moon kubernetes review

Change-Id: I49a62f18ac6ecd06cdbc8e51b4e8ba00971ce6aa
Signed-off-by: RHE <rebirthmonkey@gmail.com>

15 files changed, 37 insertions, 98 deletions

diff --git a/tests/functional/get_keystone_projects.py b/tests/functional/get_keystone_projects.py
deleted file mode 100644
index 9b5d87cd..00000000
--- a/tests/functional/get_keystone_projects.py
+++ /dev/null
@@ -1,16 +0,0 @@
-from python_moonclient import parse, models, policies, pdp
-
-
-if __name__ == "__main__":
-    args = parse.parse()
-    consul_host = args.consul_host
-    consul_port = args.consul_port
-
-    models.init(consul_host, consul_port)
-    policies.init(consul_host, consul_port)
-    pdp.init(consul_host, consul_port)
-
-    projects = pdp.get_keystone_projects()
-
-    for _project in projects['projects']:
-        print("{} {}".format(_project['id'], _project['name']))
diff --git a/tests/functional/populate_default_values.py b/tests/functional/populate_default_values.py
deleted file mode 100644
index d5a5769b..00000000
--- a/tests/functional/populate_default_values.py
+++ /dev/null
@@ -1,37 +0,0 @@
-import logging
-from importlib.machinery import SourceFileLoader
-from python_moonclient import parse, models, policies, pdp
-
-logger = logging.getLogger("moonforming")
-
-
-if __name__ == "__main__":
-    requests_log = logging.getLogger("requests.packages.urllib3")
-    requests_log.setLevel(logging.WARNING)
-    requests_log.propagate = True
-
-    args = parse.parse()
-    consul_host = args.consul_host
-    consul_port = args.consul_port
-    project_id = args.keystone_pid
-
-    models.init(consul_host, consul_port)
-    policies.init(consul_host, consul_port)
-    pdp.init(consul_host, consul_port)
-
-    if args.filename:
-        print("Loading: {}".format(args.filename[0]))
-    m = SourceFileLoader("scenario", args.filename[0])
-    scenario = m.load_module()
-
-    _models = models.check_model()
-    for _model_id, _model_value in _models['models'].items():
-        if _model_value['name'] == scenario.model_name:
-            model_id = _model_id
-            meta_rule_list = _model_value['meta_rules']
-            models.create_model(scenario, model_id)
-            break
-    else:
-        model_id, meta_rule_list = models.create_model(scenario)
-    policy_id = policies.create_policy(scenario, model_id, meta_rule_list)
-    pdp_id = pdp.create_pdp(scenario, policy_id=policy_id, project_id=project_id)
diff --git a/tests/functional/scenario/delegation.py b/tests/functional/scenario_available/delegation.py
index 839e74ce..839e74ce 100644
--- a/tests/functional/scenario/delegation.py
+++ b/tests/functional/scenario_available/delegation.py
diff --git a/tests/functional/scenario/mls.py b/tests/functional/scenario_available/mls.py
index 3a3ded43..0e6285c9 100644
--- a/tests/functional/scenario/mls.py
+++ b/tests/functional/scenario_available/mls.py
@@ -1,9 +1,10 @@
 
-pdp_name = "pdp1"
+pdp_name = "pdp_mls"
 policy_name = "MLS Policy example"
 model_name = "MLS"
+policy_genre = "authz"
 
-subjects = {"user0": "", "user1": "", "user2": "", }
+subjects = {"adminuser": "", "user1": "", "user2": "", }
 objects = {"vm0": "", "vm1": "", }
 actions = {"start": "", "stop": ""}
 
@@ -20,7 +21,7 @@ object_data = {
 action_data = {"action-type": {"vm-action": "", "storage-action": "", }}
 
 subject_assignments = {
-    "user0": {"subject-security-level": "high"},
+    "adminuser": {"subject-security-level": "high"},
     "user1": {"subject-security-level": "medium"},
 }
 object_assignments = {
@@ -33,21 +34,25 @@ action_assignments = {
 }
 
 meta_rule = {
-    "mls": {"id": "", "value": ("subject-security-level", "object-security-level", "action-type")},
+    "mls": {
+        "id": "",
+        "value": ("subject-security-level",
+                  "object-security-level",
+                  "action-type")},
 }
 
 rules = {
     "mls": (
         {
-            "rules": ("high", "medium", "vm-action"),
+            "rule": ("high", "medium", "vm-action"),
             "instructions": ({"decision": "grant"})
         },
         {
-            "rules": ("high", "low", "vm-action"),
+            "rule": ("high", "low", "vm-action"),
             "instructions": ({"decision": "grant"})
         },
         {
-            "rules": ("medium", "low", "vm-action"),
+            "rule": ("medium", "low", "vm-action"),
             "instructions": ({"decision": "grant"})
         },
     )
diff --git a/tests/functional/scenario/rbac.py b/tests/functional/scenario_available/rbac.py
index 89fd7de8..25c010fd 100644
--- a/tests/functional/scenario/rbac.py
+++ b/tests/functional/scenario_available/rbac.py
@@ -1,10 +1,10 @@
 
-pdp_name = "pdp1"
+pdp_name = "pdp_rbac"
 policy_name = "RBAC policy example"
 model_name = "RBAC"
 policy_genre = "authz"
 
-subjects = {"user0": "", "user1": "", }
+subjects = {"adminuser": "", "user1": "", }
 objects = {"vm0": "", "vm1": "", }
 actions = {"start": "", "stop": ""}
 
@@ -16,9 +16,24 @@ subject_data = {"role": {"admin": "", "employee": "", "*": ""}}
 object_data = {"id": {"vm0": "", "vm1": "", "*": ""}}
 action_data = {"action-type": {"vm-action": "", "*": ""}}
 
-subject_assignments = {"user0": ({"role": "employee"}, {"role": "*"}), "user1": ({"role": "employee"}, {"role": "*"}), }
-object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
-action_assignments = {"start": ({"action-type": "vm-action"}, {"action-type": "*"}), "stop": ({"action-type": "vm-action"}, {"action-type": "*"})}
+subject_assignments = {
+    "adminuser":
+        ({"role": "admin"}, {"role": "employee"}, {"role": "*"}),
+    "user1":
+        ({"role": "employee"}, {"role": "*"}),
+}
+object_assignments = {
+    "vm0":
+        ({"id": "vm0"}, {"id": "*"}),
+    "vm1":
+        ({"id": "vm1"}, {"id": "*"})
+}
+action_assignments = {
+    "start":
+        ({"action-type": "vm-action"}, {"action-type": "*"}),
+    "stop":
+        ({"action-type": "vm-action"}, {"action-type": "*"})
+}
 
 meta_rule = {
     "rbac": {"id": "", "value": ("role", "id", "action-type")},
@@ -29,7 +44,9 @@ rules = {
         {
             "rule": ("admin", "vm0", "vm-action"),
             "instructions": (
-                {"decision": "grant"},  # "grant" to immediately exit, "continue" to wait for the result of next policy
+                {"decision": "grant"},
+                # "grant" to immediately exit,
+                # "continue" to wait for the result of next policy
             )
         },
         {
diff --git a/tests/functional/scenario/rbac_custom_100.py b/tests/functional/scenario_available/rbac_custom_100.py
index 9ee55dbd..9ee55dbd 100644
--- a/tests/functional/scenario/rbac_custom_100.py
+++ b/tests/functional/scenario_available/rbac_custom_100.py
diff --git a/tests/functional/scenario/rbac_custom_1000.py b/tests/functional/scenario_available/rbac_custom_1000.py
index d6850485..d6850485 100644
--- a/tests/functional/scenario/rbac_custom_1000.py
+++ b/tests/functional/scenario_available/rbac_custom_1000.py
diff --git a/tests/functional/scenario/rbac_custom_50.py b/tests/functional/scenario_available/rbac_custom_50.py
index e1437cf4..e1437cf4 100644
--- a/tests/functional/scenario/rbac_custom_50.py
+++ b/tests/functional/scenario_available/rbac_custom_50.py
diff --git a/tests/functional/scenario/rbac_large.py b/tests/functional/scenario_available/rbac_large.py
index ef5dd9b2..ef5dd9b2 100644
--- a/tests/functional/scenario/rbac_large.py
+++ b/tests/functional/scenario_available/rbac_large.py
diff --git a/tests/functional/scenario/rbac_mls.py b/tests/functional/scenario_available/rbac_mls.py
index 8a5362ea..8a5362ea 100644
--- a/tests/functional/scenario/rbac_mls.py
+++ b/tests/functional/scenario_available/rbac_mls.py
diff --git a/tests/functional/scenario/session.py b/tests/functional/scenario_available/session.py
index 97d7aec3..97d7aec3 100644
--- a/tests/functional/scenario/session.py
+++ b/tests/functional/scenario_available/session.py
diff --git a/tests/functional/scenario/session_large.py b/tests/functional/scenario_available/session_large.py
index 5b4a64b6..5b4a64b6 100644
--- a/tests/functional/scenario/session_large.py
+++ b/tests/functional/scenario_available/session_large.py
diff --git a/tests/functional/scenario_enabled/mls.py b/tests/functional/scenario_enabled/mls.py
new file mode 120000
index 00000000..6acd75ce
--- /dev/null
+++ b/tests/functional/scenario_enabled/mls.py
@@ -0,0 +1 @@
+../scenario_available/mls.py
\ No newline at end of file
diff --git a/tests/functional/scenario_enabled/rbac.py b/tests/functional/scenario_enabled/rbac.py
new file mode 120000
index 00000000..0edc905a
--- /dev/null
+++ b/tests/functional/scenario_enabled/rbac.py
@@ -0,0 +1 @@
+../scenario_available/rbac.py
\ No newline at end of file
diff --git a/tests/functional/send_authz.py b/tests/functional/send_authz.py
deleted file mode 100644
index b4ed1d2f..00000000
--- a/tests/functional/send_authz.py
+++ /dev/null
@@ -1,32 +0,0 @@
-from importlib.machinery import SourceFileLoader
-from python_moonclient import config, parse, models, policies, pdp, authz
-
-
-if __name__ == "__main__":
-    args = parse.parse()
-    consul_host = args.consul_host
-    consul_port = args.consul_port
-
-    models.init(consul_host, consul_port)
-    policies.init(consul_host, consul_port)
-    pdp.init(consul_host, consul_port)
-
-    if args.filename:
-        print("Loading: {}".format(args.filename[0]))
-    m = SourceFileLoader("scenario", args.filename[0])
-    scenario = m.load_module()
-
-    keystone_project_id = pdp.get_keystone_id(args.pdp)
-    time_data = authz.send_requests(
-        scenario,
-        args.authz_host,
-        args.authz_port,
-        keystone_project_id,
-        request_second=args.request_second,
-        limit=args.limit,
-        dry_run=args.dry_run,
-        stress_test=args.stress_test,
-        destination=args.destination
-    )
-    if not args.dry_run:
-        authz.save_data(args.write, time_data)