Skip to content

Commit

Permalink
[6.12.z] fixes in api role helper functions (#13868)
Browse files Browse the repository at this point in the history
  • Loading branch information
Satellite-QE authored Mar 19, 2024
1 parent 3b3bcfe commit 6fff88a
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 40 deletions.
69 changes: 37 additions & 32 deletions tests/foreman/api/test_role.py
Original file line number Diff line number Diff line change
Expand Up @@ -576,12 +576,12 @@ def test_negative_access_entities_from_org_admin(
target_sat, role_taxos=role_taxonomies, user_taxos=filter_taxonomies
)
domain = self.create_domain(
orgs=[role_taxonomies['org'].id], locs=[role_taxonomies['loc'].id]
target_sat, orgs=[role_taxonomies['org'].id], locs=[role_taxonomies['loc'].id]
)
sc = self.user_config(user, target_sat)
# Getting the domain from user
with pytest.raises(HTTPError):
target_sat.api.Domain(sc, id=domain.id).read()
target_sat.api.Domain(server_config=sc, id=domain.id).read()

@pytest.mark.tier3
def test_negative_access_entities_from_user(
Expand All @@ -608,12 +608,12 @@ def test_negative_access_entities_from_user(
target_sat, role_taxos=role_taxonomies, user_taxos=filter_taxonomies
)
domain = self.create_domain(
orgs=[filter_taxonomies['org'].id], locs=[filter_taxonomies['loc'].id]
target_sat, orgs=[filter_taxonomies['org'].id], locs=[filter_taxonomies['loc'].id]
)
sc = self.user_config(user, target_sat)
# Getting the domain from user
with pytest.raises(HTTPError):
target_sat.api.Domain(sc, id=domain.id).read()
target_sat.api.Domain(server_config=sc, id=domain.id).read()

@pytest.mark.tier2
def test_positive_override_cloned_role_filter(self, role_taxonomies, target_sat):
Expand Down Expand Up @@ -1000,22 +1000,22 @@ def test_positive_user_group_users_access_as_org_admin(self, role_taxonomies, ta
auth=(login, password), url=target_sat.url, verify=settings.server.verify_ca
)
try:
target_sat.api.Domain(sc).search(
target_sat.api.Domain(server_config=sc).search(
query={
'organization-id': role_taxonomies['org'].id,
'location-id': role_taxonomies['loc'].id,
}
)
target_sat.api.Subnet(sc).search(
target_sat.api.Subnet(server_config=sc).search(
query={
'organization-id': role_taxonomies['org'].id,
'location-id': role_taxonomies['loc'].id,
}
)
except HTTPError as err:
pytest.fail(str(err))
assert domain.id in [dom.id for dom in target_sat.api.Domain(sc).search()]
assert subnet.id in [sub.id for sub in target_sat.api.Subnet(sc).search()]
assert domain.id in [dom.id for dom in target_sat.api.Domain(server_config=sc).search()]
assert subnet.id in [sub.id for sub in target_sat.api.Subnet(server_config=sc).search()]

@pytest.mark.tier3
def test_positive_user_group_users_access_contradict_as_org_admins(self):
Expand Down Expand Up @@ -1074,11 +1074,13 @@ def test_negative_assign_org_admin_to_user_group(
name=ug_name, role=[org_admin.id], user=[user_one.id, user_two.id]
).create()
assert user_group.name == ug_name
dom = self.create_domain(orgs=[role_taxonomies['org'].id], locs=[role_taxonomies['loc'].id])
dom = self.create_domain(
target_sat, orgs=[role_taxonomies['org'].id], locs=[role_taxonomies['loc'].id]
)
for user in [user_one, user_two]:
sc = self.user_config(user, target_sat)
with pytest.raises(HTTPError):
target_sat.api.Domain(sc, id=dom.id).read()
target_sat.api.Domain(server_config=sc, id=dom.id).read()

@pytest.mark.tier2
def test_negative_assign_taxonomies_by_org_admin(
Expand Down Expand Up @@ -1128,7 +1130,7 @@ def test_negative_assign_taxonomies_by_org_admin(
auth=(user_login, user_pass), url=target_sat.url, verify=settings.server.verify_ca
)
# Getting the domain from user1
dom = target_sat.api.Domain(sc, id=dom.id).read()
dom = target_sat.api.Domain(server_config=sc, id=dom.id).read()
dom.organization = [filter_taxonomies['org']]
with pytest.raises(HTTPError):
dom.update(['organization'])
Expand Down Expand Up @@ -1296,7 +1298,7 @@ def test_negative_create_roles_by_org_admin(self, role_taxonomies, target_sat):
role_name = gen_string('alpha')
with pytest.raises(HTTPError):
target_sat.api.Role(
sc,
server_config=sc,
name=role_name,
organization=[role_taxonomies['org']],
location=[role_taxonomies['loc']],
Expand All @@ -1323,7 +1325,7 @@ def test_negative_modify_roles_by_org_admin(self, role_taxonomies, target_sat):
)
test_role = target_sat.api.Role().create()
sc = self.user_config(user, target_sat)
test_role = target_sat.api.Role(sc, id=test_role.id).read()
test_role = target_sat.api.Role(server_config=sc, id=test_role.id).read()
test_role.organization = [role_taxonomies['org']]
test_role.location = [role_taxonomies['loc']]
with pytest.raises(HTTPError):
Expand Down Expand Up @@ -1362,7 +1364,7 @@ def test_negative_admin_permissions_to_org_admin(self, role_taxonomies, target_s
auth=(user_login, user_pass), url=target_sat.url, verify=settings.server.verify_ca
)
with pytest.raises(HTTPError):
target_sat.api.User(sc, id=1).read()
target_sat.api.User(server_config=sc, id=1).read()

@pytest.mark.tier2
@pytest.mark.upgrade
Expand Down Expand Up @@ -1410,7 +1412,7 @@ def test_positive_create_user_by_org_admin(self, role_taxonomies, target_sat):
user_login = gen_string('alpha')
user_pass = gen_string('alphanumeric')
user = target_sat.api.User(
sc_user,
server_config=sc_user,
login=user_login,
password=user_pass,
role=[org_admin.id],
Expand Down Expand Up @@ -1447,10 +1449,10 @@ def test_positive_access_users_inside_org_admin_taxonomies(self, role_taxonomies
user = self.create_org_admin_user(
target_sat, role_taxos=role_taxonomies, user_taxos=role_taxonomies
)
test_user = self.create_simple_user(filter_taxos=role_taxonomies)
test_user = self.create_simple_user(target_sat, filter_taxos=role_taxonomies)
sc = self.user_config(user, target_sat)
try:
target_sat.api.User(sc, id=test_user.id).read()
target_sat.api.User(server_config=sc, id=test_user.id).read()
except HTTPError as err:
pytest.fail(str(err))

Expand Down Expand Up @@ -1491,7 +1493,9 @@ def test_positive_create_nested_location(self, role_taxonomies, target_sat):
auth=(user_login, user_pass), url=target_sat.url, verify=settings.server.verify_ca
)
name = gen_string('alphanumeric')
location = target_sat.api.Location(sc, name=name, parent=role_taxonomies['loc'].id).create()
location = target_sat.api.Location(
server_config=sc, name=name, parent=role_taxonomies['loc'].id
).create()
assert location.name == name

@pytest.mark.tier2
Expand Down Expand Up @@ -1519,10 +1523,10 @@ def test_negative_access_users_outside_org_admin_taxonomies(
user = self.create_org_admin_user(
target_sat, role_taxos=role_taxonomies, user_taxos=role_taxonomies
)
test_user = self.create_simple_user(filter_taxos=filter_taxonomies)
test_user = self.create_simple_user(target_sat, filter_taxos=filter_taxonomies)
sc = self.user_config(user, target_sat)
with pytest.raises(HTTPError):
target_sat.api.User(sc, id=test_user.id).read()
target_sat.api.User(server_config=sc, id=test_user.id).read()

@pytest.mark.tier1
def test_negative_create_taxonomies_by_org_admin(self, role_taxonomies, target_sat):
Expand Down Expand Up @@ -1558,11 +1562,11 @@ def test_negative_create_taxonomies_by_org_admin(self, role_taxonomies, target_s
auth=(user_login, user_pass), url=target_sat.url, verify=settings.server.verify_ca
)
with pytest.raises(HTTPError):
target_sat.api.Organization(sc, name=gen_string('alpha')).create()
target_sat.api.Organization(server_config=sc, name=gen_string('alpha')).create()
if not is_open("BZ:1825698"):
try:
loc_name = gen_string('alpha')
loc = target_sat.api.Location(sc, name=loc_name).create()
loc = target_sat.api.Location(server_config=sc, name=loc_name).create()
except HTTPError as err:
pytest.fail(str(err))
assert loc_name == loc.name
Expand Down Expand Up @@ -1615,7 +1619,7 @@ def test_positive_access_all_global_entities_by_org_admin(
target_sat.api.Errata,
target_sat.api.OperatingSystem,
]:
entity(sc).search()
entity(server_config=sc).search()
except HTTPError as err:
pytest.fail(str(err))

Expand Down Expand Up @@ -1646,23 +1650,23 @@ def test_negative_access_entities_from_ldap_org_admin(
)
# Creating Domain resource in same taxonomies as Org Admin role to access later
domain = self.create_domain(
orgs=[role_taxonomies['org'].id], locs=[role_taxonomies['loc'].id]
target_sat, orgs=[role_taxonomies['org'].id], locs=[role_taxonomies['loc'].id]
)
sc = ServerConfig(
auth=(create_ldap['ldap_user_name'], create_ldap['ldap_user_passwd']),
url=create_ldap['sat_url'],
verify=settings.server.verify_ca,
)
with pytest.raises(HTTPError):
target_sat.api.Architecture(sc).search()
target_sat.api.Architecture(server_config=sc).search()
user = target_sat.api.User().search(
query={'search': f"login={create_ldap['ldap_user_name']}"}
)[0]
user.role = [target_sat.api.Role(id=org_admin.id).read()]
user.update(['role'])
# Trying to access the domain resource created in org admin role
with pytest.raises(HTTPError):
target_sat.api.Domain(sc, id=domain.id).read()
target_sat.api.Domain(server_config=sc, id=domain.id).read()

@pytest.mark.tier3
def test_negative_access_entities_from_ldap_user(
Expand Down Expand Up @@ -1690,22 +1694,22 @@ def test_negative_access_entities_from_ldap_user(
target_sat, orgs=[role_taxonomies['org'].id], locs=[role_taxonomies['loc'].id]
)
# Creating Domain resource in different taxonomies to access later
domain = self.create_domain(orgs=[module_org.id], locs=[module_location.id])
domain = self.create_domain(target_sat, orgs=[module_org.id], locs=[module_location.id])
sc = ServerConfig(
auth=(create_ldap['ldap_user_name'], create_ldap['ldap_user_passwd']),
url=create_ldap['sat_url'],
verify=settings.server.verify_ca,
)
with pytest.raises(HTTPError):
target_sat.api.Architecture(sc).search()
target_sat.api.Architecture(server_config=sc).search()
user = target_sat.api.User().search(
query={'search': f"login={create_ldap['ldap_user_name']}"}
)[0]
user.role = [target_sat.api.Role(id=org_admin.id).read()]
user.update(['role'])
# Trying to access the Domain resource
with pytest.raises(HTTPError):
target_sat.api.Domain(sc, id=domain.id).read()
target_sat.api.Domain(server_config=sc, id=domain.id).read()

@pytest.mark.tier3
def test_positive_assign_org_admin_to_ldap_user_group(
Expand Down Expand Up @@ -1739,6 +1743,7 @@ def test_positive_assign_org_admin_to_ldap_user_group(
)
# Creating Domain resource in same taxonomies as Org Admin role to access later
domain = self.create_domain(
target_sat,
orgs=[create_ldap['authsource'].organization[0].id],
locs=[create_ldap['authsource'].location[0].id],
)
Expand Down Expand Up @@ -1766,7 +1771,7 @@ def test_positive_assign_org_admin_to_ldap_user_group(
verify=settings.server.verify_ca,
)
# Accessing the Domain resource
target_sat.api.Domain(sc, id=domain.id).read()
target_sat.api.Domain(server_config=sc, id=domain.id).read()

@pytest.mark.tier3
def test_negative_assign_org_admin_to_ldap_user_group(
Expand Down Expand Up @@ -1798,7 +1803,7 @@ def test_negative_assign_org_admin_to_ldap_user_group(
)
# Creating Domain resource in same taxonomies as Org Admin role to access later
domain = self.create_domain(
orgs=[role_taxonomies['org'].id], locs=[role_taxonomies['loc'].id]
target_sat, orgs=[role_taxonomies['org'].id], locs=[role_taxonomies['loc'].id]
)
users = [
target_sat.api.User(
Expand All @@ -1825,7 +1830,7 @@ def test_negative_assign_org_admin_to_ldap_user_group(
)
# Trying to access the Domain resource
with pytest.raises(HTTPError):
target_sat.api.Domain(sc, id=domain.id).read()
target_sat.api.Domain(server_config=sc, id=domain.id).read()


class TestRoleSearchFilter:
Expand Down
20 changes: 12 additions & 8 deletions tests/foreman/api/test_user.py
Original file line number Diff line number Diff line change
Expand Up @@ -415,8 +415,12 @@ def test_positive_table_preferences(self, module_target_sat):
sc = ServerConfig(
auth=(user.login, password), url=module_target_sat.url, verify=settings.server.verify_ca
)
module_target_sat.api.TablePreferences(sc, user=user, name=name, columns=columns).create()
table_preferences = module_target_sat.api.TablePreferences(sc, user=user).search()
module_target_sat.api.TablePreferences(
server_config=sc, user=user, name=name, columns=columns
).create()
table_preferences = module_target_sat.api.TablePreferences(
server_config=sc, user=user
).search()
assert len(table_preferences) == 1
tp = table_preferences[0]
assert hasattr(tp, 'name')
Expand Down Expand Up @@ -724,7 +728,7 @@ def test_positive_ad_basic_no_roles(self, create_ldap, target_sat):
verify=settings.server.verify_ca,
)
with pytest.raises(HTTPError):
target_sat.api.Architecture(sc).search()
target_sat.api.Architecture(server_config=sc).search()

@pytest.mark.tier3
@pytest.mark.upgrade
Expand Down Expand Up @@ -764,7 +768,7 @@ def test_positive_access_entities_from_ldap_org_admin(self, create_ldap, module_
verify=settings.server.verify_ca,
)
with pytest.raises(HTTPError):
module_target_sat.api.Architecture(sc).search()
module_target_sat.api.Architecture(server_config=sc).search()
user = module_target_sat.api.User().search(
query={'search': 'login={}'.format(create_ldap['ldap_user_name'])}
)[0]
Expand All @@ -781,7 +785,7 @@ def test_positive_access_entities_from_ldap_org_admin(self, create_ldap, module_
module_target_sat.api.Errata,
module_target_sat.api.OperatingSystem,
]:
entity(sc).search()
entity(server_config=sc).search()


@pytest.mark.run_in_one_thread
Expand Down Expand Up @@ -845,7 +849,7 @@ def test_positive_ipa_basic_no_roles(self, create_ldap, target_sat):
verify=settings.server.verify_ca,
)
with pytest.raises(HTTPError):
target_sat.api.Architecture(sc).search()
target_sat.api.Architecture(server_config=sc).search()

@pytest.mark.tier3
@pytest.mark.upgrade
Expand Down Expand Up @@ -885,7 +889,7 @@ def test_positive_access_entities_from_ipa_org_admin(self, create_ldap, target_s
verify=settings.server.verify_ca,
)
with pytest.raises(HTTPError):
target_sat.api.Architecture(sc).search()
target_sat.api.Architecture(server_config=sc).search()
user = target_sat.api.User().search(
query={'search': 'login={}'.format(create_ldap['username'])}
)[0]
Expand All @@ -902,7 +906,7 @@ def test_positive_access_entities_from_ipa_org_admin(self, create_ldap, target_s
target_sat.api.Errata,
target_sat.api.OperatingSystem,
]:
entity(sc).search()
entity(server_config=sc).search()


class TestPersonalAccessToken:
Expand Down

0 comments on commit 6fff88a

Please sign in to comment.