diff options
| author | Asha Akkiangady <aakkiang@redhat.com> | 2014-10-01 16:38:31 -0400 |
|---|---|---|
| committer | Asha Akkiangady <aakkiang@redhat.com> | 2014-10-01 16:44:21 -0400 |
| commit | 23b870e30b9ba5295baa41130147b7646c995975 (patch) | |
| tree | 1d191acf90a7c4b9dc8639d5a867926d3140c761 /tests/dogtag | |
| parent | ca56e09c764dae4c604b8c7e37128248968f314d (diff) | |
| download | pki-23b870e30b9ba5295baa41130147b7646c995975.tar.gz pki-23b870e30b9ba5295baa41130147b7646c995975.tar.xz pki-23b870e30b9ba5295baa41130147b7646c995975.zip | |
Fixed uid with i18n tests to expect error message.
pki-ca-user-add tests updated with host and port.
Diffstat (limited to 'tests/dogtag')
| -rwxr-xr-x | tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh | 740 | ||||
| -rwxr-xr-x | tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh | 315 |
2 files changed, 525 insertions, 530 deletions
diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh index 5e0cb995d..b1e30e02d 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh @@ -40,13 +40,39 @@ . /opt/rhqa_pki/env.sh ######################################################################## -#pki-user-cli-user-ca.shn setup should be first executed prior to pki-ca-user-cli-ca-user-add.sh +#pki-user-cli-role-user-create-tests should be first executed prior to pki-ca-user-cli-ca-user-add.sh ######################################################################## -######################################################################## -# Test Suite Globals -######################################################################## run_pki-ca-user-cli-ca-user-add_tests(){ + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + prefix=$subsystemId + if [ "$TOPO9" = "TRUE" ] ; then + ADMIN_CERT_LOCATION=$(eval echo \$${subsystemId}_ADMIN_CERT_LOCATION) + prefix=$subsystemId + CLIENT_PKCS12_PASSWORD=$(eval echo \$${subsystemId}_CLIENT_PKCS12_PASSWORD) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $subsystemId == SUBCA* ]]; then + ADMIN_CERT_LOCATION=$(eval echo \$${subsystemId}_ADMIN_CERT_LOCATION) + prefix=$subsystemId + CLIENT_PKCS12_PASSWORD=$(eval echo \$${subsystemId}_CLIENT_PKCS12_PASSWORD) + else + ADMIN_CERT_LOCATION=$ROOTCA_ADMIN_CERT_LOCATION + prefix=ROOTCA + CLIENT_PKCS12_PASSWORD=$ROOTCA_CLIENT_PKCS12_PASSWORD + fi + else + ADMIN_CERT_LOCATION=$(eval echo \$${MYROLE}_ADMIN_CERT_LOCATION) + prefix=$MYROLE + CLIENT_PKCS12_PASSWORD=$(eval echo \$${MYROLE}_CLIENT_PKCS12_PASSWORD) + fi + + SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) + untrusted_cert_nickname=role_user_UTCA + untrusted_cert_db_location=$UNTRUSTED_CERT_DB_LOCATION + untrusted_cert_db_password=$UNTRUSTED_CERT_DB_PASSWORD + rlPhaseStartSetup "pki_ca_user_cli_ca_user_add-startup: Create temporary directory" rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" rlRun "pushd $TmpDir" @@ -83,16 +109,14 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-001: Add a user to CA using CA_adminV" user1=ca_agent2 user1fullname="Test ca_agent" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-001.out" \ 0 \ - "Add user $user1 to CA_adminV" + "Add user $user1 to ${prefix}_adminV" rlAssertGrep "Added user \"$user1\"" "$TmpDir/pki-ca-user-add-001.out" rlAssertGrep "User ID: $user1" "$TmpDir/pki-ca-user-add-001.out" rlAssertGrep "Full name: $user1fullname" "$TmpDir/pki-ca-user-add-001.out" @@ -101,11 +125,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-002: Maximum length of user id" user2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test \"$user2\" > $TmpDir/pki-ca-user-add-001_1.out" \ 0 \ - "Added user using CA_adminV with maximum user id length" + "Added user using ${prefix}_adminV with maximum user id length" actual_userid_string=`cat $TmpDir/pki-ca-user-add-001_1.out | grep 'User ID:' | xargs echo` expected_userid_string="User ID: $user2" if [[ $actual_userid_string = $expected_userid_string ]] ; then @@ -119,11 +145,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-003: User id with # character" user3=abc# rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test $user3 > $TmpDir/pki-ca-user-add-001_2.out" \ 0 \ - "Added user using CA_adminV, user id with # character" + "Added user using ${prefix}_adminV, user id with # character" rlAssertGrep "Added user \"$user3\"" "$TmpDir/pki-ca-user-add-001_2.out" rlAssertGrep "User ID: $user3" "$TmpDir/pki-ca-user-add-001_2.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_2.out" @@ -132,11 +160,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-004: User id with $ character" user4=abc$ rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test $user4 > $TmpDir/pki-ca-user-add-001_3.out" \ 0 \ - "Added user using CA_adminV, user id with $ character" + "Added user using ${prefix}_adminV, user id with $ character" rlAssertGrep "Added user \"$user4\"" "$TmpDir/pki-ca-user-add-001_3.out" rlAssertGrep "User ID: abc\\$" "$TmpDir/pki-ca-user-add-001_3.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_3.out" @@ -145,11 +175,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-005:User id with @ character" user5=abc@ rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test $user5 > $TmpDir/pki-ca-user-add-001_4.out " \ 0 \ - "Added user using CA_adminV, user id with @ character" + "Added user using ${prefix}_adminV, user id with @ character" rlAssertGrep "Added user \"$user5\"" "$TmpDir/pki-ca-user-add-001_4.out" rlAssertGrep "User ID: $user5" "$TmpDir/pki-ca-user-add-001_4.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_4.out" @@ -158,11 +190,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-006:User id with ? character" user6=abc? rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test $user6 > $TmpDir/pki-ca-user-add-001_5.out " \ 0 \ - "Added user using CA_adminV, user id with ? character" + "Added user using ${prefix}_adminV, user id with ? character" rlAssertGrep "Added user \"$user6\"" "$TmpDir/pki-ca-user-add-001_5.out" rlAssertGrep "User ID: $user6" "$TmpDir/pki-ca-user-add-001_5.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_5.out" @@ -171,11 +205,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-007:User id as 0" user7=0 rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test $user7 > $TmpDir/pki-ca-user-add-001_6.out " \ 0 \ - "Added user using CA_adminV, user id 0" + "Added user using ${prefix}_adminV, user id 0" rlAssertGrep "Added user \"$user7\"" "$TmpDir/pki-ca-user-add-001_6.out" rlAssertGrep "User ID: $user7" "$TmpDir/pki-ca-user-add-001_6.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_6.out" @@ -184,11 +220,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-008:--email with maximum length" email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --email=\"$email\" u1 > $TmpDir/pki-ca-user-add-001_7.out" \ 0 \ - "Added user using CA_adminV with maximum --email length" + "Added user using ${prefix}_adminV with maximum --email length" rlAssertGrep "Added user \"u1\"" "$TmpDir/pki-ca-user-add-001_7.out" rlAssertGrep "User ID: u1" "$TmpDir/pki-ca-user-add-001_7.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_7.out" @@ -204,11 +242,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-009:--email with maximum length and symbols" email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --email='$email' u2 > $TmpDir/pki-ca-user-add-001_8.out" \ 0 \ - "Added user using CA_adminV with maximum --email length and character symbols in it" + "Added user using ${prefix}_adminV with maximum --email length and character symbols in it" rlAssertGrep "Added user \"u2\"" "$TmpDir/pki-ca-user-add-001_8.out" rlAssertGrep "User ID: u2" "$TmpDir/pki-ca-user-add-001_8.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_8.out" @@ -223,11 +263,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-010:--email with # character" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --email=# u3 > $TmpDir/pki-ca-user-add-001_9.out" \ 0 \ - "Added user using CA_adminV with --email # character" + "Added user using ${prefix}_adminV with --email # character" rlAssertGrep "Added user \"u3\"" "$TmpDir/pki-ca-user-add-001_9.out" rlAssertGrep "User ID: u3" "$TmpDir/pki-ca-user-add-001_9.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_9.out" @@ -236,11 +278,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-011:--email with * character" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --email=* u4 > $TmpDir/pki-ca-user-add-001_10.out" \ 0 \ - "Added user using CA_adminV with --email * character" + "Added user using ${prefix}_adminV with --email * character" rlAssertGrep "Added user \"u4\"" "$TmpDir/pki-ca-user-add-001_10.out" rlAssertGrep "User ID: u4" "$TmpDir/pki-ca-user-add-001_10.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_10.out" @@ -249,11 +293,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-012:--email with $ character" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --email=$ u5 > $TmpDir/pki-ca-user-add-001_11.out" \ 0 \ - "Added user using CA_adminV with --email $ character" + "Added user using ${prefix}_adminV with --email $ character" rlAssertGrep "Added user \"u5\"" "$TmpDir/pki-ca-user-add-001_11.out" rlAssertGrep "User ID: u5" "$TmpDir/pki-ca-user-add-001_11.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_11.out" @@ -262,11 +308,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-013:--email as number 0" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --email=0 u6 > $TmpDir/pki-ca-user-add-001_12.out " \ 0 \ - "Added user using CA_adminV with --email 0" + "Added user using ${prefix}_adminV with --email 0" rlAssertGrep "Added user \"u6\"" "$TmpDir/pki-ca-user-add-001_12.out" rlAssertGrep "User ID: u6" "$TmpDir/pki-ca-user-add-001_12.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_12.out" @@ -276,11 +324,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-014:--state with maximum length" state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --state=\"$state\" u7 > $TmpDir/pki-ca-user-add-001_13.out" \ 0 \ - "Added user using CA_adminV with maximum --state length" + "Added user using ${prefix}_adminV with maximum --state length" rlAssertGrep "Added user \"u7\"" "$TmpDir/pki-ca-user-add-001_13.out" rlAssertGrep "User ID: u7" "$TmpDir/pki-ca-user-add-001_13.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_13.out" @@ -296,11 +346,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-015:--state with maximum length and symbols" state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --state='$state' u8 > $TmpDir/pki-ca-user-add-001_14.out" \ 0 \ - "Added user using CA_adminV with maximum --state length and character symbols in it" + "Added user using ${prefix}_adminV with maximum --state length and character symbols in it" rlAssertGrep "Added user \"u8\"" "$TmpDir/pki-ca-user-add-001_14.out" rlAssertGrep "User ID: u8" "$TmpDir/pki-ca-user-add-001_14.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_14.out" @@ -315,11 +367,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-016:--state with # character" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --state=# u9 > $TmpDir/pki-ca-user-add-001_15.out" \ 0 \ - "Added user using CA_adminV with --state # character" + "Added user using ${prefix}_adminV with --state # character" rlAssertGrep "Added user \"u9\"" "$TmpDir/pki-ca-user-add-001_15.out" rlAssertGrep "User ID: u9" "$TmpDir/pki-ca-user-add-001_15.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_15.out" @@ -328,11 +382,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-017:--state with * character" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --state=* u10 > $TmpDir/pki-ca-user-add-001_16.out" \ 0 \ - "Added user using CA_adminV with --state * character" + "Added user using ${prefix}_adminV with --state * character" rlAssertGrep "Added user \"u10\"" "$TmpDir/pki-ca-user-add-001_16.out" rlAssertGrep "User ID: u10" "$TmpDir/pki-ca-user-add-001_16.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_16.out" @@ -341,11 +397,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-018:--state with $ character" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --state=$ u11 > $TmpDir/pki-ca-user-add-001_17.out" \ 0 \ - "Added user using CA_adminV with --state $ character" + "Added user using ${prefix}_adminV with --state $ character" rlAssertGrep "Added user \"u11\"" "$TmpDir/pki-ca-user-add-001_17.out" rlAssertGrep "User ID: u11" "$TmpDir/pki-ca-user-add-001_17.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_17.out" @@ -354,11 +412,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-019:--state as number 0" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --state=0 u12 > $TmpDir/pki-ca-user-add-001_18.out " \ 0 \ - "Added user using CA_adminV with --state 0" + "Added user using ${prefix}_adminV with --state 0" rlAssertGrep "Added user \"u12\"" "$TmpDir/pki-ca-user-add-001_18.out" rlAssertGrep "User ID: u12" "$TmpDir/pki-ca-user-add-001_18.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_18.out" @@ -368,11 +428,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-020:--phone with maximum length" phone=`cat /dev/urandom | tr -dc '0-9' | fold -w 2048 | head -n 1` rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --phone=\"$phone\" u13 > $TmpDir/pki-ca-user-add-001_19.out" \ 0 \ - "Added user using CA_adminV with maximum --phone length" + "Added user using ${prefix}_adminV with maximum --phone length" rlAssertGrep "Added user \"u13\"" "$TmpDir/pki-ca-user-add-001_19.out" rlAssertGrep "User ID: u13" "$TmpDir/pki-ca-user-add-001_19.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_19.out" @@ -382,11 +444,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-021:--phone with maximum length and symbols" phone=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --phone='$phone' usr1 > $TmpDir/pki-ca-user-add-001_20.out 2>&1"\ 255 \ - "Should not be able to add user using CA_adminV with maximum --phone with character symbols in it" + "Should not be able to add user using ${prefix}_adminV with maximum --phone with character symbols in it" rlAssertGrep "ClientResponseFailure: Error status 4XX" "$TmpDir/pki-ca-user-add-001_20.out" rlAssertNotGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-ca-user-add-001_20.out" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/833#comment:1" @@ -394,11 +458,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-022:--phone with # character" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --phone=# usr2 > $TmpDir/pki-ca-user-add-001_21.out 2>&1" \ 255 \ - "Should not be able to add user using CA_adminV --phone with character #" + "Should not be able to add user using ${prefix}_adminV --phone with character #" rlAssertGrep "ClientResponseFailure: Error status 4XX" "$TmpDir/pki-ca-user-add-001_21.out" rlAssertNotGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-ca-user-add-001_21.out" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/833#comment:1" @@ -406,11 +472,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-023:--phone with * character" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --phone=* usr3 > $TmpDir/pki-ca-user-add-001_22.out 2>&1" \ 255 \ - "Should not be able to add user using CA_adminV --phone with character *" + "Should not be able to add user using ${prefix}_adminV --phone with character *" rlAssertGrep "ClientResponseFailure: Error status 4XX" "$TmpDir/pki-ca-user-add-001_22.out" rlAssertNotGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-ca-user-add-001_22.out" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/833#comment:1" @@ -418,11 +486,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-024:--phone with $ character" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --phone=$ usr4 > $TmpDir/pki-ca-user-add-001_23.out 2>&1" \ 255 \ - "Should not be able to add user using CA_adminV --phone with character $" + "Should not be able to add user using ${prefix}_adminV --phone with character $" rlAssertGrep "ClientResponseFailure: Error status 4XX" "$TmpDir/pki-ca-user-add-001_23.out" rlAssertNotGrep "PKIException: LDAP error (21): error result" "$TmpDir/pki-ca-user-add-001_23.out" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/833#comment:1" @@ -430,11 +500,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-025:--phone as negative number -1230" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --phone=-1230 u14 > $TmpDir/pki-ca-user-add-001_24.out " \ 0 \ - "Added user using CA_adminV with --phone -1230" + "Added user using ${prefix}_adminV with --phone -1230" rlAssertGrep "Added user \"u14\"" "$TmpDir/pki-ca-user-add-001_24.out" rlAssertGrep "User ID: u14" "$TmpDir/pki-ca-user-add-001_24.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_24.out" @@ -443,11 +515,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-026:--type as Auditors" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type=Auditors u15 > $TmpDir/pki-ca-user-add-001_25.out" \ 0 \ - "Added user using CA_adminV with --type Auditors" + "Added user using ${prefix}_adminV with --type Auditors" rlAssertGrep "Added user \"u15\"" "$TmpDir/pki-ca-user-add-001_25.out" rlAssertGrep "User ID: u15" "$TmpDir/pki-ca-user-add-001_25.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_25.out" @@ -456,11 +530,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-027:--type Certificate Manager Agents" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type=\"Certificate Manager Agents\" u16 > $TmpDir/pki-ca-user-add-001_26.out" \ 0 \ - "Added user using CA_adminV --type Certificate Manager Agents" + "Added user using ${prefix}_adminV --type Certificate Manager Agents" rlAssertGrep "Added user \"u16\"" "$TmpDir/pki-ca-user-add-001_26.out" rlAssertGrep "User ID: u16" "$TmpDir/pki-ca-user-add-001_26.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_26.out" @@ -469,11 +545,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-028:--type Registration Manager Agents" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type=\"Registration Manager Agents\" u17 > $TmpDir/pki-ca-user-add-001_27.out" \ 0 \ - "Added user using CA_adminV with --type Registration Manager Agents" + "Added user using ${prefix}_adminV with --type Registration Manager Agents" rlAssertGrep "Added user \"u17\"" "$TmpDir/pki-ca-user-add-001_27.out" rlAssertGrep "User ID: u17" "$TmpDir/pki-ca-user-add-001_27.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_27.out" @@ -482,11 +560,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-029:--type Subsytem Group" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type=\"Subsytem Group\" u18 > $TmpDir/pki-ca-user-add-001_28.out" \ 0 \ - "Added user using CA_adminV with --type Subsytem Group" + "Added user using ${prefix}_adminV with --type Subsytem Group" rlAssertGrep "Added user \"u18\"" "$TmpDir/pki-ca-user-add-001_28.out" rlAssertGrep "User ID: u18" "$TmpDir/pki-ca-user-add-001_28.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_28.out" @@ -495,11 +575,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-030:--type Security Domain Administrators" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type=\"Security Domain Administrators\" u19 > $TmpDir/pki-ca-user-add-001_29.out" \ 0 \ - "Added user using CA_adminV with --type Security Domain Administrators" + "Added user using ${prefix}_adminV with --type Security Domain Administrators" rlAssertGrep "Added user \"u19\"" "$TmpDir/pki-ca-user-add-001_29.out" rlAssertGrep "User ID: u19" "$TmpDir/pki-ca-user-add-001_29.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_29.out" @@ -508,11 +590,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-031:--type ClonedSubsystems" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type=ClonedSubsystems u20 > $TmpDir/pki-ca-user-add-001_30.out" \ 0 \ - "Added user using CA_adminV with --type ClonedSubsystems" + "Added user using ${prefix}_adminV with --type ClonedSubsystems" rlAssertGrep "Added user \"u20\"" "$TmpDir/pki-ca-user-add-001_30.out" rlAssertGrep "User ID: u20" "$TmpDir/pki-ca-user-add-001_30.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_30.out" @@ -521,11 +605,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-032:--type Trusted Managers" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type=\"Trusted Managers\" u21 > $TmpDir/pki-ca-user-add-001_31.out" \ 0 \ - "Added user using CA_adminV with --type Trusted Managers" + "Added user using ${prefix}_adminV with --type Trusted Managers" rlAssertGrep "Added user \"u21\"" "$TmpDir/pki-ca-user-add-001_31.out" rlAssertGrep "User ID: u21" "$TmpDir/pki-ca-user-add-001_31.out" rlAssertGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_31.out" @@ -534,11 +620,13 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-033:--type Dummy Group" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type=\"Dummy Group\" u25 > $TmpDir/pki-ca-user-add-001_33.out 2>&1 " \ - 1 \ - "Adding user using CA_adminV with --type Dummy Group" + 1,255 \ + "Adding user using ${prefix}_adminV with --type Dummy Group" rlAssertNotGrep "Added user \"u25\"" "$TmpDir/pki-ca-user-add-001_33.out" rlAssertNotGrep "User ID: u25" "$TmpDir/pki-ca-user-add-001_33.out" rlAssertNotGrep "Full name: test" "$TmpDir/pki-ca-user-add-001_33.out" @@ -549,8 +637,10 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-034: Add a duplicate user to CA" command="pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"New user\" $user1 > $TmpDir/pki-ca-user-add-002.out 2>&1 " rlLog "Command=$command" @@ -560,16 +650,12 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-035: Add a user to CA with -t option" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -t ca \ - ca-user-add --fullName=\"$user1fullname\" u22" - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" u22 > $TmpDir/pki-ca-user-add-003.out" \ 0 \ "Add user u22 to CA" @@ -579,16 +665,12 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-036: Add a user -- missing required option user id" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -t ca \ - ca-user-add --fullName=\"$user1fullname\" " - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" > $TmpDir/pki-ca-user-add-004.out" \ 255 \ "Add user -- missing required option user id" @@ -597,11 +679,12 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-037: Add a user -- missing required option --fullName" command="pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add $user1 > $TmpDir/pki-ca-user-add-005.out 2>&1" - rlLog "Executing: $command" errmsg="Error: Missing required option: fullName" errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Add a user -- missing required option --fullName" @@ -613,22 +696,12 @@ run_pki-ca-user-cli-ca-user-add_tests(){ phone="1234567890" state="NC" type="Administrators" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -t ca \ - ca-user-add --fullName=\"$user1fullname\" \ - --email $email \ - --password $user_password \ - --phone $phone \ - --state $state \ - --type $type \ - u23" - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" \ --email $email \ --password $user_password \ @@ -654,21 +727,12 @@ run_pki-ca-user-cli-ca-user-add_tests(){ user_password="admin2Password" phone="1234567890" state="NC" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -t ca \ - ca-user-add --fullName=\"$userfullname\" \ - --email $email \ - --password $user_password \ - --phone $phone \ - --state $state \ - $user" - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$userfullname\" \ --email $email \ --password $user_password \ @@ -676,22 +740,19 @@ run_pki-ca-user-cli-ca-user-add_tests(){ --state $state \ $user > $TmpDir/pki-ca-user-add-006.out " \ 0 \ - "Add user $user using CA_adminV" + "Add user $user using ${prefix}_adminV" rlAssertGrep "Added user \"u24\"" "$TmpDir/pki-ca-user-add-006.out" rlAssertGrep "User ID: u24" "$TmpDir/pki-ca-user-add-006.out" rlAssertGrep "Full name: $userfullname" "$TmpDir/pki-ca-user-add-006.out" rlAssertGrep "Email: $email" "$TmpDir/pki-ca-user-add-006.out" rlAssertGrep "Phone: $phone" "$TmpDir/pki-ca-user-add-006.out" rlAssertGrep "State: $state" "$TmpDir/pki-ca-user-add-006.out" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -t ca \ - group-member-add Administrators $user" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ group-member-add Administrators $user > $TmpDir/pki-ca-user-add-007_1.out" \ 0 \ "Add user $user to Administrators group" @@ -700,16 +761,20 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlAssertGrep "User: $user" "$TmpDir/pki-ca-user-add-007_1.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ group-member-find Administrators > $TmpDir/pki-ca-user-add-007.out" \ 0 \ "Show pki group-member-find Administrators" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ group-member-add \"Certificate Manager Agents\" $user > $TmpDir/pki-ca-user-add-007_1_1.out" \ 0 \ "Add user $user to Administrators group" @@ -718,9 +783,11 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlAssertGrep "User: $user" "$TmpDir/pki-ca-user-add-007_1_1.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ group-member-find \"Certificate Manager Agents\" > $TmpDir/pki-ca-user-add-007_2.out" \ 0 \ "Show pki group-member-find Administrators" @@ -731,14 +798,18 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-040: Add user with --password less than 8 characters" userpw="pass" rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" --password=$userpw $user1 > $TmpDir/pki-ca-user-add-008.out 2>&1" expmsg="PKIException: The password must be at least 8 characters" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -t ca \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" --password=$userpw $user1 > $TmpDir/pki-ca-user-add-008.out 2>&1" \ 255 \ "Add a user --must be at least 8 characters --password" @@ -747,13 +818,11 @@ run_pki-ca-user-cli-ca-user-add_tests(){ ##### Tests to add users using revoked cert##### rlPhaseStartTest "pki_ca_user_cli_ca_user_add-041: Should not be able to add user using a revoked cert CA_adminR" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_adminR \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminR \ + -n ${prefix}_adminR \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-revoke-adminR-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a user having revoked cert" @@ -761,13 +830,11 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-042: Should not be able to add user using a agent with revoked cert CA_agentR" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_agentR \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ - -n CA_agentR \ + -n ${prefix}_agentR \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-revoke-agentR-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a user having revoked cert" @@ -777,28 +844,24 @@ run_pki-ca-user-cli-ca-user-add_tests(){ ##### Tests to add users using an agent user##### rlPhaseStartTest "pki_ca_user_cli_ca_user_add-043: Should not be able to add user using a valid agent CA_agentV user" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_agentV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ - -n CA_agentV \ + -n ${prefix}_agentV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-agentV-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a agent cert" - rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-ca-user-add-agentV-002.out" + rlAssertGrep "ForbiddenException: Authorization Error" "$TmpDir/pki-ca-user-add-agentV-002.out" rlPhaseEnd - ##### Tests to add users using CA_adminUTCA and CA_agentUTCA user's certificate will be issued by an untrusted CA ##### + ##### Tests to add users using CA_agentUTCA user's certificate will be issued by an untrusted CA ##### rlPhaseStartTest "pki_ca_user_cli_ca_user_add-044: Should not be able to add user using a CA_agentUTCA user" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_agentR \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=\"$user1fullname\" $user1" - rlRun "pki -d $CERTDB_DIR \ - -n CA_agentR \ - -c $CERTDB_DIR_PASSWORD \ + rlRun "pki -d $UNTRUSTED_CERT_DB_LOCATION \ + -n $untrusted_cert_nickname \ + -c $UNTRUSTED_CERT_DB_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-agentR-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a agent cert" @@ -811,12 +874,16 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlRun "date --set='+2 days'" 0 "Set System date 2 days ahead" rlRun "date" rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_adminE \ + -n ${prefix}_adminE \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminE \ + -n ${prefix}_adminE \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-adminE-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a agent cert" @@ -831,12 +898,16 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlRun "date --set='+2 days'" 0 "Set System date 2 days ahead" rlRun "date" rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_agentE \ + -n ${prefix}_agentE \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ - -n CA_agentE \ + -n ${prefix}_agentE \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-agentE-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a agent cert" @@ -848,42 +919,36 @@ run_pki-ca-user-cli-ca-user-add_tests(){ ##### Tests to add users using audit users##### rlPhaseStartTest "pki_ca_user_cli_ca_user_add-047: Should not be able to add user using a CA_auditV" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_auditV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ - -n CA_auditV \ + -n ${prefix}_auditV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-auditV-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a audit cert" - rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-ca-user-add-auditV-002.out" + rlAssertGrep "ForbiddenException: Authorization Error" "$TmpDir/pki-ca-user-add-auditV-002.out" rlPhaseEnd ##### Tests to add users using operator user### rlPhaseStartTest "pki_ca_user_cli_ca_user_add-048: Should not be able to add user using a CA_operatorV" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n CA_operatorV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ - -n CA_operatorV \ + -n ${prefix}_operatorV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-operatorV-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a operator cert" - rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-ca-user-add-operatorV-002.out" + rlAssertGrep "ForbiddenException: Authorization Error" "$TmpDir/pki-ca-user-add-operatorV-002.out" rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-049: Should not be able to add user using a cert created from a untrusted CA CA_adminUTCA" - rlLog "Executing: pki -d /tmp/untrusted_cert_db \ - -n CA_adminUTCA \ - -c Password \ - ca-user-add --fullName=\"$user1fullname\" $user1" - rlRun "pki -d /tmp/untrusted_cert_db \ - -n CA_adminUTCA \ - -c Password \ + rlRun "pki -d $UNTRUSTED_CERT_DB_LOCATION \ + -n $untrusted_cert_nickname \ + -c $UNTRUSTED_CERT_DB_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-ca-user-add-adminUTCA-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a untrusted cert" @@ -893,15 +958,19 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-050: user id length exceeds maximum limit defined in the schema" user_length_exceed_max=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10000 | head -n 1` rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test \"$user_length_exceed_max\"" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test \"$user_length_exceed_max\" > $TmpDir/pki-ca-user-add-001_50.out 2>&1" \ 255 \ - "Adding user using CA_adminV with user id length exceed maximum defined in ldap schema" + "Adding user using ${prefix}_adminV with user id length exceed maximum defined in ldap schema" rlAssertGrep "ClientResponseFailure: ldap can't save, exceeds max length" "$TmpDir/pki-ca-user-add-001_50.out" rlAssertNotGrep "ClientResponseFailure: Error status 500 Internal Server Error returned" "$TmpDir/pki-ca-user-add-001_50.out" rlAssertNotGrep "ProcessingException: Unable to invoke request" "$TmpDir/pki-ca-user-add-001_50.out" @@ -910,13 +979,11 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-051: fullname with i18n characters" rlLog "ca-user-add fullname Örjan Äke with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName='Örjan Äke' u26" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName='Örjan Äke' u26 > $TmpDir/pki-ca-user-add-001_51.out 2>&1" \ 0 \ "Adding u26 with full name Örjan Äke" @@ -927,13 +994,11 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-052: fullname with i18n characters" rlLog "ca-user-add fullname Éric Têko with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName='Éric Têko' u27" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName='Éric Têko' u27 > $TmpDir/pki-ca-user-add-001_52.out 2>&1" \ 0 \ "Adding u27 with full Éric Têko" @@ -944,26 +1009,22 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-053: fullname with i18n characters" rlLog "ca-user-add fullname éénentwintig dvidešimt with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName='éénentwintig dvidešimt' u28" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName='éénentwintig dvidešimt' u28 > $TmpDir/pki-ca-user-add-001_53.out 2>&1" \ 0 \ "Adding fullname éénentwintig dvidešimt with i18n characters" rlAssertGrep "Added user \"u28\"" "$TmpDir/pki-ca-user-add-001_53.out" rlAssertGrep "Full name: éénentwintig dvidešimt" "$TmpDir/pki-ca-user-add-001_53.out" rlAssertGrep "User ID: u28" "$TmpDir/pki-ca-user-add-001_53.out" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-show u28" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-show u28 > $TmpDir/pki-ca-user-add-001_53_2.out 2>&1" \ 0 \ "Show user u28 with fullname éénentwintig dvidešimt in i18n characters" @@ -973,21 +1034,21 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-054: fullname with i18n characters" rlLog "ca-user-add fullname kakskümmend üks with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName='kakskümmend üks' u29" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName='kakskümmend üks' u29 > $TmpDir/pki-ca-user-add-001_54.out 2>&1" \ 0 \ "Adding fillname kakskümmend üks with i18n characters" rlAssertGrep "Added user \"u29\"" "$TmpDir/pki-ca-user-add-001_54.out" rlAssertGrep "Full name: kakskümmend üks" "$TmpDir/pki-ca-user-add-001_54.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-show u29 > $TmpDir/pki-ca-user-add-001_54_2.out" \ 0 \ "Show user u29 with fullname kakskümmend üks in i18n characters" @@ -997,21 +1058,21 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-055: fullname with i18n characters" rlLog "ca-user-add fullname двадцять один тридцять with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName='двадцять один тридцять' u30" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName='двадцять один тридцять' u30 > $TmpDir/pki-ca-user-add-001_55.out 2>&1" \ 0 \ "Adding fillname двадцять один тридцять with i18n characters" rlAssertGrep "Added user \"u30\"" "$TmpDir/pki-ca-user-add-001_55.out" rlAssertGrep "Full name: двадцять один тридцять" "$TmpDir/pki-ca-user-add-001_55.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-show u30 > $TmpDir/pki-ca-user-add-001_55_2.out" \ 0 \ "Show user u30 with fullname двадцять один тридцять in i18n characters" @@ -1019,59 +1080,51 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlAssertGrep "Full name: двадцять один тридцять" "$TmpDir/pki-ca-user-add-001_55_2.out" rlPhaseEnd - rlPhaseStartTest "pki_ca_user_cli_ca_user_add-056: user id with i18n characters" + rlPhaseStartTest "pki_ca_user_cli_ca_user_add-056: should not be able to add user id with i18n characters" rlLog "ca-user-add userid ÖrjanÄke with i18n characters" rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test 'ÖrjanÄke'" - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=test 'ÖrjanÄke' > $TmpDir/pki-ca-user-add-001_56.out 2>&1" \ - 0 \ - "Adding uid ÖrjanÄke with i18n characters" - rlAssertGrep "Added user \"ÖrjanÄke\"" "$TmpDir/pki-ca-user-add-001_56.out" - rlAssertGrep "User ID: ÖrjanÄke" "$TmpDir/pki-ca-user-add-001_56.out" - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + command="pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ - ca-user-show 'ÖrjanÄke' > $TmpDir/pki-ca-user-add-001_56_2.out" \ - 0 \ - "Show user 'ÖrjanÄke'" - rlAssertGrep "User \"ÖrjanÄke\"" "$TmpDir/pki-ca-user-add-001_56_2.out" - rlAssertGrep "User ID: ÖrjanÄke" "$TmpDir/pki-ca-user-add-001_56_2.out" + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + ca-user-add --fullName=test 'ÖrjanÄke' " + errmsg="IncorrectUserIdException" + errorcode=255 + rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Adding uid ÖrjanÄke with i18n characters" + rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" rlPhaseEnd - rlPhaseStartTest "pki_ca_user_cli_ca_user_add-057: userid with i18n characters" + rlPhaseStartTest "pki_ca_user_cli_ca_user_add-057: should not be able to add userid with i18n characters" rlLog "ca-user-add userid ÉricTêko with i18n characters" rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test 'ÉricTêko'" - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=test 'ÉricTêko' > $TmpDir/pki-ca-user-add-001_57.out 2>&1" \ - 0 \ - "Adding user id ÉricTêko with i18n characters" - rlAssertGrep "Added user \"ÉricTêko\"" "$TmpDir/pki-ca-user-add-001_57.out" - rlAssertGrep "User ID: ÉricTêko" "$TmpDir/pki-ca-user-add-001_57.out" - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + command="pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ - ca-user-show 'ÉricTêko' > $TmpDir/pki-ca-user-add-001_57_2.out" \ - 0 \ - "Show user 'ÉricTêko'" - rlAssertGrep "User \"ÉricTêko\"" "$TmpDir/pki-ca-user-add-001_57_2.out" - rlAssertGrep "User ID: ÉricTêko" "$TmpDir/pki-ca-user-add-001_57_2.out" + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + ca-user-add --fullName=test 'ÉricTêko' " + errmsg="IncorrectUserIdException" + errorcode=255 + rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Adding user id ÉricTêko with i18n characters" + rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-058: email address with i18n characters" rlLog "ca-user-add email address negyvenkettő@qetestsdomain.com with i18n characters" - command="pki -d $CERTDB_DIR -n CA_adminV -c $CERTDB_DIR_PASSWORD ca-user-add --fullName=test --email='negyvenkettő@qetestsdomain.com' u31" + command="pki -d $CERTDB_DIR -n ${prefix}_adminV -c $CERTDB_DIR_PASSWORD--h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-user-add --fullName=test --email='negyvenkettő@qetestsdomain.com' u31" rlLog "Executing $command" - errmsg="PKIException: Unable to add user" + errmsg="IncorrectPasswordException: Incorrect client security database password." errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Adding email negyvenkettő@qetestsdomain.com with i18n characters" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" @@ -1079,30 +1132,29 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-059: email address with i18n characters" rlLog "ca-user-add email address četrdesmitdivi@qetestsdomain.com with i18n characters" - command="pki -d $CERTDB_DIR -n CA_adminV -c $CERTDB_DIR_PASSWORD ca-user-add --fullName=test --email='četrdesmitdivi@qetestsdomain.com' u32" + command="pki -d $CERTDB_DIR -n ${prefix}_adminV -c $CERTDB_DIR_PASSWORD-h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-user-add --fullName=test --email='četrdesmitdivi@qetestsdomain.com' u32" rlLog "Executing $command" - errmsg="PKIException: Unable to add user" + errmsg="IncorrectPasswordException: Incorrect client security database password." errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Adding email četrdesmitdivi@qetestsdomain.com with i18n characters" - rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-060: password with i18n characters" rlLog "ca-user-add password šimtaskolmkümmend with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=test --password='šimtaskolmkümmend' u31" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --password='šimtaskolmkümmend' u31 > $TmpDir/pki-ca-user-add-001_60.out 2>&1" \ 0 \ "Adding password šimtaskolmkümmend with i18n characters" rlAssertGrep "Added user \"u31\"" "$TmpDir/pki-ca-user-add-001_60.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-show u31 > $TmpDir/pki-ca-user-add-001_60_2.out" \ 0 \ "Show user u31 with password šimtaskolmkümmend in i18n characters" @@ -1111,20 +1163,20 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-061: password with i18n characters" rlLog "ca-user-add password двадцяттридцять with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=test --password='двадцяттридцять' u32" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --password='двадцяттридцять' u32 > $TmpDir/pki-ca-user-add-001_61.out 2>&1" \ 0 \ "Adding password двадцяттридцять with i18n characters" rlAssertGrep "Added user \"u32\"" "$TmpDir/pki-ca-user-add-001_61.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-show u32 > $TmpDir/pki-ca-user-add-001_61_2.out" \ 0 \ "Show user u32 with password двадцяттридцять in i18n characters" @@ -1133,21 +1185,21 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-062: type with i18n characters" rlLog "ca-user-add type tjugo-tvåhetvenhét with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=test --type='tjugo-tvåhetvenhét' u33" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type='tjugo-tvåhetvenhét' u33 > $TmpDir/pki-ca-user-add-001_62.out 2>&1" \ 0 \ "Adding type tjugo-tvåhetvenhét with i18n characters" rlAssertGrep "Added user \"u33\"" "$TmpDir/pki-ca-user-add-001_62.out" rlAssertGrep "Type: tjugo-tvåhetvenhét" "$TmpDir/pki-ca-user-add-001_62.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-show u33 > $TmpDir/pki-ca-user-add-001_62_2.out" \ 0 \ "Show user u33 with type tjugo-tvåhetvenhét in i18n characters" @@ -1157,21 +1209,21 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-063: type with i18n characters" rlLog "ca-user-add type мiльйонтридцять with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=test --type='мiльйонтридцять' u34" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --type='мiльйонтридцять' u34 > $TmpDir/pki-ca-user-add-001_63.out 2>&1" \ 0 \ "Adding type мiльйонтридцять with i18n characters" rlAssertGrep "Added user \"u34\"" "$TmpDir/pki-ca-user-add-001_63.out" rlAssertGrep "Type: мiльйонтридцять" "$TmpDir/pki-ca-user-add-001_63.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-show u34 > $TmpDir/pki-ca-user-add-001_63_2.out" \ 0 \ "Show user u34 with type мiльйонтридцять in i18n characters" @@ -1181,21 +1233,21 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-064: state with i18n characters" rlLog "ca-user-add state čå with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=test --state='čå' u35" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --state='čå' u35 > $TmpDir/pki-ca-user-add-001_64.out 2>&1" \ 0 \ "Adding state 'čå' with i18n characters" rlAssertGrep "Added user \"u35\"" "$TmpDir/pki-ca-user-add-001_64.out" rlAssertGrep "State: čå" "$TmpDir/pki-ca-user-add-001_64.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-show u35 > $TmpDir/pki-ca-user-add-001_64_2.out" \ 0 \ "Show user u35 with state čå in i18n characters" @@ -1205,21 +1257,21 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseStartTest "pki_ca_user_cli_ca_user_add-065: state with i18n characters" rlLog "ca-user-add state йč with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-add --fullName=test --state='йč' u36" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test --state='йč' u36 > $TmpDir/pki-ca-user-add-001_65.out 2>&1" \ 0 \ "Adding state 'йč' with i18n characters" rlAssertGrep "Added user \"u36\"" "$TmpDir/pki-ca-user-add-001_65.out" rlAssertGrep "State: йč" "$TmpDir/pki-ca-user-add-001_65.out" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-show u36 > $TmpDir/pki-ca-user-add-001_65_2.out" \ 0 \ "Show user u36 with state йč in i18n characters" @@ -1234,26 +1286,30 @@ run_pki-ca-user-cli-ca-user-add_tests(){ local ret_requestid local valid_serialNumber local temp_out="$TmpDir/usercert-show.out" + local requestdn + local prefix_value rlRun "create_cert_request $TEMP_NSS_DB Password pkcs10 rsa 2048 \"pki User1\" \"pkiUser1\" \ - \"pkiuser1@example.org\" \"Engineering\" \"Example.Inc\" "US" "--" "ret_reqstatus" "ret_requestid"" 0 "Generating pkcs10 Certificate Request" - rlLog "pki -d $CERTDB_DIR -c $CERTDB_DIR_PASSWORD -n \"CA_agentV\" ca-cert-request-review $ret_requestid \ + \"pkiuser1@example.org\" \"Engineering\" \"Example.Inc\" \"US\" \"--\" \"ret_reqstatus\" \"ret_requestid\" $SUBSYSTEM_HOST \"$(eval echo \$${subsystemId}_UNSECURE_PORT)\" \"$requestdn\" \"$prefix_value\" " 0 "Generating pkcs10 Certificate Request" + rlLog "pki -d $CERTDB_DIR -c $CERTDB_DIR_PASSWORD -n \"${prefix}_agentV\" -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-cert-request-review $ret_requestid \ --action approve 1" - rlRun "pki -d $CERTDB_DIR -c $CERTDB_DIR_PASSWORD -n \"CA_agentV\" ca-cert-request-review $ret_requestid \ + rlRun "pki -d $CERTDB_DIR -c $CERTDB_DIR_PASSWORD -n \"${prefix}_agentV\" -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-cert-request-review $ret_requestid \ --action approve 1> $TmpDir/pki-approve-out" 0 "Approve Certificate requeset" rlAssertGrep "Approved certificate request $ret_requestid" "$TmpDir/pki-approve-out" - rlLog "pki cert-request-show $ret_requestid | grep \"Certificate ID\" | sed 's/ //g' | cut -d: -f2)" - rlRun "pki cert-request-show $ret_requestid > $TmpDir/usercert-show1.out" + rlLog "pki -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) cert-request-show $ret_requestid | grep \"Certificate ID\" | sed 's/ //g' | cut -d: -f2)" + rlRun "pki -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) cert-request-show $ret_requestid > $TmpDir/usercert-show1.out" valid_serialNumber=`cat $TmpDir/usercert-show1.out | grep 'Certificate ID' | sed 's/ //g' | cut -d: -f2` rlLog "valid_serialNumber=$valid_serialNumber" #Import user certs to $TEMP_NSS_DB - rlRun "pki cert-show $valid_serialNumber --encoded > $temp_out" 0 "command pki cert-show $valid_serialNumber --encoded" + rlRun "pki -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) cert-show $valid_serialNumber --encoded > $temp_out" 0 "command pki cert-show $valid_serialNumber --encoded" rlRun "certutil -d $TEMP_NSS_DB -A -n pkiUser1 -i $temp_out -t \"u,u,u\"" local expfile="$TmpDir/expfile_pkiuser1.out" rlLog "Executing: pki -d $TEMP_NSS_DB \ -n pkiUser1 \ -c Password \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-add --fullName=test_user u39" - echo "spawn -noecho pki -d $TEMP_NSS_DB -n pkiUser1 -c Password ca-user-add --fullName=test_user u39" > $expfile + echo "spawn -noecho pki -d $TEMP_NSS_DB -n pkiUser1 -c Password -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-user-add --fullName=test_user u39" > $expfile echo "expect \"WARNING: UNTRUSTED ISSUER encountered on 'CN=$HOSTNAME,O=$CA_DOMAIN Security Domain' indicates a non-trusted CA cert 'CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain' Import CA certificate (Y/n)? \"" >> $expfile echo "send -- \"Y\r\"" >> $expfile @@ -1266,27 +1322,95 @@ Import CA certificate (Y/n)? \"" >> $expfile rlAssertGrep "PKIException: Unauthorized" "$TmpDir/pki-ca-user-add-pkiUser1-002.out" rlPhaseEnd + rlPhaseStartTest "pki_ca_user_cli_ca_user_add-067: Should not be able to add user using Normal user credential" + local pki_user="idm1_user_1" + local pki_user_fullName="Idm1 User 1" + local pki_pwd="Secret123" + rlLog "Create user $pki_user" + rlRun "pki -d $CERTDB_DIR \ + -n \"${prefix}_adminV\" \ + -c $CERTDB_DIR_PASSWORD -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + ca-user-add $pki_user \ + --fullName \"$pki_user_fullName\" \ + --password $pki_pwd" 0 "Create $pki_user User" + local TEMP_NSS_DB="$TmpDir/nssdb" + rlLog "Executing: pki -d $CERTDB_DIR \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -u $pki_user \ + -w $pki_pwd \ + ca-user-add --fullName=test_user u39" + command="pki -d $CERTDB_DIR \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -u $pki_user \ + -w $pki_pwd \ + ca-user-add --fullName=test_user u39" + errmsg="ForbiddenException: Authentication method not allowed." + errorcode=255 + rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Adding user using Normal user credential" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_user_cli_ca_user_add-068: Should not be able to add user using invalid user credential" + local invalid_pki_user=test1 + local invalid_pki_user_pwd=Secret123 + rlLog "Executing: pki -d $CERTDB_DIR \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -u $invalid_pki_user \ + -w $invalid_pki_user_pwd \ + user-add --fullName=test_user u39" + command="pki -d $CERTDB_DIR \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -u $invalid_pki_user \ + -w $invalid_pki_user_pwd \ + user-add --fullName=test_user u39" + errmsg="PKIException: Unauthorized" + errorcode=255 + rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Adding user using Normal user credential" + rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_user_cleanup: Deleting users" - #===Deleting users created using CA_adminV cert===# + #===Deleting users created using ${prefix}_adminV cert===# i=1 while [ $i -lt 37 ] ; do + rlLog "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + ca-user-del u$i" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-del u$i > $TmpDir/pki-user-del-ca-user-00$i.out" \ 0 \ "Deleted user u$i" rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-ca-user-00$i.out" let i=$i+1 done - #===Deleting users(symbols) created using CA_adminV cert===# + #===Deleting users(symbols) created using ${prefix}_adminV cert===# j=1 while [ $j -lt 8 ] ; do eval usr=\$user$j + rlLog "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + ca-user-del '$usr'" rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ ca-user-del '$usr' > $TmpDir/pki-user-del-ca-user-symbol-00$j.out" \ 0 \ "Deleted user $usr" @@ -1299,22 +1423,18 @@ Import CA certificate (Y/n)? \"" >> $expfile fi let j=$j+1 done - #===Deleting i18n users created using CA_adminV cert===# - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ - -c $CERTDB_DIR_PASSWORD \ - ca-user-del 'ÖrjanÄke' > $TmpDir/pki-user-del-ca-user-i18n_1.out" \ - 0 \ - "Deleted user ÖrjanÄke" - rlAssertGrep "Deleted user \"ÖrjanÄke\"" "$TmpDir/pki-user-del-ca-user-i18n_1.out" - rlRun "pki -d $CERTDB_DIR \ - -n CA_adminV \ + #Deleting user idm_user_1 + local pki_user="idm1_user_1" + rlRun "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ - ca-user-del 'ÉricTêko' > $TmpDir/pki-user-del-ca-user-i18n_2.out" \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + ca-user-del $pki_user > $TmpDir/pki-user-del-user-ca-2_1.out" \ 0 \ - "Deleted user ÉricTêko" - rlAssertGrep "Deleted user \"ÉricTêko\"" "$TmpDir/pki-user-del-ca-user-i18n_2.out" + "Deleted user $pki_user" + rlAssertGrep "Deleted user \"$pki_user\"" "$TmpDir/pki-user-del-user-ca-2_1.out" #Delete temporary directory rlRun "popd" diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh index 9c3f873d2..76f40cabc 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh @@ -73,13 +73,13 @@ run_pki-user-cli-user-add-ca_tests(){ SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) untrusted_cert_nickname=role_user_UTCA - rlPhaseStartSetup "pki_user_cli_user_add-ca-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd + lPhaseStartSetup "pki_user_cli_user_add-ca-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd - rlPhaseStartTest "pki_user_cli-configtest: pki user --help configuration test" - rlRun "pki user --help > $TmpDir/pki_user_cfg.out 2>&1" \ + rlPhaseStartTest "pki_user_cli-configtest: pki user --help configuration test" + rlRun "pki user --help > $TmpDir/pki_user_cfg.out 2>&1" \ 0 \ "pki user --help" rlAssertGrep "user-find Find users" "$TmpDir/pki_user_cfg.out" @@ -90,7 +90,7 @@ run_pki-user-cli-user-add-ca_tests(){ rlAssertGrep "user-cert User certificate management commands" "$TmpDir/pki_user_cfg.out" rlAssertGrep "user-membership User membership management commands" "$TmpDir/pki_user_cfg.out" rlAssertNotGrep "Error: Invalid module \"user---help\"." "$TmpDir/pki_user_cfg.out" - rlPhaseEnd + rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-configtest: pki user-add configuration test" rlRun "pki user-add --help > $TmpDir/pki_user_add_cfg.out 2>&1" \ @@ -626,7 +626,7 @@ run_pki-user-cli-user-add-ca_tests(){ -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ user-add --fullName=test --type=\"Dummy Group\" u25 > $TmpDir/pki-user-add-ca-001_33.out 2>&1 " \ - 1 \ + 1,255 \ "Adding user using ${prefix}_adminV with --type Dummy Group" rlAssertNotGrep "Added user \"u25\"" "$TmpDir/pki-user-add-ca-001_33.out" rlAssertNotGrep "User ID: u25" "$TmpDir/pki-user-add-ca-001_33.out" @@ -644,21 +644,12 @@ run_pki-user-cli-user-add-ca_tests(){ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ user-add --fullName=\"New user\" $user1 > $TmpDir/pki-user-add-ca-002.out 2>&1 " - rlLog "Command=$command" expmsg="ConflictingOperationException: Entry already exists." rlRun "$command" 255 "Add duplicate user" rlAssertGrep "$expmsg" "$TmpDir/pki-user-add-ca-002.out" rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-035: Add a user to CA with -t option" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - -t ca \ - user-add --fullName=\"$user1fullname\" u22" - rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -674,14 +665,6 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-036: Add a user -- missing required option user id" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - -t ca \ - user-add --fullName=\"$user1fullname\" " - rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -702,7 +685,6 @@ run_pki-user-cli-user-add-ca_tests(){ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ -t ca \ user-add $user1 > $TmpDir/pki-user-add-ca-005.out 2>&1" - rlLog "Executing: $command" errmsg="Error: Missing required option: fullName" errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Add a user -- missing required option --fullName" @@ -759,19 +741,6 @@ run_pki-user-cli-user-add-ca_tests(){ user_password="admin2Password" phone="1234567890" state="NC" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - -t ca \ - user-add --fullName=\"$userfullname\" \ - --email $email \ - --password $user_password \ - --phone $phone \ - --state $state \ - $user" - rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -792,13 +761,6 @@ run_pki-user-cli-user-add-ca_tests(){ rlAssertGrep "Email: $email" "$TmpDir/pki-user-add-ca-006.out" rlAssertGrep "Phone: $phone" "$TmpDir/pki-user-add-ca-006.out" rlAssertGrep "State: $state" "$TmpDir/pki-user-add-ca-006.out" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - -t ca \ - group-member-add Administrators $user" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -849,12 +811,6 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseStartTest "pki_user_cli_user_add-CA-040: Add user with --password less than 8 characters" userpw="pass" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=\"$user1fullname\" --password=$userpw $user1 > $TmpDir/pki-user-add-ca-008.out 2>&1" expmsg="PKIException: The password must be at least 8 characters" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ @@ -870,12 +826,6 @@ run_pki-user-cli-user-add-ca_tests(){ ##### Tests to add users using revoked cert##### rlPhaseStartTest "pki_user_cli_user_add-CA-041: Should not be able to add user using a revoked cert CA_adminR" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n ${prefix}_adminR \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminR \ -c $CERTDB_DIR_PASSWORD \ @@ -888,12 +838,6 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-042: Should not be able to add user using a agent with revoked cert CA_agentR" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n ${prefix}_agentR \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_agentR \ -c $CERTDB_DIR_PASSWORD \ @@ -908,12 +852,6 @@ run_pki-user-cli-user-add-ca_tests(){ ##### Tests to add users using an agent user##### rlPhaseStartTest "pki_user_cli_user_add-CA-043: Should not be able to add user using a valid agent CA_agentV user" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n ${prefix}_agentV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_agentV \ -c $CERTDB_DIR_PASSWORD \ @@ -922,17 +860,11 @@ run_pki-user-cli-user-add-ca_tests(){ user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-agentV-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a agent cert" - rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-ca-agentV-002.out" + rlAssertGrep "ForbiddenException: Authorization Error" "$TmpDir/pki-user-add-ca-agentV-002.out" rlPhaseEnd ##### Tests to add users using CA_agentUTCA user's certificate will be issued by an untrusted CA ##### rlPhaseStartTest "pki_user_cli_user_add-CA-044: Should not be able to add user using a CA_agentUTCA user" - rlLog "Executing: pki -d $UNTRUSTED_CERT_DB_LOCATION \ - -n $untrusted_cert_nickname \ - -c $UNTRUSTED_CERT_DB_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $UNTRUSTED_CERT_DB_LOCATION \ -n $untrusted_cert_nickname \ -c $UNTRUSTED_CERT_DB_PASSWORD \ @@ -1015,12 +947,6 @@ run_pki-user-cli-user-add-ca_tests(){ ##### Tests to add users using operator user### rlPhaseStartTest "pki_user_cli_user_add-CA-048: Should not be able to add user using a CA_operatorV" - rlLog "Executing: pki -d $CERTDB_DIR \ - -n ${prefix}_operatorV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=\"$user1fullname\" $user1" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_operatorV \ -c $CERTDB_DIR_PASSWORD \ @@ -1029,7 +955,7 @@ run_pki-user-cli-user-add-ca_tests(){ user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-operatorV-002.out 2>&1" \ 255 \ "Should not be able to add user $user1 using a operator cert" - rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki-user-add-ca-operatorV-002.out" + rlAssertGrep "ForbiddenException: Authorization Error" "$TmpDir/pki-user-add-ca-operatorV-002.out" rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-049: Should not be able to add user using a cert created from a untrusted CA CA_adminUTCA" @@ -1039,17 +965,14 @@ run_pki-user-cli-user-add-ca_tests(){ -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ user-add --fullName=\"$user1fullname\" $user1" - echo "spawn -noecho pki -d $UNTRUSTED_CERT_DB_LOCATION -n $untrusted_cert_nickname -c $UNTRUSTED_CERT_DB_PASSWORD -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) user-add --fullName=\"$user1fullname\" $user1" > $TmpDir/pki-user-add-ca-adminUTCA-002.out - echo "expect \"WARNING: UNTRUSTED ISSUER encountered on 'CN=$HOSTNAME,O=$(eval echo \$${prefix}_DOMAIN) Security Domain' indicates a non-trusted CA cert 'CN=CA Signing Certificate,O=$(eval echo \$${prefix}_DOMAIN) Security Domain' -Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out - echo "send -- \"Y\r\"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out - echo "expect \"CA server URI \[http://$HOSTNAME:8080/ca\]: \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out - echo "send -- \"http://$HOSTNAME:$(eval echo \$${prefix}_UNSECURE_PORT)/ca\r\"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out - echo "expect eof" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out - echo "catch wait result" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out - echo "exit [lindex \$result 3]" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out - rlRun "/usr/bin/expect -f $TmpDir/pki-user-add-ca-adminUTCA-002.out > $TmpDir/pki-user-add-ca-adminUTCA-003.out 2>&1" 1,255 "Should not be able to add $user using a untrusted cert" - + rlRun "pki -d $UNTRUSTED_CERT_DB_LOCATION \ + -n $untrusted_cert_nickname \ + -c $UNTRUSTED_CERT_DB_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + user-add --fullName=\"$user1fullname\" $user1 > $TmpDir/pki-user-add-ca-adminUTCA-003.out 2>&1" \ + 255 \ + "Should not be able to add user $user1 using a untrusted cert" rlAssertGrep "PKIException: Unauthorized" "$TmpDir/pki-user-add-ca-adminUTCA-003.out" rlPhaseEnd @@ -1077,12 +1000,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-051: fullname with i18n characters" rlLog "user-add fullname Örjan Äke with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName='Örjan Äke' u26" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1098,12 +1015,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-052: fullname with i18n characters" rlLog "user-add fullname Éric Têko with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName='Éric Têko' u27" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1119,12 +1030,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-053: fullname with i18n characters" rlLog "user-add fullname éénentwintig dvidešimt with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName='éénentwintig dvidešimt' u28" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1136,12 +1041,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlAssertGrep "Added user \"u28\"" "$TmpDir/pki-user-add-ca-001_53.out" rlAssertGrep "Full name: éénentwintig dvidešimt" "$TmpDir/pki-user-add-ca-001_53.out" rlAssertGrep "User ID: u28" "$TmpDir/pki-user-add-ca-001_53.out" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-show u28" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1156,12 +1055,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-054: fullname with i18n characters" rlLog "user-add fullname kakskümmend üks with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName='kakskümmend üks' u29" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1186,12 +1079,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-055: fullname with i18n characters" rlLog "user-add fullname двадцять один тридцять with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName='двадцять один тридцять' u30" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1222,26 +1109,16 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ user-add --fullName=test 'ÖrjanÄke'" - rlRun "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=test 'ÖrjanÄke' > $TmpDir/pki-user-add-ca-001_56.out 2>&1" \ - 0 \ - "Adding uid ÖrjanÄke with i18n characters" - rlAssertGrep "Added user \"ÖrjanÄke\"" "$TmpDir/pki-user-add-ca-001_56.out" - rlAssertGrep "User ID: ÖrjanÄke" "$TmpDir/pki-user-add-ca-001_56.out" - rlRun "pki -d $CERTDB_DIR \ + command="pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-show 'ÖrjanÄke' > $TmpDir/pki-user-add-ca-001_56_2.out" \ - 0 \ - "Show user 'ÖrjanÄke'" - rlAssertGrep "User \"ÖrjanÄke\"" "$TmpDir/pki-user-add-ca-001_56_2.out" - rlAssertGrep "User ID: ÖrjanÄke" "$TmpDir/pki-user-add-ca-001_56_2.out" + user-add --fullName=test 'ÖrjanÄke'" + errmsg="IncorrectUserIdException" + errorcode=255 + rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Adding uid ÖrjanÄke with i18n characters" + rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-057: userid with i18n characters" @@ -1252,33 +1129,23 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ user-add --fullName=test 'ÉricTêko'" - rlRun "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=test 'ÉricTêko' > $TmpDir/pki-user-add-ca-001_57.out 2>&1" \ - 0 \ - "Adding user id ÉricTêko with i18n characters" - rlAssertGrep "Added user \"ÉricTêko\"" "$TmpDir/pki-user-add-ca-001_57.out" - rlAssertGrep "User ID: ÉricTêko" "$TmpDir/pki-user-add-ca-001_57.out" - rlRun "pki -d $CERTDB_DIR \ + command="pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-show 'ÉricTêko' > $TmpDir/pki-user-add-ca-001_57_2.out" \ - 0 \ - "Show user 'ÉricTêko'" - rlAssertGrep "User \"ÉricTêko\"" "$TmpDir/pki-user-add-ca-001_57_2.out" - rlAssertGrep "User ID: ÉricTêko" "$TmpDir/pki-user-add-ca-001_57_2.out" + user-add --fullName=test 'ÉricTêko'" + errmsg="IncorrectUserIdException" + errorcode=255 + rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Adding user id ÉricTêko with i18n characters" + rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-058: email address with i18n characters" rlLog "user-add email address negyvenkettő@qetestsdomain.com with i18n characters" command="pki -d $CERTDB_DIR -n ${prefix}_adminV -c $CERTDB_DIR_PASSWORD -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) user-add --fullName=test --email='negyvenkettő@qetestsdomain.com' u31" rlLog "Executing $command" - errmsg="PKIException: Unable to add user" + errmsg="IncorrectPasswordException: Incorrect client security database password." errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Adding email negyvenkettő@qetestsdomain.com with i18n characters" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" @@ -1288,7 +1155,7 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlLog "user-add email address četrdesmitdivi@qetestsdomain.com with i18n characters" command="pki -d $CERTDB_DIR -n ${prefix}_adminV -c $CERTDB_DIR_PASSWORD -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) user-add --fullName=test --email='četrdesmitdivi@qetestsdomain.com' u32" rlLog "Executing $command" - errmsg="PKIException: Unable to add user" + errmsg="IncorrectPasswordException: Incorrect client security database password." errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Adding email četrdesmitdivi@qetestsdomain.com with i18n characters" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" @@ -1296,12 +1163,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-060: password with i18n characters" rlLog "user-add password šimtaskolmkümmend with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=test --password='šimtaskolmkümmend' u31" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1324,12 +1185,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-061: password with i18n characters" rlLog "user-add password двадцяттридцять with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=test --password='двадцяттридцять' u32" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1352,12 +1207,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-062: type with i18n characters" rlLog "user-add type tjugo-tvåhetvenhét with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=test --type='tjugo-tvåhetvenhét' u33" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1382,12 +1231,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-063: type with i18n characters" rlLog "user-add type мiльйонтридцять with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=test --type='мiльйонтридцять' u34" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1412,12 +1255,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-064: state with i18n characters" rlLog "user-add state čå with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=test --state='čå' u35" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1442,12 +1279,6 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out rlPhaseStartTest "pki_user_cli_user_add-CA-065: state with i18n characters" rlLog "user-add state йč with i18n characters" - rlLog "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=test --state='йč' u36" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1478,9 +1309,9 @@ Import CA certificate (Y/n)? \"" >> $TmpDir/pki-user-add-ca-adminUTCA-002.out local valid_serialNumber local temp_out="$TmpDir/usercert-show.out" rlLog "create_cert_request $TEMP_NSS_DB Password pkcs10 rsa 2048 \"pki User1\" \"pkiUser1\" \ - \"pkiuser1@example.org\" \"Engineering\" \"Example.Inc\" "US" "--" "ret_reqstatus" "ret_requestid" "$SUBSYSTEM_HOST" "$(eval echo \$${subsystemId}_UNSECURE_PORT)"" 0 "Generating pkcs10 Certificate Request" + \"pkiuser1@example.org\" \"Engineering\" \"Example.Inc\" \"US\" \"--\" \"ret_reqstatus\" \"ret_requestid\" \"$SUBSYSTEM_HOST\" \"$(eval echo \$${subsystemId}_UNSECURE_PORT)\" " 0 "Generating pkcs10 Certificate Request" rlRun "create_cert_request $TEMP_NSS_DB Password pkcs10 rsa 2048 \"pki User1\" \"pkiUser1\" \ - \"pkiuser1@example.org\" \"Engineering\" \"Example.Inc\" "US" "--" "ret_reqstatus" "ret_requestid" "$SUBSYSTEM_HOST" "$(eval echo \$${subsystemId}_UNSECURE_PORT)"" 0 "Generating pkcs10 Certificate Request" + \"pkiuser1@example.org\" \"Engineering\" \"Example.Inc\" \"US\" \"--\" \"ret_reqstatus\" \"ret_requestid\" \"$SUBSYSTEM_HOST\" \"$(eval echo \$${subsystemId}_UNSECURE_PORT)\" " 0 "Generating pkcs10 Certificate Request" rlLog "pki -d $CERTDB_DIR -c $CERTDB_DIR_PASSWORD -n \"${prefix}_agentV\" -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-cert-request-review $ret_requestid \ --action approve 1" rlRun "pki -d $CERTDB_DIR -c $CERTDB_DIR_PASSWORD -n \"${prefix}_agentV\" -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-cert-request-review $ret_requestid \ @@ -1512,6 +1343,59 @@ Import CA certificate (Y/n)? \"" >> $expfile rlRun "/usr/bin/expect -f $expfile > $TmpDir/pki-user-add-ca-pkiUser1-002.out 2>&1" 255 "Should not be able to add users using a user cert" rlAssertGrep "PKIException: Unauthorized" "$TmpDir/pki-user-add-ca-pkiUser1-002.out" rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-067: Should not be able to add user using Normal user credential" + local pki_user="idm1_user_1" + local pki_user_fullName="Idm1 User 1" + local pki_pwd="Secret123" + rlLog "Create user $pki_user" + rlRun "pki -d $CERTDB_DIR \ + -n \"${prefix}_adminV\" \ + -c $CERTDB_DIR_PASSWORD -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + user-add $pki_user \ + --fullName \"$pki_user_fullName\" \ + --password $pki_pwd" 0 "Create $pki_user User" + local TEMP_NSS_DB="$TmpDir/nssdb" + rlLog "Executing: pki -d $CERTDB_DIR \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -u $pki_user \ + -w $pki_pwd \ + user-add --fullName=test_user u39" + command="pki -d $CERTDB_DIR \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -u $pki_user \ + -w $pki_pwd \ + user-add --fullName=test_user u39" + errmsg="ForbiddenException: Authentication method not allowed." + errorcode=255 + rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Adding user using Normal user credential" + rlPhaseEnd + + rlPhaseStartTest "pki_user_cli_user_add-CA-068: Should not be able to add user using invalid user credential" + local invalid_pki_user=test1 + local invalid_pki_user_pwd=Secret123 + rlLog "Executing: pki -d $CERTDB_DIR \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -u $invalid_pki_user \ + -w $invalid_pki_user_pwd \ + user-add --fullName=test_user u39" + command="pki -d $CERTDB_DIR \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -u $invalid_pki_user \ + -w $invalid_pki_user_pwd \ + user-add --fullName=test_user u39" + errmsg="PKIException: Unauthorized" + errorcode=255 + rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Adding user using Normal user credential" + rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_cleanup: Deleting users" @@ -1550,29 +1434,20 @@ Import CA certificate (Y/n)? \"" >> $expfile fi let j=$j+1 done - #===Deleting i18n users created using ${prefix}_adminV cert===# + #Deleting user idm_user_1 + local pki_user="idm1_user_1" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-del 'ÖrjanÄke' > $TmpDir/pki-user-del-ca-user-i18n_1.out" \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + user-del $pki_user > $TmpDir/pki-user-del-user-ca-2_1.out" \ 0 \ - "Deleted user ÖrjanÄke" - rlAssertGrep "Deleted user \"ÖrjanÄke\"" "$TmpDir/pki-user-del-ca-user-i18n_1.out" - - rlRun "pki -d $CERTDB_DIR \ - -n ${prefix}_adminV \ - -c $CERTDB_DIR_PASSWORD \ - -h $SUBSYSTEM_HOST \ - -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-del 'ÉricTêko' > $TmpDir/pki-user-del-ca-user-i18n_2.out" \ - 0 \ - "Deleted user ÉricTêko" - rlAssertGrep "Deleted user \"ÉricTêko\"" "$TmpDir/pki-user-del-ca-user-i18n_2.out" + "Deleted user $pki_user" + rlAssertGrep "Deleted user \"$pki_user\"" "$TmpDir/pki-user-del-user-ca-2_1.out" #Delete temporary directory rlRun "popd" - #rlRun "rm -r $TmpDir" 0 "Removing tmp directory" + rlRun "rm -r $TmpDir" 0 "Removing tmp directory" rlPhaseEnd } |