Authd replacement configurations QA

deps/wazuh_testing/wazuh_testing/authd.py

@@ -0,0 +1,197 @@
+'''
+brief: This module holds common methods and variables for the authd tests
+copyright:
+    Copyright (C) 2015-2021, Wazuh Inc.
+    Created by Wazuh, Inc. <[email protected]>.
+    This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+'''
+
+import re
+import pytest
+import time
+from wazuh_testing.tools import CLIENT_KEYS_PATH, LOG_FILE_PATH
+from wazuh_testing.wazuh_db import query_wdb
+from wazuh_testing.tools.monitoring import FileMonitor, make_callback, AUTHD_DETECTOR_PREFIX
+
+
+DAEMON_NAME = 'wazuh-authd'
+AUTHD_KEY_REQUEST_TIMEOUT = 10
+
+
+def create_authd_request(input):
+    """
+    Creates a command to request keys to Authd.
+
+    Args:
+        input (dict): Dictionary with the content of the request command.
+    """
+    command = ""
+
+    if 'password' in input:
+        password = input['password']
+        command = command + f'OSSEC PASS: {password} '
+
+    command = command + 'OSSEC'
+
+    if 'name' in input:
+        name = input['name']
+        command = command + f" A:'{name}'"
+    else:
+        raise Exception("Error creating the Authd command: 'name' is required")
+
+    if 'group' in input:
+        group = input['group']
+        command = command + f" G:'{group}'"
+
+    if 'ip' in input:
+        ip = input['ip']
+        command = command + f" IP:'{ip}'"
+
+    if 'key_hash' in input:
+        key_hash = input['key_hash']
+        command = command + f" K:'{key_hash}'"
+
+    return command
+
+
+# Functions
+def validate_authd_logs(expected_logs, log_monitor=None):
+    if not log_monitor:
+        log_monitor = FileMonitor(LOG_FILE_PATH)
+
+    for log in expected_logs:
+        log_monitor.start(timeout=AUTHD_KEY_REQUEST_TIMEOUT,
+                          callback=make_callback(log, prefix=AUTHD_DETECTOR_PREFIX,
+                                                 escape=True),
+                          error_message=f"Expected log does not occured: '{log}'")
+
+
+def validate_argument(received, expected, argument_name):
+    if received != expected:
+        return 'error', f"Invalid '{argument_name}': '{received}' received, '{expected}' expected."
+    else:
+        return 'success', ''
+
+
+def validate_authd_response(response, expected):
+    """
+    Validates if the different items of an Authd response are as expected. Any item inexistent in expected won't
+    be validated.
+
+    Args:
+        response (str): The Authd response to be validated.
+        expected (dict): Dictionary with the items to validate.
+    """
+    response = response.split(sep=" ", maxsplit=1)
+    status = response[0]
+    result = 'success'
+    err_msg = ''
+    if expected['status'] == 'success':
+        result, err_msg = validate_argument(status, 'OSSEC', 'status')
+        if result != 'success':
+            return result, err_msg
+
+        agent_key = response[1].split('\'')[1::2][0].split()
+        id = agent_key[0]
+        name = agent_key[1]
+        ip = agent_key[2]
+        key = agent_key[3]
+
+        if 'id' in expected:
+            result, err_msg = validate_argument(id, expected['id'], 'id')
+            if result != 'success':
+                return result, err_msg
+
+        if 'name' in expected:
+            result, err_msg = validate_argument(name, expected['name'], 'name')
+            if result != 'success':
+                return result, err_msg
+
+        if 'ip' in expected:
+            result, err_msg = validate_argument(ip, expected['ip'], 'ip')
+            if result != 'success':
+                return result, err_msg
+
+        if 'key' in expected:
+            result, err_msg = validate_argument(key, expected['key'], 'key')
+            if result != 'success':
+                return result, err_msg
+
+    elif expected['status'] == 'error':
+        result, err_msg = validate_argument(status, 'ERROR:', 'status')
+        if result != 'success':
+            return result, err_msg
+
+        message = response[1]
+        if 'message' in expected:
+            if re.match(expected['message'], message) is None:
+                return 'error', f"Invalid 'message': '{message}' received, '{expected['message']}' expected"
+    else:
+        raise Exception('Invalid expected status')
+
+    return result, err_msg
+
+
+def clean_agents_from_db():
+    """
+    Clean agents from DB
+    """
+    command = 'global sql DELETE FROM agent WHERE id != 0'
+    try:
+        query_wdb(command)
+    except Exception:
+        raise Exception('Unable to clean agents')
+
+
+def insert_agent_in_db(id=1, name="TestAgent", ip="any", registration_time=0, connection_status=0,
+                       disconnection_time=0):
+    """
+    Write agent in global.db
+    """
+    insert_command = f'global insert-agent {{"id":{id},"name":"{name}","ip":"{ip}","date_add":{registration_time}}}'
+    update_command = f'global sql UPDATE agent SET connection_status = "{connection_status}",\
+                       disconnection_time = "{disconnection_time}" WHERE id = {id};'
+    try:
+        query_wdb(insert_command)
+        query_wdb(update_command)
+    except Exception:
+        raise Exception(f'Unable to add agent {id}')
+
+
+@pytest.fixture(scope='function')
+def insert_pre_existent_agents(get_current_test_case, stop_authd_function):
+    agents = get_current_test_case.get('pre_existent_agents', [])
+    time_now = int(time.time())
+    try:
+        keys_file = open(CLIENT_KEYS_PATH, 'w')
+    except IOError as exception:
+        raise exception
+
+    clean_agents_from_db()
+
+    for agent in agents:
+        id = agent['id'] if 'id' in agent else '001'
+        name = agent['name'] if 'name' in agent else f'TestAgent{id}'
+        ip = agent['ip'] if 'ip' in agent else 'any'
+        key = agent['key'] if 'key' in agent else 'TopSecret'
+        connection_status = agent['connection_status'] if 'connection_status' in agent else 'never_connected'
+        if 'disconnection_time' in agent and 'delta' in agent['disconnection_time']:
+            disconnection_time = time_now + agent['disconnection_time']['delta']
+        elif 'disconnection_time' in agent and 'value' in agent['disconnection_time']:
+            disconnection_time = agent['disconnection_time']['value']
+        else:
+            disconnection_time = time_now
+        if 'registration_time' in agent and 'delta' in agent['registration_time']:
+            registration_time = time_now + agent['registration_time']['delta']
+        elif 'registration_time' in agent and 'value' in agent['registration_time']:
+            registration_time = agent['registration_time']['value']
+        else:
+            registration_time = time_now
+
+        # Write agent in client.keys
+        keys_file.write(f'{id} {name} {ip} {key}\n')
+
+        # Write agent in global.db
+        insert_agent_in_db(id, name, ip, registration_time, connection_status, disconnection_time)
+
+    keys_file.close()

deps/wazuh_testing/wazuh_testing/tools/services.py

@@ -205,6 +205,7 @@ def check_daemon_status(target_daemon=None, running_condition=True, timeout=10,
         elapsed_time = 0
 
         while elapsed_time < timeout and not condition_met:
+
             control_status_output = subprocess.run([f'{WAZUH_PATH}/bin/wazuh-control', 'status'],
                                                    stdout=subprocess.PIPE).stdout.decode()
             condition_met = True

tests/integration/conftest.py

@@ -37,16 +37,19 @@
 ###############################
 report_files = [LOG_FILE_PATH, WAZUH_CONF, WAZUH_LOCAL_INTERNAL_OPTIONS]
 
+
 def set_report_files(files):
     if files:
         for file in files:
             report_files.append(file)
 
+
 def get_report_files():
     return report_files
 
 ###############################
 
+
 def pytest_runtest_setup(item):
     # Find if platform applies
     supported_platforms = PLATFORMS.intersection(mark.name for mark in item.iter_markers())
@@ -279,11 +282,12 @@ def pytest_configure(config):
     # Set files to add to the HTML report
     set_report_files(config.getoption("--save-file"))
 
-   # Set WPK package path
+    # Set WPK package path
     global_parameters.wpk_package_path = config.getoption("--wpk_package_path")
     if global_parameters.wpk_package_path:
         global_parameters.wpk_package_path = global_parameters.wpk_package_path
 
+
 def pytest_html_results_table_header(cells):
     cells.insert(4, html.th('Tier', class_='sortable tier', col='tier'))
     cells.insert(3, html.th('Markers'))
@@ -641,7 +645,7 @@ def configure_sockets_environment_function(request):
 
     # Stop wazuh-service and ensure all daemons are stopped
     control_service('stop')
-    check_daemon_status(running=False)
+    check_daemon_status(running_condition=False)
 
     monitored_sockets = list()
     mitm_list = list()
@@ -727,6 +731,7 @@ def create_file_structure_function(get_files_list):
 
     delete_file_structure(get_files_list)
 
+
 @pytest.fixture(scope='module')
 def configure_local_internal_options_module(request):
     """Fixture to configure the local internal options file.
@@ -827,7 +832,7 @@ def daemons_handler(get_configuration, request):
 def file_monitoring(request):
     """Fixture to handle the monitoring of a specified file.
 
-    It uses de variable `file_to_monitor` to determinate the file to monitor. Default `LOG_FILE_PATH`
+    It uses the variable `file_to_monitor` to determinate the file to monitor. Default `LOG_FILE_PATH`
 
     Args:
         request (fixture): Provide information on the executing test function.