From 693edcbe65291f84bde3fd7df4742a607a862789 Mon Sep 17 00:00:00 2001
From: Patrik Rosecky <prosecky@redhat.com>
Date: Mon, 23 Oct 2023 15:00:05 +0200
Subject: [PATCH] Tests: alltests/test_offline.py converted

---
 src/tests/multihost/alltests/test_offline.py | 16 +++-
 src/tests/system/tests/test_offline.py       | 96 ++++++++++++++++++++
 2 files changed, 107 insertions(+), 5 deletions(-)
 create mode 100644 src/tests/system/tests/test_offline.py

diff --git a/src/tests/multihost/alltests/test_offline.py b/src/tests/multihost/alltests/test_offline.py
index 9243bf8bf34..8b9e4411dcc 100644
--- a/src/tests/multihost/alltests/test_offline.py
+++ b/src/tests/multihost/alltests/test_offline.py
@@ -20,6 +20,7 @@ class TestOffline(object):
     """
     This is test case class for ldap offline suite
     """
+    @pytest.mark.converted('test_offline.py', 'test_offline__log_to_syslog')
     @pytest.mark.tier1
     def test_0001_bz1416150(self, multihost, backupsssdconf):
         """
@@ -58,6 +59,7 @@ def test_0001_bz1416150(self, multihost, backupsssdconf):
         else:
             pytest.fail("Failed to start sssd")
 
+    @pytest.mark.converted('test_offline.py', 'test_offline__timeout_setting_in_logs')
     @pytest.mark.tier1_2
     def test_0002_bz1928648(self, multihost, backupsssdconf):
         """
@@ -102,11 +104,15 @@ def test_0002_bz1928648(self, multihost, backupsssdconf):
         assert block_ip.returncode == 0
         user = 'foo1@example1'
         time.sleep(5)
-        with pytest.raises(Exception):
-            check_login_client(multihost, user, 'Secret123')
-        multihost.client[0].run_command(f"iptables "
-                                        f"-D OUTPUT -d "
-                                        f"{hostname} -j DROP")
+        try:
+            with pytest.raises(Exception):
+                check_login_client(multihost, user, 'Secret123')
+        except(Exception) as e:
+            pytest.fail(e)
+        finally:
+            multihost.client[0].run_command(f"iptables "
+                                            f"-D OUTPUT -d "
+                                            f"{hostname} -j DROP")
         it_cat = "cat /var/log/sssd/sssd_example1.log"
         cat_read = multihost.client[0].run_command(it_cat)
         for i in ['ldap_opt_timeout',
diff --git a/src/tests/system/tests/test_offline.py b/src/tests/system/tests/test_offline.py
new file mode 100644
index 00000000000..ff2f4a7ad75
--- /dev/null
+++ b/src/tests/system/tests/test_offline.py
@@ -0,0 +1,96 @@
+"""
+Automation of offline tests
+
+:requirement: offline
+"""
+
+from __future__ import annotations
+
+import time
+
+import pytest
+from sssd_test_framework.roles.client import Client
+from sssd_test_framework.roles.ldap import LDAP
+from sssd_test_framework.topology import KnownTopology, KnownTopologyGroup
+
+
+@pytest.mark.ticket(bz=1416150)
+@pytest.mark.topology(KnownTopologyGroup.AnyProvider)
+def test_offline__log_to_syslog(client: Client):
+    """
+    :title: Log to syslog when sssd cannot contact servers goes offline
+    :setup:
+        1. Set sssd.conf properly
+        2. Start SSSD
+    :steps:
+        1. Check domain status for default domain
+        2. Save date and restart SSSD
+        3. Check journalctl
+    :expectedresults:
+        1. Domain is offline
+        2. Succeed
+        3. "Backend is offline" found
+    :customerscenario: True
+    """
+    client.sssd.domain["ldap_uri"] = f"ldaps://typo.{client.host.hostname}"
+    client.sssd.domain["ldap_sudo_random_offset"] = "0"
+    client.sssd.start()
+
+    status = client.sssctl.domain_status(client.sssd.default_domain)
+    assert status.rc == 0, "sssctl domain-status failed"
+    assert "Offline" in status.stdout, "'Offline' not found in command output"
+
+    date = client.host.ssh.run("date --rfc-3339=s")
+    client.sssd.restart()
+
+    i = 0
+    while i < 80:
+        time.sleep(1)
+        # We shorten date output to get correct format
+        # "2023-10-23 15:01:36+02:00" => "2023-10-23 15:01:36"
+        log = client.tools.journalctl(unit="sssd", since=date.stdout[0:19])
+        if "Backend is offline" in log.stdout:
+            break
+        i += 1
+    assert "Backend is offline" in log.stdout, "'Backend is offline' is not logged after 80 attempts"
+
+
+@pytest.mark.ticket(bz=1928648)
+@pytest.mark.topology(KnownTopology.LDAP)
+def test_offline__timeout_setting_in_logs(client: Client, ldap: LDAP):
+    """
+    :title: Each timeout setting is properly logged in logs
+    :setup:
+        1. Add user
+        2. Start SSSD
+    :steps:
+        1. Check logs
+        2. Fetch information about user
+        3. Block LDAP traffic
+        4. Connect user over SSH
+        5. Check logs
+    :expectedresults:
+        1. Timeout setting is stored in logs
+        2. User is found
+        3. LDAP traffic is blocked
+        4. User is unable to connect
+        5. Each timeout setting is stored in logs
+    :customerscenario: True
+    """
+    ldap.user("user1").add(password="Secret123")
+    client.sssd.start()
+
+    log = client.fs.read(f"/var/log/sssd/sssd_{client.sssd.default_domain}.log")
+    assert "Setting 6 seconds timeout" in log
+    assert "ldap_network_timeout" in log
+
+    assert client.tools.id("user1") is not None
+
+    ldap.firewall.drop(389)
+
+    with pytest.raises(Exception):
+        client.ssh("user1", "Secret123").connect()
+
+    log = client.fs.read(f"/var/log/sssd/sssd_{client.sssd.default_domain}.log")
+    for timeout in ["ldap_opt_timeout", "ldap_search_timeout", "ldap_network_timeout", "dns_resolver_timeout"]:
+        assert timeout in log, f"Value '{timeout}' not found in logs"