def check_rights(session, ui_user, api_user, expected_rights): assert ui_user == api_user, f'UI and API fixtures should return the same user' response = UserManager.get_user_role_rights(session, api_user.get_id()) if expected_rights[0] is not None: assert response['Result'][ 'Count'] == 2, f'User should be in everybody role, and a role with admin rights' else: assert response['Result'][ 'Count'] == 1, f'User should be in everybody role only' rights_role_found = False everbody_found = False for result in response['Result']['Results']: row = result['Row'] if len(row['AdministrativeRights']) > 0: rights_found = list( map(lambda right: right['Description'], row['AdministrativeRights'])) rights_found.sort() expected_rights.sort() assert rights_found == expected_rights, f'Role with administrative rights does not have expected rights {expected_rights}, instead has {rights_found}' rights_role_found = True elif row['Name'] == 'Everybody': everbody_found = True else: assert False, f'Unexpected role found {row}' if expected_rights[0] is not None: assert rights_role_found is True, f'Role containing expected rights found' assert everbody_found is True, f'Everybody role not found'
def test_assign_view_permission_to_shared_report(core_session, create_report, users_and_roles): """ TCID: C6351 Assign 'View' permission to shared report :param core_session: Centrify Authentication session :param create_report: To create the report :param users_and_roles: To open an UI and assign specific right to user """ my_report = create_report(core_session, "Select Name From Server", dir="/Reports") report_name = my_report['Name'] grant_str = "0000000000000000000000000000000000000000000000000000000010000100" ui = users_and_roles.get_ui_as_user("Application Management") user_details = ui.get_user() user_name = user_details.get_login_name() user_id = user_details.get_id() role = UserManager.get_user_role_rights(core_session, user_id) assign_result = ReportsManager.assign_directory_rights_to_role( core_session, "/Reports", [{ "Role": role['Result']['Results'][0]['Entities'][0]['Key'], "Rights": ["Read"] }, { "Role": "Everybody", "Rights": ["Read"] }]) assert assign_result, f'Failed to give the read the permission to Shared Folder' result, success, message = ReportsManager.update_report_permission( core_session, user_name, user_id, grant_str, report_name, ['Read']) assert success, f'Failed to assign View permission to Application Management user:{message}' logger.info( f'Successfully assign the View permission to Application Management user:{result}' ) ui.navigate("Reports", check_rendered_tab=False) ui.expect_disappear(LoadingMask(), "Reports page did not loaded properly") ui.expect(RestCallComplete(), "Expected rest call to complete.") ui.expect(TreeFolder("Shared Reports"), "Failed to find shared Reports Tab under Reports", time_to_wait=60) shared_reports_button = ui._searchAndExpect( TreeFolder("Shared Reports"), f'Expected find Shared Reports Folder in Tree', time_to_wait=60) shared_reports_button.try_click() ui.expect( GridCell(report_name), f'Can not see the shared report which assigned View permission to federation user' ) ui.check_actions(["Copy", "Details", "Export Report", "Email Report"], report_name) ui.action("Details", report_name) session = users_and_roles.get_session_for_user('Application Management') query = "Select * from role" result, success, message = ReportsManager.modify_report( session, "/Reports", report_name, query) assert success is False, f'Report modified:{result}' logger.info(f'Report can not modified, API response: {message}')
def test_assign_edit_permission_to_shared_report(core_session, create_report, users_and_roles): """ TCID: C6352 Assign 'Edit' permission to shared report :param core_session: Centrify Authentication session :param create_report: To create the report :param users_and_roles: To open an UI and assign specific right to user """ my_report = create_report(core_session, "Select Name From Server", dir="/Reports") report_name = my_report['Name'] grant_str = "0000000000000000000000000000000000000000000000000000000011101100" ui = users_and_roles.get_ui_as_user("MFA Unlock") user = ui.get_user() user_name = user.get_login_name() user_id = user.get_id() role = UserManager.get_user_role_rights(core_session, user_id) assign_result = ReportsManager.assign_directory_rights_to_role(core_session, "/Reports", [{"Role": role['Result']['Results'][0]['Entities'][0][ 'Key'], "Rights": ["Read"]}, {"Role": "Everybody", "Rights": ["Read"] }]) assert assign_result, f'Failed to give the read the permission to Shared Folder' result, success, message = ReportsManager.update_report_permission(core_session, user_name, user_id, grant_str, report_name, ['ReadWrite']) assert success, f'Failed to assign Edit permission to MFA user:{message}' logger.info(f'Successfully assign the Edit permission to MFA user:{result}') ui.navigate("Reports", check_rendered_tab=False) ui.expect_disappear(LoadingMask(), "Report page did not load properly", 60) ui.expect(RestCallComplete(), "Expected rest call to complete.") ui.expect(TreeFolder("Shared Reports"), "Failed to find shared Reports Tab under Reports", time_to_wait=60) shared_reports_button = ui._searchAndExpect(TreeFolder("Shared Reports"), f'Expected find Shared Reports Folder in Tree', time_to_wait=60) shared_reports_button.try_click() ui.expect(GridCell(report_name), f'Can not see the shared report which assigned Edit permission to MFA user') ui.check_actions(["Copy", "Move", "Delete", "Modify", "Export Report", "Email Report"], report_name) ui.action("Modify", report_name) session = users_and_roles.get_session_for_user('MFA Unlock') query = "Select * From role" result, success, message = ReportsManager.modify_report(session, "/Reports", report_name, query) assert success, f'Script editor could not modified successfully:{message}' logger.info(f'Script editor could not modified successfully:{result}') ui.tab("Permissions") ui.expect(DisabledButton("Add"), "Add is not grey can edit the permission") logger.info(f"'Add' button is grey, and cannot modify the existing permission")
def test_assign_grant_permission_to_shared_reports(core_session, create_report, users_and_roles): """ TCID: C6353 Assign 'Grant' permission to shared report :param core_session: Centrify Authentication Session """ my_report = create_report(core_session, "Select Name From Server", dir="/Reports") report_name = my_report['Name'] session_user = core_session.get_user() session_user_name = session_user.get_login_name() session_user_id = session_user.get_id() grant_str = "0000000000000000000000000000000000000000000000000000000011101101" ui = users_and_roles.get_ui_as_user("Federation Management") user_details = ui.get_user() user_name = user_details.get_login_name() user_id = user_details.get_id() role = UserManager.get_user_role_rights(core_session, user_id) assign_result = ReportsManager.assign_directory_rights_to_role(core_session, "/Reports", [{"Role": role['Result']['Results'][0]['Entities'][0][ 'Key'], "Rights": ["Read"]}, {"Role": "Everybody", "Rights": ["Read"] }]) assert assign_result, f'Failed to give the read the permission to Shared Folder' result, success, message = ReportsManager.update_report_permission(core_session, user_name, user_id, grant_str, report_name, ['Owner']) assert success, f'Failed to assign grant permission to Federation user:{message}' logger.info(f'Successfully assign the grant permission to federation user:{result}') ui.navigate("Reports", check_rendered_tab=False) ui.expect_disappear(LoadingMask(), 'Report page did not load properly') ui.expect(TreeFolder("My Reports"), "Failed to find Shared Reports Tab under Reports", time_to_wait=30) ui.expect(TreeFolder("Shared Reports"), f'Expected find Shared Reports Folder in Tree', time_to_wait=30).try_click() ui.expect(GridCell(report_name), f'Can not see the shared report which assigned grant permission to federation user') ui.check_actions(["Copy", "Move", "Delete", "Modify", "Export Report", "Email Report"], report_name) ui.action("Modify", report_name) ui.expect(Div("Report Builder"), f'Failed to enter report detail page') session = users_and_roles.get_session_for_user('Federation Management') result, success, message = ReportsManager.update_report_permission(session, session_user_name, session_user_id, grant_str, report_name, ['Owner']) assert success, f'Failed to save permission, API response: {message}' logger.info(f'Permission saved successfully:{result}')