diff --git a/test/integration/component/test_ldap.py b/test/integration/component/test_ldap.py index 34640227215b..633d8b061934 100644 --- a/test/integration/component/test_ldap.py +++ b/test/integration/component/test_ldap.py @@ -27,10 +27,12 @@ addLdapConfiguration, deleteLdapConfiguration) from marvin.cloudstackAPI import login -from marvin.lib.utils import cleanup_resources +from marvin.lib.utils import cleanup_resources,validateList from nose.plugins.attrib import attr - - +import telnetlib +from ddt import ddt,data +import sys +@ddt class TestLdap(cloudstackTestCase): """ @@ -44,6 +46,8 @@ def setUpClass(cls): cls.api_client = testClient.getApiClient() cls.services = testClient.getParsedTestDataConfig() cls._cleanup = [] + cls.delflag=0 + cls.reason="" @classmethod def tearDownClass(cls): @@ -57,7 +61,6 @@ def tearDownClass(cls): def setUp(self): self.apiClient = self.testClient.getApiClient() - self.acct = createAccount.createAccountCmd() self.acct.accounttype = 0 self.acct.firstname = self.services[ @@ -73,38 +76,51 @@ def setUp(self): self.acct.account = self.services[ "configurableData"]["ldap_account"]["username"] self.acct.domainid = 1 + if self.acct.firstname == ""or self.acct.lastname == "" or self.acct.password == "" or self.acct.username == "" or \ + self.acct.username == ""or self.acct.account=="": + self.debug("Please rerun the test by providing values in ldap configuration user details") + self.skipTest("Please rerun the test by providing proper values in configuration file") - self.acctRes = self.apiClient.createAccount(self.acct) - + else: + self.delflag=1 + self.acctRes = self.apiClient.createAccount(self.acct) + self.assertEquals(self.delflag,1,"LDAP account details are not provided,please check the configuration") return def tearDown(self): + self.debug("i am in tear down%s" % self.delflag) + try: - deleteAcct = deleteAccount.deleteAccountCmd() - deleteAcct.id = self.acctRes.id + #check setup var>1 it means its created object (account)then only execute below code else skip the delete part + deleteAcct = deleteAccount.deleteAccountCmd() + deleteAcct.id = self.acctRes.id - acct_name = self.acctRes.name + acct_name = self.acctRes.name - self.apiClient.deleteAccount(deleteAcct) + self.apiClient.deleteAccount(deleteAcct) - self.debug( - "Deleted the the following account name %s:" % - acct_name) + self.debug( + "Deleted the the following account name %s:" % + acct_name) - if(self.ldapconfRes == 1): - self._deleteLdapConfiguration( - self.services["configurableData"]["ldap_configuration"]) + if(self.ldapconfRes == 1): + self._deleteLdapConfiguration( + self.services["configurableData"]["ldap_configuration"]) except Exception as e: - raise Exception("Warning: Exception during cleanup : %s" % e) + raise Exception("Warning: Exception during cleanup : %s" % e) + return @attr(tags=["advanced", "basic"], required_hardware="false") + def test_01_addLdapConfiguration(self): """ This test configures LDAP and attempts to authenticate as a user. """ + #if self.delflag == 0: + # self.skipTest("No values in configuration so skipping the tests") self.debug("start test") @@ -128,7 +144,35 @@ def test_01_addLdapConfiguration(self): self.assertEquals( self.ldapconfRes, 1, - "addLdapConfiguration failed") + self.reason) + + self.debug("end test") + + def test_02_validateLdapSecurityPatch(self): + + self.debug("start test") + self.ldapconfRes = self._addLdapConfiguration( + self.services["configurableData"]["ldap_configuration"]) + self.assertEqual(self.ldapconfRes,1,"Ldap Configuration failed") + + loginRes = self._checkLogin( + self.services["configurableData"]["ldap_configuration"]["ldapUsername"],"") + self.assertNotEqual(loginRes,1,"login API Successful with empty password") + self.debug("end test") + + @data("basedn","ldapPassword") + def test_03_validateldapbindnobasedn(self,value): + ''' + This test is to verify ldapbind functionality without passing basedn value + ''' + self.debug("start test") + bindvalue=self.services["configurableData"]["ldap_configuration"][value] + if len(bindvalue)>0: + self.services["configurableData"]["ldap_configuration"][value]="" + self.ldapconfRes=self._addLdapConfiguration(self.services["configurableData"]["ldap_configuration"]) + self.assertNotEqual(self.ldapconfRes,1,"Ldap Configuration successful with invalid values-i.e. allowing anonymous bind") + + self.services["configurableData"]["ldap_configuration"][value]=value self.debug("end test") @@ -138,9 +182,13 @@ def _addLdapConfiguration(self, ldapConfiguration): :param ldapConfiguration """ + self.chkConfig=self._checkLdapConfiguration(ldapConfiguration) + if self.chkConfig==False: + return 0 # Setup Global settings + updateConfigurationCmd = updateConfiguration.updateConfigurationCmd() updateConfigurationCmd.name = "ldap.basedn" updateConfigurationCmd.value = ldapConfiguration['basedn'] @@ -193,9 +241,34 @@ def _addLdapConfiguration(self, ldapConfiguration): self.debug("addLdapConfiguration was successful") return 1 except Exception as e: - self.debug("addLdapConfiguration failed %s" % e) + self.debug("addLdapConfiguration failed %s Check the Passed passed ldap attributes" % e) + self.reason="addLdapConfiguration failed %s Check the Passed passed ldap attributes" % e return 0 + def _checkLdapConfiguration(self,ldapConfiguration): + + """" + This function checks the passed ldap server in the configuration is up and running or not. + """"" + + flag=False + try: + tn=telnetlib.Telnet(ldapConfiguration['hostname'],ldapConfiguration['port'],timeout=15) + if tn is not None: + tn.set_debuglevel(1) + print tn.msg("Connected to the server") + self.debug("Ldap Server is Up and listening on the port %s" % tn.msg("Connected to the server")) + flag=True + tn.close() + #else: + #print " Not able to reach the LDAP server ,please check the Services on LDAP" + # self.debug(" Not able to reach the LDAP server ,please check the Services on LDAP %s" % ldapConfiguration['hostname']) + except Exception as e: + self.debug(" Not able to reach the LDAP server ,please check the Services on LDAP %s and exception is %s" %((ldapConfiguration['hostname']), e)) + self.reason=" Not able to reach the LDAP server ,please check the Services on LDAP %s and exception is %s" %((ldapConfiguration['hostname']), e) + return flag + + def _deleteLdapConfiguration(self, ldapConfiguration): """ @@ -234,8 +307,10 @@ def _checkLogin(self, username, password): return 0 else: self.debug("login successful") + #self.reason="Login Successful" return 1 except Exception as p: self.debug("login operation failed %s" % p) + #self.reason="Login operation Failed %s" %p self.debug("end of Login")