add test for bulk vulnerability analysis

ColeHiggins2 · ColeHiggins2 · commit fb46d292471f · 2026-02-11T15:07:39.000-05:00
diff --git a/tests/foreman/ui/test_rhcloud_insights_vulnerability.py b/tests/foreman/ui/test_rhcloud_insights_vulnerability.py
@@ -49,12 +49,30 @@ def setup_content_for_iop(module_target_sat_insights, rhcloud_manifest_org):
     assert satellite.execute('systemctl start iop-service-vuln-vmaas-sync').status == 0
 
 
+@pytest.fixture
+def vulnerable_rhel_host(rhel_insights_vm):
+    """Fixture to prepare a RHEL host with a vulnerable package"""
+    GLIBC_RPM = 'glibc-2.39-43.el10_0.x86_64'
+    client = rhel_insights_vm
+    # Remove any static repos and update to the latest packages available from the Satellite
+    assert (
+        client.execute(
+            "find /etc/yum.repos.d/ -type f | grep -vF redhat.repo | xargs -I '{}' rm '{}'"
+        ).status
+        == 0
+    )
+    assert client.execute('dnf -y update').status == 0
+    # Downgrade to vulnerable glibc version
+    assert client.execute(f'dnf downgrade -y {GLIBC_RPM}').status == 0
+    return client
+
+
 @pytest.mark.e2e
 @pytest.mark.no_containers
 @pytest.mark.rhel_ver_list([10])
 @pytest.mark.parametrize('module_target_sat_insights', [False], ids=['local'], indirect=True)
 def test_rhcloud_insights_vulnerabilities_e2e(
-    rhel_insights_vm,
+    vulnerable_rhel_host,
     rhcloud_manifest_org,
     module_target_sat_insights,
     setup_content_for_iop,
@@ -79,24 +97,11 @@ def test_rhcloud_insights_vulnerabilities_e2e(
     :verifies: SAT-30762
     """
     CVE_ID = 'CVE-2025-8058'
-    GLIBC_RPM = 'glibc-2.39-43.el10_0.x86_64'
 
     satellite = module_target_sat_insights
-    client = rhel_insights_vm
+    client = vulnerable_rhel_host
     hostname = client.hostname
 
-    # Remove any static repos and update to the latest packages available from the Satellite
-    assert (
-        client.execute(
-            "find /etc/yum.repos.d/ -type f | grep -vF redhat.repo | xargs -I '{}' rm '{}'"
-        ).status
-        == 0
-    )
-    assert client.execute('dnf -y update').status == 0
-
-    # Downgrade to vulnerable glibc version
-    assert client.execute(f'dnf downgrade -y {GLIBC_RPM}').status == 0
-
     with satellite.ui_session() as session:
         session.organization.select(org_name=rhcloud_manifest_org.name)
 
@@ -115,3 +120,69 @@ def test_rhcloud_insights_vulnerabilities_e2e(
             CVE_ID, hostname
         )
         assert any(vuln.get('CVE ID') == CVE_ID for vuln in vulnerabilities)
+
+
+@pytest.mark.e2e
+@pytest.mark.no_containers
+@pytest.mark.rhel_ver_list([9, 10])
+@pytest.mark.parametrize('module_target_sat_insights', [False], ids=['local'], indirect=True)
+def test_positive_bulk_disable_vulnerability_analysis(
+    vulnerable_rhel_host,
+    rhcloud_manifest_org,
+    module_target_sat_insights,
+    setup_content_for_iop,
+):
+    """Test disabling vulnerability analysis for a host via kebab menu on All Hosts page
+
+    :id: 4e7ba195-235d-4f4e-86d0-2ab9b2db4bf0
+
+    :steps:
+        1. Navigate to All Hosts page
+        2. Add "Total CVEs" column from Red Hat Lightspeed section
+        3. Search for the registered insights RHEL host
+        4. Verify the Total CVEs value is greater than 1
+        5. Use bulk action to select all hosts and disable vulnerability analysis
+        6. Verify the Total CVEs column now shows "Analysis disabled"
+
+    :expectedresults:
+        1. Total CVEs column is successfully added and displayed
+        2. Host shows CVE count greater than 1 initially
+        3. After bulk disable action, Total CVEs column shows "Analysis disabled"
+
+    :Verifies: SAT-40203
+    """
+    satellite = module_target_sat_insights
+    client = vulnerable_rhel_host
+    hostname = client.hostname
+
+    with satellite.ui_session() as session:
+        # Select the correct organization
+        session.organization.select(org_name=rhcloud_manifest_org.name)
+        session.all_hosts.get_displayed_table_headers()
+        session.all_hosts.manage_table_columns({'Total CVEs': True})
+
+        # Verify the column is displayed
+        displayed_columns = session.all_hosts.get_displayed_table_headers()
+        assert 'Total CVEs' in displayed_columns, (
+            f"Total CVEs column not found. Available columns: {displayed_columns}"
+        )
+
+        # Search for the registered host and total cves
+        table_data = session.all_hosts.search(hostname)
+        assert len(table_data) > 0, f"Host {hostname} not found after search"
+        assert int(table_data[0]['Total CVEs']) > 1
+        host_row = table_data[0]
+        assert hostname in table_data[0]['Name'], (
+            f"Expected host {hostname}, but got {host_row['Name']}"
+        )
+
+        # Use bulk action to disable vulnerability analysis for all hosts
+        session.all_hosts.manage_vulnerability_analysis('Disable')
+
+        # Search for the host again and verify status changed to "Analysis disabled"
+        table_data = session.all_hosts.search(hostname)
+        assert len(table_data) > 0, f"Host {hostname} not found after search"
+        assert table_data[0]['Total CVEs'] == 'Analysis disabled', (
+            f"Expected 'Analysis disabled' but got '{table_data[0]['Total CVEs']}'"
+        )
+
