def test(): global ldap_server_uuid global new_account_uuid system_tag = ["ldapUseAsLoginName::uid"] ldap_server = ldp_ops.add_ldap_server('ldap1', 'ldap for test', os.environ.get('ldapServerUrl'), os.environ.get('ldapServerBase'), os.environ.get('ldapServerUsername'), os.environ.get('ldapServerPassword'), 'TLS', systemtags=system_tag) ldap_server_uuid = ldap_server.inventory.uuid conditions = res_ops.gen_query_conditions('type', '=', 'SystemAdmin') account = res_ops.query_resource(res_ops.ACCOUNT, conditions)[0] new_account = acc_ops.create_account('new_account', 'password', 'Normal') new_account_uuid = new_account.uuid ldap_account = ldp_ops.bind_ldap_account(os.environ.get('ldapDn'), new_account.uuid) ldap_account_uuid = ldap_account.inventory.uuid session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap( os.environ.get('ldapUid'), os.environ.get('ldapPassword') + '1') acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with wrong password') get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), '') acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with blank password') get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), None) acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login without password') ldp_ops.unbind_ldap_account(ldap_account_uuid) acc_ops.delete_account(new_account.uuid) ldp_ops.delete_ldap_server(ldap_server_uuid) test_util.test_pass('Create VM by normal user account Success') acc_ops.logout(session_uuid)
def test(): global ldap_server_uuid global new_account_uuid global new_account_uuid2 system_tags = ["ldapCleanBindingFilter::(uidNumber=1002)", "ldapUseAsLoginName::uid"] ldap_server = ldp_ops.add_ldap_server('ldap1', 'ldap for test', os.environ.get('ldapServerUrl'), os.environ.get('ldapServerBase'), os.environ.get('ldapServerUsername'), os.environ.get('ldapServerPassword'), 'None', system_tags) ldap_server_uuid = ldap_server.inventory.uuid conditions = res_ops.gen_query_conditions('type', '=', 'SystemAdmin') account = res_ops.query_resource(res_ops.ACCOUNT, conditions)[0] new_account = acc_ops.create_account('new_account', 'password', 'Normal') new_account_uuid = new_account.uuid ldap_account = ldp_ops.bind_ldap_account(os.environ.get('ldapDn'), new_account.uuid) ldap_account_uuid = ldap_account.inventory.uuid session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) ldp_ops.clean_invalid_ldap_binding() get_excepted_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with filter account') new_account2 = acc_ops.create_account('new_account2', 'password', 'Normal') new_account_uuid2 = new_account2.uuid ldap_account2 = ldp_ops.bind_ldap_account('uid=ldapuser3,ou=People,dc=mevoco,dc=com', new_account2.uuid) ldap_account_uuid2 = ldap_account2.inventory.uuid session_uuid2 = acc_ops.login_by_ldap('ldapuser3', 'password') acc_ops.logout(session_uuid) '''
def test(): global ldap_server_uuid global new_account_uuid ldap_server = ldp_ops.add_ldap_server('ldap1', 'ldap for test', os.environ.get('ldapServerUrl'), os.environ.get('ldapServerBase'), os.environ.get('ldapServerUsername'), os.environ.get('ldapServerPassword'), 'TLS') ldap_server_uuid = ldap_server.inventory.uuid conditions = res_ops.gen_query_conditions('type', '=', 'SystemAdmin') account = res_ops.query_resource(res_ops.ACCOUNT, conditions)[0] get_expected_exception = False try: ldap_account = ldp_ops.bind_ldap_account(os.environ.get('ldapUid'), account.uuid) except: get_expected_exception = True if not get_expected_exception: test_util.test_fail('should not be able to bind ldapuid to admin account') new_account = acc_ops.create_account('new_account', 'password', 'Normal') new_account_uuid = new_account.uuid ldap_account = ldp_ops.bind_ldap_account(os.environ.get('ldapUid'), new_account.uuid) ldap_account_uuid = ldap_account.inventory.uuid session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')+'1') acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with wrong password') get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), '') acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with blank password') get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), None) acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login without password') ldp_ops.unbind_ldap_account(ldap_account_uuid) acc_ops.delete_account(new_account.uuid) ldp_ops.delete_ldap_server(ldap_server_uuid) test_util.test_pass('Create VM by normal user account Success') acc_ops.logout(session_uuid)
def test(): global ad_server_uuid global new_account_uuid system_tag = ["ldapUseAsLoginName::cn"] ad_server = ldp_ops.add_ldap_server('ad1', 'ad for test', os.environ.get('adServerUrl'), os.environ.get('adServerBase'), os.environ.get('adServerUsername'), os.environ.get('adServerPassword'), systemtags=system_tag) ad_server_uuid = ad_server.inventory.uuid conditions = res_ops.gen_query_conditions('type', '=', 'SystemAdmin') account = res_ops.query_resource(res_ops.ACCOUNT, conditions)[0] account_uuid = account.uuid new_account = acc_ops.create_account('new_account', 'password', 'Normal') new_account_uuid = new_account.uuid ad_account = ldp_ops.bind_ldap_account(os.environ.get('adUserDn'), account.uuid) ad_account_uuid = ad_account.inventory.uuid session_uuid = acc_ops.login_by_ldap(os.environ.get('adUserCn'), os.environ.get('adPassword')) new_account2 = acc_ops.create_account('new_account2', 'password', 'Normal', session_uuid) acc_ops.delete_account(new_account2.uuid) acc_ops.logout(session_uuid) get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('adUserCn'), os.environ.get('adPassword')+'1') acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with wrong password') get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('adUserCn'), '') acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with blank password') get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('adUserCn'), None) acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login without password') ldp_ops.unbind_ldap_account(ad_account_uuid) acc_ops.delete_account(new_account.uuid) ldp_ops.delete_ldap_server(ad_server_uuid) test_util.test_pass('Login zstack admin by AD Success') acc_ops.logout(session_uuid)
def test(): global ldap_server_uuid global new_account_uuid global new_account_uuid2 system_tags = [ "ldapCleanBindingFilter::(uidNumber=1002)", "ldapUseAsLoginName::uid" ] ldap_server = ldp_ops.add_ldap_server('ldap1', 'ldap for test', os.environ.get('ldapServerUrl'), os.environ.get('ldapServerBase'), os.environ.get('ldapServerUsername'), os.environ.get('ldapServerPassword'), 'None', system_tags) ldap_server_uuid = ldap_server.inventory.uuid conditions = res_ops.gen_query_conditions('type', '=', 'SystemAdmin') account = res_ops.query_resource(res_ops.ACCOUNT, conditions)[0] new_account = acc_ops.create_account('new_account', 'password', 'Normal') new_account_uuid = new_account.uuid ldap_account = ldp_ops.bind_ldap_account(os.environ.get('ldapDn'), new_account.uuid) ldap_account_uuid = ldap_account.inventory.uuid session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) ldp_ops.clean_invalid_ldap_binding() get_excepted_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with filter account') new_account2 = acc_ops.create_account('new_account2', 'password', 'Normal') new_account_uuid2 = new_account2.uuid ldap_account2 = ldp_ops.bind_ldap_account( 'uid=ldapuser3,ou=People,dc=mevoco,dc=com', new_account2.uuid) ldap_account_uuid2 = ldap_account2.inventory.uuid session_uuid2 = acc_ops.login_by_ldap('ldapuser3', 'password') acc_ops.logout(session_uuid) '''
def test(): global ldap_server_uuid global new_account_uuid global new_account_uuid2 system_tag = "ldapUseAsLoginName::uid" ldap_server = ldp_ops.add_ldap_server('ldap1', 'ldap for test', os.environ.get('ldapServerUrl'), os.environ.get('ldapServerBase'), os.environ.get('ldapServerUsername'), os.environ.get('ldapServerPassword'), systemtags=[system_tag]) ldap_server_uuid = ldap_server.inventory.uuid conditions = res_ops.gen_query_conditions('type', '=', 'SystemAdmin') account = res_ops.query_resource(res_ops.ACCOUNT, conditions)[0] new_account = acc_ops.create_account('new_account', 'password', 'Normal') new_account_uuid = new_account.uuid new_account2 = acc_ops.create_account('new_account2', 'password', 'Normal') new_account_uuid2 = new_account2.uuid ldap_account = ldp_ops.bind_ldap_account(os.environ.get('ldapDn'), new_account.uuid) ldap_account_uuid = ldap_account.inventory.uuid session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) ldap_account2 = ldp_ops.bind_ldap_account('uid=ldapuser3,ou=People,dc=mevoco,dc=com', new_account2.uuid) ldap_account_uuid2 = ldap_account2.inventory.uuid session_uuid2 = acc_ops.login_by_ldap('ldapuser3', 'password') acc_ops.logout(session_uuid) #Update multi ldap filters system_tags = ["ldapCleanBindingFilter::(&(loginShell=/bin/bash)(|(homeDirectory=/home/mldapuser)(homeDirectory=/home/ldapuser3)))", "ldapUseAsLoginName::uid"] ldap_filter = ldp_ops.update_ldap_server(ldap_server_uuid, system_tags) ldp_ops.clean_invalid_ldap_binding() get_excepted_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with filter account') get_excepted_exception = False try: session_uuid = acc_ops.login_by_ldap('ldapuser3','password') acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with filter account') cond = res_ops.gen_query_conditions('resourceUuid', '=', ldap_server_uuid) ldap_clean_binding_filter_tag_uuid = res_ops.query_resource(res_ops.SYSTEM_TAG, cond)[0].uuid #Clear filter tag_ops.delete_tag(ldap_clean_binding_filter_tag_uuid) ldap_filter = ldp_ops.update_ldap_server(ldap_server_uuid, [system_tag]) ldap_account = ldp_ops.bind_ldap_account(os.environ.get('ldapDn'), new_account.uuid) ldap_account_uuid = ldap_account.inventory.uuid session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) ldap_account2 = ldp_ops.bind_ldap_account('uid=ldapuser3,ou=People,dc=mevoco,dc=com', new_account2.uuid) ldap_account_uuid2 = ldap_account2.inventory.uuid session_uuid2 = acc_ops.login_by_ldap('ldapuser3', 'password') acc_ops.logout(session_uuid) ldp_ops.clean_invalid_ldap_binding() get_excepted_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('ldapUid'), os.environ.get('ldapPassword')) acc_ops.logout(session_uuid) except: get_excepted_exception = True if get_excepted_exception: test_util.test_fail('should be able to login after removed filter but login failed') get_excepted_exception = False try: session_uuid = acc_ops.login_by_ldap('ldapuser3','password') acc_ops.logout(session_uuid) except: get_excepted_exception = True if get_excepted_exception: test_util.test_fail('should be able to login after removed filter but login failed') ldp_ops.unbind_ldap_account(ldap_account_uuid) ldp_ops.unbind_ldap_account(ldap_account_uuid2) acc_ops.delete_account(new_account_uuid) acc_ops.delete_account(new_account_uuid2) ldp_ops.delete_ldap_server(ldap_server_uuid) test_util.test_pass('Create VM by normal user account Success') acc_ops.logout(session_uuid)
def test(): global ad_server_uuid global new_account_uuid system_tag = ["ldapUseAsLoginName::cn"] ad_server = ldp_ops.add_ldap_server('ad1', 'ad for test', os.environ.get('adServerUrl'), os.environ.get('adServerBase'), os.environ.get('adServerUsername'), os.environ.get('adServerPassword'), systemtags=system_tag) ad_server_uuid = ad_server.inventory.uuid conditions = res_ops.gen_query_conditions('type', '=', 'SystemAdmin') account = res_ops.query_resource(res_ops.ACCOUNT, conditions)[0] account_uuid = account.uuid new_account = acc_ops.create_account('new_account', 'password', 'Normal') new_account_uuid = new_account.uuid ad_account = ldp_ops.bind_ldap_account(os.environ.get('adUserDn'), account.uuid) ad_account_uuid = ad_account.inventory.uuid session_uuid = acc_ops.login_by_ldap(os.environ.get('adUserCn'), os.environ.get('adPassword')) new_account2 = acc_ops.create_account('new_account2', 'password', 'Normal', session_uuid) acc_ops.delete_account(new_account2.uuid) acc_ops.logout(session_uuid) get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap( os.environ.get('adUserCn'), os.environ.get('adPassword') + '1') acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with wrong password') get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('adUserCn'), '') acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login with blank password') get_expected_exception = False try: session_uuid = acc_ops.login_by_ldap(os.environ.get('adUserCn'), None) acc_ops.logout(session_uuid) except: get_excepted_exception = True if not get_excepted_exception: test_util.test_fail('should not be able to login without password') ldp_ops.unbind_ldap_account(ad_account_uuid) acc_ops.delete_account(new_account.uuid) ldp_ops.delete_ldap_server(ad_server_uuid) test_util.test_pass('Login zstack admin by AD Success') acc_ops.logout(session_uuid)