def test_positive_update_permission(self):
"""Update existing role permissions
:id: d57abcf2-a42f-40db-a61c-61b56bcc55b9
:expectedresults: Role is updated
:CaseImportance: Critical
"""
name = gen_string('alpha')
resource_type = 'Architecture'
permissions = ['view_architectures', 'edit_architectures']
with Session(self) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type=resource_type,
permission_list=permissions,
)
self.assertIsNotNone(
self.role.wait_until_element(common_locators['alert.success']))
assigned_permissions = self.role.filters_get_permissions(
name, [resource_type])
self.assertIsNotNone(assigned_permissions)
self.assertEqual(
set(permissions), set(assigned_permissions[resource_type]))
def test_positive_update_permission(self):
"""Update existing role permissions
:id: d57abcf2-a42f-40db-a61c-61b56bcc55b9
:expectedresults: Role is updated
:CaseImportance: Critical
"""
name = gen_string('alpha')
resource_type = 'Architecture'
permissions = ['view_architectures', 'edit_architectures']
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type=resource_type,
permission_list=permissions,
)
self.assertIsNotNone(
self.role.wait_until_element(common_locators['alert.success']))
assigned_permissions = self.role.get_permissions(
name, [resource_type])
self.assertIsNotNone(assigned_permissions)
self.assertEqual(
set(permissions), set(assigned_permissions[resource_type]))
def test_positive_create_with_sc_parameter_permission(self):
"""Create role filter with few permissions for smart class parameters.
:id: c9e466e5-d6ce-4596-bd32-c2a7817da34a
:customerscenario: true
:expectedresults: Corresponding role filter has necessary permissions
:BZ: 1360191
:CaseImportance: High
"""
name = gen_string('alpha')
resource_type = 'Smart class parameter'
permissions = ['view_external_parameters', 'edit_external_parameters']
with Session(self) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type=resource_type,
permission_list=permissions,
)
assigned_perms = self.role.filters_get_permissions_by_resource(
name, 'PuppetclassLookupKey', 'Smart class parameter')
self.assertEqual(set(permissions), set(assigned_perms))
def test_positive_update_external_roles(self):
"""Added AD UserGroup roles get pushed down to user
@feature: LDAP Authentication - Active directory - update
@setup: assign additional roles to the UserGroup
@steps:
1. Create an UserGroup.
2. Assign some roles to UserGroup.
3. Create an External AD UserGroup as per the UserGroup name in AD.
4. Login to sat6 with the AD user.
5. Assign additional roles to the UserGroup.
6. Login to sat6 with LDAP user that is part of aforementioned
UserGroup.
@assert: User has access to all NEW functional areas that are assigned
to aforementioned UserGroup.
"""
self.check_external_user()
foreman_role = gen_string("alpha")
katello_role = gen_string("alpha")
org_name = gen_string("alpha")
loc_name = gen_string("alpha")
with Session(self.browser) as session:
make_role(session, name=foreman_role)
self.role.update(
foreman_role, add_permission=True, permission_list=PERMISSIONS["Location"], resource_type="Location"
)
make_usergroup(
session,
name=self.usergroup_name,
roles=[foreman_role],
ext_usergrp="foobargroup",
ext_authsourceid="LDAP-" + self.ldap_server_name,
)
self.assertIsNotNone(self.usergroup.search(self.usergroup_name))
set_context(session, org=ANY_CONTEXT["org"])
self.user.update(
username=self.ldap_user_name,
authorized_by="LDAP-" + self.ldap_server_name,
password=self.ldap_user_passwd,
)
with Session(self.browser, self.ldap_user_name, self.ldap_user_passwd) as session:
make_loc(session, name=loc_name)
self.assertIsNotNone(self.location.search(loc_name))
with Session(self.browser) as session:
make_role(session, name=katello_role)
self.role.update(
katello_role,
add_permission=True,
permission_list=PERMISSIONS["Organization"],
resource_type="Organization",
)
self.usergroup.update(self.usergroup_name, new_roles=[katello_role], entity_select=True)
self.usergroup.refresh_ext_group(self.usergroup_name, "foobargroup")
self.assertIsNotNone(self.usergroup.wait_until_element(common_locators["notif.success"]))
with Session(self.browser, self.ldap_user_name, self.ldap_user_passwd) as session:
make_org(session, org_name=org_name)
self.assertIsNotNone(self.org.search(org_name))
def test_positive_create_with_smart_variable_permission(self):
"""Create role filter with few permissions for smart variables.
:id: 9e5775f3-5f79-4212-bcb4-29d91032df4e
:customerscenario: true
:expectedresults: Corresponding role filter has necessary permissions
:BZ: 1360191
:CaseImportance: High
"""
name = gen_string('alpha')
resource_type = 'Smart variable'
permissions = ['view_external_variables', 'edit_external_variables']
with Session(self) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type=resource_type,
permission_list=permissions,
)
assigned_perms = self.role.filters_get_permissions_by_resource(
name, 'VariableLookupKey', 'Smart variable')
self.assertEqual(set(permissions), set(assigned_perms))
def test_positive_create_non_overridable_filter(self):
"""Create non overridden filter in role
@id: 5ee281cf-28fa-439d-888d-b1f9aacc6d57
@steps:
1. Create a filter in a role to which taxonomies
(location and organization) cannot be associated.
e.g Architecture filter
2. Create an user with taxonomies different than role and assign role
to it
3. Login as new user and attempt to acess the resources
@assert:
1. Filter is created without taxonomies
2. Override checkbox is not available to check
3. User can access resources, permissions specified in a filter
4. User have access in all taxonomies available to user
"""
name = gen_string('alpha')
username = gen_string('alpha')
password = gen_string('alpha')
with Session(self.browser) as session:
make_role(
session,
name=name,
locations=[self.role_loc],
organizations=[self.role_org],
)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type='Architecture',
permission_list=['view_architectures', 'edit_architectures'],
override_check=False,
)
self.assertTrue(self.role.wait_until_element(
common_locators['alert.success']))
make_user(
session,
username=username,
password1=password,
password2=password,
roles=[name],
locations=[self.role_loc],
organizations=[self.role_org],
edit=True
)
with Session(self.browser, username, password) as session:
set_context(session, org=self.role_org)
set_context(session, loc=self.role_loc)
self.assertIsNone(session.nav.wait_until_element(
menu_locators['menu.content'], timeout=3))
self.assertIsNone(session.nav.wait_until_element(
menu_locators['menu.infrastructure'], timeout=3))
# check that we can access edit functionality at all
self.architecture.update(old_name='x86_64', new_name='x86_64')
def test_positive_create_filter_without_override(self):
"""Create filter in role w/o overriding it
:id: a7f76f6e-6c13-4b34-b38c-19501b65786f
:steps:
1. Create a role with taxonomies (location and organization)
assigned
2. Create filter in role without overriding it
3. Create user and assign new role to it
4. Re-login into application using new user with a role
:expectedresults:
1. Filter w/o override is created in role
2. The taxonomies of role are inherited to filter
3. Override check is not marked by default in filters table
4. User can access application sections specified in a filter
"""
name = gen_string('alpha')
username = gen_string('alpha')
password = gen_string('alpha')
domain_name = gen_string('alpha')
with Session(self.browser) as session:
make_role(
session,
name=name,
locations=[self.role_loc],
organizations=[self.role_org],
)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type='Domain',
permission_list=['view_domains', 'create_domains'],
override_check=True,
)
self.assertTrue(
self.role.wait_until_element(common_locators['alert.success']))
make_user(session,
username=username,
password1=password,
password2=password,
roles=[name],
locations=[self.role_loc],
organizations=[self.role_org],
edit=True)
with Session(self.browser, username, password) as session:
set_context(session, org=self.role_org)
set_context(session, loc=self.role_loc)
make_domain(session, name=domain_name)
self.assertIsNotNone(self.domain.search(domain_name))
self.assertIsNone(
session.nav.wait_until_element(menu_locators['menu.content'],
timeout=3))
self.assertIsNone(
session.nav.wait_until_element(menu_locators['menu.configure'],
timeout=3))
def test_positive_create_filter_without_override(self):
"""Create filter in role w/o overriding it
:id: a7f76f6e-6c13-4b34-b38c-19501b65786f
:steps:
1. Create a role with taxonomies (location and organization)
assigned
2. Create filter in role without overriding it
3. Create user and assign new role to it
4. Re-login into application using new user with a role
:expectedresults:
1. Filter w/o override is created in role
2. The taxonomies of role are inherited to filter
3. Override check is not marked by default in filters table
4. User can access application sections specified in a filter
"""
name = gen_string('alpha')
username = gen_string('alpha')
password = gen_string('alpha')
domain_name = gen_string('alpha')
with Session(self.browser) as session:
make_role(
session,
name=name,
locations=[self.role_loc],
organizations=[self.role_org],
)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type='Domain',
permission_list=['view_domains', 'create_domains'],
override_check=True,
)
self.assertTrue(self.role.wait_until_element(
common_locators['alert.success']))
make_user(
session,
username=username,
password1=password,
password2=password,
roles=[name],
locations=[self.role_loc],
organizations=[self.role_org],
edit=True
)
with Session(self.browser, username, password) as session:
set_context(session, org=self.role_org)
set_context(session, loc=self.role_loc)
make_domain(session, name=domain_name)
self.assertIsNotNone(self.domain.search(domain_name))
self.assertIsNone(session.nav.wait_until_element(
menu_locators['menu.content'], timeout=3))
self.assertIsNone(session.nav.wait_until_element(
menu_locators['menu.configure'], timeout=3))
def test_positive_create_non_overridable_filter(self):
"""Create non overridden filter in role
:id: 5ee281cf-28fa-439d-888d-b1f9aacc6d57
:steps:
1. Create a filter in a role to which taxonomies (location and
organization) cannot be associated. e.g Architecture filter
2. Create an user with taxonomies different than role and assign
role to it
3. Login as new user and attempt to acess the resources
:expectedresults:
1. Filter is created without taxonomies
2. Override checkbox is not available to check
3. User can access resources, permissions specified in a filter
4. User have access in all taxonomies available to user
"""
name = gen_string('alpha')
username = gen_string('alpha')
password = gen_string('alpha')
with Session(self.browser) as session:
make_role(
session,
name=name,
locations=[self.role_loc],
organizations=[self.role_org],
)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type='Architecture',
permission_list=['view_architectures', 'edit_architectures'],
override_check=False,
)
self.assertTrue(
self.role.wait_until_element(common_locators['alert.success']))
make_user(session,
username=username,
password1=password,
password2=password,
roles=[name],
locations=[self.role_loc],
organizations=[self.role_org],
edit=True)
with Session(self.browser, username, password) as session:
set_context(session, org=self.role_org)
set_context(session, loc=self.role_loc)
self.assertIsNone(
session.nav.wait_until_element(menu_locators['menu.content'],
timeout=3))
self.assertIsNone(
session.nav.wait_until_element(
menu_locators['menu.infrastructure'], timeout=3))
# check that we can access edit functionality at all
self.architecture.update(old_name='x86_64', new_name='x86_64')
def test_positive_add_foreman_role(self):
"""Associate foreman roles to User Group.
[belonging to external AD User Group.]
@id: c11fbf85-e144-4576-99e3-1ba111479f0f
@Steps:
1. Create an UserGroup.
2. Assign some foreman roles to UserGroup.
3. Create and associate an External AD UserGroup.
@Assert: Whether a User belonging to User Group is able to access
foreman entities as per roles.
@CaseLevel: Integration
"""
self.check_external_user()
strategy, value = locators['login.loggedin']
foreman_role = gen_string('alpha')
location_name = gen_string('alpha')
with Session(self.browser) as session:
make_role(session, name=foreman_role)
self.role.update(
foreman_role,
add_permission=True,
permission_list=PERMISSIONS['Location'],
resource_type='Location',
)
make_usergroup(
session,
name=self.usergroup_name,
roles=[foreman_role],
ext_usergrp='foobargroup',
ext_authsourceid="LDAP-" + self.ldap_server_name,
)
self.assertIsNotNone(self.usergroup.search(self.usergroup_name))
set_context(session, org=ANY_CONTEXT['org'])
self.user.update(
username=self.ldap_user_name,
authorized_by='LDAP-' + self.ldap_server_name,
new_password=self.ldap_user_passwd,
password_confirmation=self.ldap_user_passwd,
)
with Session(
self.browser,
self.ldap_user_name,
self.ldap_user_passwd,
) as session:
self.assertIsNotNone(self.login.wait_until_element(
(strategy, value % self.ldap_user_name)
))
make_loc(session, name=location_name)
self.assertIsNotNone(self.location.search(location_name))
def test_create_role_basic(self, name):
"""@Test: Create new role
@Feature: Role - Positive Create
@Assert: Role is created
"""
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
def test_remove_role(self, name):
"""@Test: Delete an existing role
@Feature: Role - Positive Delete
@Assert: Role is deleted
"""
with Session(self.browser) as session:
make_role(session, name=name)
self.role.delete(name)
def test_positive_add_foreman_role(self):
"""Associate foreman roles to User Group.
[belonging to external AD User Group.]
@id: c11fbf85-e144-4576-99e3-1ba111479f0f
@Steps:
1. Create an UserGroup.
2. Assign some foreman roles to UserGroup.
3. Create and associate an External AD UserGroup.
@Assert: Whether a User belonging to User Group is able to access
foreman entities as per roles.
@CaseLevel: Integration
"""
self.check_external_user()
strategy, value = locators['login.loggedin']
foreman_role = gen_string('alpha')
location_name = gen_string('alpha')
with Session(self.browser) as session:
make_role(session, name=foreman_role)
self.role.update(
foreman_role,
add_permission=True,
permission_list=PERMISSIONS['Location'],
resource_type='Location',
)
make_usergroup(
session,
name=self.usergroup_name,
roles=[foreman_role],
ext_usergrp='foobargroup',
ext_authsourceid="LDAP-" + self.ldap_server_name,
)
self.assertIsNotNone(self.usergroup.search(self.usergroup_name))
set_context(session, org=ANY_CONTEXT['org'])
self.user.update(
username=self.ldap_user_name,
authorized_by='LDAP-' + self.ldap_server_name,
new_password=self.ldap_user_passwd,
password_confirmation=self.ldap_user_passwd,
)
with Session(
self.browser,
self.ldap_user_name,
self.ldap_user_passwd,
) as session:
self.assertIsNotNone(
self.login.wait_until_element(
(strategy, value % self.ldap_user_name)))
make_loc(session, name=location_name)
self.assertIsNotNone(self.location.search(location_name))
def test_positive_create_with_name(self):
"""Create new role using different names
@id: 8170598b-cf3b-4ff7-9baa-bee73f90d255
@Assert: Role is created successfully
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
def test_negative_create_role_with_too_long_names(self, name):
"""@Test: Create new role with 256 characters in name
@Feature: Role - Negative Create
@Assert: Role is not created
"""
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(session.nav.wait_until_element(
common_locators['name_haserror']))
def test_positive_create_with_name(self):
"""Create new role using different names
@Feature: Role - Positive Create
@Assert: Role is created successfully
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
def test_positive_delete(self):
"""@Test: Delete an existing role
@Feature: Role - Positive Delete
@Assert: Role is deleted successfully
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.role.delete(name)
def test_positive_delete(self):
"""Delete an existing role
@Feature: Role - Positive Delete
@Assert: Role is deleted successfully
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.role.delete(name)
def test_positive_delete(self):
"""Delete an existing role
@id: c8bd515a-e556-4b98-a993-ec37f541ffc3
@Assert: Role is deleted successfully
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.role.delete(name)
def test_positive_create_with_name(self):
"""@Test: Create new role using different names
@Feature: Role - Positive Create
@Assert: Role is created successfully
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
def test_positive_delete(self):
"""Delete an existing role
@id: c8bd515a-e556-4b98-a993-ec37f541ffc3
@Assert: Role is deleted successfully
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.role.delete(name)
def test_positive_create_with_name(self):
"""Create new role using different names
@id: 8170598b-cf3b-4ff7-9baa-bee73f90d255
@Assert: Role is created successfully
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
def test_negative_create_with_invalid_name(self):
"""@Test: Create new role using invalid names
@Feature: Role - Negative Create
@Assert: Role is not created
"""
with Session(self.browser) as session:
for name in invalid_values_list(interface='ui'):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(session.nav.wait_until_element(
common_locators['name_haserror']))
def test_negative_create_role_1(self, name):
"""@Test: Create new role with blank and whitespace in name
@Feature: Role - Negative Create
@Assert: Role is not created
"""
with Session(self.browser) as session:
make_role(session, name=name)
error = session.nav.wait_until_element(common_locators["name_haserror"])
self.assertIsNotNone(error)
def test_create_role_basic(self):
"""@Test: Create new role
@Feature: Role - Positive Create
@Assert: Role is created
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
def test_negative_create_with_invalid_name(self):
"""Create new role using invalid names
@id: 4159a2ad-0952-4196-9e3b-56c721d24355
@Assert: Role is not created
"""
with Session(self.browser) as session:
for name in invalid_values_list(interface='ui'):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(session.nav.wait_until_element(
common_locators['name_haserror']))
def test_positive_delete(self):
"""Delete an existing role
:id: c8bd515a-e556-4b98-a993-ec37f541ffc3
:expectedresults: Role is deleted successfully
:CaseImportance: Critical
"""
with Session(self.browser) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.role.delete(name)
def test_negative_create_with_invalid_name(self):
"""Create new role using invalid names
@id: 4159a2ad-0952-4196-9e3b-56c721d24355
@Assert: Role is not created
"""
with Session(self.browser) as session:
for name in invalid_values_list(interface='ui'):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(
session.nav.wait_until_element(
common_locators['name_haserror']))
def test_positive_create_with_name(self):
"""Create new role using different names
:id: 8170598b-cf3b-4ff7-9baa-bee73f90d255
:expectedresults: Role is created successfully
:CaseImportance: Critical
"""
with Session(self) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
def test_positive_add_katello_role(self):
"""Associate katello roles to User Group.
[belonging to external AD User Group.]
@id: aa5e3bf4-cb42-43a4-93ea-a2eea54b847a
@Steps:
1. Create an UserGroup.
2. Assign some foreman roles to UserGroup.
3. Create and associate an External AD UserGroup.
@Assert: Whether a User belonging to User Group is able to access
katello entities as per roles.
@CaseLevel: Integration
"""
self.check_external_user()
katello_role = gen_string('alpha')
org_name = gen_string('alpha')
with Session(self.browser) as session:
make_role(session, name=katello_role)
self.role.update(
katello_role,
add_permission=True,
permission_list=PERMISSIONS['Organization'],
resource_type='Organization',
)
make_usergroup(
session,
name=self.usergroup_name,
roles=[katello_role],
ext_usergrp='foobargroup',
ext_authsourceid='LDAP-' + self.ldap_server_name,
)
self.assertIsNotNone(self.usergroup.search(self.usergroup_name))
set_context(session, org=ANY_CONTEXT['org'])
self.user.update(
username=self.ldap_user_name,
authorized_by='LDAP-' + self.ldap_server_name,
new_password=self.ldap_user_passwd,
password_confirmation=self.ldap_user_passwd,
)
with Session(
self.browser,
self.ldap_user_name,
self.ldap_user_passwd
) as session:
make_org(session, org_name=org_name)
self.assertIsNotNone(self.org.search(org_name))
def test_positive_create_with_name(self):
"""Create new role using different names
:id: 8170598b-cf3b-4ff7-9baa-bee73f90d255
:expectedresults: Role is created successfully
:CaseImportance: Critical
"""
with Session(self) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
def test_positive_delete(self):
"""Delete an existing role
:id: c8bd515a-e556-4b98-a993-ec37f541ffc3
:expectedresults: Role is deleted successfully
:CaseImportance: Critical
"""
with Session(self) as session:
for name in generate_strings_list(length=10):
with self.subTest(name):
make_role(session, name=name)
self.role.delete(name, dropdown_present=True)
def test_update_role_name(self, new_name):
"""@Test: Update role name
@Feature: Role - Positive Update
@Assert: Role is updated
"""
name = gen_string('utf8')
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.update(name, new_name)
self.assertIsNotNone(self.role.search(new_name))
def test_negative_create_role_1(self, name):
"""@Test: Create new role with blank and whitespace in name
@Feature: Role - Negative Create
@Assert: Role is not created
"""
with Session(self.browser) as session:
make_role(session, name=name)
error = session.nav.wait_until_element(
common_locators["name_haserror"])
self.assertIsNotNone(error)
def test_positive_add_katello_role(self):
"""Associate katello roles to User Group.
[belonging to external AD User Group.]
:id: aa5e3bf4-cb42-43a4-93ea-a2eea54b847a
:Steps:
1. Create an UserGroup.
2. Assign some foreman roles to UserGroup.
3. Create and associate an External AD UserGroup.
:expectedresults: Whether a User belonging to User Group is able to
access katello entities as per roles.
:CaseLevel: Integration
"""
self.check_external_user()
katello_role = gen_string('alpha')
org_name = gen_string('alpha')
with Session(self) as session:
make_role(session, name=katello_role)
self.role.add_permission(
katello_role,
permission_list=PERMISSIONS['Organization'],
resource_type='Organization',
)
make_usergroup(
session,
name=self.usergroup_name,
roles=[katello_role],
ext_usergrp='foobargroup',
ext_authsourceid='LDAP-' + self.ldap_server_name,
)
self.assertIsNotNone(self.usergroup.search(self.usergroup_name))
set_context(session, org=ANY_CONTEXT['org'])
self.user.update(
username=self.ldap_user_name,
authorized_by='LDAP-' + self.ldap_server_name,
new_password=self.ldap_user_passwd,
password_confirmation=self.ldap_user_passwd,
)
with Session(
self,
self.ldap_user_name,
self.ldap_user_passwd
) as session:
make_org(session, org_name=org_name)
self.assertIsNotNone(self.org.search(org_name))
def test_positive_delete_external_roles(self):
"""Deleted AD UserGroup roles get pushed down to user
@feature: LDAP Authentication - Active directory - update
@setup: delete roles from an AD UserGroup
@steps:
1. Create an UserGroup.
2. Assign some roles to UserGroup.
3. Create an External AD UserGroup as per the UserGroup name in AD.
4. Login to sat6 with the AD user.
5. Unassign some of the existing roles of the UserGroup.
6. Login to sat6 with LDAP user that is part of aforementioned
UserGroup.
@assert: User no longer has access to all deleted functional areas
that were assigned to aforementioned UserGroup.
"""
self.check_external_user()
foreman_role = gen_string("alpha")
with Session(self.browser) as session:
make_role(session, name=foreman_role)
self.role.update(
foreman_role, add_permission=True, permission_list=PERMISSIONS["Location"], resource_type="Location"
)
make_usergroup(
session,
name=self.usergroup_name,
roles=[foreman_role],
ext_usergrp="foobargroup",
ext_authsourceid="LDAP-" + self.ldap_server_name,
)
self.assertIsNotNone(self.usergroup.search(self.usergroup_name))
set_context(session, org=ANY_CONTEXT["org"])
self.user.update(
username=self.ldap_user_name,
authorized_by="LDAP-" + self.ldap_server_name,
password=self.ldap_user_passwd,
)
with Session(self.browser, self.ldap_user_name, self.ldap_user_passwd) as session:
session.nav.go_to_loc()
with Session(self.browser):
self.usergroup.update(self.usergroup_name, roles=[foreman_role], entity_select=False)
with Session(self.browser, self.ldap_user_name, self.ldap_user_passwd) as session:
ActionChains(self.browser).move_to_element(
session.nav.wait_until_element(menu_locators["menu.any_context"])
).perform()
self.assertIsNone(session.nav.wait_until_element(menu_locators["loc.manage_loc"]))
def test_create_role(self, test_data):
"""@Test: Create new role
@Feature: Role - Positive Create
@Assert: Role is created
"""
bug_id = test_data.pop('bz-bug', None)
if bug_id is not None and bz_bug_is_open(bug_id):
self.skipTest('Bugzilla bug {0} is open.'.format(bug_id))
with Session(self.browser) as session:
make_role(session, name=test_data['name'])
self.assertIsNotNone(self.role.search(test_data['name']))
def test_create_role(self, test_data):
"""@Test: Create new role
@Feature: Role - Positive Create
@Assert: Role is created
"""
bug_id = test_data.pop('bz-bug', None)
if bug_id is not None and bz_bug_is_open(bug_id):
self.skipTest('Bugzilla bug {0} is open.'.format(bug_id))
with Session(self.browser) as session:
make_role(session, name=test_data['name'])
self.assertIsNotNone(self.role.search(test_data['name']))
def test_positive_update_permission(self):
"""Update existing role permissions
@id: d57abcf2-a42f-40db-a61c-61b56bcc55b9
@Assert: Role is updated
"""
name = gen_string('alpha')
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type='Architecture',
permission_list=['view_architectures', 'create_architectures'],
)
def test_positive_update_name(self):
"""Update existing role name
@Feature: Role - Positive Update
@Assert: Role is updated
"""
name = gen_string('utf8')
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
for new_name in generate_strings_list(length=10):
with self.subTest(new_name):
self.role.update(name, new_name)
self.assertIsNotNone(self.role.search(new_name))
name = new_name # for next iteration
def test_positive_update_name(self):
"""Update existing role name
@id: c3ad9eed-6896-470d-9043-3fda37bbe489
@Assert: Role is updated
"""
name = gen_string('utf8')
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
for new_name in generate_strings_list(length=10):
with self.subTest(new_name):
self.role.update(name, new_name)
self.assertIsNotNone(self.role.search(new_name))
name = new_name # for next iteration
def test_positive_update_name(self):
"""Update existing role name
@id: c3ad9eed-6896-470d-9043-3fda37bbe489
@Assert: Role is updated
"""
name = gen_string('utf8')
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
for new_name in generate_strings_list(length=10):
with self.subTest(new_name):
self.role.update(name, new_name)
self.assertIsNotNone(self.role.search(new_name))
name = new_name # for next iteration
def test_positive_update_name(self):
"""@Test: Update existing role name
@Feature: Role - Positive Update
@Assert: Role is updated
"""
name = gen_string('utf8')
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
for new_name in generate_strings_list(length=10):
with self.subTest(new_name):
self.role.update(name, new_name)
self.assertIsNotNone(self.role.search(new_name))
name = new_name # for next iteration
def test_positive_update_permission(self):
"""Update existing role permissions
@id: d57abcf2-a42f-40db-a61c-61b56bcc55b9
@Assert: Role is updated
"""
name = gen_string('alpha')
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.add_permission(
name,
resource_type='Architecture',
permission_list=['view_architectures', 'create_architectures'],
)
def test_negative_create_role_2(self, test_data):
"""@Test: Create new role with 256 characters in name
@Feature: Role - Negative Create
@Assert: Role is not created
"""
bug_id = test_data.pop("bz-bug", None)
if bug_id is not None and bz_bug_is_open(bug_id):
self.skipTest("Bugzilla bug {0} is open.".format(bug_id))
with Session(self.browser) as session:
make_role(session, name=test_data["name"])
error = session.nav.wait_until_element(common_locators["name_haserror"])
self.assertIsNotNone(error)
def test_positive_create_filter_admin_user_with_orgs(self):
"""Attempt to create a role filter by admin user, who has 10
organizations assigned
:id: 04208e17-34b5-46b1-84dd-b8a973521d30
:expectedresults: filter was successfully created
:BZ: 1389795
:CaseImportance: Critical
"""
name = gen_string('alpha')
password = gen_string('alpha')
org_names = [
entities.Organization().create().name
for _ in range(10)
]
with Session(self) as session:
make_user(
session,
username=name,
password1=password,
password2=password,
admin=True
)
self.user.update(name, new_organizations=org_names)
self.assertIsNotNone(self.user.search(name))
resource_type = 'Architecture'
permissions = ['view_architectures', 'edit_architectures']
role_name = gen_string('alphanumeric')
with Session(self, name, password) as session:
make_role(session, name=role_name)
self.assertIsNotNone(self.role.search(role_name))
self.role.add_permission(
role_name,
resource_type=resource_type,
permission_list=permissions,
)
self.assertIsNotNone(
self.role.wait_until_element(common_locators['alert.success']))
assigned_permissions = self.role.filters_get_permissions(
role_name, [resource_type])
self.assertIsNotNone(assigned_permissions)
self.assertEqual(
set(permissions), set(assigned_permissions[resource_type]))
def test_positive_update_permission(self):
"""Update existing role permissions
@Feature: Role - Positive Update
@Assert: Role is updated
"""
name = gen_string('alpha')
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.update(
name,
add_permission=True,
resource_type='Architecture',
permission_list=['view_architectures', 'create_architectures'],
)
def test_negative_create_role_2(self, test_data):
"""@Test: Create new role with 256 characters in name
@Feature: Role - Negative Create
@Assert: Role is not created
"""
bug_id = test_data.pop('bz-bug', None)
if bug_id is not None and bz_bug_is_open(bug_id):
self.skipTest('Bugzilla bug {0} is open.'.format(bug_id))
with Session(self.browser) as session:
make_role(session, name=test_data['name'])
error = session.nav.wait_until_element(
common_locators["name_haserror"])
self.assertIsNotNone(error)
def test_remove_role(self, test_data):
"""@Test: Delete an existing role
@Feature: Role - Positive Delete
@Assert: Role is deleted
"""
bug_id = test_data.pop('bz-bug', None)
if bug_id is not None and bz_bug_is_open(bug_id):
self.skipTest('Bugzilla bug {0} is open.'.format(bug_id))
with Session(self.browser) as session:
make_role(session, name=test_data['name'])
self.assertIsNotNone(self.role.search(test_data['name']))
self.role.remove(test_data['name'], True)
self.assertIsNone(self.role.search(test_data['name']))
def test_adusergroup_katello_role(self):
"""@Test: Associate katello roles to User Group.
[belonging to external AD User Group.]
@Feature: LDAP Authentication - Active Directory - associate katello
roles
@Steps:
1. Create an UserGroup.
2. Assign some foreman roles to UserGroup.
3. create and associate an External AD UserGroup.
@Assert: Whether a User belonging to User Group is able to access
katello entities as per roles.
"""
strategy, value = locators['login.loggedin']
katello_role = gen_string('alpha')
org_name = gen_string('alpha')
with Session(self.browser) as session:
make_role(session, name=katello_role)
self.role.update(
katello_role,
add_permission=True,
permission_list=PERMISSIONS['Organization'],
resource_type='Organization',
)
make_usergroup(
session,
name=self.usergroup_name,
roles=[katello_role],
ext_usergrp='foobargroup',
ext_authsourceid='LDAP-' + self.ldap_server_name,
)
self.assertIsNotNone(self.usergroup.search(self.usergroup_name))
with Session(
self.browser,
self.ldap_user_name,
self.ldap_user_passwd,
) as session:
self.assertIsNotNone(self.login.wait_until_element(
(strategy, value % self.ldap_user_name)
))
make_org(session, org_name=org_name)
self.assertIsNotNone(self.org.search(org_name))
def test_positive_update_permission(self):
"""Update existing role permissions
@Feature: Role - Positive Update
@Assert: Role is updated
"""
name = gen_string('alpha')
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.update(
name,
add_permission=True,
resource_type='Architecture',
permission_list=['view_architectures', 'create_architectures'],
)
def test_update_role_permission(self):
"""@Test: Update role permissions
@Feature: Role - Positive Update
@Assert: Role is updated
"""
name = gen_string("alpha", 8)
resource_type = 'Architecture'
permission_list = ['view_architectures', 'create_architectures']
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.update(name, add_permission=True,
resource_type=resource_type,
permission_list=permission_list)
def test_remove_role(self, test_data):
"""@Test: Delete an existing role
@Feature: Role - Positive Delete
@Assert: Role is deleted
"""
bug_id = test_data.pop('bz-bug', None)
if bug_id is not None and bz_bug_is_open(bug_id):
self.skipTest('Bugzilla bug {0} is open.'.format(bug_id))
with Session(self.browser) as session:
make_role(session, name=test_data['name'])
self.assertIsNotNone(self.role.search(test_data['name']))
self.role.remove(test_data['name'], True)
self.assertIsNone(self.role.search(test_data['name']))
def test_positive_add_katello_role(self):
"""Associate katello roles to User Group.
[belonging to external AD User Group.]
@Feature: LDAP Authentication - Active Directory - associate katello
roles
@Steps:
1. Create an UserGroup.
2. Assign some foreman roles to UserGroup.
3. create and associate an External AD UserGroup.
@Assert: Whether a User belonging to User Group is able to access
katello entities as per roles.
"""
strategy, value = locators['login.loggedin']
katello_role = gen_string('alpha')
org_name = gen_string('alpha')
with Session(self.browser) as session:
make_role(session, name=katello_role)
self.role.update(
katello_role,
add_permission=True,
permission_list=PERMISSIONS['Organization'],
resource_type='Organization',
)
make_usergroup(
session,
name=self.usergroup_name,
roles=[katello_role],
ext_usergrp='foobargroup',
ext_authsourceid='LDAP-' + self.ldap_server_name,
)
self.assertIsNotNone(self.usergroup.search(self.usergroup_name))
with Session(
self.browser,
self.ldap_user_name,
self.ldap_user_passwd,
) as session:
self.assertIsNotNone(
self.login.wait_until_element(
(strategy, value % self.ldap_user_name)))
make_org(session, org_name=org_name)
self.assertIsNotNone(self.org.search(org_name))
def test_update_role_permission(self):
"""@Test: Update role permissions
@Feature: Role - Positive Update
@Assert: Role is updated
"""
name = gen_string("alpha", 8)
resource_type = 'Architecture'
permission_list = ['view_architectures', 'create_architectures']
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.update(name,
add_permission=True,
resource_type=resource_type,
permission_list=permission_list)
def test_positive_create_role_with_taxonomies(self):
"""create role with taxonomies
@id: 5d9da688-f371-4654-93d3-b221211be280
@steps: Create new role with taxonomies
@assert: New role is created with taxonomies
"""
name = gen_string('alpha')
with Session(self.browser) as session:
make_role(
session,
name=name,
locations=[self.role_loc],
organizations=[self.role_org],
)
self.assertIsNotNone(self.role.search(name))
def test_positive_update_name(self):
"""Update existing role name
:id: c3ad9eed-6896-470d-9043-3fda37bbe489
:expectedresults: Role is updated
:CaseImportance: Critical
"""
name = gen_string('utf8')
with Session(self) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
for new_name in generate_strings_list(length=10):
with self.subTest(new_name):
self.role.update(name, new_name)
self.assertIsNotNone(self.role.search(new_name))
name = new_name # for next iteration
def test_positive_create_with_21_filters(self):
"""Make sure it's possible to create more than 20 filters inside single
role
:BZ: 1277444
:id: 6c36d382-9790-4d34-affa-e993764cef9a
:customerscenario: true
:expectedresults: more than 20 filters are displayed
:CaseImportance: Medium
"""
filters_number = 21
role_name = gen_string('alphanumeric')
with Session(self) as session:
make_role(session, name=role_name)
self.assertIsNotNone(self.role.search(role_name))
perms = (
(ptype, perm)
for ptype, plist in PERMISSIONS_UI.items()
for perm in plist
)
used_ptypes = []
for _ in range(filters_number):
ptype, perm = next(perms)
if ptype not in used_ptypes:
used_ptypes.append(ptype)
self.role.add_permission(
role_name,
resource_type=ptype,
permission_list=[perm],
)
self.assertIsNotNone(
self.role.wait_until_element(common_locators['alert.success']))
assigned_permissions = self.role.get_permissions(role_name)
self.assertTrue(assigned_permissions)
assigned_permissions_count = len([
perm_
for ptype_ in assigned_permissions.values()
for perm_ in ptype_
])
self.assertEqual(assigned_permissions_count, filters_number)
def test_positive_update_org(self):
"""Update organization for selected role
@Feature: Role - Positive Update
@Assert: Role is updated
"""
name = gen_string('alpha')
org = entities.Organization().create()
with Session(self.browser) as session:
make_role(session, name=name)
self.assertIsNotNone(self.role.search(name))
self.role.update(
name,
add_permission=True,
resource_type='Activation Keys',
permission_list=['view_activation_keys'],
organization=[org.name],
)
def test_positive_create_role_with_taxonomies(self):
"""create role with taxonomies
:id: 5d9da688-f371-4654-93d3-b221211be280
:steps: Create new role with taxonomies (location and organization)
:expectedresults: New role is created with taxonomies
:CaseImportance: Critical
"""
name = gen_string('alpha')
with Session(self) as session:
make_role(
session,
name=name,
locations=[self.role_loc],
organizations=[self.role_org],
)
self.assertIsNotNone(self.role.search(name))
