diff options
-rw-r--r-- | moonv4/moon_utilities/README.md | 26 | ||||
-rw-r--r-- | moonv4/moon_utilities/requirements.txt | 5 | ||||
-rw-r--r-- | moonv4/moon_utilities/setup.py | 17 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/conftest.py | 206 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/data_mock.py | 173 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/managers_mock.py | 151 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/mock_cache.py | 321 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/mock_components.py | 27 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/mock_keystone.py | 23 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/requirements.txt | 2 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/test_cache.py | 72 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/test_cache_manager.py | 70 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/test_configuration.py | 5 | ||||
-rw-r--r-- | moonv4/moon_utilities/tests/unit_python/utilities.py | 136 |
14 files changed, 618 insertions, 616 deletions
diff --git a/moonv4/moon_utilities/README.md b/moonv4/moon_utilities/README.md index f5fa43ca..5003b6c4 100644 --- a/moonv4/moon_utilities/README.md +++ b/moonv4/moon_utilities/README.md @@ -1,6 +1,6 @@ # Moon Python Utilities Package -This package contains the core module for the Moon project -It is designed to provide authorization features to all OpenStack components. +This package contains the core module for the Moon project. +It is designed to provide authorization feature to all OpenStack components. For any other information, refer to the parent project: @@ -10,14 +10,24 @@ moon_utilities is a common Python lib for other Moon Python packages ## Build ### Build Python Package -- `cd moon_utilities` -- `python3 setup.py sdist bdist_wheel` +```Bash +cd moon_utilities +python3 setup.py sdist bdist_wheel +``` ### Push Python Package to PIP +```bash +cd moon_utilities +gpg --detach-sign -u "${GPG_ID}" -a dist/moon_db-X.Y.Z-py3-none-any.whl +gpg --detach-sign -u "${GPG_ID}" -a dist/moon_db-X.Y.Z.tar.gz +twine upload dist/moon_db-X.Y.Z-py3-none-any.whl dist/moon_db-X.Y.Z-py3-none-any.whl.asc +twine upload dist/moon_db-X.Y.Z.tar.gz dist/moon_db-X.Y.Z.tar.gz.asc +``` ## Test ### Python Unit Test -- launch Docker for Python unit tests - - `cd moon_utilities` - - `docker run --rm --volume $(pwd):/data wukongsun/moon_python_unit_test:latest` - +launch Docker for Python unit tests +```bash +cd moon_utilities +docker run --rm --volume $(pwd):/data wukongsun/moon_python_unit_test:latest +``` diff --git a/moonv4/moon_utilities/requirements.txt b/moonv4/moon_utilities/requirements.txt index e30f5d29..5b80e5f2 100644 --- a/moonv4/moon_utilities/requirements.txt +++ b/moonv4/moon_utilities/requirements.txt @@ -1,8 +1,3 @@ -kombu !=4.0.1,!=4.0.0 -oslo.messaging -oslo.config -oslo.log -vine werkzeug flask requests
\ No newline at end of file diff --git a/moonv4/moon_utilities/setup.py b/moonv4/moon_utilities/setup.py index cd7a2577..21e11419 100644 --- a/moonv4/moon_utilities/setup.py +++ b/moonv4/moon_utilities/setup.py @@ -17,11 +17,11 @@ setup( packages=find_packages(), - author="Thomas Duval", + author='Thomas Duval', - author_email="thomas.duval@orange.com", + author_email='thomas.duval@orange.com', - description="Some utilities for all the Moon components", + description='Some utilities for all the Moon components', long_description=open('README.md').read(), @@ -32,12 +32,11 @@ setup( url='https://git.opnfv.org/cgit/moon', classifiers=[ - "Programming Language :: Python", - "Development Status :: 1 - Planning", - "License :: OSI Approved", - "Natural Language :: French", - "Operating System :: OS Independent", - "Programming Language :: Python :: 3", + 'Programming Language :: Python :: 3', + 'Development Status :: 1 - Planning', + 'License :: OSI Approved', + 'Natural Language :: English', + 'Operating System :: OS Independent', ], ) diff --git a/moonv4/moon_utilities/tests/unit_python/conftest.py b/moonv4/moon_utilities/tests/unit_python/conftest.py index 17ba7852..7217586a 100644 --- a/moonv4/moon_utilities/tests/unit_python/conftest.py +++ b/moonv4/moon_utilities/tests/unit_python/conftest.py @@ -1,152 +1,8 @@ -import base64 -import json -import logging -import managers_mock as pdp_manager import pytest import requests_mock - -CONF = { - "openstack": { - "keystone": { - "url": "http://keystone:5000/v3", - "user": "admin", - "check_token": False, - "password": "p4ssw0rd", - "domain": "default", - "certificate": False, - "project": "admin" - } - }, - "components": { - "wrapper": { - "bind": "0.0.0.0", - "port": 8080, - "container": "wukongsun/moon_wrapper:v4.3", - "timeout": 5, - "hostname": "wrapper" - }, - "manager": { - "bind": "0.0.0.0", - "port": 8082, - "container": "wukongsun/moon_manager:v4.3", - "hostname": "manager" - }, - "port_start": 31001, - "orchestrator": { - "bind": "0.0.0.0", - "port": 8083, - "container": "wukongsun/moon_orchestrator:v4.3", - "hostname": "interface" - }, - "interface": { - "bind": "0.0.0.0", - "port": 8080, - "container": "wukongsun/moon_interface:v4.3", - "hostname": "interface" - } - }, - "plugins": { - "session": { - "port": 8082, - "container": "asteroide/session:latest" - }, - "authz": { - "port": 8081, - "container": "wukongsun/moon_authz:v4.3" - } - }, - "logging": { - "handlers": { - "file": { - "filename": "/tmp/moon.log", - "class": "logging.handlers.RotatingFileHandler", - "level": "DEBUG", - "formatter": "custom", - "backupCount": 3, - "maxBytes": 1048576 - }, - "console": { - "class": "logging.StreamHandler", - "formatter": "brief", - "level": "INFO", - "stream": "ext://sys.stdout" - } - }, - "formatters": { - "brief": { - "format": "%(levelname)s %(name)s %(message)-30s" - }, - "custom": { - "format": "%(asctime)-15s %(levelname)s %(name)s %(message)s" - } - }, - "root": { - "handlers": [ - "console" - ], - "level": "ERROR" - }, - "version": 1, - "loggers": { - "moon": { - "handlers": [ - "console", - "file" - ], - "propagate": False, - "level": "DEBUG" - } - } - }, - "slave": { - "name": None, - "master": { - "url": None, - "login": None, - "password": None - } - }, - "docker": { - "url": "tcp://172.88.88.1:2376", - "network": "moon" - }, - "database": { - "url": "sqlite:///database.db", - # "url": "mysql+pymysql://moon:p4sswOrd1@db/moon", - "driver": "sql" - }, - "messenger": { - "url": "rabbit://moon:p4sswOrd1@messenger:5672/moon" - } -} - -COMPONENTS = ( - "logging", - "openstack/keystone", - "database", - "slave", - "components/manager", - "components/orchestrator", - "components/interface", -) - - -def get_b64_conf(component=None): - if component == "components": - return base64.b64encode( - json.dumps(CONF["components"]).encode('utf-8')+b"\n").decode('utf-8') - elif component in CONF: - return base64.b64encode( - json.dumps( - CONF[component]).encode('utf-8')+b"\n").decode('utf-8') - elif not component: - return base64.b64encode( - json.dumps(CONF).encode('utf-8')+b"\n").decode('utf-8') - elif "/" in component: - key1, _, key2 = component.partition("/") - return base64.b64encode( - json.dumps( - CONF[key1][key2]).encode('utf-8')+b"\n").decode('utf-8') +import mock_components +import mock_keystone +import mock_cache @pytest.fixture(autouse=True) @@ -154,56 +10,8 @@ def no_requests(monkeypatch): """ Modify the response from Requests module """ with requests_mock.Mocker(real_http=True) as m: - for component in COMPONENTS: - m.register_uri( - 'GET', 'http://consul:8500/v1/kv/{}'.format(component), - json=[{'Key': component, 'Value': get_b64_conf(component)}] - ) - m.register_uri( - 'GET', 'http://consul:8500/v1/kv/components?recurse=true', - json=[ - {"Key": key, "Value": get_b64_conf(key)} for key in COMPONENTS - ], - # json={'Key': "components", 'Value': get_b64_conf("components")} - ) - m.register_uri( - 'POST', 'http://keystone:5000/v3/auth/tokens', - headers={'X-Subject-Token': "111111111"} - ) - m.register_uri( - 'DELETE', 'http://keystone:5000/v3/auth/tokens', - headers={'X-Subject-Token': "111111111"} - ) - m.register_uri( - 'POST', 'http://keystone:5000/v3/users?name=testuser&domain_id=default', - json={"users": {}} - ) - m.register_uri( - 'GET', 'http://keystone:5000/v3/users?name=testuser&domain_id=default', - json={"users": {}} - ) - m.register_uri( - 'POST', 'http://keystone:5000/v3/users/', - json={"users": [{ - "id": "1111111111111" - }]} - ) - pdp_manager.mock_managers(m) + mock_components.register_components(m) + mock_keystone.register_keystone(m) + mock_cache.register_cache(m) print("End registering URI") - # from moon_db.db_manager import init_engine, run - # engine = init_engine() - # print("engine={}".format(engine)) - # run("upgrade", logging.getLogger("db_manager"), engine) - # print("End populating the DB.") - yield m - - -# @pytest.fixture(autouse=True, scope="session") -# def manage_database(): -# from moon_db.db_manager import init_engine, run -# engine = init_engine() -# run("upgrade", logging.getLogger("db_manager"), engine) -# yield -# print("Will close the DB") - - + yield m
\ No newline at end of file diff --git a/moonv4/moon_utilities/tests/unit_python/data_mock.py b/moonv4/moon_utilities/tests/unit_python/data_mock.py deleted file mode 100644 index 0da5f024..00000000 --- a/moonv4/moon_utilities/tests/unit_python/data_mock.py +++ /dev/null @@ -1,173 +0,0 @@ -COMPONENTS = { - "manager": { - "port": 8082, - "hostname": "manager" - } -} - -pdp_mock = { - "pdp_id1": { - "name": "...", - "security_pipeline": ["policy_id_1", "policy_id_2"], - "keystone_project_id": "keystone_project_id1", - "description": "...", - }, - "pdp_id12": { - "name": "...", - "security_pipeline": ["policy_id_1", "policy_id_2"], - "keystone_project_id": "keystone_project_id1", - "description": "...", - } -} - -meta_rules_mock = { - "meta_rule_id1": { - "name": "meta_rule1", - "algorithm": "name of the meta rule algorithm", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - }, - "meta_rule_id2": { - "name": "name of the meta rules2", - "algorithm": "name of the meta rule algorithm", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - } -} - -policies_mock = { - "policy_id_1": { - "name": "test_policy1", - "model_id": "model_id_1", - "genre": "authz", - "description": "test", - }, - "policy_id_2": { - "name": "test_policy2", - "model_id": "model_id_2", - "genre": "authz", - "description": "test", - } -} -subject_mock = { - "policy_id_1": { - "subject_id": { - "name": "subject_name", - "keystone_id": "keystone_project_id1", - "description": "a description" - } - }, - "policy_id_2": { - "subject_id": { - "name": "subject_name", - "keystone_id": "keystone_project_id1", - "description": "a description" - } - } -} -subject_assignment_mock = { - "subject_id": { - "policy_id": "ID of the policy", - "subject_id": "ID of the subject", - "category_id": "ID of the category", - "assignments": [], - } -} -object_mock = { - "policy_id_1": { - "object_id": { - "name": "object_name", - "description": "a description" - } - }, - "policy_id_2": { - "object_id": { - "name": "object_name", - "description": "a description" - } - } -} - -object_assignment_mock = { - "object_id": { - "policy_id": "ID of the policy", - "object_id": "ID of the object", - "category_id": "ID of the category", - "assignments": [], - } -} - -action_mock = { - "policy_id_1": { - "action_id": { - "name": "action_name", - "description": "a description" - } - }, - "policy_id_2": { - "action_id": { - "name": "action_name", - "description": "a description" - } - } -} - -action_assignment_mock = { - "action_id": { - "policy_id": "ID of the policy", - "action_id": "ID of the action", - "category_id": "ID of the category", - "assignments": [], - } -} - -models_mock = { - "model_id_1": { - "name": "test_model", - "description": "test", - "meta_rules": ["meta_rule_id1"] - }, - "model_id_2": { - "name": "test_model", - "description": "test", - "meta_rules": ["meta_rule_id2"] - }, -} - -rules_mock = { - "rules": { - "meta_rule_id": "meta_rule_id1", - "rule_id1": { - "rule": ["subject_data_id1", - "object_data_id1", - "action_data_id1"], - "instructions": ( - {"decision": "grant"}, - # "grant" to immediately exit, - # "continue" to wait for the result of next policy - # "deny" to deny the request - ) - }, - "rule_id2": { - "rule": ["subject_data_id2", - "object_data_id2", - "action_data_id2"], - "instructions": ( - { - "update": { - "operation": "add", - # operations may be "add" or "delete" - "target": "rbac:role:admin" - # add the role admin to the current user - } - }, - {"chain": {"name": "rbac"}} - # chain with the policy named rbac - ) - } - } -} diff --git a/moonv4/moon_utilities/tests/unit_python/managers_mock.py b/moonv4/moon_utilities/tests/unit_python/managers_mock.py deleted file mode 100644 index 2effec4e..00000000 --- a/moonv4/moon_utilities/tests/unit_python/managers_mock.py +++ /dev/null @@ -1,151 +0,0 @@ -import data_mock as data - - -def mock_managers(m1): - """ Modify the response from Requests module - """ - register_pdp(m1) - register_meta_rules(m1) - register_policies(m1) - register_models(m1) - register_policy_subject(m1, "policy_id_1") - register_policy_subject(m1, "policy_id_2") - register_policy_object(m1, "policy_id_1") - register_policy_object(m1, "policy_id_2") - register_policy_action(m1, "policy_id_1") - register_policy_action(m1, "policy_id_2") - register_policy_subject_assignment(m1, "policy_id_1", "subject_id") - # register_policy_subject_assignment_list(m1, "policy_id_1") - register_policy_subject_assignment(m1, "policy_id_2", "subject_id") - # register_policy_subject_assignment_list(m1, "policy_id_2") - register_policy_object_assignment(m1, "policy_id_1", "object_id") - # register_policy_object_assignment_list(m1, "policy_id_1") - register_policy_object_assignment(m1, "policy_id_2", "object_id") - # register_policy_object_assignment_list(m1, "policy_id_2") - register_policy_action_assignment(m1, "policy_id_1", "action_id") - # register_policy_action_assignment_list(m1, "policy_id_1") - register_policy_action_assignment(m1, "policy_id_2", "action_id") - # register_policy_action_assignment_list(m1, "policy_id_2") - register_rules(m1, "policy_id1") - - -def register_pdp(m1): - m1.register_uri( - 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'pdp'), - json={'pdps': data.pdp_mock} - ) - - -def register_meta_rules(m1): - m1.register_uri( - 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'meta_rules'), - json={'meta_rules': data.meta_rules_mock} - ) - - -def register_policies(m1): - m1.register_uri( - 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies'), - json={'policies': data.policies_mock} - ) - - -def register_models(m1): - m1.register_uri( - 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'models'), - json={'models': data.models_mock} - ) - - -def register_policy_subject(m1, policy_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/subjects'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', policy_id), - json={'subjects': data.subject_mock[policy_id]} - ) - - -def register_policy_object(m1, policy_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/objects'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', policy_id), - json={'objects': data.object_mock[policy_id]} - ) - - -def register_policy_action(m1, policy_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/actions'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', policy_id), - json={'actions': data.action_mock[policy_id]} - ) - - -def register_policy_subject_assignment(m1, policy_id, subj_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/subject_assignments/{}'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', - policy_id, - subj_id), - json={'subject_assignments': data.subject_assignment_mock} - ) - - -def register_policy_subject_assignment_list(m1, policy_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/subject_assignments'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', - policy_id), - json={'subject_assignments': data.subject_assignment_mock} - ) - - -def register_policy_object_assignment(m1, policy_id, obj_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/object_assignments/{}'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', - policy_id, - obj_id), - json={'object_assignments': data.object_assignment_mock} - ) - - -def register_policy_object_assignment_list(m1, policy_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/object_assignments'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', - policy_id), - json={'object_assignments': data.object_assignment_mock} - ) - - -def register_policy_action_assignment(m1, policy_id, action_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/action_assignments/{}'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', - policy_id, - action_id), - json={'action_assignments': data.action_assignment_mock} - ) - - -def register_policy_action_assignment_list(m1, policy_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/action_assignments'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', - policy_id), - json={'action_assignments': data.action_assignment_mock} - ) - - -def register_rules(m1, policy_id): - m1.register_uri( - 'GET', 'http://{}:{}/{}/{}/{}'.format(data.COMPONENTS['manager']['hostname'], - data.COMPONENTS['manager']['port'], 'policies', - policy_id, 'rules'), - json={'rules': data.rules_mock} - )
\ No newline at end of file diff --git a/moonv4/moon_utilities/tests/unit_python/mock_cache.py b/moonv4/moon_utilities/tests/unit_python/mock_cache.py new file mode 100644 index 00000000..b2b287a9 --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/mock_cache.py @@ -0,0 +1,321 @@ +from utilities import CONF + +pdp_mock = { + "pdp_id1": { + "name": "...", + "security_pipeline": ["policy_id_1", "policy_id_2"], + "keystone_project_id": "keystone_project_id1", + "description": "...", + }, + "pdp_id12": { + "name": "...", + "security_pipeline": ["policy_id_1", "policy_id_2"], + "keystone_project_id": "keystone_project_id1", + "description": "...", + } +} + +meta_rules_mock = { + "meta_rule_id1": { + "name": "meta_rule1", + "algorithm": "name of the meta rule algorithm", + "subject_categories": ["subject_category_id1", + "subject_category_id2"], + "object_categories": ["object_category_id1"], + "action_categories": ["action_category_id1"] + }, + "meta_rule_id2": { + "name": "name of the meta rules2", + "algorithm": "name of the meta rule algorithm", + "subject_categories": ["subject_category_id1", + "subject_category_id2"], + "object_categories": ["object_category_id1"], + "action_categories": ["action_category_id1"] + } +} + +policies_mock = { + "policy_id_1": { + "name": "test_policy1", + "model_id": "model_id_1", + "genre": "authz", + "description": "test", + }, + "policy_id_2": { + "name": "test_policy2", + "model_id": "model_id_2", + "genre": "authz", + "description": "test", + } +} + +subject_mock = { + "policy_id_1": { + "subject_id": { + "name": "subject_name", + "keystone_id": "keystone_project_id1", + "description": "a description" + } + }, + "policy_id_2": { + "subject_id": { + "name": "subject_name", + "keystone_id": "keystone_project_id1", + "description": "a description" + } + } +} + +subject_assignment_mock = { + "subject_id": { + "policy_id": "ID of the policy", + "subject_id": "ID of the subject", + "category_id": "ID of the category", + "assignments": [], + } +} + +object_mock = { + "policy_id_1": { + "object_id": { + "name": "object_name", + "description": "a description" + } + }, + "policy_id_2": { + "object_id": { + "name": "object_name", + "description": "a description" + } + } +} + +object_assignment_mock = { + "object_id": { + "policy_id": "ID of the policy", + "object_id": "ID of the object", + "category_id": "ID of the category", + "assignments": [], + } +} + +action_mock = { + "policy_id_1": { + "action_id": { + "name": "action_name", + "description": "a description" + } + }, + "policy_id_2": { + "action_id": { + "name": "action_name", + "description": "a description" + } + } +} + +action_assignment_mock = { + "action_id": { + "policy_id": "ID of the policy", + "action_id": "ID of the action", + "category_id": "ID of the category", + "assignments": [], + } +} + +models_mock = { + "model_id_1": { + "name": "test_model", + "description": "test", + "meta_rules": ["meta_rule_id1"] + }, + "model_id_2": { + "name": "test_model", + "description": "test", + "meta_rules": ["meta_rule_id2"] + }, +} + +rules_mock = { + "rules": { + "meta_rule_id": "meta_rule_id1", + "rule_id1": { + "rule": ["subject_data_id1", + "object_data_id1", + "action_data_id1"], + "instructions": ( + {"decision": "grant"}, + # "grant" to immediately exit, + # "continue" to wait for the result of next policy + # "deny" to deny the request + ) + }, + "rule_id2": { + "rule": ["subject_data_id2", + "object_data_id2", + "action_data_id2"], + "instructions": ( + { + "update": { + "operation": "add", + # operations may be "add" or "delete" + "target": "rbac:role:admin" + # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} + # chain with the policy named rbac + ) + } + } +} + + +def register_cache(m): + """ Modify the response from Requests module + """ + register_pdp(m) + register_meta_rules(m) + register_policies(m) + register_models(m) + register_policy_subject(m, "policy_id_1") + register_policy_subject(m, "policy_id_2") + register_policy_object(m, "policy_id_1") + register_policy_object(m, "policy_id_2") + register_policy_action(m, "policy_id_1") + register_policy_action(m, "policy_id_2") + register_policy_subject_assignment(m, "policy_id_1", "subject_id") + # register_policy_subject_assignment_list(m1, "policy_id_1") + register_policy_subject_assignment(m, "policy_id_2", "subject_id") + # register_policy_subject_assignment_list(m1, "policy_id_2") + register_policy_object_assignment(m, "policy_id_1", "object_id") + # register_policy_object_assignment_list(m1, "policy_id_1") + register_policy_object_assignment(m, "policy_id_2", "object_id") + # register_policy_object_assignment_list(m1, "policy_id_2") + register_policy_action_assignment(m, "policy_id_1", "action_id") + # register_policy_action_assignment_list(m1, "policy_id_1") + register_policy_action_assignment(m, "policy_id_2", "action_id") + # register_policy_action_assignment_list(m1, "policy_id_2") + register_rules(m, "policy_id1") + + +def register_pdp(m): + m.register_uri( + 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'pdp'), + json={'pdps': pdp_mock} + ) + + +def register_meta_rules(m): + m.register_uri( + 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'meta_rules'), + json={'meta_rules': meta_rules_mock} + ) + + +def register_policies(m): + m.register_uri( + 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies'), + json={'policies': policies_mock} + ) + + +def register_models(m): + m.register_uri( + 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'models'), + json={'models': models_mock} + ) + + +def register_policy_subject(m, policy_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/subjects'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', policy_id), + json={'subjects': subject_mock[policy_id]} + ) + + +def register_policy_object(m, policy_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/objects'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', policy_id), + json={'objects': object_mock[policy_id]} + ) + + +def register_policy_action(m, policy_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/actions'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', policy_id), + json={'actions': action_mock[policy_id]} + ) + + +def register_policy_subject_assignment(m, policy_id, subj_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/subject_assignments/{}'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', + policy_id, + subj_id), + json={'subject_assignments': subject_assignment_mock} + ) + + +def register_policy_subject_assignment_list(m, policy_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/subject_assignments'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', + policy_id), + json={'subject_assignments': subject_assignment_mock} + ) + + +def register_policy_object_assignment(m, policy_id, obj_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/object_assignments/{}'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', + policy_id, + obj_id), + json={'object_assignments': object_assignment_mock} + ) + + +def register_policy_object_assignment_list(m, policy_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/object_assignments'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', + policy_id), + json={'object_assignments': object_assignment_mock} + ) + + +def register_policy_action_assignment(m, policy_id, action_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/action_assignments/{}'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', + policy_id, + action_id), + json={'action_assignments': action_assignment_mock} + ) + + +def register_policy_action_assignment_list(m, policy_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/action_assignments'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', + policy_id), + json={'action_assignments': action_assignment_mock} + ) + + +def register_rules(m, policy_id): + m.register_uri( + 'GET', 'http://{}:{}/{}/{}/{}'.format(CONF['components']['manager']['hostname'], + CONF['components']['manager']['port'], 'policies', + policy_id, 'rules'), + json={'rules': rules_mock} + )
\ No newline at end of file diff --git a/moonv4/moon_utilities/tests/unit_python/mock_components.py b/moonv4/moon_utilities/tests/unit_python/mock_components.py new file mode 100644 index 00000000..a0319e1a --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/mock_components.py @@ -0,0 +1,27 @@ +import utilities + +COMPONENTS = ( + "logging", + "openstack/keystone", + "database", + "slave", + "components/manager", + "components/orchestrator", + "components/interface", +) + + +def register_components(m): + for component in COMPONENTS: + m.register_uri( + 'GET', 'http://consul:8500/v1/kv/{}'.format(component), + json=[{'Key': component, 'Value': utilities.get_b64_conf(component)}] + ) + + m.register_uri( + 'GET', 'http://consul:8500/v1/kv/components?recurse=true', + json=[ + {"Key": key, "Value": utilities.get_b64_conf(key)} for key in COMPONENTS + ], + # json={'Key': "components", 'Value': get_b64_conf("components")} + )
\ No newline at end of file diff --git a/moonv4/moon_utilities/tests/unit_python/mock_keystone.py b/moonv4/moon_utilities/tests/unit_python/mock_keystone.py new file mode 100644 index 00000000..c0b26b88 --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/mock_keystone.py @@ -0,0 +1,23 @@ +def register_keystone(m): + m.register_uri( + 'POST', 'http://keystone:5000/v3/auth/tokens', + headers={'X-Subject-Token': "111111111"} + ) + m.register_uri( + 'DELETE', 'http://keystone:5000/v3/auth/tokens', + headers={'X-Subject-Token': "111111111"} + ) + m.register_uri( + 'POST', 'http://keystone:5000/v3/users?name=testuser&domain_id=default', + json={"users": {}} + ) + m.register_uri( + 'GET', 'http://keystone:5000/v3/users?name=testuser&domain_id=default', + json={"users": {}} + ) + m.register_uri( + 'POST', 'http://keystone:5000/v3/users/', + json={"users": [{ + "id": "1111111111111" + }]} + )
\ No newline at end of file diff --git a/moonv4/moon_utilities/tests/unit_python/requirements.txt b/moonv4/moon_utilities/tests/unit_python/requirements.txt new file mode 100644 index 00000000..3c1ad607 --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/requirements.txt @@ -0,0 +1,2 @@ +pytest +requests_mock
\ No newline at end of file diff --git a/moonv4/moon_utilities/tests/unit_python/test_cache.py b/moonv4/moon_utilities/tests/unit_python/test_cache.py index 15c5f22a..3d4f7292 100644 --- a/moonv4/moon_utilities/tests/unit_python/test_cache.py +++ b/moonv4/moon_utilities/tests/unit_python/test_cache.py @@ -1,5 +1,75 @@ +import pytest -def test_cache(): + +def test_authz_request(): from moon_utilities import cache c = cache.Cache() assert isinstance(c.authz_requests, dict) + + +def test_get_subject_success(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'subject_name' + subject_id = cache_obj.get_subject(policy_id, name) + assert subject_id is not None + + +def test_get_subject_failure(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'invalid name' + with pytest.raises(Exception) as exception_info: + cache_obj.get_subject(policy_id, name) + assert str(exception_info.value) == '400: Subject Unknown' + + +def test_get_object_success(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'object_name' + object_id = cache_obj.get_object(policy_id, name) + assert object_id is not None + + +def test_get_object_failure(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'invalid name' + with pytest.raises(Exception) as exception_info: + cache_obj.get_object(policy_id, name) + assert str(exception_info.value) == '400: Subject Unknown' + + +def test_get_action_success(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'action_name' + action_id = cache_obj.get_action(policy_id, name) + assert action_id is not None + + +def test_get_action_failure(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'invalid name' + with pytest.raises(Exception) as exception_info: + cache_obj.get_action(policy_id, name) + assert str(exception_info.value) == '400: Subject Unknown' + + +def test_cache_manager(): + from moon_utilities import cache + cache_obj = cache.Cache() + assert cache_obj.pdp is not None + assert cache_obj.meta_rules is not None + assert len(cache_obj.meta_rules) == 2 + assert cache_obj.policies is not None + assert len(cache_obj.policies) == 2 + assert cache_obj.models is not None
\ No newline at end of file diff --git a/moonv4/moon_utilities/tests/unit_python/test_cache_manager.py b/moonv4/moon_utilities/tests/unit_python/test_cache_manager.py deleted file mode 100644 index fb2930aa..00000000 --- a/moonv4/moon_utilities/tests/unit_python/test_cache_manager.py +++ /dev/null @@ -1,70 +0,0 @@ -import pytest -import data_mock as data - - -def test_cache_manager(): - from moon_utilities import cache - cache_obj = cache.Cache() - assert cache_obj.pdp is not None - assert cache_obj.meta_rules is not None - assert len(cache_obj.meta_rules) == 2 - assert cache_obj.policies is not None - assert len(cache_obj.policies) == 2 - assert cache_obj.models is not None - - -def test_get_subject_success(): - from moon_utilities import cache - cache_obj = cache.Cache() - policy_id = 'policy_id_1' - name = 'subject_name' - subject_id = cache_obj.get_subject(policy_id, name) - assert subject_id is not None - - -def test_get_subject_failure(): - from moon_utilities import cache - cache_obj = cache.Cache() - policy_id = 'policy_id_1' - name = 'invalid name' - with pytest.raises(Exception) as exception_info: - cache_obj.get_subject(policy_id, name) - assert str(exception_info.value) == '400: Subject Unknown' - - -def test_get_object_success(): - from moon_utilities import cache - cache_obj = cache.Cache() - policy_id = 'policy_id_1' - name = 'object_name' - object_id = cache_obj.get_object(policy_id, name) - assert object_id is not None - - -def test_get_object_failure(): - from moon_utilities import cache - cache_obj = cache.Cache() - policy_id = 'policy_id_1' - name = 'invalid name' - with pytest.raises(Exception) as exception_info: - cache_obj.get_object(policy_id, name) - assert str(exception_info.value) == '400: Subject Unknown' - - -def test_get_action_success(): - from moon_utilities import cache - cache_obj = cache.Cache() - policy_id = 'policy_id_1' - name = 'action_name' - action_id = cache_obj.get_action(policy_id, name) - assert action_id is not None - - -def test_get_action_failure(): - from moon_utilities import cache - cache_obj = cache.Cache() - policy_id = 'policy_id_1' - name = 'invalid name' - with pytest.raises(Exception) as exception_info: - cache_obj.get_action(policy_id, name) - assert str(exception_info.value) == '400: Subject Unknown' diff --git a/moonv4/moon_utilities/tests/unit_python/test_configuration.py b/moonv4/moon_utilities/tests/unit_python/test_configuration.py new file mode 100644 index 00000000..0ebff995 --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/test_configuration.py @@ -0,0 +1,5 @@ + +def test_get_components(): + from moon_utilities import configuration + assert isinstance(configuration.get_components(), dict) + diff --git a/moonv4/moon_utilities/tests/unit_python/utilities.py b/moonv4/moon_utilities/tests/unit_python/utilities.py new file mode 100644 index 00000000..1d79d890 --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/utilities.py @@ -0,0 +1,136 @@ +import base64 +import json + + +CONF = { + "openstack": { + "keystone": { + "url": "http://keystone:5000/v3", + "user": "admin", + "check_token": False, + "password": "p4ssw0rd", + "domain": "default", + "certificate": False, + "project": "admin" + } + }, + "components": { + "wrapper": { + "bind": "0.0.0.0", + "port": 8080, + "container": "wukongsun/moon_wrapper:v4.3", + "timeout": 5, + "hostname": "wrapper" + }, + "manager": { + "bind": "0.0.0.0", + "port": 8082, + "container": "wukongsun/moon_manager:v4.3", + "hostname": "manager" + }, + "port_start": 31001, + "orchestrator": { + "bind": "0.0.0.0", + "port": 8083, + "container": "wukongsun/moon_orchestrator:v4.3", + "hostname": "interface" + }, + "interface": { + "bind": "0.0.0.0", + "port": 8080, + "container": "wukongsun/moon_interface:v4.3", + "hostname": "interface" + } + }, + "plugins": { + "session": { + "port": 8082, + "container": "asteroide/session:latest" + }, + "authz": { + "port": 8081, + "container": "wukongsun/moon_authz:v4.3" + } + }, + "logging": { + "handlers": { + "file": { + "filename": "/tmp/moon.log", + "class": "logging.handlers.RotatingFileHandler", + "level": "DEBUG", + "formatter": "custom", + "backupCount": 3, + "maxBytes": 1048576 + }, + "console": { + "class": "logging.StreamHandler", + "formatter": "brief", + "level": "INFO", + "stream": "ext://sys.stdout" + } + }, + "formatters": { + "brief": { + "format": "%(levelname)s %(name)s %(message)-30s" + }, + "custom": { + "format": "%(asctime)-15s %(levelname)s %(name)s %(message)s" + } + }, + "root": { + "handlers": [ + "console" + ], + "level": "ERROR" + }, + "version": 1, + "loggers": { + "moon": { + "handlers": [ + "console", + "file" + ], + "propagate": False, + "level": "DEBUG" + } + } + }, + "slave": { + "name": None, + "master": { + "url": None, + "login": None, + "password": None + } + }, + "docker": { + "url": "tcp://172.88.88.1:2376", + "network": "moon" + }, + "database": { + "url": "sqlite:///database.db", + # "url": "mysql+pymysql://moon:p4sswOrd1@db/moon", + "driver": "sql" + }, + "messenger": { + "url": "rabbit://moon:p4sswOrd1@messenger:5672/moon" + } +} + + +def get_b64_conf(component=None): + if component == "components": + return base64.b64encode( + json.dumps(CONF["components"]).encode('utf-8')+b"\n").decode('utf-8') + elif component in CONF: + return base64.b64encode( + json.dumps( + CONF[component]).encode('utf-8')+b"\n").decode('utf-8') + elif not component: + return base64.b64encode( + json.dumps(CONF).encode('utf-8')+b"\n").decode('utf-8') + elif "/" in component: + key1, _, key2 = component.partition("/") + return base64.b64encode( + json.dumps( + CONF[key1][key2]).encode('utf-8')+b"\n").decode('utf-8') |