[Freeipa-devel] [freeipa PR#6046][opened] Test to check ipa ca-show error handling

[ssidhaye via FreeIPA-devel]

   URL: https://github.com/freeipa/freeipa/pull/6046
Author: ssidhaye
 Title: #6046: Test to check ipa ca-show <authority ID> error handling
Action: opened

PR body:
"""
Test to verify if the case of a request for /ca/rest/authority/{id}/c…ert (or 
.../chain)

where {id} is an unknown authority ID.

Test Steps:
1. Setup a freeipa server and a replica
2. Stop ipa-custodia service on replica
3. Create a LWCA on the replica
4. Verify LWCA is recognized on the server
5. Run `ipa ca-show <LWCA>`

Signed-off-by: Sumedh Sidhaye <ssidh...@redhat.com>
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/6046/head:pr6046
git checkout pr6046

From ff5471e43c8c68051ca96a7095b705981b15caac Mon Sep 17 00:00:00 2001
From: Sumedh Sidhaye <ssidh...@redhat.com>
Date: Thu, 14 Oct 2021 14:33:18 +0530
Subject: [PATCH] Test to verify if the case of a request for
 /ca/rest/authority/{id}/cert (or .../chain) where {id} is an unknown
 authority ID.

Test Steps:
1. Setup a freeipa server and a replica
2. Stop ipa-custodia service on replica
3. Create a LWCA on the replica
4. Verify LWCA is recognized on the server
5. Run `ipa ca-show <LWCA>`

Signed-off-by: Sumedh Sidhaye <ssidh...@redhat.com>
---
 ipatests/test_integration/test_cert.py | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/ipatests/test_integration/test_cert.py b/ipatests/test_integration/test_cert.py
index b4e85eadcf4..b45369eab85 100644
--- a/ipatests/test_integration/test_cert.py
+++ b/ipatests/test_integration/test_cert.py
@@ -546,3 +546,24 @@ def test_certmomger_tracks_renewed_certs_during_interruptions(self):
 
         assert ca_error is None
         assert state == 'CA_WORKING'
+
+    def test_ca_show_error_handling(self):
+        """
+        Test to verify if the case of a request for /ca/rest/authority/{id}/cert (or .../chain)
+        where {id} is an unknown authority ID.
+
+        Test Steps:
+        1. Setup a freeipa server and a replica
+        2. Stop ipa-custodia service on replica
+        3. Create a LWCA on the replica
+        4. Verify LWCA is recognized on the server
+        5. Run `ipa ca-show <LWCA>`
+        """
+        self.replicas[0].run_command(['systemctl', 'stop', 'ipa-custodia'])
+        result = self.replicas[0].run_command(['ipa', 'ca-add', 'lwca1', '--subject', 'CN=LWCA 1'])
+        assert 'Created CA "lwca1"' in result.stdout_text
+        result = self.master.run_command(['ipa', 'ca-find'])
+        assert 'Name: lwca1' in result.stdout_text
+        result = self.master.run_command(['ipa', 'ca-show', 'lwca1'])
+        error_msg = 'ipa: ERROR: The certificate for lwca1 is not available on this server.'
+        assert error_msg in result.stdout_text

_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure