TEST: managing host certificates

Parf of: https://fedorahosted.org/freeipa/ticket/6064

Reviewed-By: Lenka Doudova <ldoudova@redhat.com>

ipatests/test_webui/test_host.py

@@ -98,11 +98,10 @@ class host_tasks(UI_driver):
         ip.append(str(last + 1))
         return '.'.join(ip)
 
-    def load_csr(self, path):
-        # ENHANCEMENT: generate csr dynamically
-        with open(path, 'r') as csr_file:
-            csr = csr_file.read()
-        return csr
+    def load_file(self, path):
+        with open(path, 'r') as file_d:
+            content = file_d.read()
+        return content
 
 
 @pytest.mark.tier1
@@ -133,49 +132,149 @@ class test_host(host_tasks):
             self.skip('CSR file is not configured')
 
         self.init_app()
-        csr = self.load_csr(csr_path)
-        panel = 'cert_actions'
+        # ENHANCEMENT: generate csr dynamically
+        csr = self.load_file(csr_path)
         realm = self.config.get('ipa_realm')
+        cert_widget_sel = "div.certificate-widget"
 
         self.add_record(ENTITY, self.data)
         self.navigate_to_record(self.pkey)
 
-        self.assert_visible("div[name='certificate-missing']")
-
         # cert request
         self.action_list_action('request_cert', confirm=False)
-        self.fill_text('textarea.certificate', csr)
+        self.assert_dialog()
+        self.fill_text("textarea[name='csr']", csr)
         self.dialog_button_click('issue')
-        self.wait_for_request(n=2, d=0.5)
-        self.assert_visible("div[name='certificate-valid']")
+        self.wait_for_request(n=2, d=3)
+        self.assert_visible(cert_widget_sel)
 
         # cert view
-        self.action_list_action('view_cert', confirm=False)
-        self.wait()
-        self.assert_text("tbody tr:nth-child(2) td:nth-child(2)", self.pkey)
-        self.assert_text("tbody tr:nth-child(3) td:nth-child(2)", realm)
+        self.action_list_action('view', confirm=False,
+                                parents_css_sel=cert_widget_sel)
+        self.assert_dialog()
         self.dialog_button_click('close')
 
         # cert get
-        self.action_list_action('get_cert', confirm=False)
-        self.wait()
-        # We don't know the cert text, so at least open and close the dialog
+        self.action_list_action('get', confirm=False,
+                                parents_css_sel=cert_widget_sel)
+        self.assert_dialog()
+        # check that the textarea is not empty
+        self.assert_empty_value('textarea.certificate', negative=True)
         self.dialog_button_click('close')
 
+        # cert download - we can only try to click the download action
+        self.action_list_action('download', confirm=False,
+                                parents_css_sel=cert_widget_sel)
+
+        # check that revoke action is enabled
+        self.assert_action_list_action('revoke',
+                                       parents_css_sel=cert_widget_sel,
+                                       facet_actions=False)
+
+        # check that remove_hold action is not enabled
+        self.assert_action_list_action('remove_hold', enabled=False,
+                                       parents_css_sel=cert_widget_sel,
+                                       facet_actions=False)
+
         # cert revoke
-        self.action_list_action('revoke_cert', confirm=False)
+        self.action_list_action('revoke', confirm=False,
+                                parents_css_sel=cert_widget_sel)
         self.wait()
         self.select('select', '6')
         self.dialog_button_click('ok')
-        self.wait_for_request(n=2)
-        self.assert_visible("div[name='certificate-revoked']")
+        self.wait_for_request(n=2, d=3)
+        self.assert_visible(cert_widget_sel + " div.watermark")
 
-        # cert restore
-        self.action_list_action('restore_cert', confirm=False)
+        # check that revoke action is not enabled
+        self.assert_action_list_action('revoke', enabled=False,
+                                       parents_css_sel=cert_widget_sel,
+                                       facet_actions=False)
+
+        # check that remove_hold action is enabled
+        self.assert_action_list_action('remove_hold',
+                                       parents_css_sel=cert_widget_sel,
+                                       facet_actions=False)
+
+        # cert remove hold
+        self.action_list_action('remove_hold', confirm=False,
+                                parents_css_sel=cert_widget_sel)
         self.wait()
         self.dialog_button_click('ok')
         self.wait_for_request(n=2)
-        self.assert_visible("div[name='certificate-valid']")
+
+        # check that revoke action is enabled
+        self.assert_action_list_action('revoke',
+                                       parents_css_sel=cert_widget_sel,
+                                       facet_actions=False)
+
+        # check that remove_hold action is not enabled
+        self.assert_action_list_action('remove_hold', enabled=False,
+                                       parents_css_sel=cert_widget_sel,
+                                       facet_actions=False)
+
+        # cleanup
+        self.navigate_to_entity(ENTITY, 'search')
+        self.delete_record(self.pkey, self.data.get('del'))
+
+    @screenshot
+    def test_arbitrary_certificates(self):
+        """
+        Test managing host arbitrary certificate.
+
+        Requires to have 'arbitrary_cert_path' configuration set.
+        """
+        cert_path = self.config.get('arbitrary_cert_path')
+        if not cert_path:
+            self.skip('Arbitrary certificate file is not configured')
+
+        self.init_app()
+        cert = self.load_file(cert_path)
+        realm = self.config.get('ipa_realm')
+        self.add_record(ENTITY, self.data)
+
+        self.navigate_to_record(self.pkey)
+
+        # check whether certificate section is present
+        self.assert_visible("div[name='certificate']")
+
+        # add certificate
+        self.button_click('add', parents_css_sel="div[name='certificate']")
+        self.assert_dialog()
+        self.fill_textarea('new_cert', cert)
+        self.dialog_button_click('add')
+
+        self.assert_visible("div.certificate-widget")
+
+        # cert view
+        self.action_list_action('view', confirm=False,
+                                parents_css_sel="div.certificate-widget")
+        self.assert_dialog()
+        self.dialog_button_click('close')
+
+        # cert get
+        self.action_list_action('get', confirm=False,
+                                parents_css_sel="div.certificate-widget")
+        self.assert_dialog()
+
+        # check that the textarea is not empty
+        self.assert_empty_value('textarea.certificate', negative=True)
+        self.dialog_button_click('close')
+
+        # cert download - we can only try to click the download action
+        self.action_list_action('download', confirm=False,
+                                parents_css_sel="div.certificate-widget")
+
+        # check that revoke action is not enabled
+        self.assert_action_list_action(
+            'revoke', enabled=False,
+            parents_css_sel="div.certificate-widget",
+            facet_actions=False)
+
+        # check that remove_hold action is not enabled
+        self.assert_action_list_action(
+            'remove_hold', enabled=False,
+            parents_css_sel="div.certificate-widget",
+            facet_actions=False)
 
         # cleanup
         self.navigate_to_entity(ENTITY, 'search')
@@ -195,11 +294,6 @@ class test_host(host_tasks):
         self.navigate_to_record(self.pkey)
 
         self.assert_action_list_action('request_cert', visible=False)
-        self.assert_action_list_action('revoke_cert', visible=False)
-        self.assert_action_list_action('restore_cert', visible=False)
-
-        self.assert_action_list_action('view_cert', enabled=False)
-        self.assert_action_list_action('get_cert', enabled=False)
 
         self.navigate_by_breadcrumb('Hosts')
         self.delete_record(self.pkey, self.data.get('del'))