1
import LoginPage from "../support/pages/LoginPage";
2
import SidebarPage from "../support/pages/admin-ui/SidebarPage";
3
import ProviderPage from "../support/pages/admin-ui/manage/providers/ProviderPage";
4
import Masthead from "../support/pages/admin-ui/Masthead";
5
import ModalUtils from "../support/util/ModalUtils";
6
import { keycloakBefore } from "../support/util/keycloak_hooks";
8
const loginPage = new LoginPage();
9
const masthead = new Masthead();
10
const sidebarPage = new SidebarPage();
11
const providersPage = new ProviderPage();
12
const modalUtils = new ModalUtils();
14
const provider = "ldap";
15
const allCapProvider = provider.toUpperCase();
17
const firstLdapName = "my-ldap";
18
const firstLdapVendor = "Active Directory";
19
const secondLdapName = `${firstLdapName}-2`;
20
const secondLdapVendor = "Other";
21
const updatedLdapName = `${firstLdapName}-updated`;
24
const connectionUrlValid = "ldap://localhost:3004";
25
const bindTypeSimple = "simple";
26
const truststoreSpiAlways = "Always";
27
const connectionTimeoutTwoSecs = "2000";
28
const bindDnCnDc = "cn=user,dc=test";
29
const bindCredsValid = "user";
31
const connectionUrlInvalid = "ldap://nowhere.com";
32
const bindTypeNone = "none";
33
const truststoreSpiNever = "Never";
34
const bindDnCnOnly = "cn=read-only-admin";
35
const bindCredsInvalid = "not-my-password";
38
const kerberosRealm = "FOO.ORG";
39
const serverPrincipal = "HTTP/host.foo.org@FOO.ORG";
40
const keyTab = "/etc/krb5.keytab";
43
const batchSize = "100";
44
const fullSyncPeriod = "604800";
45
const userSyncPeriod = "86400";
48
const editModeReadOnly = "READ_ONLY";
49
const editModeWritable = "WRITABLE";
50
const editModeUnsynced = "UNSYNCED";
52
const firstUsersDn = "user-dn-1";
53
const firstUserLdapAtt = "uid";
54
const firstRdnLdapAtt = "uid";
55
const firstUuidLdapAtt = "entryUUID";
56
const firstUserObjClasses = "inetOrgPerson, organizationalPerson";
57
const firstUserLdapFilter = "(first-filter)";
58
const firstReadTimeout = "5000";
60
const searchScopeOneLevel = "One Level";
61
const searchScopeSubtree = "Subtree";
63
const secondUsersDn = "user-dn-2";
64
const secondUserLdapAtt = "cn";
65
const secondRdnLdapAtt = "cn";
66
const secondUuidLdapAtt = "objectGUID";
67
const secondUserObjClasses = "person, organizationalPerson, user";
68
const secondUserLdapFilter = "(second-filter)";
69
const secondReadTimeout = "5000";
71
const defaultPolicy = "DEFAULT";
72
const weeklyPolicy = "EVICT_WEEKLY";
73
const dailyPolicy = "EVICT_DAILY";
74
const lifespanPolicy = "MAX_LIFESPAN";
75
const noCachePolicy = "NO_CACHE";
76
const defaultLdapDay = "Sunday";
77
const defaultLdapHour = "00";
78
const defaultLdapMinute = "00";
79
const newLdapDay = "Wednesday";
80
const newLdapHour = "15";
81
const newLdapMinute = "55";
84
const addProviderMenu = "Add new provider";
85
const createdSuccessMessage = "User federation provider successfully created";
86
const savedSuccessMessage = "User federation provider successfully saved";
87
const deletedSuccessMessage = "The user federation provider has been deleted.";
88
const deleteModalTitle = "Delete user federation provider?";
89
const disableModalTitle = "Disable user federation provider?";
90
const validatePasswordPolicyFailMessage =
91
"User federation provider could not be saved: Validate Password Policy is applicable only with WRITABLE edit mode";
92
const userImportingDisabledFailMessage =
93
"User federation provider could not be saved: Can not disable Importing users when LDAP provider mode is UNSYNCED";
95
const ldapTestSuccessMsg = "Successfully connected to LDAP";
96
const ldapTestFailMsg =
97
"Error when trying to connect to LDAP: 'CommunicationError'";
99
describe("User Federation LDAP tests", () => {
103
sidebarPage.goToUserFederation();
104
cy.intercept("GET", "/admin/realms/master").as("getProvider");
107
it("Should create LDAP provider from empty state", () => {
110
cy.get("body").then(($body) => {
111
if ($body.find(`[data-testid=ldap-card]`).length > 0) {
112
providersPage.clickNewCard(provider);
114
providersPage.clickMenuCommand(addProviderMenu, allCapProvider);
117
providersPage.fillLdapGeneralData(firstLdapName, firstLdapVendor);
118
providersPage.fillLdapConnectionData(
119
connectionUrlInvalid,
122
connectionTimeoutTwoSecs,
126
providersPage.fillLdapSearchingData(
137
providersPage.save(provider);
138
masthead.checkNotificationMessage(createdSuccessMessage);
139
sidebarPage.goToUserFederation();
142
it("Should fail updating advanced settings", () => {
143
providersPage.clickExistingCard(firstLdapName);
144
providersPage.toggleSwitch(providersPage.ldapv3PwSwitch);
145
providersPage.toggleSwitch(providersPage.validatePwPolicySwitch);
146
providersPage.toggleSwitch(providersPage.trustEmailSwitch);
147
providersPage.save(provider);
148
masthead.checkNotificationMessage(validatePasswordPolicyFailMessage);
149
sidebarPage.goToUserFederation();
152
it("Should update advanced settings", () => {
153
providersPage.clickExistingCard(firstLdapName);
154
providersPage.toggleSwitch(providersPage.ldapv3PwSwitch);
155
providersPage.toggleSwitch(providersPage.validatePwPolicySwitch);
156
providersPage.toggleSwitch(providersPage.trustEmailSwitch);
157
providersPage.fillLdapSearchingData(
163
secondUserObjClasses,
165
providersPage.save(provider);
166
masthead.checkNotificationMessage(savedSuccessMessage);
167
sidebarPage.goToUserFederation();
168
providersPage.clickExistingCard(firstLdapName);
169
providersPage.verifyToggle(providersPage.ldapv3PwSwitch, "on");
170
providersPage.verifyToggle(providersPage.validatePwPolicySwitch, "on");
171
providersPage.verifyToggle(providersPage.trustEmailSwitch, "on");
174
it("Should set cache policy to evict_daily", () => {
175
providersPage.clickExistingCard(firstLdapName);
176
providersPage.selectCacheType(dailyPolicy);
177
providersPage.changeCacheTime("hour", newLdapHour);
178
providersPage.changeCacheTime("minute", newLdapMinute);
179
providersPage.save(provider);
181
masthead.checkNotificationMessage(savedSuccessMessage);
182
sidebarPage.goToUserFederation();
183
providersPage.clickExistingCard(firstLdapName);
185
expect(cy.contains(dailyPolicy).should("exist"));
186
expect(cy.contains(defaultPolicy).should("not.exist"));
189
it("Should set cache policy to default", () => {
190
providersPage.clickExistingCard(firstLdapName);
191
providersPage.selectCacheType(defaultPolicy);
192
providersPage.save(provider);
194
masthead.checkNotificationMessage(savedSuccessMessage);
195
sidebarPage.goToUserFederation();
196
providersPage.clickExistingCard(firstLdapName);
198
expect(cy.contains(defaultPolicy).should("exist"));
199
expect(cy.contains(dailyPolicy).should("not.exist"));
202
it("Should set cache policy to evict_weekly", () => {
203
providersPage.clickExistingCard(firstLdapName);
204
providersPage.selectCacheType(weeklyPolicy);
205
providersPage.changeCacheTime("day", newLdapDay);
206
providersPage.changeCacheTime("hour", newLdapHour);
207
providersPage.changeCacheTime("minute", newLdapMinute);
208
providersPage.save(provider);
210
masthead.checkNotificationMessage(savedSuccessMessage);
211
sidebarPage.goToUserFederation();
212
providersPage.clickExistingCard(firstLdapName);
214
expect(cy.contains(weeklyPolicy).should("exist"));
215
expect(cy.contains(defaultPolicy).should("not.exist"));
218
it("Update connection and authentication settings and save", () => {
219
providersPage.clickExistingCard(firstLdapName);
221
providersPage.fillLdapConnectionData(
222
connectionUrlInvalid,
225
connectionTimeoutTwoSecs,
227
providersPage.toggleSwitch(providersPage.enableStartTls);
228
providersPage.toggleSwitch(providersPage.connectionPooling);
230
providersPage.save(provider);
231
masthead.checkNotificationMessage(savedSuccessMessage);
234
sidebarPage.goToUserFederation();
235
providersPage.clickExistingCard(firstLdapName);
236
providersPage.verifyTextField(
237
providersPage.connectionUrlInput,
238
connectionUrlInvalid,
240
providersPage.verifyTextField(
241
providersPage.connectionTimeoutInput,
242
connectionTimeoutTwoSecs,
244
providersPage.verifySelect(
245
providersPage.truststoreSpiInput,
248
providersPage.verifySelect(providersPage.bindTypeInput, bindTypeNone);
249
providersPage.verifyToggle(providersPage.enableStartTls, "on");
250
providersPage.verifyToggle(providersPage.connectionPooling, "on");
251
sidebarPage.goToUserFederation();
254
it("Should fail connection and authentication tests", () => {
255
providersPage.clickExistingCard(firstLdapName);
257
providersPage.testConnection();
258
masthead.checkNotificationMessage(ldapTestFailMsg);
260
providersPage.testAuthorization();
261
masthead.checkNotificationMessage(ldapTestFailMsg);
263
sidebarPage.goToUserFederation();
266
it("Should make changes and pass connection and authentication tests", () => {
267
providersPage.clickExistingCard(firstLdapName);
269
providersPage.fillLdapConnectionData(
273
connectionTimeoutTwoSecs,
277
providersPage.toggleSwitch(providersPage.enableStartTls);
278
providersPage.toggleSwitch(providersPage.connectionPooling);
280
providersPage.save(provider);
282
providersPage.testConnection();
283
masthead.checkNotificationMessage(ldapTestSuccessMsg);
285
providersPage.testAuthorization();
286
masthead.checkNotificationMessage(ldapTestSuccessMsg);
288
sidebarPage.goToUserFederation();
291
it("Should update Kerberos integration settings and save", () => {
292
providersPage.clickExistingCard(firstLdapName);
294
providersPage.toggleSwitch(providersPage.allowKerberosAuth);
295
providersPage.toggleSwitch(providersPage.debug);
296
providersPage.toggleSwitch(providersPage.useKerberosForPwAuth);
298
providersPage.fillTextField(
299
providersPage.ldapKerberosRealmInput,
302
providersPage.fillTextField(
303
providersPage.ldapServerPrincipalInput,
306
providersPage.fillTextField(providersPage.ldapKeyTabInput, keyTab);
308
providersPage.save(provider);
309
masthead.checkNotificationMessage(savedSuccessMessage);
312
sidebarPage.goToUserFederation();
313
providersPage.clickExistingCard(firstLdapName);
314
providersPage.verifyTextField(
315
providersPage.ldapKerberosRealmInput,
318
providersPage.verifyTextField(
319
providersPage.ldapServerPrincipalInput,
322
providersPage.verifyTextField(providersPage.ldapKeyTabInput, keyTab);
323
providersPage.verifyToggle(providersPage.allowKerberosAuth, "on");
324
providersPage.verifyToggle(providersPage.debug, "on");
325
providersPage.verifyToggle(providersPage.useKerberosForPwAuth, "on");
327
sidebarPage.goToUserFederation();
330
it("Should update Synchronization settings and save", () => {
331
providersPage.clickExistingCard(firstLdapName);
333
providersPage.toggleSwitch(providersPage.importUsers);
334
providersPage.toggleSwitch(providersPage.periodicFullSync);
335
providersPage.toggleSwitch(providersPage.periodicUsersSync);
337
providersPage.fillTextField(providersPage.ldapBatchSizeInput, batchSize);
338
providersPage.fillTextField(
339
providersPage.ldapFullSyncPeriodInput,
342
providersPage.fillTextField(
343
providersPage.ldapUsersSyncPeriodInput,
347
providersPage.save(provider);
348
masthead.checkNotificationMessage(savedSuccessMessage);
351
sidebarPage.goToUserFederation();
352
providersPage.clickExistingCard(firstLdapName);
353
providersPage.verifyTextField(providersPage.ldapBatchSizeInput, batchSize);
354
providersPage.verifyTextField(
355
providersPage.ldapFullSyncPeriodInput,
358
providersPage.verifyTextField(
359
providersPage.ldapUsersSyncPeriodInput,
362
providersPage.verifyToggle(providersPage.periodicFullSync, "on");
363
providersPage.verifyToggle(providersPage.periodicUsersSync, "on");
364
providersPage.verifyToggle(providersPage.importUsers, "on");
365
sidebarPage.goToUserFederation();
368
it("Should update LDAP searching and updating settings and save", () => {
369
providersPage.clickExistingCard(firstLdapName);
371
providersPage.fillLdapSearchingData(
377
secondUserObjClasses,
378
secondUserLdapFilter,
382
providersPage.toggleSwitch(providersPage.ldapPagination);
384
providersPage.save(provider);
385
masthead.checkNotificationMessage(savedSuccessMessage);
388
sidebarPage.goToUserFederation();
389
providersPage.clickExistingCard(firstLdapName);
391
providersPage.verifySelect(
392
providersPage.ldapEditModeInput,
395
providersPage.verifyTextField(
396
providersPage.ldapUsersDnInput,
399
providersPage.verifyTextField(
400
providersPage.ldapUserLdapAttInput,
403
providersPage.verifyTextField(
404
providersPage.ldapRdnLdapAttInput,
407
providersPage.verifyTextField(
408
providersPage.ldapUuidLdapAttInput,
411
providersPage.verifyTextField(
412
providersPage.ldapUserObjClassesInput,
413
secondUserObjClasses,
415
providersPage.verifyTextField(
416
providersPage.ldapUserLdapFilter,
417
secondUserLdapFilter,
419
providersPage.verifySelect(
420
providersPage.ldapSearchScopeInput,
423
providersPage.verifyTextField(
424
providersPage.ldapReadTimeout,
427
providersPage.verifyToggle(providersPage.ldapPagination, "on");
429
sidebarPage.goToUserFederation();
430
providersPage.clickExistingCard(firstLdapName);
432
providersPage.fillSelect(providersPage.ldapEditModeInput, editModeUnsynced);
434
providersPage.toggleSwitch(providersPage.importUsers);
436
providersPage.save(provider);
437
masthead.checkNotificationMessage(validatePasswordPolicyFailMessage);
439
providersPage.toggleSwitch(providersPage.importUsers);
440
providersPage.toggleSwitch(providersPage.validatePwPolicySwitch);
441
providersPage.save(provider);
443
masthead.checkNotificationMessage(userImportingDisabledFailMessage);
445
providersPage.toggleSwitch(providersPage.importUsers);
447
providersPage.save(provider);
448
masthead.checkNotificationMessage(savedSuccessMessage);
451
sidebarPage.goToUserFederation();
452
providersPage.clickExistingCard(firstLdapName);
454
providersPage.verifySelect(
455
providersPage.ldapEditModeInput,
460
it("Should update display name", () => {
461
providersPage.clickExistingCard(firstLdapName);
462
providersPage.fillLdapGeneralData(updatedLdapName);
464
providersPage.save(provider);
465
masthead.checkNotificationMessage(savedSuccessMessage);
467
sidebarPage.goToUserFederation();
468
providersPage.clickExistingCard(updatedLdapName);
470
sidebarPage.goToUserFederation();
473
it("Should update existing LDAP provider and cancel", () => {
474
providersPage.clickExistingCard(firstLdapName);
475
providersPage.selectCacheType(weeklyPolicy);
477
providersPage.changeCacheTime("day", defaultLdapDay);
478
providersPage.changeCacheTime("hour", defaultLdapHour);
479
providersPage.changeCacheTime("minute", defaultLdapMinute);
481
providersPage.cancel(provider);
483
providersPage.clickExistingCard(updatedLdapName);
484
providersPage.selectCacheType(weeklyPolicy);
486
providersPage.verifyChangedHourInput(newLdapHour, defaultLdapHour);
488
sidebarPage.goToUserFederation();
491
it("Should set cache policy to max_lifespan", () => {
492
providersPage.clickExistingCard(firstLdapName);
493
providersPage.selectCacheType(lifespanPolicy);
494
providersPage.fillMaxLifespanData(maxLifespan);
495
providersPage.save(provider);
497
masthead.checkNotificationMessage(savedSuccessMessage);
498
sidebarPage.goToUserFederation();
499
providersPage.clickExistingCard(firstLdapName);
501
expect(cy.contains(lifespanPolicy).should("exist"));
502
expect(cy.contains(weeklyPolicy).should("not.exist"));
505
it("Should set cache policy to no_cache", () => {
506
providersPage.clickExistingCard(firstLdapName);
507
providersPage.selectCacheType(noCachePolicy);
508
providersPage.save(provider);
510
masthead.checkNotificationMessage(savedSuccessMessage);
511
sidebarPage.goToUserFederation();
512
providersPage.clickExistingCard(firstLdapName);
514
expect(cy.contains(noCachePolicy).should("exist"));
515
expect(cy.contains(lifespanPolicy).should("not.exist"));
518
it("Should disable an existing LDAP provider", () => {
519
providersPage.clickExistingCard(firstLdapName);
520
cy.wait("@getProvider");
521
providersPage.disableEnabledSwitch(allCapProvider);
522
modalUtils.checkModalTitle(disableModalTitle).confirmModal();
523
masthead.checkNotificationMessage(savedSuccessMessage);
524
sidebarPage.goToUserFederation();
525
expect(cy.contains("Disabled").should("exist"));
528
it("Should enable a previously-disabled LDAP provider", () => {
529
providersPage.clickExistingCard(firstLdapName);
530
cy.wait("@getProvider");
531
providersPage.enableEnabledSwitch(allCapProvider);
532
masthead.checkNotificationMessage(savedSuccessMessage);
533
sidebarPage.goToUserFederation();
534
expect(cy.contains("Enabled").should("exist"));
537
it("Should create new LDAP provider using New Provider dropdown", () => {
538
providersPage.clickMenuCommand(addProviderMenu, allCapProvider);
539
providersPage.fillLdapGeneralData(secondLdapName, secondLdapVendor);
540
providersPage.fillLdapConnectionData(
544
connectionTimeoutTwoSecs,
548
providersPage.fillLdapSearchingData(
554
secondUserObjClasses,
556
providersPage.save(provider);
557
masthead.checkNotificationMessage(createdSuccessMessage);
558
sidebarPage.goToUserFederation();
561
it("Should delete LDAP provider from card view using card menu", () => {
562
providersPage.deleteCardFromCard(secondLdapName);
563
modalUtils.checkModalTitle(deleteModalTitle).confirmModal();
564
masthead.checkNotificationMessage(deletedSuccessMessage);
567
it("Should delete LDAP provider using Settings view Action menu", () => {
568
providersPage.deleteCardFromMenu(firstLdapName);
569
modalUtils.checkModalTitle(deleteModalTitle).confirmModal();
570
masthead.checkNotificationMessage(deletedSuccessMessage);