aboutsummaryrefslogtreecommitdiffstats
path: root/moonv4/tests/01_smpolicy_average_latency/scenario/10
diff options
context:
space:
mode:
authorasteroide <thomas.duval@orange.com>2017-07-06 15:35:12 +0200
committerasteroide <thomas.duval@orange.com>2017-07-06 15:35:12 +0200
commit19dd4e461d1239754bd1a82e30f2a770c99a7f90 (patch)
tree28c57a5802c805dbbe10e760dff159e499fc9622 /moonv4/tests/01_smpolicy_average_latency/scenario/10
parent53a64609bd5b3f02a3bdf7d85030db8f2028cada (diff)
Add test files for the evaluation
Change-Id: Ieceeef68ce701b913aaccd900218fbee896f48df
Diffstat (limited to 'moonv4/tests/01_smpolicy_average_latency/scenario/10')
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_01.py89
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_02.py89
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_03.py89
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_04.py89
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_05.py89
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_06.py89
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_07.py89
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_08.py89
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_09.py89
-rw-r--r--moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_10.py89
10 files changed, 890 insertions, 0 deletions
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_01.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_01.py
new file mode 100644
index 00000000..b591b532
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_01.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp01"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_02.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_02.py
new file mode 100644
index 00000000..4ca48d25
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_02.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp02"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_03.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_03.py
new file mode 100644
index 00000000..eb424e79
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_03.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp03"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_04.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_04.py
new file mode 100644
index 00000000..5fb860f5
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_04.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp04"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_05.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_05.py
new file mode 100644
index 00000000..09947491
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_05.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp05"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_06.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_06.py
new file mode 100644
index 00000000..a3f66c4f
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_06.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp06"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_07.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_07.py
new file mode 100644
index 00000000..14d75d57
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_07.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp07"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_08.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_08.py
new file mode 100644
index 00000000..a658bb0c
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_08.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp08"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_09.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_09.py
new file mode 100644
index 00000000..96c3f61a
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_09.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp09"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )
diff --git a/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_10.py b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_10.py
new file mode 100644
index 00000000..bebdee23
--- /dev/null
+++ b/moonv4/tests/01_smpolicy_average_latency/scenario/10/rbac_10_tenant_10.py
@@ -0,0 +1,89 @@
+import random
+
+pdp_name = "pdp10"
+policy_name = "RBAC policy example"
+model_name = "RBAC"
+policy_genre = "authz"
+
+SUBJECT_NUMBER = 10
+OBJECT_NUMBER = 10
+ROLE_NUMBER = 5
+
+subjects = {}
+for _id in range(SUBJECT_NUMBER):
+ subjects["user{}".format(_id)] = ""
+objects = {}
+for _id in range(OBJECT_NUMBER):
+ objects["vm{}".format(_id)] = ""
+actions = {
+ "start": "",
+ "stop": "",
+ "pause": "",
+ "unpause": "",
+ "destroy": "",
+}
+
+subject_categories = {"role": "", }
+object_categories = {"id": "", }
+action_categories = {"action-type": "", }
+
+subject_data = {"role": {"admin": "", "*": ""}}
+for _id in range(ROLE_NUMBER):
+ subject_data["role"]["role{}".format(_id)] = ""
+object_data = {"id": {"*": ""}}
+for _id in range(OBJECT_NUMBER):
+ object_data["id"]["vm{}".format(_id)] = ""
+action_data = {"action-type": {
+ "vm-read": "",
+ "vm-write": "",
+ "*": ""
+}}
+
+subject_assignments = {}
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}]
+object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
+for _id in range(OBJECT_NUMBER):
+ object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}]
+action_assignments = {
+ "start": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "stop": ({"action-type": "vm-write"}, {"action-type": "*"}),
+ "pause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}),
+ "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}),
+}
+
+meta_rule = {
+ "rbac": {"id": "", "value": ("role", "id", "action-type")},
+}
+
+rules = {
+ "rbac": [
+ {
+ "rule": ("admin", "vm0", "vm-read"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ {
+ "rule": ("admin", "vm0", "vm-write"),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ ]
+}
+
+for _id in range(SUBJECT_NUMBER):
+ _role = "role{}".format(random.randrange(ROLE_NUMBER))
+ _vm = "vm{}".format(random.randrange(OBJECT_NUMBER))
+ _action = random.choice(list(action_data['action-type'].keys()))
+ rules["rbac"].append(
+ {
+ "rule": (_role, _vm, _action),
+ "instructions": (
+ {"decision": "grant"},
+ )
+ },
+ )