# Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
# Testcase to verify ipa installation in manager node
- name: OMNIA_1.2_SEC2_TC_013
hosts: manager
vars_files:
- test_vars/test_security_ipa_vars.yml
tasks:
- name: Gather IPA version
command: ipa --version
register: ipa_version_op
tags: SECURITY_TC_001
- name: Validate the ipa version
assert:
that:
- "'VERSION' in ipa_version_op.stdout"
fail_msg: "{{ ipa_install_verification_fail_msg }}"
success_msg: "{{ ipa_install_verification_success_msg }}"
tags: SECURITY_TC_001
# OMNIA_1.2_SEC2_TC_014
# Testcase to verify user creation in Free IPA
- name: OMNIA_1.2_SEC2_TC_014
hosts: manager
vars_files:
- test_vars/test_security_ipa_vars.yml
tasks:
- name: Generate random user
command: echo "{{ user_var + random_number }}"
register: user_name
tags: SECURITY_TC_002
- name: Create a random user for testing in free IPA
command: ipa user-add {{ user_name.stdout }} --first='userFirst' --last='userLast' --random
register: create_user_op
tags: SECURITY_TC_002
- name: Get the list of users created in free IPA
command: ipa user-find
register: user_find_op
tags: SECURITY_TC_002
- name: Verify the presence of created user in free IPA
assert:
that:
- "'{{ user_name.stdout }}' in user_find_op.stdout"
fail_msg: "{{ user_creation_fail_msg }}"
success_msg: "{{ user_creation_success_msg }}"
tags: SECURITY_TC_002
# Test case to verify group creation in Free IPA
- name: OMNIA_1.2_SEC2_TC_015
hosts: manager
vars_files:
- test_vars/test_security_ipa_vars.yml
tasks:
- name: Generate random group
command: echo "{{ group_var + random_number }}"
register: group_name
tags: SECURITY_TC_003
- name: Create a random group for testing in free IPA
command: ipa group-add {{ group_name.stdout }}
register: create_group_op
tags: SECURITY_TC_003
- name: Get the list of groups created in free IPA
command: ipa group-find
register: group_find_op
tags: SECURITY_TC_003
- name: Verify the presence of created group in free IPA
assert:
that:
- "'{{ group_name.stdout }}' in group_find_op.stdout"
fail_msg: "{{ group_creation_fail_msg }}"
success_msg: "{{ group_creation_success_msg }}"
tags: SECURITY_TC_003
# Testcase to verify whether user is added to group
- name: OMNIA_1.2_SEC2_TC_016
hosts: manager
vars_files:
- test_vars/test_security_ipa_vars.yml
tasks:
- name: Generate random user
command: echo "{{ user_var + random_number }}"
register: user_name
tags: SECURITY_TC_004
- name: Create user to add into group in free IPA
command: ipa user-add {{ user_name.stdout }} --first='user' --last='Random' --random
register: create_user_op
tags: SECURITY_TC_004
- name: Get the list of users created in free IPA
command: ipa user-find
register: user_find_op
tags: SECURITY_TC_004
- name: Verify the presence of created user in free IPA
assert:
that:
- "'{{ user_name.stdout }}' in user_find_op.stdout"
fail_msg: "{{ user_creation_fail_msg }}"
success_msg: "{{ user_creation_success_msg }}"
tags: SECURITY_TC_004
- name: Generate random group
command: echo "{{ group_var + random_number }}"
register: group_name
tags: SECURITY_TC_004
- name: Create a group to add users in free IPA
command: ipa group-add {{ group_name.stdout }}
register: create_group_op
tags: SECURITY_TC_004
- name: Get the list of groups created in free IPA
command: ipa group-find
register: group_find_op
tags: SECURITY_TC_004
- name: Verify the presence of created group in free IPA
assert:
that:
- "'{{ group_name.stdout }}' in group_find_op.stdout"
fail_msg: "{{ group_creation_fail_msg }}"
success_msg: "{{ group_creation_success_msg }}"
tags: SECURITY_TC_004
- name: Add created user to created group in free IPA
command: ipa group-add-member {{ group_name.stdout }} --users={{ user_name.stdout}}
register: group_add_member_op
tags: SECURITY_TC_004
- name: Get details of group in which user is added in free IPA
command: ipa group-show {{ group_name.stdout }}
register: group_show_op
tags: SECURITY_TC_004
- name: Verify user presence in the group from free IPA
assert:
that:
- "'{{ user_name.stdout }}' in group_show_op.stdout"
fail_msg: "{{ add_user_to_group_fail_msg }}"
success_msg: "{{ add_user_to_group_success_msg }}"
tags: SECURITY_TC_004
# Testcase to verify user deletion in Free IPA
- name: OMNIA_1.2_SEC2_TC_017
hosts: manager
vars_files:
- test_vars/test_security_ipa_vars.yml
tasks:
- name: Generate random user
command: echo "{{ user_var + random_number }}"
register: user_name
tags: SECURITY_TC_005
- name: Create a user to perform deletion
command: ipa user-add {{ user_name.stdout }} --first='userFirst' --last='userLast' --random
register: create_user_op
tags: SECURITY_TC_005
- name: Get the list of users created in free IPA
command: ipa user-find
register: user_find_op
tags: SECURITY_TC_005
- name: Verify the presence of created user in free IPA
assert:
that:
- "'{{ user_name.stdout }}' in user_find_op.stdout"
fail_msg: "{{ user_creation_fail_msg }}"
success_msg: "{{ user_creation_success_msg }}"
tags: SECURITY_TC_005
- name: Delete created user in free IPA
command: ipa user-del {{ user_name.stdout }}
register: user_del_op
tags: SECURITY_TC_005
- name: Select all the remaining users from free IPA
command: ipa user-find
register: user_find_op_after_del
tags: SECURITY_TC_005
- name: Verify the absence of deleted user in free IPA
assert:
that:
- "'{{ user_name.stdout }}' not in user_find_op_after_del.stdout"
fail_msg: "{{ user_deletion_fail_msg }}"
success_msg: "{{ user_deletion_success_msg }}"
tags: SECURITY_TC_005
# Testcase to verify group deletion in Free IPA
- name: OMNIA_1.2_SEC2_TC_018
hosts: manager
vars_files:
- test_vars/test_security_ipa_vars.yml
tasks:
- name: Generate random group
command: echo "{{ group_var + random_number }}"
register: group_name
tags: SECURITY_TC_006
- name: Create a group to perform deletion in free IPA
command: ipa group-add {{ group_name.stdout }}
register: create_group_op
tags: SECURITY_TC_006
- name: Get the list of groups created in free IPA
command: ipa group-find
register: group_find_op
tags: SECURITY_TC_006
- name: Verify the presence of created group in free IPA
assert:
that:
- "'{{ group_name.stdout }}' in group_find_op.stdout"
fail_msg: "{{ group_creation_fail_msg }}"
success_msg: "{{ group_creation_success_msg }}"
tags: SECURITY_TC_006
- name: Delete created group in free IPA
command: ipa group-del {{ group_name.stdout }}
register: group_del_op
tags: SECURITY_TC_006
- name: Select all the remaining users from free IPA
command: ipa group-find
register: group_find_op_after_del
tags: SECURITY_TC_006
- name: Verify the absence of deleted user in IPA
assert:
that:
- "'{{ group_name.stdout }}' not in group_find_op_after_del.stdout"
fail_msg: "{{ group_deletion_fail_msg }}"
success_msg: "{{ group_deletion_success_msg }}"
tags: SECURITY_TC_006
# Testcase to verify role creation in Free IPA
- name: OMNIA_1.2_SEC2_TC_019
hosts: manager
vars_files:
- test_vars/test_security_ipa_vars.yml
tasks:
- name: Generate random role
command: echo "{{ role_var + random_number }}"
register: role_name
tags: SECURITY_TC_007
- name: Create a random role for testing in free IPA
command: ipa role-add {{ role_name.stdout }} --des='User Defined Role'
register: create_role_op
tags: SECURITY_TC_007
- name: Get the list of roles created in free IPA
command: ipa role-find
register: role_find_op
tags: SECURITY_TC_007
- name: Verify the presence of created role in free IPA
assert:
that:
- "'{{ role_name.stdout }}' in role_find_op.stdout"
fail_msg: "{{ role_creation_fail_msg }}"
success_msg: "{{ role_creation_success_msg }}"
tags: SECURITY_TC_007