Skip to content
Permalink
Newer
Older
100644 383 lines (326 sloc) 14.6 KB
1
#!/bin/bash
2
Sep 28, 2018
3
#
4
# Contains common functions usable for midPoint system tests
5
#
6
7
# do not use from outside (ugly signature)
8
function generic_wait_for_log () {
Sep 28, 2018
9
CONTAINER_NAME=$1
10
MESSAGE="$2"
11
WAITING_FOR="$3"
12
FAILURE="$4"
13
ADDITIONAL_CONTAINER_NAME=$5
14
ATTEMPT=0
15
MAX_ATTEMPTS=40
16
DELAY=10
17
18
until [[ $ATTEMPT = $MAX_ATTEMPTS ]]; do
19
ATTEMPT=$((ATTEMPT+1))
20
echo "Waiting $DELAY seconds for $WAITING_FOR (attempt $ATTEMPT) ..."
21
sleep $DELAY
22
docker ps
23
( docker logs $CONTAINER_NAME 2>&1 | grep "$MESSAGE" ) && return 0
24
done
25
26
echo "$FAILURE" in $(( $MAX_ATTEMPTS * $DELAY )) seconds in $CONTAINER_NAME
27
echo "========== Container log =========="
28
docker logs $CONTAINER_NAME 2>&1
29
echo "========== End of the container log =========="
30
if [ -n "ADDITIONAL_CONTAINER_NAME" ]; then
31
echo "========== Container log ($ADDITIONAL_CONTAINER_NAME) =========="
32
docker logs $ADDITIONAL_CONTAINER_NAME 2>&1
33
echo "========== End of the container log ($DATABASE_CONTAINER_NAME) =========="
34
fi
35
return 1
36
}
Sep 28, 2018
37
39
function wait_for_log_message () {
40
generic_wait_for_log $1 "$2" "log message" "log message has not appeared"
41
}
42
43
# Waits until midPoint starts
44
function wait_for_midpoint_start () {
45
generic_wait_for_log $1 "INFO (com.evolveum.midpoint.web.boot.MidPointSpringApplication): Started MidPointSpringApplication in" "midPoint to start" "midPoint did not start" $2
46
}
47
48
# Waits until Shibboleth IDP starts ... TODO refactor using generic waiting function
49
function wait_for_shibboleth_idp_start () {
50
generic_wait_for_log $1 "INFO:oejs.Server:main: Started" "shibboleth idp to start" "shibboleth idp did not start" $2
Sep 28, 2018
53
# Checks the health of midPoint server
54
function check_health () {
55
echo Checking health...
56
(set -o pipefail ; curl -k -f https://localhost:8443/midpoint/actuator/health | tr -d '[:space:]' | grep -q "\"status\":\"UP\"")
57
status=$?
58
if [ $status -ne 0 ]; then
59
echo Error: $status
60
docker ps
61
return 1
62
else
63
echo OK
64
return 0
65
fi
66
}
67
68
# Checks the health of Shibboleth IDP server
69
function check_health_shibboleth_idp () {
70
echo Checking health of shibboleth idp...
71
status="$(curl -k --write-out %{http_code} --silent --output /dev/null https://localhost:4443/idp/)"
72
if [ $status -ne 200 ]; then
73
echo Error: Http code of response is $status
74
docker ps
75
return 1
76
else
77
echo OK
78
return 0
79
fi
80
}
81
82
83
function get_object () {
84
local TYPE=$1
85
local OID=$2
86
TMPFILE=$(mktemp /tmp/get.XXXXXX)
87
echo tmp file is $TMPFILE
88
curl -k --user administrator:5ecr3t -H "Content-Type: application/xml" -X GET "https://localhost:8443/midpoint/ws/rest/$TYPE/$OID" >$TMPFILE || (rm $TMPFILE ; return 1)
89
return 0
90
}
91
Sep 28, 2018
92
# Retrieves XML object and checks if the name matches
93
function get_and_check_object () {
94
TYPE=$1
95
OID=$2
96
NAME=$3
97
TMPFILE=$(mktemp /tmp/get.XXXXXX)
98
echo tmp file is $TMPFILE
99
curl -k --user administrator:5ecr3t -H "Content-Type: application/xml" -X GET "https://localhost:8443/midpoint/ws/rest/$TYPE/$OID" >$TMPFILE || (rm $TMPFILE ; return 1)
100
if (grep -q "<name>$NAME</name>" <$TMPFILE); then
101
echo "Object $TYPE/$OID '$NAME' is OK"
102
rm $TMPFILE
103
return 0
104
else
105
echo "Object $TYPE/$OID '$NAME' was not found or not retrieved correctly:"
106
cat $TMPFILE
107
rm $TMPFILE
108
return 1
109
fi
110
}
111
112
# Adds object from a given file
113
function add_object () {
114
local TYPE=$1
115
local FILE=$2
116
TMPFILE=$(mktemp /tmp/execbulkaction.XXXXXX)
Sep 28, 2018
117
echo "Adding to $TYPE from $FILE..."
119
curl -k -sD - --silent --write-out "%{http_code}" --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "https://localhost:8443/midpoint/ws/rest/$TYPE" -d @$FILE >$TMPFILE
120
local HTTP_CODE=$(sed '$!d' $TMPFILE)
122
if [ "$HTTP_CODE" -eq 201 ] || [ "$HTTP_CODE" -eq 202 ]; then
Oct 1, 2018
123
124
OID=$(grep -oP "Location: \K.*" $TMPFILE | awk -F "$TYPE/" '{print $2}') || (echo "Couldn't extract oid from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
126
echo "Oid created object: $OID"
127
rm $TMPFILE
128
return 0
129
else
130
echo "Error code: $HTTP_CODE"
131
if [ "$HTTP_CODE" -ge 500 ]; then
132
echo "Error message: Internal server error. Unexpected error occurred, if necessary please contact system administrator."
133
else
134
local ERROR_MESSAGE=$(xmllint --xpath "/*/*[local-name()='error']/text()" $TMPFILE) || (echo "Couldn't extract error message from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
135
echo "Error message: $ERROR_MESSAGE"
137
rm $TMPFILE
138
return 1
139
fi
Sep 28, 2018
140
}
141
142
function execute_bulk_action () {
143
local FILE=$1
144
echo "Executing bulk action from $FILE..."
145
TMPFILE=$(mktemp /tmp/execbulkaction.XXXXXX)
146
147
(curl -k --silent --write-out "%{http_code}" --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "https://localhost:8443/midpoint/ws/rest/rpc/executeScript" -d @$FILE >$TMPFILE) || (echo "Midpoint logs: " ; docker logs "complex_midpoint-server_1" ; return 1)
148
local HTTP_CODE=$(sed '$!d' $TMPFILE)
149
sed -i '$ d' $TMPFILE
150
151
if [ "$HTTP_CODE" -eq 200 ]; then
152
153
local STATUS=$(xmllint --xpath "/*/*/*[local-name()='status']/text()" $TMPFILE) || (echo "Couldn't extract status from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
154
if [ $STATUS = "success" ]; then
155
local CONSOLE_OUTPUT=$(xmllint --xpath "/*/*/*[local-name()='consoleOutput']/text()" $TMPFILE) || (echo "Couldn't extract console output from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
156
echo "Console output: $CONSOLE_OUTPUT"
157
rm $TMPFILE
158
return 0
159
else
160
echo "Bulk action status is not OK: $STATUS"
161
local CONSOLE_OUTPUT=$(xmllint --xpath "/*/*/*[local-name()='consoleOutput']/text()" $TMPFILE) || (echo "Couldn't extract console output from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
162
echo "Console output: $CONSOLE_OUTPUT"
163
rm $TMPFILE
164
return 1
165
fi
166
167
else
168
echo "Error code: $HTTP_CODE"
169
if [ "$HTTP_CODE" -ge 500 ]; then
170
echo "Error message: Internal server error. Unexpected error occurred, if necessary please contact system administrator."
171
else
172
local ERROR_MESSAGE=$(xmllint --xpath "/*/*[local-name()='error']/text()" $TMPFILE) || (echo "Couldn't extract error message from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
173
echo "Error message: $ERROR_MESSAGE"
175
rm $TMPFILE
176
return 1
177
fi
178
}
179
180
function delete_object_by_name () {
181
local TYPE=$1
182
local NAME=$2
183
search_objects_by_name users $NAME
184
local OID=$(xmllint --xpath "/*/*[local-name()='object']/@oid" $SEARCH_RESULT_FILE | awk -F"\"" '{print $2}' ) || (echo "Couldn't extract oid from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE; return 1)
185
delete_object $TYPE $OID
186
}
187
188
function delete_object () {
189
local TYPE=$1
190
local OID=$2
191
echo "Deleting object with type $TYPE and oid $OID..."
192
TMPFILE=$(mktemp /tmp/delete.XXXXXX)
193
194
curl -k --silent --write-out "%{http_code}" --user administrator:5ecr3t -H "Content-Type: application/xml" -X DELETE "https://localhost:8443/midpoint/ws/rest/$TYPE/$OID" >$TMPFILE
195
local HTTP_CODE=$(sed '$!d' $TMPFILE)
196
sed -i '$ d' $TMPFILE
197
198
if [ "$HTTP_CODE" -eq 204 ]; then
199
200
echo "Object with type $TYPE and oid $OID was deleted"
201
rm $TMPFILE
202
return 0
203
else
204
echo "Error code: $HTTP_CODE"
205
if [ "$HTTP_CODE" -ge 500 ]; then
206
echo "Error message: Internal server error. Unexpected error occurred, if necessary please contact system administrator."
207
else
208
local ERROR_MESSAGE=$(xmllint --xpath "/*/*[local-name()='error']/text()" $TMPFILE) || (echo "Couldn't extract error message from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
209
echo "Error message: $ERROR_MESSAGE"
210
fi
211
rm $TMPFILE
212
return 1
213
fi
214
}
215
216
Sep 28, 2018
218
# Tries to find an object with a given name
219
# Results of the search are in the $SEARCH_RESULT_FILE
220
# TODO check if the result is valid (i.e. not an error) - return 1 if invalid, otherwise return 0 ("no objects" is considered OK here)
221
function search_objects_by_name () {
222
TYPE=$1
223
NAME="$2"
Sep 28, 2018
224
TMPFILE=$(mktemp /tmp/search.XXXXXX)
225
226
curl -k --write-out %{http_code} --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "https://localhost:8443/midpoint/ws/rest/$TYPE/search" -d @- << EOF >$TMPFILE || (rm $TMPFILE ; return 1)
Sep 28, 2018
227
<q:query xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3">
228
<q:filter>
229
<q:equal>
230
<q:path>name</q:path>
231
<q:value>$NAME</q:value>
232
</q:equal>
233
</q:filter>
234
</q:query>
235
EOF
236
SEARCH_RESULT_FILE=$TMPFILE
237
238
http_code=$(sed '$!d' <<<"$(cat $SEARCH_RESULT_FILE)")
239
240
sed -i '$ d' $SEARCH_RESULT_FILE
241
cat $SEARCH_RESULT_FILE
242
if [ "$http_code" -eq 200 ]; then
243
return 0
244
else
245
rm $SEARCH_RESULT_FILE
246
return 1
247
fi
Sep 28, 2018
248
}
249
250
# Searches for object with a given name and verifies it was found
251
function search_and_check_object () {
252
local TYPE=$1
253
local NAME="$2"
254
search_objects_by_name $TYPE "$NAME" || return 1
Sep 28, 2018
255
if (grep -q "<name>$NAME</name>" <$SEARCH_RESULT_FILE); then
256
echo "Object $TYPE/'$NAME' is OK"
257
rm $SEARCH_RESULT_FILE
258
return 0
259
else
260
echo "Object $TYPE/'$NAME' was not found or not retrieved correctly:"
261
cat $SEARCH_RESULT_FILE
262
rm $SEARCH_RESULT_FILE
263
return 1
264
fi
265
}
266
267
# Tests a resource
268
function test_resource () {
269
local OID=$1
270
local TMPFILE=$(mktemp /tmp/test.resource.XXXXXX)
271
272
curl -k --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "https://localhost:8443/midpoint/ws/rest/resources/$OID/test" >$TMPFILE || (rm $TMPFILE ; return 1)
273
if [[ $(xmllint --xpath "/*/*[local-name()='status']/text()" $TMPFILE) == "success" ]]; then
274
echo "Resource $OID test succeeded"
275
rm $TMPFILE
276
return 0
277
else
278
echo "Resource $OID test failed"
279
cat $TMPFILE
280
rm $TMPFILE
281
return 1
282
fi
283
}
285
function assert_task_success () {
286
local OID=$1
287
get_object tasks $OID
288
TASK_STATUS=$(xmllint --xpath "/*/*[local-name()='resultStatus']/text()" $TMPFILE) || (echo "Couldn't extract task status from task $OID" ; cat $TMPFILE ; rm $TMPFILE ; return 1)
289
if [[ $TASK_STATUS = "success" ]]; then
290
echo "Task $OID status is OK"
291
rm $TMPFILE
292
return 0
293
else
294
echo "Task $OID status is not OK: $TASK_STATUS"
295
cat $TMPFILE
296
rm $TMPFILE
297
return 1
298
fi
299
}
300
301
function wait_for_task_completion () {
302
local OID=$1
303
local ATTEMPT=0
304
local MAX_ATTEMPTS=$2
305
local DELAY=$3
306
307
until [[ $ATTEMPT = $MAX_ATTEMPTS ]]; do
308
ATTEMPT=$((ATTEMPT+1))
309
echo "Waiting $DELAY seconds for task with oid $OID to finish (attempt $ATTEMPT) ..."
310
sleep $DELAY
311
get_object tasks $OID
312
TASK_EXECUTION_STATUS=$(xmllint --xpath "/*/*[local-name()='executionStatus']/text()" $TMPFILE) || (echo "Couldn't extract task status from task $OID" ; cat $TMPFILE ; rm $TMPFILE ; return 1)
313
if [[ $TASK_EXECUTION_STATUS = "suspended" ]] || [[ $TASK_EXECUTION_STATUS = "closed" ]]; then
314
echo "Task $OID is finished"
315
rm $TMPFILE
316
return 0
317
fi
318
done
319
rm $TMPFILE
320
echo Task with $OID did not finish in $(( $MAX_ATTEMPTS * $DELAY )) seconds
321
return 1
322
}
323
324
325
#search LDAP accout by uid
326
function search_ldap_object_by_filter () {
327
local BASE_CONTEXT_FOR_SEARCH=$1
328
local FILTER="$2"
329
local LDAP_CONTAINER=$3
330
TMPFILE=$(mktemp /tmp/ldapsearch.XXXXXX)
331
332
docker exec $LDAP_CONTAINER ldapsearch -h localhost -p 389 -D "cn=Directory Manager" -w password -b "$BASE_CONTEXT_FOR_SEARCH" "($FILTER)" >$TMPFILE || (rm $TMPFILE ; return 1)
333
LDAPSEARCH_RESULT_FILE=$TMPFILE
334
return 0
336
337
function check_ldap_account_by_user_name () {
338
local NAME=$1
339
local LDAP_CONTAINER=$2
340
search_ldap_object_by_filter "ou=people,dc=internet2,dc=edu" "uid=$NAME" $LDAP_CONTAINER
341
search_objects_by_name users $NAME
342
343
local MP_FULL_NAME=$(xmllint --xpath "/*/*/*[local-name()='fullName']/text()" $SEARCH_RESULT_FILE) || (echo "Couldn't extract user fullName from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
344
local MP_GIVEN_NAME=$(xmllint --xpath "/*/*/*[local-name()='givenName']/text()" $SEARCH_RESULT_FILE) || (echo "Couldn't extract user givenName from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
345
local MP_FAMILY_NAME=$(xmllint --xpath "/*/*/*[local-name()='familyName']/text()" $SEARCH_RESULT_FILE) || (echo "Couldn't extract user familyName from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
346
347
local LDAP_CN=$(grep -oP "cn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user cn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
348
local LDAP_GIVEN_NAME=$(grep -oP "givenName: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user givenName from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
349
local LDAP_SN=$(grep -oP "sn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user sn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
350
351
rm $SEARCH_RESULT_FILE
352
rm $LDAPSEARCH_RESULT_FILE
353
354
if [[ $MP_FULL_NAME = $LDAP_CN ]] && [[ $MP_GIVEN_NAME = $LDAP_GIVEN_NAME ]] && [[ $MP_FAMILY_NAME = $LDAP_SN ]]; then
355
return 0
356
fi
357
358
echo "User in Midpoint and LDAP Account with uid $NAME are not same"
359
return 1
360
}
361
362
function check_of_ldap_membership () {
363
local NAME_OF_USER=$1
364
local NAME_OF_GROUP=$2
365
local LDAP_CONTAINER=$3
366
search_ldap_object_by_filter "ou=people,dc=internet2,dc=edu" "uid=$NAME_OF_USER" $LDAP_CONTAINER
367
368
local LDAP_ACCOUNT_DN=$(grep -oP "dn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user dn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
369
370
search_ldap_object_by_filter "ou=groups,dc=internet2,dc=edu" "cn=$NAME_OF_GROUP" $LDAP_CONTAINER
371
372
local LDAP_MEMBERS_DNS=$(grep -oP "uniqueMember: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user uniqueMember from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
373
374
rm $LDAPSEARCH_RESULT_FILE
375
376
if [[ $LDAP_MEMBERS_DNS =~ $LDAP_ACCOUNT_DN ]]; then
377
return 0
378
fi
379
380
echo "LDAP Account with uid $NAME_OF_USER is not member of LDAP Group $NAME_OF_GROUP"
381
return 1
382
}
383
You can’t perform that action at this time.