Пример #1
0
    def test_positive_remove_role(self):
        """Remove role from User for all variations of role names

        @id: 51b15516-da42-4149-8032-87baa93f9e56

        @Assert: Role is removed

        @BZ: 1138553

        @CaseLevel: Integration
        """
        user = make_user()
        include_list = [gen_string("alphanumeric", 100)]
        for role_name in valid_usernames_list() + include_list:
            with self.subTest(role_name):
                make_role({'name': role_name})
                User.add_role({
                    'login': user['login'],
                    'role': role_name,
                })
                user = User.info({'id': user['id']})
                self.assertIn(role_name, user['roles'])
                User.remove_role({
                    'login': user['login'],
                    'role': role_name,
                })
                user = User.info({'id': user['id']})
                self.assertNotIn(role_name, user['roles'])
Пример #2
0
    def test_user_remove_role_1(self):
        """@Test: Remove role to User for all variations of role names

        @Feature: User - Remove role

        @Steps:
        1. Create role and add it to the user . Try to remove the role

        @Assert: Role is removed

        @BZ: 1138553
        """
        user = make_user()
        include_list = [gen_string("alphanumeric", 100)]
        for role_name in valid_usernames_list() + include_list:
            with self.subTest(role_name):
                make_role({'name': role_name})
                self.__assert_exists(user)
                UserObj.add_role({
                    'login': user['login'],
                    'role': role_name,
                })
                user = UserObj.info({'id': user['id']})
                self.assertIn(role_name, user['roles'])
                UserObj.remove_role({
                    'login': user['login'],
                    'role': role_name,
                })
                user = UserObj.info({'id': user['id']})
                self.assertNotIn(role_name, user['roles'])
Пример #3
0
    def test_positive_remove_role(self):
        """Remove role from User for all variations of role names

        @Feature: User - Remove role

        @Assert: Role is removed

        @BZ: 1138553
        """
        user = make_user()
        include_list = [gen_string("alphanumeric", 100)]
        for role_name in valid_usernames_list() + include_list:
            with self.subTest(role_name):
                make_role({'name': role_name})
                User.add_role({
                    'login': user['login'],
                    'role': role_name,
                })
                user = User.info({'id': user['id']})
                self.assertIn(role_name, user['roles'])
                User.remove_role({
                    'login': user['login'],
                    'role': role_name,
                })
                user = User.info({'id': user['id']})
                self.assertNotIn(role_name, user['roles'])
Пример #4
0
    def test_positive_delete_role_1(self, data):
        """@Test: Delete roles after creating them

        @Feature: Roles

        @Assert: Assert deletion of roles

        """
        try:
            role = make_role({'name': data})
        except CLIFactoryError as err:
            self.fail(err)
        self.assertEqual(
            role['name'],
            data, "Input and output name should be consistent")

        # Delete it
        result = Role.delete({'id': role['id']})
        self.assertEqual(result.return_code, 0,
                         "Role was not deleted")
        self.assertEqual(
            len(result.stderr), 0, "No error was expected")

        # Fetch it
        result = Role.info({'id': role['id']})
        self.assertNotEqual(result.return_code, 0,
                            "Role should not be found")
        self.assertGreater(len(result.stderr), 0,
                           "Expected an error here")
Пример #5
0
    def test_positive_update_role_1(self, data):
        """@Test: Update roles after creating them

        @Feature: Roles

        @Assert: Assert updation of roles

        """
        name = gen_string('alpha', 15)
        try:
            role = make_role({'name': name})
        except CLIFactoryError as err:
            self.fail(err)
        self.assertEqual(
            role['name'],
            data, "Input and output name should be consistent")

        # Update it
        result = Role.update({'id': role['id'],
                              'new-name': data})
        self.assertEqual(result.return_code, 0,
                         "Role was not updated")
        self.assertEqual(
            len(result.stderr), 0, "No error was expected")

        # Fetch it
        result = Role.info({'id': role['id']})
        self.assertEqual(result.return_code, 0,
                         "Role was not updated")
        self.assertEqual(
            len(result.stderr), 0, "No error was expected")
        # Assert that name was updated
        self.assertEqual(result.stdout['name'],
                         data,
                         "Names do not match")
Пример #6
0
    def test_positive_create_with_permission(self):
        """Create new role with a set of permission

        :id: 7cb2b2e2-ad4d-41e9-b6b2-c0366eb09b9a

        :expectedresults: Role is created and has correct set of permissions

        :CaseImportance: Critical
        """
        role = make_role()
        # Pick permissions by its resource type
        permissions = [
            permission['name']
            for permission in Filter.available_permissions(
                {'resource-type': 'Organization'})
            ]
        # Assign filter to created role
        make_filter({
            'role-id': role['id'],
            'permissions': permissions,
        })
        self.assertEqual(
            Role.filters({'id': role['id']})[0]['permissions'],
            permissions
        )
Пример #7
0
    def test_positive_automate_bz1426957(self):
        """Verify role is properly reflected on AD user.

        :id: 1c1209a6-5bb8-489c-a151-bb2fce4dbbfc

        :expectedresults: Roles from usergroup is applied on AD user successfully.

        :CaseLevel: Integration

        :BZ: 1426957
        """
        ext_user_group = make_usergroup_external({
            'auth-source-id': self.auth['server']['id'],
            'user-group-id': self.user_group['id'],
            'name': 'foobargroup'
        })
        self.assertEqual(
            ext_user_group['auth-source'], self.auth['server']['name']
        )
        role = make_role()
        UserGroup.add_role({'id': self.user_group['id'], 'role-id': role['id']})
        with self.assertNotRaises(CLIReturnCodeError):
            Task.with_user(username=self.ldap_user_name, password=self.ldap_user_passwd).list()
            UserGroupExternal.refresh({
                'user-group-id': self.user_group['id'],
                'name': 'foobargroup'
            })
        self.assertEqual(User.info({'login': self.ldap_user_name})['user-groups'][1],
                         role['name'])
        User.delete({'login': self.ldap_user_name})
Пример #8
0
    def test_user_remove_role_1(self, test_data):
        """@Test: Remove role to User for all variations of role names

        @Feature: User - Remove role

        @Steps:
        1. Create role and add it to the user . Try to remove the role

        @Assert: Role is removed

        @BZ: 1138553

        """
        user = make_user()
        role = make_role(test_data)
        self.__assert_exists(user)
        UserObj.add_role({
            'login': user['login'],
            'role': role['name'],
        })
        user = UserObj.info({'id': user['id']})
        self.assertIn(role['name'], user['roles'])
        UserObj.remove_role({
            'login': user['login'],
            'role': role['name'],
        })
        user = UserObj.info({'id': user['id']})
        self.assertNotIn(role['name'], user['roles'])
Пример #9
0
    def test_positive_create_with_role_id(self):
        """Create new user group using valid role attached to that group. Use
        role id as a parameter

        @Feature: Usergroup

        @Assert: User group is created successfully.
        """
        role = make_role()
        user_group = make_usergroup({'role-ids': role['id']})
        self.assertEqual(user_group['roles'][0], role['name'])
Пример #10
0
    def test_positive_create_with_roles(self):
        """Create new user group using multiple roles attached to that group.
        Use roles name as a parameter

        @Feature: Usergroup

        @Assert: User group is created successfully and contains all expected
        roles
        """
        roles = [make_role()['name'] for _ in range(randint(3, 5))]
        user_group = make_usergroup({'roles': roles})
        self.assertEqual(sorted(roles), sorted(user_group['roles']))
Пример #11
0
    def test_positive_add_role(self):
        """Add role to User for all variations of role names

        @id: 4df495b8-ed02-480e-a935-ffc0b6746e08

        @Assert: Role is added to user

        @BZ: 1138553

        @CaseLevel: Integration
        """
        user = make_user()
        include_list = [gen_string("alphanumeric", 100)]
        for role_name in valid_usernames_list() + include_list:
            with self.subTest(role_name):
                make_role({'name': role_name})
                User.add_role({
                    'login': user['login'],
                    'role': role_name,
                })
                user = User.info({'id': user['id']})
                self.assertIn(role_name, user['roles'])
Пример #12
0
    def test_positive_create_with_name(self):
        """Create new roles with provided name

        @id: 6883177c-6926-428c-92ab-9effbe1372ae

        @Assert: Role is created and has correct name

        @BZ: 1138553
        """
        for name in generate_strings_list(length=10):
            with self.subTest(name):
                role = make_role({'name': name})
                self.assertEqual(role['name'], name)
Пример #13
0
    def test_positive_create_with_name(self):
        """Create new roles with provided name

        @Feature: Roles

        @Assert: Role is created and has correct name

        @BZ: 1138553
        """
        for name in generate_strings_list(length=10):
            with self.subTest(name):
                role = make_role({'name': name})
                self.assertEqual(role['name'], name)
Пример #14
0
    def test_positive_create_role_1(self):
        """@Test: Create new roles and assign to the custom user

        @Feature: Roles

        @Assert: Assert creation of roles

        @BZ: 1138553
        """
        for name in generate_strings_list(length=10):
            with self.subTest(name):
                role = make_role({'name': name})
                self.assertEqual(role['name'], name)
Пример #15
0
    def test_positive_create_with_role_id(self):
        """Create new user group using valid role attached to that group. Use
        role id as a parameter

        :id: 8524a561-037c-4509-aaba-3213924a1cfe

        :expectedresults: User group is created successfully.

        :CaseImportance: Critical
        """
        role = make_role()
        user_group = make_usergroup({'role-ids': role['id']})
        self.assertEqual(user_group['roles'][0], role['name'])
Пример #16
0
    def test_positive_list_filters_with_pagination(self):
        """Make sure filters list can be displayed with different items per
        page value

        :id: b9c7c6c1-70c2-4d7f-8d36-fa8613acc865

        :BZ: 1428516

        :expectedresults: `per-page` correctly sets amount of items displayed
            per page, different `per-page` values divide a list into correct
            number of pages

        :CaseImportance: Critical
        """
        role = make_role()
        res_types = iter(PERMISSIONS.keys())
        permissions = []
        # Collect more than 20 different permissions
        while len(permissions) <= 20:
            permissions += [
                permission['name']
                for permission in Filter.available_permissions(
                    {'resource-type': next(res_types)})
            ]
        # Create a filter for each permission
        for perm in permissions:
            make_filter({
                'role': role['name'],
                'permissions': perm,
            })
        # Test different `per-page` values
        for per_page in (1, 5, 20):
            with self.subTest(per_page):
                # Verify the first page contains exactly the same items count
                # as `per-page` value
                filters = Role.filters({
                    'name': role['name'],
                    'per-page': per_page,
                })
                self.assertEqual(len(filters), per_page)
                # Verify pagination and total amount of pages by checking the
                # items count on the last page
                last_page = (len(permissions) / per_page
                             + int(len(permissions) % per_page != 0))
                filters = Role.filters({
                    'name': role['name'],
                    'page': last_page,
                    'per-page': per_page,
                })
                self.assertEqual(
                    len(filters), len(permissions) % per_page or per_page)
Пример #17
0
    def test_positive_delete_by_id(self):
        """Create a new role and then delete role by its ID

        @id: 351780b4-697c-4f87-b989-dd9a9a2ad012

        @Assert: Role is created and then deleted by its ID
        """
        for name in generate_strings_list(length=10):
            with self.subTest(name):
                role = make_role({'name': name})
                self.assertEqual(role['name'], name)
                Role.delete({'id': role['id']})
                with self.assertRaises(CLIReturnCodeError):
                    Role.info({'id': role['id']})
Пример #18
0
    def test_positive_delete_by_id(self):
        """Create a new role and then delete role by its ID

        @id: 351780b4-697c-4f87-b989-dd9a9a2ad012

        @Assert: Role is created and then deleted by its ID
        """
        for name in generate_strings_list(length=10):
            with self.subTest(name):
                role = make_role({'name': name})
                self.assertEqual(role['name'], name)
                Role.delete({'id': role['id']})
                with self.assertRaises(CLIReturnCodeError):
                    Role.info({'id': role['id']})
Пример #19
0
    def test_positive_create_with_roles(self):
        """Create new user group using multiple roles attached to that group.
        Use roles name as a parameter

        :id: b7113d49-b9ce-4603-a09d-5ab23fe2d568

        :expectedresults: User group is created successfully and contains all
            expected roles

        :CaseImportance: Critical
        """
        roles = [make_role()['name'] for _ in range(randint(3, 5))]
        user_group = make_usergroup({'roles': roles})
        self.assertEqual(sorted(roles), sorted(user_group['roles']))
Пример #20
0
    def test_positive_delete_role_1(self):
        """@Test: Delete roles after creating them

        @Feature: Roles

        @Assert: Assert deletion of roles
        """
        for name in generate_strings_list(length=10):
            with self.subTest(name):
                role = make_role({'name': name})
                self.assertEqual(role['name'], name)
                Role.delete({'id': role['id']})
                with self.assertRaises(CLIReturnCodeError):
                    Role.info({'id': role['id']})
Пример #21
0
    def test_positive_create_with_role_name(self):
        """Create new user group using valid role attached to that group. Use
        role name as a parameter

        @Feature: Usergroup

        @Assert: User group is created successfully.
        """
        for role_name in valid_data_list():
            with self.subTest(role_name):
                role = make_role({'name': role_name})
                user_group = make_usergroup({'roles': role['name']})
                self.assertEqual(len(user_group['roles']), 1)
                self.assertEqual(user_group['roles'][0], role_name)
Пример #22
0
    def test_positive_create_with_name(self):
        """Create new roles with provided name

        :id: 6883177c-6926-428c-92ab-9effbe1372ae

        :expectedresults: Role is created and has correct name

        :BZ: 1138553

        :CaseImportance: Critical
        """
        for name in generate_strings_list(length=10):
            with self.subTest(name):
                role = make_role({'name': name})
                self.assertEqual(role['name'], name)
Пример #23
0
    def test_positive_create_role_1(self, data):
        """@Test: Create new roles and assign to the custom user

        @Feature: Roles

        @Assert: Assert creation of roles

        """
        try:
            role = make_role({'name': data})
        except CLIFactoryError as err:
            self.fail(err)
        self.assertEqual(
            role['name'],
            data, "Input and output name should be consistent")
Пример #24
0
    def test_positive_create_with_name(self):
        """Create new roles with provided name

        :id: 6883177c-6926-428c-92ab-9effbe1372ae

        :expectedresults: Role is created and has correct name

        :BZ: 1138553

        :CaseImportance: Critical
        """
        for name in generate_strings_list(length=10):
            with self.subTest(name):
                role = make_role({'name': name})
                self.assertEqual(role['name'], name)
Пример #25
0
    def test_positive_update_role(self):
        """Create a filter and assign it to another role.

        :id: 2950b3a1-2bce-447f-9df2-869b1d10eaf5

        :expectedresults: Filter is created and assigned to new role.

        :CaseImportance: Critical
        """
        filter_ = make_filter({'role-id': self.role['id'], 'permissions': self.perms})
        # Update with another role
        new_role = make_role()
        Filter.update({'id': filter_['id'], 'role-id': new_role['id']})
        filter_ = Filter.info({'id': filter_['id']})
        self.assertEqual(filter_['role'], new_role['name'])
Пример #26
0
    def test_positive_create_role_1(self, data):
        """@Test: Create new roles and assign to the custom user

        @Feature: Roles

        @Assert: Assert creation of roles

        """
        try:
            role = make_role({'name': data})
        except CLIFactoryError as err:
            self.fail(err)
        self.assertEqual(
            role['name'],
            data, "Input and output name should be consistent")
Пример #27
0
    def test_positive_update_name(self):
        """Create new role and update its name

        :id: 3ce1b337-fd52-4460-b8a8-df49c94ffed1

        :expectedresults: Role is created and its name is updated

        :CaseImportance: Critical
        """
        role = make_role({'name': gen_string('alpha', 15)})
        for new_name in generate_strings_list(length=10):
            with self.subTest(new_name):
                Role.update({'id': role['id'], 'new-name': new_name})
                role = Role.info({'id': role['id']})
                self.assertEqual(role['name'], new_name)
Пример #28
0
    def test_positive_CRUD(self):
        """Create new user group with valid elements that attached group.
           List the user group, update and delete it.

        :id: bacef0e3-31dd-4991-93f7-f54fbe64d0f0

        :expectedresults: User group is created, listed, updated and
             deleted successfully.

        :CaseImportance: Critical
        """
        user = make_user()
        ug_name = random.choice(list(valid_data_list().values()))
        role_name = random.choice(list(valid_data_list().values()))
        role = make_role({'name': role_name})
        sub_user_group = make_usergroup()

        # Create
        user_group = make_usergroup({
            'user-ids': user['id'],
            'name': ug_name,
            'role-ids': role['id'],
            'user-group-ids': sub_user_group['id'],
        })

        self.assertEqual(user_group['name'], ug_name)
        self.assertEqual(user_group['users'][0], user['login'])
        self.assertEqual(len(user_group['roles']), 1)
        self.assertEqual(user_group['roles'][0], role_name)
        self.assertEqual(user_group['user-groups'][0]['usergroup'],
                         sub_user_group['name'])

        # List
        result_list = UserGroup.list(
            {'search': 'name={0}'.format(user_group['name'])})
        self.assertTrue(len(result_list) > 0)
        self.assertTrue(UserGroup.exists(search=('name', user_group['name'])))

        # Update
        new_name = random.choice(list(valid_data_list().values()))
        UserGroup.update({'id': user_group['id'], 'new-name': new_name})
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(user_group['name'], new_name)

        # Delete
        UserGroup.delete({'name': user_group['name']})
        with self.assertRaises(CLIReturnCodeError):
            UserGroup.info({'name': user_group['name']})
Пример #29
0
    def test_positive_update_name(self):
        """Create new role and update its name

        @id: 3ce1b337-fd52-4460-b8a8-df49c94ffed1

        @Assert: Role is created and its name is updated
        """
        role = make_role({'name': gen_string('alpha', 15)})
        for new_name in generate_strings_list(length=10):
            with self.subTest(new_name):
                Role.update({
                    'id': role['id'],
                    'new-name': new_name,
                })
                role = Role.info({'id': role['id']})
                self.assertEqual(role['name'], new_name)
Пример #30
0
    def test_positive_create_with_role_name(self):
        """Create new user group using valid role attached to that group. Use
        role name as a parameter

        :id: 47fb3037-f48a-4f99-9a50-792b0fd77569

        :expectedresults: User group is created successfully.

        :CaseImportance: Critical
        """
        for role_name in valid_data_list():
            with self.subTest(role_name):
                role = make_role({'name': role_name})
                user_group = make_usergroup({'roles': role['name']})
                self.assertEqual(len(user_group['roles']), 1)
                self.assertEqual(user_group['roles'][0], role_name)
Пример #31
0
    def test_positive_add_role_by_name(self):
        """Create new user group and new role. Then add created role to user
        group by name

        @Feature: Usergroup

        @Assert: Role is added to user group successfully.
        """
        role = make_role()
        user_group = make_usergroup()
        UserGroup.add_role({
            'id': user_group['id'],
            'role': role['name'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(user_group['roles'][0], role['name'])
Пример #32
0
    def test_positive_update_role_1(self):
        """@Test: Update roles after creating them

        @Feature: Roles

        @Assert: Assert updating of roles
        """
        role = make_role({'name': gen_string('alpha', 15)})
        for new_name in generate_strings_list(length=10):
            with self.subTest(new_name):
                Role.update({
                    'id': role['id'],
                    'new-name': new_name,
                })
                role = Role.info({'id': role['id']})
                self.assertEqual(role['name'], new_name)
Пример #33
0
    def test_positive_update_name(self):
        """Create new role and update its name

        @Feature: Roles

        @Assert: Role is created and its name is updated
        """
        role = make_role({'name': gen_string('alpha', 15)})
        for new_name in generate_strings_list(length=10):
            with self.subTest(new_name):
                Role.update({
                    'id': role['id'],
                    'new-name': new_name,
                })
                role = Role.info({'id': role['id']})
                self.assertEqual(role['name'], new_name)
Пример #34
0
    def test_positive_update_name(self):
        """@Test: Create new role and update its name

        @Feature: Roles

        @Assert: Role is created and its name is updated
        """
        role = make_role({'name': gen_string('alpha', 15)})
        for new_name in generate_strings_list(length=10):
            with self.subTest(new_name):
                Role.update({
                    'id': role['id'],
                    'new-name': new_name,
                })
                role = Role.info({'id': role['id']})
                self.assertEqual(role['name'], new_name)
Пример #35
0
    def test_positive_create_with_role_name(self):
        """Create new user group using valid role attached to that group. Use
        role name as a parameter

        :id: 47fb3037-f48a-4f99-9a50-792b0fd77569

        :expectedresults: User group is created successfully.

        :CaseImportance: Critical
        """
        for role_name in valid_data_list():
            with self.subTest(role_name):
                role = make_role({'name': role_name})
                user_group = make_usergroup({'roles': role['name']})
                self.assertEqual(len(user_group['roles']), 1)
                self.assertEqual(user_group['roles'][0], role_name)
Пример #36
0
    def test_positive_add_role_by_name(self):
        """Create new user group and new role. Then add created role to user
        group by name

        @Feature: Usergroup

        @Assert: Role is added to user group successfully.
        """
        role = make_role()
        user_group = make_usergroup()
        UserGroup.add_role({
            'id': user_group['id'],
            'role': role['name'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(user_group['roles'][0], role['name'])
Пример #37
0
    def test_positive_list_filters_with_pagination(self):
        """Make sure filters list can be displayed with different items per
        page value

        :id: b9c7c6c1-70c2-4d7f-8d36-fa8613acc865

        :BZ: 1428516

        :expectedresults: `per-page` correctly sets amount of items displayed
            per page, different `per-page` values divide a list into correct
            number of pages

        :CaseImportance: Critical
        """
        role = make_role()
        res_types = iter(PERMISSIONS.keys())
        permissions = []
        # Collect more than 20 different permissions
        while len(permissions) <= 20:
            permissions += [
                permission['name']
                for permission in Filter.available_permissions(
                    {"search": f"resource_type={next(res_types)}"})
            ]
        # Create a filter for each permission
        for perm in permissions:
            make_filter({'role': role['name'], 'permissions': perm})
        # Test different `per-page` values
        for per_page in (1, 5, 20):
            with self.subTest(per_page):
                # Verify the first page contains exactly the same items count
                # as `per-page` value
                filters = Role.filters({
                    'name': role['name'],
                    'per-page': per_page
                })
                self.assertEqual(len(filters), per_page)
                # Verify pagination and total amount of pages by checking the
                # items count on the last page
                last_page = ceil(len(permissions) / per_page)
                filters = Role.filters({
                    'name': role['name'],
                    'page': last_page,
                    'per-page': per_page
                })
                self.assertEqual(len(filters),
                                 len(permissions) % per_page or per_page)
Пример #38
0
def test_positive_CRUD():
    """Create new user group with valid elements that attached group.
       List the user group, update and delete it.

    :id: bacef0e3-31dd-4991-93f7-f54fbe64d0f0

    :expectedresults: User group is created, listed, updated and
         deleted successfully.

    :CaseImportance: Critical
    """
    user = make_user()
    ug_name = random.choice(valid_usernames_list())
    role_name = random.choice(valid_usernames_list())
    role = make_role({'name': role_name})
    sub_user_group = make_usergroup()

    # Create
    user_group = make_usergroup({
        'user-ids': user['id'],
        'name': ug_name,
        'role-ids': role['id'],
        'user-group-ids': sub_user_group['id'],
    })

    assert user_group['name'] == ug_name
    assert user_group['users'][0] == user['login']
    assert len(user_group['roles']) == 1
    assert user_group['roles'][0] == role_name
    assert user_group['user-groups'][0]['usergroup'] == sub_user_group['name']

    # List
    result_list = UserGroup.list(
        {'search': 'name={}'.format(user_group['name'])})
    assert len(result_list) > 0
    assert UserGroup.exists(search=('name', user_group['name']))

    # Update
    new_name = random.choice(valid_usernames_list())
    UserGroup.update({'id': user_group['id'], 'new-name': new_name})
    user_group = UserGroup.info({'id': user_group['id']})
    assert user_group['name'] == new_name

    # Delete
    UserGroup.delete({'name': user_group['name']})
    with pytest.raises(CLIReturnCodeError):
        UserGroup.info({'name': user_group['name']})
Пример #39
0
    def test_positive_add_and_remove_elements(self):
        """Create new user group. Add and remove several element from the group.

        :id: a4ce8724-d3c8-4c00-9421-aaa40394134d

        :BZ: 1395229

        :expectedresults: Elements are added to user group and then removed
                          successfully.

        :CaseLevel: Integration
        """
        role = make_role()
        user_group = make_usergroup()
        user = make_user()
        sub_user_group = make_usergroup()

        # Add elements by id
        UserGroup.add_role({'id': user_group['id'], 'role-id': role['id']})
        UserGroup.add_user({'id': user_group['id'], 'user-id': user['id']})
        UserGroup.add_user_group({
            'id': user_group['id'],
            'user-group-id': sub_user_group['id']
        })

        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(len(user_group['roles']), 1)
        self.assertEqual(user_group['roles'][0], role['name'])
        self.assertEqual(len(user_group['users']), 1)
        self.assertEqual(user_group['users'][0], user['login'])
        self.assertEqual(len(user_group['user-groups']), 1)
        self.assertEqual(user_group['user-groups'][0]['usergroup'],
                         sub_user_group['name'])

        # Remove elements by name
        UserGroup.remove_role({'id': user_group['id'], 'role': role['name']})
        UserGroup.remove_user({'id': user_group['id'], 'user': user['login']})
        UserGroup.remove_user_group({
            'id': user_group['id'],
            'user-group': sub_user_group['name']
        })

        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(len(user_group['roles']), 0)
        self.assertEqual(len(user_group['users']), 0)
        self.assertEqual(len(user_group['user-groups']), 0)
Пример #40
0
    def test_positive_remove_role_by_name(self):
        """Create new user group using valid role attached to that group. Then
        remove that role from user group by name

        @Feature: Usergroup

        @Assert: Role is removed from user group successfully.
        """
        role = make_role()
        user_group = make_usergroup({'role-ids': role['id']})
        self.assertEqual(len(user_group['roles']), 1)
        UserGroup.remove_role({
            'id': user_group['id'],
            'role': role['name'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(len(user_group['roles']), 0)
Пример #41
0
    def test_positive_remove_role_by_name(self):
        """Create new user group using valid role attached to that group. Then
        remove that role from user group by name

        @Feature: Usergroup

        @Assert: Role is removed from user group successfully.
        """
        role = make_role()
        user_group = make_usergroup({'role-ids': role['id']})
        self.assertEqual(len(user_group['roles']), 1)
        UserGroup.remove_role({
            'id': user_group['id'],
            'role': role['name'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(len(user_group['roles']), 0)
Пример #42
0
    def test_custom_personal_access_token_role(self, default_sat):
        """Personal access token for non admin user with custom role

        :id: dcbd22df-2641-4d3e-a1ad-76f36642e31b

        :steps:
            1. Create role with PAT and View Users
            2. Create non admin user and assign the role
            3. Create PAT for the user and test with the end point
            4. Revoke the token and then test for end point.

        :expectedresults: Non admin user is able to view only the assigned entity

        :CaseLevel: System

        :CaseImportance: High

        :BZ: 1974685, 1996048
        """
        role = make_role()
        permissions = [
            permission['name']
            for permission in Filter.available_permissions(
                {'search': 'resource_type=PersonalAccessToken'}
            )
        ]
        permissions = ','.join(permissions)
        make_filter({'role-id': role['id'], 'permissions': permissions})
        make_filter({'role-id': role['id'], 'permissions': 'view_users'})
        user = make_user()
        User.add_role({'login': user['login'], 'role': role['name']})
        token_name = gen_alphanumeric()
        result = User.access_token(
            action="create", options={'name': token_name, 'user-id': user['id']}
        )
        token_value = result[0]['message'].split(':')[-1]
        command_output = default_sat.execute(
            f'curl -k -u {user["login"]}:{token_value} {default_sat.url}/api/v2/users'
        )
        assert user['login'] in command_output.stdout
        assert user['email'] in command_output.stdout
        User.access_token(action="revoke", options={'name': token_name, 'user-id': user['id']})
        command_output = default_sat.execute(
            f'curl -k -u {user["login"]}:{token_value} {default_sat.url}/api/v2/users'
        )
        assert f'Unable to authenticate user {user["login"]}' in command_output.stdout
Пример #43
0
    def test_positive_add_role_by_name(self):
        """Create new user group and new role. Then add created role to user
        group by name

        :id: 181bf2d5-0650-4fb0-890c-475eac3306a2

        :expectedresults: Role is added to user group successfully.

        :CaseLevel: Integration
        """
        role = make_role()
        user_group = make_usergroup()
        UserGroup.add_role({
            'id': user_group['id'],
            'role': role['name'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(user_group['roles'][0], role['name'])
Пример #44
0
    def test_positive_create_with_filter(self):
        """Create new role with a filter

        :id: 6c99ee25-4e58-496c-af42-f8ad2da6cf07

        :expectedresults: Role is created and correct filter is assigned

        :CaseImportance: Critical
        """
        role = make_role()
        # Pick permissions by its resource type
        permissions = [
            permission['name']
            for permission in Filter.available_permissions({'resource-type': 'Organization'})
        ]
        # Assign filter to created role
        filter_ = make_filter({'role-id': role['id'], 'permissions': permissions})
        self.assertEqual(role['name'], filter_['role'])
Пример #45
0
    def test_positive_add_role_by_name(self):
        """Create new user group and new role. Then add created role to user
        group by name

        :id: 181bf2d5-0650-4fb0-890c-475eac3306a2

        :expectedresults: Role is added to user group successfully.

        :CaseLevel: Integration
        """
        role = make_role()
        user_group = make_usergroup()
        UserGroup.add_role({
            'id': user_group['id'],
            'role': role['name'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(user_group['roles'][0], role['name'])
Пример #46
0
    def test_positive_add_role_by_id(self):
        """Create new user group and new role. Then add created role to user
        group by id

        :id: a4ce8724-d3c8-4c00-9421-aaa40394134d

        :expectedresults: Role is added to user group successfully.

        :CaseLevel: Integration
        """
        role = make_role()
        user_group = make_usergroup()
        UserGroup.add_role({
            'id': user_group['id'],
            'role-id': role['id'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(user_group['roles'][0], role['name'])
Пример #47
0
    def test_positive_create_with_permission(self):
        """Create new role with a set of permission

        :id: 7cb2b2e2-ad4d-41e9-b6b2-c0366eb09b9a

        :expectedresults: Role is created and has correct set of permissions

        :CaseImportance: Critical
        """
        role = make_role()
        # Pick permissions by its resource type
        permissions = [
            permission['name']
            for permission in Filter.available_permissions({"search": "resource_type=Organization"})
        ]
        # Assign filter to created role
        make_filter({'role-id': role['id'], 'permissions': permissions})
        assert set(Role.filters({'id': role['id']})[0]['permissions']) == set(permissions)
Пример #48
0
    def test_positive_add_role_by_id(self):
        """Create new user group and new role. Then add created role to user
        group by id

        :id: a4ce8724-d3c8-4c00-9421-aaa40394134d

        :expectedresults: Role is added to user group successfully.

        :CaseLevel: Integration
        """
        role = make_role()
        user_group = make_usergroup()
        UserGroup.add_role({
            'id': user_group['id'],
            'role-id': role['id'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(user_group['roles'][0], role['name'])
Пример #49
0
    def test_positive_remove_role_by_id(self):
        """Create new user group using valid role attached to that group. Then
        remove that role from user group by id

        :id: f086e7f0-4a24-4097-8ec6-3f698ac926ba

        :expectedresults: Role is removed from user group successfully.

        :CaseLevel: Integration
        """
        role = make_role()
        user_group = make_usergroup({'role-ids': role['id']})
        self.assertEqual(len(user_group['roles']), 1)
        UserGroup.remove_role({
            'id': user_group['id'],
            'role-id': role['id'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(len(user_group['roles']), 0)
Пример #50
0
    def test_positive_remove_role_by_name(self):
        """Create new user group using valid role attached to that group. Then
        remove that role from user group by name

        :id: 0a5fdeaf-a05f-4153-b2c8-c5f8745cbb80

        :expectedresults: Role is removed from user group successfully.

        :CaseLevel: Integration
        """
        role = make_role()
        user_group = make_usergroup({'role-ids': role['id']})
        self.assertEqual(len(user_group['roles']), 1)
        UserGroup.remove_role({
            'id': user_group['id'],
            'role': role['name'],
        })
        user_group = UserGroup.info({'id': user_group['id']})
        self.assertEqual(len(user_group['roles']), 0)
Пример #51
0
    def test_positive_list_filters_by_id(self):
        """Create new role with a filter and list it by role id

        :id: 6979ad8d-629b-481e-9d3a-8f3b3bca53f9

        :expectedresults: Filter is listed for specified role

        :CaseImportance: Critical
        """
        role = make_role()
        # Pick permissions by its resource type
        permissions = [
            permission['name']
            for permission in Filter.available_permissions({"search": "resource_type=Organization"})
        ]
        # Assign filter to created role
        filter_ = make_filter({'role-id': role['id'], 'permissions': permissions})
        assert role['name'] == filter_['role']
        assert Role.filters({'id': role['id']})[0]['id'] == filter_['id']
Пример #52
0
    def test_positive_list_filters_by_name(self):
        """Create new role with a filter and list it by role name

        :id: bbcb3982-f484-4dde-a3ea-7145fd28ab1f

        :expectedresults: Filter is listed for specified role

        :CaseImportance: Critical
        """
        role = make_role()
        # Pick permissions by its resource type
        permissions = [
            permission['name']
            for permission in Filter.available_permissions({"search": "resource_type=Organization"})
        ]
        # Assign filter to created role
        filter_ = make_filter({'role': role['name'], 'permissions': permissions})
        assert role['name'] == filter_['role']
        assert Role.filters({'name': role['name']})[0]['id'] == filter_['id']
Пример #53
0
 def make_role_with_permissions(self):
     """Create new role with a filter"""
     role = make_role()
     res_types = iter(PERMISSIONS.keys())
     permissions = []
     # Collect more than 20 different permissions
     while len(permissions) <= 20:
         permissions += [
             permission['name']
             for permission in Filter.available_permissions(
                 {"search": f"resource_type={next(res_types)}"})
         ]
     # Create a filter for each permission
     for perm in permissions:
         make_filter({'role': role['name'], 'permissions': perm})
     return {
         'role': role,
         'permissions': permissions,
     }
Пример #54
0
def test_positive_automate_bz1426957(ldap_auth_source, function_user_group):
    """Verify role is properly reflected on AD user.

    :id: 1c1209a6-5bb8-489c-a151-bb2fce4dbbfc

    :parametrized: yes

    :expectedresults: Roles from usergroup is applied on AD user successfully.

    :customerscenario: true

    :CaseLevel: Integration

    :BZ: 1426957, 1667704
    """
    ext_user_group = make_usergroup_external({
        'auth-source-id':
        ldap_auth_source[1].id,
        'user-group-id':
        function_user_group['id'],
        'name':
        'foobargroup',
    })
    assert ext_user_group['auth-source'] == ldap_auth_source[1].name
    role = make_role()
    UserGroup.add_role({
        'id': function_user_group['id'],
        'role-id': role['id']
    })
    Task.with_user(
        username=ldap_auth_source[0]['ldap_user_name'],
        password=ldap_auth_source[0]['ldap_user_passwd'],
    ).list()
    UserGroupExternal.refresh({
        'user-group-id': function_user_group['id'],
        'name': 'foobargroup'
    })
    assert (role['name']
            in User.info({'login': ldap_auth_source[0]['ldap_user_name']
                          })['user-groups'])
    User.delete({'login': ldap_auth_source[0]['ldap_user_name']})
    LDAPAuthSource.delete({'id': ldap_auth_source[1].id})
Пример #55
0
    def test_positive_list_with_non_admin_user(self,
                                               session_puppet_enabled_sat,
                                               module_puppet):
        """List all the parameters for specific puppet class by id.

        :id: 00fbf150-34fb-45d0-80e9-d5798d24a24f

        :expectedresults: Parameters listed for specific Puppet class.

        :BZ: 1391556

        :CaseImportance: Medium
        """
        password = gen_string('alpha')
        required_user_permissions = {
            'ForemanPuppet::Puppetclass': {
                'permissions': ['view_puppetclasses']
            },
            'ForemanPuppet::PuppetclassLookupKey': {
                'permissions': [
                    'view_external_parameters',
                    'create_external_parameters',
                    'edit_external_parameters',
                    'destroy_external_parameters',
                ]
            },
        }
        user = make_user({'admin': '0', 'password': password})
        role = make_role()
        add_role_permissions(role['id'], required_user_permissions)
        # Add the created and initiated role with permissions to user
        session_puppet_enabled_sat.cli.User.add_role({
            'id': user['id'],
            'role-id': role['id']
        })
        sc_params = session_puppet_enabled_sat.cli.SmartClassParameter.with_user(
            user['login'],
            password).list({'puppet-class-id': module_puppet['class']['id']})
        assert len(sc_params) > 0
        # Check that only unique results are returned
        assert len(sc_params) == len({scp['id'] for scp in sc_params})
Пример #56
0
    def test_positive_crud_with_name(self, name, new_name):
        """Create new role with provided name, update name and delete role by ID

        :id: f77b8e84-e964-4007-b12b-142949134d8b

        :parametrized: yes

        :expectedresults: Role is created and has correct name, its name is updated
            and then deleted by ID

        :BZ: 1138553

        :CaseImportance: Critical
        """
        role = make_role({'name': name})
        assert role['name'] == name
        Role.update({'id': role['id'], 'new-name': new_name})
        role = Role.info({'id': role['id']})
        assert role['name'] == new_name
        Role.delete({'id': role['id']})
        with pytest.raises(CLIReturnCodeError):
            Role.info({'id': role['id']})
Пример #57
0
    def test_positive_create_with_multiple_elements(self):
        """Create new user group using multiple users, roles and user
           groups attached to that group.

        :id: 3b0a3c3c-aab2-4e8a-b043-7462621c7333

        :expectedresults: User group is created successfully and contains all
            expected elements.

        :CaseImportance: Critical
        """
        count = 2
        users = [make_user()['login'] for _ in range(count)]
        roles = [make_role()['name'] for _ in range(count)]
        sub_user_groups = [make_usergroup()['name'] for _ in range(count)]
        user_group = make_usergroup(
            {'users': users, 'roles': roles, 'user-groups': sub_user_groups}
        )
        self.assertEqual(sorted(users), sorted(user_group['users']))
        self.assertEqual(sorted(roles), sorted(user_group['roles']))
        self.assertEqual(
            sorted(sub_user_groups), sorted([ug['usergroup'] for ug in user_group['user-groups']]),
        )
Пример #58
0
    def test_positive_create_with_permission(self):
        """Create new role with a set of permission

        @id: 7cb2b2e2-ad4d-41e9-b6b2-c0366eb09b9a

        @assert: Role is created and has correct set of permissions
        """
        role = make_role()
        # Pick permissions by its resource type
        permissions = [
            permission['name']
            for permission in Filter.available_permissions(
                {'resource-type': 'Organization'})
            ]
        # Assign filter to created role
        make_filter({
            'role-id': role['id'],
            'permissions': permissions,
        })
        self.assertEqual(
            Role.filters({'id': role['id']})[0]['permissions'],
            permissions
        )
Пример #59
0
    def test_positive_automate_bz1426957(self):
        """Verify role is properly reflected on AD user.

        :id: 1c1209a6-5bb8-489c-a151-bb2fce4dbbfc

        :expectedresults: Roles from usergroup is applied on AD user successfully.

        :CaseLevel: Integration

        :BZ: 1426957, 1667704
        """
        ext_user_group = make_usergroup_external({
            'auth-source-id':
            self.auth['server']['id'],
            'user-group-id':
            self.user_group['id'],
            'name':
            'foobargroup'
        })
        self.assertEqual(ext_user_group['auth-source'],
                         self.auth['server']['name'])
        role = make_role()
        UserGroup.add_role({
            'id': self.user_group['id'],
            'role-id': role['id']
        })
        with self.assertNotRaises(CLIReturnCodeError):
            Task.with_user(username=self.ldap_user_name,
                           password=self.ldap_user_passwd).list()
            UserGroupExternal.refresh({
                'user-group-id': self.user_group['id'],
                'name': 'foobargroup'
            })
        self.assertEqual(
            User.info({'login': self.ldap_user_name})['user-groups'][1],
            role['name'])
        User.delete({'login': self.ldap_user_name})
Пример #60
0
 def roles_helper():
     """Generator funcion which creates several Roles to be used on
     tests
     """
     for role_name in valid_usernames_list() + include_list:
         yield make_role({'name': role_name})