aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README.md392
-rw-r--r--kubernetes/README.md39
-rw-r--r--kubernetes/conf/ports.conf24
-rw-r--r--kubernetes/start_moon.sh37
-rw-r--r--moon_forming/Dockerfile (renamed from templates/moon_forming/Dockerfile)2
-rw-r--r--moon_forming/README.md44
-rw-r--r--moon_forming/conf2consul.py (renamed from templates/moon_forming/conf2consul.py)0
-rw-r--r--moon_forming/run.sh (renamed from templates/moon_forming/run.sh)23
-rw-r--r--moon_gui/README.md110
-rw-r--r--moon_pythonunittest/Dockerfile (renamed from templates/moon_pythonunittest/Dockerfile)0
-rw-r--r--moon_pythonunittest/README.md (renamed from templates/moon_pythonunittest/README.md)0
-rw-r--r--moon_pythonunittest/requirements.txt (renamed from templates/moon_pythonunittest/requirements.txt)0
-rw-r--r--moon_pythonunittest/run_tests.sh (renamed from templates/moon_pythonunittest/run_tests.sh)0
-rw-r--r--moonclient/Changelog29
-rw-r--r--moonclient/LICENSE176
-rw-r--r--moonclient/MANIFEST.in5
-rw-r--r--moonclient/README.rst17
-rw-r--r--moonclient/moonclient/__init__.py1
-rw-r--r--moonclient/moonclient/action_assignments.py149
-rw-r--r--moonclient/moonclient/action_categories.py102
-rw-r--r--moonclient/moonclient/action_scopes.py123
-rw-r--r--moonclient/moonclient/actions.py102
-rw-r--r--moonclient/moonclient/configuration.py64
-rw-r--r--moonclient/moonclient/intraextension.py170
-rw-r--r--moonclient/moonclient/logs.py96
-rw-r--r--moonclient/moonclient/metarules.py214
-rw-r--r--moonclient/moonclient/object_assignments.py149
-rw-r--r--moonclient/moonclient/object_categories.py102
-rw-r--r--moonclient/moonclient/object_scopes.py123
-rw-r--r--moonclient/moonclient/objects.py102
-rw-r--r--moonclient/moonclient/rules.py242
-rw-r--r--moonclient/moonclient/shell.py264
-rw-r--r--moonclient/moonclient/subject_assignments.py149
-rw-r--r--moonclient/moonclient/subject_categories.py102
-rw-r--r--moonclient/moonclient/subject_scopes.py123
-rw-r--r--moonclient/moonclient/subjects.py119
-rw-r--r--moonclient/moonclient/tenants.py200
-rw-r--r--moonclient/moonclient/tests.py251
-rw-r--r--moonclient/moonclient/tests/functional_tests.sh131
-rw-r--r--moonclient/moonclient/tests/tests_action_assignments.json371
-rw-r--r--moonclient/moonclient/tests/tests_action_categories.json241
-rw-r--r--moonclient/moonclient/tests/tests_action_scopes.json259
-rw-r--r--moonclient/moonclient/tests/tests_actions.json241
-rw-r--r--moonclient/moonclient/tests/tests_admin_intraextensions.json128
-rw-r--r--moonclient/moonclient/tests/tests_configuration.json235
-rw-r--r--moonclient/moonclient/tests/tests_object_assignments.json385
-rw-r--r--moonclient/moonclient/tests/tests_object_categories.json241
-rw-r--r--moonclient/moonclient/tests/tests_object_scopes.json259
-rw-r--r--moonclient/moonclient/tests/tests_objects.json241
-rw-r--r--moonclient/moonclient/tests/tests_root_intraextensions.json47
-rw-r--r--moonclient/moonclient/tests/tests_rules.json378
-rw-r--r--moonclient/moonclient/tests/tests_subject_assignments.json371
-rw-r--r--moonclient/moonclient/tests/tests_subject_categories.json241
-rw-r--r--moonclient/moonclient/tests/tests_subject_scopes.json259
-rw-r--r--moonclient/moonclient/tests/tests_subjects.json241
-rw-r--r--moonclient/moonclient/tests/tests_submetarules.json294
-rw-r--r--moonclient/moonclient/tests/tests_tenants.json106
-rw-r--r--moonclient/moonclient/tests/todo/tests_empty_policy_new_user.json3627
-rw-r--r--moonclient/moonclient/tests/todo/tests_empty_policy_nova.json1079
-rw-r--r--moonclient/moonclient/tests/todo/tests_empty_policy_swift.json1175
-rw-r--r--moonclient/moonclient/tests/todo/tests_external_commands.json228
-rw-r--r--moonclient/requirements.txt3
-rw-r--r--moonclient/setup.py133
-rw-r--r--python_moonclient/Changelog10
-rw-r--r--python_moonclient/python_moonclient/__init__.py2
-rw-r--r--python_moonclient/python_moonclient/config.py44
-rw-r--r--python_moonclient/python_moonclient/scripts.py83
-rw-r--r--python_moonclient/setup.py8
-rw-r--r--python_moondb/tests/unit_python/mock_keystone.py12
-rwxr-xr-x[-rw-r--r--]python_moondb/tests/unit_python/models/__init__.py (renamed from templates/moon_forming/utils/__init__.py)0
-rw-r--r--python_moondb/tests/unit_python/models/test_meta_rules.py175
-rw-r--r--python_moondb/tests/unit_python/models/test_models.py161
-rw-r--r--python_moondb/tests/unit_python/policies/__init__.py0
-rw-r--r--python_moondb/tests/unit_python/policies/mock_data.py45
-rwxr-xr-xpython_moondb/tests/unit_python/policies/test_assignments.py245
-rwxr-xr-xpython_moondb/tests/unit_python/policies/test_data.py513
-rwxr-xr-xpython_moondb/tests/unit_python/policies/test_policies.py161
-rw-r--r--python_moondb/tests/unit_python/test_keystone.py53
-rwxr-xr-xpython_moondb/tests/unit_python/test_pdp.py69
-rw-r--r--python_moondb/tests/unit_python/test_policies.py77
-rw-r--r--python_moonutilities/python_moonutilities/exceptions.py16
-rw-r--r--templates/moon_forming/README.md12
-rw-r--r--templates/moon_forming/moon.conf79
-rw-r--r--templates/moon_forming/populate_default_values.py235
-rw-r--r--templates/moon_forming/utils/config.py22
-rw-r--r--templates/moon_forming/utils/models.py270
-rw-r--r--templates/moon_forming/utils/pdp.py163
-rw-r--r--templates/moon_forming/utils/policies.py635
-rw-r--r--tests/functional/scenario_available/delegation.py (renamed from tests/scenario/delegation.py)0
-rw-r--r--tests/functional/scenario_available/mls.py (renamed from templates/moon_forming/conf/mls.py)0
-rw-r--r--tests/functional/scenario_available/rbac.py (renamed from templates/moon_forming/conf/rbac.py)0
-rw-r--r--tests/functional/scenario_available/rbac_custom_100.py (renamed from tests/scenario/rbac_custom_100.py)0
-rw-r--r--tests/functional/scenario_available/rbac_custom_1000.py (renamed from tests/scenario/rbac_custom_1000.py)0
-rw-r--r--tests/functional/scenario_available/rbac_custom_50.py (renamed from tests/scenario/rbac_custom_50.py)0
-rw-r--r--tests/functional/scenario_available/rbac_large.py (renamed from tests/scenario/rbac_large.py)0
-rw-r--r--tests/functional/scenario_available/rbac_mls.py (renamed from tests/scenario/rbac_mls.py)0
-rw-r--r--tests/functional/scenario_available/session.py (renamed from tests/scenario/session.py)0
-rw-r--r--tests/functional/scenario_available/session_large.py (renamed from tests/scenario/session_large.py)0
l---------tests/functional/scenario_enabled/mls.py1
l---------tests/functional/scenario_enabled/rbac.py1
-rw-r--r--tests/functional/scenario_tests/mls.py (renamed from tests/scenario/mls.py)19
-rw-r--r--tests/functional/scenario_tests/rbac.py (renamed from tests/scenario/rbac.py)29
-rw-r--r--tests/get_keystone_projects.py16
-rw-r--r--tests/performance/README.md121
-rw-r--r--tests/populate_default_values.py37
-rw-r--r--tests/send_authz.py32
-rw-r--r--tools/bin/README.md (renamed from bin/README.md)0
-rw-r--r--tools/bin/bootstrap.py (renamed from bin/bootstrap.py)0
-rw-r--r--tools/bin/build_all.sh (renamed from bin/build_all.sh)0
-rw-r--r--tools/bin/build_all_pip.sh (renamed from bin/build_all_pip.sh)0
-rw-r--r--tools/bin/delete_orchestrator.sh (renamed from bin/delete_orchestrator.sh)0
-rw-r--r--tools/bin/moon_lib_update.sh (renamed from bin/moon_lib_update.sh)0
-rw-r--r--tools/bin/set_auth.src (renamed from bin/set_auth.src)0
-rwxr-xr-xtools/bin/start.sh (renamed from bin/start.sh)0
-rw-r--r--tools/moon_keystone/Dockerfile (renamed from templates/moon_keystone/Dockerfile)0
-rw-r--r--tools/moon_keystone/README.md (renamed from templates/moon_keystone/README.md)0
-rw-r--r--tools/moon_keystone/run.sh (renamed from templates/moon_keystone/run.sh)0
-rw-r--r--tools/moon_kubernetes/README.md106
-rw-r--r--tools/moon_kubernetes/conf/moon.conf (renamed from templates/moon/moon.conf)0
-rw-r--r--tools/moon_kubernetes/conf/password_moon.txt (renamed from kubernetes/conf/password_moon.txt)0
-rw-r--r--tools/moon_kubernetes/conf/password_root.txt (renamed from kubernetes/conf/password_root.txt)0
-rw-r--r--tools/moon_kubernetes/init_k8s.sh (renamed from kubernetes/init_k8s.sh)8
-rw-r--r--tools/moon_kubernetes/start_moon.sh36
-rw-r--r--tools/moon_kubernetes/templates/consul.yaml (renamed from kubernetes/templates/consul.yaml)0
-rw-r--r--tools/moon_kubernetes/templates/db.yaml (renamed from kubernetes/templates/db.yaml)31
-rw-r--r--tools/moon_kubernetes/templates/keystone.yaml (renamed from kubernetes/templates/keystone.yaml)0
-rw-r--r--tools/moon_kubernetes/templates/kube-dns.yaml (renamed from kubernetes/templates/kube-dns.yaml)0
-rw-r--r--tools/moon_kubernetes/templates/moon_forming.yaml (renamed from kubernetes/templates/moon_configuration.yaml)13
-rw-r--r--tools/moon_kubernetes/templates/moon_gui.yaml (renamed from kubernetes/templates/moon_gui.yaml)0
-rw-r--r--tools/moon_kubernetes/templates/moon_manager.yaml (renamed from kubernetes/templates/moon_manager.yaml)0
-rw-r--r--tools/moon_kubernetes/templates/moon_orchestrator.yaml (renamed from kubernetes/templates/moon_orchestrator.yaml)0
-rw-r--r--tools/openstack/README.md73
-rw-r--r--tools/openstack/glance/policy.json (renamed from templates/openstack/glance/policy.json)0
-rw-r--r--tools/openstack/nova/policy.json (renamed from templates/openstack/nova/policy.json)0
134 files changed, 2095 insertions, 16277 deletions
diff --git a/README.md b/README.md
index ba3604d6..2710d5a7 100644
--- a/README.md
+++ b/README.md
@@ -3,283 +3,59 @@ __Version 4.3__
This directory contains all the modules for running the Moon platform.
-## Installation
-### kubeadm
-You must follow those explanations to install `kubeadm`:
-> https://kubernetes.io/docs/setup/independent/install-kubeadm/
-
-To summarize, you must install `docker`:
-```bash
-apt update
-apt install -y docker.io
-```
-
-And then, install `kubeadm`:
-```bash
-apt update && apt install -y apt-transport-https
-curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
-cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
-deb http://apt.kubernetes.io/ kubernetes-xenial main
-EOF
-apt update
-apt install -y kubelet kubeadm kubectl
-```
-
-### Moon
-The Moon code is not necessary to start the platform but you need
-Kubernetes configuration files from the GIT repository.
-
-The easy way is to clone the Moon code:
-```bash
-git clone https://git.opnfv.org/moon
-cd moon/moonv4
-export MOON=$(pwd)
-```
-
-### OpenStack
-You must have the following OpenStack components installed somewhere:
-- nova, see [Nova install](https://docs.openstack.org/mitaka/install-guide-ubuntu/nova-controller-install.html)
-- glance, see [Glance install](https://docs.openstack.org/glance/pike/install/)
-
-A Keystone component is automatically installed and configured in the Moon platform.
-After the Moon platform installation, the Keystone server will be available
-at: `http://localhost:30005 or http://\<servername\>:30005`
-
-You can also use your own Keystone server if you want.
-
-## Initialisation
-### kubeadm
-The `kubeadm` platform can be initialized with the following shell script:
-```bash
-sh kubernetes/init_k8s.sh
-```
-
-Wait until all the kubeadm containers are in the `running` state:
-```bash
-watch kubectl get po --namespace=kube-system
-```
-
-You must see something like this:
-
- $ kubectl get po --namespace=kube-system
- NAME READY STATUS RESTARTS AGE
- calico-etcd-7qgjb 1/1 Running 0 1h
- calico-node-f8zvm 2/2 Running 1 1h
- calico-policy-controller-59fc4f7888-ns9kv 1/1 Running 0 1h
- etcd-varuna 1/1 Running 0 1h
- kube-apiserver-varuna 1/1 Running 0 1h
- kube-controller-manager-varuna 1/1 Running 0 1h
- kube-dns-bfbb49cd7-rgqxn 3/3 Running 0 1h
- kube-proxy-x88wg 1/1 Running 0 1h
- kube-scheduler-varuna 1/1 Running 0 1h
-
-### Moon
-The Moon platform is composed on the following components:
-* `consul`: a Consul configuration server
-* `db`: a MySQL database server
-* `keystone`: a Keystone authentication server
-* `gui`: a Moon web interface
-* `manager`: the Moon manager for the database
-* `orchestrator`: the Moon component that manage pods in te K8S platform
-* `wrapper`: the Moon endpoint where OpenStack component connect to.
-
-At this point, you must choose one of the following options:
-* Specific configuration
-* Generic configuration
-
-#### Specific Configuration
-Why using a specific configuration:
-1. The `db` and `keystone` can be installed by yourself but you must configure the
-Moon platform to use them.
-2. You want to change the default passwords in the Moon platform
-
-Use the following commands: `TODO`
-
-#### Generic Configuration
-Why using a specific configuration:
-1. You just want to test the platform
-2. You want to develop on the Moon platform
-
-The `Moon` platform can be initialized with the following shell script:
-```bash
-sh kubernetes/start_moon.sh
-```
-
-Wait until all the Moon containers are in the `running` state:
-```bash
-watch kubectl get po --namespace=moon
-```
-
-You must see something like this:
-
- $ kubectl get po --namespace=moon
- NAME READY STATUS RESTARTS AGE
- consul-57b6d66975-9qnfx 1/1 Running 0 52m
- db-867f9c6666-bq8cf 1/1 Running 0 52m
- gui-bc9878b58-q288x 1/1 Running 0 51m
- keystone-7d9cdbb69f-bl6ln 1/1 Running 0 52m
- manager-5bfbb96988-2nvhd 1/1 Running 0 51m
- manager-5bfbb96988-fg8vj 1/1 Running 0 51m
- manager-5bfbb96988-w9wnk 1/1 Running 0 51m
- orchestrator-65d8fb4574-tnfx2 1/1 Running 0 51m
- wrapper-astonishing-748b7dcc4f-ngsvp 1/1 Running 0 51m
-
-## Configuration
-### Moon
-#### Introduction
-The Moon platform is already configured after the installation.
-If you want to see or modify the configuration, go with a web browser
-to the following page:
-
-> http://localhost:30006
-
-This is a consul server, you can update the configuration in the `KEY/VALUE` tab.
-There are some configuration items, lots of them are only read when a new K8S pod is started
-and not during its life cycle.
-
-**WARNING: some confidential information are put here in clear text.
-This is a known security issue.**
-
-#### Keystone
-If you have your own Keystone server, you can point Moon to your server in the
-`openstack/keystone` element or through the link:
-> http://localhost:30005/ui/#/dc1/kv/openstack/keystone/edit
-
-This configuration element is read every time Moon need it, specially when adding users.
-
-#### Database
-The database can also be modified here:
-> http://varuna:30005/ui/#/dc1/kv/database/edit
-
-**WARNING: the password is in clear text, this is a known security issue.**
-
-If you want to use your own database server, change the configuration:
-
- {"url": "mysql+pymysql://my_user:my_secret_password@my_server/moon", "driver": "sql"}
-
-Then you have to rebuild the database before using it.
-This can be done with the following commands:
-
- cd $MOON
- kubectl delete -f kubernetes/templates/moon_configuration.yaml
- kubectl create -f kubernetes/templates/moon_configuration.yaml
-
-
-### OpenStack
-Before updating the configuration of the OpenStack platform, check that the platform
-is working without Moon, use the following commands:
-```bash
-# set authentication
-openstack endpoint list
-openstack user list
-openstack server list
-```
-
-In order to connect the OpenStack platform with the Moon platform, you must update some
-configuration files in Nova and Glance:
-* `/etc/nova/policy.json`
-* `/etc/glance/policy.json`
-
-In some installed platform, the `/etc/nova/policy.json` can be absent so you have
-to create one. You can find example files in those directory:
-> ${MOON}/moonv4/templates/nova/policy.json
-> ${MOON}/moonv4/templates/glance/policy.json
-
-Each line is mapped to an OpenStack API interface, for example, the following line
-allows the user to get details for every virtual machines in the cloud
-(the corresponding shell command is `openstack server list`):
-
- "os_compute_api:servers:detail": "",
-
-This lines indicates that there is no special authorisation to use this API,
-every users can use it. If you want that the Moon platform handles that authorisation,
-update this line with:
-
- "os_compute_api:servers:detail": "http://my_hostname:31001/authz"
-
-1) by replacing `my_hostname` with the hostname (od the IP address) of the Moon platform.
-2) by updating the TCP port (default: 31001) with the good one.
-
-To find this TCP port, use the following command:
-
- $ kubectl get services -n moon | grep wrapper | cut -d ":" -f 2 | cut -d " " -f 1
- 31002/TCP
-
-### Moon
+## Platform Setup
+- [Docker installation](tools/moon_kubernetes/README.md)
+- [kubeadm installation](tools/moon_kubernetes/README.md)
+- [Moon deployment](tools/moon_kubernetes/README.md)
+- [OpenStack deployment](tools/openstack/README.md)
+
+
+## Micro-service Architecture
+The Moon platform is composed on the following components/containers:
+- *consul*: a Consul configuration server
+- *db*: a MySQL database server
+- *keystone*: a Keystone authentication server
+- [gui](moon_gui/README.md): a Moon web interface
+- [manager](moon_manager/README.md): the Moon manager for the database
+- [orchestrator](moon_orchestrator/README.md): the Moon component that manage pods in te K8S platform
+- [wrapper](moon_wrapper/README.md): the Moon endpoint where OpenStack component connect to.
+
+
+## Manipulation
+### moon_gui
The Moon platform comes with a graphical user interface which can be used with
-a web browser at this URL:
-> http://$MOON_HOST:30002
+a web browser at this URL `http://$MOON_HOST:30002`
You will be asked to put a login and password. Those elements are the login and password
of the Keystone server, if you didn't modify the Keystone server, you will find the
-login and password here:
-> http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit
+login and password here `http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit`
**WARNING: the password is in clear text, this is a known security issue.**
-The Moon platform can also be requested through its API:
-> http://$MOON_HOST:30001
+### moon_manager
+The Moon platform can also be requested through its API `http://$MOON_HOST:30001`
**WARNING: By default, no login/password will be needed because of
the configuration which is in DEV mode.**
If you want more security, you have to update the configuration of the Keystone server here:
-> http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit
-
+`http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit`
by modifying the `check_token` argument to `yes`.
If you write this modification, your requests to Moon API must always include a valid token
taken from the Keystone server. This token must be place in the header of the request
(`X-Auth-Token`).
-## usage
-### tests the platform
-In order to know if the platform is healthy, here are some commands you can use.
-1) Check that all the K8S pods in the Moon namespace are in running state:
-`kubectl get pods -n moon`
-
-2) Check if the Manager API is running:
+### End-to-end Functional Test
+Check if the Manager API is running:
```bash
curl http://$MOON_HOST:30001
curl http://$MOON_HOST:30001/pdp
curl http://$MOON_HOST:30001/policies
```
-
-If you configured the authentication in the Moon platform:
-```bash
-curl -i \
- -H "Content-Type: application/json" \
- -d '
-{ "auth": {
- "identity": {
- "methods": ["password"],
- "password": {
- "user": {
- "name": "admin",
- "domain": { "id": "default" },
- "password": "<set_your_password_here>"
- }
- }
- },
- "scope": {
- "project": {
- "name": "admin",
- "domain": { "id": "default" }
- }
- }
- }
-}' \
- "http://moon_hostname:30006/v3/auth/tokens" ; echo
-
-curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001
-curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/pdp
-curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/policies
-```
-
-3) Use a web browser to navigate to the GUI and enter the login and password of the keystone service:
-`firefox http://$MOON_HOST:30002`
-4) Use tests Python Scripts
-check firstly the Consul service for *Components/Manager*, e.g.
+### Consul Check
+Check the Consul service for
+- *Components/Manager*, e.g.
```json
{
"port": 8082,
@@ -292,7 +68,7 @@ check firstly the Consul service for *Components/Manager*, e.g.
}
}
```
-*OpenStack/Keystone*: e.g.
+- *OpenStack/Keystone*: e.g.
```json
{
"url": "http://keystone:5000/v3",
@@ -308,74 +84,44 @@ check firstly the Consul service for *Components/Manager*, e.g.
}
```
+### Tests
+Launch functional [test scenario](tests/functional/scenario_enabled) :
```bash
-python3 populate_default_values.py --consul-host=$MOON_HOST --consul-port=30005 -v scenario/rbac_large.py
-python3 send_authz.py --consul-host=$MOON_HOST --consul-port=30005 --authz-host=$MOON_HOST --authz-port=31002 -v scenario/rbac_large.py
+sudo pip install python_moonclient --upgrade
+cd $MOON_HOME/tests/functional/scenario_tests
+moon_populate_values --consul-host=$MOON_HOST --consul-port=30005 -v rbac_large.py
+moon_send_authz --consul-host=$MOON_HOST --consul-port=30005 --authz-host=$AUTHZ_HOST --authz-port=$AUTHZ_PORT -v rbac_large.py
```
-
-### GUI usage
-After authentication, you will see 4 tabs: Project, Models, Policies, PDP:
-
-* *Projects*: configure mapping between Keystone projects and PDP (Policy Decision Point)
-* *Models*: configure templates of policies (for example RBAC or MLS)
-* *Policies*: applied models or instantiated models ;
-on one policy, you map a authorisation model and set subject, objects and action that will
-rely on that model
-* *PDP*: Policy Decision Point, this is the link between Policies and Keystone Project
-
-In the following paragraphs, we will add a new user in OpenStack and allow her to list
-all VM on the OpenStack platform.
-
-First, add a new user and a new project in the OpenStack platform:
-
- openstack user create --password-prompt demo_user
- openstack project create demo
- DEMO_USER=$(openstack user list | grep demo_user | cut -d " " -f 2)
- DEMO_PROJECT=$(openstack project list | grep demo | cut -d " " -f 2)
- openstack role add --user $DEMO_USER --project $DEMO_PROJECT admin
-
-You have to add the same user in the Moon interface:
-
-1. go to the `Projects` tab in the Moon interface
-1. go to the line corresponding to the new project and click to the `Map to a PDP` link
-1. select in the combobox the MLS PDP and click `OK`
-1. in the Moon interface, go to the `Policy` tab
-1. go to the line corresponding to the MLS policy and click on the `actions->edit` button
-1. scroll to the `Perimeters` line and click on the `show` link to show the perimeter configuration
-1. go to the `Add a subject` line and click on `Add a new perimeter`
-1. set the name of that subject to `demo_user` (*the name must be strictly identical*)
-1. in the combobox named `Policy list` select the `MLS` policy and click on the `+` button
-1. click on the yellow `Add Perimeter` button
-1. go to the `Assignment` line and click on the `show` button
-1. under the `Add a Assignments Subject` select the MLS policy,
-the new user (`demo_user`), the category `subject_category_level`
-1. in the `Select a Data` line, choose the `High` scope and click on the `+` link
-1. click on the yellow `Create Assignments` button
-1. if you go to the OpenStack platform, the `demo_user` is now allow to connect
-to the Nova component (test with `openstack server list` connected with the `demo_user`)
-
-
-## Annexes
-
-### connect to the OpenStack platform
-
-Here is a shell script to authenticate to the OpenStack platform as `admin`:
-
- export OS_USERNAME=admin
- export OS_PASSWORD=p4ssw0rd
- export OS_REGION_NAME=Orange
- export OS_TENANT_NAME=admin
- export OS_AUTH_URL=http://moon_hostname:30006/v3
- export OS_DOMAIN_NAME=Default
- export OS_IDENTITY_API_VERSION=3
-
-For the `demo_user`, use:
-
- export OS_USERNAME=demo_user
- export OS_PASSWORD=your_secret_password
- export OS_REGION_NAME=Orange
- export OS_TENANT_NAME=demo
- export OS_AUTH_URL=http://moon_hostname:30006/v3
- export OS_DOMAIN_NAME=Default
- export OS_IDENTITY_API_VERSION=3
+## Annexe
+### Authentication
+If you configured the authentication in the Moon platform:
+```bash
+curl -i \
+ -H "Content-Type: application/json" \
+ -d '
+{ "auth": {
+ "identity": {
+ "methods": ["password"],
+ "password": {
+ "user": {
+ "name": "admin",
+ "domain": { "id": "default" },
+ "password": "<set_your_password_here>"
+ }
+ }
+ },
+ "scope": {
+ "project": {
+ "name": "admin",
+ "domain": { "id": "default" }
+ }
+ }
+ }
+}' \
+ "http://moon_hostname:30006/v3/auth/tokens" ; echo
+
+curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001
+curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/pdp
+curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/policies
+``` \ No newline at end of file
diff --git a/kubernetes/README.md b/kubernetes/README.md
deleted file mode 100644
index b5320dd6..00000000
--- a/kubernetes/README.md
+++ /dev/null
@@ -1,39 +0,0 @@
-# Moon Platform Setup
-## K8S Installation
-Choose the right K8S platform
-### Minikube
-```bash
-curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
-chmod +x ./kubectl
-sudo mv ./kubectl /usr/local/bin/kubectl
-curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.21.0/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
-```
-
-### Kubeadm
-see: https://kubernetes.io/docs/setup/independent/install-kubeadm/
-```bash
-apt-get update && apt-get install -y apt-transport-https
-curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
-cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
-deb http://apt.kubernetes.io/ kubernetes-xenial main
-EOF
-apt-get update
-apt-get install -y kubelet kubeadm kubectl
-```
-
-## Moon Deployment
-### Creation
-Execute the script : init_k8s.sh
-```bash
-sudo bash init_k8s.sh
-watch kubectl get po --namespace=kube-system
-```
-Wait until all pods are in "Running" state (crtl-c to stop the watch command)
-
-### Execution
-Execute the script : start_moon.sh
-```bash
-sudo bash start_moon.sh
-watch kubectl get po --namespace=moon
-```
-
diff --git a/kubernetes/conf/ports.conf b/kubernetes/conf/ports.conf
deleted file mode 100644
index 487945c0..00000000
--- a/kubernetes/conf/ports.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-manager:
- port: 8082
- kport: 30001
-gui:
- port: 3000
- kport: 30002
-orchestrator:
- port: 8083
- kport: 30003
-
-consul:
- port: 8500
- kport: 30005
-keystone:
- port: 5000
- kport: 30006
-
-wrapper:
- port: 8080
- kport: 30010
-interface:
- port: 8080
-authz:
- port: 8081
diff --git a/kubernetes/start_moon.sh b/kubernetes/start_moon.sh
deleted file mode 100644
index 8121e319..00000000
--- a/kubernetes/start_moon.sh
+++ /dev/null
@@ -1,37 +0,0 @@
-#!/usr/bin/env bash
-
-set -x
-
-kubectl create namespace moon
-kubectl create configmap moon-config --from-file conf/moon.conf -n moon
-kubectl create configmap config --from-file ~/.kube/config -n moon
-kubectl create secret generic mysql-root-pass --from-file=kubernetes/conf/password_root.txt -n moon
-kubectl create secret generic mysql-pass --from-file=kubernetes/conf/password_moon.txt -n moon
-
-kubectl create -n moon -f kubernetes/templates/consul.yaml
-kubectl create -n moon -f kubernetes/templates/db.yaml
-kubectl create -n moon -f kubernetes/templates/keystone.yaml
-
-echo =========================================
-kubectl get pods -n moon
-echo =========================================
-
-sleep 10
-kubectl create -n moon -f kubernetes/templates/moon_configuration.yaml
-
-echo Waiting for jobs moonforming
-sleep 5
-kubectl get jobs -n moon
-kubectl logs -n moon jobs/moonforming
-
-sleep 5
-
-kubectl create -n moon -f kubernetes/templates/moon_manager.yaml
-
-sleep 2
-
-kubectl create -n moon -f kubernetes/templates/moon_orchestrator.yaml
-
-kubectl create -n moon -f kubernetes/templates/moon_gui.yaml
-
-
diff --git a/templates/moon_forming/Dockerfile b/moon_forming/Dockerfile
index fe48eee0..bc6b699e 100644
--- a/templates/moon_forming/Dockerfile
+++ b/moon_forming/Dockerfile
@@ -1,6 +1,6 @@
FROM python:3
WORKDIR /usr/src/app
-RUN pip install --no-cache-dir --upgrade requests pyyaml python_moonutilities python_moondb
+RUN pip install --no-cache-dir --upgrade requests pyyaml python_moonutilities python_moondb python_moonclient
ENV POPULATE_ARGS "-v"
diff --git a/moon_forming/README.md b/moon_forming/README.md
new file mode 100644
index 00000000..cc08f676
--- /dev/null
+++ b/moon_forming/README.md
@@ -0,0 +1,44 @@
+# Moon Forming
+moon_forming is a container to automatize the configuration of the Moon platform
+
+## Run
+```bash
+docker run wukongsun/moon_forming:latest
+```
+
+## Consul
+The Moon platform is already configured after the installation.
+If you want to see or modify the configuration, go with a web browser
+to the following page: `http://localhost:30006`.
+
+With the consul server, you can update the configuration in the `KEY/VALUE` tab.
+There are some configuration items, lots of them are only read when a new K8S pod is started
+and not during its life cycle.
+
+**WARNING: some confidential information are put here in clear text.
+This is a known security issue.**
+
+### Keystone
+If you have your own Keystone server, you can point Moon to your Keystone in the
+`openstack/keystone` element: `http://localhost:30005/ui/#/dc1/kv/openstack/keystone/edit`.
+This configuration element is read every time Moon need it, specially when adding users.
+
+### Database
+The database can also be modified through: `http://localhost:30005/ui/#/dc1/kv/database/edit`.
+
+**WARNING: the password is in clear text, this is a known security issue.**
+
+If you want to use your own database server, change the configuration:
+
+ {"url": "mysql+pymysql://my_user:my_secret_password@my_server/moon", "driver": "sql"}
+
+Then you have to rebuild the database before using it.
+This can be done with the following commands:
+```bash
+kubectl delete -f $MOON_HOME/tools/moon_kubernetes/templates/moon_forming.yaml
+kubectl create -f $MOON_HOME/tools/moon_kubernetes/templates/moon_forming.yaml
+```
+
+
+
+
diff --git a/templates/moon_forming/conf2consul.py b/moon_forming/conf2consul.py
index 46c99d5c..46c99d5c 100644
--- a/templates/moon_forming/conf2consul.py
+++ b/moon_forming/conf2consul.py
diff --git a/templates/moon_forming/run.sh b/moon_forming/run.sh
index 71543f9e..6cf90f56 100644
--- a/templates/moon_forming/run.sh
+++ b/moon_forming/run.sh
@@ -5,9 +5,9 @@ populate_args=$*
echo "Waiting for Consul (http://consul:8500)"
while ! python -c "import requests; req = requests.get('http://consul:8500')" 2>/dev/null ; do
sleep 5 ;
- echo "."
+ echo -n "."
done
-
+echo "."
echo "Consul (http://consul:8500) is up."
python3 /root/conf2consul.py /etc/moon/moon.conf
@@ -15,9 +15,9 @@ python3 /root/conf2consul.py /etc/moon/moon.conf
echo "Waiting for DB (tcp://db:3306)"
while ! python -c "import socket, sys; s = socket.socket(socket.AF_INET, socket.SOCK_STREAM); s.connect(('db', 3306)); sys.exit(0)" 2>/dev/null ; do
sleep 5 ;
- echo "."
+ echo -n "."
done
-
+echo "."
echo "Database (http://db:3306) is up."
moon_db_manager upgrade
@@ -25,20 +25,19 @@ moon_db_manager upgrade
echo "Waiting for Keystone (http://keystone:5000)"
while ! python -c "import requests; req = requests.get('http://keystone:5000')" 2>/dev/null ; do
sleep 5 ;
- echo "."
+ echo -n "."
done
-
+echo "."
echo "Keystone (http://keystone:5000) is up."
echo "Waiting for Manager (http://manager:8082)"
while ! python -c "import requests; req = requests.get('http://manager:8082')" 2>/dev/null ; do
sleep 5 ;
- echo "."
+ echo -n "."
done
-
+echo "."
echo "Manager (http://manager:8082) is up."
-cd /root
-
-python3 populate_default_values.py $populate_args /root/conf/rbac.py
-python3 populate_default_values.py $populate_args /root/conf/mls.py
+for i in /data/*.py ; do
+ moon_populate_values $populate_args --consul-host=consul --consul-port=8500 $i
+done
diff --git a/moon_gui/README.md b/moon_gui/README.md
index ff6e5a97..ea46b079 100644
--- a/moon_gui/README.md
+++ b/moon_gui/README.md
@@ -1,63 +1,71 @@
-
-GUI for the Moon project
-================================
-
+# GUI for the Moon project
This directory contains all the code for the Moon project
It is designed to provide a running GUI of the Moon platform instance.
-
## Usage
-
-### Prerequist
-- `sudo apt-get install nodejs nodejs-legacy`
-- `sudo npm install --global gulp-cli`
-
-
-### Install all packages
-- `cd $MOON_HOME/moon_gui`
-- `sudo npm install`
-
-### Run the GUI
-- `gulp webServerDelivery`
-- Open your web browser
-
+- Prerequist
+ - `sudo apt-get install nodejs nodejs-legacy`
+ - `sudo npm install --global gulp-cli`
+- Install all packages
+ - `cd $MOON_HOME/moon_gui`
+ - `sudo npm install`
+- Run the GUI
+ - `gulp webServerDelivery`
+ - Open your web browser
## Configuration
+- build the delivery package: `gulp delivery`
+- launch the Web Server: `gulp webServerDelivery`
-### Build the delivery package
-- `gulp delivery`
-### Launch the Web Server
-- `gulp webServerDelivery`
-
-### Development
-
-During the development it is possible to use following commands :
-- `gulp build`
-Launch a Web Server
-- `gulp webServer`
+## Development
+- during the development it is possible to use following commands: `gulp build`
+- launch a Web Server: `gulp webServer`
- Gulp webServer will refresh the browser when a file related to the application changed
-
-
-### Constants
-It is possible to change some constants (API endpoints)
-- $MOON_HOME/moon_gui/static/app/moon.constants.js
-
-
-### CORS
+- it is possible to change some constants (API endpoints): `$MOON_HOME/moon_gui/static/app/moon.constants.js`
+## CORS
The GUI need to connect itself to Keystone and Moon.
Opening CORS to the GUI WebServer is required.
-
-In order to modify Keystone :
-
-`cd $pathtoVmSpace/docker/keystone`
-
-Concerned file is run.sh
-
-In order to modify Moon :
-
-`cd $MOON_HOME/moon_interface/interface`
-
-Concerned file is http_server.py
-
+- modify Keystone: `$MOON_HOME/tools/moon_keystone/run.sh`
+- modify Moon: `$MOON_HOME/moon_interface/interface/http_server.py`
+## Usage
+After authentication, you will see 4 tabs: Project, Models, Policies, PDP:
+
+* *Projects*: configure mapping between Keystone projects and PDP (Policy Decision Point)
+* *Models*: configure templates of policies (for example RBAC or MLS)
+* *Policies*: applied models or instantiated models ;
+on one policy, you map a authorisation model and set subject, objects and action that will
+rely on that model
+* *PDP*: Policy Decision Point, this is the link between Policies and Keystone Project
+
+In the following paragraphs, we will add a new user in OpenStack and allow her to list
+all VM on the OpenStack platform.
+
+First, add a new user and a new project in the OpenStack platform:
+
+ openstack user create --password-prompt demo_user
+ openstack project create demo
+ DEMO_USER=$(openstack user list | grep demo_user | cut -d " " -f 2)
+ DEMO_PROJECT=$(openstack project list | grep demo | cut -d " " -f 2)
+ openstack role add --user $DEMO_USER --project $DEMO_PROJECT admin
+
+You have to add the same user in the Moon interface:
+
+1. go to the `Projects` tab in the Moon interface
+1. go to the line corresponding to the new project and click to the `Map to a PDP` link
+1. select in the combobox the MLS PDP and click `OK`
+1. in the Moon interface, go to the `Policy` tab
+1. go to the line corresponding to the MLS policy and click on the `actions->edit` button
+1. scroll to the `Perimeters` line and click on the `show` link to show the perimeter configuration
+1. go to the `Add a subject` line and click on `Add a new perimeter`
+1. set the name of that subject to `demo_user` (*the name must be strictly identical*)
+1. in the combobox named `Policy list` select the `MLS` policy and click on the `+` button
+1. click on the yellow `Add Perimeter` button
+1. go to the `Assignment` line and click on the `show` button
+1. under the `Add a Assignments Subject` select the MLS policy,
+the new user (`demo_user`), the category `subject_category_level`
+1. in the `Select a Data` line, choose the `High` scope and click on the `+` link
+1. click on the yellow `Create Assignments` button
+1. if you go to the OpenStack platform, the `demo_user` is now allow to connect
+to the Nova component (test with `openstack server list` connected with the `demo_user`) \ No newline at end of file
diff --git a/templates/moon_pythonunittest/Dockerfile b/moon_pythonunittest/Dockerfile
index b8fb5151..b8fb5151 100644
--- a/templates/moon_pythonunittest/Dockerfile
+++ b/moon_pythonunittest/Dockerfile
diff --git a/templates/moon_pythonunittest/README.md b/moon_pythonunittest/README.md
index 45d3a988..45d3a988 100644
--- a/templates/moon_pythonunittest/README.md
+++ b/moon_pythonunittest/README.md
diff --git a/templates/moon_pythonunittest/requirements.txt b/moon_pythonunittest/requirements.txt
index b611b008..b611b008 100644
--- a/templates/moon_pythonunittest/requirements.txt
+++ b/moon_pythonunittest/requirements.txt
diff --git a/templates/moon_pythonunittest/run_tests.sh b/moon_pythonunittest/run_tests.sh
index 6c586f87..6c586f87 100644
--- a/templates/moon_pythonunittest/run_tests.sh
+++ b/moon_pythonunittest/run_tests.sh
diff --git a/moonclient/Changelog b/moonclient/Changelog
deleted file mode 100644
index 1326511a..00000000
--- a/moonclient/Changelog
+++ /dev/null
@@ -1,29 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-
-CHANGES
-=======
-
-0.4.0
------
-
-* Add an argument to force the name of the logfile for test command.
-
-0.3.0
------
-
-* Return code matches now the number of error occurred during tests
-
-0.2.0
------
-
-* Update tests command by adding a "--self" attribute
-
-
-0.1.0
------
-
-* Initialization of Moon Client \ No newline at end of file
diff --git a/moonclient/LICENSE b/moonclient/LICENSE
deleted file mode 100644
index 68c771a0..00000000
--- a/moonclient/LICENSE
+++ /dev/null
@@ -1,176 +0,0 @@
-
- Apache License
- Version 2.0, January 2004
- http://www.apache.org/licenses/
-
- TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
- 1. Definitions.
-
- "License" shall mean the terms and conditions for use, reproduction,
- and distribution as defined by Sections 1 through 9 of this document.
-
- "Licensor" shall mean the copyright owner or entity authorized by
- the copyright owner that is granting the License.
-
- "Legal Entity" shall mean the union of the acting entity and all
- other entities that control, are controlled by, or are under common
- control with that entity. For the purposes of this definition,
- "control" means (i) the power, direct or indirect, to cause the
- direction or management of such entity, whether by contract or
- otherwise, or (ii) ownership of fifty percent (50%) or more of the
- outstanding shares, or (iii) beneficial ownership of such entity.
-
- "You" (or "Your") shall mean an individual or Legal Entity
- exercising permissions granted by this License.
-
- "Source" form shall mean the preferred form for making modifications,
- including but not limited to software source code, documentation
- source, and configuration files.
-
- "Object" form shall mean any form resulting from mechanical
- transformation or translation of a Source form, including but
- not limited to compiled object code, generated documentation,
- and conversions to other media types.
-
- "Work" shall mean the work of authorship, whether in Source or
- Object form, made available under the License, as indicated by a
- copyright notice that is included in or attached to the work
- (an example is provided in the Appendix below).
-
- "Derivative Works" shall mean any work, whether in Source or Object
- form, that is based on (or derived from) the Work and for which the
- editorial revisions, annotations, elaborations, or other modifications
- represent, as a whole, an original work of authorship. For the purposes
- of this License, Derivative Works shall not include works that remain
- separable from, or merely link (or bind by name) to the interfaces of,
- the Work and Derivative Works thereof.
-
- "Contribution" shall mean any work of authorship, including
- the original version of the Work and any modifications or additions
- to that Work or Derivative Works thereof, that is intentionally
- submitted to Licensor for inclusion in the Work by the copyright owner
- or by an individual or Legal Entity authorized to submit on behalf of
- the copyright owner. For the purposes of this definition, "submitted"
- means any form of electronic, verbal, or written communication sent
- to the Licensor or its representatives, including but not limited to
- communication on electronic mailing lists, source code control systems,
- and issue tracking systems that are managed by, or on behalf of, the
- Licensor for the purpose of discussing and improving the Work, but
- excluding communication that is conspicuously marked or otherwise
- designated in writing by the copyright owner as "Not a Contribution."
-
- "Contributor" shall mean Licensor and any individual or Legal Entity
- on behalf of whom a Contribution has been received by Licensor and
- subsequently incorporated within the Work.
-
- 2. Grant of Copyright License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- copyright license to reproduce, prepare Derivative Works of,
- publicly display, publicly perform, sublicense, and distribute the
- Work and such Derivative Works in Source or Object form.
-
- 3. Grant of Patent License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- (except as stated in this section) patent license to make, have made,
- use, offer to sell, sell, import, and otherwise transfer the Work,
- where such license applies only to those patent claims licensable
- by such Contributor that are necessarily infringed by their
- Contribution(s) alone or by combination of their Contribution(s)
- with the Work to which such Contribution(s) was submitted. If You
- institute patent litigation against any entity (including a
- cross-claim or counterclaim in a lawsuit) alleging that the Work
- or a Contribution incorporated within the Work constitutes direct
- or contributory patent infringement, then any patent licenses
- granted to You under this License for that Work shall terminate
- as of the date such litigation is filed.
-
- 4. Redistribution. You may reproduce and distribute copies of the
- Work or Derivative Works thereof in any medium, with or without
- modifications, and in Source or Object form, provided that You
- meet the following conditions:
-
- (a) You must give any other recipients of the Work or
- Derivative Works a copy of this License; and
-
- (b) You must cause any modified files to carry prominent notices
- stating that You changed the files; and
-
- (c) You must retain, in the Source form of any Derivative Works
- that You distribute, all copyright, patent, trademark, and
- attribution notices from the Source form of the Work,
- excluding those notices that do not pertain to any part of
- the Derivative Works; and
-
- (d) If the Work includes a "NOTICE" text file as part of its
- distribution, then any Derivative Works that You distribute must
- include a readable copy of the attribution notices contained
- within such NOTICE file, excluding those notices that do not
- pertain to any part of the Derivative Works, in at least one
- of the following places: within a NOTICE text file distributed
- as part of the Derivative Works; within the Source form or
- documentation, if provided along with the Derivative Works; or,
- within a display generated by the Derivative Works, if and
- wherever such third-party notices normally appear. The contents
- of the NOTICE file are for informational purposes only and
- do not modify the License. You may add Your own attribution
- notices within Derivative Works that You distribute, alongside
- or as an addendum to the NOTICE text from the Work, provided
- that such additional attribution notices cannot be construed
- as modifying the License.
-
- You may add Your own copyright statement to Your modifications and
- may provide additional or different license terms and conditions
- for use, reproduction, or distribution of Your modifications, or
- for any such Derivative Works as a whole, provided Your use,
- reproduction, and distribution of the Work otherwise complies with
- the conditions stated in this License.
-
- 5. Submission of Contributions. Unless You explicitly state otherwise,
- any Contribution intentionally submitted for inclusion in the Work
- by You to the Licensor shall be under the terms and conditions of
- this License, without any additional terms or conditions.
- Notwithstanding the above, nothing herein shall supersede or modify
- the terms of any separate license agreement you may have executed
- with Licensor regarding such Contributions.
-
- 6. Trademarks. This License does not grant permission to use the trade
- names, trademarks, service marks, or product names of the Licensor,
- except as required for reasonable and customary use in describing the
- origin of the Work and reproducing the content of the NOTICE file.
-
- 7. Disclaimer of Warranty. Unless required by applicable law or
- agreed to in writing, Licensor provides the Work (and each
- Contributor provides its Contributions) on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied, including, without limitation, any warranties or conditions
- of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- PARTICULAR PURPOSE. You are solely responsible for determining the
- appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.
-
- 8. Limitation of Liability. In no event and under no legal theory,
- whether in tort (including negligence), contract, or otherwise,
- unless required by applicable law (such as deliberate and grossly
- negligent acts) or agreed to in writing, shall any Contributor be
- liable to You for damages, including any direct, indirect, special,
- incidental, or consequential damages of any character arising as a
- result of this License or out of the use or inability to use the
- Work (including but not limited to damages for loss of goodwill,
- work stoppage, computer failure or malfunction, or any and all
- other commercial damages or losses), even if such Contributor
- has been advised of the possibility of such damages.
-
- 9. Accepting Warranty or Additional Liability. While redistributing
- the Work or Derivative Works thereof, You may choose to offer,
- and charge a fee for, acceptance of support, warranty, indemnity,
- or other liability obligations and/or rights consistent with this
- License. However, in accepting such obligations, You may act only
- on Your own behalf and on Your sole responsibility, not on behalf
- of any other Contributor, and only if You agree to indemnify,
- defend, and hold each Contributor harmless for any liability
- incurred by, or claims asserted against, such Contributor by reason
- of your accepting any such warranty or additional liability.
-
diff --git a/moonclient/MANIFEST.in b/moonclient/MANIFEST.in
deleted file mode 100644
index ef125662..00000000
--- a/moonclient/MANIFEST.in
+++ /dev/null
@@ -1,5 +0,0 @@
-include README.rst
-include Changelog
-include LICENSE
-include requirements.txt
-graft moonclient/tests
diff --git a/moonclient/README.rst b/moonclient/README.rst
deleted file mode 100644
index 1263f187..00000000
--- a/moonclient/README.rst
+++ /dev/null
@@ -1,17 +0,0 @@
-Moon Client
-===========
-
-Installation
-------------
-
-* `sudo python setup.py install`
-
-* `cd ~/devstack || source openrc admin`
-
-
-Manipulation
-------------
-
-* `moon tenant list`
-
-
diff --git a/moonclient/moonclient/__init__.py b/moonclient/moonclient/__init__.py
deleted file mode 100644
index 6a9beea8..00000000
--- a/moonclient/moonclient/__init__.py
+++ /dev/null
@@ -1 +0,0 @@
-__version__ = "0.4.0"
diff --git a/moonclient/moonclient/action_assignments.py b/moonclient/moonclient/action_assignments.py
deleted file mode 100644
index 5625a2f2..00000000
--- a/moonclient/moonclient/action_assignments.py
+++ /dev/null
@@ -1,149 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class ActionAssignmentsList(Lister):
- """List all action assignments."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionAssignmentsList, self).get_parser(prog_name)
- parser.add_argument(
- 'action_id',
- metavar='<action-uuid>',
- help='Action UUID',
- )
- parser.add_argument(
- 'action_category_id',
- metavar='<action-category-uuid>',
- help='Action category UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def __get_scope_from_id(self, intraextension_id, action_category_id, action_scope_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(
- intraextension_id, action_category_id),
- authtoken=True)
- if action_scope_id in data:
- return data[action_scope_id]
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_assignments/{}/{}".format(
- parsed_args.intraextension, parsed_args.action_id, parsed_args.action_category_id),
- authtoken=True)
- return (
- ("id", "name"),
- ((_id, self.__get_scope_from_id(parsed_args.intraextension,
- parsed_args.action_category_id,
- _id)['name']) for _id in data)
- )
-
-
-class ActionAssignmentsAdd(Command):
- """Add a new action assignment."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionAssignmentsAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'action_id',
- metavar='<action-uuid>',
- help='Action UUID',
- )
- parser.add_argument(
- 'action_category_id',
- metavar='<action-category-uuid>',
- help='Action category UUID',
- )
- parser.add_argument(
- 'action_scope_id',
- metavar='<action-scope-uuid>',
- help='Action scope UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def __get_scope_from_id(self, intraextension_id, action_category_id, action_scope_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(
- intraextension_id, action_category_id),
- authtoken=True)
- if action_scope_id in data:
- return data[action_scope_id]
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_assignments".format(parsed_args.intraextension),
- post_data={
- "action_id": parsed_args.action_id,
- "action_category_id": parsed_args.action_category_id,
- "action_scope_id": parsed_args.action_scope_id},
- authtoken=True)
- return (
- ("id", "name"),
- ((_id, self.__get_scope_from_id(parsed_args.intraextension,
- parsed_args.action_category_id,
- _id)['name']) for _id in data)
- )
-
-
-class ActionAssignmentsDelete(Command):
- """Delete an action assignment."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionAssignmentsDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'action_id',
- metavar='<action-uuid>',
- help='Action UUID',
- )
- parser.add_argument(
- 'action_category_id',
- metavar='<action-category-uuid>',
- help='Action category UUID',
- )
- parser.add_argument(
- 'action_scope_id',
- metavar='<action-scope-uuid>',
- help='Action scope UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_assignments/{}/{}/{}".format(
- parsed_args.intraextension,
- parsed_args.action_id,
- parsed_args.action_category_id,
- parsed_args.action_scope_id),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/action_categories.py b/moonclient/moonclient/action_categories.py
deleted file mode 100644
index bf7cb7e1..00000000
--- a/moonclient/moonclient/action_categories.py
+++ /dev/null
@@ -1,102 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class ActionCategoriesList(Lister):
- """List all action categories."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionCategoriesList, self).get_parser(prog_name)
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(parsed_args.intraextension),
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["description"]) for _uuid in data)
- )
-
-
-class ActionCategoriesAdd(Command):
- """Add a new action category."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionCategoriesAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'action_category_name',
- metavar='<action_category-name>',
- help='Action category name',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Action category description',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(parsed_args.intraextension),
- post_data={
- "action_category_name": parsed_args.action_category_name,
- "action_category_description": parsed_args.description},
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["description"]) for _uuid in data)
- )
-
-
-class ActionCategoriesDelete(Command):
- """Delete an action category."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionCategoriesDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'action_category_id',
- metavar='<action_category-uuid>',
- help='Action category UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories/{}".format(
- parsed_args.intraextension,
- parsed_args.action_category_id),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/action_scopes.py b/moonclient/moonclient/action_scopes.py
deleted file mode 100644
index 9ddf8d4e..00000000
--- a/moonclient/moonclient/action_scopes.py
+++ /dev/null
@@ -1,123 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class ActionScopesList(Lister):
- """List all action scopes."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionScopesList, self).get_parser(prog_name)
- parser.add_argument(
- 'action_category_id',
- metavar='<action-category-uuid>',
- help='Action category UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(
- parsed_args.intraextension, parsed_args.action_category_id),
- authtoken=True)
- self.log.debug(data)
- return (
- ("id", "name", "description"),
- ((_id, data[_id]["name"], data[_id]["description"]) for _id in data)
- )
-
-
-class ActionScopesAdd(Command):
- """Add a new action scope."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionScopesAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'action_category_id',
- metavar='<action-category-uuid>',
- help='Action category UUID',
- )
- parser.add_argument(
- 'action_scope_name',
- metavar='<action-scope-name>',
- help='Action scope name',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Description',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(
- parsed_args.intraextension, parsed_args.action_category_id),
- post_data={
- "action_scope_name": parsed_args.action_scope_name,
- "action_scope_description": parsed_args.description,
- },
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_id, data[_id]["name"], data[_id]["description"]) for _id in data)
- )
-
-
-class ActionScopesDelete(Command):
- """Delete an action scope."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionScopesDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'action_category_id',
- metavar='<action-category-uuid>',
- help='Action category UUID',
- )
- parser.add_argument(
- 'action_scope_id',
- metavar='<action-scope-uuid>',
- help='Action scope UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}/{}".format(
- parsed_args.intraextension,
- parsed_args.action_category_id,
- parsed_args.action_scope_id
- ),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/actions.py b/moonclient/moonclient/actions.py
deleted file mode 100644
index 9fbad13a..00000000
--- a/moonclient/moonclient/actions.py
+++ /dev/null
@@ -1,102 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class ActionsList(Lister):
- """List all actions."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionsList, self).get_parser(prog_name)
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/actions".format(parsed_args.intraextension),
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]['name'], data[_uuid]['description']) for _uuid in data)
- )
-
-
-class ActionsAdd(Command):
- """Add a new action."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionsAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'action_name',
- metavar='<action-name>',
- help='Action name',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Action description',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/actions".format(parsed_args.intraextension), # TODO: check method POST?
- post_data={
- "action_name": parsed_args.action_name,
- "action_description": parsed_args.description},
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]['name'], data[_uuid]['description']) for _uuid in data)
- )
-
-
-class ActionsDelete(Command):
- """Delete an action."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ActionsDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'action_id',
- metavar='<action-uuid>',
- help='Action UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/actions/{}".format(
- parsed_args.intraextension,
- parsed_args.action_id),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/configuration.py b/moonclient/moonclient/configuration.py
deleted file mode 100644
index a05d7151..00000000
--- a/moonclient/moonclient/configuration.py
+++ /dev/null
@@ -1,64 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-
-
-class TemplatesList(Lister):
- """List all policy templates."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(TemplatesList, self).get_parser(prog_name)
- return parser
-
- def take_action(self, parsed_args):
- templates = self.app.get_url(self.app.url_prefix+"/configuration/templates", authtoken=True)
- return (
- ("id", "name", "description"),
- ((template_id, templates[template_id]["name"], templates[template_id]["description"])
- for template_id in templates)
- )
-
-
-class AggregationAlgorithmsList(Lister):
- """List all aggregation algorithms."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(AggregationAlgorithmsList, self).get_parser(prog_name)
- return parser
-
- def take_action(self, parsed_args):
- templates = self.app.get_url(self.app.url_prefix+"/configuration/aggregation_algorithms", authtoken=True)
- return (
- ("id", "name", "description"),
- ((template_id, templates[template_id]["name"], templates[template_id]["description"])
- for template_id in templates)
- )
-
-
-class SubMetaRuleAlgorithmsList(Lister):
- """List all sub meta rule algorithms."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubMetaRuleAlgorithmsList, self).get_parser(prog_name)
- return parser
-
- def take_action(self, parsed_args):
- templates = self.app.get_url(self.app.url_prefix+"/configuration/sub_meta_rule_algorithms", authtoken=True)
- return (
- ("id", "name", "description"),
- ((template_id, templates[template_id]["name"], templates[template_id]["description"])
- for template_id in templates)
- )
-
-
diff --git a/moonclient/moonclient/intraextension.py b/moonclient/moonclient/intraextension.py
deleted file mode 100644
index f66aabbc..00000000
--- a/moonclient/moonclient/intraextension.py
+++ /dev/null
@@ -1,170 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.command import Command
-from cliff.lister import Lister
-from cliff.show import ShowOne
-import os
-
-
-class IntraExtensionSelect(Command):
- """Select an Intra_Extension to work with."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(IntraExtensionSelect, self).get_parser(prog_name)
- parser.add_argument(
- 'id',
- metavar='<intraextension-id>',
- help='IntraExtension UUID to select',
- )
- return parser
-
- def take_action(self, parsed_args):
- ie = self.app.get_url(self.app.url_prefix+"/intra_extensions", authtoken=True)
- if parsed_args.id in ie.keys():
- self.app.intraextension = parsed_args.id
- self.app.stdout.write("Select {} IntraExtension.\n".format(self.app.intraextension))
- else:
- self.app.stdout.write("IntraExtension {} unknown.\n".format(parsed_args.id))
- return
-
-
-class IntraExtensionCreate(Command):
- """Create a new Intra_Extension."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(IntraExtensionCreate, self).get_parser(prog_name)
- parser.add_argument(
- 'name',
- metavar='<intraextension-name>',
- help='New IntraExtension name',
- )
- parser.add_argument(
- '--policy_model',
- metavar='<policymodel-name>',
- help='Policy model name (Template for the new IntraExtension)',
- )
- parser.add_argument(
- '--description',
- metavar='<intraextension-description>',
- help='New IntraExtension description',
- default=""
- )
- return parser
-
- def take_action(self, parsed_args):
- post_data = {
- "intra_extension_name": parsed_args.name,
- "intra_extension_model": parsed_args.policy_model,
- "intra_extension_description": parsed_args.description
- }
- ie = self.app.get_url(self.app.url_prefix+"/intra_extensions", post_data=post_data, authtoken=True)
- if "id" not in ie:
- raise Exception("Error in command {}".format(ie))
- self.app.stdout.write("IntraExtension created: {}\n".format(ie["id"]))
- return
-
-
-class IntraExtensionList(Lister):
- """List all Intra_Extensions."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(IntraExtensionList, self).get_parser(prog_name)
- return parser
-
- def take_action(self, parsed_args):
- ie = self.app.get_url(self.app.url_prefix+"/intra_extensions", authtoken=True)
- return (
- ("id", "name", "model"),
- ((_id, ie[_id]["name"], ie[_id]["model"]) for _id in ie.keys())
- )
-
-
-class IntraExtensionDelete(Command):
- """Delete an Intra_Extension."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(IntraExtensionDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'uuid',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}".format(parsed_args.uuid),
- method="DELETE",
- authtoken=True)
-
-
-class IntraExtensionInit(Command):
- """Initialize the root Intra_Extension (if needed)."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(IntraExtensionInit, self).get_parser(prog_name)
- return parser
-
- def take_action(self, parsed_args):
- self.app.get_url(self.app.url_prefix+"/intra_extensions/init",
- method="GET",
- authtoken=True)
-
-
-class IntraExtensionShow(ShowOne):
- """Show detail about one Intra_Extension."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(IntraExtensionShow, self).get_parser(prog_name)
- parser.add_argument(
- 'uuid',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID (put "selected" if you want to show the selected IntraExtension)',
- default="selected"
- )
- return parser
-
- def take_action(self, parsed_args):
- intra_extension_id = parsed_args.uuid
- if parsed_args.uuid == "selected":
- intra_extension_id = self.app.intraextension
- self.log.debug("self.app.intraextension={}".format(intra_extension_id))
- ie = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}".format(intra_extension_id), authtoken=True)
- self.log.debug("ie={}".format(ie))
- if "id" not in ie:
- self.log.error("Unknown intraextension {}".format(intra_extension_id))
- raise Exception()
- try:
- columns = (
- "id",
- "name",
- "description",
- "model",
- "genre"
- )
- data = (
- ie["id"],
- ie["name"],
- ie["description"],
- ie["model"],
- ie["genre"]
- )
- return columns, data
- except Exception as e:
- self.app.stdout.write(str(e))
diff --git a/moonclient/moonclient/logs.py b/moonclient/moonclient/logs.py
deleted file mode 100644
index e65a530d..00000000
--- a/moonclient/moonclient/logs.py
+++ /dev/null
@@ -1,96 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-from cliff.show import ShowOne
-
-
-class LogsList(Lister):
- """List all logs."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(LogsList, self).get_parser(prog_name)
- parser.add_argument(
- '--filter',
- metavar='<filter-str>',
- help='Filter strings (example: "OK" or "authz")',
- )
- parser.add_argument(
- '--fromdate',
- metavar='<from-date-str>',
- help='Filter logs by date (example: "2015-04-15-13:45:20")',
- )
- parser.add_argument(
- '--todate',
- metavar='<to-date-str>',
- help='Filter logs by date (example: "2015-04-15-13:45:20")',
- )
- parser.add_argument(
- '--number',
- metavar='<number-int>',
- help='Show only <number-int> logs',
- )
- return parser
-
- @staticmethod
- def split_into_line(line, max_char=60):
- """ Split a long line into multiple lines
-
- :param line: the line to split
- :param max_char: maximal characters to have on one line
- :return: a string with new lines
- """
- words = line.split(" ")
- return_line = ""
- prev_modulo = 0
- while True:
- try:
- modulo = len(return_line) % max_char
- if modulo < prev_modulo:
- return_line += "\n" + words.pop(0) + " "
- else:
- return_line += words.pop(0) + " "
- prev_modulo = modulo
- except IndexError:
- return return_line
-
- def split_time_message(self, line):
- """Split a log string into a table (date, message)
-
- :param line: the line to split
- :return: a table (date, message)
- """
- _time, _blank, _message = line.split(" ", 2)
- return _time, self.split_into_line(_message)
-
- def take_action(self, parsed_args):
- filter_str = parsed_args.filter
- from_date = parsed_args.fromdate
- to_date = parsed_args.todate
- number = parsed_args.number
- options = list()
- if filter_str:
- options.append("filter={}".format(filter_str))
- if from_date:
- options.append("from={}".format(from_date))
- if to_date:
- options.append("to={}".format(to_date))
- if number:
- options.append("event_number={}".format(number))
- if len(options) > 0:
- url = self.app.url_prefix+"/logs/{}".format(",".join(options))
- else:
- url = self.app.url_prefix+"/logs"
- data = self.app.get_url(url, authtoken=True)
- return (
- ("Time", "Message",),
- (self.split_time_message(log) for log in data)
- )
-
diff --git a/moonclient/moonclient/metarules.py b/moonclient/moonclient/metarules.py
deleted file mode 100644
index 6727711e..00000000
--- a/moonclient/moonclient/metarules.py
+++ /dev/null
@@ -1,214 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-from cliff.show import ShowOne
-
-
-class AggregationAlgorithmsList(Lister):
- """List all aggregation algorithms."""
-
- log = logging.getLogger(__name__)
-
- def __get_aggregation_algorithm_from_id(self, algorithm_id):
- algorithms = self.app.get_url(self.app.url_prefix+"/configuration/aggregation_algorithms", authtoken=True)
- if algorithm_id in algorithms:
- return algorithms[algorithm_id]
- return dict()
-
- def get_parser(self, prog_name):
- parser = super(AggregationAlgorithmsList, self).get_parser(prog_name)
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/aggregation_algorithm".format(
- parsed_args.intraextension),
- authtoken=True)
- algorithm = self.__get_aggregation_algorithm_from_id(data['aggregation_algorithm'])
- return (
- ("id", "name", "description"),
- ((data['aggregation_algorithm'], algorithm["name"], algorithm["description"]), )
- )
-
-
-class AggregationAlgorithmSet(Command):
- """Set the current aggregation algorithm."""
-
- log = logging.getLogger(__name__)
-
- def __get_aggregation_algorithm_from_id(self, algorithm_id):
- algorithms = self.app.get_url(self.app.url_prefix+"/configuration/aggregation_algorithms", authtoken=True)
- if algorithm_id in algorithms:
- return algorithms[algorithm_id]
- return dict()
-
- def get_parser(self, prog_name):
- parser = super(AggregationAlgorithmSet, self).get_parser(prog_name)
- parser.add_argument(
- 'aggregation_algorithm_id',
- metavar='<aggregation-algorithm-uuid>',
- help='Aggregation algorithm UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Action description',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/aggregation_algorithm".format(
- parsed_args.intraextension),
- post_data={
- "aggregation_algorithm_id": parsed_args.aggregation_algorithm_id,
- "aggregation_algorithm_description": parsed_args.description},
- authtoken=True)
- algorithm = self.__get_aggregation_algorithm_from_id(data['aggregation_algorithm'])
- return (
- ("id",),
- (algorithm,)
- )
-
-
-class SubMetaRuleShow(Lister):
- """Show the current sub meta rule."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubMetaRuleShow, self).get_parser(prog_name)
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def __get_subject_category_name(self, intraextension, subject_category_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(intraextension),
- authtoken=True)
- if subject_category_id in data:
- return data[subject_category_id]["name"]
-
- def __get_object_category_name(self, intraextension, object_category_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(intraextension),
- authtoken=True)
- if object_category_id in data:
- return data[object_category_id]["name"]
-
- def __get_action_category_name(self, intraextension, action_category_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(intraextension),
- authtoken=True)
- if action_category_id in data:
- return data[action_category_id]["name"]
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules".format(parsed_args.intraextension),
- authtoken=True)
- return (
- ("id", "name", "algorithm", "subject categories", "object categories", "action categories"),
- ((
- key,
- value["name"],
- value["algorithm"],
- ", ".join([self.__get_subject_category_name(parsed_args.intraextension, cat) for cat in value["subject_categories"]]),
- ", ".join([self.__get_object_category_name(parsed_args.intraextension, cat) for cat in value["object_categories"]]),
- ", ".join([self.__get_action_category_name(parsed_args.intraextension, cat) for cat in value["action_categories"]]),
- ) for key, value in data.iteritems())
- )
-
-
-class SubMetaRuleSet(Command):
- """Set the current sub meta rule."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubMetaRuleSet, self).get_parser(prog_name)
- parser.add_argument(
- 'submetarule_id',
- metavar='<sub-meta-rule-uuid>',
- help='Sub Meta Rule UUID (example: "12346")',
- )
- parser.add_argument(
- '--algorithm_name',
- metavar='<algorithm-str>',
- help='algorithm to use (example: "inclusion")',
- )
- parser.add_argument(
- '--name',
- metavar='<name-str>',
- help='name to set (example: "my new sub meta rule")',
- )
- parser.add_argument(
- '--subject_category_id',
- metavar='<subject-category-uuid>',
- help='subject category UUID (example: "12346,")',
- )
- parser.add_argument(
- '--object_category_id',
- metavar='<object-category-uuid>',
- help='object category UUID (example: "12346")',
- )
- parser.add_argument(
- '--action_category_id',
- metavar='<action-category-uuid>',
- help='action category UUID (example: "12346,0987654")',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- subject_category_id = parsed_args.subject_category_id
- if not subject_category_id:
- subject_category_id = ""
- object_category_id = parsed_args.object_category_id
- if not object_category_id:
- object_category_id = ""
- action_category_id = parsed_args.action_category_id
- if not action_category_id:
- action_category_id = ""
- subject_category_id = map(lambda x: x.strip(), subject_category_id.split(','))
- action_category_id = map(lambda x: x.strip(), action_category_id.split(','))
- object_category_id = map(lambda x: x.strip(), object_category_id.split(','))
- sub_meta_rule_id = parsed_args.submetarule_id
- post_data = dict()
- post_data["sub_meta_rule_name"] = parsed_args.name
- post_data["sub_meta_rule_algorithm"] = parsed_args.algorithm_name
- post_data["sub_meta_rule_subject_categories"] = filter(lambda x: x, subject_category_id)
- post_data["sub_meta_rule_object_categories"] = filter(lambda x: x, object_category_id)
- post_data["sub_meta_rule_action_categories"] = filter(lambda x: x, action_category_id)
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules/{}".format(parsed_args.intraextension,
- sub_meta_rule_id),
- post_data=post_data,
- method="POST",
- authtoken=True)
-
-
diff --git a/moonclient/moonclient/object_assignments.py b/moonclient/moonclient/object_assignments.py
deleted file mode 100644
index 0942aa6f..00000000
--- a/moonclient/moonclient/object_assignments.py
+++ /dev/null
@@ -1,149 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class ObjectAssignmentsList(Lister):
- """List all object assignments."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectAssignmentsList, self).get_parser(prog_name)
- parser.add_argument(
- 'object_id',
- metavar='<object-uuid>',
- help='Object UUID',
- )
- parser.add_argument(
- 'object_category_id',
- metavar='<object-category-uuid>',
- help='Object category UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def __get_scope_from_id(self, intraextension_id, object_category_id, object_scope_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(
- intraextension_id, object_category_id),
- authtoken=True)
- if object_scope_id in data:
- return data[object_scope_id]
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_assignments/{}/{}".format(
- parsed_args.intraextension, parsed_args.object_id, parsed_args.object_category_id),
- authtoken=True)
- return (
- ("id", "name"),
- ((_id, self.__get_scope_from_id(parsed_args.intraextension,
- parsed_args.object_category_id,
- _id)['name']) for _id in data)
- )
-
-
-class ObjectAssignmentsAdd(Command):
- """Add a new object assignment."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectAssignmentsAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'object_id',
- metavar='<object-uuid>',
- help='Object UUID',
- )
- parser.add_argument(
- 'object_category_id',
- metavar='<object-category-uuid>',
- help='Object category UUID',
- )
- parser.add_argument(
- 'object_scope_id',
- metavar='<object-scope-uuid>',
- help='Object scope UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def __get_scope_from_id(self, intraextension_id, object_category_id, object_scope_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(
- intraextension_id, object_category_id),
- authtoken=True)
- if object_scope_id in data:
- return data[object_scope_id]
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_assignments".format(parsed_args.intraextension),
- post_data={
- "object_id": parsed_args.object_id,
- "object_category_id": parsed_args.object_category_id,
- "object_scope_id": parsed_args.object_scope_id},
- authtoken=True)
- return (
- ("id", "name"),
- ((_id, self.__get_scope_from_id(parsed_args.intraextension,
- parsed_args.object_category_id,
- _id)['name']) for _id in data)
- )
-
-
-class ObjectAssignmentsDelete(Command):
- """Delete an object assignment."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectAssignmentsDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'object_id',
- metavar='<object-uuid>',
- help='Object UUID',
- )
- parser.add_argument(
- 'object_category_id',
- metavar='<object-category-id>',
- help='Object category UUID',
- )
- parser.add_argument(
- 'object_scope_id',
- metavar='<object-scope-id>',
- help='Object scope UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_assignments/{}/{}/{}".format(
- parsed_args.intraextension,
- parsed_args.object_id,
- parsed_args.object_category_id,
- parsed_args.object_scope_id),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/object_categories.py b/moonclient/moonclient/object_categories.py
deleted file mode 100644
index 5641f4bf..00000000
--- a/moonclient/moonclient/object_categories.py
+++ /dev/null
@@ -1,102 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class ObjectCategoriesList(Lister):
- """List all Intra_Extensions."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectCategoriesList, self).get_parser(prog_name)
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(parsed_args.intraextension),
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["description"]) for _uuid in data)
- )
-
-
-class ObjectCategoriesAdd(Command):
- """Add a new object category."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectCategoriesAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'object_category_name',
- metavar='<object_category-name>',
- help='Object category name',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Object category description',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(parsed_args.intraextension),
- post_data={
- "object_category_name": parsed_args.object_category_name,
- "object_category_description": parsed_args.description},
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["description"]) for _uuid in data)
- )
-
-
-class ObjectCategoriesDelete(Command):
- """Delete an object category."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectCategoriesDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'object_category_id',
- metavar='<object_category-uuid>',
- help='Object category UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories/{}".format(
- parsed_args.intraextension,
- parsed_args.object_category_id),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/object_scopes.py b/moonclient/moonclient/object_scopes.py
deleted file mode 100644
index 41b9aef6..00000000
--- a/moonclient/moonclient/object_scopes.py
+++ /dev/null
@@ -1,123 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class ObjectScopesList(Lister):
- """List all object scopes."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectScopesList, self).get_parser(prog_name)
- parser.add_argument(
- 'object_category_id',
- metavar='<object-category-uuid>',
- help='Object category UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(
- parsed_args.intraextension, parsed_args.object_category_id),
- authtoken=True)
- self.log.debug(data) # TODO: why log here?
- return (
- ("id", "name", "description"),
- ((_id, data[_id]["name"], data[_id]["description"]) for _id in data)
- )
-
-
-class ObjectScopesAdd(Command):
- """Add a new object scope."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectScopesAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'object_category_id',
- metavar='<object-category-uuid>',
- help='Object category UUID',
- )
- parser.add_argument(
- 'object_scope_name',
- metavar='<object-scope-str>',
- help='Object scope name',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Description',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(
- parsed_args.intraextension, parsed_args.object_category_id),
- post_data={
- "object_scope_name": parsed_args.object_scope_name,
- "object_scope_description": parsed_args.description,
- },
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_id, data[_id]["name"], data[_id]["description"]) for _id in data)
- )
-
-
-class ObjectScopesDelete(Command):
- """Delete an object scope."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectScopesDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'object_category_id',
- metavar='<object-category-uuid>',
- help='Object category UUID',
- )
- parser.add_argument(
- 'object_scope_id',
- metavar='<object-scope-uuid>',
- help='Object scope UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}/{}".format(
- parsed_args.intraextension,
- parsed_args.object_category_id,
- parsed_args.object_scope_id
- ),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/objects.py b/moonclient/moonclient/objects.py
deleted file mode 100644
index 0fc04ab8..00000000
--- a/moonclient/moonclient/objects.py
+++ /dev/null
@@ -1,102 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class ObjectsList(Lister):
- """List all objects."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectsList, self).get_parser(prog_name)
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/objects".format(parsed_args.intraextension),
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["description"]) for _uuid in data)
- )
-
-
-class ObjectsAdd(Command):
- """Add a new object."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectsAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'object_name',
- metavar='<object-name>',
- help='Object name',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Object description',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/objects".format(parsed_args.intraextension),
- post_data={
- "object_name": parsed_args.object_name,
- "object_description": parsed_args.description},
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["description"]) for _uuid in data)
- )
-
-
-class ObjectsDelete(Command):
- """List all Intra_Extensions."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(ObjectsDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'object_id',
- metavar='<object-uuid>',
- help='Object UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/objects/{}".format(
- parsed_args.intraextension,
- parsed_args.object_id),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/rules.py b/moonclient/moonclient/rules.py
deleted file mode 100644
index 207533a8..00000000
--- a/moonclient/moonclient/rules.py
+++ /dev/null
@@ -1,242 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-from cliff.show import ShowOne
-
-
-class RulesList(Lister):
- """List all rules."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(RulesList, self).get_parser(prog_name)
- parser.add_argument(
- 'submetarule_id',
- metavar='<submetarule-uuid>',
- help='Sub Meta Rule UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def __get_subject_category_name(self, intraextension, category_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(intraextension),
- authtoken=True)
- if category_id in data:
- return data[category_id]["name"]
-
- def __get_object_category_name(self, intraextension, category_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(intraextension),
- authtoken=True)
- if category_id in data:
- return data[category_id]["name"]
-
- def __get_action_category_name(self, intraextension, category_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(intraextension),
- authtoken=True)
- if category_id in data:
- return data[category_id]["name"]
-
- def __get_subject_scope_name(self, intraextension, category_id, scope_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id),
- authtoken=True)
- if scope_id in data:
- return data[scope_id]["name"]
- return scope_id
-
- def __get_object_scope_name(self, intraextension, category_id, scope_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id),
- authtoken=True)
- if scope_id in data:
- return data[scope_id]["name"]
- return scope_id
-
- def __get_action_scope_name(self, intraextension, category_id, scope_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id),
- authtoken=True)
- if scope_id in data:
- return data[scope_id]["name"]
- return scope_id
-
- def __get_headers(self, intraextension, submetarule_id):
- headers = list()
- headers.append("")
- headers.append("id")
- self.sub_meta_rules = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules".format(intraextension),
- authtoken=True)
- for cat in self.sub_meta_rules[submetarule_id]["subject_categories"]:
- headers.append("s:" + self.__get_subject_category_name(intraextension, cat))
- for cat in self.sub_meta_rules[submetarule_id]["action_categories"]:
- headers.append("a:" + self.__get_action_category_name(intraextension, cat))
- for cat in self.sub_meta_rules[submetarule_id]["object_categories"]:
- headers.append("o:" + self.__get_object_category_name(intraextension, cat))
- headers.append("enabled")
- return headers
-
- def __get_data(self, intraextension, submetarule_id, data_dict):
- rules = list()
- cpt = 0
- for key in data_dict:
- sub_rule = list()
- sub_rule.append(cpt)
- cpt += 1
- sub_rule.append(key)
- rule_item = list(data_dict[key])
- for cat in self.sub_meta_rules[submetarule_id]["subject_categories"]:
- sub_rule.append(self.__get_subject_scope_name(intraextension, cat, rule_item.pop(0)))
- for cat in self.sub_meta_rules[submetarule_id]["action_categories"]:
- sub_rule.append(self.__get_action_scope_name(intraextension, cat, rule_item.pop(0)))
- for cat in self.sub_meta_rules[submetarule_id]["object_categories"]:
- sub_rule.append(self.__get_object_scope_name(intraextension, cat, rule_item.pop(0)))
- sub_rule.append(rule_item.pop(0))
- rules.append(sub_rule)
- return rules
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/rule/{}".format(
- parsed_args.intraextension,
- parsed_args.submetarule_id,
- ),
- authtoken=True)
- self.log.debug(data)
- headers = self.__get_headers(parsed_args.intraextension, parsed_args.submetarule_id)
- data_list = self.__get_data(parsed_args.intraextension, parsed_args.submetarule_id, data)
- return (
- headers,
- data_list
- )
-
-
-class RuleAdd(Command):
- """Add a new rule."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(RuleAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'submetarule_id',
- metavar='<submetarule-uuid>',
- help='Sub Meta Rule UUID',
- )
- parser.add_argument(
- 'rule',
- metavar='<argument-list>',
- help='Rule list (example: admin,start,servers) with that ordering: subject, action, object',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def __get_subject_scope_id(self, intraextension, category_id, scope_name):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id),
- authtoken=True)
- self.log.debug("__get_subject_scope_id {}".format(data))
- for scope_id in data:
- if data[scope_id]["name"] == scope_name:
- return scope_id
- return scope_name
-
- def __get_object_scope_id(self, intraextension, category_id, scope_name):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id),
- authtoken=True)
- self.log.debug("__get_action_scope_id {}".format(data))
- for scope_id in data:
- if data[scope_id]["name"] == scope_name:
- return scope_id
- return scope_name
-
- def __get_action_scope_id(self, intraextension, category_id, scope_name):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id),
- authtoken=True)
- self.log.debug("__get_object_scope_id {}".format(data))
- for scope_id in data:
- if data[scope_id]["name"] == scope_name:
- return scope_id
- return scope_name
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.sub_meta_rules = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules".format(
- parsed_args.intraextension),
- authtoken=True)
- new_rule = map(lambda x: x.strip(), parsed_args.rule.split(","))
- post = {
- "subject_categories": [],
- "object_categories": [],
- "action_categories": [],
- "enabled": True
- }
- for cat in self.sub_meta_rules[parsed_args.submetarule_id]["subject_categories"]:
- self.log.debug("annalysing s {}".format(cat))
- post["subject_categories"].append(self.__get_subject_scope_id(
- parsed_args.intraextension, cat, new_rule.pop(0))
- )
- for cat in self.sub_meta_rules[parsed_args.submetarule_id]["action_categories"]:
- self.log.debug("annalysing a {}".format(cat))
- post["action_categories"].append(self.__get_action_scope_id(
- parsed_args.intraextension, cat, new_rule.pop(0))
- )
- for cat in self.sub_meta_rules[parsed_args.submetarule_id]["object_categories"]:
- self.log.debug("annalysing o {}".format(cat))
- post["object_categories"].append(self.__get_object_scope_id(
- parsed_args.intraextension, cat, new_rule.pop(0))
- )
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/rule/{}".format(
- parsed_args.intraextension, parsed_args.submetarule_id),
- post_data=post,
- authtoken=True)
-
-
-class RuleDelete(Command):
- """Delete a new rule."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(RuleDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'submetarule_id',
- metavar='<submetarule-uuid>',
- help='Sub Meta Rule UUID',
- )
- parser.add_argument(
- 'rule_id',
- metavar='<rule-uuid>',
- help='Rule UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(
- self.app.url_prefix+"/intra_extensions/{intra_extensions_id}/rule/{submetarule_id}/{rule_id}".format(
- intra_extensions_id=parsed_args.intraextension,
- submetarule_id=parsed_args.submetarule_id,
- rule_id=parsed_args.rule_id
- ),
- method="DELETE",
- authtoken=True
- )
diff --git a/moonclient/moonclient/shell.py b/moonclient/moonclient/shell.py
deleted file mode 100644
index 8be73621..00000000
--- a/moonclient/moonclient/shell.py
+++ /dev/null
@@ -1,264 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-import sys
-import json
-import httplib
-import os
-
-from cliff.app import App
-from cliff.commandmanager import CommandManager
-import moonclient
-
-
-def get_env_creds(admin_token=False):
- d = dict()
- if 'OS_SERVICE_ENDPOINT' in os.environ.keys() or 'OS_USERNAME' in os.environ.keys():
- if admin_token:
- d['endpoint'] = os.environ['OS_SERVICE_ENDPOINT']
- d['token'] = os.environ['OS_SERVICE_TOKEN']
- else:
- d['username'] = os.environ['OS_USERNAME']
- d['password'] = os.environ['OS_PASSWORD']
- d['auth_url'] = os.environ['OS_AUTH_URL']
- d['tenant_name'] = os.environ['OS_TENANT_NAME']
- return d
-
-
-class MoonClient(App):
-
- log = logging.getLogger(__name__)
- x_subject_token = None
- host = "localhost"
- port = "35358"
- tenant = None
- _intraextension = None
- _tenant_id = None
- _tenant_name = None
- secureprotocol = False
- user_saving_file = ".moonclient"
- url_prefix = "/moon"
- _nb_error = 0
- post = {
- "auth": {
- "identity": {
- "methods": [
- "password"
- ],
- "password": {
- "user": {
- "domain": {
- "id": "Default"
- },
- "name": "admin",
- "password": "nomoresecrete"
- }
- }
- },
- "scope": {
- "project": {
- "domain": {
- "id": "Default"
- },
- "name": "demo"
- }
- }
- }
- }
-
- def __init__(self):
- super(MoonClient, self).__init__(
- description='Moon Python Client',
- version=moonclient.__version__,
- command_manager=CommandManager('moon.client'),
- )
- creds = get_env_creds()
- self.post["auth"]["identity"]["password"]["user"]["password"] = creds["password"]
- self.post["auth"]["identity"]["password"]["user"]["name"] = creds["username"]
- self.post["auth"]["scope"]["project"]["name"] = creds["tenant_name"]
- self.host = creds["auth_url"].replace("https://", "").replace("http://", "").split("/")[0].split(":")[0]
- self.port = creds["auth_url"].replace("https://", "").replace("http://", "").split("/")[0].split(":")[1]
- if "https" in creds["auth_url"]:
- self.secureprotocol = True
- else:
- self.secureprotocol = False
- self._tenant_name = creds["tenant_name"]
- self.parser.add_argument(
- '--username',
- metavar='<username-str>',
- help='Force OpenStack username',
- default=None
- )
- self.parser.add_argument(
- '--tenant',
- metavar='<tenantname-str>',
- help='Force OpenStack tenant',
- default=None
- )
- self.parser.add_argument(
- '--password',
- metavar='<password-str>',
- help='Force OpenStack password',
- default=None
- )
- self.parser.add_argument(
- '--authurl',
- metavar='<authurl-str>',
- help='Force OpenStack authentication URL',
- default=None
- )
-
- @property
- def tenant_id(self):
- if not self._tenant_id:
- self._tenant_id = self.get_url("/v3/projects?name={}".format(self._tenant_name),
- authtoken=True, port=5000)["projects"][0]["id"]
- return self._tenant_id
-
- @property
- def tenant_name(self):
- return self._tenant_name
-
- @property
- def intraextension(self):
- return open(os.path.join(os.getenv('HOME'), self.user_saving_file)).read().strip()
-
- @intraextension.setter
- def intraextension(self, value):
- self._intraextension = value
- open(os.path.join(os.getenv('HOME'), self.user_saving_file), "w").write(value)
-
- @property
- def nb_error(self):
- return self._nb_error
-
- def incr_error(self, msg=""):
- self._nb_error += 1
- if not msg:
- print("INCREMENTING ERRORS {}".format(self._nb_error))
- else:
- print("INCREMENTING ERRORS {} [{}]".format(self._nb_error, msg))
-
- def get_tenant_uuid(self, tenant_name):
- return self.get_url("/v3/projects?name={}".format(tenant_name), authtoken=True, port=5000)["projects"][0]["id"]
-
- def get_url(self, url, post_data=None, delete_data=None, method="GET", authtoken=None, port=None):
- if post_data:
- method = "POST"
- if delete_data:
- method = "DELETE"
- self.log.debug("\033[32m{} {}\033[m".format(method, url))
- # TODO: we must manage authentication and requests with secure protocol (ie. HTTPS)
- if not port:
- port = self.port
- conn = httplib.HTTPConnection(self.host, int(port))
- self.log.debug("Host: {}:{}".format(self.host, self.port))
- headers = {
- "Content-type": "application/x-www-form-urlencoded",
- "Accept": "text/plain,text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
- }
- if authtoken:
- if self.x_subject_token:
- headers["X-Auth-Token"] = self.x_subject_token
- if post_data:
- method = "POST"
- headers["Content-type"] = "application/json"
- post_data = json.dumps(post_data)
- conn.request(method, url, post_data, headers=headers)
- elif delete_data:
- method = "DELETE"
- conn.request(method, url, json.dumps(delete_data), headers=headers)
- else:
- conn.request(method, url, headers=headers)
- resp = conn.getresponse()
- headers = resp.getheaders()
- try:
- self.x_subject_token = dict(headers)["x-subject-token"]
- except KeyError:
- pass
- content = resp.read()
- conn.close()
- if len(content) == 0:
- return {}
- try:
- content = json.loads(content)
- if "error" in content:
- try:
- raise Exception("Getting an error while requiring {} ({}: {}, {})".format(
- url,
- content['error']['code'],
- content['error']['title'],
- content['error']['message'],
- ))
- except ValueError:
- raise Exception("Bad error format while requiring {} ({})".format(url, content))
- return content
- except ValueError:
- raise Exception("Getting an error while requiring {} ({})".format(url, content))
- finally:
- self.log.debug(str(content))
-
- def auth_keystone(self, username=None, password=None, host=None, port=None, tenant=None):
- """Send a new authentication request to Keystone
-
- :param username: user identification name
- :return:
- """
- if username:
- self.post["auth"]["identity"]["password"]["user"]["name"] = username
- if password:
- self.post["auth"]["identity"]["password"]["user"]["password"] = password
- if tenant:
- self.post["auth"]["scope"]["project"]["name"] = tenant
- if host:
- self.host = host
- if port:
- self.port = port
- data = self.get_url("/v3/auth/tokens", post_data=self.post)
- if "token" not in data:
- raise Exception("Authentication problem ({})".format(data))
-
- def initialize_app(self, argv):
- self.log.debug('initialize_app: {}'.format(argv))
- if self.options.username:
- self.post["auth"]["identity"]["password"]["user"]["name"] = self.options.username
- self.log.debug("change username {}".format(self.options.username))
- if self.options.password:
- self.post["auth"]["identity"]["password"]["user"]["password"] = self.options.password
- self.log.debug("change password")
- if self.options.tenant:
- self.post["auth"]["scope"]["project"]["name"] = self.options.tenant
- self._tenant_name = self.options.tenant
- self.log.debug("change tenant {}".format(self.options.tenant))
- if self.options.authurl:
- self.host = self.options.authurl.replace("https://", "").replace("http://", "").split("/")[0].split(":")[0]
- self.port = self.options.authurl.replace("https://", "").replace("http://", "").split("/")[0].split(":")[1]
- if "https" in self.options.authurl:
- self.secureprotocol = True
- else:
- self.secureprotocol = False
- data = self.get_url("/v3/auth/tokens", post_data=self.post)
- if "token" not in data:
- raise Exception("Authentication problem ({})".format(data))
-
- def prepare_to_run_command(self, cmd):
- self.log.debug('prepare_to_run_command %s', cmd.__class__.__name__)
-
- def clean_up(self, cmd, result, err):
- self.log.debug('clean_up %s', cmd.__class__.__name__)
- if err:
- self.log.debug('got an error: %s', err)
- self.log.debug("result: {}".format(result))
-
-
-def main(argv=sys.argv[1:]):
- myapp = MoonClient()
- myapp.run(argv)
- return myapp.nb_error
-
-
-if __name__ == '__main__':
- sys.exit(main(sys.argv[1:]))
diff --git a/moonclient/moonclient/subject_assignments.py b/moonclient/moonclient/subject_assignments.py
deleted file mode 100644
index ec5e9549..00000000
--- a/moonclient/moonclient/subject_assignments.py
+++ /dev/null
@@ -1,149 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class SubjectAssignmentsList(Lister):
- """List all subject assignments."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectAssignmentsList, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_id',
- metavar='<subject-uuid>',
- help='Subject UUID',
- )
- parser.add_argument(
- 'subject_category_id',
- metavar='<subject-category-uuid>',
- help='Subject category UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def __get_scope_from_id(self, intraextension_id, subject_category_id, subject_scope_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(
- intraextension_id, subject_category_id),
- authtoken=True)
- if subject_scope_id in data:
- return data[subject_scope_id]
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_assignments/{}/{}".format(
- parsed_args.intraextension, parsed_args.subject_id, parsed_args.subject_category_id),
- authtoken=True)
- return (
- ("id", "name"),
- ((_id, self.__get_scope_from_id(parsed_args.intraextension,
- parsed_args.subject_category_id,
- _id)['name']) for _id in data)
- )
-
-
-class SubjectAssignmentsAdd(Command):
- """Add a new subject assignment."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectAssignmentsAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_id',
- metavar='<subject-uuid>',
- help='Subject UUID',
- )
- parser.add_argument(
- 'subject_category_id',
- metavar='<subject-category-uuid>',
- help='Subject category id',
- )
- parser.add_argument(
- 'subject_scope_id',
- metavar='<subject-scope-uuid>',
- help='Subject scope UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def __get_scope_from_id(self, intraextension_id, subject_category_id, subject_scope_id):
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(
- intraextension_id, subject_category_id),
- authtoken=True)
- if subject_scope_id in data:
- return data[subject_scope_id]
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_assignments".format(parsed_args.intraextension),
- post_data={
- "subject_id": parsed_args.subject_id,
- "subject_category_id": parsed_args.subject_category_id,
- "subject_scope_id": parsed_args.subject_scope_id},
- authtoken=True)
- return (
- ("id", "name"),
- ((_id, self.__get_scope_from_id(parsed_args.intraextension,
- parsed_args.subject_category_id,
- _id)['name']) for _id in data)
- )
-
-
-class SubjectAssignmentsDelete(Command):
- """Delete a subject assignment."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectAssignmentsDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_id',
- metavar='<subject-uuid>',
- help='Subject UUID',
- )
- parser.add_argument(
- 'subject_category_id',
- metavar='<subject-category-uuid>',
- help='Subject category UUID',
- )
- parser.add_argument(
- 'subject_scope_id',
- metavar='<subject-scope-uuid>',
- help='Subject scope UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_assignments/{}/{}/{}".format(
- parsed_args.intraextension,
- parsed_args.subject_id,
- parsed_args.subject_category_id,
- parsed_args.subject_scope_id),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/subject_categories.py b/moonclient/moonclient/subject_categories.py
deleted file mode 100644
index 810b0b5f..00000000
--- a/moonclient/moonclient/subject_categories.py
+++ /dev/null
@@ -1,102 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class SubjectCategoriesList(Lister):
- """List all subject categories."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectCategoriesList, self).get_parser(prog_name)
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(parsed_args.intraextension),
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["description"]) for _uuid in data)
- )
-
-
-class SubjectCategoriesAdd(Command):
- """Add a new subject category."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectCategoriesAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_category_name',
- metavar='<subject_category-name>',
- help='Subject category name',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Subject category description',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(parsed_args.intraextension),
- post_data={
- "subject_category_name": parsed_args.subject_category_name,
- "subject_category_description": parsed_args.description},
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["description"]) for _uuid in data)
- )
-
-
-class SubjectCategoriesDelete(Command):
- """Delete a subject category."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectCategoriesDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_category_id',
- metavar='<subject_category-uuid>',
- help='Subject category UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories/{}".format(
- parsed_args.intraextension,
- parsed_args.subject_category_id),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/subject_scopes.py b/moonclient/moonclient/subject_scopes.py
deleted file mode 100644
index 90cc5dcc..00000000
--- a/moonclient/moonclient/subject_scopes.py
+++ /dev/null
@@ -1,123 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class SubjectScopesList(Lister):
- """List all subject scopes."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectScopesList, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_category_id',
- metavar='<subject-category-uuid>',
- help='Subject category UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(
- parsed_args.intraextension,
- parsed_args.subject_category_id),
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_id, data[_id]["name"], data[_id]["description"]) for _id in data)
- )
-
-
-class SubjectScopesAdd(Command):
- """Add a new subject scope."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectScopesAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_category_id',
- metavar='<subject-category-uuid>',
- help='Subject category UUID',
- )
- parser.add_argument(
- 'subject_scope_name',
- metavar='<subject-scope-str>',
- help='Subject scope Name',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Description',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(
- parsed_args.intraextension, parsed_args.subject_category_id),
- post_data={
- "subject_scope_name": parsed_args.subject_scope_name,
- "subject_scope_description": parsed_args.description,
- },
- authtoken=True)
- return (
- ("id", "name", "description"),
- ((_id, data[_id]["name"], data[_id]["description"]) for _id in data)
- )
-
-
-class SubjectScopesDelete(Command):
- """Delete a subject scope."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectScopesDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_category_id',
- metavar='<subject-category-uuid>',
- help='Subject category UUID',
- )
- parser.add_argument(
- 'subject_scope_id',
- metavar='<subject-scope-uuid>',
- help='Subject scope UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}/{}".format(
- parsed_args.intraextension,
- parsed_args.subject_category_id,
- parsed_args.subject_scope_id
- ),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/subjects.py b/moonclient/moonclient/subjects.py
deleted file mode 100644
index 678caf5b..00000000
--- a/moonclient/moonclient/subjects.py
+++ /dev/null
@@ -1,119 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-import getpass
-
-
-class SubjectsList(Lister):
- """List all subjects."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectsList, self).get_parser(prog_name)
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subjects".format(parsed_args.intraextension),
- authtoken=True)
- return (
- ("id", "name", "Keystone ID"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["keystone_id"]) for _uuid in data)
- )
-
-
-class SubjectsAdd(Command):
- """add a new subject."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectsAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_name',
- metavar='<subject-name>',
- help='Subject name',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- parser.add_argument(
- '--description',
- metavar='<description-str>',
- help='Subject description',
- )
- parser.add_argument(
- '--subject_pass',
- metavar='<password-str>',
- help='Password for subject (if not given, user will be prompted for one)',
- )
- parser.add_argument(
- '--email',
- metavar='<email-str>',
- help='Email for the user',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- if not parsed_args.subject_pass:
- parsed_args.password = getpass.getpass("Password for user {}:".format(parsed_args.subject_name))
- data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subjects".format(parsed_args.intraextension),
- post_data={
- "subject_name": parsed_args.subject_name,
- "subject_description": parsed_args.description,
- "subject_password": parsed_args.subject_pass,
- "subject_email": parsed_args.email
- },
- authtoken=True)
- return (
- ("id", "name", "Keystone ID"),
- ((_uuid, data[_uuid]["name"], data[_uuid]["keystone_id"]) for _uuid in data)
- )
-
-
-class SubjectsDelete(Command):
- """Delete a subject."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(SubjectsDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'subject_id',
- metavar='<subject-uuid>',
- help='Subject UUID',
- )
- parser.add_argument(
- '--intraextension',
- metavar='<intraextension-uuid>',
- help='IntraExtension UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- if not parsed_args.intraextension:
- parsed_args.intraextension = self.app.intraextension
- self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subjects/{}".format(
- parsed_args.intraextension,
- parsed_args.subject_id
- ),
- method="DELETE",
- authtoken=True
- ) \ No newline at end of file
diff --git a/moonclient/moonclient/tenants.py b/moonclient/moonclient/tenants.py
deleted file mode 100644
index 99c6e501..00000000
--- a/moonclient/moonclient/tenants.py
+++ /dev/null
@@ -1,200 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-
-from cliff.lister import Lister
-from cliff.command import Command
-
-
-class TenantList(Lister):
- """List all tenants."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(TenantList, self).get_parser(prog_name)
- return parser
-
- def take_action(self, parsed_args):
- tenants = self.app.get_url(self.app.url_prefix+"/tenants", authtoken=True)
- self.log.debug(tenants)
- return (
- ("id", "name", "description", "intra_authz_extension_id", "intra_admin_extension_id"),
- ((
- tenant_id,
- tenants[tenant_id]["name"],
- tenants[tenant_id]["description"],
- tenants[tenant_id]["intra_authz_extension_id"],
- tenants[tenant_id]["intra_admin_extension_id"],
- )
- for tenant_id in tenants)
- )
-
-
-class TenantAdd(Command):
- """Add a tenant."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(TenantAdd, self).get_parser(prog_name)
- parser.add_argument(
- 'tenant_name',
- metavar='<tenant-name>',
- help='Tenant name',
- )
- parser.add_argument(
- '--authz',
- metavar='<authz-intraextension-uuid>',
- help='Authz IntraExtension UUID',
- )
- parser.add_argument(
- '--admin',
- metavar='<admin-intraextension-uuid>',
- help='Admin IntraExtension UUID',
- )
- parser.add_argument(
- '--desc',
- metavar='<tenant-description-str>',
- help='Tenant description',
- )
- return parser
-
- def take_action(self, parsed_args):
- post_data = dict()
- post_data["tenant_name"] = parsed_args.tenant_name
- if parsed_args.authz:
- post_data["tenant_intra_authz_extension_id"] = parsed_args.authz
- if parsed_args.admin:
- post_data["tenant_intra_admin_extension_id"] = parsed_args.admin
- if parsed_args.desc:
- post_data["tenant_description"] = parsed_args.desc
- tenants = self.app.get_url(self.app.url_prefix+"/tenants",
- post_data=post_data,
- authtoken=True)
- return (
- ("id", "name", "description", "intra_authz_extension_id", "intra_admin_extension_id"),
- ((
- tenant_id,
- tenants[tenant_id]["name"],
- tenants[tenant_id]["description"],
- tenants[tenant_id]["intra_authz_extension_id"],
- tenants[tenant_id]["intra_admin_extension_id"],
- )
- for tenant_id in tenants)
- )
-
-
-class TenantShow(Command):
- """Show information of one tenant."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(TenantShow, self).get_parser(prog_name)
- parser.add_argument(
- 'tenant_name',
- metavar='<tenant-name>',
- help='Tenant name',
- )
- return parser
-
- def take_action(self, parsed_args):
- tenants = self.app.get_url(self.app.url_prefix+"/tenants/{}".format(parsed_args.tenant_name),
- authtoken=True)
- return (
- ("id", "name", "description", "intra_authz_extension_id", "intra_admin_extension_id"),
- ((
- tenant_id,
- tenants[tenant_id]["name"],
- tenants[tenant_id]["description"],
- tenants[tenant_id]["intra_authz_extension_id"],
- tenants[tenant_id]["intra_admin_extension_id"],
- )
- for tenant_id in tenants)
- )
-
-
-class TenantSet(Command):
- """Modify a tenant."""
-
- log = logging.getLogger(__name__)
-
- # TODO: could use a PATCH method also
- def get_parser(self, prog_name):
- parser = super(TenantSet, self).get_parser(prog_name)
- parser.add_argument(
- 'tenant_id',
- metavar='<tenant-id>',
- help='Tenant UUID',
- )
- parser.add_argument(
- '--name',
- metavar='<tenant-name>',
- help='Tenant name',
- )
- parser.add_argument(
- '--authz',
- metavar='<authz-intraextension-uuid>',
- help='Authz IntraExtension UUID',
- )
- parser.add_argument(
- '--admin',
- metavar='<admin-intraextension-uuid>',
- help='Admin IntraExtension UUID',
- )
- parser.add_argument(
- '--desc',
- metavar='<tenant-description-str>',
- help='Tenant description',
- )
- return parser
-
- def take_action(self, parsed_args):
- post_data = dict()
- post_data["tenant_id"] = parsed_args.tenant_id
- if parsed_args.name:
- post_data["tenant_name"] = parsed_args.tenant_name
- if parsed_args.authz is not None:
- post_data["tenant_intra_authz_extension_id"] = parsed_args.authz
- if parsed_args.admin is not None:
- post_data["tenant_intra_admin_extension_id"] = parsed_args.admin
- if parsed_args.desc is not None:
- post_data["tenant_description"] = parsed_args.desc
- tenants = self.app.get_url(self.app.url_prefix+"/tenants/{}".format(post_data["tenant_id"]),
- post_data=post_data,
- authtoken=True)
- return (
- ("id", "name", "description", "authz", "admin"),
- ((
- tenant_id,
- tenants[tenant_id]["name"],
- tenants[tenant_id]["description"],
- tenants[tenant_id]["intra_authz_extension_id"],
- tenants[tenant_id]["intra_admin_extension_id"],
- )
- for tenant_id in tenants)
- )
-
-
-class TenantDelete(Command):
- """Delete a tenant."""
-
- log = logging.getLogger(__name__)
-
- def get_parser(self, prog_name):
- parser = super(TenantDelete, self).get_parser(prog_name)
- parser.add_argument(
- 'tenant_id',
- metavar='<tenant-id>',
- help='Tenant UUID',
- )
- return parser
-
- def take_action(self, parsed_args):
- self.app.get_url(self.app.url_prefix+"/tenants/{}".format(parsed_args.tenant_id),
- method="DELETE",
- authtoken=True)
diff --git a/moonclient/moonclient/tests.py b/moonclient/moonclient/tests.py
deleted file mode 100644
index b2c02f11..00000000
--- a/moonclient/moonclient/tests.py
+++ /dev/null
@@ -1,251 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-import logging
-import json
-import shlex
-import re
-from cliff.lister import Lister
-from cliff.command import Command
-from uuid import uuid4
-import os
-import time
-import subprocess
-import glob
-
-
-class TestsLaunch(Lister):
- """Tests launcher."""
-
- log = logging.getLogger(__name__)
- result_vars = dict()
- logfile_name = "/tmp/moonclient_test_{}.log".format(time.strftime("%Y%m%d-%H%M%S"))
- logfile = open(logfile_name, "w")
- TIME_FORMAT = '%Y-%m-%d %H:%M:%S'
-
- def get_parser(self, prog_name):
- parser = super(TestsLaunch, self).get_parser(prog_name)
- parser.add_argument(
- '--stop-on-error', action="store_true",
- help='Stop the test on the first error',
- )
- parser.add_argument(
- '--self', action="store_true",
- help='Execute all internal tests',
- )
- parser.add_argument(
- 'testfile',
- metavar='<filename(s)>',
- nargs='?',
- help='Filenames that contains tests to run '
- '(examples: /path/to/test.json, /path/to/directory/, '
- '"/path/to/*-file.json" -- don\'t forget the quote)',
- )
- parser.add_argument(
- '--logfile',
- metavar='<logfile-str>',
- help='Force Log filename.',
- default=None
- )
- return parser
-
- def __replace_var_in_str(self, data_str):
- self.log.debug("__replace_var_in_str " + data_str)
- for exp in re.findall("\$\w+", data_str):
- self.log.debug("--->" + exp + str(self.result_vars))
- if exp.replace("$", "") in self.result_vars:
- data_str = re.sub(exp.replace("$", "\$") + "(?!\w)", self.result_vars[exp.replace("$", "")], data_str)
- self.log.debug("__replace_var_in_str " + data_str)
- return data_str
-
- def __compare_results(self, expected, observed):
- match = re.search(expected, observed)
- if match:
- self.result_vars.update(match.groupdict())
- return True
- return False
-
- def take_action(self, parsed_args):
- if parsed_args.logfile:
- self.logfile_name = parsed_args.logfile
- self.log.info("Write tests output to {}".format(self.logfile_name))
- if parsed_args.self:
- import sys
- import moonclient # noqa
- parsed_args.testfile = os.path.join(sys.modules['moonclient'].__path__[0], "tests")
- if parsed_args.testfile and os.path.isfile(parsed_args.testfile):
- return self.test_file(parsed_args.testfile)
- else:
- cpt = 1
- filenames = []
- global_result = {}
- if os.path.isdir(parsed_args.testfile):
- filenames = glob.glob(parsed_args.testfile + "/*.json")
- else:
- filenames = glob.glob(parsed_args.testfile)
- for filename in filenames:
- if os.path.isfile(filename):
- self.log.info("\n\033[1m\033[32mExecuting {} ({}/{})\033[m".format(filename, cpt, len(filenames)))
- global_result[filename] = self.test_file(filename)
- cpt += 1
- results = []
- for result_id, result_values in global_result.iteritems():
- result_ok = True
- # self.log.info(result_id)
- # self.log.info(result_values[1])
- log_filename = ""
- for value in result_values[1]:
- if "False" in value[2]:
- result_ok = False
- if "Overall results" in value[1]:
- log_filename = value[3]
- if result_ok:
- results.append((result_id, "\033[32mTrue\033[m", log_filename))
- else:
- results.append((result_id, "\033[1m\033[31mFalse\033[m", log_filename))
- return (
- ("filename", "results", "log file"),
- results
- )
-
- def test_file(self, testfile):
- if not self.logfile_name:
- self.logfile_name = "/tmp/moonclient_test_{}.log".format(time.strftime("%Y%m%d-%H%M%S"))
- self.logfile = open(self.logfile_name, "a")
- self.logfile.write(80*"=" + "\n")
- self.logfile.write(testfile + "\n\n")
- stdout_back = self.app.stdout
- tests_dict = json.load(open(testfile))
- self.log.debug("tests_dict = {}".format(tests_dict))
- global_command_options = ""
- if "command_options" in tests_dict:
- global_command_options = tests_dict["command_options"]
- data = list()
- for group_name, tests_list in tests_dict["tests_group"].iteritems():
- overall_result = True
- self.log.info("\n\033[1mgroup {}\033[0m".format(group_name))
- self.logfile.write("{}:\n\n".format(group_name))
- test_count = len(tests_list)
- for test in tests_list:
- result_str = ""
- error_str = ""
- if "auth_name" in test or "auth_password" in test or "auth_url" in test:
- username = None
- password = None
- tenant = None
- host = None
- port = None
- description = ""
- if "auth_name" in test:
- username = test["auth_name"]
- os.environ["OS_USERNAME"] = test["auth_name"]
- if "auth_password" in test:
- password = test["auth_password"]
- os.environ["OS_PASSWORD"] = test["auth_password"]
- if "auth_tenant" in test:
- tenant = test["auth_tenant"]
- os.environ["OS_TENANT_NAME"] = test["auth_tenant"]
- if "auth_host" in test:
- host = test["auth_host"]
- if "auth_port" in test:
- port = test["auth_port"]
- if "description" in test:
- description = test["description"]
- self.app.auth_keystone(username, password, host, port, tenant)
- title = "Change auth to "
- if username:
- title += username
- if host:
- title += "@" + host
- if port:
- title += ":" + port
- title += "\n"
- self.logfile.write(time.strftime(self.TIME_FORMAT) + " " + title + "\n")
- self.log.info(title.strip())
- data_tmp = list()
- data_tmp.append("")
- data_tmp.append(title.strip())
- data_tmp.append("\033[32mOK\033[m")
- data_tmp.append(description.strip())
- data.append(data_tmp)
- continue
- data_tmp = list()
- tmp_filename = os.path.join("/tmp", "moon_{}.tmp".format(uuid4().hex))
- tmp_filename_fd = open(tmp_filename, "w")
- self.log.debug("test={}".format(test))
- if "command" not in test:
- if "external_command" in test:
- ext_command = test["external_command"]
- else:
- continue
- ext_command = self.__replace_var_in_str(ext_command)
- self.logfile.write(time.strftime(self.TIME_FORMAT) + " " + "-----> {}\n".format(ext_command))
- self.log.info(" \\-executing external \"{}\"".format(ext_command))
- pipe = subprocess.Popen(shlex.split(ext_command), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
- com = pipe.communicate()
- result_str = com[0]
- error_str = com[1]
- self.logfile.write("stdout: {}\n".format(result_str))
- self.logfile.write("stderr: {}\n".format(error_str))
- if "command" in test:
- if "command_options" in test:
- command = test["command"] + " " + test["command_options"]
- else:
- command = test["command"] + " " + global_command_options
- command = self.__replace_var_in_str(command)
- self.logfile.write(time.strftime(self.TIME_FORMAT) + " " +
- test["name"] + " " +
- "-----> {}\n".format(command))
- self.log.info(" \\-executing {}".format(command))
- self.app.stdout = tmp_filename_fd
- result_id = self.app.run_subcommand(shlex.split(command))
- tmp_filename_fd.close()
- self.app.stdout = stdout_back
- result_str = open(tmp_filename, "r").read()
- self.logfile.write("{}".format(result_str))
- os.unlink(tmp_filename)
- data_tmp.append(group_name)
- data_tmp.append(test["name"])
- if "result" in test:
- compare = self.__compare_results(self.__replace_var_in_str(test["result"]), result_str)
- self.logfile.write("\\---->{}: {}\n\n".format(compare, self.__replace_var_in_str(test["result"])))
- else:
- compare = not self.__compare_results(self.__replace_var_in_str(test["no_result"]), result_str)
- self.logfile.write("\\---->{}: not {}\n\n".format(compare, self.__replace_var_in_str(test["no_result"])))
- if error_str:
- if compare:
- compare = "\033[33mTrue\033[m"
- overall_result = overall_result and True
- else:
- compare = "\033[1m\033[31mFalse\033[m"
- self.app.incr_error(error_str)
- overall_result = overall_result and False
- else:
- overall_result = overall_result and compare
- if compare:
- if overall_result:
- compare = "\033[32mTrue\033[m"
- else:
- compare = "\033[mTrue\033[m"
- else:
- compare = "\033[1m\033[31mFalse\033[m"
- self.app.incr_error()
- data_tmp.append(compare)
- data_tmp.append(test["description"])
- data.append(data_tmp)
- data_tmp = list()
- data_tmp.append("\033[1m" + group_name + "\033[m")
- data_tmp.append("\033[1mOverall results ({})\033[m".format(test_count))
- if overall_result:
- data_tmp.append("\033[1m\033[32mTrue\033[m")
- else:
- data_tmp.append("\033[1m\033[31mFalse\033[m")
- data_tmp.append(self.logfile_name)
- data.append(data_tmp)
-
- return (
- ("group_name", "test_name", "result", "description"),
- data
- )
diff --git a/moonclient/moonclient/tests/functional_tests.sh b/moonclient/moonclient/tests/functional_tests.sh
deleted file mode 100644
index 505980cc..00000000
--- a/moonclient/moonclient/tests/functional_tests.sh
+++ /dev/null
@@ -1,131 +0,0 @@
-#!/bin/sh
-
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-
-PROG=moon
-OS_TENANT_NAME=demo
-DEMO_USER=$(keystone user-list | awk '/ demo / {print $2}')
-
-# must be authenticated with Keystone
-# ie. : "cd ~/devstack; . openrc admin"
-
-function test_cmd {
- echo -e "\033[33m$PROG $1\033[m"
- $PROG $1 | tee /tmp/_
- if [ $? != 0 ]; then
- echo -e "\033[31mError for test \"$1\" \033[m"
- exit 1
- fi
-}
-
-test_cmd "intraextension list"
-test_cmd "intraextension add --policy_model policy_rbac func_test"
-uuid=$(cat /tmp/_ | cut -d " " -f 3)
-test_cmd "intraextension tenant set $uuid $OS_TENANT_NAME"
-test_cmd "intraextension show $uuid"
-
-test_cmd "subjects list"
-test_cmd "subjects add $DEMO_USER"
-test_cmd "subjects list"
-
-test_cmd "objects list"
-test_cmd "objects add my_obj"
-test_cmd "objects list"
-
-test_cmd "actions list"
-test_cmd "actions add my_action"
-test_cmd "actions list"
-
-# Category
-
-test_cmd "subject categories list"
-test_cmd "subject categories add my_cat"
-test_cmd "subject categories list"
-
-test_cmd "object categories list"
-test_cmd "object categories add my_cat"
-test_cmd "object categories list"
-
-test_cmd "action categories list"
-test_cmd "action categories add my_cat"
-test_cmd "action categories list"
-
-# Category scope
-
-test_cmd "subject category scope list"
-test_cmd "subject category scope add my_cat my_scope"
-test_cmd "subject category scope list"
-
-test_cmd "object category scope list"
-test_cmd "object category scope add my_cat my_scope"
-test_cmd "object category scope list"
-
-test_cmd "action category scope list"
-test_cmd "action category scope add my_cat my_scope"
-test_cmd "action category scope list"
-
-# Assignments
-
-test_cmd "subject assignments list"
-test_cmd "subject assignments add $DEMO_USER my_cat my_scope"
-test_cmd "subject assignments list"
-
-test_cmd "object assignments list"
-test_cmd "object assignments add my_obj my_cat my_scope"
-test_cmd "object assignments list"
-
-test_cmd "action assignments list"
-test_cmd "action assignments add my_action my_cat my_scope"
-test_cmd "action assignments list"
-
-# Sub meta rules
-
-test_cmd "aggregation algorithms list"
-test_cmd "aggregation algorithm show"
-test_cmd "aggregation algorithm set test_aggregation"
-test_cmd "aggregation algorithm show"
-test_cmd "submetarule show"
-test_cmd "submetarule set relation_super subject_security_level,my_cat computing_action,my_cat object_security_level,my_cat"
-test_cmd "submetarule show"
-test_cmd "submetarule relation list"
-
-# Rules
-
-test_cmd "rules list"
-test_cmd "rules add relation_super high,my_scope,vm_access,my_scope,high,my_scope"
-test_cmd "rules delete relation_super high,my_scope,vm_access,my_scope,high,my_scope"
-
-#Delete all
-test_cmd "subject assignments delete $DEMO_USER my_cat my_scope"
-test_cmd "subject assignments list"
-test_cmd "object assignments delete my_obj my_cat my_scope"
-test_cmd "object assignments list"
-test_cmd "action assignments delete my_action my_cat my_scope"
-test_cmd "action assignments list"
-
-test_cmd "subject category scope delete my_cat my_scope"
-test_cmd "subject category scope list"
-test_cmd "object category scope delete my_cat my_scope"
-test_cmd "object category scope list"
-test_cmd "action category scope delete my_cat my_scope"
-test_cmd "action category scope list"
-
-test_cmd "subjects delete $DEMO_USER"
-test_cmd "subjects list"
-test_cmd "objects delete my_obj"
-test_cmd "objects list"
-test_cmd "actions delete my_action"
-test_cmd "actions list"
-test_cmd "subject categories delete my_cat"
-test_cmd "subject categories list"
-test_cmd "object categories delete my_cat"
-test_cmd "object categories list"
-test_cmd "action categories delete my_cat"
-test_cmd "action categories list"
-
-
-test_cmd "intraextension delete $uuid" \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_action_assignments.json b/moonclient/moonclient/tests/tests_action_assignments.json
deleted file mode 100644
index f5cabbbb..00000000
--- a/moonclient/moonclient/tests/tests_action_assignments.json
+++ /dev/null
@@ -1,371 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_action",
- "command": "action add boot",
- "result": "",
- "description": "Add the new action category boot",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action>\\w+)\\s+boot",
- "description": "Check that boot action was added."
- },
- {
- "name": "add_action_category",
- "command": "action category add my_new_action_category",
- "result": "",
- "description": "Add the new action category my_new_action_category",
- "command_options": ""
- },
- {
- "name": "list_action_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category>\\w+)\\s+my_new_action_category",
- "description": "Check that my_new_action_category action_category was added."
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action $uuid_action_category $uuid_action_scope",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action $uuid_action_category",
- "result": "$uuid_action_scope testers",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "delete_assignment",
- "command": "action assignment delete $uuid_action $uuid_action_category $uuid_action_scope",
- "result": "^$",
- "description": "Delete the added assignment",
- "command_options": ""
- },
- {
- "name": "check_deleted_assignment",
- "command": "action assignment list $uuid_action $uuid_action_category",
- "no_result": "$uuid_action_scope",
- "description": "Check deleted assignment.",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "delete_scope",
- "command": "action scope delete $uuid_action_category $uuid_action_scope",
- "result": "^$",
- "description": "Delete one scope from action category role",
- "command_options": ""
- },
- {
- "name": "delete_action_category",
- "command": "action category delete $uuid_action_category",
- "result": "^$",
- "description": "Delete my_new_action_category action_category.",
- "command_options": ""
- },
- {
- "name": "list_action_category",
- "command": "action category list",
- "no_result": "$uuid_action_category",
- "description": "Check that my_new_action_category action_category was deleted."
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_action",
- "command": "action add boot",
- "result": "",
- "description": "Add the new action category boot",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action>\\w+)\\s+boot",
- "description": "Check that boot action was added."
- },
- {
- "name": "add_action_category",
- "command": "action category add my_new_action_category",
- "result": "",
- "description": "Add the new action category my_new_action_category",
- "command_options": ""
- },
- {
- "name": "list_action_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category>\\w+)\\s+my_new_action_category",
- "description": "Check that my_new_action_category action_category was added."
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action $uuid_action_category $uuid_action_scope",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action $uuid_action_category",
- "result": "$uuid_action_scope testers",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "delete_assignment",
- "command": "action assignment delete $uuid_action $uuid_action_category $uuid_action_scope",
- "result": "^$",
- "description": "Delete the added assignment",
- "command_options": ""
- },
- {
- "name": "check_deleted_assignment",
- "command": "action assignment list $uuid_action $uuid_action_category",
- "no_result": "$uuid_action_scope",
- "description": "Check deleted assignment.",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "delete_scope",
- "command": "action scope delete $uuid_action_category $uuid_action_scope",
- "result": "^$",
- "description": "Delete one scope from action category role",
- "command_options": ""
- },
- {
- "name": "delete_action_category",
- "command": "action category delete $uuid_action_category",
- "result": "^$",
- "description": "Delete my_new_action_category action_category.",
- "command_options": ""
- },
- {
- "name": "list_action_category",
- "command": "action category list",
- "no_result": "$uuid_action_category",
- "description": "Check that my_new_action_category action_category was deleted."
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_action_categories.json b/moonclient/moonclient/tests/tests_action_categories.json
deleted file mode 100644
index 1932ffc0..00000000
--- a/moonclient/moonclient/tests/tests_action_categories.json
+++ /dev/null
@@ -1,241 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_action_category",
- "command": "action category add my_new_action_category",
- "result": "",
- "description": "Add the new action category my_new_action_category",
- "command_options": ""
- },
- {
- "name": "list_action_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category>\\w+)\\s+my_new_action_category",
- "description": "Check that my_new_action_category action_category was added."
- },
- {
- "name": "delete_action_category",
- "command": "action category delete $uuid_action_category",
- "result": "^$",
- "description": "Delete my_new_action_category action_category.",
- "command_options": ""
- },
- {
- "name": "list_action_category",
- "command": "action category list",
- "no_result": "$uuid_action_category",
- "description": "Check that my_new_action_category action_category was deleted."
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_action_category",
- "command": "action category add my_new_action_category",
- "result": "",
- "description": "Add the new action category my_new_action_category",
- "command_options": ""
- },
- {
- "name": "list_action_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category>\\w+)\\s+my_new_action_category",
- "description": "Check that my_new_action_category action_category was added."
- },
- {
- "name": "delete_action_category",
- "command": "action category delete $uuid_action_category",
- "result": "^$",
- "description": "Delete my_new_action_category action_category.",
- "command_options": ""
- },
- {
- "name": "list_action_category",
- "command": "action category list",
- "no_result": "$uuid_action_category",
- "description": "Check that my_new_action_category action_category was deleted."
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_action_scopes.json b/moonclient/moonclient/tests/tests_action_scopes.json
deleted file mode 100644
index 069af73e..00000000
--- a/moonclient/moonclient/tests/tests_action_scopes.json
+++ /dev/null
@@ -1,259 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "get_one_action_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category>\\w+)\\s+resource_action",
- "description": "Get one action_category for next tests.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to action category resource_action",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "delete_scope",
- "command": "action scope delete $uuid_action_category $uuid_action_scope",
- "result": "^$",
- "description": "Delete one scope from action category resource_action",
- "command_options": ""
- },
- {
- "name": "check_deleted_scope",
- "command": "action scope list $uuid_action_category",
- "no_result": "$uuid_action_scope",
- "description": "Check deleted scope.",
- "command_options": "-c id -f value"
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "get_one_action_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category>\\w+)\\s+resource_action",
- "description": "Get one action_category for next tests.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to action category resource_action",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "delete_scope",
- "command": "action scope delete $uuid_action_category $uuid_action_scope",
- "result": "^$",
- "description": "Delete one scope from action category resource_action",
- "command_options": ""
- },
- {
- "name": "check_deleted_scope",
- "command": "action scope list $uuid_action_category",
- "no_result": "$uuid_action_scope",
- "description": "Check deleted scope.",
- "command_options": "-c id -f value"
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_actions.json b/moonclient/moonclient/tests/tests_actions.json
deleted file mode 100644
index 07de9cc0..00000000
--- a/moonclient/moonclient/tests/tests_actions.json
+++ /dev/null
@@ -1,241 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_action",
- "command": "action add new_action_1",
- "result": "",
- "description": "Add a new action.",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action>\\w+)\\s+new_action_1",
- "description": "Check that new_action_1 action was added."
- },
- {
- "name": "delete_action",
- "command": "action delete $uuid_action",
- "result": "^$",
- "description": "Delete new_action_1 action.",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "no_result": "$uuid_action",
- "description": "Check that new_action_1 action was deleted."
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_action",
- "command": "action add new_action_1",
- "result": "",
- "description": "Add a new action.",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action>\\w+)\\s+new_action_1",
- "description": "Check that new_action_1 action was added."
- },
- {
- "name": "delete_action",
- "command": "action delete $uuid_action",
- "result": "^$",
- "description": "Delete new_action_1 action.",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "no_result": "$uuid_action",
- "description": "Check that new_action_1 action was deleted."
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_admin_intraextensions.json b/moonclient/moonclient/tests/tests_admin_intraextensions.json
deleted file mode 100644
index 16a47348..00000000
--- a/moonclient/moonclient/tests/tests_admin_intraextensions.json
+++ /dev/null
@@ -1,128 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "main": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "List all tenants (must be empty)"
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check authz ie for tenant alt_demo",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz ie has been correctly added for tenant alt_demo ",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the admin intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check admin ie for tenant alt_demo",
- "command": "tenant list",
- "result": "alt_demo $uuid_admin",
- "description": "Check that admin ie has been correctly added for tenant alt_demo ",
- "command_options": "-c name -c intra_admin_extension_id -f value"
- },
-
- {
- "name": "select admin ie",
- "command": "intraextension select $uuid_admin",
- "result": "Select $uuid_admin IntraExtension.",
- "description": "Select the admin intra extension to work with",
- "command_options": ""
- },
- {
- "name": "check_admin_user",
- "command": "subject list",
- "result": "admin",
- "description": "Check that admin user was added"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "rbac",
- "description": "Check that submetarule was added"
- },
-
-
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_configuration.json b/moonclient/moonclient/tests/tests_configuration.json
deleted file mode 100644
index de16ec9d..00000000
--- a/moonclient/moonclient/tests/tests_configuration.json
+++ /dev/null
@@ -1,235 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "list template",
- "command": "template list",
- "result": "policy_root",
- "description": "Check that we have the root policy templates",
- "command_options": "-c id -f value"
- },
- {
- "name": "list aggregation_algorithm",
- "command": "aggregation algorithm list",
- "result": "all_true",
- "description": "Check that the aggregation algorithm all_true exists.",
- "command_options": "-c name -f value"
- },
- {
- "name": "list submetarule_algorithm",
- "command": "submetarule algorithm list",
- "result": "comparison",
- "description": "Check that the aggregation algorithm all_true exists.",
- "command_options": "-c name -f value"
- },
-
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "lst template",
- "command": "template list",
- "result": "policy_root",
- "description": "Check that we have the root policy templates",
- "command_options": "-c id -f value"
- },
- {
- "name": "list aggregation_algorithm",
- "command": "aggregation algorithm list",
- "result": "all_true",
- "description": "Check that the aggregation algorithm all_true exists.",
- "command_options": "-c name -f value"
- },
- {
- "name": "list submetarule_algorithm",
- "command": "submetarule algorithm list",
- "result": "comparison",
- "description": "Check that the aggregation algorithm all_true exists.",
- "command_options": "-c name -f value"
- },
-
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_object_assignments.json b/moonclient/moonclient/tests/tests_object_assignments.json
deleted file mode 100644
index 3ae555c2..00000000
--- a/moonclient/moonclient/tests/tests_object_assignments.json
+++ /dev/null
@@ -1,385 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_object",
- "command": "object add nova_server_1",
- "result": "",
- "description": "Add the new object category nova_server_1",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object>\\w+)\\s+nova_server_1",
- "description": "Check that nova_server_1 object was added."
- },
- {
- "name": "add_object_category",
- "command": "object category add my_new_object_category",
- "result": "",
- "description": "Add the new object category my_new_object_category",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category>\\w+)\\s+my_new_object_category",
- "description": "Check that my_new_object_category object_category was added."
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category scope1 --description \"scope1 description\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope>\\w+)\\s+scope1\\s+scope1 description",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object $uuid_object_category $uuid_object_scope",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object $uuid_object_category",
- "result": "$uuid_object_scope scope1",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "delete_assignment",
- "command": "object assignment delete $uuid_object $uuid_object_category $uuid_object_scope",
- "result": "^$",
- "description": "Delete the added assignment",
- "command_options": ""
- },
- {
- "name": "check_deleted_assignment",
- "command": "object assignment list $uuid_object $uuid_object_category",
- "no_result": "$uuid_object_scope",
- "description": "Check deleted assignment.",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "delete_scope",
- "command": "object scope delete $uuid_object_category $uuid_object_scope",
- "result": "^$",
- "description": "Delete one scope from object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "no_result": "$uuid_object_scope",
- "description": "Check added scope was deleted.",
- "command_options": "-c id -f value"
- },
- {
- "name": "delete_object_category",
- "command": "object category delete $uuid_object_category",
- "result": "^$",
- "description": "Delete my_new_object_category object_category.",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "no_result": "$uuid_object_category",
- "description": "Check that my_new_object_category object_category was deleted."
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_object",
- "command": "object add nova_server_1",
- "result": "",
- "description": "Add the new object category nova_server_1",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object>\\w+)\\s+nova_server_1",
- "description": "Check that nova_server_1 object was added."
- },
- {
- "name": "add_object_category",
- "command": "object category add my_new_object_category",
- "result": "",
- "description": "Add the new object category my_new_object_category",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category>\\w+)\\s+my_new_object_category",
- "description": "Check that my_new_object_category object_category was added."
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category scope1 --description \"scope1 description\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope>\\w+)\\s+scope1\\s+scope1 description",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object $uuid_object_category $uuid_object_scope",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object $uuid_object_category",
- "result": "$uuid_object_scope scope1",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "delete_assignment",
- "command": "object assignment delete $uuid_object $uuid_object_category $uuid_object_scope",
- "result": "^$",
- "description": "Delete the added assignment",
- "command_options": ""
- },
- {
- "name": "check_deleted_assignment",
- "command": "object assignment list $uuid_object $uuid_object_category",
- "no_result": "$uuid_object_scope",
- "description": "Check deleted assignment.",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "delete_scope",
- "command": "object scope delete $uuid_object_category $uuid_object_scope",
- "result": "^$",
- "description": "Delete one scope from object category role",
- "command_options": ""
- },
- {
- "name": "check_deleted_scope",
- "command": "object scope list $uuid_object_category",
- "no_result": "$uuid_object_scope",
- "description": "Check added scope was deleted.",
- "command_options": "-c id -f value"
- },
- {
- "name": "delete_object_category",
- "command": "object category delete $uuid_object_category",
- "result": "^$",
- "description": "Delete my_new_object_category object_category.",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "no_result": "$uuid_object_category",
- "description": "Check that my_new_object_category object_category was deleted."
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_object_categories.json b/moonclient/moonclient/tests/tests_object_categories.json
deleted file mode 100644
index ac067a89..00000000
--- a/moonclient/moonclient/tests/tests_object_categories.json
+++ /dev/null
@@ -1,241 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_object_category",
- "command": "object category add my_new_object_category",
- "result": "",
- "description": "Add the new object category my_new_object_category",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category>\\w+)\\s+my_new_object_category",
- "description": "Check that my_new_object_category object_category was added."
- },
- {
- "name": "delete_object_category",
- "command": "object category delete $uuid_object_category",
- "result": "^$",
- "description": "Delete my_new_object_category object_category.",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "no_result": "$uuid_object_category",
- "description": "Check that my_new_object_category object_category was deleted."
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_object_category",
- "command": "object category add my_new_object_category",
- "result": "",
- "description": "Add the new object category my_new_object_category",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category>\\w+)\\s+my_new_object_category",
- "description": "Check that my_new_object_category object_category was added."
- },
- {
- "name": "delete_object_category",
- "command": "object category delete $uuid_object_category",
- "result": "^$",
- "description": "Delete my_new_object_category object_category.",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "no_result": "$uuid_object_category",
- "description": "Check that my_new_object_category object_category was deleted."
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_object_scopes.json b/moonclient/moonclient/tests/tests_object_scopes.json
deleted file mode 100644
index 52ac12fd..00000000
--- a/moonclient/moonclient/tests/tests_object_scopes.json
+++ /dev/null
@@ -1,259 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "get_one_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category>\\w+)\\s+object_id",
- "description": "Get one object_category for next tests.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to object category object_id",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "delete_scope",
- "command": "object scope delete $uuid_object_category $uuid_object_scope",
- "result": "^$",
- "description": "Delete one scope from object category object_id",
- "command_options": ""
- },
- {
- "name": "check_deleted_scope",
- "command": "object scope list $uuid_object_category",
- "no_result": "$uuid_object_scope",
- "description": "Check deleted scope.",
- "command_options": "-c id -f value"
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "get_one_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category>\\w+)\\s+object_id",
- "description": "Get one object_category for next tests.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to object category object_id",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "delete_scope",
- "command": "object scope delete $uuid_object_category $uuid_object_scope",
- "result": "^$",
- "description": "Delete one scope from object category object_id",
- "command_options": ""
- },
- {
- "name": "check_deleted_scope",
- "command": "object scope list $uuid_object_category",
- "no_result": "$uuid_object_scope",
- "description": "Check deleted scope.",
- "command_options": "-c id -f value"
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_objects.json b/moonclient/moonclient/tests/tests_objects.json
deleted file mode 100644
index ef17dd60..00000000
--- a/moonclient/moonclient/tests/tests_objects.json
+++ /dev/null
@@ -1,241 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_object",
- "command": "object add nova_server_1",
- "result": "",
- "description": "Add a new object.",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object>\\w+)\\s+nova_server_1",
- "description": "Check that nova_server_1 object was added."
- },
- {
- "name": "delete_object",
- "command": "object delete $uuid_object",
- "result": "^$",
- "description": "Delete nova_server_1 object.",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "no_result": "$uuid_object",
- "description": "Check that nova_server_1 object was deleted."
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_object",
- "command": "object add nova_server_1",
- "result": "",
- "description": "Add a new object.",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object>\\w+)\\s+nova_server_1",
- "description": "Check that nova_server_1 object was added."
- },
- {
- "name": "delete_object",
- "command": "object delete $uuid_object",
- "result": "^$",
- "description": "Delete nova_server_1 object.",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "no_result": "$uuid_object",
- "description": "Check that nova_server_1 object was deleted."
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_root_intraextensions.json b/moonclient/moonclient/tests/tests_root_intraextensions.json
deleted file mode 100644
index e24151d1..00000000
--- a/moonclient/moonclient/tests/tests_root_intraextensions.json
+++ /dev/null
@@ -1,47 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "main": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list_intraextension",
- "command": "intraextension list",
- "result": "(?P<uuid_root>\\w+)\\s+policy_root",
- "description": "Check the existence of the root intra extension",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "select root ie",
- "command": "intraextension select $uuid_root",
- "result": "Select $uuid_root IntraExtension.",
- "description": "Select the root intra extension to work with",
- "command_options": ""
- },
- {
- "name": "check_admin_user",
- "command": "subject list",
- "result": "admin",
- "description": "Check that admin user was added"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "(?P<uuid_submetarule>\\w+)\\s+rbac_rule",
- "description": "Check that submetarule was added"
- },
- {
- "name": "check_rule",
- "command": "rule list $uuid_submetarule",
- "result": "root_role",
- "description": "Check that rules were added"
- }
-
-
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_rules.json b/moonclient/moonclient/tests/tests_rules.json
deleted file mode 100644
index 1950a1e3..00000000
--- a/moonclient/moonclient/tests/tests_rules.json
+++ /dev/null
@@ -1,378 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "check_submetarules",
- "command": "submetarule show",
- "result": "(?P<submetarule_uuid>\\w+)\\s+subject_security_level",
- "description": "Get one submetarule ID",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "list_subject_categories",
- "command": "subject category list",
- "result": "(?P<category_slevel_uuid>\\w+)\\s+subject_security_level",
- "description": "Get one subject category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "list_action_categories",
- "command": "action category list",
- "result": "(?P<category_action_uuid>\\w+)\\s+resource_action",
- "description": "Get one action category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "list_object_categories",
- "command": "object category list",
- "result": "(?P<category_object_uuid>\\w+)\\s+object_security_level",
- "description": "Get one object category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_subject_scope",
- "command": "subject scope add $category_slevel_uuid very_high",
- "result": "^$",
- "description": "Add one new scope.",
- "command_options": ""
- },
- {
- "name": "check_added_subject_scope",
- "command": "subject scope list $category_slevel_uuid",
- "result": "(?P<scope_subject>\\s+very_high)",
- "description": "Get the ID of the new scope.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "get_one_action_scope",
- "command": "action scope list $category_action_uuid",
- "result": "(?P<scope_action>\\s+storage_admin)",
- "description": "Get the ID of one action scope.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "get_one_object_scope",
- "command": "object scope list $category_object_uuid",
- "result": "(?P<scope_object>\\s+high)",
- "description": "Get the ID of one object scope.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"very_high,storage_admin,high\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+very_high\\s+storage_admin\\s+high",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "delete_added_rule",
- "command": "rule delete $submetarule_uuid $rule_id",
- "result": "^$",
- "description": "Delete the added rule.",
- "command_options": ""
- },
- {
- "name": "check_deleted_rule",
- "command": "rule list $submetarule_uuid",
- "no_result": "very_high",
- "description": "Check that the rule was correctly deleted.",
- "command_options": "-c s:subject_security_level -f value"
- },
-
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "no_result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "check_submetarules",
- "command": "submetarule show",
- "result": "(?P<submetarule_uuid>\\w+)\\s+subject_security_level",
- "description": "Get one submetarule ID",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "list_subject_categories",
- "command": "subject category list",
- "result": "(?P<category_slevel_uuid>\\w+)\\s+subject_security_level",
- "description": "Get one subject category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "list_action_categories",
- "command": "action category list",
- "result": "(?P<category_action_uuid>\\w+)\\s+resource_action",
- "description": "Get one action category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "list_object_categories",
- "command": "object category list",
- "result": "(?P<category_object_uuid>\\w+)\\s+object_security_level",
- "description": "Get one object category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_subject_scope",
- "command": "subject scope add $category_slevel_uuid very_high",
- "result": "^$",
- "description": "Add one new scope.",
- "command_options": ""
- },
- {
- "name": "check_added_subject_scope",
- "command": "subject scope list $category_slevel_uuid",
- "result": "(?P<scope_subject>\\s+very_high)",
- "description": "Get the ID of the new scope.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "get_one_action_scope",
- "command": "action scope list $category_action_uuid",
- "result": "(?P<scope_action>\\s+storage_admin)",
- "description": "Get the ID of one action scope.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "get_one_object_scope",
- "command": "object scope list $category_object_uuid",
- "result": "(?P<scope_object>\\s+high)",
- "description": "Get the ID of one object scope.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"very_high,storage_admin,high\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+very_high\\s+storage_admin\\s+high",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "delete_added_rule",
- "command": "rule delete $submetarule_uuid $rule_id",
- "result": "^$",
- "description": "Delete the added rule.",
- "command_options": ""
- },
- {
- "name": "check_deleted_rule",
- "command": "rule list $submetarule_uuid",
- "no_result": "very_high",
- "description": "Check that the rule was correctly deleted.",
- "command_options": "-c s:subject_security_level -f value"
- },
-
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "no_result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_subject_assignments.json b/moonclient/moonclient/tests/tests_subject_assignments.json
deleted file mode 100644
index e4615500..00000000
--- a/moonclient/moonclient/tests/tests_subject_assignments.json
+++ /dev/null
@@ -1,371 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject",
- "command": "subject add alt_demo --subject_pass nomoresecrete",
- "result": "",
- "description": "Add the new subject category alt_demo",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject>\\w+)\\s+alt_demo",
- "description": "Check that alt_demo subject was added."
- },
- {
- "name": "add_subject_category",
- "command": "subject category add my_new_subject_category",
- "result": "",
- "description": "Add the new subject category my_new_subject_category",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category>\\w+)\\s+my_new_subject_category",
- "description": "Check that my_new_subject_category subject_category was added."
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "subject assignment add $uuid_subject $uuid_subject_category $uuid_subject_scope",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "subject assignment list $uuid_subject $uuid_subject_category",
- "result": "$uuid_subject_scope testers",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "delete_assignment",
- "command": "subject assignment delete $uuid_subject $uuid_subject_category $uuid_subject_scope",
- "result": "^$",
- "description": "Delete the added assignment",
- "command_options": ""
- },
- {
- "name": "check_deleted_assignment",
- "command": "subject assignment list $uuid_subject $uuid_subject_category",
- "no_result": "$uuid_subject_scope",
- "description": "Check deleted assignment.",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "delete_scope",
- "command": "subject scope delete $uuid_subject_category $uuid_subject_scope",
- "result": "^$",
- "description": "Delete one scope from subject category role",
- "command_options": ""
- },
- {
- "name": "delete_subject_category",
- "command": "subject category delete $uuid_subject_category",
- "result": "^$",
- "description": "Delete my_new_subject_category subject_category.",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "no_result": "$uuid_subject_category",
- "description": "Check that my_new_subject_category subject_category was deleted."
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject",
- "command": "subject add alt_demo --subject_pass nomoresecrete",
- "result": "",
- "description": "Add the new subject category alt_demo",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject>\\w+)\\s+alt_demo",
- "description": "Check that alt_demo subject was added."
- },
- {
- "name": "add_subject_category",
- "command": "subject category add my_new_subject_category",
- "result": "",
- "description": "Add the new subject category my_new_subject_category",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category>\\w+)\\s+my_new_subject_category",
- "description": "Check that my_new_subject_category subject_category was added."
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "subject assignment add $uuid_subject $uuid_subject_category $uuid_subject_scope",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "subject assignment list $uuid_subject $uuid_subject_category",
- "result": "$uuid_subject_scope testers",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "delete_assignment",
- "command": "subject assignment delete $uuid_subject $uuid_subject_category $uuid_subject_scope",
- "result": "^$",
- "description": "Delete the added assignment",
- "command_options": ""
- },
- {
- "name": "check_deleted_assignment",
- "command": "subject assignment list $uuid_subject $uuid_subject_category",
- "no_result": "$uuid_subject_scope",
- "description": "Check deleted assignment.",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "delete_scope",
- "command": "subject scope delete $uuid_subject_category $uuid_subject_scope",
- "result": "^$",
- "description": "Delete one scope from subject category role",
- "command_options": ""
- },
- {
- "name": "delete_subject_category",
- "command": "subject category delete $uuid_subject_category",
- "result": "^$",
- "description": "Delete my_new_subject_category subject_category.",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "no_result": "$uuid_subject_category",
- "description": "Check that my_new_subject_category subject_category was deleted."
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_subject_categories.json b/moonclient/moonclient/tests/tests_subject_categories.json
deleted file mode 100644
index cd2be2d1..00000000
--- a/moonclient/moonclient/tests/tests_subject_categories.json
+++ /dev/null
@@ -1,241 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject_category",
- "command": "subject category add my_new_subject_category",
- "result": "",
- "description": "Add the new subject category my_new_subject_category",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category>\\w+)\\s+my_new_subject_category",
- "description": "Check that my_new_subject_category subject_category was added."
- },
- {
- "name": "delete_subject_category",
- "command": "subject category delete $uuid_subject_category",
- "result": "^$",
- "description": "Delete my_new_subject_category subject_category.",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "no_result": "$uuid_subject_category",
- "description": "Check that my_new_subject_category subject_category was deleted."
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject_category",
- "command": "subject category add my_new_subject_category",
- "result": "",
- "description": "Add the new subject category my_new_subject_category",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category>\\w+)\\s+my_new_subject_category",
- "description": "Check that my_new_subject_category subject_category was added."
- },
- {
- "name": "delete_subject_category",
- "command": "subject category delete $uuid_subject_category",
- "result": "^$",
- "description": "Delete my_new_subject_category subject_category.",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "no_result": "$uuid_subject_category",
- "description": "Check that my_new_subject_category subject_category was deleted."
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_subject_scopes.json b/moonclient/moonclient/tests/tests_subject_scopes.json
deleted file mode 100644
index bbf31c11..00000000
--- a/moonclient/moonclient/tests/tests_subject_scopes.json
+++ /dev/null
@@ -1,259 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "get_one_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category>\\w+)\\s+role",
- "description": "Get one subject_category for next tests.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "delete_scope",
- "command": "subject scope delete $uuid_subject_category $uuid_subject_scope",
- "result": "^$",
- "description": "Delete one scope from subject category role",
- "command_options": ""
- },
- {
- "name": "check_deleted_scope",
- "command": "subject scope list $uuid_subject_category",
- "no_result": "$uuid_subject_scope",
- "description": "Check deleted scope.",
- "command_options": "-c id -f value"
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "get_one_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category>\\w+)\\s+role",
- "description": "Get one subject_category for next tests.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category testers --description \"test engineers\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope>\\w+)\\s+testers\\s+test engineers",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "delete_scope",
- "command": "subject scope delete $uuid_subject_category $uuid_subject_scope",
- "result": "^$",
- "description": "Delete one scope from subject category role",
- "command_options": ""
- },
- {
- "name": "check_deleted_scope",
- "command": "subject scope list $uuid_subject_category",
- "no_result": "$uuid_subject_scope",
- "description": "Check deleted scope.",
- "command_options": "-c id -f value"
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_subjects.json b/moonclient/moonclient/tests/tests_subjects.json
deleted file mode 100644
index 97a45da6..00000000
--- a/moonclient/moonclient/tests/tests_subjects.json
+++ /dev/null
@@ -1,241 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject",
- "command": "subject add alt_demo --subject_pass password",
- "result": "",
- "description": "Add the alt_demo subject",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject>\\w+)\\s+alt_demo",
- "description": "Check that alt_demo subject was added."
- },
- {
- "name": "delete_subject",
- "command": "subject delete $uuid_subject",
- "result": "^$",
- "description": "Delete alt_demo subject.",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "no_result": "$uuid_subject",
- "description": "Check that alt_demo subject was deleted."
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject",
- "command": "subject add alt_demo --subject_pass password",
- "result": "",
- "description": "Add the alt_demo subject",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject>\\w+)\\s+alt_demo",
- "description": "Check that alt_demo subject was added."
- },
- {
- "name": "delete_subject",
- "command": "subject delete $uuid_subject",
- "result": "^$",
- "description": "Delete alt_demo subject.",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "no_result": "$uuid_subject",
- "description": "Check that alt_demo subject was deleted."
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_submetarules.json b/moonclient/moonclient/tests/tests_submetarules.json
deleted file mode 100644
index cde01c27..00000000
--- a/moonclient/moonclient/tests/tests_submetarules.json
+++ /dev/null
@@ -1,294 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "check_submetarules",
- "command": "submetarule show",
- "result": "(?P<submetarule_uuid>\\w+)\\s+subject_security_level",
- "description": "Get one submetarule ID",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "list_subject_categories",
- "command": "subject category list",
- "result": "(?P<category_domain_uuid>\\w+)\\s+domain",
- "description": "Get one subject category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "list_subject_categories",
- "command": "subject category list",
- "result": "(?P<category_level_uuid>\\w+)\\s+subject_security_level",
- "description": "Get one subject category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set_submetarule",
- "command": "submetarule set $submetarule_uuid --subject_category_id=\"$category_level_uuid,$category_domain_uuid\"",
- "result": "^$",
- "description": "Set a new submetarule",
- "command_options": ""
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*subject_security_level,\\s+domain",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*object_security_level",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"object categories\" -f value"
- },
-
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "no_result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- }
- ],
- "authz_and_admin": [
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo and authz ie",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz intra extension has been correctly added to the tenant.",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "check tenant alt_demo and admin ie",
- "command": "tenant list",
- "result": "$uuid_admin",
- "description": "Check that admin intra extension has been correctly added to the tenant.",
- "command_options": "-c intra_admin_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "check_submetarules",
- "command": "submetarule show",
- "result": "(?P<submetarule_uuid>\\w+)\\s+subject_security_level",
- "description": "Get one submetarule ID",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "list_subject_categories",
- "command": "subject category list",
- "result": "(?P<category_domain_uuid>\\w+)\\s+domain",
- "description": "Get one subject category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "list_subject_categories",
- "command": "subject category list",
- "result": "(?P<category_level_uuid>\\w+)\\s+subject_security_level",
- "description": "Get one subject category.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set_submetarule",
- "command": "submetarule set $submetarule_uuid --subject_category_id=\"$category_level_uuid,$category_domain_uuid\"",
- "result": "^$",
- "description": "Set a new submetarule",
- "command_options": ""
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*subject_security_level,\\s+domain",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*object_security_level",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"object categories\" -f value"
- },
-
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "no_result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "Check if tenant alt_demo is used."
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/tests_tenants.json b/moonclient/moonclient/tests/tests_tenants.json
deleted file mode 100644
index 719cdbfc..00000000
--- a/moonclient/moonclient/tests/tests_tenants.json
+++ /dev/null
@@ -1,106 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "main": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "alt_demo",
- "description": "List all tenants (must be empty)"
- },
- {
- "name": "add tenant alt_demo",
- "command": "tenant add alt_demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant alt_demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+alt_demo",
- "description": "Check that tenant alt_demo has been correctly added"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check authz ie for tenant alt_demo",
- "command": "tenant list",
- "result": "alt_demo $uuid_authz",
- "description": "Check that authz ie has been correctly added for tenant alt_demo ",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the admin intra extension to the tenant alt_demo",
- "command_options": ""
- },
- {
- "name": "check admin ie for tenant alt_demo",
- "command": "tenant list",
- "result": "alt_demo $uuid_admin",
- "description": "Check that admin ie has been correctly added for tenant alt_demo ",
- "command_options": "-c name -c intra_admin_extension_id -f value"
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant alt_demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/todo/tests_empty_policy_new_user.json b/moonclient/moonclient/tests/todo/tests_empty_policy_new_user.json
deleted file mode 100644
index ad9d7e52..00000000
--- a/moonclient/moonclient/tests/todo/tests_empty_policy_new_user.json
+++ /dev/null
@@ -1,3627 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "auth_password": "console",
- "auth_tenant": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "get cirros image",
- "external_command": "wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img -o /tmp/cirros.img",
- "result": "",
- "description": "Download a Cirros image"
- },
- {
- "name": "install cirros image",
- "external_command": "glance image-create --name \"cirros\" --disk-format qcow2 --file /tmp/cirros.img --container-format bare",
- "result": "",
- "description": "Upload the Cirros image in glance"
- },
- {
- "name": "create secgroup",
- "external_command": "nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0",
- "result": "",
- "description": "Create a new secgroup in Nova"
- },
- {
- "name": "create secgroup",
- "external_command": "nova secgroup-add-rule default tcp 22 22 0.0.0.0/0",
- "result": "",
- "description": "Create a new secgroup in Nova"
- },
- {
- "name": "create router",
- "external_command": "neutron router-create demo-router",
- "result": "",
- "description": "Create a new router"
- },
- {
- "name": "set router",
- "external_command": "neutron router-gateway-set demo-router ext-net",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "set router",
- "external_command": "neutron net-create demo-net",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "set router",
- "external_command": "neutron subnet-create demo-net 192.168.1.0/24 --name demo-subnet --gateway 192.168.1.1",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "set router",
- "external_command": "neutron router-interface-add demo-router demo-subnet",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "openstack image list",
- "external_command": "nova image-list",
- "result": "(?P<uuid_image>[\\w-]+)\\s+\\| cirros",
- "description": "Get an Image ID"
- },
- {
- "name": "create tenant test",
- "external_command": "openstack project create test_moonclient",
- "result": "",
- "description": "Create a new tenant"
- },
- {
- "name": "create user demo",
- "external_command": "openstack user create --password console demo",
- "result": "",
- "description": "Create user demo"
- },
- {
- "name": "add role admin to demo",
- "external_command": "openstack role add --project admin --user demo admin",
- "result": "",
- "description": "Force the admin role for the user demo on the project admin (for testing purpose)."
- },
- {
- "name": "neutron net-list",
- "external_command": "neutron net-list",
- "result": "(?P<uuid_net>[\\w-]+)\\s+\\| demo-net",
- "description": "Get an Net ID"
- },
- {
- "name": "nova boot new server",
- "external_command": "nova boot --flavor m1.tiny --image $uuid_image --nic net-id=$uuid_net --security-group default test_moonclient",
- "result": "",
- "description": "Get an Image ID"
- },
- {
- "name": "sleep",
- "external_command": "sleep 10",
- "result": "",
- "description": "time for server to really boot"
- },
- {
- "name": "nova get new server",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Get the ID of the new server"
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "demo",
- "description": "Check if tenant demo is used."
- },
- {
- "name": "add tenant demo",
- "command": "tenant add demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+demo",
- "description": "Check that tenant demo has been correctly added"
- },
- {
- "name": "add role admin to demo",
- "external_command": "openstack role add --project demo --user demo admin ",
- "result": "",
- "description": "Add role admin to user demo (an error may occurred)"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_empty_authz empty_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "result": "demo",
- "description": "Check if tenant demo is used."
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject",
- "command": "subject add admin --subject_pass console",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject_admin>\\w+)\\s+admin",
- "description": "Check that admin subject was added."
- },
- {
- "name": "add_subject",
- "command": "subject add demo --subject_pass console",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject_demo>\\w+)\\s+demo",
- "description": "Check that demo subject was added."
- },
- {
- "name": "add_object",
- "command": "object add servers",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_servers>\\w+)\\s+servers",
- "description": "Check that servers subject was added."
- },
- {
- "name": "add_action",
- "command": "action add pause",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_pause>\\w+)\\s+pause",
- "description": "Check that pause action was added."
- },
- {
- "name": "add_action",
- "command": "action add unpause",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_unpause>\\w+)\\s+unpause",
- "description": "Check that unpause action was added."
- },
- {
- "name": "add_action",
- "command": "action add list",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_list>\\w+)\\s+list",
- "description": "Check that list action was added."
- },
- {
- "name": "add_action",
- "command": "action add start",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_start>\\w+)\\s+start",
- "description": "Check that start action was added."
- },
- {
- "name": "add_action",
- "command": "action add stop",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_stop>\\w+)\\s+stop",
- "description": "Check that stop action was added."
- },
- {
- "name": "add_action",
- "command": "action add create",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_create>\\w+)\\s+create",
- "description": "Check that create action was added."
- },
- {
- "name": "add_action",
- "command": "action add upload",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_upload>\\w+)\\s+upload",
- "description": "Check that upload action was added."
- },
- {
- "name": "add_action",
- "command": "action add download",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_download>\\w+)\\s+download",
- "description": "Check that download action was added."
- },
- {
- "name": "add_action",
- "command": "action add post",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_post>\\w+)\\s+post",
- "description": "Check that post action was added."
- },
- {
- "name": "add_action",
- "command": "action add storage_list",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_storage_list>\\w+)\\s+storage_list",
- "description": "Check that storage_list action was added."
- },
-
- {
- "name": "add_subject_category",
- "command": "subject category add subject_security_level",
- "result": "",
- "description": "Add the new subject category subject_security_level",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category_authz>\\w+)\\s+subject_security_level",
- "description": "Check that subject_security_level subject_category was added."
- },
- {
- "name": "add_object_category",
- "command": "object category add object_security_level",
- "result": "",
- "description": "Add the new object category object_security_level",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category_authz>\\w+)\\s+object_security_level",
- "description": "Check that object_security_level object_category was added."
- },
- {
- "name": "add_action_category",
- "command": "action category add resource_action",
- "result": "",
- "description": "Add the new action category resource_action",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category_authz>\\w+)\\s+resource_action",
- "description": "Check that resource_action action_category was added."
- },
-
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category_authz high --description \"high\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category_authz",
- "result": "(?P<uuid_subject_scope_high>\\w+)\\s+high\\s+high",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category_authz medium --description \"medium\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category_authz",
- "result": "(?P<uuid_subject_scope_medium>\\w+)\\s+medium\\s+medium",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category_authz low --description \"low\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category_authz",
- "result": "(?P<uuid_subject_scope_low>\\w+)\\s+low\\s+low",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_authz high --description \"high\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_authz",
- "result": "(?P<uuid_object_scope_high>\\w+)\\s+high\\s+high",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_authz medium --description \"medium\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_authz",
- "result": "(?P<uuid_object_scope_medium>\\w+)\\s+medium\\s+medium",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_authz low --description \"low\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_authz",
- "result": "(?P<uuid_object_scope_low>\\w+)\\s+low\\s+low",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category_authz vm_admin --description \"vm_admin\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category_authz",
- "result": "(?P<uuid_action_scope_vm_admin>\\w+)\\s+vm_admin\\s+vm_admin",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category_authz vm_access --description \"vm_access\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category_authz",
- "result": "(?P<uuid_action_scope_vm_access>\\w+)\\s+vm_access\\s+vm_access",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category_authz storage_admin --description \"storage_admin\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category_authz",
- "result": "(?P<uuid_action_scope_storage_admin>\\w+)\\s+storage_admin\\s+storage_admin",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category_authz storage_access --description \"storage_access\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category_authz",
- "result": "(?P<uuid_action_scope_storage_access>\\w+)\\s+storage_access\\s+storage_access",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "subject assignment add $uuid_subject_admin $uuid_subject_category_authz $uuid_subject_scope_high",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "subject assignment list $uuid_subject_admin $uuid_subject_category_authz",
- "result": "$uuid_subject_scope_high high",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "subject assignment add $uuid_subject_demo $uuid_subject_category_authz $uuid_subject_scope_medium",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "subject assignment list $uuid_subject_demo $uuid_subject_category_authz",
- "result": "$uuid_subject_scope_medium medium",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_servers $uuid_object_category_authz $uuid_object_scope_low",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_servers $uuid_object_category_authz",
- "result": "$uuid_object_scope_low low",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_pause $uuid_action_category_authz $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_pause $uuid_action_category_authz",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_unpause $uuid_action_category_authz $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_unpause $uuid_action_category_authz",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_start $uuid_action_category_authz $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_start $uuid_action_category_authz",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_stop $uuid_action_category_authz $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_stop $uuid_action_category_authz",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_list $uuid_action_category_authz $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_list $uuid_action_category_authz",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_list $uuid_action_category_authz $uuid_action_scope_vm_access",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_list $uuid_action_category_authz",
- "result": "$uuid_action_scope_vm_access vm_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_create $uuid_action_category_authz $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_create $uuid_action_category_authz",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_storage_list $uuid_action_category_authz $uuid_action_scope_storage_access",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_storage_list $uuid_action_category_authz",
- "result": "$uuid_action_scope_storage_access storage_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_download $uuid_action_category_authz $uuid_action_scope_storage_access",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_download $uuid_action_category_authz",
- "result": "$uuid_action_scope_storage_access storage_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_upload $uuid_action_category_authz $uuid_action_scope_storage_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_upload $uuid_action_category_authz",
- "result": "$uuid_action_scope_storage_admin storage_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_post $uuid_action_category_authz $uuid_action_scope_storage_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_post $uuid_action_category_authz",
- "result": "$uuid_action_scope_storage_admin storage_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "check_submetarules",
- "command": "submetarule show",
- "result": "(?P<submetarule_uuid_authz>\\w+)",
- "description": "Get one submetarule ID",
- "command_options": "-c id -f value"
- },
- {
- "name": "set_submetarule",
- "command": "submetarule set $submetarule_uuid_authz --subject_category_id=\"$uuid_subject_category_authz\" --object_category_id=\"$uuid_object_category_authz\" --action_category_id=\"$uuid_action_category_authz\"",
- "result": "^$",
- "description": "Set a new submetarule",
- "command_options": ""
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid_authz \\s*subject_security_level",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid_authz \\s*object_security_level",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"object categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid_authz \\s*resource_action",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"action categories\" -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"high,vm_admin,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_admin\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"high,vm_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"medium,vm_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+vm_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"high,vm_access,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_access\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"high,vm_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"medium,vm_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+vm_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"high,storage_admin,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_admin\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"high,storage_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"medium,storage_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+storage_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"high,storage_access,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_access\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"high,storage_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_authz \"medium,storage_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_authz",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+storage_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm list",
- "result": "(?P<uuid_aggregation>\\w+)\\s+one_true",
- "description": "Get aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set aggregation algorithm",
- "command": "aggregation algorithm set $uuid_aggregation",
- "result": "",
- "description": "Set aggregation algorithm to one_true.",
- "command_options": ""
- },
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm show",
- "result": "$uuid_aggregation\\s+one_true",
- "description": "Check aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "get submetarule algorithm",
- "command": "submetarule algorithm list",
- "result": "(?P<uuid_submetarule_algo>\\w+)\\s+inclusion",
- "description": "Get submetarule algorithm named inclusion.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set submetarule algorithm",
- "command": "submetarule set --algorithm_name inclusion $submetarule_uuid_authz",
- "result": "",
- "description": "Set submetarule algorithm to inclusion.",
- "command_options": ""
- },
-
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_empty_admin empty_admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the admin intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "result": "demo",
- "description": "Check if tenant demo is used."
- },
- {
- "name": "select_admin_ie",
- "command": "intraextension select $uuid_admin",
- "result": "Select $uuid_admin IntraExtension.",
- "description": "Select the admin IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_admin_ie",
- "command": "intraextension show selected",
- "result": "$uuid_admin",
- "description": "Check the selected admin IntraExtension",
- "command_options": "-c id -f value"
- },
-
- {
- "name": "add_subject",
- "command": "subject add admin --subject_pass console",
- "result": "",
- "description": "Add admin subject.",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject_admin>\\w+)\\s+admin",
- "description": "Check that admin subject was already there."
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_subjects>\\w+)\\s+authz.subjects",
- "description": "Check that authz_subjects subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_objects>\\w+)\\s+authz.objects",
- "description": "Check that authz_objects subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_actions>\\w+)\\s+authz.actions",
- "description": "Check that authz_actions subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_subject_categories>\\w+)\\s+authz.subject_categories",
- "description": "Check that authz_subject_categories subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_object_categories>\\w+)\\s+authz.object_categories",
- "description": "Check that authz_object_categories subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_action_categories>\\w+)\\s+authz.action_categories",
- "description": "Check that authz_action_categories subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_subject_scopes>\\w+)\\s+authz.subject_scopes",
- "description": "Check that authz_subject_scopes subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_object_scopes>\\w+)\\s+authz.object_scopes",
- "description": "Check that authz_object_scopes subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_action_scopes>\\w+)\\s+authz.action_scopes",
- "description": "Check that authz_action_scopes subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_subject_assignments>\\w+)\\s+authz.subject_assignments",
- "description": "Check that authz_subject_assignments subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_object_assignments>\\w+)\\s+authz.object_assignments",
- "description": "Check that authz_object_assignments subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_action_assignments>\\w+)\\s+authz.action_assignments",
- "description": "Check that authz_action_assignments subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_aggregation_algorithm>\\w+)\\s+authz.aggregation_algorithm",
- "description": "Check that authz_aggregation_algorithm subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_sub_meta_rules>\\w+)\\s+authz.sub_meta_rules",
- "description": "Check that authz_sub_meta_rules subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_authz_rules>\\w+)\\s+authz.rules",
- "description": "Check that authz_rules subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_subjects>\\w+)\\s+admin.subjects",
- "description": "Check that admin_subjects subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_objects>\\w+)\\s+admin.objects",
- "description": "Check that admin_objects subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_actions>\\w+)\\s+admin.actions",
- "description": "Check that admin_actions subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_subject_categories>\\w+)\\s+admin.subject_categories",
- "description": "Check that admin_subject_categories subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_object_categories>\\w+)\\s+admin.object_categories",
- "description": "Check that admin_object_categories subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_action_categories>\\w+)\\s+admin.action_categories",
- "description": "Check that admin_action_categories subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_subject_scopes>\\w+)\\s+admin.subject_scopes",
- "description": "Check that admin_subject_scopes subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_object_scopes>\\w+)\\s+admin.object_scopes",
- "description": "Check that admin_object_scopes subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_action_scopes>\\w+)\\s+admin.action_scopes",
- "description": "Check that admin_action_scopes subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_subject_assignments>\\w+)\\s+admin.subject_assignments",
- "description": "Check that admin_subject_assignments subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_object_assignments>\\w+)\\s+admin.object_assignments",
- "description": "Check that admin_object_assignments subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_action_assignments>\\w+)\\s+admin.action_assignments",
- "description": "Check that admin_action_assignments subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_aggregation_algorithm>\\w+)\\s+admin.aggregation_algorithm",
- "description": "Check that admin_aggregation_algorithm subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_sub_meta_rules>\\w+)\\s+admin.sub_meta_rules",
- "description": "Check that admin_sub_meta_rules subject was already there."
- },
-
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_admin_rules>\\w+)\\s+admin.rules",
- "description": "Check that admin_rules subject was already there."
- },
-
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_read>\\w+)\\s+read",
- "description": "Check that read action was already there."
- },
-
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_write>\\w+)\\s+write",
- "description": "Check that write action was already there."
- },
-
- {
- "name": "add_subject_category",
- "command": "subject category add role",
- "result": "",
- "description": "Add the new subject category role",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category_admin>\\w+)\\s+role",
- "description": "Check that role subject_category was added."
- },
- {
- "name": "add_object_category",
- "command": "object category add object_id",
- "result": "",
- "description": "Add the new object category object_id",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category_admin>\\w+)\\s+object_id",
- "description": "Check that object_id object_category was added."
- },
- {
- "name": "add_action_category",
- "command": "action category add action_id",
- "result": "",
- "description": "Add the new action category action_id",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category_admin>\\w+)\\s+action_id",
- "description": "Check that action_id action_category was added."
- },
-
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category_admin root_role --description \"root role\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category_admin",
- "result": "(?P<uuid_subject_scope_root_role>\\w+)\\s+root_role\\s+root role",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category_admin dev_role --description \"dev role\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category_admin",
- "result": "(?P<uuid_subject_scope_dev_role>\\w+)\\s+dev_role\\s+dev role",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_subjects --description \"authz subjects\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_subjects>\\w+)\\s+authz.subjects\\s+authz subjects",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_objects --description \"authz objects\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_objects>\\w+)\\s+authz.objects\\s+authz objects",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_actions --description \"authz actions\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_actions>\\w+)\\s+authz.actions\\s+authz actions",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_subject_categories --description \"authz subject categories\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_subject_categories>\\w+)\\s+authz.subject_categories\\s+authz subject categories",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_object_categories --description \"authz object categories\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_object_categories>\\w+)\\s+authz.object_categories\\s+authz object categories",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_action_categories --description \"authz action categories\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_action_categories>\\w+)\\s+authz.action_categories\\s+authz action categories",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_subject_scopes --description \"authz subject scopes\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_subject_scopes>\\w+)\\s+authz.subject_scopes\\s+authz subject scopes",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_object_scopes --description \"authz object scopes\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_object_scopes>\\w+)\\s+authz.object_scopes\\s+authz object scopes",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_action_scopes --description \"authz action scopes\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_action_scopes>\\w+)\\s+authz.action_scopes\\s+authz action scopes",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_subject_assignments --description \"authz subject assignments\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_subject_assignments>\\w+)\\s+authz.subject_assignments\\s+authz subject assignments",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_object_assignments --description \"authz object assignments\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_object_assignments>\\w+)\\s+authz.object_assignments\\s+authz object assignments",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_action_assignments --description \"authz action assignments\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_action_assignments>\\w+)\\s+authz.action_assignments\\s+authz action assignments",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_aggregation_algorithm --description \"authz aggregation algorithm\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_aggregation_algorithm>\\w+)\\s+authz.aggregation_algorithm\\s+authz aggregation algorithm",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_sub_meta_rules --description \"authz sub meta rules\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_sub_meta_rules>\\w+)\\s+authz.sub_meta_rules\\s+authz sub meta rules",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin authz_rules --description \"authz rules\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_authz_rules>\\w+)\\s+authz.rules\\s+authz rules",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_subjects --description \"admin subjects\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_subjects>\\w+)\\s+admin.subjects\\s+admin subjects",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_objects --description \"admin objects\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_objects>\\w+)\\s+admin.objects\\s+admin objects",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_actions --description \"admin actions\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_actions>\\w+)\\s+admin.actions\\s+admin actions",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_subject_categories --description \"admin subject categories\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_subject_categories>\\w+)\\s+admin.subject_categories\\s+admin subject categories",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_object_categories --description \"admin object categories\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_object_categories>\\w+)\\s+admin.object_categories\\s+admin object categories",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_action_categories --description \"admin action categories\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_action_categories>\\w+)\\s+admin.action_categories\\s+admin action categories",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_subject_scopes --description \"admin subject scopes\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_subject_scopes>\\w+)\\s+admin.subject_scopes\\s+admin subject scopes",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_object_scopes --description \"admin object scopes\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_object_scopes>\\w+)\\s+admin.object_scopes\\s+admin object scopes",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_action_scopes --description \"admin action scopes\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_action_scopes>\\w+)\\s+admin.action_scopes\\s+admin action scopes",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_subject_assignments --description \"admin subject assignments\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_subject_assignments>\\w+)\\s+admin.subject_assignments\\s+admin subject assignments",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_object_assignments --description \"admin object assignments\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_object_assignments>\\w+)\\s+admin.object_assignments\\s+admin object assignments",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_action_assignments --description \"admin action assignments\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_action_assignments>\\w+)\\s+admin.action_assignments\\s+admin action assignments",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_aggregation_algorithm --description \"admin aggregation algorithm\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_aggregation_algorithm>\\w+)\\s+admin.aggregation_algorithm\\s+admin aggregation algorithm",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_sub_meta_rules --description \"admin sub meta rules\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_sub_meta_rules>\\w+)\\s+admin.sub_meta_rules\\s+admin sub meta rules",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category_admin admin_rules --description \"admin rules\"",
- "result": "^$",
- "description": "Add one scope to object category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category_admin",
- "result": "(?P<uuid_object_scope_admin_rules>\\w+)\\s+admin.rules\\s+admin rules",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category_admin read --description \"read\"",
- "result": "^$",
- "description": "Add one scope to action category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category_admin",
- "result": "(?P<uuid_action_scope_read>\\w+)\\s+read\\s+read",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category_admin write --description \"write\"",
- "result": "^$",
- "description": "Add one scope to action category",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category_admin",
- "result": "(?P<uuid_action_scope_write>\\w+)\\s+write\\s+write",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "subject assignment add $uuid_subject_admin $uuid_subject_category_admin $uuid_subject_scope_root_role",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "subject assignment list $uuid_subject_admin $uuid_subject_category_admin",
- "result": "$uuid_subject_scope_root_role root_role",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_subjects $uuid_object_category_admin $uuid_object_scope_authz_subjects",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_subjects $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_subjects authz_subjects",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_objects $uuid_object_category_admin $uuid_object_scope_authz_objects",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_objects $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_objects authz_objects",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_actions $uuid_object_category_admin $uuid_object_scope_authz_actions",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_actions $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_actions authz_actions",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_subject_categories $uuid_object_category_admin $uuid_object_scope_authz_subject_categories",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_subject_categories $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_subject_categories authz_subject_categories",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_object_categories $uuid_object_category_admin $uuid_object_scope_authz_object_categories",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_object_categories $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_object_categories authz_object_categories",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_action_categories $uuid_object_category_admin $uuid_object_scope_authz_action_categories",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_action_categories $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_action_categories authz_action_categories",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_subject_scopes $uuid_object_category_admin $uuid_object_scope_authz_subject_scopes",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_subject_scopes $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_subject_scopes authz_subject_scopes",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_object_scopes $uuid_object_category_admin $uuid_object_scope_authz_object_scopes",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_object_scopes $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_object_scopes authz_object_scopes",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_action_scopes $uuid_object_category_admin $uuid_object_scope_authz_action_scopes",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_action_scopes $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_action_scopes authz_action_scopes",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_subject_assignments $uuid_object_category_admin $uuid_object_scope_authz_subject_assignments",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_subject_assignments $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_subject_assignments authz_subject_assignments",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_object_assignments $uuid_object_category_admin $uuid_object_scope_authz_object_assignments",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_object_assignments $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_object_assignments authz_object_assignments",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_action_assignments $uuid_object_category_admin $uuid_object_scope_authz_action_assignments",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_action_assignments $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_action_assignments authz_action_assignments",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_aggregation_algorithm $uuid_object_category_admin $uuid_object_scope_authz_aggregation_algorithm",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_aggregation_algorithm $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_aggregation_algorithm authz_aggregation_algorithm",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_sub_meta_rules $uuid_object_category_admin $uuid_object_scope_authz_sub_meta_rules",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_sub_meta_rules $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_sub_meta_rules authz_sub_meta_rules",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_authz_rules $uuid_object_category_admin $uuid_object_scope_authz_rules",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_authz_rules $uuid_object_category_admin",
- "result": "$uuid_object_scope_authz_rules authz_rules",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_subjects $uuid_object_category_admin $uuid_object_scope_admin_subjects",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_subjects $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_subjects admin_subjects",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_objects $uuid_object_category_admin $uuid_object_scope_admin_objects",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_objects $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_objects admin_objects",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_actions $uuid_object_category_admin $uuid_object_scope_admin_actions",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_actions $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_actions admin_actions",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_subject_categories $uuid_object_category_admin $uuid_object_scope_admin_subject_categories",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_subject_categories $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_subject_categories admin_subject_categories",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_object_categories $uuid_object_category_admin $uuid_object_scope_admin_object_categories",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_object_categories $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_object_categories admin_object_categories",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_action_categories $uuid_object_category_admin $uuid_object_scope_admin_action_categories",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_action_categories $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_action_categories admin_action_categories",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_subject_scopes $uuid_object_category_admin $uuid_object_scope_admin_subject_scopes",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_subject_scopes $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_subject_scopes admin_subject_scopes",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_object_scopes $uuid_object_category_admin $uuid_object_scope_admin_object_scopes",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_object_scopes $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_object_scopes admin_object_scopes",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_action_scopes $uuid_object_category_admin $uuid_object_scope_admin_action_scopes",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_action_scopes $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_action_scopes admin_action_scopes",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_subject_assignments $uuid_object_category_admin $uuid_object_scope_admin_subject_assignments",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_subject_assignments $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_subject_assignments admin_subject_assignments",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_object_assignments $uuid_object_category_admin $uuid_object_scope_admin_object_assignments",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_object_assignments $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_object_assignments admin_object_assignments",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_action_assignments $uuid_object_category_admin $uuid_object_scope_admin_action_assignments",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_action_assignments $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_action_assignments admin_action_assignments",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_aggregation_algorithm $uuid_object_category_admin $uuid_object_scope_admin_aggregation_algorithm",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_aggregation_algorithm $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_aggregation_algorithm admin_aggregation_algorithm",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_sub_meta_rules $uuid_object_category_admin $uuid_object_scope_admin_sub_meta_rules",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_sub_meta_rules $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_sub_meta_rules admin_sub_meta_rules",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_admin_rules $uuid_object_category_admin $uuid_object_scope_admin_rules",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_admin_rules $uuid_object_category_admin",
- "result": "$uuid_object_scope_admin_rules admin_rules",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_read $uuid_action_category_admin $uuid_action_scope_read",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_read $uuid_action_category_admin",
- "result": "$uuid_action_scope_read read",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_write $uuid_action_category_admin $uuid_action_scope_write",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_write $uuid_action_category_admin",
- "result": "$uuid_action_scope_write write",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "check_submetarules",
- "command": "submetarule show",
- "result": "(?P<submetarule_uuid_admin>\\w+)",
- "description": "Get one submetarule ID",
- "command_options": "-c id -f value"
- },
- {
- "name": "set_submetarule",
- "command": "submetarule set $submetarule_uuid_admin --subject_category_id=\"$uuid_subject_category_admin\" --object_category_id=\"$uuid_object_category_admin\" --action_category_id=\"$uuid_action_category_admin\"",
- "result": "^$",
- "description": "Set a new submetarule",
- "command_options": ""
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid_admin \\s*role",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid_admin \\s*object_id",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"object categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid_admin \\s*action_id",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"action categories\" -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_subjects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.subjects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_objects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.objects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_actions\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.actions",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_subject_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.subject_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_object_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.object_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_action_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.action_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_subject_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.subject_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_object_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.object_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_action_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.action_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_subject_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.subject_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_object_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.object_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_action_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.action_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_aggregation_algorithm\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.aggregation_algorithm",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_sub_meta_rules\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.sub_meta_rules",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_rules\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+authz.rules",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_subjects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.subjects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_objects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.objects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_actions\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.actions",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_subject_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.subject_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_object_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.object_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_action_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.action_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_subject_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.subject_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_object_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.object_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_action_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.action_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_subject_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.subject_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_object_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.object_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_action_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.action_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_aggregation_algorithm\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.aggregation_algorithm",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_sub_meta_rules\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.sub_meta_rules",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_rules\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+authz.rules",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_subjects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.subjects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_objects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.objects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_actions\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.actions",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_subject_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.subject_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_object_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.object_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_action_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.action_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_subject_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.subject_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_object_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.object_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_action_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.action_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_subject_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.subject_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_object_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.object_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_action_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.action_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_aggregation_algorithm\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.aggregation_algorithm",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_sub_meta_rules\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.sub_meta_rules",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_rules\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+read\\s+admin.rules",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_subjects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.subjects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_objects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.objects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_actions\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.actions",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_subject_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.subject_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_object_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.object_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_action_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.action_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_subject_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.subject_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_object_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.object_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_action_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.action_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_subject_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.subject_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_object_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.object_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_action_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.action_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_aggregation_algorithm\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.aggregation_algorithm",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_sub_meta_rules\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.sub_meta_rules",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_rules\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+root_role\\s+write\\s+admin.rules",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm list",
- "result": "(?P<uuid_aggregation>\\w+)\\s+one_true",
- "description": "Get aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set aggregation algorithm",
- "command": "aggregation algorithm set $uuid_aggregation",
- "result": "",
- "description": "Set aggregation algorithm to one_true.",
- "command_options": ""
- },
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm show",
- "result": "$uuid_aggregation\\s+one_true",
- "description": "Check aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "get submetarule algorithm",
- "command": "submetarule algorithm list",
- "result": "(?P<uuid_submetarule_algo>\\w+)\\s+inclusion",
- "description": "Get submetarule algorithm named inclusion.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set submetarule algorithm",
- "command": "submetarule set --algorithm_name inclusion $submetarule_uuid_admin",
- "result": "",
- "description": "Set submetarule algorithm to inclusion.",
- "command_options": ""
- },
-
- {
- "name": "select_admin_ie",
- "command": "intraextension select $uuid_admin",
- "result": "Select $uuid_admin IntraExtension.",
- "description": "Select the admin IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_admin_ie",
- "command": "intraextension show selected",
- "result": "$uuid_admin",
- "description": "Check the selected admin IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject",
- "command": "subject add demo --subject_pass console",
- "result": "",
- "description": "Add demo subject.",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject_demo_admin>\\w+)\\s+demo",
- "description": "Check that demo subject was added."
- },
- {
- "name": "add_new_role",
- "command": "subject scope add $uuid_subject_category_admin demo_role",
- "result": "",
- "description": "Add demo_role to demo subject.",
- "command_options": ""
- },
- {
- "name": "check_new_role",
- "command": "subject scope list $uuid_subject_category_admin",
- "result": "(?P<uuid_subject_scope_demo_role>\\w+)\\s+demo_role",
- "description": "Check that demo_role was added."
- },
- {
- "name": "add_new_assignment",
- "command": "subject assignment add $uuid_subject_demo_admin $uuid_subject_category_admin $uuid_subject_scope_demo_role",
- "result": "",
- "description": "Link the demo subject to the demo_role scope.",
- "command_options": ""
- },
- {
- "name": "check_new_assignment",
- "command": "subject assignment list $uuid_subject_demo_admin $uuid_subject_category_admin",
- "result": "$uuid_subject_scope_demo_role demo_role",
- "description": "Check that assignment was added.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"demo_role,read,authz_objects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+demo_role\\s+read\\s+authz_objects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"demo_role,write,authz_objects\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+demo_role\\s+write\\s+authz_objects",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"demo_role,read,authz_object_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+demo_role\\s+read\\s+authz_object_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"demo_role,write,authz_object_assignments\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+demo_role\\s+write\\s+authz_object_assignments",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"demo_role,read,authz_object_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+demo_role\\s+read\\s+authz_object_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"demo_role,write,authz_object_scopes\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+demo_role\\s+write\\s+authz_object_scopes",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"demo_role,read,authz_object_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+demo_role\\s+read\\s+authz_object_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid_admin \"demo_role,write,authz_object_categories\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid_admin",
- "result": "(?P<rule_id>\\w+)\\s+demo_role\\s+write\\s+authz_object_categories",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value"
- },
-
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected admin IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject",
- "command": "subject add demo --subject_pass console",
- "result": "",
- "description": "Add demo subject.",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject_demo_admin>\\w+)\\s+demo",
- "description": "Check that admin subject was added."
- },
-
- {
- "name": "demo: check nova command",
- "external_command": "nova --os-user-name demo --os-project-name demo --os-password console list",
- "result": "test_moonclient",
- "description": "Check demo can list nova servers due to the current rules"
- },
- {
- "name": "demo: try to pause nova instance",
- "external_command": "nova --os-username demo --os-project-name demo --os-password console pause $uuid_server",
- "result": "^$",
- "description": "Pausing the server must be impossible due to the current rules"
- },
- {
- "name": "check nova command",
- "external_command": "nova --os-user-name demo --os-project-name demo --os-password console list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Check that nova server is still in running state."
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "result": "demo",
- "description": "Check if tenant demo is used."
- },
-
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
-
- {
- "auth_name": "demo",
- "auth_password": "console",
- "auth_tenant": "demo",
- "description": "Change user to demo"
- },
-
- {
- "name": "add_object",
- "command": "object add $uuid_server",
- "result": "",
- "description": "Add the new nova server",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_nova_server>\\w+)\\s+$uuid_server",
- "description": "Check that the new nova server was added."
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_nova_server $uuid_object_category_authz $uuid_object_scope_low",
- "result": "^$",
- "description": "Set the assignment 'low' to nova server",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_nova_server $uuid_object_category_authz",
- "result": "$uuid_object_scope_low low",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "check nova command",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Check that we can now list nova servers due to the current rules"
- },
- {
- "name": "try to pause nova instance",
- "external_command": "nova pause $uuid_server",
- "result": "^$",
- "description": "Pausing the server must be possible now"
- },
- {
- "name": "check nova command",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| PAUSED\\s+\\| [\\w\\-]+\\s+\\| Paused",
- "description": "Check that we can still list nova servers due to the current rules"
- },
- {
- "name": "reactivate nova instance",
- "external_command": "nova unpause $uuid_server",
- "result": "^$",
- "description": "Unpausing the server for next tests"
- },
-
- {
- "name": "del_assignment",
- "command": "object assignment delete $uuid_object_nova_server $uuid_object_category_authz $uuid_object_scope_low",
- "result": "^$",
- "description": "Delete the assignment 'low' to nova server",
- "command_options": ""
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_nova_server $uuid_object_category_authz $uuid_object_scope_high",
- "result": "^$",
- "description": "Set the assignment 'high' to nova server",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_nova_server $uuid_object_category_authz",
- "result": "$uuid_object_scope_high high",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "check nova command",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Check that we can now list nova servers due to the current rules"
- },
- {
- "name": "try to pause nova instance",
- "external_command": "nova pause $uuid_server",
- "result": "^$",
- "description": "Pausing the server must be not possible now"
- },
- {
- "name": "check nova command",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Check that we can still list nova servers due to the current rules"
- },
-
-
- {
- "auth_name": "admin",
- "auth_tenant": "admin",
- "description": "Change user to admin"
- },
-
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant demo",
- "command_options": ""
- },
- {
- "name": "nova delete new server",
- "external_command": "nova delete $uuid_server",
- "result": "",
- "description": "Delete the new server"
- }
- ]
- }
-}
diff --git a/moonclient/moonclient/tests/todo/tests_empty_policy_nova.json b/moonclient/moonclient/tests/todo/tests_empty_policy_nova.json
deleted file mode 100644
index 399710be..00000000
--- a/moonclient/moonclient/tests/todo/tests_empty_policy_nova.json
+++ /dev/null
@@ -1,1079 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "get cirros image",
- "external_command": "wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img -o /tmp/cirros.img",
- "result": "",
- "description": "Download a Cirros image"
- },
- {
- "name": "install cirros image",
- "external_command": "glance image-create --name \"cirros\" --disk-format qcow2 --file /tmp/cirros.img --container-format bare",
- "result": "",
- "description": "Upload the Cirros image in glance"
- },
- {
- "name": "create secgroup",
- "external_command": "nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0",
- "result": "",
- "description": "Create a new secgroup in Nova"
- },
- {
- "name": "create secgroup",
- "external_command": "nova secgroup-add-rule default tcp 22 22 0.0.0.0/0",
- "result": "",
- "description": "Create a new secgroup in Nova"
- },
- {
- "name": "create router",
- "external_command": "neutron router-create demo-router",
- "result": "",
- "description": "Create a new router"
- },
- {
- "name": "set router",
- "external_command": "neutron router-gateway-set demo-router ext-net",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "set router",
- "external_command": "neutron net-create demo-net",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "set router",
- "external_command": "neutron subnet-create demo-net 192.168.1.0/24 --name demo-subnet --gateway 192.168.1.1",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "set router",
- "external_command": "neutron router-interface-add demo-router demo-subnet",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "nova image-list",
- "external_command": "nova image-list",
- "result": "(?P<uuid_image>[\\w-]+)\\s+\\| cirros",
- "description": "Get an Image ID"
- },
- {
- "name": "neutron net-list",
- "external_command": "neutron net-list",
- "result": "(?P<uuid_net>[\\w-]+)\\s+\\| ext-net",
- "description": "Get an Net ID"
- },
- {
- "name": "nova boot new server",
- "external_command": "nova boot --flavor m1.tiny --image $uuid_image --nic net-id=$uuid_net --security-group default test_moonclient",
- "result": "",
- "description": "Get an Image ID"
- },
- {
- "name": "sleep",
- "external_command": "sleep 10",
- "result": "",
- "description": "time for server to really boot"
- },
- {
- "name": "nova get new server",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Get the ID of the new server"
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "demo",
- "description": "Check if tenant demo is used."
- },
- {
- "name": "add tenant demo",
- "command": "tenant add demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+demo",
- "description": "Check that tenant demo has been correctly added"
- },
-
- {
- "name": "check nova command",
- "external_command": "nova list",
- "no_result": "test_moonclient",
- "description": "Check that we cannot list nova servers due to the current rules"
- },
- {
- "name": "try to pause nova instance",
- "external_command": "nova pause $uuid_server",
- "result": "^$",
- "description": "Pausing the server must be impossible due to the current rules"
- },
-
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_empty_authz empty_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "result": "demo",
- "description": "Check if tenant demo is used."
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject",
- "command": "subject add admin --subject_pass password",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject_admin>\\w+)\\s+admin",
- "description": "Check that admin subject was added."
- },
- {
- "name": "add_subject",
- "command": "subject add demo --subject_pass password",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject_demo>\\w+)\\s+demo",
- "description": "Check that demo subject was added."
- },
- {
- "name": "add_object",
- "command": "object add servers",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_servers>\\w+)\\s+servers",
- "description": "Check that servers subject was added."
- },
- {
- "name": "add_action",
- "command": "action add pause",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_pause>\\w+)\\s+pause",
- "description": "Check that pause action was added."
- },
- {
- "name": "add_action",
- "command": "action add unpause",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_unpause>\\w+)\\s+unpause",
- "description": "Check that unpause action was added."
- },
- {
- "name": "add_action",
- "command": "action add list",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_list>\\w+)\\s+list",
- "description": "Check that list action was added."
- },
- {
- "name": "add_action",
- "command": "action add start",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_start>\\w+)\\s+start",
- "description": "Check that start action was added."
- },
- {
- "name": "add_action",
- "command": "action add stop",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_stop>\\w+)\\s+stop",
- "description": "Check that stop action was added."
- },
- {
- "name": "add_action",
- "command": "action add create",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_create>\\w+)\\s+create",
- "description": "Check that create action was added."
- },
- {
- "name": "add_action",
- "command": "action add upload",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_upload>\\w+)\\s+upload",
- "description": "Check that upload action was added."
- },
- {
- "name": "add_action",
- "command": "action add download",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_download>\\w+)\\s+download",
- "description": "Check that download action was added."
- },
- {
- "name": "add_action",
- "command": "action add post",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_post>\\w+)\\s+post",
- "description": "Check that post action was added."
- },
- {
- "name": "add_action",
- "command": "action add storage_list",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_storage_list>\\w+)\\s+storage_list",
- "description": "Check that storage_list action was added."
- },
-
- {
- "name": "add_subject_category",
- "command": "subject category add subject_security_level",
- "result": "",
- "description": "Add the new subject category subject_security_level",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category>\\w+)\\s+subject_security_level",
- "description": "Check that subject_security_level subject_category was added."
- },
- {
- "name": "add_object_category",
- "command": "object category add object_security_level",
- "result": "",
- "description": "Add the new object category object_security_level",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category>\\w+)\\s+object_security_level",
- "description": "Check that object_security_level object_category was added."
- },
- {
- "name": "add_action_category",
- "command": "action category add resource_action",
- "result": "",
- "description": "Add the new action category resource_action",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category>\\w+)\\s+resource_action",
- "description": "Check that resource_action action_category was added."
- },
-
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category high --description \"high\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope_high>\\w+)\\s+high\\s+high",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category medium --description \"medium\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope_medium>\\w+)\\s+medium\\s+medium",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category low --description \"low\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope_low>\\w+)\\s+low\\s+low",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category high --description \"high\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope_high>\\w+)\\s+high\\s+high",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category medium --description \"medium\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope_medium>\\w+)\\s+medium\\s+medium",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category low --description \"low\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope_low>\\w+)\\s+low\\s+low",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category vm_admin --description \"vm_admin\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope_vm_admin>\\w+)\\s+vm_admin\\s+vm_admin",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category vm_access --description \"vm_access\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope_vm_access>\\w+)\\s+vm_access\\s+vm_access",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category storage_admin --description \"storage_admin\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope_storage_admin>\\w+)\\s+storage_admin\\s+storage_admin",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category storage_access --description \"storage_access\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope_storage_access>\\w+)\\s+storage_access\\s+storage_access",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "subject assignment add $uuid_subject_admin $uuid_subject_category $uuid_subject_scope_high",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "subject assignment list $uuid_subject_admin $uuid_subject_category",
- "result": "$uuid_subject_scope_high high",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "subject assignment add $uuid_subject_demo $uuid_subject_category $uuid_subject_scope_medium",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "subject assignment list $uuid_subject_demo $uuid_subject_category",
- "result": "$uuid_subject_scope_medium medium",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_servers $uuid_object_category $uuid_object_scope_low",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_servers $uuid_object_category",
- "result": "$uuid_object_scope_low low",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_pause $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_pause $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_unpause $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_unpause $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_start $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_start $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_stop $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_stop $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_list $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_list $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_list $uuid_action_category $uuid_action_scope_vm_access",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_list $uuid_action_category",
- "result": "$uuid_action_scope_vm_access vm_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_create $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_create $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_storage_list $uuid_action_category $uuid_action_scope_storage_access",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_storage_list $uuid_action_category",
- "result": "$uuid_action_scope_storage_access storage_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_download $uuid_action_category $uuid_action_scope_storage_access",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_download $uuid_action_category",
- "result": "$uuid_action_scope_storage_access storage_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_upload $uuid_action_category $uuid_action_scope_storage_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_upload $uuid_action_category",
- "result": "$uuid_action_scope_storage_admin storage_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_post $uuid_action_category $uuid_action_scope_storage_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_post $uuid_action_category",
- "result": "$uuid_action_scope_storage_admin storage_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "check_submetarules",
- "command": "submetarule show",
- "result": "(?P<submetarule_uuid>\\w+)",
- "description": "Get one submetarule ID",
- "command_options": "-c id -f value"
- },
- {
- "name": "set_submetarule",
- "command": "submetarule set $submetarule_uuid --subject_category_id=\"$uuid_subject_category\" --object_category_id=\"$uuid_object_category\" --action_category_id=\"$uuid_action_category\"",
- "result": "^$",
- "description": "Set a new submetarule",
- "command_options": ""
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*subject_security_level",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*object_security_level",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"object categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*resource_action",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"action categories\" -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,vm_admin,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_admin\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,vm_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"medium,vm_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+vm_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,vm_access,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_access\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,vm_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"medium,vm_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+vm_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,storage_admin,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_admin\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,storage_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"medium,storage_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+storage_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,storage_access,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_access\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,storage_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"medium,storage_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+storage_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm list",
- "result": "(?P<uuid_aggregation>\\w+)\\s+one_true",
- "description": "Get aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set aggregation algorithm",
- "command": "aggregation algorithm set $uuid_aggregation",
- "result": "",
- "description": "Set aggregation algorithm to one_true.",
- "command_options": ""
- },
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm show",
- "result": "$uuid_aggregation\\s+one_true",
- "description": "Check aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "get submetarule algorithm",
- "command": "submetarule algorithm list",
- "result": "(?P<uuid_submetarule_algo>\\w+)\\s+inclusion",
- "description": "Get submetarule algorithm named inclusion.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set submetarule algorithm",
- "command": "submetarule set --algorithm_name inclusion $submetarule_uuid",
- "result": "",
- "description": "Set submetarule algorithm to inclusion.",
- "command_options": ""
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "result": "demo",
- "description": "Check if tenant demo is used."
- },
-
- {
- "name": "add_object",
- "command": "object add $uuid_server",
- "result": "",
- "description": "Add the new nova server",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_nova_server>\\w+)\\s+$uuid_server",
- "description": "Check that the new nova server was added."
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_nova_server $uuid_object_category $uuid_object_scope_low",
- "result": "^$",
- "description": "Set the assignment 'low' to nova server",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_nova_server $uuid_object_category",
- "result": "$uuid_object_scope_low low",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "check nova command",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Check that we can now list nova servers due to the current rules"
- },
- {
- "name": "try to pause nova instance",
- "external_command": "nova pause $uuid_server",
- "result": "^$",
- "description": "Pausing the server must be possible now"
- },
- {
- "name": "check nova command",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| PAUSED\\s+\\| [\\w\\-]+\\s+\\| Paused",
- "description": "Check that we can still list nova servers due to the current rules"
- },
- {
- "name": "reactivate nova instance",
- "external_command": "nova unpause $uuid_server",
- "result": "^$",
- "description": "Unpausing the server for next tests"
- },
-
- {
- "name": "del_assignment",
- "command": "object assignment delete $uuid_object_nova_server $uuid_object_category $uuid_object_scope_low",
- "result": "^$",
- "description": "Delete the assignment 'low' to nova server",
- "command_options": ""
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_nova_server $uuid_object_category $uuid_object_scope_high",
- "result": "^$",
- "description": "Set the assignment 'high' to nova server",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_nova_server $uuid_object_category",
- "result": "$uuid_object_scope_high high",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "check nova command",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Check that we can now list nova servers due to the current rules"
- },
- {
- "name": "try to pause nova instance",
- "external_command": "nova pause $uuid_server",
- "result": "^$",
- "description": "Pausing the server must be not possible now"
- },
- {
- "name": "check nova command",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Check that we can still list nova servers due to the current rules"
- },
-
-
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant demo",
- "command_options": ""
- },
- {
- "name": "nova delete new server",
- "external_command": "nova delete $uuid_server",
- "result": "",
- "description": "Delete the new server"
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/todo/tests_empty_policy_swift.json b/moonclient/moonclient/tests/todo/tests_empty_policy_swift.json
deleted file mode 100644
index e935da98..00000000
--- a/moonclient/moonclient/tests/todo/tests_empty_policy_swift.json
+++ /dev/null
@@ -1,1175 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "authz": [
- {
- "auth_name": "admin",
- "auth_password": "console",
- "auth_tenant": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "swift list",
- "external_command": "swift list",
- "no_result": "moonclient_test",
- "description": "Check Swift command"
- },
- {
- "name": "add swift container",
- "external_command": "swift post moonclient_test",
- "result": "",
- "description": "Add a new container"
- },
- {
- "name": "swift list",
- "external_command": "swift list",
- "result": "moonclient_test",
- "description": "Check the added container"
- },
- {
- "name": "get accound ID",
- "external_command": "swift stat",
- "result": "Account: (?P<uuid_account>[\\w_]+)",
- "description": "Check the added container"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "admin",
- "description": "Check if tenant demo is used."
- },
- {
- "name": "add tenant admin",
- "command": "tenant add admin",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant admin",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+admin",
- "description": "Check that tenant demo has been correctly added"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_empty_authz empty_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "list tenant",
- "command": "tenant list",
- "result": "admin",
- "description": "Check if tenant admin is used."
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "add_subject",
- "command": "subject add admin --subject_pass password",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject_admin>\\w+)\\s+admin",
- "description": "Check that admin subject was added."
- },
- {
- "name": "add_subject",
- "command": "subject add demo --subject_pass password",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_subject",
- "command": "subject list",
- "result": "(?P<uuid_subject_demo>\\w+)\\s+demo",
- "description": "Check that demo subject was added."
- },
- {
- "name": "add_object",
- "command": "object add servers",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_servers>\\w+)\\s+servers",
- "description": "Check that servers subject was added."
- },
- {
- "name": "add_action",
- "command": "action add pause",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_pause>\\w+)\\s+pause",
- "description": "Check that pause action was added."
- },
- {
- "name": "add_action",
- "command": "action add unpause",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_unpause>\\w+)\\s+unpause",
- "description": "Check that unpause action was added."
- },
- {
- "name": "add_action",
- "command": "action add list",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_list>\\w+)\\s+list",
- "description": "Check that list action was added."
- },
- {
- "name": "add_action",
- "command": "action add start",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_start>\\w+)\\s+start",
- "description": "Check that start action was added."
- },
- {
- "name": "add_action",
- "command": "action add stop",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_stop>\\w+)\\s+stop",
- "description": "Check that stop action was added."
- },
- {
- "name": "add_action",
- "command": "action add create",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_create>\\w+)\\s+create",
- "description": "Check that create action was added."
- },
- {
- "name": "add_action",
- "command": "action add upload",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_upload>\\w+)\\s+upload",
- "description": "Check that upload action was added."
- },
- {
- "name": "add_action",
- "command": "action add download",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_download>\\w+)\\s+download",
- "description": "Check that download action was added."
- },
- {
- "name": "add_action",
- "command": "action add post",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_post>\\w+)\\s+post",
- "description": "Check that post action was added."
- },
- {
- "name": "add_action",
- "command": "action add storage_list",
- "result": "",
- "description": "",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_storage_list>\\w+)\\s+storage_list",
- "description": "Check that storage_list action was added."
- },
-
- {
- "name": "add_subject_category",
- "command": "subject category add subject_security_level",
- "result": "",
- "description": "Add the new subject category subject_security_level",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "subject category list",
- "result": "(?P<uuid_subject_category>\\w+)\\s+subject_security_level",
- "description": "Check that subject_security_level subject_category was added."
- },
- {
- "name": "add_object_category",
- "command": "object category add object_security_level",
- "result": "",
- "description": "Add the new object category object_security_level",
- "command_options": ""
- },
- {
- "name": "list_object_category",
- "command": "object category list",
- "result": "(?P<uuid_object_category>\\w+)\\s+object_security_level",
- "description": "Check that object_security_level object_category was added."
- },
- {
- "name": "add_action_category",
- "command": "action category add resource_action",
- "result": "",
- "description": "Add the new action category resource_action",
- "command_options": ""
- },
- {
- "name": "list_subject_category",
- "command": "action category list",
- "result": "(?P<uuid_action_category>\\w+)\\s+resource_action",
- "description": "Check that resource_action action_category was added."
- },
-
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category high --description \"high\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope_high>\\w+)\\s+high\\s+high",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category medium --description \"medium\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope_medium>\\w+)\\s+medium\\s+medium",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "subject scope add $uuid_subject_category low --description \"low\"",
- "result": "^$",
- "description": "Add one scope to subject category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "subject scope list $uuid_subject_category",
- "result": "(?P<uuid_subject_scope_low>\\w+)\\s+low\\s+low",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category high --description \"high\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope_high>\\w+)\\s+high\\s+high",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category medium --description \"medium\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope_medium>\\w+)\\s+medium\\s+medium",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "object scope add $uuid_object_category low --description \"low\"",
- "result": "^$",
- "description": "Add one scope to object category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "object scope list $uuid_object_category",
- "result": "(?P<uuid_object_scope_low>\\w+)\\s+low\\s+low",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category vm_admin --description \"vm_admin\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope_vm_admin>\\w+)\\s+vm_admin\\s+vm_admin",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category vm_access --description \"vm_access\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope_vm_access>\\w+)\\s+vm_access\\s+vm_access",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category storage_admin --description \"storage_admin\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope_storage_admin>\\w+)\\s+storage_admin\\s+storage_admin",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
- {
- "name": "add_scope",
- "command": "action scope add $uuid_action_category storage_access --description \"storage_access\"",
- "result": "^$",
- "description": "Add one scope to action category role",
- "command_options": ""
- },
- {
- "name": "check_added_scope",
- "command": "action scope list $uuid_action_category",
- "result": "(?P<uuid_action_scope_storage_access>\\w+)\\s+storage_access\\s+storage_access",
- "description": "Check added scope.",
- "command_options": "-c id -c name -c description -f value"
- },
-
- {
- "name": "add_assignment",
- "command": "subject assignment add $uuid_subject_admin $uuid_subject_category $uuid_subject_scope_high",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "subject assignment list $uuid_subject_admin $uuid_subject_category",
- "result": "$uuid_subject_scope_high high",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "subject assignment add $uuid_subject_demo $uuid_subject_category $uuid_subject_scope_medium",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "subject assignment list $uuid_subject_demo $uuid_subject_category",
- "result": "$uuid_subject_scope_medium medium",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_servers $uuid_object_category $uuid_object_scope_low",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_servers $uuid_object_category",
- "result": "$uuid_object_scope_low low",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_pause $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_pause $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_unpause $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_unpause $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_start $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_start $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_stop $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_stop $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_list $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_list $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_list $uuid_action_category $uuid_action_scope_vm_access",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_list $uuid_action_category",
- "result": "$uuid_action_scope_vm_access vm_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_create $uuid_action_category $uuid_action_scope_vm_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_create $uuid_action_category",
- "result": "$uuid_action_scope_vm_admin vm_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_storage_list $uuid_action_category $uuid_action_scope_storage_access",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_storage_list $uuid_action_category",
- "result": "$uuid_action_scope_storage_access storage_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_download $uuid_action_category $uuid_action_scope_storage_access",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_download $uuid_action_category",
- "result": "$uuid_action_scope_storage_access storage_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_upload $uuid_action_category $uuid_action_scope_storage_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_upload $uuid_action_category",
- "result": "$uuid_action_scope_storage_admin storage_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_post $uuid_action_category $uuid_action_scope_storage_admin",
- "result": "^$",
- "description": "Add a new assignment",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_post $uuid_action_category",
- "result": "$uuid_action_scope_storage_admin storage_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "check_submetarules",
- "command": "submetarule show",
- "result": "(?P<submetarule_uuid>\\w+)",
- "description": "Get one submetarule ID",
- "command_options": "-c id -f value"
- },
- {
- "name": "set_submetarule",
- "command": "submetarule set $submetarule_uuid --subject_category_id=\"$uuid_subject_category\" --object_category_id=\"$uuid_object_category\" --action_category_id=\"$uuid_action_category\"",
- "result": "^$",
- "description": "Set a new submetarule",
- "command_options": ""
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*subject_security_level",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"subject categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*object_security_level",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"object categories\" -f value"
- },
- {
- "name": "check_submetarule",
- "command": "submetarule show",
- "result": "$submetarule_uuid \\s*resource_action",
- "description": "Check the new submetarule",
- "command_options": "-c id -c \"action categories\" -f value"
- },
-
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,vm_admin,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_admin\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,vm_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"medium,vm_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+vm_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,vm_access,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_access\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,vm_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+vm_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"medium,vm_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+vm_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,storage_admin,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_admin\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,storage_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"medium,storage_admin,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+storage_admin\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,storage_access,medium\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_access\\s+medium",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"high,storage_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+high\\s+storage_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "add_a_new_rule",
- "command": "rule add $submetarule_uuid \"medium,storage_access,low\"",
- "result": "^$",
- "description": "Add a new rule.",
- "command_options": ""
- },
- {
- "name": "check_added_rule",
- "command": "rule list $submetarule_uuid",
- "result": "(?P<rule_id>\\w+)\\s+medium\\s+storage_access\\s+low",
- "description": "Check that the rule was correctly added.",
- "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value"
- },
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm list",
- "result": "(?P<uuid_aggregation>\\w+)\\s+one_true",
- "description": "Get aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set aggregation algorithm",
- "command": "aggregation algorithm set $uuid_aggregation",
- "result": "",
- "description": "Set aggregation algorithm to one_true.",
- "command_options": ""
- },
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm show",
- "result": "$uuid_aggregation\\s+one_true",
- "description": "Check aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "get submetarule algorithm",
- "command": "submetarule algorithm list",
- "result": "(?P<uuid_submetarule_algo>\\w+)\\s+inclusion",
- "description": "Get submetarule algorithm named inclusion.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set submetarule algorithm",
- "command": "submetarule set --algorithm_name inclusion $submetarule_uuid",
- "result": "",
- "description": "Set submetarule algorithm to inclusion.",
- "command_options": ""
- },
-
- {
- "name": "swift list",
- "external_command": "swift list",
- "no_result": "moonclient_test",
- "description": "Check Swift command, it must be impossible due to current rules"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "result": "admin",
- "description": "Check if tenant admin is used."
- },
-
- {
- "name": "add_object",
- "command": "object add $uuid_account",
- "result": "",
- "description": "Add the new swift account",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_swift_account>\\w+)\\s+$uuid_account",
- "description": "Check that the new swift account was added."
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_swift_account $uuid_object_category $uuid_object_scope_low",
- "result": "^$",
- "description": "Set the assignment 'low' to swift account",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_swift_account $uuid_object_category",
- "result": "$uuid_object_scope_low low",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_action",
- "command": "action add get_account_details --description 'Swift action'",
- "result": "",
- "description": "Add the action get_account_details",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_swift_get_account_details>\\w+)\\s+get_account_details",
- "description": "Check that the new swift action was added."
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_swift_get_account_details $uuid_action_category $uuid_action_scope_storage_access",
- "result": "^$",
- "description": "Set the assignment 'storage_access' to swift action",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_swift_get_account_details $uuid_action_category",
- "result": "$uuid_action_scope_storage_access storage_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "swift list",
- "external_command": "swift list",
- "result": "moonclient_test",
- "description": "Check Swift command, it must be now possible due to current rules"
- },
- {
- "name": "create temp file",
- "external_command": "touch /tmp/test.txt",
- "result": "",
- "description": "Create a temporary file to put in swift."
- },
- {
- "name": "swift post file",
- "external_command": "swift upload moonclient_test /tmp/test.txt",
- "result": "",
- "description": "Try to put the test file in the container, impossible due to the absence of the object"
- },
- {
- "name": "swift list",
- "external_command": "swift list moonclient_test",
- "no_result": "tmp/test.txt",
- "description": "Check that test file has not been uploaded."
- },
- {
- "name": "add_object",
- "command": "object add AUTH_6c7f27a7aaf94423a28ea8ac30fea929-moonclient_test",
- "result": "",
- "description": "Add the new swift container",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_swift_container>\\w+)\\s+AUTH_6c7f27a7aaf94423a28ea8ac30fea929-moonclient_test",
- "description": "Check that the new swift container was added."
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_swift_container $uuid_object_category $uuid_object_scope_low",
- "result": "^$",
- "description": "Set the assignment 'low' to swift container",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_swift_container $uuid_object_category",
- "result": "$uuid_object_scope_low low",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_object",
- "command": "object add AUTH_6c7f27a7aaf94423a28ea8ac30fea929-moonclient_test-tmp-test-txt",
- "result": "",
- "description": "Add the new swift object",
- "command_options": ""
- },
- {
- "name": "list_object",
- "command": "object list",
- "result": "(?P<uuid_object_swift_object>\\w+)\\s+AUTH_6c7f27a7aaf94423a28ea8ac30fea929-moonclient_test-tmp-test-txt",
- "description": "Check that the new swift object was added."
- },
- {
- "name": "add_assignment",
- "command": "object assignment add $uuid_object_swift_object $uuid_object_category $uuid_object_scope_low",
- "result": "^$",
- "description": "Set the assignment 'low' to swift object",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "object assignment list $uuid_object_swift_object $uuid_object_category",
- "result": "$uuid_object_scope_low low",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_action",
- "command": "action add get_container --description 'Swift action'",
- "result": "",
- "description": "Add the action get_container",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_swift_get_container>\\w+)\\s+get_container",
- "description": "Check that the new swift action was added."
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_swift_get_container $uuid_action_category $uuid_action_scope_storage_access",
- "result": "^$",
- "description": "Set the assignment 'storage_access' to swift action",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_swift_get_container $uuid_action_category",
- "result": "$uuid_action_scope_storage_access storage_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_action",
- "command": "action add get_object_metadata --description 'Swift action'",
- "result": "",
- "description": "Add the action get_object_metadata",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_swift_get_object_metadata>\\w+)\\s+get_object_metadata",
- "description": "Check that the new swift action was added."
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_swift_get_object_metadata $uuid_action_category $uuid_action_scope_storage_access",
- "result": "^$",
- "description": "Set the assignment 'storage_access' to swift action",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_swift_get_object_metadata $uuid_action_category",
- "result": "$uuid_action_scope_storage_access storage_access",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_action",
- "command": "action add create_object --description 'Swift action'",
- "result": "",
- "description": "Add the action create_object",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_swift_create_object>\\w+)\\s+create_object",
- "description": "Check that the new swift action was added."
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_swift_create_object $uuid_action_category $uuid_action_scope_storage_admin",
- "result": "^$",
- "description": "Set the assignment 'storage_access' to swift action",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_swift_create_object $uuid_action_category",
- "result": "$uuid_action_scope_storage_admin storage_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "add_action",
- "command": "action add create_container --description 'Swift action'",
- "result": "",
- "description": "Add the action create_container",
- "command_options": ""
- },
- {
- "name": "list_action",
- "command": "action list",
- "result": "(?P<uuid_action_swift_create_container>\\w+)\\s+create_container",
- "description": "Check that the new swift action was added."
- },
- {
- "name": "add_assignment",
- "command": "action assignment add $uuid_action_swift_create_container $uuid_action_category $uuid_action_scope_storage_admin",
- "result": "^$",
- "description": "Set the assignment 'storage_access' to swift action",
- "command_options": ""
- },
- {
- "name": "check_added_assignment",
- "command": "action assignment list $uuid_action_swift_create_container $uuid_action_category",
- "result": "$uuid_action_scope_storage_admin storage_admin",
- "description": "Check added assignment.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "swift post file",
- "external_command": "swift upload moonclient_test /tmp/test.txt",
- "result": "",
- "description": "Put the test file in the container"
- },
- {
- "name": "swift list",
- "external_command": "swift list moonclient_test",
- "result": "tmp/test.txt",
- "description": "Check that test file has been uploaded."
- },
-
-
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant admin",
- "command_options": ""
- },
- {
- "name": "swift delete new container",
- "external_command": "swift delete moonclient_test",
- "result": "",
- "description": "Delete the new server"
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/moonclient/tests/todo/tests_external_commands.json b/moonclient/moonclient/tests/todo/tests_external_commands.json
deleted file mode 100644
index 4caa0df1..00000000
--- a/moonclient/moonclient/tests/todo/tests_external_commands.json
+++ /dev/null
@@ -1,228 +0,0 @@
-{
- "command_options": "-f value",
- "tests_group": {
- "main": [
- {
- "auth_name": "admin",
- "description": "Change user to admin (just in case...)"
- },
-
- {
- "name": "list tenant",
- "command": "tenant list",
- "no_result": "demo",
- "description": "List all tenants (must be empty)"
- },
- {
- "name": "add tenant demo",
- "command": "tenant add demo",
- "result": "^$",
- "description": "Add a new tenant",
- "command_options": ""
- },
- {
- "name": "check tenant demo",
- "command": "tenant list",
- "result": "(?P<uuid>\\w+)\\s+demo",
- "description": "Check that tenant demo has been correctly added"
- },
- {
- "name": "create_intraextension_admin",
- "command": "intraextension add --policy_model policy_rbac_admin admin_test",
- "result": "IntraExtension created: (?P<uuid_admin>\\w+)",
- "description": "Create an admin intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_admin",
- "command": "intraextension list",
- "result": "$uuid_admin",
- "description": "Check the existence of that admin intra extension"
- },
- {
- "name": "create_intraextension_authz",
- "command": "intraextension add --policy_model policy_authz authz_test",
- "result": "IntraExtension created: (?P<uuid_authz>\\w+)",
- "description": "Create an authz intra extension",
- "command_options": ""
- },
- {
- "name": "list_intraextension_authz",
- "command": "intraextension list",
- "result": "$uuid_authz",
- "description": "Check the existence of that authz intra extension"
- },
- {
- "name": "set_tenant_authz",
- "command": "tenant set --authz $uuid_authz $uuid",
- "result": "",
- "description": "Connect the authz intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "check authz ie for tenant demo",
- "command": "tenant list",
- "result": "demo $uuid_authz",
- "description": "Check that authz ie has been correctly added for tenant demo ",
- "command_options": "-c name -c intra_authz_extension_id -f value"
- },
- {
- "name": "select_authz_ie",
- "command": "intraextension select $uuid_authz",
- "result": "Select $uuid_authz IntraExtension.",
- "description": "Select the authz IntraExtension",
- "command_options": ""
- },
- {
- "name": "check_select_authz_ie",
- "command": "intraextension show selected",
- "result": "$uuid_authz",
- "description": "Check the selected authz IntraExtension",
- "command_options": "-c id -f value"
- },
- {
- "name": "set_tenant_admin",
- "command": "tenant set --admin $uuid_admin $uuid",
- "result": "",
- "description": "Connect the admin intra extension to the tenant demo",
- "command_options": ""
- },
- {
- "name": "check admin ie for tenant demo",
- "command": "tenant list",
- "result": "demo $uuid_admin",
- "description": "Check that admin ie has been correctly added for tenant demo ",
- "command_options": "-c name -c intra_admin_extension_id -f value"
- },
-
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm list",
- "result": "(?P<uuid_aggregation>\\w+)\\s+one_true",
- "description": "Get aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
- {
- "name": "set aggregation algorithm",
- "command": "aggregation algorithm set $uuid_aggregation",
- "result": "",
- "description": "Set aggregation algorithm to one_true.",
- "command_options": ""
- },
- {
- "name": "get aggregation algorithm",
- "command": "aggregation algorithm show",
- "result": "$uuid_aggregation\\s+one_true",
- "description": "Check aggregation algorithm.",
- "command_options": "-c id -c name -f value"
- },
-
- {
- "name": "get cirros image",
- "external_command": "wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img -o /tmp/cirros.img",
- "result": "",
- "description": "Download a Cirros image"
- },
- {
- "name": "install cirros image",
- "external_command": "glance image-create --name \"cirros\" --disk-format qcow2 --file /tmp/cirros.img --container-format bare",
- "result": "",
- "description": "Upload the Cirros image in glance"
- },
- {
- "name": "create secgroup",
- "external_command": "nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0",
- "result": "",
- "description": "Create a new secgroup in Nova"
- },
- {
- "name": "create secgroup",
- "external_command": "nova secgroup-add-rule default tcp 22 22 0.0.0.0/0",
- "result": "",
- "description": "Create a new secgroup in Nova"
- },
- {
- "name": "create router",
- "external_command": "neutron router-create demo-router",
- "result": "",
- "description": "Create a new router"
- },
- {
- "name": "set router",
- "external_command": "neutron router-gateway-set demo-router ext-net",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "set router",
- "external_command": "neutron net-create demo-net",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "set router",
- "external_command": "neutron subnet-create demo-net 192.168.1.0/24 --name demo-subnet --gateway 192.168.1.1",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "set router",
- "external_command": "neutron router-interface-add demo-router demo-subnet",
- "result": "",
- "description": "Configure the new router"
- },
- {
- "name": "nova image-list",
- "external_command": "nova image-list",
- "result": "(?P<uuid_image>[\\w-]+)\\s+\\| cirros",
- "description": "Get an Image ID"
- },
- {
- "name": "neutron net-list",
- "external_command": "neutron net-list",
- "result": "(?P<uuid_net>[\\w-]+)\\s+\\| ext-net",
- "description": "Get an Net ID"
- },
- {
- "name": "nova boot new server",
- "external_command": "nova boot --flavor m1.tiny --image $uuid_image --nic net-id=$uuid_net --security-group default test_moonclient",
- "result": "",
- "description": "Get an Image ID"
- },
- {
- "name": "sleep",
- "external_command": "sleep 10",
- "result": "",
- "description": "time for server to really boot"
- },
- {
- "name": "check nova command",
- "external_command": "nova list",
- "result": "\\| (?P<uuid_server>[\\w\\-]+)\\s+\\| (?P<name_server>\\w+)\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running",
- "description": "Check that nova is running and get the ID of one running server"
- },
-
- {
- "name": "delete_admin_intra_extension",
- "command": "intraextension delete $uuid_admin",
- "result": "",
- "description": "Delete the admin intra extension",
- "command_options": ""
- },
- {
- "name": "delete_authz_intra_extension",
- "command": "intraextension delete $uuid_authz",
- "result": "",
- "description": "Delete the authz intra extension",
- "command_options": ""
- },
- {
- "name": "delete_tenant",
- "command": "tenant delete $uuid",
- "result": "",
- "description": "Delete the tenant demo",
- "command_options": ""
- }
- ]
- }
-} \ No newline at end of file
diff --git a/moonclient/requirements.txt b/moonclient/requirements.txt
deleted file mode 100644
index 298dfec9..00000000
--- a/moonclient/requirements.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-pbr>=0.6,!=0.7,<1.0
-cliff>=1.7.0 # Apache-2.0
-cliff-tablib>=1.0
diff --git a/moonclient/setup.py b/moonclient/setup.py
deleted file mode 100644
index 0b93c4d3..00000000
--- a/moonclient/setup.py
+++ /dev/null
@@ -1,133 +0,0 @@
-#!/usr/bin/env python
-
-
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-from setuptools import setup, find_packages
-from moonclient import __version__
-
-PROJECT = 'python-moonclient'
-
-# Change docs/sphinx/conf.py too!
-VERSION = __version__
-
-try:
- long_description = open('README.rst', 'rt').read()
-except IOError:
- long_description = ''
-
-setup(
- name=PROJECT,
- version=VERSION,
-
- description='Python Moon client',
- long_description=long_description,
-
- author='Thomas Duval',
- author_email='thomas.duval@orange.com',
-
- url='https://github.com/...',
- download_url='https://github.com/.../tarball/master',
-
- classifiers=['Development Status :: 3 - Alpha',
- 'License :: OSI Approved :: Apache Software License',
- 'Programming Language :: Python',
- 'Programming Language :: Python :: 2',
- 'Programming Language :: Python :: 2.7',
- 'Programming Language :: Python :: 3',
- 'Programming Language :: Python :: 3.2',
- 'Intended Audience :: Developers',
- 'Environment :: Console',
- ],
-
- platforms=['Any'],
-
- scripts=[],
-
- provides=[],
- install_requires=['cliff'],
-
- namespace_packages=[],
- packages=find_packages(),
- include_package_data=True,
-
- entry_points={
- 'console_scripts': [
- 'moon = moonclient.shell:main'
- ],
- 'moon.client': [
- 'template_list = moonclient.configuration:TemplatesList',
- 'aggregation_algorithm_list = moonclient.configuration:AggregationAlgorithmsList',
- 'submetarule_algorithm_list = moonclient.configuration:SubMetaRuleAlgorithmsList',
-
- 'tenant_add = moonclient.tenants:TenantAdd',
- 'tenant_set = moonclient.tenants:TenantSet',
- 'tenant_list = moonclient.tenants:TenantList',
- 'tenant_show = moonclient.tenants:TenantShow',
- 'tenant_delete = moonclient.tenants:TenantDelete',
-
- 'intraextension_select = moonclient.intraextension:IntraExtensionSelect',
- 'intraextension_add = moonclient.intraextension:IntraExtensionCreate',
- 'intraextension_list = moonclient.intraextension:IntraExtensionList',
- 'intraextension_delete = moonclient.intraextension:IntraExtensionDelete',
- 'intraextension_show = moonclient.intraextension:IntraExtensionShow',
- 'intraextension_init = moonclient.intraextension:IntraExtensionInit',
-
- 'subject_list = moonclient.subjects:SubjectsList',
- 'subject_add = moonclient.subjects:SubjectsAdd',
- 'subject_delete = moonclient.subjects:SubjectsDelete',
- 'object_list = moonclient.objects:ObjectsList',
- 'object_add = moonclient.objects:ObjectsAdd',
- 'object_delete = moonclient.objects:ObjectsDelete',
- 'action_list = moonclient.actions:ActionsList',
- 'action_add = moonclient.actions:ActionsAdd',
- 'action_delete = moonclient.actions:ActionsDelete',
- 'subject_category_list = moonclient.subject_categories:SubjectCategoriesList',
- 'subject_category_add = moonclient.subject_categories:SubjectCategoriesAdd',
- 'subject_category_delete = moonclient.subject_categories:SubjectCategoriesDelete',
- 'object_category_list = moonclient.object_categories:ObjectCategoriesList',
- 'object_category_add = moonclient.object_categories:ObjectCategoriesAdd',
- 'object_category_delete = moonclient.object_categories:ObjectCategoriesDelete',
- 'action_category_list = moonclient.action_categories:ActionCategoriesList',
- 'action_category_add = moonclient.action_categories:ActionCategoriesAdd',
- 'action_category_delete = moonclient.action_categories:ActionCategoriesDelete',
- 'subject_scope_list = moonclient.subject_scopes:SubjectScopesList',
- 'subject_scope_add = moonclient.subject_scopes:SubjectScopesAdd',
- 'subject_scope_delete = moonclient.subject_scopes:SubjectScopesDelete',
- 'object_scope_list = moonclient.object_scopes:ObjectScopesList',
- 'object_scope_add = moonclient.object_scopes:ObjectScopesAdd',
- 'object_scope_delete = moonclient.object_scopes:ObjectScopesDelete',
- 'action_scope_list = moonclient.action_scopes:ActionScopesList',
- 'action_scope_add = moonclient.action_scopes:ActionScopesAdd',
- 'action_scope_delete = moonclient.action_scopes:ActionScopesDelete',
- 'subject_assignment_list = moonclient.subject_assignments:SubjectAssignmentsList',
- 'subject_assignment_add = moonclient.subject_assignments:SubjectAssignmentsAdd',
- 'subject_assignment_delete = moonclient.subject_assignments:SubjectAssignmentsDelete',
- 'object_assignment_list = moonclient.object_assignments:ObjectAssignmentsList',
- 'object_assignment_add = moonclient.object_assignments:ObjectAssignmentsAdd',
- 'object_assignment_delete = moonclient.object_assignments:ObjectAssignmentsDelete',
- 'action_assignment_list = moonclient.action_assignments:ActionAssignmentsList',
- 'action_assignment_add = moonclient.action_assignments:ActionAssignmentsAdd',
- 'action_assignment_delete = moonclient.action_assignments:ActionAssignmentsDelete',
-
- 'aggregation_algorithm_show = moonclient.metarules:AggregationAlgorithmsList',
- 'aggregation_algorithm_set = moonclient.metarules:AggregationAlgorithmSet',
-
- 'submetarule_show = moonclient.metarules:SubMetaRuleShow',
- 'submetarule_set = moonclient.metarules:SubMetaRuleSet',
-
-
- 'rule_list = moonclient.rules:RulesList',
- 'rule_add = moonclient.rules:RuleAdd',
- 'rule_delete = moonclient.rules:RuleDelete',
-
- 'log = moonclient.logs:LogsList',
-
- 'test = moonclient.tests:TestsLaunch',
- ],
- },
-
- zip_safe=False,
-) \ No newline at end of file
diff --git a/python_moonclient/Changelog b/python_moonclient/Changelog
index 854200cb..cd099ae3 100644
--- a/python_moonclient/Changelog
+++ b/python_moonclient/Changelog
@@ -9,4 +9,12 @@ CHANGES
0.1.0
-----
-- First version of the python-moonclient \ No newline at end of file
+- First version of the python-moonclient
+
+1.0.0
+-----
+- First public version of the python-moonclient
+
+1.0.1
+-----
+- Fix a bug in configuration
diff --git a/python_moonclient/python_moonclient/__init__.py b/python_moonclient/python_moonclient/__init__.py
index d7cdd111..2249a1b6 100644
--- a/python_moonclient/python_moonclient/__init__.py
+++ b/python_moonclient/python_moonclient/__init__.py
@@ -3,4 +3,4 @@
# license which can be found in the file 'LICENSE' in this package distribution
# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-__version__ = "0.0.1"
+__version__ = "1.0.1"
diff --git a/python_moonclient/python_moonclient/config.py b/python_moonclient/python_moonclient/config.py
index d6317820..300ebf1a 100644
--- a/python_moonclient/python_moonclient/config.py
+++ b/python_moonclient/python_moonclient/config.py
@@ -21,17 +21,36 @@ def get_configuration(consul_host, consul_port, key):
def get_config_data(consul_host, consul_port):
conf_data = dict()
- conf_data['manager_host'] = get_configuration(consul_host, consul_port,
- 'components/manager')['components/manager']['external']['hostname']
- conf_data['manager_port'] = get_configuration(consul_host, consul_port,
- 'components/manager')['components/manager']['external']['port']
- # conf_data['authz_host'] = get_configuration(consul_host, consul_port,
- # 'components/interface')['components/interface']['external']['hostname']
- # conf_data['authz_port'] = get_configuration(consul_host, consul_port,
- # 'components/interface')['components/interface']['external']['port']
- conf_data['keystone_host'] = get_configuration(consul_host, consul_port,
- 'openstack/keystone')['openstack/keystone']['external']['url']
- # conf_data['keystone_port'] = '5000'
+ conf_data['manager_host'] = get_configuration(
+ consul_host, consul_port,
+ 'components/manager')['components/manager']['external']['hostname']
+ conf_data['manager_port'] = get_configuration(
+ consul_host, consul_port,
+ 'components/manager')['components/manager']['external']['port']
+ try:
+ requests.get("http://{}:{}/".format(
+ conf_data['manager_host'],
+ conf_data['manager_port']
+ ),
+ timeout=2)
+ except requests.exceptions.ConnectionError:
+ conf_data['manager_host'] = get_configuration(consul_host, consul_port,
+ 'components/manager')[
+ 'components/manager']['hostname']
+ conf_data['manager_port'] = get_configuration(consul_host, consul_port,
+ 'components/manager')[
+ 'components/manager']['port']
+
+ conf_data['keystone_host'] = get_configuration(
+ consul_host, consul_port,
+ 'openstack/keystone')['openstack/keystone']['external']['url']
+ try:
+ requests.get(conf_data['keystone_host'], timeout=2)
+ except requests.exceptions.ConnectionError:
+ conf_data['keystone_host'] = get_configuration(
+ consul_host, consul_port,
+ 'openstack/keystone')['openstack/keystone']['url']
+
conf_data['keystone_user'] = get_configuration(consul_host, consul_port,
'openstack/keystone')['openstack/keystone']['user']
conf_data['keystone_password'] = get_configuration(consul_host, consul_port,
@@ -39,6 +58,3 @@ def get_config_data(consul_host, consul_port):
conf_data['keystone_project'] = get_configuration(consul_host, consul_port,
'openstack/keystone')['openstack/keystone']['project']
return conf_data
-
-# get_conf_data('88.88.88.2', '30005')
-# get_conf_data('127.0.0.1', 8082)
diff --git a/python_moonclient/python_moonclient/scripts.py b/python_moonclient/python_moonclient/scripts.py
new file mode 100644
index 00000000..69746a8b
--- /dev/null
+++ b/python_moonclient/python_moonclient/scripts.py
@@ -0,0 +1,83 @@
+import logging
+from importlib.machinery import SourceFileLoader
+from . import parse, models, policies, pdp, authz
+
+
+logger = logging.getLogger("moonclient.scripts")
+
+
+def get_keystone_projects():
+ args = parse.parse()
+ consul_host = args.consul_host
+ consul_port = args.consul_port
+
+ models.init(consul_host, consul_port)
+ policies.init(consul_host, consul_port)
+ pdp.init(consul_host, consul_port)
+
+ projects = pdp.get_keystone_projects()
+
+ for _project in projects['projects']:
+ print("{} {}".format(_project['id'], _project['name']))
+
+
+def populate_values():
+ requests_log = logging.getLogger("requests.packages.urllib3")
+ requests_log.setLevel(logging.WARNING)
+ requests_log.propagate = True
+
+ args = parse.parse()
+ consul_host = args.consul_host
+ consul_port = args.consul_port
+ project_id = args.keystone_pid
+
+ models.init(consul_host, consul_port)
+ policies.init(consul_host, consul_port)
+ pdp.init(consul_host, consul_port)
+
+ if args.filename:
+ print("Loading: {}".format(args.filename[0]))
+ m = SourceFileLoader("scenario", args.filename[0])
+ scenario = m.load_module()
+
+ _models = models.check_model()
+ for _model_id, _model_value in _models['models'].items():
+ if _model_value['name'] == scenario.model_name:
+ model_id = _model_id
+ meta_rule_list = _model_value['meta_rules']
+ models.create_model(scenario, model_id)
+ break
+ else:
+ model_id, meta_rule_list = models.create_model(scenario)
+ policy_id = policies.create_policy(scenario, model_id, meta_rule_list)
+ pdp_id = pdp.create_pdp(scenario, policy_id=policy_id, project_id=project_id)
+
+
+def send_authz():
+ args = parse.parse()
+ consul_host = args.consul_host
+ consul_port = args.consul_port
+
+ models.init(consul_host, consul_port)
+ policies.init(consul_host, consul_port)
+ pdp.init(consul_host, consul_port)
+
+ if args.filename:
+ print("Loading: {}".format(args.filename[0]))
+ m = SourceFileLoader("scenario", args.filename[0])
+ scenario = m.load_module()
+
+ keystone_project_id = pdp.get_keystone_id(args.pdp)
+ time_data = authz.send_requests(
+ scenario,
+ args.authz_host,
+ args.authz_port,
+ keystone_project_id,
+ request_second=args.request_second,
+ limit=args.limit,
+ dry_run=args.dry_run,
+ stress_test=args.stress_test,
+ destination=args.destination
+ )
+ if not args.dry_run:
+ authz.save_data(args.write, time_data)
diff --git a/python_moonclient/setup.py b/python_moonclient/setup.py
index 000e87ca..f2dbc580 100644
--- a/python_moonclient/setup.py
+++ b/python_moonclient/setup.py
@@ -39,4 +39,12 @@ setup(
'Operating System :: OS Independent',
],
+ entry_points={
+ 'console_scripts': [
+ 'moon_get_keystone_projects = python_moonclient.scripts:get_keystone_projects',
+ 'moon_populate_values = python_moonclient.scripts:populate_values',
+ 'moon_send_authz = python_moonclient.scripts:send_authz',
+ ],
+ }
+
)
diff --git a/python_moondb/tests/unit_python/mock_keystone.py b/python_moondb/tests/unit_python/mock_keystone.py
index c0b26b88..3f262538 100644
--- a/python_moondb/tests/unit_python/mock_keystone.py
+++ b/python_moondb/tests/unit_python/mock_keystone.py
@@ -20,4 +20,14 @@ def register_keystone(m):
json={"users": [{
"id": "1111111111111"
}]}
- ) \ No newline at end of file
+ )
+ m.register_uri(
+ 'POST', 'http://keystone:5000/v3/projects/',
+ json={
+ "description": "test_project",
+ "domain_id": ['domain_id_1'],
+ "enabled": True,
+ "is_domain": False,
+ "name": 'project_1'
+ }
+ )
diff --git a/templates/moon_forming/utils/__init__.py b/python_moondb/tests/unit_python/models/__init__.py
index e69de29b..e69de29b 100644..100755
--- a/templates/moon_forming/utils/__init__.py
+++ b/python_moondb/tests/unit_python/models/__init__.py
diff --git a/python_moondb/tests/unit_python/models/test_meta_rules.py b/python_moondb/tests/unit_python/models/test_meta_rules.py
new file mode 100644
index 00000000..d8b61365
--- /dev/null
+++ b/python_moondb/tests/unit_python/models/test_meta_rules.py
@@ -0,0 +1,175 @@
+import pytest
+
+
+def set_meta_rule(meta_rule_id, value=None):
+ from python_moondb.core import ModelManager
+ if not value:
+ value = {
+ "name": "MLS_meta_rule",
+ "description": "test",
+ "subject_categories": ["user_security_level_id_1"],
+ "object_categories": ["vm_security_level_id_1"],
+ "action_categories": ["action_type_id_1"]
+ }
+ return ModelManager.set_meta_rule(user_id=None, meta_rule_id=meta_rule_id, value=value)
+
+
+def add_meta_rule(meta_rule_id=None, value=None):
+ from python_moondb.core import ModelManager
+ if not value:
+ value = {
+ "name": "MLS_meta_rule",
+ "description": "test",
+ "subject_categories": ["user_security_level_id_1"],
+ "object_categories": ["vm_security_level_id_1"],
+ "action_categories": ["action_type_id_1"]
+ }
+ return ModelManager.add_meta_rule(user_id=None, meta_rule_id=meta_rule_id, value=value)
+
+
+def get_meta_rules(meta_rule_id=None):
+ from python_moondb.core import ModelManager
+ return ModelManager.get_meta_rules(user_id=None, meta_rule_id=meta_rule_id)
+
+
+def delete_meta_rules(meta_rule_id=None):
+ from python_moondb.core import ModelManager
+ ModelManager.delete_meta_rule(user_id=None, meta_rule_id=meta_rule_id)
+
+def test_set_not_exist_meta_rule_error(db):
+ # set not existing meta rule and expect to raise and error
+ with pytest.raises(Exception) as exception_info:
+ set_meta_rule(meta_rule_id=None)
+ assert str(exception_info.value) == '400: Sub Meta Rule Unknown'
+
+
+def test_add_new_meta_rule_success(db):
+ value = {
+ "name": "MLS_meta_rule",
+ "description": "test",
+ "subject_categories": ["user_security_level_id_1"],
+ "object_categories": ["vm_security_level_id_1"],
+ "action_categories": ["action_type_id_1"]
+ }
+ metaRules = add_meta_rule();
+ assert isinstance(metaRules, dict)
+ assert metaRules
+ assert len(metaRules) is 1
+ meta_rule_id = list(metaRules.keys())[0]
+ for key in ("name", "description", "subject_categories", "object_categories", "action_categories"):
+ assert key in metaRules[meta_rule_id]
+ assert metaRules[meta_rule_id][key] == value[key]
+
+
+def test_set_meta_rule_succes(db):
+ # arrange
+ meta_rules = add_meta_rule()
+ meta_rule_id = list(meta_rules.keys())[0]
+ updated_value = {
+ "name": "MLS_meta_rule",
+ "description": "test",
+ "subject_categories": ["user_role_id_1"],
+ "object_categories": ["vm_security_level_id_1"],
+ "action_categories": ["action_type_id_1"]
+ }
+ # action
+ updated_meta_rule = set_meta_rule(meta_rule_id, updated_value)
+ # assert
+ updated_meta_rule_id = list(updated_meta_rule.keys())[0]
+ assert updated_meta_rule_id == meta_rule_id
+ assert updated_meta_rule[updated_meta_rule_id]["subject_categories"] == \
+ updated_value["subject_categories"]
+
+
+def test_add_existing_meta_rule_error(db):
+ meta_rules = add_meta_rule()
+ meta_rule_id = list(meta_rules.keys())[0]
+ with pytest.raises(Exception) as exception_info:
+ add_meta_rule(meta_rule_id=meta_rule_id)
+ assert str(exception_info.value) == '400: Sub Meta Rule Existing'
+
+
+def test_get_meta_rule_success(db):
+ # arrange
+ values = {}
+ value1 = {
+ "name": "MLS_meta_rule",
+ "description": "test",
+ "subject_categories": ["user_security_level_id_1"],
+ "object_categories": ["vm_security_level_id_1"],
+ "action_categories": ["action_type_id_1"]
+ }
+ meta_rules1 = add_meta_rule(value=value1)
+ meta_rule_id1 = list(meta_rules1.keys())[0]
+ values[meta_rule_id1] = value1
+ value2 = {
+ "name": "rbac_meta_rule",
+ "description": "test",
+ "subject_categories": ["user_role_id_1"],
+ "object_categories": ["vm_id_1"],
+ "action_categories": ["action_type_id_1"]
+ }
+ meta_rules2 = add_meta_rule(value=value2)
+ meta_rule_id2 = list(meta_rules2.keys())[0]
+ values[meta_rule_id2] = value2
+
+ # action
+ meta_rules = get_meta_rules()
+ # assert
+ assert isinstance(meta_rules , dict)
+ assert meta_rules
+ assert len(meta_rules) is 2
+ for meta_rule_id in meta_rules:
+ for key in ("name", "description", "subject_categories", "object_categories", "action_categories"):
+ assert key in meta_rules[meta_rule_id]
+ assert meta_rules[meta_rule_id][key] == values[meta_rule_id][key]
+
+
+def test_get_specific_meta_rule_success(db):
+ # arrange
+ add_meta_rule()
+ added_meta_rules = add_meta_rule()
+ added_meta_rule_id = list(added_meta_rules.keys())[0]
+ # action
+ meta_rules = get_meta_rules(meta_rule_id=added_meta_rule_id)
+ meta_rule_id = list(meta_rules.keys())[0]
+ # assert
+ assert meta_rule_id == added_meta_rule_id
+ for key in ("name", "description", "subject_categories", "object_categories", "action_categories"):
+ assert key in meta_rules[meta_rule_id]
+ assert meta_rules[meta_rule_id][key] == added_meta_rules[added_meta_rule_id][key]
+
+
+def test_delete_meta_rules_success(db):
+ # arrange
+ value1 = {
+ "name": "MLS_meta_rule",
+ "description": "test",
+ "subject_categories": ["user_security_level_id_1"],
+ "object_categories": ["vm_security_level_id_1"],
+ "action_categories": ["action_type_id_1"]
+ }
+ meta_rules1 = add_meta_rule(value=value1)
+ meta_rule_id1 = list(meta_rules1.keys())[0]
+
+ value2 = {
+ "name": "rbac_meta_rule",
+ "description": "test",
+ "subject_categories": ["user_role_id_1"],
+ "object_categories": ["vm_id_1"],
+ "action_categories": ["action_type_id_1"]
+ }
+ meta_rules2 = add_meta_rule(value=value2)
+ meta_rule_id2 = list(meta_rules2.keys())[0]
+
+ # action
+ delete_meta_rules(meta_rule_id1)
+ # assert
+ meta_rules = get_meta_rules()
+ assert meta_rule_id1 not in meta_rules
+
+
+def test_delete_invalid_meta_rules_error(db):
+ with pytest.raises(Exception) as exception_info:
+ delete_meta_rules("INVALID_META_RULE_ID")
+ assert str(exception_info.value) == '400: Sub Meta Rule Unknown'
diff --git a/python_moondb/tests/unit_python/models/test_models.py b/python_moondb/tests/unit_python/models/test_models.py
new file mode 100644
index 00000000..e56fea6b
--- /dev/null
+++ b/python_moondb/tests/unit_python/models/test_models.py
@@ -0,0 +1,161 @@
+import pytest
+
+
+def get_models(model_id=None):
+ from python_moondb.core import ModelManager
+ return ModelManager.get_models(user_id= None , model_id= model_id)
+
+
+def add_model(model_id=None, value=None):
+ from python_moondb.core import ModelManager
+ if not value:
+ value = {
+ "name": "MLS",
+ "description": "test",
+ "meta_rules": "meta_rule_mls_1"
+ }
+ return ModelManager.add_model(user_id=None, model_id=model_id, value=value)
+
+
+def delete_models(uuid=None, name=None):
+ from python_moondb.core import ModelManager
+ if not uuid:
+ for model_id, model_value in get_models():
+ if name == model_value['name']:
+ uuid = model_id
+ break
+ ModelManager.delete_model(user_id=None, model_id=uuid)
+
+
+def update_model(model_id=None, value=None):
+ from python_moondb.core import ModelManager
+ return ModelManager.update_model(user_id=None, model_id=model_id, value=value)
+
+
+def test_get_models_empty(db):
+ # act
+ models = get_models()
+ # assert
+ assert isinstance(models, dict)
+ assert not models
+
+
+def test_get_model(db):
+ # prepare
+ add_model(model_id="mls_model_id")
+ # act
+ models = get_models()
+ # assert
+ assert isinstance(models, dict)
+ assert models # assert model is not empty
+ assert len(models) is 1
+
+
+def test_get_specific_model(db):
+ # prepare
+ add_model(model_id="mls_model_id")
+ add_model(model_id="rbac_model_id")
+ # act
+ models = get_models(model_id="mls_model_id")
+ # assert
+ assert isinstance(models, dict)
+ assert models # assert model is not empty
+ assert len(models) is 1
+
+
+def test_add_model(db):
+ # act
+ model = add_model()
+ # assert
+ assert isinstance(model, dict)
+ assert model # assert model is not empty
+ assert len(model) is 1
+
+
+def test_add_same_model_twice(db):
+ # prepare
+ add_model(model_id="model_1") # add model twice
+ # act
+ with pytest.raises(Exception) as exception_info:
+ add_model(model_id="model_1")
+ assert str(exception_info.value) == '409: Model Error'
+
+
+def test_add_model_generate_new_uuid(db):
+ model_value1 = {
+ "name": "MLS",
+ "description": "test",
+ "meta_rules": "meta_rule_mls_1"
+ }
+ model1 = add_model(value=model_value1)
+
+ model_value2 = {
+ "name": "rbac",
+ "description": "test",
+ "meta_rules": "meta_rule_mls_2"
+ }
+ model2 = add_model(value=model_value2)
+
+ assert list(model1)[0] != list(model2)[0]
+
+
+def test_add_models(db):
+ model_value1 = {
+ "name": "MLS",
+ "description": "test",
+ "meta_rules": "meta_rule_mls_1"
+ }
+ models = add_model(value=model_value1)
+ assert isinstance(models, dict)
+ assert models
+ assert len(models.keys()) == 1
+ model_id = list(models.keys())[0]
+ for key in ("name", "meta_rules", "description"):
+ assert key in models[model_id]
+ assert models[model_id][key] == model_value1[key]
+
+
+def test_delete_models(db):
+ model_value1 = {
+ "name": "MLS",
+ "description": "test",
+ "meta_rules": "meta_rule_mls_1"
+ }
+ model1 = add_model(value=model_value1)
+
+ model_value2 = {
+ "name": "rbac",
+ "description": "test",
+ "meta_rules": "meta_rule_mls_2"
+ }
+ model2 = add_model(value=model_value2)
+
+ id = list(model1)[0]
+ delete_models(id)
+ # assert
+ models = get_models()
+ assert id not in models
+
+
+def test_update_model(db):
+ # prepare
+ model_value = {
+ "name": "MLS",
+ "description": "test",
+ "meta_rules": "meta_rule_mls_1"
+ }
+ model = add_model(value=model_value)
+ model_id = list(model)[0]
+ new_model_value = {
+ "name": "MLS",
+ "description": "test",
+ "meta_rules": "meta_rule_mls_2"
+ }
+ # act
+ update_model(model_id=model_id, value=new_model_value)
+ # assert
+ model = get_models(model_id)
+
+ for key in ("name", "meta_rules", "description"):
+ assert key in model[model_id]
+ assert model[model_id][key] == new_model_value[key] \ No newline at end of file
diff --git a/python_moondb/tests/unit_python/policies/__init__.py b/python_moondb/tests/unit_python/policies/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/python_moondb/tests/unit_python/policies/__init__.py
diff --git a/python_moondb/tests/unit_python/policies/mock_data.py b/python_moondb/tests/unit_python/policies/mock_data.py
new file mode 100644
index 00000000..b2642979
--- /dev/null
+++ b/python_moondb/tests/unit_python/policies/mock_data.py
@@ -0,0 +1,45 @@
+def create_meta_rule():
+ meta_rule_value = {
+ "name": "meta_rule1",
+ "algorithm": "name of the meta rule algorithm",
+ "subject_categories": ["subject_category_id1",
+ "subject_category_id2"],
+ "object_categories": ["object_category_id1"],
+ "action_categories": ["action_category_id1"]
+ }
+ return meta_rule_value
+
+
+def create_model(meta_rule_id):
+ value = {
+ "name": "test_model",
+ "description": "test",
+ "meta_rules": [meta_rule_id]
+
+ }
+ return value
+
+
+def create_policy(model_id):
+ value = {
+ "name": "policy_1",
+ "model_id": model_id,
+ "genre": "authz",
+ "description": "test",
+ }
+ return value
+
+
+def get_policy_id():
+ import policies.test_policies as test_policies
+ import models.test_models as test_models
+ import models.test_meta_rules as test_meta_rules
+ meta_rule = test_meta_rules.add_meta_rule(value=create_meta_rule())
+ meta_rule_id = list(meta_rule.keys())[0]
+ model = test_models.add_model(value=create_model(meta_rule_id))
+ model_id = list(model.keys())[0]
+ value = create_policy(model_id)
+ policy = test_policies.add_policies(value)
+ assert policy
+ policy_id = list(policy.keys())[0]
+ return policy_id
diff --git a/python_moondb/tests/unit_python/policies/test_assignments.py b/python_moondb/tests/unit_python/policies/test_assignments.py
new file mode 100755
index 00000000..ccac205a
--- /dev/null
+++ b/python_moondb/tests/unit_python/policies/test_assignments.py
@@ -0,0 +1,245 @@
+def get_action_assignments(policy_id, action_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_action_assignments("", policy_id, action_id, category_id)
+
+
+def add_action_assignment(policy_id, action_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_action_assignment("", policy_id, action_id, category_id, data_id)
+
+
+def delete_action_assignment(policy_id, action_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_action_assignment("", policy_id, action_id, category_id, data_id)
+
+
+def get_object_assignments(policy_id, object_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_object_assignments("", policy_id, object_id, category_id)
+
+
+def add_object_assignment(policy_id, object_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_object_assignment("", policy_id, object_id, category_id, data_id)
+
+
+def delete_object_assignment(policy_id, object_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_object_assignment("", policy_id, object_id, category_id, data_id)
+
+
+def get_subject_assignments(policy_id, subject_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_subject_assignments("", policy_id, subject_id, category_id)
+
+
+def add_subject_assignment(policy_id, subject_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_subject_assignment("", policy_id, subject_id, category_id, data_id)
+
+
+def delete_subject_assignment(policy_id, subject_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_subject_assignment("", policy_id, subject_id, category_id, data_id)
+
+
+def test_get_action_assignments(db):
+ policy_id = "admin"
+ action_id = "action_id_1"
+ category_id = "category_id_1"
+ data_id = "data_id_1"
+ add_action_assignment(policy_id, action_id, category_id, data_id)
+ act_assignments = get_action_assignments(policy_id, action_id, category_id)
+ action_id_1 = list(act_assignments.keys())[0]
+ assert act_assignments[action_id_1]["policy_id"] == policy_id
+ assert act_assignments[action_id_1]["action_id"] == action_id
+ assert act_assignments[action_id_1]["category_id"] == category_id
+ assert len(act_assignments[action_id_1].get("assignments")) == 1
+ assert data_id in act_assignments[action_id_1].get("assignments")
+
+
+def test_get_action_assignments_by_policy_id(db):
+ policy_id = "admin"
+ action_id = "action_id_1"
+ category_id = "category_id_1"
+ data_id = "data_id_1"
+ add_action_assignment(policy_id, action_id, category_id, data_id)
+ data_id = "data_id_2"
+ add_action_assignment(policy_id, action_id, category_id, data_id)
+ data_id = "data_id_3"
+ add_action_assignment(policy_id, action_id, category_id, data_id)
+ act_assignments = get_action_assignments(policy_id)
+ action_id_1 = list(act_assignments.keys())[0]
+ assert act_assignments[action_id_1]["policy_id"] == policy_id
+ assert act_assignments[action_id_1]["action_id"] == action_id
+ assert act_assignments[action_id_1]["category_id"] == category_id
+ assert len(act_assignments[action_id_1].get("assignments")) == 3
+
+
+def test_add_action_assignments(db):
+ policy_id = "admin"
+ action_id = "action_id_1"
+ category_id = "category_id_1"
+ data_id = "data_id_1"
+ action_assignments = add_action_assignment(policy_id, action_id, category_id, data_id)
+ assert action_assignments
+ action_id_1 = list(action_assignments.keys())[0]
+ assert action_assignments[action_id_1]["policy_id"] == policy_id
+ assert action_assignments[action_id_1]["action_id"] == action_id
+ assert action_assignments[action_id_1]["category_id"] == category_id
+ assert len(action_assignments[action_id_1].get("assignments")) == 1
+ assert data_id in action_assignments[action_id_1].get("assignments")
+
+
+def test_delete_action_assignment(db):
+ policy_id = "admin_1"
+ add_action_assignment(policy_id, "", "", "")
+ policy_id = "admin_2"
+ action_id = "action_id_2"
+ category_id = "category_id_2"
+ data_id = "data_id_2"
+ add_action_assignment(policy_id, action_id, category_id, data_id)
+ delete_action_assignment(policy_id, "", "", "")
+ assignments = get_action_assignments(policy_id, )
+ assert len(assignments) == 1
+
+
+def test_delete_action_assignment_with_invalid_policy_id(db):
+ policy_id = "invalid_id"
+ delete_action_assignment(policy_id, "", "", "")
+ assignments = get_action_assignments(policy_id, )
+ assert len(assignments) == 0
+
+
+def test_get_object_assignments(db):
+ policy_id = "admin"
+ object_id = "object_id_1"
+ category_id = "category_id_1"
+ data_id = "data_id_1"
+ add_object_assignment(policy_id, object_id, category_id, data_id)
+ obj_assignments = get_object_assignments(policy_id, object_id, category_id)
+ object_id_1 = list(obj_assignments.keys())[0]
+ assert obj_assignments[object_id_1]["policy_id"] == policy_id
+ assert obj_assignments[object_id_1]["object_id"] == object_id
+ assert obj_assignments[object_id_1]["category_id"] == category_id
+ assert len(obj_assignments[object_id_1].get("assignments")) == 1
+ assert data_id in obj_assignments[object_id_1].get("assignments")
+
+
+def test_get_object_assignments_by_policy_id(db):
+ policy_id = "admin"
+ object_id_1 = "object_id_1"
+ category_id_1 = "category_id_1"
+ data_id = "data_id_1"
+ add_action_assignment(policy_id, object_id_1, category_id_1, data_id)
+ object_id_2 = "object_id_2"
+ category_id_2 = "category_id_2"
+ data_id = "data_id_2"
+ add_action_assignment(policy_id, object_id_2, category_id_2, data_id)
+ object_id_3 = "object_id_3"
+ category_id_3 = "category_id_3"
+ data_id = "data_id_3"
+ add_action_assignment(policy_id, object_id_3, category_id_3, data_id)
+ act_assignments = get_action_assignments(policy_id)
+ assert len(act_assignments) == 3
+
+
+def test_add_object_assignments(db):
+ policy_id = "admin"
+ object_id = "object_id_1"
+ category_id = "category_id_1"
+ data_id = "data_id_1"
+ object_assignments = add_object_assignment(policy_id, object_id, category_id, data_id)
+ assert object_assignments
+ object_id_1 = list(object_assignments.keys())[0]
+ assert object_assignments[object_id_1]["policy_id"] == policy_id
+ assert object_assignments[object_id_1]["object_id"] == object_id
+ assert object_assignments[object_id_1]["category_id"] == category_id
+ assert len(object_assignments[object_id_1].get("assignments")) == 1
+ assert data_id in object_assignments[object_id_1].get("assignments")
+
+
+def test_delete_object_assignment(db):
+ policy_id = "admin_1"
+ add_object_assignment(policy_id, "", "", "")
+ object_id = "action_id_2"
+ category_id = "category_id_2"
+ data_id = "data_id_2"
+ add_object_assignment(policy_id, object_id, category_id, data_id)
+ delete_object_assignment(policy_id, "", "", "")
+ assignments = get_object_assignments(policy_id, )
+ assert len(assignments) == 1
+
+
+def test_delete_object_assignment_with_invalid_policy_id(db):
+ policy_id = "invalid_id"
+ delete_object_assignment(policy_id, "", "", "")
+ assignments = get_object_assignments(policy_id, )
+ assert len(assignments) == 0
+
+
+def test_get_subject_assignments(db):
+ policy_id = "admin"
+ subject_id = "object_id_1"
+ category_id = "category_id_1"
+ data_id = "data_id_1"
+ add_subject_assignment(policy_id, subject_id, category_id, data_id)
+ subj_assignments = get_subject_assignments(policy_id, subject_id, category_id)
+ subject_id_1 = list(subj_assignments.keys())[0]
+ assert subj_assignments[subject_id_1]["policy_id"] == policy_id
+ assert subj_assignments[subject_id_1]["subject_id"] == subject_id
+ assert subj_assignments[subject_id_1]["category_id"] == category_id
+ assert len(subj_assignments[subject_id_1].get("assignments")) == 1
+ assert data_id in subj_assignments[subject_id_1].get("assignments")
+
+
+def test_get_subject_assignments_by_policy_id(db):
+ policy_id = "admin"
+ subject_id_1 = "subject_id_1"
+ category_id_1 = "category_id_1"
+ data_id = "data_id_1"
+ add_subject_assignment(policy_id, subject_id_1, category_id_1, data_id)
+ subject_id_2 = "subject_id_2"
+ category_id_2 = "category_id_2"
+ data_id = "data_id_2"
+ add_subject_assignment(policy_id, subject_id_2, category_id_2, data_id)
+ subject_id_3 = "subject_id_3"
+ category_id_3 = "category_id_3"
+ data_id = "data_id_3"
+ add_subject_assignment(policy_id, subject_id_3, category_id_3, data_id)
+ subj_assignments = get_subject_assignments(policy_id)
+ assert len(subj_assignments) == 3
+
+
+def test_add_subject_assignments(db):
+ policy_id = "admin"
+ subject_id = "subject_id_1"
+ category_id = "category_id_1"
+ data_id = "data_id_1"
+ subject_assignments = add_subject_assignment(policy_id, subject_id, category_id, data_id)
+ assert subject_assignments
+ subject_id_1 = list(subject_assignments.keys())[0]
+ assert subject_assignments[subject_id_1]["policy_id"] == policy_id
+ assert subject_assignments[subject_id_1]["subject_id"] == subject_id
+ assert subject_assignments[subject_id_1]["category_id"] == category_id
+ assert len(subject_assignments[subject_id_1].get("assignments")) == 1
+ assert data_id in subject_assignments[subject_id_1].get("assignments")
+
+
+def test_delete_subject_assignment(db):
+ policy_id = "admin_1"
+ add_subject_assignment(policy_id, "", "", "")
+ subject_id = "subject_id_2"
+ category_id = "category_id_2"
+ data_id = "data_id_2"
+ add_subject_assignment(policy_id, subject_id, category_id, data_id)
+ delete_subject_assignment(policy_id, "", "", "")
+ assignments = get_subject_assignments(policy_id, )
+ assert len(assignments) == 1
+
+
+def test_delete_subject_assignment_with_invalid_policy_id(db):
+ policy_id = "invalid_id"
+ delete_subject_assignment(policy_id, "", "", "")
+ assignments = get_subject_assignments(policy_id, )
+ assert len(assignments) == 0
diff --git a/python_moondb/tests/unit_python/policies/test_data.py b/python_moondb/tests/unit_python/policies/test_data.py
new file mode 100755
index 00000000..68b1d2a0
--- /dev/null
+++ b/python_moondb/tests/unit_python/policies/test_data.py
@@ -0,0 +1,513 @@
+import policies.mock_data as mock_data
+import pytest
+
+
+def get_action_data(policy_id, data_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_action_data("", policy_id, data_id, category_id)
+
+
+def add_action_data(policy_id, data_id=None, category_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_action_data("", policy_id, data_id, category_id, value)
+
+
+def delete_action_data(policy_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_action_data("", policy_id, data_id)
+
+
+def get_object_data(policy_id, data_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_object_data("", policy_id, data_id, category_id)
+
+
+def add_object_data(policy_id, data_id=None, category_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_object_data("", policy_id, data_id, category_id, value)
+
+
+def delete_object_data(policy_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_object_data("", policy_id, data_id)
+
+
+def get_subject_data(policy_id, data_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_subject_data("", policy_id, data_id, category_id)
+
+
+def add_subject_data(policy_id, data_id=None, category_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.set_subject_data("", policy_id, data_id, category_id, value)
+
+
+def delete_subject_data(policy_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_subject_data("", policy_id, data_id)
+
+
+def get_actions(policy_id, perimeter_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_actions("", policy_id, perimeter_id)
+
+
+def add_action(policy_id, perimeter_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_action("", policy_id, perimeter_id, value)
+
+
+def delete_action(policy_id, perimeter_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_action("", policy_id, perimeter_id)
+
+
+def get_objects(policy_id, perimeter_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_objects("", policy_id, perimeter_id)
+
+
+def add_object(policy_id, perimeter_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_object("", policy_id, perimeter_id, value)
+
+
+def delete_object(policy_id, perimeter_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_object("", policy_id, perimeter_id)
+
+
+def get_subjects(policy_id, perimeter_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_subjects("", policy_id, perimeter_id)
+
+
+def add_subject(policy_id, perimeter_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_subject("", policy_id, perimeter_id, value)
+
+
+def delete_subject(policy_id, perimeter_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_subject("", policy_id, perimeter_id)
+
+
+def get_available_metadata(policy_id):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_available_metadata("", policy_id)
+
+
+def test_get_action_data(db):
+ policy_id = mock_data.get_policy_id()
+ get_available_metadata(policy_id)
+
+ policy_id = policy_id
+ data_id = "data_id_1"
+ category_id = "action_category_id1"
+ value = {
+ "name": "action-type",
+ "description": {"vm-action": "", "storage-action": "", },
+ }
+ add_action_data(policy_id, data_id, category_id, value)
+ action_data = get_action_data(policy_id, data_id, category_id)
+ assert action_data
+ assert len(action_data[0]['data']) == 1
+
+
+def test_get_action_data_with_invalid_category_id(db):
+ policy_id = mock_data.get_policy_id()
+ get_available_metadata(policy_id)
+
+ policy_id = policy_id
+ data_id = "data_id_1"
+ category_id = "action_category_id1"
+ value = {
+ "name": "action-type",
+ "description": {"vm-action": "", "storage-action": "", },
+ }
+ add_action_data(policy_id, data_id, category_id, value)
+ action_data = get_action_data(policy_id)
+ assert action_data
+ assert len(action_data[0]['data']) == 1
+
+
+def test_add_action_data(db):
+ policy_id = "policy_id_1"
+ data_id = "data_id_1"
+ category_id = "category_id_1"
+ value = {
+ "name": "action-type",
+ "description": {"vm-action": "", "storage-action": "", },
+ }
+ action_data = add_action_data(policy_id, data_id, category_id, value).get('data')
+ assert action_data
+ action_data_id = list(action_data.keys())[0]
+ assert action_data[action_data_id].get('policy_id') == policy_id
+
+
+def test_delete_action_data(db):
+ policy_id = mock_data.get_policy_id()
+ get_available_metadata(policy_id)
+ data_id = "data_id_1"
+ category_id = "category_id_1"
+ value = {
+ "name": "action-type",
+ "description": {"vm-action": "", "storage-action": "", },
+ }
+ action_data = add_action_data(policy_id, data_id, category_id, value).get('data')
+ action_data_id = list(action_data.keys())[0]
+ delete_action_data(action_data[action_data_id].get('policy_id'), None)
+ new_action_data = get_action_data(policy_id)
+ assert len(new_action_data[0]['data']) == 0
+
+
+def test_get_object_data(db):
+ policy_id = mock_data.get_policy_id()
+ get_available_metadata(policy_id)
+
+ policy_id = policy_id
+ data_id = "data_id_1"
+ category_id = "object_category_id1"
+ value = {
+ "name": "object-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ add_object_data(policy_id, data_id, category_id, value)
+ object_data = get_object_data(policy_id, data_id, category_id)
+ assert object_data
+ assert len(object_data[0]['data']) == 1
+
+
+def test_get_object_data_with_invalid_category_id(db):
+ policy_id = mock_data.get_policy_id()
+ get_available_metadata(policy_id)
+
+ policy_id = policy_id
+ data_id = "data_id_1"
+ category_id = "object_category_id1"
+ value = {
+ "name": "object-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ add_object_data(policy_id, data_id, category_id, value)
+ object_data = get_object_data(policy_id)
+ assert object_data
+ assert len(object_data[0]['data']) == 1
+
+
+def test_add_object_data(db):
+ policy_id = "policy_id_1"
+ data_id = "data_id_1"
+ category_id = "object_category_id1"
+ value = {
+ "name": "object-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ object_data = add_object_data(policy_id, data_id, category_id, value).get('data')
+ assert object_data
+ object_data_id = list(object_data.keys())[0]
+ assert object_data[object_data_id].get('policy_id') == policy_id
+
+
+def test_delete_object_data(db):
+ policy_id = mock_data.get_policy_id()
+ get_available_metadata(policy_id)
+ data_id = "data_id_1"
+ category_id = "object_category_id1"
+ value = {
+ "name": "object-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ object_data = add_object_data(policy_id, data_id, category_id, value).get('data')
+ object_data_id = list(object_data.keys())[0]
+ delete_object_data(object_data[object_data_id].get('policy_id'), data_id)
+ new_object_data = get_object_data(policy_id)
+ assert len(new_object_data[0]['data']) == 0
+
+
+def test_get_subject_data(db):
+ policy_id = mock_data.get_policy_id()
+ get_available_metadata(policy_id)
+
+ policy_id = policy_id
+ data_id = "data_id_1"
+ category_id = "subject_category_id1"
+ value = {
+ "name": "subject-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ add_subject_data(policy_id, data_id, category_id, value)
+ subject_data = get_subject_data(policy_id, data_id, category_id)
+ assert subject_data
+ assert len(subject_data[0]['data']) == 1
+
+
+def test_get_subject_data_with_invalid_category_id(db):
+ policy_id = mock_data.get_policy_id()
+ get_available_metadata(policy_id)
+
+ policy_id = policy_id
+ data_id = "data_id_1"
+ category_id = "subject_category_id1"
+ value = {
+ "name": "subject-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ add_subject_data(policy_id, data_id, category_id, value)
+ subject_data = get_subject_data(policy_id)
+ assert subject_data
+ assert len(subject_data[0]['data']) == 1
+
+
+def test_add_subject_data(db):
+ policy_id = "policy_id_1"
+ data_id = "data_id_1"
+ category_id = "subject_category_id1"
+ value = {
+ "name": "subject-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ subject_data = add_object_data(policy_id, data_id, category_id, value).get('data')
+ assert subject_data
+ subject_data_id = list(subject_data.keys())[0]
+ assert subject_data[subject_data_id].get('policy_id') == policy_id
+
+
+def test_delete_subject_data(db):
+ policy_id = mock_data.get_policy_id()
+ get_available_metadata(policy_id)
+ data_id = "data_id_1"
+ category_id = "subject_category_id1"
+ value = {
+ "name": "subject-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ subject_data = add_subject_data(policy_id, data_id, category_id, value).get('data')
+ subject_data_id = list(subject_data.keys())[0]
+ delete_subject_data(subject_data[subject_data_id].get('policy_id'), data_id)
+ new_subject_data = get_subject_data(policy_id)
+ assert len(new_subject_data[0]['data']) == 0
+
+
+def test_get_actions(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "test_action",
+ "description": "test",
+ }
+ add_action(policy_id=policy_id, value=value)
+ actions = get_actions(policy_id, )
+ assert actions
+ assert len(actions) == 1
+ action_id = list(actions.keys())[0]
+ assert actions[action_id].get('policy_list')[0] == policy_id
+
+
+def test_add_action(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "test_action",
+ "description": "test",
+ }
+ action = add_action(policy_id=policy_id, value=value)
+ assert action
+ action_id = list(action.keys())[0]
+ assert len(action[action_id].get('policy_list')) == 1
+
+
+def test_add_action_multiple_times(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "test_action",
+ "description": "test",
+ }
+ action = add_action(policy_id=policy_id, value=value)
+ action_id = list(action.keys())[0]
+ perimeter_id = action[action_id].get('id')
+ assert action
+ value = {
+ "name": "test_action",
+ "description": "test",
+ "policy_list": ['policy_id_3', 'policy_id_4']
+ }
+ action = add_action('policy_id_7', perimeter_id, value)
+ assert action
+ action_id = list(action.keys())[0]
+ assert len(action[action_id].get('policy_list')) == 2
+
+
+def test_delete_action(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "test_action",
+ "description": "test",
+ }
+ action = add_action(policy_id=policy_id, value=value)
+ action_id = list(action.keys())[0]
+ delete_action(policy_id, action_id)
+ actions = get_actions(policy_id, )
+ assert not actions
+
+
+def test_delete_action_with_invalid_perimeter_id(db):
+ policy_id = "invalid"
+ perimeter_id = "invalid"
+ with pytest.raises(Exception) as exception_info:
+ delete_action(policy_id, perimeter_id)
+ assert str(exception_info.value) == '400: Action Unknown'
+
+
+def test_get_objects(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "test_object",
+ "description": "test",
+ }
+ add_object(policy_id=policy_id, value=value)
+ objects = get_objects(policy_id, )
+ assert objects
+ assert len(objects) == 1
+ object_id = list(objects.keys())[0]
+ assert objects[object_id].get('policy_list')[0] == policy_id
+
+
+def test_add_object(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "test_object",
+ "description": "test",
+ }
+ added_object = add_object(policy_id=policy_id, value=value)
+ assert added_object
+ object_id = list(added_object.keys())[0]
+ assert len(added_object[object_id].get('policy_list')) == 1
+
+
+def test_add_objects_multiple_times(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "test_object",
+ "description": "test",
+ }
+ added_object = add_object(policy_id=policy_id, value=value)
+ object_id = list(added_object.keys())[0]
+ perimeter_id = added_object[object_id].get('id')
+ assert added_object
+ value = {
+ "name": "test_object",
+ "description": "test",
+ "policy_list": ['policy_id_3', 'policy_id_4']
+ }
+ added_object = add_object('policy_id_7', perimeter_id, value)
+ assert added_object
+ object_id = list(added_object.keys())[0]
+ assert len(added_object[object_id].get('policy_list')) == 2
+
+
+def test_delete_object(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "test_object",
+ "description": "test",
+ }
+ added_object = add_object(policy_id=policy_id, value=value)
+ object_id = list(added_object.keys())[0]
+ delete_object(policy_id, object_id)
+ objects = get_objects(policy_id, )
+ assert not objects
+
+
+def test_delete_object_with_invalid_perimeter_id(db):
+ policy_id = "invalid"
+ perimeter_id = "invalid"
+ with pytest.raises(Exception) as exception_info:
+ delete_object(policy_id, perimeter_id)
+ assert str(exception_info.value) == '400: Object Unknown'
+
+
+def test_get_subjects(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "testuser",
+ "description": "test",
+ }
+ add_subject(policy_id=policy_id, value=value)
+ subjects = get_subjects(policy_id, )
+ assert subjects
+ assert len(subjects) == 1
+ subject_id = list(subjects.keys())[0]
+ assert subjects[subject_id].get('policy_list')[0] == policy_id
+
+
+def test_add_subject(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "testuser",
+ "description": "test",
+ }
+ subject = add_subject(policy_id=policy_id, value=value)
+ assert subject
+ subject_id = list(subject.keys())[0]
+ assert len(subject[subject_id].get('policy_list')) == 1
+
+
+def test_add_subjects_multiple_times(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "testuser",
+ "description": "test",
+ }
+ subject = add_subject(policy_id=policy_id, value=value)
+ subject_id = list(subject.keys())[0]
+ perimeter_id = subject[subject_id].get('id')
+ assert subject
+ value = {
+ "name": "testuser",
+ "description": "test",
+ "policy_list": ['policy_id_3', 'policy_id_4']
+ }
+ subject = add_subject('policy_id_7', perimeter_id, value)
+ assert subject
+ subject_id = list(subject.keys())[0]
+ assert len(subject[subject_id].get('policy_list')) == 2
+
+
+def test_delete_subject(db):
+ policy_id = "policy_id_1"
+ value = {
+ "name": "testuser",
+ "description": "test",
+ }
+ subject = add_subject(policy_id=policy_id, value=value)
+ subject_id = list(subject.keys())[0]
+ delete_subject(policy_id, subject_id)
+ subjects = get_subjects(policy_id, )
+ assert not subjects
+
+
+def test_delete_subject_with_invalid_perimeter_id(db):
+ policy_id = "invalid"
+ perimeter_id = "invalid"
+ with pytest.raises(Exception) as exception_info:
+ delete_subject(policy_id, perimeter_id)
+ assert str(exception_info.value) == '400: Subject Unknown'
+
+
+def test_get_available_metadata(db):
+ policy_id = mock_data.get_policy_id()
+ metadata = get_available_metadata(policy_id)
+ assert metadata
+ assert metadata['object'][0] == "object_category_id1"
+ assert metadata['subject'][0] == "subject_category_id1"
+ assert metadata['subject'][1] == "subject_category_id2"
+
+
+def test_get_available_metadata_empty_model(db):
+ import policies.test_policies as test_policies
+ policy_id = mock_data.get_policy_id()
+ value = mock_data.create_policy("invalid")
+ policy = test_policies.add_policies(value)
+ assert policy
+ policy_id = list(policy.keys())[0]
+ metadata = get_available_metadata(policy_id)
+ assert metadata \ No newline at end of file
diff --git a/python_moondb/tests/unit_python/policies/test_policies.py b/python_moondb/tests/unit_python/policies/test_policies.py
new file mode 100755
index 00000000..acd5d7a8
--- /dev/null
+++ b/python_moondb/tests/unit_python/policies/test_policies.py
@@ -0,0 +1,161 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+
+def get_policies():
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_policies("admin")
+
+
+def add_policies(value=None):
+ from python_moondb.core import PolicyManager
+ if not value:
+ value = {
+ "name": "test_policiy",
+ "model_id": "",
+ "genre": "authz",
+ "description": "test",
+ }
+ return PolicyManager.add_policy("admin", value=value)
+
+
+def delete_policies(uuid=None, name=None):
+ from python_moondb.core import PolicyManager
+ if not uuid:
+ for policy_id, policy_value in get_policies():
+ if name == policy_value['name']:
+ uuid = policy_id
+ break
+ PolicyManager.delete_policy("admin", uuid)
+
+
+def get_rules(policy_id=None, meta_rule_id=None, rule_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_rules("", policy_id, meta_rule_id, rule_id)
+
+
+def add_rule(policy_id=None, meta_rule_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ if not value:
+ value = {
+ "rule": ("high", "medium", "vm-action"),
+ "instructions": ({"decision": "grant"}),
+ "enabled": "",
+ }
+ return PolicyManager.add_rule("", policy_id, meta_rule_id, value)
+
+
+def delete_rule(policy_id=None, rule_id=None):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_rule("", policy_id, rule_id)
+
+
+def test_get_policies(db):
+ policies = get_policies()
+ assert isinstance(policies, dict)
+ assert not policies
+
+
+def test_add_policies(db):
+ value = {
+ "name": "test_policy",
+ "model_id": "",
+ "genre": "authz",
+ "description": "test",
+ }
+ policies = add_policies(value)
+ assert isinstance(policies, dict)
+ assert policies
+ assert len(policies.keys()) == 1
+ policy_id = list(policies.keys())[0]
+ for key in ("genre", "name", "model_id", "description"):
+ assert key in policies[policy_id]
+ assert policies[policy_id][key] == value[key]
+
+
+def test_delete_policies(db):
+ value = {
+ "name": "test_policy1",
+ "model_id": "",
+ "genre": "authz",
+ "description": "test",
+ }
+ policies = add_policies(value)
+ policy_id1 = list(policies.keys())[0]
+ value = {
+ "name": "test_policy2",
+ "model_id": "",
+ "genre": "authz",
+ "description": "test",
+ }
+ policies = add_policies(value)
+ policy_id2 = list(policies.keys())[0]
+ assert policy_id1 != policy_id2
+ delete_policies(policy_id1)
+ policies = get_policies()
+ assert policy_id1 not in policies
+
+
+def test_get_rules(db):
+ value = {
+ "rule": ("low", "medium", "vm-action"),
+ "instructions": ({"decision": "grant"}),
+ "enabled": "",
+ }
+ policy_id = "1"
+ meta_rule_id = "1"
+ add_rule(policy_id, meta_rule_id, value)
+ value = {
+ "rule": ("low", "low", "vm-action"),
+ "instructions": ({"decision": "grant"}),
+ "enabled": "",
+ }
+ policy_id = "1"
+ meta_rule_id = "1"
+ add_rule(policy_id, meta_rule_id, value)
+ rules = get_rules(policy_id, meta_rule_id)
+ assert isinstance(rules, dict)
+ assert rules
+ obj = rules.get('rules')
+ assert len(obj) == 2
+
+
+def test_get_rules_with_invalid_policy_id_failure(db):
+ rules = get_rules("invalid_policy_id", "meta_rule_id")
+ assert not rules.get('meta_rule-id')
+ assert len(rules.get('rules')) == 0
+
+
+def test_add_rule(db):
+ value = {
+ "rule": ("high", "medium", "vm-action"),
+ "instructions": ({"decision": "grant"}),
+ "enabled": "",
+ }
+ policy_id = "1"
+ meta_rule_id = "1"
+ rules = add_rule(policy_id, meta_rule_id, value)
+ assert rules
+ assert len(rules) == 1
+ assert isinstance(rules, dict)
+ rule_id = list(rules.keys())[0]
+ for key in ("rule", "instructions", "enabled"):
+ assert key in rules[rule_id]
+ assert rules[rule_id][key] == value[key]
+
+
+def test_delete_rule(db):
+ value = {
+ "rule": ("low", "low", "vm-action"),
+ "instructions": ({"decision": "grant"}),
+ "enabled": "",
+ }
+ policy_id = "2"
+ meta_rule_id = "2"
+ rules = add_rule(policy_id, meta_rule_id, value)
+ rule_id = list(rules.keys())[0]
+ delete_rule(policy_id, rule_id)
+ rules = get_rules(policy_id, meta_rule_id)
+ assert not rules.get('rules')
diff --git a/python_moondb/tests/unit_python/test_keystone.py b/python_moondb/tests/unit_python/test_keystone.py
new file mode 100644
index 00000000..134bec0d
--- /dev/null
+++ b/python_moondb/tests/unit_python/test_keystone.py
@@ -0,0 +1,53 @@
+import pytest
+
+
+def create_project(tenant_dict):
+ from python_moondb.core import KeystoneManager
+ return KeystoneManager.create_project(tenant_dict)
+
+
+def list_projects():
+ from python_moondb.core import KeystoneManager
+ return KeystoneManager.list_projects()
+
+
+def create_user(subject_dict):
+ from python_moondb.core import KeystoneManager
+ return KeystoneManager.create_user(subject_dict)
+
+
+def test_create_project():
+ tenant_dict = {
+ "description": "test_project",
+ "domain_id": ['domain_id_1'],
+ "enabled": True,
+ "is_domain": False,
+ "name": 'project_1'
+ }
+ project = create_project(tenant_dict)
+ assert project
+ assert project.get('name') == tenant_dict.get('name')
+
+
+def test_create_project_without_name():
+ tenant_dict = {
+ "description": "test_project",
+ "domain_id": ['domain_id_1'],
+ "enabled": True,
+ "is_domain": False,
+ }
+ with pytest.raises(Exception) as exception_info:
+ create_project(tenant_dict)
+ assert '400: Keystone project error' == str(exception_info.value)
+
+
+def test_create_user():
+ subject_dict = {
+ "password": "password",
+ "domain_id": ['domain_id_1'],
+ "enabled": True,
+ "project": 'test_project',
+ "name": 'user_id_1'
+ }
+ user = create_user(subject_dict)
+ assert user
diff --git a/python_moondb/tests/unit_python/test_pdp.py b/python_moondb/tests/unit_python/test_pdp.py
new file mode 100755
index 00000000..cb206d3d
--- /dev/null
+++ b/python_moondb/tests/unit_python/test_pdp.py
@@ -0,0 +1,69 @@
+def update_pdp(pdp_id, value):
+ from python_moondb.core import PDPManager
+ return PDPManager.update_pdp("", pdp_id, value)
+
+
+def delete_pdp(pdp_id):
+ from python_moondb.core import PDPManager
+ PDPManager.delete_pdp("", pdp_id)
+
+
+def add_pdp(pdp_id=None, value=None):
+ from python_moondb.core import PDPManager
+ return PDPManager.add_pdp("", pdp_id, value)
+
+
+def get_pdp(pdp_id=None):
+ from python_moondb.core import PDPManager
+ return PDPManager.get_pdp("", pdp_id)
+
+
+def test_update_pdp(db):
+ pdp_id = "pdp_id1"
+ value = {
+ "name": "test_pdp",
+ "security_pipeline": ["policy_id_1", "policy_id_2"],
+ "keystone_project_id": "keystone_project_id1",
+ "description": "...",
+ }
+ add_pdp(pdp_id, value)
+ pdp = update_pdp(pdp_id, value)
+ assert pdp
+
+
+def test_delete_pdp(db):
+ pdp_id = "pdp_id1"
+ value = {
+ "name": "test_pdp",
+ "security_pipeline": ["policy_id_1", "policy_id_2"],
+ "keystone_project_id": "keystone_project_id1",
+ "description": "...",
+ }
+ add_pdp(pdp_id, value)
+ delete_pdp(pdp_id)
+ assert len(get_pdp(pdp_id)) == 0
+
+
+def test_add_pdp(db):
+ pdp_id = "pdp_id1"
+ value = {
+ "name": "test_pdp",
+ "security_pipeline": ["policy_id_1", "policy_id_2"],
+ "keystone_project_id": "keystone_project_id1",
+ "description": "...",
+ }
+ pdp = add_pdp(pdp_id, value)
+ assert pdp
+
+
+def test_get_pdp(db):
+ pdp_id = "pdp_id1"
+ value = {
+ "name": "test_pdp",
+ "security_pipeline": ["policy_id_1", "policy_id_2"],
+ "keystone_project_id": "keystone_project_id1",
+ "description": "...",
+ }
+ add_pdp(pdp_id, value)
+ pdp = get_pdp(pdp_id)
+ assert len(pdp) == 1
diff --git a/python_moondb/tests/unit_python/test_policies.py b/python_moondb/tests/unit_python/test_policies.py
deleted file mode 100644
index 2d654660..00000000
--- a/python_moondb/tests/unit_python/test_policies.py
+++ /dev/null
@@ -1,77 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-
-def get_policies():
- from python_moondb.core import PolicyManager
- return PolicyManager.get_policies("admin")
-
-
-def add_policies(value=None):
- from python_moondb.core import PolicyManager
- if not value:
- value = {
- "name": "test_policiy",
- "model_id": "",
- "genre": "authz",
- "description": "test",
- }
- return PolicyManager.add_policy("admin", value=value)
-
-
-def delete_policies(uuid=None, name=None):
- from python_moondb.core import PolicyManager
- if not uuid:
- for policy_id, policy_value in get_policies():
- if name == policy_value['name']:
- uuid = policy_id
- break
- PolicyManager.delete_policy("admin", uuid)
-
-
-def test_get_policies(db):
- policies = get_policies()
- assert isinstance(policies, dict)
- assert not policies
-
-
-def test_add_policies(db):
- value = {
- "name": "test_policy",
- "model_id": "",
- "genre": "authz",
- "description": "test",
- }
- policies = add_policies(value)
- assert isinstance(policies, dict)
- assert policies
- assert len(policies.keys()) == 1
- policy_id = list(policies.keys())[0]
- for key in ("genre", "name", "model_id", "description"):
- assert key in policies[policy_id]
- assert policies[policy_id][key] == value[key]
-
-
-def test_delete_policies(db):
- value = {
- "name": "test_policy1",
- "model_id": "",
- "genre": "authz",
- "description": "test",
- }
- policies = add_policies(value)
- policy_id1 = list(policies.keys())[0]
- value = {
- "name": "test_policy2",
- "model_id": "",
- "genre": "authz",
- "description": "test",
- }
- policies = add_policies(value)
- policy_id2 = list(policies.keys())[0]
- assert policy_id1 != policy_id2
- delete_policies(policy_id1)
- policies = get_policies()
- assert policy_id1 not in policies
diff --git a/python_moonutilities/python_moonutilities/exceptions.py b/python_moonutilities/python_moonutilities/exceptions.py
index 5bbab2be..dab398cf 100644
--- a/python_moonutilities/python_moonutilities/exceptions.py
+++ b/python_moonutilities/python_moonutilities/exceptions.py
@@ -14,7 +14,7 @@ class MoonErrorMetaClass(type):
def __init__(cls, name, bases, dct):
super(MoonErrorMetaClass, cls).__init__(name, bases, dct)
- cls.hierarchy += "/"+str(name)
+ cls.hierarchy += "/" + str(name)
class MoonError(HTTPException):
@@ -109,6 +109,7 @@ class TenantNoIntraAuthzExtension(TenantNoIntraExtension):
title = 'Tenant No Intra_Admin_Extension'
logger = "ERROR"
+
# Exceptions for IntraExtension
@@ -520,3 +521,16 @@ class ContainerMissing(DockerError):
title = 'Container missing'
logger = "ERROR"
+
+class PdpUnknown(MoonError):
+ description = _("The pdp is unknown.")
+ code = 400
+ title = 'Pdp Unknown'
+ logger = "Error"
+
+
+class PdpExisting(MoonError):
+ description = _("The pdp already exists.")
+ code = 409
+ title = 'Pdp Error'
+ logger = "Error"
diff --git a/templates/moon_forming/README.md b/templates/moon_forming/README.md
deleted file mode 100644
index f6327693..00000000
--- a/templates/moon_forming/README.md
+++ /dev/null
@@ -1,12 +0,0 @@
-Introduction
-============
-
-moonforming is a container used to automatize the configuration of the Moon patform
-
-Usage
-=====
-
-```bash
-docker run asteroide/moonforming:v1.1
-```
-
diff --git a/templates/moon_forming/moon.conf b/templates/moon_forming/moon.conf
deleted file mode 100644
index dc498e34..00000000
--- a/templates/moon_forming/moon.conf
+++ /dev/null
@@ -1,79 +0,0 @@
-database:
- url: mysql+pymysql://moon:p4sswOrd1@db/moon
- driver: sql
-
-openstack:
- keystone:
- url: http://keystone:5000/v3
- user: admin
- password: p4ssw0rd
- domain: default
- project: admin
- check_token: false
- certificate: false
-
-plugins:
- authz:
- container: wukongsun/moon_authz:v4.3
- port: 8081
- session:
- container: asteroide/session:latest
- port: 8082
-
-components:
- interface:
- port: 8080
- bind: 0.0.0.0
- hostname: interface
- container: wukongsun/moon_interface:v4.3
- orchestrator:
- port: 8083
- bind: 0.0.0.0
- hostname: orchestrator
- container: wukongsun/moon_orchestrator:v4.3
- wrapper:
- port: 8080
- bind: 0.0.0.0
- hostname: wrapper
- container: wukongsun/moon_wrapper:v4.3.1
- timeout: 5
- manager:
- port: 8082
- bind: 0.0.0.0
- hostname: manager
- container: wukongsun/moon_manager:v4.3.1
- port_start: 31001
-
-logging:
- version: 1
-
- formatters:
- brief:
- format: "%(levelname)s %(name)s %(message)-30s"
- custom:
- format: "%(asctime)-15s %(levelname)s %(name)s %(message)s"
-
- handlers:
- console:
- class : logging.StreamHandler
- formatter: brief
- level : INFO
- stream : ext://sys.stdout
- file:
- class : logging.handlers.RotatingFileHandler
- formatter: custom
- level : DEBUG
- filename: /tmp/moon.log
- maxBytes: 1048576
- backupCount: 3
-
- loggers:
- moon:
- level: DEBUG
- handlers: [console, file]
- propagate: no
-
- root:
- level: ERROR
- handlers: [console]
-
diff --git a/templates/moon_forming/populate_default_values.py b/templates/moon_forming/populate_default_values.py
deleted file mode 100644
index fa099458..00000000
--- a/templates/moon_forming/populate_default_values.py
+++ /dev/null
@@ -1,235 +0,0 @@
-import argparse
-import logging
-from importlib.machinery import SourceFileLoader
-from utils.pdp import *
-from utils.models import *
-from utils.policies import *
-
-parser = argparse.ArgumentParser()
-parser.add_argument('filename', help='scenario filename', nargs=1)
-parser.add_argument("--verbose", "-v", action='store_true',
- help="verbose mode")
-parser.add_argument("--debug", "-d", action='store_true', help="debug mode")
-parser.add_argument("--keystone-pid", "-k", dest="keystone_pid", default="",
- help="Force a particular Keystone Project ID")
-args = parser.parse_args()
-
-FORMAT = '%(asctime)-15s %(levelname)s %(message)s'
-if args.debug:
- logging.basicConfig(
- format=FORMAT,
- level=logging.DEBUG)
-elif args.verbose:
- logging.basicConfig(
- format=FORMAT,
- level=logging.INFO)
-else:
- logging.basicConfig(
- format=FORMAT,
- level=logging.WARNING)
-
-requests_log = logging.getLogger("requests.packages.urllib3")
-requests_log.setLevel(logging.WARNING)
-requests_log.propagate = True
-
-logger = logging.getLogger("moonforming")
-
-if args.filename:
- print("Loading: {}".format(args.filename[0]))
-
-m = SourceFileLoader("scenario", args.filename[0])
-
-scenario = m.load_module()
-
-
-def create_model(model_id=None):
- if args.verbose:
- logger.info("Creating model {}".format(scenario.model_name))
- if not model_id:
- logger.info("Add model")
- model_id = add_model(name=scenario.model_name)
- logger.info("Add subject categories")
- for cat in scenario.subject_categories:
- scenario.subject_categories[cat] = add_subject_category(name=cat)
- logger.info("Add object categories")
- for cat in scenario.object_categories:
- scenario.object_categories[cat] = add_object_category(name=cat)
- logger.info("Add action categories")
- for cat in scenario.action_categories:
- scenario.action_categories[cat] = add_action_category(name=cat)
- sub_cat = []
- ob_cat = []
- act_cat = []
- meta_rule_list = []
- for item_name, item_value in scenario.meta_rule.items():
- for item in item_value["value"]:
- if item in scenario.subject_categories:
- sub_cat.append(scenario.subject_categories[item])
- elif item in scenario.object_categories:
- ob_cat.append(scenario.object_categories[item])
- elif item in scenario.action_categories:
- act_cat.append(scenario.action_categories[item])
- meta_rules = check_meta_rule(meta_rule_id=None)
- for _meta_rule_id, _meta_rule_value in meta_rules['meta_rules'].items():
- if _meta_rule_value['name'] == item_name:
- meta_rule_id = _meta_rule_id
- break
- else:
- logger.info("Add meta rule")
- meta_rule_id = add_meta_rule(item_name, sub_cat, ob_cat, act_cat)
- item_value["id"] = meta_rule_id
- if meta_rule_id not in meta_rule_list:
- meta_rule_list.append(meta_rule_id)
- return model_id, meta_rule_list
-
-
-def create_policy(model_id, meta_rule_list):
- if args.verbose:
- logger.info("Creating policy {}".format(scenario.policy_name))
- _policies = check_policy()
- for _policy_id, _policy_value in _policies["policies"].items():
- if _policy_value['name'] == scenario.policy_name:
- policy_id = _policy_id
- break
- else:
- policy_id = add_policy(name=scenario.policy_name, genre=scenario.policy_genre)
-
- update_policy(policy_id, model_id)
-
- for meta_rule_id in meta_rule_list:
- logger.debug("add_meta_rule_to_model {} {}".format(model_id, meta_rule_id))
- add_meta_rule_to_model(model_id, meta_rule_id)
-
- logger.info("Add subject data")
- for subject_cat_name in scenario.subject_data:
- for subject_data_name in scenario.subject_data[subject_cat_name]:
- data_id = scenario.subject_data[subject_cat_name][subject_data_name] = add_subject_data(
- policy_id=policy_id,
- category_id=scenario.subject_categories[subject_cat_name], name=subject_data_name)
- scenario.subject_data[subject_cat_name][subject_data_name] = data_id
- logger.info("Add object data")
- for object_cat_name in scenario.object_data:
- for object_data_name in scenario.object_data[object_cat_name]:
- data_id = scenario.object_data[object_cat_name][object_data_name] = add_object_data(
- policy_id=policy_id,
- category_id=scenario.object_categories[object_cat_name], name=object_data_name)
- scenario.object_data[object_cat_name][object_data_name] = data_id
- logger.info("Add action data")
- for action_cat_name in scenario.action_data:
- for action_data_name in scenario.action_data[action_cat_name]:
- data_id = scenario.action_data[action_cat_name][action_data_name] = add_action_data(
- policy_id=policy_id,
- category_id=scenario.action_categories[action_cat_name], name=action_data_name)
- scenario.action_data[action_cat_name][action_data_name] = data_id
-
- logger.info("Add subjects")
- for name in scenario.subjects:
- scenario.subjects[name] = add_subject(policy_id, name=name)
- logger.info("Add objects")
- for name in scenario.objects:
- scenario.objects[name] = add_object(policy_id, name=name)
- logger.info("Add actions")
- for name in scenario.actions:
- scenario.actions[name] = add_action(policy_id, name=name)
-
- logger.info("Add subject assignments")
- for subject_name in scenario.subject_assignments:
- if type(scenario.subject_assignments[subject_name]) in (list, tuple):
- for items in scenario.subject_assignments[subject_name]:
- for subject_category_name in items:
- subject_id = scenario.subjects[subject_name]
- subject_cat_id = scenario.subject_categories[subject_category_name]
- for data in scenario.subject_assignments[subject_name]:
- subject_data_id = scenario.subject_data[subject_category_name][data[subject_category_name]]
- add_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id)
- else:
- for subject_category_name in scenario.subject_assignments[subject_name]:
- subject_id = scenario.subjects[subject_name]
- subject_cat_id = scenario.subject_categories[subject_category_name]
- subject_data_id = scenario.subject_data[subject_category_name][scenario.subject_assignments[subject_name][subject_category_name]]
- add_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id)
-
- logger.info("Add object assignments")
- for object_name in scenario.object_assignments:
- if type(scenario.object_assignments[object_name]) in (list, tuple):
- for items in scenario.object_assignments[object_name]:
- for object_category_name in items:
- object_id = scenario.objects[object_name]
- object_cat_id = scenario.object_categories[object_category_name]
- for data in scenario.object_assignments[object_name]:
- object_data_id = scenario.object_data[object_category_name][data[object_category_name]]
- add_object_assignments(policy_id, object_id, object_cat_id, object_data_id)
- else:
- for object_category_name in scenario.object_assignments[object_name]:
- object_id = scenario.objects[object_name]
- object_cat_id = scenario.object_categories[object_category_name]
- object_data_id = scenario.object_data[object_category_name][scenario.object_assignments[object_name][object_category_name]]
- add_object_assignments(policy_id, object_id, object_cat_id, object_data_id)
-
- logger.info("Add action assignments")
- for action_name in scenario.action_assignments:
- if type(scenario.action_assignments[action_name]) in (list, tuple):
- for items in scenario.action_assignments[action_name]:
- for action_category_name in items:
- action_id = scenario.actions[action_name]
- action_cat_id = scenario.action_categories[action_category_name]
- for data in scenario.action_assignments[action_name]:
- action_data_id = scenario.action_data[action_category_name][data[action_category_name]]
- add_action_assignments(policy_id, action_id, action_cat_id, action_data_id)
- else:
- for action_category_name in scenario.action_assignments[action_name]:
- action_id = scenario.actions[action_name]
- action_cat_id = scenario.action_categories[action_category_name]
- action_data_id = scenario.action_data[action_category_name][scenario.action_assignments[action_name][action_category_name]]
- add_action_assignments(policy_id, action_id, action_cat_id, action_data_id)
-
- logger.info("Add rules")
- for meta_rule_name in scenario.rules:
- meta_rule_value = scenario.meta_rule[meta_rule_name]
- for rule in scenario.rules[meta_rule_name]:
- data_list = []
- _meta_rule = list(meta_rule_value["value"])
- for data_name in rule["rule"]:
- category_name = _meta_rule.pop(0)
- if category_name in scenario.subject_categories:
- data_list.append(scenario.subject_data[category_name][data_name])
- elif category_name in scenario.object_categories:
- data_list.append(scenario.object_data[category_name][data_name])
- elif category_name in scenario.action_categories:
- data_list.append(scenario.action_data[category_name][data_name])
- instructions = rule["instructions"]
- add_rule(policy_id, meta_rule_value["id"], data_list, instructions)
- return policy_id
-
-
-def create_pdp(policy_id=None):
- logger.info("Creating PDP {}".format(scenario.pdp_name))
- projects = get_keystone_projects()
- project_id = args.keystone_pid
- if not project_id:
- for _project in projects['projects']:
- if _project['name'] == "admin":
- project_id = _project['id']
- assert project_id
- pdps = check_pdp()["pdps"]
- for pdp_id, pdp_value in pdps.items():
- if scenario.pdp_name == pdp_value["name"]:
- update_pdp(pdp_id, policy_id=policy_id)
- logger.debug("Found existing PDP named {} (will add policy {})".format(scenario.pdp_name, policy_id))
- return pdp_id
- _pdp_id = add_pdp(name=scenario.pdp_name, policy_id=policy_id)
- map_to_keystone(pdp_id=_pdp_id, keystone_project_id=project_id)
- return _pdp_id
-
-if __name__ == "__main__":
- _models = check_model()
- for _model_id, _model_value in _models['models'].items():
- if _model_value['name'] == scenario.model_name:
- model_id = _model_id
- meta_rule_list = _model_value['meta_rules']
- create_model(model_id)
- break
- else:
- model_id, meta_rule_list = create_model()
- policy_id = create_policy(model_id, meta_rule_list)
- pdp_id = create_pdp(policy_id)
diff --git a/templates/moon_forming/utils/config.py b/templates/moon_forming/utils/config.py
deleted file mode 100644
index 30c8ea4f..00000000
--- a/templates/moon_forming/utils/config.py
+++ /dev/null
@@ -1,22 +0,0 @@
-import yaml
-
-
-def get_config_data(filename="moon.conf"):
- data_config = None
- for _file in (
- filename,
- "conf/moon.conf",
- "../moon.conf",
- "../conf/moon.conf",
- "/etc/moon/moon.conf",
- ):
- try:
- data_config = yaml.safe_load(open(_file))
- except FileNotFoundError:
- data_config = None
- continue
- else:
- break
- if not data_config:
- raise Exception("Configuration file not found...")
- return data_config
diff --git a/templates/moon_forming/utils/models.py b/templates/moon_forming/utils/models.py
deleted file mode 100644
index 3cf31354..00000000
--- a/templates/moon_forming/utils/models.py
+++ /dev/null
@@ -1,270 +0,0 @@
-import requests
-import copy
-import utils.config
-
-config = utils.config.get_config_data()
-
-URL = "http://{}:{}".format(
- config['components']['manager']['hostname'],
- config['components']['manager']['port'])
-URL = URL + "{}"
-HEADERS = {"content-type": "application/json"}
-
-model_template = {
- "name": "test_model",
- "description": "test",
- "meta_rules": []
-}
-
-category_template = {
- "name": "name of the category",
- "description": "description of the category"
-}
-
-meta_rule_template = {
- "name": "test_meta_rule",
- "subject_categories": [],
- "object_categories": [],
- "action_categories": []
-}
-
-
-def check_model(model_id=None, check_model_name=True):
- req = requests.get(URL.format("/models"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "models" in result
- if model_id:
- assert result["models"]
- assert model_id in result['models']
- assert "name" in result['models'][model_id]
- if check_model_name:
- assert model_template["name"] == result['models'][model_id]["name"]
- return result
-
-
-def add_model(name=None):
- if name:
- model_template['name'] = name
- req = requests.post(URL.format("/models"), json=model_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- model_id = list(result['models'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['models'][model_id]
- assert model_template["name"] == result['models'][model_id]["name"]
- return model_id
-
-
-def delete_model(model_id):
- req = requests.delete(URL.format("/models/{}".format(model_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
-
-def add_subject_category(name="subject_cat_1"):
- category_template["name"] = name
- req = requests.post(URL.format("/subject_categories"), json=category_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "subject_categories" in result
- category_id = list(result['subject_categories'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['subject_categories'][category_id]
- assert category_template["name"] == result['subject_categories'][category_id]["name"]
- return category_id
-
-
-def check_subject_category(category_id):
- req = requests.get(URL.format("/subject_categories"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "subject_categories" in result
- if "result" in result:
- assert result["result"]
- assert category_id in result['subject_categories']
- assert "name" in result['subject_categories'][category_id]
- assert category_template["name"] == result['subject_categories'][category_id]["name"]
-
-
-def delete_subject_category(category_id):
- req = requests.delete(URL.format("/subject_categories/{}".format(category_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
-
-
-def add_object_category(name="object_cat_1"):
- category_template["name"] = name
- req = requests.post(URL.format("/object_categories"), json=category_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "object_categories" in result
- category_id = list(result['object_categories'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['object_categories'][category_id]
- assert category_template["name"] == result['object_categories'][category_id]["name"]
- return category_id
-
-
-def check_object_category(category_id):
- req = requests.get(URL.format("/object_categories"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "object_categories" in result
- if "result" in result:
- assert result["result"]
- assert category_id in result['object_categories']
- assert "name" in result['object_categories'][category_id]
- assert category_template["name"] == result['object_categories'][category_id]["name"]
-
-
-def delete_object_category(category_id):
- req = requests.delete(URL.format("/object_categories/{}".format(category_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
-
-
-def add_action_category(name="action_cat_1"):
- category_template["name"] = name
- req = requests.post(URL.format("/action_categories"), json=category_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "action_categories" in result
- category_id = list(result['action_categories'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['action_categories'][category_id]
- assert category_template["name"] == result['action_categories'][category_id]["name"]
- return category_id
-
-
-def check_action_category(category_id):
- req = requests.get(URL.format("/action_categories"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "action_categories" in result
- if "result" in result:
- assert result["result"]
- assert category_id in result['action_categories']
- assert "name" in result['action_categories'][category_id]
- assert category_template["name"] == result['action_categories'][category_id]["name"]
-
-
-def delete_action_category(category_id):
- req = requests.delete(URL.format("/action_categories/{}".format(category_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
-
-
-def add_categories_and_meta_rule(name="test_meta_rule"):
- scat_id = add_subject_category()
- ocat_id = add_object_category()
- acat_id = add_action_category()
- _meta_rule_template = copy.deepcopy(meta_rule_template)
- _meta_rule_template["name"] = name
- _meta_rule_template["subject_categories"].append(scat_id)
- _meta_rule_template["object_categories"].append(ocat_id)
- _meta_rule_template["action_categories"].append(acat_id)
- req = requests.post(URL.format("/meta_rules"), json=_meta_rule_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "meta_rules" in result
- meta_rule_id = list(result['meta_rules'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['meta_rules'][meta_rule_id]
- assert _meta_rule_template["name"] == result['meta_rules'][meta_rule_id]["name"]
- return meta_rule_id, scat_id, ocat_id, acat_id
-
-
-def add_meta_rule(name="test_meta_rule", scat=[], ocat=[], acat=[]):
- _meta_rule_template = copy.deepcopy(meta_rule_template)
- _meta_rule_template["name"] = name
- _meta_rule_template["subject_categories"] = []
- _meta_rule_template["subject_categories"].extend(scat)
- _meta_rule_template["object_categories"] = []
- _meta_rule_template["object_categories"].extend(ocat)
- _meta_rule_template["action_categories"] = []
- _meta_rule_template["action_categories"].extend(acat)
- req = requests.post(URL.format("/meta_rules"), json=_meta_rule_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "meta_rules" in result
- meta_rule_id = list(result['meta_rules'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['meta_rules'][meta_rule_id]
- assert _meta_rule_template["name"] == result['meta_rules'][meta_rule_id]["name"]
- return meta_rule_id
-
-
-def check_meta_rule(meta_rule_id, scat_id=None, ocat_id=None, acat_id=None):
- req = requests.get(URL.format("/meta_rules"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "meta_rules" in result
- if "result" in result:
- assert result["result"]
- if not meta_rule_id:
- return result
- assert meta_rule_id in result['meta_rules']
- assert "name" in result['meta_rules'][meta_rule_id]
- if scat_id:
- assert scat_id in result['meta_rules'][meta_rule_id]["subject_categories"]
- if ocat_id:
- assert ocat_id in result['meta_rules'][meta_rule_id]["object_categories"]
- if acat_id:
- assert acat_id in result['meta_rules'][meta_rule_id]["action_categories"]
-
-
-def delete_meta_rule(meta_rule_id):
- req = requests.delete(URL.format("/meta_rules/{}".format(meta_rule_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
-
-
-def add_meta_rule_to_model(model_id, meta_rule_id):
- model = check_model(model_id, check_model_name=False)['models']
- meta_rule_list = model[model_id]["meta_rules"]
- if meta_rule_id not in meta_rule_list:
- meta_rule_list.append(meta_rule_id)
- req = requests.patch(URL.format("/models/{}".format(model_id)),
- json={"meta_rules": meta_rule_list},
- headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- model_id = list(result['models'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "meta_rules" in result['models'][model_id]
- assert meta_rule_list == result['models'][model_id]["meta_rules"]
diff --git a/templates/moon_forming/utils/pdp.py b/templates/moon_forming/utils/pdp.py
deleted file mode 100644
index f3c6df37..00000000
--- a/templates/moon_forming/utils/pdp.py
+++ /dev/null
@@ -1,163 +0,0 @@
-import logging
-import requests
-import utils.config
-
-config = utils.config.get_config_data()
-logger = logging.getLogger("moonforming.utils.policies")
-
-URL = "http://{}:{}".format(
- config['components']['manager']['hostname'],
- config['components']['manager']['port'])
-HEADERS = {"content-type": "application/json"}
-KEYSTONE_USER = config['openstack']['keystone']['user']
-KEYSTONE_PASSWORD = config['openstack']['keystone']['password']
-KEYSTONE_PROJECT = config['openstack']['keystone']['project']
-KEYSTONE_SERVER = config['openstack']['keystone']['url']
-
-pdp_template = {
- "name": "test_pdp",
- "security_pipeline": [],
- "keystone_project_id": None,
- "description": "test",
-}
-
-
-def get_keystone_projects():
-
- HEADERS = {
- "Content-Type": "application/json"
- }
-
- data_auth = {
- "auth": {
- "identity": {
- "methods": [
- "password"
- ],
- "password": {
- "user": {
- "name": KEYSTONE_USER,
- "domain": {
- "name": "Default"
- },
- "password": KEYSTONE_PASSWORD
- }
- }
- }
- }
- }
-
- req = requests.post("{}/auth/tokens".format(KEYSTONE_SERVER), json=data_auth, headers=HEADERS)
- logger.debug("{}/auth/tokens".format(KEYSTONE_SERVER))
- logger.debug(req.text)
- assert req.status_code in (200, 201)
- TOKEN = req.headers['X-Subject-Token']
- HEADERS['X-Auth-Token'] = TOKEN
- req = requests.get("{}/projects".format(KEYSTONE_SERVER), headers=HEADERS)
- if req.status_code not in (200, 201):
- data_auth["auth"]["scope"] = {
- "project": {
- "name": KEYSTONE_PROJECT,
- "domain": {
- "id": "default"
- }
- }
- }
- req = requests.post("{}/auth/tokens".format(KEYSTONE_SERVER), json=data_auth, headers=HEADERS)
- assert req.status_code in (200, 201)
- TOKEN = req.headers['X-Subject-Token']
- HEADERS['X-Auth-Token'] = TOKEN
- req = requests.get("{}/projects".format(KEYSTONE_SERVER), headers=HEADERS)
- assert req.status_code in (200, 201)
- return req.json()
-
-
-def check_pdp(pdp_id=None, keystone_project_id=None, moon_url=None):
- _URL = URL
- if moon_url:
- _URL = moon_url
- req = requests.get(_URL + "/pdp")
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "pdps" in result
- if pdp_id:
- assert result["pdps"]
- assert pdp_id in result['pdps']
- assert "name" in result['pdps'][pdp_id]
- assert pdp_template["name"] == result['pdps'][pdp_id]["name"]
- if keystone_project_id:
- assert result["pdps"]
- assert pdp_id in result['pdps']
- assert "keystone_project_id" in result['pdps'][pdp_id]
- assert keystone_project_id == result['pdps'][pdp_id]["keystone_project_id"]
- return result
-
-
-def add_pdp(name="test_pdp", policy_id=None):
- pdp_template['name'] = name
- if policy_id:
- pdp_template['security_pipeline'].append(policy_id)
- req = requests.post(URL + "/pdp", json=pdp_template, headers=HEADERS)
- logger.debug(req.status_code)
- logger.debug(req)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- pdp_id = list(result['pdps'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['pdps'][pdp_id]
- assert pdp_template["name"] == result['pdps'][pdp_id]["name"]
- return pdp_id
-
-
-def update_pdp(pdp_id, policy_id=None):
- req = requests.get(URL + "/pdp/{}".format(pdp_id))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "pdps" in result
- assert pdp_id in result['pdps']
- pipeline = result['pdps'][pdp_id]["security_pipeline"]
- if policy_id not in pipeline:
- pipeline.append(policy_id)
- req = requests.patch(URL + "/pdp/{}".format(pdp_id),
- json={"security_pipeline": pipeline})
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "pdps" in result
- assert pdp_id in result['pdps']
-
- req = requests.get(URL + "/pdp/{}".format(pdp_id))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "pdps" in result
- assert pdp_id in result['pdps']
- assert policy_id in pipeline
-
-
-def map_to_keystone(pdp_id, keystone_project_id):
- req = requests.patch(URL + "/pdp/{}".format(pdp_id), json={"keystone_project_id": keystone_project_id},
- headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
- assert pdp_id in result['pdps']
- assert "name" in result['pdps'][pdp_id]
- assert pdp_template["name"] == result['pdps'][pdp_id]["name"]
- return pdp_id
-
-
-def delete_pdp(pdp_id):
- req = requests.delete(URL + "/pdp/{}".format(pdp_id))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
diff --git a/templates/moon_forming/utils/policies.py b/templates/moon_forming/utils/policies.py
deleted file mode 100644
index bd08291a..00000000
--- a/templates/moon_forming/utils/policies.py
+++ /dev/null
@@ -1,635 +0,0 @@
-import logging
-import requests
-import utils.config
-
-config = utils.config.get_config_data()
-logger = logging.getLogger("moonforming.utils.policies")
-
-URL = "http://{}:{}".format(config['components']['manager']['hostname'], config['components']['manager']['port'])
-URL = URL + "{}"
-HEADERS = {"content-type": "application/json"}
-FILE = open("/tmp/test.log", "w")
-
-policy_template = {
- "name": "test_policy",
- "model_id": "",
- "genre": "authz",
- "description": "test",
-}
-
-subject_template = {
- "name": "test_subject",
- "description": "test",
- "email": "mail",
- "password": "my_pass",
-}
-
-object_template = {
- "name": "test_subject",
- "description": "test"
-}
-
-action_template = {
- "name": "test_subject",
- "description": "test"
-}
-
-subject_data_template = {
- "name": "subject_data1",
- "description": "description of the data subject"
-}
-
-object_data_template = {
- "name": "object_data1",
- "description": "description of the data subject"
-}
-
-action_data_template = {
- "name": "action_data1",
- "description": "description of the data subject"
-}
-
-subject_assignment_template = {
- "id": "",
- "category_id": "",
- "scope_id": ""
-}
-
-
-def check_policy(policy_id=None):
- req = requests.get(URL.format("/policies"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "policies" in result
- if policy_id:
- assert result["policies"]
- assert policy_id in result['policies']
- assert "name" in result['policies'][policy_id]
- assert policy_template["name"] == result['policies'][policy_id]["name"]
- return result
-
-
-def add_policy(name="test_policy", genre="authz"):
- policy_template["name"] = name
- policy_template["genre"] = genre
- req = requests.post(URL.format("/policies"), json=policy_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- policy_id = list(result['policies'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['policies'][policy_id]
- assert policy_template["name"] == result['policies'][policy_id]["name"]
- return policy_id
-
-
-def update_policy(policy_id, model_id):
- req = requests.patch(URL.format("/policies/{}".format(policy_id)),
- json={"model_id": model_id}, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- policy_id = list(result['policies'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "model_id" in result['policies'][policy_id]
- assert model_id == result['policies'][policy_id]["model_id"]
-
-
-def delete_policy(policy_id):
- req = requests.delete(URL.format("/policies/{}".format(policy_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
-
-def add_subject(policy_id=None, name="test_subject"):
- subject_template['name'] = name
- if policy_id:
- logger.debug(URL.format("/policies/{}/subjects".format(policy_id)))
- req = requests.post(URL.format("/policies/{}/subjects".format(policy_id)),
- json=subject_template, headers=HEADERS)
- else:
- logger.debug(URL.format("/subjects"))
- req = requests.post(URL.format("/subjects"), json=subject_template, headers=HEADERS)
- logger.debug(req.text)
- assert req.status_code == 200
- result = req.json()
- assert "subjects" in result
- subject_id = list(result['subjects'].keys())[0]
- return subject_id
-
-
-def update_subject(subject_id, policy_id=None, description=None):
- if policy_id and not description:
- req = requests.patch(URL.format("/policies/{}/subjects/{}".format(policy_id, subject_id)),
- json={})
- elif policy_id and description:
- req = requests.patch(URL.format("/policies/{}/subjects/{}".format(policy_id, subject_id)),
- json={"description": description})
- else:
- req = requests.patch(URL.format("/subjects/{}".format(subject_id)),
- json={"description": description})
- assert req.status_code == 200
- result = req.json()
- assert "subjects" in result
- assert "name" in result["subjects"][subject_id]
- assert subject_template["name"] == result["subjects"][subject_id]["name"]
- assert "policy_list" in result["subjects"][subject_id]
- if policy_id:
- assert policy_id in result["subjects"][subject_id]["policy_list"]
- if description:
- assert description in result["subjects"][subject_id]["description"]
-
-
-def check_subject(subject_id=None, policy_id=None):
- if policy_id:
- req = requests.get(URL.format("/policies/{}/subjects".format(policy_id)))
- else:
- req = requests.get(URL.format("/subjects"))
- assert req.status_code == 200
- result = req.json()
- assert "subjects" in result
- assert "name" in result["subjects"][subject_id]
- assert subject_template["name"] == result["subjects"][subject_id]["name"]
- if policy_id:
- assert "policy_list" in result["subjects"][subject_id]
- assert policy_id in result["subjects"][subject_id]["policy_list"]
-
-
-def delete_subject(subject_id, policy_id=None):
- if policy_id:
- req = requests.delete(URL.format("/policies/{}/subjects/{}".format(policy_id, subject_id)))
- else:
- req = requests.delete(URL.format("/subjects/{}".format(subject_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
- if policy_id:
- req = requests.get(URL.format("/policies/{}/subjects".format(policy_id)))
- else:
- req = requests.get(URL.format("/subjects"))
- assert req.status_code == 200
- result = req.json()
- assert "subjects" in result
- if subject_id in result["subjects"]:
- assert "name" in result["subjects"][subject_id]
- assert subject_template["name"] == result["subjects"][subject_id]["name"]
- if policy_id:
- assert "policy_list" in result["subjects"][subject_id]
- assert policy_id not in result["subjects"][subject_id]["policy_list"]
-
-
-def add_object(policy_id=None, name="test_object"):
- object_template['name'] = name
- if policy_id:
- req = requests.post(URL.format("/policies/{}/objects".format(policy_id)),
- json=object_template, headers=HEADERS)
- else:
- req = requests.post(URL.format("/objects"), json=object_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "objects" in result
- object_id = list(result['objects'].keys())[0]
- return object_id
-
-
-def update_object(object_id, policy_id):
- req = requests.patch(URL.format("/policies/{}/objects/{}".format(policy_id, object_id)), json={})
- assert req.status_code == 200
- result = req.json()
- assert "objects" in result
- assert "name" in result["objects"][object_id]
- assert object_template["name"] == result["objects"][object_id]["name"]
- assert "policy_list" in result["objects"][object_id]
- assert policy_id in result["objects"][object_id]["policy_list"]
-
-
-def check_object(object_id=None, policy_id=None):
- if policy_id:
- req = requests.get(URL.format("/policies/{}/objects".format(policy_id)))
- else:
- req = requests.get(URL.format("/objects"))
- assert req.status_code == 200
- result = req.json()
- assert "objects" in result
- assert "name" in result["objects"][object_id]
- assert object_template["name"] == result["objects"][object_id]["name"]
- if policy_id:
- assert "policy_list" in result["objects"][object_id]
- assert policy_id in result["objects"][object_id]["policy_list"]
-
-
-def delete_object(object_id, policy_id=None):
- if policy_id:
- req = requests.delete(URL.format("/policies/{}/objects/{}".format(policy_id, object_id)))
- else:
- req = requests.delete(URL.format("/objects/{}".format(object_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
- if policy_id:
- req = requests.get(URL.format("/policies/{}/objects".format(policy_id)))
- else:
- req = requests.get(URL.format("/objects"))
- assert req.status_code == 200
- result = req.json()
- assert "objects" in result
- if object_id in result["objects"]:
- assert "name" in result["objects"][object_id]
- assert object_template["name"] == result["objects"][object_id]["name"]
- if policy_id:
- assert "policy_list" in result["objects"][object_id]
- assert policy_id not in result["objects"][object_id]["policy_list"]
-
-
-def add_action(policy_id=None, name="test_action"):
- action_template['name'] = name
- if policy_id:
- req = requests.post(URL.format("/policies/{}/actions".format(policy_id)),
- json=action_template, headers=HEADERS)
- else:
- req = requests.post(URL.format("/actions"), json=action_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "actions" in result
- action_id = list(result['actions'].keys())[0]
- return action_id
-
-
-def update_action(action_id, policy_id):
- req = requests.patch(URL.format("/policies/{}/actions/{}".format(policy_id, action_id)), json={})
- assert req.status_code == 200
- result = req.json()
- assert "actions" in result
- assert "name" in result["actions"][action_id]
- assert action_template["name"] == result["actions"][action_id]["name"]
- assert "policy_list" in result["actions"][action_id]
- assert policy_id in result["actions"][action_id]["policy_list"]
-
-
-def check_action(action_id=None, policy_id=None):
- if policy_id:
- req = requests.get(URL.format("/policies/{}/actions".format(policy_id)))
- else:
- req = requests.get(URL.format("/actions"))
- assert req.status_code == 200
- result = req.json()
- assert "actions" in result
- assert "name" in result["actions"][action_id]
- assert action_template["name"] == result["actions"][action_id]["name"]
- if policy_id:
- assert "policy_list" in result["actions"][action_id]
- assert policy_id in result["actions"][action_id]["policy_list"]
-
-
-def delete_action(action_id, policy_id=None):
- if policy_id:
- req = requests.delete(URL.format("/policies/{}/actions/{}".format(policy_id, action_id)))
- else:
- req = requests.delete(URL.format("/actions/{}".format(action_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
- if policy_id:
- req = requests.get(URL.format("/policies/{}/actions".format(policy_id)))
- else:
- req = requests.get(URL.format("/actions"))
- assert req.status_code == 200
- result = req.json()
- assert "actions" in result
- if action_id in result["actions"]:
- assert "name" in result["actions"][action_id]
- assert action_template["name"] == result["actions"][action_id]["name"]
- if policy_id:
- assert "policy_list" in result["actions"][action_id]
- assert policy_id not in result["actions"][action_id]["policy_list"]
-
-
-def add_subject_data(policy_id, category_id, name="subject_data1"):
- subject_data_template['name'] = name
- req = requests.post(URL.format("/policies/{}/subject_data/{}".format(policy_id, category_id)),
- json=subject_data_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "subject_data" in result
- subject_id = list(result['subject_data']['data'].keys())[0]
- return subject_id
-
-
-def check_subject_data(policy_id, data_id, category_id):
- req = requests.get(URL.format("/policies/{}/subject_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "subject_data" in result
- for _data in result['subject_data']:
- assert data_id in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def delete_subject_data(policy_id, category_id, data_id):
- req = requests.delete(URL.format("/policies/{}/subject_data/{}/{}".format(policy_id, category_id, data_id)),
- headers=HEADERS)
- assert req.status_code == 200
- req = requests.get(URL.format("/policies/{}/subject_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "subject_data" in result
- for _data in result['subject_data']:
- assert data_id not in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def add_object_data(policy_id, category_id, name="object_data1"):
- object_data_template['name'] = name
- req = requests.post(URL.format("/policies/{}/object_data/{}".format(policy_id, category_id)),
- json=object_data_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "object_data" in result
- object_id = list(result['object_data']['data'].keys())[0]
- return object_id
-
-
-def check_object_data(policy_id, data_id, category_id):
- req = requests.get(URL.format("/policies/{}/object_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "object_data" in result
- for _data in result['object_data']:
- assert data_id in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def delete_object_data(policy_id, category_id, data_id):
- req = requests.delete(URL.format("/policies/{}/object_data/{}/{}".format(policy_id, category_id, data_id)),
- headers=HEADERS)
- assert req.status_code == 200
- req = requests.get(URL.format("/policies/{}/object_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "object_data" in result
- for _data in result['object_data']:
- assert data_id not in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def add_action_data(policy_id, category_id, name="action_data1"):
- action_data_template['name'] = name
- req = requests.post(URL.format("/policies/{}/action_data/{}".format(policy_id, category_id)),
- json=action_data_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "action_data" in result
- action_id = list(result['action_data']['data'].keys())[0]
- return action_id
-
-
-def check_action_data(policy_id, data_id, category_id):
- req = requests.get(URL.format("/policies/{}/action_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "action_data" in result
- for _data in result['action_data']:
- assert data_id in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def delete_action_data(policy_id, category_id, data_id):
- req = requests.delete(URL.format("/policies/{}/action_data/{}/{}".format(policy_id, category_id, data_id)),
- headers=HEADERS)
- assert req.status_code == 200
- req = requests.get(URL.format("/policies/{}/action_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "action_data" in result
- for _data in result['action_data']:
- assert data_id not in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def add_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id):
- req = requests.post(URL.format("/policies/{}/subject_assignments".format(policy_id)),
- json={
- "id": subject_id,
- "category_id": subject_cat_id,
- "data_id": subject_data_id
- }, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "subject_assignments" in result
- assert result["subject_assignments"]
-
-
-def check_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id):
- req = requests.get(URL.format("/policies/{}/subject_assignments/{}/{}/{}".format(
- policy_id, subject_id, subject_cat_id, subject_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "subject_assignments" in result
- assert result["subject_assignments"]
- for key in result["subject_assignments"]:
- assert "subject_id" in result["subject_assignments"][key]
- assert "category_id" in result["subject_assignments"][key]
- assert "assignments" in result["subject_assignments"][key]
- if result["subject_assignments"][key]['subject_id'] == subject_id and \
- result["subject_assignments"][key]["category_id"] == subject_cat_id:
- assert subject_data_id in result["subject_assignments"][key]["assignments"]
-
-
-def check_object_assignments(policy_id, object_id, object_cat_id, object_data_id):
- req = requests.get(URL.format("/policies/{}/object_assignments/{}/{}/{}".format(
- policy_id, object_id, object_cat_id, object_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "object_assignments" in result
- assert result["object_assignments"]
- for key in result["object_assignments"]:
- assert "object_id" in result["object_assignments"][key]
- assert "category_id" in result["object_assignments"][key]
- assert "assignments" in result["object_assignments"][key]
- if result["object_assignments"][key]['object_id'] == object_id and \
- result["object_assignments"][key]["category_id"] == object_cat_id:
- assert object_data_id in result["object_assignments"][key]["assignments"]
-
-
-def check_action_assignments(policy_id, action_id, action_cat_id, action_data_id):
- req = requests.get(URL.format("/policies/{}/action_assignments/{}/{}/{}".format(
- policy_id, action_id, action_cat_id, action_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "action_assignments" in result
- assert result["action_assignments"]
- for key in result["action_assignments"]:
- assert "action_id" in result["action_assignments"][key]
- assert "category_id" in result["action_assignments"][key]
- assert "assignments" in result["action_assignments"][key]
- if result["action_assignments"][key]['action_id'] == action_id and \
- result["action_assignments"][key]["category_id"] == action_cat_id:
- assert action_data_id in result["action_assignments"][key]["assignments"]
-
-
-def add_object_assignments(policy_id, object_id, object_cat_id, object_data_id):
- req = requests.post(URL.format("/policies/{}/object_assignments".format(policy_id)),
- json={
- "id": object_id,
- "category_id": object_cat_id,
- "data_id": object_data_id
- }, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "object_assignments" in result
- assert result["object_assignments"]
-
-
-def add_action_assignments(policy_id, action_id, action_cat_id, action_data_id):
- req = requests.post(URL.format("/policies/{}/action_assignments".format(policy_id)),
- json={
- "id": action_id,
- "category_id": action_cat_id,
- "data_id": action_data_id
- }, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "action_assignments" in result
- assert result["action_assignments"]
-
-
-def delete_subject_assignment(policy_id, subject_id, subject_cat_id, subject_data_id):
- req = requests.delete(URL.format("/policies/{}/subject_assignments/{}/{}/{}".format(
- policy_id, subject_id, subject_cat_id, subject_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "result" in result
- assert result["result"]
-
- req = requests.get(URL.format("/policies/{}/subject_assignments/{}/{}/{}".format(
- policy_id, subject_id, subject_cat_id, subject_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "subject_assignments" in result
- assert result["subject_assignments"]
- for key in result["subject_assignments"]:
- assert "subject_id" in result["subject_assignments"][key]
- assert "category_id" in result["subject_assignments"][key]
- assert "assignments" in result["subject_assignments"][key]
- if result["subject_assignments"][key]['subject_id'] == subject_id and \
- result["subject_assignments"][key]["category_id"] == subject_cat_id:
- assert subject_data_id not in result["subject_assignments"][key]["assignments"]
-
-
-def delete_object_assignment(policy_id, object_id, object_cat_id, object_data_id):
- req = requests.delete(URL.format("/policies/{}/object_assignments/{}/{}/{}".format(
- policy_id, object_id, object_cat_id, object_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "result" in result
- assert result["result"]
-
- req = requests.get(URL.format("/policies/{}/object_assignments/{}/{}/{}".format(
- policy_id, object_id, object_cat_id, object_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "object_assignments" in result
- assert result["object_assignments"]
- for key in result["object_assignments"]:
- assert "object_id" in result["object_assignments"][key]
- assert "category_id" in result["object_assignments"][key]
- assert "assignments" in result["object_assignments"][key]
- if result["object_assignments"][key]['object_id'] == object_id and \
- result["object_assignments"][key]["category_id"] == object_cat_id:
- assert object_data_id not in result["object_assignments"][key]["assignments"]
-
-
-def delete_action_assignment(policy_id, action_id, action_cat_id, action_data_id):
- req = requests.delete(URL.format("/policies/{}/action_assignments/{}/{}/{}".format(
- policy_id, action_id, action_cat_id, action_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "result" in result
- assert result["result"]
-
- req = requests.get(URL.format("/policies/{}/action_assignments/{}/{}/{}".format(
- policy_id, action_id, action_cat_id, action_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "action_assignments" in result
- assert result["action_assignments"]
- for key in result["action_assignments"]:
- assert "action_id" in result["action_assignments"][key]
- assert "category_id" in result["action_assignments"][key]
- assert "assignments" in result["action_assignments"][key]
- if result["action_assignments"][key]['action_id'] == action_id and \
- result["action_assignments"][key]["category_id"] == action_cat_id:
- assert action_data_id not in result["action_assignments"][key]["assignments"]
-
-
-def add_rule(policy_id, meta_rule_id, rule, instructions={"chain": [{"security_pipeline": "rbac"}]}):
- req = requests.post(URL.format("/policies/{}/rules".format(policy_id)),
- json={
- "meta_rule_id": meta_rule_id,
- "rule": rule,
- "instructions": instructions,
- "enabled": True
- },
- headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "rules" in result
- try:
- rule_id = list(result["rules"].keys())[0]
- except Exception as e:
- return False
- assert "policy_id" in result["rules"][rule_id]
- assert policy_id == result["rules"][rule_id]["policy_id"]
- assert "meta_rule_id" in result["rules"][rule_id]
- assert meta_rule_id == result["rules"][rule_id]["meta_rule_id"]
- assert rule == result["rules"][rule_id]["rule"]
- return rule_id
-
-
-def check_rule(policy_id, meta_rule_id, rule_id, rule):
- req = requests.get(URL.format("/policies/{}/rules".format(policy_id)))
- assert req.status_code == 200
- result = req.json()
- assert "rules" in result
- assert "policy_id" in result["rules"]
- assert policy_id == result["rules"]["policy_id"]
- for item in result["rules"]["rules"]:
- assert "meta_rule_id" in item
- if meta_rule_id == item["meta_rule_id"]:
- if rule_id == item["id"]:
- assert rule == item["rule"]
-
-
-def delete_rule(policy_id, rule_id):
- req = requests.delete(URL.format("/policies/{}/rules/{}".format(policy_id, rule_id)))
- assert req.status_code == 200
- result = req.json()
- assert "result" in result
- assert result["result"]
-
- req = requests.get(URL.format("/policies/{}/rules".format(policy_id)))
- assert req.status_code == 200
- result = req.json()
- assert "rules" in result
- assert "policy_id" in result["rules"]
- assert policy_id == result["rules"]["policy_id"]
- found_rule = False
- for item in result["rules"]["rules"]:
- if rule_id == item["id"]:
- found_rule = True
- assert not found_rule
diff --git a/tests/scenario/delegation.py b/tests/functional/scenario_available/delegation.py
index 839e74ce..839e74ce 100644
--- a/tests/scenario/delegation.py
+++ b/tests/functional/scenario_available/delegation.py
diff --git a/templates/moon_forming/conf/mls.py b/tests/functional/scenario_available/mls.py
index 0e6285c9..0e6285c9 100644
--- a/templates/moon_forming/conf/mls.py
+++ b/tests/functional/scenario_available/mls.py
diff --git a/templates/moon_forming/conf/rbac.py b/tests/functional/scenario_available/rbac.py
index 25c010fd..25c010fd 100644
--- a/templates/moon_forming/conf/rbac.py
+++ b/tests/functional/scenario_available/rbac.py
diff --git a/tests/scenario/rbac_custom_100.py b/tests/functional/scenario_available/rbac_custom_100.py
index 9ee55dbd..9ee55dbd 100644
--- a/tests/scenario/rbac_custom_100.py
+++ b/tests/functional/scenario_available/rbac_custom_100.py
diff --git a/tests/scenario/rbac_custom_1000.py b/tests/functional/scenario_available/rbac_custom_1000.py
index d6850485..d6850485 100644
--- a/tests/scenario/rbac_custom_1000.py
+++ b/tests/functional/scenario_available/rbac_custom_1000.py
diff --git a/tests/scenario/rbac_custom_50.py b/tests/functional/scenario_available/rbac_custom_50.py
index e1437cf4..e1437cf4 100644
--- a/tests/scenario/rbac_custom_50.py
+++ b/tests/functional/scenario_available/rbac_custom_50.py
diff --git a/tests/scenario/rbac_large.py b/tests/functional/scenario_available/rbac_large.py
index ef5dd9b2..ef5dd9b2 100644
--- a/tests/scenario/rbac_large.py
+++ b/tests/functional/scenario_available/rbac_large.py
diff --git a/tests/scenario/rbac_mls.py b/tests/functional/scenario_available/rbac_mls.py
index 8a5362ea..8a5362ea 100644
--- a/tests/scenario/rbac_mls.py
+++ b/tests/functional/scenario_available/rbac_mls.py
diff --git a/tests/scenario/session.py b/tests/functional/scenario_available/session.py
index 97d7aec3..97d7aec3 100644
--- a/tests/scenario/session.py
+++ b/tests/functional/scenario_available/session.py
diff --git a/tests/scenario/session_large.py b/tests/functional/scenario_available/session_large.py
index 5b4a64b6..5b4a64b6 100644
--- a/tests/scenario/session_large.py
+++ b/tests/functional/scenario_available/session_large.py
diff --git a/tests/functional/scenario_enabled/mls.py b/tests/functional/scenario_enabled/mls.py
new file mode 120000
index 00000000..6acd75ce
--- /dev/null
+++ b/tests/functional/scenario_enabled/mls.py
@@ -0,0 +1 @@
+../scenario_available/mls.py \ No newline at end of file
diff --git a/tests/functional/scenario_enabled/rbac.py b/tests/functional/scenario_enabled/rbac.py
new file mode 120000
index 00000000..0edc905a
--- /dev/null
+++ b/tests/functional/scenario_enabled/rbac.py
@@ -0,0 +1 @@
+../scenario_available/rbac.py \ No newline at end of file
diff --git a/tests/scenario/mls.py b/tests/functional/scenario_tests/mls.py
index 3a3ded43..0e6285c9 100644
--- a/tests/scenario/mls.py
+++ b/tests/functional/scenario_tests/mls.py
@@ -1,9 +1,10 @@
-pdp_name = "pdp1"
+pdp_name = "pdp_mls"
policy_name = "MLS Policy example"
model_name = "MLS"
+policy_genre = "authz"
-subjects = {"user0": "", "user1": "", "user2": "", }
+subjects = {"adminuser": "", "user1": "", "user2": "", }
objects = {"vm0": "", "vm1": "", }
actions = {"start": "", "stop": ""}
@@ -20,7 +21,7 @@ object_data = {
action_data = {"action-type": {"vm-action": "", "storage-action": "", }}
subject_assignments = {
- "user0": {"subject-security-level": "high"},
+ "adminuser": {"subject-security-level": "high"},
"user1": {"subject-security-level": "medium"},
}
object_assignments = {
@@ -33,21 +34,25 @@ action_assignments = {
}
meta_rule = {
- "mls": {"id": "", "value": ("subject-security-level", "object-security-level", "action-type")},
+ "mls": {
+ "id": "",
+ "value": ("subject-security-level",
+ "object-security-level",
+ "action-type")},
}
rules = {
"mls": (
{
- "rules": ("high", "medium", "vm-action"),
+ "rule": ("high", "medium", "vm-action"),
"instructions": ({"decision": "grant"})
},
{
- "rules": ("high", "low", "vm-action"),
+ "rule": ("high", "low", "vm-action"),
"instructions": ({"decision": "grant"})
},
{
- "rules": ("medium", "low", "vm-action"),
+ "rule": ("medium", "low", "vm-action"),
"instructions": ({"decision": "grant"})
},
)
diff --git a/tests/scenario/rbac.py b/tests/functional/scenario_tests/rbac.py
index 89fd7de8..1d2cabee 100644
--- a/tests/scenario/rbac.py
+++ b/tests/functional/scenario_tests/rbac.py
@@ -1,10 +1,10 @@
-pdp_name = "pdp1"
+pdp_name = "pdp_rbac1"
policy_name = "RBAC policy example"
model_name = "RBAC"
policy_genre = "authz"
-subjects = {"user0": "", "user1": "", }
+subjects = {"adminuser": "", "user1": "", }
objects = {"vm0": "", "vm1": "", }
actions = {"start": "", "stop": ""}
@@ -16,9 +16,24 @@ subject_data = {"role": {"admin": "", "employee": "", "*": ""}}
object_data = {"id": {"vm0": "", "vm1": "", "*": ""}}
action_data = {"action-type": {"vm-action": "", "*": ""}}
-subject_assignments = {"user0": ({"role": "employee"}, {"role": "*"}), "user1": ({"role": "employee"}, {"role": "*"}), }
-object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})}
-action_assignments = {"start": ({"action-type": "vm-action"}, {"action-type": "*"}), "stop": ({"action-type": "vm-action"}, {"action-type": "*"})}
+subject_assignments = {
+ "adminuser":
+ ({"role": "admin"}, {"role": "employee"}, {"role": "*"}),
+ "user1":
+ ({"role": "employee"}, {"role": "*"}),
+}
+object_assignments = {
+ "vm0":
+ ({"id": "vm0"}, {"id": "*"}),
+ "vm1":
+ ({"id": "vm1"}, {"id": "*"})
+}
+action_assignments = {
+ "start":
+ ({"action-type": "vm-action"}, {"action-type": "*"}),
+ "stop":
+ ({"action-type": "vm-action"}, {"action-type": "*"})
+}
meta_rule = {
"rbac": {"id": "", "value": ("role", "id", "action-type")},
@@ -29,7 +44,9 @@ rules = {
{
"rule": ("admin", "vm0", "vm-action"),
"instructions": (
- {"decision": "grant"}, # "grant" to immediately exit, "continue" to wait for the result of next policy
+ {"decision": "grant"},
+ # "grant" to immediately exit,
+ # "continue" to wait for the result of next policy
)
},
{
diff --git a/tests/get_keystone_projects.py b/tests/get_keystone_projects.py
deleted file mode 100644
index 9b5d87cd..00000000
--- a/tests/get_keystone_projects.py
+++ /dev/null
@@ -1,16 +0,0 @@
-from python_moonclient import parse, models, policies, pdp
-
-
-if __name__ == "__main__":
- args = parse.parse()
- consul_host = args.consul_host
- consul_port = args.consul_port
-
- models.init(consul_host, consul_port)
- policies.init(consul_host, consul_port)
- pdp.init(consul_host, consul_port)
-
- projects = pdp.get_keystone_projects()
-
- for _project in projects['projects']:
- print("{} {}".format(_project['id'], _project['name']))
diff --git a/tests/performance/README.md b/tests/performance/README.md
index 52613d2c..fcb80589 100644
--- a/tests/performance/README.md
+++ b/tests/performance/README.md
@@ -1,69 +1,80 @@
-# Moon Yardstick and Bottlenecks Performance Tests
+# Moon Yardstick/Bottlenecks Performance Tests
The main objective of this document is to describe the performance tests for the Moon project/module.
-Moon is a security managment platform which provides a set of security functions to project the underlying OPNFV infrastructure and/or VNFs.
-Moon is consisted of 2 parts: a master and a set of slaves. The master holds all security-related information and each slave only fetches and holds
-related informations for its local usage from master.
+Moon is a security management platform which provides a set of security functions to project the underlying OPNFV infrastructure and/or VNFs.
+It is consisted of 2 parts: a master and a set of slaves. The master holds all security-related information and each slave only fetches and holds
+related information for its local usage from master.
-## Moon Master Performance Tests
-In this test, we should:
+## Master Performance Tests
+### Pre-requisite
- setup a Moon master service on a physical server
-- create a tenant/scope through the Moon master service
-- create a MSL security policy with 4 subject security levels and 4 object security levels for this tenant
+- create a project in OpenStack/Keystone
+- create a MSL PDP with a model of 4 subject security levels and 4 object security levels, the MLS policy will be defined later
-- increase N to find the limit of the security policy (implemented in format of a Docker)
- - create N users and N resources (VMs in our case) in this tenant
- - simulate 2 operation requests per user per second to Moon's authorization endpoint
- - gather performance metrics like CPU, memory, network usages
- - throught the iteration, determine the capacity limit for one Docker
+### Policy Size Test
+Increase the number of users and resources N to find the limit of the security policy
+- create N users and N resources (VMs in our case) in this MLS security policy
+- sends 5 authz requests/second
+- gather performance metrics like CPU, memory, network usages
+Through the iteration, determine the maximal number of N to support 5 requests/second
-- setup 20 user and 20 resources (VMs in our case) for one tenant
- - increase the number of tenants to test the maximal number of tenants on the server
+### PDP Number Test
+- setup 20 user and 20 resources (VMs in our case) for each MLS PDP
+- sends 5 authz requests/second for each MLS PDP
+- increase the number of PDP to test the maximal number of PDP on the master
-- setup 5 tenants of N users and N resources (VMs in our case) in each tenant
- - increase N by simulating 2 operation requests per user per second to the Moon's authorization endpoint
- - gather performance metrics like CPU, memory, network usages
- - throught the iteration, dermine the maximal user/resource number of these 5 tenants/Dockers on the server
+### Policy Size Test for 5 PDPs
+- setup 5 PDPs of N users and N resources (VMs in our case)
+- sends 5 authz requests/second for each MLS PDP
+- gather performance metrics like CPU, memory, network usages
+Through the iteration, determine the maximal user/resource number of these 5 PDPs
-- setup 10 tenants of N users and N resources (VMs in our case) in each tenant
- - increase N by simulating 2 operation requests per user per second to the Moon's authorization endpoint
- - gather performance metrics like CPU, memory, network usages
- - throught the iteration, dermine the maximal user/resource number of these 10 tenants/Dockers on the server
+### Policy Size Test for 10 PDPs
+- setup 10 PDPs of N users and N resources (VMs in our case)
+- sends 5 authz requests/second for each MLS PDP
+- gather performance metrics like CPU, memory, network usages
+Through the iteration, determine the maximal user/resource number of these 10 PDPs
-- setup 20 tenants of N users and N resources (VMs in our case) in each tenant
- - increase N by simulating 2 operation requests per user per second to the Moon's authorization endpoint
- - gather performance metrics like CPU, memory, network usages
- - throught the iteration, dermine the maximal user/resource number of these 20 tenants/Dockers on the server
-
-## Moon Slave Performace Tests
-In this test, we should:
-- setup a Moon master service on a physical server
-- setup a Moon slave service on a physical server
-- create a tenant/scope through the Moon master service
-- create a MSL security policy with 4 subject security levels and 4 object security levels for this tenant through the Moon master service
+### Policy Size Test for 20 PDPs
+- setup 20 PDPs of N users and N resources (VMs in our case)
+- sends 5 authz requests/second for each MLS PDP
+- gather performance metrics like CPU, memory, network usages
+Through the iteration, determine the maximal user/resource number of these 20 PDPs
-- increase N to find the limit of the security policy (implemented in format of a Docker)
- - create N users and N resources (VMs in our case) in this tenant
- - simulate 2 operation requests per user per second to Moon slave's authorizatoin endpoint
- - gather performance metrics like CPU, memory, network usages of Moon slave
- - throught the iteration, dermine the capacity limit for one Docker of Moon slave
-
-- setup 20 user and 20 resources (VMs in our case) for one tenant through the Moon slave service
- - increate the number of tenants to test the maximal number of tenants on the server of the Moon slave
-
-- setup 5 tenants of N users and N resources (VMs in our case) in each tenant through the Moon master service
- - increate N by simulating 2 operation requests per user per second to the Moon slave's authorization endpoint
- - gather performance metrics like CPU, memory, network usages of both Moon master and Moon slave
- - throught the iteration, dermine the maximal user/resource number of these 5 tenants/Dockers on the server of Moon slave
-- setup 10 tenants of N users and N resources (VMs in our case) in each tenant through the Moon master service
- - increate N by simulating 2 operation requests per user per second to the Moon slave's authorization endpoint
- - gather performance metrics like CPU, memory, network usages of both Moon master and slave
- - throught the iteration, dermine the maximal user/resource number of these 10 tenants/Dockers on the server of the Moon slave
+## Master-Slave Performance Tests
+### Pre-requisite
+- setup a Moon master on a physical server
+- setup a Moon slave on a physical server
+- create a project in OpenStack/Keystone
+- create a MSL PDP with a model of 4 subject security levels and 4 object security levels, the MLS policy will be defined later on the master
+
+### Slave Policy Size Test
+Increase the number of users and resources N to find the limit of the security policy
+- create N users and N resources (VMs in our case) in this MLS security policy on the master
+- sends 5 authz requests/second to the slave
+- gather performance metrics like CPU, memory, network usages of the slave
+Through the iteration, determine the maximal number of N to support 5 requests/second of the slave
+
+### Slave PDP Number Test
+- setup 20 user and 20 resources (VMs in our case) for each MLS PDP on the master
+- sends 5 authz requests/second for each MLS PDP to the slave
+Through the iteration, determine the maximal number of PDP to support 5 requests/second of the slave
-- setup 20 tenants of N users and N resources (VMs in our case) in each tenant through the Moon master service
- - increate N by simulating 2 operation requests per user per second to the Moon slave's authorization endpoint
- - gather performance metrics like CPU, memory, network usages of both Moon master and slave
- - throught the iteration, dermine the maximal user/resource number of these 20 tenants/Dockers on the server of the Moon slave
+### Slave Policy Size Test for 5 PDPs
+- setup 5 PDPs of N users and N resources (VMs in our case) on the master
+- sends 5 authz requests/second for each MLS PDP to the slave
+- gather performance metrics like CPU, memory, network usages of the slave
+Through the iteration, determine the maximal user/resource number of these 5 PDPs
+### Slave Policy Size Test for 10 PDPs
+- setup 10 PDPs of N users and N resources (VMs in our case) on the master
+- sends 5 authz requests/second for each MLS PDP to the slave
+- gather performance metrics like CPU, memory, network usages of the slave
+Through the iteration, determine the maximal user/resource number of these 10 PDPs
+### Slave Policy Size Test for 20 PDPs
+- setup 20 PDPs of N users and N resources (VMs in our case) on the master
+- sends 5 authz requests/second for each MLS PDP to the slave
+- gather performance metrics like CPU, memory, network usages of the slave
+Through the iteration, determine the maximal user/resource number of these 20 PDPs
diff --git a/tests/populate_default_values.py b/tests/populate_default_values.py
deleted file mode 100644
index d5a5769b..00000000
--- a/tests/populate_default_values.py
+++ /dev/null
@@ -1,37 +0,0 @@
-import logging
-from importlib.machinery import SourceFileLoader
-from python_moonclient import parse, models, policies, pdp
-
-logger = logging.getLogger("moonforming")
-
-
-if __name__ == "__main__":
- requests_log = logging.getLogger("requests.packages.urllib3")
- requests_log.setLevel(logging.WARNING)
- requests_log.propagate = True
-
- args = parse.parse()
- consul_host = args.consul_host
- consul_port = args.consul_port
- project_id = args.keystone_pid
-
- models.init(consul_host, consul_port)
- policies.init(consul_host, consul_port)
- pdp.init(consul_host, consul_port)
-
- if args.filename:
- print("Loading: {}".format(args.filename[0]))
- m = SourceFileLoader("scenario", args.filename[0])
- scenario = m.load_module()
-
- _models = models.check_model()
- for _model_id, _model_value in _models['models'].items():
- if _model_value['name'] == scenario.model_name:
- model_id = _model_id
- meta_rule_list = _model_value['meta_rules']
- models.create_model(scenario, model_id)
- break
- else:
- model_id, meta_rule_list = models.create_model(scenario)
- policy_id = policies.create_policy(scenario, model_id, meta_rule_list)
- pdp_id = pdp.create_pdp(scenario, policy_id=policy_id, project_id=project_id)
diff --git a/tests/send_authz.py b/tests/send_authz.py
deleted file mode 100644
index b4ed1d2f..00000000
--- a/tests/send_authz.py
+++ /dev/null
@@ -1,32 +0,0 @@
-from importlib.machinery import SourceFileLoader
-from python_moonclient import config, parse, models, policies, pdp, authz
-
-
-if __name__ == "__main__":
- args = parse.parse()
- consul_host = args.consul_host
- consul_port = args.consul_port
-
- models.init(consul_host, consul_port)
- policies.init(consul_host, consul_port)
- pdp.init(consul_host, consul_port)
-
- if args.filename:
- print("Loading: {}".format(args.filename[0]))
- m = SourceFileLoader("scenario", args.filename[0])
- scenario = m.load_module()
-
- keystone_project_id = pdp.get_keystone_id(args.pdp)
- time_data = authz.send_requests(
- scenario,
- args.authz_host,
- args.authz_port,
- keystone_project_id,
- request_second=args.request_second,
- limit=args.limit,
- dry_run=args.dry_run,
- stress_test=args.stress_test,
- destination=args.destination
- )
- if not args.dry_run:
- authz.save_data(args.write, time_data)
diff --git a/bin/README.md b/tools/bin/README.md
index 3125c468..3125c468 100644
--- a/bin/README.md
+++ b/tools/bin/README.md
diff --git a/bin/bootstrap.py b/tools/bin/bootstrap.py
index 6f2a5e03..6f2a5e03 100644
--- a/bin/bootstrap.py
+++ b/tools/bin/bootstrap.py
diff --git a/bin/build_all.sh b/tools/bin/build_all.sh
index 5bbf6a19..5bbf6a19 100644
--- a/bin/build_all.sh
+++ b/tools/bin/build_all.sh
diff --git a/bin/build_all_pip.sh b/tools/bin/build_all_pip.sh
index 2b415bf0..2b415bf0 100644
--- a/bin/build_all_pip.sh
+++ b/tools/bin/build_all_pip.sh
diff --git a/bin/delete_orchestrator.sh b/tools/bin/delete_orchestrator.sh
index 95fcfddd..95fcfddd 100644
--- a/bin/delete_orchestrator.sh
+++ b/tools/bin/delete_orchestrator.sh
diff --git a/bin/moon_lib_update.sh b/tools/bin/moon_lib_update.sh
index 3925e336..3925e336 100644
--- a/bin/moon_lib_update.sh
+++ b/tools/bin/moon_lib_update.sh
diff --git a/bin/set_auth.src b/tools/bin/set_auth.src
index d955e30b..d955e30b 100644
--- a/bin/set_auth.src
+++ b/tools/bin/set_auth.src
diff --git a/bin/start.sh b/tools/bin/start.sh
index e95ac393..e95ac393 100755
--- a/bin/start.sh
+++ b/tools/bin/start.sh
diff --git a/templates/moon_keystone/Dockerfile b/tools/moon_keystone/Dockerfile
index 2a43bd92..2a43bd92 100644
--- a/templates/moon_keystone/Dockerfile
+++ b/tools/moon_keystone/Dockerfile
diff --git a/templates/moon_keystone/README.md b/tools/moon_keystone/README.md
index 7027324e..7027324e 100644
--- a/templates/moon_keystone/README.md
+++ b/tools/moon_keystone/README.md
diff --git a/templates/moon_keystone/run.sh b/tools/moon_keystone/run.sh
index 2a61901e..2a61901e 100644
--- a/templates/moon_keystone/run.sh
+++ b/tools/moon_keystone/run.sh
diff --git a/tools/moon_kubernetes/README.md b/tools/moon_kubernetes/README.md
new file mode 100644
index 00000000..73d342fa
--- /dev/null
+++ b/tools/moon_kubernetes/README.md
@@ -0,0 +1,106 @@
+# Moon Platform Setup
+## Docker Installation
+```bash
+apt update
+apt install -y docker.io
+```
+
+## K8S Installation
+Choose the right K8S platform
+### Minikube
+```bash
+curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
+chmod +x ./kubectl
+sudo mv ./kubectl /usr/local/bin/kubectl
+curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.21.0/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
+```
+
+### Kubeadm
+see: https://kubernetes.io/docs/setup/independent/install-kubeadm/
+```bash
+apt-get update && apt-get install -y apt-transport-https
+curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
+cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
+deb http://apt.kubernetes.io/ kubernetes-xenial main
+EOF
+apt-get update
+apt-get install -y kubelet kubeadm kubectl
+```
+
+## Moon Deployment
+### Initiate K8S
+```bash
+cd $MOON_HOME
+bash tools/moon_kubernetes/init_k8s.sh
+```
+
+Wait until all the kubeadm containers are in the `running` state:
+```bash
+watch kubectl get po --namespace=kube-system
+```
+
+You must see something like this:
+
+ $ kubectl get po --namespace=kube-system
+ NAME READY STATUS RESTARTS AGE
+ calico-etcd-7qgjb 1/1 Running 0 1h
+ calico-node-f8zvm 2/2 Running 1 1h
+ calico-policy-controller-59fc4f7888-ns9kv 1/1 Running 0 1h
+ etcd-varuna 1/1 Running 0 1h
+ kube-apiserver-varuna 1/1 Running 0 1h
+ kube-controller-manager-varuna 1/1 Running 0 1h
+ kube-dns-bfbb49cd7-rgqxn 3/3 Running 0 1h
+ kube-proxy-x88wg 1/1 Running 0 1h
+ kube-scheduler-varuna 1/1 Running 0 1h
+
+
+### Deploy Moon
+```bash
+cd $MOON_HOME
+sudo bash tools/moon_kubernetes/start_moon.sh
+```
+
+Wait until all the Moon containers are in the `running` state:
+```bash
+watch kubectl get po --namespace=moon
+```
+
+You must see something like this:
+
+ $ kubectl get po --namespace=moon
+ NAME READY STATUS RESTARTS AGE
+ consul-57b6d66975-9qnfx 1/1 Running 0 52m
+ db-867f9c6666-bq8cf 1/1 Running 0 52m
+ gui-bc9878b58-q288x 1/1 Running 0 51m
+ keystone-7d9cdbb69f-bl6ln 1/1 Running 0 52m
+ manager-5bfbb96988-2nvhd 1/1 Running 0 51m
+ manager-5bfbb96988-fg8vj 1/1 Running 0 51m
+ manager-5bfbb96988-w9wnk 1/1 Running 0 51m
+ orchestrator-65d8fb4574-tnfx2 1/1 Running 0 51m
+ wrapper-astonishing-748b7dcc4f-ngsvp 1/1 Running 0 51m
+
+### Docker-K8S Port Mapping
+```yamlex
+manager:
+ port: 8082
+ kport: 30001
+gui:
+ port: 3000
+ kport: 30002
+orchestrator:
+ port: 8083
+ kport: 30003
+consul:
+ port: 8500
+ kport: 30005
+keystone:
+ port: 5000
+ kport: 30006
+wrapper:
+ port: 8080
+ kport: 30010
+interface:
+ port: 8080
+authz:
+ port: 8081
+```
diff --git a/templates/moon/moon.conf b/tools/moon_kubernetes/conf/moon.conf
index a5a40ad2..a5a40ad2 100644
--- a/templates/moon/moon.conf
+++ b/tools/moon_kubernetes/conf/moon.conf
diff --git a/kubernetes/conf/password_moon.txt b/tools/moon_kubernetes/conf/password_moon.txt
index bb9bcf7d..bb9bcf7d 100644
--- a/kubernetes/conf/password_moon.txt
+++ b/tools/moon_kubernetes/conf/password_moon.txt
diff --git a/kubernetes/conf/password_root.txt b/tools/moon_kubernetes/conf/password_root.txt
index bb9bcf7d..bb9bcf7d 100644
--- a/kubernetes/conf/password_root.txt
+++ b/tools/moon_kubernetes/conf/password_root.txt
diff --git a/kubernetes/init_k8s.sh b/tools/moon_kubernetes/init_k8s.sh
index 6eb94e78..8ec1237c 100644
--- a/kubernetes/init_k8s.sh
+++ b/tools/moon_kubernetes/init_k8s.sh
@@ -6,8 +6,8 @@ sudo kubeadm reset
sudo swapoff -a
-sudo kubeadm init --pod-network-cidr=192.168.0.0/16
-#sudo kubeadm init --pod-network-cidr=10.244.0.0/16
+sudo kubeadm init --pod-network-cidr=192.168.0.0/16 # network for Calico
+#sudo kubeadm init --pod-network-cidr=10.244.0.0/16 # network for Canal
mkdir -p $HOME/.kube
sudo cp -f /etc/kubernetes/admin.conf $HOME/.kube/config
@@ -20,9 +20,9 @@ kubectl apply -f http://docs.projectcalico.org/v2.4/getting-started/kubernetes/i
#kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
kubectl delete deployment kube-dns --namespace=kube-system
-kubectl apply -f kubernetes/templates/kube-dns.yaml
+kubectl apply -f tools/moon_kubernetes/templates/kube-dns.yaml
-kubectl taint nodes --all node-role.kubernetes.io/master-
+kubectl taint nodes --all node-role.kubernetes.io/master- # make the master also as a node
kubectl proxy&
sleep 5
diff --git a/tools/moon_kubernetes/start_moon.sh b/tools/moon_kubernetes/start_moon.sh
new file mode 100644
index 00000000..47d6998b
--- /dev/null
+++ b/tools/moon_kubernetes/start_moon.sh
@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+
+set -x
+
+kubectl create namespace moon
+kubectl create configmap moon-config --from-file tools/moon_kubernetes/conf/moon.conf -n moon
+kubectl create configmap config --from-file ~/.kube/config -n moon
+kubectl create configmap moon-policy-templates --from-file tests/functional/scenario_tests -n moon
+kubectl create secret generic mysql-root-pass --from-file=tools/moon_kubernetes/conf/password_root.txt -n moon
+kubectl create secret generic mysql-pass --from-file=tools/moon_kubernetes/conf/password_moon.txt -n moon
+
+kubectl create -n moon -f tools/moon_kubernetes/templates/consul.yaml
+kubectl create -n moon -f tools/moon_kubernetes/templates/db.yaml
+kubectl create -n moon -f tools/moon_kubernetes/templates/keystone.yaml
+
+echo =========================================
+kubectl get pods -n moon
+echo =========================================
+
+sleep 10
+kubectl create -n moon -f tools/moon_kubernetes/templates/moon_forming.yaml
+
+echo Waiting for jobs forming
+sleep 5
+kubectl get jobs -n moon
+kubectl logs -n moon jobs/forming
+
+sleep 5
+kubectl create -n moon -f tools/moon_kubernetes/templates/moon_manager.yaml
+
+sleep 2
+kubectl create -n moon -f tools/moon_kubernetes/templates/moon_orchestrator.yaml
+
+kubectl create -n moon -f tools/moon_kubernetes/templates/moon_gui.yaml
+
+
diff --git a/kubernetes/templates/consul.yaml b/tools/moon_kubernetes/templates/consul.yaml
index f0fb764e..f0fb764e 100644
--- a/kubernetes/templates/consul.yaml
+++ b/tools/moon_kubernetes/templates/consul.yaml
diff --git a/kubernetes/templates/db.yaml b/tools/moon_kubernetes/templates/db.yaml
index 38418643..a055507e 100644
--- a/kubernetes/templates/db.yaml
+++ b/tools/moon_kubernetes/templates/db.yaml
@@ -1,33 +1,3 @@
-#apiVersion: v1
-#kind: PersistentVolume
-#metadata:
-# name: local-pv-1
-# labels:
-# type: local
-#spec:
-# capacity:
-# storage: 5Gi
-# accessModes:
-# - ReadWriteOnce
-# hostPath:
-# path: /tmp/data/pv-1
-#---
-#
-#apiVersion: v1
-#kind: PersistentVolumeClaim
-#metadata:
-# name: mysql-pv-claim
-# labels:
-# platform: moon
-# app: db
-#spec:
-# accessModes:
-# - ReadWriteOnce
-# resources:
-# requests:
-# storage: 5Gi
-#---
-
apiVersion: apps/v1beta1
kind: Deployment
metadata:
@@ -71,6 +41,7 @@ spec:
# persistentVolumeClaim:
# claimName: mysql-pv-claim
---
+
apiVersion: v1
kind: Service
metadata:
diff --git a/kubernetes/templates/keystone.yaml b/tools/moon_kubernetes/templates/keystone.yaml
index e4218e4c..e4218e4c 100644
--- a/kubernetes/templates/keystone.yaml
+++ b/tools/moon_kubernetes/templates/keystone.yaml
diff --git a/kubernetes/templates/kube-dns.yaml b/tools/moon_kubernetes/templates/kube-dns.yaml
index c8f18fd8..c8f18fd8 100644
--- a/kubernetes/templates/kube-dns.yaml
+++ b/tools/moon_kubernetes/templates/kube-dns.yaml
diff --git a/kubernetes/templates/moon_configuration.yaml b/tools/moon_kubernetes/templates/moon_forming.yaml
index 3bcaa533..334ee175 100644
--- a/kubernetes/templates/moon_configuration.yaml
+++ b/tools/moon_kubernetes/templates/moon_forming.yaml
@@ -1,25 +1,30 @@
apiVersion: batch/v1
kind: Job
metadata:
- name: moonforming
+ name: forming
namespace: moon
spec:
template:
metadata:
- name: moonforming
+ name: forming
spec:
containers:
- - name: moonforming
- image: asteroide/moonforming:v1.3
+ - name: forming
+ image: wukongsun/moon_forming:latest
env:
- name: POPULATE_ARGS
value: "--verbose" # debug mode: --debug
volumeMounts:
- name: config-volume
mountPath: /etc/moon
+ - name: templates-volume
+ mountPath: /data
volumes:
- name: config-volume
configMap:
name: moon-config
+ - name: templates-volume
+ configMap:
+ name: moon-policy-templates
restartPolicy: Never
#backoffLimit: 4 \ No newline at end of file
diff --git a/kubernetes/templates/moon_gui.yaml b/tools/moon_kubernetes/templates/moon_gui.yaml
index 2d355216..2d355216 100644
--- a/kubernetes/templates/moon_gui.yaml
+++ b/tools/moon_kubernetes/templates/moon_gui.yaml
diff --git a/kubernetes/templates/moon_manager.yaml b/tools/moon_kubernetes/templates/moon_manager.yaml
index 9d4a09a8..9d4a09a8 100644
--- a/kubernetes/templates/moon_manager.yaml
+++ b/tools/moon_kubernetes/templates/moon_manager.yaml
diff --git a/kubernetes/templates/moon_orchestrator.yaml b/tools/moon_kubernetes/templates/moon_orchestrator.yaml
index 419f2d52..419f2d52 100644
--- a/kubernetes/templates/moon_orchestrator.yaml
+++ b/tools/moon_kubernetes/templates/moon_orchestrator.yaml
diff --git a/tools/openstack/README.md b/tools/openstack/README.md
new file mode 100644
index 00000000..8b5d06e5
--- /dev/null
+++ b/tools/openstack/README.md
@@ -0,0 +1,73 @@
+# OpenStack
+## Installation
+For the *Moon* platform, you must have the following OpenStack components installed somewhere:
+- *Nova*, see [Nova install](https://docs.openstack.org/mitaka/install-guide-ubuntu/nova-controller-install.html)
+- *Glance*, see [Glance install](https://docs.openstack.org/glance/pike/install/)
+- *Keystone* is automatically installed and configured in the Moon platform.
+After the Moon platform installation, the Keystone server will be available
+at: `http://localhost:30005 or http://\<servername\>:30005`
+
+You can also use your own Keystone server if you want.
+
+## Configuration
+Before updating the configuration of the OpenStack platform, check that the platform
+is working without Moon, use the following commands:
+```bash
+# set authentication
+openstack endpoint list
+openstack user list
+openstack server list
+```
+
+In order to connect the OpenStack platform with the Moon platform, you must update some
+configuration files in Nova and Glance:
+- `/etc/nova/policy.json`
+- `/etc/glance/policy.json`
+
+In some installed platform, the `/etc/nova/policy.json` can be absent so you have
+to create one. You can find example files in those directory:
+- `${MOON}/tools/openstack/nova/policy.json`
+- `${MOON}/tools/openstack/glance/policy.json`
+
+Each line is mapped to an OpenStack API interface, for example, the following line
+allows the user to get details for every virtual machines in the cloud
+(the corresponding shell command is `openstack server list`):
+
+ "os_compute_api:servers:detail": "",
+
+This lines indicates that there is no special authorisation to use this API,
+every users can use it. If you want that the Moon platform handles that authorisation,
+update this line with:
+
+ "os_compute_api:servers:detail": "http://my_hostname:31001/authz"
+
+1) by replacing `my_hostname` with the hostname (or the IP address) of the Moon platform.
+2) by updating the TCP port (default: 31001) with the good one.
+
+To find this TCP port, use the following command:
+
+ $ kubectl get services -n moon | grep wrapper | cut -d ":" -f 2 | cut -d " " -f 1
+ 31002/TCP
+
+## Tests
+Here is a shell script to authenticate to the OpenStack platform as `admin`:
+```bash
+export OS_USERNAME=admin
+export OS_PASSWORD=p4ssw0rd
+export OS_REGION_NAME=Orange
+export OS_TENANT_NAME=admin
+export OS_AUTH_URL=http://moon_hostname:30006/v3
+export OS_DOMAIN_NAME=Default
+export OS_IDENTITY_API_VERSION=3
+```
+
+For the `demo_user`, use:
+```bash
+export OS_USERNAME=demo_user
+export OS_PASSWORD=your_secret_password
+export OS_REGION_NAME=Orange
+export OS_TENANT_NAME=demo
+export OS_AUTH_URL=http://moon_hostname:30006/v3
+export OS_DOMAIN_NAME=Default
+export OS_IDENTITY_API_VERSION=3
+```
diff --git a/templates/openstack/glance/policy.json b/tools/openstack/glance/policy.json
index 5505f67f..5505f67f 100644
--- a/templates/openstack/glance/policy.json
+++ b/tools/openstack/glance/policy.json
diff --git a/templates/openstack/nova/policy.json b/tools/openstack/nova/policy.json
index 29763ce3..29763ce3 100644
--- a/templates/openstack/nova/policy.json
+++ b/tools/openstack/nova/policy.json