diff options
36 files changed, 606 insertions, 410 deletions
diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh index f172cfe03..a9ad5315b 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-add.sh @@ -47,33 +47,33 @@ run_pki-ca-user-cli-ca-user-add_tests(){ subsystemId=$1 SUBSYSTEM_TYPE=$2 MYROLE=$3 - prefix=$subsystemId - ca_instance_created="False" - if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) - elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) - else - prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS - fi - else - prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) - fi - + rlPhaseStartSetup "pki_ca_user_cli_ca_user_add-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=ROOTCA + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi + else + prefix=$MYROLE + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi if [ "$ca_instance_created" = "TRUE" ] ; then SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) untrusted_cert_nickname=role_user_UTCA - rlPhaseStartSetup "pki_ca_user_cli_ca_user_add-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - rlPhaseStartTest "pki_ca_user_cli-configtest: pki ca-user --help configuration test" rlRun "pki ca-user --help > $TmpDir/pki_ca_user_cfg.out 2>&1" \ 0 \ @@ -1133,7 +1133,7 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlLog "ca-user-add email address negyvenkettő@qetestsdomain.com with i18n characters" command="pki -d $CERTDB_DIR -n ${prefix}_adminV -c $CERTDB_DIR_PASSWORD--h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-user-add --fullName=test --email='negyvenkettő@qetestsdomain.com' u31" rlLog "Executing $command" - errmsg="IncorrectPasswordException: Incorrect client security database password." + errmsg="Unsupported e-mail address characters" errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Adding email negyvenkettő@qetestsdomain.com with i18n characters" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" @@ -1143,7 +1143,7 @@ run_pki-ca-user-cli-ca-user-add_tests(){ rlLog "ca-user-add email address četrdesmitdivi@qetestsdomain.com with i18n characters" command="pki -d $CERTDB_DIR -n ${prefix}_adminV -c $CERTDB_DIR_PASSWORD-h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-user-add --fullName=test --email='četrdesmitdivi@qetestsdomain.com' u32" rlLog "Executing $command" - errmsg="IncorrectPasswordException: Incorrect client security database password." + errmsg="Unsupported e-mail address characters" errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Adding email četrdesmitdivi@qetestsdomain.com with i18n characters" rlPhaseEnd diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-add.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-add.sh index 1a3c9ead5..4eba42578 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-add.sh @@ -49,36 +49,38 @@ ######################################################################## run_pki-ca-user-cli-user-cert-add_tests(){ + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + + ##### Create a temporary directory to save output files and initializing host/port variables ##### + rlPhaseStartSetup "pki_user_cli_user_cert-add-ca-startup: Create temporary directory and initializing host/port variables" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -ca_instance_created="False" - -if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) -elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=ROOTCA + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi else - prefix=ROOTCA - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) + prefix=$MYROLE + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi -else - prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) -fi if [ "$ca_instance_created" = "TRUE" ] ; then CA_HOST=$(eval echo \$${MYROLE}) CA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) - ##### Create a temporary directory to save output files and initializing host/port variables ##### - rlPhaseStartSetup "pki_user_cli_user_cert-add-ca-startup: Create temporary directory and initializing host/port variables" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd local cert_info="$TmpDir/cert_info" user1=testuser1 diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-delete.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-delete.sh index 608d1671b..f74ac0394 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-delete.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-delete.sh @@ -49,37 +49,37 @@ ######################################################################## run_pki-ca-user-cli-ca-user-cert-delete_tests(){ + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + ##### Create temporary directory to save output files##### + rlPhaseStartSetup "pki_user_cli_user_cert-del-ca-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -ca_instance_created="False" - -if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) -elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=ROOTCA + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi else - prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS + prefix=$MYROLE + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi -else - prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) -fi if [ "$ca_instance_created" = "TRUE" ] ; then CA_HOST=$(eval echo \$${MYROLE}) CA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) - ##### Create temporary directory to save output files##### - rlPhaseStartSetup "pki_user_cli_user_cert-del-ca-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - user1=testuser1 user2=testuser2 user1fullname="Test user1" diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-find.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-find.sh index d6344ecd9..f6f4aae99 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-find.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-find.sh @@ -49,37 +49,38 @@ ######################################################################## run_pki-ca-user-cli-ca-user-cert-find_tests(){ - -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -ca_instance_created="False" -if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) -elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + #####Create temporary dir to save the output files##### + rlPhaseStartSetup "pki_user_cli_user_cert-find-ca-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=ROOTCA + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi else - prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS + prefix=$MYROLE + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi -else - prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) -fi if [ "$ca_instance_created" = "TRUE" ] ; then CA_HOST=$(eval echo \$${MYROLE}) CA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) - #####Create temporary dir to save the output files##### - rlPhaseStartSetup "pki_user_cli_user_cert-find-ca-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - user1=testuser1 user2=testuser2 user1fullname="Test user1" diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-show.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-show.sh index d993cf5da..0c038a3f9 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-show.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert-show.sh @@ -49,37 +49,38 @@ ######################################################################## run_pki-ca-user-cli-ca-user-cert-show_tests(){ + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + + ##### Create temporary directory to save output files ##### + rlPhaseStartSetup "pki_user_cli_user_cert-show-ca-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -ca_instance_created="False" -if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) -elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=ROOTCA + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi else - prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS + prefix=$MYROLE + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi -else - prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) -fi - if [ "$ca_instance_created" = "TRUE" ] ; then CA_HOST=$(eval echo \$${MYROLE}) CA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) - ##### Create temporary directory to save output files ##### - rlPhaseStartSetup "pki_user_cli_user_cert-show-ca-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - user1=testuser1 user2=testuser2 user1fullname="Test user1" diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert.sh index d8732d482..b85a66e24 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-cert.sh @@ -41,33 +41,35 @@ # pki ca-user-cert ran without any options should show all the command line options of pki cert run_pki-ca-user-cert() { -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -ca_instance_created="False" -if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) -elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + rlPhaseStartSetup "Create Temporary Directory " + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=ROOTCA + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi else - prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS + prefix=$MYROLE + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi -else - prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) -fi if [ "$ca_instance_created" = "TRUE" ] ; then SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) - rlPhaseStartSetup "Create Temporary Directory " - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - rlPhaseStartTest "pki_ca_user_cli_ca_user_cert-001: pki ca-user-cert help option" local temp_out="$TmpDir/pki_user-cert" rlLog "Executing pki user-cert --help" diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-del.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-del.sh index 39b2ce3f6..509847047 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-del.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-del.sh @@ -46,33 +46,32 @@ run_pki-ca-user-cli-ca-user-del_tests(){ subsystemId=$1 SUBSYSTEM_TYPE=$2 MYROLE=$3 - prefix=$subsystemId - ca_instance_created="False" - if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) - elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) - else - prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS - fi - else - prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) - fi - + rlPhaseStartSetup "pki_ca_user_cli_ca_user_del-ca-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=ROOTCA + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi + else + prefix=$MYROLE + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi if [ "$ca_instance_created" = "TRUE" ] ; then SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) untrusted_cert_nickname=role_user_UTCA - rlPhaseStartSetup "pki_ca_user_cli_ca_user_del-ca-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - rlPhaseStartTest "pki_ca_user_cli_ca_user_del-ca-configtest-001: pki user-del --help configuration test" rlRun "pki user-del --help > $TmpDir/user_del.out 2>&1" 0 "pki user-del --help" rlAssertGrep "usage: user-del <User ID>" "$TmpDir/user_del.out" diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-find.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-find.sh index 4a9c4008c..2c8a6cb27 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-find.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-find.sh @@ -45,23 +45,28 @@ run_pki-ca-user-cli-ca-user-find_tests(){ subsystemId=$1 SUBSYSTEM_TYPE=$2 MYROLE=$3 - ca_instance_created="False" - if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) - elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) - else - prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS - fi - else - prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) - fi - + rlPhaseStartSetup "pki_ca_user_cli_ca_user_find-startup-create-tempdir: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=ROOTCA + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi + else + prefix=$MYROLE + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi if [ "$ca_instance_created" = "TRUE" ] ; then SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) untrusted_cert_nickname=role_user_UTCA @@ -74,9 +79,7 @@ run_pki-ca-user-cli-ca-user-find_tests(){ user6=abc? user7=0 - rlPhaseStartSetup "pki_ca_user_cli_ca_user_find-startup-addusers: Create temporary directory and add users" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" + rlPhaseStartSetup "pki_ca_user_cli_ca_user_find-startup-addusers: Add users" i=1 while [ $i -lt 25 ] ; do rlRun "pki -d $CERTDB_DIR \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-add.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-add.sh index b1eec8f96..3a8380974 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-add.sh @@ -46,22 +46,27 @@ run_pki-ca-user-cli-ca-user-membership-add_tests(){ subsystemId=$1 SUBSYSTEM_TYPE=$2 MYROLE=$3 - prefix=$subsystemId - ca_instance_created="False" + rlPhaseStartSetup "pki_ca_user_cli_ca_user_membership-add-001: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) else prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi else prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi if [ "$ca_instance_created" = "TRUE" ] ; then SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) @@ -83,11 +88,6 @@ run_pki-ca-user-cli-ca-user-membership-add_tests(){ groupid13="Enterprise RA Administrators" groupid14="Enterprise TPS Administrators" - rlPhaseStartSetup "pki_ca_user_cli_ca_user_membership-add-001: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-add-002: pki user-membership configuration test" rlRun "pki -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) ca-user-membership > $TmpDir/pki_ca_user_membership_cfg.out 2>&1" \ 0 \ @@ -436,7 +436,7 @@ run_pki-ca-user-cli-ca-user-membership-add_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-add-017: Should not be able to ca-user-membership-add using CA_adminUTCA cert" - command="pki -d $UNTRUSTED_CERT_DB_LOCATION -n $untrusted_cert_nickname -c $UNTRUSTED_CERT_DB_PASSWORD ca-user-membership-add testuser1 \"Administrators\"" + command="pki -d $UNTRUSTED_CERT_DB_LOCATION -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) -n $untrusted_cert_nickname -c $UNTRUSTED_CERT_DB_PASSWORD ca-user-membership-add testuser1 \"Administrators\"" rlLog "Executing $command" errmsg="PKIException: Unauthorized" errorcode=255 diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-del.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-del.sh index 38865c3e5..2e027493e 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-del.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-del.sh @@ -43,26 +43,29 @@ run_pki-ca-user-cli-ca-user-membership-del_tests(){ subsystemId=$1 SUBSYSTEM_TYPE=$2 MYROLE=$3 - prefix=$subsystemId - ca_instance_created="False" - + rlPhaseStartSetup "pki_ca_user_cli_ca_user_membership-del-001: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) else prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi else prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi - if [ "$ca_instance_created" = "TRUE" ] ; then SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) untrusted_cert_nickname=role_user_UTCA @@ -83,11 +86,6 @@ run_pki-ca-user-cli-ca-user-membership-del_tests(){ groupid13="Enterprise RA Administrators" groupid14="Enterprise TPS Administrators" - rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-del-001: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-del-002: pki ca-user-membership-del --help configuration test" rlRun "pki ca-user-membership-del --help > $TmpDir/pki_user_membership_del_cfg.out 2>&1" \ 0 \ @@ -375,7 +373,7 @@ run_pki-ca-user-cli-ca-user-membership-del_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-del-015: Should not be able to ca-user-membership-del using CA_adminUTCA cert" - command="pki -d $UNTRUSTED_CERT_DB_LOCATION -n $untrusted_cert_nickname -c $UNTRUSTED_CERT_DB_PASSWORD ca-user-membership-del user2 \"Administrators\"" + command="pki -d $UNTRUSTED_CERT_DB_LOCATION -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) -n $untrusted_cert_nickname -c $UNTRUSTED_CERT_DB_PASSWORD ca-user-membership-del user2 \"Administrators\"" rlLog "Executing $command" errmsg="PKIException: Unauthorized" errorcode=255 diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-find.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-find.sh index cc4beabf5..3e078f6a2 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-find.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-membership-find.sh @@ -46,24 +46,29 @@ run_pki-ca-user-cli-ca-user-membership-find_tests(){ subsystemId=$1 SUBSYSTEM_TYPE=$2 MYROLE=$3 - prefix=$subsystemId - ca_instance_created="False" + rlPhaseStartSetup "pki_ca_user_cli_ca_user_add-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) else prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi else prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi - if [ "$ca_instance_created" = "TRUE" ] ; then SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) untrusted_cert_nickname=role_user_UTCA @@ -85,11 +90,6 @@ run_pki-ca-user-cli-ca-user-membership-find_tests(){ groupid13="Enterprise RA Administrators" groupid14="Enterprise TPS Administrators" - rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-find-001: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-find-002: pki ca-user-membership-find --help configuration test" rlRun "pki ca-user-membership-find --help > $TmpDir/pki_user_membership_find_cfg.out 2>&1" \ 0 \ @@ -566,7 +566,7 @@ run_pki-ca-user-cli-ca-user-membership-find_tests(){ rlPhaseEnd rlPhaseStartTest "pki_ca_user_cli_ca_user_membership-find-029: Should not be able to ca-user-membership-find using CA_adminUTCA cert" - command="pki -d $UNTRUSTED_CERT_DB_LOCATION -n $untrusted_cert_nickname -c $UNTRUSTED_CERT_DB_PASSWORD ca-user-membership-find userall --start=0 --size=5" + command="pki -d $UNTRUSTED_CERT_DB_LOCATION -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) -n $untrusted_cert_nickname -c $UNTRUSTED_CERT_DB_PASSWORD ca-user-membership-find userall --start=0 --size=5" rlLog "Executing $command" errmsg="PKIException: Unauthorized" errorcode=255 diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-mod.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-mod.sh index 24bc249e2..ec852def6 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-mod.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-mod.sh @@ -48,37 +48,37 @@ ######################################################################## run_pki-ca-user-cli-ca-user-mod_tests(){ - -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -ca_instance_created="False" - -if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) -elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + + #####Create temporary dir to save the output files ##### + rlPhaseStartSetup "pki_ca_user_cli_ca_user_mod-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=ROOTCA + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) + fi else - prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS + prefix=$MYROLE + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi -else - prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) -fi if [ "$ca_instance_created" = "TRUE" ] ; then CA_HOST=$(eval echo \$${MYROLE}) CA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) - #####Create temporary dir to save the output files ##### - rlPhaseStartSetup "pki_ca_user_cli_ca_user_mod-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - user1=ca_agent2 user1fullname="Test ca agent" user2=abcdefghijklmnopqrstuvwxyx12345678 @@ -580,7 +580,8 @@ rlPhaseStartTest "pki_ca_user_cli_ca_user_mod-017:--phone with maximum length an -h $CA_HOST \ -p $CA_PORT \ ca-user-add --fullName=test usr1" - command="pki -d $CERTDB_DIR -n $(eval echo \$${subsystemId}_adminV_user) -c $CERTDB_DIR_PASSWORD -h $CA_HOST -p $CA_PORT ca-user-mod --phone='$randsym' usr1" + special_symbols="*$#" + command="pki -d $CERTDB_DIR -n $(eval echo \$${subsystemId}_adminV_user) -c $CERTDB_DIR_PASSWORD -h $CA_HOST -p $CA_PORT ca-user-mod --phone='$randsym$special_symbols' usr1" errmsg="PKIException: LDAP error (21): error result" errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Cannot modify user using CA_adminV with maximum length --phone with character symbols in it" diff --git a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-show.sh b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-show.sh index 1aab02361..62ddf1f18 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-show.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ca-user-cli/pki-ca-user-cli-ca-user-show.sh @@ -45,44 +45,44 @@ ######################################################################## run_pki-ca-user-cli-ca-user-show_tests(){ - #local variables - user1=ca_agent2 - user1fullname="Test ca_agent" - user2=abcdefghijklmnopqrstuvwxyx12345678 - user3=abc# - user4=abc$ - user5=abc@ - user6=abc? - user7=0 subsystemId=$1 SUBSYSTEM_TYPE=$2 MYROLE=$3 - prefix=$subsystemId - ca_instance_created="False" + rlPhaseStartSetup "pki_ca_user_cli_user_show-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2) + ca_instance_created="False" if [ "$TOPO9" = "TRUE" ] ; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - prefix=$subsystemId - ca_instance_created=$(eval echo \$${subsystemId}_INSTANCE_CREATED_STATUS) + if [[ $CA_INST == SUBCA* ]]; then + prefix=$CA_INST + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) else prefix=ROOTCA - ca_instance_created=$ROOTCA_INSTANCE_CREATED_STATUS + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi else prefix=$MYROLE - ca_instance_created=$(eval echo \$${MYROLE}_INSTANCE_CREATED_STATUS) + ca_instance_created=$(eval echo \$${CA_INST}_INSTANCE_CREATED_STATUS) fi if [ "$ca_instance_created" = "TRUE" ] ; then + #local variables + user1=ca_agent2 + user1fullname="Test ca_agent" + user2=abcdefghijklmnopqrstuvwxyx12345678 + user3=abc# + user4=abc$ + user5=abc@ + user6=abc? + user7=0 SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) untrusted_cert_nickname=role_user_UTCA - rlPhaseStartSetup "pki_ca_user_cli_user_show-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - rlPhaseStartTest "pki_ca_user_show-configtest: pki ca-user-show configuration test" rlRun "pki ca-user-show --help > $TmpDir/pki_ca_user_show_cfg.out 2>&1" \ 0 \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-add.sh b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-add.sh index 466b28ff8..603ce9385 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-add.sh @@ -1398,6 +1398,19 @@ Import CA certificate (Y/n)? \"" >> $expfile #===Deleting users created using ${prefix}_adminV cert===# i=1 + while [ $i -lt 22 ] ; do + rlRun "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + kra-user-del u$i > $TmpDir/pki-kra-user-del-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-kra-user-del-user-00$i.out" + let i=$i+1 + done + i=23 while [ $i -lt 37 ] ; do rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-add.sh b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-add.sh index f9653622a..69e5c1918 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-add.sh @@ -49,21 +49,35 @@ ######################################################################## run_pki-kra-user-cli-user-cert-add_tests(){ - -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -caId=$4 -CA_HOST=$5 - + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + caId=$4 + CA_HOST=$5 + ##### Create a temporary directory to save output files and initializing host/port variables ##### + rlPhaseStartSetup "pki_user_cli_user_cert-add-kra-startup: Create temporary directory and initializing host/port variables" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + # Local Variables + get_topo_stack $MYROLE $TmpDir/topo_file + local KRA_INST=$(cat $TmpDir/topo_file | grep MY_KRA | cut -d= -f2) + kra_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$KRA_INST + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + prefix=KRA3 + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=$MYROLE + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + fi + +if [ "$kra_instance_created" = "TRUE" ] ; then KRA_HOST=$(eval echo \$${MYROLE}) KRA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) CA_PORT=$(eval echo \$${caId}_UNSECURE_PORT) - ##### Create a temporary directory to save output files and initializing host/port variables ##### - rlPhaseStartSetup "pki_user_cli_user_cert-add-kra-startup: Create temporary directory and initializing host/port variables" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd local cert_info="$TmpDir/cert_info" user1=testuser1 @@ -2276,5 +2290,8 @@ rlPhaseStartTest "pki_kra_user_cli_user_cleanup: Deleting role users" rlRun "popd" rlRun "rm -r $TmpDir" 0 "Removing tmp directory" rlPhaseEnd +else + rlLog "KRA instance not installed" +fi } diff --git a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-delete.sh b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-delete.sh index f6c85280d..bc3aba276 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-delete.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-delete.sh @@ -49,21 +49,34 @@ ######################################################################## run_pki-kra-user-cli-kra-user-cert-delete_tests(){ - -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -caId=$4 -CA_HOST=$5 + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + caId=$4 + CA_HOST=$5 + ##### Create temporary directory to save output files##### + rlPhaseStartSetup "pki_kra_user_cli_kra_user_cert-del-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local KRA_INST=$(cat $TmpDir/topo_file | grep MY_KRA | cut -d= -f2) + kra_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$KRA_INST + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + prefix=KRA3 + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=$MYROLE + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + fi + +if [ "$kra_instance_created" = "TRUE" ] ; then KRA_HOST=$(eval echo \$${MYROLE}) KRA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) CA_PORT=$(eval echo \$${caId}_UNSECURE_PORT) - ##### Create temporary directory to save output files##### - rlPhaseStartSetup "pki_kra_user_cli_kra_user_cert-del-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - user1=testuser1 user2=testuser2 user1fullname="Test user1" @@ -829,4 +842,7 @@ rlPhaseStartTest "pki_kra_user_cli_user_cleanup: Deleting role users" rlRun "popd" rlRun "rm -r $TmpDir" 0 "Removing tmp directory" rlPhaseEnd +else + rlLog "KRA instance not installed" +fi } diff --git a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-find.sh b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-find.sh index 14392ec5e..0e7f1efdc 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-find.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-find.sh @@ -49,22 +49,34 @@ ######################################################################## run_pki-kra-user-cli-kra-user-cert-find_tests(){ - -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -caId=$4 -CA_HOST=$5 - + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + caId=$4 + CA_HOST=$5 + #####Create temporary dir to save the output files##### + rlPhaseStartSetup "pki_kra_user_cli_kra_user_cert-find-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local KRA_INST=$(cat $TmpDir/topo_file | grep MY_KRA | cut -d= -f2) + kra_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$KRA_INST + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + prefix=KRA3 + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=$MYROLE + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + fi + +if [ "$kra_instance_created" = "TRUE" ] ; then KRA_HOST=$(eval echo \$${MYROLE}) KRA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) CA_PORT=$(eval echo \$${caId}_UNSECURE_PORT) - #####Create temporary dir to save the output files##### - rlPhaseStartSetup "pki_kra_user_cli_kra_user_cert-find-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - user1=testuser1 user2=testuser2 user1fullname="Test user1" @@ -1062,4 +1074,7 @@ rlPhaseStartTest "pki_kra_user_cli_user_cleanup: Deleting role users" rlRun "popd" rlRun "rm -r $TmpDir" 0 "Removing tmp directory" rlPhaseEnd +else + rlLog "KRA instance not installed" +fi } diff --git a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-show.sh b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-show.sh index c35b201b1..a3e722f6e 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-show.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert-show.sh @@ -49,20 +49,33 @@ ######################################################################## run_pki-kra-user-cli-kra-user-cert-show_tests(){ - -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -caId=$4 -CA_HOST=$5 + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + caId=$4 + CA_HOST=$5 + ##### Create temporary directory to save output files ##### + rlPhaseStartSetup "pki_kra_user_cli_kra_user_cert-show-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local KRA_INST=$(cat $TmpDir/topo_file | grep MY_KRA | cut -d= -f2) + kra_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$KRA_INST + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + prefix=KRA3 + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=$MYROLE + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + fi +if [ "$kra_instance_created" = "TRUE" ] ; then KRA_HOST=$(eval echo \$${MYROLE}) KRA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) CA_PORT=$(eval echo \$${caId}_UNSECURE_PORT) - ##### Create temporary directory to save output files ##### - rlPhaseStartSetup "pki_kra_user_cli_kra_user_cert-show-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd user1=testuser1 user2=testuser2 @@ -1059,4 +1072,7 @@ rlPhaseStartTest "pki_kra_user_cli_user_cleanup: Deleting role users" rlRun "popd" rlRun "rm -r $TmpDir" 0 "Removing tmp directory" rlPhaseEnd +else + rlLog "KRA instance not created" +fi } diff --git a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert.sh b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert.sh index e8c692c59..379391fce 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-cert.sh @@ -41,37 +41,30 @@ # pki kra-user-cert ran without any options should show all the command line options of pki cert run_pki-kra-user-cert() { -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + rlPhaseStartSetup "Create Temporary Directory " + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd -if [ "$TOPO9" = "TRUE" ] ; then - ADMIN_CERT_LOCATION=$(eval echo \$${subsystemId}_ADMIN_CERT_LOCATION) - prefix=$subsystemId - CLIENT_PKCS12_PASSWORD=$(eval echo \$${subsystemId}_CLIENT_PKCS12_PASSWORD) -elif [ "$MYROLE" = "MASTER" ] ; then - if [[ $subsystemId == SUBCA* ]]; then - ADMIN_CERT_LOCATION=$(eval echo \$${subsystemId}_ADMIN_CERT_LOCATION) - prefix=$subsystemId - CLIENT_PKCS12_PASSWORD=$(eval echo \$${subsystemId}_CLIENT_PKCS12_PASSWORD) + get_topo_stack $MYROLE $TmpDir/topo_file + local KRA_INST=$(cat $TmpDir/topo_file | grep MY_KRA | cut -d= -f2) + kra_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$KRA_INST + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + prefix=KRA3 + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) else - ADMIN_CERT_LOCATION=$ROOTCA_ADMIN_CERT_LOCATION - prefix=ROOTCA - CLIENT_PKCS12_PASSWORD=$ROOTCA_CLIENT_PKCS12_PASSWORD + prefix=$MYROLE + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) fi -else - ADMIN_CERT_LOCATION=$(eval echo \$${MYROLE}_ADMIN_CERT_LOCATION) - prefix=$MYROLE - CLIENT_PKCS12_PASSWORD=$(eval echo \$${MYROLE}_CLIENT_PKCS12_PASSWORD) -fi - +if [ "$kra_instance_created" = "TRUE" ] ; then SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) - rlPhaseStartSetup "Create Temporary Directory " - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - rlPhaseStartTest "pki_kra_user_cli_kra_user_cert-001: pki kra-user-cert help option" local temp_out="$TmpDir/pki_user-cert" rlLog "Executing pki kra-user-cert --help" @@ -94,4 +87,7 @@ SUBSYSTEM_HOST=$(eval echo \$${MYROLE}) rlPhaseStartCleanup "pki user-cert cleanup: Delete temp dir" rlRun "popd" rlPhaseEnd +else + rlLog "KRA instance not created" +fi } diff --git a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-mod.sh b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-mod.sh index deed0d4d2..7a75ff7e9 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-mod.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-kra-user-cli/pki-kra-user-cli-kra-user-mod.sh @@ -48,20 +48,32 @@ ######################################################################## run_pki-kra-user-cli-kra-user-mod_tests(){ - -subsystemId=$1 -SUBSYSTEM_TYPE=$2 -MYROLE=$3 -caId=$4 - + subsystemId=$1 + SUBSYSTEM_TYPE=$2 + MYROLE=$3 + caId=$4 + #####Create temporary dir to save the output files ##### + rlPhaseStartSetup "pki_kra_user_cli_kra_user_mod-startup: Create temporary directory" + rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlPhaseEnd + get_topo_stack $MYROLE $TmpDir/topo_file + local KRA_INST=$(cat $TmpDir/topo_file | grep MY_KRA | cut -d= -f2) + kra_instance_created="False" + if [ "$TOPO9" = "TRUE" ] ; then + prefix=$KRA_INST + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + elif [ "$MYROLE" = "MASTER" ] ; then + prefix=KRA3 + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + else + prefix=$MYROLE + kra_instance_created=$(eval echo \$${KRA_INST}_INSTANCE_CREATED_STATUS) + fi +if [ "$kra_instance_created" = "TRUE" ] ; then KRA_HOST=$(eval echo \$${MYROLE}) KRA_PORT=$(eval echo \$${subsystemId}_UNSECURE_PORT) CA_PORT=$(eval echo \$${caId}_UNSECURE_PORT) - #####Create temporary dir to save the output files ##### - rlPhaseStartSetup "pki_kra_user_cli_kra_user_mod-startup: Create temporary directory" - rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd user1=kra_user user1fullname="Test kra user" @@ -568,7 +580,8 @@ rlPhaseStartTest "pki_kra_user_cli_kra_user_mod-017:--phone with maximum length -h $KRA_HOST \ -p $KRA_PORT \ kra-user-add --fullName=test usr1" - command="pki -d $CERTDB_DIR -n $(eval echo \$${subsystemId}_adminV_user) -c $CERTDB_DIR_PASSWORD -h $KRA_HOST -p $KRA_PORT kra-user-mod --phone='$randsym' usr1" + special_symbols="#$@*" + command="pki -d $CERTDB_DIR -n $(eval echo \$${subsystemId}_adminV_user) -c $CERTDB_DIR_PASSWORD -h $KRA_HOST -p $KRA_PORT kra-user-mod --phone='$randsym$special_symbols' usr1" errmsg="PKIException: LDAP error (21): error result" errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Cannot modify user using an admin user with maximum length --phone with character symbols in it" @@ -1076,6 +1089,8 @@ $i18nuser #Delete temporary directory rlRun "popd" rlRun "rm -r $TmpDir" 0 "Removing tmp directory" - rlPhaseEnd +else + rlLog "KRA instance not created" +fi } diff --git a/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-add.sh b/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-add.sh index d7bfa1ae3..19e5323f1 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-add.sh @@ -1398,6 +1398,19 @@ Import CA certificate (Y/n)? \"" >> $expfile rlPhaseStartCleanup "pki_user_cli_user_cleanup: Deleting users" #===Deleting users created using ${prefix}_adminV cert===# i=1 + while [ $i -lt 22 ] ; do + rlRun "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + ocsp-user-del u$i > $TmpDir/pki-ocsp-user-del-ocsp-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-ocsp-user-del-ocsp-user-00$i.out" + let i=$i+1 + done + i=23 while [ $i -lt 37 ] ; do rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-membership-add.sh b/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-membership-add.sh index 7abd6b247..7fa2f4ef3 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-membership-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-membership-add.sh @@ -673,12 +673,11 @@ Import CA certificate (Y/n)? \"" >> $expfile #Trying to perform List CAs using $user3's cert should fail local request_header_out="$TmpDir/request_header_out" - rlRun "export SSL_DIR=$TmpDir" - command="curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\"" - rlLog "Executing: $command" - errmsg="ForbiddenException: Authorization Error" - errorcode=255 - rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Trying to perform List CAs using $user3's cert should fail" + rlRun "export SSL_DIR=$TEMP_NSS_DB" + command="curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/pki-user-membership-add-groupadd-find-ocsp-usertest3-020_12.out" + errmsg="You are not authorized for this operation." + rlRun "$command" 0 "Should not be able to list CAs using a non Agent user" + rlAssertGrep "$errmsg" "$TmpDir/pki-user-membership-add-groupadd-find-ocsp-usertest3-020_12.out" #Add user $user3 to Certificate Manager Agents group rlRun "pki -d $CERTDB_DIR \ @@ -703,8 +702,8 @@ Import CA certificate (Y/n)? \"" >> $expfile rlAssertGrep "Group: $groupid1" "$TmpDir/pki-ocsp-user-membership-add-groupadd-find-ocsp-usertest3-020_4.out" #Trying to perform List CAs using $user3's cert should succeed - rlLog "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" - rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" 0 "List existing CAs" + rlLog "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" + rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" 0 "List existing CAs" rlAssertGrep "HTTP/1.1 200 OK" "$request_header_out" rlAssertGrep "record.Id=\"CN=PKI $CA_INST Signing Cert,O=redhat\"" "$TmpDir/list_ca.out" rlPhaseEnd diff --git a/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-membership-del.sh b/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-membership-del.sh index 6b3bc1078..4e58059a7 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-membership-del.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-membership-del.sh @@ -710,10 +710,10 @@ Import CA certificate (Y/n)? \"" >> $expfile rlAssertGrep "Added membership in \"$groupid1\"" "$TmpDir/pki-ocsp-user-membership-add-groupadd-ocsp-22.out" #Trying to perform List CAs using $user3's cert should succeed - rlRun "export SSL_DIR=$TmpDir" + rlRun "export SSL_DIR=$TEMP_NSS_DB" local request_header_out="$TmpDir/request_header_out" - rlLog "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" - rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" 0 "List existing CAs" + rlLog "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" + rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" 0 "List existing CAs" rlAssertGrep "HTTP/1.1 200 OK" "$request_header_out" rlAssertGrep "record.Id=\"CN=PKI $CA_INST Signing Cert,O=redhat\"" "$TmpDir/list_ca.out" @@ -731,12 +731,12 @@ Import CA certificate (Y/n)? \"" >> $expfile #Trying to perform List CAs using $user3's cert should fail local request_header_out="$TmpDir/request_header_out" - rlRun "export SSL_DIR=$TmpDir" - command="curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\"" + rlRun "export SSL_DIR=$TEMP_NSS_DB" + command="curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/pki-user-membership-del-groupdel-find-ocsp-usertest3-020_12.out" rlLog "Executing: $command" - errmsg="ForbiddenException: Authorization Error" - errorcode=255 - rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Trying to perform List CAs using $user3's cert should fail" + errmsg="You are not authorized for this operation." + rlRun "$command" 0 "Should not be able to list CAs using a non Agent user" + rlAssertGrep "$errmsg" "$TmpDir/pki-user-membership-del-groupdel-find-ocsp-usertest3-020_12.out" rlPhaseEnd rlPhaseStartCleanup "pki_ocsp-user_cli_ocsp_user_membership-del-cleanup-001: Deleting the temp directory and users" diff --git a/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-mod.sh b/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-mod.sh index a931156ce..6cf90b347 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-mod.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-ocsp-user-cli/pki-ocsp-user-cli-ocsp-user-mod.sh @@ -1031,7 +1031,7 @@ rlPhaseStartCleanup "pki_ocsp_user_cli_user_ocsp_cleanup: Deleting role users" let i=$i+1 done - i=1 + i=2 while [ $i -lt 5 ] ; do rlRun "pki -d $CERTDB_DIR \ -n $(eval echo \$${subsystemId}_adminV_user) \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-tks-user-cli/pki-tks-user-cli-tks-user-add.sh b/tests/dogtag/acceptance/cli-tests/pki-tks-user-cli/pki-tks-user-cli-tks-user-add.sh index 6d1104505..3d435ff87 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-tks-user-cli/pki-tks-user-cli-tks-user-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-tks-user-cli/pki-tks-user-cli-tks-user-add.sh @@ -1395,6 +1395,19 @@ Import CA certificate (Y/n)? \"" >> $expfile #===Deleting users created using ${prefix}_adminV cert===# i=1 + while [ $i -lt 22 ] ; do + rlRun "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + tks-user-del u$i > $TmpDir/pki-tks-user-del-tks-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-tks-user-del-tks-user-00$i.out" + let i=$i+1 + done + i=23 while [ $i -lt 37 ] ; do rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-tks-user-cli/pki-tks-user-cli-tks-user-membership-del.sh b/tests/dogtag/acceptance/cli-tests/pki-tks-user-cli/pki-tks-user-cli-tks-user-membership-del.sh index 53baf8021..4467c7dd6 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-tks-user-cli/pki-tks-user-cli-tks-user-membership-del.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-tks-user-cli/pki-tks-user-cli-tks-user-membership-del.sh @@ -560,7 +560,7 @@ run_pki-tks-user-cli-tks-user-membership-del_tests(){ -c $CERTDB_DIR_PASSWORD \ -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - group-member-find Administrators > $TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_4.out" \ + tks-group-member-find Administrators > $TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_4.out" \ 0 \ "List members of Administrators group" rlAssertGrep "User: u12" "$TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_4.out" @@ -569,7 +569,7 @@ run_pki-tks-user-cli-tks-user-membership-del_tests(){ -c $CERTDB_DIR_PASSWORD \ -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - group-member-find \"$groupid1\" > $TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_5.out" \ + tks-group-member-find \"$groupid1\" > $TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_5.out" \ 0 \ "List members of $groupid1 group" rlAssertGrep "User: u12" "$TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_5.out" @@ -587,7 +587,7 @@ run_pki-tks-user-cli-tks-user-membership-del_tests(){ -c $CERTDB_DIR_PASSWORD \ -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - group-member-find $groupid4 > $TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_7.out" \ + tks-group-member-find $groupid4 > $TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_7.out" \ 0 \ "List members of $groupid4 group" rlAssertNotGrep "User: u12" "$TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_7.out" @@ -596,7 +596,7 @@ run_pki-tks-user-cli-tks-user-membership-del_tests(){ -c $CERTDB_DIR_PASSWORD \ -h $SUBSYSTEM_HOST \ -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ - group-member-find \"$groupid1\" > $TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_8.out" \ + tks-group-member-find \"$groupid1\" > $TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_8.out" \ 0 \ "List members of $groupid1 group" rlAssertNotGrep "User: u12" "$TmpDir/pki-tks-user-del-tks-user-membership-find-tks-user-del-20_8.out" diff --git a/tests/dogtag/acceptance/cli-tests/pki-tps-user-cli/pki-tps-user-cli-tps-user-add.sh b/tests/dogtag/acceptance/cli-tests/pki-tps-user-cli/pki-tps-user-cli-tps-user-add.sh index ac753574b..d9fe63a68 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-tps-user-cli/pki-tps-user-cli-tps-user-add.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-tps-user-cli/pki-tps-user-cli-tps-user-add.sh @@ -1398,6 +1398,19 @@ Import CA certificate (Y/n)? \"" >> $expfile #===Deleting users created using ${prefix}_adminV cert===# i=1 + while [ $i -lt 22 ] ; do + rlRun "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + tps-user-del u$i > $TmpDir/pki-tps-user-del-tps-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-tps-user-del-tps-user-00$i.out" + let i=$i+1 + done + i=23 while [ $i -lt 37 ] ; do rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh index 335f2322a..36e58c21c 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-add-ca.sh @@ -1157,7 +1157,7 @@ run_pki-user-cli-user-add-ca_tests(){ rlLog "user-add email address negyvenkettő@qetestsdomain.com with i18n characters" command="pki -d $CERTDB_DIR -n ${prefix}_adminV -c $CERTDB_DIR_PASSWORD -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) user-add --fullName=test --email='negyvenkettő@qetestsdomain.com' u31" rlLog "Executing $command" - errmsg="IncorrectPasswordException: Incorrect client security database password." + errmsg="Unsupported e-mail address characters" errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Adding email negyvenkettő@qetestsdomain.com with i18n characters" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" @@ -1167,7 +1167,7 @@ run_pki-user-cli-user-add-ca_tests(){ rlLog "user-add email address četrdesmitdivi@qetestsdomain.com with i18n characters" command="pki -d $CERTDB_DIR -n ${prefix}_adminV -c $CERTDB_DIR_PASSWORD -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) user-add --fullName=test --email='četrdesmitdivi@qetestsdomain.com' u32" rlLog "Executing $command" - errmsg="IncorrectPasswordException: Incorrect client security database password." + errmsg="Unsupported e-mail address characters" errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Adding email četrdesmitdivi@qetestsdomain.com with i18n characters" rlLog "PKI Ticket:: https://fedorahosted.org/pki/ticket/860" diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-delete-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-delete-ca.sh index be078f0e0..0d9af2ac5 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-delete-ca.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-delete-ca.sh @@ -518,12 +518,12 @@ local TEMP_NSS_DB_PASSWD="redhat123" rlPhaseStartTest "pki_user_cli_user_cert-del-CA-0017: Delete certs assigned to a user - as a user not assigned to any role should fail" i=1 - command="pki -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) -d $CERTDB_DIR -u $user2 -w Secret123 -c $CERTDB_DIR_PASSWORD user-cert-del $user1 '2;${serialdecuser1[$i]};$(eval echo \$${prefix}_SIGNING_CERT_SUBJECT_NAME);UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US'" + command="pki -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) -d $CERTDB_DIR -n $user2 -w Secret123 -c $CERTDB_DIR_PASSWORD user-cert-del $user1 '2;${serialdecuser1[$i]};$(eval echo \$${prefix}_SIGNING_CERT_SUBJECT_NAME);UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US'" errmsg="ForbiddenException: Authentication method not allowed." errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Error should be thrown when authentication as a user not assigned to any role" - command="pki -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) -d $CERTDB_DIR -u $user2 -w Secret123 -c $CERTDB_DIR_PASSWORD user-cert-del $user1 '2;${serialdecuser1_crmf[$i]};$(eval echo \$${prefix}_SIGNING_CERT_SUBJECT_NAME);UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US'" + command="pki -h $SUBSYSTEM_HOST -p $(eval echo \$${subsystemId}_UNSECURE_PORT) -d $CERTDB_DIR -n $user2 -w Secret123 -c $CERTDB_DIR_PASSWORD user-cert-del $user1 '2;${serialdecuser1_crmf[$i]};$(eval echo \$${prefix}_SIGNING_CERT_SUBJECT_NAME);UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US'" errmsg="ForbiddenException: Authentication method not allowed." errorcode=255 rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Error should be thrown when authentication as a user not assigned to any role" diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-add-kra.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-add-kra.sh index 36252bb1f..9790644c5 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-add-kra.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/kra/pki-user-cli-user-add-kra.sh @@ -1489,6 +1489,20 @@ Import CA certificate (Y/n)? \"" >> $expfile #===Deleting users created using ${prefix}_adminV cert===# i=1 + while [ $i -lt 22 ] ; do + rlRun "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -t kra \ + user-del u$i > $TmpDir/pki-user-del-kra-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-kra-user-00$i.out" + let i=$i+1 + done + i=23 while [ $i -lt 37 ] ; do rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-add-ocsp.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-add-ocsp.sh index e7f0b1165..894adab94 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-add-ocsp.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-add-ocsp.sh @@ -1490,6 +1490,20 @@ Import CA certificate (Y/n)? \"" >> $expfile rlPhaseStartCleanup "pki_user_cli_user_cleanup: Deleting users" #===Deleting users created using ${prefix}_adminV cert===# i=1 + while [ $i -lt 22 ] ; do + rlRun "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -t ocsp \ + user-del u$i > $TmpDir/pki-user-del-ocsp-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-ocsp-user-00$i.out" + let i=$i+1 + done + i=23 while [ $i -lt 37 ] ; do rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-membership-add-ocsp.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-membership-add-ocsp.sh index 9e59ccbac..04947124f 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-membership-add-ocsp.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-membership-add-ocsp.sh @@ -708,12 +708,12 @@ Import CA certificate (Y/n)? \"" >> $expfile #Trying to perform List CAs using $user3's cert should fail local request_header_out="$TmpDir/request_header_out" - rlRun "export SSL_DIR=$TmpDir" - command="curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\"" + rlRun "export SSL_DIR=$TEMP_NSS_DB" + command="curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/pki-user-membership-add-groupadd-find-ocsp-usertest3-020_12.out" + errmsg="You are not authorized for this operation." rlLog "Executing: $command" - errmsg="ForbiddenException: Authorization Error" - errorcode=255 - rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Trying to perform List CAs using $user3's cert should fail" + rlRun "$command" 0 "Should not be able to list CAs using a non Agent user" + rlAssertGrep "$errmsg" "$TmpDir/pki-user-membership-add-groupadd-find-ocsp-usertest3-020_12.out" #Add user $user3 to Certificate Manager Agents group rlRun "pki -d $CERTDB_DIR \ @@ -740,8 +740,8 @@ Import CA certificate (Y/n)? \"" >> $expfile rlAssertGrep "Group: $groupid1" "$TmpDir/pki-user-membership-add-groupadd-find-ocsp-usertest3-020_4.out" #Trying to perform List CAs using $user3's cert should succeed - rlLog "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" - rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" 0 "List existing CAs" + rlLog "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" + rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" 0 "List existing CAs" rlAssertGrep "HTTP/1.1 200 OK" "$request_header_out" rlAssertGrep "record.Id=\"CN=PKI $CA_INST Signing Cert,O=redhat\"" "$TmpDir/list_ca.out" rlPhaseEnd diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-membership-del-ocsp.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-membership-del-ocsp.sh index da99ed027..498fd97bf 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-membership-del-ocsp.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-membership-del-ocsp.sh @@ -757,10 +757,10 @@ Import CA certificate (Y/n)? \"" >> $expfile rlAssertGrep "Added membership in \"$groupid1\"" "$TmpDir/pki-user-membership-add-groupadd-ocsp-22.out" #Trying to perform List CAs using $user3's cert should succeed - rlRun "export SSL_DIR=$TmpDir" + rlRun "export SSL_DIR=$TEMP_NSS_DB" local request_header_out="$TmpDir/request_header_out" - rlLog "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" - rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" 0 "List existing CAs" + rlLog "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" + rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/list_ca.out" 0 "List existing CAs" rlAssertGrep "HTTP/1.1 200 OK" "$request_header_out" rlAssertGrep "record.Id=\"CN=PKI $CA_INST Signing Cert,O=redhat\"" "$TmpDir/list_ca.out" @@ -779,12 +779,12 @@ Import CA certificate (Y/n)? \"" >> $expfile #Trying to perform List CAs using $user3's cert should fail local request_header_out="$TmpDir/request_header_out" - rlRun "export SSL_DIR=$TmpDir" - command="curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_UNSECURE_PORT)/ocsp/agent/ocsp/listCAs\"" + rlRun "export SSL_DIR=$TEMP_NSS_DB" + command="curl --cacert $CERTDB_DIR/ca_cert.pem --dump-header $request_header_out -E $user3:$TEMP_NSS_DB_PASSWORD -k \"https://$SUBSYSTEM_HOST:$(eval echo \$${subsystemId}_SECURE_PORT)/ocsp/agent/ocsp/listCAs\" > $TmpDir/pki-user-membership-del-groupdel-find-ocsp-usertest3-020_12.out" + errmsg="You are not authorized for this operation." rlLog "Executing: $command" - errmsg="ForbiddenException: Authorization Error" - errorcode=255 - rlRun "verifyErrorMsg \"$command\" \"$errmsg\" \"$errorcode\"" 0 "Verify expected error message - Trying to perform List CAs using $user3's cert should fail" + rlRun "$command" 0 "Should not be able to list CAs using a non Agent user" + rlAssertGrep "$errmsg" "$TmpDir/pki-user-membership-del-groupdel-find-ocsp-usertest3-020_12.out" rlPhaseEnd rlPhaseStartCleanup "pki_user_cli_user_membership-del-ocsp-cleanup-001: Deleting the temp directory and users" diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-mod-ocsp.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-mod-ocsp.sh index 5de4950cd..f75875f0f 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-mod-ocsp.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ocsp/pki-user-cli-user-mod-ocsp.sh @@ -602,9 +602,16 @@ rlPhaseStartTest "pki_user_cli_user_mod_ocsp-015:--state as number 0 " #### Modify a user's phone with maximum length and symbols #### rlPhaseStartTest "pki_user_cli_user_mod_ocsp-017:--phone with maximum length and symbols " + rlRun "pki -d $CERTDB_DIR \ + -n $(eval echo \$${subsystemId}_adminV_user) \ + -c $CERTDB_DIR_PASSWORD \ + -h $OCSP_HOST \ + -p $OCSP_PORT \ + -t ocsp \ + user-add --fullName=\"user 1\" usr1" randsym_b64=$(openssl rand -base64 90000 | perl -p -e 's/\n//') randsym=$(echo $randsym_b64 | tr -d /) - special_symbols="#$@*" + special_symbols="##@@$@*" command="pki -d $CERTDB_DIR -n $(eval echo \$${subsystemId}_adminV_user) -c $CERTDB_DIR_PASSWORD -h $OCSP_HOST -p $OCSP_PORT -t ocsp user-mod --phone='$randsym$special_symbols' usr1" errmsg="PKIException: LDAP error (21): error result" errorcode=255 diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/tks/pki-user-cli-user-add-tks.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/tks/pki-user-cli-user-add-tks.sh index 090149191..291452457 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/tks/pki-user-cli-user-add-tks.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/tks/pki-user-cli-user-add-tks.sh @@ -1486,6 +1486,20 @@ Import CA certificate (Y/n)? \"" >> $expfile #===Deleting users created using ${prefix}_adminV cert===# i=1 + while [ $i -lt 22 ] ; do + rlRun "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -t tks \ + user-del u$i > $TmpDir/pki-user-del-tks-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-tks-user-00$i.out" + let i=$i+1 + done + i=23 while [ $i -lt 37 ] ; do rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/tps/pki-user-cli-user-add-tps.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/tps/pki-user-cli-user-add-tps.sh index 0447d6cf8..09204ee01 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/tps/pki-user-cli-user-add-tps.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/tps/pki-user-cli-user-add-tps.sh @@ -1489,6 +1489,20 @@ Import CA certificate (Y/n)? \"" >> $expfile #===Deleting users created using ${prefix}_adminV cert===# i=1 + while [ $i -lt 22 ] ; do + rlRun "pki -d $CERTDB_DIR \ + -n ${prefix}_adminV \ + -c $CERTDB_DIR_PASSWORD \ + -h $SUBSYSTEM_HOST \ + -p $(eval echo \$${subsystemId}_UNSECURE_PORT) \ + -t tps \ + user-del u$i > $TmpDir/pki-user-del-tps-user-00$i.out" \ + 0 \ + "Deleted user u$i" + rlAssertGrep "Deleted user \"u$i\"" "$TmpDir/pki-user-del-tps-user-00$i.out" + let i=$i+1 + done + i=23 while [ $i -lt 37 ] ; do rlRun "pki -d $CERTDB_DIR \ -n ${prefix}_adminV \ |