Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-07-10 13:54:50 +02:00
Code Issues Projects Releases Wiki Activity
dee70f7deb
harbor/tests/apitests/python/test_project_level_cve_whitelist.py
Daniel Jiang e4a78ba039 API test for project level CVE whitelist 
This commit update test case to cover project level CVE whitelist.
It also fixes the swagger doc to add missing attributes

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-08-15 11:37:22 +08:00

96 lines
4.7 KiB
Python
Raw Blame History

from __future__ import absolute_import
import unittest
import swagger_client
import time
from testutils import ADMIN_CLIENT
from library.project import Project
from library.user import User
class TestProjectCVEWhitelist(unittest.TestCase):
"""
Test case:
Project Level CVE Whitelist
Setup:
1.Admin creates project(PA)
2.Create user(RA)
3.Add user(RA) as a guest of project(PA)
Test Steps:
1. User(RA) reads the project(PA), verify the "reuse_sys_cve_whitelist" is empty in the metadata, and the CVE whitelist is empty
2. User(RA) updates the project CVE whitelist, verify it fails with Forbidden error.
3. Admin user updates User(RA) as project admin.
4. User(RA) updates the project CVE whitelist with expiration date and one item in the items list.
5. User(RA) reads the project(PA), verify the CVE whitelist is updated as step 4
6. User(RA) updates the project CVE whitelist removes expiration date and clean the items.
7. User(RA) reads the project(PA), verify the CVE whitelist is updated as step 6
8. User(RA) updates the project metadata to set "reuse_sys_cve_whitelist" to true.
9. User(RA) reads the project(PA) verify the project metadata is updated.
Tear Down:
1. Remove User(RA) from project(PA) as member
2. Delete project(PA)
3. Delete User(RA)
"""
def setUp(self):
self.user = User()
self.project = Project()
user_ra_password = "Aa123456"
print("Setup: Creating user for test")
user_ra_id, user_ra_name = self.user.create_user(user_password=user_ra_password, **ADMIN_CLIENT)
print("Created user: %s, id: %s" % (user_ra_name, user_ra_id))
self.USER_RA_CLIENT = dict(endpoint=ADMIN_CLIENT["endpoint"],
username=user_ra_name,
password=user_ra_password)
self.user_ra_id = int(user_ra_id)
p_id, _ = self.project.create_project(metadata = {"public": "false"}, **ADMIN_CLIENT)
self.project_pa_id = int(p_id)
m_id = self.project.add_project_members(self.project_pa_id, self.user_ra_id, member_role_id=3, **ADMIN_CLIENT)
self.member_id = int(m_id)
def tearDown(self):
print("Tearing down...")
self.project.delete_project_member(self.project_pa_id, self.member_id, **ADMIN_CLIENT)
self.project.delete_project(self.project_pa_id,**ADMIN_CLIENT)
self.user.delete_user(self.user_ra_id, **ADMIN_CLIENT)
def testProjectLevelCVEWhitelist(self):
# User(RA) reads the project(PA), verify the "reuse_sys_cve_whitelist" is empty in the metadata,
# and the CVE whitelist is empty
p = self.project.get_project(self.project_pa_id, **self.USER_RA_CLIENT)
self.assertIsNone(p.metadata.reuse_sys_cve_whitelist)
self.assertEqual(0, len(p.cve_whitelist.items))
# User(RA) updates the project CVE whitelist, verify it fails with Forbidden error.
item_list = [swagger_client.CVEWhitelistItem(cve_id="CVE-2019-12310")]
exp = int(time.time()) + 1000
wl = swagger_client.CVEWhitelist(expires_at=exp, items=item_list)
self.project.update_project(self.project_pa_id, cve_whitelist=wl, expect_status_code=403, **self.USER_RA_CLIENT)
# Admin user updates User(RA) as project admin.
self.project.update_project_member_role(self.project_pa_id,self.member_id, 1, **ADMIN_CLIENT)
# User(RA) updates the project CVE whitelist with expiration date and one item in the items list.
self.project.update_project(self.project_pa_id, cve_whitelist=wl, **self.USER_RA_CLIENT)
p = self.project.get_project(self.project_pa_id, **self.USER_RA_CLIENT)
self.assertEqual("CVE-2019-12310", p.cve_whitelist.items[0].cve_id)
self.assertEqual(exp, p.cve_whitelist.expires_at)
# User(RA) updates the project CVE whitelist with empty items list
wl2 = swagger_client.CVEWhitelist(items=[])
self.project.update_project(self.project_pa_id, cve_whitelist=wl2, **self.USER_RA_CLIENT)
p = self.project.get_project(self.project_pa_id, **self.USER_RA_CLIENT)
self.assertEqual(0, len(p.cve_whitelist.items))
self.assertIsNone(p.cve_whitelist.expires_at)
# User(RA) updates the project metadata to set "reuse_sys_cve_whitelist" to true.
meta = swagger_client.ProjectMetadata(reuse_sys_cve_whitelist="true")
self.project.update_project(self.project_pa_id, metadata=meta, **self.USER_RA_CLIENT)
p = self.project.get_project(self.project_pa_id, **self.USER_RA_CLIENT)
self.assertEqual("true", p.metadata.reuse_sys_cve_whitelist)
if __name__ == '__main__':
unittest.main()
Reference in New Issue View Git Blame Copy Permalink