diff options
Diffstat (limited to 'moon_authz/tests')
-rw-r--r-- | moon_authz/tests/unit_python/test_authz.py | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/moon_authz/tests/unit_python/test_authz.py b/moon_authz/tests/unit_python/test_authz.py index 50493c9f..2352fe06 100644 --- a/moon_authz/tests/unit_python/test_authz.py +++ b/moon_authz/tests/unit_python/test_authz.py @@ -1,5 +1,6 @@ import json import pickle +import pytest def get_data(data): @@ -10,6 +11,13 @@ def get_json(data): return json.loads(data.decode("utf-8")) +def run(component_data, cache, context): + from moon_authz.api.authorization import Authz + authz = Authz(component_data=component_data, cache=cache) + authz.context = context + authz.run() + + def test_authz_true(context): import moon_authz.server from python_moonutilities.context import Context @@ -48,3 +56,61 @@ def test_user_not_allowed(context): assert isinstance(data, dict) assert "message" in data assert data["message"] == "Cannot find subject user_not_allowed" + + +def test_object_not_allowed(context): + import moon_authz.server + from python_moonutilities.context import Context + from python_moonutilities.cache import Cache + server = moon_authz.server.create_server() + client = server.app.test_client() + CACHE = Cache() + CACHE.update() + context['subject_name'] = "testuser" + context['object_name'] = "invalid" + _context = Context(context, CACHE) + req = client.post("/authz", data=pickle.dumps(_context)) + assert req.status_code == 400 + data = get_json(req.data) + assert data + assert isinstance(data, dict) + assert "message" in data + assert data["message"] == "Cannot find object invalid" + + +def test_action_not_allowed(context): + import moon_authz.server + from python_moonutilities.context import Context + from python_moonutilities.cache import Cache + server = moon_authz.server.create_server() + client = server.app.test_client() + CACHE = Cache() + CACHE.update() + context['subject_name'] = "testuser" + context['object_name'] = "vm1" + context['action_name'] = "invalid" + _context = Context(context, CACHE) + req = client.post("/authz", data=pickle.dumps(_context)) + assert req.status_code == 400 + data = get_json(req.data) + assert data + assert isinstance(data, dict) + assert "message" in data + assert data["message"] == "Cannot find action invalid" + + +def test_authz_with_empty_pdp_set(context): + from python_moonutilities.context import Context + from python_moonutilities.cache import Cache + CACHE = Cache() + CACHE.update() + _context = Context(context, CACHE) + component_data = { + 'component_id': 'component_id1', + 'pdp_id': 'pdp_id1', + 'meta_rule_id': 'meta_rule_id1', + 'keystone_project_id': 'keystone_project_id1', + } + with pytest.raises(Exception) as exception_info: + run(component_data, CACHE, _context) + assert str(exception_info.value) == '400: Pdp Unknown' |