From 6d901d78045f8cd61db5726f3adfbec86d0d02fd Mon Sep 17 00:00:00 2001 From: Anuj Borah Date: Mar 04 2020 09:56:14 +0000 Subject: Issue: 50690 - Port Password Storage test cases from TET to python3 part 2 Port Password Storage test cases from TET to python3 part 2 Fixes: https://pagure.io/389-ds-base/issue/50690 Author: aborah Reviewed by: Viktor Ashirov --- diff --git a/dirsrvtests/tests/suites/pwp_storage/check_storage_test.py b/dirsrvtests/tests/suites/pwp_storage/check_storage_test.py new file mode 100644 index 0000000..5e190b0 --- /dev/null +++ b/dirsrvtests/tests/suites/pwp_storage/check_storage_test.py @@ -0,0 +1,102 @@ +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2020 Red Hat, Inc. +# All rights reserved. +# +# License: GPL (version 3 or any later version). +# See LICENSE for details. +# --- END COPYRIGHT BLOCK ---- + + +""" +This file contains the test for password storage scheme +""" + +import os +import pytest +import ldap + +from lib389.topologies import topology_st as topo +from lib389.idm.user import UserAccounts, UserAccount +from lib389._constants import DEFAULT_SUFFIX +from lib389.config import Config +from password_plugins import SHAPlugin + +pytestmark = pytest.mark.tier1 + + +def change_config_create_user(topo, field_value): + """ + Will change passwordStorageScheme + """ + Config(topo.standalone).replace("passwordStorageScheme", field_value) + user = UserAccounts(topo.standalone, DEFAULT_SUFFIX).create_test_user() + user.set('userpassword', 'HayItsMEAnuj') + return user + + +@pytest.fixture(scope="function") +def _delete_user(request, topo): + def fin(): + """ + Will delete the user + """ + UserAccount(topo.standalone, f'uid=test_user_1000,ou=People,{DEFAULT_SUFFIX}').delete() + request.addfinalizer(fin) + + +def test_sha_and_clear(topo, _delete_user): + """Check SHA Scheme + + :id: 5c514112-33c1-11ea-a298-8c16451d917b + :setup: Standalone + :steps: + 1. Disable SHA Plugin + 2. Activate SHA Plugin + 3. Enable SHA Plugin + 4. Test CLEAR password + :expected results: + 1. Pass + 2. Pass + 3. Pass + 4. Pass + """ + sha = SHAPlugin(topo.standalone) + assert sha.status() + sha.disable() + assert not sha.status() + topo.standalone.restart() + with pytest.raises(ldap.OPERATIONS_ERROR): + Config(topo.standalone).replace("passwordStorageScheme", "SHA") + Config(topo.standalone).replace("passwordStorageScheme", "CLEAR") + user = change_config_create_user(topo, 'CLEAR') + user.set("userpassword", "AnujBorah") + assert user.get_attr_val_utf8('userpassword') == 'AnujBorah' + sha.enable() + assert sha.status() + + +@pytest.mark.parametrize("value", ['CRYPT', 'CRYPT-MD5', 'CRYPT-SHA256', 'CRYPT-SHA512', 'MD5', + 'PBKDF2_SHA256', 'SHA256', 'SHA384', 'SHA512', 'SMD5', 'SSHA', + 'SSHA256', 'SSHA384', 'SSHA512']) +def test_check_password_scheme(topo, value, _delete_user): + """Check all password scheme. + + :id: 618207fc-33c1-11ea-93ce-8c16451d917b + :setup: Standalone + :steps: + 1. Create a user without password + 2. Update the user with a password + 3. Check the encryption of the pwd + :expected results: + 1. Pass + 2. Pass + 3. Pass + """ + user = change_config_create_user(topo, value) + user.set("userpassword", "AnujBorah") + assert '{' + value.lower().split('-')[0] + '}' in user.get_attr_val_utf8('userpassword').lower() + + +if __name__ == "__main__": + CURRENT_FILE = os.path.realpath(__file__) + pytest.main("-s -v %s" % CURRENT_FILE)