security/account_activation/security_account_expiration.xml

	security_account_expiration.xml revision d81978a0815d5b8a75633c35e3e1f8708d36f017
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "/shared/stax.dtd">
<!--
 ! CDDL HEADER START
 !
 ! The contents of this file are subject to the terms of the
 ! Common Development and Distribution License, Version 1.0 only
 ! (the "License").  You may not use this file except in compliance
 ! with the License.
 !
 ! You can obtain a copy of the license at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
 ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
 ! See the License for the specific language governing permissions
 ! and limitations under the License.
 !
 ! When distributing Covered Code, include this CDDL HEADER in each
 ! file and include the License file at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
 ! add the following below this CDDL HEADER, with the fields enclosed
 ! by brackets "[]" replaced with your own identifying information:
 !      Portions Copyright [yyyy] [name of copyright owner]
 !
 ! CDDL HEADER END
 !
 !      Copyright 2006-2008 Sun Microsystems, Inc.
 ! -->
<stax>

  <defaultcall function="account_expiration"/>

  <function name="account_expiration">

    <sequence>

        <!--- Test Suite information
         #@TestSuiteName       Account Expiration
         #@TestSuitePurpose    Test Account Expiration
         #@TestSuiteGroup      Account Expiration
         #@TestScript          security_account_expiration.xml
        -->

        <!--- Define default value for basedn -->
        <script>
        basedn1 = 'ou=people,ou=activation tests,o=Account Activation Tests'
        basedn = '%s, dc=example,dc=com' % basedn1
        msg = 'Security: Account Expiration:'
        msg1 = '%s : Postamble' % msg
        msg2 = 'get-seconds-until-password-expiration-warning'
        msg3 = 'Password Expiration Warning'
        msg4 = 'get-seconds-until-authentication-failure-unlock'
        msg5 = 'Seconds Until Account Expiration:'
        msg6 = 'Seconds Until Authentication Failure Unlock:'
        </script>

        <!--- Test Case information
          #@TestMarker       Account Expiration
          #@TestName         User Bind Before Deactivation
          #@TestIssue        none
          #@TestPurpose      User Bind Before Deactivation
          #@TestPreamble     none
          #@TestStep         User binds RC 0
          #@TestStep         Check manage-account get-password-policy-dn
          #@TestPostamble    none
          #@TestResult       Success if the 2 tests are PASS
        -->
        <testcase name="getTestCaseName('Preamble')">
        <sequence>
          <call function="'testCase_Preamble'"/>
          <message>
             '%s Preamble - Checking User Bind Before Expiration' % msg
          </message>

          <call function="'SearchObject'">
            { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
              'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
              'dsInstanceDn'     : 'uid=abergin,%s' % basedn,
              'dsInstancePswd'   : 'inflict' ,
              'dsBaseDN'         : 'dc=example,dc=com' ,
              'dsFilter'         : 'objectclass=*'  ,
              'extraParams'      : '-s base'  }
          </call>

          <message>
               '%s Check manage-account get-password-policy-dn' % msg
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : 'get-password-policy-dn' ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
              { 'returnString'       : returnString ,
                'expectedString'     : 'Password Policy DN:' }
          </call>

          <call function="'testCase_Postamble'"/>
        </sequence>
      </testcase>

        <!--- Test Case information
          #@TestMarker       Account Expiration
          #@TestName         Admin expire user
          #@TestIssue        none
          #@TestPurpose      Admin expire user
          #@TestPreamble     none
          #@TestStep         modifyAnAttribute ds-pwp-account-expiration-time
          #@TestStep         verify with manageAccountWithScript
                             get-account-expiration-time
          #@TestPostamble    none
          #@TestResult       Success if the 2 test are PASS
        -->
      <testcase name="getTestCaseName('Admin Expire User')">
        <sequence>
          <call function="'testCase_Preamble'"/>
          <message>
             'Security: Account Expiration: Admin Expiring User'
          </message>

          <call function="'modifyAnAttribute'">
            { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
              'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
              'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
              'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
              'DNToModify'             : 'uid=abergin,%s' % basedn,
              'attributeName'          : 'ds-pwp-account-expiration-time' ,
              'newAttributeValue'      : '20061111161234Z' ,
              'changetype'             : 'replace' }
          </call>

          <message>
             'Security: Account Expiration: verify with manage-account '
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : 'get-account-expiration-time' ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
              { 'returnString'       : returnString ,
                'expectedString'     : 'Account Expiration Time: ' }
          </call>

          <call function="'testCase_Postamble'"/>
        </sequence>
      </testcase>

        <!--- Test Case information
          #@TestMarker       Account Expiration
          #@TestName         User Bind After Expiration
          #@TestIssue        none
          #@TestPurpose      User Bind After Expiration
          #@TestPreamble     none
          #@TestStep         User binds RC 49
          #@TestStep         Check output manage-account
                             get-authentication-failure-times
          #@TestPostamble    none
          #@TestResult       Success if the test is PASS
        -->
      <testcase name="getTestCaseName('User Bind After Expiration')">
        <sequence>
          <call function="'testCase_Preamble'"/>
          <message>
             'Security: Account Expiration: User Binding After Expiration'
          </message>

          <call function="'SearchObject'">
            { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
              'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
              'dsInstanceDn'     : 'uid=abergin,%s' % basedn ,
              'dsInstancePswd'   : 'inflict' ,
              'dsBaseDN'         : 'dc=example,dc=com' ,
              'dsFilter'         : 'objectclass=*'  ,
              'extraParams'      : '-s base',
              'expectedRC'       : 49  }
          </call>

          <message>
             'Security: Account Expiration: verify with manage-account '
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : 'get-authentication-failure-times' ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
             { 'returnString'       : returnString ,
               'expectedString'     : 'Authentication Failure Times:' }
          </call>

          <call function="'testCase_Postamble'"/>
        </sequence>
      </testcase>

        <!--- Test Case information
          #@TestMarker       Account Expiration
          #@TestName         Admin Expire User in Future
          #@TestIssue        none
          #@TestPurpose      Admin Expire User in Future
          #@TestPreamble     none
          #@TestStep         modifyAnAttribute ds-pwp-account-expiration-time
          #@TestStep         verify with manageAccountWithScript
                             get-account-expiration-time
          #@TestStep         verify with manageAccountWithScript
                             get-seconds-until-account-expiration
          #@TestStep         verify with manageAccountWithScript
                             get-seconds-until-authentication-failure-unlock
          #@TestPostamble    none
          #@TestResult       Success if the 4 test are PASS
        -->
      <testcase name="getTestCaseName('Admin Expire User in Future')">
        <sequence>
          <call function="'testCase_Preamble'"/>
          <message>
             'Security: Account Expiration Admin Expiring User in Future'
          </message>

          <call function="'modifyAnAttribute'">
            { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
              'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
              'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
              'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
              'DNToModify'             : 'uid=abergin,%s' % basedn ,
              'attributeName'          : 'ds-pwp-account-expiration-time' ,
              'newAttributeValue'      : '20361111161234Z' ,
              'changetype'             : 'replace' }
          </call>

          <message>
             'Security: Account Expiration: verify get-account-expiration-time'
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : 'get-account-expiration-time' ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
             { 'returnString'       : returnString ,
               'expectedString'     : 'Account Expiration Time:' }
           </call>

           <message>
             'Security: Account Expiration: verify manage-account %s' % msg3
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : 'get-seconds-until-account-expiration' ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
             { 'returnString'       : returnString ,
               'expectedString'     : '%s  8926' % msg5 }
           </call>

           <message>
             'Security: Account Expiration: verify manage-account %s' % msg4
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : msg4 ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
             { 'returnString'       : returnString ,
               'expectedString'     : msg6 }
           </call>

          <call function="'testCase_Postamble'"/>
        </sequence>
      </testcase>

        <!--- Test Case information
          #@TestMarker       Account Expiration
          #@TestName         User Bind With Future Expiration
          #@TestIssue        none
          #@TestPurpose      User Bind With Future Expiration
          #@TestPreamble     none
          #@TestStep         User binds RC 0
          #@TestPostamble    none
          #@TestResult       Success if the test is PASS
        -->
      <testcase name="getTestCaseName('User Bind With Future Expiration')">
        <sequence>
          <call function="'testCase_Preamble'"/>
          <message>
             'Security: Acct Exp: User Binding With Future Expiration'
          </message>

          <call function="'SearchObject'">
            { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
              'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
              'dsInstanceDn'     : 'uid=abergin,%s' % basedn ,
              'dsInstancePswd'   : 'inflict' ,
              'dsBaseDN'         : 'dc=example,dc=com' ,
              'dsFilter'         : 'objectclass=*'  ,
              'extraParams'      : '-s base' }
          </call>

          <call function="'testCase_Postamble'"/>
        </sequence>
      </testcase>

        <!--- Test Case information
          #@TestMarker       Account Expiration
          #@TestName         Admin Reactivate User
          #@TestIssue        none
          #@TestPurpose      Admin Reactivate User
          #@TestPreamble     none
          #@TestStep         Admin removing User Expiration remove
                             ds-pwp-account-expiration-time
          #@TestStep         Check User Bind After Removing Expiration RC 0
          #@TestStep         verify with manageAccountWithScript
                             get-account-expiration-time
          #@TestStep         verify with manageAccountWithScript
                             get-password-expiration-warned-time
          #@TestStep         verify with manageAccountWithScript
                             get-seconds-until-password-expiration
          #@TestPostamble    none
          #@TestResult       Success if the 5 tests are PASS
        -->
      <testcase name="getTestCaseName('Postamble')">
        <sequence>
          <call function="'testCase_Preamble'"/>
          <message>
             '%s Postamble Step 1.  Admin Removing User Expiration' % msg
          </message>

          <call function="'modifyAnAttribute'">
            { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
              'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
              'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
              'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
              'DNToModify'             : 'uid=abergin,%s' % basedn ,
              'attributeName'          : 'ds-pwp-account-expiration-time' ,
              'newAttributeValue'      : '20361111161234Z' ,
              'changetype'             : 'delete' }
          </call>

          <message>
             '%s Step 2. Check User Bind After Removing Expiration' % msg1
          </message>

          <call function="'SearchObject'">
            { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
              'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
              'dsInstanceDn'     : 'uid=abergin,%s' % basedn,
              'dsInstancePswd'   : 'inflict' ,
              'dsBaseDN'         : 'dc=example,dc=com' ,
              'dsFilter'         : 'objectclass=*'  ,
              'extraParams'      : '-s base'  }
          </call>

          <message>
             '%s Step 3. get-account-expiration-time with manage-account' % msg1
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : 'get-account-expiration-time' ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
             { 'returnString'       : returnString ,
               'expectedString'     : 'Account Expiration Time:' }
          </call>

          <message>
             '%s Step 4. Check get-password-expiration-warned-time ' % msg1
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : 'get-password-expiration-warned-time' ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
             { 'returnString'       : returnString ,
               'expectedString'     : 'Password Expiration Warned Time:' }
          </call>

          <message>
             '%s Step 5. Check get-seconds-until-password-expiration' % msg1
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : 'get-seconds-until-password-expiration' ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
             { 'returnString'       : returnString ,
               'expectedString'     : 'Seconds Until Password Expiration:' }
          </call>

          <message>
             '%s Step 5. Check manage-account %s' % (msg1,msg2)
          </message>

          <call function="'manageAccountWithScript'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'subcommand'       : msg2 ,
                'targetDn'         : 'uid=abergin,%s' % basedn  }
          </call>

          <script>
             returnString = STAXResult[0][1]
          </script>

          <call function="'checktestString'">
             { 'returnString'       : returnString ,
               'expectedString'     : 'Seconds Until %s:' % msg3 }
          </call>

          <call function="'testCase_Postamble'"/>

        </sequence>

      </testcase>

    </sequence>

  </function>

</stax>