handle auth request for unsigned updates on KDE

When a package is unsigned, KDE will prompt for authentication.
Let's handle this. But count it as a soft fail, because
puiterwijk claims that Rawhide packages will be autosigned
from next week, so this *should* not happen and would indicate
an unsigned package in the repos. We make the KDE 'update
complete' needle area smaller because the wider area includes
some transparency and so will only match if the update applet
is open; this area will match whether it's open (no auth case)
or not open (auth case - the applet seems to disappear after
you provide the password in the auth prompt).

Pushing without review as the test is in production so I want
to make sure it works correctly.

(Also, hey, check out that array match for assert_screen and
that match_has_tag! This is gonna make some things so much
easier...thanks upstream)

needles/kde/desktop_package_tool_update_authenticate.json

@@ -0,0 +1,16 @@
+{
+  "properties": [],
+  "area": [
+    {
+      "xpos": 254,
+      "ypos": 167,
+      "width": 71,
+      "height": 61,
+      "type": "match"
+    }
+  ],
+  "tags": [
+    "DESKTOP-kde",
+    "desktop_package_tool_update_authenticate"
+  ]
+}

needles/kde/desktop_package_tool_update_done.json

@@ -1,16 +1,16 @@
 {
-  "properties": [],
-  "area": [
-    {
-      "xpos": 634,
-      "ypos": 665,
-      "width": 41,
-      "height": 44,
-      "type": "match"
-    }
-  ],
-  "tags": [
-    "DESKTOP-kde",
-    "desktop_package_tool_update_done"
-  ]
+    "area": [
+        {
+            "height": 24,
+            "type": "match",
+            "width": 21,
+            "xpos": 644,
+            "ypos": 675
+        }
+    ],
+    "properties": [],
+    "tags": [
+        "DESKTOP-kde",
+        "desktop_package_tool_update_done"
+    ]
 }

tests/desktop_update_graphical_postinstall.pm

@@ -1,6 +1,7 @@
 use base "installedtest";
 use strict;
 use testapi;
+use main_common;
 use packagetest;
 
 sub run {
@@ -46,6 +47,11 @@ sub run {
         mouse_set 10, 10;
         mouse_hide;
     }
+    # KDE annoyingly pops the notification up right over the install
+    # button, which doesn't help...wait for it to go away
+    if ($desktop eq 'kde') {
+        wait_still_screen 5;
+    }
     assert_and_click 'desktop_package_tool_update_apply';
     # on GNOME, wait for reboots.
     if ($desktop eq 'gnome') {
@@ -58,7 +64,19 @@ sub run {
         assert_screen 'graphical_login', 300;
     }
     else {
-        assert_screen 'desktop_package_tool_update_done', 180;
+        # KDE will prompt for authentication if any package is not
+        # signed. As of 2016-09-23, puiterwijk claims Rawhide packages
+        # will be autosigned 'by Monday', so if this happens, we're
+        # going to treat it as a soft fail, indicating the update
+        # mechanism works, but a package that should have been signed
+        # was not.
+        assert_screen ['desktop_package_tool_update_done', 'desktop_package_tool_update_authenticate'], 180;
+        if (match_has_tag('desktop_package_tool_update_authenticate')) {
+            record_soft_failure;
+            type_very_safely get_var('USER_PASSWORD', 'weakpassword');
+            send_key 'ret';
+            assert_screen 'desktop_package_tool_update_done', 180;
+        }
     }
     # back to console to verify updates
     $self->root_console(tty=>3);