majic-ansible-roles Changeset

Changeset - f8f8d51c3fd5

Parent rev.

Child rev.

[Not reviewed]

0 1 0

Branko Majic (branko) - 9 months ago 2023-08-13 14:03:00
branko@majic.rs

MAR-181: Parametrise XMPP client tests:

- Reduces code duplication and makes it easier to expand list of
tested accounts.

1 file changed with 35 insertions and 36 deletions:

roles/xmpp_server/molecule/default/tests/test_client.py

0 comments (0 inline, 0 general)

roles/xmpp_server/molecule/default/tests/test_client.py

➞

Show inline comments

 import os
 import pytest
 import testinfra.utils.ansible_runner
@@ @@ -23,71 +25,68 @@ def test_connectivity(host): @@
                 assert ping.rc == 0
 def test_tls(host):
 @pytest.mark.parametrize("username, password, domain", [
     ["john.doe", "johnpassword", "domain1"],
     ["jane.doe", "janepassword", "domain2"],
 ])
 def test_tls(host, username, password, domain):
     """
     Tests if TLS works as expected.
     """
     send = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     "-t -u john.doe -p johnpassword -j domain1:5222 john.doe@domain1")
     assert send.rc == 0
     send = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     "-e -u john.doe -p johnpassword -j domain1:5223 john.doe@domain1")
     send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     f"-t -u {username} -p {password} -j {domain}:5222 {username}@{domain}")
     assert send.rc == 0
     send = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     "-t -u jane.doe -p janepassword -j domain2:5222 jane.doe@domain2")
     assert send.rc == 0
     send = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     "-e -u jane.doe -p janepassword -j domain2:5223 jane.doe@domain2")
     send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     f"-e -u {username} -p {password} -j {domain}:5223 {username}@{domain}")
     assert send.rc == 0
 def test_authentication_requires_tls(host):
 @pytest.mark.parametrize("username, password, domain", [
     ["john.doe", "johnpassword", "domain1"],
     ["jane.doe", "janepassword", "domain2"],
 ])
 def test_authentication_requires_tls(host, username, password, domain):
     """
     Tests if authentication must be done over TLS.
     """
     command = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                        "-u bogus -p bogus -j domain1:5222 john.doe@domain1 -d")
     command = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                        f"-u {username} -p {password} -j {domain}:5222 {username}@{domain} -d")
     assert "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls>" in command.stderr
     command = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                        "-u bogus -p bogus -j domain2:5222 jane.doe@domain2 -d")
     assert "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls>" in command.stderr
 def test_authentication(host):
 @pytest.mark.parametrize("username, password, domain", [
     ["john.doe", "johnpassword", "domain1"],
     ["jane.doe", "janepassword", "domain2"],
     ["mick.doe", "mickpassword", "domain3"],
 ])
 def test_authentication(host, username, password, domain):
     """
     Tests if authentication works correctly.
     """
     send = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     "-t -u john.doe -p johnpassword -j domain1:5222 john.doe@domain1")
     assert send.rc == 0
     send = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     "-e -u john.doe -p johnpassword -j domain1:5223 john.doe@domain1")
     assert send.rc == 0
     send = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     "-t -u jane.doe -p janepassword -j domain2:5222 jane.doe@domain2")
     send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     f"-t -u {username} -p {password} -j {domain}:5222 {username}@{domain}")
     assert send.rc == 0
     send = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     "-e -u mick.doe -p mickpassword -j domain3:5223 mick.doe@domain3")
     send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     f"-e -u {username} -p {password} -j {domain}:5223 {username}@{domain}")
     assert send.rc == 0
 def test_unauthorized_users_rejected(host):
 @pytest.mark.parametrize("target_username, target_domain", [
     ["john.doe", "domain1"],
     ["jane.doe", "domain2"],
 ])
 def test_unauthorized_users_rejected(host, target_username, target_domain):
     """
     Tests if unauthorized users (present in LDAP, but not member of correct
     group) are rejected from accessing the XMPP server.
     """
     send = host.run("echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     "-t -u noxmpp -p noxmpppassword -j domain1:5222 john.doe@domain1")
     send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
                     f"-t -u noxmpp -p noxmpppassword -j {target_domain}:5222 {target_username}@{target_domain}")
     assert send.rc != 0
     assert "Error 'AuthSend': error: not-authorized[?]" in send.stderr

0 comments (0 inline, 0 general)