Modernize ipa-getkeytab test suite

The test suite is now leveraging host/service tracker objects as test case
fixture, removing much of ad-hoc setup/teardown.

https://fedorahosted.org/freeipa/ticket/6409

Reviewed-By: Simo Sorce <ssorce@redhat.com>

2 files changed, 71 insertions, 61 deletions

diff --git a/ipatests/test_cmdline/test_ipagetkeytab.py b/ipatests/test_cmdline/test_ipagetkeytab.py
index b3c8491a1..1f4581a75 100644
--- a/ipatests/test_cmdline/test_ipagetkeytab.py
+++ b/ipatests/test_cmdline/test_ipagetkeytab.py
@@ -28,10 +28,10 @@ import gssapi
 import pytest
 
 from ipalib import api
-from ipalib import errors
 from ipapython import ipautil, ipaldap
 from ipaserver.plugins.ldap2 import ldap2
 from ipatests.test_cmdline.cmdline import cmdline_test
+from ipatests.test_xmlrpc.tracker import host_plugin, service_plugin
 
 def use_keytab(principal, keytab):
     try:
@@ -53,104 +53,110 @@ def use_keytab(principal, keytab):
             shutil.rmtree(tmpdir)
 
 
+@pytest.fixture(scope='class')
+def test_host(request):
+    host_tracker = host_plugin.HostTracker(u'test-host')
+    return host_tracker.make_fixture(request)
+
+
+@pytest.fixture(scope='class')
+def test_service(request, test_host):
+    service_tracker = service_plugin.ServiceTracker(u'srv', test_host.name)
+    test_host.ensure_exists()
+    return service_tracker.make_fixture(request)
+
+
 @pytest.mark.tier0
 class test_ipagetkeytab(cmdline_test):
     """
     Test `ipa-getkeytab`.
     """
     command = "ipa-getkeytab"
-    host_fqdn = u'ipatest.%s' % api.env.domain
-    service_princ = u'test/%s@%s' % (host_fqdn, api.env.realm)
-    [keytabfd, keytabname] = tempfile.mkstemp()
-    os.close(keytabfd)
+    keytabname = None
+
+    @classmethod
+    def setup_class(cls):
+        super(test_ipagetkeytab, cls).setup_class()
+
+        keytabfd, keytabname = tempfile.mkstemp()
+
+        os.close(keytabfd)
+        os.unlink(keytabname)
+
+        cls.keytabname = keytabname
+
+    @classmethod
+    def teardown_class(cls):
+        super(test_ipagetkeytab, cls).teardown_class()
 
-    def test_0_setup(self):
-        """
-        Create a host to test against.
-        """
-        # Create the service
         try:
-            api.Command['host_add'](self.host_fqdn, force=True)
-        except errors.DuplicateEntry:
-            # it already exists, no problem
+            os.unlink(cls.keytabname)
+        except OSError:
             pass
 
-    def test_1_run(self):
+    def run_ipagetkeytab(self, service_principal, raiseonerr=False):
+        new_args = [self.command,
+                    "-s", api.env.host,
+                    "-p", service_principal,
+                    "-k", self.keytabname]
+        return ipautil.run(
+            new_args,
+            stdin=None,
+            raiseonerr=raiseonerr,
+            capture_error=True)
+
+    def test_1_run(self, test_service):
         """
         Create a keytab with `ipa-getkeytab` for a non-existent service.
         """
-        new_args = [self.command,
-                    "-s", api.env.host,
-                    "-p", "test/notfound.example.com",
-                    "-k", self.keytabname,
-                   ]
-        result = ipautil.run(new_args, stdin=None, raiseonerr=False,
-                             capture_error=True)
+        test_service.ensure_missing()
+        result = self.run_ipagetkeytab(test_service.name)
         err = result.error_output
+
         assert 'Failed to parse result: PrincipalName not found.\n' in err, err
         rc = result.returncode
         assert rc > 0, rc
 
-    def test_2_run(self):
+    def test_2_run(self, test_service):
         """
         Create a keytab with `ipa-getkeytab` for an existing service.
         """
-        # Create the service
-        try:
-            api.Command['service_add'](self.service_princ, force=True)
-        except errors.DuplicateEntry:
-            # it already exists, no problem
-            pass
+        test_service.ensure_exists()
 
-        os.unlink(self.keytabname)
-        new_args = [self.command,
-                    "-s", api.env.host,
-                    "-p", self.service_princ,
-                    "-k", self.keytabname,
-                   ]
-        try:
-            result = ipautil.run(new_args, None, capture_error=True)
-            expected = 'Keytab successfully retrieved and stored in: %s\n' % (
-                self.keytabname)
-            assert expected in result.error_output, (
-                'Success message not in output:\n%s' % result.error_output)
-        except ipautil.CalledProcessError:
-            assert (False)
-
-    def test_3_use(self):
+        result = self.run_ipagetkeytab(test_service.name, raiseonerr=True)
+        expected = 'Keytab successfully retrieved and stored in: %s\n' % (
+            self.keytabname)
+        assert expected in result.error_output, (
+            'Success message not in output:\n%s' % result.error_output)
+
+    def test_3_use(self, test_service):
         """
         Try to use the service keytab.
         """
-        use_keytab(self.service_princ, self.keytabname)
+        use_keytab(test_service.name, self.keytabname)
 
-    def test_4_disable(self):
+    def test_4_disable(self, test_service):
         """
         Disable a kerberos principal
         """
+        retrieve_cmd = test_service.make_retrieve_command()
+        result = retrieve_cmd()
         # Verify that it has a principal key
-        entry = api.Command['service_show'](self.service_princ)['result']
-        assert(entry['has_keytab'] == True)
+        assert result[u'result'][u'has_keytab']
 
         # Disable it
-        api.Command['service_disable'](self.service_princ)
+        disable_cmd = test_service.make_disable_command()
+        disable_cmd()
 
         # Verify that it looks disabled
-        entry = api.Command['service_show'](self.service_princ)['result']
-        assert(entry['has_keytab'] == False)
+        result = retrieve_cmd()
+        assert not result[u'result'][u'has_keytab']
 
-    def test_5_use_disabled(self):
+    def test_5_use_disabled(self, test_service):
         """
         Try to use the disabled keytab
         """
         try:
-            use_keytab(self.service_princ, self.keytabname)
+            use_keytab(test_service.name, self.keytabname)
         except Exception as errmsg:
             assert('Unable to bind to LDAP. Error initializing principal' in str(errmsg))
-
-    def test_9_cleanup(self):
-        """
-        Clean up test data
-        """
-        # First create the host that will use this policy
-        os.unlink(self.keytabname)
-        api.Command['host_del'](self.host_fqdn)
diff --git a/ipatests/test_xmlrpc/tracker/service_plugin.py b/ipatests/test_xmlrpc/tracker/service_plugin.py
index 0a90115b3..7e51aca5d 100644
--- a/ipatests/test_xmlrpc/tracker/service_plugin.py
+++ b/ipatests/test_xmlrpc/tracker/service_plugin.py
@@ -85,6 +85,10 @@ class ServiceTracker(KerberosAliasMixin, Tracker):
 
         return self.make_command('service_mod', self.name, **updates)
 
+    def make_disable_command(self):
+        """ make command  that disables the service principal """
+        return self.make_command('service_disable', self.name)
+
     def create(self, force=True):
         """Helper function to create an entry and check the result"""
         self.ensure_missing()