNM", "Parameters": [{ "Type": "User", "Name": "userNM", "Label": "Input searched username", "ObjectProperty": "DisplayName" }] }) assert report, f'Failed to create the report:{report}' logger.info(f'Successfully Created report: {report}') # Actual result for all user list with display name same as session user display name. # and this details will compare all the user from reports page actual_script_1 = f'Select Username, LastLogin from user where DisplayName = "{display_name_1}"' actual_user_list_1 = [] actual_result_1 = RedrockController.redrock_query(core_session, actual_script_1) for user in actual_result_1: actual_user_list_1.append(user['Row']) # Expected result for all users which user name same as session user display name and will assert the list # of users of actual session user display name list expected_result_1 = RedrockController.get_report_result_list_of_user( core_session, "userNM", display_name_1, "Input searched username") expected_user_list_1 = [] for expected_result in expected_result_1: expected_user_list_1.append(expected_result['Row']) assert expected_user_list_1 == actual_user_list_1, f'The report result list all users whose DisplayName is not ' \ f'same with selected users DisplayName:{actual_user_list_1}' logger.info(f'The report result list all users whose DisplayName is ' f'same with selected users displayname:{expected_user_list_1}') # Actual result for all user list with display name same as another user display name. # and this details will compare all the user from reports page actual_script_2 = f'Select Username, LastLogin from user where DisplayName = "{user_create_data["display_name"]}"' actual_user_list_2 = [] actual_result_2 = RedrockController.redrock_query(core_session, actual_script_2) for user in actual_result_2: actual_user_list_2.append(user['Row']) # Expected result for all users which user name same as another user display name and will assert the list # of users of actual another user display name list expected_result_2 = RedrockController.get_report_result_list_of_user( core_session, "userNM", user_create_data['display_name'], "Input searched username") expected_user_list_2 = [] for user in expected_result_2: expected_user_list_2.append(user['Row']) assert expected_user_list_2 == actual_user_list_2, f'The report result list all users whose DisplayName is not ' \ f'same with selected users DisplayName:{actual_user_list_2}' logger.info(f'The report result list all users whose DisplayName is ' f'same with selected users displayname:{expected_user_list_2}') # Delete the created user user_list.append(result_user_2) found_report = reports.get_report_by_name(core_session, report['Name'] + ".report") cleanup_reports.append(found_report['Path'])
class TestforNixAgentHzoneLibAuditMode: """ To create shared query and report for new sessions """ settings = Configs.get_test_node("da_installation", "settings") med_retry = settings['med_retry'] vry_small_retry = settings['vry_small_retry'] small_retry = settings['small_retry'] filename = "test_DAWinBAT_test_for_NIX_Agent_H_zone_LibAudit_mode.py" class_name = "TestforNixAgentHzoneLibAuditMode" @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_create_shared_query_for_nix_session_libaudit_mode( self, dawin_testagent_uploaded, dawin_installed, css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds( username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_create_shared_query_for_nix_session_libaudit_mode') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_create_file_monitor_report_for_nix_session_libaudit_mode(self, css_testee_machine,\ css_testee_login_as_domain_admin): username = r"%s\%s" % (css_testee_machine['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, css_testee_machine['admin_password'], css_testee_machine['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, \ 'test_create_file_monitor_report_for_nix_session_libaudit_mode') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_create_monitored_execution_for_nix_session_libaudit_mode(self, css_testee_machine, \ css_testee_login_as_domain_admin): username = r"%s\%s" % (css_testee_machine['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, css_testee_machine['admin_password'], css_testee_machine['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, \ 'test_create_monitored_execution_report_for_nix_session_libaudit_mode') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_create_detailed_report_for_nix_session_libaudit_mode(self, css_testee_machine, \ css_testee_login_as_domain_admin): username = r"%s\%s" % (css_testee_machine['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, css_testee_machine['admin_password'], css_testee_machine['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, \ 'test_create_detailed_execution_report_for_nix_session_libaudit_mode') @pytest.mark.bhavna11 @pytest.mark.css @pytest.mark.da_win_bat def test_master_audit_event_query_for_nix_session_libaudit_mode(self, css_testee_machine, \ css_testee_login_as_domain_admin): username = r"%s\%s" % (css_testee_machine['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, css_testee_machine['admin_password'], css_testee_machine['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, \ 'test_create_audit_event_query_for_nix_session_libaudit_mode') # 3.1.1 New query and report for *NIX session def test_create_shared_query_for_nix_session_libaudit_mode(self): logger.info("--- Case C1238825") query_name = 'Test_Unix_session_1' desktop = get_desktop() shared_query_itm = create_query_func(desktop, query_name, [SessionType.Windows_session, \ SessionType.Linux_Desktop_session]) assert shared_query_itm is not None, f"{query_name} is not found" def test_create_file_monitor_report_for_nix_session_libaudit_mode( self, css_testee_machine): logger.info("--- Case C1238826") report_name = "File_Monitor_report_1" desktop = get_desktop() reports_tr_itm, main_app_win, main_desktop, report_tr_itm = create_reports_func( ReportType.file_report, desktop) file_report_win = try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'FileMonitorReportCriteria', \ self.med_retry) # Select the machine box and enter full windows machine name try_find_element(file_report_win, FindElementBy.AUTOMATION_ID, 'm_machineOption', self.med_retry).click() full_machine_name = r"%s.%s" % (css_testee_machine['hostname'], css_testee_machine['domain_name']) try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'm_machineName', self.med_retry).send_keys(full_machine_name) # Check the Event time checkbox and select the time try_find_element(file_report_win, FindElementBy.AUTOMATION_ID, 'm_eventTimeOption', self.med_retry).click() time_cbox = try_find_element(file_report_win, FindElementBy.AUTOMATION_ID, 'm_timeNormalOpList', self.med_retry) click_hold(main_desktop, time_cbox) time_lst_itm = try_find_element(main_desktop, FindElementBy.NAME, 'Is after', self.med_retry) if time_lst_itm is not None: click_hold(main_desktop, time_lst_itm) # Save the created Query save_query_btn = try_find_element(file_report_win, FindElementBy.AUTOMATION_ID, 'm_saveQuery', self.med_retry) click_hold(main_desktop, save_query_btn) # Add report name try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'textBox1', self.med_retry).send_keys("File_Monitor_Report_1") try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'button2', self.med_retry).click() if try_find_element(reports_tr_itm, FindElementBy.NAME, report_name, \ self.small_retry, ignore_if_not_found=True) is None: double_click(main_desktop, reports_tr_itm) double_click(main_desktop, report_tr_itm) report_itm = try_find_element(reports_tr_itm, FindElementBy.NAME, report_name, self.med_retry) # Close the Audit Analyzer app click_hold( main_desktop, try_find_element(main_app_win, FindElementBy.NAME, 'Close', self.med_retry)) assert report_itm is not None, "'File_Monitor_Report_1' is not found" def test_create_monitored_execution_report_for_nix_session_libaudit_mode( self, css_testee_machine): logger.info("--- Case C1238827") report_name = "Monitored_Execution_report_1" desktop = get_desktop() reports_tr_itm, main_app_win, main_desktop, report_tr_itm = create_reports_func(ReportType.monitored_report,\ desktop) monitored_report_win = try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, \ 'MonitoredCommandReportQueryCriteria', self.med_retry) # Select the machine box and enter full windows machine name try_find_element(monitored_report_win, FindElementBy.AUTOMATION_ID, 'm_machineOption', self.med_retry).click() full_machine_name = r"%s.%s" % (css_testee_machine['hostname'], css_testee_machine['domain_name']) try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'm_machineName', self.med_retry).send_keys(full_machine_name) # Check the Event time checkbox and select the time try_find_element(monitored_report_win, FindElementBy.AUTOMATION_ID, 'm_eventTimeOption', self.med_retry).click() time_cbox = try_find_element(monitored_report_win, FindElementBy.AUTOMATION_ID, 'm_timeNormalOpList',\ self.med_retry) click_hold(main_desktop, time_cbox) time_lst_itm = try_find_element(main_desktop, FindElementBy.NAME, 'Is after', self.med_retry) if time_lst_itm is not None: click_hold(main_desktop, time_lst_itm) # Save the created Query save_query_btn = try_find_element(monitored_report_win, FindElementBy.AUTOMATION_ID, 'm_saveQuery',\ self.med_retry) click_hold(main_desktop, save_query_btn) # Add report name try_find_element( main_desktop, FindElementBy.AUTOMATION_ID, 'textBox1', self.med_retry).send_keys("Monitored_Execution_report_1") try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'button2', self.med_retry).click() if try_find_element(reports_tr_itm, FindElementBy.NAME, report_name, \ self.small_retry, ignore_if_not_found=True) is None: double_click(main_desktop, reports_tr_itm) double_click(main_desktop, report_tr_itm) report_itm = try_find_element(reports_tr_itm, FindElementBy.NAME, report_name, self.med_retry) # Close the Audit Analyzer app click_hold( main_desktop, try_find_element(main_app_win, FindElementBy.NAME, 'Close', self.med_retry)) assert report_itm is not None, "'Monitored_Execution_report_1' is not found" def test_create_detailed_execution_report_for_nix_session_libaudit_mode( self, css_testee_machine): logger.info("--- Case C1238828") report_name = "Detailed_Execution_report_1" desktop = get_desktop() reports_tr_itm, main_app_win, main_desktop, report_tr_itm = create_reports_func(ReportType.detailed_report, \ desktop) detailed_report_win = try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, \ 'CommandDetailReportQueryCriteria', self.med_retry) # Select the machine box and enter full windows machine name try_find_element(detailed_report_win, FindElementBy.AUTOMATION_ID, 'm_machineOption', self.med_retry).click() full_machine_name = r"%s.%s" % (css_testee_machine['hostname'], css_testee_machine['domain_name']) try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'm_machineName', self.med_retry).send_keys(full_machine_name) # Check the Event time checkbox and select the time try_find_element(detailed_report_win, FindElementBy.AUTOMATION_ID, 'm_eventTimeOption', self.med_retry).click() time_cbox = try_find_element(detailed_report_win, FindElementBy.AUTOMATION_ID, 'm_timeNormalOpList', \ self.med_retry) click_hold(main_desktop, time_cbox) time_lst_itm = try_find_element(main_desktop, FindElementBy.NAME, 'Is after', self.med_retry) if time_lst_itm is not None: click_hold(main_desktop, time_lst_itm) # Save the created Query save_query_btn = try_find_element(detailed_report_win, FindElementBy.AUTOMATION_ID, 'm_saveQuery', \ self.med_retry) click_hold(main_desktop, save_query_btn) # Add report name try_find_element( main_desktop, FindElementBy.AUTOMATION_ID, 'textBox1', self.med_retry).send_keys("Detailed_Execution_report_1") try_find_element(main_desktop, FindElementBy.AUTOMATION_ID, 'button2', self.med_retry).click() if try_find_element(reports_tr_itm, FindElementBy.NAME, report_name, \ self.small_retry, ignore_if_not_found=True) is None: double_click(main_desktop, reports_tr_itm) double_click(main_desktop, report_tr_itm) report_itm = try_find_element(reports_tr_itm, FindElementBy.NAME, report_name, self.med_retry) # Close the Audit Analyzer app click_hold( main_desktop, try_find_element(main_app_win, FindElementBy.NAME, 'Close', self.med_retry)) assert report_itm is not None, "'Detailed_Execution_report_1' is not found" def test_create_audit_event_query_for_nix_session_libaudit_mode( self, css_testee_machine): logger.info("--- Case C1238829") audit_event_query_name = "Audit_Event_query_1" desktop = get_desktop() audit_event_itm = create_audit_event_function(desktop, audit_event_query_name, [AuditEventType.Advanced_Monitoring], \ css_testee_machine) assert audit_event_itm is not None, f"{audit_event_query_name} is not found"
from datetime import datetime from enum import Enum from time import sleep import paramiko import pytest from paramiko import SSHClient from scp import SCPClient from Shared.CSS import css_win_constants from Utils.config_loader import Configs from Utils.putty_util import * from Utils.winrm import WinRM logger = logging.getLogger('framework') tear_down = Configs.get_test_node("da_installation", "settings")["tear_down"] repo_python_path = css_win_constants.repo_python_path remote_python_path = css_win_constants.remote_python_path python_install_path = css_win_constants.python_install_path repo_da_administrator_console_path = css_win_constants.repo_da_administrator_console_path remote_da_administrator_console_path = css_win_constants.remote_da_administrator_console_path repo_da_auditor_path = css_win_constants.repo_da_auditor_path remote_da_auditor_path = css_win_constants.remote_da_auditor_path remote_audit_manager_path = css_win_constants.remote_audit_manager_path repo_audit_manager_path = css_win_constants.repo_audit_manager_path repo_da_agent_path = css_win_constants.repo_da_agent_path
import pathlib import pytest import subprocess import uuid import re import shutil import Utils.settings from collections import namedtuple from datetime import timezone from Shared.elasticsearch_data_manager import ElasticsearchRequestData from Utils.cent_logger import setup_root_logger from Utils.config_loader import Configs from Utils.elasticsearch import Elasticsearch settings = Configs.get_node("framework", "framework") for i in settings: setattr(Utils.settings, i, settings[i]) setattr(Utils.settings, 'options', {}) _session_es_info = {} # alias for elasticsearch_run_data # fixtures which use syntax not acceptable as a plugin from a conftest.py file excluded_fixtures = [ 'application_management_fixtures', 'cis_fixtures', 'core_bat_fixtures', 'credman_fixtures', 'pdst_fixtures', 'selenium_webdriver_fixtures', 'suvp_fixtures', 'user_login_with_mfa_rts_fixture' ] pytest_plugins = [] # import all fixtures automatically, except for those being excluded.
class TestforNixAgentCzoneNSSMode: """ To create shared query and report for new sessions """ settings = Configs.get_test_node("da_installation", "settings") med_retry = settings['med_retry'] vry_small_retry = settings['vry_small_retry'] small_retry = settings['small_retry'] filename = "test_DAWinBAT_test_for_NIX_Agent_C_zone_NSS_mode.py" class_name = "TestforNixAgentCzoneNSSMode" @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_create_shared_query_for_nix_session_nss_mode( self, dawin_testagent_uploaded, dawin_installed, css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds( username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_create_shared_query_for_nix_session_nss_mode') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_verify_audited_sessions_nix_session_nss_mode( self, dawin_testagent_uploaded, dawin_installed, css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_verify_audited_sessions_nss_mode') def test_create_shared_query_for_nix_session_nss_mode(self): logger.info("--- Case C1238979") query_name = 'pershell_c' desktop = get_desktop() shared_query_itm = create_query_func(desktop, query_name, [SessionType.Windows_session, \ SessionType.Linux_Desktop_session]) assert shared_query_itm is not None, f"{query_name} is not found" def test_verify_audited_sessions_nss_mode(self, css_test_machine, css_test_env, get_aduser_from_yaml): logger.info("--- Case C1238987") query_name = 'pershell_c' desktop = get_desktop() host_name = css_test_machine['hostname'] domain_name = css_test_env['domain_name'] command_list = ['adinfo', 'dainfo', 'exit'] user = '******' audit_session_file, review_comment, review_status = validate_event_file( query_name, domain_name, user, get_aduser_from_yaml, desktop, host_name) # Verify session command list, review comment and status assert review_comment == True, "Review comment not found" assert review_status == True, "Review status not found" for command in command_list: assert (command in audit_session_file ) == True, f"Session for {command} command not created"
def parallel_agent_install(): list_of_dicts = Configs.get_yaml_node('suvp_test_hosts', 'tested_hosts') p = Pool(len(list_of_dicts)) p.map(static_agent_install, list_of_dicts) p.join() p.close()
def navigation_visibility(request): return Configs.get_environment_node('navigation', 'automation_main')
class TestConfigureDAInstallation: """ Install and configure the DA installation """ settings = Configs.get_test_node("da_installation", "settings") vry_small_retry = settings['vry_small_retry'] small_retry = settings['small_retry'] med_retry = settings['med_retry'] big_retry = settings['big_retry'] filename = "test_DAWinBAT_Configure_DA_installation.py" class_name = "TestConfigureDAInstallation" @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_create_da_installation(self, dawin_testagent_uploaded, dawin_installed, \ css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_create_da_installation') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_configure_connector_and_verify_version( self, dawin_installed, css_testee_login_as_domain_admin): username = r"%s\%s" % (dawin_installed['domain_name'].split('.')[0], "administrator") login_and_execute_cmds(username, dawin_installed['admin_password'], dawin_installed['public_ip'], css_testee_login_as_domain_admin, self.filename, self.class_name, 'test_configure_collector_and_verify_version') @pytest.mark.bhavna @pytest.mark.css @pytest.mark.da_win_bat def test_master_centrify_da_agent_configure(self, css_client_login, css_client_test_machine): username = r"%s\%s" % (css_client_test_machine['domain_name'].split( '.')[0], "administrator") login_and_execute_cmds(username, css_client_test_machine['admin_password'], css_client_test_machine['public_ip'], css_client_login, self.filename, self.class_name, 'test_centrify_da_agent_configure') # 1.Configure DA installation def test_create_da_installation(self): logger.info("--- Case C1238801") dsksession = get_desktop() logger.info("Creating the DA installation") self.test_centrify_da_console_install(dsksession) logger.info("Checking the DA package version") self.test_centrify_da_console_version(dsksession) logger.info("Adding the audit store") self.test_configure_audit_store(dsksession) logger.info("Exiting") dsksession.quit() def test_centrify_da_console_install(self, desktop): da_console_config = self.settings['audit_console'] sql_instance_name = self.settings['sql_instance_name'] sql_machine_name = self.settings['sql_machine_name'] new_management_db_name = self.settings['new_management_db_name'] da_instance_name = self.settings['da_instance_name'] licence_key = self.settings['licence_key'] disable_video_capturing = da_console_config['disable_video_capturing'] review_own_session = da_console_config['review_own_session'] delete_own_session = da_console_config['delete_own_session'] disable_audit_store_install_now = da_console_config[ 'disable_audit_store_install_now'] launch_application(css_win_constants.da_administrator_startup_path) ok_centrify_license_dlg(desktop) window = try_find_element( desktop, FindElementBy.CLASS, 'WindowsForms10.Window.8.app.0.141b42a_r41_ad1', self.med_retry, True) da_installed = False if window is not None: # if multiple da installations are present installed_da_popup = try_find_element(window, FindElementBy.AUTOMATION_ID, 'm_forest', self.vry_small_retry, True) if installed_da_popup is not None: cancel = try_find_element(window, FindElementBy.AUTOMATION_ID, 'm_cancelButton', self.vry_small_retry) click_hold(desktop, cancel) da_installed = True if window is None or da_installed: da_node = get_da_installation_node(desktop) click_hold(desktop, da_node) click_context_menu(desktop, da_node, "New Installation...") new_install = try_find_element(desktop, FindElementBy.NAME, 'New Installation Wizard', self.small_retry, True) try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_name', self.small_retry).send_keys(da_instance_name) click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_nextButton', self.small_retry)) click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_createOption', self.small_retry)) sql_to_connect = sql_machine_name + '\\' + sql_instance_name sql_to_connect = sql_to_connect.strip("\\") try_find_element(new_install, FindElementBy.AUTOMATION_ID, '1001', self.small_retry).send_keys(sql_to_connect) try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_database', self.small_retry).send_keys(new_management_db_name) click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_nextButton', self.small_retry)) ## Page 3 set_sql_login_account(new_install, desktop, self.settings["sql_login_account"]) click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_nextButton', self.small_retry)) ## For AdminPopUp popup_handle = try_find_element(desktop, FindElementBy.NAME, 'OK', self.vry_small_retry, True) if popup_handle is not None: click_hold(desktop, popup_handle) key_page = try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_key', self.vry_small_retry, True) while key_page is None: click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_nextButton', self.small_retry)) key_page = try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_key', self.vry_small_retry, True) key_page.send_keys(licence_key) ## Product key Page # try_find_element(window, FindElementBy.AUTOMATION_ID, 'm_key', SMALL_RETRY).send_keys(licence_key) click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_addButton', self.small_retry)) click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_nextButton', self.small_retry)) ## location page click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_nextButton', self.small_retry)) ## permissions if disable_video_capturing: click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'EnableVideoAuditCheckBox', self.small_retry)) if review_own_session: click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'DisableSelfReviewCheckBox', self.small_retry)) if delete_own_session: click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'DisableSelfDeleteCheckBox', self.small_retry)) click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_nextButton', self.small_retry)) ## review click_hold( desktop, try_find_element(new_install, FindElementBy.AUTOMATION_ID, 'm_nextButton', self.small_retry)) ## finish if disable_audit_store_install_now: click_hold( desktop, try_find_element(desktop, FindElementBy.AUTOMATION_ID, 'm_option', self.big_retry)) click_hold( desktop, try_find_element(desktop, FindElementBy.AUTOMATION_ID, 'm_nextButton', self.big_retry)) def test_centrify_da_console_version(self, desktop): window = try_find_element(desktop, FindElementBy.CLASS, 'MMCMainFrame', self.small_retry) pop_up = try_find_element(window, FindElementBy.NAME, 'OK', self.vry_small_retry, True) if pop_up is not None: click_hold(desktop, pop_up) help_elements = window.find_elements_by_name('Help') for element in help_elements: if element.get_attribute('LocalizedControlType') == 'menu item': click_hold(desktop, element) element.send_keys(Keys.ARROW_DOWN) element.send_keys(Keys.ARROW_DOWN) element.send_keys('b') complete_text = str( try_find_element(window, FindElementBy.AUTOMATION_ID, '4160', self.small_retry).text) click_hold(desktop, window.find_element_by_accessibility_id('1')) index = complete_text.index('Version') version = complete_text[index:] assert (self.settings['version'] == version ), 'version mismatch it should be:' + self.settings['version'] def test_configure_audit_store(self, desktop): """ Configures audit store in a pre-configured Direct Audit installation. Expects Audit Manager window to be open """ ok_centrify_license_dlg(desktop) da_node = get_da_installation_node(desktop) double_click(desktop, da_node) ok_centrify_license_dlg(desktop) audit_store_setting = self.settings["audit_store"] da_instance_name = self.settings['da_instance_name'] cntry_install = get_da_installation_node(desktop, da_instance_name) # double click to open tree-node double_click(desktop, cntry_install) ok_centrify_license_dlg(desktop) open_tree_node(desktop, cntry_install) # region go to Audit Stores tree-node and context-click Add Audit Store... cntry_audit_stores = cntry_install.find_element_by_name("Audit Stores") double_click(desktop, cntry_audit_stores) click_context_menu(desktop, cntry_audit_stores, "Add Audit Store...") # endregion # region Add Audit Store Wizard audit_store_wizard = try_find_element(desktop, FindElementBy.NAME, "Add Audit Store Wizard", self.med_retry) if audit_store_setting["store_display_name"] == "": raise Exception("store_display_name cannot be blank") clear_txtbox(try_find_element(audit_store_wizard, FindElementBy.NAME, "Display name:", self.med_retry)) \ .send_keys(audit_store_setting["store_display_name"]) while try_find_element(audit_store_wizard, FindElementBy.AUTOMATION_ID, "m_winAndUnixRadioBtn", self.vry_small_retry, ignore_if_not_found=True) is None: click_hold( desktop, try_find_element(audit_store_wizard, FindElementBy.NAME, "Next >", self.med_retry)) while try_find_element(audit_store_wizard, FindElementBy.NAME, "Add Site", self.vry_small_retry, ignore_if_not_found=True ) is None: # retry until next screen found affinity = audit_store_setting["affinity"].lower() if affinity == "windows and unix": click_hold( desktop, try_find_element(audit_store_wizard, FindElementBy.AUTOMATION_ID, "m_winAndUnixRadioBtn", self.med_retry)) elif affinity == "windows": click_hold( desktop, try_find_element(audit_store_wizard, FindElementBy.AUTOMATION_ID, "m_winRadioBtn", self.med_retry)) elif affinity == "unix": click_hold( desktop, try_find_element(audit_store_wizard, FindElementBy.AUTOMATION_ID, "m_unixRadioBtn", self.med_retry)) click_hold( desktop, try_find_element(audit_store_wizard, FindElementBy.NAME, "Next >", self.med_retry)) # select AD-site add_site = try_find_element(audit_store_wizard, FindElementBy.NAME, "Add Site", self.med_retry) while try_find_element(audit_store_wizard, FindElementBy.NAME, "Select Active Directory Sites", self.vry_small_retry, ignore_if_not_found=True) is None: click_hold(desktop, add_site) # retry click until next screen loaded ad_sites = try_find_element(audit_store_wizard, FindElementBy.NAME, "Select Active Directory Sites", self.med_retry) click_hold( desktop, try_find_element(ad_sites, FindElementBy.NAME, "Select a site from current forest", self.med_retry)) sites_list = try_find_element(ad_sites, FindElementBy.AUTOMATION_ID, "m_siteList", self.med_retry) if audit_store_setting["ad_site"] == "": click_hold( desktop, try_find_element(sites_list, FindElementBy.AUTOMATION_ID, "ListViewItem-0", self.med_retry)) else: # all child in list found = listbox_select_item(desktop, sites_list, audit_store_setting["ad_site"]) if not found: raise Exception("AD Site '" + audit_store_setting["ad_site"] + "' not found") while not try_find_element(audit_store_wizard, FindElementBy.NAME, "Next >", self.med_retry).is_enabled(): click_hold(desktop, try_find_element( ad_sites, FindElementBy.NAME, "OK", self.med_retry)) # retry clicks until next enables click_hold( desktop, try_find_element(audit_store_wizard, FindElementBy.NAME, "Next >", self.med_retry)) while try_find_element(audit_store_wizard, FindElementBy.NAME, "Finish", self.vry_small_retry, ignore_if_not_found=True ) is None: # retry clicks until Finish found click_hold( desktop, try_find_element(audit_store_wizard, FindElementBy.NAME, "Next >", self.med_retry)) click_hold( desktop, try_find_element(audit_store_wizard, FindElementBy.NAME, "Finish", self.med_retry)) # endregion # region Add Audit Store Database Wizard audit_store_db_wizard = try_find_element( desktop, FindElementBy.NAME, "Add Audit Store Database Wizard", self.med_retry) clear_txtbox(try_find_element(audit_store_db_wizard, FindElementBy.NAME, "Display name:", self.med_retry)) \ .send_keys(audit_store_setting["db_display_name"]) click_hold( desktop, try_find_element(audit_store_db_wizard, FindElementBy.NAME, "Next >", self.med_retry)) sql_to_connect = self.settings[ "sql_machine_name"] + "\\" + self.settings["sql_instance_name"] sql_to_connect = sql_to_connect.strip("\\") clear_txtbox(try_find_element(audit_store_db_wizard, FindElementBy.CLASS, "Edit", self.med_retry)) \ .send_keys(sql_to_connect) click_hold( desktop, try_find_element(audit_store_db_wizard, FindElementBy.NAME, "Next >", self.med_retry)) clear_txtbox(try_find_element(audit_store_db_wizard, FindElementBy.NAME, "Database name:", self.med_retry)) \ .send_keys(audit_store_setting["db_name"]) active_chk = try_find_element(audit_store_db_wizard, FindElementBy.NAME, "Set as active database", self.med_retry) if audit_store_setting["db_set_active"]: if not active_chk.is_selected(): click_hold(desktop, active_chk) else: if active_chk.is_selected(): click_hold(desktop, active_chk) click_hold( desktop, try_find_element(audit_store_db_wizard, FindElementBy.NAME, "Next >", self.vry_small_retry)) set_sql_login_account(audit_store_db_wizard, desktop, self.settings["sql_login_account"]) click_hold( desktop, try_find_element(audit_store_db_wizard, FindElementBy.NAME, "Next >", self.vry_small_retry)) click_hold( desktop, try_find_element(audit_store_db_wizard, FindElementBy.NAME, "Next >", self.vry_small_retry)) click_hold( desktop, try_find_element(audit_store_db_wizard, FindElementBy.NAME, "Finish", self.med_retry)) # endregion # region open tree-node, check Audit Store # refresh and open Audit Stores tree-node click_context_menu(desktop, cntry_audit_stores, "Refresh") open_tree_node(desktop, cntry_audit_stores) # open Audit Store tree-node cntry_audit_store = cntry_audit_stores.find_element_by_name( audit_store_setting["store_display_name"]) open_tree_node(desktop, cntry_audit_store) # open Databases tree-node databases = cntry_audit_store.find_element_by_name("Databases") double_click(desktop, databases) # endregion assert databases is not None, "test_config_audit_store PASSED" cntry_main_screen = try_find_element(desktop, FindElementBy.CLASS, "MMCMainFrame", self.small_retry) click_hold( desktop, try_find_element(cntry_main_screen, FindElementBy.NAME, "Close", self.med_retry)) logger.info('application closed') def test_configure_collector_and_verify_version(self): """ Configures controller in a pre-configured Direct Audit installation and verify the version. """ logger.info("--- Case C1238802") logger.info("------Step 1") logger.info("Configuring the collector") desktop = get_desktop() collector_setting = settings["collector"] collector_session = start_collector_configure() collector_win = try_find_element(desktop, FindElementBy.AUTOMATION_ID, "CollectorControlPanel", self.med_retry) click_hold( desktop, try_find_element(collector_win, FindElementBy.AUTOMATION_ID, "m_configureButton", self.med_retry)) config_win = try_find_element( desktop, FindElementBy.NAME, "Centrify DirectAudit Collector Configuration Wizard", self.med_retry) install_list = try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_installList", self.med_retry) found_instance_name = listbox_select_item(desktop, install_list, settings["da_instance_name"]) if not found_instance_name: raise Exception("DA instance '" + settings["da_instance_name"] + "' not found. ") click_hold( desktop, try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_nextButton", self.med_retry)) clear_txtbox(try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_port", self.med_retry)). \ send_keys(collector_setting["listening_port"]) while try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_windowsOption", self.vry_small_retry, ignore_if_not_found=True) is None: click_hold( desktop, try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_nextButton", self.med_retry)) click_hold( desktop, try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_windowsOption", self.med_retry)) click_hold( desktop, try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_nextButton", self.med_retry)) clear_txtbox(try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_maxPoolSize", self.med_retry)). \ send_keys(collector_setting["max_pool_size"]) click_hold( desktop, try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_nextButton", self.med_retry)) click_hold( desktop, try_find_element(config_win, FindElementBy.AUTOMATION_ID, "m_nextButton", self.med_retry)) click_hold( desktop, try_find_element(config_win, FindElementBy.NAME, "Finish", self.med_retry)) click_hold( desktop, try_find_element(collector_win, FindElementBy.AUTOMATION_ID, "m_restartButton", self.med_retry)) status_txt = try_find_element(collector_win, FindElementBy.AUTOMATION_ID, "m_status", self.med_retry).text.lower() timer = 0 while status_txt != "running" and timer < self.big_retry: timer = timer + 1 status_txt = try_find_element(collector_win, FindElementBy.AUTOMATION_ID, "m_status", self.med_retry).text.lower() assert status_txt == "running", "Collector not started " + status_txt logger.info("Verifying the Collector version") logger.info("------Step 2") version_lbl = try_find_element(collector_win, FindElementBy.AUTOMATION_ID, "m_verLabel", self.med_retry) actual_version = ''.join( re.compile(r'([0-9]+)+').findall( re.search( r"\(.*?\)", version_lbl.text).group().split(": ")[1].rstrip(r'\)'))) expected_version = ''.join( re.compile(r'([0-9]+)+').findall(settings['version'])) # Close the Collector application collector_session.quit() assert (expected_version == actual_version ), 'Collector version mismatch it should be:' + self.settings[ 'version'] def test_centrify_da_agent_configure(self, css_client_test_machine): logger.info("--- Case C1238803") logger.info("------Step 1") desktop = get_desktop() da_agent = settings['agent'] ad_admin = r"%s\%s" % (css_client_test_machine['domain_name'].split( '.')[0], 'administrator') ad_admin_password = css_client_test_machine['ad_admin_password'] enable_session_capture = da_agent['enable_session_capture'] da_instance_name = settings['da_instance_name'] launch_application(css_win_constants.remote_da_agent_start_path) window = try_find_element(desktop, FindElementBy.NAME, 'Centrify Agent Configuration', self.small_retry) # add_services try_find_element(window, FindElementBy.NAME, 'Add service', self.small_retry).click() # select the services if enable_session_capture: click_hold( desktop, try_find_element(window, FindElementBy.NAME, 'Enable session capture and replay', self.small_retry)) try_find_element(window, FindElementBy.NAME, 'OK', self.small_retry).click() # select da instance name popup_win = try_find_element( desktop, FindElementBy.NAME, 'Centrify Auditing and Monitoring Service', self.small_retry) found_instance_name = try_find_element(desktop, FindElementBy.NAME, da_instance_name, self.vry_small_retry, True) try_find_element(desktop, FindElementBy.CLASS, 'ListView', self.small_retry).click() retry = 0 while not found_instance_name or not found_instance_name.is_selected( ) and retry < self.med_retry: ActionChains(desktop).key_down(Keys.ARROW_DOWN).perform() found_instance_name = try_find_element(desktop, FindElementBy.NAME, da_instance_name, self.vry_small_retry, True) else: found_instance_name.click() if found_instance_name is None: raise Exception("DA instance '" + settings["da_instance_name"] + "' not found. ") try_find_element(popup_win, FindElementBy.NAME, '_Next', self.vry_small_retry).click() popup_win = try_find_element( desktop, FindElementBy.NAME, 'Centrify Auditing and Monitoring Service', self.vry_small_retry, True) if popup_win is None: actions = ActionChains(desktop) actions.send_keys(ad_admin) actions.send_keys(Keys.TAB) actions.send_keys(ad_admin_password) actions.send_keys(Keys.ENTER) actions.perform() else: popup_win = try_find_element( desktop, FindElementBy.NAME, 'Centrify Auditing and Monitoring Service', self.vry_small_retry, True) retry = 0 while try_find_element(popup_win, FindElementBy.NAME, 'Progress', self.vry_small_retry, True) is None and retry < 10: retry = retry + 1 list_item = try_find_element( window, FindElementBy.NAME, 'Centrify.WinAgent.ServiceConfig.ViewModel.AuditService', self.small_retry, True) if list_item is not None: service_installed = try_find_element( list_item, FindElementBy.NAME, 'Centrify Auditing and Monitoring Service', self.small_retry, True) assert list_item is not None and service_installed is not None, "Agent service configuration failed" logger.info("Verifying the Agent version") logger.info("------Step 2") try_find_element(window, FindElementBy.CLASS, 'ListBoxItem', small_retry).click() try_find_element(window, FindElementBy.NAME, 'Settings', small_retry).click() agent_panel_win = try_find_element(desktop, FindElementBy.AUTOMATION_ID, 'AgentControlPanel', small_retry) version_lbl = try_find_element(agent_panel_win, FindElementBy.AUTOMATION_ID, "m_verLabel", self.med_retry) actual_version = ''.join( re.compile(r'([0-9]+)+').findall( re.search( r"\(.*?\)", version_lbl.text).group().split(": ")[1].rstrip(r'\)'))) expected_version = ''.join( re.compile(r'([0-9]+)+').findall(settings['version'])) # Close the Agent app try_find_element(agent_panel_win, FindElementBy.NAME, 'Close', self.small_retry).click() try_find_element(window, FindElementBy.NAME, 'Close', self.small_retry).click() assert (expected_version == actual_version), 'Collector version mismatch it should be:' + \ self.settings['version']
def test_check_connector_page_for_system(core_session, pas_windows_setup, users_and_roles): """ TC:C2171 Check UI on Connectors page for a system. :param:core_session: Returns Authenticated Centrify session. :param:users_and_roles:Fixture to manage roles and user. :param pas_windows_setup: Return a fixture. """ # Creating a system and account. system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup( ) # Cloud user session with "Privileged Access Service Administrator". cloud_user_session = users_and_roles.get_session_for_user( 'Privileged Access Service Administrator') user_name = cloud_user_session.auth_details['User'] user_id = cloud_user_session.auth_details['UserId'] # UI session with "Privileged Access Service Administrator" rights. ui = users_and_roles.get_ui_as_user( 'Privileged Access Service Administrator') # Assigning system "View,Delete" permission assign_system_result, assign_system_success = ResourceManager.assign_system_permissions( core_session, "View,Delete", user_name, user_id, 'User', system_id) assert assign_system_success, f"Failed to assign system permissions: API response result: {assign_system_result}" logger.info( f'Successfully assigned "View" permission to user:{assign_system_result}.' ) # Getting the connectors Details. connector_details = Configs.get_environment_node('connector_data', 'automation_main') list_connectors_id = [] connectors_details = RedrockController.get_all_proxy(core_session) for connector_detail in connectors_details: if connector_detail['Name'] == connector_details['connector']: list_connectors_id.append(connector_detail['ID']) # Choosing the connector for the system. result, success = ResourceManager.update_system( core_session, system_id=system_id, name=sys_info[0], fqdn=sys_info[1], computerclass=sys_info[2], proxycollectionlist=connector_id, chooseConnector="on", filterConnectorCombo="all") assert success, f'Failed to save the connector for the system: API response result: {result}.' logger.info( f'Successfully save the connector for the system: API response result: {result}.' ) # UI Launch ui.navigate('Resources', 'Systems') ui.search(sys_info[0]) ui.click_row(GridRowByGuid(system_id)) ui.tab('Connectors', check_rendered_tab=False) ui.switch_context(ActiveMainContentArea()) ui.expect( ReadOnlyTextField('filterConnectorCombo'), 'Expected the username field to be readonly for this filterConnectorCombo strategy but it is not.' ) logger.info( 'Successfully found connector settings grayed and no error icon')