Source code for cfme.fixtures.authentication
import pytest
from time import sleep
import cfme.utils.auth as authutil
from cfme.utils.log import logger
@pytest.fixture(scope='module')
[docs]def amazon_auth_provider():
try:
return authutil.get_auth_crud('amazon')
except KeyError:
pytest.skip('amazon auth provider not found in auth_data.auth_providers, skipping test.')
@pytest.fixture(scope='module')
[docs]def setup_aws_auth_provider(appliance, amazon_auth_provider):
"""Configure AWS IAM authentication mode"""
original_config = appliance.server.authentication.auth_settings
appliance.server.authentication.configure(auth_mode='amazon',
auth_provider=amazon_auth_provider)
sleep(60) # wait for MIQ to update, no trigger to look for, but if you try too soon it fails
yield
appliance.server.authentication.auth_settings = original_config
appliance.server.login_admin()
appliance.server.authentication.configure(auth_mode='database')
@pytest.fixture(scope='function')
@pytest.fixture(scope='module')
[docs]def ensure_resolvable_hostname(appliance):
"""
Intended for use with freeipa configuration, ensures a resolvable hostname on the appliance
Tries to resolve the appliance hostname property and skips the test if it can't
"""
assert appliance.set_resolvable_hostname()
@pytest.fixture(scope='function')
[docs]def configure_auth(appliance, auth_mode, auth_provider, user_type, request, fix_missing_hostname):
"""Given auth_mode, auth_provider, user_type parametrization, configure auth for login
testing.
Saves original auth settings
Configures external or internal auth modes
Separate freeipa / openldap config methods and finalizers
Restores original auth settings after yielding
"""
original_config = appliance.server.authentication.auth_settings
logger.debug('Original auth settings before configure_auth fixture: %r', original_config)
if auth_mode.lower() != 'external':
appliance.server.authentication.configure(auth_mode=auth_mode,
auth_provider=auth_provider,
user_type=user_type)
elif auth_mode.lower() == 'external': # extra explicit
if auth_provider.auth_type == 'freeipa':
appliance.configure_freeipa(auth_provider)
request.addfinalizer(appliance.disable_freeipa)
elif auth_provider.auth_type == 'openldaps':
appliance.configure_openldap(auth_provider)
request.addfinalizer(appliance.disable_openldap)
# Auth reconfigure is super buggy and sensitive to timing
# Just waiting on sssd to be running, or an httpd restart isn't sufficient
sleep(30)
yield
# return to original auth config
appliance.server.authentication.auth_settings = original_config
appliance.httpd.restart()
appliance.wait_for_web_ui()