# Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- # Testcase to verify ipa installation in manager node - name: OMNIA_1.2_SEC2_TC_013 hosts: manager vars_files: - test_vars/test_security_ipa_vars.yml tasks: - name: Gather IPA version command: ipa --version register: ipa_version_op tags: SECURITY_TC_001 - name: Validate the ipa version assert: that: - "'VERSION' in ipa_version_op.stdout" fail_msg: "{{ ipa_install_verification_fail_msg }}" success_msg: "{{ ipa_install_verification_success_msg }}" tags: SECURITY_TC_001 # OMNIA_1.2_SEC2_TC_014 # Testcase to verify user creation in Free IPA - name: OMNIA_1.2_SEC2_TC_014 hosts: manager vars_files: - test_vars/test_security_ipa_vars.yml tasks: - name: Generate random user command: echo "{{ user_var + random_number }}" register: user_name tags: SECURITY_TC_002 - name: Create a random user for testing in free IPA command: ipa user-add {{ user_name.stdout }} --first='userFirst' --last='userLast' --random register: create_user_op tags: SECURITY_TC_002 - name: Get the list of users created in free IPA command: ipa user-find register: user_find_op tags: SECURITY_TC_002 - name: Verify the presence of created user in free IPA assert: that: - "'{{ user_name.stdout }}' in user_find_op.stdout" fail_msg: "{{ user_creation_fail_msg }}" success_msg: "{{ user_creation_success_msg }}" tags: SECURITY_TC_002 # Test case to verify group creation in Free IPA - name: OMNIA_1.2_SEC2_TC_015 hosts: manager vars_files: - test_vars/test_security_ipa_vars.yml tasks: - name: Generate random group command: echo "{{ group_var + random_number }}" register: group_name tags: SECURITY_TC_003 - name: Create a random group for testing in free IPA command: ipa group-add {{ group_name.stdout }} register: create_group_op tags: SECURITY_TC_003 - name: Get the list of groups created in free IPA command: ipa group-find register: group_find_op tags: SECURITY_TC_003 - name: Verify the presence of created group in free IPA assert: that: - "'{{ group_name.stdout }}' in group_find_op.stdout" fail_msg: "{{ group_creation_fail_msg }}" success_msg: "{{ group_creation_success_msg }}" tags: SECURITY_TC_003 # Testcase to verify whether user is added to group - name: OMNIA_1.2_SEC2_TC_016 hosts: manager vars_files: - test_vars/test_security_ipa_vars.yml tasks: - name: Generate random user command: echo "{{ user_var + random_number }}" register: user_name tags: SECURITY_TC_004 - name: Create user to add into group in free IPA command: ipa user-add {{ user_name.stdout }} --first='user' --last='Random' --random register: create_user_op tags: SECURITY_TC_004 - name: Get the list of users created in free IPA command: ipa user-find register: user_find_op tags: SECURITY_TC_004 - name: Verify the presence of created user in free IPA assert: that: - "'{{ user_name.stdout }}' in user_find_op.stdout" fail_msg: "{{ user_creation_fail_msg }}" success_msg: "{{ user_creation_success_msg }}" tags: SECURITY_TC_004 - name: Generate random group command: echo "{{ group_var + random_number }}" register: group_name tags: SECURITY_TC_004 - name: Create a group to add users in free IPA command: ipa group-add {{ group_name.stdout }} register: create_group_op tags: SECURITY_TC_004 - name: Get the list of groups created in free IPA command: ipa group-find register: group_find_op tags: SECURITY_TC_004 - name: Verify the presence of created group in free IPA assert: that: - "'{{ group_name.stdout }}' in group_find_op.stdout" fail_msg: "{{ group_creation_fail_msg }}" success_msg: "{{ group_creation_success_msg }}" tags: SECURITY_TC_004 - name: Add created user to created group in free IPA command: ipa group-add-member {{ group_name.stdout }} --users={{ user_name.stdout}} register: group_add_member_op tags: SECURITY_TC_004 - name: Get details of group in which user is added in free IPA command: ipa group-show {{ group_name.stdout }} register: group_show_op tags: SECURITY_TC_004 - name: Verify user presence in the group from free IPA assert: that: - "'{{ user_name.stdout }}' in group_show_op.stdout" fail_msg: "{{ add_user_to_group_fail_msg }}" success_msg: "{{ add_user_to_group_success_msg }}" tags: SECURITY_TC_004 # Testcase to verify user deletion in Free IPA - name: OMNIA_1.2_SEC2_TC_017 hosts: manager vars_files: - test_vars/test_security_ipa_vars.yml tasks: - name: Generate random user command: echo "{{ user_var + random_number }}" register: user_name tags: SECURITY_TC_005 - name: Create a user to perform deletion command: ipa user-add {{ user_name.stdout }} --first='userFirst' --last='userLast' --random register: create_user_op tags: SECURITY_TC_005 - name: Get the list of users created in free IPA command: ipa user-find register: user_find_op tags: SECURITY_TC_005 - name: Verify the presence of created user in free IPA assert: that: - "'{{ user_name.stdout }}' in user_find_op.stdout" fail_msg: "{{ user_creation_fail_msg }}" success_msg: "{{ user_creation_success_msg }}" tags: SECURITY_TC_005 - name: Delete created user in free IPA command: ipa user-del {{ user_name.stdout }} register: user_del_op tags: SECURITY_TC_005 - name: Select all the remaining users from free IPA command: ipa user-find register: user_find_op_after_del tags: SECURITY_TC_005 - name: Verify the absence of deleted user in free IPA assert: that: - "'{{ user_name.stdout }}' not in user_find_op_after_del.stdout" fail_msg: "{{ user_deletion_fail_msg }}" success_msg: "{{ user_deletion_success_msg }}" tags: SECURITY_TC_005 # Testcase to verify group deletion in Free IPA - name: OMNIA_1.2_SEC2_TC_018 hosts: manager vars_files: - test_vars/test_security_ipa_vars.yml tasks: - name: Generate random group command: echo "{{ group_var + random_number }}" register: group_name tags: SECURITY_TC_006 - name: Create a group to perform deletion in free IPA command: ipa group-add {{ group_name.stdout }} register: create_group_op tags: SECURITY_TC_006 - name: Get the list of groups created in free IPA command: ipa group-find register: group_find_op tags: SECURITY_TC_006 - name: Verify the presence of created group in free IPA assert: that: - "'{{ group_name.stdout }}' in group_find_op.stdout" fail_msg: "{{ group_creation_fail_msg }}" success_msg: "{{ group_creation_success_msg }}" tags: SECURITY_TC_006 - name: Delete created group in free IPA command: ipa group-del {{ group_name.stdout }} register: group_del_op tags: SECURITY_TC_006 - name: Select all the remaining users from free IPA command: ipa group-find register: group_find_op_after_del tags: SECURITY_TC_006 - name: Verify the absence of deleted user in IPA assert: that: - "'{{ group_name.stdout }}' not in group_find_op_after_del.stdout" fail_msg: "{{ group_deletion_fail_msg }}" success_msg: "{{ group_deletion_success_msg }}" tags: SECURITY_TC_006 # Testcase to verify role creation in Free IPA - name: OMNIA_1.2_SEC2_TC_019 hosts: manager vars_files: - test_vars/test_security_ipa_vars.yml tasks: - name: Generate random role command: echo "{{ role_var + random_number }}" register: role_name tags: SECURITY_TC_007 - name: Create a random role for testing in free IPA command: ipa role-add {{ role_name.stdout }} --des='User Defined Role' register: create_role_op tags: SECURITY_TC_007 - name: Get the list of roles created in free IPA command: ipa role-find register: role_find_op tags: SECURITY_TC_007 - name: Verify the presence of created role in free IPA assert: that: - "'{{ role_name.stdout }}' in role_find_op.stdout" fail_msg: "{{ role_creation_fail_msg }}" success_msg: "{{ role_creation_success_msg }}" tags: SECURITY_TC_007