You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ya...@apache.org on 2013/07/22 07:37:34 UTC
[25/50] [abbrv] git commit: updated refs/heads/pvlan to ce299da
CLOUDSTACK-2287: Tests for the LDAP system
API tests for the LDAP config/remove commands
Signed-off-by: Prasanna Santhanam <ts...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/2778486c
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/2778486c
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/2778486c
Branch: refs/heads/pvlan
Commit: 2778486c34427dbc4e66a7f5db0e3b2364cf9f11
Parents: 8986e16
Author: suresh sadhu <su...@citrix.com>
Authored: Mon May 20 14:48:06 2013 +0530
Committer: Prasanna Santhanam <ts...@apache.org>
Committed: Mon May 20 17:51:49 2013 +0530
----------------------------------------------------------------------
test/integration/smoke/test_ldap.py | 365 +++++++++++++++++++++++++++++++
1 file changed, 365 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2778486c/test/integration/smoke/test_ldap.py
----------------------------------------------------------------------
diff --git a/test/integration/smoke/test_ldap.py b/test/integration/smoke/test_ldap.py
new file mode 100755
index 0000000..1b933db
--- /dev/null
+++ b/test/integration/smoke/test_ldap.py
@@ -0,0 +1,365 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+""" P1 for LDAP Config
+"""
+
+
+#!/usr/bin/env python
+
+import marvin
+from marvin import cloudstackTestCase
+from marvin.cloudstackTestCase import *
+import unittest
+import hashlib
+import random
+from marvin.cloudstackAPI import *
+from marvin.cloudstackAPI import login
+from marvin.integration.lib.utils import *
+from marvin.integration.lib.base import *
+from marvin.integration.lib.common import *
+from nose.plugins.attrib import attr
+import urllib
+
+
+
+class Services:
+ """Test LDAP Configuration
+ """
+
+ def __init__(self):
+ self.services = {
+ "account": {
+ "email": "test@test.com",
+ "firstname": "test",
+ "lastname": "t",
+ "username": "test",
+ "password": "password",
+ },
+ "ldapCon_1":#valid values&Query filter as email.
+ {
+ "ldapHostname": "10.147.38.163",
+ "port": "389",
+ "binddn": "CN=test,CN=Users,DC=hyd-qa,DC=com",
+ "bindpass": "aaaa_1111",
+ "queryfilter": "(&(mail=%e))",
+ "searchbase": "CN=Users,DC=hyd-qa,DC=com",
+ "ldapusername": "test",
+ "ldappasswd": "aaaa_1111"
+ },
+ "ldapCon_2": ##valid values&Query filter as displayName.
+ {
+ "ldapHostname": "10.147.38.163",
+ "port": "389",
+ "binddn": "CN=test,CN=Users,DC=hyd-qa,DC=com",
+ "bindpass": "aaaa_1111",
+ "queryfilter": "(&(displayName=%u))",
+ "searchbase": "CN=Users,DC=hyd-qa,DC=com",
+ "ldapusername": "test",
+ "ldappasswd": "aaaa_1111"
+ },
+ "ldapCon_3": #Configuration with missing parameters value(queryfilter)
+ {
+ "ldapHostname": "10.147.38.163",
+ "port": "389",
+ "binddn": "CN=test,CN=Users,DC=hyd-qa,DC=com",
+ "bindpass": "aaaa_1111",
+ "queryfilter": "",
+ "searchbase": "CN=Users,DC=hyd-qa,DC=com",
+ "ldapusername": "test",
+ "ldappasswd": "aaaa_1111"
+ },
+
+ "ldapCon_4": #invalid configuration-wrong query filter
+ {
+ "ldapHostname": "10.147.38.163",
+ "port": "389",
+ "binddn": "CN=test,CN=Users,DC=hyd-qa,DC=com",
+ "bindpass": "aaaa_1111",
+ "queryfilter": "(&(displayName=%p))",
+ "searchbase":"CN=Users,DC=hyd-qa,DC=com",
+ "ldapusername": "test",
+ "ldappasswd": "aaaa_1111"
+ },
+ "ldapCon_5": #Configuration with invalid ldap credentials
+ {
+ "ldapHostname": "10.147.38.163",
+ "port": "389",
+ "binddn": "CN=test,CN=Users,DC=hyd-qa,DC=com",
+ "bindpass": "aaaa_1111",
+ "queryfilter": "(&(displayName=%u))",
+ "searchbase": "CN=Users,DC=hyd-qa,DC=com",
+ "ldapusername": "test",
+ "ldappasswd": "aaaa"
+ }
+
+
+
+ }
+
+
+class TestLdap(cloudstackTestCase):
+ """
+ This test perform registering ldap configuration details in CS and create a user[ldap user] in CS
+ and validate user credentials against LDAP server:AD
+ """
+
+ @classmethod
+ def setUpClass(cls):
+
+ cls.api_client = super(
+ TestLdap,
+ cls
+ ).getClsTestClient().getApiClient()
+ cls.services = Services().services
+ cls.account = cls.services["account"]
+ cls._cleanup = []
+
+
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ #Cleanup resources used
+ #print "tear down class"
+ cleanup_resources(cls.api_client, cls._cleanup)
+
+ except Exception as tde:
+ raise Exception("Warning: Exception during cleanup : %s" % tde)
+ return
+
+ def setUp(self):
+
+ self.apiclient = self.testClient.getApiClient()
+
+ self.acct = createAccount.createAccountCmd()
+ self.acct.accounttype = 0 #We need a regular user. admins have accounttype=1
+ self.acct.firstname = self.services["account"]["firstname"]
+ self.acct.lastname = self.services["account"]["lastname"]
+ self.acct.password = self.services["account"]["password"]
+ self.acct.username = self.services["account"]["username"]
+ self.acct.email = self.services["account"]["email"]
+ self.acct.account = self.services["account"]["username"]
+ self.acct.domainid = 1
+ # mapping ldap user by creating same user in cloudstack
+
+ self.acctRes = self.apiclient.createAccount(self.acct)
+
+
+ return
+
+ def tearDown(self):
+
+ try:
+ #Clean up, terminate the created accounts, domains etc
+
+ deleteAcct = deleteAccount.deleteAccountCmd()
+ deleteAcct.id = self.acctRes.id
+
+ acct_name=self.acctRes.name
+
+ self.apiclient.deleteAccount(deleteAcct)
+
+ self.debug("Deleted the the following account name %s:" %acct_name)
+ #delete only if ldapconfig registered in CS
+ if(self.ldapconfRes):
+ deleteldapconfg=ldapRemove.ldapRemoveCmd()
+ res=self.apiclient.ldapRemove(deleteldapconfg)
+
+
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+
+ def test_01_configLDAP(self):
+ '''
+ This test is to verify ldapConfig API with valid values.(i.e query fileter as email)
+ '''
+ # 1. This test covers ldapConfig & login API with valid ldap credentials..
+ # require ldap configuration:ldapCon_1
+
+ self.debug("start test")
+
+ self.ldapconfRes=self._testldapConfig(self.services["ldapCon_1"])
+
+ if(self.ldapconfRes==1):
+
+
+ self.debug("configure ldap successful")
+
+ #validating the user credentials with ldap Server
+ loginRes = self.chkLogin(self.services["ldapCon_1"]["ldapusername"], self.services["ldapCon_1"]["ldappasswd"])
+ self.assertEquals(loginRes,1,"ldap Authentication failed")
+
+ else:
+
+ self.debug("LDAP Configuration failed with exception")
+
+ self.assertEquals(self.ldapconfRes,1,"ldapConfig API failed")
+
+
+ self.debug("end test")
+
+
+ def test_02_configLDAP(self):
+ '''
+ This test is to verify ldapConfig API with valid values.(i.e query fileter as displayName)
+ '''
+
+ # 1. This test covers ldapConfig & login API with valid ldap credentials.
+ # 2. require ldap configuration:ldapCon_2
+
+ self.debug("start test")
+ self.ldapconfRes=self._testldapConfig(self.services["ldapCon_2"])
+ self.assertEquals(self.ldapconfRes,1,"ldapConfig API failed")
+ if(self.ldapconfRes==1):
+ self.debug("configure ldap successful")
+ #validating the user credentials with ldap Server
+ loginRes = self.chkLogin(self.services["ldapCon_2"]["ldapusername"], self.services["ldapCon_2"]["ldappasswd"])
+ self.assertEquals(loginRes,1,"ldap Authentication failed")
+ else:
+ self.debug("LDAP Configuration failed with exception")
+ self.debug("end test")
+
+
+ def test_03_configLDAP(self):
+
+ '''
+ This test is to verify ldapConfig API with missing config parameters value(i.queryfilter)
+ '''
+
+ # 1. Issue ldapConfig API with no ldap config parameter value and check behavior
+ # 2. require ldap configuration:ldapCon_3
+
+ self.debug("start test...")
+ self.ldapconfRes=self._testldapConfig(self.services["ldapCon_3"])
+ self.assertEquals(self.ldapconfRes,0,"LDAP configuration successful with invalid value.API failed")
+ self.debug("end test")
+
+ def test_04_configLDAP(self):
+ '''
+ This test is to verify ldapConfig API with invalid configuration values(by passing wrong query filter)
+ '''
+ # 1. calling ldapConfig API with invalid query filter value and check behavior
+ # 2. require ldap configuration:ldapCon_4
+
+ self.debug("start test...")
+ self.ldapconfRes=self._testldapConfig(self.services["ldapCon_4"])
+ self.assertEquals(self.ldapconfRes,0,"API failed")
+
+
+
+ def test_05_configLDAP(self):
+
+ '''
+ This test is to verify login API functionality by passing wrong ldap credentials
+ '''
+ # 1.This script first configure the ldap and validates the user credentials using login API
+ # 2. require ldap configuration:ldapCon_5
+
+
+ self.debug("start test")
+ self.ldapconfRes=self._testldapConfig(self.services["ldapCon_5"])
+ self.assertEquals(self.ldapconfRes,1,"API failed")
+ #validating the cloudstack user credentials with ldap Server
+ loginRes = self.chkLogin(self.services["ldapCon_5"]["ldapusername"], self.services["ldapCon_5"]["ldappasswd"])
+ self.assertNotEqual(loginRes,1,"login API failed")
+ self.debug("end test")
+
+ def test_06_removeLDAP(self):
+ '''
+ This test is to verify ldapRemove API functionality
+ '''
+ # 1. This script fist configures ldap and removes the configured ldap values
+ # 2. require ldap configuration:ldapCon_1
+
+
+ self.debug("start test")
+ self.ldapconfRes=self._testldapConfig(self.services["ldapCon_1"])
+ if(self.ldapconfRes==1):
+ self.debug("ldap configured successfully")
+ deleteldapconfg=ldapRemove.ldapRemoveCmd()
+ res=self.apiclient.ldapRemove(deleteldapconfg)
+ self.debug("ldap removed successfully")
+ self.ldapconfRes=0
+ else:
+
+ self.debug("LDAP Configuration failed with exception")
+ self.assertEquals(self.ldapconfRes,0,"ldapconfig API failed")
+ self.debug("end test")
+
+ def _testldapConfig(self,ldapSrvD):
+
+ """
+
+ :param ldapSrvD
+
+
+ """
+ #This Method takes dictionary as parameter,
+ # reads the ldap configuration values from the passed dictionary and
+ # register the ldapconfig detail in cloudstack
+ # & return true or false based on ldapconfig API response
+
+ self.debug("start ldapconfig test")
+ #creating the ldapconfig cmd object
+ lpconfig = ldapConfig.ldapConfigCmd()
+ #Config the ldap server by assigning the ldapconfig dict variable values to ldapConfig object
+ lpconfig.hostname = ldapSrvD["ldapHostname"]
+ lpconfig.port = ldapSrvD["port"]
+ lpconfig.binddn = ldapSrvD["binddn"]
+ lpconfig.bindpass = ldapSrvD["bindpass"]
+ lpconfig.searchbase = ldapSrvD["searchbase"]
+ lpconfig.queryfilter = ldapSrvD["queryfilter"]
+
+ #end of assigning the variables
+
+ #calling the ldapconfig Api
+ self.debug("calling ldapconfig API")
+ try:
+ lpconfig1 = self.apiclient.ldapConfig(lpconfig)
+ self.debug("ldapconfig API succesfful")
+ return 1
+ except Exception, e:
+ self.debug("ldapconfig API failed %s" %e)
+ return 0
+
+ def chkLogin(self, username, password):
+ """
+
+ :param username:
+ :param password:
+
+ """
+ self.debug("login test")
+
+ try:
+ login1 = login.loginCmd()
+ login1.username = username
+ login1.password = password
+ loginRes = self.apiclient.login(login1)
+ self.debug("login response %s" % loginRes)
+ if loginRes is None:
+ self.debug("login not successful")
+ else:
+ self.debug("login successful")
+ return 1
+
+ except Exception, p:
+ self.debug("login operation failed %s" %p)
+ self.debug("end of Login")