def test_accounts_set_my_system_accounts(core_session, pas_windows_setup, users_and_roles, clean_up_collections):
"""
TC:C2067 Add account to set on "My System Accounts".
:param:core_session: Returns a API session.
:param:users_and_roles:Fixture to manage roles and user.
:param pas_windows_setup:Returns a fixture.
:param:clean_up_collections: Cleans up Set.
"""
# Creating a system and account.
system_id, account_id, sys_info, connector_id, user_password = pas_windows_setup()
# Cloud user session with "Privileged Access Service Administrator".
cloud_user_session = users_and_roles.get_session_for_user('Privileged Access Service Administrator')
user_name = cloud_user_session.auth_details['User']
user_id = cloud_user_session.auth_details['UserId']
# Assigning "Workspace Login" permission for account to limited user.
rights = "View,Login,UserPortalLogin"
assign_account_perm_res, assign_account_perm_success = \
ResourceManager.assign_account_permissions(core_session, rights, user_name, user_id, 'User', account_id)
assert assign_account_perm_success, f'Failed to assign "Workspace Login" permission:' \
f'API response result:{assign_account_perm_res}'
logger.info(f'Successfully "Workspace Login" of account permission to user"{assign_account_perm_res}"')
# Assigning "View" permission for system to limited user.
assign_system_perm_res, assign_system_perm_success = ResourceManager.assign_system_permissions(core_session,
"View",
user_name,
user_id,
'User',
system_id)
assert assign_system_perm_success, f'Failed to assign "View" permissions: ' \
f'API response result {assign_system_perm_res}.'
logger.info(f"Successfully assign system permission to user'{assign_system_perm_res}'")
# Getting the details from "My System Accounts" in workspace and validating account not in "My System Accounts"
# list.
workspace_result, workspace_success = ResourceManager.get_my_system_accounts_from_workspace(cloud_user_session)
assert sys_info[4] not in workspace_result, f'Could find the account:API response result:{workspace_result}'
logger.info("Failed to display on Account on workspace")
# Creating a set and adding a account to set.
account_set_name = f'Set_test{guid()}'
success, account_set_result = SetsManager.create_manual_collection(core_session, account_set_name,
'VaultAccount',
object_ids=[account_id])
assert success, f"Failed to create system set {account_set_result}"
logger.info(f'Successfully created set:{account_set_result}')
# Getting the details of created_account_set in Accounts page and validating account is in created set.
account_set_details = RedrockController.get_set_account_details(core_session, account_id=account_id,
set_id=account_set_result)
assert account_set_details[0]['User'] == sys_info[4], f'Fail to find the account{sys_info[4]}'
logger.info(f'Successfully find "{account_set_details[0]["User"]}" in created set" {account_set_name}".')
# Cleanup the created set.
clean_up_collections.append(RedrockController.get_id_from_name(core_session, account_set_name, "Sets"))
logger.info(f'Successfully deleted created set" {account_set_name}".')
def test_add_system_discovery(core_session, ad_discovery_profile,
pas_ad_discovery_config, core_value,
delete_discovered_system):
"""
Test Case: Add System (C1555)
:param core_session: Authenticated Centrify Session
:param ad_discovery_profile: Fixture to create AD profile for system discovery
:param pas_ad_discovery_config: fixture to read yaml file to create profile
:param core_value: fixture to read core.yaml
:param delete_discovered_system: fixture for cleanup before and after discovery
"""
config_profile = pas_ad_discovery_config
profile_data = config_profile['ad_profile_data'][0]
domain_details = config_profile['domains']
domain_name = []
domain_id_list = []
for domains in domain_details:
domain_name.append(domains['Name'])
for domain in domain_name:
domain_id = RedrockController.get_id_from_name(core_session, domain,
'VaultDomain')
domain_id_list.append(domain_id)
# Delete System and account before discovery
delete_discovered_system(profile_data['discovered_system'], domain_id_list)
profile_list, profile_name, profile_id, account_list, account_id = ad_discovery_profile(
domain_name, profile_data['account_in_domain'])
# Run Discovery to discover window system
result_run, success, response = Discovery.run_discovery_profile(
core_session, profile_id, wait_for_run=True)
assert success, f"Failed to run discovery profile: {response}"
logger.info(f"Discovery ran successfully, API response: {result_run} ")
# Check Last Verify and Last Verify Result for Account
last_verify = None
last_verify_result = None
account_list = RedrockController.get_accounts(core_session)
discovered_account = []
for account in account_list:
if account['AccountDiscoveredTime'] is not None:
discovered_account.append(account['ID'])
last_verify = account['Status']
last_verify_result = account['LastHealthCheck']
assert len(
discovered_account
) != 0, f"Failed to discover system, account and services {discovered_account}"
logger.info(f"Discovered Account is: {discovered_account}")
assert last_verify_result is not None, "Failed to test account"
assert last_verify == "Missing Password", "Failed to test account"
logger.info(
f"Last Test:{last_verify} and Last Test Result: {last_verify_result}")
# Check Last Test Result and Last Test for Domain
result = ServerManager.get_all_domains(core_session)
for domain in result:
if domain['Name'] in domain_name:
last_test = domain['LastHealthCheck']
last_test_result = domain['HealthCheckInterval']
assert last_test is not None, "Failed to test Domain"
assert last_test_result is None, "Failed to test Domain"
logger.info(
f"Domain Name: {domain['Name']}, Last Test:{last_test} and Last Test Result: {last_test_result}"
)
# Check Last Test Result and Last Test for Discovered System
result = RedrockController.get_computers(core_session)
last_test = None
last_test_result = None
discovered_system = []
for system in result:
if system['DiscoveredTime'] is not None:
discovered_system.append(system['ID'])
last_test = system['LastHealthCheck']
last_test_result = system['HealthCheckInterval']
assert last_test is not None, "Failed to test system"
assert last_test_result is None, "Failed to test system"
logger.info(
f"Last Test:{last_test} and Last Test Result: {last_test_result}")
# Cleanup after discovery
delete_discovered_system(profile_data['discovered_system'], domain_id_list)
