diff --git a/.github/workflows/test-module.yml b/.github/workflows/test-module.yml index 8e653cdd..683b6c2e 100644 --- a/.github/workflows/test-module.yml +++ b/.github/workflows/test-module.yml @@ -12,43 +12,12 @@ on: types: [completed] jobs: - module: - if: ${{ github.event.workflow_run.conclusion == 'success' || github.event.workflow_run.conclusion == '' }} - uses: NethServer/ns8-github-actions/.github/workflows/module-info.yml@v1 - - chooser: - runs-on: ubuntu-latest - outputs: - node_a: ${{ steps.pick.outputs.node_a }} - node_b: ${{ steps.pick.outputs.node_b }} - steps: - - id: pick - run: | - if (( $GITHUB_RUN_NUMBER % 2 )); then - echo "node_a=rl1" >> "$GITHUB_OUTPUT" - echo "node_b=dn1" >> "$GITHUB_OUTPUT" - else - echo "node_a=dn1" >> "$GITHUB_OUTPUT" - echo "node_b=rl1" >> "$GITHUB_OUTPUT" - fi - - run_tests: - needs: [module, chooser] - strategy: - fail-fast: false - matrix: - scenario: [install, update] - uses: NethServer/ns8-github-actions/.github/workflows/test-on-digitalocean-infra.yml@v1 + run: + name: "Run tests" + # //// use @v1 instead of @refactor-testing + uses: NethServer/ns8-github-actions/.github/workflows/test-module.yml@refactor-testing with: - coremodules: ${{ matrix.scenario == 'install' && format('ghcr.io/{0}/{1}:{2}', needs.module.outputs.owner, needs.module.outputs.name, needs.module.outputs.tag) || '' }} - leader_nodes: >- - ${{ - matrix.scenario == 'install' - && needs.chooser.outputs.node_a - || needs.chooser.outputs.node_b - }} - args: ${{ format('ghcr.io/{0}/{1}:{2} -v SCENARIO:{3}', needs.module.outputs.owner, needs.module.outputs.name, needs.module.outputs.tag, matrix.scenario) }} - repo_ref: ${{ needs.module.outputs.sha }} - debug_shell: ${{ github.event.inputs.debug_shell == 'true' || false }} + ui_tests_strategy: on_ui_change + debug_shell: ${{ github.event.inputs.debug_shell == 'true' }} secrets: do_token: ${{ secrets.do_token }} diff --git a/test-module.sh b/test-module.sh index 563b6953..0e7220bb 100755 --- a/test-module.sh +++ b/test-module.sh @@ -5,40 +5,4 @@ # SPDX-License-Identifier: GPL-3.0-or-later # -set -e -a - -SSH_KEYFILE=${SSH_KEYFILE:-$HOME/.ssh/id_rsa} - -LEADER_NODE="${1:?missing LEADER_NODE argument}" -IMAGE_URL="${2:?missing IMAGE_URL argument}" -shift 2 - -ssh_key="$(< $SSH_KEYFILE)" -venvroot=/usr/local/venv - -podman run -i \ - --volume=.:/srv/source:z \ - --volume=rftest-cache:${venvroot}:z \ - --replace --name=rftest \ - --env=ssh_key \ - --env=venvroot \ - --env=LEADER_NODE \ - --env=IMAGE_URL \ - docker.io/python:3.11-alpine \ - ash -l -s -- "${@}" <<'EOF' -set -e -echo "$ssh_key" > /tmp/idssh -if [ ! -x ${venvroot}/bin/robot ] ; then - python3 -mvenv ${venvroot} --upgrade - ${venvroot}/bin/pip3 install -q -r /srv/source/tests/pythonreq.txt -fi -cd /srv/source -mkdir -vp tests/outputs/ -exec ${venvroot}/bin/robot \ - -v NODE_ADDR:${LEADER_NODE} \ - -v IMAGE_URL:${IMAGE_URL} \ - -v SSH_KEYFILE:/tmp/idssh \ - --name mail \ - --skiponfailure unstable \ - -d tests/outputs "${@}" tests/ -EOF +echo "Local test file to be removed ////" diff --git a/tests/15__ui.robot b/tests/15__ui.robot new file mode 100644 index 00000000..db080d4c --- /dev/null +++ b/tests/15__ui.robot @@ -0,0 +1,34 @@ +*** Settings *** +Library Browser + +*** Variables *** +${ADMIN_USER} admin +${ADMIN_PASSWORD} Nethesis,1234 +${MODULE_ID} ${EMPTY} + +*** Keywords *** + +Login to cluster-admin + New Page https://${NODE_ADDR}/cluster-admin/ + Fill Text text="Username" ${ADMIN_USER} + Click button >> text="Continue" + Fill Text text="Password" ${ADMIN_PASSWORD} + Click button >> text="Log in" + Wait For Elements State css=#main-content visible timeout=10s + +*** Test Cases *** + +Take screenshots + [Tags] ui + New Browser chromium headless=True + New Context ignoreHTTPSErrors=True + Login to cluster-admin + Go To https://${NODE_ADDR}/cluster-admin/#/apps/${MID} + Wait For Elements State iframe >>> h2 >> text="Status" visible timeout=10s + Sleep 5s + Take Screenshot filename=${OUTPUT DIR}/browser/screenshot/status.png + Go To https://${NODE_ADDR}/cluster-admin/#/apps/${MID}?page=settings + Wait For Elements State iframe >>> h2 >> text="Settings" visible timeout=10s + Sleep 5s + Take Screenshot filename=${OUTPUT DIR}/browser/screenshot/settings.png + Close Browser diff --git a/tests/20__dovecot.robot b/tests/20__dovecot.robot deleted file mode 100644 index f7e156eb..00000000 --- a/tests/20__dovecot.robot +++ /dev/null @@ -1,86 +0,0 @@ -*** Settings *** -Resource api.resource -Resource user_domain.resource -Resource keywords.resource -Library SSHLibrary - -*** Variables *** -${SCENARIO} install - -*** Test Cases *** -Bind to LDAP user domain - Run task module/${MID}/configure-module - ... {"hostname":"mail.domain.test","user_domain":"ldap.dom.test","mail_domain":"domain.test"} - -Check module update - Log Scenario ${SCENARIO} with ${IMAGE_URL} console=${True} - IF r'${SCENARIO}' == 'update' - ${out} ${rc} = Execute Command api-cli run update-module --data '{"force":true,"module_url":"${IMAGE_URL}","instances":["${MID}"]}' return_rc=${True} - Should Be Equal As Integers ${rc} 0 action update-module ${IMAGE_URL} failed - END - -TCP ports are open - [Template] Retry until TCP port is open - 110 - 143 - # 587 - 993 - 995 - # 465 - 9288 - 9289 - 2000 - 4190 - -API HTTP endpoint - ${out} ${err} ${rc} = Execute Command - ... timeout 10 curl -f http://127.0.0.1:9288/doveadm/v1 - ... return_rc=True return_stderr=True - Should Be Equal As Integers ${rc} 22 - Should Contain ${err} : 401 - -Metrics HTTP endpoint (stats) - ${out} ${err} ${rc} = Execute Command - ... timeout 10 curl -f http://127.0.0.1:9289/metrics - ... return_rc=True return_stderr=True - Should Be Equal As Integers ${rc} 0 - -Login TLS policy - [Template] Retry test - TLS required on non-secure IMAP connections - IMAPs endpoint login - -LDAP Login checks - [Template] Retry test - IMAP login good credentials - IMAP login bad credentials - AD user credentials are bad with LDAP - -Switch to AD user domain - Run task module/${MID}/configure-module - ... {"hostname":"mail.domain.test","user_domain":"ad.dom.test","mail_domain":"domain.test"} - -Active Directory Login checks - [Template] Retry test - IMAP login good credentials - IMAP login bad credentials - LDAP user credentials are bad with AD - -*** Keywords *** -LDAP user credentials are bad with AD - [Documentation] When bad credentials are issued the server replies with - ... a few seconds of delay. - ${out} ${err} ${rc} = Execute Command - ... timeout 9 curl -v -f -u u2:LdapPass,1234 imap://127.0.0.1 - ... return_rc=True return_stderr=True - Should Be Equal As Integers ${rc} 67 - Should Contain ${err} AUTHENTICATIONFAILED - -AD user credentials are bad with LDAP - [Documentation] When bad credentials are issued the server replies with - ... a few seconds of delay. - ${out} ${err} ${rc} = Execute Command - ... timeout 9 curl -v -f -u u2:AdPass,1234 imap://127.0.0.1 - ... return_rc=True return_stderr=True - Should Be Equal As Integers ${rc} 67 - Should Contain ${err} AUTHENTICATIONFAILED diff --git a/tests/20__rspamd.robot b/tests/20__rspamd.robot deleted file mode 100644 index 934aebc3..00000000 --- a/tests/20__rspamd.robot +++ /dev/null @@ -1,10 +0,0 @@ -*** Settings *** -Resource keywords.resource - -*** Test Cases *** - -Ping rspamd - ${out} ${err} ${rc} = Execute Command - ... curl http://127.0.0.1:11334/ping - ... return_rc=True return_stderr=True timeout=5s - Should Contain ${out} pong diff --git a/tests/30__clamav.robot b/tests/30__clamav.robot deleted file mode 100644 index 8f0882e6..00000000 --- a/tests/30__clamav.robot +++ /dev/null @@ -1,10 +0,0 @@ -*** Settings *** -Resource keywords.resource - -*** Test Cases *** - -Ping clamd - ${out} ${err} ${rc} = Execute Command - ... ( exec <>/dev/tcp/127.0.0.1/11330 1>&0 ; echo PING ; read resp ; test \${resp} \= PONG ) - ... return_rc=True return_stderr=True timeout=1s - Should Be Equal As Integers ${rc} 0 diff --git a/tests/30__postfix.robot b/tests/30__postfix.robot deleted file mode 100644 index b3692325..00000000 --- a/tests/30__postfix.robot +++ /dev/null @@ -1,30 +0,0 @@ -*** Settings *** -Resource api.resource -Resource user_domain.resource -Resource keywords.resource - -*** Test Cases *** -TCP ports are open - [Template] Retry until TCP port is open - 25 - 587 - 465 - 10587 - -Login TLS policy - [Template] Retry test - SMTP STARTTLS offered on port 25 - SMTP AUTH PLAIN not offered without TLS - SMTP AUTH submissions good login - SMTP AUTH PLAIN offered on 10587 - -*** Keywords *** -SMTP STARTTLS offered on port 25 - ${out} ${err} ${rc} = Execute Command - ... timeout 5 curl -v --mail-rcpt postmaster@domain.test smtp://127.0.0.1:25 - ... return_rc=True return_stderr=True - Should Be Equal As Integers ${rc} 0 - Should Contain ${err} ESMTP Postfix - Should Contain ${err} 250-STARTTLS - Should Not Contain ${err} 250-AUTH PLAIN LOGIN - Should Contain ${out} 252 2.0.0 postmaster@domain.test diff --git a/tests/40__api/10__domains.robot b/tests/40__api/10__domains.robot deleted file mode 100644 index 0d578df0..00000000 --- a/tests/40__api/10__domains.robot +++ /dev/null @@ -1,35 +0,0 @@ -*** Settings *** -Resource ../api.resource - -*** Variables *** -${test_domain} api-domains.test - -*** Test Cases *** -Create ${test_domain} domain - Run task module/${MID}/add-domain {"domain":"${test_domain}"} - -Check ${test_domain} is in the domain list - ${jpayload} = Run task module/${MID}/list-domains "" decode_json=${FALSE} - Should Contain ${jpayload} "${test_domain}" - -Change ${test_domain} properties - Run task module/${MID}/alter-domain {"domain":"${test_domain}","addusers":false,"addgroups":true,"catchall":{"dtype":"user","name":"u1"},"bccaddr":"spy@example.invalid","description":"My test case"} - -Check ${test_domain} properties are in the domain list - @{ldom} = Run task module/${MID}/list-domains "" - FOR ${odom} IN @{ldom} - IF "${odom}[domain]" == "${test_domain}" - Should Be Equal ${odom}[addusers] ${FALSE} - Should Be Equal ${odom}[addgroups] ${TRUE} - Should Be Equal ${odom}[catchall][name] u1 - Should Be Equal ${odom}[bccaddr] spy@example.invalid - Should Be Equal ${odom}[description] My test case - END - END - -Remove ${test_domain} domain - Run task module/${MID}/remove-domain {"domain":"${test_domain}"} - -Check ${test_domain} is no longer in the domain list - ${jpayload} = Run task module/${MID}/list-domains "" decode_json=${FALSE} - Should Not Contain ${jpayload} "${test_domain}" diff --git a/tests/40__api/20__addresses.robot b/tests/40__api/20__addresses.robot deleted file mode 100644 index f2abbcb5..00000000 --- a/tests/40__api/20__addresses.robot +++ /dev/null @@ -1,79 +0,0 @@ -*** Settings *** -Resource ../api.resource -Library Collections - -*** Variables *** -${test_domain} api-addresses.test - -*** Test Cases *** -Create domain ${test_domain} with users and groups - Run task module/${MID}/add-domain {"domain":"${test_domain}","addusers":true,"addgroups":true} - -Check users and groups addresses are in the address list - ${ou1} = Evaluate {"atype": "adduser","local": "u1","description": "First User"} - ${og1} = Evaluate {"atype": "addgroup","local": "g1","description": "Group One"} - ${laddresses} = Run task module/${MID}/list-addresses "" - Should Contain ${laddresses}[addresses] ${ou1} - Should Contain ${laddresses}[addresses] ${og1} - -Add a user address alias - Run task module/${MID}/add-address {"atype":"domain","local":"u1-alias","domain":"${test_domain}","destinations":[{"dtype":"user","name":"u1"}]} - -Add invalid address - Run task module/${MID}/add-address {"atype":"domain","local":"u1 alias","domain":"${test_domain}","destinations":[{"dtype":"user","name":"u1"}]} - ... rc_expected=10 - -Add a group address alias - Run task module/${MID}/add-address {"atype":"domain","local":"g1-alias","domain":"${test_domain}","destinations":[{"dtype":"group","name":"g1"}]} - -Add a public mailbox address alias - Run task module/${MID}/add-address {"atype":"domain","local":"mailadm","domain":"${test_domain}","destinations":[{"dtype":"public","name":"vmail+postmaster"}]} - -Add an address for a distribution list - Run task module/${MID}/add-address {"atype":"domain","local":"sales","domain":"${test_domain}","destinations":[{"dtype":"user","name":"u1"},{"dtype":"user","name":"u2"}]} - -Check the distribution list is public - ${laddresses} = Run task module/${MID}/list-addresses "" - FOR ${oaddr} IN @{laddresses}[addresses] - IF "${oaddr}[local]" == "sales" - Dictionary Should Not Contain Key ${oaddr} internal - END - END - -Set the distribution list internal - Run task module/${MID}/alter-address {"atype":"domain", "local":"sales", "domain":"${test_domain}", "internal":true} - -Check the distribution list is internal - ${laddresses} = Run task module/${MID}/list-addresses "" - FOR ${oaddr} IN @{laddresses}[addresses] - IF "${oaddr}[local]" == "sales" - Should Be Equal ${oaddr}[internal] ${TRUE} - END - END - -Add a wildcard address alias - Run task module/${MID}/add-address {"atype":"wildcard","local":"info","destinations":[{"dtype":"user","name":"u2"}]} - -Remove domain ${test_domain} - Run task module/${MID}/remove-domain {"domain":"${test_domain}"} - -Check the addresses bound to ${test_domain} were removed - ${ou1} = Evaluate {"atype": "adduser","local": "u1","description": "First User"} - ${og1} = Evaluate {"atype": "addgroup","local": "g1","description": "Group One"} - ${laddresses} = Run task module/${MID}/list-addresses "" - Should Contain ${laddresses}[addresses] ${ou1} - Should Not Contain ${laddresses}[addresses] ${og1} - Should Not Contain ${laddresses}[adduser_domains] ${test_domain} - Should Not Contain ${laddresses}[addgroup_domains] ${test_domain} - -Check the wildcard alias is still present - ${otarget} = Evaluate {"atype":"wildcard","local":"info","destinations":[{"dtype":"user","name":"u2","ui_name":"Second User"}]} - ${laddresses} = Run task module/${MID}/list-addresses "" - FOR ${oaddr} IN @{laddresses}[addresses] - IF "${oaddr}[local]" == "info" - Dictionaries Should Be Equal ${oaddr} ${otarget} - END - END - -Remove the wildcard address - Run task module/${MID}/remove-address {"atype":"wildcard","local":"info"} diff --git a/tests/40__api/30__mailboxes.robot b/tests/40__api/30__mailboxes.robot deleted file mode 100644 index 27644539..00000000 --- a/tests/40__api/30__mailboxes.robot +++ /dev/null @@ -1,132 +0,0 @@ -*** Settings *** -Resource ../api.resource -Resource ../user_domain.resource -Resource ../keywords.resource -Library Collections - -*** Test Cases *** -Check user mailboxes are available - ${jpayload} = Run task module/${MID}/list-user-mailboxes "" decode_json=${FALSE} - Should Contain ${jpayload} "u1" - Should Contain ${jpayload} "u2" - Should Contain ${jpayload} "u3" - Should Contain ${jpayload} "administrator" - -Check system and disabled mailboxes are unavailable - ${jpayload} = Run task module/${MID}/list-user-mailboxes "" decode_json=${FALSE} - Should Not Contain ${jpayload} "vmail" - Should Not Contain ${jpayload} "ldapservice" - -Change user mailbox attributes - Run task module/${MID}/alter-user-mailbox {"user":"u1","forward":{"destinations":[{"dtype":"user","name":"administrator"}]},"quota":{"limit":31},"spam_retention":{"value":7,"custom":true}} - -Check user mailbox attibute changes were applied - ${lmailboxes} = Run task module/${MID}/list-user-mailboxes "" - FOR ${ombx} IN @{lmailboxes}[user_mailboxes] - IF "${ombx}[user]" == "u1" - Should Be Equal ${ombx}[forward][destinations][0][name] administrator - Should Be Equal As Integers ${ombx}[quota][limit] 31 - Should Be Equal As Integers ${ombx}[spam_retention][value] 7 - ELSE - Should Be Equal As Integers ${ombx}[quota][limit] 0 - END - END - -Reset user mailbox forward - Run task module/${MID}/alter-user-mailbox {"user":"u1","forward":{"destinations":[]}} - -Disable user mailbox - Run task module/${MID}/set-mailbox-enabled {"user":"u1","enabled":false} - -Check the mailbox is disabled - ${lmailboxes} = Run task module/${MID}/list-user-mailboxes "" - FOR ${ombx} IN @{lmailboxes}[user_mailboxes] - IF "${ombx}[user]" == "u1" - Should Be Equal ${ombx}[enabled] ${FALSE} - ELSE - Should Be Equal As Integers ${ombx}[quota][limit] 0 - END - END - -Check the user SMTP login fails - Run Keyword And Expect Error 67 !\= 0 SMTP AUTH submissions good login - -Check the user IMAP login fails - Run Keyword And Expect Error 67 !\= 0 IMAP login good credentials - -Enable user mailbox - [Documentation] The API triggers Dovecot reload, subsequent auth request might fail for a while - Run task module/${MID}/set-mailbox-enabled {"user":"u1","enabled":true} - -Check the user IMAP login succeedes - Wait Until Keyword Succeeds 60 seconds 3 seconds IMAP login good credentials - -Check the user SMTP login succeedes - Run Keyword SMTP AUTH submissions good login - -Check the postmaster public mailbox is present - ${lmailboxes} = Run task module/${MID}/list-public-mailboxes "" - ${expected} = Evaluate json.loads('''{"mailbox": "postmaster", "acls": []}''') - List Should Contain Value ${lmailboxes} ${expected} - -Add a public employees mailbox - Run task module/${MID}/add-public-mailbox {"mailbox":"employees", "acls": [{"stype":"user","subject":{"name":"u1","dtype":"user"},"rights":{"rtype":"full"}},{"stype":"group","subject":{"name":"domain admins","dtype":"group"},"rights":{"rtype":"rw"}},{"stype":"user","subject":{"name":"u2","dtype":"user"},"rights":{"rtype":"ro"}}]} - -Check the public mailbox employees is properly configured - ${lmailboxes} = Run task module/${MID}/list-public-mailboxes "" - FOR ${ombx} IN @{lmailboxes} - IF "${ombx}[mailbox]" == "employees" - Length Should Be ${ombx}[acls] 3 - END - END - -Alter public mailbox acls - Run task module/${MID}/alter-public-mailbox {"mailbox":"employees", "acls": [{"stype":"user","subject":{"name":"u1","dtype":"user"},"rights":{"rtype":"full"}},{"stype":"user","subject":{"name":"u2","dtype":"user"},"rights":{"rtype":"ro"}}]} - -Check the ACL was removed from public mailbox employees - ${lmailboxes} = Run task module/${MID}/list-public-mailboxes "" - FOR ${ombx} IN @{lmailboxes} - IF "${ombx}[mailbox]" == "employees" - Length Should Be ${ombx}[acls] 2 - END - END - -Remove the public mailbox employees - Run task module/${MID}/remove-public-mailbox {"mailbox":"employees"} - ${lmailboxes} = Run task module/${MID}/list-public-mailboxes "" - ${expected} = Evaluate json.loads('''{"mailbox": "postmaster", "acls": []}''') - ${notexpected} = Evaluate json.loads('''{"mailbox": "employees", "acls": []}''') - List Should Contain Value ${lmailboxes} ${expected} - List Should Not Contain Value ${lmailboxes} ${notexpected} - -Add a public orphantest mailbox - Run task module/${MID}/add-public-mailbox {"mailbox":"orphantest", "acls": []} - -Remove orphantest mailbox via doveadm to simulate IMAP client deletion - [Documentation] Deletes the mailbox directly in Dovecot, bypassing the API, - ... which leaves orphaned entries in the postfix DB (addresses + destmap tables) - ${out} ${err} ${rc} = Execute Command - ... runagent -m ${MID} podman exec dovecot doveadm mailbox delete -u vmail orphantest - ... return_rc=True return_stderr=True - Should Be Equal As Integers ${rc} 0 - -Recreate orphantest mailbox succeeds despite orphaned DB entries - [Documentation] Verify add-public-mailbox does not fail when orphaned DB entries exist - ... from a previous doveadm deletion (INSERT OR IGNORE handles the conflict silently) - Run task module/${MID}/add-public-mailbox {"mailbox":"orphantest", "acls": []} - ${lmailboxes} = Run task module/${MID}/list-public-mailboxes "" - ${expected} = Evaluate json.loads('''{"mailbox": "orphantest", "acls": []}''') - List Should Contain Value ${lmailboxes} ${expected} - -Check orphantest alias is present after recreation - [Documentation] Verify the address alias is still exposed by list-addresses after recreation - ... even though INSERT OR IGNORE kept the pre-existing orphaned row without re-inserting it - ${laddresses} = Run task module/${MID}/list-addresses "" - ${expected} = Evaluate json.loads('''{"atype": "wildcard", "destinations": [{"dtype": "public", "name": "orphantest"}], "local": "orphantest"}''') - List Should Contain Value ${laddresses}[addresses] ${expected} - -Remove the orphantest public mailbox - Run task module/${MID}/remove-public-mailbox {"mailbox":"orphantest"} - ${lmailboxes} = Run task module/${MID}/list-public-mailboxes "" - ${notexpected} = Evaluate json.loads('''{"mailbox": "orphantest", "acls": []}''') - List Should Not Contain Value ${lmailboxes} ${notexpected} diff --git a/tests/40__api/40__master_users.robot b/tests/40__api/40__master_users.robot deleted file mode 100644 index 4b555fb3..00000000 --- a/tests/40__api/40__master_users.robot +++ /dev/null @@ -1,24 +0,0 @@ -*** Settings *** -Resource ../api.resource - -*** Test Cases *** -Get the initial list of master users - ${jpayload} = Run task module/${MID}/get-master-users "" decode_json=${FALSE} - Set Suite Variable ${mulorig} ${jpayload} - -Set u1 as master user - Run task module/${MID}/set-master-users {"master_users":["u1"]} - -Check u1 is in the master user list - ${getresp} = Run task module/${MID}/get-master-users "" - Should Contain ${getresp}[master_users] u1 - -Check u1 has master user IMAP privilege - ${out} ${err} ${rc} = Execute Command - ... timeout 9 curl -v -f -u u2*u1:Nethesis,1234 imap://127.0.0.1 - ... return_rc=True return_stderr=True - Should Be Equal As Integers ${rc} 0 - Should Contain ${out} * LIST (\\HasNoChildren) "/" INBOX - -Clean up the master user list - Run task module/${MID}/set-master-users ${mulorig} diff --git a/tests/40__api/50__filter.robot b/tests/40__api/50__filter.robot deleted file mode 100644 index c9b00efb..00000000 --- a/tests/40__api/50__filter.robot +++ /dev/null @@ -1,71 +0,0 @@ -*** Settings *** -Resource ../api.resource -Resource ../user_domain.resource -Library Collections -Suite Teardown Reset Rspamd thresholds - -*** Keywords *** -Reset Rspamd thresholds - Run task module/${MID}/set-filter-configuration - ... {"antivirus":{"enabled":true,"clamav_official_sigs":false,"third_party_sigs_rating":"medium"},"antispam":{"enabled":true,"greylist":{"enabled":false},"spam_flag_threshold":6.0,"deny_message_threshold":15.0,"prefix_email_subject":{"enabled":false}}} - Check default filter configuration - -Check default filter configuration - ${dpayload} = Run task module/${MID}/get-filter-configuration "" decode_json=${TRUE} - Should Be Equal As Numbers ${dpayload}[antispam][spam_flag_threshold] 6.0 - Should Be Equal As Numbers ${dpayload}[antispam][deny_message_threshold] 15.0 - Should Be Equal ${dpayload}[antispam][greylist][enabled] ${FALSE} - Should Be Equal ${dpayload}[antivirus][enabled] ${TRUE} - Should Be Equal ${dpayload}[antivirus][clamav_official_sigs] ${FALSE} - Should Be Equal ${dpayload}[antivirus][third_party_sigs_rating] medium - Should Be Equal As Integers ${dpayload}[bypass_rules] 0 - -*** Test Cases *** -Check the filter configuration is at default - Check default filter configuration - -Change filter settings - Run task module/${MID}/set-filter-configuration {"antivirus":{"enabled":false},"antispam":{"enabled":false}} - Run task module/${MID}/set-filter-configuration {"antivirus":{"enabled":true,"clamav_official_sigs":true,"third_party_sigs_rating":"high"},"antispam":{"enabled":true,"greylist":{"enabled":true,"threshold":3.32},"spam_flag_threshold":6.2,"deny_message_threshold":15.72,"prefix_email_subject":{"enabled":true,"prefix":"spAM!"}}} - -Check no bypass rules are present - ${dpayload} = Run task module/${MID}/list-bypass-rules "" decode_json=${TRUE} - Should Be Empty ${dpayload}[bypass_rules] - -Add some bypass rules - Run task module/${MID}/add-bypass-rule {"type":"email","direction":"from","value":"dude@external.test"} - Run task module/${MID}/add-bypass-rule {"type":"domain","direction":"from","value":"customer.domain.test"} - Run task module/${MID}/add-bypass-rule {"type":"cidr","direction":"from","value":"10.3.4.0/24"} - Run task module/${MID}/add-bypass-rule {"type":"ip","direction":"from","value":"10.9.8.7"} - Run task module/${MID}/add-bypass-rule {"type":"ip","direction":"from","value":"2345:0425:2CA1:0000:0000:0567:5673:23b5"} - Run task module/${MID}/add-bypass-rule {"type":"cidr","direction":"from","value":"2001:db8:1234::/48"} - -Added bypass rules are present - ${jpayload} = Run task module/${MID}/list-bypass-rules "" decode_json=${FALSE} - Should Contain ${jpayload} "dude@external.test" - Should Contain ${jpayload} "customer.domain.test" - Should Contain ${jpayload} "10.3.4.0/24" - Should Contain ${jpayload} "10.9.8.7" - Should Contain ${jpayload} "2345:0425:2CA1:0000:0000:0567:5673:23b5" - Should Contain ${jpayload} "2001:db8:1234::/48" - -Changed settings were applied - ${dpayload} = Run task module/${MID}/get-filter-configuration "" decode_json=${TRUE} - Should Be Equal As Numbers ${dpayload}[antispam][greylist][threshold] 3.319999 - Should Be Equal As Numbers ${dpayload}[antispam][spam_flag_threshold] 6.199999 - Should Be Equal As Numbers ${dpayload}[antispam][deny_message_threshold] 15.72 - Should Be Equal ${dpayload}[antivirus][clamav_official_sigs] ${TRUE} - Should Be Equal ${dpayload}[antivirus][third_party_sigs_rating] high - Should Be Equal As Integers ${dpayload}[bypass_rules] 6 - -Remove the bypass rules - Run task module/${MID}/remove-bypass-rule {"type":"email","direction":"from","value":"dude@external.test"} - Run task module/${MID}/remove-bypass-rule {"type":"domain","direction":"from","value":"customer.domain.test"} - Run task module/${MID}/remove-bypass-rule {"type":"cidr","direction":"from","value":"10.3.4.0/24"} - Run task module/${MID}/remove-bypass-rule {"type":"ip","direction":"from","value":"10.9.8.7"} - Run task module/${MID}/remove-bypass-rule {"type":"ip","direction":"from","value":"2345:0425:2CA1:0000:0000:0567:5673:23b5"} - Run task module/${MID}/remove-bypass-rule {"type":"cidr","direction":"from","value":"2001:db8:1234::/48"} - -Check again no bypass rules are present - ${dpayload} = Run task module/${MID}/list-bypass-rules "" decode_json=${TRUE} - Should Be Empty ${dpayload}[bypass_rules] diff --git a/tests/40__api/90__facts.robot b/tests/40__api/90__facts.robot deleted file mode 100644 index a6b16839..00000000 --- a/tests/40__api/90__facts.robot +++ /dev/null @@ -1,7 +0,0 @@ -*** Settings *** -Resource ../api.resource - -*** Test Cases *** -Collect facts - ${out} = Run task module/${MID}/get-facts "" - Should Not Be Empty ${out} diff --git a/tests/50__smtp/00__address.robot b/tests/50__smtp/00__address.robot deleted file mode 100644 index 8712123b..00000000 --- a/tests/50__smtp/00__address.robot +++ /dev/null @@ -1,101 +0,0 @@ -*** Settings *** -Documentation Delivery through mail address with different destination types -Resource smtp.resource -Suite Setup Create aliases and domains -Suite Teardown Remove aliases and domains -Test Tags address - -*** Test Cases *** -Single user destination - [Documentation] Address expanded to a single user - Send SMTP message to a1@inbound.test - Should be delivered via LMTP to u1 - Should not be delivered via LMTP to u2 - Should not be delivered via LMTP to u3 - -Multiple user destinations - [Documentation] Address expanded to multiple users - Send SMTP message to a3@inbound.test - Should be delivered via LMTP to u1 - Should be delivered via LMTP to u2 - Should be delivered via LMTP to u3 - -Multiple user and group destinations - [Documentation] Destinations can be both user and groups at the same time - Send SMTP message to a4@inbound.test - Should be delivered via LMTP to u1 - Should be delivered via LMTP to u2 - Should be delivered via LMTP to u3 - -Wildcard domain alias - [Documentation] Wildcard address matches each defined domain - Send SMTP message to a2@inbound.test - Should be delivered via LMTP to u1 - Send SMTP message to a2@addusers.test - Should be delivered via LMTP to u1 - Send SMTP message to a2@addgroups.test - Should be delivered via LMTP to u1 - -Mixing internal and external destinations - [Documentation] If the address has also an external destination, an outbound message is sent to it. - [Setup] Add relay rule wildcard * 127.0.0.1 10001 ${EMPTY} - [Teardown] Cleanup relay rules - Send SMTP message to a5@inbound.test - Should be relayed via SMTP - Should be delivered via LMTP to u1 - -Address not found - [Template] Should return SMTP unknown user error - unknown@addusers.test - unknown@addgroups.test - unknown@inbound.test - -User and group with the same name, user is expanded - [Tags] bug bug-6977 cantfix - [Documentation] Since bug-7552 this behavior is deliberately not implemented for - ... consistency with documentation. A unionmap:{} of laddgroupmembers.cf - ... and laddusers.cf could fix this use case. - Send SMTP message to info@addusers.test - Skip WANTFIX - The message is delivered to the group instead. - Should be delivered via LMTP to info - Should not be delivered via LMTP to u1 - Should not be delivered via LMTP to u2 - -User and group with the same name, group is expanded - [Tags] bug bug-6977 - [Documentation] OpenLDAP only, in AD users and groups cannot have the same name - Send SMTP message to info@addgroups.test - Should be delivered via LMTP to u1 - Should be delivered via LMTP to u2 - Should not be delivered via LMTP to info - -User and group with the same name, none is expanded - [Tags] bug bug-6977 - Should return SMTP unknown user error info@noaddflag.test - -User and group with the same name, both are expanded - [Tags] bug bug-6977 cantfix - [Documentation] OpenLDAP only, in AD users and groups cannot have the same name - Send SMTP message to info@inbound.test - Should be delivered via LMTP to u1 - Should be delivered via LMTP to u2 - Skip CANTFIX - The message is delivered only to the group - Should be delivered via LMTP to info - -*** Keywords *** -Create aliases and domains - # a1, a2 are defined by the parent suite - Run task module/${MID}/add-address {"atype":"domain","local":"a3","domain":"inbound.test","destinations":[{"dtype":"user","name":"u1"},{"dtype":"user","name":"u2"},{"dtype":"user","name":"u3"}]} - Run task module/${MID}/add-address {"atype":"domain","local":"a4","domain":"inbound.test","destinations":[{"dtype":"user","name":"u3"},{"dtype":"group","name":"g1"}]} - Run task module/${MID}/add-address {"atype":"domain","local":"a5","domain":"inbound.test","destinations":[{"dtype":"user","name":"u1"},{"dtype":"external","name":"external@wildcard.test"}]} - -Remove aliases and domains - Run task module/${MID}/remove-address {"atype":"domain","local":"a3","domain":"inbound.test"} - Run task module/${MID}/remove-address {"atype":"domain","local":"a4","domain":"inbound.test"} - Run task module/${MID}/remove-address {"atype":"domain","local":"a5","domain":"inbound.test"} - -Should return SMTP unknown user error - [Arguments] ${address} - Send SMTP message to ${address} - ... expect_curl_exitcode= - Should return SMTP error 550 5.1.1 <${address}>: Recipient address rejected: User unknown in virtual alias table diff --git a/tests/50__smtp/00__catchall.robot b/tests/50__smtp/00__catchall.robot deleted file mode 100644 index 0f5f1037..00000000 --- a/tests/50__smtp/00__catchall.robot +++ /dev/null @@ -1,43 +0,0 @@ -*** Settings *** -Documentation Messages to non-existing addresses are accepted and delivered to domain catchall -Resource smtp.resource -Suite Teardown Reset domain.test catchall -Test Tags catchall - -*** Test Cases *** -Existing user - [Documentation] Message for valid user does not go to catchall - [Setup] Set domain.test catchall to user u2 - Send SMTP message to u1@inbound.test - Should be delivered via LMTP to u1 - Should not be delivered via LMTP to u2 - -Existing group - [Documentation] Message for valid group does not go to catchall - [Setup] Set domain.test catchall to group g1 - Send SMTP message to u3@inbound.test - Should be delivered via LMTP to u3 - Should not be delivered via LMTP to u1 - Should not be delivered via LMTP to u2 - -Non-existing address to catchall user - [Setup] Set domain.test catchall to user u2 - Send SMTP message to unknown@inbound.test - Should be delivered via LMTP to u2 - -Non-existing address to catchall group - [Setup] Set domain.test catchall to group g1 - Send SMTP message to unknown@inbound.test - Should be delivered via LMTP to u1 - Should be delivered via LMTP to u2 - - -*** Keywords *** -Set domain.test catchall to - [Arguments] ${dtype} ${name} - Run task module/${MID}/alter-domain - ... {"domain":"inbound.test","catchall":{"dtype":"${dtype}","name":"${name}"}} - -Reset domain.test catchall - Run task module/${MID}/alter-domain - ... {"domain":"inbound.test","catchall":null} diff --git a/tests/50__smtp/00__deliver_to_user.robot b/tests/50__smtp/00__deliver_to_user.robot deleted file mode 100644 index 4934264c..00000000 --- a/tests/50__smtp/00__deliver_to_user.robot +++ /dev/null @@ -1,25 +0,0 @@ -*** Settings *** -Documentation Message is delivered to LDAP users with both AD and OpenLDAP user databases -Resource smtp.resource -Test Template Inbound Delivery Should Work -Test Tags delivery user - -*** Test Cases *** -With AD ad.dom.test -With OpenLDAP ldap.dom.test - -*** Keywords *** -Inbound Delivery Should Work - [Documentation] LDAP groups are correctly expanded and user delivery works - [Arguments] ${udom} - Switch user domain ${udom} - Send SMTP message to u1@inbound.test - Should be delivered via LMTP to u1 - Send SMTP message to g1@inbound.test - Should be delivered via LMTP to u1 - Should be delivered via LMTP to u2 - -Switch user domain - [Arguments] ${udom} - Run task module/${MID}/configure-module - ... {"hostname":"mail.domain.test","user_domain":"${udom}"} diff --git a/tests/50__smtp/00__dkim_signature.robot b/tests/50__smtp/00__dkim_signature.robot deleted file mode 100644 index fb7c5e1b..00000000 --- a/tests/50__smtp/00__dkim_signature.robot +++ /dev/null @@ -1,10 +0,0 @@ -*** Settings *** -Documentation Test doc -Resource smtp.resource -Suite Setup No Operation -Test Tags todo - -*** Test Cases *** - - -*** Keywords *** diff --git a/tests/50__smtp/00__internal_address.robot b/tests/50__smtp/00__internal_address.robot deleted file mode 100644 index 4e0da81c..00000000 --- a/tests/50__smtp/00__internal_address.robot +++ /dev/null @@ -1,72 +0,0 @@ -*** Settings *** -Documentation An address with "internal" flag is accessible only from trusted clients -Resource smtp.resource -Suite Setup Create aliases and domains -Suite Teardown Remove aliases and domains -Test Tags internal address domain - -*** Test Cases *** -User domain wildcard address is internal - Send SMTP message to i2@ldap.dom.test - ... expect_curl_exitcode=55 - Should return SMTP error 554 5.7.1 : Recipient address rejected: access denied - -User domain user is internal - Send SMTP message to u1@ldap.dom.test - ... expect_curl_exitcode=55 - Should return SMTP error 554 5.7.1 : Recipient address rejected: access denied - -User domain group is internal - Send SMTP message to g1@ldap.dom.test - ... expect_curl_exitcode=55 - Should return SMTP error 554 5.7.1 : Recipient address rejected: access denied - -Vmail is internal - Send SMTP message to vmail@ldap.dom.test - ... expect_curl_exitcode=55 - Should return SMTP error 554 5.7.1 : Recipient address rejected: access denied - -User alias internal address - Send SMTP message to i1@internal.test - ... expect_curl_exitcode=55 - Should return SMTP error 554 5.7.1 : Recipient address rejected: access denied - -Group alias internal address - Send SMTP message to i2@internal.test - ... expect_curl_exitcode=55 - Should return SMTP error 554 5.7.1 : Recipient address rejected: access denied - -User name internal address - Send SMTP message to u1@internal.test - ... expect_curl_exitcode=55 - Should return SMTP error 554 5.7.1 : Recipient address rejected: access denied - -Group name internal address - Send SMTP message to g1@internal.test - ... expect_curl_exitcode=55 - Should return SMTP error 554 5.7.1 : Recipient address rejected: access denied - -Accessible from trusted IP - Send SMTP message to i1@internal.test - ... mail_server=127.0.0.1 - Should be delivered via LMTP to u1 - -Accessible with SASL login - Send SMTP message to i1@internal.test - ... credentials=u1:Nethesis,1234 - Should be delivered via LMTP to u1 - -*** Keywords *** -Create aliases and domains - Run task module/${MID}/add-domain {"domain":"internal.test","addusers":true,"addgroups":true} - Run task module/${MID}/alter-address {"internal":true,"atype":"adduser","local":"u1"} - Run task module/${MID}/alter-address {"internal":true,"atype":"addgroup","local":"g1"} - Run task module/${MID}/add-address {"internal":true,"atype":"domain","local":"i1","domain":"internal.test","destinations":[{"dtype":"user","name":"u1"}]} - Run task module/${MID}/add-address {"internal":true,"atype":"wildcard","local":"i2","destinations":[{"dtype":"group","name":"g1"}]} - -Remove aliases and domains - Run task module/${MID}/remove-address {"atype":"domain","local":"i1","domain":"internal.test"} - Run task module/${MID}/remove-address {"atype":"wildcard","local":"i2"} - Run task module/${MID}/alter-address {"internal":false,"atype":"adduser","local":"u1"} - Run task module/${MID}/alter-address {"internal":false,"atype":"addgroup","local":"g1"} - Run task module/${MID}/remove-domain {"domain":"internal.test"} diff --git a/tests/50__smtp/00__public_mailbox.robot b/tests/50__smtp/00__public_mailbox.robot deleted file mode 100644 index 73df4639..00000000 --- a/tests/50__smtp/00__public_mailbox.robot +++ /dev/null @@ -1,18 +0,0 @@ -*** Settings *** -Documentation Message is delivered to public mailbox -Resource smtp.resource -Suite Setup Create public mailbox -Suite Teardown Remove public mailbox -Test Tags delivery public mailbox - -*** Test Cases *** -Public mailbox destination - Send SMTP message to pub1@inbound.test - Should be delivered via LMTP to vmail+pub1 - -*** Keywords *** -Create public mailbox - Run task module/${MID}/add-public-mailbox {"mailbox":"pub1","acls":[]} - -Remove public mailbox - Run task module/${MID}/remove-public-mailbox {"mailbox":"pub1"} diff --git a/tests/50__smtp/00__relay_alwaysbcc.robot b/tests/50__smtp/00__relay_alwaysbcc.robot deleted file mode 100644 index 033a20a6..00000000 --- a/tests/50__smtp/00__relay_alwaysbcc.robot +++ /dev/null @@ -1,28 +0,0 @@ -*** Settings *** -Documentation General switch for always bcc -Resource smtp.resource -Suite Setup Set alwaysbcc -Suite Teardown Reset alwaysbcc -Test Tags alwaysbcc - -*** Test Cases *** -Inbound message Bcc - Send SMTP message to u1@inbound.test - Should be delivered via LMTP to u1 - Should be delivered via LMTP to u2 - -Outbound message Bcc - Send SMTP message to someone@wildcard.test - ... from=u1@inbound.test - ... credentials=u1:Nethesis,1234 - Should be relayed via SMTP - Should be delivered via LMTP to u2 - -*** Keywords *** -Set alwaysbcc - Add relay rule wildcard * 127.0.0.1 10001 ${EMPTY} - Run task module/${MID}/set-always-bcc {"bcc": "u2@addusers.test"} - -Reset alwaysbcc - Run task module/${MID}/set-always-bcc {"bcc": ""} - Cleanup relay rules diff --git a/tests/50__smtp/00__relay_archive.robot b/tests/50__smtp/00__relay_archive.robot deleted file mode 100644 index 1baf24c3..00000000 --- a/tests/50__smtp/00__relay_archive.robot +++ /dev/null @@ -1,30 +0,0 @@ -*** Settings *** -Documentation Piler/Archive scenario based on always_bcc -Resource smtp.resource -Suite Setup Add Piler relay rule -Suite Teardown Remove Piler relay rule -Test Tags alwaysbcc - -*** Test Cases *** -Inbound message archive - Send SMTP message to u1@inbound.test - Should be relayed via SMTP port=10002 - Should be delivered via LMTP to u1 - -Outbound message archive - Send SMTP message to someone@wildcard.test - ... from=u1@inbound.test - ... credentials=u1:Nethesis,1234 - Should be relayed via SMTP port=10001 - Should be relayed via SMTP port=10002 - -*** Keywords *** -Add Piler relay rule - Add relay rule wildcard * 127.0.0.1 10001 ${EMPTY} - Add relay rule always-bcc archive@piler1 127.0.0.1 10002 ${EMPTY} - Run task module/${MID}/set-always-bcc {"bcc": "archive@piler1"} - -Remove Piler relay rule - Run task module/${MID}/set-always-bcc {"bcc": ""} - Cleanup relay rules - diff --git a/tests/50__smtp/00__relay_restrictions.robot b/tests/50__smtp/00__relay_restrictions.robot deleted file mode 100644 index 72cbc822..00000000 --- a/tests/50__smtp/00__relay_restrictions.robot +++ /dev/null @@ -1,36 +0,0 @@ -*** Settings *** -Documentation Only trusted clients are allowed to send outbound messages -Resource smtp.resource -Suite Setup Enable wildcard relay rule -Suite Teardown Cleanup relay rules -Test Tags relay policy - -*** Test Cases *** -Relay denied with public IP - Send SMTP message to somebody@wildcard.test - ... from=u1@addusers.test - ... expect_curl_exitcode=55 - Should return SMTP error 554 5.7.1 : Relay access denied - -Relay allowed with trusted IP - Send SMTP message to somebody@wildcard.test - ... from=u1@addusers.test - ... mail_server=127.0.0.1 - Should be relayed via SMTP - -Relay allowed with SASL login - Send SMTP message to somebody@wildcard.test - ... from=someaddress@wildcard.test - ... credentials=u3:Nethesis,1234 - Should be relayed via SMTP - -Relay denied with wrong SASL credentials - Send SMTP message to somebody@wildcard.test - ... from=someaddress@wildcard.test - ... credentials=u1:BadPassword - ... expect_curl_exitcode=67 - Should return SMTP error 535 5.7.8 Error: authentication failed - -*** Keywords *** -Enable wildcard relay rule - Add relay rule wildcard * 127.0.0.1 10001 ${EMPTY} diff --git a/tests/50__smtp/00__relay_rules.robot b/tests/50__smtp/00__relay_rules.robot deleted file mode 100644 index 796118e4..00000000 --- a/tests/50__smtp/00__relay_rules.robot +++ /dev/null @@ -1,66 +0,0 @@ -*** Settings *** -Documentation Relay rules must respect the documented priority. -... Remote host credentials are correctly selected and used for each rule. -... These tests expect unrestricted sender policy. - -Resource smtp.resource -Suite Setup Add relay rules -Suite Teardown Cleanup relay rules -Test Tags relayrules - -*** Test Cases *** -Wildcard rule has the lowest priority - Send SMTP message to somebody@wildcard.test - ... from=someone@otherdomain.test - ... credentials=u3:Nethesis,1234 - Should be relayed via SMTP port=10001 - -Sender address rule has medium priority - Send SMTP message to somebody@wildcard.test - ... from=u3@inbound.test - ... credentials=u3:Nethesis,1234 - Should be relayed via SMTP port=10002 smtp_user=usr_u3 - -Sender address rule honors TLS encryption - [Tags] bug bug-7626 - Skip "Not implemented" - -Sender domain rule has less priority than address match - Send SMTP message to somebody@wildcard.test - ... from=noreply@inbound.test - ... credentials=u3:Nethesis,1234 - Should be relayed via SMTP port=10002 smtp_user=${EMPTY} - -Sender domain rule honors TLS encryption - [Tags] bug bug-7626 - Skip "Not implemented" - -Sender domain rule provides the correct credentials - [Tags] bug bug-7551 - Send SMTP message to somebody@wildcard.test - ... from=noreply@addusers.test - ... credentials=u3:Nethesis,1234 - Should be relayed via SMTP port=10002 smtp_user=usr_bug7551 - -Recipient domain rule has less priority than address match - Send SMTP message to someone@rcptrule.test - ... from=u1@inbound.test - ... credentials=u1:Nethesis,1234 - Should be relayed via SMTP port=10003 smtp_user=${EMPTY} - -Recipient address rule has the highest priority - Send SMTP message to dude@rcptrule.test - ... from=u3@inbound.test - ... credentials=u3:Nethesis,1234 - Should be relayed via SMTP port=10004 smtp_user=usr_relay - -*** Keywords *** -Add relay rules - Add relay rule wildcard * 127.0.0.1 10001 ${EMPTY} - Add relay rule sender inbound.test 127.0.0.1 10002 ${EMPTY} - Add relay rule sender u1@inbound.test 127.0.0.1 10002 usr_u1 - Add relay rule sender u3@inbound.test 127.0.0.1 10002 usr_u3 - Add relay rule recipient rcptrule.test 127.0.0.1 10003 ${EMPTY} - Add relay rule sender addusers.test 127.0.0.1 10002 usr_bug7551 - Add relay rule sender g1@inbound.test 127.0.0.1 10002 usr_g1 - Add relay rule recipient dude@rcptrule.test 127.0.0.1 10004 usr_relay diff --git a/tests/50__smtp/00__sender_restrictions.robot b/tests/50__smtp/00__sender_restrictions.robot deleted file mode 100644 index 879559f4..00000000 --- a/tests/50__smtp/00__sender_restrictions.robot +++ /dev/null @@ -1,79 +0,0 @@ -*** Settings *** -Documentation Sender/login match is enforced -Resource smtp.resource -Suite Setup Enable sender restriction -Suite Teardown Disable sender restriction -Test Tags sender policy - -*** Test Cases *** -Sender corresponds to user name - Send SMTP message to dest@remote.test - ... from=u1@inbound.test - ... credentials=u1:Nethesis,1234 - Should be relayed via SMTP - -Sender corresponds to user's group name - Send SMTP message to dest@remote.test - ... from=g1@inbound.test - ... credentials=u1:Nethesis,1234 - Should be relayed via SMTP - -Sender corresponds to user's address with exact domain - Send SMTP message to dest@remote.test - ... from=a1@inbound.test - ... credentials=u1:Nethesis,1234 - Should be relayed via SMTP - -Sender corresponds to user's address with wildcard domain - Send SMTP message to dest@remote.test - ... from=a2@inbound.test - ... credentials=u1:Nethesis,1234 - Should be relayed via SMTP - -Sender is the name of another user - Send SMTP message to dest@remote.test - ... from=u2@inbound.test - ... credentials=u1:Nethesis,1234 - ... expect_curl_exitcode=55 - Should return SMTP error 553 5.7.1 : Sender address rejected: not owned by user u1 - -Sender is an address owned by another user - Send SMTP message to dest@remote.test - ... from=a1@inbound.test - ... credentials=u3:Nethesis,1234 - ... expect_curl_exitcode=55 - Should return SMTP error 553 5.7.1 : Sender address rejected: not owned by user u3 - -Sender is the name of a group not containing the user - Send SMTP message to dest@remote.test - ... from=g1@inbound.test - ... credentials=u3:Nethesis,1234 - ... expect_curl_exitcode=55 - Should return SMTP error 553 5.7.1 : Sender address rejected: not owned by user u3 - -Sender is an unknown address - Send SMTP message to dest@remote.test - ... from=invalid@inbound.test - ... credentials=u1:Nethesis,1234 - ... expect_curl_exitcode=55 - Should return SMTP error 553 5.7.1 : Sender address rejected: not owned by user u1 - -Sender is unrestricted on port 25 - Send SMTP message to u1@inbound.test - ... from=somebody@example.com - Should be delivered via LMTP to u1 - -Sender is unrestricted without SASL login - Send SMTP message to u2@inbound.test - ... from=somebody@example.com - ... mail_server=smtps://${PUBLIC_ADDRESS} - Should be delivered via LMTP to u2 - -*** Keywords *** -Enable sender restriction - Add relay rule wildcard * 127.0.0.1 10001 ${EMPTY} - Run task module/${MID}/set-relay-configuration {"postfix_restricted_sender":true} - -Disable sender restriction - Run task module/${MID}/set-relay-configuration {"postfix_restricted_sender":false} - Cleanup relay rules diff --git a/tests/50__smtp/00__userforwards.robot b/tests/50__smtp/00__userforwards.robot deleted file mode 100644 index 34f690ee..00000000 --- a/tests/50__smtp/00__userforwards.robot +++ /dev/null @@ -1,47 +0,0 @@ -*** Settings *** -Documentation Message for user with forward address is sent with or without copy -Resource smtp.resource -Suite Setup Enable wildcard relay rule -Suite Teardown Cleanup relay rules -Test Tags userforward outbound - -*** Test Cases *** -Forward to user - [Setup] Configure forward for user u3 to=u1 dtype=user - [Teardown] Cleanup forward for u3 - Send SMTP message to u3@inbound.test - Should be delivered via LMTP to u1 - Should not be delivered via LMTP to u3 - -Forward to user with copy - [Setup] Configure forward for user u3 to=u1 dtype=user keepcopy=true - [Teardown] Cleanup forward for u3 - Send SMTP message to u3@inbound.test - Should be delivered via LMTP to u1 - Should be delivered via LMTP to u3 - -Forward to group - [Setup] Configure forward for user u3 to=g1 dtype=group - [Teardown] Cleanup forward for u3 - Send SMTP message to u3@inbound.test - Should not be delivered via LMTP to u3 - Should be delivered via LMTP to u1 - Should be delivered via LMTP to u2 - -Forward to external address - [Setup] Configure forward for user u3 to=forward@wildcard.test dtype=external - [Teardown] Cleanup forward for u3 - Send SMTP message to u3@inbound.test - Should be relayed via SMTP 10001 usr_relay - Should not be delivered via LMTP to u3 - -*** Keywords *** -Configure forward for user - [Arguments] ${user} ${to} ${dtype}=user ${keepcopy}=false - Run task module/${MID}/alter-user-mailbox {"user":"${user}","forward":{"keepcopy":${keepcopy},"destinations":[{"dtype":"${dtype}","name":"${to}"}]}} - -Cleanup forward for ${user} - Run task module/${MID}/alter-user-mailbox {"user":"${user}","forward":{"destinations":[]}} - -Enable wildcard relay rule - Add relay rule wildcard * 127.0.0.1 10001 usr_relay diff --git a/tests/50__smtp/__init__.robot b/tests/50__smtp/__init__.robot deleted file mode 100644 index 1caa5c69..00000000 --- a/tests/50__smtp/__init__.robot +++ /dev/null @@ -1,97 +0,0 @@ -*** Settings *** -Library SSHLibrary -Resource ../api.resource - -Suite Setup Run keywords - ... Switch to OpenLDAP user domain - ... Create mail domains - ... Create mail aliases - ... Detect public IP address - ... Raise Rspamd Thresholds - ... Increase Postfix verbosity - ... Start SMTP sink servers -Suite Teardown Run keywords - ... Stop SMTP sink servers - ... Reset Postfix verbosity - ... Destroy mail aliases - ... Destroy mail domains - ... Reset Rspamd Thresholds - -*** Variables *** -${sink_script} SEPARATOR=\n -... set -e -... smtp-sink -v -u postfix -h relay1.smtp-sink.test :10001 128 & -... smtp-sink -v -u postfix -h relay2.smtp-sink.test :10002 128 & -... smtp-sink -v -u postfix -h relay3.smtp-sink.test :10003 128 & -... smtp-sink -v -u postfix -h relay4.smtp-sink.test :10004 128 & -${PUBLIC_ADDRESS} 127.0.0.1 # overridden by keyword - -*** Keywords *** -Switch to OpenLDAP user domain - Run task module/${MID}/configure-module - ... {"hostname":"mail.domain.test","user_domain":"ldap.dom.test"} - -Increase Postfix verbosity - [Documentation] Set POSTFIX_DEBUG=5 to write in journal a detailed trace of relay credentials - Execute Command runagent -m ${MID} python3 -c 'import agent ; agent.set_env("POSTFIX_DEBUG", "5")' - Execute Command runagent -m ${MID} systemctl --user postfix reload - -Reset Postfix verbosity - Execute Command runagent -m ${MID} python3 -c 'import agent ; agent.unset_env("POSTFIX_DEBUG")' - Execute Command runagent -m ${MID} systemctl --user postfix reload - -Raise Rspamd Thresholds - Run task module/${MID}/set-filter-configuration {"antispam":{"enabled":true,"spam_flag_threshold":15.0,"deny_message_threshold":20.0}} - -Reset Rspamd Thresholds - Run task module/${MID}/set-filter-configuration {"antispam":{"enabled":true,"spam_flag_threshold":6.0,"deny_message_threshold":15.0}} - -Start SMTP sink servers - Stop SMTP sink servers - Execute Command runagent -m ${MID} podman exec postfix ash -c 'apk update && apk add postfix-stone' - ${out} ${err} ${rc} = Execute Command runagent -m ${MID} podman exec -i postfix ash -s <<'EOF'\n${sink_script}\nEOF\n - ... return_rc=True return_stderr=True - Should Be Equal As Integers ${rc} 0 smtp-sink servers startup failed - -Stop SMTP sink servers - Execute Command runagent -m ${MID} podman exec postfix ash -c 'killall smtp-sink' - -Detect public IP address - ${out}= Execute Command bash -c "ip -o route get 255.0 2>/dev/null | sed -e 's/.*src \\([^ ]*\\) .*/\\1/'" - VAR ${PUBLIC_ADDRESS} ${out} scope=SUITES - Log To Console Public IP address: ${PUBLIC_ADDRESS} - -Create mail domains - Log To Console Create mail domain addusers.test - Run task module/${MID}/add-domain - ... {"domain":"addusers.test","addusers":true,"addgroups":false} - Log To Console Create mail domain addgroups.test - Run task module/${MID}/add-domain - ... {"domain":"addgroups.test","addusers":false,"addgroups":true} - Log To Console Create mail domain inbound.test (with both flags, addusers/groups) - Run task module/${MID}/add-domain - ... {"domain":"inbound.test","addusers":true,"addgroups":true} - Log To Console Create mail domain noaddflag.test (without any addusers/groups flag) - Run task module/${MID}/add-domain - ... {"domain":"noaddflag.test","addusers":false,"addgroups":false} - - -Destroy mail domains - Run task module/${MID}/remove-domain - ... {"domain":"addusers.test"} - Run task module/${MID}/remove-domain - ... {"domain":"addgroups.test"} - Run task module/${MID}/remove-domain - ... {"domain":"inbound.test"} - Run task module/${MID}/remove-domain - ... {"domain":"noaddflag.test"} - -Create mail aliases - Log To Console Address a1@inbound.test -> u1 - Run task module/${MID}/add-address {"atype":"domain","local":"a1","domain":"inbound.test","destinations":[{"dtype":"user","name":"u1"}]} - Log To Console Address a2@* -> u1 - Run task module/${MID}/add-address {"atype":"wildcard","local":"a2","destinations":[{"dtype":"user","name":"u1"},{"dtype":"group","name":"g2"}]} - -Destroy mail aliases - Run task module/${MID}/remove-address {"atype":"domain","local":"a1","domain":"inbound.test"} - Run task module/${MID}/remove-address {"atype":"wildcard","local":"a2"} diff --git a/tests/50__smtp/smtp.resource b/tests/50__smtp/smtp.resource deleted file mode 100644 index 81d1da83..00000000 --- a/tests/50__smtp/smtp.resource +++ /dev/null @@ -1,103 +0,0 @@ -*** Settings *** -Library SSHLibrary -Library DateTime -Library String -Library Collections -Resource ../api.resource - -*** Keywords *** -Send SMTP message to - [Arguments] ${to} ${from}=default@example.org ${credentials}= ${expect_curl_exitcode}=0 ${mail_server}=${PUBLIC_ADDRESS} - ${username} = Fetch From Left ${credentials} : - ${LAST_TIMESTAMP} = Get Current Date - Set Test Variable ${LAST_TIMESTAMP} - IF r'${credentials}' == '' - ${out} ${err} ${rc} = Execute Command - ... MAIL_SERVER=${mail_server} bash /tmp/test-mta.sh ${to} ${from} - ... return_rc=True return_stderr=True - ELSE - ${out} ${err} ${rc} = Execute Command - ... MAIL_SERVER=${mail_server} bash /tmp/test-msa.sh ${to} ${from} ${credentials} - ... return_rc=True return_stderr=True - END - Set Test Variable ${LAST_CURL_EXITCODE} ${rc} - Set Test Variable ${LAST_CURL_ERROR} ${err} - Set Test Variable ${LAST_QUEUE_ID} ${EMPTY} - IF r'${expect_curl_exitcode}' == '0' - Should Be Equal As Integers ${rc} 0 Unexpected curl exit code ${rc}: ${err} - ${LAST_QUEUE_ID} = Get Queue ID From Output ${err} - Should Not Be Empty ${LAST_QUEUE_ID} Error: queue ID not set, ${err} - ELSE IF r'${expect_curl_exitcode}' != '' - Should Be Equal As Integers ${rc} ${expect_curl_exitcode} Unexpected curl exit code ${rc}: ${err} - END - -Get Queue ID From Output - [Arguments] ${text} - ${group_matches} = Get Regexp Matches ${text} queued as (\\w+) 1 - Should Not Be Empty ${group_matches} Queue ID not found in output - ${queue_id} = Get From List ${group_matches} 0 - RETURN ${queue_id} - -Should be relayed via SMTP - [Tags] outbound - [Arguments] ${port}=10001 ${smtp_user}= - Sleep 500ms - Wait Until Keyword Succeeds 3 1s - ... Check SMTP delivery by journal ${port} ${smtp_user} - -Should return SMTP error - [Arguments] ${pattern} - Should Match ${LAST_CURL_ERROR} *${pattern}* msg=Error from curl doesn't match pattern `${pattern}`: `${LAST_CURL_ERROR}`. - -Check SMTP delivery by journal - [Documentation] Check if the journal contents since last keyword run - ... match the password lookup and delivery patterns. - [Arguments] ${rport} ${ruser} - ${out} ${err} ${rc} = Execute Command - ... journalctl -o cat -t postfix/smtp -S '${LAST_TIMESTAMP}' - ... return_rc=True return_stderr=True - ${queue_id_pattern} = Set Variable ${LAST_QUEUE_ID}: to\=<*>, relay\=127.0.0.1[[]127.0.0.1[]]:${rport}, * status\=sent (250 2.0.0 Ok) - Should Not Be Empty ${out} Journal returned no contents for relay user ${ruser}, relay port ${rport}, queue ID ${LAST_QUEUE_ID}, and curl error ${LAST_CURL_ERROR} - IF bool(r'${ruser}') - Should Match ${out} *smtp_sasl_passwd_lookup: host `127.0.0.1' user `${ruser}' pass `${ruser}-pass'*${queue_id_pattern}* - ... postfix/smtp credentials and delivery pattern do not match - ELSE - Should Not Match ${out} *smtp_sasl_passwd_lookup: host `127.0.0.1' user * pass * - ... postfix/smtp should not use credentials - Should Match ${out} *${queue_id_pattern}* - ... postfix/smtp delivery pattern does not match - END - -Should be delivered via LMTP to - [Tags] inbound - [Documentation] Check if the message was passed to Dovecot via LMTP. - ... If ${rcpt} argument is specified, ensure it matches the expected user name. - [Arguments] ${rcpt}=* - Sleep 500ms - Wait Until Keyword Succeeds 3 1s - ... Check LMTP delivery by journal ${rcpt} - -Should not be delivered via LMTP to - [Tags] inbound - [Arguments] ${rcpt} - Run Keyword And Expect Error - ... *: postfix/lmtp delivery record for message * not found:* - ... Should be delivered via LMTP to ${rcpt} - -Check LMTP delivery by journal - [Arguments] ${rcpt} - ${out} ${err} ${rc} = Execute Command - ... journalctl -o cat -t postfix/lmtp -S '${LAST_TIMESTAMP}' - ... return_rc=True return_stderr=True - Should Match ${out} *${LAST_QUEUE_ID}: to\=<${rcpt}@*status\=sent (250 2.0.0 * Saved)* - ... postfix/lmtp delivery record for message ${LAST_QUEUE_ID} not found - -Add relay rule - [Arguments] ${rtype} ${rsubject} ${rhost} ${rport} ${rusername} - Run task module/${MID}/add-relay-rule {"rule_type":"${rtype}","rule_subject":"${rsubject}","host":"${rhost}","port":${rport},"mandatory_tls":false,"username":"","password":"","enabled":true} - IF r'$rusername' != "" - Execute Command runagent -m ${MID} podman exec -w /srv postfix sqlite3 pcdb.sqlite "UPDATE relayrules SET username='${rusername}', password='${rusername}-pass' WHERE rule_subject LIKE '${rsubject}' AND rule_type == '${rtype}'" - END - -Cleanup relay rules - Execute Command runagent -m ${MID} podman exec -w /srv postfix sqlite3 pcdb.sqlite 'DELETE FROM relayrules;' diff --git a/ui/src/views/About.vue b/ui/src/views/About.vue index ea839077..cc55cf12 100644 --- a/ui/src/views/About.vue +++ b/ui/src/views/About.vue @@ -3,6 +3,7 @@ SPDX-License-Identifier: GPL-3.0-or-later -->