From c2e2088b8222f3dd5e804e7bc120b0e53f20d4e6 Mon Sep 17 00:00:00 2001 From: Patrik Rosecky Date: Wed, 20 Dec 2023 15:33:09 +0100 Subject: [PATCH] Tests: convert multihost/alltests/test_cache_testing to system/memory_cache --- .../multihost/alltests/test_cache_testing.py | 9 + src/tests/system/tests/test_memory_cache.py | 239 ++++++++++++++++++ 2 files changed, 248 insertions(+) diff --git a/src/tests/multihost/alltests/test_cache_testing.py b/src/tests/multihost/alltests/test_cache_testing.py index 774f43ae170..a968e415eee 100644 --- a/src/tests/multihost/alltests/test_cache_testing.py +++ b/src/tests/multihost/alltests/test_cache_testing.py @@ -42,6 +42,7 @@ class TestCacheTesting(): Test for correct cache presence in case of variety of SSSD Configurations. Test for correct cache presence in case of modification & deletion of user entries. """ + @pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__verify_timestamp_cache') @staticmethod def test_0001_Verify_Timestamp_Cache_Exists(multihost): """ @@ -64,6 +65,7 @@ def test_0001_Verify_Timestamp_Cache_Exists(multihost): cmd = multihost.client[0].run_command(list_cmd, raiseonerr=False) assert cmd.returncode == 0, f"Could not find timestamp cache file {file}" + @pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__verify_timestamp_cache') @staticmethod def test_0002_Verify_Cache_on_User_Lookup(multihost): """ @@ -85,6 +87,7 @@ def test_0002_Verify_Cache_on_User_Lookup(multihost): assert cmd.returncode == 0, f'{ldb_cmd} did not execute successfully' assert cmd2.returncode == 0, f'{ldb_cmd2} did not execute successfully' + @pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__expire_cache_verify_updates') @staticmethod def test_0003_Expire_User_Entries_and_Verify_Updates(multihost): """ @@ -115,6 +118,7 @@ def test_0003_Expire_User_Entries_and_Verify_Updates(multihost): assert cmd2.returncode == 0, f'{ldb_cmd2} did not execute successfully' assert "dataExpireTimestamp: 1\n" in cmd2_output, "dataExpireTimestamp not found in /tmp/file_ldb2" + @pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__refresh_user_entries') @staticmethod def test_0004_Refresh_User_Entries_After_Expiry(multihost): """ @@ -145,6 +149,7 @@ def test_0004_Refresh_User_Entries_After_Expiry(multihost): assert cmd2.returncode == 0, f'{ldb_cmd2} did not execute successfully' assert "dataExpireTimestamp: 1\n" not in cmd2_output, "dataExpireTimestamp found in /tmp/file_ldb2" + @pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__user_auth_after_cache_expiration') @staticmethod def test_0005_Expire_User_Entries_ans_Run_User_Auth(multihost): """ @@ -179,6 +184,7 @@ def test_0005_Expire_User_Entries_ans_Run_User_Auth(multihost): assert cmd2.returncode == 0, f'{ldb_cmd2} did not execute successfully' assert "dataExpireTimestamp: 1\n" not in cmd2_output, "dataExpireTimestamp found in /tmp/file_ldb2" + @pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__check_refresh_expired_interval') @staticmethod def test_0006_Set_refresh_expired_interval_to_40(multihost, backupsssdconf): """ @@ -224,6 +230,7 @@ def test_0006_Set_refresh_expired_interval_to_40(multihost, backupsssdconf): assert cmd2.returncode == 0, f'{ldb_cmd2} did not execute successfully' assert "dataExpireTimestamp: 1\n" not in cmd2_output, "dataExpireTimestamp found in /tmp/file_ldb2" + @pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__check_timestamps_fully_qualified_names') @staticmethod def test_0007_Set_use_fully_qualified_names_to_true(multihost, backupsssdconf): """ @@ -256,6 +263,7 @@ def test_0007_Set_use_fully_qualified_names_to_true(multihost, backupsssdconf): assert cmd.returncode == 0, f'{ldb_cmd} did not execute successfully' assert cmd2.returncode == 0, f'{ldb_cmd2} did not execute successfully' + @pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__check_timestamps_false_case_sensitive') @staticmethod def test_0008_Set_case_sensitive_to_false(multihost, backupsssdconf): """ @@ -287,6 +295,7 @@ def test_0008_Set_case_sensitive_to_false(multihost, backupsssdconf): assert cmd.returncode == 0, f'{ldb_cmd} did not execute successfully' assert cmd2.returncode == 0, f'{ldb_cmd2} did not execute successfully' + @pytest.mark.converted('test_memory_cache.py', 'test_memory_cache__verify_group_timestamp_cache') @staticmethod def test_0009_Verify_ldb_cache_updates_on_group_lookup(multihost): """ diff --git a/src/tests/system/tests/test_memory_cache.py b/src/tests/system/tests/test_memory_cache.py index ad35d1d1876..9233d580f0e 100644 --- a/src/tests/system/tests/test_memory_cache.py +++ b/src/tests/system/tests/test_memory_cache.py @@ -6,7 +6,10 @@ from __future__ import annotations +import time + import pytest +from pytest_mh.ssh import SSHAuthenticationError from sssd_test_framework.roles.client import Client from sssd_test_framework.roles.generic import GenericProvider from sssd_test_framework.roles.ldap import LDAP @@ -1656,3 +1659,239 @@ def test_memory_cache__truncate__nosigbus(client: Client, ldap: LDAP): result = client.tools.id("user-1") assert result is not None, "User was not found" assert result.user.name == "user-1" + + +@pytest.mark.topology(KnownTopologyGroup.AnyProvider) +def test_memory_cache__verify_timestamp_cache(client: Client, provider: GenericProvider): + """ + :title: Verify the existence of timestamp cache and use lsbsearch on those files + :setup: + 1. Add user + 2. Start SSSD + :steps: + 1. Execute getent passwd to fetch user details + 2. Check if timestamps cache file exists + 3. Get user information using ldbsearch on cache_test.ldb + 4. Get user timestamp information using ldbsearch on timestamps_test.ldb + :expectedresults: + 1. User details should be successfully fetched + 2. Cache file should be present + 3. User information were successfully fetched + 4. User information were successfully fetched + :customerscenario: False + """ + provider.user("user1").add() + client.sssd.start() + + client.tools.getent.passwd("user1") + cache = "/var/lib/sss/db/cache_test.ldb" + timestamps = "/var/lib/sss/db/timestamps_test.ldb" + assert client.fs.exists(timestamps), f"Timestamp file '{timestamps}' does not exist" + + ldb1 = client.ldb.search(cache, "name=user1@test,cn=users,cn=test,cn=sysdb") + ldb2 = client.ldb.search(timestamps, "name=user1@test,cn=users,cn=test,cn=sysdb") + assert ldb1 != {}, f"ldbsearch failed to search user1 in {cache}" + assert ldb2 != {}, f"ldbsearch failed to search user1 in {timestamps}" + + +@pytest.mark.topology(KnownTopologyGroup.AnyProvider) +def test_memory_cache__expire_cache_verify_updates(client: Client, provider: GenericProvider): + """ + :title: Expire user entries in cache and verify the updates + :setup: + 1. Add user + 2. Start SSSD + 3. Execute getent passwd to fetch user details + 4. Expire whole cache + :steps: + 1. Get user information using ldbsearch on cache_test.ldb + 2. Get user timestamp information using ldbsearch on timestamps_test.ldb + :expectedresults: + 1. 'dataExpireTimestamp' were found in output + 2. 'dataExpireTimestamp' were found in output + :customerscenario: False + """ + provider.user("user1").add() + client.sssd.start() + client.tools.getent.passwd("user1") + client.sssctl.cache_expire(everything=True) + + cache = "/var/lib/sss/db/cache_test.ldb" + timestamps = "/var/lib/sss/db/timestamps_test.ldb" + user_basedn = "name=user1@test,cn=users,cn=test,cn=sysdb" + ldb1 = client.ldb.search(cache, user_basedn) + ldb2 = client.ldb.search(timestamps, user_basedn) + + assert ldb1[user_basedn]["dataExpireTimestamp"] == ["1"], f"did not find 'dataExpireTimestamp' in {cache}" + assert ldb2[user_basedn]["dataExpireTimestamp"] == ["1"], f"did not find 'dataExpireTimestamp' in {timestamps}" + + +@pytest.mark.topology(KnownTopologyGroup.AnyProvider) +def test_memory_cache__refresh_user_entries(client: Client, provider: GenericProvider): + """ + :title: Refresh user entries after expiry and verify the cache updates + :setup: + 1. Add user + 2. Start SSSD + 3. Execute getent passwd to fetch user details + 4. Expire cache + 5. Execute getent passwd again + :steps: + 1. Get user information using ldbsearch on cache_test.ldb + 2. Get user timestamp information using ldbsearch on timestamps_test.ldb + :expectedresults: + 1. 'dataExpireTimestamp' were found in output + 2. 'dataExpireTimestamp' were not found in timestamps output + :customerscenario: False + """ + provider.user("user1").add() + client.sssd.start() + client.tools.getent.passwd("user1") + client.sssctl.cache_expire(everything=True) + client.tools.getent.passwd("user1") + + cache = "/var/lib/sss/db/cache_test.ldb" + timestamps = "/var/lib/sss/db/timestamps_test.ldb" + user_basedn = "name=user1@test,cn=users,cn=test,cn=sysdb" + ldb1 = client.ldb.search(cache, user_basedn) + ldb2 = client.ldb.search(timestamps, user_basedn) + + assert ldb1[user_basedn]["dataExpireTimestamp"] == ["1"], f"did not find 'dataExpireTimestamp' in {cache}" + assert ldb2[user_basedn]["dataExpireTimestamp"] != ["1"], f"found 'dataExpireTimestamp' in {timestamps}" + + +@pytest.mark.topology(KnownTopologyGroup.AnyProvider) +def test_memory_cache__user_auth_after_cache_expiration(client: Client, provider: GenericProvider): + """ + :title: Refresh user entries after expiry and verify the cache updates + :setup: + 1. Add user + 2. Start SSSD + 3. Execute getent passwd to fetch user details + 4. Expire cache + 5. Execute getent passwd again + :steps: + 1. Get user information using ldbsearch on cache_test.ldb + 2. Get user timestamp information using ldbsearch on timestamps_test.ldb + :expectedresults: + 1. 'dataExpireTimestamp' were found in output + 2. 'dataExpireTimestamp' were not found in timestamps output + :customerscenario: False + """ + provider.user("user1").add() + client.sssd.start() + client.tools.getent.passwd("user1") + client.sssctl.cache_expire(everything=True) + + try: + client.ssh("user1", password="Secret123").connect() + except SSHAuthenticationError: + assert False, "user1 was unable to authenticate" + + cache = "/var/lib/sss/db/cache_test.ldb" + timestamps = "/var/lib/sss/db/timestamps_test.ldb" + user_basedn = "name=user1@test,cn=users,cn=test,cn=sysdb" + ldb1 = client.ldb.search(cache, user_basedn) + ldb2 = client.ldb.search(timestamps, user_basedn) + + assert ldb1[user_basedn]["dataExpireTimestamp"] == ["1"], f"did not find 'dataExpireTimestamp' in {cache}" + assert ldb2[user_basedn]["dataExpireTimestamp"] != ["1"], f"found 'dataExpireTimestamp' in {timestamps}" + + +@pytest.mark.topology(KnownTopologyGroup.AnyProvider) +def test_memory_cache__check_refresh_expired_interval(client: Client, provider: GenericProvider): + """ + :title: Set refresh expired interval to 40 and verify user record updates + :setup: + 1. Add user + 2. Set refresh_expired_interval to 40 and entry_cache_timeout to 160 in the sssd.conf + 3. Start SSSD + 4. Execute getent passwd user to fetch cache + 5. Expire whole cache + 6. Wait 40 seconds + :steps: + 1. Get user information using ldbsearch on cache_test.ldb + 2. Get user timestamp information using ldbsearch on timestamps_test.ldb + :expectedresults: + 1. 'dataExpireTimestamp' were found in output + 2. 'dataExpireTimestamp' were not found in timestamps output + :customerscenario: False + """ + provider.user("user1").add() + client.sssd.domain["entry_cache_timeout"] = "160" + client.sssd.domain["refresh_expired_interval"] = "40" + client.sssd.start() + client.tools.getent.passwd("user1") + client.sssctl.cache_expire(everything=True) + time.sleep(40) + + cache = "/var/lib/sss/db/cache_test.ldb" + timestamps = "/var/lib/sss/db/timestamps_test.ldb" + user_basedn = "name=user1@test,cn=users,cn=test,cn=sysdb" + ldb1 = client.ldb.search(cache, user_basedn) + ldb2 = client.ldb.search(timestamps, user_basedn) + + assert ldb1[user_basedn]["dataExpireTimestamp"] == ["1"], f"did not find 'dataExpireTimestamp' in {cache}" + assert ldb2[user_basedn]["dataExpireTimestamp"] != ["1"], f"found 'dataExpireTimestamp' in {timestamps}" + + +@pytest.mark.topology(KnownTopologyGroup.AnyProvider) +def test_memory_cache__check_timestamps_fully_qualified_names(client: Client, provider: GenericProvider): + """ + :title: Set use fully qualified names to true and verify cache updates + :setup: + 1. Add user + 2. Set use_fully_qualified_names to True in the sssd.conf + 3. Start SSSD + 4. Execute getent passwd user1@test + :steps: + 1. Get user information using ldbsearch on cache_test.ldb + 2. Get user timestamp information using ldbsearch on timestamps_test.ldb + :expectedresults: + 1. User information were successfully fetched + 2. User information were successfully fetched + :customerscenario: False + """ + provider.user("user1").add() + client.sssd.domain["use_fully_qualified_names"] = "True" + client.sssd.start() + client.tools.getent.passwd("user1@test") + + cache = "/var/lib/sss/db/cache_test.ldb" + timestamps = "/var/lib/sss/db/timestamps_test.ldb" + user_basedn = "name=user1@test,cn=users,cn=test,cn=sysdb" + ldb1 = client.ldb.search(cache, user_basedn) + ldb2 = client.ldb.search(timestamps, user_basedn) + + assert ldb1 != {}, f"ldbsearch failed to search user1@test in {cache}" + assert ldb2 != {}, f"ldbsearch failed to search user1@test in {timestamps}" + + +@pytest.mark.topology(KnownTopologyGroup.AnyProvider) +def test_memory_cache__verify_group_timestamp_cache(client: Client, provider: GenericProvider): + """ + :title: Set use fully qualified names to true and verify cache updates + :setup: + 1. Add group + 2. Start SSSD + 3. Execute getent group group1 + :steps: + 1. Get group information using ldbsearch on cache_test.ldb + 2. Get group timestamp information using ldbsearch on timestamps_test.ldb + :expectedresults: + 1. Group information were successfully fetched + 2. Group information were successfully fetched + :customerscenario: False + """ + provider.group("group1").add() + client.sssd.start() + client.tools.getent.group("group1") + + cache = "/var/lib/sss/db/cache_test.ldb" + timestamps = "/var/lib/sss/db/timestamps_test.ldb" + group_basedn = "name=group1@test,cn=groups,cn=test,cn=sysdb" + ldb1 = client.ldb.search(cache, group_basedn) + ldb2 = client.ldb.search(timestamps, group_basedn) + + assert ldb1 != {}, f"ldbsearch failed to search user1@test in {cache}" + assert ldb2 != {}, f"ldbsearch failed to search user1@test in {timestamps}"