aboutsummaryrefslogtreecommitdiffstats
path: root/moon_interface/tests/unit_python/api/test_authz.py
diff options
context:
space:
mode:
Diffstat (limited to 'moon_interface/tests/unit_python/api/test_authz.py')
-rw-r--r--moon_interface/tests/unit_python/api/test_authz.py60
1 files changed, 59 insertions, 1 deletions
diff --git a/moon_interface/tests/unit_python/api/test_authz.py b/moon_interface/tests/unit_python/api/test_authz.py
index 10957218..052bc9c9 100644
--- a/moon_interface/tests/unit_python/api/test_authz.py
+++ b/moon_interface/tests/unit_python/api/test_authz.py
@@ -1,4 +1,5 @@
import json
+import conftest
def get_json(data):
@@ -6,6 +7,7 @@ def get_json(data):
def test_authz_true(context):
+
import moon_interface.server
server = moon_interface.server.create_server()
client = server.app.test_client()
@@ -19,5 +21,61 @@ def test_authz_true(context):
data = get_json(req.data)
assert data
assert "result" in data
- assert data['result'] == True
+ assert data['result'] is True
+
+def test_authz_False(context):
+ import moon_interface.server
+ server = moon_interface.server.create_server()
+ client = server.app.test_client()
+ req = client.get("/authz/{p_id}/{s_id}/{o_id}/{a_id}".format(
+ p_id=None,
+ s_id=context["subject_name"],
+ o_id=context["object_name"],
+ a_id=context["action_name"],
+ ))
+ assert req.status_code == 403
+ data = get_json(req.data)
+ assert data
+ assert "result" in data
+ assert data['result'] is False
+
+
+def test_authz_effect_unset(context, set_consul_and_db):
+ import moon_interface.server
+ server = moon_interface.server.create_server()
+ client = server.app.test_client()
+
+ set_consul_and_db.register_uri(
+ 'POST', 'http://127.0.0.1:8081/authz',
+ content = conftest.get_pickled_context_invalid()
+ )
+
+ req = client.get("/authz/{p_id}/{s_id}/{o_id}/{a_id}".format(
+ p_id=context["pdp_id"],
+ s_id=context["subject_name"],
+ o_id=context["object_name"],
+ a_id=context["action_name"],
+ ))
+ assert req.status_code == 401
+ data = get_json(req.data)
+ assert data
+ assert "result" in data
+ assert data['result'] is False
+
+def test_authz_invalid_ip(context, set_consul_and_db):
+ import moon_interface.server
+ server = moon_interface.server.create_server()
+ client = server.app.test_client()
+
+ set_consul_and_db.register_uri(
+ 'POST', 'http://127.0.0.1:8081/authz', status_code=500
+ )
+
+ req = client.get("/authz/{p_id}/{s_id}/{o_id}/{a_id}".format(
+ p_id=context["pdp_id"],
+ s_id=context["subject_name"],
+ o_id=context["object_name"],
+ a_id=context["action_name"],
+ ))
+ assert req.status_code == 403