Merge pull request #58 from DMTF/Fix57-POST-Create-Fixes

mraineri · web-flow · commit a0f44e45dcfd · 2023-06-16T15:51:03.000-04:00
Fixes to POST (create) testing
diff --git a/redfish_protocol_validator/accounts.py b/redfish_protocol_validator/accounts.py
@@ -89,8 +89,21 @@ def new_username(existing_users):
     return user
 
 
-def new_password(sut: SystemUnderTest, length=10, upper=1, lower=1,
-                 digits=1, symbols=0):
+def new_password(sut: SystemUnderTest, length=16, upper=1, lower=1,
+                 digits=1, symbols=1):
+    # Get the min and max password length and override 'length' if needed
+    # Use either limit if one is specified
+    response = sut.get_response('GET', sut.account_service_uri)
+    try:
+        if response.ok:
+            data = response.json()
+            if 'MinPasswordLength' in data and length < data['MinPasswordLength']:
+                length = data['MinPasswordLength']
+            elif 'MaxPasswordLength' in data and length > data['MaxPasswordLength']:
+                length = data['MaxPasswordLength']
+    except:
+        pass
+
     ascii_symbols = '_-.'
     pwd = random.sample(string.ascii_uppercase, upper)
     pwd.extend(random.sample(string.ascii_lowercase, lower))
diff --git a/redfish_protocol_validator/service_requests.py b/redfish_protocol_validator/service_requests.py
@@ -1138,7 +1138,7 @@ def test_post_create_not_supported(sut: SystemUnderTest):
     """Perform tests for Assertion.REQ_POST_CREATE_NOT_SUPPORTED."""
     response = sut.get_response('POST', sut.accounts_uri)
     if response is None:
-        msg = ('Not response found for POST to Accounts URI; unable to test '
+        msg = ('No response found for POST to Accounts URI; unable to test '
                'this assertion')
         sut.log(Result.NOT_TESTED, 'POST', '', sut.accounts_uri,
                 Assertion.REQ_POST_CREATE_NOT_SUPPORTED, msg)
@@ -1151,14 +1151,39 @@ def test_post_create_not_supported(sut: SystemUnderTest):
                 Assertion.REQ_POST_CREATE_NOT_SUPPORTED,
                 'Test passed')
     else:
-        msg = ('POST request to URI %s failed with %s; expected %s; extended '
-               'error: %s' % (sut.accounts_uri, response.status_code,
-                              requests.codes.METHOD_NOT_ALLOWED,
-                              utils.get_extended_error(response)))
-        sut.log(Result.FAIL, 'POST', response.status_code, sut.accounts_uri,
-                Assertion.REQ_POST_CREATE_NOT_SUPPORTED,
-                msg)
-
+        try:
+            allow = sut.get_response('GET', sut.accounts_uri).headers.get('Allow')
+        except:
+            allow = None
+        if allow:
+            if 'POST' in allow.upper():
+                msg = ('POST request to URI %s failed with %s; extended '
+                       'error: %s; GET response contains an Allow header '
+                       'with POST specified' %
+                       (sut.accounts_uri, response.status_code,
+                        utils.get_extended_error(response)))
+                sut.log(Result.WARN, 'POST', response.status_code,
+                        sut.accounts_uri,
+                        Assertion.REQ_POST_CREATE_NOT_SUPPORTED, msg)
+            else:
+                msg = ('POST request to URI %s failed with %s; expected %s; '
+                       'extended error: %s' %
+                       (sut.accounts_uri, response.status_code,
+                        requests.codes.METHOD_NOT_ALLOWED,
+                        utils.get_extended_error(response)))
+                sut.log(Result.FAIL, 'POST', response.status_code,
+                        sut.accounts_uri,
+                        Assertion.REQ_POST_CREATE_NOT_SUPPORTED, msg)
+        else:
+            msg = ('POST request to URI %s failed with %s; expected %s; '
+                   'extended error: %s; GET response does not contain an '
+                   'Allow header to verify' %
+                   (sut.accounts_uri, response.status_code,
+                    requests.codes.METHOD_NOT_ALLOWED,
+                    utils.get_extended_error(response)))
+            sut.log(Result.WARN, 'POST', response.status_code,
+                    sut.accounts_uri, Assertion.REQ_POST_CREATE_NOT_SUPPORTED,
+                    msg)
 
 def test_post_create_not_idempotent(sut: SystemUnderTest):
     """Perform tests for Assertion.REQ_POST_CREATE_NOT_IDEMPOTENT."""
diff --git a/requirements.txt b/requirements.txt
@@ -4,4 +4,4 @@ pyasn1
 pyasn1-modules
 requests>=2.23.0
 sseclient-py
-urllib3
+urllib3<2
diff --git a/setup.py b/setup.py
@@ -30,5 +30,5 @@
         'console_scripts': ['rf_protocol_validator=redfish_protocol_validator.console_scripts:main']
     },
     install_requires=["aenum", "colorama", "pyasn1", "pyasn1-modules",
-                      "requests>=2.23.0", "sseclient-py", "urllib3"]
+                      "requests>=2.23.0", "sseclient-py", "urllib3<2"]
 )
diff --git a/unittests/test_accounts.py b/unittests/test_accounts.py
@@ -90,18 +90,18 @@ def test_new_username(self):
 
     def test_new_password(self):
         pass1 = accounts.new_password(self.sut)
-        self.assertEqual(len(pass1), 10)
+        self.assertEqual(len(pass1), 16)
         self.assertTrue(set(pass1).intersection(set(string.ascii_uppercase)))
         self.assertTrue(set(pass1).intersection(set(string.ascii_lowercase)))
         self.assertTrue(set(pass1).intersection(set(string.digits)))
         pass2 = accounts.new_password(self.sut)
-        self.assertEqual(len(pass2), 10)
+        self.assertEqual(len(pass2), 16)
         self.assertTrue(set(pass2).intersection(set(string.ascii_uppercase)))
         self.assertTrue(set(pass2).intersection(set(string.ascii_lowercase)))
         self.assertTrue(set(pass2).intersection(set(string.digits)))
         self.assertNotEqual(pass1, pass2)
         pass3 = accounts.new_password(self.sut, symbols=1)
-        self.assertEqual(len(pass3), 10)
+        self.assertEqual(len(pass3), 16)
         self.assertTrue(set(pass3).intersection(set(string.ascii_uppercase)))
         self.assertTrue(set(pass3).intersection(set(string.ascii_lowercase)))
         self.assertTrue(set(pass3).intersection(set(string.digits)))
diff --git a/unittests/test_service_requests.py b/unittests/test_service_requests.py
@@ -1640,11 +1640,12 @@ def test_test_post_create_not_supported_not_tested(self):
             'POST', uri)
         self.assertIsNotNone(result)
         self.assertEqual(Result.NOT_TESTED, result['result'])
-        self.assertIn('Not response found for POST to Accounts URI',
+        self.assertIn('No response found for POST to Accounts URI',
                       result['msg'])
 
     def test_test_post_create_not_supported_fail(self):
         uri = self.sut.accounts_uri
+        add_response(self.sut, uri, json={}, headers={'Allow': 'GET'})
         add_response(self.sut, uri, 'POST',
                      status_code=requests.codes.BAD_REQUEST)
         req.test_post_create_not_supported(self.sut)

Original file line number	Diff line number	Diff line change
`@@ -30,5 +30,5 @@`
`30`	`30`	`'console_scripts': ['rf_protocol_validator=redfish_protocol_validator.console_scripts:main']`
`31`	`31`	`},`
`32`	`32`	`install_requires=["aenum", "colorama", "pyasn1", "pyasn1-modules",`
`33`		`- "requests>=2.23.0", "sseclient-py", "urllib3"]`
	`33`	`+ "requests>=2.23.0", "sseclient-py", "urllib3<2"]`
`34`	`34`	`)`