diff options
| author | Abhishek Koneru <akoneru@redhat.com> | 2013-11-06 15:38:53 -0500 |
|---|---|---|
| committer | Abhishek Koneru <akoneru@redhat.com> | 2013-11-10 15:15:28 -0500 |
| commit | bb20c9ffb38baae7ae89f16737e37569af445bdc (patch) | |
| tree | 87bdaea1a517abccf7a916950996931c342ebd1e | |
| parent | f74c644b09dd1e18289c4a543a211c3ff8cd02d9 (diff) | |
Add the QE tests to upstream git.
Opensource all the QE tests to upstream git so that the tests can be run
by setting up a local beaker server.
Ticket #657,722,723,724
57 files changed, 10465 insertions, 0 deletions
diff --git a/tests/dogtag/Makefile b/tests/dogtag/Makefile new file mode 100755 index 000000000..e9e5a1466 --- /dev/null +++ b/tests/dogtag/Makefile @@ -0,0 +1,99 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/rhcs/PKI_TEST_USER_ID +# Description: Basic install test for rhcs +# Author: Laxmi Sunkara <lsunkara@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + +export TEST=/CoreOS/rhcs/PKI_TEST_USER_ID +export TESTVERSION=1.0.8_RPM_IDENTIFIER + +BUILT_FILE= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE shared acceptance dev_java_tests + +.PHONY: all install download clean + +run: $(FILES) build + rm -rf /opt/rhqa_pki + mkdir /opt/rhqa_pki + rm -f /opt/rhqa_pki/env.sh + cp ./shared/env.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/rhcs-shared.sh + cp ./shared/rhcs-shared.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/rhcs-install-shared.sh + cp ./shared/rhcs-install-shared.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/pki-user-cli-lib.sh + cp ./shared/pki-user-cli-lib.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/set-root-pw.exp + cp ./shared/set-root-pw.exp /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/pki-cert-cli-lib.sh + cp ./shared/pki-cert-cli-lib.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/dummycert1.pem + cp ./shared/dummycert1.pem /opt/rhqa_pki/. + chmod 755 /opt/rhqa_pki/*.sh + ./runtest.sh + +build: $(BUILT_FILES) + #shared + chmod 755 ./shared/rhcs-shared.sh + chmod 755 ./shared/rhcs-install-shared.sh + chmod 755 ./shared/set-root-pw.exp + chmod 755 ./shared/pki-user-cli-lib.sh + chmod 755 ./shared/dummycert1.pem + chmod 755 ./shared/pki-cert-cli-lib.sh + chmod a+x runtest.sh + #quickinstall + chmod a+x ./acceptance/quickinstall/rhcs-install.sh + chmod a+x ./acceptance/quickinstall/rhcs-install-lib.sh + chmod a+x ./acceptance/quickinstall/rhds-install.sh + #CA + chmod 777 ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-ca.sh + chmod 777 ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh + chmod 777 ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-show-ca.sh + chmod 777 ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-find-ca.sh + chmod 777 ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-del-ca.sh + + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Asha Akkiangady <aakkiang@redhat.com>" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Package containing libraries for rhcs beaker tests" >> $(METADATA) + @echo "Type: Acceptance" >> $(METADATA) + @echo "TestTime: 180m" >> $(METADATA) + @echo "RunFor: rhcs" >> $(METADATA) + @echo "Requires: expect" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/dogtag/PURPOSE b/tests/dogtag/PURPOSE new file mode 100755 index 000000000..a5213c645 --- /dev/null +++ b/tests/dogtag/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/rhcs/PKI_TEST_USER_ID +Description: All scripts for RHCS tests +Author: Laxmi Sunkara <lsunkara@redhat.com> diff --git a/tests/dogtag/acceptance/api-tests/legacy/ca-tests/Makefile b/tests/dogtag/acceptance/api-tests/legacy/ca-tests/Makefile new file mode 100644 index 000000000..c21710842 --- /dev/null +++ b/tests/dogtag/acceptance/api-tests/legacy/ca-tests/Makefile @@ -0,0 +1,66 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/rhcs/acceptance/api-tests/legacy/ca-tests +# Description: RHCS pki-ca-tests +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/rhcs/acceptance/api-tests/legacy/ca-tests +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) pki-ca-ag-certificates.sh runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + chmod a+x runtest.sh + chmod a+x pki-ca-ag-certificates.sh + +clean: + rm -f *~ $(BUILT_FILES) + chmod a+x runtest.sh + chmod a+x pki-ca-ag-certificates.sh + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Asha Akkiangady <aakkiang@redhat.com>" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: RHCS quickinstall" >> $(METADATA) + @echo "Type: Functional" >> $(METADATA) + @echo "TestTime: 60m" >> $(METADATA) + @echo "RunFor: rhcs" >> $(METADATA) + @echo "Requires: expect" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/dogtag/acceptance/api-tests/legacy/ca-tests/PURPOSE b/tests/dogtag/acceptance/api-tests/legacy/ca-tests/PURPOSE new file mode 100644 index 000000000..82cd541e2 --- /dev/null +++ b/tests/dogtag/acceptance/api-tests/legacy/ca-tests/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/rhcs/acceptance/api-tests/legacy/ca-tests +Description: pki CA interface api tests +Author: Asha Akkiangady <aakkiang@redhat.com> diff --git a/tests/dogtag/acceptance/api-tests/legacy/ca-tests/pki-ca-ag-certificates.sh b/tests/dogtag/acceptance/api-tests/legacy/ca-tests/pki-ca-ag-certificates.sh new file mode 100755 index 000000000..bc00b325c --- /dev/null +++ b/tests/dogtag/acceptance/api-tests/legacy/ca-tests/pki-ca-ag-certificates.sh @@ -0,0 +1,145 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/api-tests/legacy/ca-tests/ +# Description: PKI CA interface API tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following interfaces needs to be tested: +# pki-ca-ag-certificates -- CA agent interface managing certificates. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-user-cli-lib.sh +. /opt/rhqa_pki/env.sh + +######################################################################## +# Test Suite Globals +######################################################################## + +user1="test_user1" +CA_DOMAIN=`hostname -d` +CA_AGENT_CERT="PKI Administrator for $CA_DOMAIN" +CERTDB_PW="Password" + + + +######################################################################## + +run_pki-ca-ag-certificates(){ + rlPhaseStartSetup "pki_ca-ag-certificates-startup: Create temp directory and import CA agent cert into a nss certificate db" + rlLog "Admin Certificate is located at: $ADMIN_CERT_LOCATION" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlLog "Temp Directory = $TmpDir" + rlRun "importAdminCert $CA_ADMIN_CERT_LOCATION $TmpDir $CERTDB_PW $CA_AGENT_CERT" 0 "Import Agent certificate to $TmpDir" + rlRun "install_and_trust_CA_cert $CA_SERVER_ROOT $TmpDir" + rlPhaseEnd + + rlPhaseStartTest "pki_ca-ag-certificates-001: CA Agent approve a certificate requested for caUser profile" + local REQUESTCFG="$TmpDir/cert_request1.out" + echo "-ca_hostname $CA_HOSTNAME + -ca_eesslport 8443 + -request_type crmf + -request_keysize 1024 + -request_keytype RSA + -client_certdb_dir \"$TmpDir\" + -client_certdb_pwd \"$CERTDB_PW\" + -requestor_phone \"12345678\" + -requestor_email \"test\" + -UID \"$user1\" -CN \"$user1\" -OU \"$user1\" -O \"$user1\" -E \"$user1\" -C \"US\" -debug true + " > $REQUESTCFG + rlRun "runJava profile_request_caUserCert $REQUESTCFG > \"$TmpDir/pki-ca-ag-certificates-001_1.out\"" + rlAssertGrep "REQUEST_ID" "$TmpDir/pki-ca-ag-certificates-001_1.out" + request_id=`cat $TmpDir/pki-ca-ag-certificates-001_1.out | grep "REQUEST_ID=" | cut -d "=" -f 2` + rlRun "cat $TmpDir/pki-ca-ag-certificates-001_1.out" + rlLog "Request id = $request_id" + # Agent approve the request + Year=`date +%Y` + Month=`date +%m` + Day=`date +%d` + Hour=`date +%H` + Minute=`date +%M` + Second=`date +%S` + start_year=$Year; + end_year=$(($Year+1)); + end_day="1" + local AGENT_APPROVECFG="$TmpDir/cert_approve1.out" + if [ $request_id -gt 1 ] ; then + rlPass "Request id found" + echo "-ca_hostname $CA_HOSTNAME + -ca_agent_port 8443 + -client_certdb_dir \"$TmpDir\" + -client_certdb_pwd $CERTDB_PW + -agent_cert_name \"$CA_AGENT_CERT\" + -request_id $request_id + -debug true + -cert_ext_name UID=$user1 + -cert_ext_notBefore \"$start_year-$Month-$Day $Hour:$Minute:$Second\" + -cert_ext_notAfter \"$end_year-$Month-$end_day $Hour:$Minute:$Second\" + -cert_ext_authInfoAccessCritical false + -cert_ext_authInfoAccessGeneralNames \" \" + -cert_ext_keyUsageCritical true + -cert_ext_keyUsageDigitalSignature true + -cert_ext_keyUsageNonRepudiation true + -cert_ext_keyUsageKeyEncipherment true + -cert_ext_keyUsageDataEncipherment false + -cert_ext_keyUsageKeyAgreement false + -cert_ext_keyUsageKeyCertSign false + -cert_ext_keyUsageCrlSign false + -cert_ext_keyUsageEncipherOnly false + -cert_ext_keyUsageDecipherOnly false + -cert_ext_exKeyUsageCritical false + -cert_ext_exKeyUsageOIDs \"1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4\" + -cert_ext_subjAltNameExtCritical false + -cert_ext_subjAltNames \"RFC822Name: \" + -cert_ext_signingAlg SHA1withRSA + -cert_ext_requestNotes submittingcerts + -request_op approve + " > $AGENT_APPROVECFG + + rlRun "runJava ca_ag_ManageProfileRequest_caUserCert $AGENT_APPROVECFG > \"$TmpDir/pki-ca-ag-certificates-001_2.out\"" + rlRun "cat $TmpDir/pki-ca-ag-certificates-001_2.out" + rlAssertGrep "SERIAL_NUMBER" "$TmpDir/pki-ca-ag-certificates-001_2.out" + cert_serial_number=`cat $TmpDir/pki-ca-ag-certificates-001_2.out | grep "SERIAL_NUMBER=" | cut -d "=" -f 2` + if [ $cert_serial_number ] ; then + rlLog "SERIAL_NUMBER=$cert_serial_number" + rlPass "Certificate is approved, Serial Number is $cert_serial_number" + else + rlFail "Failed to approve the cert" + fi + else + rlFail "Request id is empty" + fi + rlPhaseEnd + + rlPhaseStartCleanup "pki_ca-ag-certificates-cleanup: Delete temp dir" + rlRun "popd" + # rlRun "rm -r $TmpDir" 0 "Removing temp directory" + rlPhaseEnd +} diff --git a/tests/dogtag/acceptance/api-tests/legacy/ca-tests/runtest.sh b/tests/dogtag/acceptance/api-tests/legacy/ca-tests/runtest.sh new file mode 100755 index 000000000..1cb452a09 --- /dev/null +++ b/tests/dogtag/acceptance/api-tests/legacy/ca-tests/runtest.sh @@ -0,0 +1,68 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/api-tests/legacy/ca-tests +# Description: CA interface api tests +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include data-driven test data file: + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +# Include test case file +. ./pki-ca-ag-certificates.sh + + +############################################################################## +PACKAGE="pki-ca" + + +rlJournalStart + rlPhaseStartSetup "ca-tests-startup: Check for pki-ca package" + rpm -qa | grep $PACKAGE + if [ $? -eq 0 ] ; then + rlPass "$PACKAGE package is installed" + else + rlFail "$PACKAGE package NOT found!" + fi + rlPhaseEnd + + + # Execute pki ca agent tests + run_pki-ca-ag-certificates + + rlJournalPrintText + report=/tmp/rhts.report.$RANDOM.txt + makereport $report + rhts-submit-log -l $report +rlJournalEnd diff --git a/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/Makefile b/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/Makefile new file mode 100644 index 000000000..b7a30c00c --- /dev/null +++ b/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/Makefile @@ -0,0 +1,66 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/rhcs/acceptance/api-tests/xml-api/ca-tests +# Description: RHCS xml api pki-ca-tests +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/rhcs/acceptance/api-tests/xml-api/ca-tests +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) pki-ca-ag-certificates.sh runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + chmod a+x runtest.sh + chmod a+x pki-ca-ag-certificates.sh + +clean: + rm -f *~ $(BUILT_FILES) + chmod a+x runtest.sh + chmod a+x pki-ca-ag-certificates.sh + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Asha Akkiangady <aakkiang@redhat.com>" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: RHCS quickinstall" >> $(METADATA) + @echo "Type: Functional" >> $(METADATA) + @echo "TestTime: 60m" >> $(METADATA) + @echo "RunFor: rhcs" >> $(METADATA) + @echo "Requires: expect" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/PURPOSE b/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/PURPOSE new file mode 100644 index 000000000..8e50e1912 --- /dev/null +++ b/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/rhcs/acceptance/api-tests/xml-api/ca-tests +Description: pki CA interface xml api tests +Author: Asha Akkiangady <aakkiang@redhat.com> diff --git a/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/pki-ca-ag-certificates.sh b/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/pki-ca-ag-certificates.sh new file mode 100755 index 000000000..81fcf4127 --- /dev/null +++ b/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/pki-ca-ag-certificates.sh @@ -0,0 +1,145 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/api-tests/xml-api/ca-tests/ +# Description: PKI CA interface XML API tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following interfaces needs to be tested: +# pki-ca-ag-certificates -- CA agent interface managing certificates. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-user-cli-lib.sh +. /opt/rhqa_pki/env.sh + +######################################################################## +# Test Suite Globals +######################################################################## + +user1="test_user1" +CA_DOMAIN=`hostname -d` +CA_AGENT_CERT="PKI Administrator for $CA_DOMAIN" +CERTDB_PW="Password" + +######################################################################## + +run_pki-xml-api-ca-ag-certificates(){ + rlPhaseStartSetup "pki_xml-api-ca-ag-certificates-startup: Create temp directory and import CA agent cert into a nss certificate db" + rlLog "Admin Certificate is located at: $ADMIN_CERT_LOCATION" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlLog "Temp Directory = $TmpDir" + rlRun "mkdir $TmpDir/nssdb" + rlRun "importAdminCert $CA_ADMIN_CERT_LOCATION $TmpDir/nssdb $CERTDB_PW $CA_AGENT_CERT" 0 "Import Agent certificate to $TmpDir/nssdb" + rlRun "install_and_trust_CA_cert $CA_SERVER_ROOT $TmpDir/nssdb" + rlPhaseEnd + + rlPhaseStartTest "pki_xml-api-ca-ag-certificates-001: CA Agent approve a certificate requested for caUser profile" + local + local REQUESTPARAM"$TmpDir/cert_request1.out" + echo "-ca_hostname $CA_HOSTNAME + -ca_eesslport 8443 + -request_type crmf + -request_keysize 1024 + -request_keytype RSA + -client_certdb_dir \"$TmpDir\" + -client_certdb_pwd \"$CERTDB_PW\" + -requestor_phone \"12345678\" + -requestor_email \"test\" + -UID \"$user1\" -CN \"$user1\" -OU \"$user1\" -O \"$user1\" -E \"$user1\" -C \"US\" -debug true + " > $REQUESTCFG + rlRun "runJava profile_request_caUserCert $REQUESTCFG > \"$TmpDir/pki-ca-ag-certificates-001_1.out\"" + rlAssertGrep "REQUEST_ID" "$TmpDir/pki-ca-ag-certificates-001_1.out" + request_id=`cat $TmpDir/pki-ca-ag-certificates-001_1.out | grep "REQUEST_ID=" | cut -d "=" -f 2` + rlRun "cat $TmpDir/pki-ca-ag-certificates-001_1.out" + rlLog "Request id = $request_id" + # Agent approve the request + Year=`date +%Y` + Month=`date +%m` + Day=`date +%d` + Hour=`date +%H` + Minute=`date +%M` + Second=`date +%S` + start_year=$Year; + end_year=$(($Year+1)); + end_day="1" + local AGENT_APPROVECFG="$TmpDir/cert_approve1.out" + if [ $request_id -gt 1 ] ; then + rlPass "Request id found" + echo "-ca_hostname $CA_HOSTNAME + -ca_agent_port 8443 + -client_certdb_dir \"$TmpDir\" + -client_certdb_pwd $CERTDB_PW + -agent_cert_name \"$CA_AGENT_CERT\" + -request_id $request_id + -debug true + -cert_ext_name UID=$user1 + -cert_ext_notBefore \"$start_year-$Month-$Day $Hour:$Minute:$Second\" + -cert_ext_notAfter \"$end_year-$Month-$end_day $Hour:$Minute:$Second\" + -cert_ext_authInfoAccessCritical false + -cert_ext_authInfoAccessGeneralNames \" \" + -cert_ext_keyUsageCritical true + -cert_ext_keyUsageDigitalSignature true + -cert_ext_keyUsageNonRepudiation true + -cert_ext_keyUsageKeyEncipherment true + -cert_ext_keyUsageDataEncipherment false + -cert_ext_keyUsageKeyAgreement false + -cert_ext_keyUsageKeyCertSign false + -cert_ext_keyUsageCrlSign false + -cert_ext_keyUsageEncipherOnly false + -cert_ext_keyUsageDecipherOnly false + -cert_ext_exKeyUsageCritical false + -cert_ext_exKeyUsageOIDs \"1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4\" + -cert_ext_subjAltNameExtCritical false + -cert_ext_subjAltNames \"RFC822Name: \" + -cert_ext_signingAlg SHA1withRSA + -cert_ext_requestNotes submittingcerts + -request_op approve + " > $AGENT_APPROVECFG + + rlRun "runJava ca_ag_ManageProfileRequest_caUserCert $AGENT_APPROVECFG > \"$TmpDir/pki-ca-ag-certificates-001_2.out\"" + rlRun "cat $TmpDir/pki-ca-ag-certificates-001_2.out" + rlAssertGrep "SERIAL_NUMBER" "$TmpDir/pki-ca-ag-certificates-001_2.out" + cert_serial_number=`cat $TmpDir/pki-ca-ag-certificates-001_2.out | grep "SERIAL_NUMBER=" | cut -d "=" -f 2` + if [ $cert_serial_number ] ; then + rlLog "SERIAL_NUMBER=$cert_serial_number" + rlPass "Certificate is approved, Serial Number is $cert_serial_number" + else + rlFail "Failed to approve the cert" + fi + else + rlFail "Request id is empty" + fi + rlPhaseEnd + + rlPhaseStartCleanup "pki_xml-api-ca-ag-certificates-cleanup: Delete temp dir" + rlRun "popd" + # rlRun "rm -r $TmpDir" 0 "Removing temp directory" + rlPhaseEnd +} diff --git a/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/runtest.sh b/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/runtest.sh new file mode 100755 index 000000000..73676c015 --- /dev/null +++ b/tests/dogtag/acceptance/api-tests/xml-api/ca-tests/runtest.sh @@ -0,0 +1,68 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/api-tests/xml-api/ca-tests +# Description: CA interface xml api tests +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include data-driven test data file: + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +# Include test case file +. ./pki-ca-ag-certificates.sh + + +############################################################################## +PACKAGE="pki-ca" + + +rlJournalStart + rlPhaseStartSetup "xml-api-ca-tests-startup: Check for pki-ca package" + rpm -qa | grep $PACKAGE + if [ $? -eq 0 ] ; then + rlPass "$PACKAGE package is installed" + else + rlFail "$PACKAGE package NOT found!" + fi + rlPhaseEnd + + + # Execute pki ca agent tests + run_pki-xml-api-ca-ag-certificates + + rlJournalPrintText + report=/tmp/rhts.report.$RANDOM.txt + makereport $report + rhts-submit-log -l $report +rlJournalEnd diff --git a/tests/dogtag/acceptance/cli-tests/pki-cert-cli/Makefile b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/Makefile new file mode 100644 index 000000000..d5ebbbed2 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/Makefile @@ -0,0 +1,66 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/rhcs/acceptance/cli-tests/pki-cert-cli +# Description: RHCS pki-cert CLI tests +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/rhcs/acceptance/cli-tests/pki-cert-cli +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) pki-cert-request-submit-cli.sh runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + chmod a+x runtest.sh + chmod a+x pki-cert-request-submit-cli.sh + +clean: + rm -f *~ $(BUILT_FILES) + chmod a+x runtest.sh + chmod a+x pki-cert-request-submit-cli.sh + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Asha Akkiangady <aakkiang@redhat.com>" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: RHCS quickinstall" >> $(METADATA) + @echo "Type: Functional" >> $(METADATA) + @echo "TestTime: 60m" >> $(METADATA) + @echo "RunFor: rhcs" >> $(METADATA) + @echo "Requires: expect" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/dogtag/acceptance/cli-tests/pki-cert-cli/PURPOSE b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/PURPOSE new file mode 100644 index 000000000..05c083ff9 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/rhcs/acceptance/cli-tests/pki-cert-cli +Description: pki cert CLI tests +Author: Asha Akkiangady <aakkiang@redhat.com> diff --git a/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-request-submit-cli.sh b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-request-submit-cli.sh new file mode 100755 index 000000000..bed94be64 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-request-submit-cli.sh @@ -0,0 +1,170 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-cert-cli +# Description: PKI CERT CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-cert-request-submit +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + + +######################################################################## +# Test Suite Globals +######################################################################## + +user1="ca_agent2" +user1fullname="Test ca_agent" +user2="kra_agent2" +user2fullname="Test kra_agent" +user3="ocsp_agent2" +user3fullname="Test ocsp_agent" + + +######################################################################## + +run_pki-cert-request-submit-cli_tests(){ + rlPhaseStartSetup "pki_cert_cli_cert-request-submit-startup: Login as system user, create temp directory and import CA agent cert into a nss certificate db and trust CA root cert" + admin_cert_nickname="PKI Administrator for $CA_DOMAIN" + nss_db_password="Password" + rlRun "chmod 777 $CA_ADMIN_CERT_LOCATION" + local exp="/tmp/expfile.out" + local expuserlogin="/tmp/explogin.out" + local tmpout="/tmp/tmpout.out" + local tmpusercreate="/tmp/tmpuser.out" + #Create a new system user if user does not exist already + local NEW_USER="testuser1" + local NEW_PASSWORD="Secret" + rlLog "Creating user $NEW_USER" + /usr/bin/id $NEW_USER > $tmpusercreate 2>&1 + if [ $? != 0 ] ; then + echo "$NEW_USER user does not exist" + /usr/sbin/useradd $NEW_USER + if [ $? != 0 ] ; then + echo "Failed to create $NEW_USER user" + fi + local cmd="passwd $NEW_USER" + echo "set timeout 5" > $exp + echo "set force_conservative 0" >> $exp + echo "set send_slow {1 .1}" >> $exp + echo "spawn $cmd" >> $exp + echo 'expect "*password: "' >> $exp + echo "send -s -- \"$NEW_PASSWORD\r\"" >> $exp + echo 'expect "*password: "' >> $exp + echo "send -s -- \"$NEW_PASSWORD\r\"" >> $exp + echo 'expect eof ' >> $exp + rlRun "cat $exp" + /usr/bin/expect $exp > $tmpout 2>&1 + if [ $? = 0 ]; then + cat $tmpout | grep "all authentication tokens updated successfully" + else + rlFail "User password can not be set" + fi + fi + rlLog "Admin Certificate is located at: $CA_ADMIN_CERT_LOCATION" + rlRun "chmod 777 $CA_ADMIN_CERT_LOCATION" + rlRun "su - $NEW_USER -c 'TmpDir=\`mktemp -d\`'" 0 "Creating tmp directory" + rlRun "su - $NEW_USER -c 'pushd $TmpDir'" + rlLog "Temp Directory = $TmpDir" + rlRun "su - $NEW_USER -c 'mkdir $TmpDir/nssdb'" + rlRun "su - $NEW_USER -c 'importP12File $CA_ADMIN_CERT_LOCATION $CA_CLIENT_PKCS12_PASSWORD $TmpDir/nssdb $nss_db_password $admin_cert_nickname" 0 "Import Admin certificate to $TmpDir/nssdb'" + rlRun "su - $NEW_USER -c 'install_and_trust_CA_cert $CA_SERVER_ROOT $TmpDir/nssdb'" + rlPhaseEnd + + rlPhaseStartTest "pki_cert_cli_cert-request-submit-configtest: pki cert-request-submit configuration test" + rlRun "pki cert-request-submit > $TmpDir/pki_cert-request-submit_cfg.out" + rlAssertGrep "usage: cert-request-submit <filename>" "$TmpDir/pki_cert-request-submit_cfg.out" + rlPhaseEnd + + rlPhaseStartTest "pki_cert_cli_cert-request-submit-CA-001: Request a RSA certificate of key size 3072 in PKCS#10 format" + local sample_request_file1="/opt/rhqa_pki/cert_request_caUserCert1_1.in" + local sample_request_file2="/opt/rhqa_pki/cert_request_caUserCert1_2.in" + local temp_file="$TmpDir/certrequest_001.in" + rlRun "create_certdb \"$TmpDir/requestdb\" Password" 0 "Create a certificate db" + rlRun "generate_PKCS10 \"$TmpDir/requestdb\" Password rsa 3072 \"$TmpDir/request_001.out\" \"CN=test.example.com\" " 0 "generate PKCS10 certificate" + rlLog "Create a certificate request XML file.." + local search_string1="<InputAttr name=\"cert_request_type\">crmf<\/InputAttr>" + local replace_string1="\<InputAttr name=\"cert_request_type\"\>pkcs10\<\/InputAttr\>" + rlRun "sed -e '/-----BEGIN NEW CERTIFICATE REQUEST-----/d' -i $TmpDir/request_001.out" + rlRun "sed -e '/-----END NEW CERTIFICATE REQUEST-----/d' -i $TmpDir/request_001.out" + local cert_request=`cat $TmpDir/request_001.out` + rlRun "cat $sample_request_file1 $TmpDir/request_001.out $sample_request_file2 > $temp_file" + rlLog "Executing: sed -e 's/$search_string1/$replace_string1/' -i $temp_file" + rlRun "sed -e 's/$search_string1/$replace_string1/' -i $temp_file" + rlLog "Executing: pki cert-request-submit $temp_file" + rlRun "pki cert-request-submit $temp_file > $TmpDir/certrequest_001.out" 0 "Executing pki cert-request-submit" + rlAssertGrep "Submitted certificate request" "$TmpDir/certrequest_001.out" + rlAssertGrep "Request ID:" "$TmpDir/certrequest_001.out" + rlAssertGrep "Type: enrollment" "$TmpDir/certrequest_001.out" + rlAssertGrep "Status: pending" "$TmpDir/certrequest_001.out" + local request_id=`cat $TmpDir/certrequest_001.out | grep "Request ID:" | awk '{print $3}'` + rlLog "Request ID=$request_id" + rlRun "pki cert-request-show $request_id > $TmpDir/certrequestshow_001.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "$TmpDir/certrequestshow_001.out" + rlAssertGrep "Type: enrollment" "$TmpDir/certrequestshow_001.out" + rlAssertGrep "Status: pending" "$TmpDir/certrequestshow_001.out" + #Agent Approve the certificate + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -w $nss_db_password \ + -t ca \ + cert-request-review --action=approve $request_id" + + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -w $nss_db_password \ + -t ca \ + cert-request-review --action=approve $request_id > $TmpDir/certapprove_001.out" \ + 0 \ + "CA agent approve the cert" + rlAssertGrep "Approved certificate request $request_id" "$TmpDir/certapprove_001.out" + rlRun "pki cert-request-show $request_id > $TmpDir/certrequestapprovedshow_001.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "$TmpDir/certrequestapprovedshow_001.out" + rlAssertGrep "Type: enrollment" "$TmpDir/certrequestapprovedshow_001.out" + rlAssertGrep "Status: complete" "$TmpDir/certrequestapprovedshow_001.out" + rlAssertGrep "Certificate ID:" "$TmpDir/certrequestapprovedshow_001.out" + local certificate_serial_number=`cat $TmpDir/certrequestapprovedshow_001.out | grep "Certificate ID:" | awk '{print $3}'` + rlLog "Cerificate Serial Number=$certificate_serial_number" + #Verify the certificate is valid + rlRun "pki cert-show $certificate_serial_number --pretty > $TmpDir/certificate_show_001.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=testuser,E=testuser@example.com,CN=Test User,OU=Engineering,O=Example,C=US" "$TmpDir/certificate_show_001.out" + rlAssertGrep "Status: VALID" "$TmpDir/certificate_show_001.out" + rlAssertGrep "Public Key Modulus: (3072 bits)" "$TmpDir/certificate_show_001.out" + rlPhaseEnd + + rlPhaseStartCleanup "pki_cert_cli_cert-request-submit-cleanup: Delete temp dir" + rlRun "popd" + + # rlRun "rm -r $TmpDir" 0 "Removing temp directory" + rlPhaseEnd +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-cert-cli/runtest.sh b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/runtest.sh new file mode 100755 index 000000000..dbd2b2dfc --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/runtest.sh @@ -0,0 +1,72 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-cert-cli +# Description: pki cert CLI tests to manage certificates +# functions. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include data-driven test data file: + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +# Include test case file +. ./pki-cert-request-submit-cli.sh + + +############################################################################## +PACKAGE="pki-tools" + + +rlJournalStart + rlPhaseStartSetup "pki-cert-cli-startup: Check for pki-tools package" + rpm -qa | grep $PACKAGE + if [ $? -eq 0 ] ; then + rlPass "$PACKAGE package is installed" + else + rlFail "$PACKAGE package NOT found!" + fi + rlPhaseEnd + + + # Execute pki-request-submit tests + run_pki-cert-request-submit-cli_tests + # Execute pki-cert-request-show tests + run_pki-cert-request-show-cli_tests + # Execute pki-cert-request-review tests + # run_pki-cert-request-review-cli_tests + + rlJournalPrintText + report=/tmp/rhts.report.$RANDOM.txt + makereport $report + rhts-submit-log -l $report +rlJournalEnd diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/Makefile b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/Makefile new file mode 100644 index 000000000..5ac24854d --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/Makefile @@ -0,0 +1,75 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli/ca +# Description: RHCS pki-user-add CLI tests +# Author: Laxmi Sunkara <lsunkara@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/rhcs/acceptance/cli-tests/pki-user-cli/ca +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) pki-user-cli-user-ca.sh pki-user-cli-user-add-ca.sh pki-user-cli-user-show-ca.sh pki-user-cli-user-find-ca.sh pki-user-cli-user-del-ca.sh runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + chmod a+x runtest.sh + chmod 777 pki-user-cli-user-ca.sh + chmod 777 pki-user-cli-user-add-ca.sh + chmod 777 pki-user-cli-user-show-ca.sh + chmod 777 pki-user-cli-user-find-ca.sh + chmod 777 pki-user-cli-user-del-ca.sh + +clean: + rm -f *~ $(BUILT_FILES) + chmod a+x runtest.sh + chmod 777 pki-user-cli-user-ca.sh + chmod 777 pki-user-cli-user-add-ca.sh + chmod 777 pki-user-cli-user-show-ca.sh + chmod 777 pki-user-cli-user-find-ca.sh + chmod 777 pki-user-cli-user-del-ca.sh + + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Asha Akkiangady <aakkiang@redhat.com>" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: RHCS quickinstall" >> $(METADATA) + @echo "Type: Functional" >> $(METADATA) + @echo "TestTime: 60m" >> $(METADATA) + @echo "RunFor: rhcs" >> $(METADATA) + @echo "Requires: expect" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/PURPOSE b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/PURPOSE new file mode 100644 index 000000000..102039cf8 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +Description: pki user CLI tests +Author: Laxmi Sunkara <lsunkara@redhat.com> diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh new file mode 100755 index 000000000..617895587 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh @@ -0,0 +1,855 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Laxmi Sunkara <lsunkara@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + +###################################################################################### +#pki-user-cli-user-ca.sh should be first executed prior to pki-user-cli-user-add-ca.sh +###################################################################################### + +######################################################################## +# Test Suite Globals +######################################################################## + +user1=ca_agent2 +user1fullname="Test ca_agent" +user2=abcdefghijklmnopqrstuvwxyx12345678 +user3=abc# +user4=abc$ +user5=abc@ +user6=abc? +user7=0 +export user1 user2 user3 user4 user5 user6 user7 +######################################################################## + +run_pki-user-cli-user-add-ca_tests(){ + rlPhaseStartSetup "pki_user_cli_user_add-ca-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + #====Ticket corresponding to pki_user_cli_user_add-configtest : https://fedorahosted.org/pki/ticket/519=====# + rlPhaseStartTest "pki_user_cli_user_add-configtest: pki user-add configuration test" + rlRun "pki user-add > $TmpDir/pki_user_add_cfg.out" \ + 1 \ + "https://fedorahosted.org/pki/ticket/519" + rlAssertGrep "usage: user-add <User ID> \[OPTIONS...\]" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--email <email> Email" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--fullName <fullName> Full name" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--password <password> Password" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--phone <phone> Phone" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--state <state> State" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--type <type> Type" "$TmpDir/pki_user_add_cfg.out" + rlPhaseEnd + ##### Tests to add CA users using a user of admin group with a valid cert#### + rlPhaseStartTest "pki_user_cli_user_add-CA-001: Add a user to CA using CA_adminV" + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-001.out" \ + 0 \ + "Add user $user1 to CA_adminV" + rlAssertGrep "Added user \"$user1\"" "$TmpDir/pki-user-add-ca-001.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-ca-001.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-ca-001.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_1:maximum length of user id " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user2 > $TmpDir/pki-user-add-ca-001_1.out" \ + 0 \ + "Added user using CA_adminV with maximum user id length" + rlAssertGrep "Added user \"$user2\"" "$TmpDir/pki-user-add-ca-001_1.out" + rlAssertGrep "User ID: $user2" "$TmpDir/pki-user-add-ca-001_1.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_1.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_2:User id with # character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user3 > $TmpDir/pki-user-add-ca-001_2.out" \ + 0 \ + "Added user using CA_adminV, user id with # character" + rlAssertGrep "Added user \"$user3\"" "$TmpDir/pki-user-add-ca-001_2.out" + rlAssertGrep "User ID: $user3" "$TmpDir/pki-user-add-ca-001_2.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_2.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_3:User id with $ character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user4 > $TmpDir/pki-user-add-ca-001_3.out" \ + 0 \ + "Added user using CA_adminV, user id with $ character" + rlAssertGrep "Added user \"$user4\"" "$TmpDir/pki-user-add-ca-001_3.out" + rlAssertGrep "User ID: abc\\$" "$TmpDir/pki-user-add-ca-001_3.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_3.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_4:User id with @ character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user5 > $TmpDir/pki-user-add-ca-001_4.out " \ + 0 \ + "Added user using CA_adminV, user id with @ character" + rlAssertGrep "Added user \"$user5\"" "$TmpDir/pki-user-add-ca-001_4.out" + rlAssertGrep "User ID: $user5" "$TmpDir/pki-user-add-ca-001_4.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_4.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_5:User id with ? character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user6 > $TmpDir/pki-user-add-ca-001_5.out " \ + 0 \ + "Added user using CA_adminV, user id with ? character" + rlAssertGrep "Added user \"$user6\"" "$TmpDir/pki-user-add-ca-001_5.out" + rlAssertGrep "User ID: $user6" "$TmpDir/pki-user-add-ca-001_5.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_5.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_6:User id as 0" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user7 > $TmpDir/pki-user-add-ca-001_6.out " \ + 0 \ + "Added user using CA_adminV, user id 0" + rlAssertGrep "Added user \"$user7\"" "$TmpDir/pki-user-add-ca-001_6.out" + rlAssertGrep "User ID: $user7" "$TmpDir/pki-user-add-ca-001_6.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_6.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_7:--email with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=abcdefghijklmnopqrstuvwxyx12345678 u1 > $TmpDir/pki-user-add-ca-001_7.out" \ + 0 \ + "Added user using CA_adminV with maximum --email length" + rlAssertGrep "Added user \"u1\"" "$TmpDir/pki-user-add-ca-001_7.out" + rlAssertGrep "User ID: u1" "$TmpDir/pki-user-add-ca-001_7.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_7.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-ca-001_7.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_8:--email with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=abcdefghijklmnopqrstuvwxyx12345678#?*@$ u2 > $TmpDir/pki-user-add-ca-001_8.out" \ + 0 \ + "Added user using CA_adminV with maximum --email length and character symbols in it" + rlAssertGrep "Added user \"u2\"" "$TmpDir/pki-user-add-ca-001_8.out" + rlAssertGrep "User ID: u2" "$TmpDir/pki-user-add-ca-001_8.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_8.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-add-ca-001_8.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_9:--email with # character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=# u3 > $TmpDir/pki-user-add-ca-001_9.out" \ + 0 \ + "Added user using CA_adminV with --email # character" + rlAssertGrep "Added user \"u3\"" "$TmpDir/pki-user-add-ca-001_9.out" + rlAssertGrep "User ID: u3" "$TmpDir/pki-user-add-ca-001_9.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_9.out" + rlAssertGrep "Email: #" "$TmpDir/pki-user-add-ca-001_9.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_10:--email with * character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=* u4 > $TmpDir/pki-user-add-ca-001_10.out" \ + 0 \ + "Added user using CA_adminV with --email * character" + rlAssertGrep "Added user \"u4\"" "$TmpDir/pki-user-add-ca-001_10.out" + rlAssertGrep "User ID: u4" "$TmpDir/pki-user-add-ca-001_10.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_10.out" + rlAssertGrep "Email: *" "$TmpDir/pki-user-add-ca-001_10.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_11:--email with $ character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=$ u5 > $TmpDir/pki-user-add-ca-001_11.out" \ + 0 \ + "Added user using CA_adminV with --email $ character" + rlAssertGrep "Added user \"u5\"" "$TmpDir/pki-user-add-ca-001_11.out" + rlAssertGrep "User ID: u5" "$TmpDir/pki-user-add-ca-001_11.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_11.out" + rlAssertGrep "Email: \\$" "$TmpDir/pki-user-add-ca-001_11.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_12:--email as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=0 u6 > $TmpDir/pki-user-add-ca-001_12.out " \ + 0 \ + "Added user using CA_adminV with --email 0" + rlAssertGrep "Added user \"u6\"" "$TmpDir/pki-user-add-ca-001_12.out" + rlAssertGrep "User ID: u6" "$TmpDir/pki-user-add-ca-001_12.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_12.out" + rlAssertGrep "Email: 0" "$TmpDir/pki-user-add-ca-001_12.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_13:--state with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=abcdefghijklmnopqrstuvwxyx12345678 u7 > $TmpDir/pki-user-add-ca-001_13.out" \ + 0 \ + "Added user using CA_adminV with maximum --state length" + rlAssertGrep "Added user \"u7\"" "$TmpDir/pki-user-add-ca-001_13.out" + rlAssertGrep "User ID: u7" "$TmpDir/pki-user-add-ca-001_13.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_13.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-ca-001_13.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_14:--state with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=abcdefghijklmnopqrstuvwxyx12345678#?*@$ u8 > $TmpDir/pki-user-add-ca-001_14.out" \ + 0 \ + "Added user using CA_adminV with maximum --state length and character symbols in it" + rlAssertGrep "Added user \"u8\"" "$TmpDir/pki-user-add-ca-001_14.out" + rlAssertGrep "User ID: u8" "$TmpDir/pki-user-add-ca-001_14.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_14.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-add-ca-001_14.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_15:--state with # character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=# u9 > $TmpDir/pki-user-add-ca-001_15.out" \ + 0 \ + "Added user using CA_adminV with --state # character" + rlAssertGrep "Added user \"u9\"" "$TmpDir/pki-user-add-ca-001_15.out" + rlAssertGrep "User ID: u9" "$TmpDir/pki-user-add-ca-001_15.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_15.out" + rlAssertGrep "State: #" "$TmpDir/pki-user-add-ca-001_15.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_16:--state with * character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=* u10 > $TmpDir/pki-user-add-ca-001_16.out" \ + 0 \ + "Added user using CA_adminV with --state * character" + rlAssertGrep "Added user \"u10\"" "$TmpDir/pki-user-add-ca-001_16.out" + rlAssertGrep "User ID: u10" "$TmpDir/pki-user-add-ca-001_16.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_16.out" + rlAssertGrep "State: *" "$TmpDir/pki-user-add-ca-001_16.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_17:--state with $ character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=$ u11 > $TmpDir/pki-user-add-ca-001_17.out" \ + 0 \ + "Added user using CA_adminV with --state $ character" + rlAssertGrep "Added user \"u11\"" "$TmpDir/pki-user-add-ca-001_17.out" + rlAssertGrep "User ID: u11" "$TmpDir/pki-user-add-ca-001_17.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_17.out" + rlAssertGrep "State: \\$" "$TmpDir/pki-user-add-ca-001_17.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_18:--state as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=0 u12 > $TmpDir/pki-user-add-ca-001_18.out " \ + 0 \ + "Added user using CA_adminV with --state 0" + rlAssertGrep "Added user \"u12\"" "$TmpDir/pki-user-add-ca-001_18.out" + rlAssertGrep "User ID: u12" "$TmpDir/pki-user-add-ca-001_18.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_18.out" + rlAssertGrep "State: 0" "$TmpDir/pki-user-add-ca-001_18.out" + rlPhaseEnd + #https://www.redhat.com/archives/pki-users/2010-February/msg00015.html + rlPhaseStartTest "pki_user_cli_user_add-CA-001_19:--phone with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=abcdefghijklmnopqrstuvwxyx12345678 u13 > $TmpDir/pki-user-add-ca-001_19.out" \ + 0 \ + "Added user using CA_adminV with maximum --phone length" + rlAssertGrep "Added user \"u13\"" "$TmpDir/pki-user-add-ca-001_19.out" + rlAssertGrep "User ID: u13" "$TmpDir/pki-user-add-ca-001_19.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_19.out" + rlAssertGrep "Phone: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-ca-001_19.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_20:--phone with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=abcdefghijklmnopqrstuvwxyx12345678#?*@$ usr1 > $TmpDir/pki-user-add-ca-001_20.out 2>&1"\ + 1 \ + "Cannot add user using CA_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-ca-001_20.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_21:--phone with # character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=# usr2 > $TmpDir/pki-user-add-ca-001_21.out 2>&1" \ + 1 \ + "Cannot add user using CA_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-ca-001_21.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_22:--phone with * character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=* usr3 > $TmpDir/pki-user-add-ca-001_22.out 2>&1" \ + 1 \ + "Cannot add user using CA_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-ca-001_22.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_23:--phone with $ character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=$ usr4 > $TmpDir/pki-user-add-ca-001_23.out 2>&1" \ + 1 \ + "Cannot add user using CA_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-ca-001_23.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_24:--phone as negative number -1230 " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=-1230 u14 > $TmpDir/pki-user-add-ca-001_24.out " \ + 0 \ + "Added user using CA_adminV with --phone -1230" + rlAssertGrep "Added user \"u14\"" "$TmpDir/pki-user-add-ca-001_24.out" + rlAssertGrep "User ID: u14" "$TmpDir/pki-user-add-ca-001_24.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_24.out" + rlAssertGrep "Phone: -1230" "$TmpDir/pki-user-add-ca-001_24.out" + rlPhaseEnd +#======https://fedorahosted.org/pki/ticket/704============# + rlPhaseStartTest "pki_user_cli_user_add-CA-001_25:--type as Auditors" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=Auditors u15 > $TmpDir/pki-user-add-ca-001_25.out" \ + 0 \ + "Added user using CA_adminV with --type Auditors" + rlAssertGrep "Added user \"u15\"" "$TmpDir/pki-user-add-ca-001_25.out" + rlAssertGrep "User ID: u15" "$TmpDir/pki-user-add-ca-001_25.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_25.out" + rlAssertGrep "Type: Auditors" "$TmpDir/pki-user-add-ca-001_25.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_26:--type Certificate Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Certificate Manager Agents\" u16 > $TmpDir/pki-user-add-ca-001_26.out" \ + 0 \ + "Added user using CA_adminV --type Certificate Manager Agents" + rlAssertGrep "Added user \"u16\"" "$TmpDir/pki-user-add-ca-001_26.out" + rlAssertGrep "User ID: u16" "$TmpDir/pki-user-add-ca-001_26.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_26.out" + rlAssertGrep "Type: Certificate Manager Agents" "$TmpDir/pki-user-add-ca-001_26.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_27:--type Registration Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Registration Manager Agents\" u17 > $TmpDir/pki-user-add-ca-001_27.out" \ + 0 \ + "Added user using CA_adminV with --type Registration Manager Agents" + rlAssertGrep "Added user \"u17\"" "$TmpDir/pki-user-add-ca-001_27.out" + rlAssertGrep "User ID: u17" "$TmpDir/pki-user-add-ca-001_27.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_27.out" + rlAssertGrep "Type: Registration Manager Agents" "$TmpDir/pki-user-add-ca-001_27.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_28:--type Subsytem Group " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Subsytem Group\" u18 > $TmpDir/pki-user-add-ca-001_28.out" \ + 0 \ + "Added user using CA_adminV with --type Subsytem Group" + rlAssertGrep "Added user \"u18\"" "$TmpDir/pki-user-add-ca-001_28.out" + rlAssertGrep "User ID: u18" "$TmpDir/pki-user-add-ca-001_28.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_28.out" + rlAssertGrep "Type: Subsytem Group" "$TmpDir/pki-user-add-ca-001_28.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_29:--type Security Domain Administrators " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Security Domain Administrators\" u19 > $TmpDir/pki-user-add-ca-001_29.out" \ + 0 \ + "Added user using CA_adminV with --type Security Domain Administrators" + rlAssertGrep "Added user \"u19\"" "$TmpDir/pki-user-add-ca-001_29.out" + rlAssertGrep "User ID: u19" "$TmpDir/pki-user-add-ca-001_29.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_29.out" + rlAssertGrep "Type: Security Domain Administrators" "$TmpDir/pki-user-add-ca-001_29.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_30:--type ClonedSubsystems " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=ClonedSubsystems u20 > $TmpDir/pki-user-add-ca-001_30.out" \ + 0 \ + "Added user using CA_adminV with --type ClonedSubsystems" + rlAssertGrep "Added user \"u20\"" "$TmpDir/pki-user-add-ca-001_30.out" + rlAssertGrep "User ID: u20" "$TmpDir/pki-user-add-ca-001_30.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_30.out" + rlAssertGrep "Type: ClonedSubsystems" "$TmpDir/pki-user-add-ca-001_30.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-001_31:--type Trusted Managers " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Trusted Managers\" u21 > $TmpDir/pki-user-add-ca-001_31.out" \ + 0 \ + "Added user using CA_adminV with --type Trusted Managers" + rlAssertGrep "Added user \"u21\"" "$TmpDir/pki-user-add-ca-001_31.out" + rlAssertGrep "User ID: u21" "$TmpDir/pki-user-add-ca-001_31.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ca-001_31.out" + rlAssertGrep "Type: Trusted Managers" "$TmpDir/pki-user-add-ca-001_31.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-002: Add a duplicate user to CA" + command="pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=\"New user\" $user1 > $TmpDir/pki-user-add-ca-002.out 2>&1 " + + rlLog "Command=$command" + expmsg="ConflictingOperationException: Entry already exists." + rlRun "$command" 1 "Add duplicate user" + rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-ca-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-003: Add a user to CA with -t option" + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$user1fullname\" u22" + + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$user1fullname\" u22 > $TmpDir/pki-user-add-ca-003.out" \ + 0 \ + "Add user u22 to CA" + rlAssertGrep "Added user \"u22\"" "$TmpDir/pki-user-add-ca-003.out" + rlAssertGrep "User ID: u22" "$TmpDir/pki-user-add-ca-003.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-ca-003.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-004: Add a user -- missing required option user id" + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$user1fullname\" " + + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$user1fullname\" > $TmpDir/pki-user-add-ca-004.out" \ + 1\ + "Add user -- missing required option user id" + rlAssertGrep "usage: user-add <User ID> \[OPTIONS...\]" "$TmpDir/pki-user-add-ca-004.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-005: Add a user -- missing required option --fullName" + command="pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add $user1 > $TmpDir/pki-user-add-ca-005.out 2>&1" + expmsg="Error: Missing required option: fullName" + rlLog "Executing: $command" + rlRun "$command" 1 "Add a user -- missing required option --fullName" + rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-ca-005.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-006: Add a user -- all options provided" + email="ca_agent2@myemail.com" + user_password="agent2Password" + phone="1234567890" + state="NC" + type="Administrators" + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$user1fullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + --type $type \ + u23" + + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$user1fullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + --type $type \ + u23 > $TmpDir/pki-user-add-ca-006_1.out" \ + 0 \ + "Add user u23 to CA -- all options provided" + rlAssertGrep "Added user \"u23\"" "$TmpDir/pki-user-add-ca-006_1.out" + rlAssertGrep "User ID: u23" "$TmpDir/pki-user-add-ca-006_1.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-ca-006_1.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-add-ca-006_1.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-add-ca-006_1.out" + rlAssertGrep "Type: $type" "$TmpDir/pki-user-add-ca-006_1.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-add-ca-006_1.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-007: Add user to multiple groups" + user=u24 + userfullname="Multiple Group User" + email="multiplegroup@myemail.com" + user_password="admin2Password" + phone="1234567890" + state="NC" + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$userfullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + $user" + + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$userfullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + $user > $TmpDir/pki-user-add-ca-006.out " \ + 0 \ + "Add user $user using CA_adminV" + rlAssertGrep "Added user \"u24\"" "$TmpDir/pki-user-add-ca-006.out" + rlAssertGrep "User ID: u24" "$TmpDir/pki-user-add-ca-006.out" + rlAssertGrep "Full name: $userfullname" "$TmpDir/pki-user-add-ca-006.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-add-ca-006.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-add-ca-006.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-add-ca-006.out" + + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + group-add-member Administrators $user > $TmpDir/pki-user-add-ca-007_1.out" \ + 0 \ + "Add user $user to Administrators group" + + rlAssertGrep "Added group member \"$user\"" "$TmpDir/pki-user-add-ca-007_1.out" + rlAssertGrep "User: $user" "$TmpDir/pki-user-add-ca-007_1.out" + + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + group-find-member Administrators > $TmpDir/pki-user-add-ca-007.out" \ + 0 \ + "Show pki group-find-member Administrators" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + group-add-member \"Certificate Manager Agents\" $user > $TmpDir/pki-user-add-ca-007_1_1.out" \ + 0 \ + "Add user $user to Administrators group" + + rlAssertGrep "Added group member \"$user\"" "$TmpDir/pki-user-add-ca-007_1_1.out" + rlAssertGrep "User: $user" "$TmpDir/pki-user-add-ca-007_1_1.out" + + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + group-find-member \"Certificate Manager Agents\" > $TmpDir/pki-user-add-ca-007_2.out" \ + 0 \ + "Show pki group-find-member Administrators" + + rlAssertGrep "User: $user" "$TmpDir/pki-user-add-ca-007_2.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-008: Add user with --password " + userpw="pass" + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" --password=$userpw $user1 > $TmpDir/pki-user-add-ca-008.out 2>&1" + expmsg="PKIException: The password must be at least 8 characters" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$user1fullname\" --password=$userpw $user1 > $TmpDir/pki-user-add-ca-008.out 2>&1" \ + 1 \ + "Add a user --must be at least 8 characters --password" + rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-ca-008.out" + + rlPhaseEnd + + ##### Tests to add users using revoked cert##### + rlPhaseStartTest "pki_user_cli_user_add-CA-009: Cannot add user using a revoked cert CA_adminR" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_adminR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-revoke-adminR-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a user having revoked cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-ca-revoke-adminR-002.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-CA-009_1: Cannot add user using a agent or a revoked cert CA_agentR" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-revoke-agentR-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a user having revoked cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-ca-revoke-agentR-002.out" + rlPhaseEnd + + + ##### Tests to add users using an agent user##### + rlPhaseStartTest "pki_user_cli_user_add-CA-0010: Cannot add user using a CA_agentV user" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_agentV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_agentV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-agentV-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-ca-agentV-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-0011: Cannot add user using a CA_agentR user" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-agentR-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-ca-agentR-002.out" + rlPhaseEnd + ##### Tests to add users using expired cert##### + rlPhaseStartTest "pki_user_cli_user_add-CA-0012: Cannot add user using a CA_adminE cert" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date" + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_adminE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-adminE-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "RuntimeException: java.io.IOException: SocketException cannot read on socket" "$TmpDir/pki-user-add-ca-adminE-002.out" + rlRun "date --set='2 days ago'" 0 "Set System back to the present day" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-0013: Cannot add user using a CA_agentE cert" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date" + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_agentE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_agentE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-agentE-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "RuntimeException: java.io.IOException: SocketException cannot read on socket" "$TmpDir/pki-user-add-ca-agentE-002.out" + rlRun "date --set='2 days ago'" 0 "Set System back to the present day" + rlPhaseEnd + + ##### Tests to add users using audit users##### + rlPhaseStartTest "pki_user_cli_user_add-CA-0012: Cannot add user using a CA_auditV" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_auditV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_auditV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-auditV-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a audit cert" + rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-ca-auditV-002.out" + rlPhaseEnd + + ##### Tests to add users using operator user### + rlPhaseStartTest "pki_user_cli_user_add-CA-0013: Cannot add user using a CA_operatorV" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n CA_operatorV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_operatorV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-operatorV-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a operator cert" + rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-ca-operatorV-002.out" + rlPhaseEnd + + + ##### Tests to add users using CA_adminUTCA and CA_agentUTCA user's certificate will be issued by an untrusted CA users##### + rlPhaseStartTest "pki_user_cli_user_add-CA-0014: Cannot add user using a CA_adminUTCA" + + rlLog "Executing: pki -d /tmp/dummydb \ + -n CA_adminUTCA \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/dummydb \ + -n CA_adminUTCA \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-adminUTCA-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a untrusted cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-ca-adminUTCA-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-0014: Cannot add user using a CA_agentUTCA" + + rlLog "Executing: pki -d /tmp/dummydb \ + -n CA_agentUTCA \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/dummydb \ + -n CA_agentUTCA \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-agentUTCA-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a untrusted cert" + rlAssertGrep "RuntimeException: java.net.SocketException: Object not found: org.mozilla.jss.crypto.ObjectNotFoundException" "$TmpDir/pki-user-add-ca-agentUTCA-002.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_cleanup-001_15: Deleting the temp directory and users" + del_user=($CA_adminV_user $CA_adminR_user $CA_adminE_user $CA_adminUTCA_user $CA_agentV_user $CA_agentR_user $CA_agentE_user $CA_agentUTCA_user $CA_auditV_user $CA_operatorV_user) + + #===Deleting users created using CA_adminV cert===# + i=1 + while [ $i -lt 25] ; do + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del u$i > $TmpDir/pki-user-del-ca-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-ca-user-00$i.out" + let i=$i+1 + done + #===Deleting users(symbols) created using CA_adminV cert===# + j=1 + while [ $j -lt 8 ] ; do + eval usr=\$user$j + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del $usr > $TmpDir/pki-user-del-ca-user-symbol-00$j.out" \ + 0 \ + "Deleted user $usr" + rlAssertGrep "Deleted user \"$usr\"" "$TmpDir/pki-user-del-ca-user-symbol-00$j.out" + let j=$j+1 + done + i=0 + while [ $i -lt ${#del_user[@]} ] ; do + userid_del=${del_user[$i]} + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-del $userid_del > $TmpDir/pki-user-del-ca-00$i.out" \ + 0 \ + "Deleted user $userid_del" + rlAssertGrep "Deleted user \"$userid_del\"" "$TmpDir/pki-user-del-ca-00$i.out" + let i=$i+1 + done + + + rlRun "rm -r $TmpDir" 0 "Removing temp directory" + rlRun "popd" + rlRun "rm -rf /tmp/requestdb" + rlRun "rm -rf /tmp/dummydb" + + rlPhaseEnd + + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-ca.sh new file mode 100755 index 000000000..8f3a82d7d --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-ca.sh @@ -0,0 +1,370 @@ +#!/bin/bash +#!/usr/bin/expect -f + +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Laxmi Sunkara <lsunkara@redhat.com> +# +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + +######################################################################## +# Test Suite Globals +######################################################################## +CA_adminV_user=CA_adminV +CA_adminV_fullName=CA_Admin_ValidCert +CA_adminR_user=CA_adminR +CA_adminR_fullName=CA_Admin_RevokedCert +CA_adminE_user=CA_adminE +CA_adminE_fullName=CA_admin_ExpiredCert +CA_adminUTCA_user=CA_adminUTCA +CA_adminUTCA_fullName=CA_Admin_CertIssuedByUntrustedCA + +CA_agentV_user=CA_agentV +CA_agentV_fullName=CA_Agent_ValidCert +CA_agentR_user=CA_agentR +CA_agentR_fullName=CA_Agent_RevokedCert +CA_agentE_user=CA_agentE +CA_agentE_fullName=CA_agent_ExpiredCert +CA_agentUTCA_user=CA_agentUTCA +CA_agentUTCA_fullName=CA_Agent_CertIssuedByUntrustedCA + +CA_auditV_user=CA_auditV +CA_auditV_fullName=CA_Audit_ValidCert +CA_operatorV_user=CA_operatorV +CA_operatorV_fullName=CA_Operator_ValidCert + +export CA_adminV_user CA_adminR_user CA_adminE_user CA_adminUTCA_user CA_agentV_user CA_agentR_user CA_agentE_user CA_agentUTCA_user CA_auditV_user CA_operatorV_user +###################################################################### + +run_pki-user-cli-user-ca_tests(){ + rlPhaseStartSetup "pki_user_cli_user_add-startup: Create temp directory and import CA agent cert into a nss certificate db and trust CA root cert" + admin_cert_nickname="PKI Administrator for $CA_DOMAIN" + nss_db_password="Password" + rlRun "source /opt/rhqa_pki/env.sh" + rlLog "Admin Certificate is located at: $CA_ADMIN_CERT_LOCATION" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlLog "Temp Directory = $TmpDir" + rlRun "mkdir $TmpDir/nssdb" + rlLog "importP12File $CA_ADMIN_CERT_LOCATION $CA_CLIENT_PKCS12_PASSWORD $TmpDir/nssdb $nss_db_password $admin_cert_nickname" + rlRun "importP12File $CA_ADMIN_CERT_LOCATION $CA_CLIENT_PKCS12_PASSWORD $TmpDir/nssdb $nss_db_password $admin_cert_nickname" 0 "Import Admin certificate to $TmpDir/nssdb" + rlRun "install_and_trust_CA_cert $CA_SERVER_ROOT $TmpDir/nssdb" + + rlRun "mkdir /tmp/dummydb" + rlLog "Cert Database for untrusted cert's : /tmp/dummydb" + rlRun "importP12File $CA_ADMIN_CERT_LOCATION $CA_CLIENT_PKCS12_PASSWORD /tmp/dummydb $nss_db_password $admin_cert_nickname" 0 "Import Admin certificate to /tmp/dummydb" + rlRun "install_and_trust_CA_cert $CA_SERVER_ROOT /tmp/dummydb" + + rlRun "mkdir /tmp/requestdb" + rlLog "importP12File $CA_ADMIN_CERT_LOCATION $CA_CLIENT_PKCS12_PASSWORD /tmp/requestdb $nss_db_password $admin_cert_nickname" + rlRun "importP12File $CA_ADMIN_CERT_LOCATION $CA_CLIENT_PKCS12_PASSWORD /tmp/requestdb $nss_db_password $admin_cert_nickname" 0 "Import Admin certificate to /tmp/requestdb" + rlRun "install_and_trust_CA_cert $CA_SERVER_ROOT /tmp/requestdb" + + rlPhaseEnd + + + + rlPhaseStartSetup "Creating user, create user and add it to the user, add user to the group" + + user=($CA_adminV_user $CA_adminV_fullName $CA_adminR_user $CA_adminR_fullName $CA_adminE_user $CA_adminE_fullName $CA_adminUTCA_user $CA_adminUTCA_fullName $CA_agentV_user $CA_agentV_fullName $CA_agentR_user $CA_agentR_fullName $CA_agentE_user $CA_agentE_fullName $CA_agentUTCA_user $CA_agentUTCA_fullName $CA_auditV_user $CA_auditV_fullName $CA_operatorV_user $CA_operatorV_fullName) + i=0 + while [ $i -lt ${#user[@]} ] ; do + userid=${user[$i]} + userfullName=${user[$i+1]} + + #Create $userid user + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-add --fullName=\"$userfullName\" $userid" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-add --fullName=\"$userfullName\" $userid" \ + 0 \ + "Add user $userid to CA" + + #=====Adding user to respective group. Administrator, Certificate Manager Agent, Auditor=====# + if [ $userid == $CA_adminV_user -o $userid == $CA_adminR_user -o $userid == $CA_adminE_user -o $userid == $CA_adminUTCA_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + group-add-member Administrators $userid > $TmpDir/pki-user-add-ca-group001$i.out" \ + 0 \ + "Add user $userid to Administrators group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-ca-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-ca-group001$i.out" + elif [ $userid == $CA_agentV_user -o $userid == $CA_agentR_user -o $userid == $CA_agentE_user -o $userid == $CA_agentUTCA_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + group-add-member \"Certificate Manager Agents\" $userid > $TmpDir/pki-user-add-ca-group001$i.out" \ + 0 \ + "Add user $userid to Certificate Manager Agents group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-ca-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-ca-group001$i.out" + + elif [ $userid == $CA_auditV_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + group-add-member Auditors $userid > $TmpDir/pki-user-add-ca-group001$i.out" \ + 0 \ + "Add user $userid to Auditors group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-ca-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-ca-group001$i.out" + + elif [ $userid == $CA_operatorV_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + group-add-member \"Trusted Managers\" $userid > $TmpDir/pki-user-add-ca-group001$i.out" \ + 0 \ + "Add user $userid to Trusted Managers group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-ca-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-ca-group001$i.out" + fi + #================# + + if [ $userid == $CA_adminV_user -o $userid == $CA_adminR_user -o $userid == $CA_adminE_user -o $userid == $CA_agentV_user -o $userid == $CA_agentR_user -o $userid == $CA_agentE_user -o $userid == $CA_auditV_user -o $userid == $CA_operatorV_user ]; then + + #Create a cert and add it to the $userid user + rlLog "Admin Certificate is located at: $CA_ADMIN_CERT_LOCATION" + local temp_file="/tmp/requestdb/certrequest_001$i.xml" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + cert-request-profile-show caUserCert --output $temp_file" \ + 0 \ + "Enrollment Template for Profile caUserCert" + #rlRun "create_certdb \"/tmp/requestdb\" Password" 0 "Create a certificate db" + rlRun "generate_PKCS10 \"/tmp/requestdb\" Password rsa 2048 \"/tmp/requestdb/request_001$i.out\" \"CN=adminV\" " 0 "generate PKCS10 certificate" + rlRun "sed -e '/-----BEGIN NEW CERTIFICATE REQUEST-----/d' -i /tmp/requestdb/request_001$i.out" + rlRun "sed -e '/-----END NEW CERTIFICATE REQUEST-----/d' -i /tmp/requestdb/request_001$i.out" + rlRun "dos2unix /tmp/requestdb/request_001$i.out" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='cert_request_type']/value\" -v 'pkcs10' $temp_file" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='cert_request']/value\" -v \"$(cat -v /tmp/requestdb/request_001$i.out)\" $temp_file" 0 "adding certificate request" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='sn_uid']/value\" -v $userid $temp_file" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='sn_e']/value\" -v $userid@example.com $temp_file" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='sn_cn']/value\" -v $userfullName $temp_file" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='sn_ou']/value\" -v Engineering $temp_file" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='sn_o']/value\" -v Example $temp_file" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='sn_c']/value\" -v US $temp_file" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='requestor_name']/value\" -v $userid $temp_file" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='requestor_email']/value\" -v $userid@example.com $temp_file" + rlRun "xmlstarlet ed -L -u \"CertEnrollmentRequest/Input/attribute[@name='requestor_phone']/value\" -v 123-456-7890 $temp_file" + + if [ $userid == $CA_adminV_user -o $userid == $CA_adminR_user -o $userid == $CA_agentV_user -o $userid == $CA_agentR_user -o $userid == $CA_auditV_user -o $userid == $CA_operatorV_user ]; then + #cert-request-submit===== + rlLog "Executing: pki cert-request-submit $temp_file" + rlRun "pki cert-request-submit $temp_file > /tmp/requestdb/certrequest_$i.out" 0 "Executing pki cert-request-submit" + rlAssertGrep "Submitted certificate request" "/tmp/requestdb/certrequest_$i.out" + rlAssertGrep "Request ID:" "/tmp/requestdb/certrequest_$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequest_$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequest_$i.out" + local request_id=`cat /tmp/requestdb/certrequest_$i.out | grep "Request ID:" | awk '{print $3}'` + rlLog "Request ID=$request_id" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestshow_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestshow_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestshow_001$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequestshow_001$i.out" + rlAssertGrep "Operation Result: success" "/tmp/requestdb/certrequestshow_001$i.out" + #Agent Approve the certificate after reviewing the cert for the user + rlLog "Executing: pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + cert-request-review --action=approve $request_id" + + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + cert-request-review --action=approve $request_id > /tmp/requestdb/certapprove_001$i.out" \ + 0 \ + "CA agent approve the cert" + rlAssertGrep "Approved certificate request $request_id" "/tmp/requestdb/certapprove_001$i.out" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestapprovedshow_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestapprovedshow_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestapprovedshow_001$i.out" + rlAssertGrep "Status: complete" "/tmp/requestdb/certrequestapprovedshow_001$i.out" + rlAssertGrep "Certificate ID:" "/tmp/requestdb/certrequestapprovedshow_001$i.out" + local certificate_serial_number=`cat /tmp/requestdb/certrequestapprovedshow_001$i.out | grep "Certificate ID:" | awk '{print $3}'` + rlLog "Cerificate Serial Number=$certificate_serial_number" + + #Verify the certificate is valid + rlRun "pki cert-show $certificate_serial_number --encoded > /tmp/requestdb/certificate_show_001$i.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/certificate_show_001$i.out" + rlAssertGrep "Status: VALID" "/tmp/requestdb/certificate_show_001$i.out" + + rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' /tmp/requestdb/certificate_show_001$i.out > /tmp/requestdb/validcert_001$i.pem" + rlRun "certutil -d /tmp/requestdb -A -n $userid -i /tmp/requestdb/validcert_001$i.pem -t "u,u,u"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + user-add-cert $userid --input /tmp/requestdb/validcert_001$i.pem > /tmp/requestdb/useraddcert__001$i.out" \ + 0 \ + "Cert is added to the user $userid" + + elif [ $userid == $CA_adminE_user -o $userid == $CA_agentE_user ]; then + #=======Expired cert waiting on response to --output ticket https://fedorahosted.org/pki/ticket/674 =======# + local profile_file="/var/lib/pki/pki-tomcat/ca/profiles/ca/caUserCert.cfg" + default_days="policyset.userCertSet.2.default.params.range=180" + change_days="policyset.userCertSet.2.default.params.range=1" + rlLog "Executing: sed -e 's/$default_days/$change_days/g' -i $profile_file" + rlRun "sed -e 's/$default_days/$change_days/g' -i $profile_file" + rlLog "Restart the subsytem" + rlRun "systemctl restart pki-tomcatd\@pki-tomcat.service" + #cert-request-submit===== + #rlLog "Executing: pki cert-request-submit $temp_file" + #lRun "pki cert-request-submit $temp_file > /tmp/requestdb/certrequest_$i.out" 0 "Executing pki cert-request-submit" + rlRun "cat $profile_file" + rlRun "sleep 30" + rlLog "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + cert-request-submit $temp_file > /tmp/requestdb/certrequest_$i.out" + + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + cert-request-submit $temp_file > /tmp/requestdb/certrequest_$i.out" \ + 0 \ + "Certificate request submit" + + rlAssertGrep "Submitted certificate request" "/tmp/requestdb/certrequest_$i.out" + rlAssertGrep "Request ID:" "/tmp/requestdb/certrequest_$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequest_$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequest_$i.out" + local request_id=`cat /tmp/requestdb/certrequest_$i.out | grep "Request ID:" | awk '{print $3}'` + rlLog "Request ID=$request_id" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestshow_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestshow_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestshow_001$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequestshow_001$i.out" + rlAssertGrep "Operation Result: success" "/tmp/requestdb/certrequestshow_001$i.out" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + cert-request-review --action=approve $request_id > /tmp/requestdb/certapprove_001$i.out" \ + 0 \ + "CA agent approve the cert" + rlLog "cat /tmp/requestdb/certapprove_001$i.out" + rlAssertGrep "Approved certificate request $request_id" "/tmp/requestdb/certapprove_001$i.out" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestapprovedshow_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestapprovedshow_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestapprovedshow_001$i.out" + rlAssertGrep "Status: complete" "/tmp/requestdb/certrequestapprovedshow_001$i.out" + rlAssertGrep "Certificate ID:" "/tmp/requestdb/certrequestapprovedshow_001$i.out" + local certificate_serial_number=`cat /tmp/requestdb/certrequestapprovedshow_001$i.out | grep "Certificate ID:" | awk '{print $3}'` + rlLog "Cerificate Serial Number=$certificate_serial_number" + #Verify the certificate is expired + rlRun "pki cert-show $certificate_serial_number --encoded > /tmp/requestdb/certificate_show_001$i.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/certificate_show_001$i.out" + rlAssertGrep "Status: VALID" "/tmp/requestdb/certificate_show_001$i.out" + rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' /tmp/requestdb/certificate_show_001$i.out > /tmp/requestdb/validcert_001$i.pem" + rlRun "certutil -d /tmp/requestdb -A -n $userid -i /tmp/requestdb/validcert_001$i.pem -t "u,u,u"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + user-add-cert $userid --input /tmp/requestdb/validcert_001$i.pem > /tmp/requestdb/useraddcert__001$i.out" \ + 0 \ + "Cert is added to the user $userid" + rlLog "Modifying profile back to the defaults" + rlRun "sed -e 's/$change_days/$default_days/g' -i $profile_file" + rlLog "Restart the subsytem" + rlRun "systemctl restart pki-tomcatd\@pki-tomcat.service" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date" + rlRun "sleep 30" + rlRun "pki cert-show $certificate_serial_number --encoded > /tmp/requestdb/certificate_show_exp_001$i.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/certificate_show_exp_001$i.out" + rlAssertGrep "Status: EXPIRED" "/tmp/requestdb/certificate_show_exp_001$i.out" + rlRun "date --set='2 days ago'" 0 "Set System back to the present day" + fi + fi + #Add the certificate to /tmp/requestdb + #note: certificate b664 at /tmp/requestdb/certificate_show_001$i.out + if [ $userid == $CA_adminUTCA_user ]; then + rlRun "certutil -d /tmp/dummydb -A -n $userid -i /opt/rhqa_pki/dummycert1.pem -t ",,"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + user-add-cert $userid --input /opt/rhqa_pki/dummycert1.pem > /tmp/requestdb/useraddcert__001$i.out" \ + 0 \ + "Cert is added to the user $userid" + elif [ $userid == $CA_agentUTCA_user ]; then + rlRun "certutil -d /tmp/dummydb -A -n $userid -i /opt/rhqa_pki/dummycert1.pem -t ",,"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + user-add-cert $userid --input /opt/rhqa_pki/dummycert1.pem > /tmp/requestdb/useraddcert__001$i.out" \ + 0 \ + "Cert is added to the user $userid" + #Revoke certificate of user CA_adminR and CA_agentR + elif [ $userid == $CA_adminR_user -o $userid == $CA_agentR_user ] ;then + rlLog "$userid" + rlLog "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + cert-revoke $certificate_serial_number --force --reason = Unspecified > /tmp/requestdb/revokecert__001$i.out" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ca \ + cert-revoke $certificate_serial_number --force --reason=Unspecified > /tmp/requestdb/revokecert__001$i.out" \ + 0 \ + "Certificate of user $userid is revoked" + rlAssertGrep "Serial Number: $certificate_serial_number" "/tmp/requestdb/revokecert__001$i.out" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/revokecert__001$i.out" + rlAssertGrep "Status: REVOKED" "/tmp/requestdb/revokecert__001$i.out" + fi + let i=$i+2 + done + rlPhaseEnd +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-del-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-del-ca.sh new file mode 100755 index 000000000..b31a96325 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-del-ca.sh @@ -0,0 +1,165 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Laxmi Sunkara <lsunkara@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + + +######################################################################## +# Test Suite Globals +######################################################################## +user1=ca_agent2 +user1fullname="Test ca_agent" +user2=abcdefghijklmnopqrstuvwxyx12345678 +user3=abc# +user4=abc$ +user5=abc@ +user6=abc? +user7=0 + +run_pki-user-cli-user-del-ca_tests(){ + rlPhaseStartSetup "pki_user_cli_user_add-ca-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_del-001: Add users to test user-del functionality" + del_user=($CA_adminV_user $CA_adminR_user $CA_adminE_user $CA_adminUTCA_user $CA_agentV_user $CA_agentR_user $CA_agentE_user $CA_agentUTCA_user $CA_auditV_user $CA_operatorV_user) + #positive test cases + #Add users to CA using CA_adminV cert + i=1 + while [ $i -lt 25 ] ; do + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test_user u$i" + let i=$i+1 + done + + #===Deleting users created using CA_adminV cert===# + i=1 + while [ $i -lt 25 ] ; do + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del u$i > $TmpDir/pki-user-del-ca-user1-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-ca-user1-00$i.out" + let i=$i+1 + done + #Add users to CA using CA_adminV cert + i=1 + while [ $i -lt 8 ] ; do + eval usr=\$user$i + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test_user $usr" + let i=$i+1 + done + + #===Deleting users(symbols) created using CA_adminV cert===# + j=1 + while [ $j -lt 8 ] ; do + eval usr=\$user$j + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del $usr> $TmpDir/pki-user-del-ca-user2-00$j.out" \ + 0 \ + "Deleted user $usr" + rlAssertGrep "Deleted user \"$usr\"" "$TmpDir/pki-user-del-ca-user2-00$j.out" + let j=$j+1 + done + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_del-002: Case sensitive userid, Negative test case" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test_user user_abc" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del USER_ABC > $TmpDir/pki-user-del-ca-user-002_1.out" \ + 0 \ + "Deleted user USER_ABC userid is not case sensitive" + rlAssertGrep "Deleted user \"USER_ABC\"" "$TmpDir/pki-user-del-ca-user-002_1.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_del-003: user id missing, Negative test case" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test_user test_user" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del > $TmpDir/pki-user-del-ca-user-003_1.out 2>&1" \ + 1 \ + "Cannot delete a user without userid" + rlAssertGrep "usage: user-del <User ID>" "$TmpDir/pki-user-del-ca-user-003_1.out" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del test_user > $TmpDir/pki-user-del-ca-user-003_2.out" \ + 0 \ + "Deleted user test_user" + rlAssertGrep "Deleted user \"test_user\"" "$TmpDir/pki-user-del-ca-user-003_2.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_del-004:Deleting users created with valid, revoked, expired and untrusted cert" + i=0 + while [ $i -lt ${#del_user[@]} ] ; do + userid_del=${del_user[$i]} + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-del $userid_del > $TmpDir/pki-user-del-ca-user4-00$i.out" \ + 0 \ + "Deleted user $userid_del" + rlAssertGrep "Deleted user \"$userid_del\"" "$TmpDir/pki-user-del-ca-user4-00$i.out" + let i=$i+1 + done + rlRun "rm -r $TmpDir" 0 "Removing temp directory" + rlRun "popd" + rlRun "rm -rf /tmp/requestdb" + rlRun "rm -rf /tmp/dummydb" + + + rlPhaseEnd + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-find-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-find-ca.sh new file mode 100755 index 000000000..5a318a3fd --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-find-ca.sh @@ -0,0 +1,249 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Laxmi Sunkara <lsunkara@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +######################################################################## +# Test Suite Globals +######################################################################## + +user1="ca_agent2" +user1fullname="Test ca_agent" +user2=abcdefghijklmnopqrstuvwxyx12345678 +user3=abc# +user4=abc$ +user5=abc@ +user6=abc? +user7=0 + + +######################################################################## + +run_pki-user-cli-user-find-ca_tests(){ + rlPhaseStartSetup "pki_user_cli_user_show-ca-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + rlPhaseStartSetup "pki_user_cli_user_show-ca-startup-addusers:Add users to test the user-find functionality" + i=1 + while [ $i -lt 25 ] ; do + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test_user u$i" + let i=$i+1 + done + j=1 + while [ $j -lt 8 ] ; do + eval usr=\$user$j + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test_user $usr" + let j=$j+1 + done + + + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_find-ca-001: Find 5 users, --size=5" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=5 > $TmpDir/pki-user-find-ca-001.out 2>&1" \ + 0 \ + "Found 5 users" + rlAssertGrep "Number of entries returned 5" "$TmpDir/pki-user-find-ca-001.out" + rlPhaseEnd + + + rlPhaseStartTest "pki_user_cli_user_find-ca-002: Find non user, --size=0" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=0 > $TmpDir/pki-user-find-ca-002.out 2>&1" \ + 0 \ + "Found no users" + rlAssertGrep "Number of entries returned 0" "$TmpDir/pki-user-find-ca-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ca-003: Find all users, maximum possible value as input" + maximum_check=1000000 + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=$maximum_check > $TmpDir/pki-user-find-ca-003.out 2>&1" \ + 0 \ + "All users" + rlAssertGrep "Number of entries returned 46" "$TmpDir/pki-user-find-ca-003.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ca-004: Find users, check for negative input --size=-1" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=-1 > $TmpDir/pki-user-find-ca-004.out 2>&1" \ + 0 \ + "No users returned as the size entered is negative value" + rlAssertGrep "Number of entries returned 0" "$TmpDir/pki-user-find-ca-004.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ca-005: Find users for size input as noninteger, --size=abc" + size_noninteger="abc" + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=$size_noninteger > $TmpDir/pki-user-find-ca-005.out 2>&1" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=$size_noninteger > $TmpDir/pki-user-find-ca-005.out 2>&1" \ + 1 \ + "No users returned" + rlAssertGrep "NumberFormatException: For input string: \"$size_noninteger\"" "$TmpDir/pki-user-find-ca-005.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ca-006: Find users, check for no input --size= " + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size= > $TmpDir/pki-user-find-ca-006.out 2>&1" \ + 1 \ + "No users returned, as --size= " + rlAssertGrep "NumberFormatException: For input string: \"""\"" "$TmpDir/pki-user-find-ca-006.out" + rlPhaseEnd + + + rlPhaseStartTest "pki_user_cli_user_find-ca-007: Find users, --start=10 " + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=10 > $TmpDir/pki-user-find-ca-007.out 2>&1" \ + 0 \ + "Displays users from the 10th user and the next to the maximum 20 users, if available " + rlAssertGrep "20 user(s) matched" "$TmpDir/pki-user-find-ca-007.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ca-008: Find users, --start=10000, maximum possible input " + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=10000 > $TmpDir/pki-user-find-ca-008.out 2>&1" \ + 0 \ + "No users" + rlAssertGrep "Number of entries returned 0" "$TmpDir/pki-user-find-ca-008.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ca-009: Find users, --start=0" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=0 > $TmpDir/pki-user-find-ca-009.out 2>&1" \ + 0 \ + "Displays from the zeroth user, maximum possible are 20 users in a page" + rlAssertGrep "Number of entries returned 20" "$TmpDir/pki-user-find-ca-009.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ca-0010: Find users, --start=-1" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=-1 > $TmpDir/pki-user-find-ca-0010.out 2>&1" \ + 0 \ + "Maximum possible 20 users are returned, starting from the zeroth user" + rlAssertGrep "19 user(s) matched" "$TmpDir/pki-user-find-ca-0010.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ca-0011: Find users for size input as noninteger, --start=abc" + size_noninteger="abc" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=$size_noninteger > $TmpDir/pki-user-find-ca-0011.out 2>&1" \ + 1 \ + "Incorrect input to find user" + rlAssertGrep "NumberFormatException: For input string: \"$size_noninteger\"" "$TmpDir/pki-user-find-ca-0011.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_cleanup-001_36: Deleting the temp directory and users" + del_user=($CA_adminV_user $CA_adminR_user $CA_adminE_user $CA_adminUTCA_user $CA_agentV_user $CA_agentR_user $CA_agentE_user $CA_agentUTCA_user $CA_auditV_user $CA_operatorV_user) + + #===Deleting users created using CA_adminV cert===# + i=1 + while [ $i -lt 24] ; do + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del u$i > $TmpDir/pki-user-del-ca-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-ca-user-00$i.out" + let i=$i+1 + done + #===Deleting users(symbols) created using CA_adminV cert===# + j=1 + while [ $j -lt 8 ] ; do + eval usr=\$user$j + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del $usr > $TmpDir/pki-user-del-ca-user-symbol-00$j.out" \ + 0 \ + "Deleted user $usr" + rlAssertGrep "Deleted user \"$usr\"" "$TmpDir/pki-user-del-ca-user-symbol-00$j.out" + let j=$j+1 + done + i=0 + while [ $i -lt ${#del_user[@]} ] ; do + userid_del=${del_user[$i]} + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-del $userid_del > $TmpDir/pki-user-del-ca-00$i.out" \ + 0 \ + "Deleted user $userid_del" + rlAssertGrep "Deleted user \"$userid_del\"" "$TmpDir/pki-user-del-ca-00$i.out" + let i=$i+1 + done + + + rlRun "rm -r $TmpDir" 0 "Removing temp directory" + rlRun "popd" + rlRun "rm -rf /tmp/requestdb" + rlRun "rm -rf /tmp/dummydb" + + rlPhaseEnd + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-show-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-show-ca.sh new file mode 100755 index 000000000..34efa4bc0 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-show-ca.sh @@ -0,0 +1,642 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Laxmi Sunkara <lsunkara@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + +###################################################################################### +#pki-user-cli-user-ca.sh should be first executed prior to pki-user-cli-user-add-ca.sh +#pki-user-cli-user-add-ca.sh should be first executed prior to pki-user-cli-user-add-ca.sh +###################################################################################### + +######################################################################## +# Test Suite Globals +######################################################################## + +######################################################################## +user1=ca_agent2 +user1fullname="Test ca_agent" +user2=abcdefghijklmnopqrstuvwxyx12345678 +user3=abc# +user4=abc$ +user5=abc@ +user6=abc? +user7=0 + +run_pki-user-cli-user-show-ca_tests(){ + rlPhaseStartSetup "pki_user_cli_user_show-ca-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + ##### Tests to show CA users #### + rlPhaseStartTest "pki_user_cli_user_show-CA-001: Add a user to CA using CA_adminV" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show $user1" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show $user1 > $TmpDir/pki-user-show-ca-001.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"$user1\"" "$TmpDir/pki-user-show-ca-001.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-show-ca-001.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-ca-001.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_1:maximum length of user id " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user2" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show $user2 > $TmpDir/pki-user-show-ca-001_1.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"$user2\"" "$TmpDir/pki-user-show-ca-001_1.out" + rlAssertGrep "User ID: $user2" "$TmpDir/pki-user-show-ca-001_1.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_1.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_2:User id with # character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user3" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show $user3 > $TmpDir/pki-user-show-ca-001_2.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"$user3\"" "$TmpDir/pki-user-show-ca-001_2.out" + rlAssertGrep "User ID: $user3" "$TmpDir/pki-user-show-ca-001_2.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_2.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_3:User id with $ character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user4" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show $user4 > $TmpDir/pki-user-show-ca-001_3.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"$user4\"" "$TmpDir/pki-user-show-ca-001_3.out" + rlAssertGrep "User ID: abc\\$" "$TmpDir/pki-user-show-ca-001_3.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_3.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_4:User id with @ character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user5" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show $user5 > $TmpDir/pki-user-show-ca-001_4.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"$user5\"" "$TmpDir/pki-user-show-ca-001_4.out" + rlAssertGrep "User ID: $user5" "$TmpDir/pki-user-show-ca-001_4.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_4.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_5:User id with ? character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user6" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show $user6 > $TmpDir/pki-user-show-ca-001_5.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"$user6\"" "$TmpDir/pki-user-show-ca-001_5.out" + rlAssertGrep "User ID: $user6" "$TmpDir/pki-user-show-ca-001_5.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_5.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_6:User id as 0" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test $user7" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show $user7 > $TmpDir/pki-user-show-ca-001_6.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"$user7\"" "$TmpDir/pki-user-show-ca-001_6.out" + rlAssertGrep "User ID: $user7" "$TmpDir/pki-user-show-ca-001_6.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_6.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_7:--email with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=abcdefghijklmnopqrstuvwxyx12345678 u1" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u1 > $TmpDir/pki-user-show-ca-001_7.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u1\"" "$TmpDir/pki-user-show-ca-001_7.out" + rlAssertGrep "User ID: u1" "$TmpDir/pki-user-show-ca-001_7.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_7.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-show-ca-001_7.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_8:--email with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=abcdefghijklmnopqrstuvwxyx12345678#?*@$ u2" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u2 > $TmpDir/pki-user-show-ca-001_8.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u2\"" "$TmpDir/pki-user-show-ca-001_8.out" + rlAssertGrep "User ID: u2" "$TmpDir/pki-user-show-ca-001_8.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_8.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-show-ca-001_8.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_9:--email with # character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=# u3" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u3 > $TmpDir/pki-user-show-ca-001_9.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u3\"" "$TmpDir/pki-user-show-ca-001_9.out" + rlAssertGrep "User ID: u3" "$TmpDir/pki-user-show-ca-001_9.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_9.out" + rlAssertGrep "Email: #" "$TmpDir/pki-user-show-ca-001_9.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_10:--email with * character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=* u4" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u4 > $TmpDir/pki-user-show-ca-001_10.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u4\"" "$TmpDir/pki-user-show-ca-001_10.out" + rlAssertGrep "User ID: u4" "$TmpDir/pki-user-show-ca-001_10.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_10.out" + rlAssertGrep "Email: *" "$TmpDir/pki-user-show-ca-001_10.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_11:--email with $ character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=$ u5" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u5 > $TmpDir/pki-user-show-ca-001_11.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u5\"" "$TmpDir/pki-user-show-ca-001_11.out" + rlAssertGrep "User ID: u5" "$TmpDir/pki-user-show-ca-001_11.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_11.out" + rlAssertGrep "Email: \\$" "$TmpDir/pki-user-show-ca-001_11.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_12:--email as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=0 u6" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u6 > $TmpDir/pki-user-show-ca-001_12.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u6\"" "$TmpDir/pki-user-show-ca-001_12.out" + rlAssertGrep "User ID: u6" "$TmpDir/pki-user-show-ca-001_12.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_12.out" + rlAssertGrep "Email: 0" "$TmpDir/pki-user-show-ca-001_12.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_13:--state with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=abcdefghijklmnopqrstuvwxyx12345678 u7 " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u7 > $TmpDir/pki-user-show-ca-001_13.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u7\"" "$TmpDir/pki-user-show-ca-001_13.out" + rlAssertGrep "User ID: u7" "$TmpDir/pki-user-show-ca-001_13.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_13.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-show-ca-001_13.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_14:--state with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=abcdefghijklmnopqrstuvwxyx12345678#?*@$ u8" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u8 > $TmpDir/pki-user-show-ca-001_14.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u8\"" "$TmpDir/pki-user-show-ca-001_14.out" + rlAssertGrep "User ID: u8" "$TmpDir/pki-user-show-ca-001_14.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_14.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-show-ca-001_14.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_15:--state with # character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=# u9" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u9 > $TmpDir/pki-user-show-ca-001_15.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u9\"" "$TmpDir/pki-user-show-ca-001_15.out" + rlAssertGrep "User ID: u9" "$TmpDir/pki-user-show-ca-001_15.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_15.out" + rlAssertGrep "State: #" "$TmpDir/pki-user-show-ca-001_15.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_16:--state with * character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=* u10" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u10 > $TmpDir/pki-user-show-ca-001_16.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u10\"" "$TmpDir/pki-user-show-ca-001_16.out" + rlAssertGrep "User ID: u10" "$TmpDir/pki-user-show-ca-001_16.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_16.out" + rlAssertGrep "State: *" "$TmpDir/pki-user-show-ca-001_16.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_17:--state with $ character " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=$ u11" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u11 > $TmpDir/pki-user-show-ca-001_17.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u11\"" "$TmpDir/pki-user-show-ca-001_17.out" + rlAssertGrep "User ID: u11" "$TmpDir/pki-user-show-ca-001_17.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_17.out" + rlAssertGrep "State: \\$" "$TmpDir/pki-user-show-ca-001_17.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_18:--state as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=0 u12" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u12 > $TmpDir/pki-user-show-ca-001_18.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u12\"" "$TmpDir/pki-user-show-ca-001_18.out" + rlAssertGrep "User ID: u12" "$TmpDir/pki-user-show-ca-001_18.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_18.out" + rlAssertGrep "State: 0" "$TmpDir/pki-user-show-ca-001_18.out" + rlPhaseEnd + #https://www.redhat.com/archives/pki-users/2010-February/msg00015.html + rlPhaseStartTest "pki_user_cli_user_show-CA-001_19:--phone with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=abcdefghijklmnopqrstuvwxyx12345678 u13" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u13 > $TmpDir/pki-user-show-ca-001_19.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u13\"" "$TmpDir/pki-user-show-ca-001_19.out" + rlAssertGrep "User ID: u13" "$TmpDir/pki-user-show-ca-001_19.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_19.out" + rlAssertGrep "Phone: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-show-ca-001_19.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_24:--phone as negative number -1230 " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=-1230 u14" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u14 > $TmpDir/pki-user-show-ca-001_24.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u14\"" "$TmpDir/pki-user-show-ca-001_24.out" + rlAssertGrep "User ID: u14" "$TmpDir/pki-user-show-ca-001_24.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_24.out" + rlAssertGrep "Phone: -1230" "$TmpDir/pki-user-show-ca-001_24.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_show-CA-001_25:--type as Auditors" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=Auditors u15" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u15 > $TmpDir/pki-user-show-ca-001_25.out" \ + 0 \ + "Show pki CA_adminV user" + rlAssertGrep "User \"u15\"" "$TmpDir/pki-user-show-ca-001_25.out" + rlAssertGrep "User ID: u15" "$TmpDir/pki-user-show-ca-001_25.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_25.out" + rlAssertGrep "Type: Auditors" "$TmpDir/pki-user-show-ca-001_25.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_26:--type Certificate Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Certificate Manager Agents\" u16" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u16 > $TmpDir/pki-user-show-ca-001_26.out" \ + 0 \ + "Show pki CA user" + rlAssertGrep "User \"u16\"" "$TmpDir/pki-user-show-ca-001_26.out" + rlAssertGrep "User ID: u16" "$TmpDir/pki-user-show-ca-001_26.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_26.out" + rlAssertGrep "Type: Certificate Manager Agents" "$TmpDir/pki-user-show-ca-001_26.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_27:--type Registration Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Registration Manager Agents\" u17" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u17 > $TmpDir/pki-user-show-ca-001_27.out" \ + 0 \ + "Show pki CA user" + rlAssertGrep "User \"u17\"" "$TmpDir/pki-user-show-ca-001_27.out" + rlAssertGrep "User ID: u17" "$TmpDir/pki-user-show-ca-001_27.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_27.out" + rlAssertGrep "Type: Registration Manager Agents" "$TmpDir/pki-user-show-ca-001_27.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_28:--type Subsytem Group " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Subsytem Group\" u18" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u18 > $TmpDir/pki-user-show-ca-001_28.out" \ + 0 \ + "Show pki CA user" + rlAssertGrep "User \"u18\"" "$TmpDir/pki-user-show-ca-001_28.out" + rlAssertGrep "User ID: u18" "$TmpDir/pki-user-show-ca-001_28.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_28.out" + rlAssertGrep "Type: Subsytem Group" "$TmpDir/pki-user-show-ca-001_28.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_29:--type Security Domain Administrators " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Security Domain Administrators\" u19" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u19 > $TmpDir/pki-user-show-ca-001_29.out" \ + 0 \ + "Show pki CA user" + rlAssertGrep "User \"u19\"" "$TmpDir/pki-user-show-ca-001_29.out" + rlAssertGrep "User ID: u19" "$TmpDir/pki-user-show-ca-001_29.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_29.out" + rlAssertGrep "Type: Security Domain Administrators" "$TmpDir/pki-user-show-ca-001_29.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_30:--type ClonedSubsystems " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=ClonedSubsystems u20" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u20 > $TmpDir/pki-user-show-ca-001_30.out" \ + 0 \ + "Show pki CA user" + rlAssertGrep "User \"u20\"" "$TmpDir/pki-user-show-ca-001_30.out" + rlAssertGrep "User ID: u20" "$TmpDir/pki-user-show-ca-001_30.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_30.out" + rlAssertGrep "Type: ClonedSubsystems" "$TmpDir/pki-user-show-ca-001_30.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_31:--type Trusted Managers " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Trusted Managers\" u21" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-show u21 > $TmpDir/pki-user-show-ca-001_31.out" \ + 0 \ + "Show pki CA user" + rlAssertGrep "User \"u21\"" "$TmpDir/pki-user-show-ca-001_31.out" + rlAssertGrep "User ID: u21" "$TmpDir/pki-user-show-ca-001_31.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ca-001_31.out" + rlAssertGrep "Type: Trusted Managers" "$TmpDir/pki-user-show-ca-001_31.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_32: Add a user to CA with -t option" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$user1fullname\" u22" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-show u22 > $TmpDir/pki-user-show-ca-001_32.out" \ + 0 \ + "Show pki CA user" + rlAssertGrep "User \"u22\"" "$TmpDir/pki-user-show-ca-001_32.out" + rlAssertGrep "User ID: u22" "$TmpDir/pki-user-show-ca-001_32.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-ca-001_32.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-CA-001_33: Add a user -- all options provided" + email="ca_agent2@myemail.com" + user_password="agent2Password" + phone="1234567890" + state="NC" + type="Administrators" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-add --fullName=\"$user1fullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + --type $type \ + u23" + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-show u23 > $TmpDir/pki-user-show-ca-001_33.out" \ + 0 \ + "Show pki CA user" + + rlAssertGrep "User \"u23\"" "$TmpDir/pki-user-show-ca-001_33.out" + rlAssertGrep "User ID: u23" "$TmpDir/pki-user-show-ca-001_33.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-ca-001_33.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-show-ca-001_33.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-show-ca-001_33.out" + rlAssertGrep "Type: $type" "$TmpDir/pki-user-show-ca-001_33.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-show-ca-001_33.out" + rlPhaseEnd + #Negative Cases + rlPhaseStartTest "pki_user_cli_user_show-CA-001_34: Missing required option user id " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-show > $TmpDir/pki-user-show-ca-001_34.out 2>&1" \ + 1 \ + "Cannot show user without user id" + rlAssertGrep "usage: user-show <User ID>" "$TmpDir/pki-user-show-ca-001_34.out" + rlPhaseEnd + #====# + rlPhaseStartTest "pki_user_cli_user_show-CA-001_35: Checking if user id case sensitive " + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + -t ca \ + user-show U23 > $TmpDir/pki-user-show-ca-001_35.out 2>&1" \ + 0 \ + "User ID is not case sensitive" + rlAssertGrep "User \"U23\"" "$TmpDir/pki-user-show-ca-001_35.out" + rlAssertGrep "User ID: u23" "$TmpDir/pki-user-show-ca-001_35.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-ca-001_35.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-show-ca-001_35.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-show-ca-001_35.out" + rlAssertGrep "Type: $type" "$TmpDir/pki-user-show-ca-001_35.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-show-ca-001_35.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_cleanup-001_36: Deleting the temp directory and users" + del_user=($CA_adminV_user $CA_adminR_user $CA_adminE_user $CA_adminUTCA_user $CA_agentV_user $CA_agentR_user $CA_agentE_user $CA_agentUTCA_user $CA_auditV_user $CA_operatorV_user) + + #===Deleting users created using CA_adminV cert===# + i=1 + while [ $i -lt 24] ; do + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del u$i > $TmpDir/pki-user-del-ca-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-ca-user-00$i.out" + let i=$i+1 + done + #===Deleting users(symbols) created using CA_adminV cert===# + j=1 + while [ $j -lt 8 ] ; do + eval usr=\$user$j + rlRun "pki -d /tmp/requestdb \ + -n CA_adminV \ + -c $nss_db_password \ + user-del $usr > $TmpDir/pki-user-del-ca-user-symbol-00$j.out" \ + 0 \ + "Deleted user $usr" + rlAssertGrep "Deleted user \"$usr\"" "$TmpDir/pki-user-del-ca-user-symbol-00$j.out" + let j=$j+1 + done + i=0 + while [ $i -lt ${#del_user[@]} ] ; do + userid_del=${del_user[$i]} + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-del $userid_del > $TmpDir/pki-user-del-ca-00$i.out" \ + 0 \ + "Deleted user $userid_del" + rlAssertGrep "Deleted user \"$userid_del\"" "$TmpDir/pki-user-del-ca-00$i.out" + let i=$i+1 + done + + + rlRun "rm -r $TmpDir" 0 "Removing temp directory" + rlRun "popd" + rlRun "rm -rf /tmp/requestdb" + rlRun "rm -rf /tmp/dummydb" + + rlPhaseEnd + + + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/runtest.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/runtest.sh new file mode 100755 index 000000000..1721594f2 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/runtest.sh @@ -0,0 +1,77 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli/ca +# Description: PKI USER CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Laxmi Sunkara <lsunkara@redhat.com> +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include data-driven test data file: + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +# Include test case file +. ./pki-user-cli-user-ca.sh +. ./pki-user-cli-user-add-ca.sh +. ./pki-user-cli-user-show-ca.sh +. ./pki-user-cli-user-find-ca.sh +. ./pki-user-cli-user-del-ca.sh + + +############################################################################## +PACKAGE="pki-tools" + + +rlJournalStart + rlPhaseStartSetup "pki-user-cli-startup: Check for pki-tools package" + rpm -qa | grep $PACKAGE + if [ $? -eq 0 ] ; then + rlPass "$PACKAGE package is installed" + else + rlFail "$PACKAGE package NOT found!" + fi + rlPhaseEnd + + # Execute pki user ca config tests + run_pki-user-cli-user-ca_tests + # Execute pki user-add-ca tests + run_pki-user-cli-user-add-ca_tests + # Execute pki user-show-ca tests + run_pki-user-cli-user-show-ca_tests + # Execute pki user-find-ca tests + run_pki-user-cli-user-find-ca_tests + # Execute pki user-del-ca tests + run_pki-user-cli-user-del-ca_tests + rlJournalPrintText + report=/tmp/rhts.report.$RANDOM.txt + makereport $report + rhts-submit-log -l $report +rlJournalEnd diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/Makefile b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/Makefile new file mode 100644 index 000000000..002cedd9e --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/Makefile @@ -0,0 +1,75 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli/kra +# Description: RHCS pki-user-add CLI tests +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/rhcs/acceptance/cli-tests/pki-user-cli/kra +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) pki-user-cli-user-kra.sh pki-user-cli-user-add-kra.sh pki-user-cli-user-show-kra.sh pki-user-cli-user-find-kra.sh pki-user-cli-user-del-kra.sh runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + chmod a+x runtest.sh + chmod 777 pki-user-cli-user-kra.sh + chmod 777 pki-user-cli-user-add-kra.sh + chmod 777 pki-user-cli-user-show-kra.sh + chmod 777 pki-user-cli-user-find-kra.sh + chmod 777 pki-user-cli-user-del-kra.sh + +clean: + rm -f *~ $(BUILT_FILES) + chmod a+x runtest.sh + chmod 777 pki-user-cli-user-kra.sh + chmod 777 pki-user-cli-user-add-kra.sh + chmod 777 pki-user-cli-user-show-kra.sh + chmod 777 pki-user-cli-user-find-kra.sh + chmod 777 pki-user-cli-user-del-kra.sh + + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Asha Akkiangady <aakkiang@redhat.com>" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: RHCS quickinstall" >> $(METADATA) + @echo "Type: Functional" >> $(METADATA) + @echo "TestTime: 60m" >> $(METADATA) + @echo "RunFor: rhcs" >> $(METADATA) + @echo "Requires: expect" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/PURPOSE b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/PURPOSE new file mode 100644 index 000000000..f4f8eb49e --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +Description: pki user CLI tests +Author: Asha Akkiangady <aakkiang@redhat.com> diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-add-kra.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-add-kra.sh new file mode 100755 index 000000000..e7ce1ddcd --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-add-kra.sh @@ -0,0 +1,1192 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + +###################################################################################### +#pki-user-cli-user-kra.sh should be first executed prior to pki-user-cli-user-add-kra.sh +#pki-user-cli-user-kra.sh +###################################################################################### + +######################################################################## +# Test Suite Globals +######################################################################## + +user1="kra_agent2" +user1fullname="Test kra_agent" + +######################################################################## + +run_pki-user-cli-user-add-kra_tests(){ + rlPhaseStartSetup "pki_user_cli_user_add-kra-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + #====Ticket corresponding to pki_user_cli_user_add-configtest : https://fedorahosted.org/pki/ticket/519=====# + rlPhaseStartTest "pki_user_cli_user_add-configtest: pki user-add configuration test" + rlRun "pki user-add > $TmpDir/pki_user_add_cfg.out" \ + 1 \ + "https://fedorahosted.org/pki/ticket/519" + rlAssertGrep "usage: user-add <User ID> \[OPTIONS...\]" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--email <email> Email" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--fullName <fullName> Full name" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--password <password> Password" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--phone <phone> Phone" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--state <state> State" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--type <type> Type" "$TmpDir/pki_user_add_cfg.out" + rlPhaseEnd + ##### Tests to add KRA users using a user of admin group with a valid cert#### + rlPhaseStartTest "pki_user_cli_user_add-KRA-001: Add a user to KRA using KRA_adminV" + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" \ + 0 \ + "Add user $user1 to KRA_adminV" + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user1 > $TmpDir/pki-user-add-kra-001.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"$user1\"" "$TmpDir/pki-user-add-kra-001.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-kra-001.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-kra-001.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_1:maximum length of user id " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test abcdefghijklmnopqrstuvwxyx12345678 " \ + 0 \ + "Added user using KRA_adminV with maximum user id length" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show abcdefghijklmnopqrstuvwxyx12345678 > $TmpDir/pki-user-add-kra-001_1.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"abcdefghijklmnopqrstuvwxyx12345678\"" "$TmpDir/pki-user-add-kra-001_1.out" + rlAssertGrep "User ID: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-kra-001_1.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_1.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del abcdefghijklmnopqrstuvwxyx12345678 " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_2:User id with # character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test abc# " \ + 0 \ + "Added user using KRA_adminV, user id with # character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show abc# > $TmpDir/pki-user-add-kra-001_2.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"abc#\"" "$TmpDir/pki-user-add-kra-001_2.out" + rlAssertGrep "User ID: abc#" "$TmpDir/pki-user-add-kra-001_2.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_2.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del abc# " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_3:User id with $ character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test abc$ " \ + 0 \ + "Added user using KRA_adminV, user id with $ character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show abc$ > $TmpDir/pki-user-add-kra-001_3.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"abc$\"" "$TmpDir/pki-user-add-kra-001_3.out" + rlAssertGrep "User ID: abc\\$" "$TmpDir/pki-user-add-kra-001_3.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_3.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del abc$ " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_4:User id with @ character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test abc@ " \ + 0 \ + "Added user using KRA_adminV, user id with @ character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show abc@ > $TmpDir/pki-user-add-kra-001_4.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"abc@\"" "$TmpDir/pki-user-add-kra-001_4.out" + rlAssertGrep "User ID: abc@" "$TmpDir/pki-user-add-kra-001_4.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_4.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del abc@ " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_5:User id with ? character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test abc? " \ + 0 \ + "Added user using KRA_adminV, user id with ? character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show abc? > $TmpDir/pki-user-add-kra-001_5.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"abc?\"" "$TmpDir/pki-user-add-kra-001_5.out" + rlAssertGrep "User ID: abc?" "$TmpDir/pki-user-add-kra-001_5.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_5.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del abc? " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_6:User id as 0" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test 0 " \ + 0 \ + "Added user using KRA_adminV, user id 0" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show 0 > $TmpDir/pki-user-add-kra-001_6.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"0\"" "$TmpDir/pki-user-add-kra-001_6.out" + rlAssertGrep "User ID: 0" "$TmpDir/pki-user-add-kra-001_6.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_6.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del 0 " \ + 0 \ + "Delete user from KRA" + + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_7:--email with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=abcdefghijklmnopqrstuvwxyx12345678 a " \ + 0 \ + "Added user using KRA_adminV with maximum --email length" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show a > $TmpDir/pki-user-add-kra-001_7.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"a\"" "$TmpDir/pki-user-add-kra-001_7.out" + rlAssertGrep "User ID: a" "$TmpDir/pki-user-add-kra-001_7.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_7.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-kra-001_7.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del a" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_8:--email with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=abcdefghijklmnopqrstuvwxyx12345678#?*@$ b " \ + 0 \ + "Added user using KRA_adminV with maximum --email length and character symbols in it" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show b > $TmpDir/pki-user-add-kra-001_8.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"b\"" "$TmpDir/pki-user-add-kra-001_8.out" + rlAssertGrep "User ID: b" "$TmpDir/pki-user-add-kra-001_8.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_8.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-add-kra-001_8.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del b" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_9:--email with # character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=# d " \ + 0 \ + "Added user using KRA_adminV with --email # character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show d > $TmpDir/pki-user-add-kra-001_9.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"d\"" "$TmpDir/pki-user-add-kra-001_9.out" + rlAssertGrep "User ID: d" "$TmpDir/pki-user-add-kra-001_9.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_9.out" + rlAssertGrep "Email: #" "$TmpDir/pki-user-add-kra-001_9.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del d " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_10:--email with * character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=* e " \ + 0 \ + "Added user using KRA_adminV with --email * character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show e > $TmpDir/pki-user-add-kra-001_10.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"e\"" "$TmpDir/pki-user-add-kra-001_10.out" + rlAssertGrep "User ID: e" "$TmpDir/pki-user-add-kra-001_10.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_10.out" + rlAssertGrep "Email: *" "$TmpDir/pki-user-add-kra-001_10.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del e " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_11:--email with $ character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=$ f " \ + 0 \ + "Added user using KRA_adminV with --email $ character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show f > $TmpDir/pki-user-add-kra-001_11.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"f\"" "$TmpDir/pki-user-add-kra-001_11.out" + rlAssertGrep "User ID: f" "$TmpDir/pki-user-add-kra-001_11.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_11.out" + rlAssertGrep "Email: \\$" "$TmpDir/pki-user-add-kra-001_11.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del f " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_12:--email as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=0 z " \ + 0 \ + "Added user using KRA_adminV with --email 0" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show z > $TmpDir/pki-user-add-kra-001_12.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"z\"" "$TmpDir/pki-user-add-kra-001_12.out" + rlAssertGrep "User ID: z" "$TmpDir/pki-user-add-kra-001_12.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_12.out" + rlAssertGrep "Email: 0" "$TmpDir/pki-user-add-kra-001_12.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del z" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_13:--state with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=abcdefghijklmnopqrstuvwxyx12345678 h " \ + 0 \ + "Added user using KRA_adminV with maximum --state length" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show h > $TmpDir/pki-user-add-kra-001_13.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"h\"" "$TmpDir/pki-user-add-kra-001_13.out" + rlAssertGrep "User ID: h" "$TmpDir/pki-user-add-kra-001_13.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_13.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-kra-001_13.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del h " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_14:--state with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=abcdefghijklmnopqrstuvwxyx12345678#?*@$ i " \ + 0 \ + "Added user using KRA_adminV with maximum --state length and character symbols in it" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show i > $TmpDir/pki-user-add-kra-001_14.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"i\"" "$TmpDir/pki-user-add-kra-001_14.out" + rlAssertGrep "User ID: i" "$TmpDir/pki-user-add-kra-001_14.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_14.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-add-kra-001_14.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del i " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_15:--state with # character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=# j " \ + 0 \ + "Added user using KRA_adminV with --state # character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show j > $TmpDir/pki-user-add-kra-001_15.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"j\"" "$TmpDir/pki-user-add-kra-001_15.out" + rlAssertGrep "User ID: j" "$TmpDir/pki-user-add-kra-001_15.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_15.out" + rlAssertGrep "State: #" "$TmpDir/pki-user-add-kra-001_15.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del j" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_16:--state with * character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=* k " \ + 0 \ + "Added user using KRA_adminV with --state * character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show k > $TmpDir/pki-user-add-kra-001_16.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"k\"" "$TmpDir/pki-user-add-kra-001_16.out" + rlAssertGrep "User ID: k" "$TmpDir/pki-user-add-kra-001_16.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_16.out" + rlAssertGrep "State: *" "$TmpDir/pki-user-add-kra-001_16.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del k " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_17:--state with $ character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=$ l " \ + 0 \ + "Added user using KRA_adminV with --state $ character" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show l > $TmpDir/pki-user-add-kra-001_17.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"l\"" "$TmpDir/pki-user-add-kra-001_17.out" + rlAssertGrep "User ID: l" "$TmpDir/pki-user-add-kra-001_17.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_17.out" + rlAssertGrep "State: \\$" "$TmpDir/pki-user-add-kra-001_17.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del l " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_18:--state as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=0 m " \ + 0 \ + "Added user using KRA_adminV with --state 0" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show m > $TmpDir/pki-user-add-kra-001_18.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"m\"" "$TmpDir/pki-user-add-kra-001_18.out" + rlAssertGrep "User ID: m" "$TmpDir/pki-user-add-kra-001_18.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_18.out" + rlAssertGrep "State: 0" "$TmpDir/pki-user-add-kra-001_18.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del m" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_19:--phone with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=abcdefghijklmnopqrstuvwxyx12345678 n " \ + 0 \ + "Added user using KRA_adminV with maximum --phone length" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show n > $TmpDir/pki-user-add-kra-001_19.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"n\"" "$TmpDir/pki-user-add-kra-001_19.out" + rlAssertGrep "User ID: n" "$TmpDir/pki-user-add-kra-001_19.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_19.out" + rlAssertGrep "Phone: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-kra-001_19.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del n " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_20:--phone with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=abcdefghijklmnopqrstuvwxyx12345678#?*@$ o > $TmpDir/pki-user-add-kra-001_20.out 2>&1"\ + 1 \ + "Cannot add user using KRA_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-kra-001_20.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_21:--phone with # character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=# p > $TmpDir/pki-user-add-kra-001_21.out 2>&1" \ + 1 \ + "Cannot add user using KRA_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-kra-001_21.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_22:--phone with * character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=* q > $TmpDir/pki-user-add-kra-001_22.out 2>&1" \ + 1 \ + "Cannot add user using KRA_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-kra-001_22.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_23:--phone with $ character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=$ r > $TmpDir/pki-user-add-kra-001_23.out 2>&1" \ + 1 \ + "Cannot add user using KRA_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-kra-001_23.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_24:--phone as negative number -1230 " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=-1230 s " \ + 0 \ + "Added user using KRA_adminV with --phone -1230" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show s > $TmpDir/pki-user-add-kra-001_24.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"s\"" "$TmpDir/pki-user-add-kra-001_24.out" + rlAssertGrep "User ID: s" "$TmpDir/pki-user-add-kra-001_24.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_24.out" + rlAssertGrep "Phone: -1230" "$TmpDir/pki-user-add-kra-001_24.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del s " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_25:--type as Auditors" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=Auditors t " \ + 0 \ + "Added user using KRA_adminV with --type Auditors" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show t > $TmpDir/pki-user-add-kra-001_25.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"t\"" "$TmpDir/pki-user-add-kra-001_25.out" + rlAssertGrep "User ID: t" "$TmpDir/pki-user-add-kra-001_25.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_25.out" + rlAssertGrep "Type: Auditors" "$TmpDir/pki-user-add-kra-001_25.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del t " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_26:--type Data Recovery Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Certificate Manager Agents\" t" \ + 0 \ + "Added user using KRA_adminV --type Certificate Manager Agents" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show t > $TmpDir/pki-user-add-kra-001_26.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"t\"" "$TmpDir/pki-user-add-kra-001_26.out" + rlAssertGrep "User ID: t" "$TmpDir/pki-user-add-kra-001_26.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_26.out" + rlAssertGrep "Type: Certificate Manager Agents" "$TmpDir/pki-user-add-kra-001_26.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del t " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_27:--type Registration Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Registration Manager Agents\" u " \ + 0 \ + "Added user using KRA_adminV with --type Registration Manager Agents" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u > $TmpDir/pki-user-add-kra-001_27.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"u\"" "$TmpDir/pki-user-add-kra-001_27.out" + rlAssertGrep "User ID: u" "$TmpDir/pki-user-add-kra-001_27.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_27.out" + rlAssertGrep "Type: Registration Manager Agents" "$TmpDir/pki-user-add-kra-001_27.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del u" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_28:--type Subsytem Group " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Subsytem Group\" v " \ + 0 \ + "Added user using KRA_adminV with --type Subsytem Group" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show v > $TmpDir/pki-user-add-kra-001_28.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"v\"" "$TmpDir/pki-user-add-kra-001_28.out" + rlAssertGrep "User ID: v" "$TmpDir/pki-user-add-kra-001_28.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_28.out" + rlAssertGrep "Type: Subsytem Group" "$TmpDir/pki-user-add-kra-001_28.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del v" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_29:--type Security Domain Administrators " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Security Domain Administrators\" w " \ + 0 \ + "Added user using KRA_adminV with --type Security Domain Administrators" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show w > $TmpDir/pki-user-add-kra-001_29.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"w\"" "$TmpDir/pki-user-add-kra-001_29.out" + rlAssertGrep "User ID: w" "$TmpDir/pki-user-add-kra-001_29.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_29.out" + rlAssertGrep "Type: Security Domain Administrators" "$TmpDir/pki-user-add-kra-001_29.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del w" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_30:--type ClonedSubsystems " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=ClonedSubsystems x " \ + 0 \ + "Added user using KRA_adminV with --type ClonedSubsystems" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show x > $TmpDir/pki-user-add-kra-001_30.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"x\"" "$TmpDir/pki-user-add-kra-001_30.out" + rlAssertGrep "User ID: x" "$TmpDir/pki-user-add-kra-001_30.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_30.out" + rlAssertGrep "Type: ClonedSubsystems" "$TmpDir/pki-user-add-kra-001_30.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del x " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-001_31:--type Trusted Managers " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Trusted Managers\" y " \ + 0 \ + "Added user using KRA_adminV with --type Trusted Managers" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show y > $TmpDir/pki-user-add-kra-001_31.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"y\"" "$TmpDir/pki-user-add-kra-001_31.out" + rlAssertGrep "User ID: y" "$TmpDir/pki-user-add-kra-001_31.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-kra-001_31.out" + rlAssertGrep "Type: Trusted Managers" "$TmpDir/pki-user-add-kra-001_31.out" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del y " \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-002: Add a duplicate user to KRA" + command="pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=\"New user\" $user1 > $TmpDir/pki-user-add-kra-002.out 2>&1 " + + rlLog "Command=$command" + expmsg="ConflictingOperationException: Entry already exists." + rlRun "$command" 1 "Add duplicate user" + rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-kra-002.out" + rlLog "Clean-up:" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del $user1" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-KRA-003: Add a user to KRA with -t option" + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$user1fullname\" $user1" + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-003.out" \ + 0 \ + "Add user $user1 to KRA" + rlAssertGrep "Added user \"$user1\"" "$TmpDir/pki-user-add-kra-003.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-kra-003.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-kra-003.out" + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-show $user1 > $TmpDir/pki-user-add-kra-003_1.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"$user1\"" "$TmpDir/pki-user-add-kra-003_1.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-kra-003_1.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-kra-003_1.out" + rlLog "Clean-up:" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-del $user1" \ + 0 \ + "Delete user from KRA" + rlPhaseEnd + + + rlPhaseStartTest "pki_user_cli_user_add-KRA-004: Add a user -- missing required option user id" + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$user1fullname\" " + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$user1fullname\" > $TmpDir/pki-user-add-kra-004.out" \ + 1\ + "Add user -- missing required option user id" + rlAssertGrep "usage: user-add <User ID> \[OPTIONS...\]" "$TmpDir/pki-user-add-kra-004.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-KRA-005: Add a user -- missing required option --fullName" + command="pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add $user1 > $TmpDir/pki-user-add-kra-005.out 2>&1" + expmsg="Error: Missing required option: fullName" + rlLog "Executing: $command" + rlRun "$command" 1 "Add a user -- missing required option --fullName" + rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-kra-005.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-KRA-006: Add a user -- all options provided" + email="kra_agent2@myemail.com" + user_password="agent2Password" + phone="1234567890" + state="NC" + type="Administrators" + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$user1fullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + --type $type \ + $user1" + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$user1fullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + --type $type \ + $user1 > $TmpDir/pki-user-add-kra-006_1.out" \ + 0 \ + "Add user $user1 to KRA -- all options provided" + rlAssertGrep "Added user \"$user1\"" "$TmpDir/pki-user-add-kra-006_1.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-kra-006_1.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-kra-006_1.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-add-kra-006_1.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-add-kra-006_1.out" + rlAssertGrep "Type: $type" "$TmpDir/pki-user-add-kra-006_1.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-add-kra-006_1.out" + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-show $user1 > $TmpDir/pki-user-add-kra-006.out" \ + 0 \ + "Show pki KRA user" + + rlAssertGrep "User \"$user1\"" "$TmpDir/pki-user-add-kra-006.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-kra-006.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-kra-006.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-add-kra-006.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-add-kra-006.out" + rlAssertGrep "Type: $type" "$TmpDir/pki-user-add-kra-006.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-add-kra-006.out" + rlLog "Clean-up:" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-del $user1" \ + 0 \ + "Delete user from KRA" + + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-KRA-007: Add user to multiple groups" + user=multigroup_user + userfullname="Multiple Group User" + email="multiplegroup@myemail.com" + user_password="admin2Password" + phone="1234567890" + state="NC" + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$userfullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + $user" + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$userfullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + $user" \ + 0 \ + "Add user $user using KRA_adminV" + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + group-add-member Administrators $user > $TmpDir/pki-user-add-kra-007_1.out" \ + 0 \ + "Add user $user to Administrators group" + + rlAssertGrep "Added group member \"$user\"" "$TmpDir/pki-user-add-kra-007_1.out" + rlAssertGrep "User: $user" "$TmpDir/pki-user-add-kra-007_1.out" + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + group-find-member Administrators > $TmpDir/pki-user-add-kra-007.out" \ + 0 \ + "Show pki group-find-member Administrators" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + group-add-member \"Certificate Manager Agents\" $user > $TmpDir/pki-user-add-kra-007_1_1.out" \ + 0 \ + "Add user $user to Administrators group" + + rlAssertGrep "Added group member \"$user\"" "$TmpDir/pki-user-add-kra-007_1_1.out" + rlAssertGrep "User: $user" "$TmpDir/pki-user-add-kra-007_1_1.out" + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + group-find-member \"Certificate Manager Agents\" > $TmpDir/pki-user-add-kra-007_2.out" \ + 0 \ + "Show pki group-find-member Administrators" + + rlAssertGrep "User: $user" "$TmpDir/pki-user-add-kra-007_2.out" + + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-del $user" \ + 0 \ + "Delete user $user " + + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-KRA-008: Add user with --password " + userpw="pass" + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" --password=$userpw $user1 > $TmpDir/pki-user-add-kra-008.out 2>&1" + expmsg="PKIException: The password must be at least 8 characters" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$user1fullname\" --password=$userpw $user1 > $TmpDir/pki-user-add-kra-008.out 2>&1" \ + 1 \ + "Add a user --must be at least 8 characters --password" + rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-kra-008.out" + + rlPhaseEnd + + ##### Tests to add users using revoked cert##### + rlPhaseStartTest "pki_user_cli_user_add-KRA-009: Cannot add user using a revoked cert KRA_adminR" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_adminR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-revoke-adminR-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a user having revoked cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-kra-revoke-adminR-002.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-KRA-009_1: Cannot add user using a agent or a revoked cert KRA_agentR" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-revoke-agentR-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a user having revoked cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-kra-revoke-agentR-002.out" + rlPhaseEnd + + + ##### Tests to add users using an agent user##### + rlPhaseStartTest "pki_user_cli_user_add-KRA-0010: Cannot add user using a KRA_agentV user" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_agentV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_agentV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-agentV-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-kra-agentV-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-KRA-0011: Cannot add user using a KRA_agentR user" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-agentR-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-kra-agentR-002.out" + rlPhaseEnd + ##### Tests to add users using expired cert##### + rlPhaseStartTest "pki_user_cli_user_add-KRA-0012: Cannot add user using a KRA_adminE cert" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date" + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_adminE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-adminE-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "RuntimeException: java.io.IOException: SocketException cannot read on socket" "$TmpDir/pki-user-add-kra-adminE-002.out" + rlRun "date --set='2 days ago'" 0 "Set System back to the present day" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-KRA-0013: Cannot add user using a KRA_agentE cert" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date" + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_agentE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_agentE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-agentE-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "RuntimeException: java.io.IOException: SocketException cannot read on socket" "$TmpDir/pki-user-add-kra-agentE-002.out" + rlRun "date --set='2 days ago'" 0 "Set System back to the present day" + rlPhaseEnd + + ##### Tests to add users using audit users##### + rlPhaseStartTest "pki_user_cli_user_add-KRA-0012: Cannot add user using a KRA_auditV" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_auditV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_auditV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-auditV-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a audit cert" + rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-kra-auditV-002.out" + rlPhaseEnd + + ##### Tests to add users using operator user### + rlPhaseStartTest "pki_user_cli_user_add-KRA-0013: Cannot add user using a KRA_operatorV" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n KRA_operatorV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_operatorV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-operatorV-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a operator cert" + rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-kra-operatorV-002.out" + rlPhaseEnd + + + ##### Tests to add users using KRA_adminUTKRA and KRA_agentUTKRA user's certificate will be issued by an untrusted KRA users##### + rlPhaseStartTest "pki_user_cli_user_add-KRA-0014: Cannot add user using a KRA_adminUTKRA" + + rlLog "Executing: pki -d /tmp/dummydb \ + -n KRA_adminUTKRA \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/dummydb \ + -n KRA_adminUTKRA \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-adminUTKRA-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a untrusted cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-kra-adminUTKRA-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-KRA-0014: Cannot add user using a KRA_agentUTKRA" + + rlLog "Executing: pki -d /tmp/dummydb \ + -n KRA_agentUTKRA \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/dummydb \ + -n KRA_agentUTKRA \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-kra-agentUTKRA-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a untrusted cert" + rlAssertGrep "RuntimeException: java.net.SocketException: Object not found: org.mozilla.jss.crypto.ObjectNotFoundException" "$TmpDir/pki-user-add-kra-agentUTKRA-002.out" + rlPhaseEnd + + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-del-kra.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-del-kra.sh new file mode 100755 index 000000000..059523ae1 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-del-kra.sh @@ -0,0 +1,101 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + + +######################################################################## +# Test Suite Globals +######################################################################## + +run_pki-user-cli-user-del-kra_tests(){ + rlPhaseStartSetup "pki_user_cli_user_add-kra-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + + rlPhaseStartCleanup "pki_user_cli_user_add-cleanup: Delete temp dir" + del_user=($KRA_adminV_user $KRA_adminR_user $KRA_adminE_user $KRA_adminUTKRA_user $KRA_agentV_user $KRA_agentR_user $KRA_agentE_user $KRA_agentUTKRA_user $KRA_auditV_user $KRA_operatorV_user) + + #===Deleting users created using KRA_adminV cert===# + i=1 + while [ $i -lt 25 ] ; do + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del u$i > $TmpDir/pki-user-del-kra-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-kra-user-00$i.out" + let i=$i+1 + done + #===Deleting users(symbols) created using KRA_adminV cert===# + j=1 + while [ $j -lt 8 ] ; do + eval usr=\$user$j + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-del $usr > $TmpDir/pki-user-del-kra-user-symbol-00$j.out" \ + 0 \ + "Deleted user $usr" + rlAssertGrep "Deleted user \"$usr\"" "$TmpDir/pki-user-del-kra-user-symbol-00$j.out" + let j=$j+1 + done + i=0 + while [ $i -lt ${#del_user[@]} ] ; do + userid_del=${del_user[$i]} + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-del $userid_del > $TmpDir/pki-user-del-kra-00$i.out" \ + 0 \ + "Deleted user $userid_del" + rlAssertGrep "Deleted user \"$userid_del\"" "$TmpDir/pki-user-del-kra-00$i.out" + let i=$i+1 + done + + +# rlRun "rm -r $TmpDir" 0 "Removing temp directory" +# rlRun "popd" + # rlRun "rm -rf /tmp/requestdb" + # rlRun "rm -rf /tmp/dummydb" + + + rlPhaseEnd +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-find-kra.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-find-kra.sh new file mode 100755 index 000000000..9b8f03a1f --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-find-kra.sh @@ -0,0 +1,220 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +######################################################################## +# Test Suite Globals +######################################################################## + +user1="kra_agent2" +user1fullname="Test kra_agent" + + +######################################################################## + +run_pki-user-cli-user-find-kra_tests(){ + rlPhaseStartSetup "pki_user_cli_user_find-startup: Create temp directory and import KRA agent cert into a nss certificate db and trust KRA root cert" + admin_cert_nickname="PKI Administrator for $KRA_DOMAIN" + nss_db_password="Password" + rlLog "Admin Certificate is located at: $KRA_ADMIN_CERT_LOKRATION" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlLog "Temp Directory = $TmpDir" + rlRun "mkdir $TmpDir/nssdb" + rlLog "importP12File $KRA_ADMIN_CERT_LOKRATION $KRA_CLIENT_PKCS12_PASSWORD $TmpDir/nssdb $nss_db_password $admin_cert_nickname" + rlRun "importP12File $KRA_ADMIN_CERT_LOKRATION $KRA_CLIENT_PKCS12_PASSWORD $TmpDir/nssdb $nss_db_password $admin_cert_nickname" 0 "Import Admin certificate to $TmpDir/nssdb" + rlRun "install_and_trust_KRA_cert $KRA_SERVER_ROOT $TmpDir/nssdb" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-KRA-add: Add users to KRA" + i=1 + while [ $i -le 5 ] ; do + rlLog "Adding user user1$i" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-add --fullName=\"fullname1$i\" user1$i > $TmpDir/pki-user-find-kra-a00$i.out 2>&1" \ + 0 \ + "Add user user1$i to KRA" + rlAssertGrep "Added user \"user1$i\"" "$TmpDir/pki-user-find-kra-a00$i.out" + rlAssertGrep "User ID: user1$i" "$TmpDir/pki-user-find-kra-a00$i.out" + rlAssertGrep "Full name: fullname1$i" "$TmpDir/pki-user-find-kra-a00$i.out" + let i=$i+1 + done + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-kra-001: Find 5 users, --size=5" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=5 > $TmpDir/pki-user-find-kra-001.out 2>&1" \ + 0 \ + "Found 5 users" + rlAssertGrep "Number of entries returned 5" "$TmpDir/pki-user-find-kra-001.out" + rlPhaseEnd + + + rlPhaseStartTest "pki_user_cli_user_find-kra-002: Find non user, --size=0" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=0 > $TmpDir/pki-user-find-kra-002.out 2>&1" \ + 0 \ + "Found no users" + rlAssertGrep "Number of entries returned 0" "$TmpDir/pki-user-find-kra-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-kra-003: Find all users, maximum possible value as input" + maximum_check=1000000 + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=$maximum_check > $TmpDir/pki-user-find-kra-003.out 2>&1" \ + 0 \ + "All users" + rlAssertGrep "Number of entries returned " "$TmpDir/pki-user-find-kra-003.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-kra-004: Find users, check for negative input --size=-1" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=-1 > $TmpDir/pki-user-find-kra-004.out 2>&1" \ + 0 \ + "No users returned as the size entered is negative value" + rlAssertGrep "Number of entries returned 0" "$TmpDir/pki-user-find-kra-004.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-kra-005: Find users for size input as noninteger, --size=abc" + size_noninteger="abc" + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=$size_noninteger > $TmpDir/pki-user-find-kra-005.out 2>&1" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=$size_noninteger > $TmpDir/pki-user-find-kra-005.out 2>&1" \ + 1 \ + "Found 5 users" + rlAssertGrep "NumberFormatException: For input string: \"$size_noninteger\"" "$TmpDir/pki-user-find-kra-005.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-kra-006: Find users, check for no input --size= " + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size= > $TmpDir/pki-user-find-kra-006.out 2>&1" \ + 1 \ + "No users returned, as --size= " + rlAssertGrep "NumberFormatException: For input string: \"""\"" "$TmpDir/pki-user-find-kra-006.out" + rlPhaseEnd + + + rlPhaseStartTest "pki_user_cli_user_find-kra-007: Find users, --start=10 " + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=10 > $TmpDir/pki-user-find-kra-007.out 2>&1" \ + 0 \ + "Displays users from the 10th user and the next to the maximum 20 users, if available " + rlAssertGrep "Number of entries returned " "$TmpDir/pki-user-find-kra-007.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-kra-008: Find users, --start=10000, maximum possible input " + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=10000 > $TmpDir/pki-user-find-kra-008.out 2>&1" \ + 0 \ + "No users" + rlAssertGrep "Number of entries returned 0" "$TmpDir/pki-user-find-kra-008.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-kra-009: Find users, --start=0" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=0 > $TmpDir/pki-user-find-kra-009.out 2>&1" \ + 0 \ + "Displays from the zeroth user, maximum possible are 20 users in a page" + rlAssertGrep "Number of entries returned" "$TmpDir/pki-user-find-kra-009.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-kra-0010: Find users, --start=-1" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=-1 > $TmpDir/pki-user-find-kra-0010.out 2>&1" \ + 0 \ + "Maximum possible 20 users are returned, starting from the zeroth user" + rlAssertGrep "Number of entries returned" "$TmpDir/pki-user-find-kra-0010.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-kra-0011: Find users for size input as noninteger, --start=abc" + size_noninteger="abc" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=$size_noninteger > $TmpDir/pki-user-find-kra-0011.out 2>&1" \ + 1 \ + "Incorrect input to find user" + rlAssertGrep "NumberFormatException: For input string: \"$size_noninteger\"" "$TmpDir/pki-user-find-kra-0011.out" + rlPhaseEnd + + rlPhaseStartTest "Cleanup: Delete the KRA users" + i=1 + while [ $i -le 5 ] ; do + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-del user1$i" \ + 0 \ + "Delete user user1$i" + let i=$i+1 + done + rlPhaseEnd + + rlPhaseStartCleanup "pki_user_cli_user_find-cleanup: Delete temp dir" +# rlRun "popd" +# rlRun "rm -r $TmpDir" 0 "Removing temp directory" + rlPhaseEnd + + + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-kra.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-kra.sh new file mode 100755 index 000000000..36aa55db0 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-kra.sh @@ -0,0 +1,336 @@ +#!/bin/bash +#!/usr/bin/expect -f + +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + +######################################################################## +# Test Suite Globals +######################################################################## +KRA_adminV_user=KRA_adminV +KRA_adminV_fullName=KRA_Admin_ValidCert +KRA_adminR_user=KRA_adminR +KRA_adminR_fullName=KRA_Admin_RevokedCert +KRA_adminE_user=KRA_adminE +KRA_adminE_fullName=KRA_admin_ExpiredCert +KRA_adminUTKRA_user=KRA_adminUTCA +KRA_adminUTKRA_fullName=KRA_Admin_CertIssuedByUntrustedCA + +KRA_agentV_user=KRA_agentV +KRA_agentV_fullName=KRA_Agent_ValidCert +KRA_agentR_user=KRA_agentR +KRA_agentR_fullName=KRA_Agent_RevokedCert +KRA_agentE_user=KRA_agentE +KRA_agentE_fullName=KRA_agent_ExpiredCert +KRA_agentUTKRA_user=KRA_agentUTCA +KRA_agentUTKRA_fullName=KRA_Agent_CertIssuedByUntrustedCA + +KRA_auditV_user=KRA_auditV +KRA_auditV_fullName=KRA_Audit_ValidCert +KRA_operatorV_user=KRA_operatorV +KRA_operatorV_fullName=KRA_Operator_ValidCert + +export KRA_adminV_user KRA_adminR_user KRA_adminE_user KRA_adminUTKRA_user KRA_agentV_user KRA_agentR_user KRA_agentE_user KRA_agentUTKRA_user KRA_auditV_user KRA_operatorV_user +###################################################################### + +run_pki-user-cli-user-kra_tests(){ + rlPhaseStartSetup "pki_user_cli_user_add-kra-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + rlPhaseStartSetup "pki_user_cli_user_kra-startup: Importing kra agent cert into certificate db and trust KRA root cert" + rlRun "install_and_trust_KRA_cert $KRA_SERVER_ROOT $TmpDir/nssdb" + rlRun "install_and_trust_KRA_cert $KRA_SERVER_ROOT /tmp/requestdb" + rlPhaseEnd + rlPhaseStartSetup "Creating user, create user and add it to the user, add user to the group" + user=($KRA_adminV_user $KRA_adminV_fullName $KRA_adminR_user $KRA_adminR_fullName $KRA_adminE_user $KRA_adminE_fullName $KRA_adminUTKRA_user $KRA_adminUTKRA_fullName $KRA_agentV_user $KRA_agentV_fullName $KRA_agentR_user $KRA_agentR_fullName $KRA_agentE_user $KRA_agentE_fullName $KRA_agentUTKRA_user $KRA_agentUTKRA_fullName $KRA_auditV_user $KRA_auditV_fullName $KRA_operatorV_user $KRA_operatorV_fullName) + i=0 + while [ $i -lt ${#user[@]} ] ; do + userid=${user[$i]} + userfullName=${user[$i+1]} + + #Create $userid user + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$userfullName\" $userid" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + user-add --fullName=\"$userfullName\" $userid" \ + 0 \ + "Add user $userid to KRA" + + #=====Adding user to respective group. Administrator, Date Recovery Manager Agent, Auditor=====# + if [ $userid == $KRA_adminV_user -o $userid == $KRA_adminR_user -o $userid == $KRA_adminE_user -o $userid == $KRA_adminUTKRA_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + group-add-member Administrators $userid > $TmpDir/pki-user-add-kra-group001$i.out" \ + 0 \ + "Add user $userid to Administrators group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-kra-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-kra-group001$i.out" + elif [ $userid == $KRA_agentV_user -o $userid == $KRA_agentR_user -o $userid == $KRA_agentE_user -o $userid == $KRA_agentUTKRA_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + group-add-member \"Data Recovery Manager Agents\" $userid > $TmpDir/pki-user-add-kra-group001$i.out" \ + 0 \ + "Add user $userid to Data Recovery Manager Agents group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-kra-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-kra-group001$i.out" + + elif [ $userid == $KRA_auditV_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + group-add-member Auditors $userid > $TmpDir/pki-user-add-kra-group001$i.out" \ + 0 \ + "Add user $userid to Auditors group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-kra-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-kra-group001$i.out" + + elif [ $userid == $KRA_operatorV_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + group-add-member \"Trusted Managers\" $userid > $TmpDir/pki-user-add-kra-group001$i.out" \ + 0 \ + "Add user $userid to Trusted Managers group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-kra-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-kra-group001$i.out" + fi + #================# + + if [ $userid == $KRA_adminV_user -o $userid == $KRA_adminR_user -o $userid == $KRA_adminE_user -o $userid == $KRA_agentV_user -o $userid == $KRA_agentR_user -o $userid == $KRA_agentE_user -o $userid == $KRA_auditV_user -o $userid == $KRA_operatorV_user ]; then + + #Create a cert and add it to the $userid user + rlLog "Admin Certificate is located at: $KRA_ADMIN_CERT_LOCATION" + local sample_request_file1="/opt/rhqa_pki/cert_request_caUserCert1_1.in" + local sample_request_file2="/opt/rhqa_pki/cert_request_caUserCert1_2.in" + local temp_file="/tmp/requestdb/certrequest_kra_001$i.in" + #rlRun "create_certdb \"/tmp/requestdb\" Password" 0 "Create a certificate db" + rlRun "generate_PKCS10 \"/tmp/requestdb\" Password rsa 2048 \"/tmp/requestdb/request_kra_001$i.out\" \"CN=adminV\" " 0 "generate PKCS10 certificate" + + rlLog "Create a certificate request XML file.." + local search_string1="<InputAttr name=\"cert_request_type\">crmf<\/InputAttr>" + local replace_string1="\<InputAttr name=\"cert_request_type\"\>pkcs10\<\/InputAttr\>" + rlRun "sed -e '/-----BEGIN NEW CERTIFICATE REQUEST-----/d' -i /tmp/requestdb/request_kra_001$i.out" + rlRun "sed -e '/-----END NEW CERTIFICATE REQUEST-----/d' -i /tmp/requestdb/request_kra_001$i.out" + #local cert_request=`cat /tmp/request_001$i.out` + rlRun "cat $sample_request_file1 /tmp/requestdb/request_kra_001$i.out $sample_request_file2 > $temp_file" + rlLog "Executing: sed -e 's/$search_string1/$replace_string1/' -i $temp_file" + rlRun "sed -e 's/$search_string1/$replace_string1/' -i $temp_file" + local search_string2="testuser" + local replace_string2=$userid + rlLog "Executing: sed -e 's/$search_string2/$replace_string2/g' -i $temp_file" + rlRun "sed -e 's/$search_string2/$replace_string2/g' -i $temp_file" + local search_string3="Test User" + local replace_string3=$userfullName + rlLog "Executing: sed -e 's/$search_string3/$replace_string3/g' -i $temp_file" + rlRun "sed -e 's/$search_string3/$replace_string3/g' -i $temp_file" + + if [ $userid == $KRA_adminV_user -o $userid == $KRA_adminR_user -o $userid == $KRA_agentV_user -o $userid == $KRA_agentR_user -o $userid == $KRA_auditV_user -o $userid == $KRA_operatorV_user ]; then + #cert-request-submit===== + rlLog "Executing: pki cert-request-submit $temp_file" + rlRun "pki cert-request-submit $temp_file > /tmp/requestdb/certrequest_kra_$i.out" 0 "Executing pki cert-request-submit" + rlAssertGrep "Submitted certificate request" "/tmp/requestdb/certrequest_kra_$i.out" + rlAssertGrep "Request ID:" "/tmp/requestdb/certrequest_kra_$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequest_kra_$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequest_kra_$i.out" + local request_id=`cat /tmp/requestdb/certrequest_kra_$i.out | grep "Request ID:" | awk '{print $3}'` + rlLog "Request ID=$request_id" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestshow_kra_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestshow_kra_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestshow_kra_001$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequestshow_kra_001$i.out" + rlAssertGrep "Operation Result: success" "/tmp/requestdb/certrequestshow_kra_001$i.out" + #Agent Approve the certificate after reviewing the cert for the user + rlLog "Executing: pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + cert-request-review --action=approve $request_id" + + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + cert-request-review --action=approve $request_id > /tmp/requestdb/certapprove_kra_001$i.out" \ + 0 \ + "KRA agent approve the cert" + rlAssertGrep "Approved certificate request $request_id" "/tmp/requestdb/certapprove_kra_001$i.out" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestapprovedshow_kra_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestapprovedshow_kra_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestapprovedshow_kra_001$i.out" + rlAssertGrep "Status: complete" "/tmp/requestdb/certrequestapprovedshow_kra_001$i.out" + rlAssertGrep "Certificate ID:" "/tmp/requestdb/certrequestapprovedshow_kra_001$i.out" + local certificate_serial_number=`cat /tmp/requestdb/certrequestapprovedshow_kra_001$i.out | grep "Certificate ID:" | awk '{print $3}'` + rlLog "Cerificate Serial Number=$certificate_serial_number" + + #Verify the certificate is valid + rlRun "pki cert-show $certificate_serial_number --encoded > /tmp/requestdb/certificate_show_kra_001$i.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/certificate_show_kra_001$i.out" + rlAssertGrep "Status: VALID" "/tmp/requestdb/certificate_show_kra_001$i.out" + + rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' /tmp/requestdb/certificate_show_kra_001$i.out > /tmp/requestdb/validcert_kra_001$i.pem" + rlRun "certutil -d /tmp/requestdb -A -n $userid -i /tmp/requestdb/validcert_kra_001$i.pem -t "u,u,u"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + user-add-cert $userid --input /tmp/requestdb/validcert_kra_001$i.pem > /tmp/requestdb/useraddcert_kra_001$i.out" \ + 0 \ + "Cert is added to the user $userid" + + elif [ $userid == $KRA_adminE_user -o $userid == $KRA_agentE_user ]; then + #=======Expired cert waiting on response to --output ticket https://fedorahosted.org/pki/ticket/674 =======# + local profile_file="/var/lib/pki/pki-tomcat/ca/profiles/ca/caUserCert.cfg" + default_days="policyset.userCertSet.2.default.params.range=180" + change_days="policyset.userCertSet.2.default.params.range=1" + rlLog "Executing: sed -e 's/$default_days/$change_days/g' -i $profile_file" + rlRun "sed -e 's/$default_days/$change_days/g' -i $profile_file" + rlLog "Restart the subsytem" + rlRun "systemctl restart pki-tomcatd\@pki-tomcat.service" + #cert-request-submit===== + rlLog "Executing: pki cert-request-submit $temp_file" + rlRun "pki cert-request-submit $temp_file > /tmp/requestdb/certrequest_kra_$i.out" 0 "Executing pki cert-request-submit" + rlAssertGrep "Submitted certificate request" "/tmp/requestdb/certrequest_kra_$i.out" + rlAssertGrep "Request ID:" "/tmp/requestdb/certrequest_kra_$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequest_kra_$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequest_kra_$i.out" + local request_id=`cat /tmp/requestdb/certrequest_kra_$i.out | grep "Request ID:" | awk '{print $3}'` + rlLog "Request ID=$request_id" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestshow_kra_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestshow_kra_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestshow_kra_001$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequestshow_kra_001$i.out" + rlAssertGrep "Operation Result: success" "/tmp/requestdb/certrequestshow_kra_001$i.out" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + cert-request-review --action=approve $request_id > /tmp/requestdb/certapprove_kra_001$i.out" \ + 0 \ + "KRA agent approve the cert" + rlLog "cat /tmp/requestdb/certapprove_kra_001$i.out" + rlAssertGrep "Approved certificate request $request_id" "/tmp/requestdb/certapprove_kra_001$i.out" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestapprovedshow_kra_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestapprovedshow_kra_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestapprovedshow_kra_001$i.out" + rlAssertGrep "Status: complete" "/tmp/requestdb/certrequestapprovedshow_kra_001$i.out" + rlAssertGrep "Certificate ID:" "/tmp/requestdb/certrequestapprovedshow_kra_001$i.out" + local certificate_serial_number=`cat /tmp/requestdb/certrequestapprovedshow_kra_001$i.out | grep "Certificate ID:" | awk '{print $3}'` + rlLog "Cerificate Serial Number=$certificate_serial_number" + #Verify the certificate is expired + rlRun "pki cert-show $certificate_serial_number --encoded > /tmp/requestdb/certificate_show_kra_001$i.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/certificate_show_kra_001$i.out" + rlAssertGrep "Status: VALID" "/tmp/requestdb/certificate_show_kra_001$i.out" + rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' /tmp/requestdb/certificate_show_kra_001$i.out > /tmp/requestdb/validcert_kra_001$i.pem" + rlRun "certutil -d /tmp/requestdb -A -n $userid -i /tmp/requestdb/validcert_kra_001$i.pem -t "u,u,u"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + user-add-cert $userid --input /tmp/requestdb/validcert_kra_001$i.pem > /tmp/requestdb/useraddcert_kra_001$i.out" \ + 0 \ + "Cert is added to the user $userid" + rlLog "Modifying profile back to the defaults" + rlRun "sed -e 's/$change_days/$default_days/g' -i $profile_file" + rlLog "Restart the subsytem" + rlRun "systemctl restart pki-tomcatd\@pki-tomcat.service" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date" + rlRun "pki cert-show $certificate_serial_number --encoded > /tmp/requestdb/certificate_show_exp_kra_001$i.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/certificate_show_exp_kra_001$i.out" + rlAssertGrep "Status: EXPIRED" "/tmp/requestdb/certificate_show_exp_kra_001$i.out" + rlRun "date --set='2 days ago'" 0 "Set System back to the present day" + fi + fi + #Add the certificate to /tmp/requestdb + #note: certificate b664 at /tmp/requestdb/certificate_show_kra_001$i.out + if [ $userid == $KRA_adminUTKRA_user ]; then + rlRun "certutil -d /tmp/dummydb -A -n $userid -i /opt/rhqa_pki/dummycert1.pem -t ",,"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + user-add-cert $userid --input /opt/rhqa_pki/dummycert1.pem > /tmp/requestdb/useraddcert_kra_001$i.out" \ + 0 \ + "Cert is added to the user $userid" + elif [ $userid == $KRA_agentUTKRA_user ]; then + rlRun "certutil -d /tmp/dummydb -A -n $userid -i /opt/rhqa_pki/dummycert1.pem -t ",,"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + user-add-cert $userid --input /opt/rhqa_pki/dummycert1.pem > /tmp/requestdb/useraddcert_kra_001$i.out" \ + 0 \ + "Cert is added to the user $userid" + #Revoke certificate of user KRA_adminR and KRA_agentR + elif [ $userid == $KRA_adminR_user -o $userid == $KRA_agentR_user ] ;then + rlLog "$userid" + rlLog "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + cert-revoke $certificate_serial_number --force --reason = Unspecified > /tmp/requestdb/revokecert_kra_001$i.out" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t kra \ + cert-revoke $certificate_serial_number --force --reason=Unspecified > /tmp/requestdb/revokecert_kra_001$i.out" \ + 0 \ + "Certificate of user $userid is revoked" + rlAssertGrep "Serial Number: $certificate_serial_number" "/tmp/requestdb/revokecert_kra_001$i.out" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/revokecert_kra_001$i.out" + rlAssertGrep "Status: REVOKED" "/tmp/requestdb/revokecert_kra_001$i.out" + fi + let i=$i+2 + done + rlPhaseEnd +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-show-kra.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-show-kra.sh new file mode 100755 index 000000000..ee57254b9 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-show-kra.sh @@ -0,0 +1,446 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + +###################################################################################### +#pki-user-cli-user-kra.sh should be first executed prior to pki-user-cli-user-add-kra.sh +#pki-user-cli-user-add-kra.sh should be first executed prior to pki-user-cli-user-add-kra.sh +###################################################################################### + +######################################################################## +# Test Suite Globals +######################################################################## + +######################################################################## + +run_pki-user-cli-user-show-kra_tests(){ + rlPhaseStartSetup "pki_user_cli_user_show-kra-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + ##### Tests to show KRA users #### + rlPhaseStartTest "pki_user_cli_user_show-KRA-001: Add a user to KRA using KRA_adminV" + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user1" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user1 > $TmpDir/pki-user-show-kra-001.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"$user1\"" "$TmpDir/pki-user-show-kra-001.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-show-kra-001.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-kra-001.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_1:maximum length of user id " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user2 > $TmpDir/pki-user-show-kra-001_1.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"$user2\"" "$TmpDir/pki-user-show-kra-001_1.out" + rlAssertGrep "User ID: $user2" "$TmpDir/pki-user-show-kra-001_1.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_1.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_2:User id with # character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user3 > $TmpDir/pki-user-show-kra-001_2.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"$user3\"" "$TmpDir/pki-user-show-kra-001_2.out" + rlAssertGrep "User ID: $user3" "$TmpDir/pki-user-show-kra-001_2.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_2.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_3:User id with $ character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user4 > $TmpDir/pki-user-show-kra-001_3.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"$user4\"" "$TmpDir/pki-user-show-kra-001_3.out" + rlAssertGrep "User ID: abc\\$" "$TmpDir/pki-user-show-kra-001_3.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_3.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_4:User id with @ character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user5 > $TmpDir/pki-user-show-kra-001_4.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"$user5\"" "$TmpDir/pki-user-show-kra-001_4.out" + rlAssertGrep "User ID: $user5" "$TmpDir/pki-user-show-kra-001_4.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_4.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_5:User id with ? character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user6 > $TmpDir/pki-user-show-kra-001_5.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"$user6\"" "$TmpDir/pki-user-show-kra-001_5.out" + rlAssertGrep "User ID: $user6" "$TmpDir/pki-user-show-kra-001_5.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_5.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_6:User id as 0" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show $user7 > $TmpDir/pki-user-show-kra-001_6.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"$user7\"" "$TmpDir/pki-user-show-kra-001_6.out" + rlAssertGrep "User ID: $user7" "$TmpDir/pki-user-show-kra-001_6.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_6.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_7:--email with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u1 > $TmpDir/pki-user-show-kra-001_7.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u1\"" "$TmpDir/pki-user-show-kra-001_7.out" + rlAssertGrep "User ID: u1" "$TmpDir/pki-user-show-kra-001_7.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_7.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-show-kra-001_7.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_8:--email with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u2 > $TmpDir/pki-user-show-kra-001_8.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u2\"" "$TmpDir/pki-user-show-kra-001_8.out" + rlAssertGrep "User ID: u2" "$TmpDir/pki-user-show-kra-001_8.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_8.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-show-kra-001_8.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_9:--email with # character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u3 > $TmpDir/pki-user-show-kra-001_9.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u3\"" "$TmpDir/pki-user-show-kra-001_9.out" + rlAssertGrep "User ID: u3" "$TmpDir/pki-user-show-kra-001_9.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_9.out" + rlAssertGrep "Email: #" "$TmpDir/pki-user-show-kra-001_9.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_10:--email with * character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u4 > $TmpDir/pki-user-show-kra-001_10.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u4\"" "$TmpDir/pki-user-show-kra-001_10.out" + rlAssertGrep "User ID: u4" "$TmpDir/pki-user-show-kra-001_10.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_10.out" + rlAssertGrep "Email: *" "$TmpDir/pki-user-show-kra-001_10.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_11:--email with $ character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u5 > $TmpDir/pki-user-show-kra-001_11.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u5\"" "$TmpDir/pki-user-show-kra-001_11.out" + rlAssertGrep "User ID: u5" "$TmpDir/pki-user-show-kra-001_11.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_11.out" + rlAssertGrep "Email: \\$" "$TmpDir/pki-user-show-kra-001_11.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_12:--email as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u6 > $TmpDir/pki-user-show-kra-001_12.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u6\"" "$TmpDir/pki-user-show-kra-001_12.out" + rlAssertGrep "User ID: u6" "$TmpDir/pki-user-show-kra-001_12.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_12.out" + rlAssertGrep "Email: 0" "$TmpDir/pki-user-show-kra-001_12.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_13:--state with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u7 > $TmpDir/pki-user-show-kra-001_13.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u7\"" "$TmpDir/pki-user-show-kra-001_13.out" + rlAssertGrep "User ID: u7" "$TmpDir/pki-user-show-kra-001_13.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_13.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-show-kra-001_13.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_14:--state with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u8 > $TmpDir/pki-user-show-kra-001_14.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u8\"" "$TmpDir/pki-user-show-kra-001_14.out" + rlAssertGrep "User ID: u8" "$TmpDir/pki-user-show-kra-001_14.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_14.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-show-kra-001_14.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_15:--state with # character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u9 > $TmpDir/pki-user-show-kra-001_15.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u9\"" "$TmpDir/pki-user-show-kra-001_15.out" + rlAssertGrep "User ID: u9" "$TmpDir/pki-user-show-kra-001_15.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_15.out" + rlAssertGrep "State: #" "$TmpDir/pki-user-show-kra-001_15.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_16:--state with * character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u10 > $TmpDir/pki-user-show-kra-001_16.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u10\"" "$TmpDir/pki-user-show-kra-001_16.out" + rlAssertGrep "User ID: u10" "$TmpDir/pki-user-show-kra-001_16.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_16.out" + rlAssertGrep "State: *" "$TmpDir/pki-user-show-kra-001_16.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_17:--state with $ character " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u11 > $TmpDir/pki-user-show-kra-001_17.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u11\"" "$TmpDir/pki-user-show-kra-001_17.out" + rlAssertGrep "User ID: u11" "$TmpDir/pki-user-show-kra-001_17.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_17.out" + rlAssertGrep "State: \\$" "$TmpDir/pki-user-show-kra-001_17.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_18:--state as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u12 > $TmpDir/pki-user-show-kra-001_18.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u12\"" "$TmpDir/pki-user-show-kra-001_18.out" + rlAssertGrep "User ID: u12" "$TmpDir/pki-user-show-kra-001_18.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_18.out" + rlAssertGrep "State: 0" "$TmpDir/pki-user-show-kra-001_18.out" + rlPhaseEnd + #https://www.redhat.com/archives/pki-users/2010-February/msg00015.html + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_19:--phone with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u13 > $TmpDir/pki-user-show-kra-001_19.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u13\"" "$TmpDir/pki-user-show-kra-001_19.out" + rlAssertGrep "User ID: u13" "$TmpDir/pki-user-show-kra-001_19.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_19.out" + rlAssertGrep "Phone: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-show-kra-001_19.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_24:--phone as negative number -1230 " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u14 > $TmpDir/pki-user-show-kra-001_24.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u14\"" "$TmpDir/pki-user-show-kra-001_24.out" + rlAssertGrep "User ID: u14" "$TmpDir/pki-user-show-kra-001_24.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_24.out" + rlAssertGrep "Phone: -1230" "$TmpDir/pki-user-show-kra-001_24.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_25:--type as Auditors" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u15 > $TmpDir/pki-user-show-kra-001_25.out" \ + 0 \ + "Show pki KRA_adminV user" + rlAssertGrep "User \"u15\"" "$TmpDir/pki-user-show-kra-001_25.out" + rlAssertGrep "User ID: u15" "$TmpDir/pki-user-show-kra-001_25.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_25.out" + rlAssertGrep "Type: Auditors" "$TmpDir/pki-user-show-kra-001_25.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_26:--type Certificate Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u16 > $TmpDir/pki-user-show-kra-001_26.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"u16\"" "$TmpDir/pki-user-show-kra-001_26.out" + rlAssertGrep "User ID: u16" "$TmpDir/pki-user-show-kra-001_26.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_26.out" + rlAssertGrep "Type: Certificate Manager Agents" "$TmpDir/pki-user-show-kra-001_26.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_27:--type Registration Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u17 > $TmpDir/pki-user-show-kra-001_27.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"u17\"" "$TmpDir/pki-user-show-kra-001_27.out" + rlAssertGrep "User ID: u17" "$TmpDir/pki-user-show-kra-001_27.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_27.out" + rlAssertGrep "Type: Registration Manager Agents" "$TmpDir/pki-user-show-kra-001_27.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_28:--type Subsytem Group " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u18 > $TmpDir/pki-user-show-kra-001_28.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"u18\"" "$TmpDir/pki-user-show-kra-001_28.out" + rlAssertGrep "User ID: u18" "$TmpDir/pki-user-show-kra-001_28.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_28.out" + rlAssertGrep "Type: Subsytem Group" "$TmpDir/pki-user-show-kra-001_28.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_29:--type Security Domain Administrators " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u19 > $TmpDir/pki-user-show-kra-001_29.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"u19\"" "$TmpDir/pki-user-show-kra-001_29.out" + rlAssertGrep "User ID: u19" "$TmpDir/pki-user-show-kra-001_29.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_29.out" + rlAssertGrep "Type: Security Domain Administrators" "$TmpDir/pki-user-show-kra-001_29.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_30:--type ClonedSubsystems " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u20 > $TmpDir/pki-user-show-kra-001_30.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"u20\"" "$TmpDir/pki-user-show-kra-001_30.out" + rlAssertGrep "User ID: u20" "$TmpDir/pki-user-show-kra-001_30.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_30.out" + rlAssertGrep "Type: ClonedSubsystems" "$TmpDir/pki-user-show-kra-001_30.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_31:--type Trusted Managers " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + user-show u21 > $TmpDir/pki-user-show-kra-001_31.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"u21\"" "$TmpDir/pki-user-show-kra-001_31.out" + rlAssertGrep "User ID: u21" "$TmpDir/pki-user-show-kra-001_31.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-kra-001_31.out" + rlAssertGrep "Type: Trusted Managers" "$TmpDir/pki-user-show-kra-001_31.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_32: Add a user to KRA with -t option" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-show u22 > $TmpDir/pki-user-show-kra-001_32.out" \ + 0 \ + "Show pki KRA user" + rlAssertGrep "User \"u22\"" "$TmpDir/pki-user-show-kra-001_32.out" + rlAssertGrep "User ID: u22" "$TmpDir/pki-user-show-kra-001_32.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-kra-001_32.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_33: Add a user -- all options provided" + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-show u23 > $TmpDir/pki-user-show-kra-001_33.out" \ + 0 \ + "Show pki KRA user" + + rlAssertGrep "User \"u23\"" "$TmpDir/pki-user-show-kra-001_33.out" + rlAssertGrep "User ID: u23" "$TmpDir/pki-user-show-kra-001_33.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-kra-001_33.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-show-kra-001_33.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-show-kra-001_33.out" + rlAssertGrep "Type: $type" "$TmpDir/pki-user-show-kra-001_33.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-show-kra-001_33.out" + rlPhaseEnd + #Negative Cases + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_34: Missing required option user id " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-show > $TmpDir/pki-user-show-kra-001_34.out 2>&1" \ + 1 \ + "Cannot show user without user id" + rlAssertGrep "usage: user-show <User ID>" "$TmpDir/pki-user-show-kra-001_34.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-KRA-001_35: Checking if user id case sensitive " + rlRun "pki -d /tmp/requestdb \ + -n KRA_adminV \ + -c $nss_db_password \ + -t kra \ + user-show U23 > $TmpDir/pki-user-show-kra-001_35.out 2>&1" \ + 1 \ + "Cannot show user since the user id is case sensitive" + rlAssertGrep "UserNotFoundException: User U23 not found" "$TmpDir/pki-user-show-kra-001_35.out" + rlPhaseEnd + + + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/runtest.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/runtest.sh new file mode 100755 index 000000000..9d2f88208 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/runtest.sh @@ -0,0 +1,77 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli/kra +# Description: PKI USER CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include data-driven test data file: + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +# Include test case file +. ./pki-user-cli-user-kra.sh +. ./pki-user-cli-user-add-kra.sh +. ./pki-user-cli-user-show-kra.sh +. ./pki-user-cli-user-find-kra.sh +. ./pki-user-cli-user-del-kra.sh + + +############################################################################## +PACKAGE="pki-tools" + + +rlJournalStart + rlPhaseStartSetup "pki-user-cli-startup: Check for pki-tools package" + rpm -qa | grep $PACKAGE + if [ $? -eq 0 ] ; then + rlPass "$PACKAGE package is installed" + else + rlFail "$PACKAGE package NOT found!" + fi + rlPhaseEnd + + # Execute pki user ca config tests + run_pki-user-cli-user-kra_tests + # Execute pki user-add-kra tests + run_pki-user-cli-user-add-kra_tests + # Execute pki user-show-kra tests + run_pki-user-cli-user-show-kra_tests + # Execute pki user-find-kra tests + run_pki-user-cli-user-find-kra_tests + #Execute pki user-del-kra tests + run_pki-user-cli-user-del-kra_tests + rlJournalPrintText + report=/tmp/rhts.report.$RANDOM.txt + makereport $report + rhts-submit-log -l $report +rlJournalEnd diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/Makefile b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/Makefile new file mode 100644 index 000000000..fbef4b54f --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/Makefile @@ -0,0 +1,75 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli/ocsp +# Description: RHCS pki-user-add CLI tests +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/rhcs/acceptance/cli-tests/pki-user-cli/ocsp +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) pki-user-cli-user-ocsp.sh pki-user-cli-user-add-ocsp.sh pki-user-cli-user-show-ocsp.sh pki-user-cli-user-find-ocsp.sh pki-user-cli-user-del-ocsp.sh runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + chmod a+x runtest.sh + chmod 777 pki-user-cli-user-ocsp.sh + chmod 777 pki-user-cli-user-add-ocsp.sh + chmod 777 pki-user-cli-user-show-ocsp.sh + chmod 777 pki-user-cli-user-find-ocsp.sh + chmod 777 pki-user-cli-user-del-ocsp.sh + +clean: + rm -f *~ $(BUILT_FILES) + chmod a+x runtest.sh + chmod 777 pki-user-cli-user-ocsp.sh + chmod 777 pki-user-cli-user-add-ocsp.sh + chmod 777 pki-user-cli-user-show-ocsp.sh + chmod 777 pki-user-cli-user-find-ocsp.sh + chmod 777 pki-user-cli-user-del-ocsp.sh + + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Asha Akkiangady <aakkiang@redhat.com>" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: RHCS quickinstall" >> $(METADATA) + @echo "Type: Functional" >> $(METADATA) + @echo "TestTime: 60m" >> $(METADATA) + @echo "RunFor: rhcs" >> $(METADATA) + @echo "Requires: expect" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/PURPOSE b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/PURPOSE new file mode 100644 index 000000000..f4f8eb49e --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +Description: pki user CLI tests +Author: Asha Akkiangady <aakkiang@redhat.com> diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-add-ocsp.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-add-ocsp.sh new file mode 100755 index 000000000..e795b121e --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-add-ocsp.sh @@ -0,0 +1,1192 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + +###################################################################################### +#pki-user-cli-user-ca.sh should be first executed prior to pki-user-cli-user-add-ca.sh +#pki-user-cli-user-ocsp.sh +###################################################################################### + +######################################################################## +# Test Suite Globals +######################################################################## + +user1="ocsp_agent2" +user1fullname="Test ocsp_agent" + +######################################################################## + +run_pki-user-cli-user-add-ocsp_tests(){ + rlPhaseStartSetup "pki_user_cli_user_add-ocsp-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + #====Ticket corresponding to pki_user_cli_user_add-configtest : https://fedorahosted.org/pki/ticket/519=====# + rlPhaseStartTest "pki_user_cli_user_add-configtest: pki user-add configuration test" + rlRun "pki user-add > $TmpDir/pki_user_add_cfg.out" \ + 1 \ + "https://fedorahosted.org/pki/ticket/519" + rlAssertGrep "usage: user-add <User ID> \[OPTIONS...\]" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--email <email> Email" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--fullName <fullName> Full name" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--password <password> Password" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--phone <phone> Phone" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--state <state> State" "$TmpDir/pki_user_add_cfg.out" + rlAssertGrep "\--type <type> Type" "$TmpDir/pki_user_add_cfg.out" + rlPhaseEnd + ##### Tests to add OCSP users using a user of admin group with a valid cert#### + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001: Add a user to OCSP using OCSP_adminV" + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" \ + 0 \ + "Add user $user1 to OCSP_adminV" + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user1 > $TmpDir/pki-user-add-ocsp-001.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"$user1\"" "$TmpDir/pki-user-add-ocsp-001.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-ocsp-001.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-ocsp-001.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_1:maximum length of user id " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test abcdefghijklmnopqrstuvwxyx12345678 " \ + 0 \ + "Added user using OCSP_adminV with maximum user id length" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show abcdefghijklmnopqrstuvwxyx12345678 > $TmpDir/pki-user-add-ocsp-001_1.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"abcdefghijklmnopqrstuvwxyx12345678\"" "$TmpDir/pki-user-add-ocsp-001_1.out" + rlAssertGrep "User ID: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-ocsp-001_1.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_1.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del abcdefghijklmnopqrstuvwxyx12345678 " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_2:User id with # character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test abc# " \ + 0 \ + "Added user using OCSP_adminV, user id with # character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show abc# > $TmpDir/pki-user-add-ocsp-001_2.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"abc#\"" "$TmpDir/pki-user-add-ocsp-001_2.out" + rlAssertGrep "User ID: abc#" "$TmpDir/pki-user-add-ocsp-001_2.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_2.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del abc# " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_3:User id with $ character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test abc$ " \ + 0 \ + "Added user using OCSP_adminV, user id with $ character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show abc$ > $TmpDir/pki-user-add-ocsp-001_3.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"abc$\"" "$TmpDir/pki-user-add-ocsp-001_3.out" + rlAssertGrep "User ID: abc\\$" "$TmpDir/pki-user-add-ocsp-001_3.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_3.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del abc$ " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_4:User id with @ character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test abc@ " \ + 0 \ + "Added user using OCSP_adminV, user id with @ character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show abc@ > $TmpDir/pki-user-add-ocsp-001_4.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"abc@\"" "$TmpDir/pki-user-add-ocsp-001_4.out" + rlAssertGrep "User ID: abc@" "$TmpDir/pki-user-add-ocsp-001_4.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_4.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del abc@ " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_5:User id with ? character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test abc? " \ + 0 \ + "Added user using OCSP_adminV, user id with ? character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show abc? > $TmpDir/pki-user-add-ocsp-001_5.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"abc?\"" "$TmpDir/pki-user-add-ocsp-001_5.out" + rlAssertGrep "User ID: abc?" "$TmpDir/pki-user-add-ocsp-001_5.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_5.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del abc? " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_6:User id as 0" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test 0 " \ + 0 \ + "Added user using OCSP_adminV, user id 0" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show 0 > $TmpDir/pki-user-add-ocsp-001_6.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"0\"" "$TmpDir/pki-user-add-ocsp-001_6.out" + rlAssertGrep "User ID: 0" "$TmpDir/pki-user-add-ocsp-001_6.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_6.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del 0 " \ + 0 \ + "Delete user from OCSP" + + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_7:--email with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=abcdefghijklmnopqrstuvwxyx12345678 a " \ + 0 \ + "Added user using OCSP_adminV with maximum --email length" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show a > $TmpDir/pki-user-add-ocsp-001_7.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"a\"" "$TmpDir/pki-user-add-ocsp-001_7.out" + rlAssertGrep "User ID: a" "$TmpDir/pki-user-add-ocsp-001_7.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_7.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-ocsp-001_7.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del a" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_8:--email with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=abcdefghijklmnopqrstuvwxyx12345678#?*@$ b " \ + 0 \ + "Added user using OCSP_adminV with maximum --email length and character symbols in it" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show b > $TmpDir/pki-user-add-ocsp-001_8.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"b\"" "$TmpDir/pki-user-add-ocsp-001_8.out" + rlAssertGrep "User ID: b" "$TmpDir/pki-user-add-ocsp-001_8.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_8.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-add-ocsp-001_8.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del b" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_9:--email with # character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=# d " \ + 0 \ + "Added user using OCSP_adminV with --email # character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show d > $TmpDir/pki-user-add-ocsp-001_9.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"d\"" "$TmpDir/pki-user-add-ocsp-001_9.out" + rlAssertGrep "User ID: d" "$TmpDir/pki-user-add-ocsp-001_9.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_9.out" + rlAssertGrep "Email: #" "$TmpDir/pki-user-add-ocsp-001_9.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del d " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_10:--email with * character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=* e " \ + 0 \ + "Added user using OCSP_adminV with --email * character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show e > $TmpDir/pki-user-add-ocsp-001_10.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"e\"" "$TmpDir/pki-user-add-ocsp-001_10.out" + rlAssertGrep "User ID: e" "$TmpDir/pki-user-add-ocsp-001_10.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_10.out" + rlAssertGrep "Email: *" "$TmpDir/pki-user-add-ocsp-001_10.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del e " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_11:--email with $ character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=$ f " \ + 0 \ + "Added user using OCSP_adminV with --email $ character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show f > $TmpDir/pki-user-add-ocsp-001_11.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"f\"" "$TmpDir/pki-user-add-ocsp-001_11.out" + rlAssertGrep "User ID: f" "$TmpDir/pki-user-add-ocsp-001_11.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_11.out" + rlAssertGrep "Email: \\$" "$TmpDir/pki-user-add-ocsp-001_11.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del f " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_12:--email as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --email=0 z " \ + 0 \ + "Added user using OCSP_adminV with --email 0" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show z > $TmpDir/pki-user-add-ocsp-001_12.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"z\"" "$TmpDir/pki-user-add-ocsp-001_12.out" + rlAssertGrep "User ID: z" "$TmpDir/pki-user-add-ocsp-001_12.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_12.out" + rlAssertGrep "Email: 0" "$TmpDir/pki-user-add-ocsp-001_12.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del z" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_13:--state with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=abcdefghijklmnopqrstuvwxyx12345678 h " \ + 0 \ + "Added user using OCSP_adminV with maximum --state length" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show h > $TmpDir/pki-user-add-ocsp-001_13.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"h\"" "$TmpDir/pki-user-add-ocsp-001_13.out" + rlAssertGrep "User ID: h" "$TmpDir/pki-user-add-ocsp-001_13.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_13.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-ocsp-001_13.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del h " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_14:--state with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=abcdefghijklmnopqrstuvwxyx12345678#?*@$ i " \ + 0 \ + "Added user using OCSP_adminV with maximum --state length and character symbols in it" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show i > $TmpDir/pki-user-add-ocsp-001_14.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"i\"" "$TmpDir/pki-user-add-ocsp-001_14.out" + rlAssertGrep "User ID: i" "$TmpDir/pki-user-add-ocsp-001_14.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_14.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-add-ocsp-001_14.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del i " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_15:--state with # character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=# j " \ + 0 \ + "Added user using OCSP_adminV with --state # character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show j > $TmpDir/pki-user-add-ocsp-001_15.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"j\"" "$TmpDir/pki-user-add-ocsp-001_15.out" + rlAssertGrep "User ID: j" "$TmpDir/pki-user-add-ocsp-001_15.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_15.out" + rlAssertGrep "State: #" "$TmpDir/pki-user-add-ocsp-001_15.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del j" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_16:--state with * character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=* k " \ + 0 \ + "Added user using OCSP_adminV with --state * character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show k > $TmpDir/pki-user-add-ocsp-001_16.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"k\"" "$TmpDir/pki-user-add-ocsp-001_16.out" + rlAssertGrep "User ID: k" "$TmpDir/pki-user-add-ocsp-001_16.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_16.out" + rlAssertGrep "State: *" "$TmpDir/pki-user-add-ocsp-001_16.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del k " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_17:--state with $ character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=$ l " \ + 0 \ + "Added user using OCSP_adminV with --state $ character" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show l > $TmpDir/pki-user-add-ocsp-001_17.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"l\"" "$TmpDir/pki-user-add-ocsp-001_17.out" + rlAssertGrep "User ID: l" "$TmpDir/pki-user-add-ocsp-001_17.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_17.out" + rlAssertGrep "State: \\$" "$TmpDir/pki-user-add-ocsp-001_17.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del l " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_18:--state as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --state=0 m " \ + 0 \ + "Added user using OCSP_adminV with --state 0" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show m > $TmpDir/pki-user-add-ocsp-001_18.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"m\"" "$TmpDir/pki-user-add-ocsp-001_18.out" + rlAssertGrep "User ID: m" "$TmpDir/pki-user-add-ocsp-001_18.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_18.out" + rlAssertGrep "State: 0" "$TmpDir/pki-user-add-ocsp-001_18.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del m" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_19:--phone with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=abcdefghijklmnopqrstuvwxyx12345678 n " \ + 0 \ + "Added user using OCSP_adminV with maximum --phone length" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show n > $TmpDir/pki-user-add-ocsp-001_19.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"n\"" "$TmpDir/pki-user-add-ocsp-001_19.out" + rlAssertGrep "User ID: n" "$TmpDir/pki-user-add-ocsp-001_19.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_19.out" + rlAssertGrep "Phone: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-add-ocsp-001_19.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del n " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_20:--phone with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=abcdefghijklmnopqrstuvwxyx12345678#?*@$ o > $TmpDir/pki-user-add-ocsp-001_20.out 2>&1"\ + 1 \ + "Cannot add user using OCSP_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-ocsp-001_20.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_21:--phone with # character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=# p > $TmpDir/pki-user-add-ocsp-001_21.out 2>&1" \ + 1 \ + "Cannot add user using OCSP_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-ocsp-001_21.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_22:--phone with * character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=* q > $TmpDir/pki-user-add-ocsp-001_22.out 2>&1" \ + 1 \ + "Cannot add user using OCSP_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-ocsp-001_22.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_23:--phone with $ character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=$ r > $TmpDir/pki-user-add-ocsp-001_23.out 2>&1" \ + 1 \ + "Cannot add user using OCSP_adminV with maximum --phone with character symbols in it" + rlAssertGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-user-add-ocsp-001_23.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_24:--phone as negative number -1230 " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --phone=-1230 s " \ + 0 \ + "Added user using OCSP_adminV with --phone -1230" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show s > $TmpDir/pki-user-add-ocsp-001_24.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"s\"" "$TmpDir/pki-user-add-ocsp-001_24.out" + rlAssertGrep "User ID: s" "$TmpDir/pki-user-add-ocsp-001_24.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_24.out" + rlAssertGrep "Phone: -1230" "$TmpDir/pki-user-add-ocsp-001_24.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del s " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_25:--type as Auditors" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=Auditors t " \ + 0 \ + "Added user using OCSP_adminV with --type Auditors" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show t > $TmpDir/pki-user-add-ocsp-001_25.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"t\"" "$TmpDir/pki-user-add-ocsp-001_25.out" + rlAssertGrep "User ID: t" "$TmpDir/pki-user-add-ocsp-001_25.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_25.out" + rlAssertGrep "Type: Auditors" "$TmpDir/pki-user-add-ocsp-001_25.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del t " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_26:--type Data Recovery Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Certificate Manager Agents\" t" \ + 0 \ + "Added user using OCSP_adminV --type Certificate Manager Agents" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show t > $TmpDir/pki-user-add-ocsp-001_26.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"t\"" "$TmpDir/pki-user-add-ocsp-001_26.out" + rlAssertGrep "User ID: t" "$TmpDir/pki-user-add-ocsp-001_26.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_26.out" + rlAssertGrep "Type: Certificate Manager Agents" "$TmpDir/pki-user-add-ocsp-001_26.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del t " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_27:--type Registration Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Registration Manager Agents\" u " \ + 0 \ + "Added user using OCSP_adminV with --type Registration Manager Agents" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u > $TmpDir/pki-user-add-ocsp-001_27.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"u\"" "$TmpDir/pki-user-add-ocsp-001_27.out" + rlAssertGrep "User ID: u" "$TmpDir/pki-user-add-ocsp-001_27.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_27.out" + rlAssertGrep "Type: Registration Manager Agents" "$TmpDir/pki-user-add-ocsp-001_27.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del u" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_28:--type Subsytem Group " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Subsytem Group\" v " \ + 0 \ + "Added user using OCSP_adminV with --type Subsytem Group" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show v > $TmpDir/pki-user-add-ocsp-001_28.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"v\"" "$TmpDir/pki-user-add-ocsp-001_28.out" + rlAssertGrep "User ID: v" "$TmpDir/pki-user-add-ocsp-001_28.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_28.out" + rlAssertGrep "Type: Subsytem Group" "$TmpDir/pki-user-add-ocsp-001_28.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del v" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_29:--type Security Domain Administrators " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Security Domain Administrators\" w " \ + 0 \ + "Added user using OCSP_adminV with --type Security Domain Administrators" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show w > $TmpDir/pki-user-add-ocsp-001_29.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"w\"" "$TmpDir/pki-user-add-ocsp-001_29.out" + rlAssertGrep "User ID: w" "$TmpDir/pki-user-add-ocsp-001_29.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_29.out" + rlAssertGrep "Type: Security Domain Administrators" "$TmpDir/pki-user-add-ocsp-001_29.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del w" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_30:--type ClonedSubsystems " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=ClonedSubsystems x " \ + 0 \ + "Added user using OCSP_adminV with --type ClonedSubsystems" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show x > $TmpDir/pki-user-add-ocsp-001_30.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"x\"" "$TmpDir/pki-user-add-ocsp-001_30.out" + rlAssertGrep "User ID: x" "$TmpDir/pki-user-add-ocsp-001_30.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_30.out" + rlAssertGrep "Type: ClonedSubsystems" "$TmpDir/pki-user-add-ocsp-001_30.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del x " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-001_31:--type Trusted Managers " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=test --type=\"Trusted Managers\" y " \ + 0 \ + "Added user using OCSP_adminV with --type Trusted Managers" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show y > $TmpDir/pki-user-add-ocsp-001_31.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"y\"" "$TmpDir/pki-user-add-ocsp-001_31.out" + rlAssertGrep "User ID: y" "$TmpDir/pki-user-add-ocsp-001_31.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-add-ocsp-001_31.out" + rlAssertGrep "Type: Trusted Managers" "$TmpDir/pki-user-add-ocsp-001_31.out" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del y " \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-002: Add a duplicate user to CA" + command="pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=\"New user\" $user1 > $TmpDir/pki-user-add-ocsp-002.out 2>&1 " + + rlLog "Command=$command" + expmsg="ConflictingOperationException: Entry already exists." + rlRun "$command" 1 "Add duplicate user" + rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-ocsp-002.out" + rlLog "Clean-up:" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del $user1" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-003: Add a user to OCSP with -t option" + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$user1fullname\" $user1" + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-003.out" \ + 0 \ + "Add user $user1 to CA" + rlAssertGrep "Added user \"$user1\"" "$TmpDir/pki-user-add-ocsp-003.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-ocsp-003.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-ocsp-003.out" + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-show $user1 > $TmpDir/pki-user-add-ocsp-003_1.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"$user1\"" "$TmpDir/pki-user-add-ocsp-003_1.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-ocsp-003_1.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-ocsp-003_1.out" + rlLog "Clean-up:" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-del $user1" \ + 0 \ + "Delete user from OCSP" + rlPhaseEnd + + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-004: Add a user -- missing required option user id" + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$user1fullname\" " + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$user1fullname\" > $TmpDir/pki-user-add-ocsp-004.out" \ + 1\ + "Add user -- missing required option user id" + rlAssertGrep "usage: user-add <User ID> \[OPTIONS...\]" "$TmpDir/pki-user-add-ocsp-004.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-005: Add a user -- missing required option --fullName" + command="pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add $user1 > $TmpDir/pki-user-add-ocsp-005.out 2>&1" + expmsg="Error: Missing required option: fullName" + rlLog "Executing: $command" + rlRun "$command" 1 "Add a user -- missing required option --fullName" + rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-ocsp-005.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-006: Add a user -- all options provided" + email="ocsp_agent2@myemail.com" + user_password="agent2Password" + phone="1234567890" + state="NC" + type="Administrators" + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$user1fullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + --type $type \ + $user1" + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$user1fullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + --type $type \ + $user1 > $TmpDir/pki-user-add-ocsp-006_1.out" \ + 0 \ + "Add user $user1 to OCSP -- all options provided" + rlAssertGrep "Added user \"$user1\"" "$TmpDir/pki-user-add-ocsp-006_1.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-ocsp-006_1.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-ocsp-006_1.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-add-ocsp-006_1.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-add-ocsp-006_1.out" + rlAssertGrep "Type: $type" "$TmpDir/pki-user-add-ocsp-006_1.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-add-ocsp-006_1.out" + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-show $user1 > $TmpDir/pki-user-add-ocsp-006.out" \ + 0 \ + "Show pki OCSP user" + + rlAssertGrep "User \"$user1\"" "$TmpDir/pki-user-add-ocsp-006.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-add-ocsp-006.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-add-ocsp-006.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-add-ocsp-006.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-add-ocsp-006.out" + rlAssertGrep "Type: $type" "$TmpDir/pki-user-add-ocsp-006.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-add-ocsp-006.out" + rlLog "Clean-up:" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-del $user1" \ + 0 \ + "Delete user from OCSP" + + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-007: Add user to multiple groups" + user=multigroup_user + userfullname="Multiple Group User" + email="multiplegroup@myemail.com" + user_password="admin2Password" + phone="1234567890" + state="NC" + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$userfullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + $user" + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$userfullname\" \ + --email $email \ + --password $user_password \ + --phone $phone \ + --state $state \ + $user" \ + 0 \ + "Add user $user using OCSP_adminV" + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + group-add-member Administrators $user > $TmpDir/pki-user-add-ocsp-007_1.out" \ + 0 \ + "Add user $user to Administrators group" + + rlAssertGrep "Added group member \"$user\"" "$TmpDir/pki-user-add-ocsp-007_1.out" + rlAssertGrep "User: $user" "$TmpDir/pki-user-add-ocsp-007_1.out" + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + group-find-member Administrators > $TmpDir/pki-user-add-ocsp-007.out" \ + 0 \ + "Show pki group-find-member Administrators" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + group-add-member \"Certificate Manager Agents\" $user > $TmpDir/pki-user-add-ocsp-007_1_1.out" \ + 0 \ + "Add user $user to Administrators group" + + rlAssertGrep "Added group member \"$user\"" "$TmpDir/pki-user-add-ocsp-007_1_1.out" + rlAssertGrep "User: $user" "$TmpDir/pki-user-add-ocsp-007_1_1.out" + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + group-find-member \"Certificate Manager Agents\" > $TmpDir/pki-user-add-ocsp-007_2.out" \ + 0 \ + "Show pki group-find-member Administrators" + + rlAssertGrep "User: $user" "$TmpDir/pki-user-add-ocsp-007_2.out" + + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-del $user" \ + 0 \ + "Delete user $user " + + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-008: Add user with --password " + userpw="pass" + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" --password=$userpw $user1 > $TmpDir/pki-user-add-ocsp-008.out 2>&1" + expmsg="PKIException: The password must be at least 8 characters" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$user1fullname\" --password=$userpw $user1 > $TmpDir/pki-user-add-ocsp-008.out 2>&1" \ + 1 \ + "Add a user --must be at least 8 characters --password" + rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-ocsp-008.out" + + rlPhaseEnd + + ##### Tests to add users using revoked cert##### + rlPhaseStartTest "pki_user_cli_user_add-OCSP-009: Cannot add user using a revoked cert OCSP_adminR" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_adminR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-revoke-adminR-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a user having revoked cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-ocsp-revoke-adminR-002.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_add-OCSP-009_1: Cannot add user using a agent or a revoked cert OCSP_agentR" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-revoke-agentR-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a user having revoked cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-ocsp-revoke-agentR-002.out" + rlPhaseEnd + + + ##### Tests to add users using an agent user##### + rlPhaseStartTest "pki_user_cli_user_add-OCSP-0010: Cannot add user using a OCSP_agentV user" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_agentV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_agentV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-agentV-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-ocsp-agentV-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-0011: Cannot add user using a OCSP_agentR user" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_agentR \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-agentR-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-ocsp-agentR-002.out" + rlPhaseEnd + ##### Tests to add users using expired cert##### + rlPhaseStartTest "pki_user_cli_user_add-OCSP-0012: Cannot add user using a OCSP_adminE cert" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date" + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_adminE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-adminE-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "RuntimeException: java.io.IOException: SocketException cannot read on socket" "$TmpDir/pki-user-add-ocsp-adminE-002.out" + rlRun "date --set='2 days ago'" 0 "Set System back to the present day" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-0013: Cannot add user using a OCSP_agentE cert" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date" + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_agentE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_agentE \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-agentE-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a agent cert" + rlAssertGrep "RuntimeException: java.io.IOException: SocketException cannot read on socket" "$TmpDir/pki-user-add-ocsp-agentE-002.out" + rlRun "date --set='2 days ago'" 0 "Set System back to the present day" + rlPhaseEnd + + ##### Tests to add users using audit users##### + rlPhaseStartTest "pki_user_cli_user_add-OCSP-0012: Cannot add user using a OCSP_auditV" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_auditV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_auditV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-auditV-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a audit cert" + rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-ocsp-auditV-002.out" + rlPhaseEnd + + ##### Tests to add users using operator user### + rlPhaseStartTest "pki_user_cli_user_add-OCSP-0013: Cannot add user using a OCSP_operatorV" + + rlLog "Executing: pki -d /tmp/requestdb \ + -n OCSP_operatorV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_operatorV \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-operatorV-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a operator cert" + rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-ocsp-operatorV-002.out" + rlPhaseEnd + + + ##### Tests to add users using OCSP_adminUTOCSP and OCSP_agentUTOCSP user's certificate will be issued by an untrusted OCSP users##### + rlPhaseStartTest "pki_user_cli_user_add-OCSP-0014: Cannot add user using a OCSP_adminUTOCSP" + + rlLog "Executing: pki -d /tmp/dummydb \ + -n OCSP_adminUTOCSP \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/dummydb \ + -n OCSP_adminUTOCSP \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-adminUTOCSP-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a untrusted cert" + rlAssertGrep "ClientResponseFailure: Error status 401 Unauthorized returned" "$TmpDir/pki-user-add-ocsp-adminUTOCSP-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-OCSP-0014: Cannot add user using a OCSP_agentUTOCSP" + + rlLog "Executing: pki -d /tmp/dummydb \ + -n OCSP_agentUTOCSP \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1" + rlRun "pki -d /tmp/dummydb \ + -n OCSP_agentUTOCSP \ + -c $nss_db_password \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ocsp-agentUTOCSP-002.out 2>&1" \ + 1 \ + "Cannot add user $user1 using a untrusted cert" + rlAssertGrep "RuntimeException: java.net.SocketException: Object not found: org.mozilla.jss.crypto.ObjectNotFoundException" "$TmpDir/pki-user-add-ocsp-agentUTOCSP-002.out" + rlPhaseEnd + + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-del-ocsp.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-del-ocsp.sh new file mode 100755 index 000000000..d4515a749 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-del-ocsp.sh @@ -0,0 +1,101 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + + +######################################################################## +# Test Suite Globals +######################################################################## + +run_pki-user-cli-user-del-ocsp_tests(){ + rlPhaseStartSetup "pki_user_cli_user_add-ocsp-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + + rlPhaseStartCleanup "pki_user_cli_user_add-cleanup: Delete temp dir" + del_user=($OCSP_adminV_user $OCSP_adminR_user $OCSP_adminE_user $OCSP_adminUTOCSP_user $OCSP_agentV_user $OCSP_agentR_user $OCSP_agentE_user $OCSP_agentUTOCSP_user $OCSP_auditV_user $OCSP_operatorV_user) + + #===Deleting users created using OCSP_adminV cert===# + i=1 + while [ $i -lt 25 ] ; do + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del u$i > $TmpDir/pki-user-del-ocsp-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-ocsp-user-00$i.out" + let i=$i+1 + done + #===Deleting users(symbols) created using OCSP_adminV cert===# + j=1 + while [ $j -lt 8 ] ; do + eval usr=\$user$j + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-del $usr > $TmpDir/pki-user-del-ocsp-user-symbol-00$j.out" \ + 0 \ + "Deleted user $usr" + rlAssertGrep "Deleted user \"$usr\"" "$TmpDir/pki-user-del-ocsp-user-symbol-00$j.out" + let j=$j+1 + done + i=0 + while [ $i -lt ${#del_user[@]} ] ; do + userid_del=${del_user[$i]} + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-del $userid_del > $TmpDir/pki-user-del-ocsp-00$i.out" \ + 0 \ + "Deleted user $userid_del" + rlAssertGrep "Deleted user \"$userid_del\"" "$TmpDir/pki-user-del-ocsp-00$i.out" + let i=$i+1 + done + + +# rlRun "rm -r $TmpDir" 0 "Removing temp directory" +# rlRun "popd" + # rlRun "rm -rf /tmp/requestdb" + # rlRun "rm -rf /tmp/dummydb" + + + rlPhaseEnd +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-find-ocsp.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-find-ocsp.sh new file mode 100755 index 000000000..5de2e53f8 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-find-ocsp.sh @@ -0,0 +1,220 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +######################################################################## +# Test Suite Globals +######################################################################## + +user1="ocsp_agent2" +user1fullname="Test ocsp_agent" + + +######################################################################## + +run_pki-user-cli-user-find-ocsp_tests(){ + rlPhaseStartSetup "pki_user_cli_user_find-startup: Create temp directory and import OCSP agent cert into a nss certificate db and trust OCSP root cert" + admin_cert_nickname="PKI Administrator for $OCSP_DOMAIN" + nss_db_password="Password" + rlLog "Admin Certificate is located at: $OCSP_ADMIN_CERT_LOOCSPTION" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlLog "Temp Directory = $TmpDir" + rlRun "mkdir $TmpDir/nssdb" + rlLog "importP12File $OCSP_ADMIN_CERT_LOOCSPTION $OCSP_CLIENT_PKCS12_PASSWORD $TmpDir/nssdb $nss_db_password $admin_cert_nickname" + rlRun "importP12File $OCSP_ADMIN_CERT_LOOCSPTION $OCSP_CLIENT_PKCS12_PASSWORD $TmpDir/nssdb $nss_db_password $admin_cert_nickname" 0 "Import Admin certificate to $TmpDir/nssdb" + rlRun "install_and_trust_OCSP_cert $OCSP_SERVER_ROOT $TmpDir/nssdb" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-OCSP-add: Add users to OCSP" + i=1 + while [ $i -le 5 ] ; do + rlLog "Adding user user1$i" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-add --fullName=\"fullname1$i\" user1$i > $TmpDir/pki-user-find-ocsp-a00$i.out 2>&1" \ + 0 \ + "Add user user1$i to OCSP" + rlAssertGrep "Added user \"user1$i\"" "$TmpDir/pki-user-find-ocsp-a00$i.out" + rlAssertGrep "User ID: user1$i" "$TmpDir/pki-user-find-ocsp-a00$i.out" + rlAssertGrep "Full name: fullname1$i" "$TmpDir/pki-user-find-ocsp-a00$i.out" + let i=$i+1 + done + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-001: Find 5 users, --size=5" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=5 > $TmpDir/pki-user-find-ocsp-001.out 2>&1" \ + 0 \ + "Found 5 users" + rlAssertGrep "Number of entries returned 5" "$TmpDir/pki-user-find-ocsp-001.out" + rlPhaseEnd + + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-002: Find non user, --size=0" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=0 > $TmpDir/pki-user-find-ocsp-002.out 2>&1" \ + 0 \ + "Found no users" + rlAssertGrep "Number of entries returned 0" "$TmpDir/pki-user-find-ocsp-002.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-003: Find all users, maximum possible value as input" + maximum_check=1000000 + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=$maximum_check > $TmpDir/pki-user-find-ocsp-003.out 2>&1" \ + 0 \ + "All users" + rlAssertGrep "Number of entries returned " "$TmpDir/pki-user-find-ocsp-003.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-004: Find users, check for negative input --size=-1" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=-1 > $TmpDir/pki-user-find-ocsp-004.out 2>&1" \ + 0 \ + "No users returned as the size entered is negative value" + rlAssertGrep "Number of entries returned 0" "$TmpDir/pki-user-find-ocsp-004.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-005: Find users for size input as noninteger, --size=abc" + size_noninteger="abc" + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=$size_noninteger > $TmpDir/pki-user-find-ocsp-005.out 2>&1" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size=$size_noninteger > $TmpDir/pki-user-find-ocsp-005.out 2>&1" \ + 1 \ + "Found 5 users" + rlAssertGrep "NumberFormatException: For input string: \"$size_noninteger\"" "$TmpDir/pki-user-find-ocsp-005.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-006: Find users, check for no input --size= " + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --size= > $TmpDir/pki-user-find-ocsp-006.out 2>&1" \ + 1 \ + "No users returned, as --size= " + rlAssertGrep "NumberFormatException: For input string: \"""\"" "$TmpDir/pki-user-find-ocsp-006.out" + rlPhaseEnd + + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-007: Find users, --start=10 " + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=10 > $TmpDir/pki-user-find-ocsp-007.out 2>&1" \ + 0 \ + "Displays users from the 10th user and the next to the maximum 20 users, if available " + rlAssertGrep "Number of entries returned " "$TmpDir/pki-user-find-ocsp-007.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-008: Find users, --start=10000, maximum possible input " + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=10000 > $TmpDir/pki-user-find-ocsp-008.out 2>&1" \ + 0 \ + "No users" + rlAssertGrep "Number of entries returned 0" "$TmpDir/pki-user-find-ocsp-008.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-009: Find users, --start=0" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=0 > $TmpDir/pki-user-find-ocsp-009.out 2>&1" \ + 0 \ + "Displays from the zeroth user, maximum possible are 20 users in a page" + rlAssertGrep "Number of entries returned" "$TmpDir/pki-user-find-ocsp-009.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-0010: Find users, --start=-1" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=-1 > $TmpDir/pki-user-find-ocsp-0010.out 2>&1" \ + 0 \ + "Maximum possible 20 users are returned, starting from the zeroth user" + rlAssertGrep "Number of entries returned" "$TmpDir/pki-user-find-ocsp-0010.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_find-ocsp-0011: Find users for size input as noninteger, --start=abc" + size_noninteger="abc" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-find --start=$size_noninteger > $TmpDir/pki-user-find-ocsp-0011.out 2>&1" \ + 1 \ + "Incorrect input to find user" + rlAssertGrep "NumberFormatException: For input string: \"$size_noninteger\"" "$TmpDir/pki-user-find-ocsp-0011.out" + rlPhaseEnd + + rlPhaseStartTest "Cleanup: Delete the OCSP users" + i=1 + while [ $i -le 5 ] ; do + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + user-del user1$i" \ + 0 \ + "Delete user user1$i" + let i=$i+1 + done + rlPhaseEnd + + rlPhaseStartCleanup "pki_user_cli_user_find-cleanup: Delete temp dir" +# rlRun "popd" +# rlRun "rm -r $TmpDir" 0 "Removing temp directory" + rlPhaseEnd + + + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-ocsp.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-ocsp.sh new file mode 100755 index 000000000..2f6952ac8 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-ocsp.sh @@ -0,0 +1,336 @@ +#!/bin/bash +#!/usr/bin/expect -f + +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + +######################################################################## +# Test Suite Globals +######################################################################## +OCSP_adminV_user=OCSP_adminV +OCSP_adminV_fullName=OCSP_Admin_ValidCert +OCSP_adminR_user=OCSP_adminR +OCSP_adminR_fullName=OCSP_Admin_RevokedCert +OCSP_adminE_user=OCSP_adminE +OCSP_adminE_fullName=OCSP_admin_ExpiredCert +OCSP_adminUTOCSP_user=OCSP_adminUTCA +OCSP_adminUTOCSP_fullName=OCSP_Admin_CertIssuedByUntrustedCA + +OCSP_agentV_user=OCSP_agentV +OCSP_agentV_fullName=OCSP_Agent_ValidCert +OCSP_agentR_user=OCSP_agentR +OCSP_agentR_fullName=OCSP_Agent_RevokedCert +OCSP_agentE_user=OCSP_agentE +OCSP_agentE_fullName=OCSP_agent_ExpiredCert +OCSP_agentUTOCSP_user=OCSP_agentUTCA +OCSP_agentUTOCSP_fullName=OCSP_Agent_CertIssuedByUntrustedCA + +OCSP_auditV_user=OCSP_auditV +OCSP_auditV_fullName=OCSP_Audit_ValidCert +OCSP_operatorV_user=OCSP_operatorV +OCSP_operatorV_fullName=OCSP_Operator_ValidCert + +export OCSP_adminV_user OCSP_adminR_user OCSP_adminE_user OCSP_adminUTOCSP_user OCSP_agentV_user OCSP_agentR_user OCSP_agentE_user OCSP_agentUTOCSP_user OCSP_auditV_user OCSP_operatorV_user +###################################################################### + +run_pki-user-cli-user-ocsp_tests(){ + rlPhaseStartSetup "pki_user_cli_user_add-ocsp-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + rlPhaseStartSetup "pki_user_cli_user_ocsp-startup: Importing ocsp agent cert into certificate db and trust OCSP root cert" + rlRun "install_and_trust_OCSP_cert $OCSP_SERVER_ROOT $TmpDir/nssdb" + rlRun "install_and_trust_OCSP_cert $OCSP_SERVER_ROOT /tmp/requestdb" + rlPhaseEnd + rlPhaseStartSetup "Creating user, create user and add it to the user, add user to the group" + user=($OCSP_adminV_user $OCSP_adminV_fullName $OCSP_adminR_user $OCSP_adminR_fullName $OCSP_adminE_user $OCSP_adminE_fullName $OCSP_adminUTOCSP_user $OCSP_adminUTOCSP_fullName $OCSP_agentV_user $OCSP_agentV_fullName $OCSP_agentR_user $OCSP_agentR_fullName $OCSP_agentE_user $OCSP_agentE_fullName $OCSP_agentUTOCSP_user $OCSP_agentUTOCSP_fullName $OCSP_auditV_user $OCSP_auditV_fullName $OCSP_operatorV_user $OCSP_operatorV_fullName) + i=0 + while [ $i -lt ${#user[@]} ] ; do + userid=${user[$i]} + userfullName=${user[$i+1]} + + #Create $userid user + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$userfullName\" $userid" + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + user-add --fullName=\"$userfullName\" $userid" \ + 0 \ + "Add user $userid to OCSP" + + #=====Adding user to respective group. Administrator, Date Recovery Manager Agent, Auditor=====# + if [ $userid == $OCSP_adminV_user -o $userid == $OCSP_adminR_user -o $userid == $OCSP_adminE_user -o $userid == $OCSP_adminUTOCSP_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + group-add-member Administrators $userid > $TmpDir/pki-user-add-ocsp-group001$i.out" \ + 0 \ + "Add user $userid to Administrators group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-ocsp-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-ocsp-group001$i.out" + elif [ $userid == $OCSP_agentV_user -o $userid == $OCSP_agentR_user -o $userid == $OCSP_agentE_user -o $userid == $OCSP_agentUTOCSP_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + group-add-member \"Data Recovery Manager Agents\" $userid > $TmpDir/pki-user-add-ocsp-group001$i.out" \ + 0 \ + "Add user $userid to Data Recovery Manager Agents group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-ocsp-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-ocsp-group001$i.out" + + elif [ $userid == $OCSP_auditV_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + group-add-member Auditors $userid > $TmpDir/pki-user-add-ocsp-group001$i.out" \ + 0 \ + "Add user $userid to Auditors group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-ocsp-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-ocsp-group001$i.out" + + elif [ $userid == $OCSP_operatorV_user ]; then + rlRun "pki -d $TmpDir/nssdb \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + group-add-member \"Trusted Managers\" $userid > $TmpDir/pki-user-add-ocsp-group001$i.out" \ + 0 \ + "Add user $userid to Trusted Managers group" + rlAssertGrep "Added group member \"$userid\"" "$TmpDir/pki-user-add-ocsp-group001$i.out" + rlAssertGrep "User: $userid" "$TmpDir/pki-user-add-ocsp-group001$i.out" + fi + #================# + + if [ $userid == $OCSP_adminV_user -o $userid == $OCSP_adminR_user -o $userid == $OCSP_adminE_user -o $userid == $OCSP_agentV_user -o $userid == $OCSP_agentR_user -o $userid == $OCSP_agentE_user -o $userid == $OCSP_auditV_user -o $userid == $OCSP_operatorV_user ]; then + + #Create a cert and add it to the $userid user + rlLog "Admin Certificate is located at: $OCSP_ADMIN_CERT_LOCATION" + local sample_request_file1="/opt/rhqa_pki/cert_request_caUserCert1_1.in" + local sample_request_file2="/opt/rhqa_pki/cert_request_caUserCert1_2.in" + local temp_file="/tmp/requestdb/certrequest_ocsp_001$i.in" + #rlRun "create_certdb \"/tmp/requestdb\" Password" 0 "Create a certificate db" + rlRun "generate_PKCS10 \"/tmp/requestdb\" Password rsa 2048 \"/tmp/requestdb/request_ocsp_001$i.out\" \"CN=adminV\" " 0 "generate PKCS10 certificate" + + rlLog "Create a certificate request XML file.." + local search_string1="<InputAttr name=\"cert_request_type\">crmf<\/InputAttr>" + local replace_string1="\<InputAttr name=\"cert_request_type\"\>pkcs10\<\/InputAttr\>" + rlRun "sed -e '/-----BEGIN NEW CERTIFICATE REQUEST-----/d' -i /tmp/requestdb/request_ocsp_001$i.out" + rlRun "sed -e '/-----END NEW CERTIFICATE REQUEST-----/d' -i /tmp/requestdb/request_ocsp_001$i.out" + #local cert_request=`cat /tmp/request_001$i.out` + rlRun "cat $sample_request_file1 /tmp/requestdb/request_ocsp_001$i.out $sample_request_file2 > $temp_file" + rlLog "Executing: sed -e 's/$search_string1/$replace_string1/' -i $temp_file" + rlRun "sed -e 's/$search_string1/$replace_string1/' -i $temp_file" + local search_string2="testuser" + local replace_string2=$userid + rlLog "Executing: sed -e 's/$search_string2/$replace_string2/g' -i $temp_file" + rlRun "sed -e 's/$search_string2/$replace_string2/g' -i $temp_file" + local search_string3="Test User" + local replace_string3=$userfullName + rlLog "Executing: sed -e 's/$search_string3/$replace_string3/g' -i $temp_file" + rlRun "sed -e 's/$search_string3/$replace_string3/g' -i $temp_file" + + if [ $userid == $OCSP_adminV_user -o $userid == $OCSP_adminR_user -o $userid == $OCSP_agentV_user -o $userid == $OCSP_agentR_user -o $userid == $OCSP_auditV_user -o $userid == $OCSP_operatorV_user ]; then + #cert-request-submit===== + rlLog "Executing: pki cert-request-submit $temp_file" + rlRun "pki cert-request-submit $temp_file > /tmp/requestdb/certrequest_ocsp_$i.out" 0 "Executing pki cert-request-submit" + rlAssertGrep "Submitted certificate request" "/tmp/requestdb/certrequest_ocsp_$i.out" + rlAssertGrep "Request ID:" "/tmp/requestdb/certrequest_ocsp_$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequest_ocsp_$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequest_ocsp_$i.out" + local request_id=`cat /tmp/requestdb/certrequest_ocsp_$i.out | grep "Request ID:" | awk '{print $3}'` + rlLog "Request ID=$request_id" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestshow_ocsp_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestshow_ocsp_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestshow_ocsp_001$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequestshow_ocsp_001$i.out" + rlAssertGrep "Operation Result: success" "/tmp/requestdb/certrequestshow_ocsp_001$i.out" + #Agent Approve the certificate after reviewing the cert for the user + rlLog "Executing: pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + cert-request-review --action=approve $request_id" + + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + cert-request-review --action=approve $request_id > /tmp/requestdb/certapprove_ocsp_001$i.out" \ + 0 \ + "OCSP agent approve the cert" + rlAssertGrep "Approved certificate request $request_id" "/tmp/requestdb/certapprove_ocsp_001$i.out" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" + rlAssertGrep "Status: complete" "/tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" + rlAssertGrep "Certificate ID:" "/tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" + local certificate_serial_number=`cat /tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out | grep "Certificate ID:" | awk '{print $3}'` + rlLog "Cerificate Serial Number=$certificate_serial_number" + + #Verify the certificate is valid + rlRun "pki cert-show $certificate_serial_number --encoded > /tmp/requestdb/certificate_show_ocsp_001$i.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/certificate_show_ocsp_001$i.out" + rlAssertGrep "Status: VALID" "/tmp/requestdb/certificate_show_ocsp_001$i.out" + + rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' /tmp/requestdb/certificate_show_ocsp_001$i.out > /tmp/requestdb/validcert_ocsp_001$i.pem" + rlRun "certutil -d /tmp/requestdb -A -n $userid -i /tmp/requestdb/validcert_ocsp_001$i.pem -t "u,u,u"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + user-add-cert $userid --input /tmp/requestdb/validcert_ocsp_001$i.pem > /tmp/requestdb/useraddcert_ocsp_001$i.out" \ + 0 \ + "Cert is added to the user $userid" + + elif [ $userid == $OCSP_adminE_user -o $userid == $OCSP_agentE_user ]; then + #=======Expired cert waiting on response to --output ticket https://fedorahosted.org/pki/ticket/674 =======# + local profile_file="/var/lib/pki/pki-tomcat/ca/profiles/ca/caUserCert.cfg" + default_days="policyset.userCertSet.2.default.params.range=180" + change_days="policyset.userCertSet.2.default.params.range=1" + rlLog "Executing: sed -e 's/$default_days/$change_days/g' -i $profile_file" + rlRun "sed -e 's/$default_days/$change_days/g' -i $profile_file" + rlLog "Restart the subsytem" + rlRun "systemctl restart pki-tomcatd\@pki-tomcat.service" + #cert-request-submit===== + rlLog "Executing: pki cert-request-submit $temp_file" + rlRun "pki cert-request-submit $temp_file > /tmp/requestdb/certrequest_ocsp_$i.out" 0 "Executing pki cert-request-submit" + rlAssertGrep "Submitted certificate request" "/tmp/requestdb/certrequest_ocsp_$i.out" + rlAssertGrep "Request ID:" "/tmp/requestdb/certrequest_ocsp_$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequest_ocsp_$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequest_ocsp_$i.out" + local request_id=`cat /tmp/requestdb/certrequest_ocsp_$i.out | grep "Request ID:" | awk '{print $3}'` + rlLog "Request ID=$request_id" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestshow_ocsp_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestshow_ocsp_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestshow_ocsp_001$i.out" + rlAssertGrep "Status: pending" "/tmp/requestdb/certrequestshow_ocsp_001$i.out" + rlAssertGrep "Operation Result: success" "/tmp/requestdb/certrequestshow_ocsp_001$i.out" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + cert-request-review --action=approve $request_id > /tmp/requestdb/certapprove_ocsp_001$i.out" \ + 0 \ + "KRA agent approve the cert" + rlLog "cat /tmp/requestdb/certapprove_ocsp_001$i.out" + rlAssertGrep "Approved certificate request $request_id" "/tmp/requestdb/certapprove_ocsp_001$i.out" + rlRun "pki cert-request-show $request_id > /tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" 0 "Executing pki cert-request-show $request_id" + rlAssertGrep "Request ID: $request_id" "/tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" + rlAssertGrep "Type: enrollment" "/tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" + rlAssertGrep "Status: complete" "/tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" + rlAssertGrep "Certificate ID:" "/tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out" + local certificate_serial_number=`cat /tmp/requestdb/certrequestapprovedshow_ocsp_001$i.out | grep "Certificate ID:" | awk '{print $3}'` + rlLog "Cerificate Serial Number=$certificate_serial_number" + #Verify the certificate is expired + rlRun "pki cert-show $certificate_serial_number --encoded > /tmp/requestdb/certificate_show_ocsp_001$i.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/certificate_show_ocsp_001$i.out" + rlAssertGrep "Status: VALID" "/tmp/requestdb/certificate_show_ocsp_001$i.out" + rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' /tmp/requestdb/certificate_show_ocsp_001$i.out > /tmp/requestdb/validcert_ocsp_001$i.pem" + rlRun "certutil -d /tmp/requestdb -A -n $userid -i /tmp/requestdb/validcert_ocsp_001$i.pem -t "u,u,u"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + user-add-cert $userid --input /tmp/requestdb/validcert_ocsp_001$i.pem > /tmp/requestdb/useraddcert_ocsp_001$i.out" \ + 0 \ + "Cert is added to the user $userid" + rlLog "Modifying profile back to the defaults" + rlRun "sed -e 's/$change_days/$default_days/g' -i $profile_file" + rlLog "Restart the subsytem" + rlRun "systemctl restart pki-tomcatd\@pki-tomcat.service" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date --set='next day'" 0 "Set System date a day ahead" + rlRun "date" + rlRun "pki cert-show $certificate_serial_number --encoded > /tmp/requestdb/certificate_show_exp_ocsp_001$i.out" 0 "Executing pki cert-show $certificate_serial_number" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/certificate_show_exp_ocsp_001$i.out" + rlAssertGrep "Status: EXPIRED" "/tmp/requestdb/certificate_show_exp_ocsp_001$i.out" + rlRun "date --set='2 days ago'" 0 "Set System back to the present day" + fi + fi + #Add the certificate to /tmp/requestdb + #note: certificate b664 at /tmp/requestdb/certificate_show_ocsp_001$i.out + if [ $userid == $OCSP_adminUTOCSP_user ]; then + rlRun "certutil -d /tmp/dummydb -A -n $userid -i /opt/rhqa_pki/dummycert1.pem -t ",,"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + user-add-cert $userid --input /opt/rhqa_pki/dummycert1.pem > /tmp/requestdb/useraddcert_ocsp_001$i.out" \ + 0 \ + "Cert is added to the user $userid" + elif [ $userid == $OCSP_agentUTOCSP_user ]; then + rlRun "certutil -d /tmp/dummydb -A -n $userid -i /opt/rhqa_pki/dummycert1.pem -t ",,"" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + user-add-cert $userid --input /opt/rhqa_pki/dummycert1.pem > /tmp/requestdb/useraddcert_ocsp_001$i.out" \ + 0 \ + "Cert is added to the user $userid" + #Revoke certificate of user OCSP_adminR and OCSP_agentR + elif [ $userid == $OCSP_adminR_user -o $userid == $OCSP_agentR_user ] ;then + rlLog "$userid" + rlLog "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + cert-revoke $certificate_serial_number --force --reason = Unspecified > /tmp/requestdb/revokecert_ocsp_001$i.out" + rlRun "pki -d /tmp/requestdb/ \ + -n \"$admin_cert_nickname\" \ + -c $nss_db_password \ + -t ocsp \ + cert-revoke $certificate_serial_number --force --reason=Unspecified > /tmp/requestdb/revokecert_ocsp_001$i.out" \ + 0 \ + "Certificate of user $userid is revoked" + rlAssertGrep "Serial Number: $certificate_serial_number" "/tmp/requestdb/revokecert_ocsp_001$i.out" + rlAssertGrep "Subject: UID=$userid,E=$userid@example.com,CN=$userfullName,OU=Engineering,O=Example,C=US" "/tmp/requestdb/revokecert_ocsp_001$i.out" + rlAssertGrep "Status: REVOKED" "/tmp/requestdb/revokecert_ocsp_001$i.out" + fi + let i=$i+2 + done + rlPhaseEnd +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-show-ocsp.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-show-ocsp.sh new file mode 100755 index 000000000..5d0bbd8a6 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-show-ocsp.sh @@ -0,0 +1,446 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli +# Description: PKI user-add CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following ipa cli commands needs to be tested: +# pki-user-cli-user-add Add users to pki subsystems. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/pki-cert-cli-lib.sh +. /opt/rhqa_pki/env.sh + +###################################################################################### +#pki-user-cli-user-ocsp.sh should be first executed prior to pki-user-cli-user-add-ocsp.sh +#pki-user-cli-user-add-ocsp.sh should be first executed prior to pki-user-cli-user-add-ocsp.sh +###################################################################################### + +######################################################################## +# Test Suite Globals +######################################################################## + +######################################################################## + +run_pki-user-cli-user-show-ocsp_tests(){ + rlPhaseStartSetup "pki_user_cli_user_show-ocsp-startup:Getting the temp directory and nss certificate db " + rlLog "nss_db directory = $TmpDir/nssdb" + rlLog "temp directory = /tmp/requestdb" + rlPhaseEnd + ##### Tests to show OCSP users #### + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001: Add a user to OCSP using OCSP_adminV" + rlLog "Executing: pki -d $TmpDir/nssdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user1" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user1 > $TmpDir/pki-user-show-ocsp-001.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"$user1\"" "$TmpDir/pki-user-show-ocsp-001.out" + rlAssertGrep "User ID: $user1" "$TmpDir/pki-user-show-ocsp-001.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-ocsp-001.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_1:maximum length of user id " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user2 > $TmpDir/pki-user-show-ocsp-001_1.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"$user2\"" "$TmpDir/pki-user-show-ocsp-001_1.out" + rlAssertGrep "User ID: $user2" "$TmpDir/pki-user-show-ocsp-001_1.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_1.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_2:User id with # character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user3 > $TmpDir/pki-user-show-ocsp-001_2.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"$user3\"" "$TmpDir/pki-user-show-ocsp-001_2.out" + rlAssertGrep "User ID: $user3" "$TmpDir/pki-user-show-ocsp-001_2.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_2.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_3:User id with $ character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user4 > $TmpDir/pki-user-show-ocsp-001_3.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"$user4\"" "$TmpDir/pki-user-show-ocsp-001_3.out" + rlAssertGrep "User ID: abc\\$" "$TmpDir/pki-user-show-ocsp-001_3.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_3.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_4:User id with @ character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user5 > $TmpDir/pki-user-show-ocsp-001_4.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"$user5\"" "$TmpDir/pki-user-show-ocsp-001_4.out" + rlAssertGrep "User ID: $user5" "$TmpDir/pki-user-show-ocsp-001_4.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_4.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_5:User id with ? character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user6 > $TmpDir/pki-user-show-ocsp-001_5.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"$user6\"" "$TmpDir/pki-user-show-ocsp-001_5.out" + rlAssertGrep "User ID: $user6" "$TmpDir/pki-user-show-ocsp-001_5.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_5.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_6:User id as 0" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show $user7 > $TmpDir/pki-user-show-ocsp-001_6.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"$user7\"" "$TmpDir/pki-user-show-ocsp-001_6.out" + rlAssertGrep "User ID: $user7" "$TmpDir/pki-user-show-ocsp-001_6.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_6.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_7:--email with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u1 > $TmpDir/pki-user-show-ocsp-001_7.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u1\"" "$TmpDir/pki-user-show-ocsp-001_7.out" + rlAssertGrep "User ID: u1" "$TmpDir/pki-user-show-ocsp-001_7.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_7.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-show-ocsp-001_7.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_8:--email with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u2 > $TmpDir/pki-user-show-ocsp-001_8.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u2\"" "$TmpDir/pki-user-show-ocsp-001_8.out" + rlAssertGrep "User ID: u2" "$TmpDir/pki-user-show-ocsp-001_8.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_8.out" + rlAssertGrep "Email: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-show-ocsp-001_8.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_9:--email with # character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u3 > $TmpDir/pki-user-show-ocsp-001_9.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u3\"" "$TmpDir/pki-user-show-ocsp-001_9.out" + rlAssertGrep "User ID: u3" "$TmpDir/pki-user-show-ocsp-001_9.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_9.out" + rlAssertGrep "Email: #" "$TmpDir/pki-user-show-ocsp-001_9.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_10:--email with * character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u4 > $TmpDir/pki-user-show-ocsp-001_10.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u4\"" "$TmpDir/pki-user-show-ocsp-001_10.out" + rlAssertGrep "User ID: u4" "$TmpDir/pki-user-show-ocsp-001_10.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_10.out" + rlAssertGrep "Email: *" "$TmpDir/pki-user-show-ocsp-001_10.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_11:--email with $ character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u5 > $TmpDir/pki-user-show-ocsp-001_11.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u5\"" "$TmpDir/pki-user-show-ocsp-001_11.out" + rlAssertGrep "User ID: u5" "$TmpDir/pki-user-show-ocsp-001_11.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_11.out" + rlAssertGrep "Email: \\$" "$TmpDir/pki-user-show-ocsp-001_11.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_12:--email as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u6 > $TmpDir/pki-user-show-ocsp-001_12.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u6\"" "$TmpDir/pki-user-show-ocsp-001_12.out" + rlAssertGrep "User ID: u6" "$TmpDir/pki-user-show-ocsp-001_12.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_12.out" + rlAssertGrep "Email: 0" "$TmpDir/pki-user-show-ocsp-001_12.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_13:--state with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u7 > $TmpDir/pki-user-show-ocsp-001_13.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u7\"" "$TmpDir/pki-user-show-ocsp-001_13.out" + rlAssertGrep "User ID: u7" "$TmpDir/pki-user-show-ocsp-001_13.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_13.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-show-ocsp-001_13.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_14:--state with maximum length and symbols " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u8 > $TmpDir/pki-user-show-ocsp-001_14.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u8\"" "$TmpDir/pki-user-show-ocsp-001_14.out" + rlAssertGrep "User ID: u8" "$TmpDir/pki-user-show-ocsp-001_14.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_14.out" + rlAssertGrep "State: abcdefghijklmnopqrstuvwxyx12345678\\#\\?*$@" "$TmpDir/pki-user-show-ocsp-001_14.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_15:--state with # character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u9 > $TmpDir/pki-user-show-ocsp-001_15.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u9\"" "$TmpDir/pki-user-show-ocsp-001_15.out" + rlAssertGrep "User ID: u9" "$TmpDir/pki-user-show-ocsp-001_15.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_15.out" + rlAssertGrep "State: #" "$TmpDir/pki-user-show-ocsp-001_15.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_16:--state with * character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u10 > $TmpDir/pki-user-show-ocsp-001_16.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u10\"" "$TmpDir/pki-user-show-ocsp-001_16.out" + rlAssertGrep "User ID: u10" "$TmpDir/pki-user-show-ocsp-001_16.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_16.out" + rlAssertGrep "State: *" "$TmpDir/pki-user-show-ocsp-001_16.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_17:--state with $ character " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u11 > $TmpDir/pki-user-show-ocsp-001_17.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u11\"" "$TmpDir/pki-user-show-ocsp-001_17.out" + rlAssertGrep "User ID: u11" "$TmpDir/pki-user-show-ocsp-001_17.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_17.out" + rlAssertGrep "State: \\$" "$TmpDir/pki-user-show-ocsp-001_17.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_18:--state as number 0 " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u12 > $TmpDir/pki-user-show-ocsp-001_18.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u12\"" "$TmpDir/pki-user-show-ocsp-001_18.out" + rlAssertGrep "User ID: u12" "$TmpDir/pki-user-show-ocsp-001_18.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_18.out" + rlAssertGrep "State: 0" "$TmpDir/pki-user-show-ocsp-001_18.out" + rlPhaseEnd + #https://www.redhat.com/archives/pki-users/2010-February/msg00015.html + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_19:--phone with maximum length " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u13 > $TmpDir/pki-user-show-ocsp-001_19.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u13\"" "$TmpDir/pki-user-show-ocsp-001_19.out" + rlAssertGrep "User ID: u13" "$TmpDir/pki-user-show-ocsp-001_19.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_19.out" + rlAssertGrep "Phone: abcdefghijklmnopqrstuvwxyx12345678" "$TmpDir/pki-user-show-ocsp-001_19.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_24:--phone as negative number -1230 " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u14 > $TmpDir/pki-user-show-ocsp-001_24.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u14\"" "$TmpDir/pki-user-show-ocsp-001_24.out" + rlAssertGrep "User ID: u14" "$TmpDir/pki-user-show-ocsp-001_24.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_24.out" + rlAssertGrep "Phone: -1230" "$TmpDir/pki-user-show-ocsp-001_24.out" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_25:--type as Auditors" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u15 > $TmpDir/pki-user-show-ocsp-001_25.out" \ + 0 \ + "Show pki OCSP_adminV user" + rlAssertGrep "User \"u15\"" "$TmpDir/pki-user-show-ocsp-001_25.out" + rlAssertGrep "User ID: u15" "$TmpDir/pki-user-show-ocsp-001_25.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_25.out" + rlAssertGrep "Type: Auditors" "$TmpDir/pki-user-show-ocsp-001_25.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_26:--type Certificate Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u16 > $TmpDir/pki-user-show-ocsp-001_26.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"u16\"" "$TmpDir/pki-user-show-ocsp-001_26.out" + rlAssertGrep "User ID: u16" "$TmpDir/pki-user-show-ocsp-001_26.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_26.out" + rlAssertGrep "Type: Certificate Manager Agents" "$TmpDir/pki-user-show-ocsp-001_26.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_27:--type Registration Manager Agents " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u17 > $TmpDir/pki-user-show-ocsp-001_27.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"u17\"" "$TmpDir/pki-user-show-ocsp-001_27.out" + rlAssertGrep "User ID: u17" "$TmpDir/pki-user-show-ocsp-001_27.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_27.out" + rlAssertGrep "Type: Registration Manager Agents" "$TmpDir/pki-user-show-ocsp-001_27.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_28:--type Subsytem Group " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u18 > $TmpDir/pki-user-show-ocsp-001_28.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"u18\"" "$TmpDir/pki-user-show-ocsp-001_28.out" + rlAssertGrep "User ID: u18" "$TmpDir/pki-user-show-ocsp-001_28.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_28.out" + rlAssertGrep "Type: Subsytem Group" "$TmpDir/pki-user-show-ocsp-001_28.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_29:--type Security Domain Administrators " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u19 > $TmpDir/pki-user-show-ocsp-001_29.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"u19\"" "$TmpDir/pki-user-show-ocsp-001_29.out" + rlAssertGrep "User ID: u19" "$TmpDir/pki-user-show-ocsp-001_29.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_29.out" + rlAssertGrep "Type: Security Domain Administrators" "$TmpDir/pki-user-show-ocsp-001_29.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_30:--type ClonedSubsystems " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u20 > $TmpDir/pki-user-show-ocsp-001_30.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"u20\"" "$TmpDir/pki-user-show-ocsp-001_30.out" + rlAssertGrep "User ID: u20" "$TmpDir/pki-user-show-ocsp-001_30.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_30.out" + rlAssertGrep "Type: ClonedSubsystems" "$TmpDir/pki-user-show-ocsp-001_30.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_31:--type Trusted Managers " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + user-show u21 > $TmpDir/pki-user-show-ocsp-001_31.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"u21\"" "$TmpDir/pki-user-show-ocsp-001_31.out" + rlAssertGrep "User ID: u21" "$TmpDir/pki-user-show-ocsp-001_31.out" + rlAssertGrep "Full name: test" "$TmpDir/pki-user-show-ocsp-001_31.out" + rlAssertGrep "Type: Trusted Managers" "$TmpDir/pki-user-show-ocsp-001_31.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_32: Add a user to OCSP with -t option" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-show u22 > $TmpDir/pki-user-show-ocsp-001_32.out" \ + 0 \ + "Show pki OCSP user" + rlAssertGrep "User \"u22\"" "$TmpDir/pki-user-show-ocsp-001_32.out" + rlAssertGrep "User ID: u22" "$TmpDir/pki-user-show-ocsp-001_32.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-ocsp-001_32.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_33: Add a user -- all options provided" + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-show u23 > $TmpDir/pki-user-show-ocsp-001_33.out" \ + 0 \ + "Show pki OCSP user" + + rlAssertGrep "User \"u23\"" "$TmpDir/pki-user-show-ocsp-001_33.out" + rlAssertGrep "User ID: u23" "$TmpDir/pki-user-show-ocsp-001_33.out" + rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-user-show-ocsp-001_33.out" + rlAssertGrep "Email: $email" "$TmpDir/pki-user-show-ocsp-001_33.out" + rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-show-ocsp-001_33.out" + rlAssertGrep "Type: $type" "$TmpDir/pki-user-show-ocsp-001_33.out" + rlAssertGrep "State: $state" "$TmpDir/pki-user-show-ocsp-001_33.out" + rlPhaseEnd + #Negative Cases + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_34: Missing required option user id " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-show > $TmpDir/pki-user-show-ocsp-001_34.out 2>&1" \ + 1 \ + "Cannot show user without user id" + rlAssertGrep "usage: user-show <User ID>" "$TmpDir/pki-user-show-ocsp-001_34.out" + rlPhaseEnd + rlPhaseStartTest "pki_user_cli_user_show-OCSP-001_35: Checking if user id case sensitive " + rlRun "pki -d /tmp/requestdb \ + -n OCSP_adminV \ + -c $nss_db_password \ + -t ocsp \ + user-show U23 > $TmpDir/pki-user-show-ocsp-001_35.out 2>&1" \ + 1 \ + "Cannot show user since the user id is case sensitive" + rlAssertGrep "UserNotFoundException: User U23 not found" "$TmpDir/pki-user-show-ocsp-001_35.out" + rlPhaseEnd + + + +} diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/runtest.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/runtest.sh new file mode 100755 index 000000000..e4a12f121 --- /dev/null +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/runtest.sh @@ -0,0 +1,77 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/cli-tests/pki-user-cli/ocsp +# Description: PKI USER CLI tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include data-driven test data file: + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +# Include test case file +. ./pki-user-cli-user-ocsp.sh +. ./pki-user-cli-user-add-ocsp.sh +. ./pki-user-cli-user-show-ocsp.sh +. ./pki-user-cli-user-find-ocsp.sh +. ./pki-user-cli-user-del-ocsp.sh + + +############################################################################## +PACKAGE="pki-tools" + + +rlJournalStart + rlPhaseStartSetup "pki-user-cli-startup: Check for pki-tools package" + rpm -qa | grep $PACKAGE + if [ $? -eq 0 ] ; then + rlPass "$PACKAGE package is installed" + else + rlFail "$PACKAGE package NOT found!" + fi + rlPhaseEnd + + # Execute pki user ca config tests + run_pki-user-cli-user-ocsp_tests + # Execute pki user-add-ocsp tests + run_pki-user-cli-user-add-ocsp_tests + # Execute pki user-show-ocsp tests + run_pki-user-cli-user-show-ocsp_tests + # Execute pki user-find-ocsp tests + run_pki-user-cli-user-find-ocsp_tests + #Execute pki user-del-ocsp tests + run_pki-user-cli-user-del-ocsp_tests + rlJournalPrintText + report=/tmp/rhts.report.$RANDOM.txt + makereport $report + rhts-submit-log -l $report +rlJournalEnd diff --git a/tests/dogtag/acceptance/quickinstall/Makefile b/tests/dogtag/acceptance/quickinstall/Makefile new file mode 100644 index 000000000..7494edc92 --- /dev/null +++ b/tests/dogtag/acceptance/quickinstall/Makefile @@ -0,0 +1,64 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/rhcs/acceptance/quickinstall +# Description: RHCS Quick Install +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/rhcs/acceptance/quickinstall +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE rhcs-install.sh rhcs-install-lib.sh rhds-install.sh + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + chmod a+x runtest.sh + chmod a+x rhcs-install.sh rhcs-install-lib.sh rhds-install.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Asha Akkiangady <aakkiang@redhat.com>" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: RHCS quickinstall" >> $(METADATA) + @echo "Type: Functional" >> $(METADATA) + @echo "TestTime: 60m" >> $(METADATA) + @echo "RunFor: rhcs" >> $(METADATA) + @echo "Requires: expect" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/dogtag/acceptance/quickinstall/PURPOSE b/tests/dogtag/acceptance/quickinstall/PURPOSE new file mode 100644 index 000000000..e2ab40386 --- /dev/null +++ b/tests/dogtag/acceptance/quickinstall/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/rhcs/acceptance/quickinstall +Description: RHCS Quickinstall +Author: Asha Akkiangady <aakkiang@redhat.com> diff --git a/tests/dogtag/acceptance/quickinstall/rhcs-install-lib.sh b/tests/dogtag/acceptance/quickinstall/rhcs-install-lib.sh new file mode 100644 index 000000000..ba751d617 --- /dev/null +++ b/tests/dogtag/acceptance/quickinstall/rhcs-install-lib.sh @@ -0,0 +1,388 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# rhcs_install.sh of /CoreOS/rhcs/acceptance/quickinstall +# Description: CS quickinstall acceptance tests for new install +# functions. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# Date : Feb 21, 2013 +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# ROLE=MASTER, CLONE, SUBCA, EXTERNAL +# SUBSYSTEMS=CA, KRA, OCSP, RA, TKS, TPS + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/rhcs-install-shared.sh +. /opt/rhqa_pki/env.sh + +# Include tests +. ./acceptance/quickinstall/rhds-install.sh + +#Copy rhcs-install-lib.sh to /opt/rhqa_pki/ + rm -f /opt/rhqa_pki/rhcs-install-lib.sh + cp -a ./acceptance/quickinstall/rhcs-install-lib.sh /opt/rhqa_pki/. + +########################################################### +# CA INSTALL TESTS # +########################################################### +rhcs_install_ca() { + rlPhaseStartTest "rhcs_install_ca - Install RHCS CA Server" + local INSTANCECFG="/tmp/ca_instance.inf" + local INSTANCE_CREATE_OUT="/tmp/ca_instance_create.out" + local PKI_SECURITY_DOMAIN_USER=$CA_ADMIN_USER + rlLog "$FUNCNAME" + rhcs_install_prep_disableFirewall + + #Install RHDS packages + rhcs_install_set_ldap_vars + + #Install and configure RHDS instance + rlLog "Creating LDAP server Instance to configure CA" + rlRun "rhds_install $CA_LDAP_PORT $CA_LDAP_INSTANCE_NAME \"$LDAP_ROOTDN\" $LDAP_ROOTDNPWD $LDAP_BASEDN" 0 "Installing RHDS instance for CA install" 0 "Install LDAP Instance" + + #Install CA + rlLog "Creating CA Instance" + echo $FLAVOR | grep "Fedora" + if [ $? -eq 0 ] ; then + rlLog "Setting up Dogtag CA instance ............." + echo "[DEFAULT]" > $INSTANCECFG + echo "pki_admin_password= $CA_ADMIN_PASSWORD" >> $INSTANCECFG + echo "pki_backup_password= $CA_BACKUP_PASSWORD" >> $INSTANCECFG + echo "pki_client_pkcs12_password= $CA_CLIENT_PKCS12_PASSWORD" >> $INSTANCECFG + echo "pki_ds_password= $LDAP_ROOTDNPWD" >> $INSTANCECFG + echo "pki_security_domain_password= $CA_SECURITY_DOMAIN_PASSWORD" >> $INSTANCECFG + echo "[CA]" >> $INSTANCECFG + echo "pki_ds_ldap_port= $CA_LDAP_PORT" >> $INSTANCECFG + # echo "pki_enable_java_debugger=True" >> $INSTANCECFG + cat $INSTANCECFG + + CA_DOMAIN=`hostname -d` + echo "export CA_DOMAIN=$CA_DOMAIN" >> /opt/rhqa_pki/env.sh + + rlLog "EXECUTING: pkispawn -s CA -f $INSTANCECFG -v " + rlRun "pkispawn -s CA -f $INSTANCECFG -v > $INSTANCE_CREATE_OUT 2>&1" + rlRun "cat $INSTANCE_CREATE_OUT" + exp_message1="Administrator's username: $PKI_SECURITY_DOMAIN_USER" + rlAssertGrep "$exp_message1" "$INSTANCE_CREATE_OUT" + exp_message1_1="Administrator's PKCS #12 file:" + rlAssertGrep "$exp_message1_1" "$INSTANCE_CREATE_OUT" + exp_message2="$CA_DOMAIN" + rlAssertGrep "$exp_message2" "$INSTANCE_CREATE_OUT" + exp_message3_1="To check the status of the subsystem:" + rlAssertGrep "$exp_message3_1" "$INSTANCE_CREATE_OUT" + exp_message3_2="systemctl status pki-tomcatd\\\@pki-tomcat.service" + rlAssertGrep "$exp_message3_2" "$INSTANCE_CREATE_OUT" + exp_message4_1="To restart the subsystem:" + rlAssertGrep "$exp_message4_1" "$INSTANCE_CREATE_OUT" + exp_message4_2=" systemctl restart pki-tomcatd\\\@pki-tomcat.service" + rlAssertGrep "$exp_message4_2" "$INSTANCE_CREATE_OUT" + exp_message5="The URL for the subsystem is:" + rlAssertGrep "$exp_message5" "$INSTANCE_CREATE_OUT" + exp_message5_1="https://$HOSTNAME:8443/ca" + rlAssertGrep "$exp_message5_1" "$INSTANCE_CREATE_OUT" + + echo "export CA_SERVER_ROOT=/var/lib/pki/pki-tomcat/ca" >> /opt/rhqa_pki/env.sh + + + else + #RHEL7 CS CA install tests here + rlLog "Setting up RHEL7 CA instance ............." + fi + rlPhaseEnd +} + +########################################################### +# KRA INSTALL TESTS # +########################################################### +rhcs_install_kra() { + rlPhaseStartTest "rhcs_install_kra - Install RHCS KRA Server" + rlLog "$FUNCNAME" + local INSTANCECFG="/tmp/kra_instance.inf" + local INSTANCE_CREATE_OUT="/tmp/kra_instance_create.out" + local PKI_SECURITY_DOMAIN_PORT=$CA_SECURE_PORT + local PKI_SECURITY_DOMAIN_USER=$CA_ADMIN_USER + + rhcs_install_prep_disableFirewall + + + #Install and configure RHDS instance + rlLog "Creating LDAP server Instance to configure KRA" + rlRun "rhds_install $KRA_LDAP_PORT $KRA_LDAP_INSTANCE_NAME \"$LDAP_ROOTDN\" $LDAP_ROOTDNPWD $LDAP_BASEDN" 0 "Installing RHDS instance for KRA install" 0 "Install LDAP Instance" + + #Install KRA + rlLog "Creating KRA Instance" + echo $FLAVOR | grep "Fedora" + if [ $? -eq 0 ] ; then + rlLog "Setting up Dogtag KRA instance ............." + echo "[DEFAULT]" > $INSTANCECFG + echo "pki_admin_password= $KRA_ADMIN_PASSWORD" >> $INSTANCECFG + echo "pki_backup_password= $KRA_BACKUP_PASSWORD" >> $INSTANCECFG + echo "pki_client_pkcs12_password= $KRA_CLIENT_PKCS12_PASSWORD" >> $INSTANCECFG + echo "pki_client_database_password= $KRA_CLIENT_PKCS12_PASSWORD" >> $INSTANCECFG + echo "pki_ds_password= $LDAP_ROOTDNPWD" >> $INSTANCECFG + echo "pki_security_domain_password= $CA_SECURITY_DOMAIN_PASSWORD" >> $INSTANCECFG + echo "pki_security_domain_hostname= $HOSTNAME" >> $INSTANCECFG + echo "pki_security_domain_https_port= $PKI_SECURITY_DOMAIN_PORT" >> $INSTANCECFG + echo "pki_security_domain_user= $PKI_SECURITY_DOMAIN_USER" >> $INSTANCECFG + echo "pki_issueing_ca_uri= https://$HOSTNAME:$PKI_SECURITY_DOMAIN_PORT" >> $INSTANCECFG + echo "[KRA]" >> $INSTANCECFG + echo "pki_ds_ldap_port= $KRA_LDAP_PORT" >> $INSTANCECFG + cat $INSTANCECFG + + rlLog "EXECUTING: pkispawn -s KRA -f $INSTANCECFG -v " + rlRun "pkispawn -s KRA -f $INSTANCECFG -v > $INSTANCE_CREATE_OUT 2>&1" + cat $INSTANCE_CREATE_OUT + exp_message1="Administrator's username: $KRA_ADMIN_USER" + rlAssertGrep "$exp_message1" "$INSTANCE_CREATE_OUT" + exp_message4="To check the status of the subsystem:" + rlAssertGrep "$exp_message4" "$INSTANCE_CREATE_OUT" + exp_message5="systemctl status pki-tomcatd\\\@pki-tomcat.service" + rlAssertGrep "$exp_message5" "$INSTANCE_CREATE_OUT" + exp_message6="To restart the subsystem:" + rlAssertGrep "$exp_message6" "$INSTANCE_CREATE_OUT" + exp_message7=" systemctl restart pki-tomcatd\\\@pki-tomcat.service" + rlAssertGrep "$exp_message7" "$INSTANCE_CREATE_OUT" + exp_message8="The URL for the subsystem is:" + rlAssertGrep "$exp_message8" "$INSTANCE_CREATE_OUT" + exp_message8_1="https://$HOSTNAME:8443/kra" + rlAssertGrep "$exp_message8_1" "$INSTANCE_CREATE_OUT" + echo "export CA_ADMIN_CERT_LOCATION=/root/.dogtag/pki-tomcat/ca_admin_cert.p12" >> /opt/rhqa_pki/env.sh + + echo "export KRA_SERVER_ROOT=/var/lib/pki/pki-tomcat/kra" >> /opt/rhqa_pki/env.sh + else + #RHEL7 CS KRA install tests here + rlLog "Setting up RHEL7 KRA instance ............." + fi + rlPhaseEnd +} + +########################################################### +# OCSP INSTALL TESTS # +########################################################### +rhcs_install_ocsp() { + rlPhaseStartTest "rhcs_install_ocsp - Install RHCS OCSP Server" + rlLog "$FUNCNAME" + local INSTANCECFG="/tmp/ocsp_instance.inf" + local INSTANCE_CREATE_OUT="/tmp/ocsp_instance_create.out" + local PKI_SECURITY_DOMAIN_PORT=$CA_SECURE_PORT + local PKI_SECURITY_DOMAIN_USER=$CA_ADMIN_USER + + rhcs_install_prep_disableFirewall + + #Install and configure RHDS instance + rlLog "Creating LDAP server Instance to configure OCSP" + rlRun "rhds_install $OCSP_LDAP_PORT $OCSP_LDAP_INSTANCE_NAME \"$LDAP_ROOTDN\" $LDAP_ROOTDNPWD $LDAP_BASEDN" 0 "Installing RHDS instance for OCSP install" 0 "Install LDAP Instance" + + #Install OCSP + rlLog "Creating OCSP Instance" + echo $FLAVOR | grep "Fedora" + if [ $? -eq 0 ] ; then + rlLog "Setting up Dogtag OCSP instance ............." + echo "[DEFAULT]" > $INSTANCECFG + echo "pki_admin_password= $OCSP_ADMIN_PASSWORD" >> $INSTANCECFG + echo "pki_backup_password= $OCSP_BACKUP_PASSWORD" >> $INSTANCECFG + echo "pki_client_pkcs12_password= $OCSP_CLIENT_PKCS12_PASSWORD" >> $INSTANCECFG + echo "pki_client_database_password= $OCSP_CLIENT_PKCS12_PASSWORD" >> $INSTANCECFG + echo "pki_ds_password= $LDAP_ROOTDNPWD" >> $INSTANCECFG + echo "pki_security_domain_password= $CA_SECURITY_DOMAIN_PASSWORD" >> $INSTANCECFG + echo "pki_security_domain_hostname= $HOSTNAME" >> $INSTANCECFG + echo "pki_security_domain_https_port= $PKI_SECURITY_DOMAIN_PORT" >> $INSTANCECFG + echo "pki_security_domain_user= $PKI_SECURITY_DOMAIN_USER" >> $INSTANCECFG + echo "pki_issueing_ca_uri= https://$HOSTNAME:$PKI_SECURITY_DOMAIN_PORT" >> $INSTANCECFG + echo "[OCSP]" >> $INSTANCECFG + echo "pki_ds_ldap_port= $OCSP_LDAP_PORT" >> $INSTANCECFG + cat $INSTANCECFG + + rlLog "EXECUTING: pkispawn -s OCSP -f $INSTANCECFG -v " + rlRun "pkispawn -s OCSP -f $INSTANCECFG -v > $INSTANCE_CREATE_OUT 2>&1" + + cat $INSTANCE_CREATE_OUT + exp_message1="Administrator's username: $OCSP_ADMIN_USER" + rlAssertGrep "$exp_message1" "$INSTANCE_CREATE_OUT" + exp_message3_1="To check the status of the subsystem:" + rlAssertGrep "$exp_message3_1" "$INSTANCE_CREATE_OUT" + exp_message3_2="systemctl status pki-tomcatd\\\@pki-tomcat.service" + rlAssertGrep "$exp_message3_2" "$INSTANCE_CREATE_OUT" + exp_message4_1="To restart the subsystem:" + rlAssertGrep "$exp_message4_1" "$INSTANCE_CREATE_OUT" + exp_message4_2=" systemctl restart pki-tomcatd\\\@pki-tomcat.service" + rlAssertGrep "$exp_message4_2" "$INSTANCE_CREATE_OUT" + exp_message5="The URL for the subsystem is:" + rlAssertGrep "$exp_message5" "$INSTANCE_CREATE_OUT" + exp_message5_1="https://$HOSTNAME:8443/ocsp" + rlAssertGrep "$exp_message5_1" "$INSTANCE_CREATE_OUT" + echo "export CA_ADMIN_CERT_LOCATION=/root/.dogtag/pki-tomcat/ca_admin_cert.p12" >> /opt/rhqa_pki/env.sh + + + echo "export OCSP_SERVER_ROOT=/var/lib/pki/pki-tomcat/ocsp" >> /opt/rhqa_pki/env.sh + + else + #RHEL7 CS OCSP install tests here + rlLog "Setting up RHEL7 OCSP instance ............." + fi + rlPhaseEnd +} +########################################################### +# TKS INSTALL TESTS # +########################################################### +rhcs_install_tks() { + rlPhaseStartTest "rhcs_install_tks - Install RHCS TKS Server" + rlLog "$FUNCNAME" + local INSTANCECFG="/tmp/tks_instance.inf" + local INSTANCE_CREATE_OUT="/tmp/tks_instance_create.out" + local PKI_SECURITY_DOMAIN_PORT=$CA_SECURE_PORT + local PKI_SECURITY_DOMAIN_USER=$CA_ADMIN_USER + + rhcs_install_prep_disableFirewall + + #Install and configure RHDS instance + rlLog "Creating LDAP server Instance to configure TKS" + rlRun "rhds_install $TKS_LDAP_PORT $TKS_LDAP_INSTANCE_NAME \"$LDAP_ROOTDN\" $LDAP_ROOTDNPWD $LDAP_BASEDN" 0 "Installing RHDS instance for TKS install" 0 "Install LDAP Instance" + + #Install TKS + rlLog "Creating TKS Instance" + echo $FLAVOR | grep "Fedora" + if [ $? -eq 0 ] ; then + rlLog "Setting up Dogtag TKS instance ............." + echo "[DEFAULT]" > $INSTANCECFG + echo "pki_admin_password= $TKS_ADMIN_PASSWORD" >> $INSTANCECFG + echo "pki_backup_password= $TKS_BACKUP_PASSWORD" >> $INSTANCECFG + echo "pki_client_pkcs12_password= $TKS_CLIENT_PKCS12_PASSWORD" >> $INSTANCECFG + echo "pki_client_database_password= $TKS_CLIENT_PKCS12_PASSWORD" >> $INSTANCECFG + echo "pki_ds_password= $LDAP_ROOTDNPWD" >> $INSTANCECFG + echo "pki_security_domain_password= $CA_SECURITY_DOMAIN_PASSWORD" >> $INSTANCECFG + echo "pki_security_domain_hostname= $HOSTNAME" >> $INSTANCECFG + echo "pki_security_domain_https_port= $PKI_SECURITY_DOMAIN_PORT" >> $INSTANCECFG + echo "pki_security_domain_user= $PKI_SECURITY_DOMAIN_USER" >> $INSTANCECFG + echo "pki_issueing_ca_uri= https://$HOSTNAME:$PKI_SECURITY_DOMAIN_PORT" >> $INSTANCECFG + echo "[TKS]" >> $INSTANCECFG + echo "pki_ds_ldap_port= $TKS_LDAP_PORT" >> $INSTANCECFG + cat $INSTANCECFG + rlLog "EXECUTING: pkispawn -s TKS -f $INSTANCECFG -v " + rlRun "pkispawn -s TKS -f $INSTANCECFG -v > $INSTANCE_CREATE_OUT 2>&1" + + cat $INSTANCE_CREATE_OUT + exp_message1="Administrator's username: $TKS_ADMIN_USER" + rlAssertGrep "$exp_message1" "$INSTANCE_CREATE_OUT" + exp_message3_1="To check the status of the subsystem:" + rlAssertGrep "$exp_message3_1" "$INSTANCE_CREATE_OUT" + exp_message3_2="systemctl status pki-tomcatd\\\@pki-tomcat.service" + rlAssertGrep "$exp_message3_2" "$INSTANCE_CREATE_OUT" + exp_message4_1="To restart the subsystem:" + rlAssertGrep "$exp_message4_1" "$INSTANCE_CREATE_OUT" + exp_message4_2=" systemctl restart pki-tomcatd\\\@pki-tomcat.service" + rlAssertGrep "$exp_message4_2" "$INSTANCE_CREATE_OUT" + exp_message5="The URL for the subsystem is:" + rlAssertGrep "$exp_message5" "$INSTANCE_CREATE_OUT" + exp_message5_1="https://$HOSTNAME:8443/tks" + rlAssertGrep "$exp_message5_1" "$INSTANCE_CREATE_OUT" + echo "export CA_ADMIN_CERT_LOCATION=/root/.dogtag/pki-tomcat/ca_admin_cert.p12" >> /opt/rhqa_pki/env.sh + + + echo "export TKS_SERVER_ROOT=/var/lib/pki/pki-tomcat/tks" >> /opt/rhqa_pki/env.sh + + else + #RHEL7 CS TKS install tests here + rlLog "Setting up RHEL7 TKS instance ............." + fi + rlPhaseEnd +} + + +########################################################### +# CA INSTALL TESTS # +########################################################### +rhcs_install_ca_only() { + rlPhaseStartTest "rhcs_install_ca_only - Install RHCS CA Server" + local INSTANCECFG="/tmp/ca_instance.inf" + local INSTANCE_CREATE_OUT="/tmp/ca_instance_create.out" + local LDAP_PORT="1500" + rlLog "$FUNCNAME" + + rhcs_install_prep_disableFirewall + + #Install and configure RHDS instance + rlLog "Creating LDAP server Instance" + rhcs_install_set_ldap_vars + rlRun "rhds_install $LDAP_PORT $CA_LDAP_INSTANCE_NAME \"$LDAP_ROOTDN\" $LDAP_ROOTDNPWD $LDAP_BASEDN" 0 "Installing RHDS instance for CA install" 0 "Install LDAP Instance" + + #Install CA + rlLog "Creating CA Instance" + echo $FLAVOR | grep "Fedora" + if [ $? -eq 0 ] ; then + rlLog "Setting up Dogtag CA instance ............." + echo "[DEFAULT]" > $INSTANCECFG + echo "pki_admin_password= $CA_ADMIN_PASSWORD" >> $INSTANCECFG + echo "pki_backup_password= $CA_BACKUP_PASSWORD" >> $INSTANCECFG + echo "pki_client_pkcs12_password= $CA_CLIENT_PKCS12_PASSWORD" >> $INSTANCECFG + echo "pki_ds_password= $LDAP_ROOTDNPWD" >> $INSTANCECFG + echo "pki_security_domain_password= $CA_SECURITY_DOMAIN_PASSWORD" >> $INSTANCECFG + echo "" >> $INSTANCECFG + echo "[CA]" >> $INSTANCECFG + echo "pki_ds_ldap_port= $LDAP_PORT" >> $INSTANCECFG + echo "pki_instance_name= $CA_INSTANCE_ID" >> $INSTANCECFG + cat $INSTANCECFG + + rlLog "EXECUTING: pkispawn -s CA -f $INSTANCECFG -v " + rlRun "pkispawn -s CA -f $INSTANCECFG -v > $INSTANCE_CREATE_OUT 2>&1" + rlRun "cat $INSTANCE_CREATE_OUT" + exp_message1="saving Admin Certificate to file: '/root/.pki/$CA_INSTANCE_ID/ca_admin.cert'" + rlAssertGrep "$exp_message1" "$INSTANCE_CREATE_OUT" + exp_message2="pk12util: PKCS12 EXPORT SUCCESSFUL" + rlAssertGrep "$exp_message2" "$INSTANCE_CREATE_OUT" + exp_message3="performing chmod: 'chmod 664 /root/.pki/$CA_INSTANCE_ID/ca_admin_cert.p12'" + rlAssertGrep "$exp_message3" "$INSTANCE_CREATE_OUT" + else + #RHEL7 CS CA install tests here + rlLog "Setting up RHEL7 CA instance ............." + fi + rlPhaseEnd +} + +rhcs_install_prep_disableFirewall() { + echo $FLAVOR | grep "Fedora" + if [ $? -eq 0 ] ; then + rlRun "systemctl stop firewalld" + else + rlRun "chkconfig iptables off" + rlRun "chkconfig ip6tables off" + if [ $(cat /etc/redhat-release|grep "5\.[0-9]"|wc -l) -gt 0 ]; then + service iptables stop + if [ $? -eq 1 ]; then + rlLog "service iptables stop returns 1 when already stopped" + else + rlPass "service iptables stop succeeeded" + fi + else + rlRun "service iptables stop" + fi + fi + +} diff --git a/tests/dogtag/acceptance/quickinstall/rhcs-install.sh b/tests/dogtag/acceptance/quickinstall/rhcs-install.sh new file mode 100644 index 000000000..1668c4670 --- /dev/null +++ b/tests/dogtag/acceptance/quickinstall/rhcs-install.sh @@ -0,0 +1,449 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# rhcs_install.sh of /CoreOS/rhcs/acceptance/quickinstall +# Description: CS quickinstall acceptance tests for new install +# functions. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# Date : Feb 18, 2013 +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# ROLE=MASTER, CLONE, SUBCA, EXTERNAL +# SUBSYSTEMS=CA, KRA, OCSP, RA, TKS, TPS + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +# Include tests +. ./acceptance/quickinstall/rhds-install.sh +. ./acceptance/quickinstall/rhcs-install-lib.sh + +run_rhcs_install_subsystems() { + rlPhaseStartSetup "rhcs_install_subsystems: Default install" + # Initialize Global TESTCOUNT variable + #TESTCOUNT=1 + + myhostname=`hostname` + rlLog "HOSTNAME: $myhostname" + rlLog "MASTER: $MASTER" + rlLog "MASTER_CA: $MASTER_CA" + rlLog "MASTER3: $MASTER3" + rlLog "MASTER4: $MASTER4" + rlLog "MASTER5: $MASTER5" + rlLog "MASTER6: $MASTER6" + rlLog "CLONE: $CLONE" + rlLog "CLONE2: $CLONE2" + rlLog "CLONE3: $CLONE3" + rlLog "CLONE4: $CLONE4" + rlLog "CLONE5: $CLONE5" + + echo "export BEAKERMASTER=$MASTER" >> /opt/rhqa_pki/env.sh + echo "export BEAKERMASTER_CA=$MASTER_CA" >> /opt/rhqa_pki/env.sh + echo "export BEAKERMASTER3=$MASTER3" >> /opt/rhqa_pki/env.sh + echo "export BEAKERMASTER4=$MASTER4" >> /opt/rhqa_pki/env.sh + echo "export BEAKERMASTER5=$MASTER5" >> /opt/rhqa_pki/env.sh + echo "export BEAKERMASTER6=$MASTER6" >> /opt/rhqa_pki/env.sh + echo "export BEAKERCLONE=$CLONE" >> /opt/rhqa_pki/env.sh + echo "export BEAKERCLONE2=$CLONE2" >> /opt/rhqa_pki/env.sh + echo "export BEAKERCLONE3=$CLONE3" >> /opt/rhqa_pki/env.sh + echo "export BEAKERCLONE4=$CLONE4" >> /opt/rhqa_pki/env.sh + echo "export BEAKERCLONE5=$CLONE5" >> /opt/rhqa_pki/env.sh + echo "export HOSTNAME=$HOSTNAME" >> /opt/rhqa_pki/env.sh + + + COMMON_SERVER_PACKAGES="bind expect pki-console xmlstarlet dos2unix" + CA_SERVER_PACKAGES="pki-ca" + KRA_SERVER_PACKAGES="pki-kra" + OCSP_SERVER_PACKAGES="pki-ocsp" + RA_SERVER_PACKAGES="pki-ra" + TKS_SERVER_PACKAGES="pki-tks" + TPS_SERVER_PACKAGES="pki-tps" + RHELRHCS_PACKAGES="nuxwdog symkey mod-nss pki-native-tools redhat-pki-ca-ui redhat-pki-common-ui redhat-pki-console-ui redhat-pki-kra-ui redhat-pki-ocsp-ui redhat-pki-ra-ui redhat-pki-tks-ui redhat-pki-tps-ui" + DOGTAG_PACKAGES="pki-tools pki-symkey dogtag-pki dogtag-pki-console-theme dogtag-pki-server-theme" + + + cat /etc/redhat-release | grep "Fedora" + if [ $? -eq 0 ] ; then + FLAVOR="Fedora" + rlLog "Automation is running against Fedora" + else + FLAVOR="RedHat" + rlLog "Automation is running against RedHat" + fi + echo "export FLAVOR=$FLAVOR" >> /opt/rhqa_pki/env.sh + + + ##################################################################### + # IS THIS MACHINE A MASTER? # + ##################################################################### + echo $MASTER | grep $HOSTNAME + if [ $? -eq 0 ] ; then + yum clean all + #CA install + rc=0 + rlLog "CA instance will be installed on $HOSTNAME" + yum -y install $COMMON_SERVER_PACKAGES + yum -y install $CA_SERVER_PACKAGES + + echo "export CA_SERVER_CERT_SUBJECT_NAME= CN=$HOSTNAME,O=redhat" >> /opt/rhqa_pki/env.sh + + if [ "$FLAVOR" == "Fedora" ] ; then + #yum -y install $DOGTAG_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $CA_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + else + yum -y install $RHELRHCS_SERVER_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $CA_SERVER_PACKAGES $RHELRHCS_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + fi + if [ $rc -eq 0 ] ; then + rhcs_install_ca + fi + + #KRA install + rlLog "KRA instance will be installed on $HOSTNAME" + rc=0 + yum -y install $COMMON_SERVER_PACKAGES + yum -y install $KRA_SERVER_PACKAGES + + if [ "$FLAVOR" == "Fedora" ] ; then + #yum -y install $DOGTAG_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $KRA_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + else + yum -y install $RHELRHCS_SERVER_PACKAGES + yum -y update + + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $KRA_SERVER_PACKAGES $RHELRHCS_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + lLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + fi + if [ $rc -eq 0 ] ; then + rhcs_install_kra + fi + + #OCSP install + rlLog "OCSP instance will be installed on $HOSTNAME" + rc=0 + yum -y install $COMMON_SERVER_PACKAGES + yum -y install $OCSP_SERVER_PACKAGES + + if [ "$FLAVOR" == "Fedora" ] ; then + #yum -y install $DOGTAG_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $OCSP_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + else + yum -y install $RHELRHCS_SERVER_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $OCSP_SERVER_PACKAGES $RHELRHCS_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + fi + if [ $rc -eq 0 ] ; then + rhcs_install_ocsp + fi + + #RA install + rlLog "RA instance will be installed on $HOSTNAME" + rc=0 + yum -y install $COMMON_SERVER_PACKAGES + yum -y install $RA_SERVER_PACKAGES + + if [ "$FLAVOR" == "Fedora" ] ; then + #yum -y install $DOGTAG_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $RA_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + else + yum -y install $RHELRHCS_SERVER_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $RA_SERVER_PACKAGES $RHELRHCS_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + fi + if [ $rc -eq 0 ] ; then + rlLog "Installing RA" + #rhcs_install_ra + fi + + #TKS install + rlLog "TKS instance will be installed on $HOSTNAME" + rc=0 + yum -y install $COMMON_SERVER_PACKAGES + yum -y install $TKS_SERVER_PACKAGES + + if [ "$FLAVOR" == "Fedora" ] ; then + #yum -y install $DOGTAG_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $TKS_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + else + yum -y install $RHELRHCS_SERVER_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $TKS_SERVER_PACKAGES $RHELRHCS_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + fi + if [ $rc -eq 0 ] ; then + rlLog "Installing TKS" + rhcs_install_tks + fi + + #TPS install + rlLog "TPS instance will be installed on $HOSTNAME" + rc=0 + yum -y install $COMMON_SERVER_PACKAGES + yum -y install $TPS_SERVER_PACKAGES + + if [ "$FLAVOR" == "Fedora" ] ; then + #yum -y install $DOGTAG_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $TPS_SERVER_PACKAGES $DOGTAG_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + else + yum -y install $RHELRHCS_SERVER_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $TPS_SERVER_PACKAGES $RHELRHCS_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + fi + if [ $rc -eq 0 ] ; then + rlLog "Installing TPS" + #rhcs_install_tps + fi + else + rlLog "Machine in recipe is not a MASTER" + fi + + ##################################################################### + # IS THIS MACHINE A MASTER_CA? # + ##################################################################### + echo $MASTER_CA | grep $HOSTNAME + if [ $? -eq 0 ] ; then + yum clean all + rlLog "CA instance will be installed on $HOSTNAME" + rc=0 + yum -y install $COMMON_SERVER_PACKAGES + yum -y install $CA_SERVER_PACKAGES + + echo "export CA_SERVER_CERT_SUBJECT_NAME= CN=$HOSTNAME,O=redhat" >> /opt/rhqa_pki/env.sh + + if [ "$FLAVOR" == "Fedora" ] ; then + #yum -y install $DOGTAG_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $CA_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + else + yum -y install $RHELRHCS_SERVER_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $CA_SERVER_PACKAGES $RHELRHCS_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + fi + + if [ $rc -eq 0 ] ; then + rhcs_install_ca_only + fi + else + + rlLog "Machine in recipe is not a MASTER_CA" + fi + ##################################################################### + # IS THIS MACHINE A CLONE? # + ##################################################################### + echo $CLONE | grep $HOSTNAME + if [ $? -eq 0 ] ; then + yum clean all + #Clone CA install + rlLog "Clone CA instance will be installed on $HOSTNAME" + rc=0 + yum -y install $COMMON_SERVER_PACKAGES + yum -y install $CA_SERVER_PACKAGES + + if [ "$FLAVOR" == "Fedora" ] ; then + #yum -y install $DOGTAG_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $CA_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + else + yum -y install $RHELRHCS_SERVER_PACKAGES + yum -y update + ALL_PACKAGES="$COMMON_SERVER_PACKAGES $CA_SERVER_PACKAGES $RHELRHCS_SERVER_PACKAGES" + for item in $ALL_PACKAGES ; do + rpm -qa | grep $item + if [ $? -eq 0 ] ; then + rlLog "$item package is installed" + else + rlLog "ERROR: $item package is NOT installed" + rc=1 + fi + done + fi + if [ $rc -eq 0 ] ; then + rlLog "Installing Clone CA" + #rhcs_install_cloneCA + fi + + ### ADD scripts for KRA,OCSP,TKS,TPS clone here + + else + rlLog "Machine in recipe in not a CLONE" + fi + + rlPhaseEnd + + rlPhaseStartCleanup "pki_user_cli_user_add-cleanup: pki install cleanup" + rlLog "pki install clean-up" + rlPhaseEnd + + #rlJournalPrintText + #report=/tmp/rhts.report.$RANDOM.txt + #makereport $report + #rhts-submit-log -l $report + #rlPhaseEnd +} diff --git a/tests/dogtag/acceptance/quickinstall/rhds-install.sh b/tests/dogtag/acceptance/quickinstall/rhds-install.sh new file mode 100644 index 000000000..eab60cf79 --- /dev/null +++ b/tests/dogtag/acceptance/quickinstall/rhds-install.sh @@ -0,0 +1,174 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# rhds_install.sh of /CoreOS/rhcs/acceptance/quickinstall +# Description: CS quickinstall acceptance tests for new install +# functions. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# Date : Feb 18, 2013 +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +rhcs_install_set_ldap_vars() { +. /opt/rhqa_pki/env.sh + + ### Set OS/YUM/RPM related variables here + if [ $(grep Fedora /etc/redhat-release|wc -l) -gt 0 ]; then + export DISTRO="Fedora" + export RHDS_SERVER_PACKAGES="389-ds-base policycoreutils-python" + else + export DISTRO="RedHat" + export RHDS_SERVER_PACKAGES="redhat-ds-base 389-ds-base policycoreutils-python" + fi + + + + #Copy rhds-install.sh to /opt/rhqa_pki + rm -f /opt/rhqa_pki/rhds-install.sh + cp -a ./acceptance/quickinstall/rhds-install.sh /opt/rhqa_pki/. + +# rlLog "===================== env.sh ==========================" + # rlRun "cat /opt/rhqa_pki/env.sh" + # rlLog "===============================================" +} + +###################################################################### +# rhds_install() +# All subsystems and ldap servers on a single host +###################################################################### +rhds_install() +{ + + local LDAP_PORT="$1" + local LDAP_INSTANCE_NAME="$2" + local LDAP_ROOT_DN="$3" + local LDAP_ROOT_DN_PWD="$4" + local LDAP_SUFFIX="$5" + local INSTANCECFG="/tmp/instance.inf" + local INSTANCE_CREATE_OUT="/tmp/instance_create.out" + + echo "Base DN: $LDAP_SUFFIX" + echo "LDAP port: $LDAP_PORT" + echo "LDAPS port: $LDAPS_PORT" + echo "Instance configuration file: $INSTANCECFG" + echo "Password scheme ldif file: $PWDSCHEME" + echo "LDAP instance: $INSTANCE" + + + #################################################### + # turn off firewall + #################################################### + echo $FLAVOR | grep "Fedora" + if [ $? -eq 0 ] ; then + rlRun "systemctl stop firewalld" + else + rlRun "service iptables stop" + fi + + #################################################### + # check for installed RHDS packages + #################################################### + rhds_install_prep + for PKG in $RHDS_SERVER_PACKAGES; do + rlAssertRpm $PKG + done + + #################################################### + # set up directory server instance + #################################################### + + rlLog "Setting up Directory Server instance ............." + echo "[General]" > $INSTANCECFG + echo "FullMachineName= $HOSTNAME" >> $INSTANCECFG + echo "SuiteSpotUserID= nobody" >> $INSTANCECFG + echo "SuiteSpotGroup= nobody" >> $INSTANCECFG + echo "ConfigDirectoryLdapURL= ldap://$HOSTNAME:$LDAP_PORT/o=NetscapeRoot" >> $INSTANCECFG + echo "ConfigDirectoryAdminID= admin" >> $INSTANCECFG + echo "ConfigDirectoryAdminPwd= $LDAP_ADMINPW" >> $INSTANCECFG + echo "AdminDomain= example.com" >> $INSTANCECFG + echo "" >> $INSTANCECFG + echo "[slapd]" >> $INSTANCECFG + echo "ServerIdentifier= $LDAP_INSTANCE_NAME" >> $INSTANCECFG + echo "ServerPort= $LDAP_PORT" >> $INSTANCECFG + echo "Suffix= $LDAP_SUFFIX" >> $INSTANCECFG + echo "RootDN= $LDAP_ROOT_DN" >> $INSTANCECFG + echo "RootDNPwd= $LDAP_ROOT_DN_PWD" >> $INSTANCECFG + echo "" >> $INSTANCECFG + echo "[admin]" >> $INSTANCECFG + echo "ServerAdminID= admin" >> $INSTANCECFG + echo "ServerAdminPwd= $LDAP_ADMINPW" >> $INSTANCECFG + echo "SysUser= nobody" >> $INSTANCECFG + + cat $INSTANCECFG + + rlLog "Executing: /usr/sbin/setup-ds.pl --silent --file=$INSTANCECFG > $INSTANCE_CREATE_OUT" + rlRun "/usr/sbin/setup-ds.pl --silent --file=$INSTANCECFG > $INSTANCE_CREATE_OUT" 0 "Creating a LDAP instance" + + /usr/bin/ldapsearch -x -h $HOSTNAME -p $LDAP_PORT -D "$LDAP_ROOT_DN" -w $LDAP_ROOT_DN_PWD -b "$LDAP_SUFFIX" + + if [ -f $INSTANCE_CREATE_OUT ]; then + rlRun "cat $INSTANCE_CREATE_OUT" + rlLog "Ldap new server instance created successfully." + else + + rlLog "Error creating ldap new server instance." + fi + + if [ -f /var/log/dirsrv/slapd-$LDAP_INSTANCE_NAME/errors ]; then + cp /var/log/dirsrv/slapd-$LDAP_INSTANCE_NAME/errors /var/log/dirsrv/slapd-$LDAP_INSTANCE_NAME/errors.quickinstall + rhts-submit-log -l /var/log/dirsrv/slapd-$LDAP_INSTANCE_NAME/errors.quickinstall + fi + if [ -f /var/log/dirsrv/slapd-$LDAP_INSTANCE_NAME/access ]; then + cp /var/log/dirsrv/slapd-$LDAP_INSTANCE_NAME/access /var/log/dirsrv/slapd-$LDAP_INSTANCE_NAME/access.quickinstall + rhts-submit-log -l /var/log/dirsrv/slapd-$LDAP_INSTANCE_NAME/access.quickinstall + fi + #rlPhaseEnd +} + +rhds_install_prep_pkgInstalls() +{ + rlRun "yum clean all" + rlRun "yum -y install bind expect" +} + + +rhds_install_prep() +{ + rlLog "$FUNCNAME" + if [ -z "$RHDS_SERVER_PACKAGES" ]; then + rlFail "$RHDS_SERVER_PACKAGES variable not set." + return 1 + fi + + rhds_install_prep_pkgInstalls + + rlRun "yum -y install $RHDS_SERVER_PACKAGES" + rlRun "yum -y update" + + # if [ "$IPv6SETUP" != "TRUE" ]; then + # Install DS in IPV6 environment + +} diff --git a/tests/dogtag/acceptance/quickinstall/runtest.sh b/tests/dogtag/acceptance/quickinstall/runtest.sh new file mode 100755 index 000000000..41c429860 --- /dev/null +++ b/tests/dogtag/acceptance/quickinstall/runtest.sh @@ -0,0 +1,67 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/quickinstall +# Description: CS quickinstall acceptance tests for new install +# functions. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following rhcs will be tested: +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# Date : Feb 15, 2013 +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include data-driven test data file: + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +# Include tests +. ./rhcs-install.sh + + +# Make sure TESTORDER is initialized or multihost may have issues +TESTORDER=1 + +########################################## +# test main +######################################### + +rlJournalStart + rlPhaseStartSetup "RHCS quickinstall startup: install CS subsystems" + rlRun "export MASTER=`hostname`" + rlRun "env|sort" + rlPhaseEnd + + #Execute pki user config tests + run_rhcs_install_subsystems + + rlJournalPrintText + report=/tmp/rhts.report.$RANDOM.txt + makereport $report + rhts-submit-log -l $report +rlJournalEnd diff --git a/tests/dogtag/beakerjob.rhcs.x86_64.f19.xml b/tests/dogtag/beakerjob.rhcs.x86_64.f19.xml new file mode 100644 index 000000000..a15417cf5 --- /dev/null +++ b/tests/dogtag/beakerjob.rhcs.x86_64.f19.xml @@ -0,0 +1,45 @@ +<job retention_tag="scratch"> + <whiteboard> + dogtag rhcs test single rpm param value TEST_ALL TRUE + </whiteboard> + <recipeSet priority="Normal"> + <recipe kernel_options="" kernel_options_post="" ks_meta="" role="RECIPE_MEMBERS" whiteboard=""> + <autopick random="false"/> + <watchdog panic="ignore"/> + <packages/> + <ks_appends/> + <repos> + <repo name="repo1" url="http://mickey.dsdev.sjc.redhat.com/repos/pki/dogtag/10/F19/devel_x86_64/x86_64/"/> + <repo name="repo2" url="http://mickey.dsdev.sjc.redhat.com/repos/pki/dogtag/10/F19/devel_x86_64/noarch/"/> + </repos> + <distroRequires> + <and> + <distro_family op="=" value="Fedora19"/> + <distro_variant op="=" value="Fedora"/> + <distro_name op="=" value="Fedora-19"/> + <distro_arch op="=" value="x86_64"/> + </and> + </distroRequires> + <hostRequires> + <system_type value="Machine"/> + </hostRequires> + <partitions/> + <task name="/distribution/install" role="STANDALONE"> + <params/> + </task> + <task name="/CoreOS/rhcs/lsunkaras_dir" role="MASTER"> + <params> + <param name="TEST_ALL" value="TRUE"/> + <param name="QUICKINSTALL" value="FALSE"/> + <param name="USER_ADD_CA" value="FALSE"/> + <param name="USER_SHOW_CA" value="FALSE"/> + <param name="USER_FIND_CA" value="FALSE"/> + <param name="USER_DEL_CA" value="FALSE"/> + </params> + </task> + <task name="/distribution/reservesys" role="STANDALONE"> + <params/> + </task> + </recipe> + </recipeSet> +</job> diff --git a/tests/dogtag/make-package.sh b/tests/dogtag/make-package.sh new file mode 100755 index 000000000..6e809104a --- /dev/null +++ b/tests/dogtag/make-package.sh @@ -0,0 +1,39 @@ +#!/bin/sh + +### Exit if there is no personalization id specified. +if [ $# -lt 1 ]; +then + echo "Usage: ./make-package.sh <User-ID> <Different_subfolder_for_each_beaker_job_?(Y/N)(Optional)>" + exit -1 +fi + +### Store the actual Makefile checked in SVN +mv Makefile .Makefile.save + +user_id=$1 +date_time="`date -u +%Y%m%d%H%M%S`" +rpm_identifier=".$date_time" +if [ $# -gt 1 ]; +then + if [ $2 = 'Y' -o $2 = 'y' ]; + then + user_id="$1/$date_time" + rpm_identifier="" + fi +fi + +#rpm_identifier=".$date_time" +echo $user_id +### Replacing the default value with the "user_id/current_number" +sed -e "s|PKI_TEST_USER_ID|${user_id}|g" -e "s|_RPM_IDENTIFIER|${rpm_identifier}|g" .Makefile.save >> Makefile + +chmod +x Makefile + +### Making the rpm +make package + +### Remove the current rpm and place the original back + +rm -rf Makefile + +mv .Makefile.save Makefile diff --git a/tests/dogtag/runtest.sh b/tests/dogtag/runtest.sh new file mode 100755 index 000000000..156ac3e3e --- /dev/null +++ b/tests/dogtag/runtest.sh @@ -0,0 +1,103 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/PKI_TEST_USER_ID +# Description: CS testing +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# Libraries Included: +# rhcs-shared.sh +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Laxmi Sunkara <lsunkara@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/rhcs-install-shared.sh +. /opt/rhqa_pki/pki-user-cli-lib.sh +. /opt/rhqa_pki/env.sh + +# Include tests +. ./acceptance/quickinstall/rhcs-install.sh +. ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-ca.sh +. ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh +. ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-show-ca.sh +. ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-find-ca.sh +. ./acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-del-ca.sh +. ./dev_java_tests/run_junit_tests.sh +PACKAGE="pki-tools" + +# Make sure TESTORDER is initialized or multihost may have issues +TESTORDER=1 + +#Test type specified as parameter in beakerjob.rhcs.xml.template +#QUICKINSTALL=TRUE +#USER_ADD_CA=TRUE +#USER_SHOW_CA=TRUE +#USER_FIND_CA=TRUE +#USER_DEL_CA=TRUE +#TEST=TRUE +rlJournalStart + rlPhaseStartSetup "list files in /opt/rhqa_pki" + rlRun "ls /opt/rhqa_pki" 0 "Listing files in /opt/rhqa_pki" + rlRun "export MASTER=`hostname`" + rlRun "env|sort" + rlPhaseEnd + + rlPhaseStartSetup "RHCS tests" + #Execute pki user config tests + if [ "$QUICKINSTALL" = "TRUE" ] || [ "$TEST_ALL" = "TRUE" ] ; then + run_rhcs_install_subsystems +# run_pki-user-cli-user-ca_tests + fi + if [ "$USER_ADD_CA" = "TRUE" ] || [ "$TEST_ALL" = "TRUE" ] ; then + # Execute pki user-add-ca tests + run_pki-user-cli-user-add-ca_tests + fi + if [ "$USER_SHOW_CA" = "TRUE" ] || [ "$TEST_ALL" = "TRUE" ] ; then + # Execute pki user-show-ca tests + run_pki-user-cli-user-show-ca_tests + fi + if [ "$USER_FIND_CA" = "TRUE" ] || [ "$TEST_ALL" = "TRUE" ] ; then + # Execute pki user-find-ca tests + run_pki-user-cli-user-find-ca_tests + fi + if [ "$USER_DEL_CA" = "TRUE" ] || [ "$TEST_ALL" = "TRUE" ] ; then + # Execute pki user-del-ca tests + run_pki-user-cli-user-del-ca_tests + fi + rlPhaseEnd + + if [ "$DEV_JAVA_TESTS" = "TRUE" ] || [ "$TEST_ALL" = "TRUE" ] ; then + rlPhaseStartSetup "Dev Tests" + run_dev_junit_tests + rlPhaseEnd + fi + + rlJournalPrintText + report=/tmp/rhts.report.$RANDOM.txt + makereport $report + rhts-submit-log -l $report +rlJournalEnd diff --git a/tests/dogtag/shared/Makefile b/tests/dogtag/shared/Makefile new file mode 100755 index 000000000..f0b886023 --- /dev/null +++ b/tests/dogtag/shared/Makefile @@ -0,0 +1,85 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/rhcs/acceptance/install +# Description: Basic install test for rhcs +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +export TEST=/CoreOS/rhcs/shared +export TESTVERSION=1.0.0 + +BUILT_FILES= + +FILES=$(METADATA) rhcs-shared.sh rhcs-install-shared.sh pki-user-cli-lib.sh set-root-pw.exp runtest.sh Makefile PURPOSE env.sh pki-cert-cli-lib.sh dummycert1.pem + +.PHONY: all install download clean + +run: $(FILES) build + rm -rf /opt/rhqa_pki + mkdir /opt/rhqa_pki + rm -f /opt/rhqa_pki/env.sh + cp ./env.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/rhcs-shared.sh + cp ./rhcs-shared.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/rhcs-install-shared.sh + cp ./rhcs-install-shared.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/pki-user-cli-lib.sh + cp ./pki-user-cli-lib.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/set-root-pw.exp + cp ./set-root-pw.exp /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/pki-cert-cli-lib.sh + cp ./pki-cert-cli-lib.sh /opt/rhqa_pki/. + rm -f /opt/rhqa_pki/dummycert1.pem + cp ./dummycert1.pem /opt/rhqa_pki/. + chmod 755 /opt/rhqa_pki/*.sh + ./runtest.sh + +build: $(BUILT_FILES) + chmod 755 rhcs-shared.sh + chmod 755 rhcs-install-shared.sh + chmod 755 set-root-pw.exp + chmod 755 pki-user-cli-lib.sh + chmod 755 dummycert1.pem + chmod 755 pki-cert-cli-lib.sh + chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Asha Akkiangady <aakkiang@redhat.com>" > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Package containing libraries for rhcs beaker tests" >> $(METADATA) + @echo "Type: Acceptance" >> $(METADATA) + @echo "TestTime: 2m" >> $(METADATA) + @echo "RunFor: rhcs" >> $(METADATA) + @echo "Requires: expect" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/dogtag/shared/PURPOSE b/tests/dogtag/shared/PURPOSE new file mode 100755 index 000000000..49923065d --- /dev/null +++ b/tests/dogtag/shared/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/rhcs/shared +Description: Shared libs for RHCS tests +Author: Asha Akkiangady <aakkiang@redhat.com> diff --git a/tests/dogtag/shared/dummycert1.pem b/tests/dogtag/shared/dummycert1.pem new file mode 100755 index 000000000..a74184f5f --- /dev/null +++ b/tests/dogtag/shared/dummycert1.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIELjCCAxagAwIBAgIBDjANBgkqhkiG9w0BAQsFADBTMTAwLgYDVQQKDCdyaHRz +LmVuZy5ib3MucmVkaGF0LmNvbSBTZWN1cml0eSBEb21haW4xHzAdBgNVBAMMFkNB +IFNpZ25pbmcgQ2VydGlmaWNhdGUwHhcNMTMwNzE2MDgwOTQzWhcNMTQwMTEyMDgw +OTQzWjCBkzELMAkGA1UEBhMCVVMxEDAOBgNVBAoMB0V4YW1wbGUxFDASBgNVBAsM +C0VuZ2luZWVyaW5nMRswGQYDVQQDDBJDQV9BZG1pbl9WYWxpZENlcnQxJDAiBgkq +hkiG9w0BCQEWFUNBX2FkbWluVkBleGFtcGxlLmNvbTEZMBcGCgmSJomT8ixkAQEM +CUNBX2FkbWluVjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANUXDwMo +9GjhbLNZQEh/TRISX9ARxzuSPxtweM3JBr/bOQlriY8fAECG/SiEEVd6MXeOOFj/ +kAur5JIX3PdBu4FzdqvTSOcxmiN9dAGK+NfLE5tE34y++SGNgSh3+F7k6lZZVPz0 +eVh/upNjDYKvxCF4005acw9F4lq0HPFWdWrevfXwDKe2gLXd/auZLz5O9VLNrdeO +EOZ+q0Etre1mhCIYsACNXxWeP2uams3nek/1OwfK9h1wg2SiKwIBcJ/LjA02fn7+ +R9P3eY3hvUduohNN/2nXPuRzhArjez5dT8tIcTgkpYTJmB/1Zo5krliS5aDxw5na +a5Rs2BLM5IhC8Z8CAwEAAaOByzCByDAfBgNVHSMEGDAWgBQzES+CfJWi3DRT1JDE ++9kFjeAKjjBUBggrBgEFBQcBAQRIMEYwRAYIKwYBBQUHMAGGOGh0dHA6Ly9rdm0t +Z3Vlc3QtMDEucmh0cy5lbmcuYm9zLnJlZGhhdC5jb206ODA4MC9jYS9vY3NwMA4G +A1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwIAYD +VR0RBBkwF4EVQ0FfYWRtaW5WQGV4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IB +AQAdKqN4suafUg8cLYGcPMHZ0QvoMJ98scyOfRNvHjIVzM49UyvIWdZywLpMZjW4 +xaHXt5wAvv2CT++pYOm7wyL4wn9fshlicy8/0lq8n/NXpv/H47QhYLkYUXq/ne7u +wKmZuxns2ECNJzoWpEmWwSlSi3B/BxZmASGy2ilD/G5Hl5vmxZprGgpMWSfq1gAt +Wthh2mfLi21PAGC6Ku2ilqPWEdWV+0TgdwV5AKiIVhLritwUaIzWgvH2pzA5Cca9 +fmkx7kqjpDJVNRFIY+veSGoBgxudu/QXjKCjaxmQxfQTwZXNw4Qhls88SIXljZpY +6NsgArHq7gy3eh/wvXBp7/xR +-----END CERTIFICATE----- diff --git a/tests/dogtag/shared/env.sh b/tests/dogtag/shared/env.sh new file mode 100644 index 000000000..f69731b8d --- /dev/null +++ b/tests/dogtag/shared/env.sh @@ -0,0 +1,65 @@ +LDAP_ROOTDN="cn=Directory Manager" +LDAP_ROOTDNPWD="Secret123" +LDAP_BASEDN="dc=pki-tests" +LDAP_ADMINPW="Secret123" +CERTDB_DIR="/opt/rhqa_pki/rhcs/tmp" +CERTDB_DIR_PASSWORD="redhat123" +CA_LDAP_INSTANCE_NAME="pki-ca1-ldap" +CA_ADMIN_USER="caadmin" +CA_ADMIN_PASSWORD="Secret123" +CA_KEY_TYPE="RSA" +CA_KEY_SIZE=2048 +CA_INSTANCE_ID="pki-ca1" +CA_DB_SUFFIX="dc=pki-ca1" +CA_LDAP_PORT=1600 +CA_CLIENT_PKCS12_PASSWORD=Secret123 +CA_SECURITY_DOMAIN_PASSWORD=$CA_ADMIN_PASSWORD +CA_SECURE_PORT=8443 +CA_UNSECURE_PORT=8080 +CA_AJP_PORT=8009 +CA_MANAGEMENT_PORT=8005 +CA_AGENT_CERT_NICKNAME="csagent-pki-ca-tp1" +CA_AGENT_CERT_SUBJECT_NAME="CN=$CA_AGENT_CERT_NICKNAME,OU=mtv,O=redhat" +CA_SIGNING_CERT_SUBJECT_NAME="CN=pki-ca-tp1,O=redhat" +CA_SUBSYSTEM_CERT_SUBJECT_NAME="CN=pki-ca-tp1-subsystem,O=redhat" +CA_OCSP_SIGNING_CERT_SUBJECT_NAME="CN=pki-ca-tp1-OCSPSigning,O=redhat" +CA_TKS_SIGNING_CERT_SUBJECT_NAME="CN=pki-ca-tp1-TKSSigning,O=redhat" +CA_AUDIT_SIGNING_CERT_SUBJECT_NAME="CN=pki-ca-tp1-audit,O=redhat" +CA_SUBSYSTEM_NAME="rhcs-acceptance-ca" +CA_AGENT_KEY_SIZE=2048 +CA_AGENT_KEY_TYPE=RSA +CA_BACKUP_PASSWORD=redhat123 +CA_TOKEN_NAME=internal +CA_TOKEN_PASSWORD=newpassword +CA_KEY_ALGORITHM=SHA512withRSA +CA_SIGNING_ALGORITHM=SHA512withRSA +CA_SIGNING_SIGNING_ALGORITHM=SHA512withRSA +CA_OCSP_SIGNING_ALGORITHM=SHA512withRSA +CA_TKS_SIGNING_ALGORITHM=SHA512withRSA +CA_BACKUP_FILE_NAME="$CERTDB_DIR/$CA_INSTANCE_ID.p12" +KRA_LDAP_INSTANCE_NAME="pki-kra1-ldap" +KRA_INSTANCE_ID="pki-kra1" +KRA_DB_SUFFIX="dc=pki-kra1" +KRA_LDAP_PORT=1601 +KRA_ADMIN_PASSWORD="Secret123" +KRA_ADMIN_USER="kraadmin" +KRA_BACKUP_PASSWORD=redhat123 +KRA_CLIENT_PKCS12_PASSWORD=Secret123 +OCSP_LDAP_INSTANCE_NAME="pki-ocsp1-ldap" +OCSP_INSTANCE_ID="pki-ocsp1" +OCSP_DB_SUFFIX="dc=pki-ocsp1" +OCSP_LDAP_PORT=1602 +OCSP_ADMIN_PASSWORD="Secret123" +OCSP_ADMIN_USER="ocspadmin" +OCSP_BACKUP_PASSWORD=redhat123 +OCSP_CLIENT_PKCS12_PASSWORD=Secret123 +TKS_LDAP_INSTANCE_NAME="pki-tks1-ldap" +TKS_INSTANCE_ID="pki-ocsp1" +TKS_DB_SUFFIX="dc=pki-ocsp1" +TKS_LDAP_PORT=1603 +TKS_ADMIN_PASSWORD="Secret123" +TKS_ADMIN_USER="tksadmin" +TKS_BACKUP_PASSWORD=redhat123 +TKS_CLIENT_PKCS12_PASSWORD=Secret123 + +export LDAP_ROOTDN LDAP_ROOTDNPWD LDAP_BASEDN LDAP_ADMINPW CERTDB_DIR CERTDB_DIR_PASSWORD CA_LDAP_INSTANCE_NAME CA_ADMIN_USER CA_ADMIN_PASSWORD CA_KEY_TYPE CA_KEY_SIZE CA_INSTANCE_ID CA_DB_SUFFIX CA_LDAP_PORT CA_INSTANCE_ROOT CA_CLIENT_PKCS12_PASSWORD CA_SECURITY_DOMAIN_PASSWORD CA_AGENT_SECURE_PORT CA_EE_SECURE_PORT CA_EE_SECURE_CLIENT_AUTH_PORT CA_SECURE_PORT CA_UNSECURE_PORT CA_TOMCAT_SERVER_PORT CA_AGENT_CERT_NICKNAME CA_AGENT_CERT_SUBJECT_NAME CA_SIGNING_CERT_SUBJECT_NAME CA_SUBSYSTEM_CERT_SUBJECT_NAME CA_OCSP_SIGNING_CERT_SUBJECT_NAME CA_AUDIT_SIGNING_CERT_SUBJECT_NAME CA_SUBSYSTEM_NAME CA_AGENT_KEY_SIZE CA_AGENT_KEY_TYPE CA_BACKUP_PASSWORD CA_TOKEN_NAME CA_TOKEN_PASSWORD CA_KEY_ALGORITHM CA_SIGNING_ALGORITHM CA_SIGNING_SIGNING_ALGORITHM CA_OCSP_SIGNING_ALGORITHM CA_BACKUP_FILE_NAME KRA_ADMIN_PASSWORD KRA_BACKUP_PASSWORD KRA_CLIENT_PKCS12_PASSWORD OCSP_ADMIN_PASSWORD OCSP_BACKUP_PASSWORD OCSP_CLIENT_PKCS12_PASSWORD TKS_ADMIN_PASSWORD TKS_BACKUP_PASSWORD TKS_CLIENT_PKCS12_PASSWORD CA_TKS_SIGNING_CERT_SUBJECT_NAME CA_TKS_SIGNING_ALGORITHM diff --git a/tests/dogtag/shared/pki-cert-cli-lib.sh b/tests/dogtag/shared/pki-cert-cli-lib.sh new file mode 100755 index 000000000..bbb13489a --- /dev/null +++ b/tests/dogtag/shared/pki-cert-cli-lib.sh @@ -0,0 +1,49 @@ +#!/bin/sh + +######################################################################## +# PKI CERT SHARED LIBRARY +####################################################################### +# Includes: +# +# generate_PKCS10 +###################################################################### +####################################################################### + +######################################################################### +# create_certdb Usage: +# create_certdb <location of certdb> <certdb_password> +####################################################################### + +create_certdb() +{ + local certdb_loc=$1 + local certdb_pwd=$2 + rlLog "certdb_loc = $certdb_loc" + rlRun "mkdir $certdb_loc" + rlRun "echo \"$certdb_pwd\" > $certdb_loc/passwd_certdb" + rlRun "certutil -d $certdb_loc -N -f $certdb_loc/passwd_certdb" +} +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # + +######################################################################### +# generate_PKCS10 Usage: +# generate_PKCS10 <location of certdb> <certdb_password> <algorithm> <rsa key length> <output file> <subjectDN> +####################################################################### + +generate_PKCS10() +{ + local certdb_loc=$1 + local certdb_pwd=$2 + local algorithm=$3 + local rsa_key_length=$4 + local output_file=$5 + local subjectDN=$6 + local rc=0 + exp=$certdb_loc/../expfile.out + tmpout=$certdb_loc/../tmpout.out + + local cmd="PKCS10Client -p $certdb_pwd -d $certdb_loc -a $algorithm -l $rsa_key_length -o $output_file -n $subjectDN" + rlLog "Executing: $cmd" + rlRun "$cmd" 0 "Creating PKCS10 request" +} +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # diff --git a/tests/dogtag/shared/pki-user-cli-lib.sh b/tests/dogtag/shared/pki-user-cli-lib.sh new file mode 100755 index 000000000..6d42a579b --- /dev/null +++ b/tests/dogtag/shared/pki-user-cli-lib.sh @@ -0,0 +1,59 @@ +#!/bin/sh + +######################################################################## +# PKI USER SHARED LIBRARY +####################################################################### +# Includes: +# +# importAdminCert +###################################################################### +####################################################################### + +######################################################################### +# importAdminCert Usage: +# importAdminCert <AdminCertLocation> <Directory> +####################################################################### + +importAdminCert() +{ + local admincert_p12file=$1 + local temp_dir=$2 + local nss_db_password=$3 + local admin_cert_nickname=$4 + local rc=0 + exp=$temp_dir/expfile.out + tmpout=$temp_dir/tmpout.out + + rlLog "admincert_p12file = $admincert_p12file" + rlLog "temp_dir = $temp_dir" + rlRun "echo \"$nss_db_password\" > $temp_dir/passwd_certdb" + rlRun "certutil -d $temp_dir -N -f $temp_dir/passwd_certdb" + rlRun "echo \"$CA_CLIENT_PKCS12_PASSWORD\" > $temp_dir/admin_p12_password" + local cmd="pk12util -i $admincert_p12file -d $temp_dir -w $temp_dir/admin_p12_password" + echo "set timeout 5" > $exp + echo "set force_conservative 0" >> $exp + echo "set send_slow {1 .1}" >> $exp + echo "spawn $cmd" >> $exp + echo 'expect "*Password*: "' >> $exp + echo "send -s -- \"$nss_db_password\r\"" >> $exp + echo 'expect eof ' >> $exp + rlLog "cat $exp" + /usr/bin/expect $exp > $tmpout 2>&1 + if [ $? = 0 ]; then + cat $tmpout | grep "pk12util: PKCS12 IMPORT SUCCESSFUL" + if [ $? = 0 ]; then + rlPass "pk12util command executed successfully" + rlRun "certutil -L -d $temp_dir | grep $admin_cert_nickname" 0 "Verify Admin certificate is installed" + else + rlFail "ERROR: Admin certificate is not installed in $temp_dir" + rc=1 + fi + + else + rlFail "ERROR: pk12util execution failed." + fi + return $rc +} + + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # diff --git a/tests/dogtag/shared/rhcs-install-shared.sh b/tests/dogtag/shared/rhcs-install-shared.sh new file mode 100644 index 000000000..057c236e3 --- /dev/null +++ b/tests/dogtag/shared/rhcs-install-shared.sh @@ -0,0 +1,35 @@ +#!/bin/sh + +######################################################################## +# RHCS INSTALL SHARED LIBRARY +####################################################################### +# Includes: +# +# verifyInstallAttribute +# +###################################################################### +####################################################################### + +######################################################################### +# verifyInstallAttribute Usage: +# verifyInstallAttribute <command> <expected_msg> +####################################################################### + +verifyInstallAttribute() +{ + install_output_file=$1 + attribute=$2 + value=$3 + rc=0 + rlLog "$FUNCNAME" + attribute="$attribute:" + myval=`cat $install_output_file | grep -i "$attribute $value" | xargs echo` + cat $install_output_file | grep -i "$attribute $value" + if [ $? -ne 0 ] ; then + rlLog "ERROR: subsystem installation verification failed: Value of $attribute - GOT: $myval EXPECTED: $value" + rc=1 + else + rlLog "Value of $attribute for subsystem install is as expected - $myval" + fi + return $rc +} diff --git a/tests/dogtag/shared/rhcs-shared.sh b/tests/dogtag/shared/rhcs-shared.sh new file mode 100755 index 000000000..c108014cd --- /dev/null +++ b/tests/dogtag/shared/rhcs-shared.sh @@ -0,0 +1,426 @@ +#!/bin/sh + +######################################################################## +# RHCS SERVER SHARED LIBRARY +####################################################################### +# Includes: +# verifyErrorMsg +# submit_log +# submit_instance_logs +# submit_log <file> +# submit_instance_logs <instance_name> +# rhcs_start_instance <instance_name> +# rhcs_stop_instance <instance_name> +# runJava <java class> <input> +# set_javapath +# install_and_trust_CA_cert <ca_server_root> <nss_db_dir> +# disable_ca_nonce <ca_server_root> +# enable_ca_nonce <ca_server_root> +# importP12File <P12FileLocation> <P12FilePassword> <nssdbDirectory> <nssdbPassword> <cert_nickname> +# +###################################################################### +####################################################################### + +######################################################################### +# verifyErrorMsg Usage: +# verifyErrorMsg <command> <expected_msg> +####################################################################### + +verifyErrorMsg() +{ + local command="$1" + local expmsg=$2 + local rc=0 + + rm -rf /tmp/errormsg.out /tmp/errormsg_clean.out + rlLog "Executing: $command" + $command + rc=$? + if [ $rc -eq 0 ] ; then + rlLog "ERROR: Expected \"$command\" to fail." + rc=1 + else + rlLog "\"$command\" failed as expected." + $command 2> /tmp/errormsg.out + sed 's/"//g' /tmp/errormsg.out > /tmp/errormsg_clean.out + actual=`cat /tmp/errormsg_clean.out` + if [[ "$actual" = "$expmsg" ]] ; then + rlPass "Error message as expected: $actual" + return 0 + else + rlFail "ERROR: Message not as expected. GOT: $actual EXP: $expmsg" + return 1 + fi + fi + + return $rc +} + + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# rhcs_quick_uninstall +# Usage: rhcs_quick_uninstall +# +# This will uninstall RHCS and related components. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +rhcs_quick_uninstall(){ + echo "rhcs_quick_uninstall" + # Uninstall/unconfigure RHCS + +} #rhcs_quick_uninstall + + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# submit_log +# Usage: submit_log <logfilename> +# +# This will backup and submit a log file to beaker. The backup file +# submitted is named $LOGFILE.$DATE +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +submit_log(){ + if [ $# -ne 1 ]; then + echo "Usage: $FUNCNAME <log filename>" + return 1 + fi + + if [ ! -d /tmp/logbackups ]; then + mkdir /tmp/logbackups + fi + local DATE=$(date +%Y%m%d-%H%M%S) + local LOGFILE=$1 + local LOGBACK=$LOGFILE.$DATE + if [ -f $LOGFILE ]; then + rlLog "Backing up and submitting $LOGFILE" + cp $LOGFILE $LOGBACK + rhts-submit-log -l $LOGBACK + else + rlLog "Cannot file $LOGFILE" + fi +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# submit_instance_logs +# Usage: submit_instance_logs <instance_name> +# +# This will rhts-submit various/all RHCS subsystem related log files to beaker for +# debugging, troubleshooting, and/or record keeping +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +submit_instance_logs(){ + INSTANCE_ID=$1 + submit_log /var/log/$INSTANCE_ID-install.log + submit_log /var/lib/$INSTANCE_ID/logs/selftests.log + submit_log /var/lib/$INSTANCE_ID/logs/catalina.out + submit_log /var/lib/$INSTANCE_ID/logs/debug +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# rhcs_start_instance +# Usage: rhcs_start_instance <instance_name> +# +# This will +# start RHCS instance +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +rhcs_start_instance(){ + INSTANCE_ID=$1 + echo $FLAVOR | grep "Fedora" + if [ $? -eq 0 ] ; then + rlLog "Executing: systemctl start pki-tomcatd@pki-tomcat.service" + systemctl start pki-tomcatd@pki-tomcat.service + else + service $INSTANCE_ID start + fi + sleep 60 +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# rhcs_stop_instance +# Usage: rhcs_stop_instance <instance_name> +# +# This will +# stop RHCS instance +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +rhcs_stop_instance(){ + INSTANCE_ID=$1 + echo $FLAVOR | grep "Fedora" + if [ $? -eq 0 ] ; then + rlLog "Executing: systemctl stop pki-tomcatd@pki-tomcat.service" + systemctl stop pki-tomcatd@pki-tomcat.service + else + service $INSTANCE_ID stop + fi + sleep 60 +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# runJava +# Usage: runJava <java class> <input> +# This will execute the java classes +# returns the output of the java program +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +runJava(){ + javaclass="$1" + input_file="$2" + data=$(< $input_file) + input=`echo $data|tr '\n' ' '` + rlLog "input=$input" + command="$javaclass $input" + echo $CLASSPATH | grep "." + if [ $? -eq 0 ] ; then + rlRun "/usr/bin/java $command > /tmp/java_output.out" + else + rlRun "set_javapath" + rlRun "source /opt/rhqa_pki/env.sh" + rlRun "/usr/bin/java -cp \"$CLASSPATH\" $command > /tmp/java_output.out" + fi + cat /tmp/java_output.out +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# set_javapath +# Usage: set_javapath +# function to set java path +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +set_javapath(){ + arch=`uname -p` + os_flavor=`uname -s` + classpath="" + echo $os_flavor | grep "Linux" + if [ $? -eq 0 ] ; then + echo $arch | grep "x86_64" + if [ $? -eq 0 ] ; then + classpath="./:/usr/lib64/java/jss4.jar:/usr/share/java/ldapjdk.jar:/usr/share/java/pki/pki-certsrv.jar:/usr/share/java/pki/pki-cmscore.jar:/usr/share/java/pki/pki-nsutil.jar:/usr/share/java/pki/pki-cmsutil.jar:/usr/share/java/pki/pki-tools.jar:/usr/share/java/xml-commons-resolver.jar:/usr/share/java/xerces-j2.jar:" + else + classpath="./:/usr/lib/java/jss4.jar:/usr/share/java/ldapjdk.jar:/usr/share/java/pki/pki-certsrv.jar:/usr/share/java/pki/pki-cmscore.jar:/usr/share/java/pki/pki-nsutil.jar:/usr/share/java/pki/pki-cmsutil.jar:/usr/share/java/pki/pki-tools.jar:/usr/share/java/xml-commons-resolver.jar:/usr/share/java/xerces-j2.jar:" + fi + echo "export CLASSPATH=$classpath" >> /opt/rhqa_pki/env.sh + return 0 + else + rlLog "OS flavor is not Linux" + return 1 + fi +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# install_and_trust_CA_cert +# Usage: install_and_trust_CA_cert <ca_server_root> <nss-db-directory> +# +# This will check and install CA certificate in a given nss-db +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +install_and_trust_CA_cert(){ + local ca_server_root="$1" + local nss_db_dir="$2" + local rc=0 + ca_cert_nick=`cat $ca_server_root/conf/CS.cfg | grep "ca.cert.signing.nickname="| cut -d "=" -f 2` + ca_nss_dir="$ca_server_root/alias" + rlLog "CA cert nickname = $ca_cert_nick" + rlRun "certutil -d $ca_nss_dir -L -n \"$ca_cert_nick\" -a > $nss_db_dir/ca_cert.pem" + rlRun "certutil -d $nss_db_dir -A -n \"$ca_cert_nick\" -i $nss_db_dir/ca_cert.pem -t \"CT,CT,CT\" " +} +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# install_and_trust_KRA_cert +# Usage: install_and_trust_KRA_cert <kra_server_root> <nss-db-directory> +# +# This will check and install CA certificate in a given nss-db +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +install_and_trust_KRA_cert(){ + local kra_server_root="$1" + local nss_db_dir="$2" + local rc=0 + kra_cert_nick=`cat $kra_server_root/conf/CS.cfg | grep "kra.cert.subsystem.nickname="| cut -d "=" -f 2` + kra_nss_dir="$kra_server_root/alias" + rlLog "KRA cert nickname = $kra_cert_nick" + rlRun "certutil -d $kra_nss_dir -L -n \"$kra_cert_nick\" -a > $nss_db_dir/kra_cert.pem" + rlRun "certutil -d $nss_db_dir -A -n \"$kra_cert_nick\" -i $nss_db_dir/kra_cert.pem -t \"CT,CT,CT\" " +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# disable_ca_nonce +# Usage: disable_ca_nonce <ca_server_root> +# +# Disable Nonce -- no session id required for command line requests +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +disable_ca_nonce(){ + local ca_server_root=$1 + local rc=0 + rlLog "Configuring ca.enableNonces=false ..." + ca_config_file="$ca_server_root/conf/CS.cfg" + temp_file="$ca_config_file.temp" + search_string="ca.enableNonces=true" + replace_string="ca.enableNonces=false" + rlRun "sed 's/$search_string/$replace_string/g' $ca_config_file > $temp_file" + cp $temp_file $ca_config_file + chown pkiuser:pkiuser $ca_config_file + cat $ca_config_file | grep $replace_string + if [ $? -eq 0 ] ; then + rhcs_stop_instance + rhcs_start_instance + else + lLog "$ca_config_file did not get configured with $replace_string" + rc=1 + fi + return $rc +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# enable_ca_nonce +# Usage: enable_ca_nonce <ca_server_root> +# +# Enable Nonce -- session id is required for command line requests +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +enable_ca_nonce(){ + local ca_server_root=$1 + local rc=0 + rlLog "Configuring ca.enableNonces=true ..." + ca_config_file="$ca_server_root/conf/CS.cfg" + temp_file="$ca_config_file.temp" + search_string="ca.enableNonces=false" + replace_string="ca.enableNonces=true" + rlRun "sed 's/$search_string/$replace_string/g' $ca_config_file > $temp_file" + cp $temp_file $ca_config_file + chown pkiuser:pkiuser $ca_config_file + cat $ca_config_file | grep $replace_string + if [ $? -eq 0 ] ; then + rhcs_stop_instance + rhcs_start_instance + else + rlLog "$ca_config_file did not get configured with $replace_string" + rc=1 + fi + return $rc +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# importP12File Usage: +# importP12File <P12FileLocation> <P12FilePassword> <nssdbDirectory> <nssdbPassword> <cert_nickname> +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +importP12File() +{ + local cert_p12file=$1 + local p12file_password=$2 + local nssdb_dir=$3 + local nss_db_password=$4 + local cert_nickname=$5 + local rc=0 + exp=$nssdb_dir/expfile.out + tmpout=$nssdb_dir/tmpout.out + + rlLog "cert_p12file = $cert_p12file" + rlLog "nss_db_dir = $nssdb_dir" + rlRun "echo \"$nss_db_password\" > $nssdb_dir/passwd_certdb" + rlRun "certutil -d $nssdb_dir -N -f $nssdb_dir/passwd_certdb" + rlRun "echo \"$p12file_password\" > $nssdb_dir/cert_p12_password" + local cmd="pk12util -i $cert_p12file -d $nssdb_dir -w $nssdb_dir/cert_p12_password" + echo "set timeout 5" > $exp + echo "set force_conservative 0" >> $exp + echo "set send_slow {1 .1}" >> $exp + echo "spawn $cmd" >> $exp + echo 'expect "*Password*: "' >> $exp + echo "send -s -- \"$nss_db_password\r\"" >> $exp + echo 'expect eof ' >> $exp + rlLog "cat $exp" + /usr/bin/expect $exp > $tmpout 2>&1 + if [ $? = 0 ]; then + cat $tmpout | grep "pk12util: PKCS12 IMPORT SUCCESSFUL" + if [ $? = 0 ]; then + rlPass "pk12util command executed successfully" + rlRun "certutil -L -d $nssdb_dir | grep $cert_nickname" 0 "Verify certificate is installed" + else + rlFail "ERROR: Certificate is not installed in $nssdb_dir" + rc=1 + fi + + else + rlFail "ERROR: pk12util execution failed." + fi + return $rc +} + + + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# check_coredump +# Usage: check_coredump +# +# This will check for any coredump messages in abrt output and try to +# generate backtrace. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +check_coredump(){ + + /usr/bin/abrt-cli list | grep Directory | awk '{print $2}' + crashes=`/usr/bin/abrt-cli list | grep Directory | awk '{print $2}' | wc -l` + if [ $crashes -ne 0 ]; then + echo "Crash detected." + for dir in `/usr/bin/abrt-cli list | grep Directory | awk '{print $2}'`; do + cd $dir + /usr/bin/abrt-action-install-debuginfo -v; + /usr/bin/abrt-action-generate-backtrace -v; + /usr/bin/rhts-submit-log -l backtrace + /usr/bin/reporter-mailx -v + done + else + echo "No crash detected." + fi + + +} #check_coredump + +############################################################################# +# makereport Usage: (generates summary report) +# makereport <full_path_and_name_for_report_location> +############################################################################# + +makereport() +{ + #check_coredump + local report=$1 + if [ -n "$report" ];then + touch $report + else + if [ ! -w "$report" ];then + report=/tmp/rhts.report.$RANDOM.txt + touch $report + else + touch $report + fi + fi + # capture the result and make a simple report + local total=`rlJournalPrintText | grep "RESULT" | wc -l` + local unfinished=`rlJournalPrintText | grep "RESULT" | grep "\[unfinished\]" | wc -l` + local pass=`rlJournalPrintText | grep "RESULT" | grep "\[ PASS \]" | wc -l` + local fail=`rlJournalPrintText | grep "RESULT" | grep "\[ FAIL \]" | wc -l` + local abort=`rlJournalPrintText | grep "RESULT" | grep "\[ ABORT \]" | wc -l` + if rlJournalPrintText | grep "^:: \[ FAIL \] :: RESULT: $" + then + total=$((total-1)) + fail=$((fail-1)) + fi + echo "========================== Final Pass/Fail Report ===========================" > $report + echo " Test Date: `date` " >> $report + echo " Total : [$total] " >> $report + echo " Passed: [$pass] " >> $report + echo " Failed: [$fail] " >> $report + echo " Unfinished: [$unfinished] " >> $report + echo " Abort : [$abort]" >> $report + echo " Crash : [$crashes]" >> $report + echo " ---------------------------------------------------------" >> $report + rlJournalPrintText | grep "RESULT" | grep "\[ PASS \]"| sed -e 's/:/ /g' -e 's/RESULT//g' >> $report + echo "" >> $report + rlJournalPrintText | grep "RESULT" | grep "\[ FAIL \]"| grep -v "^:: \[ FAIL \] :: RESULT: $" | sed -e 's/:/ /g' -e 's/RESULT//g' >> $report + echo "" >> $report + rlJournalPrintText | grep "RESULT" | grep "\[unfinished\]"| sed -e 's/:/ /g' -e 's/RESULT//g' >> $report + echo "" >> $report + rlJournalPrintText | grep "RESULT" | grep "\[ ABORT \]"| sed -e 's/:/ /g' -e 's/RESULT//g' >> $report + echo "===========================[$report]===============================" >> $report + cat $report + echo "[`date`] test summary report saved as: $report" + echo "" +} #makereport + + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # diff --git a/tests/dogtag/shared/runtest.sh b/tests/dogtag/shared/runtest.sh new file mode 100755 index 000000000..c7f676b36 --- /dev/null +++ b/tests/dogtag/shared/runtest.sh @@ -0,0 +1,52 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/shared +# Description: CS shared libraries +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# Libraries Included: +# rhcs-shared.sh +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/rhcs-install-shared.sh +. /opt/rhqa_pki/pki-user-cli-lib.sh + + +rlJournalStart + rlPhaseStartSetup "list files in /opt/rhqa_pki" + rlRun "export MASTER=hostname" + rlRun "ls /opt/rhqa_pki" 0 "Listing files in /opt/rhqa_pki" + rlPhaseEnd + +rlJournalPrintText +report=/tmp/rhts.report.$RANDOM.txt +makereport $report +rhts-submit-log -l $report +rlJournalEnd diff --git a/tests/dogtag/shared/set-root-pw.exp b/tests/dogtag/shared/set-root-pw.exp new file mode 100755 index 000000000..181219a27 --- /dev/null +++ b/tests/dogtag/shared/set-root-pw.exp @@ -0,0 +1,21 @@ +#!/usr/bin/expect -f + +set force_conservative 0 ;# set to 1 to force conservative mode even if + ;# script wasn't run conservatively originally +if {$force_conservative} { + set send_slow {1 .1} + proc send {ignore arg} { + sleep .1 + exp_send -s -- $arg + } +} + +set timeout 50 +spawn /usr/bin/passwd +match_max 100000 +#send -- "passwd root\r" +expect "password: " +send -- "redhat\r" +expect "password: " +send -- "redhat\r" +expect eof |