diff options
| -rw-r--r-- | moonv4/DEV.md | 12 | ||||
| -rw-r--r-- | moonv4/moon_utilities/tests/unit_python/conftest.py | 2 | ||||
| -rw-r--r-- | moonv4/moon_utilities/tests/unit_python/data_mock.py | 36 | ||||
| -rw-r--r-- | moonv4/moon_utilities/tests/unit_python/managers_mock.py | 151 | ||||
| -rw-r--r-- | moonv4/moon_utilities/tests/unit_python/test_cache_manager.py | 70 |
5 files changed, 259 insertions, 12 deletions
diff --git a/moonv4/DEV.md b/moonv4/DEV.md index f9864639..0dff2f17 100644 --- a/moonv4/DEV.md +++ b/moonv4/DEV.md @@ -27,6 +27,7 @@ - `git remote add gerrit ssh://<yourname>@gerrit.opnfv.org:29418/moon.git` - add the ssh public key to the Gerrit web - `git review –s`: test the Gerrit review connection +- add Contributor Agreement, from settings/Agreement ### Gerrit-Review - git add XXX @@ -34,11 +35,12 @@ - git review ### Review Correction -- `git clone https://git.openstack.org/openstack/oslo-specs` -- `cd oslo-specs` -- `git fetch https://git.openstack.org/openstack/oslo-specs refs/changes/43/492543/1 && git checkout FETCH_HEAD` -- `git checkout -b 492543-1` -- `vi specs/policy/external-pdp.rst` +- `git clone https://git.opnfv.org/moon` +- `cd moon` +- get the commit id from Gerrit dashboard +- `git checkout commit_id` +- `git checkout -b 48957-1` (where '48957' is the change number and '1' is the patch_number) +- do your changes ex:`vi specs/policy/external-pdp.rst` - `git add specs/policy/external-pdp.rst` - `git commit –amend` - `git review` diff --git a/moonv4/moon_utilities/tests/unit_python/conftest.py b/moonv4/moon_utilities/tests/unit_python/conftest.py index 487c2f0e..17ba7852 100644 --- a/moonv4/moon_utilities/tests/unit_python/conftest.py +++ b/moonv4/moon_utilities/tests/unit_python/conftest.py @@ -1,6 +1,7 @@ import base64 import json import logging +import managers_mock as pdp_manager import pytest import requests_mock @@ -187,6 +188,7 @@ def no_requests(monkeypatch): "id": "1111111111111" }]} ) + pdp_manager.mock_managers(m) print("End registering URI") # from moon_db.db_manager import init_engine, run # engine = init_engine() diff --git a/moonv4/moon_utilities/tests/unit_python/data_mock.py b/moonv4/moon_utilities/tests/unit_python/data_mock.py index 0a70eb86..0da5f024 100644 --- a/moonv4/moon_utilities/tests/unit_python/data_mock.py +++ b/moonv4/moon_utilities/tests/unit_python/data_mock.py @@ -1,4 +1,3 @@ -""" data mock models""" COMPONENTS = { "manager": { "port": 8082, @@ -15,7 +14,7 @@ pdp_mock = { }, "pdp_id12": { "name": "...", - "security_pipeline": [], + "security_pipeline": ["policy_id_1", "policy_id_2"], "keystone_project_id": "keystone_project_id1", "description": "...", } @@ -141,11 +140,34 @@ models_mock = { rules_mock = { "rules": { - "policy_id": "policy_id1", "meta_rule_id": "meta_rule_id1", - "rule_id1": - ["subject_data_id1", "object_data_id1", "action_data_id1"], - "rule_id2": - ["subject_data_id2", "object_data_id2", "action_data_id2"], + "rule_id1": { + "rule": ["subject_data_id1", + "object_data_id1", + "action_data_id1"], + "instructions": ( + {"decision": "grant"}, + # "grant" to immediately exit, + # "continue" to wait for the result of next policy + # "deny" to deny the request + ) + }, + "rule_id2": { + "rule": ["subject_data_id2", + "object_data_id2", + "action_data_id2"], + "instructions": ( + { + "update": { + "operation": "add", + # operations may be "add" or "delete" + "target": "rbac:role:admin" + # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} + # chain with the policy named rbac + ) + } } } diff --git a/moonv4/moon_utilities/tests/unit_python/managers_mock.py b/moonv4/moon_utilities/tests/unit_python/managers_mock.py new file mode 100644 index 00000000..2effec4e --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/managers_mock.py @@ -0,0 +1,151 @@ +import data_mock as data + + +def mock_managers(m1): + """ Modify the response from Requests module + """ + register_pdp(m1) + register_meta_rules(m1) + register_policies(m1) + register_models(m1) + register_policy_subject(m1, "policy_id_1") + register_policy_subject(m1, "policy_id_2") + register_policy_object(m1, "policy_id_1") + register_policy_object(m1, "policy_id_2") + register_policy_action(m1, "policy_id_1") + register_policy_action(m1, "policy_id_2") + register_policy_subject_assignment(m1, "policy_id_1", "subject_id") + # register_policy_subject_assignment_list(m1, "policy_id_1") + register_policy_subject_assignment(m1, "policy_id_2", "subject_id") + # register_policy_subject_assignment_list(m1, "policy_id_2") + register_policy_object_assignment(m1, "policy_id_1", "object_id") + # register_policy_object_assignment_list(m1, "policy_id_1") + register_policy_object_assignment(m1, "policy_id_2", "object_id") + # register_policy_object_assignment_list(m1, "policy_id_2") + register_policy_action_assignment(m1, "policy_id_1", "action_id") + # register_policy_action_assignment_list(m1, "policy_id_1") + register_policy_action_assignment(m1, "policy_id_2", "action_id") + # register_policy_action_assignment_list(m1, "policy_id_2") + register_rules(m1, "policy_id1") + + +def register_pdp(m1): + m1.register_uri( + 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'pdp'), + json={'pdps': data.pdp_mock} + ) + + +def register_meta_rules(m1): + m1.register_uri( + 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'meta_rules'), + json={'meta_rules': data.meta_rules_mock} + ) + + +def register_policies(m1): + m1.register_uri( + 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies'), + json={'policies': data.policies_mock} + ) + + +def register_models(m1): + m1.register_uri( + 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'models'), + json={'models': data.models_mock} + ) + + +def register_policy_subject(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/subjects'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', policy_id), + json={'subjects': data.subject_mock[policy_id]} + ) + + +def register_policy_object(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/objects'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', policy_id), + json={'objects': data.object_mock[policy_id]} + ) + + +def register_policy_action(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/actions'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', policy_id), + json={'actions': data.action_mock[policy_id]} + ) + + +def register_policy_subject_assignment(m1, policy_id, subj_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/subject_assignments/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id, + subj_id), + json={'subject_assignments': data.subject_assignment_mock} + ) + + +def register_policy_subject_assignment_list(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/subject_assignments'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id), + json={'subject_assignments': data.subject_assignment_mock} + ) + + +def register_policy_object_assignment(m1, policy_id, obj_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/object_assignments/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id, + obj_id), + json={'object_assignments': data.object_assignment_mock} + ) + + +def register_policy_object_assignment_list(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/object_assignments'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id), + json={'object_assignments': data.object_assignment_mock} + ) + + +def register_policy_action_assignment(m1, policy_id, action_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/action_assignments/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id, + action_id), + json={'action_assignments': data.action_assignment_mock} + ) + + +def register_policy_action_assignment_list(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/action_assignments'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id), + json={'action_assignments': data.action_assignment_mock} + ) + + +def register_rules(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id, 'rules'), + json={'rules': data.rules_mock} + )
\ No newline at end of file diff --git a/moonv4/moon_utilities/tests/unit_python/test_cache_manager.py b/moonv4/moon_utilities/tests/unit_python/test_cache_manager.py new file mode 100644 index 00000000..fb2930aa --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/test_cache_manager.py @@ -0,0 +1,70 @@ +import pytest +import data_mock as data + + +def test_cache_manager(): + from moon_utilities import cache + cache_obj = cache.Cache() + assert cache_obj.pdp is not None + assert cache_obj.meta_rules is not None + assert len(cache_obj.meta_rules) == 2 + assert cache_obj.policies is not None + assert len(cache_obj.policies) == 2 + assert cache_obj.models is not None + + +def test_get_subject_success(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'subject_name' + subject_id = cache_obj.get_subject(policy_id, name) + assert subject_id is not None + + +def test_get_subject_failure(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'invalid name' + with pytest.raises(Exception) as exception_info: + cache_obj.get_subject(policy_id, name) + assert str(exception_info.value) == '400: Subject Unknown' + + +def test_get_object_success(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'object_name' + object_id = cache_obj.get_object(policy_id, name) + assert object_id is not None + + +def test_get_object_failure(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'invalid name' + with pytest.raises(Exception) as exception_info: + cache_obj.get_object(policy_id, name) + assert str(exception_info.value) == '400: Subject Unknown' + + +def test_get_action_success(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'action_name' + action_id = cache_obj.get_action(policy_id, name) + assert action_id is not None + + +def test_get_action_failure(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'invalid name' + with pytest.raises(Exception) as exception_info: + cache_obj.get_action(policy_id, name) + assert str(exception_info.value) == '400: Subject Unknown' |