IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

ipatests: Add test for grace login limit

Browse Source 
Test user and pwpolicy entity for grace login limit setting.

Related: https://pagure.io/freeipa/issue/9211

Signed-off-by: Erik Belko <ebelko@redhat.com>
Reviewed-By: Michal Polovka <mpolovka@redhat.com>
This commit is contained in:
Erik Belko 2022-09-07 11:20:37 +02:00 committed by Florence Blanc-Renaud
parent 0085757806
commit a2a3d45ed7
3 changed files with 104 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
ipatests/test_webui/data_pwpolicy.py
View File

@ -70,6 +70,7 @@ DATA_RESET = {
('textbox', 'krbpwdfailurecountinterval', '4'), ('textbox', 'krbpwdfailurecountinterval', '4'),
('textbox', 'krbpwdlockoutduration', '4200'), ('textbox', 'krbpwdlockoutduration', '4200'),
('textbox', 'cospriority', '38'), ('textbox', 'cospriority', '38'),
('textbox', 'passwordgracelimit', '42'),
], ],
} }
@ -90,3 +91,24 @@ DATA7 = {
('textbox', 'cospriority', '4'), ('textbox', 'cospriority', '4'),
], ],
} }
PKEY8 = group.PKEY
DATA8 = {
'pkey': PKEY8,
'add': [
('combobox', 'cn', PKEY8),
('textbox', 'cospriority', '364'),
],
'mod': [
('textbox', 'krbmaxpwdlife', '3000'),
('textbox', 'krbminpwdlife', '1'),
('textbox', 'krbpwdhistorylength', '0'),
('textbox', 'krbpwdmindiffchars', '2'),
('textbox', 'krbpwdminlength', '2'),
('textbox', 'krbpwdmaxfailure', '15'),
('textbox', 'krbpwdfailurecountinterval', '5'),
('textbox', 'krbpwdlockoutduration', '3600'),
('textbox', 'cospriority', '364'),
('textbox', 'passwordgracelimit', '42'),
],
}

40
ipatests/test_webui/test_pwpolicy.py
View File

@ -36,7 +36,7 @@ except ImportError:
FIELDS = ['krbmaxpwdlife', 'krbminpwdlife', 'krbpwdhistorylength', FIELDS = ['krbmaxpwdlife', 'krbminpwdlife', 'krbpwdhistorylength',
'krbpwdmindiffchars', 'krbpwdminlength', 'krbpwdmaxfailure', 'krbpwdmindiffchars', 'krbpwdminlength', 'krbpwdmaxfailure',
'krbpwdfailurecountinterval', 'krbpwdlockoutduration', 'krbpwdfailurecountinterval', 'krbpwdlockoutduration',
'cospriority'] 'cospriority', 'passwordgracelimit']
EXPECTED_ERR = "invalid 'group': cannot delete global password policy" EXPECTED_ERR = "invalid 'group': cannot delete global password policy"
EXPECTED_MSG = 'Password Policy successfully added' EXPECTED_MSG = 'Password Policy successfully added'
@ -143,15 +143,15 @@ class test_pwpolicy(UI_driver):
for field in FIELDS: for field in FIELDS:
# bigger than max value # bigger than max value
# verifying if field value is more then 20000 # verifying if field value is more than 20000
if field == 'krbmaxpwdlife': if field == 'krbmaxpwdlife':
self.check_expected_error(field, 'Maximum value is 20000', self.check_expected_error(field, 'Maximum value is 20000',
maximum_value) maximum_value)
# verifying if field value is more then 5 # verifying if field value is more than 5
elif field == 'krbpwdmindiffchars': elif field == 'krbpwdmindiffchars':
self.check_expected_error(field, 'Maximum value is 5', self.check_expected_error(field, 'Maximum value is 5',
maximum_value) maximum_value)
# verifying if field value is more then 2147483647 # verifying if field value is more than 2147483647
else: else:
self.check_expected_error(field, 'Maximum value is 2147483647', self.check_expected_error(field, 'Maximum value is 2147483647',
maximum_value) maximum_value)
@ -160,9 +160,13 @@ class test_pwpolicy(UI_driver):
self.check_expected_error(field, non_interger_expected_error, self.check_expected_error(field, non_interger_expected_error,
non_integer) non_integer)
# smaller than max value # smaller than min value
self.check_expected_error(field, minimum_value_expected_error, if field != 'passwordgracelimit':
self.check_expected_error(field, minimum_value_expected_error,
minimum_value) minimum_value)
else:
self.check_expected_error(field, 'Minimum value is -1',
'-2')
self.navigate_to_entity(pwpolicy.ENTITY) self.navigate_to_entity(pwpolicy.ENTITY)
self.delete_record(pwpolicy.group.PKEY) self.delete_record(pwpolicy.group.PKEY)
@ -268,3 +272,27 @@ class test_pwpolicy(UI_driver):
assert "History size (number of passwords)" in krbpwdhistorylen assert "History size (number of passwords)" in krbpwdhistorylen
assert "Failure reset interval (seconds)" in krbpwdfailurecountinterval assert "Failure reset interval (seconds)" in krbpwdfailurecountinterval
assert "Lockout duration (seconds)" in krbpwdlockoutduration assert "Lockout duration (seconds)" in krbpwdlockoutduration
@screenshot
def test_grace_login_limit(self):
"""
Verify existence of grace login limit field and its constraints
Related: https://pagure.io/freeipa/issue/9211
"""
self.init_app()
self.add_record(group.ENTITY, [group.DATA])
# add record DATA8 already with passwordgracelimit
self.add_record(pwpolicy.ENTITY, [pwpolicy.DATA8])
field = 'passwordgracelimit'
self.navigate_to_record(group.PKEY)
# fill with values from DATA8, passwordgracelimit has value 42
self.fill_fields(pwpolicy.DATA8['mod'])
current_value = self.get_field_value(field, element="input")
try:
assert current_value == '42'
finally:
# cleanup
self.delete(group.ENTITY, [group.DATA])
self.delete(pwpolicy.ENTITY, [pwpolicy.DATA8])

48
ipatests/test_webui/test_user.py
View File

@ -28,8 +28,10 @@ import ipatests.test_webui.data_user as user
import ipatests.test_webui.data_group as group import ipatests.test_webui.data_group as group
import ipatests.test_webui.data_netgroup as netgroup import ipatests.test_webui.data_netgroup as netgroup
import ipatests.test_webui.data_hbac as hbac import ipatests.test_webui.data_hbac as hbac
import ipatests.test_webui.data_pwpolicy as pwpolicy
import ipatests.test_webui.test_rbac as rbac import ipatests.test_webui.test_rbac as rbac
import ipatests.test_webui.data_sudo as sudo import ipatests.test_webui.data_sudo as sudo
import pytest import pytest
try: try:
@ -446,6 +448,52 @@ class test_user(user_tasks):
self.wait_for_request(n=3) self.wait_for_request(n=3)
self.assert_no_error_dialog() self.assert_no_error_dialog()
@screenshot
def test_grace_login_limit(self):
"""
Verify existence of grace login limit field and its
value based on pwpolicy value
Related: https://pagure.io/freeipa/issue/9211
"""
self.init_app()
self.add_record(group.ENTITY, [group.DATA])
# add record DATA8 already with passwordgracelimit
self.add_record(pwpolicy.ENTITY, [pwpolicy.DATA8])
self.navigate_to_record(group.PKEY)
# fill with values from DATA8, passwordgracelimit has value 42
self.fill_fields(pwpolicy.DATA8['mod'])
try:
# click save if needed
self.button_click('save')
except AssertionError:
# autosave active
pass
# add record itest-user
self.add_record(user.ENTITY, user.DATA)
# add itest-user to itest-group
self.navigate_to_entity(group.ENTITY)
self.navigate_to_record(group.PKEY)
self.add_associations([user.PKEY])
self.navigate_to_record(user.PKEY, entity=user.ENTITY)
self.facet_button_click('refresh')
self.wait(2)
field = 'passwordgracelimit'
# password grace limit is currently on the 10th place
expected_value = pwpolicy.DATA8['mod'][9][2]
current_value = self.get_field_value(field, element="input")
try:
assert current_value == expected_value
finally:
# cleanup
self.delete(user.ENTITY, [user.DATA])
self.delete(group.ENTITY, [group.DATA])
self.delete(pwpolicy.ENTITY, [pwpolicy.DATA8])
@screenshot @screenshot
def test_login_without_username(self): def test_login_without_username(self):
""" """