remove usage of make_ws_request

truenas · Jul 5, 2024 · ce1f951 · ce1f951
1 parent 2db5216
commit ce1f951
Show file tree

Hide file tree

Showing 4 changed files with 131 additions and 255 deletions.
diff --git a/tests/api2/test_014_failover_related.py b/tests/api2/test_014_failover_related.py
@@ -1,19 +1,13 @@
-#!/usr/bin/env python3
-
 import errno
-import sys
-import os
-apifolder = os.getcwd()
-sys.path.append(apifolder)
 
 import pytest
-from functions import GET, SSH_TEST, make_ws_request
-from auto_config import ha, user, password
 from pytest_dependency import depends
+
+from functions import SSH_TEST
+from auto_config import ha, user, password
 from truenas_api_client import ClientException
 from middlewared.test.integration.assets.account import unprivileged_user
 from middlewared.test.integration.utils import call, client
-from middlewared.test.integration.utils.client import truenas_server
 
 
 @pytest.fixture(scope='module')
@@ -73,37 +67,20 @@ def test_04_check_hactl_enable(request):
 
 
 def test_05_check_hactl_disable(request):
-    # integration tests run against the master node (at least they should...)
     depends(request, ['hactl_enable'])
     rv = SSH_TEST('hactl disable', user, password)
     output = rv['stdout'].strip()
     if ha:
         assert 'Failover disabled.' in output, output
-
-        rv = make_ws_request(truenas_server.ip, {'msg': 'method', 'method': 'failover.config', 'params': []})
-        assert isinstance(rv['result'], dict), rv['result']
-        assert rv['result']['disabled'] is True, rv['result']
-
+        assert call('failover.config')['disabled'] is True
         rv = SSH_TEST('hactl enable', user, password)
         output = rv['stdout'].strip()
         assert 'Failover enabled.' in output, output
-
-        rv = make_ws_request(truenas_server.ip, {'msg': 'method', 'method': 'failover.config', 'params': []})
-        assert isinstance(rv['result'], dict), rv['result']
-        assert rv['result']['disabled'] is False, rv['result']
+        assert call('failover.config')['disabled'] is False
     else:
         assert 'Not an HA node' in output, output
 
 
-def test_06_test_failover_get_ips():
-    results = GET('/failover/get_ips', controller_a=ha)
-    assert results.status_code == 200, results.text
-    rv = results.json()
-    assert (isinstance(rv, list)), rv
-    if ha:
-        assert rv
-
-
 if ha:
     def test_07_failover_replicate():
         old_ns = call('network.configuration.config')['nameserver3']

diff --git a/tests/api2/test_032_ad_kerberos.py b/tests/api2/test_032_ad_kerberos.py
@@ -1,31 +1,49 @@
-import os
-import sys
-import time
+from base64 import b64decode
+from contextlib import contextmanager
 
 import pytest
 
 from middlewared.test.integration.assets.pool import dataset
+from middlewared.test.integration.assets.directory_service import active_directory
+from middlewared.test.integration.utils import call
 
-apifolder = os.getcwd()
-sys.path.append(apifolder)
-from functions import make_ws_request
-from functions import PUT, POST, GET, DELETE, SSH_TEST, wait_on_job
+from functions import PUT, POST, GET, DELETE, SSH_TEST
 from auto_config import hostname, password, user
-from calendar import timegm
-from contextlib import contextmanager
-from base64 import b64decode
 from protocols import nfs_share
-from pytest_dependency import depends
-from middlewared.test.integration.assets.directory_service import active_directory
-from middlewared.test.integration.utils.client import truenas_server
 
 try:
-    from config import AD_DOMAIN, ADPASSWORD, ADUSERNAME, ADNameServer, AD_COMPUTER_OU
+    from config import AD_DOMAIN, ADPASSWORD, ADUSERNAME, AD_COMPUTER_OU
 except ImportError:
-    Reason = 'ADNameServer AD_DOMAIN, ADPASSWORD, or/and ADUSERNAME are missing in config.py"'
-    pytestmark = pytest.mark.skip(reason=Reason)
-
-SAMPLE_KEYTAB = "BQIAAABTAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBAAEACDHN3Kv9WKLLAAAAAQAAAAAAAABHAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAAGVEVTVDQ5AAAAAV8kEroBAAEACDHN3Kv9WKLLAAAAAQAAAAAAAABTAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBAAMACDHN3Kv9WKLLAAAAAQAAAAAAAABHAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAAGVEVTVDQ5AAAAAV8kEroBAAMACDHN3Kv9WKLLAAAAAQAAAAAAAABbAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBABEAEBDQOH+tKYCuoedQ53WWKFgAAAABAAAAAAAAAE8AAgALSE9NRURPTS5GVU4AEXJlc3RyaWN0ZWRrcmJob3N0AAZURVNUNDkAAAABXyQSugEAEQAQENA4f60pgK6h51DndZYoWAAAAAEAAAAAAAAAawACAAtIT01FRE9NLkZVTgARcmVzdHJpY3RlZGtyYmhvc3QAEnRlc3Q0OS5ob21lZG9tLmZ1bgAAAAFfJBK6AQASACCKZTjTnrjT30jdqAG2QRb/cFyTe9kzfLwhBAm5QnuMiQAAAAEAAAAAAAAAXwACAAtIT01FRE9NLkZVTgARcmVzdHJpY3RlZGtyYmhvc3QABlRFU1Q0OQAAAAFfJBK6AQASACCKZTjTnrjT30jdqAG2QRb/cFyTe9kzfLwhBAm5QnuMiQAAAAEAAAAAAAAAWwACAAtIT01FRE9NLkZVTgARcmVzdHJpY3RlZGtyYmhvc3QAEnRlc3Q0OS5ob21lZG9tLmZ1bgAAAAFfJBK6AQAXABAcyjciCUnM9DmiyiPO4VIaAAAAAQAAAAAAAABPAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAAGVEVTVDQ5AAAAAV8kEroBABcAEBzKNyIJScz0OaLKI87hUhoAAAABAAAAAAAAAEYAAgALSE9NRURPTS5GVU4ABGhvc3QAEnRlc3Q0OS5ob21lZG9tLmZ1bgAAAAFfJBK6AQABAAgxzdyr/ViiywAAAAEAAAAAAAAAOgACAAtIT01FRE9NLkZVTgAEaG9zdAAGVEVTVDQ5AAAAAV8kEroBAAEACDHN3Kv9WKLLAAAAAQAAAAAAAABGAAIAC0hPTUVET00uRlVOAARob3N0ABJ0ZXN0NDkuaG9tZWRvbS5mdW4AAAABXyQSugEAAwAIMc3cq/1YossAAAABAAAAAAAAADoAAgALSE9NRURPTS5GVU4ABGhvc3QABlRFU1Q0OQAAAAFfJBK6AQADAAgxzdyr/ViiywAAAAEAAAAAAAAATgACAAtIT01FRE9NLkZVTgAEaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBABEAEBDQOH+tKYCuoedQ53WWKFgAAAABAAAAAAAAAEIAAgALSE9NRURPTS5GVU4ABGhvc3QABlRFU1Q0OQAAAAFfJBK6AQARABAQ0Dh/rSmArqHnUOd1lihYAAAAAQAAAAAAAABeAAIAC0hPTUVET00uRlVOAARob3N0ABJ0ZXN0NDkuaG9tZWRvbS5mdW4AAAABXyQSugEAEgAgimU40564099I3agBtkEW/3Bck3vZM3y8IQQJuUJ7jIkAAAABAAAAAAAAAFIAAgALSE9NRURPTS5GVU4ABGhvc3QABlRFU1Q0OQAAAAFfJBK6AQASACCKZTjTnrjT30jdqAG2QRb/cFyTe9kzfLwhBAm5QnuMiQAAAAEAAAAAAAAATgACAAtIT01FRE9NLkZVTgAEaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBABcAEBzKNyIJScz0OaLKI87hUhoAAAABAAAAAAAAAEIAAgALSE9NRURPTS5GVU4ABGhvc3QABlRFU1Q0OQAAAAFfJBK6AQAXABAcyjciCUnM9DmiyiPO4VIaAAAAAQAAAAAAAAA1AAEAC0hPTUVET00uRlVOAAdURVNUNDkkAAAAAV8kEroBAAEACDHN3Kv9WKLLAAAAAQAAAAAAAAA1AAEAC0hPTUVET00uRlVOAAdURVNUNDkkAAAAAV8kEroBAAMACDHN3Kv9WKLLAAAAAQAAAAAAAAA9AAEAC0hPTUVET00uRlVOAAdURVNUNDkkAAAAAV8kEroBABEAEBDQOH+tKYCuoedQ53WWKFgAAAABAAAAAAAAAE0AAQALSE9NRURPTS5GVU4AB1RFU1Q0OSQAAAABXyQSugEAEgAgimU40564099I3agBtkEW/3Bck3vZM3y8IQQJuUJ7jIkAAAABAAAAAAAAAD0AAQALSE9NRURPTS5GVU4AB1RFU1Q0OSQAAAABXyQSugEAFwAQHMo3IglJzPQ5osojzuFSGgAAAAEAAAAA"
+    pytestmark = pytest.mark.skip(
+        reason='1 or all of AD_DOMAIN, ADPASSWORD, ADUSERNAME, AD_COMPUTER_OU are missing in config.py"'
+    )
+
+SAMPLE_KEYTAB = (
+    "BQIAAABTAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBAAEACDHN3Kv9WKLLAAAA",
+    "AQAAAAAAAABHAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAAGVEVTVDQ5AAAAAV8kEroBAAEACDHN3Kv9WKLLAAAAAQAAAAAAAABT",
+    "AAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBAAMACDHN3Kv9WKLLAAAAAQAAAAAA",
+    "AABHAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAAGVEVTVDQ5AAAAAV8kEroBAAMACDHN3Kv9WKLLAAAAAQAAAAAAAABbAAIAC0hP",
+    "TUVET00uRlVOABFyZXN0cmljdGVka3JiaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBABEAEBDQOH+tKYCuoedQ53WWKFgAAAABAAAA",
+    "AAAAAE8AAgALSE9NRURPTS5GVU4AEXJlc3RyaWN0ZWRrcmJob3N0AAZURVNUNDkAAAABXyQSugEAEQAQENA4f60pgK6h51DndZYoWAAAAAEAAAAA",
+    "AAAAawACAAtIT01FRE9NLkZVTgARcmVzdHJpY3RlZGtyYmhvc3QAEnRlc3Q0OS5ob21lZG9tLmZ1bgAAAAFfJBK6AQASACCKZTjTnrjT30jdqAG2",
+    "QRb/cFyTe9kzfLwhBAm5QnuMiQAAAAEAAAAAAAAAXwACAAtIT01FRE9NLkZVTgARcmVzdHJpY3RlZGtyYmhvc3QABlRFU1Q0OQAAAAFfJBK6AQAS",
+    "ACCKZTjTnrjT30jdqAG2QRb/cFyTe9kzfLwhBAm5QnuMiQAAAAEAAAAAAAAAWwACAAtIT01FRE9NLkZVTgARcmVzdHJpY3RlZGtyYmhvc3QAEnRl",
+    "c3Q0OS5ob21lZG9tLmZ1bgAAAAFfJBK6AQAXABAcyjciCUnM9DmiyiPO4VIaAAAAAQAAAAAAAABPAAIAC0hPTUVET00uRlVOABFyZXN0cmljdGVk",
+    "a3JiaG9zdAAGVEVTVDQ5AAAAAV8kEroBABcAEBzKNyIJScz0OaLKI87hUhoAAAABAAAAAAAAAEYAAgALSE9NRURPTS5GVU4ABGhvc3QAEnRlc3Q0",
+    "OS5ob21lZG9tLmZ1bgAAAAFfJBK6AQABAAgxzdyr/ViiywAAAAEAAAAAAAAAOgACAAtIT01FRE9NLkZVTgAEaG9zdAAGVEVTVDQ5AAAAAV8kEroB",
+    "AAEACDHN3Kv9WKLLAAAAAQAAAAAAAABGAAIAC0hPTUVET00uRlVOAARob3N0ABJ0ZXN0NDkuaG9tZWRvbS5mdW4AAAABXyQSugEAAwAIMc3cq/1Y",
+    "ossAAAABAAAAAAAAADoAAgALSE9NRURPTS5GVU4ABGhvc3QABlRFU1Q0OQAAAAFfJBK6AQADAAgxzdyr/ViiywAAAAEAAAAAAAAATgACAAtIT01F",
+    "RE9NLkZVTgAEaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBABEAEBDQOH+tKYCuoedQ53WWKFgAAAABAAAAAAAAAEIAAgALSE9NRURP",
+    "TS5GVU4ABGhvc3QABlRFU1Q0OQAAAAFfJBK6AQARABAQ0Dh/rSmArqHnUOd1lihYAAAAAQAAAAAAAABeAAIAC0hPTUVET00uRlVOAARob3N0ABJ0",
+    "ZXN0NDkuaG9tZWRvbS5mdW4AAAABXyQSugEAEgAgimU40564099I3agBtkEW/3Bck3vZM3y8IQQJuUJ7jIkAAAABAAAAAAAAAFIAAgALSE9NRURP",
+    "TS5GVU4ABGhvc3QABlRFU1Q0OQAAAAFfJBK6AQASACCKZTjTnrjT30jdqAG2QRb/cFyTe9kzfLwhBAm5QnuMiQAAAAEAAAAAAAAATgACAAtIT01F",
+    "RE9NLkZVTgAEaG9zdAASdGVzdDQ5LmhvbWVkb20uZnVuAAAAAV8kEroBABcAEBzKNyIJScz0OaLKI87hUhoAAAABAAAAAAAAAEIAAgALSE9NRURP",
+    "TS5GVU4ABGhvc3QABlRFU1Q0OQAAAAFfJBK6AQAXABAcyjciCUnM9DmiyiPO4VIaAAAAAQAAAAAAAAA1AAEAC0hPTUVET00uRlVOAAdURVNUNDkk",
+    "AAAAAV8kEroBAAEACDHN3Kv9WKLLAAAAAQAAAAAAAAA1AAEAC0hPTUVET00uRlVOAAdURVNUNDkkAAAAAV8kEroBAAMACDHN3Kv9WKLLAAAAAQAA",
+    "AAAAAAA9AAEAC0hPTUVET00uRlVOAAdURVNUNDkkAAAAAV8kEroBABEAEBDQOH+tKYCuoedQ53WWKFgAAAABAAAAAAAAAE0AAQALSE9NRURPTS5G",
+    "VU4AB1RFU1Q0OSQAAAABXyQSugEAEgAgimU40564099I3agBtkEW/3Bck3vZM3y8IQQJuUJ7jIkAAAABAAAAAAAAAD0AAQALSE9NRURPTS5GVU4A",
+    "B1RFU1Q0OSQAAAABXyQSugEAFwAQHMo3IglJzPQ5osojzuFSGgAAAAEAAAAA"
+)
 
 SAMPLEDOM_NAME = "CANARY.FUN"
 SAMPLEDOM_REALM = {
@@ -57,21 +75,10 @@ def get_export_sec(exports_config):
     return sec_entry
 
 
-def regenerate_exports():
+def check_export_sec(expected):
     # NFS service isn't running for these tests
     # and so exports aren't updated. Force the update.
-    ip = truenas_server.ip
-    res = make_ws_request(ip, {
-        'msg': 'method',
-        'method': 'etc.generate',
-        'params': ['nfsd'],
-    })
-    error = res.get('error')
-    assert error is None, str(error)
-
-
-def check_export_sec(expected):
-    regenerate_exports()
+    call('etc.generate', 'nfsd')
     results = SSH_TEST('cat /etc/exports', user, password)
     assert results['result'] is True, results['stderr']
     exports_config = results['stdout'].strip()
@@ -98,7 +105,7 @@ def parse_krb5_conf(fn, split=None, state=None):
 def add_kerberos_keytab(ktname):
     payload = {
         "name": ktname,
-        "file": SAMPLE_KEYTAB
+        "file": ''.join(SAMPLE_KEYTAB)
     }
     results = POST("/kerberos/keytab/", payload)
     assert results.status_code == 200, results.text
@@ -117,7 +124,7 @@ def add_kerberos_keytab(ktname):
 
 @contextmanager
 def add_kerberos_realm(realm_name):
-    results = POST("/kerberos/realm/",{
+    results = POST("/kerberos/realm/", {
         'realm': realm_name,
     })
     assert results.status_code == 200, results.text
@@ -143,7 +150,6 @@ def do_ad_connection(request):
 
 
 def test_02_kerberos_keytab_and_realm(do_ad_connection):
-    ip = truenas_server.ip
     def krb5conf_parser(krb5conf_lines, idx, entry, state):
         if entry.lstrip() == f"kdc = {SAMPLEDOM_REALM['kdc'][0]}":
             assert krb5conf_lines[idx + 1].lstrip() == f"kdc = {SAMPLEDOM_REALM['kdc'][1]}"
@@ -160,7 +166,6 @@ def krb5conf_parser(krb5conf_lines, idx, entry, state):
             assert krb5conf_lines[idx + 2].lstrip() == f"kpasswd_server = {SAMPLEDOM_REALM['kpasswd_server'][2]}"
             state['has_kpasswd_server'] = True
 
-
     results = GET('/activedirectory/started/')
     assert results.status_code == 200, results.text
 
@@ -192,49 +197,34 @@ def krb5conf_parser(krb5conf_lines, idx, entry, state):
     the system keytab. AD_MACHINE_ACCOUNT should add more than
     one principal.
     """
-    res = make_ws_request(ip, {
-        'msg': 'method',
-        'method': 'kerberos.keytab.kerberos_principal_choices',
-        'params': [],
-    })
-    error = res.get('error')
-    assert error is None, str(error)
-
-    orig_kt_len = len(res['result'])
-    assert orig_kt_len != 0, res['result']
+    res = call('kerberos.keytab.kerberos_principal_choices')
+    assert len(res) != 0, res
 
     """
     kerberos.check_ticket performs a platform-independent verification
     of kerberos ticket.
     """
-    res = make_ws_request(ip, {
-        'msg': 'method',
-        'method': 'kerberos.check_ticket',
-        'params': [],
-    })
-    error = res.get('error')
-    assert error is None, str(error)
-    assert res['result'] is True
+    assert call('kerberos.check_ticket'), 'kerberos.check_ticket returned False'
 
     """
     Test uploading b64encoded sample kerberos keytab included
     at top of this file. In the next series of tests we will
     upload, validate that it was uploaded, and verify that the
     keytab is read back correctly.
     """
-    with add_kerberos_keytab("KT2") as new_keytab:
+    with add_kerberos_keytab("KT2"):
         results = GET('/kerberos/keytab/?name=KT2')
         assert results.status_code == 200, results.text
         assert len(results.json()) == 1, results.text
         assert results.json()[0]['file'] != "", "second keytab file empty"
         errstr = ""
         try:
-             b64decode(results.json()[0]['file'])
+            b64decode(results.json()[0]['file'])
         except Exception as e:
-             errstr = e.args[0]
+            errstr = e.args[0]
 
         assert errstr == "", f"b64decode of keytab failed with: {errstr}"
-        assert results.json()[0]['file'] == SAMPLE_KEYTAB, results.text
+        assert results.json()[0]['file'] == ''.join(SAMPLE_KEYTAB), results.text
 
     """
     AD Join should automatically add a kerberos realm
@@ -352,18 +342,9 @@ def parse_section(unused, idx, sec, state):
 
 
 def test_04_kerberos_nfs4(do_ad_connection):
-    ip = truenas_server.ip
-    res = make_ws_request(ip, {
-        'msg': 'method',
-        'method': 'kerberos.keytab.has_nfs_principal',
-        'params': [],
-    })
-    error = res.get('error')
-    assert error is None, str(error)
-    assert res['result'] is False
-
+    assert call('kerberos.keytab.has_nfs_principal') is False, 'nfs_principal detected'
     with dataset('AD_NFS') as ds:
-        with nfs_share(f'/mnt/{ds}', options={'comment': 'KRB Test Share'}) as share:
+        with nfs_share(f'/mnt/{ds}', options={'comment': 'KRB Test Share'}):
             payload = {"protocols": ["NFSV3", "NFSV4"]}
             results = PUT("/nfs/", payload)
             assert results.status_code == 200, results.text
@@ -390,35 +371,12 @@ def test_04_kerberos_nfs4(do_ad_connection):
             assert results.status_code == 200, results.text
             netbios_name = results.json()['netbiosname_local']
 
-            res = make_ws_request(ip, {
-                'msg': 'method',
-                'method': 'activedirectory.add_nfs_spn',
-                'params': [netbios_name, AD_DOMAIN],
-            })
-            error = res.get('error')
-            assert error is None, str(error)
-
-            job_id = res['result']
-            job_status = wait_on_job(job_id, 180)
-            assert job_status['state'] == 'SUCCESS', str(job_status['results'])
-
-            res = make_ws_request(ip, {
-                'msg': 'method',
-                'method': 'kerberos.keytab.has_nfs_principal',
-                'params': [],
-            })
-            error = res.get('error')
-            assert error is None, str(error)
-            assert res['result'] is True
-
-            res = make_ws_request(ip, {
-                'msg': 'method',
-                'method': 'smb.getparm',
-                'params': ['winbind use default domain', 'GLOBAL'],
-            })
-            error = res.get('error')
-            assert error is None, str(error)
-            assert res['result'] is True
+            spn_job = call('activedirectory.add_nfs_spn', netbios_name, AD_DOMAIN, job=True)
+            assert spn_job['state'] == 'SUCCESS', spn_job
+            assert call('kerberos.keytab.has_nfs_principal'), 'NFS principal not detected'
+
+            getparm = call('smb.getparm', 'winbind use default domain', 'GLOBAL')
+            assert getparm, f'smb.getparm failed: {getparm!r}'
 
             """
             Second NFS exports check. We now have an NFS SPN entry
@@ -459,18 +417,8 @@ def test_05_verify_nfs_krb_disabled(request):
 
 
 def test_06_kerberos_ticket_management(do_ad_connection):
-    ip = truenas_server.ip
-
-    res = make_ws_request(ip, {
-        'msg': 'method',
-        'method': 'kerberos.klist',
-        'params': [],
-    })
-    error = res.get('error')
-    assert error is None, str(error)
-
-    klist_out = res['result']
-    assert klist_out['default_principal'].startswith(hostname.upper()), str(klist_out)
+    klist_out = call('kerberos.klist')
+    assert klist_out['default_principal'].startswith(hostname.upper()), klist_out
     assert klist_out['ticket_cache']['type'] == 'FILE'
     assert klist_out['ticket_cache']['name'] == '/var/run/middleware/krb5cc_0'
     assert len(klist_out['tickets']) != 0
@@ -480,7 +428,7 @@ def test_06_kerberos_ticket_management(do_ad_connection):
         if tkt['server'].startswith('krbtgt'):
             to_check = tkt
 
-    assert to_check is not None, str(klist_out)
+    assert to_check is not None, klist_out
     assert 'RENEWABLE' in to_check['flags']
 
     results = GET('/core/get_jobs/?method=kerberos.wait_for_renewal')