Skip to content

Commit

Permalink
[6.15.z] Add a test case to read Capsules via non-admin user (#14434)
Browse files Browse the repository at this point in the history
  • Loading branch information
Satellite-QE authored and damoore044 committed Mar 18, 2024
1 parent dd7e0fb commit b49d469
Showing 1 changed file with 82 additions and 0 deletions.
82 changes: 82 additions & 0 deletions tests/foreman/api/test_capsulecontent.py
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,10 @@
from time import sleep

from nailgun import client
from nailgun.config import ServerConfig
from nailgun.entity_mixins import call_entity_method_with_timeout
import pytest
from requests.exceptions import HTTPError

from robottelo.config import settings
from robottelo.constants import (
Expand Down Expand Up @@ -47,9 +49,25 @@
get_repomd,
get_repomd_revision,
)
from robottelo.utils.datafactory import gen_string
from robottelo.utils.issue_handlers import is_open


@pytest.fixture
def default_non_admin_user(target_sat, default_org, default_location):
"""Non-admin user with no roles assigned in the Default org/loc."""
password = gen_string('alphanumeric')
user = target_sat.api.User(
login=gen_string('alpha'),
password=password,
organization=[default_org],
location=[default_location],
).create()
user.password = password
yield user
user.delete()


@pytest.mark.run_in_one_thread
class TestCapsuleContentManagement:
"""Content Management related tests, which exercise katello with pulp
Expand Down Expand Up @@ -1633,3 +1651,67 @@ def test_positive_content_counts_blank_update(
assert (
counts is None or len(counts['content_view_versions']) == 0
), f"No content counts expected, but got:\n{counts['content_view_versions']}."

def test_positive_read_with_non_admin_user(
self,
target_sat,
module_capsule_configured,
default_org,
default_non_admin_user,
):
"""Try to list and read Capsules with a non-admin user with and without permissions.
:id: f3ee19fa-9b91-4b49-b00a-8debee903ce6
:setup:
1. Satellite with registered external Capsule.
2. Non-admin user without any roles/permissions.
:steps:
1. Using the non-admin user try to list all or particular Capsule.
2. Add Viewer role to the user and try again.
:expectedresults:
1. Read should fail without Viewer role.
2. Read should succeed when Viewer role added.
:BZ: 2096930
:customerscenario: true
"""
# Using the non-admin user try to list all or particular Capsule
user = default_non_admin_user
sc = ServerConfig(
auth=(user.login, user.password),
url=target_sat.url,
verify=settings.server.verify_ca,
)

with pytest.raises(HTTPError) as error:
target_sat.api.Capsule(server_config=sc).search()
assert error.value.response.status_code == 403
assert 'Access denied' in error.value.response.text

with pytest.raises(HTTPError) as error:
target_sat.api.Capsule(
server_config=sc, id=module_capsule_configured.nailgun_capsule.id
).read()
assert error.value.response.status_code == 403
assert 'Access denied' in error.value.response.text

# Add Viewer role to the user and try again.
v_role = target_sat.api.Role().search(query={'search': 'name="Viewer"'})
assert len(v_role) == 1, 'Expected just one Viewer to be found.'
user.role = [v_role[0]]
user.update(['role'])

res = target_sat.api.Capsule(server_config=sc).search()
assert len(res) >= 2, 'Expected at least one internal and one or more external Capsule(s).'
assert {target_sat.hostname, module_capsule_configured.hostname}.issubset(
[caps.name for caps in res]
), 'Internal and/or external Capsule was not listed.'

res = target_sat.api.Capsule(
server_config=sc, id=module_capsule_configured.nailgun_capsule.id
).read()
assert res.name == module_capsule_configured.hostname, 'External Capsule not found.'

0 comments on commit b49d469

Please sign in to comment.