diff options
| author | Asha Akkiangady <aakkiang@redhat.com> | 2014-12-06 08:13:56 -0500 |
|---|---|---|
| committer | Asha Akkiangady <aakkiang@redhat.com> | 2014-12-06 08:19:26 -0500 |
| commit | 713f1840695c684a63898e29524946c01f1d55a0 (patch) | |
| tree | 744e1f2738b54978e49abd03ef2095a8c8889c16 /tests | |
| parent | 7ed1c2e78f7531821c7e5a998b97ee1b7fb6b5a8 (diff) | |
| download | pki-713f1840695c684a63898e29524946c01f1d55a0.tar.gz pki-713f1840695c684a63898e29524946c01f1d55a0.tar.xz pki-713f1840695c684a63898e29524946c01f1d55a0.zip | |
CLI user-add and ca-user-add tests modified
to have random strings generated with openssl
rand and $RANDOM.
Diffstat (limited to 'tests')
15 files changed, 700 insertions, 71 deletions
diff --git a/tests/dogtag/Makefile b/tests/dogtag/Makefile index b7edfc77c..c8d3984c7 100755 --- a/tests/dogtag/Makefile +++ b/tests/dogtag/Makefile @@ -243,6 +243,9 @@ build: $(BUILT_FILES) chmod a+x ./acceptance/cli-tests/pki-ca-profile-cli/pki-ca-profile-cli-find.sh chmod a+x ./acceptance/cli-tests/pki-ca-profile-cli/pki-ca-profile-cli-add.sh chmod a+x ./acceptance/cli-tests/pki-ca-profile-cli/pki-ca-profile-cli-mod.sh + # Legacy tests + chmod a+x ./acceptance/legacy/ca-tests/usergroups/pki-ca-usergroups.sh + # bug verifications chmod a+x ./acceptance/bugzilla/tomcatjss-bugs/bug-1058366.sh chmod a+x ./acceptance/bugzilla/tomcatjss-bugs/bug-1084224.sh diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh index 5b2e0365f..f59a31189 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh @@ -121,7 +121,7 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-002: Maximum length of user id" - user2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + user2=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -216,7 +216,7 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-008:--email with maximum length" - email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + email=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -238,7 +238,9 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-009:--email with maximum length and symbols" - email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + email=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + email=$email$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -320,7 +322,7 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-014:--state with maximum length" - state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + state=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -342,7 +344,9 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-015:--state with maximum length and symbols" - state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + state=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + state=$state$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -424,7 +428,14 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-020:--phone with maximum length" - phone=`cat /dev/urandom | tr -dc '0-9' | fold -w 2048 | head -n 1` + phone=`$RANDOM` + stringlength=0 + while [[ $stringlength -lt 2049 ]] ; do + phone="$phone$RANDOM" + stringlength=`echo $phone | wc -m` + done + phone=`echo $phone | cut -c1-2047` + rlLog "phone=$phone" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -440,7 +451,9 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-021:--phone with maximum length and symbols" - phone=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + phone=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + phone=$state$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -954,7 +967,7 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_add-050: user id length exceeds maximum limit defined in the schema" - user_length_exceed_max=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10000 | head -n 1` + user_length_exceed_max=$(openssl rand -base64 80000 | strings | grep -io [[:alnum:]] | head -n 10000 | tr -d '\n') rlLog "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1439,3 +1452,4 @@ Import CA certificate (Y/n)? \"" >> $expfile rlRun "rm -r $TmpDir" 0 "Removing tmp directory" rlPhaseEnd } + diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-del.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-del.sh index 64927e732..cdf219a3b 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-del.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-del.sh @@ -196,7 +196,7 @@ run_pki-ca-user-cli-ca-user-del_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_del-006: Maximum length of user id" - user2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + user2=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -227,7 +227,9 @@ run_pki-ca-user-cli-ca-user-del_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_del-007: userid with maximum length and symbols" - userid=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + userid=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + userid=$userid$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -676,4 +678,3 @@ Import CA certificate (Y/n)? \"" >> $expfile rlRun "rm -r $TmpDir" 0 "Removing tmp directory" rlPhaseEnd } - diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-find.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-find.sh index 08327cfa6..68738b185 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-find.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-find.sh @@ -162,7 +162,8 @@ run_pki-ca-user-cli-ca-user-find_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_find-006: Find all users, --size with maximum possible value as input" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 9 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:9} rlLog "pki -d $CERTDB_DIR \ -n \"${prefix}_adminV\" \ -c $CERTDB_DIR_PASSWORD \ @@ -188,7 +189,8 @@ run_pki-ca-user-cli-ca-user-find_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_find-007: Find all users, --size more than maximum possible value" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 11 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:12} rlLog "pki -d $CERTDB_DIR \ -n \"${prefix}_adminV\" \ -c $CERTDB_DIR_PASSWORD \ @@ -287,7 +289,8 @@ run_pki-ca-user-cli-ca-user-find_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_find-013: Find users, --start with maximum possible input" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 9 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:9} rlLog "pki -d $CERTDB_DIR \ -n \"${prefix}_adminV\" \ -c $CERTDB_DIR_PASSWORD \ @@ -306,7 +309,8 @@ run_pki-ca-user-cli-ca-user-find_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_find-014: Find users, --start with more than maximum possible input" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 11 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:12} rlLog "pki -d $CERTDB_DIR \ -n \"${prefix}_adminV\" \ -c $CERTDB_DIR_PASSWORD \ @@ -636,8 +640,8 @@ Import CA certificate (Y/n)? \"" >> $expfile rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_find-031: find users when user fullname has i18n characters" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 5 | head -n 1` - rlLog "ca-user-add user fullnamr ÖrjanÄke with i18n characters" + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:5} rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -665,7 +669,8 @@ Import CA certificate (Y/n)? \"" >> $expfile rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_find-032: find users when user fullname has i18n characters" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 5 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:5} rlLog "ca-user-add userid ÉricTêko with i18n characters" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-find.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-find.sh index 791a89bed..8dbf4c72b 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-find.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-find.sh @@ -465,7 +465,8 @@ run_pki-ca-user-cli-ca-user-membership-find_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-find-020: Find user-membership with --size more than maximum possible value" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 11 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:12} rlLog "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -484,7 +485,8 @@ run_pki-ca-user-cli-ca-user-membership-find_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-find-021: Find user-membership with --start more than maximum possible value" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 11 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:12} rlLog "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-show.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-show.sh index c6d96743a..06a695d37 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-show.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-show.sh @@ -126,7 +126,7 @@ run_pki-ca-user-cli-ca-user-show_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_user_show-002: maximum length of user id" - user2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + user2=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -266,7 +266,7 @@ run_pki-ca-user-cli-ca-user-show_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_user_show-008: --email with maximum length" - email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + email=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -296,7 +296,9 @@ run_pki-ca-user-cli-ca-user-show_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_user_show-009: --email with maximum length and symbols" - email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + email=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + email=$email$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -418,7 +420,7 @@ run_pki-ca-user-cli-ca-user-show_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_user_show-014: --state with maximum length" - state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + state=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -448,7 +450,9 @@ run_pki-ca-user-cli-ca-user-show_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_user_show-015: --state with maximum length and symbols" - state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + state=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + state=$state$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -571,7 +575,14 @@ run_pki-ca-user-cli-ca-user-show_tests(){ #https://www.redhat.com/archives/pki-users/2010-February/msg00015.html rlPhaseStartTest "pki_ca_user_cli_user_show-020: --phone with maximum length" - phone=`cat /dev/urandom | tr -dc '0-9' | fold -w 2048 | head -n 1` + phone=`$RANDOM` + stringlength=0 + while [[ $stringlength -lt 2049 ]] ; do + phone="$phone$RANDOM" + stringlength=`echo $phone | wc -m` + done + phone=`echo $phone | cut -c1-2047` + rlLog "phone=$phone" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1006,7 +1017,7 @@ Import CA certificate (Y/n)? \"" >> $expfile rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_user_show-043: user id length exceeds maximum limit defined in the schema" - user_length_exceed_max=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10000 | head -n 1` + user_length_exceed_max=$(openssl rand -base64 10000 | strings | tr -d '\n') rlLog "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-tests-setup/create-role-users.sh b/tests/dogtag/acceptance/cli-tests/pki-tests-setup/create-role-users.sh index 27f2f09ef..b1ff3d2f3 100644 --- a/tests/dogtag/acceptance/cli-tests/pki-tests-setup/create-role-users.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-tests-setup/create-role-users.sh @@ -132,7 +132,7 @@ export ${subsystemId}_adminV_user ${subsystemId}_adminR_user ${subsystemId}_admi -h $SUBSYSTEM_HOST \ -t $SUBSYSTEM_TYPE \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - user-add --fullName=\"$userfullName\" $userid" --password $userpasswd + user-add --fullName=\"$userfullName\" --password $userpasswd $userid" rlRun "pki -d $CERTDB_DIR \ -n \"$admin_cert_nickname\" \ -c $CERTDB_DIR_PASSWORD \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh index c149083d1..a07556ab7 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh @@ -120,7 +120,8 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-002:maximum length of user id" - user2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + user2=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') + rlLog "user2=$user2" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -215,7 +216,7 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-008:--email with maximum length" - email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + email=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -237,7 +238,10 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-009:--email with maximum length and symbols" - email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + email=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + email=$email$specialcharacters + rlLog "email=$email" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -319,7 +323,7 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-014:--state with maximum length" - state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + state=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -341,7 +345,10 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-015:--state with maximum length and symbols" - state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + state=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + state=$state$specialcharacters + rlLog "state=$state" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -423,7 +430,14 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-020:--phone with maximum length" - phone=`cat /dev/urandom | tr -dc '0-9' | fold -w 2048 | head -n 1` + phone=`echo $RANDOM` + stringlength=0 + while [[ $stringlength -lt 2049 ]] ; do + phone="$phone$RANDOM" + stringlength=`echo $phone | wc -m` + done + phone=`echo $phone | cut -c1-2047` + rlLog "phone=$phone" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -439,7 +453,9 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-021:--phone with maximum length and symbols" - phone=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + phone=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + phone=$state$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -973,7 +989,7 @@ run_pki-user-cli-user-add-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_add-CA-050: user id length exceeds maximum limit defined in the schema" - user_length_exceed_max=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10000 | head -n 1` + user_length_exceed_max=$(openssl rand -base64 80000 | strings | grep -io [[:alnum:]] | head -n 10000 | tr -d '\n') rlLog "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-del-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-del-ca.sh index 7fcc4b26f..f13bbd35b 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-del-ca.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-del-ca.sh @@ -196,7 +196,7 @@ run_pki-user-cli-user-del-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_del-CA-006: Maximum length of user id" - user2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + user2=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -227,7 +227,9 @@ run_pki-user-cli-user-del-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_del-CA-007: userid with maximum length and symbols" - userid=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + userid=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + userid=$userid$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-find-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-find-ca.sh index 273675ceb..30d1104c9 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-find-ca.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-find-ca.sh @@ -164,7 +164,8 @@ run_pki-user-cli-user-find-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_find-ca-006: Find all users, --size with maximum possible value as input" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 9 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:9} rlLog "pki -d $CERTDB_DIR \ -n \"${prefix}_adminV\" \ -c $CERTDB_DIR_PASSWORD \ @@ -190,7 +191,8 @@ run_pki-user-cli-user-find-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_find-ca-007: Find all users, --size more than maximum possible value" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 11 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:12} rlLog "pki -d $CERTDB_DIR \ -n \"${prefix}_adminV\" \ -c $CERTDB_DIR_PASSWORD \ @@ -289,7 +291,8 @@ run_pki-user-cli-user-find-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_find-ca-013: Find users, --start with maximum possible input" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 9 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:9} rlLog "pki -d $CERTDB_DIR \ -n \"${prefix}_adminV\" \ -c $CERTDB_DIR_PASSWORD \ @@ -308,7 +311,8 @@ run_pki-user-cli-user-find-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_find-ca-014: Find users, --start with more than maximum possible input" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 11 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:12} rlLog "pki -d $CERTDB_DIR \ -n \"${prefix}_adminV\" \ -c $CERTDB_DIR_PASSWORD \ @@ -638,7 +642,8 @@ Import CA certificate (Y/n)? \"" >> $expfile rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_find-ca-031: find users when user fullname has i18n characters" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 5 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:5} rlLog "user-add user fullname ÖrjanÄke with i18n characters" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ @@ -667,7 +672,8 @@ Import CA certificate (Y/n)? \"" >> $expfile rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_find-ca-032: find users when user fullname has i18n characters" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 5 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:5} rlLog "user-add user fullname ÉricTêko with i18n characters" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ @@ -731,4 +737,3 @@ Import CA certificate (Y/n)? \"" >> $expfile rlRun "rm -r $TmpDir" 0 "Removing tmp directory" rlPhaseEnd } - diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-membership-find-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-membership-find-ca.sh index 932680860..e68a45d6a 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-membership-find-ca.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-membership-find-ca.sh @@ -465,7 +465,8 @@ run_pki-user-cli-user-membership-find-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_membership-find-CA-020: Find user-membership with --size more than maximum possible value" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 11 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:12} rlLog "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -484,7 +485,8 @@ run_pki-user-cli-user-membership-find-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_membership-find-CA-021: Find user-membership with --start more than maximum possible value" - maximum_check=`cat /dev/urandom | tr -dc '0-9' | fold -w 11 | head -n 1` + maximum_check=$(echo $RANDOM$RANDOM$RANDOM$RANDOM) + maximum_check=${maximum_check:1:12} rlLog "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -628,7 +630,7 @@ run_pki-user-cli-user-membership-find-ca_tests(){ user-membership-find u15 > $TmpDir/pki-user-membership-find-groupadd-find-ca-031_3.out" \ 0 \ "Find user-membership with group \"dadministʁasjɔ̃\"" - rlAssertGrep "1 entrieus matched" "$TmpDir/pki-user-membership-find-groupadd-find-ca-031_3.out" + rlAssertGrep "1 entries matched" "$TmpDir/pki-user-membership-find-groupadd-find-ca-031_3.out" rlAssertGrep "Group: dadministʁasjɔ̃" "$TmpDir/pki-user-membership-find-groupadd-find-ca-031_3.out" rlPhaseEnd diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-show-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-show-ca.sh index a76287fc3..37baae890 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-show-ca.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-show-ca.sh @@ -126,7 +126,7 @@ run_pki-user-cli-user-show-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_show-CA-002: maximum length of user id" - user2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + user2=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -266,7 +266,7 @@ run_pki-user-cli-user-show-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_show-CA-008: --email with maximum length" - email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + email=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -296,7 +296,9 @@ run_pki-user-cli-user-show-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_show-CA-009: --email with maximum length and symbols" - email=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + email=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + email=$email$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -418,7 +420,7 @@ run_pki-user-cli-user-show-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_show-CA-014: --state with maximum length" - state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 2048 | head -n 1` + state=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2047 | tr -d '\n') rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -448,7 +450,9 @@ run_pki-user-cli-user-show-ca_tests(){ rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_show-CA-015: --state with maximum length and symbols" - state=`cat /dev/urandom | tr -dc 'a-zA-Z0-9!?@~#*^_+$' | fold -w 2048 | head -n 1` + specialcharacters="!?@~#*^_+$" + state=$(openssl rand -base64 30000 | strings | grep -io [[:alnum:]] | head -n 2037 | tr -d '\n') + state=$state$specialcharacters rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -571,7 +575,14 @@ run_pki-user-cli-user-show-ca_tests(){ #https://www.redhat.com/archives/pki-users/2010-February/msg00015.html rlPhaseStartTest "pki_user_cli_user_show-CA-020: --phone with maximum length" - phone=`cat /dev/urandom | tr -dc '0-9' | fold -w 2048 | head -n 1` + phone=`echo $RANDOM` + stringlength=0 + while [[ $stringlength -lt 2049 ]] ; do + phone="$phone$RANDOM" + stringlength=`echo $phone | wc -m` + done + phone=`echo $phone | cut -c1-2047` + rlLog "phone=$phone" rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ @@ -1006,7 +1017,7 @@ Import CA certificate (Y/n)? \"" >> $expfile rlPhaseEnd rlPhaseStartTest "pki_user_cli_user_show-CA-043: user id length exceeds maximum limit defined in the schema" - user_length_exceed_max=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10000 | head -n 1` + user_length_exceed_max=$(openssl rand -base64 10000 | strings | tr -d '\n') rlLog "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ -c $CERTDB_DIR_PASSWORD \ diff --git a/tests/dogtag/acceptance/legacy/ca-tests/usergroups/pki-ca-usergroups.sh b/tests/dogtag/acceptance/legacy/ca-tests/usergroups/pki-ca-usergroups.sh new file mode 100644 index 000000000..314f24d1c --- /dev/null +++ b/tests/dogtag/acceptance/legacy/ca-tests/usergroups/pki-ca-usergroups.sh @@ -0,0 +1,545 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/rhcs/acceptance/legacy-tests/ca-tests +# Description: PKI CA user and group tests +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# The following pki commands needs to be tested: +# /ca/ug +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Author: Asha Akkiangady <aakkiang@redhat.com> +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/share/beakerlib/beakerlib.sh +. /opt/rhqa_pki/rhcs-shared.sh +. /opt/rhqa_pki/env.sh + +run_pki-legacy-ca-usergroup_tests() +{ + local subsystemId=$1 + local subsystemType=$2 + local csRole=$3 + local tomcat_name=$(eval echo \$${subsystemId}_TOMCAT_INSTANCE_NAME) + + # Creating Temporary Directory for pki ca-usergroup + rlPhaseStartSetup "pki ca usergroup Temporary Directory and disable nonce" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlLog "tomcat name=$tomcat_name" + disable_ca_nonce $tomcat_name + rlRun "export SSL_DIR=$CERTDB_DIR" + rlPhaseEnd + + # Local Variables + get_topo_stack $csRole $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + local ca_unsecure_port=$(eval echo \$${CA_INST}_UNSECURE_PORT) + local ca_secure_port=$(eval echo \$${CA_INST}_SECURE_PORT) + local ca_host=$(eval echo \$${csRole}) + local valid_agent_user=$CA_INST\_agentV + local valid_agent_user_password=$CA_INST\_agentV_password + local valid_admin_user=$CA_INST\_adminV + local valid_admin_user_password=$CA_INST\_adminV_password + local valid_audit_user=$CA_INST\_auditV + local valid_audit_user_password=$CA_INST\_auditV_password + local valid_operator_user=$CA_INST\_operatorV + local valid_operator_user_password=$CA_INST\_operatorV_password + local valid_agent_cert=$CA_INST\_agentV + local TEMP_NSS_DB="$TmpDir/nssdb" + local TEMP_NSS_DB_PWD="redhat" + local ca_admin_user=$(eval echo \$${subsystemId}_ADMIN_USER) + local rand=$RANDOM + local tmp_junk_data=$(openssl rand -base64 50 | perl -p -e 's/\n//') + local TEMP_NSS_DB="$TmpDir/nssdb" + local TEMP_NSS_DB_PWD="redhat" + + rlPhaseStartTest "pki_ca_usergroup-001: Valid CA admin add users" + local userid="ug02" + local fullname=$userid + local password="password$userid" + local email="$userid@redhat.com" + local phone="12345" + local state="CA" + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_001.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_001.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_001_2.txt" 0 "Add user $userid to $CA_INST" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_001.txt" + rlAssertNotGrep "Fail" "$TmpDir/ca_usergroup_001_2.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup-002: Valid CA admin list users" + local userid="ug02" + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=users\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=users\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_002_2.txt" 0 "List all CA user in $CA_INST" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_002.txt" + rlAssertGrep "$userid" "$TmpDir/ca_usergroup_002_2.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup-003: Valid CA admin edit users" + local userid="ug04" + local fullname=$userid + local password=password$userid + local email="$userid@redhat.com" + local phone="1234" + local state="CA" + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_003_2.txt" 0 "Add user $userid to $CA_INST" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_003.txt" + #Now edit user - phone number change + phone="4567" + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_003_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_003_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_003_002_2.txt" 0 "Modify user $userid to have a new phone number $phone" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_003_002.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup-004: Valid CA admin delete users" + local userid="ug05" + local fullname=$userid + local password="password$userid" + local email="$userid@redhat.com" + local phone="1234" + local state="CA" + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_004.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_004.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_004_2.txt" 0 "Add user $userid to $CA_INST" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_004.txt" + rlAssertNotGrep "Failed to add user" "$TmpDir/ca_usergroup_004_2.txt" + #Now delete user + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_004_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_DELETE&OP_SCOPE=users&RS_ID=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_004_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_DELETE&OP_SCOPE=users&RS_ID=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_004_002_2.txt" 0 "Delete user $userid" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_004_002.txt" + #Verify user is deleted + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_004_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=users\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_004_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=users\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_004_003_2.txt" 0 "List all CA user in $CA_INST" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_004_003.txt" + rlAssertNotGrep "$userid" "$TmpDir/ca_usergroup_004_003_2.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup-005: Valid CA admin view certs of users" + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_005.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_READ&OP_SCOPE=certs&RS_ID=$valid_admin_user\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_005.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_READ&OP_SCOPE=certs&RS_ID=$valid_admin_user\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_05_2.txt" 0 "View user $valid_admin_user certificate" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_005.txt" + rlRun "cat $TmpDir/ca_usergroup_05_2.txt | python -c 'import sys, urllib as ul; print ul.unquote(sys.stdin.read());' | sed 'y/+/ /' > $TmpDir/ca_usergroup_05_3.txt" + rlAssertGrep "BEGIN CERTIFICATE" "$TmpDir/ca_usergroup_05_3.txt" + rlAssertGrep "END CERTIFICATE" "$TmpDir/ca_usergroup_05_3.txt" + #view certificate of ca admin user + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_005_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_READ&OP_SCOPE=certs&RS_ID=$ca_admin_user\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_005_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_READ&OP_SCOPE=certs&RS_ID=$ca_admin_user\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_005_002_2.txt" 0 "View user $ca_admin_user certificate" + rlRun "cat $TmpDir/ca_usergroup_005_002_2.txt | python -c 'import sys, urllib as ul; print ul.unquote(sys.stdin.read());' | sed 'y/+/ /' > $TmpDir/ca_usergroup_005_002_3.txt" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_005_002.txt" + rlAssertGrep "BEGIN CERTIFICATE" "$TmpDir/ca_usergroup_005_002_3.txt" + rlAssertGrep "END CERTIFICATE" "$TmpDir/ca_usergroup_005_002_3.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup-006: Valid CA admin import certs into users" + local userid="ug06" + local fullname=$userid + local password=password$userid + local email="$userid@mail_domain.com" + local phone="1234" + local state="CA" + #Add a user + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_006.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=Administrators&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_006.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=Administrators&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_006_2.txt" 0 "Add user $userid to $CA_INST" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_006.txt" + rlAssertNotGrep "Failed to add user" "$TmpDir/ca_usergroup_006_2.txt" + #Create a certificate request + local profile_id="caUserCert" + local request_type="crmf" + local request_key_size=2048 + local request_key_type="rsa" + + rlRun "create_new_cert_request \ + tmp_nss_db:$TEMP_NSS_DB \ + tmp_nss_db_password:$TEMP_NSS_DB_PWD \ + request_type:$request_type \ + request_algo:$request_key_type \ + request_size:$request_key_size \ + subject_cn:$userid \ + subject_uid:$userid \ + subject_email:$email \ + subject_ou:IDM \ + subject_organization:Redhat \ + subject_country:US \ + subject_archive:false \ + cert_request_file:$TEMP_NSS_DB/$rand-request.pem \ + cert_subject_file:$TEMP_NSS_DB/$rand-subject.out" + rlRun "cat $TEMP_NSS_DB/$rand-request.pem | python -c 'import sys, urllib as ul; print ul.quote(sys.stdin.read());' > $TEMP_NSS_DB/$rand-encoded-request.pem" + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_006_002.txt \ + -d \"profileId=$profile_id&cert_request_type=$request_type&sn_uid=$userid&sn_cn=$userid&sn_e=$userid&sn_ou=IDM&sn_o=Redhat&sn_C=US&requestor_email=$email&requestor_phone=$phone&cert_request=$(cat -v $TEMP_NSS_DB/$rand-encoded-request.pem)\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ee/ca/profileSubmit\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_006_002.txt \ + -d \"profileId=$profile_id&cert_request_type=$request_type&sn_uid=$userid&sn_cn=$userid&sn_e=$userid&sn_ou=IDM&sn_o=Redhat&sn_C=US&requestor_email=$email&requestor_phone=$phone&cert_request=$(cat -v $TEMP_NSS_DB/$rand-encoded-request.pem)\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ee/ca/profileSubmit\" > $TmpDir/ca_usergroup_006_002_2.txt" 0 "Submit Certificare request" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_006_002.txt" + local request_id=$(cat -v $TmpDir/ca_usergroup_006_002_2.txt | grep 'requestList.requestId' | awk -F '=\"' '{print $2}' | awk -F '\";' '{print $1}') + rlLog "requestid=$request_id" + #Approve certificate request + local Second=`date +'%S' -d now` + local Minute=`date +'%M' -d now` + local Hour=`date +'%H' -d now` + local Day=`date +'%d' -d now` + local Month=`date +'%m' -d now` + local Year=`date +'%Y' -d now` + local start_year=$Year + let end_year=$Year+1 + local end_day="1" + local notBefore="$start_year-$Month-$Day $Hour:$Minute:$Second" + local notAfter="$end_year-$Month-$end_day $Hour:$Minute:$Second" + local cert_ext_exKeyUsageOIDs="1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4" + local cert_ext_subjAltNames="RFC822Name: " + rlLog "curl --cacert $CERTDB_DIR/ca_cert.pem \ + --dump-header $TmpDir/ca_usergroup_006_003.txt \ + -E $valid_agent_cert:$CERTDB_DIR_PASSWORD \ + -d \"requestId=$request_id&op=approve&submit=submit&name=UID=$userid¬Before=$notBefore¬After=$notAfter&authInfoAccessCritical=false&authInfoAccessGeneralNames=&keyUsageCritical=true&keyUsageDigitalSignature=true&keyUsageNonRepudiation=true&keyUsageKeyEncipherment=true&keyUsageDataEncipherment=false&keyUsageKeyAgreement=false&keyUsageKeyCertSign=false&keyUsageCrlSign=false&keyUsageEncipherOnly=false&keyUsageDecipherOnly=false&exKeyUsageCritical=false&exKeyUsageOIDs=$cert_ext_exKeyUsageOIDs&&subjAltNameExtCritical=false&subjAltNames=$cert_ext_subjAltNames&signingAlg=SHA1withRSA&requestNotes=submittingcertfor$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/agent/ca/profileProcess\"" + rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem \ + --dump-header $TmpDir/ca_usergroup_006_003.txt \ + -E $valid_agent_cert:$CERTDB_DIR_PASSWORD \ + -d \"requestId=$request_id&op=approve&submit=submit&name=UID=$userid¬Before=$notBefore¬After=$notAfter&authInfoAccessCritical=false&authInfoAccessGeneralNames=&keyUsageCritical=true&keyUsageDigitalSignature=true&keyUsageNonRepudiation=true&keyUsageKeyEncipherment=true&keyUsageDataEncipherment=false&keyUsageKeyAgreement=false&keyUsageKeyCertSign=false&keyUsageCrlSign=false&keyUsageEncipherOnly=false&keyUsageDecipherOnly=false&exKeyUsageCritical=false&exKeyUsageOIDs=$cert_ext_exKeyUsageOIDs&&subjAltNameExtCritical=false&subjAltNames=$cert_ext_subjAltNames&signingAlg=SHA1withRSA&requestNotes=submittingcertfor$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/agent/ca/profileProcess\" > $TmpDir/ca_usergroup_006_003_2.txt" 0 "Submit Certificare request" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_006_003.txt" + local serial_number=$(cat -v $TmpDir/ca_usergroup_006_003_2.txt | tr '\\n' '\n' | grep 'Serial Number' | awk -F 'Serial Number: ' '{print $2}') + rlLog "serial_number=$serial_number" + local certificate_in_base64=$(cat -v $TmpDir/ca_usergroup_006_003_2.txt | grep 'outputList.outputVal' | awk -F 'outputList.outputVal=\"' '{print $2}' | awk -F '-----BEGIN CERTIFICATE-----' '{print $2}' | sed '/^$/d' | sed 's/^\\n//'|sed -e 's/^/-----BEGIN CERTIFICATE-----/' | sed 's/-----END CERTIFICATE-----\\n\";/-----END CERTIFICATE-----/' | sed 's/\\r\\n//g') + rlLog "CERTIFICATE_IN_BASE64=$certificate_in_base64" + #Add certificate to user + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_006_004.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + --data \"OP_TYPE=OP_ADD&OP_SCOPE=certs&RS_ID=$userid\" \ + --data-urlencode \"cert=$certificate_in_base64\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_006_004.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + --data \"OP_TYPE=OP_ADD&OP_SCOPE=certs&RS_ID=$userid\" \ + --data-urlencode \"cert=$certificate_in_base64\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_006_004_2.txt" 0 "Add certificate serial_number $serial_number to $userid" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_006_004.txt" + #Make sure certificate got added to user + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_006_005.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_READ&OP_SCOPE=certs&RS_ID=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_006_005.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_READ&OP_SCOPE=certs&RS_ID=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_006_005_2.txt" 0 "Read certificate of $userid" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_006_005.txt" + rlRun "cat $TmpDir/ca_usergroup_006_005_2.txt | python -c 'import sys, urllib as ul; print ul.unquote(sys.stdin.read());' | sed 'y/+/ /' > $TmpDir/ca_usergroup_006_005_3.txt" + rlAssertGrep "-----BEGIN CERTIFICATE-----" "$TmpDir/ca_usergroup_006_005_3.txt" + rlAssertGrep "-----END CERTIFICATE-----" "$TmpDir/ca_usergroup_006_005_3.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup-007: Valid CA admin list groups" + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_007.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=groups\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_007.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=groups\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_007_2.txt" 0 "List groups" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_007.txt" + rlRun "cat $TmpDir/ca_usergroup_007_2.txt | python -c 'import sys, urllib as ul; print ul.unquote(sys.stdin.read());' | sed 'y/+/ /' > $TmpDir/ca_usergroup_007_3.txt" + rlAssertGrep "Administrators" "$TmpDir/ca_usergroup_007_3.txt" + rlAssertGrep "Certificate Manager Agents" "$TmpDir/ca_usergroup_007_3.txt" + rlAssertGrep "Trusted Managers" "$TmpDir/ca_usergroup_007_3.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup-008: Valid CA admin list groups" + local userid="ug08" + local fullname=$userid + local password=password$userid + local email="$userid@redhat.com" + local phone="1234" + local state="CA" + local groupid="group01" + local groupdesc="group01_desc" + #Add user + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_008.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_008.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_008_2.txt" 0 "Add user $userid to $CA_INST" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_008.txt" + rlAssertNotGrep "Failed to add user" "$TmpDir/ca_usergroup_008_2.txt" + #Add user to group + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_008_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=groups&RS_ID=$groupid&desc=$groupdesc&user=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_008_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=groups&RS_ID=$groupid&desc=$groupdesc&user=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_008_002_2.txt" 0 "Add group $groupid" + + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_008_002.txt" + #List group + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_008_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=groups\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_008_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=groups\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_008_003_2.txt" 0 "List groups" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_008_003.txt" + rlRun "cat $TmpDir/ca_usergroup_008_003_2.txt | python -c 'import sys, urllib as ul; print ul.unquote(sys.stdin.read());' | sed 'y/+/ /' > $TmpDir/ca_usergroup_008_003_3.txt" + rlAssertGrep "$groupid" "$TmpDir/ca_usergroup_008_003_3.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup-009: Valid CA admin delete group" + local groupid="group09" + local groupdesc="group09_desc" + #Add group + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_009.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=groups&RS_ID=$groupid&desc=$groupdesc&user=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_009.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=groups&RS_ID=$groupid&desc=$groupdesc&user=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_009_2.txt" 0 "Add group $groupid" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_009.txt" + rlAssertNotGrep "Failed to add group" "$TmpDir/ca_usergroup_009_2.txt" + #List group + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_009_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=groups\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_009_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=groups\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_009_002_2.txt" 0 "List groups" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_009_002.txt" + rlRun "cat $TmpDir/ca_usergroup_009_002_2.txt | python -c 'import sys, urllib as ul; print ul.unquote(sys.stdin.read());' | sed 'y/+/ /' > $TmpDir/ca_usergroup_009_002_3.txt" + rlAssertGrep "$groupid" "$TmpDir/ca_usergroup_009_002_3.txt" + #Delete group + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_009_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_DELETE&OP_SCOPE=groups&RS_ID=$groupid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_009_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_DELETE&OP_SCOPE=groups&RS_ID=$groupid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_009_003_2.txt" 0 "Delete group $groupid" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_009_003.txt" + #List group + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_009_004.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=groups\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_009_004.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=groups\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_009_004_2.txt" 0 "List groups" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_009_004.txt" + rlRun "cat $TmpDir/ca_usergroup_009_004_2.txt | python -c 'import sys, urllib as ul; print ul.unquote(sys.stdin.read());' | sed 'y/+/ /' > $TmpDir/ca_usergroup_009_004_3.txt" + rlAssertNotGrep "$groupid" "$TmpDir/ca_usergroup_009_004_3.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup-010: Valid CA admin edit groups" + local userid="ug10" + local fullname=$userid + local password=password$userid + local email="$userid@redhat.com" + local phone="1234" + local state="CA" + local groupid="group10" + local groupdesc="group10_desc" + #Add user + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_010.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_010.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=users&RS_ID=$userid&fullname=$fullname&password=$password&email=$email&phone=$phone&state=$state&groups=&userType=\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_010_2.txt" 0 "Add user $userid to $CA_INST" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_010.txt" + rlAssertNotGrep "Failed to add user" "$TmpDir/ca_usergroup_010_2.txt" + #Add user to group + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_010_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=groups&RS_ID=$groupid&desc=$groupdesc&user=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_010_002.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_ADD&OP_SCOPE=groups&RS_ID=$groupid&desc=$groupdesc&user=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_010_002_2.txt" 0 "Add group $groupid" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_010_002.txt" + rlAssertNotGrep "Failed to add group" "$TmpDir/ca_usergroup_010_002_2.txt" + #Edit group - change description + local groupdesc2="group10_desc_changed" + rlLog "curl --basic \ + --dump-header $TmpDir/ca_usergroup_010_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=groups&RS_ID=$groupid&desc=$groupdesc2&user=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\"" + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_010_003.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=groups&RS_ID=$groupid&desc=$groupdesc2&user=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_010_003_2.txt" 0 "Edit $groupid change desc $groupdesc2" + rlAssertGrep "HTTP/1.1 200 OK" "$TmpDir/ca_usergroup_010_003.txt" + rlPhaseEnd + + rlPhaseStartTest "pki_ca_usergroup_cleanup: Deleting users and groups" + local group=("group01" "group10") + i=0 + while [ $i -lt ${#group[@]} ] ; do + groupid=${group[$i]} + rlRun "curl --basic \ + --dump-header $TmpDir/ca_group_cleanup_$i.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_DELETE&OP_SCOPE=groups&RS_ID=$groupid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_group_cleanup_$i_2.txt" 0 "Delete group $groupid" + rlAssertNotGrep "Failed to add group" "$TmpDir/ca_usergroup_009_2.txt" + let i=$i+1 + done + + local user=("ug02" "ug04" "ug06:true" "ug08" "ug10") + i=0 + while [ $i -lt ${#user[@]} ] ; do + userid=${user[$i]} + rlRun "curl --basic \ + --dump-header $TmpDir/ca_usergroup_cleanup_$i.txt \ + -u $valid_admin_user:$valid_admin_user_password \ + -d \"OP_TYPE=OP_DELETE&OP_SCOPE=users&RS_ID=$userid\" \ + -k \"https://$ca_host:$ca_secure_port/ca/ug\" > $TmpDir/ca_usergroup_cleanup_$i_2.txt" 0 "Delete user $userid" + let i=$i+1 + done + + enable_ca_nonce $tomcat_name + rlPhaseEnd +} diff --git a/tests/dogtag/runtest.sh b/tests/dogtag/runtest.sh index 82ab4c245..718a4f1a6 100755 --- a/tests/dogtag/runtest.sh +++ b/tests/dogtag/runtest.sh @@ -176,6 +176,7 @@ . ./acceptance/cli-tests/pki-ca-profile-cli/pki-ca-profile-cli-find.sh . ./acceptance/cli-tests/pki-ca-profile-cli/pki-ca-profile-cli-add.sh . ./acceptance/cli-tests/pki-ca-profile-cli/pki-ca-profile-cli-mod.sh +. ./acceptance/legacy/ca-tests/usergroups/pki-ca-usergroups.sh . ./acceptance/bugzilla/bug_setup.sh . ./acceptance/bugzilla/bug_uninstall.sh . ./acceptance/bugzilla/tomcatjss-bugs/bug-1058366.sh @@ -1405,6 +1406,17 @@ rlJournalStart fi rlPhaseEnd + ######## LEGACY TESTS ############ + PKI_LEGACY_CA_USERGROUP_UPPERCASE=$(echo $PKI_LEGACY_CA_USERGROUP | tr [a-z] [A-Z]) + if [ "$PKI_LEGACY_CA_USERGROUP_UPPERCASE" = "TRUE" ] || [ "$TEST_ALL_UPPERCASE" = "TRUE" ] ; then + # Execute pki ca-usergroup-tests tests + subsystemId=$CA_INST + subsystemType=ca + rlLog "Subsystem ID CA=$CA_INST, MY_ROLE=$MYROLE" + run_pki-legacy-ca-usergroup_tests $subsystemId $subsystemType $MYROLE + fi + rlPhaseEnd + ######## DEV UNIT TESTS ############ DEV_JAVA_TESTS_UPPERCASE=$(echo $DEV_JAVA_TESTS | tr [a-z] [A-Z]) if [ "$DEV_JAVA_TESTS_UPPERCASE" = "TRUE" ] || [ "$TEST_ALL_UPPERCASE" = "TRUE" ] ; then diff --git a/tests/dogtag/shared/rhcs-shared.sh b/tests/dogtag/shared/rhcs-shared.sh index 9d3c300ad..45ffb678d 100755 --- a/tests/dogtag/shared/rhcs-shared.sh +++ b/tests/dogtag/shared/rhcs-shared.sh @@ -279,10 +279,10 @@ install_and_trust_KRA_cert(){ # # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ disable_ca_nonce(){ - local ca_server_root=$1 - local rc=0 - rlLog "Configuring ca.enableNonces=false ..." - ca_config_file="$ca_server_root/conf/CS.cfg" + local ca_tomcat_name=$1 + local rc=0 + rlLog "Configuring ca.enableNonces=false ..." + ca_config_file="/var/lib/pki/$ca_tomcat_name/ca/conf/CS.cfg" temp_file="$ca_config_file.temp" search_string="ca.enableNonces=true" replace_string="ca.enableNonces=false" @@ -291,11 +291,11 @@ disable_ca_nonce(){ chown pkiuser:pkiuser $ca_config_file cat $ca_config_file | grep $replace_string if [ $? -eq 0 ] ; then - rhcs_stop_instance - rhcs_start_instance + rhcs_stop_instance $ca_tomcat_name + rhcs_start_instance $ca_tomcat_name else - lLog "$ca_config_file did not get configured with $replace_string" - rc=1 + lLog "$ca_config_file did not get configured with $replace_string" + rc=1 fi return $rc } @@ -308,10 +308,10 @@ disable_ca_nonce(){ # # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ enable_ca_nonce(){ - local ca_server_root=$1 - local rc=0 + local ca_tomcat_name=$1 + local rc=0 rlLog "Configuring ca.enableNonces=true ..." - ca_config_file="$ca_server_root/conf/CS.cfg" + ca_config_file="/var/lib/pki/$ca_tomcat_name/ca/conf/CS.cfg" temp_file="$ca_config_file.temp" search_string="ca.enableNonces=false" replace_string="ca.enableNonces=true" @@ -320,13 +320,13 @@ enable_ca_nonce(){ chown pkiuser:pkiuser $ca_config_file cat $ca_config_file | grep $replace_string if [ $? -eq 0 ] ; then - rhcs_stop_instance - rhcs_start_instance + rhcs_stop_instance $ca_tomcat_name + rhcs_start_instance $ca_tomcat_name else - rlLog "$ca_config_file did not get configured with $replace_string" - rc=1 + rlLog "$ca_config_file did not get configured with $replace_string" + rc=1 fi - return $rc + return $rc } # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # |