add FreeIPA web UI testing
Summary: as a new, non-fatal test step in the cockpit enrolment test, because it kinda fits in there; we have an enrolled system with a web browser *right there*. This will require making the wiki reporting stuff slightly cleverer so we can say 'report a pass for this wiki test instance if this test step passed', but that should be possible. Making this non-fatal means the rest of the cockpit enrolment test will go ahead even if the freeipa web UI fails. The 'check if we can log in' stuff is identical to freeipa_ client_postinstall except with different user names, so we could potentially factor that out somehow, but I couldn't think of a super clean way to do it so for now it's just copied. Note this diff is on top of the freeipa-realmd branch which is for D894, it's not on top of develop. Test Plan: Run the modified test and see if it works. No other tests are modified, so they should be OK. Reviewers: garretraziel Reviewed By: garretraziel Subscribers: tflink Differential Revision: https://phab.qadevel.cloud.fedoraproject.org/D895
15
needles/freeipa/webui_add_button-noicon.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"properties": [],
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_add_button"
|
||||||
|
],
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 644,
|
||||||
|
"ypos": 376,
|
||||||
|
"width": 25,
|
||||||
|
"height": 14,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
BIN
needles/freeipa/webui_add_button-noicon.png
Normal file
After Width: | Height: | Size: 46 KiB |
15
needles/freeipa/webui_add_button.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_add_button"
|
||||||
|
],
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 638,
|
||||||
|
"ypos": 243,
|
||||||
|
"width": 38,
|
||||||
|
"height": 16,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"properties": []
|
||||||
|
}
|
BIN
needles/freeipa/webui_add_button.png
Normal file
After Width: | Height: | Size: 50 KiB |
15
needles/freeipa/webui_add_policy.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"properties": [],
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_add_policy"
|
||||||
|
],
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 171,
|
||||||
|
"ypos": 116,
|
||||||
|
"width": 99,
|
||||||
|
"height": 15,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
BIN
needles/freeipa/webui_add_policy.png
Normal file
After Width: | Height: | Size: 37 KiB |
15
needles/freeipa/webui_add_user.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"properties": [],
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 172,
|
||||||
|
"ypos": 118,
|
||||||
|
"width": 60,
|
||||||
|
"height": 13,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_add_user"
|
||||||
|
]
|
||||||
|
}
|
BIN
needles/freeipa/webui_add_user.png
Normal file
After Width: | Height: | Size: 43 KiB |
15
needles/freeipa/webui_login.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 90,
|
||||||
|
"ypos": 334,
|
||||||
|
"width": 53,
|
||||||
|
"height": 35,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_login"
|
||||||
|
],
|
||||||
|
"properties": []
|
||||||
|
}
|
BIN
needles/freeipa/webui_login.png
Normal file
After Width: | Height: | Size: 159 KiB |
15
needles/freeipa/webui_policy.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_policy"
|
||||||
|
],
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 111,
|
||||||
|
"ypos": 114,
|
||||||
|
"width": 40,
|
||||||
|
"height": 18,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"properties": []
|
||||||
|
}
|
BIN
needles/freeipa/webui_policy.png
Normal file
After Width: | Height: | Size: 55 KiB |
15
needles/freeipa/webui_policy_add_user.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 833,
|
||||||
|
"ypos": 672,
|
||||||
|
"width": 37,
|
||||||
|
"height": 14,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_policy_add_user"
|
||||||
|
],
|
||||||
|
"properties": []
|
||||||
|
}
|
BIN
needles/freeipa/webui_policy_add_user.png
Normal file
After Width: | Height: | Size: 45 KiB |
15
needles/freeipa/webui_policy_any_host.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"properties": [],
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 207,
|
||||||
|
"ypos": 390,
|
||||||
|
"width": 74,
|
||||||
|
"height": 15,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_policy_any_host"
|
||||||
|
]
|
||||||
|
}
|
BIN
needles/freeipa/webui_policy_any_host.png
Normal file
After Width: | Height: | Size: 43 KiB |
15
needles/freeipa/webui_policy_any_service.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 222,
|
||||||
|
"ypos": 572,
|
||||||
|
"width": 86,
|
||||||
|
"height": 15,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_policy_any_service"
|
||||||
|
],
|
||||||
|
"properties": []
|
||||||
|
}
|
BIN
needles/freeipa/webui_policy_any_service.png
Normal file
After Width: | Height: | Size: 44 KiB |
15
needles/freeipa/webui_policy_save.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_policy_save"
|
||||||
|
],
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 173,
|
||||||
|
"ypos": 321,
|
||||||
|
"width": 44,
|
||||||
|
"height": 13,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"properties": []
|
||||||
|
}
|
BIN
needles/freeipa/webui_policy_save.png
Normal file
After Width: | Height: | Size: 45 KiB |
15
needles/freeipa/webui_users.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 18,
|
||||||
|
"ypos": 154,
|
||||||
|
"width": 43,
|
||||||
|
"height": 16,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_users"
|
||||||
|
],
|
||||||
|
"properties": []
|
||||||
|
}
|
BIN
needles/freeipa/webui_users.png
Normal file
After Width: | Height: | Size: 50 KiB |
22
needles/freeipa/webui_users_added.json
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
{
|
||||||
|
"properties": [],
|
||||||
|
"tags": [
|
||||||
|
"freeipa_webui_users_added"
|
||||||
|
],
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 294,
|
||||||
|
"ypos": 460,
|
||||||
|
"width": 29,
|
||||||
|
"height": 13,
|
||||||
|
"type": "match"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"xpos": 295,
|
||||||
|
"ypos": 507,
|
||||||
|
"width": 28,
|
||||||
|
"height": 12,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
BIN
needles/freeipa/webui_users_added.png
Normal file
After Width: | Height: | Size: 55 KiB |
@ -1839,7 +1839,7 @@
|
|||||||
{
|
{
|
||||||
name => "realmd_join_cockpit",
|
name => "realmd_join_cockpit",
|
||||||
settings => [
|
settings => [
|
||||||
{ key => "POSTINSTALL", value => "realmd_join_cockpit freeipa_client" },
|
{ key => "POSTINSTALL", value => "realmd_join_cockpit freeipa_webui freeipa_client" },
|
||||||
{ key => "USER_LOGIN", value => "false" },
|
{ key => "USER_LOGIN", value => "false" },
|
||||||
{ key => "ROOT_PASSWORD", value => "weakpassword" },
|
{ key => "ROOT_PASSWORD", value => "weakpassword" },
|
||||||
{ key => "START_AFTER_TEST", value => "server_cockpit_default" },
|
{ key => "START_AFTER_TEST", value => "server_cockpit_default" },
|
||||||
|
@ -4,6 +4,11 @@ use testapi;
|
|||||||
|
|
||||||
sub run {
|
sub run {
|
||||||
my $self=shift;
|
my $self=shift;
|
||||||
|
# switch to tty1 (we're usually there already, but just in case
|
||||||
|
# we're carrying on from a failed freeipa_webui that didn't fail
|
||||||
|
# at tty1)
|
||||||
|
send_key "ctrl-alt-f1";
|
||||||
|
wait_still_screen 1;
|
||||||
# check domain is listed in 'realm list'
|
# check domain is listed in 'realm list'
|
||||||
validate_script_output 'realm list', sub { $_ =~ m/domain-name: domain\.local.*configured: kerberos-member/s };
|
validate_script_output 'realm list', sub { $_ =~ m/domain-name: domain\.local.*configured: kerberos-member/s };
|
||||||
# check we can see the admin user in getent
|
# check we can see the admin user in getent
|
||||||
|
124
tests/freeipa_webui_postinstall.pm
Normal file
@ -0,0 +1,124 @@
|
|||||||
|
use base "installedtest";
|
||||||
|
use strict;
|
||||||
|
use testapi;
|
||||||
|
|
||||||
|
sub add_user {
|
||||||
|
my ($user, $surname) = @_;
|
||||||
|
wait_still_screen 1;
|
||||||
|
assert_and_click "freeipa_webui_add_button";
|
||||||
|
assert_screen "freeipa_webui_add_user";
|
||||||
|
wait_still_screen 1;
|
||||||
|
type_string $user;
|
||||||
|
wait_still_screen 1;
|
||||||
|
send_key "tab";
|
||||||
|
# we don't need to be too careful here as the names don't matter
|
||||||
|
type_string "Test";
|
||||||
|
send_key "tab";
|
||||||
|
type_string $surname;
|
||||||
|
send_key "tab";
|
||||||
|
send_key "tab";
|
||||||
|
send_key "tab";
|
||||||
|
send_key "tab";
|
||||||
|
type_string "correcthorse";
|
||||||
|
wait_still_screen 1;
|
||||||
|
send_key "tab";
|
||||||
|
wait_still_screen 1;
|
||||||
|
type_string "correcthorse\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
sub run {
|
||||||
|
my $self=shift;
|
||||||
|
# we're restarting firefox (instead of using the same one from
|
||||||
|
# freeipa_client_postinstall) so Firefox's trusted CA store
|
||||||
|
# refreshes and it trusts the web server cert
|
||||||
|
type_string "startx /usr/bin/firefox\n";
|
||||||
|
assert_screen "firefox";
|
||||||
|
# new tab
|
||||||
|
send_key "ctrl-t";
|
||||||
|
wait_still_screen 2;
|
||||||
|
type_string "https://ipa001.domain.local";
|
||||||
|
# firefox's stupid 'smart' url bar is a pain. wait for things to settle.
|
||||||
|
wait_still_screen 3;
|
||||||
|
send_key "ret";
|
||||||
|
assert_screen "freeipa_webui_login";
|
||||||
|
type_string "admin";
|
||||||
|
wait_still_screen 1;
|
||||||
|
send_key "tab";
|
||||||
|
wait_still_screen 1;
|
||||||
|
type_string "monkeys123";
|
||||||
|
wait_still_screen 1;
|
||||||
|
send_key "ret";
|
||||||
|
assert_screen "freeipa_webui_users";
|
||||||
|
add_user("test3", "Three");
|
||||||
|
add_user("test4", "Four");
|
||||||
|
assert_screen "freeipa_webui_users_added";
|
||||||
|
assert_and_click "freeipa_webui_policy";
|
||||||
|
assert_and_click "freeipa_webui_add_button";
|
||||||
|
assert_screen "freeipa_webui_add_policy";
|
||||||
|
type_string "allow-test3";
|
||||||
|
wait_still_screen 1;
|
||||||
|
send_key "tab";
|
||||||
|
send_key "tab";
|
||||||
|
send_key "tab";
|
||||||
|
wait_still_screen 1;
|
||||||
|
send_key "ret";
|
||||||
|
assert_and_click "freeipa_webui_policy_add_user";
|
||||||
|
# filter users
|
||||||
|
type_string "test3\n";
|
||||||
|
# go to the correct checkbox (assert_and_click is tricky as
|
||||||
|
# we can't make sure we click the right checkbox)
|
||||||
|
send_key "tab";
|
||||||
|
send_key "tab";
|
||||||
|
send_key "tab";
|
||||||
|
# check it
|
||||||
|
send_key "spc";
|
||||||
|
# select the right arrow
|
||||||
|
send_key "tab";
|
||||||
|
# click it
|
||||||
|
send_key "ret";
|
||||||
|
assert_and_click "freeipa_webui_add_button";
|
||||||
|
wait_still_screen 2;
|
||||||
|
send_key "pgdn";
|
||||||
|
wait_still_screen 1;
|
||||||
|
assert_and_click "freeipa_webui_policy_any_host";
|
||||||
|
assert_and_click "freeipa_webui_policy_any_service";
|
||||||
|
wait_still_screen 1;
|
||||||
|
send_key "pgup";
|
||||||
|
wait_still_screen 1;
|
||||||
|
assert_and_click "freeipa_webui_policy_save";
|
||||||
|
# quit browser to return to console
|
||||||
|
send_key "ctrl-q";
|
||||||
|
# we don't get back to a prompt instantly and keystrokes while X
|
||||||
|
# is still shutting down are swallowed, so wait_still_screen before
|
||||||
|
# finishing (and handing off to freeipa_client_postinstall)
|
||||||
|
wait_still_screen 5;
|
||||||
|
# set permanent passwords for both accounts
|
||||||
|
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test3@DOMAIN.LOCAL';
|
||||||
|
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test4@DOMAIN.LOCAL';
|
||||||
|
# switch to tty4 (boy, the tty jugglin')
|
||||||
|
send_key "ctrl-alt-f4";
|
||||||
|
# try and login as test3, should work
|
||||||
|
$self->console_login(user=>'test3@DOMAIN.LOCAL', password=>'batterystaple');
|
||||||
|
type_string "exit\n";
|
||||||
|
# try and login as test4, should fail. we cannot use console_login
|
||||||
|
# as it takes 10 seconds to complete when login fails, and
|
||||||
|
# "permission denied" message doesn't last that long
|
||||||
|
sleep 2;
|
||||||
|
assert_screen "text_console_login";
|
||||||
|
type_string "test4\@DOMAIN.LOCAL\n";
|
||||||
|
assert_screen "console_password_required";
|
||||||
|
type_string "batterystaple\n";
|
||||||
|
assert_screen "login_permission_denied";
|
||||||
|
# back to tty1 to let generic freeipa_client test pick up from here
|
||||||
|
send_key "ctrl-alt-f1";
|
||||||
|
}
|
||||||
|
|
||||||
|
sub test_flags {
|
||||||
|
# without anything - rollback to 'lastgood' snapshot if failed
|
||||||
|
# 'fatal' - whole test suite is in danger if this fails
|
||||||
|
# 'milestone' - after this test succeeds, update 'lastgood'
|
||||||
|
# 'important' - if this fails, set the overall state to 'fail'
|
||||||
|
return {};
|
||||||
|
}
|
||||||
|
|
||||||
|
1;
|
@ -52,7 +52,7 @@ sub test_flags {
|
|||||||
# 'fatal' - whole test suite is in danger if this fails
|
# 'fatal' - whole test suite is in danger if this fails
|
||||||
# 'milestone' - after this test succeeds, update 'lastgood'
|
# 'milestone' - after this test succeeds, update 'lastgood'
|
||||||
# 'important' - if this fails, set the overall state to 'fail'
|
# 'important' - if this fails, set the overall state to 'fail'
|
||||||
return { fatal => 1 };
|
return { fatal => 1, milestone => 1 };
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|