def test_system_default_management_port(core_session, network_device_setup, core_admin_ui): """ TC: C2607 - System default management port :param core_session: Authenticated Centrify session. :param network_device_setup: Adds a network with account and returns UUID of both. :param core_admin_ui: Authenticated Centrify browser session. """ system_id, account_id, device_data, system_list, account_list = network_device_setup( 'paloalto') system_info = RedrockController.get_computer_with_ID( core_session, system_id) ui = core_admin_ui ui.navigate('Resources', 'Systems') ui.search(system_info['Name']) ui.click_row(GridRowByGuid(system_id)) ui.tab('Settings') ui.input("ManagementPort", "1") ui.save() ui.expect(TextField('ManagementPort'), "Unable to locate management port input").clear() ui.save() management_port = RedrockController.get_computer_with_ID( core_session, system_id)['ManagementPort'] assert management_port is None, "Management port value isn't 443 i.e. default." logger.info( f'Management port value retrieved via API is {management_port} i.e. placeholder 443 in UI.' )
def test_add_managed_proxy_account(core_session, pas_windows_setup): """ :param core_session: Authenticated Centrify Session. :param pas_windows_setup: Fixture for adding a system and an account associated with it. TC: C2537 - Add system with managed account and Proxy account with WinRM https settings trying to Add system with managed account and Proxy account with WinRM https settings Steps: Pre: Create system with 1 manage and proxy account 1. Try to fetch the management mode in setting page -Assert Failure 2. Try to check out password from account -Assert Failure """ system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup(True, True) logger.info(f"System: {sys_info[0]} successfully added with UUID: {system_id} and account: {sys_info[4]} " f"with UUID: {account_id} associated with it.") managementmode = RedrockController.get_computer_with_ID(core_session, system_id) assert managementmode['ManagementMode'] == "WinRMOverHttps", \ f"management mode is failed because of system doesnt have proxy account. API response result: {managementmode}" logger.info(f"Fetch management mode successfully: {managementmode['ManagementMode']}") password_checkout_result, password_checkout_success = ResourceManager.check_out_password(core_session, 1, accountid=account_id) assert password_checkout_result['Password'] is not user_password, \ f"password checkout Failed. API response result: {password_checkout_result}" logger.info(f"password successfully checkout Account password: {password_checkout_result['COID']}")
def test_system_with_managed_account(core_session, setup_pas_system_for_unix): """ Test case : C279339 :param core_session: Centrify session manager :param setup_pas_system_for_unix: fixture that provide created unix system data """ system_id, account_id, system_info = setup_pas_system_for_unix system_rows = RedrockController.get_computer_with_ID( core_session, system_id) assert system_rows['Name'] == system_info[ 0], f"failed to find system {system_info[0]} in portal as returned system result is {system_rows}" logger.info(f"system found {system_rows}") account, status = ResourceManager.get_accounts_from_resource( core_session, system_id) assert status, f"failed to find accounts in system {system_info[0]} as returned account result is {account}" logger.info(f"Account found {account}") # Fetching account information to validate desired account is unmanaged result, status = ResourceManager.get_account_information( core_session, account_id) assert status, f"failed to retrieve account information, returned result is {result}" is_managed = result['VaultAccount']['Row']['IsManaged'] assert is_managed is False, f"Added account is not managed account"
def test_import_system_and_health_check(core_session, pas_windows_setup): """ C1554 : Import system and check health :param core_session: Authenticated Centrify Session. :param pas_windows_setup: """ system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup() system_details = RedrockController.get_computer_with_ID(core_session, system_id) system_counter = 1 while system_counter < 60: if system_details['HealthStatus'] == 'OK' and system_details['LastHealthCheck']: break system_counter += 1 ResourceManager.get_date(system_details['LastHealthCheck']) assert system_details['HealthStatus'] == 'OK', "System not reachable because connector is not up." logger.info(f"System is reachable successfully: {system_details}") account_counter = 1 account_details = None while account_counter < 60: account_details = ResourceManager.get_account_information(core_session, account_id) if account_details[0]['VaultAccount']['Row']['Healthy'] == 'OK' and \ account_details[0]['VaultAccount']['Row']['LastHealthCheck']: break account_counter += 1 ResourceManager.get_date(account_details[0]['VaultAccount']['Row']['LastHealthCheck']) assert account_details[0]['VaultAccount']['Row']['Healthy'] == 'OK', \ "System not reachable because connector is not up." logger.info(f"Account is reachable successfully: {account_details}")
def test_add_system_account_with_win_rm(core_session, pas_windows_setup): """C2536 Add system with managed account with WinRM http setting validate the added Account with win rm and check out password after 5 minutes""" # Getting system details. system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup( True) # Verifying Default management mode should be 'RpcOverTcp' system_rows = RedrockController.get_computer_with_ID( core_session, system_id) assert system_rows[ 'ManagementMode'] == 'RpcOverTcp', "Default Management mode is not RpcOverTcp" logger.info("Default Management mode is RPC Over TCP") # Checkout Password checkout_password_result, checkout_password_success = ResourceManager. \ check_out_password(core_session, lifetime=1, accountid=account_id) assert checkout_password_success, f"Failed to checkout password due to {checkout_password_result}" logger.info("Password checkout successfully") assert checkout_password_result[ 'Password'] != user_password, "Password is same after adding managed account" logger.info("Password updated after adding managed account") success, response = ResourceManager.update_system( core_session, system_id, sys_info[0], sys_info[1], 'Windows', proxycollectionlist=connector_id, chooseConnector="on", managementmode="WinRMOverHttp") assert success, "Failed to update system" logger.info(f"Successfully updated system '{sys_info[0]}'") # Adding account in portal. acc_result, acc_success = ResourceManager.add_account( core_session, sys_info[6], password=user_password, host=system_id, ismanaged=True) assert acc_success, f"Failed to add account in the portal: {acc_result}" logger.info(f"Successfully added account {sys_info[6]} in the portal") # Checkout Password after changing management mode to WinRMOverHttp checkout_password_winrm, checkout_password_success = ResourceManager. \ check_out_password(core_session, lifetime=1, accountid=acc_result) assert checkout_password_success, f"Failed to checkout password due to {checkout_password_winrm}" logger.info("Password checkout successfully") assert checkout_password_winrm[ 'Password'] != user_password, "Password is same after adding managed account" logger.info("Password updated after adding managed account")
def test_delete_administrative_account(core_session, network_device_setup): """ TC: C2623 - Delete administrative account :param core_session: Authenticated Centrify session. :param network_device_setup: Adds a network with account and returns UUID of both. """ system_id, account_id, device_data, system_list, account_list = network_device_setup( 'checkpoint') system_info = RedrockController.get_computer_with_ID( core_session, system_id) # setting up Admin account for system result, success, message = ResourceManager.set_system_administrative_account( core_session, system_id, account_id) assert success, f"Failed to update Administrative account for system {system_info['Name']}" logger.info( f"Successfully added an administrative account for system {system_info['Name']}" ) # deleting administrative account del_result, del_success = ResourceManager.del_account( core_session, account_id) assert del_success is False, f"Admin account deleted successfully, unexpected behaviour as Admin account " \ f"should not be deleted. API response result: {del_success}" logger.info( f'Admin account could not be deleted as expected, API response result: {del_success}' ) # finding all systems for cleanup: acc_script = "@/lib/server/get_accounts.js(mode:'AllAccounts', newcode:true, localOnly:true, colmemberfilter:" \ "'Select ID from VaultAccount WHERE Host IS NOT NULL')" acc = RedrockController.redrock_query(core_session, acc_script) for account in acc: if account['Row']['FQDN'] == "Check.Point": # Removing Admin Account for successful cleanup of system and account result, success, message = ResourceManager.set_administrative_account( core_session, systems=[account['Row']['Host']]) assert success, f"Failed to update Administrative account for system {account['Row']['Name']}" # Removing Admin Account for successful cleanup of system and account ResourceManager.update_system( core_session, account['Row']['Host'], account['Row']['Name'], account['Row']['FQDN'], 'CheckPointGaia', sessiontype=account['Row']['SessionType']) # deleting administrative account from this system ResourceManager.del_account(core_session, account['Row']['ID']) # Removing Admin Account for successful cleanup of system and account result, success, message = ResourceManager.set_administrative_account( core_session, systems=[account['Row']['Host']]) assert success, f"Failed to update Administrative account for system {account['Row']['Name']}"
def test_add_system_with_hostname_without_account(core_session, add_single_system): """ Test case : C279338 :param core_session: Centrify session manager :param add_single_system: add system and provide it's ID and system basic information :return: """ system_id, system_info = add_single_system system_rows = RedrockController.get_computer_with_ID(core_session, system_id) assert system_rows['Name'] == system_info[0], f"failed to find system {system_info[0]} in portal, returned row is {system_rows} " logger.info(f"system found {system_rows}")
def test_system_health_check(core_session, pas_windows_setup): """ C1553 : Add System :param core_session: Authenticated Centrify Session. :param pas_windows_setup: Creates system with account """ sys_info = pas_windows_setup() system_details = RedrockController.get_computer_with_ID(core_session, sys_info[0]) ResourceManager.get_date(system_details['LastHealthCheck']) assert system_details['HealthStatus'] == 'OK', "Remote System is not reachable either system is down or system " \ "could not configured properly. " logger.info(f"System is reachable successfully: {system_details}")
def test_linux_system_health_check(core_session, setup_pas_system_for_unix): """ C1556 : Linux system health check :param core_session: Authenticated Centrify Session. :param setup_pas_system_for_unix: create one system and return details associated to it. """ system_info = setup_pas_system_for_unix system_details = RedrockController.get_computer_with_ID( core_session, system_info[0]) ResourceManager.get_date(system_details['LastHealthCheck']) assert system_details['HealthStatus'] == 'OK', "Remote System is not reachable either system is down or system " \ "could not configured properly. " logger.info(f"Remote System is reachable successfully: {system_details}")
def test_add_account_without_configuration_proxy_account( core_session, pas_config): """ TC:C2212 Add account without configuration proxy account. :param core_session: Returns a API session. :param pas_config: Read yaml data. """ # Adding a system without proxy. payload_data = pas_config['Windows_infrastructure_data'] system_name = f'{payload_data["system_name"]}{guid()}' added_system_id, system_success_status = ResourceManager.add_system( core_session, system_name, payload_data['FQDN'], payload_data['system_class'], payload_data['session_type'], payload_data['description']) assert system_success_status, f'Adding system failed returned status {system_success_status}' logger.info(f'Successfully created system:{added_system_id}') # Validating that no proxy account has added to the system. system_details = RedrockController.get_computer_with_ID( core_session, added_system_id) assert system_details['ProxyUser'] is None, \ f'Expect proxy account none in computer info but found one: {system_details} ' logger.info( "Successfully do not found 'Use proxy account' in on pop-up box.")
def test_save_changes_clicking_other_tab(core_session, setup_pas_system_for_unix, core_admin_ui): """ TC:C2186 Save the changes after clicking other tabs. :param core_ui: Return a browser session. :param core_session: Return API session. :param: pas_setup: Returning a fixture. """ # Adding a system with account. created_system_id, created_account_id, sys_info = setup_pas_system_for_unix system_name = sys_info[0] # Launch UI. ui = core_admin_ui ui.navigate('Resources', 'Systems') ui.search(system_name) ui.click_row(GridRowByGuid(created_system_id)) ui.tab('Settings') modified_system_name = f'UnixServer{guid()}' ui.input('Name', modified_system_name) ui.save() # Validating that system name is modified. system_rows = RedrockController.get_computer_with_ID(core_session, created_system_id) assert system_rows['Name'] == modified_system_name, f'Failed to modify system name:{system_rows}' logger.info('Successfully modified system name.')
def test_update_manage_account_win_rm(pas_config, winrm_engine, core_session, remote_users_qty1, cleanup_accounts, test_proxy, cleanup_resources): """ :param pas_config: to get the data from yaml files. :param remote_users_qty1: to create a manage account in windows system :param cleanup_resources: cleanup the system from portal :param cleanup_accounts: cleanup the accounts from portal :param winrm_engine: session to update manage account :param core_session: Authenticated Centrify Session. TC: C2551 - Update managed account password with winRM https configured trying to Update managed account password with winRM https configured Steps: Pre: Create system with 1 proxy and manage account hand 1. Try to update invalid password for manage account -Assert Failure """ sys_details = pas_config system_data_values = sys_details['Windows_infrastructure_data'] add_user_in_target_system = remote_users_qty1 password = "******" # set a different password for the user update_user_password(winrm_engine, add_user_in_target_system[0], password) system_list = cleanup_resources[0] accounts_list = cleanup_accounts[0] # Getting system details. sys_name = f'{"Win-2012"}{guid()}' # Adding system. add_sys_result, add_sys_success = ResourceManager.add_system( core_session, sys_name, system_data_values['FQDN'], 'Windows', "Rdp") assert add_sys_success, f"failed to add system:API response result:{add_sys_result}" logger.info(f"Successfully added system:{add_sys_result}") system_list.append(add_sys_result) # Update system with management mode 'WinRMOverHttp'. update_sys_success, update_sys_result = ResourceManager.update_system( core_session, add_sys_result, sys_name, system_data_values['FQDN'], 'Windows', managementmode='WinRMOverHttps') assert update_sys_success, f'Fail to update the system:API response result: {update_sys_result}' logger.info(f"Successfully update the system:{update_sys_result}") # Adding account in portal. acc_result, acc_success = ResourceManager.add_account( core_session, add_user_in_target_system[0], password=password, host=add_sys_result, ismanaged=True) assert acc_success, f"Failed to add account in the portal: {acc_result}" logger.info( f"Successfully added account {add_user_in_target_system[0]} in the portal" ) accounts_list.append(acc_result) managementMode = RedrockController.get_computer_with_ID( core_session, add_sys_result) assert managementMode['ManagementMode'] == "WinRMOverHttps", \ f"management mode is failed because of system doesnt have proxy account. API response result: {managementMode}" logger.info( f"Fetch management mode successfully: {managementMode['ManagementMode']}" ) Result, success = ResourceManager.update_password(core_session, acc_result, guid()) assert success is False, f"Did not update password {Result}" logger.info(f"user not able to update password API response: {Result}")