aboutsummaryrefslogtreecommitdiffstats
path: root/moonv4/moon_interface
diff options
context:
space:
mode:
authorasteroide <thomas.duval@orange.com>2017-05-05 11:16:38 +0200
committerasteroide <thomas.duval@orange.com>2017-05-05 11:16:38 +0200
commit94aa78ca23c4db13a0752fbdd0df96730b1e7288 (patch)
tree4e77ef8776d5f93b12eae84696f953faf7c3ea6e /moonv4/moon_interface
parent67369036badcb4ae84fb7c1c7d7dabfab27326e6 (diff)
Code update for chaining policies.
Change-Id: If9f6c2640492f69d0f3af2118fade72700df47e6
Diffstat (limited to 'moonv4/moon_interface')
-rw-r--r--moonv4/moon_interface/moon_interface/tools.py1
-rw-r--r--moonv4/moon_interface/tests/apitests/scenario/mls.py1
-rw-r--r--moonv4/moon_interface/tests/apitests/scenario/rbac.py7
-rw-r--r--moonv4/moon_interface/tests/apitests/set_authz.py9
4 files changed, 13 insertions, 5 deletions
diff --git a/moonv4/moon_interface/moon_interface/tools.py b/moonv4/moon_interface/moon_interface/tools.py
index 3c0fffa5..443519ac 100644
--- a/moonv4/moon_interface/moon_interface/tools.py
+++ b/moonv4/moon_interface/moon_interface/tools.py
@@ -29,7 +29,6 @@ def timeit(function):
return wrapper
-@timeit
def call(topic="security_router", ctx=None, method="route", **kwargs):
if not ctx:
ctx = dict()
diff --git a/moonv4/moon_interface/tests/apitests/scenario/mls.py b/moonv4/moon_interface/tests/apitests/scenario/mls.py
index fab1d528..e36a86bc 100644
--- a/moonv4/moon_interface/tests/apitests/scenario/mls.py
+++ b/moonv4/moon_interface/tests/apitests/scenario/mls.py
@@ -39,6 +39,7 @@ meta_rule = {
rules = {
"mls": (
("high", "medium", "vm-action"),
+ ("high", "low", "vm-action"),
("medium", "low", "vm-action"),
)
}
diff --git a/moonv4/moon_interface/tests/apitests/scenario/rbac.py b/moonv4/moon_interface/tests/apitests/scenario/rbac.py
index 073f1d65..cd08308e 100644
--- a/moonv4/moon_interface/tests/apitests/scenario/rbac.py
+++ b/moonv4/moon_interface/tests/apitests/scenario/rbac.py
@@ -4,7 +4,7 @@ policy_name = "RBAC policy example"
model_name = "RBAC"
subjects = {"user0": "", "user1": "", }
-objects = {"vm0": "", }
+objects = {"vm0": "", "vm1": "", }
actions = {"start": "", "stop": ""}
subject_categories = {"role": "", }
@@ -12,11 +12,11 @@ object_categories = {"id": "", }
action_categories = {"action-type": "", }
subject_data = {"role": {"admin": "", "employee": ""}}
-object_data = {"id": {"vm1": "", "vm2": ""}}
+object_data = {"id": {"vm0": "", "vm1": ""}}
action_data = {"action-type": {"vm-action": "", }}
subject_assignments = {"user0": {"role": "admin"}, "user1": {"role": "employee"}, }
-object_assignments = {"vm0": {"id": "vm1"}}
+object_assignments = {"vm0": {"id": "vm0"}, "vm1": {"id": "vm1"}}
action_assignments = {"start": {"action-type": "vm-action"}, "stop": {"action-type": "vm-action"}}
meta_rule = {
@@ -25,6 +25,7 @@ meta_rule = {
rules = {
"rbac": (
+ ("admin", "vm0", "vm-action"),
("admin", "vm1", "vm-action"),
)
}
diff --git a/moonv4/moon_interface/tests/apitests/set_authz.py b/moonv4/moon_interface/tests/apitests/set_authz.py
index 7d0d5069..38b63509 100644
--- a/moonv4/moon_interface/tests/apitests/set_authz.py
+++ b/moonv4/moon_interface/tests/apitests/set_authz.py
@@ -40,4 +40,11 @@ if not keystone_project_id:
for rule in rules:
url = "http://172.18.0.11:38001/authz/{}/{}".format(keystone_project_id, "/".join(rule))
req = requests.get(url)
- print(url, req.status_code)
+ print("\033[1m{}\033[m {}".format(url, req.status_code))
+ j = req.json()
+ # print(j)
+ if j.get("authz"):
+ print("\t\033[32m{}\033[m {}".format(j.get("authz"), j.get("error", "")))
+ else:
+ print("\t\033[31m{}\033[m {}".format(j.get("authz"), j.get("error", "")))
+