diff options
4 files changed, 252 insertions, 7 deletions
diff --git a/moonv4/moon_utilities/tests/unit_python/conftest.py b/moonv4/moon_utilities/tests/unit_python/conftest.py index 487c2f0e..17ba7852 100644 --- a/moonv4/moon_utilities/tests/unit_python/conftest.py +++ b/moonv4/moon_utilities/tests/unit_python/conftest.py @@ -1,6 +1,7 @@ import base64 import json import logging +import managers_mock as pdp_manager import pytest import requests_mock @@ -187,6 +188,7 @@ def no_requests(monkeypatch): "id": "1111111111111" }]} ) + pdp_manager.mock_managers(m) print("End registering URI") # from moon_db.db_manager import init_engine, run # engine = init_engine() diff --git a/moonv4/moon_utilities/tests/unit_python/data_mock.py b/moonv4/moon_utilities/tests/unit_python/data_mock.py index 0a70eb86..0da5f024 100644 --- a/moonv4/moon_utilities/tests/unit_python/data_mock.py +++ b/moonv4/moon_utilities/tests/unit_python/data_mock.py @@ -1,4 +1,3 @@ -""" data mock models""" COMPONENTS = { "manager": { "port": 8082, @@ -15,7 +14,7 @@ pdp_mock = { }, "pdp_id12": { "name": "...", - "security_pipeline": [], + "security_pipeline": ["policy_id_1", "policy_id_2"], "keystone_project_id": "keystone_project_id1", "description": "...", } @@ -141,11 +140,34 @@ models_mock = { rules_mock = { "rules": { - "policy_id": "policy_id1", "meta_rule_id": "meta_rule_id1", - "rule_id1": - ["subject_data_id1", "object_data_id1", "action_data_id1"], - "rule_id2": - ["subject_data_id2", "object_data_id2", "action_data_id2"], + "rule_id1": { + "rule": ["subject_data_id1", + "object_data_id1", + "action_data_id1"], + "instructions": ( + {"decision": "grant"}, + # "grant" to immediately exit, + # "continue" to wait for the result of next policy + # "deny" to deny the request + ) + }, + "rule_id2": { + "rule": ["subject_data_id2", + "object_data_id2", + "action_data_id2"], + "instructions": ( + { + "update": { + "operation": "add", + # operations may be "add" or "delete" + "target": "rbac:role:admin" + # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} + # chain with the policy named rbac + ) + } } } diff --git a/moonv4/moon_utilities/tests/unit_python/managers_mock.py b/moonv4/moon_utilities/tests/unit_python/managers_mock.py new file mode 100644 index 00000000..2effec4e --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/managers_mock.py @@ -0,0 +1,151 @@ +import data_mock as data + + +def mock_managers(m1): + """ Modify the response from Requests module + """ + register_pdp(m1) + register_meta_rules(m1) + register_policies(m1) + register_models(m1) + register_policy_subject(m1, "policy_id_1") + register_policy_subject(m1, "policy_id_2") + register_policy_object(m1, "policy_id_1") + register_policy_object(m1, "policy_id_2") + register_policy_action(m1, "policy_id_1") + register_policy_action(m1, "policy_id_2") + register_policy_subject_assignment(m1, "policy_id_1", "subject_id") + # register_policy_subject_assignment_list(m1, "policy_id_1") + register_policy_subject_assignment(m1, "policy_id_2", "subject_id") + # register_policy_subject_assignment_list(m1, "policy_id_2") + register_policy_object_assignment(m1, "policy_id_1", "object_id") + # register_policy_object_assignment_list(m1, "policy_id_1") + register_policy_object_assignment(m1, "policy_id_2", "object_id") + # register_policy_object_assignment_list(m1, "policy_id_2") + register_policy_action_assignment(m1, "policy_id_1", "action_id") + # register_policy_action_assignment_list(m1, "policy_id_1") + register_policy_action_assignment(m1, "policy_id_2", "action_id") + # register_policy_action_assignment_list(m1, "policy_id_2") + register_rules(m1, "policy_id1") + + +def register_pdp(m1): + m1.register_uri( + 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'pdp'), + json={'pdps': data.pdp_mock} + ) + + +def register_meta_rules(m1): + m1.register_uri( + 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'meta_rules'), + json={'meta_rules': data.meta_rules_mock} + ) + + +def register_policies(m1): + m1.register_uri( + 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies'), + json={'policies': data.policies_mock} + ) + + +def register_models(m1): + m1.register_uri( + 'GET', 'http://{}:{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'models'), + json={'models': data.models_mock} + ) + + +def register_policy_subject(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/subjects'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', policy_id), + json={'subjects': data.subject_mock[policy_id]} + ) + + +def register_policy_object(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/objects'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', policy_id), + json={'objects': data.object_mock[policy_id]} + ) + + +def register_policy_action(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/actions'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', policy_id), + json={'actions': data.action_mock[policy_id]} + ) + + +def register_policy_subject_assignment(m1, policy_id, subj_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/subject_assignments/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id, + subj_id), + json={'subject_assignments': data.subject_assignment_mock} + ) + + +def register_policy_subject_assignment_list(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/subject_assignments'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id), + json={'subject_assignments': data.subject_assignment_mock} + ) + + +def register_policy_object_assignment(m1, policy_id, obj_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/object_assignments/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id, + obj_id), + json={'object_assignments': data.object_assignment_mock} + ) + + +def register_policy_object_assignment_list(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/object_assignments'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id), + json={'object_assignments': data.object_assignment_mock} + ) + + +def register_policy_action_assignment(m1, policy_id, action_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/action_assignments/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id, + action_id), + json={'action_assignments': data.action_assignment_mock} + ) + + +def register_policy_action_assignment_list(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/action_assignments'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id), + json={'action_assignments': data.action_assignment_mock} + ) + + +def register_rules(m1, policy_id): + m1.register_uri( + 'GET', 'http://{}:{}/{}/{}/{}'.format(data.COMPONENTS['manager']['hostname'], + data.COMPONENTS['manager']['port'], 'policies', + policy_id, 'rules'), + json={'rules': data.rules_mock} + )
\ No newline at end of file diff --git a/moonv4/moon_utilities/tests/unit_python/test_cache_manager.py b/moonv4/moon_utilities/tests/unit_python/test_cache_manager.py new file mode 100644 index 00000000..fb2930aa --- /dev/null +++ b/moonv4/moon_utilities/tests/unit_python/test_cache_manager.py @@ -0,0 +1,70 @@ +import pytest +import data_mock as data + + +def test_cache_manager(): + from moon_utilities import cache + cache_obj = cache.Cache() + assert cache_obj.pdp is not None + assert cache_obj.meta_rules is not None + assert len(cache_obj.meta_rules) == 2 + assert cache_obj.policies is not None + assert len(cache_obj.policies) == 2 + assert cache_obj.models is not None + + +def test_get_subject_success(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'subject_name' + subject_id = cache_obj.get_subject(policy_id, name) + assert subject_id is not None + + +def test_get_subject_failure(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'invalid name' + with pytest.raises(Exception) as exception_info: + cache_obj.get_subject(policy_id, name) + assert str(exception_info.value) == '400: Subject Unknown' + + +def test_get_object_success(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'object_name' + object_id = cache_obj.get_object(policy_id, name) + assert object_id is not None + + +def test_get_object_failure(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'invalid name' + with pytest.raises(Exception) as exception_info: + cache_obj.get_object(policy_id, name) + assert str(exception_info.value) == '400: Subject Unknown' + + +def test_get_action_success(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'action_name' + action_id = cache_obj.get_action(policy_id, name) + assert action_id is not None + + +def test_get_action_failure(): + from moon_utilities import cache + cache_obj = cache.Cache() + policy_id = 'policy_id_1' + name = 'invalid name' + with pytest.raises(Exception) as exception_info: + cache_obj.get_action(policy_id, name) + assert str(exception_info.value) == '400: Subject Unknown' |