def test_positive_disable_session(self): """Check if user logs out when session is disabled :id: 38ee0d85-c2fe-4cac-a992-c5dbcec11031 :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Disable use_sessions :expectedresults: The session is terminated """ result = configure_sessions() self.assertEqual(result, 0, 'Failed to configure hammer sessions') AuthLogin.basic({'username': self.uname_admin, 'password': self.password}) result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_admin), result[0]['message']) # list organizations without supplying credentials with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list() # disabling sessions result = configure_sessions(False) self.assertEqual(result, 0, 'Failed to configure hammer sessions') result = Auth.with_user().status() self.assertIn(NOTCONF_MSG.format(self.uname_admin), result[0]['message']) with self.assertRaises(CLIReturnCodeError): Org.with_user().list()
def test_positive_session_survives_failed_login(admin_user, non_admin_user, target_sat): """Check if session stays up after failed login attempt :id: 6c4d5c4c-eff0-411b-829f-0c2f2ec26132 :BZ: 1465552 :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Run login with invalid credentials :expectedresults: The session is unchanged """ result = configure_sessions(target_sat) assert result == 0, 'Failed to configure hammer sessions' AuthLogin.basic({'username': admin_user['login'], 'password': password}) result = Auth.with_user().status() assert LOGEDIN_MSG.format(admin_user['login']) in result[0]['message'] Org.with_user().list() # using invalid password with pytest.raises(CLIReturnCodeError): AuthLogin.basic({ 'username': non_admin_user['login'], 'password': gen_string('alpha') }) # checking the session status again result = Auth.with_user().status() assert LOGEDIN_MSG.format(admin_user['login']) in result[0]['message'] Org.with_user().list()
def test_positive_change_session(self): """Change from existing session to a different session :id: b6ea6f3c-fcbd-4e7b-97bd-f3e0e6b9da8f :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Login as a different user :expectedresults: The session is altered """ result = configure_sessions() self.assertEqual(result, 0, 'Failed to configure hammer sessions') AuthLogin.basic({'username': self.uname_admin, 'password': self.password}) result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_admin), result[0]['message']) # list organizations without supplying credentials with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list() AuthLogin.basic({'username': self.uname_viewer, 'password': self.password}) result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_viewer), result[0]['message']) with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list()
def test_positive_change_session(admin_user, non_admin_user, target_sat): """Change from existing session to a different session :id: b6ea6f3c-fcbd-4e7b-97bd-f3e0e6b9da8f :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Login as a different user :CaseImportance: High :expectedresults: The session is altered """ result = configure_sessions(target_sat) assert result == 0, 'Failed to configure hammer sessions' AuthLogin.basic({'username': admin_user['login'], 'password': password}) result = Auth.with_user().status() assert LOGEDIN_MSG.format(admin_user['login']) in result[0]['message'] # list organizations without supplying credentials assert User.with_user().list() AuthLogin.basic({ 'username': non_admin_user['login'], 'password': password }) result = Auth.with_user().status() assert LOGEDIN_MSG.format(non_admin_user['login']) in result[0]['message'] assert User.with_user().list()
def test_positive_session_survives_unauthenticated_call(self): """Check if session stays up after unauthenticated call :id: 8bc304a0-70ea-489c-9c3f-ea8343c5284c :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Run `hammer ping` :expectedresults: The session is unchanged """ result = configure_sessions() self.assertEqual(result, 0, 'Failed to configure hammer sessions') AuthLogin.basic({'username': self.uname_admin, 'password': self.password}) result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_admin), result[0]['message']) # list organizations without supplying credentials with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list() result = ssh.command('hammer ping') self.assertEqual(result.return_code, 0, 'Failed to run hammer ping') result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_admin), result[0]['message']) with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list()
def test_positive_disable_session(admin_user, target_sat): """Check if user logs out when session is disabled :id: 38ee0d85-c2fe-4cac-a992-c5dbcec11031 :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Disable use_sessions :expectedresults: The session is terminated """ result = configure_sessions(target_sat) assert result == 0, 'Failed to configure hammer sessions' AuthLogin.basic({'username': admin_user['login'], 'password': password}) result = Auth.with_user().status() assert LOGEDIN_MSG.format(admin_user['login']) in result[0]['message'] # list organizations without supplying credentials assert Org.with_user().list() # disabling sessions result = configure_sessions(satellite=target_sat, enable=False) assert result == 0, 'Failed to configure hammer sessions' result = Auth.with_user().status() assert NOTCONF_MSG.format(admin_user['login']) in result[0]['message'] with pytest.raises(CLIReturnCodeError): Org.with_user().list()
def test_positive_log_out_from_session(admin_user, target_sat): """Check if session is terminated when user logs out :id: 0ba05f2d-7b83-4b0c-a04c-80e62b7c4cf2 :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Run `hammer auth logout` :expectedresults: The session is terminated """ result = configure_sessions(target_sat) assert result == 0, 'Failed to configure hammer sessions' AuthLogin.basic({'username': admin_user['login'], 'password': password}) result = Auth.with_user().status() assert LOGEDIN_MSG.format(admin_user['login']) in result[0]['message'] # list organizations without supplying credentials assert Org.with_user().list() Auth.logout() result = Auth.with_user().status() assert LOGEDOFF_MSG.format(admin_user['login']) in result[0]['message'] with pytest.raises(CLIReturnCodeError): Org.with_user().list()
def test_positive_session_survives_failed_login(self): """Check if session stays up after failed login attempt :id: 6c4d5c4c-eff0-411b-829f-0c2f2ec26132 :BZ: 1465552 :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Run login with invalid credentials :expectedresults: The session is unchanged """ result = configure_sessions() self.assertEqual(result, 0, 'Failed to configure hammer sessions') AuthLogin.basic({'username': self.uname_admin, 'password': self.password}) result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_admin), result[0]['message']) with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list() # using invalid password with self.assertRaises(CLIReturnCodeError): AuthLogin.basic({'username': self.uname_viewer, 'password': gen_string('alpha')}) # checking the session status again result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_admin), result[0]['message']) with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list()
def test_positive_log_out_from_session(self): """Check if session is terminated when user logs out :id: 0ba05f2d-7b83-4b0c-a04c-80e62b7c4cf2 :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Run `hammer auth logout` :expectedresults: The session is terminated """ result = configure_sessions() self.assertEqual(result, 0, 'Failed to configure hammer sessions') AuthLogin.basic({'username': self.uname_admin, 'password': self.password}) result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_admin), result[0]['message']) # list organizations without supplying credentials with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list() Auth.logout() result = Auth.with_user().status() self.assertIn(LOGEDOFF_MSG.format(self.uname_admin), result[0]['message']) with self.assertRaises(CLIReturnCodeError): Org.with_user().list()
def test_positive_session_survives_unauthenticated_call( admin_user, target_sat): """Check if session stays up after unauthenticated call :id: 8bc304a0-70ea-489c-9c3f-ea8343c5284c :Steps: 1. Set use_sessions 2. Authenticate, assert credentials are not demanded on next command run 3. Run `hammer ping` :CaseImportance: Medium :expectedresults: The session is unchanged """ result = configure_sessions(target_sat) assert result == 0, 'Failed to configure hammer sessions' AuthLogin.basic({'username': admin_user['login'], 'password': password}) result = Auth.with_user().status() assert LOGEDIN_MSG.format(admin_user['login']) in result[0]['message'] # list organizations without supplying credentials Org.with_user().list() result = target_sat.execute('hammer ping') assert result.status == 0, 'Failed to run hammer ping' result = Auth.with_user().status() assert LOGEDIN_MSG.format(admin_user['login']) in result[0]['message'] Org.with_user().list()
def test_rhsso_timeout_using_hammer( self, enable_external_auth_rhsso, rhsso_setting_setup_with_timeout, rh_sso_hammer_auth_setup, ): """verify the hammer auth timeout using RHSSO auth source :id: d014cc98-d198-11ea-b526-d46d6dd3b5b2 :expectedresults: hammer auth login timeout should be suceessful for a rhsso user :CaseImportance: Medium """ result = AuthLogin.oauth({ 'oidc-token-endpoint': get_oidc_token_endpoint(), 'oidc-client-id': get_oidc_client_id(), 'username': settings.rhsso.rhsso_user, 'password': settings.rhsso.password, }) assert f"Successfully logged in as '{settings.rhsso.rhsso_user}'." == result[ 0]['message'] sleep(70) with pytest.raises(CLIReturnCodeError) as error: Task.with_user(username=settings.rhsso.rhsso_user, password=settings.rhsso.password).list() assert 'Unable to authenticate user sat_admin' in error.value.message
def test_rhsso_login_using_hammer(self, enable_external_auth_rhsso, rhsso_setting_setup, rh_sso_hammer_auth_setup): """verify the hammer auth login using RHSSO auth source :id: 56c09a1a-d0e5-11ea-9024-d46d6dd3b5b2 :expectedresults: hammer auth login should be suceessful for a rhsso user :CaseImportance: High """ result = AuthLogin.oauth({ 'oidc-token-endpoint': get_oidc_token_endpoint(), 'oidc-client-id': get_oidc_client_id(), 'username': settings.rhsso.rhsso_user, 'password': settings.rhsso.password, }) assert f"Successfully logged in as '{settings.rhsso.rhsso_user}'." == result[ 0]['message'] result = Auth.with_user(username=settings.rhsso.rhsso_user, password=settings.rhsso.password).status() assert ( f"Session exists, currently logged in as '{settings.rhsso.rhsso_user}'." == result[0]['message']) task_list = Task.with_user(username=settings.rhsso.rhsso_user, password=settings.rhsso.password).list() assert len(task_list) >= 0 with pytest.raises(CLIReturnCodeError) as error: Role.with_user(username=settings.rhsso.rhsso_user, password=settings.rhsso.password).list() assert 'Missing one of the required permissions' in error.value.message
def test_negative_no_permissions(self): """Attempt to execute command out of user's permissions :id: 756f666f-270a-4b02-b587-a2ab09b7d46c :expectedresults: Command is not executed """ result = configure_sessions() self.assertEqual(result, 0, 'Failed to configure hammer sessions') AuthLogin.basic({'username': self.uname_viewer, 'password': self.password}) result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_viewer), result[0]['message']) # try to update user from viewer's session with self.assertRaises(CLIReturnCodeError): User.with_user().update({'login': self.uname_admin, 'new-login': gen_string('alpha')})
def test_positive_session_preceeds_saved_credentials(self): """Check if enabled session is mutually exclusive with saved credentials in hammer config :id: e4277298-1c24-494b-84a6-22f45f96e144 :BZ: 1471099 :Steps: 1. Set use_sessions, set usernam and password, set short expiration time 2. Authenticate, assert credentials are not demanded on next command run 3. Wait until session expires :expectedresults: Session expires after specified time and saved credentials are not applied """ try: idle_timeout = Settings.list({'search': 'name=idle_timeout'})[0]['value'] Settings.set({'name': 'idle_timeout', 'value': 1}) result = configure_sessions(add_default_creds=True) self.assertEqual(result, 0, 'Failed to configure hammer sessions') AuthLogin.basic({ 'username': self.uname_admin, 'password': self.password }) result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_admin), result[0]['message']) # list organizations without supplying credentials with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list() # wait until session expires sleep(70) with self.assertRaises(CLIReturnCodeError): Org.with_user().list() result = Auth.with_user().status() self.assertIn(LOGEDOFF_MSG.format(self.uname_admin), result[0]['message']) finally: # reset timeout to default Settings.set({'name': 'idle_timeout', 'value': f'{idle_timeout}'})
def test_positive_session_preceeds_saved_credentials(admin_user, target_sat): """Check if enabled session is mutually exclusive with saved credentials in hammer config :id: e4277298-1c24-494b-84a6-22f45f96e144 :BZ: 1471099, 1903693 :CaseImportance: High :Steps: 1. Set use_sessions, set username and password, set short expiration time 2. Authenticate, assert credentials are not demanded on next command run 3. Wait until session expires :expectedresults: Session expires after specified time and saved credentials are not applied """ try: idle_timeout = Settings.list({'search': 'name=idle_timeout'})[0]['value'] Settings.set({'name': 'idle_timeout', 'value': 1}) result = configure_sessions(satellite=target_sat, add_default_creds=True) assert result == 0, 'Failed to configure hammer sessions' AuthLogin.basic({ 'username': admin_user['login'], 'password': password }) result = Auth.with_user().status() assert LOGEDIN_MSG.format(admin_user['login']) in result[0]['message'] # list organizations without supplying credentials sleep(70) if not is_open('BZ:1903693'): result = Auth.with_user().status() assert LOGEDOFF_MSG.format( admin_user['login']) in result[0]['message'] with pytest.raises(CLIReturnCodeError): Org.with_user().list() finally: # reset timeout to default Settings.set({'name': 'idle_timeout', 'value': f'{idle_timeout}'})
def test_positive_create_session(self): """Check if user stays authenticated with session enabled :id: fcee7f5f-1040-41a9-bf17-6d0c24a93e22 :Steps: 1. Set use_sessions, set short expiration time 2. Authenticate, assert credentials are not demanded on next command run 3. Wait until session expires, assert credentials are required :expectedresults: The session is successfully created and expires after specified time """ try: idle_timeout = Settings.list({'search': 'name=idle_timeout'})[0]['value'] Settings.set({'name': 'idle_timeout', 'value': 1}) result = configure_sessions() self.assertEqual(result, 0, 'Failed to configure hammer sessions') AuthLogin.basic({ 'username': self.uname_admin, 'password': self.password }) result = Auth.with_user().status() self.assertIn(LOGEDIN_MSG.format(self.uname_admin), result[0]['message']) # list organizations without supplying credentials with self.assertNotRaises(CLIReturnCodeError): Org.with_user().list() # wait until session expires sleep(70) with self.assertRaises(CLIReturnCodeError): Org.with_user().list() result = Auth.with_user().status() self.assertIn(LOGEDOFF_MSG.format(self.uname_admin), result[0]['message']) finally: # reset timeout to default Settings.set({'name': 'idle_timeout', 'value': f'{idle_timeout}'})
def test_negative_no_permissions(admin_user, non_admin_user): """Attempt to execute command out of user's permissions :id: 756f666f-270a-4b02-b587-a2ab09b7d46c :expectedresults: Command is not executed """ result = configure_sessions() assert result == 0, 'Failed to configure hammer sessions' AuthLogin.basic({ 'username': non_admin_user['login'], 'password': password }) result = Auth.with_user().status() assert LOGEDIN_MSG.format(non_admin_user['login']) in result[0]['message'] # try to update user from viewer's session with pytest.raises(CLIReturnCodeError): User.with_user().update({ 'login': admin_user['login'], 'new-login': gen_string('alpha') })