aboutsummaryrefslogtreecommitdiffstats
path: root/moon_interface/tests/unit_python
diff options
context:
space:
mode:
Diffstat (limited to 'moon_interface/tests/unit_python')
-rw-r--r--moon_interface/tests/unit_python/api/test_authz.py60
-rw-r--r--moon_interface/tests/unit_python/conftest.py13
2 files changed, 72 insertions, 1 deletions
diff --git a/moon_interface/tests/unit_python/api/test_authz.py b/moon_interface/tests/unit_python/api/test_authz.py
index 10957218..052bc9c9 100644
--- a/moon_interface/tests/unit_python/api/test_authz.py
+++ b/moon_interface/tests/unit_python/api/test_authz.py
@@ -1,4 +1,5 @@
import json
+import conftest
def get_json(data):
@@ -6,6 +7,7 @@ def get_json(data):
def test_authz_true(context):
+
import moon_interface.server
server = moon_interface.server.create_server()
client = server.app.test_client()
@@ -19,5 +21,61 @@ def test_authz_true(context):
data = get_json(req.data)
assert data
assert "result" in data
- assert data['result'] == True
+ assert data['result'] is True
+
+def test_authz_False(context):
+ import moon_interface.server
+ server = moon_interface.server.create_server()
+ client = server.app.test_client()
+ req = client.get("/authz/{p_id}/{s_id}/{o_id}/{a_id}".format(
+ p_id=None,
+ s_id=context["subject_name"],
+ o_id=context["object_name"],
+ a_id=context["action_name"],
+ ))
+ assert req.status_code == 403
+ data = get_json(req.data)
+ assert data
+ assert "result" in data
+ assert data['result'] is False
+
+
+def test_authz_effect_unset(context, set_consul_and_db):
+ import moon_interface.server
+ server = moon_interface.server.create_server()
+ client = server.app.test_client()
+
+ set_consul_and_db.register_uri(
+ 'POST', 'http://127.0.0.1:8081/authz',
+ content = conftest.get_pickled_context_invalid()
+ )
+
+ req = client.get("/authz/{p_id}/{s_id}/{o_id}/{a_id}".format(
+ p_id=context["pdp_id"],
+ s_id=context["subject_name"],
+ o_id=context["object_name"],
+ a_id=context["action_name"],
+ ))
+ assert req.status_code == 401
+ data = get_json(req.data)
+ assert data
+ assert "result" in data
+ assert data['result'] is False
+
+def test_authz_invalid_ip(context, set_consul_and_db):
+ import moon_interface.server
+ server = moon_interface.server.create_server()
+ client = server.app.test_client()
+
+ set_consul_and_db.register_uri(
+ 'POST', 'http://127.0.0.1:8081/authz', status_code=500
+ )
+
+ req = client.get("/authz/{p_id}/{s_id}/{o_id}/{a_id}".format(
+ p_id=context["pdp_id"],
+ s_id=context["subject_name"],
+ o_id=context["object_name"],
+ a_id=context["action_name"],
+ ))
+ assert req.status_code == 403
diff --git a/moon_interface/tests/unit_python/conftest.py b/moon_interface/tests/unit_python/conftest.py
index a6acbcdd..893a8637 100644
--- a/moon_interface/tests/unit_python/conftest.py
+++ b/moon_interface/tests/unit_python/conftest.py
@@ -214,6 +214,19 @@ def get_pickled_context():
print(_context.pdp_set)
return pickle.dumps(_context)
+def get_pickled_context_invalid():
+ from python_moonutilities.context import Context
+ from python_moonutilities.cache import Cache
+ CACHE = Cache()
+ CACHE.update()
+ _context = Context(context(), CACHE)
+ _context.increment_index()
+ _context.pdp_set['effect'] = 'invalid'
+ _context.pdp_set[os.environ['META_RULE_ID']]['effect'] = 'invalid'
+ print(_context.pdp_set)
+ return pickle.dumps(_context)
+
+
@pytest.fixture(autouse=True)
def set_consul_and_db(monkeypatch):