def test_positive_generate_ansible_template(self):
"""Report template named 'Ansible Inventory' (default name is specified in settings)
must be present in Satellite 6.7 and later in order to provide enhanced functionality
for Ansible Tower inventory synchronization with Satellite.
:id: f1f7adfc-9601-4498-95c8-3e82e2b36583
:setup:
1. A user with minimal required permissions: 'Ansible Tower Inventory Reader' role
2. A fake host to be checked in report output
:steps:
1. Check settings for default Ansible Inventory template name and ensure
the template is present
2. Try to render the template using the user with ATIR role
3. Check the fake host is present in the output
:expectedresults: Report template is present, renederable and provides output
:CaseImportance: Medium
"""
settings = Settings.list({'search': 'name=ansible_inventory_template'})
assert 1 == len(settings)
template_name = settings[0]['value']
report_list = ReportTemplate.list()
assert template_name in [rt['name'] for rt in report_list]
login = gen_string('alpha').lower()
password = gen_string('alpha').lower()
loc = Location.info({'name': DEFAULT_LOC})
org = Org.info({'name': DEFAULT_ORG})
user = make_user(
{
'login': login,
'password': password,
'organization-ids': org['id'],
'location-ids': loc['id'],
}
)
User.add_role({'login': user['login'], 'role': 'Ansible Tower Inventory Reader'})
host_name = gen_string('alpha').lower()
host = make_fake_host({'name': host_name})
schedule = ReportTemplate.with_user(username=user['login'], password=password).schedule(
{'name': template_name}
)
report_data = ReportTemplate.with_user(
username=user['login'], password=password
).report_data({'id': template_name, 'job-id': schedule[0].split("Job ID: ", 1)[1]})
assert host['name'] in [item.split(',')[1] for item in report_data if len(item) > 0]
def test_negative_nonauthor_of_report_cant_download_it(self):
"""The resulting report should only be downloadable by
the user that generated it or admin. Check.
:id: a4bc77db-146e-4871-a42e-e93887464986
:setup: Installed Satellite, user that can list running tasks
:steps:
1. hammer -u u1 -p p1 report-template schedule
2. hammer -u u2 -p p2 report-template report-data
:expectedresults: Report can't be downloaded. Error.
:CaseImportance: High
"""
uname_viewer = gen_string('alpha')
uname_viewer2 = gen_string('alpha')
password = gen_string('alpha')
loc = Location.info({'name': DEFAULT_LOC})
org = Org.info({'name': DEFAULT_ORG})
user1 = make_user({
'login': uname_viewer,
'password': password,
'organization-ids': org['id'],
'location-ids': loc['id'],
})
user2 = make_user({
'login': uname_viewer2,
'password': password,
'organization-ids': org['id'],
'location-ids': loc['id'],
})
role = make_role()
# Pick permissions by its resource type
permissions_org = [
permission['name'] for permission in Filter.available_permissions(
{'resource-type': 'Organization'})
]
permissions_loc = [
permission['name'] for permission in Filter.available_permissions(
{'resource-type': 'Location'})
]
permissions_rt = [
permission['name'] for permission in Filter.available_permissions(
{'resource-type': 'ReportTemplate'})
]
permissions_pt = [
permission['name'] for permission in Filter.available_permissions(
{'resource-type': 'ProvisioningTemplate'})
]
permissions_jt = [
permission['name'] for permission in Filter.available_permissions(
{'resource-type': 'JobTemplate'})
]
# Assign filters to created role
make_filter({'role-id': role['id'], 'permissions': permissions_org})
make_filter({'role-id': role['id'], 'permissions': permissions_loc})
make_filter({'role-id': role['id'], 'permissions': permissions_rt})
make_filter({'role-id': role['id'], 'permissions': permissions_pt})
make_filter({'role-id': role['id'], 'permissions': permissions_jt})
User.add_role({'login': user1['login'], 'role-id': role['id']})
User.add_role({'login': user2['login'], 'role-id': role['id']})
name = gen_string('alpha')
content = gen_string('alpha')
report_template = ReportTemplate.with_user(username=user1['login'],
password=password).create({
'name':
name,
'organization-id':
org['id'],
'location-id':
loc['id'],
'file':
content
})
schedule = ReportTemplate.with_user(username=user1['login'],
password=password).schedule({
'name':
report_template['name']
})
report_data = ReportTemplate.with_user(username=user1['login'],
password=password).report_data({
'id':
report_template['name'],
'job-id':
schedule[0].split(
"Job ID: ", 1)[1]
})
self.assertIn(content, report_data)
with self.assertRaises(CLIReturnCodeError):
ReportTemplate.with_user(username=user2['login'],
password=password).report_data({
'id':
report_template['name'],
'job-id':
schedule[0].split("Job ID: ", 1)[1]
})
def test_negative_nonauthor_of_report_cant_download_it():
"""The resulting report should only be downloadable by
the user that generated it or admin. Check.
:id: a4bc77db-146e-4871-a42e-e93887464986
:setup: Installed Satellite, user that can list running tasks
:steps:
1. hammer -u u1 -p p1 report-template schedule
2. hammer -u u2 -p p2 report-template report-data
:expectedresults: Report can't be downloaded. Error.
"""
uname_viewer = gen_alpha()
uname_viewer2 = gen_alpha()
password = gen_alpha()
loc = Location.info({'name': DEFAULT_LOC})
org = Org.info({'name': DEFAULT_ORG})
user1 = make_user({
'login': uname_viewer,
'password': password,
'organization-ids': org['id'],
'location-ids': loc['id'],
})
user2 = make_user({
'login': uname_viewer2,
'password': password,
'organization-ids': org['id'],
'location-ids': loc['id'],
})
role = make_role()
# Pick permissions by its resource type
permissions_org = [
permission['name'] for permission in Filter.available_permissions(
{'search': 'resource_type=Organization'})
]
permissions_loc = [
permission['name'] for permission in Filter.available_permissions(
{'search': 'resource_type=Location'})
]
permissions_rt = [
permission['name'] for permission in Filter.available_permissions(
{'search': 'resource_type=ReportTemplate'})
]
permissions_pt = [
permission['name'] for permission in Filter.available_permissions(
{'search': 'resource_type=ProvisioningTemplate'})
]
permissions_jt = [
permission['name'] for permission in Filter.available_permissions(
{'search': 'resource_type=JobTemplate'})
]
# Assign filters to created role
for perm in [
permissions_org, permissions_loc, permissions_rt, permissions_pt,
permissions_jt
]:
make_filter({'role-id': role['id'], 'permissions': perm})
User.add_role({'login': user1['login'], 'role-id': role['id']})
User.add_role({'login': user2['login'], 'role-id': role['id']})
name = gen_alpha()
content = gen_alpha()
report_template = ReportTemplate.with_user(username=user1['login'],
password=password).create({
'name':
name,
'organization-id':
org['id'],
'location-id':
loc['id'],
'file':
content
})
schedule = ReportTemplate.with_user(username=user1['login'],
password=password).schedule(
{'name': report_template['name']})
job_id = schedule.split('Job ID: ', 1)[1].strip()
report_data = ReportTemplate.with_user(username=user1['login'],
password=password).report_data({
'id':
report_template['name'],
'job-id':
job_id
})
assert content in report_data
with pytest.raises(CLIReturnCodeError):
ReportTemplate.with_user(username=user2['login'],
password=password).report_data({
'id':
report_template['name'],
'job-id':
job_id
})