xmlrpc tests: add a test for cert-remove-hold

Add tests for the ipa cert-remove-hold command. Scenario 1: add host entry, request cert, revoke cert with "hold" reason, remove hold Scenario 2: call ipa cert-move-hold with a non-existent cert ID and ensure that the exception mentions 'Certificate ID .. not found' Related: https://pagure.io/freeipa/issue/8704 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2025-01-26 16:16:31 -06:00 · 2021-02-12 10:39:14 +01:00 · 2021-02-12 10:39:14 +01:00 · 4672d61cee
commit 4672d61cee
parent ec6698f08a
1 changed files with 38 additions and 0 deletions
--- a/ipatests/test_xmlrpc/test_cert_plugin.py
+++ b/ipatests/test_xmlrpc/test_cert_plugin.py
@ -504,3 +504,41 @@ class test_cert_revocation(BaseCert):

    def test_revoke_with_reason_10(self):
        self.revoke_cert(10)
+
+
+@pytest.mark.tier1
+class test_cert_remove_hold(BaseCert):
+
+    # create CSR, request cert, revoke cert, remove hold
+    def test_revoke_and_remove_hold(self):
+        # add host
+        assert 'result' in api.Command['host_add'](self.host_fqdn, force=True)
+
+        # generate CSR, request certificate, obtain serial number
+        self.csr = self.generateCSR(str(self.subject))
+        res = api.Command['cert_request'](self.csr,
+                                          principal=self.service_princ,
+                                          add=True, all=True)['result']
+        serial_number = res['serial_number']
+
+        # revoke created certificate
+        assert 'result' in api.Command['cert_revoke'](
+            serial_number, revocation_reason=6)
+
+        # verify that certificate is revoked with correct reason
+        res2 = api.Command['cert_show'](serial_number, all=True)['result']
+        assert res2['revoked']
+        assert res2['revocation_reason'] == 6
+
+        # remove hold
+        res3 = api.Command['cert_remove_hold'](serial_number)['result']
+        assert res3['unrevoked']
+
+        # remove host
+        assert 'result' in api.Command['host_del'](self.host_fqdn)
+
+    def test_remove_hold_nonexistent_cert(self):
+        # remove hold must print 'Certificate ID xx not found'
+        with pytest.raises(errors.CertificateOperationError,
+                           match=r'Certificate ID 0x.* not found'):
+            api.Command['cert_remove_hold'](9999)