Add instructions tag in each rule

Change-Id: Ib63ad8c4b2261d993ee156fae18fd315a775dbd0
author: asteroide <thomas.duval@orange.com> 2017-05-09 10:16:06 +0200
committer: asteroide <thomas.duval@orange.com> 2017-05-09 10:16:06 +0200
commit: 4dc3cabba46fad28f5018aea516c560d497e9147 (patch)
tree: ac74e7a9b8dfd627be0326117e99a83005574dd2 /moonv4/moon_interface/tests/apitests/scenario/session.py
parent: 94aa78ca23c4db13a0752fbdd0df96730b1e7288 (diff)
1 files changed, 55 insertions, 0 deletions
diff --git a/moonv4/moon_interface/tests/apitests/scenario/session.py b/moonv4/moon_interface/tests/apitests/scenario/session.py
new file mode 100644
index 00000000..6b7e0f18
--- /dev/null
+++ b/moonv4/moon_interface/tests/apitests/scenario/session.py
@@ -0,0 +1,55 @@
+
+pdp_name = "pdp1"
+policy_name = "Session policy example"
+model_name = "Session"
+
+subjects = {"user0": "", "user1": "", }
+objects = {"admin": "", "employee": "", }
+actions = {"activate": "", "deactivate": ""}
+
+subject_categories = {"subjectid": "", }
+object_categories = {"role": "", }
+action_categories = {"session-action": "", }
+
+subject_data = {"subjectid": {"user0": "", "user1": ""}}
+object_data = {"role": {"admin": "", "employee": ""}}
+action_data = {"session-action": {"activate": "", "deactivate": ""}}
+
+subject_assignments = {"user0": {"subjectid": "user0"}, "user1": {"subjectid": "user1"}, }
+object_assignments = {"admin": {"role": "admin"}, "employee": {"role": "employee"}}
+action_assignments = {"activate": {"session-action": "activate"}, "deactivate": {"session-action": "deactivate"}}
+
+meta_rule = {
+    "session": {"id": "", "value": ("subjectid", "role", "session-action")},
+}
+
+rules = {
+    "session": (
+        {
+            "rule": ("user0", "admin", "activate"),
+            "instructions": (
+                {
+                    "update": {
+                        "operation": "add",
+                        "target": "rbac:role:admin"  # add the role admin to the current user
+                    }
+                },
+                {"chain": [{"security_pipeline": "rbac"}]}  # chain with the meta_rule named rbac
+            )
+        },
+        {
+            "rule": ("user1", "employee", "deactivate"),
+            "instructions": (
+                {
+                    "update": {
+                        "operation": "delete",
+                        "target": "rbac:role:employee"  # delete the role employee from the current user
+                    }
+                },
+                {"chain": [{"security_pipeline": "rbac"}]}  # chain with the meta_rule named rbac
+            )
+        },
+    )
+}
+
+
author	asteroide <thomas.duval@orange.com>	2017-05-09 10:16:06 +0200
committer	asteroide <thomas.duval@orange.com>	2017-05-09 10:16:06 +0200
commit	4dc3cabba46fad28f5018aea516c560d497e9147 (patch)
tree	ac74e7a9b8dfd627be0326117e99a83005574dd2 /moonv4/moon_interface/tests/apitests/scenario/session.py
parent	94aa78ca23c4db13a0752fbdd0df96730b1e7288 (diff)