diff options
Diffstat (limited to 'moon_interface/tests/unit_python')
-rw-r--r-- | moon_interface/tests/unit_python/api/test_authz.py | 60 | ||||
-rw-r--r-- | moon_interface/tests/unit_python/conftest.py | 13 |
2 files changed, 72 insertions, 1 deletions
diff --git a/moon_interface/tests/unit_python/api/test_authz.py b/moon_interface/tests/unit_python/api/test_authz.py index 10957218..052bc9c9 100644 --- a/moon_interface/tests/unit_python/api/test_authz.py +++ b/moon_interface/tests/unit_python/api/test_authz.py @@ -1,4 +1,5 @@ import json +import conftest def get_json(data): @@ -6,6 +7,7 @@ def get_json(data): def test_authz_true(context): + import moon_interface.server server = moon_interface.server.create_server() client = server.app.test_client() @@ -19,5 +21,61 @@ def test_authz_true(context): data = get_json(req.data) assert data assert "result" in data - assert data['result'] == True + assert data['result'] is True + +def test_authz_False(context): + import moon_interface.server + server = moon_interface.server.create_server() + client = server.app.test_client() + req = client.get("/authz/{p_id}/{s_id}/{o_id}/{a_id}".format( + p_id=None, + s_id=context["subject_name"], + o_id=context["object_name"], + a_id=context["action_name"], + )) + assert req.status_code == 403 + data = get_json(req.data) + assert data + assert "result" in data + assert data['result'] is False + + +def test_authz_effect_unset(context, set_consul_and_db): + import moon_interface.server + server = moon_interface.server.create_server() + client = server.app.test_client() + + set_consul_and_db.register_uri( + 'POST', 'http://127.0.0.1:8081/authz', + content = conftest.get_pickled_context_invalid() + ) + + req = client.get("/authz/{p_id}/{s_id}/{o_id}/{a_id}".format( + p_id=context["pdp_id"], + s_id=context["subject_name"], + o_id=context["object_name"], + a_id=context["action_name"], + )) + assert req.status_code == 401 + data = get_json(req.data) + assert data + assert "result" in data + assert data['result'] is False + +def test_authz_invalid_ip(context, set_consul_and_db): + import moon_interface.server + server = moon_interface.server.create_server() + client = server.app.test_client() + + set_consul_and_db.register_uri( + 'POST', 'http://127.0.0.1:8081/authz', status_code=500 + ) + + req = client.get("/authz/{p_id}/{s_id}/{o_id}/{a_id}".format( + p_id=context["pdp_id"], + s_id=context["subject_name"], + o_id=context["object_name"], + a_id=context["action_name"], + )) + assert req.status_code == 403 diff --git a/moon_interface/tests/unit_python/conftest.py b/moon_interface/tests/unit_python/conftest.py index a6acbcdd..893a8637 100644 --- a/moon_interface/tests/unit_python/conftest.py +++ b/moon_interface/tests/unit_python/conftest.py @@ -214,6 +214,19 @@ def get_pickled_context(): print(_context.pdp_set) return pickle.dumps(_context) +def get_pickled_context_invalid(): + from python_moonutilities.context import Context + from python_moonutilities.cache import Cache + CACHE = Cache() + CACHE.update() + _context = Context(context(), CACHE) + _context.increment_index() + _context.pdp_set['effect'] = 'invalid' + _context.pdp_set[os.environ['META_RULE_ID']]['effect'] = 'invalid' + print(_context.pdp_set) + return pickle.dumps(_context) + + @pytest.fixture(autouse=True) def set_consul_and_db(monkeypatch): |