Skip to content
Permalink
Newer
Older
100644 417 lines (357 sloc) 16.4 KB
1
#!/bin/bash
2
Sep 28, 2018
3
#
4
# Contains common functions usable for midPoint system tests
5
#
6
7
# do not use from outside (ugly signature)
8
function generic_wait_for_log () {
Sep 28, 2018
9
CONTAINER_NAME=$1
10
MESSAGE="$2"
11
WAITING_FOR="$3"
12
FAILURE="$4"
13
ADDITIONAL_CONTAINER_NAME=$5
14
ATTEMPT=0
15
MAX_ATTEMPTS=20
16
DELAY=10
17
18
until [[ $ATTEMPT = $MAX_ATTEMPTS ]]; do
19
ATTEMPT=$((ATTEMPT+1))
20
echo "Waiting $DELAY seconds for $WAITING_FOR (attempt $ATTEMPT) ..."
21
sleep $DELAY
22
docker ps
23
( docker logs $CONTAINER_NAME 2>&1 | grep "$MESSAGE" ) && return 0
24
done
25
26
echo "$FAILURE" in $(( $MAX_ATTEMPTS * $DELAY )) seconds in $CONTAINER_NAME
27
echo "========== Container log =========="
28
docker logs $CONTAINER_NAME 2>&1
29
echo "========== End of the container log =========="
30
if [ -n "ADDITIONAL_CONTAINER_NAME" ]; then
31
echo "========== Container log ($ADDITIONAL_CONTAINER_NAME) =========="
32
docker logs $ADDITIONAL_CONTAINER_NAME 2>&1
33
echo "========== End of the container log ($DATABASE_CONTAINER_NAME) =========="
34
fi
35
return 1
36
}
Sep 28, 2018
37
39
function wait_for_log_message () {
40
generic_wait_for_log $1 "$2" "log message" "log message has not appeared"
41
}
42
43
# Waits until midPoint starts
44
function wait_for_midpoint_start () {
45
generic_wait_for_log $1 "INFO (com.evolveum.midpoint.web.boot.MidPointSpringApplication): Started MidPointSpringApplication in" "midPoint to start" "midPoint did not start" $2
46
}
47
Oct 3, 2018
48
# Waits until Shibboleth IDP starts
49
function wait_for_shibboleth_idp_start () {
50
generic_wait_for_log $1 "INFO:oejs.Server:main: Started" "shibboleth idp to start" "shibboleth idp did not start" $2
Oct 3, 2018
53
# Waits until Grouper UI starts
54
function wait_for_grouper_ui_start () {
55
generic_wait_for_log $1 "INFO org.apache.catalina.startup.Catalina- Server startup in" "grouper ui to start" "grouper ui did not start" $2
56
}
57
Sep 28, 2018
58
# Checks the health of midPoint server
59
function check_health () {
60
echo Checking health...
61
(set -o pipefail ; curl -k -f https://localhost:8443/midpoint/actuator/health | tr -d '[:space:]' | grep -q "\"status\":\"UP\"")
62
status=$?
63
if [ $status -ne 0 ]; then
64
echo Error: $status
65
docker ps
66
return 1
67
else
68
echo OK
69
return 0
70
fi
71
}
72
73
# Checks the health of Shibboleth IDP server
74
function check_health_shibboleth_idp () {
75
echo Checking health of shibboleth idp...
76
status="$(curl -k --write-out %{http_code} --silent --output /dev/null https://localhost:4443/idp/)"
77
if [ $status -ne 200 ]; then
78
echo Error: Http code of response is $status
79
docker ps
80
return 1
81
else
82
echo OK
83
return 0
84
fi
85
}
86
87
# Result is in OUTFILE
88
function get_object () {
89
local TYPE=$1
90
local OID=$2
91
OUTFILE=$(mktemp /tmp/get.XXXXXX)
92
echo out file is $OUTFILE
93
curl -k --user administrator:5ecr3t -H "Content-Type: application/xml" -X GET "https://localhost:8443/midpoint/ws/rest/$TYPE/$OID" >$OUTFILE || (rm $OUTFILE ; return 1)
94
return 0
95
}
96
Sep 28, 2018
97
# Retrieves XML object and checks if the name matches
98
# Object is deleted before return
Sep 28, 2018
99
function get_and_check_object () {
100
local TYPE=$1
101
local OID=$2
102
local NAME=$3
103
local TMPFILE=$(mktemp /tmp/get.XXXXXX)
Sep 28, 2018
104
echo tmp file is $TMPFILE
105
curl -k --user administrator:5ecr3t -H "Content-Type: application/xml" -X GET "https://localhost:8443/midpoint/ws/rest/$TYPE/$OID" >$TMPFILE || (rm $TMPFILE ; return 1)
106
if (grep -q "<name>$NAME</name>" <$TMPFILE); then
107
echo "Object $TYPE/$OID '$NAME' is OK"
108
rm $TMPFILE
109
return 0
110
else
111
echo "Object $TYPE/$OID '$NAME' was not found or not retrieved correctly:"
112
cat $TMPFILE
113
rm $TMPFILE
114
return 1
115
fi
116
}
117
118
# Adds object from a given file
119
function add_object () {
120
local TYPE=$1
121
local FILE=$2
122
TMPFILE=$(mktemp /tmp/addobject.XXXXXX)
Sep 28, 2018
123
echo "Adding to $TYPE from $FILE..."
125
curl -k -sD - --silent --write-out "%{http_code}" --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "https://localhost:8443/midpoint/ws/rest/$TYPE" -d @$FILE >$TMPFILE
126
local HTTP_CODE=$(sed '$!d' $TMPFILE)
127
128
if [ "$HTTP_CODE" -eq 201 ] || [ "$HTTP_CODE" -eq 202 ]; then
130
OID=$(grep -oP "Location: \K.*" $TMPFILE | awk -F "$TYPE/" '{print $2}') || (echo "Couldn't extract oid from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
132
echo "OID of created object: $OID"
133
rm $TMPFILE
134
return 0
135
else
136
echo "Error code: $HTTP_CODE"
137
if [ "$HTTP_CODE" -ge 500 ]; then
138
echo "Error message: Internal server error. Unexpected error occurred, if necessary please contact system administrator."
139
else
140
local ERROR_MESSAGE=$(xmllint --xpath "/*/*[local-name()='error']/text()" $TMPFILE) || (echo "Couldn't extract error message from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
141
echo "Error message: $ERROR_MESSAGE"
143
rm $TMPFILE
144
return 1
145
fi
Sep 28, 2018
146
}
147
148
# parameter $2 (CONTAINER) is just for diagnostics: it is the container whose logs we want to dump on error (might be omitted)
149
function execute_bulk_action () {
150
local FILE=$1
151
local CONTAINER=$2
152
echo "Executing bulk action from $FILE..."
153
TMPFILE=$(mktemp /tmp/execbulkaction.XXXXXX)
155
(curl -k --silent --write-out "%{http_code}" --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "https://localhost:8443/midpoint/ws/rest/rpc/executeScript" -d @$FILE >$TMPFILE) || (echo "Midpoint logs: " ; ([[ -n "$CONTAINER" ]] && docker logs $CONTAINER ) ; return 1)
156
local HTTP_CODE=$(sed '$!d' $TMPFILE)
157
sed -i '$ d' $TMPFILE
158
159
if [ "$HTTP_CODE" -eq 200 ]; then
160
161
local STATUS=$(xmllint --xpath "/*/*/*[local-name()='status']/text()" $TMPFILE) || (echo "Couldn't extract status from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
162
if [ $STATUS = "success" ]; then
163
local CONSOLE_OUTPUT=$(xmllint --xpath "/*/*/*[local-name()='consoleOutput']/text()" $TMPFILE) || (echo "Couldn't extract console output from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
164
echo "Console output: $CONSOLE_OUTPUT"
165
rm $TMPFILE
166
return 0
167
else
168
echo "Bulk action status is not OK: $STATUS"
169
local CONSOLE_OUTPUT=$(xmllint --xpath "/*/*/*[local-name()='consoleOutput']/text()" $TMPFILE) || (echo "Couldn't extract console output from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
170
echo "Console output: $CONSOLE_OUTPUT"
171
rm $TMPFILE
172
return 1
173
fi
174
175
else
176
echo "Error code: $HTTP_CODE"
177
if [ "$HTTP_CODE" -ge 500 ]; then
178
echo "Error message: Internal server error. Unexpected error occurred, if necessary please contact system administrator."
179
else
180
local ERROR_MESSAGE=$(xmllint --xpath "/*/*[local-name()='error']/text()" $TMPFILE) || (echo "Couldn't extract error message from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
181
echo "Error message: $ERROR_MESSAGE"
183
rm $TMPFILE
184
return 1
185
fi
186
}
187
188
function delete_object_by_name () {
189
local TYPE=$1
190
local NAME=$2
191
search_objects_by_name users $NAME
192
local OID=$(xmllint --xpath "/*/*[local-name()='object']/@oid" $SEARCH_RESULT_FILE | awk -F"\"" '{print $2}' ) || (echo "Couldn't extract oid from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE; return 1)
193
delete_object $TYPE $OID
194
}
195
196
function delete_object () {
197
local TYPE=$1
198
local OID=$2
199
echo "Deleting object with type $TYPE and oid $OID..."
200
TMPFILE=$(mktemp /tmp/delete.XXXXXX)
201
202
curl -k --silent --write-out "%{http_code}" --user administrator:5ecr3t -H "Content-Type: application/xml" -X DELETE "https://localhost:8443/midpoint/ws/rest/$TYPE/$OID" >$TMPFILE
203
local HTTP_CODE=$(sed '$!d' $TMPFILE)
204
sed -i '$ d' $TMPFILE
205
206
if [ "$HTTP_CODE" -eq 204 ]; then
207
echo "Object with type $TYPE and oid $OID was deleted"
208
rm $TMPFILE
209
return 0
210
else
211
echo "Error code: $HTTP_CODE"
212
if [ "$HTTP_CODE" -ge 500 ]; then
213
echo "Error message: Internal server error. Unexpected error occurred, if necessary please contact system administrator."
214
else
215
local ERROR_MESSAGE=$(xmllint --xpath "/*/*[local-name()='error']/text()" $TMPFILE) || (echo "Couldn't extract error message from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
216
echo "Error message: $ERROR_MESSAGE"
217
fi
218
rm $TMPFILE
219
return 1
220
fi
221
}
222
Sep 28, 2018
223
# Tries to find an object with a given name
224
# Results of the search are in the $SEARCH_RESULT_FILE
225
# TODO check if the result is valid (i.e. not an error) - return 1 if invalid, otherwise return 0 ("no objects" is considered OK here)
226
function search_objects_by_name () {
Oct 3, 2018
227
local TYPE=$1
228
local NAME="$2"
Sep 28, 2018
229
TMPFILE=$(mktemp /tmp/search.XXXXXX)
230
231
curl -k --write-out %{http_code} --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "https://localhost:8443/midpoint/ws/rest/$TYPE/search" -d @- << EOF >$TMPFILE || (rm $TMPFILE ; return 1)
Sep 28, 2018
232
<q:query xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3">
233
<q:filter>
234
<q:equal>
235
<q:path>name</q:path>
236
<q:value>$NAME</q:value>
237
</q:equal>
238
</q:filter>
239
</q:query>
240
EOF
Oct 3, 2018
241
local HTTP_CODE=$(sed '$!d' <<<"$(cat $TMPFILE)")
242
sed -i '$ d' $TMPFILE
243
cat $TMPFILE
Oct 3, 2018
245
if [ "$HTTP_CODE" -eq 200 ]; then
246
SEARCH_RESULT_FILE=$TMPFILE
247
return 0
248
else
Oct 3, 2018
249
echo "Error code: $HTTP_CODE"
250
if [ "$HTTP_CODE" -ge 500 ]; then
251
echo "Error message: Internal server error. Unexpected error occurred, if necessary please contact system administrator."
252
else
253
local ERROR_MESSAGE=$(xmllint --xpath "/*/*[local-name()='error']/text()" $TMPFILE) || (echo "Couldn't extract error message from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
254
echo "Error message: $ERROR_MESSAGE"
255
fi
256
rm $SEARCH_RESULT_FILE
257
return 1
258
fi
Sep 28, 2018
259
}
260
261
# Searches for object with a given name and verifies it was found
262
function search_and_check_object () {
263
local TYPE=$1
264
local NAME="$2"
265
search_objects_by_name $TYPE "$NAME" || return 1
Sep 28, 2018
266
if (grep -q "<name>$NAME</name>" <$SEARCH_RESULT_FILE); then
267
echo "Object $TYPE/'$NAME' is OK"
268
rm $SEARCH_RESULT_FILE
269
return 0
270
else
271
echo "Object $TYPE/'$NAME' was not found or not retrieved correctly:"
272
cat $SEARCH_RESULT_FILE
273
rm $SEARCH_RESULT_FILE
274
return 1
275
fi
276
}
277
278
# Tests a resource
279
function test_resource () {
280
local OID=$1
281
local TMPFILE=$(mktemp /tmp/test.resource.XXXXXX)
282
283
curl -k --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "https://localhost:8443/midpoint/ws/rest/resources/$OID/test" >$TMPFILE || (rm $TMPFILE ; return 1)
284
if [[ $(xmllint --xpath "/*/*[local-name()='status']/text()" $TMPFILE) == "success" ]]; then
285
echo "Resource $OID test succeeded"
286
rm $TMPFILE
287
return 0
288
else
289
echo "Resource $OID test failed"
290
cat $TMPFILE
291
rm $TMPFILE
292
return 1
293
fi
294
}
296
function assert_task_success () {
297
local OID=$1
298
get_object tasks $OID
299
TASK_STATUS=$(xmllint --xpath "/*/*[local-name()='resultStatus']/text()" $OUTFILE) || (echo "Couldn't extract task status from task $OID" ; cat $OUTFILE ; rm $OUTFILE ; return 1)
300
if [[ $TASK_STATUS = "success" ]]; then
301
echo "Task $OID status is OK"
302
rm $OUTFILE
303
return 0
304
else
305
echo "Task $OID status is not OK: $TASK_STATUS"
306
cat $OUTFILE
307
rm $OUTFILE
308
return 1
309
fi
310
}
311
312
function wait_for_task_completion () {
313
local OID=$1
314
local ATTEMPT=0
315
local MAX_ATTEMPTS=$2
316
local DELAY=$3
317
318
until [[ $ATTEMPT = $MAX_ATTEMPTS ]]; do
319
ATTEMPT=$((ATTEMPT+1))
320
echo "Waiting $DELAY seconds for task with oid $OID to finish (attempt $ATTEMPT) ..."
321
sleep $DELAY
322
get_object tasks $OID
323
TASK_EXECUTION_STATUS=$(xmllint --xpath "/*/*[local-name()='executionStatus']/text()" $OUTFILE) || (echo "Couldn't extract task status from task $OID" ; cat $OUTFILE ; rm $OUTFILE ; return 1)
324
if [[ $TASK_EXECUTION_STATUS = "suspended" ]] || [[ $TASK_EXECUTION_STATUS = "closed" ]]; then
325
echo "Task $OID is finished"
326
rm $OUTFILE
327
return 0
328
fi
329
done
330
rm $OUTFILE
331
echo Task with $OID did not finish in $(( $MAX_ATTEMPTS * $DELAY )) seconds
332
return 1
333
}
334
335
336
#search LDAP accout by uid
337
function search_ldap_object_by_filter () {
338
local BASE_CONTEXT_FOR_SEARCH=$1
339
local FILTER="$2"
340
local LDAP_CONTAINER=$3
341
TMPFILE=$(mktemp /tmp/ldapsearch.XXXXXX)
342
343
docker exec $LDAP_CONTAINER ldapsearch -h localhost -p 389 -D "cn=Directory Manager" -w password -b "$BASE_CONTEXT_FOR_SEARCH" "($FILTER)" >$TMPFILE || (echo "Couldn't search $FILTER:" ;rm $TMPFILE ; return 1)
344
LDAPSEARCH_RESULT_FILE=$TMPFILE
345
return 0
347
348
function check_ldap_account_by_user_name () {
Oct 3, 2018
349
local NAME="$1"
350
local LDAP_CONTAINER=$2
351
search_ldap_object_by_filter "ou=people,dc=internet2,dc=edu" "uid=$NAME" $LDAP_CONTAINER
352
search_objects_by_name users $NAME
354
local MP_FULL_NAME=$(xmllint --xpath "/*/*/*[local-name()='fullName']/text()" $SEARCH_RESULT_FILE) || (echo "Couldn't extract user fullName from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
355
local MP_GIVEN_NAME=$(xmllint --xpath "/*/*/*[local-name()='givenName']/text()" $SEARCH_RESULT_FILE) || (echo "Couldn't extract user givenName from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
356
local MP_FAMILY_NAME=$(xmllint --xpath "/*/*/*[local-name()='familyName']/text()" $SEARCH_RESULT_FILE) || (echo "Couldn't extract user familyName from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
357
358
local LDAP_CN=$(grep -oP "cn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user cn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
359
local LDAP_GIVEN_NAME=$(grep -oP "givenName: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user givenName from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
360
local LDAP_SN=$(grep -oP "sn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user sn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
361
362
rm $SEARCH_RESULT_FILE
363
rm $LDAPSEARCH_RESULT_FILE
364
365
if [[ $MP_FULL_NAME = $LDAP_CN ]] && [[ $MP_GIVEN_NAME = $LDAP_GIVEN_NAME ]] && [[ $MP_FAMILY_NAME = $LDAP_SN ]]; then
366
return 0
367
fi
369
echo "User in Midpoint and LDAP Account with uid $NAME are not same"
370
return 1
371
}
372
373
function check_ldap_courses_by_name () {
374
local NAME="$1"
375
local LDAP_CONTAINER=$2
376
search_objects_by_name orgs $NAME
377
378
local MP_ORG_IDENTIFIER=$(xmllint --xpath "/*/*/*[local-name()='identifier']/text()" $SEARCH_RESULT_FILE) || (echo "Couldn't extract user identifier from file:" ; cat $SEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; return 1)
379
380
search_ldap_object_by_filter "ou=courses,ou=groups,dc=internet2,dc=edu" "cn=$MP_ORG_IDENTIFIER" $LDAP_CONTAINER
381
382
local LDAP_CN=$(grep -oP "cn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user cn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $SEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
383
384
rm $SEARCH_RESULT_FILE
385
rm $LDAPSEARCH_RESULT_FILE
386
387
if [[ $MP_ORG_IDENTIFIER = $LDAP_CN ]]; then
388
return 0
389
fi
390
391
echo "Orgs $NAME in Midpoint and LDAP Group(Course) with cn $MP_ORG_IDENTIFIER are not same"
392
return 1
393
}
394
395
396
function check_of_ldap_membership () {
Oct 3, 2018
397
local NAME_OF_USER="$1"
398
local BASE_CONTEXT_FOR_GROUP="$2"
399
local NAME_OF_GROUP="$3"
400
local LDAP_CONTAINER=$4
401
search_ldap_object_by_filter "ou=people,dc=internet2,dc=edu" "uid=$NAME_OF_USER" $LDAP_CONTAINER
402
403
local LDAP_ACCOUNT_DN=$(grep -oP "dn: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user dn from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
405
search_ldap_object_by_filter "$BASE_CONTEXT_FOR_GROUP" "cn=$NAME_OF_GROUP" $LDAP_CONTAINER
406
407
local LDAP_MEMBERS_DNS=$(grep -oP "uniqueMember: \K.*" $LDAPSEARCH_RESULT_FILE) || (echo "Couldn't extract user uniqueMember from file:" ; cat $LDAPSEARCH_RESULT_FILE ; rm $LDAPSEARCH_RESULT_FILE ; return 1)
408
409
rm $LDAPSEARCH_RESULT_FILE
410
411
if [[ $LDAP_MEMBERS_DNS =~ $LDAP_ACCOUNT_DN ]]; then
412
return 0
413
fi
414
415
echo "LDAP Account with uid $NAME_OF_USER is not member of LDAP Group $NAME_OF_GROUP in base context $BASE_CONTEXT_FOR_GROUP"
416
return 1
417
}
You can’t perform that action at this time.