freeipa/ipatests/test_webui/test_group.py
Carla Martinez 2874823c12
ipatests: test new columns in group details
Test for checking the new columns 'givenname', 'sn' and 'nsaccountlock'.

Signed-off-by: Carla Martinez <carlmart@redhat.com>
Reviewed-By: Michal Polovka <mpolovka@redhat.com>
Reviewed-By: Carla Martinez <carlmart@redhat.com>
2024-01-12 15:26:45 +01:00

456 lines
16 KiB
Python

# Authors:
# Petr Vobornik <pvoborni@redhat.com>
#
# Copyright (C) 2013 Red Hat
# see file 'COPYING' for use and warranty information
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
Group tests
"""
from ipatests.test_webui.ui_driver import UI_driver
from ipatests.test_webui.ui_driver import screenshot
import ipatests.test_webui.data_group as group
import ipatests.test_webui.data_user as user
import ipatests.test_webui.data_netgroup as netgroup
import ipatests.test_webui.data_hbac as hbac
import ipatests.test_webui.test_rbac as rbac
import ipatests.test_webui.data_sudo as sudo
import pytest
try:
from selenium.webdriver.common.keys import Keys
from selenium.webdriver.common.action_chains import ActionChains
from selenium.webdriver.common.by import By
except ImportError:
pass
@pytest.mark.tier1
class test_group(UI_driver):
@screenshot
def test_crud(self):
"""
Basic CRUD: group
"""
self.init_app()
self.basic_crud(group.ENTITY, group.DATA,
default_facet=group.DEFAULT_FACET)
@screenshot
def test_group_types(self):
"""
Test group types in adder dialog
"""
self.init_app()
pkey = 'itest-group'
data = {
'pkey': pkey,
'add': [
('callback', self.check_posix_enabled, True),
('textbox', 'cn', pkey),
('textarea', 'description', 'test-group desc'),
('radio', 'type', 'nonposix'),
('callback', self.check_posix_enabled, False),
('radio', 'type', 'posix'),
('callback', self.check_posix_enabled, True),
('radio', 'type', 'external'),
('callback', self.check_posix_enabled, False),
('radio', 'type', 'posix'),
('callback', self.check_posix_enabled, True),
],
}
self.add_record(group.ENTITY, data)
self.delete(group.ENTITY, [data], navigate=False)
def check_posix_enabled(self, enabled):
self.assert_disabled("[name=gidnumber]", negative=enabled)
@screenshot
def test_add_group_negative(self):
"""
Negative test for adding groups
"""
self.init_app()
self.empty_group_name()
self.invalid_group_name()
self.duplicate_group_name()
self.tailing_spaces_in_group_description()
self.leading_spaces_in_group_description()
def empty_group_name(self):
self.navigate_to_entity(group.ENTITY)
self.facet_button_click('add')
self.dialog_button_click('add')
elem = self.find(".widget[name='cn']")
self.assert_field_validation_required(elem)
self.dialog_button_click('cancel')
def invalid_group_name(self):
expected_error = 'may only include letters, numbers, _, -, . and $'
pkey = ';test-gr@up'
self.navigate_to_entity(group.ENTITY)
self.facet_button_click('add')
self.fill_input('cn', pkey)
elem = self.find(".widget[name='cn']")
self.assert_field_validation(expected_error, parent=elem)
self.dialog_button_click('cancel')
def duplicate_group_name(self):
pkey = 'editors'
expected_error = 'group with name "editors" already exists'
self.navigate_to_entity(group.ENTITY)
self.facet_button_click('add')
self.fill_input('cn', pkey)
self.cancel_retry_dialog(expected_error)
def tailing_spaces_in_group_description(self):
pkey = 'itest_group0'
desc = 'with_trailing_space '
expected_error = 'invalid \'desc\': Leading and trailing ' \
'spaces are not allowed'
self.navigate_to_entity(group.ENTITY)
self.facet_button_click('add')
self.fill_input('cn', pkey)
self.fill_textarea('description', desc)
self.cancel_retry_dialog(expected_error)
def leading_spaces_in_group_description(self):
pkey = 'itest_group0'
desc = ' with_leading_space'
expected_error = 'invalid \'desc\': Leading and trailing' \
' spaces are not allowed'
self.navigate_to_entity(group.ENTITY)
self.facet_button_click('add')
self.fill_input('cn', pkey)
self.fill_textarea('description', desc)
self.cancel_retry_dialog(expected_error)
def cancel_retry_dialog(self, expected_error):
self.dialog_button_click('add')
dialog = self.get_last_error_dialog()
assert (expected_error in dialog.text)
self.wait_for_request()
# Key press for Retry
actions = ActionChains(self.driver)
actions.send_keys(Keys.ENTER).perform()
self.wait_for_request(n=2)
self.dialog_button_click('cancel')
self.wait_for_request(n=2)
self.dialog_button_click('cancel')
@screenshot
def test_add_multiple_group(self):
"""
Use 'add and add another' button to create multiple groups at one shot
"""
self.init_app()
# adding a POSIX and a Non-POSIX group
self.add_record(group.ENTITY, [group.DATA, group.DATA2])
# adding Two Non-POSIX groups
self.add_record(group.ENTITY, [group.DATA9, group.DATA10])
# adding Two POSIX groups
self.add_record(group.ENTITY, [group.DATA5, group.DATA6])
# delete multiple records
records = [group.DATA, group.DATA2, group.DATA5, group.DATA6,
group.DATA9, group.DATA10]
self.select_multiple_records(records)
self.facet_button_click('remove')
self.dialog_button_click('ok')
@screenshot
def test_add_and_edit_group(self):
"""
1. add and switch to edit mode
2. add and cancel
"""
self.init_app()
# add and edit record
self.add_record(group.ENTITY, group.DATA, dialog_btn='add_and_edit')
self.switch_to_facet('details')
self.delete_action()
# add then cancel
self.add_record(group.ENTITY, group.DATA, dialog_btn='cancel')
@screenshot
def test_actions(self):
"""
Test group actions
"""
self.init_app()
self.add_record(group.ENTITY, group.DATA)
self.navigate_to_record(group.PKEY)
self.switch_to_facet('details')
self.make_posix_action()
self.delete_action()
self.add_record(group.ENTITY, group.DATA, navigate=False)
self.navigate_to_record(group.PKEY)
self.switch_to_facet('details')
self.facet_button_click('refresh') # workaround for BUG: #3702
self.make_external_action()
self.delete_action()
def make_external_action(self):
self.action_list_action('make_external')
self.wait_for_request(n=2)
self.assert_no_error_dialog()
self.assert_text_field('external', 'External', element='span')
def make_posix_action(self):
self.action_list_action('make_posix')
self.wait_for_request(n=2)
self.assert_no_error_dialog()
self.assert_text_field('external', 'POSIX', element='span')
def delete_action(self, entity=group.ENTITY, pkey=group.PKEY):
self.action_list_action('delete')
self.wait_for_request(n=4)
self.assert_no_error_dialog()
self.assert_facet(entity, 'search')
self.assert_record(pkey, negative=True)
@screenshot
def test_associations(self):
"""
Test group associations
"""
self.init_app()
# prepare
# -------
self.add_record(group.ENTITY, [group.DATA, group.DATA2, group.DATA3])
self.add_record(user.ENTITY, [user.DATA, user.DATA2])
self.add_record(netgroup.ENTITY, [netgroup.DATA, netgroup.DATA2])
self.add_record(rbac.ROLE_ENTITY, rbac.ROLE_DATA)
self.add_record(hbac.RULE_ENTITY, hbac.RULE_DATA)
self.add_record(sudo.RULE_ENTITY, sudo.RULE_DATA)
# add & remove associations
# -------------------------
self.navigate_to_record(group.PKEY, entity=group.ENTITY)
# "members" add with multiple select
self.add_associations([group.PKEY2, group.PKEY3], facet='member_group',
delete=True)
self.add_associations([user.PKEY, user.PKEY2], facet='member_user',
delete=True)
# TODO: external
# "member of": add with search
self.add_associations([group.PKEY3, group.PKEY2],
facet='memberof_group', delete=True, search=True)
self.add_associations([netgroup.PKEY, netgroup.PKEY2],
facet='memberof_netgroup',
delete=True, search=True)
self.add_associations([rbac.ROLE_PKEY], facet='memberof_role',
delete=True)
self.add_associations([hbac.RULE_PKEY], facet='memberof_hbacrule',
delete=True)
self.navigate_to_record(group.PKEY, entity=group.ENTITY)
self.add_associations([sudo.RULE_PKEY], facet='memberof_sudorule',
delete=True, search=True)
# cleanup
# -------
self.delete(group.ENTITY, [group.DATA, group.DATA2, group.DATA3])
self.delete(user.ENTITY, [user.DATA, user.DATA2])
self.delete(netgroup.ENTITY, [netgroup.DATA, netgroup.DATA2])
self.delete(rbac.ROLE_ENTITY, [rbac.ROLE_DATA])
self.delete(hbac.RULE_ENTITY, [hbac.RULE_DATA])
self.delete(sudo.RULE_ENTITY, [sudo.RULE_DATA])
@screenshot
def test_indirect_associations(self):
"""
Group indirect associations
"""
self.init_app()
# add
# ---
self.add_record(group.ENTITY, [group.DATA, group.DATA2, group.DATA3,
group.DATA4, group.DATA5])
self.add_record(user.ENTITY, user.DATA)
# prepare indirect member
self.navigate_to_entity(group.ENTITY, 'search')
self.navigate_to_record(group.PKEY2)
self.add_associations([user.PKEY])
self.add_associations([group.PKEY3], 'member_group')
self.navigate_to_entity(group.ENTITY, 'search')
self.navigate_to_record(group.PKEY)
self.add_associations([group.PKEY2], 'member_group')
# prepare indirect memberof
self.navigate_to_entity(group.ENTITY, 'search')
self.navigate_to_record(group.PKEY4)
self.add_associations([group.PKEY], 'member_group')
self.add_associations([group.PKEY5], 'memberof_group')
self.add_record(netgroup.ENTITY, netgroup.DATA)
self.navigate_to_record(netgroup.PKEY)
self.add_table_associations('memberuser_group', [group.PKEY4])
self.add_record(rbac.ROLE_ENTITY, rbac.ROLE_DATA)
self.navigate_to_record(rbac.ROLE_PKEY)
self.add_associations([group.PKEY4], facet='member_group')
self.add_record(hbac.RULE_ENTITY, hbac.RULE_DATA)
self.navigate_to_record(hbac.RULE_PKEY)
self.add_table_associations('memberuser_group', [group.PKEY4])
self.add_record(sudo.RULE_ENTITY, sudo.RULE_DATA)
self.navigate_to_record(sudo.RULE_PKEY)
self.add_table_associations('memberuser_group', [group.PKEY4])
# check indirect associations
# ---------------------------
self.navigate_to_entity(group.ENTITY, 'search')
self.navigate_to_record(group.PKEY)
self.assert_indirect_record(user.PKEY, group.ENTITY, 'member_user')
self.assert_indirect_record(group.PKEY3, group.ENTITY, 'member_group')
self.assert_indirect_record(group.PKEY5, group.ENTITY,
'memberof_group')
self.assert_indirect_record(netgroup.PKEY, group.ENTITY,
'memberof_netgroup')
self.assert_indirect_record(rbac.ROLE_PKEY, group.ENTITY,
'memberof_role')
self.assert_indirect_record(hbac.RULE_PKEY, group.ENTITY,
'memberof_hbacrule')
self.assert_indirect_record(sudo.RULE_PKEY, group.ENTITY,
'memberof_sudorule')
# cleanup
# -------
self.delete(group.ENTITY, [group.DATA, group.DATA2, group.DATA3,
group.DATA4, group.DATA5])
self.delete(user.ENTITY, [user.DATA])
self.delete(netgroup.ENTITY, [netgroup.DATA])
self.delete(rbac.ROLE_ENTITY, [rbac.ROLE_DATA])
self.delete(hbac.RULE_ENTITY, [hbac.RULE_DATA])
self.delete(sudo.RULE_ENTITY, [sudo.RULE_DATA])
@screenshot
def test_member_manager_user(self):
"""
Test member manager user has permissions to add and remove group
members
"""
self.init_app()
self.add_record(user.ENTITY, [user.DATA_MEMBER_MANAGER, user.DATA])
self.add_record(group.ENTITY, group.DATA2)
self.navigate_to_record(group.PKEY2)
self.add_associations([user.PKEY_MEMBER_MANAGER],
facet='membermanager_user')
# try to add user to group with member manager permissions
self.logout()
self.login(user.PKEY_MEMBER_MANAGER, user.PASSWD_MEMBER_MANAGER)
self.navigate_to_record(group.PKEY2, entity=group.ENTITY)
self.add_associations([user.PKEY], delete=True)
# re-login as admin and clean up data
self.logout()
self.init_app()
self.delete(user.ENTITY, [user.DATA_MEMBER_MANAGER, user.DATA])
self.delete(group.ENTITY, [group.DATA2])
@screenshot
def test_member_manager_group(self):
"""
Test member managers group has permissions to add and remove group
members
"""
self.init_app()
self.add_record(user.ENTITY, [user.DATA_MEMBER_MANAGER, user.DATA])
self.add_record(group.ENTITY, [group.DATA2, group.DATA3])
self.navigate_to_record(group.PKEY2)
self.add_associations([user.PKEY_MEMBER_MANAGER], facet='member_user')
self.navigate_to_record(group.PKEY3, entity=group.ENTITY)
self.add_associations([group.PKEY2], facet='membermanager_group')
# try to add host to group with member manager permissions
self.logout()
self.login(user.PKEY_MEMBER_MANAGER, user.PASSWD_MEMBER_MANAGER)
self.navigate_to_record(group.PKEY3, entity=group.ENTITY)
self.add_associations([user.PKEY], delete=True)
# re-login as admin and clean up data
self.logout()
self.init_app()
self.delete(user.ENTITY, [user.DATA_MEMBER_MANAGER, user.DATA])
self.delete(group.ENTITY, [group.DATA2, group.DATA3])
@screenshot
def test_settings_new_columns(self):
'''
Related: https://pagure.io/freeipa/issue/9390
Test that the new columns 'givenname', 'sn' and 'nsaccountlock'
are visible when creating new user groups and inspecting its
'settings' section.
'''
self.init_app()
# Create new user (disabled)
self.add_record(user.ENTITY, user.DATA)
self.navigate_to_record(user.PKEY)
self.disable_action()
# Create a new user (enabled)
self.add_record(user.ENTITY, user.DATA2)
# Create an empty group
self.add_record(group.ENTITY, [group.DATA2])
# Add created users to the group
self.navigate_to_record(group.PKEY2)
self.add_associations([user.PKEY, user.PKEY2], facet='member_user')
# Check if new columns are in the group 'settings' section
self.find('givenname', by=By.NAME, strict=True)
self.find('sn', by=By.NAME, strict=True)
self.find('nsaccountlock', by=By.NAME, strict=True)
# Assert that 'Status' value correspond with the already-created users
# - Disabled user
assert "Disabled" == self.get_record_value(user.PKEY, 'nsaccountlock')
# - Enabled user
assert "Enabled" == self.get_record_value(user.PKEY2, 'nsaccountlock')