Add UI test for LDAP admin group dn setting

1. Verify LDAP group admin in UI;
2. Update LDAP group admin need to verify the AdminRoleInAuth, get current user will return this field as true.

Signed-off-by: danfengliu <danfengl@vmware.com>

tests/apitests/python/library/configurations.py

@@ -21,6 +21,8 @@ def set_configurations(client, expect_status_code = 200, expect_response_body =
         conf.ldap_group_search_filter = config.get("ldap_group_search_filter")
     if "ldap_group_search_scope" in config:
         conf.ldap_group_search_scope = config.get("ldap_group_search_scope")
+    if "ldap_group_admin_dn" in config:
+        conf.ldap_group_admin_dn = config.get("ldap_group_admin_dn")
 
     try:
         _, status_code, _ = client.configurations_put_with_http_info(conf)
@@ -68,9 +70,9 @@ class Configurations(base.Base):
         set_configurations(client, expect_status_code = expect_status_code, **config)
 
     def set_configurations_of_ldap(self, ldap_filter=None, ldap_group_attribute_name=None,
-            ldap_group_base_dn=None, ldap_group_search_filter=None, ldap_group_search_scope=None, expect_status_code = 200, **kwargs):
+            ldap_group_base_dn=None, ldap_group_search_filter=None, ldap_group_search_scope=None, ldap_group_admin_dn=None, expect_status_code = 200, **kwargs):
         client = self._get_client(**kwargs)
         config=dict(ldap_filter=ldap_filter, ldap_group_attribute_name=ldap_group_attribute_name,
-                           ldap_group_base_dn=ldap_group_base_dn, ldap_group_search_filter=ldap_group_search_filter, ldap_group_search_scope=ldap_group_search_scope)
+                           ldap_group_base_dn=ldap_group_base_dn, ldap_group_search_filter=ldap_group_search_filter, ldap_group_admin_dn=ldap_group_admin_dn, ldap_group_search_scope=ldap_group_search_scope)
         set_configurations(client, expect_status_code = expect_status_code, **config)
 

tests/apitests/python/test_ldap_admin_role.py

@@ -31,7 +31,7 @@ class TestLdapAdminRole(unittest.TestCase):
             1. Set LDAP Auth configurations;
             2. Create a new public project(PA) by LDAP user mike;
             3. Check project is created successfully;
-            4. Check mike is not admin;
+            4. Check mike's SysAdminFlag is false, but AdminRoleInAuth should be true
             5. Delete project(PA);
         """
 
@@ -41,8 +41,10 @@ class TestLdapAdminRole(unittest.TestCase):
         TestLdapAdminRole.project_id, project_name = self.project.create_project(metadata = {"public": "false"}, **self.USER_MIKE)
         self.project.check_project_name_exist(name=project_name, **self.USER_MIKE)
 
-        _user = self.user.get_user_by_name(self.USER_MIKE["username"], **ADMIN_CLIENT)
+        _user = self.user.get_user_current(**self.USER_MIKE)
+        print( _user)
         self.assertFalse(_user.sysadmin_flag)
+        self.assertTrue(_user.admin_role_in_auth)
 
 
 if __name__ == '__main__':

tests/resources/Harbor-Pages/Configuration.robot

@@ -410,7 +410,7 @@ Edit A Distribution
     [Arguments]    ${name}  ${endpoint}  ${new_endpoint}=${null}
     Switch To Distribution
     Filter Distribution List  ${name}  ${endpoint}
-    Retry Double Keywords When Error  Select Distribution   ${name}  Wait Until Element Is Visible  //clr-datagrid//clr-dg-footer//clr-checkbox-wrapper/label
+    Retry Double Keywords When Error  Select Distribution   ${name}  Wait Until Element Is Visible  //clr-datagrid//clr-dg-footer//clr-checkbox-wrapper/label  times=9
     Retry Double Keywords When Error  Retry Element Click  ${distribution_action_btn_id}  Wait Until Element Is Visible And Enabled  ${distribution_edit_btn_id}
     Retry Double Keywords When Error  Retry Element Click  ${distribution_edit_btn_id}  Wait Until Element Is Visible And Enabled  ${distribution_name_input_id}
     Retry Text Input  ${distribution_endpoint_id}  ${new_endpoint}

tests/resources/Harbor-Pages/Configuration_Elements.robot

@@ -42,6 +42,9 @@ ${checkbox_delete_untagged_artifacts}  //gc-config//clr-toggle-wrapper/label[con
 ${cfg_auth_automatic_onboarding_checkbox}  //clr-checkbox-wrapper//label[contains(@for,'oidcAutoOnboard')]
 ${cfg_auth_user_name_claim_input}  //*[@id='oidcUserClaim']
 
+${cfg_auth_ldap_group_admin_dn}  //*[@id='ldapGroupAdminDN']
+
+
 ${distribution_add_btn_id}  //*[@id='new-instance']
 ${distribution_provider_select_id}  //*[@id='provider']
 ${distribution_name_input_id}  //*[@id='name']

tests/resources/Harbor-Pages/LDAP-Mode.robot

@@ -19,6 +19,16 @@ Resource  ../../resources/Util.robot
 *** Variables ***
 
 *** Keywords ***
+Switch To Configuration Authentication
+    Sleep  1
+    Retry Element Click  xpath=${configuration_xpath}
+    Retry Element Click  xpath=${configuration_authentication_tabsheet_id}
+
+Set LDAP Group Admin DN
+    [Arguments]   ${group_dn}
+    Switch To Configuration Authentication
+    Retry Text Input  ${cfg_auth_ldap_group_admin_dn}  ${group_dn}
+    Retry Element Click  ${config_auth_save_button_xpath}
 
 Ldap User Should Not See Change Password
     Retry Element Click  //clr-header//clr-dropdown[2]//button

tests/robot-cases/Group0-BAT/API_LDAP.robot

@@ -10,10 +10,13 @@ Default Tags  API
 
 *** Test Cases ***
 Test Case - LDAP Group Admin Role
+    [Tags]  group_admin
     Harbor API Test  ./tests/apitests/python/test_ldap_admin_role.py
 
 Test Case - LDAP Group User Group
+    [Tags]  group_user
     Harbor API Test  ./tests/apitests/python/test_user_group.py
 
 Test Case - Run LDAP Group Related API Test
+    [Tags]  assign_role
     Harbor API Test  ./tests/apitests/python/test_assign_role_to_ldap_group.py

tests/robot-cases/Group1-Nightly/Common.robot

@@ -723,7 +723,7 @@ Test Case - Proxy Cache
 Test Case - Distribution CRUD
     ${d}=    Get Current Date    result_format=%m%s
     ${name}=  Set Variable  distribution${d}
-    ${endpoint}=  Set Variable  https://1.1.1.2
+    ${endpoint}=  Set Variable  https://32.1.1.2
     ${endpoint_new}=  Set Variable  https://10.65.65.42
     Init Chrome Driver
     Sign In Harbor  ${HARBOR_URL}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}
@@ -732,11 +732,11 @@ Test Case - Distribution CRUD
     Delete A Distribution  ${name}  ${endpoint_new}
     Close Browser
 
-Test Case - P2P Peheat Policy CRUD
+Test Case - P2P Preheat Policy CRUD
     ${d}=    Get Current Date    result_format=%m%s
     ${pro_name}=  Set Variable  project_p2p${d}
     ${dist_name}=  Set Variable  distribution${d}
-    ${endpoint}=  Set Variable  https://1.1.1.2
+    ${endpoint}=  Set Variable  https://20.76.1.2
     ${policy_name}=  Set Variable  policy${d}
     ${repo}=  Set Variable  alpine
     ${repo_new}=  Set Variable  redis*

tests/robot-cases/Group1-Nightly/LDAP.robot

@@ -111,6 +111,17 @@ Test Case - Ldap User Push An Image
 Test Case - Ldap User Can Not login
     Docker Login Fail  ${ip}  testerDeesExist  123456
 
+Test Case - Ldap Group Admin DN Setting
+    Init Chrome Driver
+    ${d}=    Get Current Date    result_format=%m%s
+    Sign In Harbor  ${HARBOR_URL}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}
+    Set LDAP Group Admin DN  cn=harbor_users,ou=groups,dc=example,dc=com
+    Logout Harbor
+    Sign In Harbor  ${HARBOR_URL}  mike  zhu88jie
+    Switch To Registries
+    Create A New Endpoint    docker-hub    edp1${d}    https://hub.docker.com/    danfengliu    Aa123456    Y
+
+
 Test Case - Run LDAP Group Related API Test
     Harbor API Test  ./tests/apitests/python/test_ldap_admin_role.py
     Harbor API Test  ./tests/apitests/python/test_user_group.py