From e58ca6a4ab40d876efd1c4bcec888e58c5fc738a Mon Sep 17 00:00:00 2001 From: Serhii Tsymbaliuk Date: Apr 30 2020 18:26:13 +0000 Subject: WebUI tests: cover membership management with UI tests Test cases: - admin can add member manager for user/host group - admin can add member manager group to user/host group - member manager can add user to group - member manager can remove user from group - member manager can add host to host group - member manager can remove host from host group Ticket: https://pagure.io/freeipa/issue/8298 Signed-off-by: Serhii Tsymbaliuk Reviewed-By: Michal Polovka --- diff --git a/ipatests/test_webui/data_user.py b/ipatests/test_webui/data_user.py index 67425f0..9c32df0 100644 --- a/ipatests/test_webui/data_user.py +++ b/ipatests/test_webui/data_user.py @@ -208,6 +208,19 @@ DATA_NO_LOGIN = { ] } +PKEY_MEMBER_MANAGER = 'member-manager' +PASSWD_MEMBER_MANAGER = 'Password123' +DATA_MEMBER_MANAGER = { + 'pkey': PKEY_MEMBER_MANAGER, + 'add': [ + ('textbox', 'uid', PKEY_MEMBER_MANAGER), + ('textbox', 'givenname', 'Name'), + ('textbox', 'sn', 'Surname'), + ('password', 'userpassword', PASSWD_MEMBER_MANAGER), + ('password', 'userpassword2', PASSWD_MEMBER_MANAGER), + ], +} + SSH_RSA = ( 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBVmLXpTDhrYkABOPlADFk' 'GV8/QfgQqUQ0xn29hk18t/NTEQOW/Daq4EF84e9aTiopRXIk7jahBLzwWTZI' diff --git a/ipatests/test_webui/test_group.py b/ipatests/test_webui/test_group.py index fc1a3a2..f0b5046 100644 --- a/ipatests/test_webui/test_group.py +++ b/ipatests/test_webui/test_group.py @@ -356,3 +356,63 @@ class test_group(UI_driver): self.delete(rbac.ROLE_ENTITY, [rbac.ROLE_DATA]) self.delete(hbac.RULE_ENTITY, [hbac.RULE_DATA]) self.delete(sudo.RULE_ENTITY, [sudo.RULE_DATA]) + + @screenshot + def test_member_manager_user(self): + """ + Test member manager user has permissions to add and remove group + members + """ + self.init_app() + + self.add_record(user.ENTITY, [user.DATA_MEMBER_MANAGER, user.DATA]) + self.add_record(group.ENTITY, group.DATA2) + + self.navigate_to_record(group.PKEY2) + self.add_associations([user.PKEY_MEMBER_MANAGER], + facet='membermanager_user') + + # try to add user to group with member manager permissions + self.logout() + self.login(user.PKEY_MEMBER_MANAGER, user.PASSWD_MEMBER_MANAGER) + + self.navigate_to_record(group.PKEY2, entity=group.ENTITY) + self.add_associations([user.PKEY], delete=True) + + # re-login as admin and clean up data + self.logout() + self.init_app() + + self.delete(user.ENTITY, [user.DATA_MEMBER_MANAGER, user.DATA]) + self.delete(group.ENTITY, [group.DATA2]) + + @screenshot + def test_member_manager_group(self): + """ + Test member managers group has permissions to add and remove group + members + """ + self.init_app() + + self.add_record(user.ENTITY, [user.DATA_MEMBER_MANAGER, user.DATA]) + self.add_record(group.ENTITY, [group.DATA2, group.DATA3]) + + self.navigate_to_record(group.PKEY2) + self.add_associations([user.PKEY_MEMBER_MANAGER], facet='member_user') + + self.navigate_to_record(group.PKEY3, entity=group.ENTITY) + self.add_associations([group.PKEY2], facet='membermanager_group') + + # try to add host to group with member manager permissions + self.logout() + self.login(user.PKEY_MEMBER_MANAGER, user.PASSWD_MEMBER_MANAGER) + + self.navigate_to_record(group.PKEY3, entity=group.ENTITY) + self.add_associations([user.PKEY], delete=True) + + # re-login as admin and clean up data + self.logout() + self.init_app() + + self.delete(user.ENTITY, [user.DATA_MEMBER_MANAGER, user.DATA]) + self.delete(group.ENTITY, [group.DATA2, group.DATA3]) diff --git a/ipatests/test_webui/test_hostgroup.py b/ipatests/test_webui/test_hostgroup.py index 3899e13..354b75f 100644 --- a/ipatests/test_webui/test_hostgroup.py +++ b/ipatests/test_webui/test_hostgroup.py @@ -23,11 +23,13 @@ Hostgroup tests from ipatests.test_webui.ui_driver import UI_driver from ipatests.test_webui.ui_driver import screenshot +import ipatests.test_webui.data_group as group import ipatests.test_webui.data_hostgroup as hostgroup from ipatests.test_webui.test_host import host_tasks, ENTITY as HOST_ENTITY import ipatests.test_webui.data_netgroup as netgroup import ipatests.test_webui.data_hbac as hbac import ipatests.test_webui.data_sudo as sudo +import ipatests.test_webui.data_user as user import pytest @@ -161,6 +163,83 @@ class test_hostgroup(UI_driver): self.delete(hbac.RULE_ENTITY, [hbac.RULE_DATA]) self.delete(sudo.RULE_ENTITY, [sudo.RULE_DATA]) + @screenshot + def test_member_manager_user(self): + """ + Test member manager user has permissions to add and remove host group + members + """ + self.init_app() + host = host_tasks() + host.driver = self.driver + host.config = self.config + host.prep_data2() + + self.add_record(user.ENTITY, [user.DATA_MEMBER_MANAGER]) + + self.add_record(HOST_ENTITY, host.data2) + self.add_record(hostgroup.ENTITY, hostgroup.DATA) + + self.navigate_to_record(hostgroup.PKEY) + self.add_associations([user.PKEY_MEMBER_MANAGER], + facet='membermanager_user') + + # try to add host to group with member manager permissions + self.logout() + self.login(user.PKEY_MEMBER_MANAGER, user.PASSWD_MEMBER_MANAGER) + + self.navigate_to_record(hostgroup.PKEY, entity=hostgroup.ENTITY) + self.add_associations([host.pkey2], delete=True) + + # re-login as admin and clean up data + self.logout() + self.init_app() + + self.delete(HOST_ENTITY, [host.data2]) + self.delete(user.ENTITY, [user.DATA_MEMBER_MANAGER]) + self.delete(hostgroup.ENTITY, [hostgroup.DATA]) + + @screenshot + def test_member_manager_group(self): + """ + Test member managers group has permissions to add and remove host group + members + """ + self.init_app() + host = host_tasks() + host.driver = self.driver + host.config = self.config + host.prep_data2() + + self.add_record(user.ENTITY, user.DATA_MEMBER_MANAGER) + self.add_record(group.ENTITY, [group.DATA2]) + + self.navigate_to_record(group.PKEY2) + self.add_associations([user.PKEY_MEMBER_MANAGER], facet='member_user') + + self.add_record(HOST_ENTITY, host.data2) + self.add_record(hostgroup.ENTITY, hostgroup.DATA) + + self.navigate_to_record(hostgroup.PKEY) + self.add_associations([group.PKEY2], facet='membermanager_group') + + # try to add host to group with member manager permissions + self.logout() + self.login(user.PKEY_MEMBER_MANAGER, user.PASSWD_MEMBER_MANAGER) + + self.navigate_to_record(hostgroup.PKEY, entity=hostgroup.ENTITY) + self.add_associations([host.pkey2], delete=True) + + # re-login as admin and clean up data + self.logout() + self.init_app() + + self.delete(HOST_ENTITY, [host.data2]) + self.delete(user.ENTITY, [user.DATA_MEMBER_MANAGER]) + self.delete(group.ENTITY, [group.DATA2]) + self.delete(hostgroup.ENTITY, [hostgroup.DATA]) + + @screenshot def test_names_and_button(self): """ Hostgroup names and buttons