aboutsummaryrefslogtreecommitdiffstats
path: root/moonv4/tests/scenario/session.py
diff options
context:
space:
mode:
authorasteroide <thomas.duval@orange.com>2017-09-13 11:19:47 +0200
committerasteroide <thomas.duval@orange.com>2017-09-13 11:19:47 +0200
commit1f754ef804ffedaf1c222f9f51313b6afcbbec6e (patch)
tree489c8dafa509d3066608d2c3fc087a07d587ab27 /moonv4/tests/scenario/session.py
parent3595c59908df7c43fad4301545d3b9c455dffcc7 (diff)
Move test files from Interface dir to tests dir
Change-Id: Iaf697b15a8e51cd96a4a1b65d74483b7f3ac9cea
Diffstat (limited to 'moonv4/tests/scenario/session.py')
-rw-r--r--moonv4/tests/scenario/session.py60
1 files changed, 60 insertions, 0 deletions
diff --git a/moonv4/tests/scenario/session.py b/moonv4/tests/scenario/session.py
new file mode 100644
index 00000000..97d7aec3
--- /dev/null
+++ b/moonv4/tests/scenario/session.py
@@ -0,0 +1,60 @@
+
+pdp_name = "pdp1"
+policy_name = "Session policy example"
+model_name = "Session"
+policy_genre = "session"
+
+subjects = {"user0": "", "user1": "", }
+objects = {"admin": "", "employee": "", }
+actions = {"activate": "", "deactivate": ""}
+
+subject_categories = {"subjectid": "", }
+object_categories = {"role": "", }
+action_categories = {"session-action": "", }
+
+subject_data = {"subjectid": {"user0": "", "user1": ""}}
+object_data = {"role": {"admin": "", "employee": "", "*": ""}}
+action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}}
+
+subject_assignments = {"user0": ({"subjectid": "user0"}, ), "user1": ({"subjectid": "user1"}, ), }
+object_assignments = {"admin": ({"role": "admin"}, {"role": "*"}),
+ "employee": ({"role": "employee"}, {"role": "employee"})
+ }
+action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ),
+ "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, )
+ }
+
+meta_rule = {
+ "session": {"id": "", "value": ("subjectid", "role", "session-action")},
+}
+
+rules = {
+ "session": (
+ {
+ "rule": ("user0", "employee", "*"),
+ "instructions": (
+ {
+ "update": {
+ "operation": "add",
+ "target": "rbac:role:admin" # add the role admin to the current user
+ }
+ },
+ {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac
+ )
+ },
+ {
+ "rule": ("user1", "employee", "*"),
+ "instructions": (
+ {
+ "update": {
+ "operation": "delete",
+ "target": "rbac:role:employee" # delete the role employee from the current user
+ }
+ },
+ {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac
+ )
+ },
+ )
+}
+
+