aboutsummaryrefslogtreecommitdiffstats
path: root/python_moondb
diff options
context:
space:
mode:
authorThomas Duval <thomas.duval@orange.com>2020-06-03 10:06:52 +0200
committerThomas Duval <thomas.duval@orange.com>2020-06-03 10:06:52 +0200
commit7bb53c64da2dcf88894bfd31503accdd81498f3d (patch)
tree4310e12366818af27947b5e2c80cb162da93a4b5 /python_moondb
parentcbea4e360e9bfaa9698cf7c61c83c96a1ba89b8c (diff)
Update to new version 5.4HEADstable/jermamaster
Signed-off-by: Thomas Duval <thomas.duval@orange.com> Change-Id: Idcd868133d75928a1ffd74d749ce98503e0555ea
Diffstat (limited to 'python_moondb')
-rw-r--r--python_moondb/.gitignore106
-rw-r--r--python_moondb/Changelog128
-rw-r--r--python_moondb/LICENSE202
-rw-r--r--python_moondb/MANIFEST.in10
-rw-r--r--python_moondb/README.md32
-rw-r--r--python_moondb/bin/drop_tables.sql18
-rw-r--r--python_moondb/python_moondb/__init__.py6
-rw-r--r--python_moondb/python_moondb/api/__init__.py0
-rw-r--r--python_moondb/python_moondb/api/keystone.py105
-rw-r--r--python_moondb/python_moondb/api/managers.py16
-rw-r--r--python_moondb/python_moondb/api/model.py338
-rw-r--r--python_moondb/python_moondb/api/pdp.py51
-rw-r--r--python_moondb/python_moondb/api/policy.py751
-rw-r--r--python_moondb/python_moondb/backends/__init__.py96
-rw-r--r--python_moondb/python_moondb/backends/sql.py1884
-rw-r--r--python_moondb/python_moondb/core.py228
-rw-r--r--python_moondb/python_moondb/db_manager.py82
-rw-r--r--python_moondb/python_moondb/migrate_repo/__init__.py0
-rw-r--r--python_moondb/python_moondb/migrate_repo/versions/001_moon.py267
-rw-r--r--python_moondb/python_moondb/migrate_repo/versions/__init__.py0
-rw-r--r--python_moondb/requirements.txt4
-rw-r--r--python_moondb/setup.py54
-rw-r--r--python_moondb/tests/unit_python/conftest.py145
-rw-r--r--python_moondb/tests/unit_python/helpers/__init__.py0
-rw-r--r--python_moondb/tests/unit_python/helpers/assignment_helper.py49
-rw-r--r--python_moondb/tests/unit_python/helpers/category_helper.py54
-rw-r--r--python_moondb/tests/unit_python/helpers/data_helper.py98
-rw-r--r--python_moondb/tests/unit_python/helpers/meta_rule_helper.py48
-rw-r--r--python_moondb/tests/unit_python/helpers/mock_data.py156
-rw-r--r--python_moondb/tests/unit_python/helpers/model_helper.py47
-rw-r--r--python_moondb/tests/unit_python/helpers/pdp_helper.py23
-rw-r--r--python_moondb/tests/unit_python/helpers/policy_helper.py72
-rw-r--r--python_moondb/tests/unit_python/mock_components.py27
-rw-r--r--python_moondb/tests/unit_python/mock_keystone.py33
-rwxr-xr-xpython_moondb/tests/unit_python/models/__init__.py0
-rw-r--r--python_moondb/tests/unit_python/models/test_categories.py111
-rw-r--r--python_moondb/tests/unit_python/models/test_meta_rules.py403
-rw-r--r--python_moondb/tests/unit_python/models/test_models.py622
-rw-r--r--python_moondb/tests/unit_python/policies/__init__.py0
-rw-r--r--python_moondb/tests/unit_python/policies/mock_data.py74
-rwxr-xr-xpython_moondb/tests/unit_python/policies/test_assignments.py235
-rwxr-xr-xpython_moondb/tests/unit_python/policies/test_data.py707
-rwxr-xr-xpython_moondb/tests/unit_python/policies/test_policies.py643
-rw-r--r--python_moondb/tests/unit_python/requirements.txt4
-rw-r--r--python_moondb/tests/unit_python/test_keystone.py53
-rwxr-xr-xpython_moondb/tests/unit_python/test_pdp.py149
-rw-r--r--python_moondb/tests/unit_python/utilities.py136
47 files changed, 0 insertions, 8267 deletions
diff --git a/python_moondb/.gitignore b/python_moondb/.gitignore
deleted file mode 100644
index 9c29724f..00000000
--- a/python_moondb/.gitignore
+++ /dev/null
@@ -1,106 +0,0 @@
-# Byte-compiled / optimized / DLL files
-__pycache__/
-*.py[cod]
-*$py.class
-
-# C extensions
-*.so
-
-# Distribution / packaging
-.Python
-build/
-develop-eggs/
-dist/
-downloads/
-eggs/
-.eggs/
-lib/
-lib64/
-parts/
-sdist/
-var/
-wheels/
-*.egg-info/
-.installed.cfg
-*.egg
-MANIFEST
-
-# PyInstaller
-# Usually these files are written by a python script from a template
-# before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
-# Installer logs
-pip-log.txt
-pip-delete-this-directory.txt
-
-# Unit test / coverage reports
-htmlcov/
-.tox/
-.coverage
-.coverage.*
-.cache
-nosetests.xml
-coverage.xml
-*.cover
-.hypothesis/
-.pytest_cache/
-
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-local_settings.py
-db.sqlite3
-
-# Flask stuff:
-instance/
-.webassets-cache
-
-# Scrapy stuff:
-.scrapy
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-target/
-
-# Jupyter Notebook
-.ipynb_checkpoints
-
-# pyenv
-.python-version
-
-# celery beat schedule file
-celerybeat-schedule
-
-# SageMath parsed files
-*.sage.py
-
-# Environments
-.env
-.venv
-env/
-venv/
-ENV/
-env.bak/
-venv.bak/
-
-# Spyder project settings
-.spyderproject
-.spyproject
-
-# Rope project settings
-.ropeproject
-
-# mkdocs documentation
-/site
-
-# mypy
-.mypy_cache/
-
-/tests/unit_python/database.db
diff --git a/python_moondb/Changelog b/python_moondb/Changelog
deleted file mode 100644
index 9236c260..00000000
--- a/python_moondb/Changelog
+++ /dev/null
@@ -1,128 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-
-CHANGES
-=======
-
-0.1.0
------
-- First version of the moon_db library.
-
-1.0.0
------
-- First public version of the moon_db library.
-
-1.0.1
------
-- Update setup.py to force the installation of requirements.
-
-1.0.2
------
-- Test PyPi upload
-
-1.0.3
------
-- Fix a bug in core.py
-- Update db_manager
-
-1.1.0
------
-- When adding a subject, check the existence of that user in the Keystone DB and
- create it if necessary
-
-1.2.0
------
-- Update the db_manager in order to use it for tests
-
-1.2.1
------
-- Update moon_db_manager in order to use it for unit tests
-
-1.2.2
------
-- Fix a bug in moon_db_manager
-
-1.2.3
------
-- Cleanup moon_db code
-
-1.2.4
------
-- Update the name of the library (from moon_db)
-
-1.2.5
------
-- Code cleaning
-
-1.2.6
------
-- Remove some code duplication in moon_db
-- handle the extra field for the perimeter
-
-1.2.7
------
-- Fix some bugs
-
-1.2.8
------
-- Add unique constraints on db tables
-
-1.2.9
------
-- Add some verifications when deleting some elements in database
-
-1.2.10
------
-- Update the migration script because of a bug introduced in 1.2.8 in rule table
-- Fix bugs due to the previous version
-
-1.2.11
-------
-- adding test cases for perimeter
-- adding subject_object_action to model_test
-- update import of exception
-- add unit_test to test_model
-- add validation for not accepting blank perimeter name or category name
-
-1.2.12
-------
-- Fix the SubjectExisting exception problem
-
-1.2.13
-------
-- Add validations and refactor test cases
-
-1.2.14
-------
-- Fix some bugs for the manager and clean the code
-
-1.2.15
-------
-- Fix test cases after removing syntax error in exceptions
-
-1.2.16
-------
-- Fix the "key length error" in meta_rule table
-
-1.2.17
-------
-- adding extra validation for addition and deletion dependencies
-
-1.2.18
-------
-- adding changelog
-
-1.2.19
-------
-- adding extra validation for update requests
-
-1.2.20
-------
-- adding extra validation of rule content
-- update validation for category with meta-rule dependencies
-- update validation on updating meta-rule
-- applying PyLint
-- fixing Jira issues related to update policy \ No newline at end of file
diff --git a/python_moondb/LICENSE b/python_moondb/LICENSE
deleted file mode 100644
index d6456956..00000000
--- a/python_moondb/LICENSE
+++ /dev/null
@@ -1,202 +0,0 @@
-
- Apache License
- Version 2.0, January 2004
- http://www.apache.org/licenses/
-
- TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
- 1. Definitions.
-
- "License" shall mean the terms and conditions for use, reproduction,
- and distribution as defined by Sections 1 through 9 of this document.
-
- "Licensor" shall mean the copyright owner or entity authorized by
- the copyright owner that is granting the License.
-
- "Legal Entity" shall mean the union of the acting entity and all
- other entities that control, are controlled by, or are under common
- control with that entity. For the purposes of this definition,
- "control" means (i) the power, direct or indirect, to cause the
- direction or management of such entity, whether by contract or
- otherwise, or (ii) ownership of fifty percent (50%) or more of the
- outstanding shares, or (iii) beneficial ownership of such entity.
-
- "You" (or "Your") shall mean an individual or Legal Entity
- exercising permissions granted by this License.
-
- "Source" form shall mean the preferred form for making modifications,
- including but not limited to software source code, documentation
- source, and configuration files.
-
- "Object" form shall mean any form resulting from mechanical
- transformation or translation of a Source form, including but
- not limited to compiled object code, generated documentation,
- and conversions to other media types.
-
- "Work" shall mean the work of authorship, whether in Source or
- Object form, made available under the License, as indicated by a
- copyright notice that is included in or attached to the work
- (an example is provided in the Appendix below).
-
- "Derivative Works" shall mean any work, whether in Source or Object
- form, that is based on (or derived from) the Work and for which the
- editorial revisions, annotations, elaborations, or other modifications
- represent, as a whole, an original work of authorship. For the purposes
- of this License, Derivative Works shall not include works that remain
- separable from, or merely link (or bind by name) to the interfaces of,
- the Work and Derivative Works thereof.
-
- "Contribution" shall mean any work of authorship, including
- the original version of the Work and any modifications or additions
- to that Work or Derivative Works thereof, that is intentionally
- submitted to Licensor for inclusion in the Work by the copyright owner
- or by an individual or Legal Entity authorized to submit on behalf of
- the copyright owner. For the purposes of this definition, "submitted"
- means any form of electronic, verbal, or written communication sent
- to the Licensor or its representatives, including but not limited to
- communication on electronic mailing lists, source code control systems,
- and issue tracking systems that are managed by, or on behalf of, the
- Licensor for the purpose of discussing and improving the Work, but
- excluding communication that is conspicuously marked or otherwise
- designated in writing by the copyright owner as "Not a Contribution."
-
- "Contributor" shall mean Licensor and any individual or Legal Entity
- on behalf of whom a Contribution has been received by Licensor and
- subsequently incorporated within the Work.
-
- 2. Grant of Copyright License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- copyright license to reproduce, prepare Derivative Works of,
- publicly display, publicly perform, sublicense, and distribute the
- Work and such Derivative Works in Source or Object form.
-
- 3. Grant of Patent License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- (except as stated in this section) patent license to make, have made,
- use, offer to sell, sell, import, and otherwise transfer the Work,
- where such license applies only to those patent claims licensable
- by such Contributor that are necessarily infringed by their
- Contribution(s) alone or by combination of their Contribution(s)
- with the Work to which such Contribution(s) was submitted. If You
- institute patent litigation against any entity (including a
- cross-claim or counterclaim in a lawsuit) alleging that the Work
- or a Contribution incorporated within the Work constitutes direct
- or contributory patent infringement, then any patent licenses
- granted to You under this License for that Work shall terminate
- as of the date such litigation is filed.
-
- 4. Redistribution. You may reproduce and distribute copies of the
- Work or Derivative Works thereof in any medium, with or without
- modifications, and in Source or Object form, provided that You
- meet the following conditions:
-
- (a) You must give any other recipients of the Work or
- Derivative Works a copy of this License; and
-
- (b) You must cause any modified files to carry prominent notices
- stating that You changed the files; and
-
- (c) You must retain, in the Source form of any Derivative Works
- that You distribute, all copyright, patent, trademark, and
- attribution notices from the Source form of the Work,
- excluding those notices that do not pertain to any part of
- the Derivative Works; and
-
- (d) If the Work includes a "NOTICE" text file as part of its
- distribution, then any Derivative Works that You distribute must
- include a readable copy of the attribution notices contained
- within such NOTICE file, excluding those notices that do not
- pertain to any part of the Derivative Works, in at least one
- of the following places: within a NOTICE text file distributed
- as part of the Derivative Works; within the Source form or
- documentation, if provided along with the Derivative Works; or,
- within a display generated by the Derivative Works, if and
- wherever such third-party notices normally appear. The contents
- of the NOTICE file are for informational purposes only and
- do not modify the License. You may add Your own attribution
- notices within Derivative Works that You distribute, alongside
- or as an addendum to the NOTICE text from the Work, provided
- that such additional attribution notices cannot be construed
- as modifying the License.
-
- You may add Your own copyright statement to Your modifications and
- may provide additional or different license terms and conditions
- for use, reproduction, or distribution of Your modifications, or
- for any such Derivative Works as a whole, provided Your use,
- reproduction, and distribution of the Work otherwise complies with
- the conditions stated in this License.
-
- 5. Submission of Contributions. Unless You explicitly state otherwise,
- any Contribution intentionally submitted for inclusion in the Work
- by You to the Licensor shall be under the terms and conditions of
- this License, without any additional terms or conditions.
- Notwithstanding the above, nothing herein shall supersede or modify
- the terms of any separate license agreement you may have executed
- with Licensor regarding such Contributions.
-
- 6. Trademarks. This License does not grant permission to use the trade
- names, trademarks, service marks, or product names of the Licensor,
- except as required for reasonable and customary use in describing the
- origin of the Work and reproducing the content of the NOTICE file.
-
- 7. Disclaimer of Warranty. Unless required by applicable law or
- agreed to in writing, Licensor provides the Work (and each
- Contributor provides its Contributions) on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied, including, without limitation, any warranties or conditions
- of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- PARTICULAR PURPOSE. You are solely responsible for determining the
- appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.
-
- 8. Limitation of Liability. In no event and under no legal theory,
- whether in tort (including negligence), contract, or otherwise,
- unless required by applicable law (such as deliberate and grossly
- negligent acts) or agreed to in writing, shall any Contributor be
- liable to You for damages, including any direct, indirect, special,
- incidental, or consequential damages of any character arising as a
- result of this License or out of the use or inability to use the
- Work (including but not limited to damages for loss of goodwill,
- work stoppage, computer failure or malfunction, or any and all
- other commercial damages or losses), even if such Contributor
- has been advised of the possibility of such damages.
-
- 9. Accepting Warranty or Additional Liability. While redistributing
- the Work or Derivative Works thereof, You may choose to offer,
- and charge a fee for, acceptance of support, warranty, indemnity,
- or other liability obligations and/or rights consistent with this
- License. However, in accepting such obligations, You may act only
- on Your own behalf and on Your sole responsibility, not on behalf
- of any other Contributor, and only if You agree to indemnify,
- defend, and hold each Contributor harmless for any liability
- incurred by, or claims asserted against, such Contributor by reason
- of your accepting any such warranty or additional liability.
-
- END OF TERMS AND CONDITIONS
-
- APPENDIX: How to apply the Apache License to your work.
-
- To apply the Apache License to your work, attach the following
- boilerplate notice, with the fields enclosed by brackets "[]"
- replaced with your own identifying information. (Don't include
- the brackets!) The text should be enclosed in the appropriate
- comment syntax for the file format. We also recommend that a
- file or class name and description of purpose be included on the
- same "printed page" as the copyright notice for easier
- identification within third-party archives.
-
- Copyright [yyyy] [name of copyright owner]
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
diff --git a/python_moondb/MANIFEST.in b/python_moondb/MANIFEST.in
deleted file mode 100644
index 02655837..00000000
--- a/python_moondb/MANIFEST.in
+++ /dev/null
@@ -1,10 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-include README.md
-include LICENSE
-include setup.py
-include requirements.txt
-graft bin \ No newline at end of file
diff --git a/python_moondb/README.md b/python_moondb/README.md
deleted file mode 100644
index d36c6ae3..00000000
--- a/python_moondb/README.md
+++ /dev/null
@@ -1,32 +0,0 @@
-# python_moondb
-
-This package contains the database module for the Moon project
-It is designed to provide a driver to access the Moon database.
-
-For any other information, refer to the parent project:
-
- https://git.opnfv.org/moon
-
-## Build
-### Build Python Package
-```bash
-cd ${MOON_HOME}/python_moondb
-python3 setup.py sdist bdist_wheel
-```
-
-### Push Python Package to PIP
-```bash
-cd ${MOON_HOME}/python_moondb
-gpg --detach-sign -u "${GPG_ID}" -a dist/python_moondb-X.Y.Z-py3-none-any.whl
-gpg --detach-sign -u "${GPG_ID}" -a dist/python_moondb-X.Y.Z.tar.gz
-twine upload dist/python_moondb-X.Y.Z-py3-none-any.whl dist/python_moondb-X.Y.Z-py3-none-any.whl.asc
-twine upload dist/python_moondb-X.Y.Z.tar.gz dist/python_moondb-X.Y.Z.tar.gz.asc
-```
-
-## Test
-### Python Unit Test
-launch Docker for Python unit tests
-```bash
-cd ${MOON_HOME}/python_moondb
-docker run --rm --volume $(pwd):/data wukongsun/moon_python_unit_test:latest
-``` \ No newline at end of file
diff --git a/python_moondb/bin/drop_tables.sql b/python_moondb/bin/drop_tables.sql
deleted file mode 100644
index f5f65ea7..00000000
--- a/python_moondb/bin/drop_tables.sql
+++ /dev/null
@@ -1,18 +0,0 @@
-use moon;
-drop table action_assignments;
-drop table object_assignments;
-drop table subject_assignments;
-drop table subject_scopes;
-drop table action_scopes;
-drop table object_scopes;
-drop table action_categories;
-drop table subject_categories;
-drop table object_categories;
-drop table rules;
-drop table sub_meta_rules;
-drop table actions;
-drop table objects;
-drop table subjects;
-drop table tenants;
-drop table intra_extensions;
-show tables;
diff --git a/python_moondb/python_moondb/__init__.py b/python_moondb/python_moondb/__init__.py
deleted file mode 100644
index 37c9a725..00000000
--- a/python_moondb/python_moondb/__init__.py
+++ /dev/null
@@ -1,6 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-__version__ = "1.2.20"
diff --git a/python_moondb/python_moondb/api/__init__.py b/python_moondb/python_moondb/api/__init__.py
deleted file mode 100644
index e69de29b..00000000
--- a/python_moondb/python_moondb/api/__init__.py
+++ /dev/null
diff --git a/python_moondb/python_moondb/api/keystone.py b/python_moondb/python_moondb/api/keystone.py
deleted file mode 100644
index 57521c36..00000000
--- a/python_moondb/python_moondb/api/keystone.py
+++ /dev/null
@@ -1,105 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import os
-import requests
-import json
-from uuid import uuid4
-import logging
-from python_moonutilities import exceptions, configuration
-from python_moonutilities.security_functions import filter_input, login, logout
-from python_moondb.api.managers import Managers
-
-logger = logging.getLogger("moon.db.api.keystone")
-
-
-class KeystoneManager(Managers):
-
- def __init__(self, connector=None):
- self.driver = connector.driver
- Managers.KeystoneManager = self
- conf = configuration.get_configuration("openstack/keystone")['openstack/keystone']
-
- self.__url = conf['url']
- self.__user = conf['user']
- self.__password = conf['password']
- self.__domain = conf['domain']
- self.__project = conf['project']
- try:
- os.environ.pop("http_proxy")
- os.environ.pop("https_proxy")
- except KeyError:
- pass
-
- def __get(self, endpoint, _exception=exceptions.KeystoneError):
- _headers = login()
- req = requests.get("{}{}".format(self.__url, endpoint), headers=_headers, verify=False)
- if req.status_code not in (200, 201):
- logger.error(req.text)
- raise _exception
- data = req.json()
- logout(_headers)
- return data
-
- def __post(self, endpoint, data=None, _exception=exceptions.KeystoneError):
- _headers = login()
- req = requests.post("{}{}".format(self.__url, endpoint),
- data=json.dumps(data),
- headers=_headers, verify=False)
- if req.status_code == 409:
- logger.warning(req.text)
- raise exceptions.KeystoneUserConflict
- if req.status_code not in (200, 201):
- logger.error(req.text)
- raise _exception
- data = req.json()
- logout(_headers)
- return data
-
- def list_projects(self):
- return self.__get(endpoint="/projects/", _exception=exceptions.KeystoneProjectError)
-
- @filter_input
- def create_project(self, tenant_dict):
- if "name" not in tenant_dict:
- raise exceptions.KeystoneProjectError("Cannot get the project name.")
- _project = {
- "project": {
- "description": tenant_dict['description'] if 'description' in tenant_dict else "",
- "domain_id": tenant_dict['domain'] if 'domain' in tenant_dict else "default",
- "enabled": True,
- "is_domain": False,
- "name": tenant_dict['name']
- }
- }
- return self.__post(endpoint="/projects/",
- data=_project,
- _exception=exceptions.KeystoneProjectError)
-
- @filter_input
- def get_user_by_name(self, username, domain_id="default"):
- return self.__get(endpoint="/users?name={}&domain_id={}".format(username, domain_id),
- _exception=exceptions.KeystoneUserError)
-
- @filter_input
- def create_user(self, subject_dict):
- _user = {
- "user": {
- "enabled": True,
- "name": subject_dict['name'] if 'name' in subject_dict else uuid4().hex,
- }
- }
- if 'project' in subject_dict:
- _user['user']['default_project_id'] = subject_dict['project']
- if 'domain' in subject_dict:
- _user['user']['domain_id'] = subject_dict['domain']
- if 'password' in subject_dict:
- _user['user']['password'] = subject_dict['password']
- try:
- return self.__post(endpoint="/users/",
- data=_user,
- _exception=exceptions.KeystoneUserError)
- except exceptions.KeystoneUserConflict:
- return True
diff --git a/python_moondb/python_moondb/api/managers.py b/python_moondb/python_moondb/api/managers.py
deleted file mode 100644
index 414725f6..00000000
--- a/python_moondb/python_moondb/api/managers.py
+++ /dev/null
@@ -1,16 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-logger = logging.getLogger("moon.db.api.managers")
-
-
-class Managers(object):
- """Object that links managers together"""
- ModelManager = None
- KeystoneManager = None
- PDPManager = None
- PolicyManager = None
diff --git a/python_moondb/python_moondb/api/model.py b/python_moondb/python_moondb/api/model.py
deleted file mode 100644
index 4f6c34cb..00000000
--- a/python_moondb/python_moondb/api/model.py
+++ /dev/null
@@ -1,338 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-from uuid import uuid4
-import logging
-from python_moonutilities import exceptions
-from python_moonutilities.security_functions import filter_input, enforce
-from python_moondb.api.managers import Managers
-import copy
-
-logger = logging.getLogger("moon.db.api.model")
-
-
-class ModelManager(Managers):
-
- def __init__(self, connector=None):
- self.driver = connector.driver
- Managers.ModelManager = self
-
- @enforce(("read", "write"), "models")
- def update_model(self, user_id, model_id, value):
- if model_id not in self.driver.get_models(model_id=model_id):
- raise exceptions.ModelUnknown
-
- if not value['name'].strip():
- raise exceptions.ModelContentError('Model name invalid')
-
- if 'meta_rules' not in value:
- raise exceptions.MetaRuleUnknown
-
- if not value['name']:
- raise exceptions.ModelContentError
-
- model = self.get_models(user_id=user_id, model_id=model_id)
- model = model[next(iter(model))]
- if ((model['meta_rules'] and value['meta_rules'] and model['meta_rules'] != value[
- 'meta_rules']) \
- or (model['meta_rules'] and not value['meta_rules'])):
- policies = Managers.PolicyManager.get_policies(user_id=user_id)
- for policy_id in policies:
- if policies[policy_id]["model_id"] == model_id:
- raise exceptions.DeleteModelWithPolicy
-
- if value and 'meta_rules' in value:
- for meta_rule_id in value['meta_rules']:
- if not self.driver.get_meta_rules(meta_rule_id=meta_rule_id):
- raise exceptions.MetaRuleUnknown
-
- return self.driver.update_model(model_id=model_id, value=value)
-
- @enforce(("read", "write"), "models")
- def delete_model(self, user_id, model_id):
- if model_id not in self.driver.get_models(model_id=model_id):
- raise exceptions.ModelUnknown
- # TODO (asteroide): check that no policy is connected to this model
- policies = Managers.PolicyManager.get_policies(user_id=user_id)
- for policy in policies:
- if policies[policy]['model_id'] == model_id:
- raise exceptions.DeleteModelWithPolicy
- return self.driver.delete_model(model_id=model_id)
-
- @enforce(("read", "write"), "models")
- def add_model(self, user_id, model_id=None, value=None):
-
- if not value['name']:
- raise exceptions.ModelContentError
-
- if not value['name'].strip():
- raise exceptions.ModelContentError('Model name invalid')
-
- models = self.driver.get_models()
- if model_id in models:
- raise exceptions.ModelExisting
-
- for model in models:
- if models[model]['name'] == value['name']:
- raise exceptions.ModelExisting("Model Name Existed")
- same_meta_rule_counter = 0
- for meta_rule_id in models[model]['meta_rules']:
- if meta_rule_id in value['meta_rules']:
- same_meta_rule_counter += 1
- if same_meta_rule_counter == len(value['meta_rules']) and \
- len(models[model]['meta_rules']) == len(value['meta_rules']):
- raise exceptions.ModelExisting("Meta Rules List Existed in another Model")
-
- if not model_id:
- model_id = uuid4().hex
- if value and 'meta_rules' in value:
- for meta_rule_id in value['meta_rules']:
- if not meta_rule_id:
- raise exceptions.MetaRuleUnknown
- meta_rule = self.driver.get_meta_rules(meta_rule_id=meta_rule_id)
- if not meta_rule:
- raise exceptions.MetaRuleUnknown
-
- meta_rule_content = meta_rule[next(iter(meta_rule))]
- if (not meta_rule_content['subject_categories']) or (
- not meta_rule_content['object_categories']) or (
- not meta_rule_content['action_categories']):
- raise exceptions.MetaRuleContentError
-
- return self.driver.add_model(model_id=model_id, value=value)
-
- @enforce("read", "models")
- def get_models(self, user_id, model_id=None):
- return self.driver.get_models(model_id=model_id)
-
- @enforce(("read", "write"), "meta_rules")
- def update_meta_rule(self, user_id, meta_rule_id, value):
- meta_rules=self.driver.get_meta_rules()
- if not meta_rule_id or meta_rule_id not in meta_rules:
- raise exceptions.MetaRuleUnknown
- self.__check_meta_rule_dependencies(user_id=user_id, meta_rule_id=meta_rule_id)
- if value:
- if 'subject_categories' in value:
- for subject_category_id in value['subject_categories']:
- if not subject_category_id or not self.driver.get_subject_categories(
- category_id=subject_category_id):
- raise exceptions.SubjectCategoryUnknown
- if 'object_categories' in value:
- for object_category_id in value['object_categories']:
- if not object_category_id or not self.driver.get_object_categories(
- category_id=object_category_id):
- raise exceptions.ObjectCategoryUnknown
- if 'action_categories' in value:
- for action_category_id in value['action_categories']:
- if not action_category_id or not self.driver.get_action_categories(
- category_id=action_category_id):
- raise exceptions.ActionCategoryUnknown
-
- for meta_rule_obj_id in meta_rules:
- counter_matched_list = 0
- counter_matched_list += self.check_combination(meta_rules[meta_rule_obj_id]['subject_categories'],
- value['subject_categories'])
- counter_matched_list += self.check_combination(meta_rules[meta_rule_obj_id]['object_categories'],
- value['object_categories'])
- counter_matched_list += self.check_combination(meta_rules[meta_rule_obj_id]['action_categories'],
- value['action_categories'])
- if counter_matched_list == 3 and meta_rule_obj_id!=meta_rule_id:
- raise exceptions.MetaRuleExisting("Same categories combination existed")
-
- return self.driver.set_meta_rule(meta_rule_id=meta_rule_id, value=value)
-
- def __check_meta_rule_dependencies(self, user_id, meta_rule_id):
- policies = Managers.PolicyManager.get_policies(user_id=user_id)
- for policy_id in policies:
- rules = Managers.PolicyManager.get_rules(user_id=user_id, policy_id=policy_id,
- meta_rule_id=meta_rule_id)
- if len(rules['rules']):
- raise exceptions.MetaRuleUpdateError
-
- @enforce("read", "meta_rules")
- def get_meta_rules(self, user_id, meta_rule_id=None):
- return self.driver.get_meta_rules(meta_rule_id=meta_rule_id)
-
- @enforce(("read", "write"), "meta_rules")
- def add_meta_rule(self, user_id, meta_rule_id=None, value=None):
-
- if not value['name']:
- raise exceptions.MetaRuleContentError
-
- meta_rules = self.driver.get_meta_rules()
-
- if meta_rule_id in meta_rules:
- raise exceptions.MetaRuleExisting
-
- if value:
- if 'subject_categories' in value:
- for subject_category_id in value['subject_categories']:
- if not self.driver.get_subject_categories(category_id=subject_category_id):
- raise exceptions.SubjectCategoryUnknown
- if 'object_categories' in value:
- for object_category_id in value['object_categories']:
- if not self.driver.get_object_categories(category_id=object_category_id):
- raise exceptions.ObjectCategoryUnknown
- if 'action_categories' in value:
- for action_category_id in value['action_categories']:
- if not self.driver.get_action_categories(category_id=action_category_id):
- raise exceptions.ActionCategoryUnknown
-
- for meta_rule_obj_id in meta_rules:
- counter_matched_list = 0
- counter_matched_list += self.check_combination(meta_rules[meta_rule_obj_id]['subject_categories'],
- value['subject_categories'])
- counter_matched_list += self.check_combination(meta_rules[meta_rule_obj_id]['object_categories'],
- value['object_categories'])
- counter_matched_list += self.check_combination(meta_rules[meta_rule_obj_id]['action_categories'],
- value['action_categories'])
- if counter_matched_list == 3:
- raise exceptions.MetaRuleExisting("Same categories combination existed")
-
- return self.driver.set_meta_rule(meta_rule_id=meta_rule_id, value=value)
-
- @enforce(("read", "write"), "meta_rules")
- def check_combination(self, list_one, list_two):
- counter_removed_items = 0
- temp_list_two = copy.deepcopy(list_two)
- for item in list_one:
- if item in temp_list_two:
- temp_list_two.remove(item)
- counter_removed_items += 1
-
- if counter_removed_items == len(list_two) and len(list_two) == len(list_one) and len(list_two):
- return 1
- return 0
-
- @enforce(("read", "write"), "meta_rules")
- def delete_meta_rule(self, user_id, meta_rule_id=None):
- if meta_rule_id not in self.driver.get_meta_rules(meta_rule_id=meta_rule_id):
- raise exceptions.MetaRuleUnknown
- # TODO (asteroide): check and/or delete data and assignments and rules linked to that meta_rule
- models = self.get_models(user_id=user_id)
- for model_id in models:
- for id in models[model_id]['meta_rules']:
- if id == meta_rule_id:
- raise exceptions.DeleteMetaRuleWithModel
- return self.driver.delete_meta_rule(meta_rule_id=meta_rule_id)
-
- @enforce("read", "meta_data")
- def get_subject_categories(self, user_id, category_id=None):
- return self.driver.get_subject_categories(category_id=category_id)
-
- @enforce(("read", "write"), "meta_data")
- def add_subject_category(self, user_id, category_id=None, value=None):
- subject_categories = self.driver.get_subject_categories(category_id=category_id)
-
- if not value['name']:
- raise exceptions.CategoryNameInvalid
-
- if category_id in subject_categories:
- raise exceptions.SubjectCategoryExisting
-
- return self.driver.add_subject_category(name=value["name"],
- description=value["description"], uuid=category_id)
-
- @enforce(("read", "write"), "meta_data")
- def delete_subject_category(self, user_id, category_id):
- # TODO (asteroide): delete all data linked to that category
- # TODO (asteroide): delete all meta_rules linked to that category
- if category_id not in self.driver.get_subject_categories(category_id=category_id):
- raise exceptions.SubjectCategoryUnknown
- meta_rules = self.get_meta_rules(user_id=user_id)
- for meta_rule_id in meta_rules:
- for subject_category_id in meta_rules[meta_rule_id]['subject_categories']:
- logger.info(
- "delete_subject_category {} {}".format(subject_category_id, meta_rule_id))
- logger.info("delete_subject_category {}".format(meta_rules[meta_rule_id]))
- if subject_category_id == category_id:
- # has_rules = self.driver.is_meta_rule_has_rules(meta_rule_id)
- # if has_rules:
- raise exceptions.DeleteSubjectCategoryWithMetaRule
-
- if self.driver.is_subject_category_has_assignment(category_id):
- raise exceptions.DeleteCategoryWithAssignment
-
- if self.driver.is_subject_data_exist(category_id=category_id):
- raise exceptions.DeleteCategoryWithData
-
- return self.driver.delete_subject_category(category_id=category_id)
-
- @enforce("read", "meta_data")
- def get_object_categories(self, user_id, category_id=None):
- return self.driver.get_object_categories(category_id)
-
- @enforce(("read", "write"), "meta_data")
- def add_object_category(self, user_id, category_id=None, value=None):
- if not value['name']:
- raise exceptions.CategoryNameInvalid
-
- object_categories = self.driver.get_object_categories(category_id=category_id)
- if category_id in object_categories:
- raise exceptions.ObjectCategoryExisting
-
- return self.driver.add_object_category(name=value["name"], description=value["description"],
- uuid=category_id)
-
- @enforce(("read", "write"), "meta_data")
- def delete_object_category(self, user_id, category_id):
- # TODO (asteroide): delete all data linked to that category
- # TODO (asteroide): delete all meta_rules linked to that category
- if category_id not in self.driver.get_object_categories(category_id=category_id):
- raise exceptions.ObjectCategoryUnknown
- meta_rules = self.get_meta_rules(user_id=user_id)
- for meta_rule_id in meta_rules:
- for object_category_id in meta_rules[meta_rule_id]['object_categories']:
- if object_category_id == category_id:
- # has_rules = self.driver.is_meta_rule_has_rules(meta_rule_id)
- # if has_rules:
- raise exceptions.DeleteObjectCategoryWithMetaRule
-
- if self.driver.is_object_category_has_assignment(category_id):
- raise exceptions.DeleteCategoryWithAssignment
-
- if self.driver.is_object_data_exist(category_id=category_id):
- raise exceptions.DeleteCategoryWithData
-
- return self.driver.delete_object_category(category_id=category_id)
-
- @enforce("read", "meta_data")
- def get_action_categories(self, user_id, category_id=None):
- return self.driver.get_action_categories(category_id=category_id)
-
- @enforce(("read", "write"), "meta_data")
- def add_action_category(self, user_id, category_id=None, value=None):
-
- if not value['name']:
- raise exceptions.CategoryNameInvalid
-
- action_categories = self.driver.get_action_categories(category_id=category_id)
- if category_id in action_categories:
- raise exceptions.ActionCategoryExisting
-
- return self.driver.add_action_category(name=value["name"], description=value["description"],
- uuid=category_id)
-
- @enforce(("read", "write"), "meta_data")
- def delete_action_category(self, user_id, category_id):
- # TODO (asteroide): delete all data linked to that category
- # TODO (asteroide): delete all meta_rules linked to that category
- if category_id not in self.driver.get_action_categories(category_id=category_id):
- raise exceptions.ActionCategoryUnknown
- meta_rules = self.get_meta_rules(user_id=user_id)
- for meta_rule_id in meta_rules:
- for action_category_id in meta_rules[meta_rule_id]['action_categories']:
- if action_category_id == category_id:
- # has_rules = self.driver.is_meta_rule_has_rules(meta_rule_id)
- # if has_rules:
- raise exceptions.DeleteActionCategoryWithMetaRule
-
- if self.driver.is_action_category_has_assignment(category_id):
- raise exceptions.DeleteCategoryWithAssignment
-
- if self.driver.is_action_data_exist(category_id=category_id):
- raise exceptions.DeleteCategoryWithData
-
- return self.driver.delete_action_category(category_id=category_id)
diff --git a/python_moondb/python_moondb/api/pdp.py b/python_moondb/python_moondb/api/pdp.py
deleted file mode 100644
index d0a071c9..00000000
--- a/python_moondb/python_moondb/api/pdp.py
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-from uuid import uuid4
-import logging
-from python_moonutilities.security_functions import enforce
-from python_moondb.api.managers import Managers
-from python_moonutilities import exceptions
-
-logger = logging.getLogger("moon.db.api.pdp")
-
-
-class PDPManager(Managers):
-
- def __init__(self, connector=None):
- self.driver = connector.driver
- Managers.PDPManager = self
-
- @enforce(("read", "write"), "pdp")
- def update_pdp(self, user_id, pdp_id, value):
- if pdp_id not in self.driver.get_pdp(pdp_id=pdp_id):
- raise exceptions.PdpUnknown
- if value and 'security_pipeline' in value:
- for policy_id in value['security_pipeline']:
- if not Managers.PolicyManager.get_policies(user_id=user_id, policy_id=policy_id):
- raise exceptions.PolicyUnknown
- return self.driver.update_pdp(pdp_id=pdp_id, value=value)
-
- @enforce(("read", "write"), "pdp")
- def delete_pdp(self, user_id, pdp_id):
- if pdp_id not in self.driver.get_pdp(pdp_id=pdp_id):
- raise exceptions.PdpUnknown
- return self.driver.delete_pdp(pdp_id=pdp_id)
-
- @enforce(("read", "write"), "pdp")
- def add_pdp(self, user_id, pdp_id=None, value=None):
- if pdp_id in self.driver.get_pdp(pdp_id=pdp_id):
- raise exceptions.PdpExisting
- if not pdp_id:
- pdp_id = uuid4().hex
- if value and 'security_pipeline' in value:
- for policy_id in value['security_pipeline']:
- if not Managers.PolicyManager.get_policies(user_id=user_id, policy_id=policy_id):
- raise exceptions.PolicyUnknown
- return self.driver.add_pdp(pdp_id=pdp_id, value=value)
-
- @enforce("read", "pdp")
- def get_pdp(self, user_id, pdp_id=None):
- return self.driver.get_pdp(pdp_id=pdp_id)
diff --git a/python_moondb/python_moondb/api/policy.py b/python_moondb/python_moondb/api/policy.py
deleted file mode 100644
index 03a93ff5..00000000
--- a/python_moondb/python_moondb/api/policy.py
+++ /dev/null
@@ -1,751 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-from uuid import uuid4
-import logging
-from python_moonutilities.security_functions import enforce
-from python_moondb.api.managers import Managers
-from python_moonutilities import exceptions
-
-# from python_moondb.core import PDPManager
-
-logger = logging.getLogger("moon.db.api.policy")
-
-
-class PolicyManager(Managers):
-
- def __init__(self, connector=None):
- self.driver = connector.driver
- Managers.PolicyManager = self
-
- def get_policy_from_meta_rules(self, user_id, meta_rule_id):
- policies = self.PolicyManager.get_policies("admin")
- models = self.ModelManager.get_models("admin")
- for pdp_key, pdp_value in self.PDPManager.get_pdp(user_id).items():
- if 'security_pipeline' not in pdp_value:
- raise exceptions.PdpContentError
- for policy_id in pdp_value["security_pipeline"]:
- if not policies or policy_id not in policies:
- raise exceptions.PolicyUnknown
- model_id = policies[policy_id]["model_id"]
- if not models:
- raise exceptions.ModelUnknown
- if model_id not in models:
- raise exceptions.ModelUnknown
- if meta_rule_id in models[model_id]["meta_rules"]:
- return policy_id
-
- @enforce(("read", "write"), "policies")
- def update_policy(self, user_id, policy_id, value):
-
- if not value or not value['name']:
- raise exceptions.PolicyContentError
-
- policyList = self.driver.get_policies(policy_id=policy_id)
- if not policy_id or policy_id not in policyList:
- raise exceptions.PolicyUnknown
-
- policies = self.driver.get_policies(policy_name=value['name'])
- if len(policies) and not (policy_id in policies):
- raise exceptions.PolicyExisting("Policy name Existed")
-
- if 'model_id' in value and value['model_id']:
- if not Managers.ModelManager.get_models(user_id, model_id=value['model_id']):
- raise exceptions.ModelUnknown
-
- policy_obj = policyList[policy_id]
- if (policy_obj["model_id"] and value["model_id"] != policy_obj["model_id"]):
-
- subjects = self.driver.get_subjects(policy_id=policy_id)
- if subjects:
- raise exceptions.PolicyUpdateError("Policy is used in subject")
- objects = self.driver.get_objects(policy_id=policy_id)
- if objects:
- raise exceptions.PolicyUpdateError("Policy is used in object")
- actions = self.driver.get_actions(policy_id=policy_id)
- if actions:
- raise exceptions.PolicyUpdateError("Policy is used in action")
-
- rules = self.driver.get_rules(policy_id=policy_id)["rules"]
- if rules:
- raise exceptions.PolicyUpdateError("Policy is used in rule")
-
- subject_data = self.get_subject_data(user_id, policy_id=policy_id)
- if subject_data and subject_data[0]["data"]:
- raise exceptions.PolicyUpdateError("Policy is used in subject_data")
- object_data = self.get_object_data(user_id, policy_id=policy_id)
- if object_data and object_data[0]["data"]:
- raise exceptions.PolicyUpdateError("Policy is used in object_data")
- action_data = self.get_action_data(user_id, policy_id=policy_id)
- if action_data and action_data[0]["data"]:
- raise exceptions.PolicyUpdateError("Policy is used in action_data")
-
- return self.driver.update_policy(policy_id=policy_id, value=value)
-
- @enforce(("read", "write"), "policies")
- def delete_policy(self, user_id, policy_id):
- # TODO (asteroide): unmap PDP linked to that policy
- if policy_id not in self.driver.get_policies(policy_id=policy_id):
- raise exceptions.PolicyUnknown
- pdps = self.PDPManager.get_pdp(user_id=user_id)
- for pdp in pdps:
- for policy_id in pdps[pdp]['security_pipeline']:
- if policy_id == policy_id:
- raise exceptions.DeletePolicyWithPdp
- subjects = self.driver.get_subjects(policy_id=policy_id)
- if subjects:
- raise exceptions.DeletePolicyWithPerimeter
- objects = self.driver.get_objects(policy_id=policy_id)
- if objects:
- raise exceptions.DeletePolicyWithPerimeter
- actions = self.driver.get_actions(policy_id=policy_id)
- if actions:
- raise exceptions.DeletePolicyWithPerimeter
-
- rules = self.driver.get_rules(policy_id=policy_id)["rules"]
- if rules:
- raise exceptions.DeletePolicyWithRules
-
- subject_data = self.get_subject_data(user_id, policy_id=policy_id)
- if subject_data and subject_data[0]["data"]:
- raise exceptions.DeletePolicyWithData
- object_data = self.get_object_data(user_id, policy_id=policy_id)
- if object_data and object_data[0]["data"]:
- raise exceptions.DeletePolicyWithData
- action_data = self.get_action_data(user_id, policy_id=policy_id)
- if action_data and action_data[0]["data"]:
- raise exceptions.DeletePolicyWithData
-
- return self.driver.delete_policy(policy_id=policy_id)
-
- @enforce(("read", "write"), "policies")
- def add_policy(self, user_id, policy_id=None, value=None):
-
- if not value or not value['name']:
- raise exceptions.PolicyContentError
- if policy_id in self.driver.get_policies(policy_id=policy_id):
- raise exceptions.PolicyExisting
-
- if len(self.driver.get_policies(policy_name=value['name'])):
- raise exceptions.PolicyExisting("Policy name Existed")
-
- if not policy_id:
- policy_id = uuid4().hex
- if 'model_id' in value and value['model_id'] != "":
- if not Managers.ModelManager.get_models(user_id, model_id=value['model_id']):
- raise exceptions.ModelUnknown
- return self.driver.add_policy(policy_id=policy_id, value=value)
-
- @enforce("read", "policies")
- def get_policies(self, user_id, policy_id=None):
- return self.driver.get_policies(policy_id=policy_id)
-
- @enforce("read", "perimeter")
- def get_subjects(self, user_id, policy_id, perimeter_id=None):
- # if not policy_id:
- # raise exceptions.PolicyUnknown
- if policy_id and (not self.get_policies(user_id=user_id, policy_id=policy_id)):
- raise exceptions.PolicyUnknown
- return self.driver.get_subjects(policy_id=policy_id, perimeter_id=perimeter_id)
-
- @enforce(("read", "write"), "perimeter")
- def add_subject(self, user_id, policy_id, perimeter_id=None, value=None):
-
- if not value or "name" not in value or not value["name"].strip():
- raise exceptions.PerimeterContentError('invalid name')
-
- if not policy_id or (not self.get_policies(user_id=user_id, policy_id=policy_id)):
- raise exceptions.PolicyUnknown
-
- if perimeter_id:
- subjects = self.driver.get_subjects(policy_id=None, perimeter_id=perimeter_id)
- if subjects and subjects[perimeter_id]['name'] != value['name']:
- raise exceptions.PerimeterContentError
-
- if not perimeter_id:
- subject_per = self.driver.get_subject_by_name(value['name'])
- if len(subject_per):
- perimeter_id = next(iter(subject_per))
-
- k_user = Managers.KeystoneManager.get_user_by_name(value.get('name'))
- if not k_user['users']:
- k_user = Managers.KeystoneManager.create_user(value)
- if not perimeter_id:
- try:
- logger.info("k_user={}".format(k_user))
- perimeter_id = k_user['users'][0].get('id', uuid4().hex)
- except IndexError:
- k_user = Managers.KeystoneManager.get_user_by_name(
- value.get('name'))
- perimeter_id = uuid4().hex
- except KeyError:
- k_user = Managers.KeystoneManager.get_user_by_name(
- value.get('name'))
- perimeter_id = uuid4().hex
-
- value.update(k_user['users'][0])
-
- return self.driver.set_subject(policy_id=policy_id, perimeter_id=perimeter_id, value=value)
-
- @enforce(("read", "write"), "perimeter")
- def update_subject(self, user_id, perimeter_id, value):
- logger.debug("update_subject perimeter_id = {}".format(perimeter_id))
-
- if not perimeter_id:
- raise exceptions.SubjectUnknown
-
- subjects = self.driver.get_subjects(policy_id=None, perimeter_id=perimeter_id)
- if not subjects or not (perimeter_id in subjects):
- raise exceptions.PerimeterContentError
-
- if 'policy_list' in value or ('name' in value and not value['name']):
- raise exceptions.PerimeterContentError
-
- return self.driver.update_subject(perimeter_id=perimeter_id, value=value)
-
- @enforce(("read", "write"), "perimeter")
- def delete_subject(self, user_id, policy_id, perimeter_id):
-
- if not perimeter_id:
- raise exceptions.SubjectUnknown
-
- if not policy_id:
- raise exceptions.PolicyUnknown
-
- if not self.get_subjects(user_id=user_id, policy_id=policy_id, perimeter_id=perimeter_id):
- raise exceptions.SubjectUnknown
-
- if not self.get_policies(user_id=user_id, policy_id=policy_id):
- raise exceptions.PolicyUnknown
-
- subj_assig = self.driver.get_subject_assignments(policy_id=policy_id,
- subject_id=perimeter_id)
- if subj_assig:
- raise exceptions.DeletePerimeterWithAssignment
-
- return self.driver.delete_subject(policy_id=policy_id, perimeter_id=perimeter_id)
-
- @enforce("read", "perimeter")
- def get_objects(self, user_id, policy_id, perimeter_id=None):
- # if not policy_id:
- # pass
- if policy_id and (not self.get_policies(user_id=user_id, policy_id=policy_id)):
- raise exceptions.PolicyUnknown
- return self.driver.get_objects(policy_id=policy_id, perimeter_id=perimeter_id)
-
- @enforce(("read", "write"), "perimeter")
- def add_object(self, user_id, policy_id, perimeter_id=None, value=None):
- if not value or "name" not in value or not value["name"].strip():
- raise exceptions.PerimeterContentError('invalid name')
-
- if not policy_id or (not self.get_policies(user_id=user_id, policy_id=policy_id)):
- raise exceptions.PolicyUnknown
-
- if perimeter_id:
- object_perimeter = self.driver.get_objects(policy_id=None, perimeter_id=perimeter_id)
- if not object_perimeter:
- raise exceptions.PerimeterContentError
-
- if not perimeter_id:
- object_perimeter = self.driver.get_object_by_name(value['name'])
- if len(object_perimeter):
- perimeter_id = next(iter(object_perimeter))
-
- if perimeter_id and object_perimeter[perimeter_id]['name'] != value['name']:
- raise exceptions.PerimeterContentError
-
- if not perimeter_id:
- perimeter_id = uuid4().hex
- return self.driver.set_object(policy_id=policy_id, perimeter_id=perimeter_id, value=value)
-
- @enforce(("read", "write"), "perimeter")
- def update_object(self, user_id, perimeter_id, value):
- logger.debug("update_object perimeter_id = {}".format(perimeter_id))
-
- if not perimeter_id:
- raise exceptions.ObjectUnknown
-
- objects = self.driver.get_objects(policy_id=None, perimeter_id=perimeter_id)
- if not objects or not (perimeter_id in objects):
- raise exceptions.PerimeterContentError
-
- if 'policy_list' in value or ('name' in value and not value['name']):
- raise exceptions.PerimeterContentError
-
- return self.driver.update_object(perimeter_id=perimeter_id, value=value)
-
- @enforce(("read", "write"), "perimeter")
- def delete_object(self, user_id, policy_id, perimeter_id):
-
- if not perimeter_id:
- raise exceptions.ObjectUnknown
-
- if not policy_id:
- raise exceptions.PolicyUnknown
-
- if not self.get_objects(user_id=user_id, policy_id=policy_id, perimeter_id=perimeter_id):
- raise exceptions.ObjectUnknown
-
- if not self.get_policies(user_id=user_id, policy_id=policy_id):
- raise exceptions.PolicyUnknown
-
- obj_assig = self.driver.get_object_assignments(policy_id=policy_id, object_id=perimeter_id)
- if obj_assig:
- raise exceptions.DeletePerimeterWithAssignment
-
- return self.driver.delete_object(policy_id=policy_id, perimeter_id=perimeter_id)
-
- @enforce("read", "perimeter")
- def get_actions(self, user_id, policy_id, perimeter_id=None):
- # if not policy_id:
- # pass
- if policy_id and (not self.get_policies(user_id=user_id, policy_id=policy_id)):
- raise exceptions.PolicyUnknown
- return self.driver.get_actions(policy_id=policy_id, perimeter_id=perimeter_id)
-
- @enforce(("read", "write"), "perimeter")
- def add_action(self, user_id, policy_id, perimeter_id=None, value=None):
- logger.debug("add_action {}".format(policy_id))
-
- if not value or "name" not in value or not value["name"].strip():
- raise exceptions.PerimeterContentError('invalid name')
-
- if not policy_id or (not self.get_policies(user_id=user_id, policy_id=policy_id)):
- raise exceptions.PolicyUnknown
-
- if perimeter_id:
- action_perimeter = self.driver.get_actions(policy_id=None, perimeter_id=perimeter_id)
- if not action_perimeter:
- raise exceptions.PerimeterContentError
-
- if not perimeter_id:
- action_perimeter = self.driver.get_action_by_name(value['name'])
- if len(action_perimeter):
- perimeter_id = next(iter(action_perimeter))
-
- if perimeter_id and action_perimeter[perimeter_id]['name'] != value['name']:
- raise exceptions.PerimeterContentError
-
- if not perimeter_id:
- perimeter_id = uuid4().hex
-
- return self.driver.set_action(policy_id=policy_id, perimeter_id=perimeter_id, value=value)
-
- @enforce(("read", "write"), "perimeter")
- def update_action(self, user_id, perimeter_id, value):
- logger.debug("update_action perimeter_id = {}".format(perimeter_id))
-
- if not perimeter_id:
- raise exceptions.ActionUnknown
-
- actions = self.driver.get_actions(policy_id=None, perimeter_id=perimeter_id)
- if not actions or not (perimeter_id in actions):
- raise exceptions.PerimeterContentError
-
- if 'policy_list' in value or ('name' in value and not value['name']):
- raise exceptions.PerimeterContentError
-
- return self.driver.update_action(perimeter_id=perimeter_id, value=value)
-
- @enforce(("read", "write"), "perimeter")
- def delete_action(self, user_id, policy_id, perimeter_id):
-
- if not perimeter_id:
- raise exceptions.ActionUnknown
-
- if not policy_id:
- raise exceptions.PolicyUnknown
-
- if not self.get_actions(user_id=user_id, policy_id=policy_id, perimeter_id=perimeter_id):
- raise exceptions.ActionUnknown
-
- logger.debug("delete_action {} {} {}".format(policy_id, perimeter_id,
- self.get_policies(user_id=user_id,
- policy_id=policy_id)))
- if not self.get_policies(user_id=user_id, policy_id=policy_id):
- raise exceptions.PolicyUnknown
-
- act_assig = self.driver.get_action_assignments(policy_id=policy_id, action_id=perimeter_id)
- if act_assig:
- raise exceptions.DeletePerimeterWithAssignment
- return self.driver.delete_action(policy_id=policy_id, perimeter_id=perimeter_id)
-
- @enforce("read", "data")
- def get_subject_data(self, user_id, policy_id, data_id=None, category_id=None):
- available_metadata = self.get_available_metadata(user_id, policy_id)
- results = []
- if not category_id:
- for cat in available_metadata["subject"]:
- results.append(self.driver.get_subject_data(policy_id=policy_id, data_id=data_id,
- category_id=cat))
- if category_id and category_id in available_metadata["subject"]:
- results.append(self.driver.get_subject_data(policy_id=policy_id, data_id=data_id,
- category_id=category_id))
- return results
-
- @enforce(("read", "write"), "data")
- def set_subject_data(self, user_id, policy_id, data_id=None, category_id=None, value=None):
- if not category_id or (
- not Managers.ModelManager.get_subject_categories(user_id=user_id,
- category_id=category_id)):
- raise exceptions.SubjectCategoryUnknown
-
- self.__category_dependency_validation(user_id, policy_id, category_id, 'subject_categories')
-
- if not data_id:
- data_id = uuid4().hex
- return self.driver.set_subject_data(policy_id=policy_id, data_id=data_id,
- category_id=category_id, value=value)
-
- @enforce(("read", "write"), "data")
- def delete_subject_data(self, user_id, policy_id, data_id, category_id=None):
- # TODO (asteroide): check and/or delete assignments linked to that data
- subject_assignments = self.get_subject_assignments(user_id=user_id, policy_id=policy_id,
- category_id=category_id)
- if subject_assignments:
- raise exceptions.DeleteData
- return self.driver.delete_subject_data(policy_id=policy_id, category_id=category_id,
- data_id=data_id)
-
- @enforce("read", "data")
- def get_object_data(self, user_id, policy_id, data_id=None, category_id=None):
- available_metadata = self.get_available_metadata(user_id, policy_id)
- results = []
- if not category_id:
- for cat in available_metadata["object"]:
- results.append(self.driver.get_object_data(policy_id=policy_id, data_id=data_id,
- category_id=cat))
- if category_id and category_id in available_metadata["object"]:
- results.append(self.driver.get_object_data(policy_id=policy_id, data_id=data_id,
- category_id=category_id))
- return results
-
- @enforce(("read", "write"), "data")
- def add_object_data(self, user_id, policy_id, data_id=None, category_id=None, value=None):
-
- if not category_id or (
- not Managers.ModelManager.get_object_categories(user_id=user_id,
- category_id=category_id)):
- raise exceptions.ObjectCategoryUnknown
-
- self.__category_dependency_validation(user_id, policy_id, category_id, 'object_categories')
-
- if not data_id:
- data_id = uuid4().hex
- return self.driver.set_object_data(policy_id=policy_id, data_id=data_id,
- category_id=category_id, value=value)
-
- @enforce(("read", "write"), "data")
- def delete_object_data(self, user_id, policy_id, data_id, category_id=None):
- # TODO (asteroide): check and/or delete assignments linked to that data
- object_assignments = self.get_object_assignments(user_id=user_id, policy_id=policy_id,
- category_id=category_id)
- if object_assignments:
- raise exceptions.DeleteData
- return self.driver.delete_object_data(policy_id=policy_id, category_id=category_id,
- data_id=data_id)
-
- @enforce("read", "data")
- def get_action_data(self, user_id, policy_id, data_id=None, category_id=None):
- available_metadata = self.get_available_metadata(user_id, policy_id)
- results = []
- if not category_id:
- for cat in available_metadata["action"]:
- results.append(self.driver.get_action_data(policy_id=policy_id, data_id=data_id,
- category_id=cat))
- if category_id and category_id in available_metadata["action"]:
- results.append(self.driver.get_action_data(policy_id=policy_id, data_id=data_id,
- category_id=category_id))
- return results
-
- @enforce(("read", "write"), "data")
- def add_action_data(self, user_id, policy_id, data_id=None, category_id=None, value=None):
- if not category_id or (
- not Managers.ModelManager.get_action_categories(user_id=user_id,
- category_id=category_id)):
- raise exceptions.ActionCategoryUnknown
-
- self.__category_dependency_validation(user_id, policy_id, category_id, 'action_categories')
-
- if not data_id:
- data_id = uuid4().hex
- return self.driver.set_action_data(policy_id=policy_id, data_id=data_id,
- category_id=category_id, value=value)
-
- @enforce(("read", "write"), "data")
- def delete_action_data(self, user_id, policy_id, data_id, category_id=None):
- # TODO (asteroide): check and/or delete assignments linked to that data
- action_assignments = self.get_action_assignments(user_id=user_id, policy_id=policy_id,
- category_id=category_id)
- if action_assignments:
- raise exceptions.DeleteData
- return self.driver.delete_action_data(policy_id=policy_id, category_id=category_id,
- data_id=data_id)
-
- @enforce("read", "assignments")
- def get_subject_assignments(self, user_id, policy_id, subject_id=None, category_id=None):
- return self.driver.get_subject_assignments(policy_id=policy_id, subject_id=subject_id,
- category_id=category_id)
-
- @enforce(("read", "write"), "assignments")
- def add_subject_assignment(self, user_id, policy_id, subject_id, category_id, data_id):
-
- if not category_id or (
- not Managers.ModelManager.get_subject_categories(user_id=user_id,
- category_id=category_id)):
- raise exceptions.SubjectCategoryUnknown
-
- self.__category_dependency_validation(user_id, policy_id, category_id, 'subject_categories')
-
- if not subject_id or (
- not self.get_subjects(user_id=user_id, policy_id=policy_id,
- perimeter_id=subject_id)):
- raise exceptions.SubjectUnknown
-
- if not data_id or (
- not self.get_subject_data(user_id=user_id, policy_id=policy_id, data_id=data_id,
- category_id=category_id)):
- raise exceptions.DataUnknown
-
- return self.driver.add_subject_assignment(policy_id=policy_id, subject_id=subject_id,
- category_id=category_id, data_id=data_id)
-
- @enforce(("read", "write"), "assignments")
- def delete_subject_assignment(self, user_id, policy_id, subject_id, category_id, data_id):
- return self.driver.delete_subject_assignment(policy_id=policy_id, subject_id=subject_id,
- category_id=category_id, data_id=data_id)
-
- @enforce("read", "assignments")
- def get_object_assignments(self, user_id, policy_id, object_id=None, category_id=None):
- return self.driver.get_object_assignments(policy_id=policy_id, object_id=object_id,
- category_id=category_id)
-
- @enforce(("read", "write"), "assignments")
- def add_object_assignment(self, user_id, policy_id, object_id, category_id, data_id):
-
- if not category_id or (
- not Managers.ModelManager.get_object_categories(user_id=user_id,
- category_id=category_id)):
- raise exceptions.ObjectCategoryUnknown
-
- self.__category_dependency_validation(user_id, policy_id, category_id, 'object_categories')
-
- if not object_id or (
- not self.get_objects(user_id=user_id, policy_id=policy_id, perimeter_id=object_id)):
- raise exceptions.ObjectUnknown
-
- if not data_id or (
- not self.get_object_data(user_id=user_id, policy_id=policy_id, data_id=data_id,
- category_id=category_id)):
- raise exceptions.DataUnknown
-
- return self.driver.add_object_assignment(policy_id=policy_id, object_id=object_id,
- category_id=category_id, data_id=data_id)
-
- @enforce(("read", "write"), "assignments")
- def delete_object_assignment(self, user_id, policy_id, object_id, category_id, data_id):
- return self.driver.delete_object_assignment(policy_id=policy_id, object_id=object_id,
- category_id=category_id, data_id=data_id)
-
- @enforce("read", "assignments")
- def get_action_assignments(self, user_id, policy_id, action_id=None, category_id=None):
- return self.driver.get_action_assignments(policy_id=policy_id, action_id=action_id,
- category_id=category_id)
-
- @enforce(("read", "write"), "assignments")
- def add_action_assignment(self, user_id, policy_id, action_id, category_id, data_id):
-
- if not category_id or (
- not Managers.ModelManager.get_action_categories(user_id=user_id,
- category_id=category_id)):
- raise exceptions.ActionCategoryUnknown
-
- self.__category_dependency_validation(user_id, policy_id, category_id, 'action_categories')
-
- if not action_id or (
- not self.get_actions(user_id=user_id, policy_id=policy_id, perimeter_id=action_id)):
- raise exceptions.ActionUnknown
-
- if not data_id or (
- not self.get_action_data(user_id=user_id, policy_id=policy_id, data_id=data_id,
- category_id=category_id)):
- raise exceptions.DataUnknown
-
- return self.driver.add_action_assignment(policy_id=policy_id, action_id=action_id,
- category_id=category_id, data_id=data_id)
-
- @enforce(("read", "write"), "assignments")
- def delete_action_assignment(self, user_id, policy_id, action_id, category_id, data_id):
- return self.driver.delete_action_assignment(policy_id=policy_id, action_id=action_id,
- category_id=category_id, data_id=data_id)
-
- @enforce("read", "rules")
- def get_rules(self, user_id, policy_id, meta_rule_id=None, rule_id=None):
- return self.driver.get_rules(policy_id=policy_id, meta_rule_id=meta_rule_id,
- rule_id=rule_id)
-
- @enforce(("read", "write"), "rules")
- def add_rule(self, user_id, policy_id, meta_rule_id, value):
- if not meta_rule_id or (
- not self.ModelManager.get_meta_rules(user_id=user_id, meta_rule_id=meta_rule_id)):
- raise exceptions.MetaRuleUnknown
-
- self.__check_existing_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, user_id=user_id,
- rule_value=value)
- self.__dependencies_validation(user_id, policy_id, meta_rule_id)
-
- return self.driver.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
-
- def __check_existing_rule(self, user_id, policy_id, meta_rule_id, rule_value):
-
- if not meta_rule_id:
- raise exceptions.MetaRuleUnknown
-
- meta_rule = self.ModelManager.get_meta_rules(user_id=user_id, meta_rule_id=meta_rule_id)
- if not meta_rule:
- raise exceptions.MetaRuleUnknown
-
- if len(meta_rule[meta_rule_id]['subject_categories']) + len(
- meta_rule[meta_rule_id]['object_categories']) \
- + len(meta_rule[meta_rule_id]['action_categories']) > len(rule_value['rule']):
- raise exceptions.RuleContentError(message="Missing Data")
-
- if len(meta_rule[meta_rule_id]['subject_categories']) + len(
- meta_rule[meta_rule_id]['object_categories']) \
- + len(meta_rule[meta_rule_id]['action_categories']) < len(rule_value['rule']):
- raise exceptions.MetaRuleContentError(message="Missing Data")
-
- temp_rule_data = list(
- rule_value['rule'][0:len(meta_rule[meta_rule_id]['subject_categories'])])
- found_data_counter = 0
- start_sub = len(meta_rule[meta_rule_id]['subject_categories'])
-
- for sub_cat_id in meta_rule[meta_rule_id]['subject_categories']:
- subjects_data = self.get_subject_data(user_id=user_id,
- category_id=sub_cat_id, policy_id=policy_id)
- found_data_counter = self.__validate_data_id(sub_cat_id, subjects_data[0]['data'],
- temp_rule_data,
- "Missing Subject_category "
- , found_data_counter)
-
- if found_data_counter != len(meta_rule[meta_rule_id]['subject_categories']):
- raise exceptions.RuleContentError(message="Missing Data")
-
- temp_rule_data = list(
- rule_value['rule'][
- start_sub:start_sub + len(meta_rule[meta_rule_id]['object_categories'])])
- found_data_counter = 0
- start_sub = start_sub + len(meta_rule[meta_rule_id]['object_categories'])
-
- for ob_cat_id in meta_rule[meta_rule_id]['object_categories']:
- object_data = self.get_object_data(user_id=user_id,
- category_id=ob_cat_id, policy_id=policy_id)
-
- found_data_counter = self.__validate_data_id(ob_cat_id, object_data[0]['data'],
- temp_rule_data,
- "Missing Object_category ",
- found_data_counter)
-
- if found_data_counter != len(meta_rule[meta_rule_id]['object_categories']):
- raise exceptions.RuleContentError(message="Missing Data")
-
- temp_rule_data = list(
- rule_value['rule'][
- start_sub:start_sub + len(meta_rule[meta_rule_id]['action_categories'])])
- found_data_counter = 0
-
- for act_cat_id in meta_rule[meta_rule_id]['action_categories']:
- action_data = self.get_action_data(user_id=user_id, category_id=act_cat_id,
- policy_id=policy_id)
- found_data_counter = self.__validate_data_id(act_cat_id, action_data[0]['data'],
- temp_rule_data,
- "Missing Action_category ",
- found_data_counter)
-
- if found_data_counter != len(meta_rule[meta_rule_id]['action_categories']):
- raise exceptions.RuleContentError(message="Missing Data")
-
- def __validate_data_id(self, cat_id, data_ids, temp_rule_data, error_msg, found_data_counter):
- for ID in data_ids:
- if ID in temp_rule_data:
- temp_rule_data.remove(ID)
- found_data_counter += 1
- # if no data id found in the rule, so rule not valid
- if found_data_counter < 1:
- raise exceptions.RuleContentError(message=error_msg + cat_id)
- return found_data_counter
-
- @enforce(("read", "write"), "rules")
- def delete_rule(self, user_id, policy_id, rule_id):
- return self.driver.delete_rule(policy_id=policy_id, rule_id=rule_id)
-
- @enforce("read", "meta_data")
- def get_available_metadata(self, user_id, policy_id):
- categories = {
- "subject": [],
- "object": [],
- "action": []
- }
- policy = self.driver.get_policies(policy_id=policy_id)
- if not policy:
- raise exceptions.PolicyUnknown
- model_id = policy[policy_id]["model_id"]
- model = Managers.ModelManager.get_models(user_id=user_id, model_id=model_id)
- try:
- meta_rule_list = model[model_id]["meta_rules"]
- for meta_rule_id in meta_rule_list:
- meta_rule = Managers.ModelManager.get_meta_rules(user_id=user_id,
- meta_rule_id=meta_rule_id)
- categories["subject"].extend(meta_rule[meta_rule_id]["subject_categories"])
- categories["object"].extend(meta_rule[meta_rule_id]["object_categories"])
- categories["action"].extend(meta_rule[meta_rule_id]["action_categories"])
- finally:
- return categories
-
- def __dependencies_validation(self, user_id, policy_id, meta_rule_id=None):
-
- policies = self.get_policies(user_id=user_id, policy_id=policy_id)
- if not policy_id or (not policies):
- raise exceptions.PolicyUnknown
-
- policy_content = policies[next(iter(policies))]
- model_id = policy_content['model_id']
- models = Managers.ModelManager.get_models(user_id=user_id, model_id=model_id)
- if not model_id or not models:
- raise exceptions.ModelUnknown
-
- model_content = models[next(iter(models))]
- if meta_rule_id:
- meta_rule_exists = False
-
- for model_meta_rule_id in model_content['meta_rules']:
- if model_meta_rule_id == meta_rule_id:
- meta_rule_exists = True
- break
-
- if not meta_rule_exists:
- raise exceptions.MetaRuleNotLinkedWithPolicyModel
-
- meta_rule = self.ModelManager.get_meta_rules(user_id=user_id, meta_rule_id=meta_rule_id)
- meta_rule_content = meta_rule[next(iter(meta_rule))]
- if (not meta_rule_content['subject_categories']) or (
- not meta_rule_content['object_categories']) or (
- not meta_rule_content['action_categories']):
- raise exceptions.MetaRuleContentError
- return model_content
-
- def __category_dependency_validation(self, user_id, policy_id, category_id, category_key):
- model = self.__dependencies_validation(user_id=user_id, policy_id=policy_id)
- category_found = False
- for model_meta_rule_id in model['meta_rules']:
- meta_rule = self.ModelManager.get_meta_rules(user_id=user_id,
- meta_rule_id=model_meta_rule_id)
- meta_rule_content = meta_rule[next(iter(meta_rule))]
- if meta_rule_content[category_key] and category_id in meta_rule_content[category_key]:
- category_found = True
- break
-
- if not category_found:
- raise exceptions.CategoryNotAssignedMetaRule
diff --git a/python_moondb/python_moondb/backends/__init__.py b/python_moondb/python_moondb/backends/__init__.py
deleted file mode 100644
index 6f1cd3d5..00000000
--- a/python_moondb/python_moondb/backends/__init__.py
+++ /dev/null
@@ -1,96 +0,0 @@
-"""
-intra_extensions = {
- intra_extension_id1: {
- name: xxx,
- model: yyy,
- description: zzz},
- intra_extension_id2: {...},
- ...
-}
-
-tenants = {
- tenant_id1: {
- name: xxx,
- description: yyy,
- intra_authz_extension_id: zzz,
- intra_admin_extension_id: zzz,
- },
- tenant_id2: {...},
- ...
-}
-
---------------- for each intra-extension -----------------
-
-subject_categories = {
- subject_category_id1: {
- name: xxx,
- description: yyy},
- subject_category_id2: {...},
- ...
-}
-
-subjects = {
- subject_id1: {
- name: xxx,
- description: yyy,
- ...},
- subject_id2: {...},
- ...
-}
-
-subject_scopes = {
- subject_category_id1: {
- subject_scope_id1: {
- name: xxx,
- description: aaa},
- subject_scope_id2: {
- name: yyy,
- description: bbb},
- ...},
- subject_scope_id3: {
- ...}
- subject_category_id2: {...},
- ...
-}
-
-subject_assignments = {
- subject_id1: {
- subject_category_id1: [subject_scope_id1, subject_scope_id2, ...],
- subject_category_id2: [subject_scope_id3, subject_scope_id4, ...],
- ...
- },
- subject_id2: {
- subject_category_id1: [subject_scope_id1, subject_scope_id2, ...],
- subject_category_id2: [subject_scope_id3, subject_scope_id4, ...],
- ...
- },
- ...
-}
-
-aggregation_algorithm = {
- aggregation_algorithm_id: {
- name: xxx,
- description: yyy
- }
- }
-
-sub_meta_rules = {
- sub_meta_rule_id_1: {
- "name": xxx,
- "algorithm": yyy,
- "subject_categories": [subject_category_id1, subject_category_id2,...],
- "object_categories": [object_category_id1, object_category_id2,...],
- "action_categories": [action_category_id1, action_category_id2,...]
- sub_meta_rule_id_2: {...},
- ...
-}
-
-rules = {
- sub_meta_rule_id1: {
- rule_id1: [subject_scope1, subject_scope2, ..., action_scope1, ..., object_scope1, ... ],
- rule_id2: [subject_scope3, subject_scope4, ..., action_scope3, ..., object_scope3, ... ],
- rule_id3: [thomas, write, admin.subjects]
- ...},
- sub_meta_rule_id2: { },
- ...}
-"""
diff --git a/python_moondb/python_moondb/backends/sql.py b/python_moondb/python_moondb/backends/sql.py
deleted file mode 100644
index d25586ba..00000000
--- a/python_moondb/python_moondb/backends/sql.py
+++ /dev/null
@@ -1,1884 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import copy
-import json
-from uuid import uuid4
-import sqlalchemy as sql
-import logging
-from sqlalchemy.orm import sessionmaker
-from sqlalchemy.ext.declarative import declarative_base, declared_attr
-from sqlalchemy import create_engine
-from contextlib import contextmanager
-from sqlalchemy import types as sql_types
-from python_moonutilities import configuration
-from python_moonutilities import exceptions
-from python_moondb.core import PDPDriver, PolicyDriver, ModelDriver
-import sqlalchemy
-
-logger = logging.getLogger("moon.db.driver.sql")
-Base = declarative_base()
-DEBUG = True if configuration.get_configuration("logging")['logging']['loggers']['moon'][
- 'level'] == "DEBUG" else False
-
-
-class DictBase:
- attributes = []
-
- @classmethod
- def from_dict(cls, d):
- new_d = d.copy()
- return cls(**new_d)
- # new_d = d.copy()
- #
- # new_d['extra'] = {k: new_d.pop(k) for k in six.iterkeys(d)
- # if k not in cls.attributes and k != 'extra'}
- #
- # return cls(**new_d)
-
- def to_dict(self):
- d = dict()
- for attr in self.__class__.attributes:
- d[attr] = getattr(self, attr)
- return d
-
- def __getitem__(self, key):
- # if "extra" in dir(self) and key in self.extra:
- # return self.extra[key]
- return getattr(self, key)
-
-
-class JsonBlob(sql_types.TypeDecorator):
- impl = sql.Text
-
- def process_bind_param(self, value, dialect):
- return json.dumps(value)
-
- def process_result_value(self, value, dialect):
- return json.loads(value)
-
-
-class Model(Base, DictBase):
- __tablename__ = 'models'
- attributes = ['id', 'name', 'value']
- id = sql.Column(sql.String(64), primary_key=True)
- name = sql.Column(sql.String(256), nullable=False)
- value = sql.Column(JsonBlob(), nullable=True)
-
- def to_dict(self):
- return {
- "name": self.name,
- "description": self.value.get("description", ""),
- "meta_rules": self.value.get("meta_rules", list()),
- }
-
-
-class Policy(Base, DictBase):
- __tablename__ = 'policies'
- attributes = ['id', 'name', 'model_id', 'value']
- id = sql.Column(sql.String(64), primary_key=True)
- name = sql.Column(sql.String(256), nullable=False)
- model_id = sql.Column(sql.String(64), nullable=True, default="")
- value = sql.Column(JsonBlob(), nullable=True)
-
- def to_dict(self):
- return {
- "description": self.value.get("description", ""),
- "genre": self.value.get("genre", ""),
- "model_id": self.model_id,
- "name": self.name
- }
-
-
-class PDP(Base, DictBase):
- __tablename__ = 'pdp'
- attributes = ['id', 'name', 'keystone_project_id', 'value']
- id = sql.Column(sql.String(64), primary_key=True)
- name = sql.Column(sql.String(256), nullable=False)
- keystone_project_id = sql.Column(sql.String(64), nullable=True, default="")
- value = sql.Column(JsonBlob(), nullable=True)
-
- def to_dict(self):
- return {
- "name": self.name,
- "description": self.value.get("description", ""),
- "keystone_project_id": self.keystone_project_id,
- "security_pipeline": self.value.get("security_pipeline", []),
- }
-
-
-class PerimeterCategoryBase(DictBase):
- attributes = ['id', 'name', 'description']
- id = sql.Column(sql.String(64), primary_key=True)
- name = sql.Column(sql.String(256), nullable=False)
- description = sql.Column(sql.String(256), nullable=True)
-
-
-class SubjectCategory(Base, PerimeterCategoryBase):
- __tablename__ = 'subject_categories'
-
-
-class ObjectCategory(Base, PerimeterCategoryBase):
- __tablename__ = 'object_categories'
-
-
-class ActionCategory(Base, PerimeterCategoryBase):
- __tablename__ = 'action_categories'
-
-
-class PerimeterBase(DictBase):
- attributes = ['id', 'name', 'value']
- id = sql.Column(sql.String(64), primary_key=True)
- name = sql.Column(sql.String(256), nullable=False)
- value = sql.Column(JsonBlob(), nullable=True)
- __mapper_args__ = {'concrete': True}
-
- def __repr__(self):
- return "{} with name {} : {}".format(self.id, self.name, json.dumps(self.value))
-
- def to_return(self):
- return {
- 'id': self.id,
- 'name': self.name,
- 'description': self.value.get("description", ""),
- 'email': self.value.get("email", ""),
- 'extra': self.value.get("extra", dict()),
- 'policy_list': self.value.get("policy_list", [])
- }
-
- def to_dict(self):
- dict_value = copy.deepcopy(self.value)
- dict_value["name"] = self.name
- return {
- 'id': self.id,
- 'value': dict_value
- }
-
-
-class Subject(Base, PerimeterBase):
- __tablename__ = 'subjects'
-
-
-class Object(Base, PerimeterBase):
- __tablename__ = 'objects'
-
-
-class Action(Base, PerimeterBase):
- __tablename__ = 'actions'
-
-
-class PerimeterDataBase(DictBase):
- attributes = ['id', 'name', 'value', 'category_id', 'policy_id']
- id = sql.Column(sql.String(64), primary_key=True)
- name = sql.Column(sql.String(256), nullable=False)
- value = sql.Column(JsonBlob(), nullable=True)
-
- @declared_attr
- def policy_id(cls):
- return sql.Column(sql.ForeignKey("policies.id"), nullable=False)
-
- def to_dict(self):
- return {
- 'id': self.id,
- 'name': self.name,
- 'description': self.value.get("description", ""),
- 'category_id': self.category_id,
- 'policy_id': self.policy_id
- }
-
-
-class SubjectData(Base, PerimeterDataBase):
- __tablename__ = 'subject_data'
- category_id = sql.Column(sql.ForeignKey("subject_categories.id"), nullable=False)
-
-
-class ObjectData(Base, PerimeterDataBase):
- __tablename__ = 'object_data'
- category_id = sql.Column(sql.ForeignKey("object_categories.id"), nullable=False)
-
-
-class ActionData(Base, PerimeterDataBase):
- __tablename__ = 'action_data'
- category_id = sql.Column(sql.ForeignKey("action_categories.id"), nullable=False)
-
-
-class PerimeterAssignmentBase(DictBase):
- attributes = ['id', 'assignments', 'policy_id', 'subject_id', 'category_id']
- id = sql.Column(sql.String(64), primary_key=True)
- assignments = sql.Column(JsonBlob(), nullable=True)
- category_id = None
-
- @declared_attr
- def policy_id(cls):
- return sql.Column(sql.ForeignKey("policies.id"), nullable=False)
-
- def _to_dict(self, element_key, element_value):
- return {
- "id": self.id,
- "policy_id": self.policy_id,
- element_key: element_value,
- "category_id": self.category_id,
- "assignments": self.assignments,
- }
-
-
-class SubjectAssignment(Base, PerimeterAssignmentBase):
- __tablename__ = 'subject_assignments'
- subject_id = sql.Column(sql.ForeignKey("subjects.id"), nullable=False)
- category_id = sql.Column(sql.ForeignKey("subject_categories.id"), nullable=False)
-
- def to_dict(self):
- return self._to_dict("subject_id", self.subject_id)
-
-
-class ObjectAssignment(Base, PerimeterAssignmentBase):
- __tablename__ = 'object_assignments'
- attributes = ['id', 'assignments', 'policy_id', 'object_id', 'category_id']
- object_id = sql.Column(sql.ForeignKey("objects.id"), nullable=False)
- category_id = sql.Column(sql.ForeignKey("object_categories.id"), nullable=False)
-
- def to_dict(self):
- return self._to_dict("object_id", self.object_id)
-
-
-class ActionAssignment(Base, PerimeterAssignmentBase):
- __tablename__ = 'action_assignments'
- attributes = ['id', 'assignments', 'policy_id', 'action_id', 'category_id']
- action_id = sql.Column(sql.ForeignKey("actions.id"), nullable=False)
- category_id = sql.Column(sql.ForeignKey("action_categories.id"), nullable=False)
-
- def to_dict(self):
- return self._to_dict("action_id", self.action_id)
-
-
-class MetaRule(Base, DictBase):
- __tablename__ = 'meta_rules'
- attributes = ['id', 'name', 'subject_categories', 'object_categories', 'action_categories',
- 'value']
- id = sql.Column(sql.String(64), primary_key=True)
- name = sql.Column(sql.String(256), nullable=False)
- subject_categories = sql.Column(JsonBlob(), nullable=True)
- object_categories = sql.Column(JsonBlob(), nullable=True)
- action_categories = sql.Column(JsonBlob(), nullable=True)
- value = sql.Column(JsonBlob(), nullable=True)
-
- def to_dict(self):
- return {
- "name": self.name,
- "description": self.value.get("description", ""),
- "subject_categories": self.subject_categories,
- "object_categories": self.object_categories,
- "action_categories": self.action_categories,
- }
-
-
-class Rule(Base, DictBase):
- __tablename__ = 'rules'
- attributes = ['id', 'rule', 'policy_id', 'meta_rule_id']
- id = sql.Column(sql.String(64), primary_key=True)
- rule = sql.Column(JsonBlob(), nullable=True)
- policy_id = sql.Column(sql.ForeignKey("policies.id"), nullable=False)
- meta_rule_id = sql.Column(sql.ForeignKey("meta_rules.id"), nullable=False)
-
- def to_dict(self):
- return {
- 'id': self.id,
- 'rule': self.rule["rule"],
- 'instructions': self.rule["instructions"],
- 'enabled': self.rule["enabled"],
- 'policy_id': self.policy_id,
- 'meta_rule_id': self.meta_rule_id
- }
-
- def __repr__(self):
- return "{}".format(self.rule)
-
-
-@contextmanager
-def session_scope(engine):
- """Provide a transactional scope around a series of operations."""
- if type(engine) is str:
- echo = DEBUG
- engine = create_engine(engine, echo=echo)
- session = sessionmaker(bind=engine)()
- try:
- yield session
- session.commit()
- except:
- session.rollback()
- raise
- finally:
- session.close()
-
-
-class BaseConnector(object):
- """Provide a base connector to connect them all"""
- engine = ""
-
- def __init__(self, engine_name):
- echo = DEBUG
- self.engine = create_engine(engine_name, echo=echo)
-
- def init_db(self):
- Base.metadata.create_all(self.engine)
-
- def set_engine(self, engine_name):
- self.engine = engine_name
-
- def get_session(self):
- return session_scope(self.engine)
-
- def get_session_for_read(self):
- return self.get_session()
-
- def get_session_for_write(self):
- return self.get_session()
-
-
-class PDPConnector(BaseConnector, PDPDriver):
-
- def update_pdp(self, pdp_id, value):
- try:
- with self.get_session_for_write() as session:
- query = session.query(PDP)
- query = query.filter_by(id=pdp_id)
- ref = query.first()
- if ref:
- value_wo_name = copy.deepcopy(value)
- value_wo_name.pop("name", None)
- value_wo_name.pop("keystone_project_id", None)
- ref.name = value["name"]
- ref.keystone_project_id = value["keystone_project_id"]
- d = dict(ref.value)
- d.update(value_wo_name)
- setattr(ref, "value", d)
- return {ref.id: ref.to_dict()}
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.PdpExisting
- raise error
-
- def delete_pdp(self, pdp_id):
- with self.get_session_for_write() as session:
- ref = session.query(PDP).get(pdp_id)
- session.delete(ref)
-
- def add_pdp(self, pdp_id=None, value=None):
- try:
- with self.get_session_for_write() as session:
- value_wo_name = copy.deepcopy(value)
- value_wo_name.pop("name", None)
- value_wo_name.pop("keystone_project_id", None)
- new = PDP.from_dict({
- "id": pdp_id if pdp_id else uuid4().hex,
- "name": value["name"],
- "keystone_project_id": value["keystone_project_id"],
- "value": value_wo_name
- })
- session.add(new)
- return {new.id: new.to_dict()}
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.PdpExisting
- raise error
-
- def get_pdp(self, pdp_id=None):
- with self.get_session_for_read() as session:
- query = session.query(PDP)
- if pdp_id:
- query = query.filter_by(id=pdp_id)
- ref_list = query.all()
- return {_ref.id: _ref.to_dict() for _ref in ref_list}
-
-
-class PolicyConnector(BaseConnector, PolicyDriver):
-
- def update_policy(self, policy_id, value):
- try:
- with self.get_session_for_write() as session:
- query = session.query(Policy)
- query = query.filter_by(id=policy_id)
- ref = query.first()
-
- if ref:
- value_wo_other_info = copy.deepcopy(value)
- value_wo_other_info.pop("name", None)
- value_wo_other_info.pop("model_id", None)
- ref.name = value["name"]
- ref.model_id = value["model_id"]
- d = dict(ref.value)
- d.update(value_wo_other_info)
- setattr(ref, "value", d)
- return {ref.id: ref.to_dict()}
-
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.PolicyExisting
- raise error
-
- def delete_policy(self, policy_id):
- with self.get_session_for_write() as session:
- ref = session.query(Policy).get(policy_id)
- session.delete(ref)
-
- def add_policy(self, policy_id=None, value=None):
- try:
- with self.get_session_for_write() as session:
- value_wo_other_info = copy.deepcopy(value)
- value_wo_other_info.pop("name", None)
- value_wo_other_info.pop("model_id", None)
- new = Policy.from_dict({
- "id": policy_id if policy_id else uuid4().hex,
- "name": value["name"],
- "model_id": value.get("model_id", ""),
- "value": value_wo_other_info
- })
- session.add(new)
- return {new.id: new.to_dict()}
-
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.PolicyExisting
- raise error
-
- def get_policies(self, policy_id=None, policy_name=None):
- with self.get_session_for_read() as session:
- query = session.query(Policy)
- if policy_id:
- query = query.filter_by(id=policy_id)
- elif policy_name:
- query = query.filter_by(name=policy_name)
-
- ref_list = query.all()
- return {_ref.id: _ref.to_dict() for _ref in ref_list}
-
- def __get_perimeters(self, ClassType, policy_id, perimeter_id=None):
- # if not policy_id:
- # raise exceptions.PolicyUnknown
-
- with self.get_session_for_read() as session:
- query = session.query(ClassType)
-
- if perimeter_id:
- query = query.filter_by(id=perimeter_id)
-
- ref_list = copy.deepcopy(query.all())
-
- if policy_id:
- results = []
- for _ref in ref_list:
- _ref_value = _ref.to_return()
- if policy_id in _ref_value["policy_list"]:
- results.append(_ref)
- return {_ref.id: _ref.to_return() for _ref in results}
- return {_ref.id: _ref.to_return() for _ref in ref_list}
-
- def __get_perimeter_by_name(self, ClassType, perimeter_name):
- # if not policy_id:
- # raise exceptions.PolicyUnknown
- with self.get_session_for_read() as session:
- query = session.query(ClassType)
- if not perimeter_name or not perimeter_name.strip():
- raise exceptions.PerimeterContentError('invalid name')
- query = query.filter_by(name=perimeter_name)
- ref_list = copy.deepcopy(query.all())
- return {_ref.id: _ref.to_return() for _ref in ref_list}
-
- def __update_perimeter(self, class_type, class_type_exception, perimeter_id, value):
- if not perimeter_id:
- return exceptions.PerimeterContentError
- with self.get_session_for_write() as session:
- query = session.query(class_type)
- query = query.filter_by(id=perimeter_id)
- _perimeter = query.first()
- if not _perimeter:
- raise class_type_exception
- temp_perimeter = copy.deepcopy(_perimeter.to_dict())
- if 'name' in value:
- temp_perimeter['value']['name'] = value['name']
- if 'description' in value:
- temp_perimeter['value']['description'] = value['description']
- if 'extra' in value:
- temp_perimeter['value']['extra'] = value['extra']
- name = temp_perimeter['value']['name']
- temp_perimeter['value'].pop("name", None)
- new_perimeter = class_type.from_dict({
- "id": temp_perimeter["id"],
- "name": name,
- "value": temp_perimeter["value"]
- })
- _perimeter.value = new_perimeter.value
- _perimeter.name = new_perimeter.name
- return {_perimeter.id: _perimeter.to_return()}
-
- def __set_perimeter(self, ClassType, ClassTypeException, policy_id, perimeter_id=None,
- value=None):
- if not value or "name" not in value or not value["name"].strip():
- raise exceptions.PerimeterContentError('invalid name')
- with self.get_session_for_write() as session:
- _perimeter = None
- if perimeter_id:
- query = session.query(ClassType)
- query = query.filter_by(id=perimeter_id)
- _perimeter = query.first()
- if not perimeter_id and not _perimeter:
- query = session.query(ClassType)
- query = query.filter_by(name=value['name'])
- _perimeter = query.first()
- if _perimeter:
- raise ClassTypeException
- if not _perimeter:
- if "policy_list" not in value or type(value["policy_list"]) is not list:
- value["policy_list"] = []
- if policy_id and policy_id not in value["policy_list"]:
- value["policy_list"] = [policy_id, ]
-
- value_wo_name = copy.deepcopy(value)
- value_wo_name.pop("name", None)
- new = ClassType.from_dict({
- "id": perimeter_id if perimeter_id else uuid4().hex,
- "name": value["name"],
- "value": value_wo_name
- })
- session.add(new)
- return {new.id: new.to_return()}
- else:
- _value = copy.deepcopy(_perimeter.to_dict())
- if "policy_list" not in _value["value"] or type(
- _value["value"]["policy_list"]) is not list:
- _value["value"]["policy_list"] = []
- if policy_id and policy_id not in _value["value"]["policy_list"]:
- _value["value"]["policy_list"].append(policy_id)
- else:
- if policy_id:
- raise exceptions.PolicyExisting
- raise exceptions.PerimeterContentError
-
- _value["value"].update(value)
-
- name = _value["value"]["name"]
- _value["value"].pop("name")
- new_perimeter = ClassType.from_dict({
- "id": _value["id"],
- "name": name,
- "value": _value["value"]
- })
- _perimeter.value = new_perimeter.value
- _perimeter.name = new_perimeter.name
- return {_perimeter.id: _perimeter.to_return()}
-
- def __delete_perimeter(self, ClassType, ClassUnknownException, policy_id, perimeter_id):
- with self.get_session_for_write() as session:
- query = session.query(ClassType)
- query = query.filter_by(id=perimeter_id)
- _perimeter = query.first()
- if not _perimeter:
- raise ClassUnknownException
- old_perimeter = copy.deepcopy(_perimeter.to_dict())
- try:
- old_perimeter["value"]["policy_list"].remove(policy_id)
- new_perimeter = ClassType.from_dict(old_perimeter)
- if not new_perimeter.value["policy_list"]:
- session.delete(_perimeter)
- else:
- setattr(_perimeter, "value", getattr(new_perimeter, "value"))
- except ValueError:
- if not _perimeter.value["policy_list"]:
- session.delete(_perimeter)
-
- def get_subjects(self, policy_id, perimeter_id=None):
- return self.__get_perimeters(Subject, policy_id, perimeter_id)
-
- def get_subject_by_name(self, perimeter_name):
- return self.__get_perimeter_by_name(Subject, perimeter_name)
-
- def set_subject(self, policy_id, perimeter_id=None, value=None):
- try:
- return self.__set_perimeter(Subject, exceptions.SubjectExisting, policy_id,
- perimeter_id=perimeter_id, value=value)
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.SubjectExisting
- raise error
-
- def update_subject(self, perimeter_id, value):
- try:
- return self.__update_perimeter(Subject, exceptions.SubjectExisting, perimeter_id, value)
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.SubjectExisting
- raise error
-
- def delete_subject(self, policy_id, perimeter_id):
- self.__delete_perimeter(Subject, exceptions.SubjectUnknown, policy_id, perimeter_id)
-
- def get_objects(self, policy_id, perimeter_id=None):
- return self.__get_perimeters(Object, policy_id, perimeter_id)
-
- def get_object_by_name(self, perimeter_name):
- return self.__get_perimeter_by_name(Object, perimeter_name)
-
- def set_object(self, policy_id, perimeter_id=None, value=None):
- try:
- return self.__set_perimeter(Object, exceptions.ObjectExisting, policy_id,
- perimeter_id=perimeter_id, value=value)
- except sqlalchemy.exc.IntegrityError as error:
- logger.exception("IntegrityError {}".format(error))
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ObjectExisting
- raise error
-
- def update_object(self, perimeter_id, value):
- try:
- return self.__update_perimeter(Object, exceptions.ObjectExisting, perimeter_id, value)
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ObjectExisting
- raise error
-
- def delete_object(self, policy_id, perimeter_id):
- self.__delete_perimeter(Object, exceptions.ObjectUnknown, policy_id, perimeter_id)
-
- def get_actions(self, policy_id, perimeter_id=None):
- return self.__get_perimeters(Action, policy_id, perimeter_id)
-
- def get_action_by_name(self, perimeter_name):
- return self.__get_perimeter_by_name(Action, perimeter_name)
-
- def set_action(self, policy_id, perimeter_id=None, value=None):
- try:
- return self.__set_perimeter(Action, exceptions.ActionExisting, policy_id,
- perimeter_id=perimeter_id, value=value)
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ActionExisting
- raise error
-
- def update_action(self, perimeter_id, value):
- try:
- return self.__update_perimeter(Action, exceptions.ActionExisting, perimeter_id, value)
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ActionExisting
- raise error
-
- def delete_action(self, policy_id, perimeter_id):
- self.__delete_perimeter(Action, exceptions.ActionUnknown, policy_id, perimeter_id)
-
- def __is_data_exist(self, ClassType, category_id=None):
-
- with self.get_session_for_read() as session:
- query = session.query(ClassType)
- query = query.filter_by(category_id=category_id)
- ref_list = query.all()
- if ref_list:
- return True
- return False
-
- def __get_data(self, ClassType, policy_id, data_id=None, category_id=None):
- with self.get_session_for_read() as session:
- query = session.query(ClassType)
- if policy_id and data_id and category_id:
- query = query.filter_by(policy_id=policy_id, id=data_id, category_id=category_id)
- elif policy_id and category_id:
- query = query.filter_by(policy_id=policy_id, category_id=category_id)
- elif category_id:
- query = query.filter_by(category_id=category_id)
- elif policy_id:
- query = query.filter_by(policy_id=policy_id)
- else:
- raise exceptions.PolicyUnknown
-
- ref_list = query.all()
- return {
- "policy_id": policy_id,
- "category_id": category_id,
- "data": {_ref.id: _ref.to_dict() for _ref in ref_list}
- }
-
- def __set_data(self, ClassType, ClassTypeData, policy_id, data_id=None, category_id=None,
- value=None):
- with self.get_session_for_write() as session:
- query = session.query(ClassTypeData)
- query = query.filter_by(policy_id=policy_id, id=data_id, category_id=category_id)
- ref = query.first()
- if not ref:
- value_wo_name = copy.deepcopy(value)
- value_wo_name.pop("name", None)
- new_ref = ClassTypeData.from_dict(
- {
- "id": data_id if data_id else uuid4().hex,
- 'name': value["name"],
- 'value': value_wo_name,
- 'category_id': category_id,
- 'policy_id': policy_id,
- }
- )
- session.add(new_ref)
- ref = new_ref
- else:
- for attr in ClassType.attributes:
- if attr != 'id':
- setattr(ref, attr, getattr(ref, attr))
- # session.flush()
- return {
- "policy_id": policy_id,
- "category_id": category_id,
- "data": {ref.id: ref.to_dict()}
- }
-
- def __delete_data(self, ClassType, policy_id, category_id, data_id):
-
- if not data_id:
- raise exceptions.DataUnknown
- with self.get_session_for_write() as session:
- query = session.query(ClassType)
- if category_id:
- query = query.filter_by(policy_id=policy_id, category_id=category_id, id=data_id)
- else:
- query = query.filter_by(policy_id=policy_id, id=data_id)
- ref = query.first()
- if ref:
- session.delete(ref)
-
- def is_subject_data_exist(self, category_id=None):
- return self.__is_data_exist(SubjectData, category_id=category_id)
-
- def get_subject_data(self, policy_id, data_id=None, category_id=None):
- return self.__get_data(SubjectData, policy_id, data_id=data_id, category_id=category_id)
-
- def set_subject_data(self, policy_id, data_id=None, category_id=None, value=None):
- try:
- return self.__set_data(Subject, SubjectData, policy_id, data_id=data_id,
- category_id=category_id, value=value)
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.SubjectScopeExisting
- raise error
-
- def delete_subject_data(self, policy_id, category_id, data_id):
- return self.__delete_data(SubjectData, policy_id, category_id, data_id)
-
- def is_object_data_exist(self, category_id=None):
- return self.__is_data_exist(ObjectData, category_id=category_id)
-
- def get_object_data(self, policy_id, data_id=None, category_id=None):
- return self.__get_data(ObjectData, policy_id, data_id=data_id, category_id=category_id)
-
- def set_object_data(self, policy_id, data_id=None, category_id=None, value=None):
- try:
- return self.__set_data(Object, ObjectData, policy_id, data_id=data_id,
- category_id=category_id, value=value)
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ObjectScopeExisting
- raise error
-
- def delete_object_data(self, policy_id, category_id, data_id):
- return self.__delete_data(ObjectData, policy_id, category_id, data_id)
-
- def is_action_data_exist(self, category_id=None):
- return self.__is_data_exist(ActionData, category_id=category_id)
-
- def get_action_data(self, policy_id, data_id=None, category_id=None):
- return self.__get_data(ActionData, policy_id, data_id=data_id, category_id=category_id)
-
- def set_action_data(self, policy_id, data_id=None, category_id=None, value=None):
- try:
- return self.__set_data(Action, ActionData, policy_id, data_id=data_id,
- category_id=category_id, value=value)
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ActionScopeExisting
- raise error
-
- def delete_action_data(self, policy_id, category_id, data_id):
- return self.__delete_data(ActionData, policy_id, category_id, data_id)
-
- def get_subject_assignments(self, policy_id, subject_id=None, category_id=None):
- with self.get_session_for_write() as session:
- query = session.query(SubjectAssignment)
- if subject_id and category_id:
- # TODO change the subject_id to perimeter_id to allow code refactoring
- query = query.filter_by(policy_id=policy_id, subject_id=subject_id,
- category_id=category_id)
- elif subject_id:
- query = query.filter_by(policy_id=policy_id, subject_id=subject_id)
- else:
- query = query.filter_by(policy_id=policy_id)
- ref_list = query.all()
- return {_ref.id: _ref.to_dict() for _ref in ref_list}
-
- def add_subject_assignment(self, policy_id, subject_id, category_id, data_id):
- with self.get_session_for_write() as session:
- query = session.query(SubjectAssignment)
- query = query.filter_by(policy_id=policy_id, subject_id=subject_id,
- category_id=category_id)
- ref = query.first()
- if ref:
- old_ref = copy.deepcopy(ref.to_dict())
- assignments = old_ref["assignments"]
- if data_id not in assignments:
- assignments.append(data_id)
- setattr(ref, "assignments", assignments)
- else:
- raise exceptions.SubjectAssignmentExisting
- else:
- ref = SubjectAssignment.from_dict(
- {
- "id": uuid4().hex,
- "policy_id": policy_id,
- "subject_id": subject_id,
- "category_id": category_id,
- "assignments": [data_id, ],
- }
- )
- session.add(ref)
- return {ref.id: ref.to_dict()}
-
- def is_subject_category_has_assignment(self, category_id):
- return self.__is_category_has_assignment(SubjectAssignment, category_id)
-
- def is_object_category_has_assignment(self, category_id):
- return self.__is_category_has_assignment(ObjectAssignment, category_id)
-
- def is_action_category_has_assignment(self, category_id):
- return self.__is_category_has_assignment(ActionAssignment, category_id)
-
- def __is_category_has_assignment(self, ClassType, category_id):
- with self.get_session_for_write() as session:
- query = session.query(ClassType)
- query = query.filter_by(category_id=category_id)
- count = query.count()
- return count > 0
-
- def delete_subject_assignment(self, policy_id, subject_id, category_id, data_id):
- with self.get_session_for_write() as session:
- query = session.query(SubjectAssignment)
- query = query.filter_by(policy_id=policy_id, subject_id=subject_id,
- category_id=category_id)
- ref = query.first()
- if ref:
- old_ref = copy.deepcopy(ref.to_dict())
- assignments = old_ref["assignments"]
- # TODO (asteroide): if data_id is None, delete all
- if data_id in assignments:
- assignments.remove(data_id)
- # FIXME (asteroide): the setattr doesn't work here ; the assignments is not updated in the database
- setattr(ref, "assignments", assignments)
- if not assignments:
- session.delete(ref)
-
- def get_object_assignments(self, policy_id, object_id=None, category_id=None):
- with self.get_session_for_write() as session:
- query = session.query(ObjectAssignment)
- if object_id and category_id:
- # TODO change the object_id to perimeter_id to allow code refactoring
- query = query.filter_by(policy_id=policy_id, object_id=object_id,
- category_id=category_id)
- elif object_id:
- query = query.filter_by(policy_id=policy_id, object_id=object_id)
- else:
- query = query.filter_by(policy_id=policy_id)
- ref_list = query.all()
- return {_ref.id: _ref.to_dict() for _ref in ref_list}
-
- def add_object_assignment(self, policy_id, object_id, category_id, data_id):
- with self.get_session_for_write() as session:
- query = session.query(ObjectAssignment)
- query = query.filter_by(policy_id=policy_id, object_id=object_id,
- category_id=category_id)
- ref = query.first()
- if ref:
- old_ref = copy.deepcopy(ref.to_dict())
- assignments = old_ref["assignments"]
- if data_id not in assignments:
- assignments.append(data_id)
- setattr(ref, "assignments", assignments)
- else:
- raise exceptions.ObjectAssignmentExisting
- else:
- ref = ObjectAssignment.from_dict(
- {
- "id": uuid4().hex,
- "policy_id": policy_id,
- "object_id": object_id,
- "category_id": category_id,
- "assignments": [data_id, ],
- }
- )
- session.add(ref)
- return {ref.id: ref.to_dict()}
-
- def delete_object_assignment(self, policy_id, object_id, category_id, data_id):
- with self.get_session_for_write() as session:
- query = session.query(ObjectAssignment)
- query = query.filter_by(policy_id=policy_id, object_id=object_id,
- category_id=category_id)
- ref = query.first()
- if ref:
- old_ref = copy.deepcopy(ref.to_dict())
- assignments = old_ref["assignments"]
- # TODO (asteroide): if data_id is None, delete all
- if data_id in assignments:
- assignments.remove(data_id)
- # FIXME (asteroide): the setattr doesn't work here ; the assignments is not updated in the database
- setattr(ref, "assignments", assignments)
- if not assignments:
- session.delete(ref)
-
- def get_action_assignments(self, policy_id, action_id=None, category_id=None):
- with self.get_session_for_write() as session:
- if not policy_id:
- return exceptions.PolicyUnknown
- query = session.query(ActionAssignment)
- if action_id and category_id:
- # TODO change the action_id to perimeter_id to allow code refactoring
- query = query.filter_by(policy_id=policy_id, action_id=action_id,
- category_id=category_id)
- elif action_id:
- query = query.filter_by(policy_id=policy_id, action_id=action_id)
- elif category_id:
- query = query.filter_by(policy_id=policy_id, category_id=category_id)
- else:
- query = query.filter_by(policy_id=policy_id)
- ref_list = query.all()
- return {_ref.id: _ref.to_dict() for _ref in ref_list}
-
- def add_action_assignment(self, policy_id, action_id, category_id, data_id):
- with self.get_session_for_write() as session:
- query = session.query(ActionAssignment)
- query = query.filter_by(policy_id=policy_id, action_id=action_id,
- category_id=category_id)
- ref = query.first()
- if ref:
- old_ref = copy.deepcopy(ref.to_dict())
- assignments = old_ref["assignments"]
- if data_id not in assignments:
- assignments.append(data_id)
- setattr(ref, "assignments", assignments)
- else:
- raise exceptions.ActionAssignmentExisting
- else:
- ref = ActionAssignment.from_dict(
- {
- "id": uuid4().hex,
- "policy_id": policy_id,
- "action_id": action_id,
- "category_id": category_id,
- "assignments": [data_id, ],
- }
- )
- session.add(ref)
- return {ref.id: ref.to_dict()}
-
- def delete_action_assignment(self, policy_id, action_id, category_id, data_id):
- with self.get_session_for_write() as session:
- query = session.query(ActionAssignment)
- query = query.filter_by(policy_id=policy_id, action_id=action_id,
- category_id=category_id)
- ref = query.first()
- if ref:
- old_ref = copy.deepcopy(ref.to_dict())
- assignments = old_ref["assignments"]
- # TODO (asteroide): if data_id is None, delete all
- if data_id in assignments:
- assignments.remove(data_id)
- # FIXME (asteroide): the setattr doesn't work here ; the assignments is not updated in the database
- setattr(ref, "assignments", assignments)
- if not assignments:
- session.delete(ref)
-
- def get_rules(self, policy_id, rule_id=None, meta_rule_id=None):
- with self.get_session_for_read() as session:
- query = session.query(Rule)
- if rule_id:
- query = query.filter_by(policy_id=policy_id, rule_id=rule_id)
- ref = query.first()
- return {ref.id: ref.to_dict()}
- elif meta_rule_id and policy_id:
- query = query.filter_by(policy_id=policy_id, meta_rule_id=meta_rule_id)
- ref_list = query.all()
- return {
- "meta_rule_id": meta_rule_id,
- "policy_id": policy_id,
- "rules": list(map(lambda x: x.to_dict(), ref_list))
- }
- else:
- query = query.filter_by(policy_id=policy_id)
- ref_list = query.all()
- return {
- "policy_id": policy_id,
- "rules": list(map(lambda x: x.to_dict(), ref_list))
- }
-
- def is_meta_rule_has_rules(self, meta_rule_id):
- with self.get_session_for_read() as session:
- query = session.query(Rule)
-
- query = query.filter_by(meta_rule_id=meta_rule_id)
- count = query.count()
- return count > 0
-
- def add_rule(self, policy_id, meta_rule_id, value):
- try:
- rules = self.get_rules(policy_id, meta_rule_id=meta_rule_id)
- for _rule in map(lambda x: x["rule"], rules["rules"]):
- if list(value.get('rule')) == list(_rule):
- raise exceptions.RuleExisting
- with self.get_session_for_write() as session:
- ref = Rule.from_dict(
- {
- "id": uuid4().hex,
- "policy_id": policy_id,
- "meta_rule_id": meta_rule_id,
- "rule": value
- }
- )
- session.add(ref)
- return {ref.id: ref.to_dict()}
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.RuleExisting
- raise error
-
- def delete_rule(self, policy_id, rule_id):
- with self.get_session_for_write() as session:
- query = session.query(Rule)
- query = query.filter_by(policy_id=policy_id, id=rule_id)
- ref = query.first()
- if ref:
- session.delete(ref)
-
-
-class ModelConnector(BaseConnector, ModelDriver):
-
- def update_model(self, model_id, value):
- try:
- with self.get_session_for_write() as session:
- query = session.query(Model)
- if model_id:
- query = query.filter_by(id=model_id)
- ref = query.first()
- if ref:
- value_wo_name = copy.deepcopy(value)
- value_wo_name.pop("name", None)
- setattr(ref, "name", value["name"])
- d = dict(ref.value)
- d.update(value_wo_name)
- setattr(ref, "value", d)
- return {ref.id: ref.to_dict()}
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ModelExisting
- raise error
-
- def delete_model(self, model_id):
- with self.get_session_for_write() as session:
- ref = session.query(Model).get(model_id)
- session.delete(ref)
-
- def add_model(self, model_id=None, value=None):
- try:
- with self.get_session_for_write() as session:
- value_wo_name = copy.deepcopy(value)
- value_wo_name.pop("name", None)
- new = Model.from_dict({
- "id": model_id if model_id else uuid4().hex,
- "name": value["name"],
- "value": value_wo_name
- })
- session.add(new)
- return {new.id: new.to_dict()}
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ModelExisting
-
- def get_models(self, model_id=None):
- with self.get_session_for_read() as session:
- query = session.query(Model)
- if model_id:
- ref_list = query.filter(Model.id == model_id)
- else:
- ref_list = query.all()
-
- r = {_ref.id: _ref.to_dict() for _ref in ref_list}
- return r
-
- def set_meta_rule(self, meta_rule_id, value):
- try:
- with self.get_session_for_write() as session:
- value_wo_other_data = copy.deepcopy(value)
- value_wo_other_data.pop("name", None)
- value_wo_other_data.pop("subject_categories", None)
- value_wo_other_data.pop("object_categories", None)
- value_wo_other_data.pop("action_categories", None)
- if meta_rule_id is None:
- try:
- ref = MetaRule.from_dict(
- {
- "id": uuid4().hex,
- "name": value["name"],
- "subject_categories": value["subject_categories"],
- "object_categories": value["object_categories"],
- "action_categories": value["action_categories"],
- "value": value_wo_other_data
- }
- )
- session.add(ref)
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.MetaRuleExisting
- raise error
- else:
- query = session.query(MetaRule)
- query = query.filter_by(id=meta_rule_id)
- ref = query.first()
- setattr(ref, "name", value["name"])
- setattr(ref, "subject_categories", value["subject_categories"])
- setattr(ref, "object_categories", value["object_categories"])
- setattr(ref, "action_categories", value["action_categories"])
- setattr(ref, "value", value_wo_other_data)
- return {ref.id: ref.to_dict()}
- except sqlalchemy.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.MetaRuleExisting
- raise error
-
- def get_meta_rules(self, meta_rule_id=None):
- with self.get_session_for_read() as session:
- query = session.query(MetaRule)
- if meta_rule_id:
- query = query.filter_by(id=meta_rule_id)
- ref_list = query.all()
- return {_ref.id: _ref.to_dict() for _ref in ref_list}
-
- def delete_meta_rule(self, meta_rule_id=None):
- with self.get_session_for_write() as session:
- query = session.query(MetaRule)
- query = query.filter_by(id=meta_rule_id)
- ref = query.first()
- if ref:
- session.delete(ref)
-
- def __get_perimeter_categories(self, ClassType, category_id=None):
- with self.get_session_for_read() as session:
- query = session.query(ClassType)
- if category_id:
- query = query.filter_by(id=category_id)
- ref_list = query.all()
- return {_ref.id: _ref.to_dict() for _ref in ref_list}
-
- def __add_perimeter_category(self, ClassType, name, description, uuid=None):
- if not name or not name.strip():
- raise exceptions.CategoryNameInvalid
- with self.get_session_for_write() as session:
- ref = ClassType.from_dict(
- {
- "id": uuid if uuid else uuid4().hex,
- "name": name,
- "description": description
- }
- )
- session.add(ref)
- return {ref.id: ref.to_dict()}
-
- def __delete_perimeter_category(self, ClassType, category_id):
- with self.get_session_for_write() as session:
- query = session.query(ClassType)
- query = query.filter_by(id=category_id)
- ref = query.first()
- if ref:
- session.delete(ref)
-
- def get_subject_categories(self, category_id=None):
- return self.__get_perimeter_categories(SubjectCategory, category_id=category_id)
-
- def add_subject_category(self, name, description, uuid=None):
- try:
- return self.__add_perimeter_category(SubjectCategory, name, description, uuid=uuid)
- except sql.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.SubjectCategoryExisting
- raise error
-
- def delete_subject_category(self, category_id):
- self.__delete_perimeter_category(SubjectCategory, category_id)
-
- def get_object_categories(self, category_id=None):
- return self.__get_perimeter_categories(ObjectCategory, category_id=category_id)
-
- def add_object_category(self, name, description, uuid=None):
- try:
- return self.__add_perimeter_category(ObjectCategory, name, description, uuid=uuid)
- except sql.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ObjectCategoryExisting
- raise error
-
- def delete_object_category(self, category_id):
- self.__delete_perimeter_category(ObjectCategory, category_id)
-
- def get_action_categories(self, category_id=None):
-
- return self.__get_perimeter_categories(ActionCategory, category_id=category_id)
-
- def add_action_category(self, name, description, uuid=None):
- try:
- return self.__add_perimeter_category(ActionCategory, name, description, uuid=uuid)
- except sql.exc.IntegrityError as error:
- if 'UNIQUE constraint' in str(error):
- raise exceptions.ActionCategoryExisting
- raise error
-
- def delete_action_category(self, category_id):
- self.__delete_perimeter_category(ActionCategory, category_id)
-
- # Getter and Setter for subject_category
-
- # def get_subject_categories_dict(self, intra_extension_id):
- # with self.get_session_for_read() as session:
- # query = session.query(SubjectCategory)
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.subject_category for _ref in ref_list}
- #
- # def set_subject_category_dict(self, intra_extension_id, subject_category_id, subject_category_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(SubjectCategory)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_category_id)
- # ref = query.first()
- # new_ref = SubjectCategory.from_dict(
- # {
- # "id": subject_category_id,
- # 'subject_category': subject_category_dict,
- # 'intra_extension_id': intra_extension_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in SubjectCategory.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # # session.flush()
- # return {subject_category_id: SubjectCategory.to_dict(ref)['subject_category']}
- #
- # def del_subject_category(self, intra_extension_id, subject_category_id):
- # with self.get_session_for_write() as session:
- # query = session.query(SubjectCategory)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_category_id)
- # ref = query.first()
- # self.del_subject_assignment(intra_extension_id, None, None, None)
- # session.delete(ref)
- #
- # # Getter and Setter for object_category
- #
- # def get_object_categories_dict(self, intra_extension_id):
- # with self.get_session_for_read() as session:
- # query = session.query(ObjectCategory)
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.object_category for _ref in ref_list}
- #
- # def set_object_category_dict(self, intra_extension_id, object_category_id, object_category_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(ObjectCategory)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=object_category_id)
- # ref = query.first()
- # new_ref = ObjectCategory.from_dict(
- # {
- # "id": object_category_id,
- # 'object_category': object_category_dict,
- # 'intra_extension_id': intra_extension_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in ObjectCategory.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return {object_category_id: ObjectCategory.to_dict(ref)['object_category']}
- #
- # def del_object_category(self, intra_extension_id, object_category_id):
- # with self.get_session_for_write() as session:
- # query = session.query(ObjectCategory)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=object_category_id)
- # ref = query.first()
- # self.del_object_assignment(intra_extension_id, None, None, None)
- # session.delete(ref)
- #
- # # Getter and Setter for action_category
- #
- # def get_action_categories_dict(self, intra_extension_id):
- # with self.get_session_for_read() as session:
- # query = session.query(ActionCategory)
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.action_category for _ref in ref_list}
- #
- # def set_action_category_dict(self, intra_extension_id, action_category_id, action_category_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(ActionCategory)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=action_category_id)
- # ref = query.first()
- # new_ref = ActionCategory.from_dict(
- # {
- # "id": action_category_id,
- # 'action_category': action_category_dict,
- # 'intra_extension_id': intra_extension_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in ActionCategory.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return {action_category_id: ActionCategory.to_dict(ref)['action_category']}
- #
- # def del_action_category(self, intra_extension_id, action_category_id):
- # with self.get_session_for_write() as session:
- # query = session.query(ActionCategory)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=action_category_id)
- # ref = query.first()
- # self.del_action_assignment(intra_extension_id, None, None, None)
- # session.delete(ref)
-
- # Perimeter
-
- # def get_subjects_dict(self, intra_extension_id):
- # with self.get_session_for_read() as session:
- # query = session.query(Subject)
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.subject for _ref in ref_list}
- #
- # def set_subject_dict(self, intra_extension_id, subject_id, subject_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(Subject)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_id)
- # ref = query.first()
- # # if 'id' in subject_dict:
- # # subject_dict['id'] = subject_id
- # new_ref = Subject.from_dict(
- # {
- # "id": subject_id,
- # 'subject': subject_dict,
- # 'intra_extension_id': intra_extension_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in Subject.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return {subject_id: Subject.to_dict(ref)['subject']}
- #
- # def del_subject(self, intra_extension_id, subject_id):
- # with self.get_session_for_write() as session:
- # query = session.query(Subject)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_id)
- # ref = query.first()
- # session.delete(ref)
- #
- # def get_objects_dict(self, intra_extension_id):
- # with self.get_session_for_read() as session:
- # query = session.query(Object)
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.object for _ref in ref_list}
- #
- # def set_object_dict(self, intra_extension_id, object_id, object_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(Object)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=object_id)
- # ref = query.first()
- # new_ref = Object.from_dict(
- # {
- # "id": object_id,
- # 'object': object_dict,
- # 'intra_extension_id': intra_extension_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in Object.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return {object_id: Object.to_dict(ref)['object']}
- #
- # def del_object(self, intra_extension_id, object_id):
- # with self.get_session_for_write() as session:
- # query = session.query(Object)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=object_id)
- # ref = query.first()
- # session.delete(ref)
- #
- # def get_actions_dict(self, intra_extension_id):
- # with self.get_session_for_read() as session:
- # query = session.query(Action)
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.action for _ref in ref_list}
- #
- # def set_action_dict(self, intra_extension_id, action_id, action_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(Action)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=action_id)
- # ref = query.first()
- # new_ref = Action.from_dict(
- # {
- # "id": action_id,
- # 'action': action_dict,
- # 'intra_extension_id': intra_extension_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in Action.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return {action_id: Action.to_dict(ref)['action']}
- #
- # def del_action(self, intra_extension_id, action_id):
- # with self.get_session_for_write() as session:
- # query = session.query(Action)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=action_id)
- # ref = query.first()
- # session.delete(ref)
-
- # Getter and Setter for subject_scope
-
- # def get_subject_scopes_dict(self, intra_extension_id, subject_category_id):
- # with self.get_session_for_read() as session:
- # query = session.query(SubjectScope)
- # query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.subject_scope for _ref in ref_list}
- #
- # def set_subject_scope_dict(self, intra_extension_id, subject_category_id, subject_scope_id, subject_scope_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(SubjectScope)
- # query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id, id=subject_scope_id)
- # ref = query.first()
- # new_ref = SubjectScope.from_dict(
- # {
- # "id": subject_scope_id,
- # 'subject_scope': subject_scope_dict,
- # 'intra_extension_id': intra_extension_id,
- # 'subject_category_id': subject_category_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in Subject.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return {subject_scope_id: SubjectScope.to_dict(ref)['subject_scope']}
- #
- # def del_subject_scope(self, intra_extension_id, subject_category_id, subject_scope_id):
- # with self.get_session_for_write() as session:
- # query = session.query(SubjectScope)
- # if not subject_category_id or not subject_scope_id:
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # for ref in query.all():
- # session.delete(ref)
- # else:
- # query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id, id=subject_scope_id)
- # ref = query.first()
- # session.delete(ref)
- #
- # # Getter and Setter for object_category_scope
- #
- # def get_object_scopes_dict(self, intra_extension_id, object_category_id):
- # with self.get_session_for_read() as session:
- # query = session.query(ObjectScope)
- # query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.object_scope for _ref in ref_list}
- #
- # def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_id, object_scope_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(ObjectScope)
- # query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id, id=object_scope_id)
- # ref = query.first()
- # new_ref = ObjectScope.from_dict(
- # {
- # "id": object_scope_id,
- # 'object_scope': object_scope_dict,
- # 'intra_extension_id': intra_extension_id,
- # 'object_category_id': object_category_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in Object.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return {object_scope_id: ObjectScope.to_dict(ref)['object_scope']}
- #
- # def del_object_scope(self, intra_extension_id, object_category_id, object_scope_id):
- # with self.get_session_for_write() as session:
- # query = session.query(ObjectScope)
- # if not object_category_id or not object_scope_id:
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # for ref in query.all():
- # session.delete(ref)
- # else:
- # query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id, id=object_scope_id)
- # ref = query.first()
- # session.delete(ref)
- #
- # # Getter and Setter for action_scope
- #
- # def get_action_scopes_dict(self, intra_extension_id, action_category_id):
- # with self.get_session_for_read() as session:
- # query = session.query(ActionScope)
- # query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.action_scope for _ref in ref_list}
- #
- # def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id, action_scope_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(ActionScope)
- # query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id, id=action_scope_id)
- # ref = query.first()
- # new_ref = ActionScope.from_dict(
- # {
- # "id": action_scope_id,
- # 'action_scope': action_scope_dict,
- # 'intra_extension_id': intra_extension_id,
- # 'action_category_id': action_category_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in Action.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return {action_scope_id: ActionScope.to_dict(ref)['action_scope']}
- #
- # def del_action_scope(self, intra_extension_id, action_category_id, action_scope_id):
- # with self.get_session_for_write() as session:
- # query = session.query(ActionScope)
- # if not action_category_id or not action_scope_id:
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # for ref in query.all():
- # session.delete(ref)
- # else:
- # query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id, id=action_scope_id)
- # ref = query.first()
- # session.delete(ref)
- #
- # # Getter and Setter for subject_category_assignment
- #
- # def get_subject_assignment_list(self, intra_extension_id, subject_id, subject_category_id):
- # with self.get_session_for_read() as session:
- # query = session.query(SubjectAssignment)
- # if not subject_id or not subject_category_id or not subject_category_id:
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref = query.all()
- # return ref
- # else:
- # query = query.filter_by(intra_extension_id=intra_extension_id, subject_id=subject_id, subject_category_id=subject_category_id)
- # ref = query.first()
- # if not ref:
- # return list()
- # LOG.info("get_subject_assignment_list {}".format(ref.subject_assignment))
- # return list(ref.subject_assignment)
- #
- # def set_subject_assignment_list(self, intra_extension_id, subject_id, subject_category_id, subject_assignment_list=[]):
- # with self.get_session_for_write() as session:
- # query = session.query(SubjectAssignment)
- # query = query.filter_by(intra_extension_id=intra_extension_id, subject_id=subject_id, subject_category_id=subject_category_id)
- # ref = query.first()
- # new_ref = SubjectAssignment.from_dict(
- # {
- # "id": uuid4().hex,
- # 'subject_assignment': subject_assignment_list,
- # 'intra_extension_id': intra_extension_id,
- # 'subject_id': subject_id,
- # 'subject_category_id': subject_category_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in SubjectAssignment.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return subject_assignment_list
- #
- # def add_subject_assignment_list(self, intra_extension_id, subject_id, subject_category_id, subject_scope_id):
- # new_subject_assignment_list = self.get_subject_assignment_list(intra_extension_id, subject_id, subject_category_id)
- # if subject_scope_id not in new_subject_assignment_list:
- # new_subject_assignment_list.append(subject_scope_id)
- # return self.set_subject_assignment_list(intra_extension_id, subject_id, subject_category_id, new_subject_assignment_list)
- #
- # def del_subject_assignment(self, intra_extension_id, subject_id, subject_category_id, subject_scope_id):
- # if not subject_id or not subject_category_id or not subject_category_id:
- # with self.get_session_for_write() as session:
- # for ref in self.get_subject_assignment_list(intra_extension_id, None, None):
- # session.delete(ref)
- # session.flush()
- # return
- # new_subject_assignment_list = self.get_subject_assignment_list(intra_extension_id, subject_id, subject_category_id)
- # new_subject_assignment_list.remove(subject_scope_id)
- # return self.set_subject_assignment_list(intra_extension_id, subject_id, subject_category_id, new_subject_assignment_list)
- #
- # # Getter and Setter for object_category_assignment
- #
- # def get_object_assignment_list(self, intra_extension_id, object_id, object_category_id):
- # with self.get_session_for_read() as session:
- # query = session.query(ObjectAssignment)
- # if not object_id or not object_category_id or not object_category_id:
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref = query.all()
- # return ref
- # else:
- # query = query.filter_by(intra_extension_id=intra_extension_id, object_id=object_id, object_category_id=object_category_id)
- # ref = query.first()
- # if not ref:
- # return list()
- # return list(ref.object_assignment)
- #
- # def set_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_assignment_list=[]):
- # with self.get_session_for_write() as session:
- # query = session.query(ObjectAssignment)
- # query = query.filter_by(intra_extension_id=intra_extension_id, object_id=object_id, object_category_id=object_category_id)
- # ref = query.first()
- # new_ref = ObjectAssignment.from_dict(
- # {
- # "id": uuid4().hex,
- # 'object_assignment': object_assignment_list,
- # 'intra_extension_id': intra_extension_id,
- # 'object_id': object_id,
- # 'object_category_id': object_category_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # else:
- # for attr in ObjectAssignment.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return self.get_object_assignment_list(intra_extension_id, object_id, object_category_id)
- #
- # def add_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_scope_id):
- # new_object_assignment_list = self.get_object_assignment_list(intra_extension_id, object_id, object_category_id)
- # if object_scope_id not in new_object_assignment_list:
- # new_object_assignment_list.append(object_scope_id)
- # return self.set_object_assignment_list(intra_extension_id, object_id, object_category_id, new_object_assignment_list)
- #
- # def del_object_assignment(self, intra_extension_id, object_id, object_category_id, object_scope_id):
- # if not object_id or not object_category_id or not object_category_id:
- # with self.get_session_for_write() as session:
- # for ref in self.get_object_assignment_list(intra_extension_id, None, None):
- # session.delete(ref)
- # session.flush()
- # return
- # new_object_assignment_list = self.get_object_assignment_list(intra_extension_id, object_id, object_category_id)
- # new_object_assignment_list.remove(object_scope_id)
- # return self.set_object_assignment_list(intra_extension_id, object_id, object_category_id, new_object_assignment_list)
- #
- # # Getter and Setter for action_category_assignment
- #
- # def get_action_assignment_list(self, intra_extension_id, action_id, action_category_id):
- # with self.get_session_for_read() as session:
- # query = session.query(ActionAssignment)
- # if not action_id or not action_category_id or not action_category_id:
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref = query.all()
- # return ref
- # else:
- # query = query.filter_by(intra_extension_id=intra_extension_id, action_id=action_id, action_category_id=action_category_id)
- # ref = query.first()
- # if not ref:
- # return list()
- # return list(ref.action_assignment)
- #
- # def set_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_assignment_list=[]):
- # with self.get_session_for_write() as session:
- # query = session.query(ActionAssignment)
- # query = query.filter_by(intra_extension_id=intra_extension_id, action_id=action_id, action_category_id=action_category_id)
- # ref = query.first()
- # new_ref = ActionAssignment.from_dict(
- # {
- # "id": uuid4().hex,
- # 'action_assignment': action_assignment_list,
- # 'intra_extension_id': intra_extension_id,
- # 'action_id': action_id,
- # 'action_category_id': action_category_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # else:
- # for attr in ActionAssignment.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return self.get_action_assignment_list(intra_extension_id, action_id, action_category_id)
- #
- # def add_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_scope_id):
- # new_action_assignment_list = self.get_action_assignment_list(intra_extension_id, action_id, action_category_id)
- # if action_scope_id not in new_action_assignment_list:
- # new_action_assignment_list.append(action_scope_id)
- # return self.set_action_assignment_list(intra_extension_id, action_id, action_category_id, new_action_assignment_list)
- #
- # def del_action_assignment(self, intra_extension_id, action_id, action_category_id, action_scope_id):
- # if not action_id or not action_category_id or not action_category_id:
- # with self.get_session_for_write() as session:
- # for ref in self.get_action_assignment_list(intra_extension_id, None, None):
- # session.delete(ref)
- # session.flush()
- # return
- # new_action_assignment_list = self.get_action_assignment_list(intra_extension_id, action_id, action_category_id)
- # new_action_assignment_list.remove(action_scope_id)
- # return self.set_action_assignment_list(intra_extension_id, action_id, action_category_id, new_action_assignment_list)
- #
- # # Getter and Setter for sub_meta_rule
- #
- # def get_aggregation_algorithm_id(self, intra_extension_id):
- # with self.get_session_for_read() as session:
- # query = session.query(IntraExtension)
- # query = query.filter_by(id=intra_extension_id)
- # ref = query.first()
- # try:
- # return {"aggregation_algorithm": ref.intra_extension["aggregation_algorithm"]}
- # except KeyError:
- # return ""
- #
- # def set_aggregation_algorithm_id(self, intra_extension_id, aggregation_algorithm_id):
- # with self.get_session_for_write() as session:
- # query = session.query(IntraExtension)
- # query = query.filter_by(id=intra_extension_id)
- # ref = query.first()
- # intra_extension_dict = dict(ref.intra_extension)
- # intra_extension_dict["aggregation_algorithm"] = aggregation_algorithm_id
- # setattr(ref, "intra_extension", intra_extension_dict)
- # # session.flush()
- # return {"aggregation_algorithm": ref.intra_extension["aggregation_algorithm"]}
- #
- # def del_aggregation_algorithm(self, intra_extension_id):
- # with self.get_session_for_write() as session:
- # query = session.query(IntraExtension)
- # query = query.filter_by(id=intra_extension_id)
- # ref = query.first()
- # intra_extension_dict = dict(ref.intra_extension)
- # intra_extension_dict["aggregation_algorithm"] = ""
- # setattr(ref, "intra_extension", intra_extension_dict)
- # return self.get_aggregation_algorithm_id(intra_extension_id)
- #
- # # Getter and Setter for sub_meta_rule
- #
- # def get_sub_meta_rules_dict(self, intra_extension_id):
- # with self.get_session_for_read() as session:
- # query = session.query(SubMetaRule)
- # query = query.filter_by(intra_extension_id=intra_extension_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.sub_meta_rule for _ref in ref_list}
- #
- # def set_sub_meta_rule_dict(self, intra_extension_id, sub_meta_rule_id, sub_meta_rule_dict):
- # with self.get_session_for_write() as session:
- # query = session.query(SubMetaRule)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=sub_meta_rule_id)
- # ref = query.first()
- # new_ref = SubMetaRule.from_dict(
- # {
- # "id": sub_meta_rule_id,
- # 'sub_meta_rule': sub_meta_rule_dict,
- # 'intra_extension_id': intra_extension_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # else:
- # _sub_meta_rule_dict = dict(ref.sub_meta_rule)
- # _sub_meta_rule_dict.update(sub_meta_rule_dict)
- # setattr(new_ref, "sub_meta_rule", _sub_meta_rule_dict)
- # for attr in SubMetaRule.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return self.get_sub_meta_rules_dict(intra_extension_id)
- #
- # def del_sub_meta_rule(self, intra_extension_id, sub_meta_rule_id):
- # with self.get_session_for_write() as session:
- # query = session.query(SubMetaRule)
- # query = query.filter_by(intra_extension_id=intra_extension_id, id=sub_meta_rule_id)
- # ref = query.first()
- # session.delete(ref)
- #
- # # Getter and Setter for rules
- #
- # def get_rules_dict(self, intra_extension_id, sub_meta_rule_id):
- # with self.get_session_for_read() as session:
- # query = session.query(Rule)
- # query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id)
- # ref_list = query.all()
- # return {_ref.id: _ref.rule for _ref in ref_list}
- #
- # def set_rule_dict(self, intra_extension_id, sub_meta_rule_id, rule_id, rule_list):
- # with self.get_session_for_write() as session:
- # query = session.query(Rule)
- # query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id, id=rule_id)
- # ref = query.first()
- # new_ref = Rule.from_dict(
- # {
- # "id": rule_id,
- # 'rule': rule_list,
- # 'intra_extension_id': intra_extension_id,
- # 'sub_meta_rule_id': sub_meta_rule_id
- # }
- # )
- # if not ref:
- # session.add(new_ref)
- # ref = new_ref
- # else:
- # for attr in Rule.attributes:
- # if attr != 'id':
- # setattr(ref, attr, getattr(new_ref, attr))
- # # session.flush()
- # return {rule_id: ref.rule}
- #
- # def del_rule(self, intra_extension_id, sub_meta_rule_id, rule_id):
- # with self.get_session_for_write() as session:
- # query = session.query(Rule)
- # query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id, id=rule_id)
- # ref = query.first()
- # session.delete(ref)
-
-
-class SQLConnector(PDPConnector, PolicyConnector, ModelConnector):
- pass
diff --git a/python_moondb/python_moondb/core.py b/python_moondb/python_moondb/core.py
deleted file mode 100644
index 3fee146b..00000000
--- a/python_moondb/python_moondb/core.py
+++ /dev/null
@@ -1,228 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-from stevedore.driver import DriverManager
-from python_moonutilities import configuration
-from python_moondb.api import model, policy, pdp, keystone
-
-logger = logging.getLogger("moon.db")
-
-
-class Driver(DriverManager):
-
- def __init__(self, driver_name, engine_name):
- logger.info("initialization of Driver {}".format(driver_name))
- super(Driver, self).__init__(
- namespace='moon_db.driver',
- name=driver_name,
- invoke_on_load=True,
- invoke_args=(engine_name,),
- )
-
-
-class ModelDriver(Driver):
-
- def __init__(self, driver_name, engine_name):
- super(ModelDriver, self).__init__(driver_name, engine_name)
-
- def update_model(self, model_id, value):
- raise NotImplementedError() # pragma: no cover
-
- def delete_model(self, model_id):
- raise NotImplementedError() # pragma: no cover
-
- def add_model(self, model_id=None, value=None):
- raise NotImplementedError() # pragma: no cover
-
- def get_models(self, model_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def set_meta_rule(self, meta_rule_id, value):
- raise NotImplementedError() # pragma: no cover
-
- def get_meta_rules(self, meta_rule_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def delete_meta_rule(self, meta_rule_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def get_subject_categories(self, category_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def add_subject_category(self, name, description):
- raise NotImplementedError() # pragma: no cover
-
- def delete_subject_category(self, category_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_object_categories(self, category_id):
- raise NotImplementedError() # pragma: no cover
-
- def add_object_category(self, category_id, value):
- raise NotImplementedError() # pragma: no cover
-
- def delete_object_category(self, category_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_action_categories(self, category_id):
- raise NotImplementedError() # pragma: no cover
-
- def add_action_category(self, category_id, value):
- raise NotImplementedError() # pragma: no cover
-
- def delete_action_category(self, category_id):
- raise NotImplementedError() # pragma: no cover
-
-
-class PolicyDriver(Driver):
-
- def __init__(self, driver_name, engine_name):
- super(PolicyDriver, self).__init__(driver_name, engine_name)
-
- def update_policy(self, policy_id, value):
- raise NotImplementedError() # pragma: no cover
-
- def delete_policy(self, policy_id):
- raise NotImplementedError() # pragma: no cover
-
- def add_policy(self, policy_id=None, value=None):
- raise NotImplementedError() # pragma: no cover
-
- def get_policies(self, policy_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def get_subjects(self, policy_id, perimeter_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def set_subject(self, policy_id, perimeter_id=None, value=None):
- raise NotImplementedError() # pragma: no cover
-
- def delete_subject(self, policy_id, perimeter_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_objects(self, policy_id, perimeter_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def set_object(self, policy_id, perimeter_id=None, value=None):
- raise NotImplementedError() # pragma: no cover
-
- def delete_object(self, policy_id, perimeter_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_actions(self, policy_id, perimeter_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def set_action(self, policy_id, perimeter_id=None, value=None):
- raise NotImplementedError() # pragma: no cover
-
- def delete_action(self, policy_id, perimeter_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_subject_data(self, policy_id, data_id=None, category_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def set_subject_data(self, policy_id, data_id=None, category_id=None, value=None):
- raise NotImplementedError() # pragma: no cover
-
- def delete_subject_data(self, policy_id, data_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_object_data(self, policy_id, data_id=None, category_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def set_object_data(self, policy_id, data_id=None, category_id=None, value=None):
- raise NotImplementedError() # pragma: no cover
-
- def delete_object_data(self, policy_id, data_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_action_data(self, policy_id, data_id=None, category_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def set_action_data(self, policy_id, data_id=None, category_id=None, value=None):
- raise NotImplementedError() # pragma: no cover
-
- def delete_action_data(self, policy_id, data_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_subject_assignments(self, policy_id, subject_id=None, category_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def add_subject_assignment(self, policy_id, subject_id, category_id, data_id):
- raise NotImplementedError() # pragma: no cover
-
- def delete_subject_assignment(self, policy_id, subject_id, category_id, data_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_object_assignments(self, policy_id, assignment_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def add_object_assignment(self, policy_id, subject_id, category_id, data_id):
- raise NotImplementedError() # pragma: no cover
-
- def delete_object_assignment(self, policy_id, object_id, category_id, data_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_action_assignments(self, policy_id, assignment_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def add_action_assignment(self, policy_id, action_id, category_id, data_id):
- raise NotImplementedError() # pragma: no cover
-
- def delete_action_assignment(self, policy_id, action_id, category_id, data_id):
- raise NotImplementedError() # pragma: no cover
-
- def get_rules(self, policy_id, rule_id=None, meta_rule_id=None):
- raise NotImplementedError() # pragma: no cover
-
- def add_rule(self, policy_id, meta_rule_id, value):
- raise NotImplementedError() # pragma: no cover
-
- def delete_rule(self, policy_id, rule_id):
- raise NotImplementedError() # pragma: no cover
-
-
-class PDPDriver(Driver):
-
- def __init__(self, driver_name, engine_name):
- super(PDPDriver, self).__init__(driver_name, engine_name)
-
- def update_pdp(self, pdp_id, value):
- raise NotImplementedError() # pragma: no cover
-
- def delete_pdp(self, pdp_id):
- raise NotImplementedError() # pragma: no cover
-
- def add_pdp(self, pdp_id=None, value=None):
- raise NotImplementedError() # pragma: no cover
-
- def get_pdp(self, pdp_id=None):
- raise NotImplementedError() # pragma: no cover
-
-
-class KeystoneDriver(Driver):
-
- def __init__(self, driver_name, engine_name):
- super(KeystoneDriver, self).__init__(driver_name, engine_name)
-
-
-conf = configuration.get_configuration("database")['database']
-
-KeystoneManager = keystone.KeystoneManager(
- KeystoneDriver(conf['driver'], conf['url'])
-)
-
-ModelManager = model.ModelManager(
- ModelDriver(conf['driver'], conf['url'])
-)
-
-PolicyManager = policy.PolicyManager(
- PolicyDriver(conf['driver'], conf['url'])
-)
-
-PDPManager = pdp.PDPManager(
- PDPDriver(conf['driver'], conf['url'])
-)
diff --git a/python_moondb/python_moondb/db_manager.py b/python_moondb/python_moondb/db_manager.py
deleted file mode 100644
index c251afbb..00000000
--- a/python_moondb/python_moondb/db_manager.py
+++ /dev/null
@@ -1,82 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-"""
-"""
-
-import os
-import glob
-import importlib
-import argparse
-import logging
-from sqlalchemy import create_engine
-from python_moonutilities import configuration
-from python_moondb.migrate_repo import versions
-
-
-def init_args():
- parser = argparse.ArgumentParser()
- parser.add_argument('command', help='command (upgrade or downgrade)',
- nargs=1)
- parser.add_argument("--verbose", "-v", action='store_true',
- help="verbose mode")
- parser.add_argument("--debug", "-d", action='store_true',
- help="debug mode")
- args = parser.parse_args()
-
- FORMAT = '%(asctime)-15s %(levelname)s %(message)s'
- if args.debug:
- logging.basicConfig(
- format=FORMAT,
- level=logging.DEBUG)
- elif args.verbose:
- logging.basicConfig(
- format=FORMAT,
- level=logging.INFO)
- else:
- logging.basicConfig(
- format=FORMAT,
- level=logging.WARNING)
-
- requests_log = logging.getLogger("requests.packages.urllib3")
- requests_log.setLevel(logging.WARNING)
- requests_log.propagate = True
-
- logger = logging.getLogger("moon.db.manager")
- return args, logger
-
-
-def init_engine():
- db_conf = configuration.get_configuration("database")["database"]
- return create_engine(db_conf['url'])
-
-
-def main(command, logger, engine):
- files = glob.glob(versions.__path__[0] + "/[0-9][0-9][0-9]*.py")
- for filename in files:
- filename = os.path.basename(filename).replace(".py", "")
- o = importlib.import_module(
- "python_moondb.migrate_repo.versions.{}".format(filename))
- logger.info("Command is {}".format(command))
- if command in ("upgrade", "u", "up"):
- logger.info(
- "upgrading python_moondb.migrate_repo.versions.{}".format(filename))
- o.upgrade(engine)
- elif command in ("downgrade", "d", "down"):
- logger.info(
- "downgrading python_moondb.migrate_repo.versions.{}".format(
- filename))
- o.downgrade(engine)
- else:
- logger.critical("Cannot understand the command!")
-
-
-def run():
- args, logger = init_args()
- engine = init_engine()
- main(args.command[0], logger, engine)
-
-
-if __name__ == "__main__":
- run()
diff --git a/python_moondb/python_moondb/migrate_repo/__init__.py b/python_moondb/python_moondb/migrate_repo/__init__.py
deleted file mode 100644
index e69de29b..00000000
--- a/python_moondb/python_moondb/migrate_repo/__init__.py
+++ /dev/null
diff --git a/python_moondb/python_moondb/migrate_repo/versions/001_moon.py b/python_moondb/python_moondb/migrate_repo/versions/001_moon.py
deleted file mode 100644
index 13670b91..00000000
--- a/python_moondb/python_moondb/migrate_repo/versions/001_moon.py
+++ /dev/null
@@ -1,267 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import json
-import sqlalchemy as sql
-from sqlalchemy import types as sql_types
-
-
-class JsonBlob(sql_types.TypeDecorator):
- impl = sql.Text
-
- def process_bind_param(self, value, dialect):
- return json.dumps(value)
-
- def process_result_value(self, value, dialect):
- return json.loads(value)
-
-
-def upgrade(migrate_engine):
- meta = sql.MetaData()
- meta.bind = migrate_engine
-
- table = sql.Table(
- 'pdp',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('keystone_project_id', sql.String(64), nullable=True, default=""),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.UniqueConstraint('name', 'keystone_project_id', name='unique_constraint_models'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- table.create(migrate_engine, checkfirst=True)
-
- table = sql.Table(
- 'policies',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('model_id', sql.String(64), nullable=True, default=""),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.UniqueConstraint('name', 'model_id', name='unique_constraint_models'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- table.create(migrate_engine, checkfirst=True)
-
- table = sql.Table(
- 'models',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.UniqueConstraint('name', name='unique_constraint_models'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- table.create(migrate_engine, checkfirst=True)
-
- subject_categories_table = sql.Table(
- 'subject_categories',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('description', sql.String(256), nullable=True),
-
- sql.UniqueConstraint('name', name='unique_constraint_subject_categories'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- subject_categories_table.create(migrate_engine, checkfirst=True)
-
- object_categories_table = sql.Table(
- 'object_categories',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('description', sql.String(256), nullable=True),
-
- sql.UniqueConstraint('name', name='unique_constraint_object_categories'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- object_categories_table.create(migrate_engine, checkfirst=True)
-
- action_categories_table = sql.Table(
- 'action_categories',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('description', sql.String(256), nullable=True),
-
- sql.UniqueConstraint('name', name='unique_constraint_action_categories'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- action_categories_table.create(migrate_engine, checkfirst=True)
-
- subjects_table = sql.Table(
- 'subjects',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.UniqueConstraint('name', name='unique_constraint_subjects'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- subjects_table.create(migrate_engine, checkfirst=True)
-
- objects_table = sql.Table(
- 'objects',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.UniqueConstraint('name', name='unique_constraint_objects'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- objects_table.create(migrate_engine, checkfirst=True)
-
- actions_table = sql.Table(
- 'actions',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.UniqueConstraint('name', name='unique_constraint_actions'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- actions_table.create(migrate_engine, checkfirst=True)
-
- subject_data_table = sql.Table(
- 'subject_data',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.Column('category_id', sql.ForeignKey("subject_categories.id"), nullable=False),
- sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False),
- sql.UniqueConstraint('name', 'category_id', 'policy_id',
- name='unique_constraint_subject_data'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- subject_data_table.create(migrate_engine, checkfirst=True)
-
- object_data_table = sql.Table(
- 'object_data',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.Column('category_id', sql.ForeignKey("object_categories.id"), nullable=False),
- sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False),
- sql.UniqueConstraint('name', 'category_id', 'policy_id',
- name='unique_constraint_object_data'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- object_data_table.create(migrate_engine, checkfirst=True)
-
- action_data_table = sql.Table(
- 'action_data',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.Column('category_id', sql.ForeignKey("action_categories.id"), nullable=False),
- sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False),
- sql.UniqueConstraint('name', 'category_id', 'policy_id',
- name='unique_constraint_action_data'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- action_data_table.create(migrate_engine, checkfirst=True)
-
- subject_assignments_table = sql.Table(
- 'subject_assignments',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('assignments', sql.String(256), nullable=True),
- sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False),
- sql.Column('subject_id', sql.ForeignKey("subjects.id"), nullable=False),
- sql.Column('category_id', sql.ForeignKey("subject_categories.id"), nullable=False),
- sql.UniqueConstraint('policy_id', 'subject_id', 'category_id',
- name='unique_constraint_subject_assignment'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- subject_assignments_table.create(migrate_engine, checkfirst=True)
-
- object_assignments_table = sql.Table(
- 'object_assignments',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('assignments', sql.String(256), nullable=True),
- sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False),
- sql.Column('object_id', sql.ForeignKey("objects.id"), nullable=False),
- sql.Column('category_id', sql.ForeignKey("object_categories.id"), nullable=False),
- sql.UniqueConstraint('policy_id', 'object_id', 'category_id',
- name='unique_constraint_object_assignment'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- object_assignments_table.create(migrate_engine, checkfirst=True)
-
- action_assignments_table = sql.Table(
- 'action_assignments',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('assignments', sql.String(256), nullable=True),
- sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False),
- sql.Column('action_id', sql.ForeignKey("actions.id"), nullable=False),
- sql.Column('category_id', sql.ForeignKey("action_categories.id"), nullable=False),
- sql.UniqueConstraint('policy_id', 'action_id', 'category_id',
- name='unique_constraint_action_assignment'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- action_assignments_table.create(migrate_engine, checkfirst=True)
-
- meta_rules_table = sql.Table(
- 'meta_rules',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('name', sql.String(256), nullable=False),
- sql.Column('subject_categories', JsonBlob(), nullable=False),
- sql.Column('object_categories', JsonBlob(), nullable=False),
- sql.Column('action_categories', JsonBlob(), nullable=False),
- sql.Column('value', JsonBlob(), nullable=True),
- sql.UniqueConstraint('name', name='unique_constraint_meta_rule_name'),
- # sql.UniqueConstraint('subject_categories', 'object_categories', 'action_categories', name='unique_constraint_meta_rule_def'),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- meta_rules_table.create(migrate_engine, checkfirst=True)
-
- rules_table = sql.Table(
- 'rules',
- meta,
- sql.Column('id', sql.String(64), primary_key=True),
- sql.Column('rule', JsonBlob(), nullable=True),
- sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False),
- sql.Column('meta_rule_id', sql.ForeignKey("meta_rules.id"), nullable=False),
- mysql_engine='InnoDB',
- mysql_charset='utf8')
- rules_table.create(migrate_engine, checkfirst=True)
-
-
-def downgrade(migrate_engine):
- meta = sql.MetaData()
- meta.bind = migrate_engine
-
- for _table in (
- 'rules',
- 'meta_rules',
- 'action_assignments',
- 'object_assignments',
- 'subject_assignments',
- 'action_data',
- 'object_data',
- 'subject_data',
- 'actions',
- 'objects',
- 'subjects',
- 'action_categories',
- 'object_categories',
- 'subject_categories',
- 'models',
- 'policies',
- 'pdp'
- ):
- try:
- table = sql.Table(_table, meta, autoload=True)
- table.drop(migrate_engine, checkfirst=True)
- except Exception as e:
- print(e)
diff --git a/python_moondb/python_moondb/migrate_repo/versions/__init__.py b/python_moondb/python_moondb/migrate_repo/versions/__init__.py
deleted file mode 100644
index e69de29b..00000000
--- a/python_moondb/python_moondb/migrate_repo/versions/__init__.py
+++ /dev/null
diff --git a/python_moondb/requirements.txt b/python_moondb/requirements.txt
deleted file mode 100644
index a205666f..00000000
--- a/python_moondb/requirements.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-stevedore
-sqlalchemy
-pymysql
-requests
diff --git a/python_moondb/setup.py b/python_moondb/setup.py
deleted file mode 100644
index e34369d4..00000000
--- a/python_moondb/setup.py
+++ /dev/null
@@ -1,54 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-from setuptools import setup, find_packages
-import python_moondb
-
-
-with open('requirements.txt') as f:
- required = f.read().splitlines()
-
-setup(
-
- name='python-moondb',
-
- version=python_moondb.__version__,
-
- packages=find_packages(),
-
- author="Thomas Duval",
-
- author_email="thomas.duval@orange.com",
-
- description="This library is a helper to interact with the Moon database.",
-
- long_description=open('README.md').read(),
-
- install_requires=required,
-
- include_package_data=True,
-
- url='https://git.opnfv.org/cgit/moon/',
-
- classifiers=[
- "Programming Language :: Python",
- "Development Status :: 1 - Planning",
- "License :: OSI Approved",
- "Natural Language :: English",
- "Operating System :: OS Independent",
- "Programming Language :: Python :: 3",
- ],
-
- entry_points={
- "moon_db.driver":
- [
- "sql = python_moondb.backends.sql:SQLConnector",
- ],
- 'console_scripts': [
- 'moon_db_manager = python_moondb.db_manager:run',
- ],
- }
-
-)
diff --git a/python_moondb/tests/unit_python/conftest.py b/python_moondb/tests/unit_python/conftest.py
deleted file mode 100644
index a1057907..00000000
--- a/python_moondb/tests/unit_python/conftest.py
+++ /dev/null
@@ -1,145 +0,0 @@
-import base64
-import json
-import logging
-import os
-import pytest
-import requests_mock
-import mock_components
-import mock_keystone
-
-CONF = {
- "openstack": {
- "keystone": {
- "url": "http://keystone:5000/v3",
- "user": "admin",
- "check_token": False,
- "password": "p4ssw0rd",
- "domain": "default",
- "certificate": False,
- "project": "admin"
- }
- },
- "components": {
- "wrapper": {
- "bind": "0.0.0.0",
- "port": 8080,
- "container": "wukongsun/moon_wrapper:v4.3",
- "timeout": 5,
- "hostname": "wrapper"
- },
- "manager": {
- "bind": "0.0.0.0",
- "port": 8082,
- "container": "wukongsun/moon_manager:v4.3",
- "hostname": "manager"
- },
- "port_start": 31001,
- "orchestrator": {
- "bind": "0.0.0.0",
- "port": 8083,
- "container": "wukongsun/moon_orchestrator:v4.3",
- "hostname": "interface"
- },
- "interface": {
- "bind": "0.0.0.0",
- "port": 8080,
- "container": "wukongsun/moon_interface:v4.3",
- "hostname": "interface"
- }
- },
- "plugins": {
- "session": {
- "port": 8082,
- "container": "asteroide/session:latest"
- },
- "authz": {
- "port": 8081,
- "container": "wukongsun/moon_authz:v4.3"
- }
- },
- "logging": {
- "handlers": {
- "file": {
- "filename": "/tmp/moon.log",
- "class": "logging.handlers.RotatingFileHandler",
- "level": "DEBUG",
- "formatter": "custom",
- "backupCount": 3,
- "maxBytes": 1048576
- },
- "console": {
- "class": "logging.StreamHandler",
- "formatter": "brief",
- "level": "INFO",
- "stream": "ext://sys.stdout"
- }
- },
- "formatters": {
- "brief": {
- "format": "%(levelname)s %(name)s %(message)-30s"
- },
- "custom": {
- "format": "%(asctime)-15s %(levelname)s %(name)s %(message)s"
- }
- },
- "root": {
- "handlers": [
- "console"
- ],
- "level": "ERROR"
- },
- "version": 1,
- "loggers": {
- "moon": {
- "handlers": [
- "console",
- "file"
- ],
- "propagate": False,
- "level": "DEBUG"
- }
- }
- },
- "slave": {
- "name": None,
- "master": {
- "url": None,
- "login": None,
- "password": None
- }
- },
- "docker": {
- "url": "tcp://172.88.88.1:2376",
- "network": "moon"
- },
- "database": {
- "url": "sqlite:///database.db",
- # "url": "mysql+pymysql://moon:p4sswOrd1@db/moon",
- "driver": "sql"
- },
- "messenger": {
- "url": "rabbit://moon:p4sswOrd1@messenger:5672/moon"
- }
-}
-
-
-@pytest.fixture
-def db():
- return CONF['database']
-
-
-@pytest.fixture(autouse=True)
-def set_consul_and_db(monkeypatch):
- """ Modify the response from Requests module
- """
- with requests_mock.Mocker(real_http=True) as m:
- mock_components.register_components(m)
- mock_keystone.register_keystone(m)
-
- from python_moondb.db_manager import init_engine, main
- engine = init_engine()
- main("upgrade", logging.getLogger("db_manager"), engine)
- yield m
- os.unlink(CONF['database']['url'].replace("sqlite:///", ""))
-
-
diff --git a/python_moondb/tests/unit_python/helpers/__init__.py b/python_moondb/tests/unit_python/helpers/__init__.py
deleted file mode 100644
index e69de29b..00000000
--- a/python_moondb/tests/unit_python/helpers/__init__.py
+++ /dev/null
diff --git a/python_moondb/tests/unit_python/helpers/assignment_helper.py b/python_moondb/tests/unit_python/helpers/assignment_helper.py
deleted file mode 100644
index 22a56e38..00000000
--- a/python_moondb/tests/unit_python/helpers/assignment_helper.py
+++ /dev/null
@@ -1,49 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-def get_action_assignments(policy_id, action_id=None, category_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_action_assignments("", policy_id, action_id, category_id)
-
-
-def add_action_assignment(policy_id, action_id, category_id, data_id):
- from python_moondb.core import PolicyManager
- return PolicyManager.add_action_assignment("", policy_id, action_id, category_id, data_id)
-
-
-def delete_action_assignment(policy_id, action_id, category_id, data_id):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_action_assignment("", policy_id, action_id, category_id, data_id)
-
-
-def get_object_assignments(policy_id, object_id=None, category_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_object_assignments("", policy_id, object_id, category_id)
-
-
-def add_object_assignment(policy_id, object_id, category_id, data_id):
- from python_moondb.core import PolicyManager
- return PolicyManager.add_object_assignment("", policy_id, object_id, category_id, data_id)
-
-
-def delete_object_assignment(policy_id, object_id, category_id, data_id):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_object_assignment("", policy_id, object_id, category_id, data_id)
-
-
-def get_subject_assignments(policy_id, subject_id=None, category_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_subject_assignments("", policy_id, subject_id, category_id)
-
-
-def add_subject_assignment(policy_id, subject_id, category_id, data_id):
- from python_moondb.core import PolicyManager
- return PolicyManager.add_subject_assignment("", policy_id, subject_id, category_id, data_id)
-
-
-def delete_subject_assignment(policy_id, subject_id, category_id, data_id):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_subject_assignment("", policy_id, subject_id, category_id, data_id)
-
diff --git a/python_moondb/tests/unit_python/helpers/category_helper.py b/python_moondb/tests/unit_python/helpers/category_helper.py
deleted file mode 100644
index 55e95d91..00000000
--- a/python_moondb/tests/unit_python/helpers/category_helper.py
+++ /dev/null
@@ -1,54 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-def add_subject_category(cat_id=None, value=None):
- from python_moondb.core import ModelManager
- category = ModelManager.add_subject_category(user_id=None, category_id=cat_id, value=value)
- return category
-
-
-def get_subject_category(cat_id=None):
- from python_moondb.core import ModelManager
- category = ModelManager.get_subject_categories(user_id=None, category_id=cat_id)
- return category
-
-
-def add_object_category(cat_id=None, value=None):
- from python_moondb.core import ModelManager
- category = ModelManager.add_object_category(user_id=None, category_id=cat_id, value=value)
- return category
-
-
-def get_object_category(cat_id=None):
- from python_moondb.core import ModelManager
- category = ModelManager.get_object_categories(user_id=None, category_id=cat_id)
- return category
-
-
-def add_action_category(cat_id=None, value=None):
- from python_moondb.core import ModelManager
- category = ModelManager.add_action_category(user_id=None, category_id=cat_id, value=value)
- return category
-
-
-def get_action_category(cat_id=None):
- from python_moondb.core import ModelManager
- category = ModelManager.get_action_categories(user_id=None, category_id=cat_id)
- return category
-
-
-def delete_subject_category(category_id=None):
- from python_moondb.core import ModelManager
- return ModelManager.delete_subject_category("", category_id=category_id)
-
-
-def delete_object_category(category_id=None):
- from python_moondb.core import ModelManager
- return ModelManager.delete_object_category("", category_id=category_id)
-
-
-def delete_action_category(category_id=None):
- from python_moondb.core import ModelManager
- return ModelManager.delete_action_category("", category_id=category_id)
diff --git a/python_moondb/tests/unit_python/helpers/data_helper.py b/python_moondb/tests/unit_python/helpers/data_helper.py
deleted file mode 100644
index 8a8238f5..00000000
--- a/python_moondb/tests/unit_python/helpers/data_helper.py
+++ /dev/null
@@ -1,98 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-def get_action_data(policy_id, data_id=None, category_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_action_data("", policy_id, data_id, category_id)
-
-
-def add_action_data(policy_id, data_id=None, category_id=None, value=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.add_action_data("", policy_id, data_id, category_id, value)
-
-
-def delete_action_data(policy_id, data_id):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_action_data("",policy_id=policy_id, data_id=data_id)
-
-
-def get_object_data(policy_id, data_id=None, category_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_object_data("", policy_id, data_id, category_id)
-
-
-def add_object_data(policy_id, data_id=None, category_id=None, value=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.add_object_data("", policy_id, data_id, category_id, value)
-
-
-def delete_object_data(policy_id, data_id):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_object_data("", policy_id=policy_id, data_id=data_id)
-
-
-def get_subject_data(policy_id, data_id=None, category_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_subject_data("", policy_id, data_id, category_id)
-
-
-def add_subject_data(policy_id, data_id=None, category_id=None, value=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.set_subject_data("", policy_id, data_id, category_id, value)
-
-
-def delete_subject_data(policy_id, data_id):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_subject_data("", policy_id=policy_id, data_id=data_id)
-
-
-def get_actions(policy_id, perimeter_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_actions("", policy_id, perimeter_id)
-
-
-def add_action(policy_id, perimeter_id=None, value=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.add_action("", policy_id, perimeter_id, value)
-
-
-def delete_action(policy_id, perimeter_id):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_action("", policy_id, perimeter_id)
-
-
-def get_objects(policy_id, perimeter_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_objects("", policy_id, perimeter_id)
-
-
-def add_object(policy_id, perimeter_id=None, value=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.add_object("", policy_id, perimeter_id, value)
-
-
-def delete_object(policy_id, perimeter_id):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_object("", policy_id, perimeter_id)
-
-
-def get_subjects(policy_id, perimeter_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_subjects("", policy_id, perimeter_id)
-
-
-def add_subject(policy_id, perimeter_id=None, value=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.add_subject("", policy_id, perimeter_id, value)
-
-
-def delete_subject(policy_id, perimeter_id):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_subject("", policy_id, perimeter_id)
-
-
-def get_available_metadata(policy_id):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_available_metadata("", policy_id)
diff --git a/python_moondb/tests/unit_python/helpers/meta_rule_helper.py b/python_moondb/tests/unit_python/helpers/meta_rule_helper.py
deleted file mode 100644
index 87af250a..00000000
--- a/python_moondb/tests/unit_python/helpers/meta_rule_helper.py
+++ /dev/null
@@ -1,48 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-from helpers import mock_data
-
-
-def update_meta_rule(meta_rule_id, value=None):
- from python_moondb.core import ModelManager
- if not value:
- action_category_id = mock_data.create_action_category("action_category_id1")
- subject_category_id = mock_data.create_subject_category("subject_category_id1")
- object_category_id = mock_data.create_object_category("object_category_id1")
- value = {
- "name": "MLS_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- return ModelManager.update_meta_rule(user_id=None, meta_rule_id=meta_rule_id, value=value)
-
-
-def add_meta_rule(meta_rule_id=None, value=None):
- from python_moondb.core import ModelManager
- if not value:
- action_category_id = mock_data.create_action_category("action_category_id1")
- subject_category_id = mock_data.create_subject_category("subject_category_id1")
- object_category_id = mock_data.create_object_category("object_category_id1")
- value = {
- "name": "MLS_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- return ModelManager.add_meta_rule(user_id=None, meta_rule_id=meta_rule_id, value=value)
-
-
-def get_meta_rules(meta_rule_id=None):
- from python_moondb.core import ModelManager
- return ModelManager.get_meta_rules(user_id=None, meta_rule_id=meta_rule_id)
-
-
-def delete_meta_rules(meta_rule_id=None):
- from python_moondb.core import ModelManager
- ModelManager.delete_meta_rule(user_id=None, meta_rule_id=meta_rule_id)
diff --git a/python_moondb/tests/unit_python/helpers/mock_data.py b/python_moondb/tests/unit_python/helpers/mock_data.py
deleted file mode 100644
index 0d65ea02..00000000
--- a/python_moondb/tests/unit_python/helpers/mock_data.py
+++ /dev/null
@@ -1,156 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-from .category_helper import *
-from .policy_helper import *
-from .data_helper import *
-from .model_helper import *
-from .meta_rule_helper import *
-from uuid import uuid4
-
-
-def create_subject_category(name):
- subject_category = add_subject_category(
- value={"name": name, "description": "description 1"})
- return list(subject_category.keys())[0]
-
-
-def create_object_category(name):
- object_category = add_object_category(
- value={"name": name, "description": "description 1"})
- return list(object_category.keys())[0]
-
-
-def create_action_category(name):
- action_category = add_action_category(
- value={"name": name, "description": "description 1"})
- return list(action_category.keys())[0]
-
-
-def create_model(meta_rule_id, model_name="test_model"):
- value = {
- "name": model_name,
- "description": "test",
- "meta_rules": [meta_rule_id]
-
- }
- return value
-
-
-def create_policy(model_id, policy_name="policy_1"):
- value = {
- "name": policy_name,
- "model_id": model_id,
- "genre": "authz",
- "description": "test",
- }
- return value
-
-
-def create_pdp(policies_ids):
- value = {
- "name": "test_pdp",
- "security_pipeline": policies_ids,
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- return value
-
-
-def create_new_policy(subject_category_name="subjectCategory", object_category_name="objectCategory",
- action_category_name="actionCategory",
- model_name="test_model", policy_name="policy_name",
- meta_rule_name="meta_rule_"):
- if policy_name == "policy_name":
- policy_name = "policy_name_" + uuid4().hex
-
- subject_category_id, object_category_id, action_category_id, meta_rule_id = create_new_meta_rule(
- subject_category_name=subject_category_name + uuid4().hex,
- object_category_name=object_category_name + uuid4().hex,
- action_category_name=action_category_name + uuid4().hex,
- meta_rule_name=meta_rule_name + uuid4().hex
- )
- model = add_model(value=create_model(meta_rule_id, model_name))
- model_id = list(model.keys())[0]
- value = create_policy(model_id, policy_name)
- policy = add_policies(value=value)
- assert policy
- policy_id = list(policy.keys())[0]
- return subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id
-
-
-def create_new_meta_rule(subject_category_name="subject_category" + uuid4().hex,
- object_category_name="object_category" + uuid4().hex,
- action_category_name="action_category" + uuid4().hex,
- meta_rule_name="meta_rule" + uuid4().hex):
- from python_moondb.core import ModelManager
-
- subject_category_id = create_subject_category(subject_category_name)
- object_category_id = create_object_category(object_category_name)
- action_category_id = create_action_category(action_category_name)
- value = {"name": meta_rule_name,
- "algorithm": "name of the meta rule algorithm",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- # meta_rule = add_meta_rule(value=value)
- meta_rule = ModelManager.add_meta_rule(user_id=None, meta_rule_id=None, value=value)
- return subject_category_id, object_category_id, action_category_id, list(meta_rule.keys())[0]
-
-
-def create_subject(policy_id):
- value = {
- "name": "testuser",
- "description": "test",
- }
- subject = add_subject(policy_id=policy_id, value=value)
- return list(subject.keys())[0]
-
-
-def create_object(policy_id):
- value = {
- "name": "testobject",
- "description": "test",
- }
- object = add_object(policy_id=policy_id, value=value)
- return list(object.keys())[0]
-
-
-def create_action(policy_id):
- value = {
- "name": "testaction",
- "description": "test",
- }
- action = add_action(policy_id=policy_id, value=value)
- return list(action.keys())[0]
-
-
-def create_subject_data(policy_id, category_id):
- value = {
- "name": uuid4().hex,
- "description": {uuid4().hex: "", uuid4().hex: "", uuid4().hex: ""},
- }
- subject_data = add_subject_data(policy_id=policy_id, category_id=category_id, value=value).get('data')
- assert subject_data
- return list(subject_data.keys())[0]
-
-
-def create_object_data(policy_id, category_id):
- value = {
- "name": uuid4().hex,
- "description": {uuid4().hex: "", uuid4().hex: "", uuid4().hex: ""},
- }
- object_data = add_object_data(policy_id=policy_id, category_id=category_id, value=value).get('data')
- return list(object_data.keys())[0]
-
-
-def create_action_data(policy_id, category_id):
- value = {
- "name": uuid4().hex,
- "description": {uuid4().hex: "", uuid4().hex: "", uuid4().hex: ""},
- }
- action_data = add_action_data(policy_id=policy_id, category_id=category_id, value=value).get('data')
- return list(action_data.keys())[0]
diff --git a/python_moondb/tests/unit_python/helpers/model_helper.py b/python_moondb/tests/unit_python/helpers/model_helper.py
deleted file mode 100644
index 98a6271d..00000000
--- a/python_moondb/tests/unit_python/helpers/model_helper.py
+++ /dev/null
@@ -1,47 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-from helpers import mock_data
-from uuid import uuid4
-
-def get_models(model_id=None):
- from python_moondb.core import ModelManager
- return ModelManager.get_models(user_id=None, model_id=model_id)
-
-
-def add_model(model_id=None, value=None):
- from python_moondb.core import ModelManager
- if not value:
- subject_category_id, object_category_id, action_category_id, meta_rule_id = mock_data.create_new_meta_rule()
- name = "MLS" if model_id is None else "MLS " + model_id
- value = {
- "name": name,
- "description": "test",
- "meta_rules": [meta_rule_id]
- }
- return ModelManager.add_model(user_id=None, model_id=model_id, value=value)
-
-
-def delete_models(uuid=None, name=None):
- from python_moondb.core import ModelManager
- if not uuid:
- for model_id, model_value in get_models():
- if name == model_value['name']:
- uuid = model_id
- break
- ModelManager.delete_model(user_id=None, model_id=uuid)
-
-
-def delete_all_models():
- from python_moondb.core import ModelManager
- models_values = get_models()
- print(models_values)
- for model_id, model_value in models_values.items():
- ModelManager.delete_model(user_id=None, model_id=model_id)
-
-
-def update_model(model_id=None, value=None):
- from python_moondb.core import ModelManager
- return ModelManager.update_model(user_id=None, model_id=model_id, value=value)
diff --git a/python_moondb/tests/unit_python/helpers/pdp_helper.py b/python_moondb/tests/unit_python/helpers/pdp_helper.py
deleted file mode 100644
index 3d169b06..00000000
--- a/python_moondb/tests/unit_python/helpers/pdp_helper.py
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-def update_pdp(pdp_id, value):
- from python_moondb.core import PDPManager
- return PDPManager.update_pdp("", pdp_id, value)
-
-
-def delete_pdp(pdp_id):
- from python_moondb.core import PDPManager
- PDPManager.delete_pdp("", pdp_id)
-
-
-def add_pdp(pdp_id=None, value=None):
- from python_moondb.core import PDPManager
- return PDPManager.add_pdp("", pdp_id, value)
-
-
-def get_pdp(pdp_id=None):
- from python_moondb.core import PDPManager
- return PDPManager.get_pdp("", pdp_id)
diff --git a/python_moondb/tests/unit_python/helpers/policy_helper.py b/python_moondb/tests/unit_python/helpers/policy_helper.py
deleted file mode 100644
index 93d81c62..00000000
--- a/python_moondb/tests/unit_python/helpers/policy_helper.py
+++ /dev/null
@@ -1,72 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-from helpers import mock_data as mock_data
-from helpers import meta_rule_helper
-
-def get_policies():
- from python_moondb.core import PolicyManager
- return PolicyManager.get_policies("admin")
-
-
-def add_policies(policy_id=None, value=None):
- from python_moondb.core import PolicyManager
- if not value:
- value = {
- "name": "test_policy",
- "model_id": "",
- "genre": "authz",
- "description": "test",
- }
- return PolicyManager.add_policy("admin", policy_id=policy_id, value=value)
-
-
-def delete_policies(uuid=None, name=None):
- from python_moondb.core import PolicyManager
- if not uuid:
- for policy_id, policy_value in get_policies():
- if name == policy_value['name']:
- uuid = policy_id
- break
- PolicyManager.delete_policy("admin", uuid)
-
-
-def update_policy(policy_id, value):
- from python_moondb.core import PolicyManager
- return PolicyManager.update_policy("admin", policy_id, value)
-
-
-def get_policy_from_meta_rules(meta_rule_id):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_policy_from_meta_rules("admin", meta_rule_id)
-
-
-def get_rules(policy_id=None, meta_rule_id=None, rule_id=None):
- from python_moondb.core import PolicyManager
- return PolicyManager.get_rules("", policy_id, meta_rule_id, rule_id)
-
-
-def add_rule(policy_id, meta_rule_id, value=None):
- from python_moondb.core import PolicyManager
- if not value:
- meta_rule = meta_rule_helper.get_meta_rules(meta_rule_id)
- sub_cat_id = meta_rule[meta_rule_id]['subject_categories'][0]
- ob_cat_id = meta_rule[meta_rule_id]['object_categories'][0]
- act_cat_id = meta_rule[meta_rule_id]['action_categories'][0]
-
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=sub_cat_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id, category_id=ob_cat_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id, category_id=act_cat_id)
-
- value = {
- "rule": (subject_data_id, object_data_id, action_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
- return PolicyManager.add_rule("", policy_id, meta_rule_id, value)
-
-
-def delete_rule(policy_id=None, rule_id=None):
- from python_moondb.core import PolicyManager
- PolicyManager.delete_rule("", policy_id, rule_id)
diff --git a/python_moondb/tests/unit_python/mock_components.py b/python_moondb/tests/unit_python/mock_components.py
deleted file mode 100644
index a0319e1a..00000000
--- a/python_moondb/tests/unit_python/mock_components.py
+++ /dev/null
@@ -1,27 +0,0 @@
-import utilities
-
-COMPONENTS = (
- "logging",
- "openstack/keystone",
- "database",
- "slave",
- "components/manager",
- "components/orchestrator",
- "components/interface",
-)
-
-
-def register_components(m):
- for component in COMPONENTS:
- m.register_uri(
- 'GET', 'http://consul:8500/v1/kv/{}'.format(component),
- json=[{'Key': component, 'Value': utilities.get_b64_conf(component)}]
- )
-
- m.register_uri(
- 'GET', 'http://consul:8500/v1/kv/components?recurse=true',
- json=[
- {"Key": key, "Value": utilities.get_b64_conf(key)} for key in COMPONENTS
- ],
- # json={'Key': "components", 'Value': get_b64_conf("components")}
- ) \ No newline at end of file
diff --git a/python_moondb/tests/unit_python/mock_keystone.py b/python_moondb/tests/unit_python/mock_keystone.py
deleted file mode 100644
index 3f262538..00000000
--- a/python_moondb/tests/unit_python/mock_keystone.py
+++ /dev/null
@@ -1,33 +0,0 @@
-def register_keystone(m):
- m.register_uri(
- 'POST', 'http://keystone:5000/v3/auth/tokens',
- headers={'X-Subject-Token': "111111111"}
- )
- m.register_uri(
- 'DELETE', 'http://keystone:5000/v3/auth/tokens',
- headers={'X-Subject-Token': "111111111"}
- )
- m.register_uri(
- 'POST', 'http://keystone:5000/v3/users?name=testuser&domain_id=default',
- json={"users": {}}
- )
- m.register_uri(
- 'GET', 'http://keystone:5000/v3/users?name=testuser&domain_id=default',
- json={"users": {}}
- )
- m.register_uri(
- 'POST', 'http://keystone:5000/v3/users/',
- json={"users": [{
- "id": "1111111111111"
- }]}
- )
- m.register_uri(
- 'POST', 'http://keystone:5000/v3/projects/',
- json={
- "description": "test_project",
- "domain_id": ['domain_id_1'],
- "enabled": True,
- "is_domain": False,
- "name": 'project_1'
- }
- )
diff --git a/python_moondb/tests/unit_python/models/__init__.py b/python_moondb/tests/unit_python/models/__init__.py
deleted file mode 100755
index e69de29b..00000000
--- a/python_moondb/tests/unit_python/models/__init__.py
+++ /dev/null
diff --git a/python_moondb/tests/unit_python/models/test_categories.py b/python_moondb/tests/unit_python/models/test_categories.py
deleted file mode 100644
index 39dc4c71..00000000
--- a/python_moondb/tests/unit_python/models/test_categories.py
+++ /dev/null
@@ -1,111 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import pytest
-import logging
-from python_moonutilities.exceptions import *
-from helpers import category_helper
-
-logger = logging.getLogger("moon.db.tests.models.test_categories")
-
-
-def test_add_subject_category_twice():
- category = category_helper.add_subject_category(
- value={"name": "category name", "description": "description 1"})
- category_id = list(category.keys())[0]
- assert category is not None
- with pytest.raises(SubjectCategoryExisting):
- category_helper.add_subject_category(category_id,
- value={"name": "category name",
- "description": "description 2"})
-
-
-def test_add_subject_category_name_space():
- with pytest.raises(CategoryNameInvalid) as exp:
- category = category_helper.add_subject_category(value={"name": " ", "description":
- "description 1"})
- assert exp.value.code == 400
- assert exp.value.description == 'The given category name is invalid.'
-
-
-def test_get_subject_categories():
- added_category = category_helper.add_subject_category(
- value={"name": "category name", "description": "description 1"})
- category_id = list(added_category.keys())[0]
- subject_category = category_helper.get_subject_category(category_id)
- assert subject_category == added_category
-
-
-def test_get_subject_categories_with_invalid_id():
- category_id = "invalid_id"
- subject_category = category_helper.get_subject_category(category_id)
- assert len(subject_category) == 0
-
-
-def test_add_object_category_twice():
- category = category_helper.add_object_category(
- value={"name": "category name", "description": "description 1"})
- category_id = list(category.keys())[0]
- assert category is not None
- with pytest.raises(ObjectCategoryExisting):
- category_helper.add_object_category(category_id,
- value={"name": "category name",
- "description": "description 2"})
-
-
-def test_add_object_category_name_space():
- with pytest.raises(CategoryNameInvalid) as exp:
- category = category_helper.add_object_category(value={"name": " ", "description":
- "description 1"})
- assert exp.value.code == 400
- assert exp.value.description == 'The given category name is invalid.'
-
-
-def test_get_object_categories():
- added_category = category_helper.add_object_category(
- value={"name": "category name", "description": "description 1"})
- category_id = list(added_category.keys())[0]
- object_category = category_helper.get_object_category(category_id)
- assert object_category == added_category
-
-
-def test_get_object_categories_with_invalid_id():
- category_id = "invalid_id"
- object_category = category_helper.get_object_category(category_id)
- assert len(object_category) == 0
-
-
-def test_add_action_category_twice():
- category = category_helper.add_action_category(
- value={"name": "category name", "description": "description 1"})
- category_id = list(category.keys())[0]
- assert category is not None
- with pytest.raises(ActionCategoryExisting) as exp_info:
- category_helper.add_action_category(category_id,
- value={"name": "category name",
- "description": "description 2"})
- assert str(exp_info.value)=='409: Action Category Existing'
-
-
-def test_add_action_category_name_space():
- with pytest.raises(CategoryNameInvalid) as exp:
- category = category_helper.add_action_category(value={"name": " ", "description":
- "description 1"})
- assert exp.value.code == 400
- assert exp.value.description == 'The given category name is invalid.'
-
-
-def test_get_action_categories():
- added_category = category_helper.add_action_category(
- value={"name": "category name", "description": "description 1"})
- category_id = list(added_category.keys())[0]
- action_category = category_helper.get_action_category(category_id)
- assert action_category == added_category
-
-
-def test_get_action_categories_with_invalid_id():
- category_id = "invalid_id"
- action_category = category_helper.get_action_category(category_id)
- assert len(action_category) == 0
diff --git a/python_moondb/tests/unit_python/models/test_meta_rules.py b/python_moondb/tests/unit_python/models/test_meta_rules.py
deleted file mode 100644
index 3b2b5b0e..00000000
--- a/python_moondb/tests/unit_python/models/test_meta_rules.py
+++ /dev/null
@@ -1,403 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import pytest
-from helpers import meta_rule_helper
-from helpers import policy_helper
-import helpers.mock_data as mock_data
-import helpers.model_helper as model_helper
-from python_moonutilities.exceptions import *
-from uuid import uuid4
-
-
-def test_update_not_exist_meta_rule_error(db):
- # set not existing meta rule and expect to raise and error
- with pytest.raises(MetaRuleUnknown) as exception_info:
- meta_rule_helper.update_meta_rule(meta_rule_id=None)
- assert str(exception_info.value) == '400: Meta Rule Unknown'
-
-
-def test_update_meta_rule_connected_with_policy_and_rule():
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
-
- value = {
- "rule": (subject_data_id, object_data_id, action_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- rules = policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert rules
- assert len(rules) == 1
-
- action_category_id = mock_data.create_action_category("action_category_id2")
- subject_category_id = mock_data.create_subject_category("subject_category_id2")
- object_category_id = mock_data.create_object_category("object_category_id2")
-
- updated_value = {
- "name": "MLS_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- with pytest.raises(MetaRuleUpdateError) as exception_info:
- updated_meta_rule = meta_rule_helper.update_meta_rule(meta_rule_id, updated_value)
- assert str(exception_info.value) == '400: Meta_Rule Update Error'
-
-
-def test_update_meta_rule_connected_with_policy(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- action_category_id = mock_data.create_action_category("action_category_id2")
- subject_category_id = mock_data.create_subject_category("subject_category_id2")
- object_category_id = mock_data.create_object_category("object_category_id2")
- value = {
- "name": "MLS_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- meta_rules = meta_rule_helper.add_meta_rule(value=value)
- assert isinstance(meta_rules, dict)
- assert meta_rules
- assert len(meta_rules) is 1
- meta_rule_id = list(meta_rules.keys())[0]
- for key in (
- "name", "description", "subject_categories", "object_categories", "action_categories"):
- assert key in meta_rules[meta_rule_id]
- assert meta_rules[meta_rule_id][key] == value[key]
-
-
-def test_add_new_meta_rule_success(db):
- action_category_id = mock_data.create_action_category("action_category_id1")
- subject_category_id = mock_data.create_subject_category("subject_category_id1")
- object_category_id = mock_data.create_object_category("object_category_id1")
- value = {
- "name": "MLS_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- meta_rules = meta_rule_helper.add_meta_rule(value=value)
- assert isinstance(meta_rules, dict)
- assert meta_rules
- assert len(meta_rules) is 1
- meta_rule_id = list(meta_rules.keys())[0]
- for key in (
- "name", "description", "subject_categories", "object_categories", "action_categories"):
- assert key in meta_rules[meta_rule_id]
- assert meta_rules[meta_rule_id][key] == value[key]
-
-
-def test_meta_rule_with_blank_name(db):
- action_category_id = mock_data.create_action_category(uuid4().hex)
- subject_category_id = mock_data.create_subject_category(uuid4().hex)
- object_category_id = mock_data.create_object_category(uuid4().hex)
- value = {
- "name": "",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- with pytest.raises(MetaRuleContentError) as exception_info:
- meta_rule_helper.add_meta_rule(value=value)
- assert str(exception_info.value) == '400: Meta Rule Error'
-
-
-def test_update_meta_rule_success(db):
- # arrange
- meta_rules = meta_rule_helper.add_meta_rule()
- meta_rule_id = list(meta_rules.keys())[0]
- action_category_id = mock_data.create_action_category("action_category_id2")
- subject_category_id = mock_data.create_subject_category("subject_category_id2")
- object_category_id = mock_data.create_object_category("object_category_id2")
- updated_value = {
- "name": "MLS_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- # action
- updated_meta_rule = meta_rule_helper.update_meta_rule(meta_rule_id, updated_value)
- # assert
- updated_meta_rule_id = list(updated_meta_rule.keys())[0]
- assert updated_meta_rule_id == meta_rule_id
- assert updated_meta_rule[updated_meta_rule_id]["subject_categories"] == updated_value[
- "subject_categories"]
-
-
-def test_update_meta_rule_with_existed_categories_combination(db):
- action_category_id1 = mock_data.create_action_category(uuid4().hex)
- subject_category_id1 = mock_data.create_subject_category(uuid4().hex)
- object_category_id1 = mock_data.create_object_category(uuid4().hex)
- meta_rule_name1=uuid4().hex
- value1 = {
- "name": meta_rule_name1,
- "description": "test",
- "subject_categories": [subject_category_id1],
- "object_categories": [object_category_id1],
- "action_categories": [action_category_id1]
- }
- meta_rules = meta_rule_helper.add_meta_rule(value=value1)
-
- action_category_id2 = mock_data.create_action_category(uuid4().hex)
- subject_category_id2 = mock_data.create_subject_category(uuid4().hex)
- object_category_id2 = mock_data.create_object_category(uuid4().hex)
- meta_rule_name2 = uuid4().hex
- value2 = {
- "name": meta_rule_name2,
- "description": "test",
- "subject_categories": [subject_category_id2],
- "object_categories": [object_category_id2],
- "action_categories": [action_category_id2]
- }
- meta_rules = meta_rule_helper.add_meta_rule(value=value2)
- meta_rule_id2 = list(meta_rules.keys())[0]
- value1['name']=value2['name']
- with pytest.raises(MetaRuleExisting) as exception_info:
- updated_meta_rule = meta_rule_helper.update_meta_rule(meta_rule_id2, value1)
- assert str(exception_info.value) == '409: Meta Rule Existing'
- assert exception_info.value.description=="Same categories combination existed"
-
-
-def test_update_meta_rule_with_different_categories_combination_but_same_data(db):
- action_category_id1 = mock_data.create_action_category(uuid4().hex)
- subject_category_id1 = mock_data.create_subject_category(uuid4().hex)
- object_category_id1 = mock_data.create_object_category(uuid4().hex)
- meta_rule_name1=uuid4().hex
- value1 = {
- "name": meta_rule_name1,
- "description": "test",
- "subject_categories": [subject_category_id1],
- "object_categories": [object_category_id1],
- "action_categories": [action_category_id1]
- }
- meta_rules = meta_rule_helper.add_meta_rule(value=value1)
-
- action_category_id2 = mock_data.create_action_category(uuid4().hex)
- subject_category_id2 = mock_data.create_subject_category(uuid4().hex)
- object_category_id2 = mock_data.create_object_category(uuid4().hex)
- meta_rule_name2 = uuid4().hex
- value2 = {
- "name": meta_rule_name2,
- "description": "test",
- "subject_categories": [subject_category_id2],
- "object_categories": [object_category_id2],
- "action_categories": [action_category_id2]
- }
- meta_rules = meta_rule_helper.add_meta_rule(value=value2)
- meta_rule_id2 = list(meta_rules.keys())[0]
- value1['name']=value2['name']
- value1['object_categories']+=[object_category_id1]
- updated_meta_rule = meta_rule_helper.update_meta_rule(meta_rule_id2, value1)
- assert meta_rule_id2 in updated_meta_rule
-
-
-def test_add_existing_meta_rule_error(db):
- action_category_id = mock_data.create_action_category("action_category_id3")
- subject_category_id = mock_data.create_subject_category("subject_category_id3")
- object_category_id = mock_data.create_object_category("object_category_id3")
- value = {
- "name": "MLS_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- meta_rules = meta_rule_helper.add_meta_rule(value=value)
- meta_rule_id = list(meta_rules.keys())[0]
- with pytest.raises(MetaRuleExisting) as exception_info:
- meta_rule_helper.add_meta_rule(meta_rule_id=meta_rule_id)
- assert str(exception_info.value) == '409: Meta Rule Existing'
-
-
-def test_add_meta_rule_with_existing_name_error(db):
- action_category_id = mock_data.create_action_category(uuid4().hex)
- subject_category_id = mock_data.create_subject_category(uuid4().hex)
- object_category_id = mock_data.create_object_category(uuid4().hex)
- name = uuid4().hex
- value = {
- "name": name,
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- meta_rule_helper.add_meta_rule(value=value)
- action_category_id = mock_data.create_action_category(uuid4().hex)
- subject_category_id = mock_data.create_subject_category(uuid4().hex)
- object_category_id = mock_data.create_object_category(uuid4().hex)
- value = {
- "name": name,
- "description": 'test',
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- with pytest.raises(MetaRuleExisting) as exception_info:
- meta_rule_helper.add_meta_rule(value=value)
- assert str(exception_info.value) == '409: Meta Rule Existing'
- assert exception_info.value.description == 'The meta rule already exists.'
-
-
-def test_add_meta_rule_with_existing_categories_combination(db):
- action_category_id = mock_data.create_action_category(uuid4().hex)
- subject_category_id = mock_data.create_subject_category(uuid4().hex)
- object_category_id = mock_data.create_object_category(uuid4().hex)
- name = uuid4().hex
- value = {
- "name": name,
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- meta_rule_helper.add_meta_rule(value=value)
- value['name'] = uuid4().hex
- with pytest.raises(MetaRuleExisting) as exception_info:
- meta_rule_helper.add_meta_rule(value=value)
- assert str(exception_info.value) == '409: Meta Rule Existing'
- assert exception_info.value.description == "Same categories combination existed"
-
-
-def test_add_meta_rule_with_different_categories_combination_but_same_data(db):
- action_category_id = mock_data.create_action_category(uuid4().hex)
- subject_category_id = mock_data.create_subject_category(uuid4().hex)
- object_category_id1 = mock_data.create_object_category(uuid4().hex)
- object_category_id2 = mock_data.create_object_category(uuid4().hex)
-
- name1 = uuid4().hex
- value = {
- "name": name1,
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id1],
- "action_categories": [action_category_id]
- }
- meta_rule_helper.add_meta_rule(value=value)
- name2 = uuid4().hex
- value['name'] = name2
- value['object_categories'] += [object_category_id2]
- meta_rules = meta_rule_helper.add_meta_rule(value=value)
- bool_found_meta_rule = 0
- for meta_rule_id in meta_rules:
- if meta_rules[meta_rule_id]['name'] == name2:
- bool_found_meta_rule = 1
- break
- assert bool_found_meta_rule
-
-
-def test_get_meta_rule_success(db):
- # arrange
- action_category_id = mock_data.create_action_category("action_type")
- subject_category_id = mock_data.create_subject_category("user_security_level")
- object_category_id = mock_data.create_object_category("vm_security_level")
- values = {}
- value1 = {
- "name": "MLS_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- meta_rules1 = meta_rule_helper.add_meta_rule(value=value1)
- meta_rule_id1 = list(meta_rules1.keys())[0]
- values[meta_rule_id1] = value1
- action_category_id = mock_data.create_action_category("action_type2")
- subject_category_id = mock_data.create_subject_category("user_security_level2")
- object_category_id = mock_data.create_object_category("vm_security_level2")
- value2 = {
- "name": "rbac_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- meta_rules2 = meta_rule_helper.add_meta_rule(value=value2)
- meta_rule_id2 = list(meta_rules2.keys())[0]
- values[meta_rule_id2] = value2
-
- # action
- meta_rules = meta_rule_helper.get_meta_rules()
- # assert
- assert isinstance(meta_rules, dict)
- assert meta_rules
- assert len(meta_rules) is 2
- for meta_rule_id in meta_rules:
- for key in (
- "name", "description", "subject_categories", "object_categories", "action_categories"):
- assert key in meta_rules[meta_rule_id]
- assert meta_rules[meta_rule_id][key] == values[meta_rule_id][key]
-
-
-def test_get_specific_meta_rule_success(db):
- # arrange
- added_meta_rules = meta_rule_helper.add_meta_rule()
- added_meta_rule_id = list(added_meta_rules.keys())[0]
- # action
- meta_rules = meta_rule_helper.get_meta_rules(meta_rule_id=added_meta_rule_id)
- meta_rule_id = list(meta_rules.keys())[0]
- # assert
- assert meta_rule_id == added_meta_rule_id
- for key in (
- "name", "description", "subject_categories", "object_categories", "action_categories"):
- assert key in meta_rules[meta_rule_id]
- assert meta_rules[meta_rule_id][key] == added_meta_rules[added_meta_rule_id][key]
-
-
-def test_delete_meta_rules_success(db):
- action_category_id = mock_data.create_action_category("action_type")
- subject_category_id = mock_data.create_subject_category("user_security_level")
- object_category_id = mock_data.create_object_category("vm_security_level")
- # arrange
- value1 = {
- "name": "MLS_meta_rule",
- "description": "test",
- "subject_categories": [subject_category_id],
- "object_categories": [object_category_id],
- "action_categories": [action_category_id]
- }
- meta_rules1 = meta_rule_helper.add_meta_rule(value=value1)
- meta_rule_id1 = list(meta_rules1.keys())[0]
-
- # action
- meta_rule_helper.delete_meta_rules(meta_rule_id1)
- # assert
- meta_rules = meta_rule_helper.get_meta_rules()
- assert meta_rule_id1 not in meta_rules
-
-
-def test_delete_meta_rules_with_model(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- with pytest.raises(DeleteMetaRuleWithModel) as exception_info:
- meta_rule_helper.delete_meta_rules(meta_rule_id)
- assert str(exception_info.value) == '400: Meta rule With Model Error'
-
-
-def test_delete_invalid_meta_rules_error(db):
- with pytest.raises(MetaRuleUnknown) as exception_info:
- meta_rule_helper.delete_meta_rules("INVALID_META_RULE_ID")
- assert str(exception_info.value) == '400: Meta Rule Unknown'
diff --git a/python_moondb/tests/unit_python/models/test_models.py b/python_moondb/tests/unit_python/models/test_models.py
deleted file mode 100644
index 1b171069..00000000
--- a/python_moondb/tests/unit_python/models/test_models.py
+++ /dev/null
@@ -1,622 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import pytest
-from python_moonutilities.exceptions import *
-import logging
-import helpers.mock_data as mock_data
-import helpers.model_helper as model_helper
-import helpers.category_helper as category_helper
-import helpers.policy_helper as policy_helper
-import helpers.assignment_helper as assignment_helper
-from uuid import uuid4
-
-logger = logging.getLogger("moon.db.tests.test_model")
-
-
-def test_get_models_empty(db):
- # act
- models = model_helper.get_models()
- # assert
- assert isinstance(models, dict)
- assert not models
-
-
-def test_get_model(db):
- # prepare
- model_helper.add_model(model_id="mls_model_id")
- # act
- models = model_helper.get_models()
- # assert
- assert isinstance(models, dict)
- assert models # assert model is not empty
- assert len(models) is 1
- model_helper.delete_all_models()
-
-
-def test_get_specific_model(db):
- # prepare
- model_helper.add_model(model_id="mls_model_id")
- # act
- models = model_helper.get_models(model_id="mls_model_id")
- # assert
- assert isinstance(models, dict)
- assert models # assert model is not empty
- assert len(models) is 1
- model_helper.delete_all_models()
-
-
-def test_add_model(db):
- # act
- model = model_helper.add_model()
- # assert
- assert isinstance(model, dict)
- assert model # assert model is not empty
- assert len(model) is 1
- model_helper.delete_all_models()
-
-
-def test_add_same_model_twice(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id = mock_data.create_new_meta_rule(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "model1",
- "description": "test",
- "meta_rules": [meta_rule_id]
- }
- # prepare
- model_helper.add_model(model_id="model_1", value=value) # add model twice
- # act
- subject_category_id, object_category_id, action_category_id, meta_rule_id = mock_data.create_new_meta_rule(
- subject_category_name="subject_category2",
- object_category_name="object_category2",
- action_category_name="action_category2",
- meta_rule_name="meta_rule_2")
- value = {
- "name": "model2",
- "description": "test",
- "meta_rules": [meta_rule_id]
- }
- with pytest.raises(ModelExisting) as exception_info:
- model_helper.add_model(model_id="model_1", value=value)
- model_helper.delete_all_models()
- assert str(exception_info.value) == '409: Model Error'
-
-
-def test_add_model_generate_new_uuid(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id1 = mock_data.create_new_meta_rule(
- subject_category_name="subject_category3",
- object_category_name="object_category3",
- action_category_name="action_category3",
- meta_rule_name="meta_rule_3")
- model_value1 = {
- "name": "MLS",
- "description": "test",
- "meta_rules": [meta_rule_id1]
- }
- model1 = model_helper.add_model(value=model_value1)
- subject_category_id, object_category_id, action_category_id, meta_rule_id2 = mock_data.create_new_meta_rule(
- subject_category_name="subject_category4",
- object_category_name="object_category4",
- action_category_name="action_category4",
- meta_rule_name="meta_rule_4")
- model_value2 = {
- "name": "rbac",
- "description": "test",
- "meta_rules": [meta_rule_id2]
- }
- model2 = model_helper.add_model(value=model_value2)
-
- assert list(model1)[0] != list(model2)[0]
- model_helper.delete_all_models()
-
-
-def test_add_models(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id = mock_data.create_new_meta_rule(
- subject_category_name="subject_category5",
- object_category_name="object_category5",
- action_category_name="action_category5")
- model_value1 = {
- "name": "MLS",
- "description": "test",
- "meta_rules": [meta_rule_id]
- }
- models = model_helper.add_model(value=model_value1)
- assert isinstance(models, dict)
- assert models
- assert len(models.keys()) == 1
- model_id = list(models.keys())[0]
- for key in ("name", "meta_rules", "description"):
- assert key in models[model_id]
- assert models[model_id][key] == model_value1[key]
- model_helper.delete_all_models()
-
-
-def test_add_models_with_same_name_twice(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id = mock_data.create_new_meta_rule(
- subject_category_name="subject_category5",
- object_category_name="object_category5",
- action_category_name="action_category5")
- model_value1 = {
- "name": "MLS",
- "description": "test",
- "meta_rules": [meta_rule_id]
- }
- models = model_helper.add_model(value=model_value1)
- assert isinstance(models, dict)
- assert models
- with pytest.raises(Exception) as exception_info:
- model_helper.add_model(value=model_value1)
- model_helper.delete_all_models()
- assert str(exception_info.value) == '409: Model Error'
-
-def test_add_model_with_existed_meta_rules_list(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id = mock_data.create_new_meta_rule(
- subject_category_name=uuid4().hex,
- object_category_name=uuid4().hex,
- action_category_name=uuid4().hex)
- model_value1 = {
- "name": uuid4().hex,
- "description": "test",
- "meta_rules": [meta_rule_id]
- }
- models = model_helper.add_model(value=model_value1)
- assert isinstance(models, dict)
- assert models
- model_value1 = {
- "name": uuid4().hex,
- "description": "test",
- "meta_rules": [meta_rule_id]
- }
- with pytest.raises(Exception) as exception_info:
- model_helper.add_model(value=model_value1)
- model_helper.delete_all_models()
- assert str(exception_info.value) == '409: Model Error'
- assert str(exception_info.value.description)=='Meta Rules List Existed in another Model'
-
-
-def test_delete_models(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id1 = mock_data.create_new_meta_rule(
- subject_category_name="subject_category6",
- object_category_name="object_category6",
- action_category_name="action_category6",
- meta_rule_name="meta_rule_6")
- model_value1 = {
- "name": "MLS",
- "description": "test",
- "meta_rules": [meta_rule_id1]
- }
- model1 = model_helper.add_model(value=model_value1)
- subject_category_id, object_category_id, action_category_id, meta_rule_id2 = mock_data.create_new_meta_rule(
- subject_category_name="subject_category7",
- object_category_name="object_category7",
- action_category_name="action_category7",
- meta_rule_name="meta_rule_7")
- model_value2 = {
- "name": "rbac",
- "description": "test",
- "meta_rules": [meta_rule_id2]
- }
- model_helper.add_model(value=model_value2)
-
- id = list(model1)[0]
- model_helper.delete_models(id)
- # assert
- models = model_helper.get_models()
- assert id not in models
- model_helper.delete_all_models()
-
-
-def test_update_model(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id1 = mock_data.create_new_meta_rule(
- subject_category_name="subject_category8",
- object_category_name="object_category8",
- action_category_name="action_category8",
- meta_rule_name="meta_rule_8")
- # prepare
- model_value = {
- "name": "MLS",
- "description": "test",
- "meta_rules": [meta_rule_id1]
- }
- model = model_helper.add_model(value=model_value)
- model_id = list(model)[0]
- subject_category_id, object_category_id, action_category_id, meta_rule_id2 = mock_data.create_new_meta_rule(
- subject_category_name="subject_category9",
- object_category_name="object_category9",
- action_category_name="action_category9",
- meta_rule_name="meta_rule_9")
- new_model_value = {
- "name": "MLS2",
- "description": "test",
- "meta_rules": [meta_rule_id2]
- }
- # act
- model_helper.update_model(model_id=model_id, value=new_model_value)
- # assert
- model = model_helper.get_models(model_id)
-
- for key in ("name", "meta_rules", "description"):
- assert key in model[model_id]
- assert model[model_id][key] == new_model_value[key]
- model_helper.delete_all_models()
-
-
-def test_delete_model_assigned_to_policy(db):
- model_value1 = {
- "name": "MLS",
- "description": "test",
- "meta_rules": []
- }
- models = model_helper.add_model(value=model_value1)
- assert isinstance(models, dict)
- assert models
- assert len(models.keys()) == 1
- model_id = list(models.keys())[0]
- value = {
- "name": "test_policy",
- "model_id": model_id,
- "genre": "authz",
- "description": "test",
- }
- policy_helper.add_policies(value=value)
- with pytest.raises(DeleteModelWithPolicy) as exception_info:
- model_helper.delete_models(uuid=model_id)
- assert str(exception_info.value) == '400: Model With Policy Error'
-
-
-def test_add_subject_category(db):
- category_id = "category_id1"
- value = {
- "name": "subject_category",
- "description": "description subject_category"
- }
- subject_category = category_helper.add_subject_category(category_id, value)
- assert subject_category
- assert len(subject_category) == 1
-
-
-def test_add_subject_categories_with_existed_name(db):
- name = uuid4().hex
- value = {
- "name": name,
- "description": "description subject_category"
- }
- subject_category = category_helper.add_subject_category(value=value)
- assert subject_category
- assert len(subject_category) == 1
-
- value = {
- "name": name,
- "description": "description subject_category"
- }
- with pytest.raises(SubjectCategoryExisting) as exception_info:
- category_helper.add_subject_category(value=value)
- assert str(exception_info.value) == '409: Subject Category Existing'
-
-
-def test_add_subject_category_with_empty_name(db):
- category_id = "category_id1"
- value = {
- "name": "",
- "description": "description subject_category"
- }
- with pytest.raises(CategoryNameInvalid) as exception_info:
- category_helper.add_subject_category(category_id, value)
- assert str(exception_info.value) == '400: Category Name Invalid'
-
-
-def test_add_subject_category_with_same_category_id(db):
- category_id = "category_id1"
- value = {
- "name": "subject_category",
- "description": "description subject_category"
- }
- category_helper.add_subject_category(category_id, value)
- with pytest.raises(SubjectCategoryExisting) as exception_info:
- category_helper.add_subject_category(category_id, value)
- assert str(exception_info.value) == '409: Subject Category Existing'
-
-
-def test_get_subject_category(db):
- category_id = "category_id1"
- value = {
- "name": "subject_category",
- "description": "description subject_category"
- }
- category_helper.add_subject_category(category_id, value)
- subject_category = category_helper.get_subject_category(category_id)
- assert subject_category
- assert len(subject_category) == 1
-
-
-def test_delete_subject_category(db):
- category_id = "category_id1"
- value = {
- "name": "subject_category",
- "description": "description subject_category"
- }
- category_helper.add_subject_category(category_id, value)
- subject_category = category_helper.delete_subject_category(category_id)
- assert not subject_category
-
-
-def test_delete_subject_category_with_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- mock_data.create_subject_data(policy_id, subject_category_id)
-
- with pytest.raises(DeleteSubjectCategoryWithMetaRule) as exception_info:
- category_helper.delete_subject_category(subject_category_id)
- assert str(exception_info.value) == '400: Subject Category With Meta Rule Error'
-
-
-def test_delete_subject_category_with_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- subject_id = mock_data.create_subject(policy_id)
- data_id = mock_data.create_subject_data(policy_id, subject_category_id)
- assignment_helper.add_subject_assignment(policy_id, subject_id, subject_category_id, data_id)
-
- with pytest.raises(DeleteSubjectCategoryWithMetaRule) as exception_info:
- category_helper.delete_subject_category(subject_category_id)
- assert str(exception_info.value) == '400: Subject Category With Meta Rule Error'
-
-
-def test_delete_subject_category_with_rule(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id)
-
- with pytest.raises(DeleteSubjectCategoryWithMetaRule) as exception_info:
- category_helper.delete_subject_category(subject_category_id)
- assert str(exception_info.value) == '400: Subject Category With Meta Rule Error'
-
-
-def test_delete_subject_category_with_unkown_category_id(db):
- category_id = "invalid_category_id"
-
- with pytest.raises(SubjectCategoryUnknown) as exception_info:
- category_helper.delete_subject_category(category_id)
- assert str(exception_info.value) == '400: Subject Category Unknown'
-
-
-def test_add_object_category(db):
- category_id = "category_id1"
- value = {
- "name": "object_category",
- "description": "description object_category"
- }
- object_category = category_helper.add_object_category(category_id, value)
- assert object_category
- assert len(object_category) == 1
-
-
-def test_add_object_categories_with_existed_name(db):
- name = uuid4().hex
- value = {
- "name": name,
- "description": "description object_category"
- }
- object_category = category_helper.add_object_category(value=value)
- assert object_category
- assert len(object_category) == 1
- with pytest.raises(ObjectCategoryExisting) as exception_info:
- category_helper.add_object_category(value=value)
- assert str(exception_info.value) == '409: Object Category Existing'
-
-
-def test_add_object_category_with_same_category_id(db):
- category_id = "category_id1"
- value = {
- "name": "object_category",
- "description": "description object_category"
- }
- category_helper.add_object_category(category_id, value)
- with pytest.raises(ObjectCategoryExisting) as exception_info:
- category_helper.add_object_category(category_id, value)
- assert str(exception_info.value) == '409: Object Category Existing'
-
-
-def test_add_object_category_with_empty_name(db):
- category_id = "category_id1"
- value = {
- "name": "",
- "description": "description object_category"
- }
- with pytest.raises(CategoryNameInvalid) as exception_info:
- category_helper.add_object_category(category_id, value)
- assert str(exception_info.value) == '400: Category Name Invalid'
-
-
-def test_get_object_category(db):
- category_id = "category_id1"
- value = {
- "name": "object_category",
- "description": "description object_category"
- }
- category_helper.add_object_category(category_id, value)
- object_category = category_helper.get_object_category(category_id)
- assert object_category
- assert len(object_category) == 1
-
-
-def test_delete_object_category(db):
- category_id = "category_id1"
- value = {
- "name": "object_category",
- "description": "description object_category"
- }
- category_helper.add_object_category(category_id, value)
- object_category = category_helper.delete_object_category(category_id)
- assert not object_category
-
-
-def test_delete_object_category_with_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
- mock_data.create_subject_data(policy_id, subject_category_id)
-
- mock_data.create_object_data(policy_id, object_category_id)
-
- with pytest.raises(DeleteObjectCategoryWithMetaRule) as exception_info:
- category_helper.delete_object_category(object_category_id)
- assert str(exception_info.value) == '400: Object Category With Meta Rule Error'
-
-
-def test_delete_object_category_with_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- object_id = mock_data.create_object(policy_id)
- data_id = mock_data.create_object_data(policy_id, object_category_id)
- assignment_helper.add_object_assignment(policy_id, object_id, object_category_id, data_id)
-
- with pytest.raises(DeleteObjectCategoryWithMetaRule) as exception_info:
- category_helper.delete_object_category(object_category_id)
- assert str(exception_info.value) == '400: Object Category With Meta Rule Error'
-
-
-def test_delete_object_category_with_rule(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id)
-
- with pytest.raises(DeleteObjectCategoryWithMetaRule) as exception_info:
- category_helper.delete_object_category(object_category_id)
- assert str(exception_info.value) == '400: Object Category With Meta Rule Error'
-
-
-def test_delete_object_category_with_unkown_category_id(db):
- category_id = "invalid_category_id"
-
- with pytest.raises(ObjectCategoryUnknown) as exception_info:
- category_helper.delete_object_category(category_id)
- assert str(exception_info.value) == '400: Object Category Unknown'
-
-
-def test_add_action_category(db):
- category_id = "category_id1"
- value = {
- "name": "action_category",
- "description": "description action_category"
- }
- action_category = category_helper.add_action_category(category_id, value)
- assert action_category
- assert len(action_category) == 1
-
-
-def test_add_action_categories_with_existed_name(db):
- name = uuid4().hex
- value = {
- "name": name,
- "description": "description action_category"
- }
- action_category = category_helper.add_action_category(value=value)
- assert action_category
- assert len(action_category) == 1
- with pytest.raises(ActionCategoryExisting) as exception_info:
- category_helper.add_action_category(value=value)
- assert str(exception_info.value) == '409: Action Category Existing'
-
-
-def test_add_action_category_with_same_category_id(db):
- category_id = "category_id1"
- value = {
- "name": "action_category",
- "description": "description action_category"
- }
- category_helper.add_action_category(category_id, value)
- with pytest.raises(ActionCategoryExisting) as exception_info:
- category_helper.add_action_category(category_id, value)
- assert str(exception_info.value) == '409: Action Category Existing'
-
-
-def test_add_action_category_with_empty_name(db):
- category_id = "category_id1"
- value = {
- "name": "",
- "description": "description action_category"
- }
- with pytest.raises(CategoryNameInvalid) as exception_info:
- category_helper.add_action_category(category_id, value)
- assert str(exception_info.value) == '400: Category Name Invalid'
-
-
-def test_get_action_category(db):
- category_id = "category_id1"
- value = {
- "name": "action_category",
- "description": "description action_category"
- }
- category_helper.add_action_category(category_id, value)
- action_category = category_helper.get_action_category(category_id)
- assert action_category
- assert len(action_category) == 1
-
-
-def test_delete_action_category(db):
- category_id = "category_id1"
- value = {
- "name": "action_category",
- "description": "description action_category"
- }
- category_helper.add_action_category(category_id, value)
- action_category = category_helper.delete_action_category(category_id)
- assert not action_category
-
-
-def test_delete_action_category_with_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
- mock_data.create_subject_data(policy_id, subject_category_id)
-
- mock_data.create_action_data(policy_id, action_category_id)
-
- with pytest.raises(DeleteActionCategoryWithMetaRule) as exception_info:
- category_helper.delete_action_category(action_category_id)
- assert str(exception_info.value) == '400: Action Category With Meta Rule Error'
-
-
-def test_delete_action_category_with_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- action_id = mock_data.create_action(policy_id)
- data_id = mock_data.create_action_data(policy_id, action_category_id)
- assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id)
-
- with pytest.raises(DeleteActionCategoryWithMetaRule) as exception_info:
- category_helper.delete_action_category(action_category_id)
- assert str(exception_info.value) == '400: Action Category With Meta Rule Error'
-
-
-def test_delete_action_category_with_rule(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id)
-
- with pytest.raises(DeleteActionCategoryWithMetaRule) as exception_info:
- category_helper.delete_action_category(action_category_id)
- assert str(exception_info.value) == '400: Action Category With Meta Rule Error'
-
-
-def test_delete_action_category_with_unkown_category_id(db):
- category_id = "invalid_category_id"
-
- with pytest.raises(ActionCategoryUnknown) as exception_info:
- category_helper.delete_action_category(category_id)
- assert str(exception_info.value) == '400: Action Category Unknown'
-
-
-def test_delete_data_categories_connected_to_meta_rule(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
- with pytest.raises(DeleteSubjectCategoryWithMetaRule) as exception_info:
- category_helper.delete_subject_category(subject_category_id)
- assert str(exception_info.value) == '400: Subject Category With Meta Rule Error'
-
- with pytest.raises(DeleteObjectCategoryWithMetaRule) as exception_info:
- category_helper.delete_object_category(object_category_id)
- assert str(exception_info.value) == '400: Object Category With Meta Rule Error'
-
- with pytest.raises(DeleteActionCategoryWithMetaRule) as exception_info:
- category_helper.delete_action_category(action_category_id)
- assert str(exception_info.value) == '400: Action Category With Meta Rule Error'
diff --git a/python_moondb/tests/unit_python/policies/__init__.py b/python_moondb/tests/unit_python/policies/__init__.py
deleted file mode 100644
index e69de29b..00000000
--- a/python_moondb/tests/unit_python/policies/__init__.py
+++ /dev/null
diff --git a/python_moondb/tests/unit_python/policies/mock_data.py b/python_moondb/tests/unit_python/policies/mock_data.py
deleted file mode 100644
index 47fc9f9e..00000000
--- a/python_moondb/tests/unit_python/policies/mock_data.py
+++ /dev/null
@@ -1,74 +0,0 @@
-import helpers.model_helper as model_helper
-import helpers.meta_rule_helper as meta_rule_helper
-import helpers.policy_helper as policy_helper
-import helpers.category_helper as category_helper
-
-
-def create_meta_rule(meta_rule_name="meta_rule1", category_prefix=""):
- meta_rule_value = {
- "name": meta_rule_name,
- "algorithm": "name of the meta rule algorithm",
- "subject_categories": [category_prefix + "subject_category_id1",
- category_prefix + "subject_category_id2"],
- "object_categories": [category_prefix + "object_category_id1"],
- "action_categories": [category_prefix + "action_category_id1"]
- }
- return meta_rule_value
-
-
-def create_model(meta_rule_id, model_name="test_model"):
- value = {
- "name": model_name,
- "description": "test",
- "meta_rules": [meta_rule_id]
-
- }
- return value
-
-
-def create_policy(model_id, policy_name="policy_1"):
- value = {
- "name": policy_name,
- "model_id": model_id,
- "genre": "authz",
- "description": "test",
- }
- return value
-
-
-def create_pdp(pdp_ids):
- value = {
- "name": "test_pdp",
- "security_pipeline": pdp_ids,
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- return value
-
-
-def get_policy_id(model_name="test_model", policy_name="policy_1", meta_rule_name="meta_rule1", category_prefix=""):
- category_helper.add_subject_category(
- category_prefix + "subject_category_id1",
- value={"name": category_prefix + "subject_category_id1",
- "description": "description 1"})
- category_helper.add_subject_category(
- category_prefix + "subject_category_id2",
- value={"name": category_prefix + "subject_category_id2",
- "description": "description 1"})
- category_helper.add_object_category(
- category_prefix + "object_category_id1",
- value={"name": category_prefix + "object_category_id1",
- "description": "description 1"})
- category_helper.add_action_category(
- category_prefix + "action_category_id1",
- value={"name": category_prefix + "action_category_id1",
- "description": "description 1"})
- meta_rule = meta_rule_helper.add_meta_rule(value=create_meta_rule(meta_rule_name, category_prefix))
- meta_rule_id = list(meta_rule.keys())[0]
- model = model_helper.add_model(value=create_model(meta_rule_id, model_name))
- model_id = list(model.keys())[0]
- value = create_policy(model_id, policy_name)
- policy = policy_helper.add_policies(value=value)
- assert policy
- policy_id = list(policy.keys())[0]
- return policy_id
diff --git a/python_moondb/tests/unit_python/policies/test_assignments.py b/python_moondb/tests/unit_python/policies/test_assignments.py
deleted file mode 100755
index 24a3a7b0..00000000
--- a/python_moondb/tests/unit_python/policies/test_assignments.py
+++ /dev/null
@@ -1,235 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import helpers.mock_data as mock_data
-import helpers.assignment_helper as assignment_helper
-from python_moonutilities.exceptions import *
-import pytest
-
-
-def test_get_action_assignments(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- action_id = mock_data.create_action(policy_id)
- data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id)
-
- assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id)
- act_assignments = assignment_helper.get_action_assignments(policy_id, action_id,
- action_category_id)
- action_id_1 = list(act_assignments.keys())[0]
- assert act_assignments[action_id_1]["policy_id"] == policy_id
- assert act_assignments[action_id_1]["action_id"] == action_id
- assert act_assignments[action_id_1]["category_id"] == action_category_id
- assert len(act_assignments[action_id_1].get("assignments")) == 1
- assert data_id in act_assignments[action_id_1].get("assignments")
-
-
-def test_add_action_assignments(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- action_id = mock_data.create_action(policy_id)
- data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id)
- action_assignments = assignment_helper.add_action_assignment(policy_id, action_id,
- action_category_id, data_id)
- assert action_assignments
- action_id_1 = list(action_assignments.keys())[0]
- assert action_assignments[action_id_1]["policy_id"] == policy_id
- assert action_assignments[action_id_1]["action_id"] == action_id
- assert action_assignments[action_id_1]["category_id"] == action_category_id
- assert len(action_assignments[action_id_1].get("assignments")) == 1
- assert data_id in action_assignments[action_id_1].get("assignments")
-
- with pytest.raises(ActionAssignmentExisting) as exception_info:
- assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id)
- assert str(exception_info.value) == '409: Action Assignment Existing'
- assert str(exception_info.value.description) == 'The given action assignment value is existing.'
-
-
-def test_delete_action_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- action_id = mock_data.create_action(policy_id)
- data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id)
- assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id)
- assignment_helper.delete_action_assignment(policy_id, "", "", "")
- assignments = assignment_helper.get_action_assignments(policy_id, )
- assert len(assignments) == 1
-
-
-def test_delete_action_assignment_with_invalid_policy_id(db):
- policy_id = "invalid_id"
- assignment_helper.delete_action_assignment(policy_id, "", "", "")
- assignments = assignment_helper.get_action_assignments(policy_id, )
- assert len(assignments) == 0
-
-
-def test_get_object_assignments(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- object_id = mock_data.create_object(policy_id)
- data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id)
- assignment_helper.add_object_assignment(policy_id, object_id, object_category_id, data_id)
- obj_assignments = assignment_helper.get_object_assignments(policy_id, object_id,
- object_category_id)
- object_id_1 = list(obj_assignments.keys())[0]
- assert obj_assignments[object_id_1]["policy_id"] == policy_id
- assert obj_assignments[object_id_1]["object_id"] == object_id
- assert obj_assignments[object_id_1]["category_id"] == object_category_id
- assert len(obj_assignments[object_id_1].get("assignments")) == 1
- assert data_id in obj_assignments[object_id_1].get("assignments")
-
-
-def test_get_object_assignments_by_policy_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- object_id = mock_data.create_object(policy_id)
- data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id)
- assignment_helper.add_object_assignment(policy_id, object_id, object_category_id, data_id)
- obj_assignments = assignment_helper.get_object_assignments(policy_id)
- assert len(obj_assignments) == 1
-
-
-def test_add_object_assignments(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- object_id = mock_data.create_object(policy_id)
- data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id)
- object_assignments = assignment_helper.add_object_assignment(policy_id, object_id,
- object_category_id, data_id)
- assert object_assignments
- object_id_1 = list(object_assignments.keys())[0]
- assert object_assignments[object_id_1]["policy_id"] == policy_id
- assert object_assignments[object_id_1]["object_id"] == object_id
- assert object_assignments[object_id_1]["category_id"] == object_category_id
- assert len(object_assignments[object_id_1].get("assignments")) == 1
- assert data_id in object_assignments[object_id_1].get("assignments")
-
- with pytest.raises(ObjectAssignmentExisting) as exception_info:
- assignment_helper.add_object_assignment(policy_id, object_id, object_category_id, data_id)
- assert str(exception_info.value) == '409: Object Assignment Existing'
- assert str(exception_info.value.description) == 'The given object assignment value is existing.'
-
-
-def test_delete_object_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- object_id = mock_data.create_object(policy_id)
- data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id)
- assignment_helper.add_object_assignment(policy_id, object_id, object_category_id, data_id)
-
- assignment_helper.delete_object_assignment(policy_id, object_id, object_category_id,
- data_id=data_id)
- assignments = assignment_helper.get_object_assignments(policy_id)
- assert len(assignments) == 0
-
-
-def test_delete_object_assignment_with_invalid_policy_id(db):
- policy_id = "invalid_id"
- assignment_helper.delete_object_assignment(policy_id, "", "", "")
- assignments = assignment_helper.get_object_assignments(policy_id, )
- assert len(assignments) == 0
-
-
-def test_get_subject_assignments(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- subject_id = mock_data.create_subject(policy_id)
- data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id)
-
- assignment_helper.add_subject_assignment(policy_id, subject_id, subject_category_id, data_id)
- subj_assignments = assignment_helper.get_subject_assignments(policy_id, subject_id,
- subject_category_id)
- subject_id_1 = list(subj_assignments.keys())[0]
- assert subj_assignments[subject_id_1]["policy_id"] == policy_id
- assert subj_assignments[subject_id_1]["subject_id"] == subject_id
- assert subj_assignments[subject_id_1]["category_id"] == subject_category_id
- assert len(subj_assignments[subject_id_1].get("assignments")) == 1
- assert data_id in subj_assignments[subject_id_1].get("assignments")
-
-
-def test_get_subject_assignments_by_policy_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- subject_id = mock_data.create_subject(policy_id)
- data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id)
-
- assignment_helper.add_subject_assignment(policy_id, subject_id, subject_category_id, data_id)
- subj_assignments = assignment_helper.get_subject_assignments(policy_id)
- assert len(subj_assignments) == 1
-
-
-def test_add_subject_assignments(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- subject_id = mock_data.create_subject(policy_id)
- data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id)
-
- subject_assignments = assignment_helper.add_subject_assignment(policy_id, subject_id,
- subject_category_id, data_id)
- assert subject_assignments
- subject_id_1 = list(subject_assignments.keys())[0]
- assert subject_assignments[subject_id_1]["policy_id"] == policy_id
- assert subject_assignments[subject_id_1]["subject_id"] == subject_id
- assert subject_assignments[subject_id_1]["category_id"] == subject_category_id
- assert len(subject_assignments[subject_id_1].get("assignments")) == 1
- assert data_id in subject_assignments[subject_id_1].get("assignments")
-
- with pytest.raises(SubjectAssignmentExisting) as exception_info:
- assignment_helper.add_subject_assignment(policy_id, subject_id, subject_category_id,
- data_id)
- assert str(exception_info.value) == '409: Subject Assignment Existing'
- assert str(
- exception_info.value.description) == 'The given subject assignment value is existing.'
-
-
-def test_delete_subject_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- subject_id = mock_data.create_subject(policy_id)
- data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id)
- assignment_helper.add_subject_assignment(policy_id, subject_id, subject_category_id, data_id)
- assignment_helper.delete_subject_assignment(policy_id, subject_id, subject_category_id, data_id)
- assignments = assignment_helper.get_subject_assignments(policy_id)
- assert len(assignments) == 0
-
-
-def test_delete_subject_assignment_with_invalid_policy_id(db):
- policy_id = "invalid_id"
- assignment_helper.delete_subject_assignment(policy_id, "", "", "")
- assignments = assignment_helper.get_subject_assignments(policy_id, )
- assert len(assignments) == 0
diff --git a/python_moondb/tests/unit_python/policies/test_data.py b/python_moondb/tests/unit_python/policies/test_data.py
deleted file mode 100755
index 8ce1ac00..00000000
--- a/python_moondb/tests/unit_python/policies/test_data.py
+++ /dev/null
@@ -1,707 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import helpers.mock_data as mock_data
-import policies.mock_data
-import helpers.data_helper as data_helper
-import helpers.assignment_helper as assignment_helper
-import pytest
-from uuid import uuid4
-import logging
-from python_moonutilities.exceptions import *
-
-logger = logging.getLogger("python_moondb.tests.api.test_data")
-
-
-def test_get_action_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "action-type",
- "description": {"vm-action": "", "storage-action": "", },
- }
- action_data = data_helper.add_action_data(policy_id=policy_id, category_id=action_category_id, value=value)
- data_id = list(action_data["data"])[0]
- found_action_data = data_helper.get_action_data(policy_id=policy_id, data_id=data_id,
- category_id=action_category_id)
- assert found_action_data
- assert len(found_action_data[0]["data"]) == 1
-
-
-def test_get_action_data_with_invalid_category_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- action_data = data_helper.get_action_data(policy_id=policy_id, category_id="invalid")
- assert len(action_data) == 0
-
-
-def test_add_action_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "action-type",
- "description": {"vm-action": "", "storage-action": "", },
- }
- action_data = data_helper.add_action_data(policy_id=policy_id, category_id=action_category_id, value=value)
- assert action_data
- assert len(action_data['data']) == 1
-
-
-def test_add_action_data_duplicate(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "action-type",
- "description": {"vm-action": "", "storage-action": "", },
- }
- action_data = data_helper.add_action_data(policy_id=policy_id, category_id=action_category_id, value=value)
- with pytest.raises(ActionScopeExisting) as exception_info:
- action_data = data_helper.add_action_data(policy_id=policy_id, category_id=action_category_id, value=value)
- assert str(exception_info.value) == '409: Action Scope Existing'
-
-def test_add_action_data_with_invalid_category_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "action-type",
- "description": {"vm-action": "", "storage-action": "", },
- }
- with pytest.raises(ActionCategoryUnknown) as exception_info:
- data_helper.add_action_data(policy_id=policy_id, value=value).get('data')
- assert str(exception_info.value) == '400: Action Category Unknown'
-
-
-def test_delete_action_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- data_helper.get_available_metadata(policy_id)
- value = {
- "name": "action-type",
- "description": {"vm-action": "", "storage-action": "", },
- }
- action_data = data_helper.add_action_data(policy_id=policy_id, category_id=action_category_id, value=value)
- data_id = list(action_data["data"])[0]
- data_helper.delete_action_data(policy_id=policy_id, data_id=data_id)
- new_action_data = data_helper.get_action_data(policy_id)
- assert len(new_action_data[0]['data']) == 0
-
-
-def test_get_object_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "object-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- object_data = data_helper.add_object_data(policy_id=policy_id, category_id=object_category_id, value=value)
- data_id = list(object_data["data"])[0]
- found_object_data = data_helper.get_object_data(policy_id=policy_id, data_id=data_id,
- category_id=object_category_id)
- assert found_object_data
- assert len(found_object_data[0]['data']) == 1
-
-
-def test_get_object_data_with_invalid_category_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- object_data = data_helper.get_object_data(policy_id=policy_id, category_id="invalid")
- assert len(object_data) == 0
-
-
-def test_add_object_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "object-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- object_data = data_helper.add_object_data(policy_id=policy_id, category_id=object_category_id, value=value).get(
- 'data')
- assert object_data
- object_data_id = list(object_data.keys())[0]
- assert object_data[object_data_id].get('policy_id') == policy_id
-
-
-def test_add_object_data_with_invalid_category_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "object-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- with pytest.raises(ObjectCategoryUnknown) as exception_info:
- data_helper.add_object_data(policy_id=policy_id, category_id="invalid", value=value).get('data')
- assert str(exception_info.value) == '400: Object Category Unknown'
-
-
-def test_add_object_data_duplicate(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "object-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- object_data = data_helper.add_object_data(policy_id=policy_id, category_id=object_category_id, value=value).get(
- 'data')
- with pytest.raises(ObjectScopeExisting) as exception_info:
- data_helper.add_object_data(policy_id=policy_id, category_id=object_category_id, value=value).get(
- 'data')
- assert str(exception_info.value) == '409: Object Scope Existing'
-
-
-def test_delete_object_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "object-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- object_data = data_helper.add_object_data(policy_id=policy_id, category_id=object_category_id, value=value).get(
- 'data')
- object_data_id = list(object_data.keys())[0]
- data_helper.delete_object_data(policy_id=object_data[object_data_id].get('policy_id'), data_id=object_data_id)
- new_object_data = data_helper.get_object_data(policy_id)
- assert len(new_object_data[0]['data']) == 0
-
-
-def test_get_subject_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "subject-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id, value=value).get(
- 'data')
- subject_data_id = list(subject_data.keys())[0]
- subject_data = data_helper.get_subject_data(policy_id, subject_data_id, subject_category_id)
- assert subject_data
- assert len(subject_data[0]['data']) == 1
-
-
-def test_get_subject_data_with_invalid_category_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "subject-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id, value=value).get(
- 'data')
- subject_data_id = list(subject_data.keys())[0]
- found_subject_data = data_helper.get_subject_data(policy_id, subject_data_id, "invalid")
- assert len(found_subject_data) == 0
-
-
-def test_add_subject_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "subject-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id, value=value).get(
- 'data')
- assert subject_data
- subject_data_id = list(subject_data.keys())[0]
- assert subject_data[subject_data_id].get('policy_id') == policy_id
-
-
-def test_add_subject_data_with_no_category_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "subject-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- with pytest.raises(SubjectCategoryUnknown) as exception_info:
- data_helper.add_subject_data(policy_id=policy_id, data_id=subject_category_id, value=value).get('data')
- assert str(exception_info.value) == '400: Subject Category Unknown'
-
-
-def test_add_subject_data_duplicate(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "subject-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id, value=value).get(
- 'data')
-
- with pytest.raises(SubjectScopeExisting) as exception_info:
- subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id,
- value=value).get('data')
- assert str(exception_info.value) == '409: Subject Scope Existing'
-
-
-def test_delete_subject_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "subject-security-level",
- "description": {"low": "", "medium": "", "high": ""},
- }
- subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id, value=value).get(
- 'data')
- subject_data_id = list(subject_data.keys())[0]
- data_helper.delete_subject_data(policy_id=subject_data[subject_data_id].get('policy_id'), data_id=subject_data_id)
- new_subject_data = data_helper.get_subject_data(policy_id)
- assert len(new_subject_data[0]['data']) == 0
-
-
-def test_get_actions(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "test_action",
- "description": "test",
- }
- data_helper.add_action(policy_id=policy_id, value=value)
- actions = data_helper.get_actions(policy_id, )
- assert actions
- assert len(actions) == 1
- action_id = list(actions.keys())[0]
- assert actions[action_id].get('policy_list')[0] == policy_id
-
-
-def test_add_action(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "test_action",
- "description": "test",
- }
- action = data_helper.add_action(policy_id=policy_id, value=value)
- assert action
- action_id = list(action.keys())[0]
- assert len(action[action_id].get('policy_list')) == 1
-
-
-def test_add_action_twice(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "test_action",
- "description": "test",
- }
- data_helper.add_action(policy_id=policy_id, value=value)
- with pytest.raises(PolicyExisting) as exception_info:
- data_helper.add_action(policy_id=policy_id, value=value)
- assert str(exception_info.value) == '409: Policy Already Exists'
-
-
-def test_add_action_blank_name(db):
- policy_id = policies.mock_data.get_policy_id()
- value = {
- "name": "",
- "description": "test",
- }
- with pytest.raises(PerimeterContentError) as exception_info:
- data_helper.add_action(policy_id=policy_id, value=value)
- assert str(exception_info.value) == '400: Perimeter content is invalid.'
-
-
-def test_add_action_with_name_space(db):
- policy_id = policies.mock_data.get_policy_id()
- value = {
- "name": " ",
- "description": "test",
- }
- with pytest.raises(PerimeterContentError) as exception_info:
- data_helper.add_action(policy_id=policy_id, value=value)
- assert str(exception_info.value) == '400: Perimeter content is invalid.'
-
-
-def test_add_action_multiple_times(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id1 = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "test_action",
- "description": "test",
- }
- action = data_helper.add_action(policy_id=policy_id1, value=value)
- logger.info("action : {}".format(action))
- action_id = list(action.keys())[0]
- perimeter_id = action[action_id].get('id')
- assert action
- value = {
- "name": "test_action",
- "description": "test",
- "policy_list": ['policy_id_3', 'policy_id_4']
- }
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id2 = mock_data.create_new_policy(
- subject_category_name="subject_category2",
- object_category_name="object_category2",
- action_category_name="action_category2",
- meta_rule_name="meta_rule_2",
- model_name="model2")
- action = data_helper.add_action(policy_id=policy_id2, perimeter_id=perimeter_id, value=value)
- logger.info("action : {}".format(action))
- assert action
- action_id = list(action.keys())[0]
- assert len(action[action_id].get('policy_list')) == 2
-
-
-def test_delete_action(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "test_action",
- "description": "test",
- }
- action = data_helper.add_action(policy_id=policy_id, value=value)
- action_id = list(action.keys())[0]
- data_helper.delete_action(policy_id, action_id)
- actions = data_helper.get_actions(policy_id, )
- assert not actions
-
-
-def test_delete_action_with_invalid_perimeter_id(db):
- policy_id = "invalid"
- perimeter_id = "invalid"
- with pytest.raises(PolicyUnknown) as exception_info:
- data_helper.delete_action(policy_id, perimeter_id)
- assert str(exception_info.value) == '400: Policy Unknown'
-
-
-def test_get_objects(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "test_object",
- "description": "test",
- }
- data_helper.add_object(policy_id=policy_id, value=value)
- objects = data_helper.get_objects(policy_id, )
- assert objects
- assert len(objects) == 1
- object_id = list(objects.keys())[0]
- assert objects[object_id].get('policy_list')[0] == policy_id
-
-
-def test_add_object_with_same_policy_twice(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "test_object",
- "description": "test",
- }
- added_object = data_helper.add_object(policy_id=policy_id, value=value)
- assert added_object
- object_id = list(added_object.keys())[0]
- assert len(added_object[object_id].get('policy_list')) == 1
-
- with pytest.raises(PolicyExisting) as exception_info:
- data_helper.add_object(policy_id=policy_id, value=value)
- assert str(exception_info.value) == '409: Policy Already Exists'
-
-
-def test_add_objects_multiple_times(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "test_object",
- "description": "test",
- }
- added_object = data_helper.add_object(policy_id=policy_id, value=value)
- object_id = list(added_object.keys())[0]
- perimeter_id = added_object[object_id].get('id')
- assert added_object
- value = {
- "name": "test_object",
- "description": "test",
- }
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category2",
- object_category_name="object_category2",
- action_category_name="action_category2",
- meta_rule_name="meta_rule_2",
- model_name="model2")
- added_object = data_helper.add_object(policy_id=policy_id, perimeter_id=perimeter_id, value=value)
- assert added_object
- object_id = list(added_object.keys())[0]
- assert len(added_object[object_id].get('policy_list')) == 2
-
-
-def test_delete_object(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "test_object",
- "description": "test",
- }
- added_object = data_helper.add_object(policy_id=policy_id, value=value)
- object_id = list(added_object.keys())[0]
- data_helper.delete_object(policy_id, object_id)
- objects = data_helper.get_objects(policy_id, )
- assert not objects
-
-
-def test_delete_object_with_invalid_perimeter_id(db):
- policy_id = "invalid"
- perimeter_id = "invalid"
- with pytest.raises(PolicyUnknown) as exception_info:
- data_helper.delete_object(policy_id, perimeter_id)
- assert str(exception_info.value) == '400: Policy Unknown'
-
-
-def test_get_subjects(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "testuser",
- "description": "test",
- }
- data_helper.add_subject(policy_id=policy_id, value=value)
- subjects = data_helper.get_subjects(policy_id=policy_id)
- assert subjects
- assert len(subjects) == 1
- subject_id = list(subjects.keys())[0]
- assert subjects[subject_id].get('policy_list')[0] == policy_id
-
-
-def test_get_subjects_with_invalid_policy_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "testuser",
- "description": "test",
- }
- data_helper.add_subject(policy_id=policy_id, value=value)
- with pytest.raises(PolicyUnknown) as exception_info:
- data_helper.get_subjects(policy_id="invalid")
- assert str(exception_info.value) == '400: Policy Unknown'
-
-
-def test_add_subject_with_same_policy_twice(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "testuser",
- "description": "test",
- }
- subject = data_helper.add_subject(policy_id=policy_id, value=value)
- assert subject
- subject_id = list(subject.keys())[0]
- assert len(subject[subject_id].get('policy_list')) == 1
- with pytest.raises(PolicyExisting) as exception_info:
- data_helper.add_subject(policy_id=policy_id, value=value)
- assert str(exception_info.value) == '409: Policy Already Exists'
-
-
-def test_add_subjects_multiple_times(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "testuser",
- "description": "test",
- }
- subject = data_helper.add_subject(policy_id=policy_id, value=value)
- subject_id = list(subject.keys())[0]
- perimeter_id = subject[subject_id].get('id')
- assert subject
- value = {
- "name": "testuser",
- "description": "test",
- }
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category2",
- object_category_name="object_category2",
- action_category_name="action_category2",
- meta_rule_name="meta_rule_2",
- model_name="model2")
- subject = data_helper.add_subject(policy_id=policy_id, perimeter_id=perimeter_id, value=value)
- assert subject
- subject_id = list(subject.keys())[0]
- assert len(subject[subject_id].get('policy_list')) == 2
-
-
-def test_delete_subject(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- value = {
- "name": "testuser",
- "description": "test",
- }
- subject = data_helper.add_subject(policy_id=policy_id, value=value)
- subject_id = list(subject.keys())[0]
- data_helper.delete_subject(policy_id, subject_id)
- subjects = data_helper.get_subjects(policy_id, )
- assert not subjects
-
-
-def test_delete_subject_with_invalid_perimeter_id(db):
- policy_id = "invalid"
- perimeter_id = "invalid"
- with pytest.raises(PolicyUnknown) as exception_info:
- data_helper.delete_subject(policy_id, perimeter_id)
- assert str(exception_info.value) == '400: Policy Unknown'
-
-
-def test_delete_subject_with_assignment(db):
-
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category"+uuid4().hex,
- object_category_name="object_category"+uuid4().hex,
- action_category_name="action_category"+uuid4().hex,
- meta_rule_name="meta_rule_"+uuid4().hex)
-
- subject_id = mock_data.create_subject(policy_id)
- data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id)
- assignment_helper.add_subject_assignment(policy_id, subject_id, subject_category_id, data_id)
-
- with pytest.raises(DeletePerimeterWithAssignment) as exception_info:
- data_helper.delete_subject(policy_id, subject_id)
- assert '400: Perimeter With Assignment Error' == str(exception_info.value)
-
-
-def test_delete_object_with_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category" + uuid4().hex,
- object_category_name="object_category" + uuid4().hex,
- action_category_name="action_category" + uuid4().hex,
- meta_rule_name="meta_rule_" + uuid4().hex)
-
- object_id = mock_data.create_object(policy_id)
- data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id)
- assignment_helper.add_object_assignment(policy_id, object_id, object_category_id, data_id)
-
- with pytest.raises(DeletePerimeterWithAssignment) as exception_info:
- data_helper.delete_object(policy_id, object_id)
- assert '400: Perimeter With Assignment Error' == str(exception_info.value)
-
-def test_delete_action_with_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category" + uuid4().hex,
- object_category_name="object_category" + uuid4().hex,
- action_category_name="action_category" + uuid4().hex,
- meta_rule_name="meta_rule_" + uuid4().hex)
-
- action_id = mock_data.create_action(policy_id)
- data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id)
- assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id)
-
- with pytest.raises(DeletePerimeterWithAssignment) as exception_info:
- data_helper.delete_action(policy_id, action_id)
- assert '400: Perimeter With Assignment Error' == str(exception_info.value)
-
-
-def test_get_available_metadata(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1")
- metadata = data_helper.get_available_metadata(policy_id=policy_id)
- assert metadata
- assert metadata['object'][0] == object_category_id
- assert metadata['subject'][0] == subject_category_id
- assert metadata['action'][0] == action_category_id
-
-
-def test_get_available_metadata_with_invalid_policy_id(db):
- with pytest.raises(PolicyUnknown) as exception_info:
- data_helper.get_available_metadata(policy_id='invalid')
- assert '400: Policy Unknown' == str(exception_info.value)
diff --git a/python_moondb/tests/unit_python/policies/test_policies.py b/python_moondb/tests/unit_python/policies/test_policies.py
deleted file mode 100755
index b2394203..00000000
--- a/python_moondb/tests/unit_python/policies/test_policies.py
+++ /dev/null
@@ -1,643 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import pytest
-import helpers.mock_data as mock_data
-import helpers.policy_helper as policy_helper
-import helpers.model_helper as model_helper
-import helpers.model_helper as model_helper
-from python_moonutilities.exceptions import *
-import helpers.pdp_helper as pdp_helper
-import helpers.data_helper as data_helper
-import helpers.assignment_helper as assignment_helper
-from uuid import uuid4
-
-
-def test_get_policies(db):
- policies = policy_helper.get_policies()
- assert isinstance(policies, dict)
- assert not policies
-
-
-def test_add_policies(db):
- model = model_helper.add_model(model_id=uuid4().hex)
- model_id = next(iter(model))
- value = {
- "name": "test_policy",
- "model_id": model_id,
- "genre": "authz",
- "description": "test",
- }
- policies = policy_helper.add_policies(value=value)
- assert isinstance(policies, dict)
- assert policies
- assert len(policies.keys()) == 1
- policy_id = list(policies.keys())[0]
- for key in ("genre", "name", "model_id", "description"):
- assert key in policies[policy_id]
- assert policies[policy_id][key] == value[key]
-
-
-def test_add_policies_twice_with_same_id(db):
- policy_id = 'policy_id_1'
- model = model_helper.add_model(model_id=uuid4().hex)
- model_id = next(iter(model))
- value = {
- "name": "test_policy",
- "model_id": model_id,
- "genre": "authz",
- "description": "test",
- }
- policy_helper.add_policies(policy_id, value)
- with pytest.raises(PolicyExisting) as exception_info:
- policy_helper.add_policies(policy_id, value)
- assert str(exception_info.value) == '409: Policy Already Exists'
-
-
-def test_add_policies_twice_with_same_name(db):
- model = model_helper.add_model(model_id=uuid4().hex)
- model_id = next(iter(model))
- policy_name=uuid4().hex
- value = {
- "name": policy_name,
- "model_id": model_id,
- "genre": "authz",
- "description": "test",
- }
- policy_helper.add_policies(value=value)
- with pytest.raises(Exception) as exception_info:
- policy_helper.add_policies(value=value)
- assert str(exception_info.value) == '409: Policy Already Exists'
- assert str(exception_info.value.description)== 'Policy name Existed'
-
-
-def test_delete_policies(db):
- model = model_helper.add_model(model_id=uuid4().hex)
- model_id = next(iter(model))
- policy_name1 = uuid4().hex
- value = {
- "name": policy_name1,
- "model_id": model_id,
- "genre": "authz",
- "description": "test",
- }
- policies = policy_helper.add_policies(value=value)
- policy_id1 = list(policies.keys())[0]
- policy_name2 = uuid4().hex
- value = {
- "name": policy_name2,
- "model_id": model_id,
- "genre": "authz",
- "description": "test",
- }
- policies = policy_helper.add_policies(value=value)
- policy_id2 = list(policies.keys())[0]
- assert policy_id1 != policy_id2
- policy_helper.delete_policies(policy_id1)
- policies = policy_helper.get_policies()
- assert policy_id1 not in policies
-
-
-def test_delete_policies_with_invalid_id(db):
- policy_id = 'policy_id_1'
- with pytest.raises(PolicyUnknown) as exception_info:
- policy_helper.delete_policies(policy_id)
- # assert str(exception_info.value) == '400: Policy Unknown'
-
-
-def test_update_policy(db):
- policies = policy_helper.add_policies()
- policy_id = list(policies.keys())[0]
- value = {
- "name": "test_policy4",
- "model_id": policies[policy_id]['model_id'],
- "genre": "authz",
- "description": "test-3",
- }
- updated_policy = policy_helper.update_policy(policy_id, value)
- assert updated_policy
- for key in ("genre", "name", "model_id", "description"):
- assert key in updated_policy[policy_id]
- assert updated_policy[policy_id][key] == value[key]
-
-
-def test_update_policy_name_with_existed_one(db):
- policies = policy_helper.add_policies()
- policy_id1 = list(policies.keys())[0]
- policy_name = uuid4().hex
- value = {
- "name": policy_name,
- "model_id": policies[policy_id1]['model_id'],
- "genre": "authz",
- "description": "test-3",
- }
- policy_helper.add_policies(value=value)
- with pytest.raises(PolicyExisting) as exception_info:
- policy_helper.update_policy(policy_id=policy_id1,value=value)
-
- assert str(exception_info.value) == '409: Policy Already Exists'
- assert str(exception_info.value.description)== 'Policy name Existed'
-
-
-def test_update_policy_with_invalid_id(db):
- policy_id = 'invalid-id'
- value = {
- "name": "test_policy4",
- "model_id": "",
- "genre": "authz",
- "description": "test-3",
- }
- with pytest.raises(PolicyUnknown) as exception_info:
- policy_helper.update_policy(policy_id, value)
- assert str(exception_info.value) == '400: Policy Unknown'
-
-
-def test_get_policy_from_meta_rules(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- security_pipeline = [policy_id]
- pdp_obj = mock_data.create_pdp(security_pipeline)
- pdp_helper.add_pdp(value=pdp_obj)
- matched_policy_id = policy_helper.get_policy_from_meta_rules(meta_rule_id)
- assert matched_policy_id
- assert policy_id == matched_policy_id
-
-
-def test_get_policy_from_meta_rules_with_no_policy_ids(db):
- meta_rule_id = 'meta_rule_id'
- value = {
- "name": "test_pdp",
- "security_pipeline": [],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- pdp_helper.add_pdp(value=value)
- matched_policy_id = policy_helper.get_policy_from_meta_rules(meta_rule_id)
- assert not matched_policy_id
-
-
-def test_get_rules(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category12",
- object_category_name="object_category12",
- action_category_name="action_category12",
- meta_rule_name="meta_rule_12",
- model_name="model12")
-
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id)
-
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id)
- rules = policy_helper.get_rules(policy_id=policy_id, meta_rule_id=meta_rule_id)
- assert isinstance(rules, dict)
- assert rules
- obj = rules.get('rules')
- assert len(obj) == 2
-
-
-def test_get_rules_with_invalid_policy_id_failure(db):
- rules = policy_helper.get_rules("invalid_policy_id", "meta_rule_id")
- assert not rules.get('meta_rule-id')
- assert len(rules.get('rules')) == 0
-
-
-def test_add_rule_existing(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
-
- value = {
- "rule": (subject_data_id, object_data_id, action_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- rules = policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert rules
- assert len(rules) == 1
- assert isinstance(rules, dict)
- rule_id = list(rules.keys())[0]
- for key in ("rule", "instructions", "enabled"):
- assert key in rules[rule_id]
- assert rules[rule_id][key] == value[key]
-
- with pytest.raises(RuleExisting) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '409: Rule Existing'
-
-
-def test_check_existing_rule_valid_request(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- value = {
- "rule": (subject_data_id, object_data_id, action_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- rules = policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert rules
- assert len(rules) == 1
- assert isinstance(rules, dict)
- rule_id = list(rules.keys())[0]
- for key in ("rule", "instructions", "enabled"):
- assert key in rules[rule_id]
- assert rules[rule_id][key] == value[key]
-
- with pytest.raises(RuleExisting) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '409: Rule Existing'
-
-
-def test_check_existing_rule_valid_multiple__data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id1 = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- subject_data_id2 = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id1 = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- object_data_id2 = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id1 = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- action_data_id2 = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- value = {
- "rule": (
- subject_data_id1, object_data_id2, action_data_id1),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- rules = policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert rules
- assert len(rules) == 1
- assert isinstance(rules, dict)
- rule_id = list(rules.keys())[0]
- for key in ("rule", "instructions", "enabled"):
- assert key in rules[rule_id]
- assert rules[rule_id][key] == value[key]
-
- with pytest.raises(RuleExisting) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '409: Rule Existing'
-
-
-def test_check_existing_rule_missing_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- value = {
- "rule": (object_data_id, action_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- with pytest.raises(RuleContentError) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '400: Rule Error'
- assert exception_info.value.description== "Missing Data"
-
-
-def test_check_existing_rule_meta_rule_missing_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- value = {
- "rule": (subject_data_id, object_data_id, action_data_id, action_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- with pytest.raises(MetaRuleContentError) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '400: Meta Rule Error'
- assert exception_info.value.description == "Missing Data"
-
-
-def test_check_existing_rule_invalid_data_id_order(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- value = {
- "rule": (object_data_id, action_data_id, subject_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- with pytest.raises(RuleContentError) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '400: Rule Error'
- assert "Missing Subject_category" in exception_info.value.description
-
-
-def test_check_existing_rule_invalid_data_id_order_scenrio_2(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- value = {
- "rule": (subject_data_id, action_data_id, object_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- with pytest.raises(RuleContentError) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '400: Rule Error'
- assert "Missing Object_category" in exception_info.value.description
-
-
-def test_check_existing_rule_wrong_subject_data_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- value = {
- "rule": (uuid4().hex, object_data_id, action_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- with pytest.raises(RuleContentError) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '400: Rule Error'
- assert "Missing Subject_category" in exception_info.value.description
-
-
-def test_check_existing_rule_wrong_object_data_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- value = {
- "rule": (subject_data_id, uuid4().hex, action_data_id),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- with pytest.raises(RuleContentError) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '400: Rule Error'
- assert "Missing Object_category" in exception_info.value.description
-
-
-def test_check_existing_rule_wrong_action_data_id(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- subject_data_id = mock_data.create_subject_data(policy_id=policy_id,
- category_id=subject_category_id)
- object_data_id = mock_data.create_object_data(policy_id=policy_id,
- category_id=object_category_id)
- action_data_id = mock_data.create_action_data(policy_id=policy_id,
- category_id=action_category_id)
- value = {
- "rule": (subject_data_id, object_data_id, uuid4().hex),
- "instructions": ({"decision": "grant"}),
- "enabled": "",
- }
-
- with pytest.raises(RuleContentError) as exception_info:
- policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value)
- assert str(exception_info.value) == '400: Rule Error'
- assert "Missing Action_category" in exception_info.value.description
-
-
-def test_delete_rule(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- rules = policy_helper.add_rule(policy_id, meta_rule_id)
- rule_id = list(rules.keys())[0]
- policy_helper.delete_rule(policy_id, rule_id)
- rules = policy_helper.get_rules(policy_id, meta_rule_id)
- assert not rules.get('rules')
-
-
-def test_delete_policies_with_pdp(db):
- policies = policy_helper.add_policies()
- policy_id1 = list(policies.keys())[0]
- pdp_id = "pdp_id1"
- value = {
- "name": "test_pdp",
- "security_pipeline": [policy_id1],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- pdp_helper.add_pdp(pdp_id=pdp_id, value=value)
- with pytest.raises(DeletePolicyWithPdp) as exception_info:
- policy_helper.delete_policies(policy_id1)
- assert str(exception_info.value) == '400: Policy With PDP Error'
- assert 'Cannot delete policy with pdp' == exception_info.value.description
-
-
-def test_delete_policies_with_subject_perimeter(db):
- policies = policy_helper.add_policies()
- policy_id1 = list(policies.keys())[0]
-
- value = {
- "name": "testuser",
- "security_pipeline": [policy_id1],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- data_helper.add_subject(policy_id=policy_id1, value=value)
- with pytest.raises(DeletePolicyWithPerimeter) as exception_info:
- policy_helper.delete_policies(policy_id1)
- assert str(exception_info.value) == '400: Policy With Perimeter Error'
- assert 'Cannot delete policy with perimeter'== exception_info.value.description
-
-
-def test_delete_policies_with_object_perimeter(db):
- policies = policy_helper.add_policies()
- policy_id1 = list(policies.keys())[0]
-
- value = {
- "name": "test_obj",
- "security_pipeline": [policy_id1],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- data_helper.add_object(policy_id=policy_id1, value=value)
- with pytest.raises(DeletePolicyWithPerimeter) as exception_info:
- policy_helper.delete_policies(policy_id1)
- assert str(exception_info.value) == '400: Policy With Perimeter Error'
- assert 'Cannot delete policy with perimeter'== exception_info.value.description
-
-
-def test_delete_policies_with_action_perimeter(db):
- policies = policy_helper.add_policies()
- policy_id1 = list(policies.keys())[0]
-
- value = {
- "name": "test_act",
- "security_pipeline": [policy_id1],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- data_helper.add_action(policy_id=policy_id1, value=value)
- with pytest.raises(DeletePolicyWithPerimeter) as exception_info:
- policy_helper.delete_policies(policy_id1)
- assert '400: Policy With Perimeter Error' == str(exception_info.value)
-
-
-def test_delete_policies_with_subject_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- subject_id = mock_data.create_subject(policy_id)
- data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id)
- assignment_helper.add_subject_assignment(policy_id, subject_id, subject_category_id, data_id)
-
- with pytest.raises(DeletePolicyWithPerimeter) as exception_info:
- policy_helper.delete_policies(policy_id)
-
- assert '400: Policy With Perimeter Error' == str(exception_info.value)
-
-
-def test_delete_policies_with_object_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- object_id = mock_data.create_object(policy_id)
- data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id)
- assignment_helper.add_object_assignment(policy_id, object_id, object_category_id, data_id)
-
- with pytest.raises(DeletePolicyWithPerimeter) as exception_info:
- policy_helper.delete_policies(policy_id)
- assert '400: Policy With Perimeter Error' == str(exception_info.value)
-
-
-def test_delete_policies_with_action_assignment(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- action_id = mock_data.create_action(policy_id)
- data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id)
- assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id)
-
- with pytest.raises(DeletePolicyWithPerimeter) as exception_info:
- policy_helper.delete_policies(policy_id)
- assert '400: Policy With Perimeter Error' == str(exception_info.value)
-
-
-def test_delete_policies_with_subject_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id)
-
- with pytest.raises(DeletePolicyWithData) as exception_info:
- policy_helper.delete_policies(policy_id)
-
- assert '400: Policy With Data Error' == str(exception_info.value)
-
-
-def test_delete_policies_with_object_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id)
-
- with pytest.raises(DeletePolicyWithData) as exception_info:
- policy_helper.delete_policies(policy_id)
- assert '400: Policy With Data Error' == str(exception_info.value)
-
-
-def test_delete_policies_with_action_data(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id)
-
- with pytest.raises(DeletePolicyWithData) as exception_info:
- policy_helper.delete_policies(policy_id)
- assert '400: Policy With Data Error' == str(exception_info.value)
-
-
-def test_delete_policies_with_rule(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
-
- rules = policy_helper.add_rule(policy_id, meta_rule_id)
-
- with pytest.raises(DeletePolicyWithRules) as exception_info:
- policy_helper.delete_policies(policy_id)
- assert '400: Policy With Rule Error' == str(exception_info.value)
diff --git a/python_moondb/tests/unit_python/requirements.txt b/python_moondb/tests/unit_python/requirements.txt
deleted file mode 100644
index aea8e3d5..00000000
--- a/python_moondb/tests/unit_python/requirements.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-sqlalchemy
-pymysql
-requests_mock
-python_moonutilities==1.4.20 \ No newline at end of file
diff --git a/python_moondb/tests/unit_python/test_keystone.py b/python_moondb/tests/unit_python/test_keystone.py
deleted file mode 100644
index 134bec0d..00000000
--- a/python_moondb/tests/unit_python/test_keystone.py
+++ /dev/null
@@ -1,53 +0,0 @@
-import pytest
-
-
-def create_project(tenant_dict):
- from python_moondb.core import KeystoneManager
- return KeystoneManager.create_project(tenant_dict)
-
-
-def list_projects():
- from python_moondb.core import KeystoneManager
- return KeystoneManager.list_projects()
-
-
-def create_user(subject_dict):
- from python_moondb.core import KeystoneManager
- return KeystoneManager.create_user(subject_dict)
-
-
-def test_create_project():
- tenant_dict = {
- "description": "test_project",
- "domain_id": ['domain_id_1'],
- "enabled": True,
- "is_domain": False,
- "name": 'project_1'
- }
- project = create_project(tenant_dict)
- assert project
- assert project.get('name') == tenant_dict.get('name')
-
-
-def test_create_project_without_name():
- tenant_dict = {
- "description": "test_project",
- "domain_id": ['domain_id_1'],
- "enabled": True,
- "is_domain": False,
- }
- with pytest.raises(Exception) as exception_info:
- create_project(tenant_dict)
- assert '400: Keystone project error' == str(exception_info.value)
-
-
-def test_create_user():
- subject_dict = {
- "password": "password",
- "domain_id": ['domain_id_1'],
- "enabled": True,
- "project": 'test_project',
- "name": 'user_id_1'
- }
- user = create_user(subject_dict)
- assert user
diff --git a/python_moondb/tests/unit_python/test_pdp.py b/python_moondb/tests/unit_python/test_pdp.py
deleted file mode 100755
index 4d245e4d..00000000
--- a/python_moondb/tests/unit_python/test_pdp.py
+++ /dev/null
@@ -1,149 +0,0 @@
-import pytest
-import helpers.mock_data as mock_data
-import helpers.pdp_helper as pdp_helper
-
-
-def test_update_pdp(db):
- pdp_id = "pdp_id1"
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "test_pdp",
- "security_pipeline": [policy_id],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- pdp_helper.add_pdp(pdp_id, value)
- pdp = pdp_helper.update_pdp(pdp_id, value)
- assert pdp
-
-
-def test_update_pdp_with_invalid_id(db):
- pdp_id = "pdp_id1"
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "test_pdp",
- "security_pipeline": [policy_id],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- with pytest.raises(Exception) as exception_info:
- pdp_helper.update_pdp(pdp_id, value)
- assert str(exception_info.value) == '400: Pdp Unknown'
-
-
-def test_delete_pdp(db):
- pdp_id = "pdp_id1"
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "test_pdp",
- "security_pipeline": [policy_id],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- pdp_helper.add_pdp(pdp_id, value)
- pdp_helper.delete_pdp(pdp_id)
- assert len(pdp_helper.get_pdp(pdp_id)) == 0
-
-
-def test_delete_pdp_with_invalid_id(db):
- pdp_id = "pdp_id1"
- with pytest.raises(Exception) as exception_info:
- pdp_helper.delete_pdp(pdp_id)
- assert str(exception_info.value) == '400: Pdp Unknown'
-
-
-def test_add_pdp(db):
- pdp_id = "pdp_id1"
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "test_pdp",
- "security_pipeline": [policy_id],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- pdp = pdp_helper.add_pdp(pdp_id, value)
- assert pdp
-
-
-def test_add_pdp_twice_with_same_id(db):
- pdp_id = "pdp_id1"
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "test_pdp",
- "security_pipeline": [policy_id],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- pdp_helper.add_pdp(pdp_id, value)
- with pytest.raises(Exception) as exception_info:
- pdp_helper.add_pdp(pdp_id, value)
- assert str(exception_info.value) == '409: Pdp Error'
-
-
-def test_add_pdp_twice_with_same_name(db):
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "test_pdp",
- "security_pipeline": [policy_id],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- pdp_helper.add_pdp(value=value)
- with pytest.raises(Exception) as exception_info:
- pdp_helper.add_pdp(value=value)
- assert str(exception_info.value) == '409: Pdp Error'
-
-
-def test_get_pdp(db):
- pdp_id = "pdp_id1"
- subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
- subject_category_name="subject_category1",
- object_category_name="object_category1",
- action_category_name="action_category1",
- meta_rule_name="meta_rule_1",
- model_name="model1")
- value = {
- "name": "test_pdp",
- "security_pipeline": [policy_id],
- "keystone_project_id": "keystone_project_id1",
- "description": "...",
- }
- pdp_helper.add_pdp(pdp_id, value)
- pdp = pdp_helper.get_pdp(pdp_id)
- assert len(pdp) == 1
-
-
-def test_get_pdp_with_invalid_id(db):
- pdp_id = "invalid"
- pdp = pdp_helper.get_pdp(pdp_id)
- assert len(pdp) == 0
diff --git a/python_moondb/tests/unit_python/utilities.py b/python_moondb/tests/unit_python/utilities.py
deleted file mode 100644
index 1d79d890..00000000
--- a/python_moondb/tests/unit_python/utilities.py
+++ /dev/null
@@ -1,136 +0,0 @@
-import base64
-import json
-
-
-CONF = {
- "openstack": {
- "keystone": {
- "url": "http://keystone:5000/v3",
- "user": "admin",
- "check_token": False,
- "password": "p4ssw0rd",
- "domain": "default",
- "certificate": False,
- "project": "admin"
- }
- },
- "components": {
- "wrapper": {
- "bind": "0.0.0.0",
- "port": 8080,
- "container": "wukongsun/moon_wrapper:v4.3",
- "timeout": 5,
- "hostname": "wrapper"
- },
- "manager": {
- "bind": "0.0.0.0",
- "port": 8082,
- "container": "wukongsun/moon_manager:v4.3",
- "hostname": "manager"
- },
- "port_start": 31001,
- "orchestrator": {
- "bind": "0.0.0.0",
- "port": 8083,
- "container": "wukongsun/moon_orchestrator:v4.3",
- "hostname": "interface"
- },
- "interface": {
- "bind": "0.0.0.0",
- "port": 8080,
- "container": "wukongsun/moon_interface:v4.3",
- "hostname": "interface"
- }
- },
- "plugins": {
- "session": {
- "port": 8082,
- "container": "asteroide/session:latest"
- },
- "authz": {
- "port": 8081,
- "container": "wukongsun/moon_authz:v4.3"
- }
- },
- "logging": {
- "handlers": {
- "file": {
- "filename": "/tmp/moon.log",
- "class": "logging.handlers.RotatingFileHandler",
- "level": "DEBUG",
- "formatter": "custom",
- "backupCount": 3,
- "maxBytes": 1048576
- },
- "console": {
- "class": "logging.StreamHandler",
- "formatter": "brief",
- "level": "INFO",
- "stream": "ext://sys.stdout"
- }
- },
- "formatters": {
- "brief": {
- "format": "%(levelname)s %(name)s %(message)-30s"
- },
- "custom": {
- "format": "%(asctime)-15s %(levelname)s %(name)s %(message)s"
- }
- },
- "root": {
- "handlers": [
- "console"
- ],
- "level": "ERROR"
- },
- "version": 1,
- "loggers": {
- "moon": {
- "handlers": [
- "console",
- "file"
- ],
- "propagate": False,
- "level": "DEBUG"
- }
- }
- },
- "slave": {
- "name": None,
- "master": {
- "url": None,
- "login": None,
- "password": None
- }
- },
- "docker": {
- "url": "tcp://172.88.88.1:2376",
- "network": "moon"
- },
- "database": {
- "url": "sqlite:///database.db",
- # "url": "mysql+pymysql://moon:p4sswOrd1@db/moon",
- "driver": "sql"
- },
- "messenger": {
- "url": "rabbit://moon:p4sswOrd1@messenger:5672/moon"
- }
-}
-
-
-def get_b64_conf(component=None):
- if component == "components":
- return base64.b64encode(
- json.dumps(CONF["components"]).encode('utf-8')+b"\n").decode('utf-8')
- elif component in CONF:
- return base64.b64encode(
- json.dumps(
- CONF[component]).encode('utf-8')+b"\n").decode('utf-8')
- elif not component:
- return base64.b64encode(
- json.dumps(CONF).encode('utf-8')+b"\n").decode('utf-8')
- elif "/" in component:
- key1, _, key2 = component.partition("/")
- return base64.b64encode(
- json.dumps(
- CONF[key1][key2]).encode('utf-8')+b"\n").decode('utf-8')