diff options
Diffstat (limited to 'moon_manager/tests/func_tests/features')
28 files changed, 7925 insertions, 0 deletions
diff --git a/moon_manager/tests/func_tests/features/README.md b/moon_manager/tests/func_tests/features/README.md new file mode 100644 index 00000000..ae7fc240 --- /dev/null +++ b/moon_manager/tests/func_tests/features/README.md @@ -0,0 +1,11 @@ +# Installation + +```bash +pip install behave + +pip install paramiko + +pip install numpy + +pip install astropy +```
\ No newline at end of file diff --git a/moon_manager/tests/func_tests/features/__init__.py b/moon_manager/tests/func_tests/features/__init__.py new file mode 100644 index 00000000..582be686 --- /dev/null +++ b/moon_manager/tests/func_tests/features/__init__.py @@ -0,0 +1,11 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + diff --git a/moon_manager/tests/func_tests/features/assignments.feature b/moon_manager/tests/func_tests/features/assignments.feature new file mode 100644 index 00000000..543eaba2 --- /dev/null +++ b/moon_manager/tests/func_tests/features/assignments.feature @@ -0,0 +1,290 @@ +Feature: Assignments + + Background: + Given the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + | Degree: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + | Class: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + | Recommendation: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | metarule2 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Clearance: | + | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Clearance: | + | metarule4 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Clearance: | + | metarule5 | Thisisabasicmetarule | Affiliation: | Action-Class: | Type: | + | metarule6 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Type: | + | metarule7 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Type: | + | metarule8 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Type: | + | metarule9 | Thisisabasicmetarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + And the following model exists + | modelname | modeldescription | metarule | + | universitymodel | Thisisabasicmodel | metarule1,metarule9 | + | universitymodel2 | Thisisabasicmodel | metarule3,metarule5,metarule8 | + | universitymodel3 | Thisisabasicmodel | metarule9 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | Stanford Policy | This is a basic policy | universitymodel | Education | + | Cambridge Policy | This is a basic policy | universitymodel3 | Education | + And the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | Stanford Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | Cambridge Policy | + | WilliamsGeorge | Thisdatahasthevalueofsubjectperimeter | gwilliams@orange.com | abc1234 | | + And the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | Stanford Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | Cambridge Policy | + | Vacations | Thisistherequesttoaccessfile | | + And the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + | Delete | Thisistheactionrequired | Stanford Policy | + | Delete | Thisistheactionrequired | Cambridge Policy | + | Edit | Thisistheactionrequired | | + And the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + | Stanford Policy | Affiliation: | Stanford | This data has the value of subject category | + | Stanford Policy | Authorization-Level: | Professor | This data has the value of subject category | + | Cambridge Policy | Affiliation: | University-of-Cambridge | This data has the value of subject category | + | Cambridge Policy | Authorization-Level: | Professor | This data has the value of subject category | + | Cambridge Policy | Authorization-Level: | Lecturer | This data has the value of subject category | + And the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Top-Secret | This data has the value of object category | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + | Stanford Policy | Clearance: | Public | This data has the value of object category | + | Stanford Policy | Type: | Adminstrative | This data has the value of object category | + | Stanford Policy | Type: | Staff | This data has the value of object category | + | Cambridge Policy | Type: | Adminstrative | This data has the value of object category | + | Cambridge Policy | Type: | Teaching-Staff | This data has the value of object category | + | Cambridge Policy | Clearance: | Confidential | This data has the value of object category | + | Cambridge Policy | Clearance: | Access-with-permission | This data has the value of object category | + | Cambridge Policy | Clearance: | Public | This data has the value of object category | + + And the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + | Stanford Policy | Action-Class: | Low | This data has the value of action category | + | Stanford Policy | Action-Priority: | Low | This data has the value of action category | + | Cambridge Policy | Action-Priority: | High | This data has the value of action category | + | Cambridge Policy | Action-Priority: | Medium | This data has the value of action category | + | Cambridge Policy | Action-Priority: | Low | This data has the value of action category | + | Cambridge Policy | Action-Class: | Severe | This data has the value of action category | + | Cambridge Policy | Action-Class: | Intermediate | This data has the value of action category | + | Cambridge Policy | Action-Class: | Low | This data has the value of action category | + + + Scenario: Add subject assignment + When the user sets to add the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + | WilliamsJoeseph | Affiliation: | University-of-Stanford | Stanford Policy | + | WilliamsJoeseph | Affiliation: | University-of-Cambridge | Cambridge Policy | + | WilliamsJoeseph | Authorization-Level: | Lecturer | Cambridge Policy | + Then the following subject assignment should be existed in the system + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + | WilliamsJoeseph | Affiliation: | University-of-Stanford | Stanford Policy | + | WilliamsJoeseph | Affiliation: | University-of-Cambridge | Cambridge Policy | + | WilliamsJoeseph | Authorization-Level: | Lecturer | Cambridge Policy | + + + Scenario Outline: Add subject assignment validations + When the user sets to add the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | <subjectperimetername> | <subjectcategory> | <subjectdata> | <policyname> | + + Then the system should reply the following + | flag | + | <flag> | + Examples: + | subjectperimetername | subjectcategory | subjectdata | policyname | flag | + | | Affiliation: | University-of-Stanford | Stanford Policy | False | + | 000000000000000000000000000000000000000000000000000 | Affiliation: | University-of-Stanford | Stanford Policy | False | + | GeorgeWilliams | Affiliation: | University-of-Cambridge | Cambridge Policy | False | + | WilliamsGeorge | Authorization-Level: | Professor | Cambridge Policy | False | + | JohnLewis | | University-of-Stanford | Stanford Policy | False | + | JohnLewis | 000000000000000000000000000000000000000000000000000 | University-of-Stanford | Stanford Policy | False | + | WilliamsJoeseph | Authorization-Level: | | Cambridge Policy | False | + | WilliamsJoeseph | Authorization-Level: | 000000000000000000000000000000000000000000000000000 | Cambridge Policy | False | + | WilliamsJoeseph | Authorization-Level: | Admin | | False | + | WilliamsJoeseph | Authorization-Level: | Admin | 000000000000000000000000000000000000000000000000000 | False | + + Scenario Outline: Add an existing subject assignment + Given the following subject assignment exists + | subjectperimetername | subjectcategory | subjectdata | policyname | + | WilliamsJoeseph | Authorization-Level: | Lecturer | Cambridge Policy | + When the user sets to add the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | <subjectperimetername> | <subjectcategory> | <subjectdata> | <policyname> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | subjectperimetername | subjectcategory | subjectdata | policyname | flag | + | WilliamsJoeseph | Authorization-Level: | Lecturer | Cambridge Policy | False | + | WilliamsJoeseph | Authorization-Level: | Professor | Cambridge Policy | True | + + Scenario: Delete subject assignments + Given the following subject assignment exists + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + | JohnLewis | Affiliation: | Stanford | Stanford Policy | + When the user sets to delete the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + Then the following subject assignment should be existed in the system + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | Stanford | Stanford Policy | + + + Scenario: Add object assignments + When the user sets to add the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Confidential | Stanford Policy | + | ProfessorsPromotionDocument | Clearance: | Public | Stanford Policy | + | StudentsGradesSheet | Clearance: | Top-Secret | Stanford Policy | + | StudentsGradesSheet | Clearance: | Confidential | Stanford Policy | + | StudentsGradesSheet | Clearance: | Public | Stanford Policy | + | StudentsGradesSheet | Clearance: | Confidential | Cambridge Policy | + | StudentsGradesSheet | Clearance: | Public | Cambridge Policy | + Then the following object assignment should be existed in the system + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Confidential,Public | Stanford Policy | + | StudentsGradesSheet | Clearance: | Top-Secret,Confidential,Public | Stanford Policy | + | StudentsGradesSheet | Clearance: | Confidential,Public | Cambridge Policy | + + + Scenario Outline: Add object assignment validations + When the user sets to add the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | <objectperimetername> | <objectcategory> | <objectdata> | <policyname> | + + Then the system should reply the following + | flag | + | <flag> | + Examples: + | objectperimetername | objectcategory | objectdata | policyname | flag | + | | Clearance: | Confidential | Cambridge Policy | False | + | Vacations | Clearance: | Confidential | Stanford Policy | False | + | 000000000000000000000000000000000000000000000000000 | Clearance: | Confidential | Stanford Policy | False | + | StudentsGradesSheet | | Confidential | Cambridge Policy | False | + | StudentsGradesSheet | 000000000000000000000000000000000000000000000000000 | Confidential | Cambridge Policy | False | + | StudentsGradesSheet | Clearance: | | Cambridge Policy | False | + | StudentsGradesSheet | Clearance: | 000000000000000000000000000000000000000000000000000 | Stanford Policy | False | + | StudentsGradesSheet | Clearance: | Confidential | | False | + | StudentsGradesSheet | Clearance: | Confidential | 000000000000000000000000000000000000000000000000000 | False | + + Scenario Outline: Add an existing object assignment + Given the following object assignment exists + | objectperimetername | objectcategory | objectdata | policyname | + | StudentsGradesSheet | Clearance: | Confidential | Stanford Policy | + When the user sets to add the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | <objectperimetername> | <objectcategory> | <objectdata> | <policyname> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | objectperimetername | objectcategory | objectdata | policyname | flag | + | StudentsGradesSheet | Clearance: | Confidential | Stanford Policy | False | + + Scenario: Delete object assignment + Given the following object assignment exists + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Public | Stanford Policy | + | ProfessorsPromotionDocument | Clearance: | Confidential | Stanford Policy | + When the user sets to delete the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Confidential | Stanford Policy | + Then the following object assignment should be existed in the system + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Public | Stanford Policy | + + Scenario: Add action assignment + When the user sets to add the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | Delete | Action-Priority: | Medium | Cambridge Policy | + | Read | Action-Class: | Low | Stanford Policy | + Then the following action assignment should be existed in the system + | actionperimetername | actioncategory | actiondata | policyname | + | Delete | Action-Priority: | Medium | Cambridge Policy | + | Read | Action-Class: | Low | Stanford Policy | + + Scenario Outline: Add action assignment validations + When the user sets to add the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | <actionperimetername> | <actioncategory> | <actiondata> | <policyname> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | actionperimetername | actioncategory | actiondata | policyname | flag | + | | Action-Class: | Severe | Stanford Policy | False | + | Edit | Action-Class: | Severe | Stanford Policy | False | + | 000000000000000000000000000000000000000000000000000 | Action-Class: | Severe | Stanford Policy | False | + | Read | | Severe | Stanford Policy | False | + | Read | Action-Priority: | Severe | Stanford Policy | False | + | Read | 000000000000000000000000000000000000000000000000000 | Severe | Stanford Policy | False | + | Read | Action-Class: | | Stanford Policy | False | + | Read | Action-Class: | 000000000000000000000000000000000000000000000000000 | Stanford Policy | False | + | Read | Action-Class: | high | | False | + | Delete | Action-Class: | high | 000000000000000000000000000000000000000000000000000 | False | + | Delete | Action-Class: | high | Stanford Policy | False | + + Scenario Outline: Add an existing action assignment + Given the following action assignment exists + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + When the user sets to add the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | <actionperimetername> | <actioncategory> | <actiondata> | <policyname> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | actionperimetername | actioncategory | actiondata | policyname | flag | + | Read | Action-Class: | Severe | Stanford Policy | False | + + Scenario: Delete action assignments + Given the following action assignment exists + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + | Read | Action-Class: | Low | Stanford Policy | + When the user sets to delete the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + Then the following action assignment should be existed in the system + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Low | Stanford Policy |
\ No newline at end of file diff --git a/moon_manager/tests/func_tests/features/authorization_pipeline.feature b/moon_manager/tests/func_tests/features/authorization_pipeline.feature new file mode 100644 index 00000000..8a175915 --- /dev/null +++ b/moon_manager/tests/func_tests/features/authorization_pipeline.feature @@ -0,0 +1,388 @@ +Feature: Authorization Pipeline + + Background: + + #Given the manager is configured + Given no slave is created + And the slave is created + And the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + | Degree: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + | Class: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + | Recommendation: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | metarule2 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Clearance: | + | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Clearance: | + | metarule4 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Clearance: | + | metarule5 | Thisisabasicmetarule | Affiliation: | Action-Class: | Type: | + | metarule6 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Type: | + | metarule7 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Type: | + | metarule8 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Type: | + | metarule9 | Thisisabasicmetarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + And the following model exists + | modelname | modeldescription | metarule | + | universitymodel | Thisisabasicmodel | metarule1 | + | universitymodel2 | Thisisabasicmodel | metarule3,metarule5,metarule8 | + | universitymodel3 | Thisisabasicmodel | metarule9 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | Stanford Policy | This is a basic policy | universitymodel | Education | + | Cambridge Policy | This is a basic policy | universitymodel3 | Education | + And the following pdp exists + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | A-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Stanford Policy | + And the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | Stanford Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | Cambridge Policy | + #| WilliamsGeorge | Thisdatahasthevalueofsubjectperimeter | gwilliams@orange.com | abc1234 | | + And the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | Stanford Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | Cambridge Policy | + #| Vacations | Thisistherequesttoaccessfile | | + And the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + | Delete | Thisistheactionrequired | Stanford Policy | + | Delete | Thisistheactionrequired | Cambridge Policy | + #| Edit | Thisistheactionrequired | | + And the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + | Stanford Policy | Affiliation: | Stanford | This data has the value of subject category | + | Cambridge Policy | Affiliation: | University-of-Cambridge | This data has the value of subject category | + | Cambridge Policy | Authorization-Level: | Professor | This data has the value of subject category | + | Cambridge Policy | Authorization-Level: | Lecturer | This data has the value of subject category | + And the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Top-Secret | This data has the value of object category | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + | Stanford Policy | Clearance: | Public | This data has the value of object category | + | Cambridge Policy | Type: | Adminstrative | This data has the value of object category | + | Cambridge Policy | Type: | Teaching-Staff | This data has the value of object category | + | Cambridge Policy | Clearance: | Confidential | This data has the value of object category | + | Cambridge Policy | Clearance: | Access-with-permission | This data has the value of object category | + | Cambridge Policy | Clearance: | Public | This data has the value of object category | + + And the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + | Stanford Policy | Action-Class: | Low | This data has the value of action category | + | Cambridge Policy | Action-Priority: | High | This data has the value of action category | + | Cambridge Policy | Action-Priority: | Medium | This data has the value of action category | + | Cambridge Policy | Action-Priority: | Low | This data has the value of action category | + | Cambridge Policy | Action-Class: | Severe | This data has the value of action category | + | Cambridge Policy | Action-Class: | Intermediate | This data has the value of action category | + | Cambridge Policy | Action-Class: | Low | This data has the value of action category | + + And the following subject assignment exists + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + | WilliamsJoeseph | Affiliation: | Stanford | Stanford Policy | + + And the following object assignment exists + | objectperimetername | objectcategory | objectdata | policyname | + | StudentsGradesSheet | Clearance: | Access-with-permission | Cambridge Policy | + | StudentsGradesSheet | Clearance: | Public | Cambridge Policy | + #| StudentsGradesSheet | Clearance: | Top-Secret | Stanford Policy | + | StudentsGradesSheet | Clearance: | Confidential | Stanford Policy | + #| StudentsGradesSheet | Clearance: | Public | Stanford Policy | + And the following action assignment exists + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + #| Read | Action-Class: | Low | Stanford Policy | + | Delete | Action-Priority: | High | Cambridge Policy | + | Delete | Action-Priority: | Medium | Cambridge Policy | + | Delete | Action-Priority: | Low | Cambridge Policy | + And the following rule exists + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Stanford Policy | + #| University-of-Stanford,Professor,Public,Adminstrative,Low,Low | metarule9 | grant | Stanford Policy | + And the pipeline is running + And the following authorization request is granted through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | StudentsGradesSheet | Read | + + Scenario: Check authorization response after rule deletion + When the user sets to delete the following rules + | rule | metarulename | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after rule deletion then addition + When the user sets to delete the following rules + | rule | metarulename | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | Stanford Policy | + And the user sets to add the following rules + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | + +Scenario: Check authorization response after subject assignment deletion + When the user sets to delete the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after subject assignment deletion then addition + When the user sets to delete the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + And the user sets to add the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after object assignment deletion + When the user sets to delete the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after object assignment deletion then addition + When the user sets to delete the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Confidential | Stanford Policy | + And the user sets to add the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Confidential | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after action assignment deletion + When When the user sets to delete the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after action assignment deletion then addition + When the user sets to delete the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + And the user sets to add the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Low | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + + Scenario: Check authorization response after subject data deletion + When the user sets to delete the following subject data + | policyname | subjectcategory | subjectdataname | + | Stanford Policy | Affiliation: | University-of-Stanford | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after subject data deletion then addition + When the user sets to delete the following subject data + | policyname | subjectcategory | subjectdataname | + | Stanford Policy | Affiliation: | University-of-Stanford | + And the user sets to add the following subject data + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after object data deletion + When the user sets to delete the following object data + | policyname | objectcategory | objectdataname | + | Stanford Policy | Clearance: | Top-Secret | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after object data deletion then addition + When the user sets to delete the following object data + | policyname | objectcategory | objectdataname | + | Stanford Policy | Clearance: | Top-Secret | + And the user sets to add the following object data + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after action data deletion + When the user sets to delete the following action data + | policyname | actioncategory | actiondataname | + | Stanford Policy | Action-Class: | Severe | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after action data deletion then addition + When the user sets to delete the following action data + | policyname | actioncategory | actiondataname | + | Stanford Policy | Action-Class: | Severe | + And the user sets to add the following action data + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + + Scenario: Check authorization response after subject perimeter deletion + When the user sets to delete the following subject perimeter for a given policy + | subjectperimetername | policies | + | JohnLewis | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after subject perimeter deletion then addition + When the user sets to delete the following subject perimeter for a given policy + | subjectperimetername | policies | + | JohnLewis | Stanford Policy | + And the user sets to add the following subject perimeter + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after object perimeter deletion + When the user sets to delete the following object perimeter + | objectperimetername | policies | + | ProfessorsPromotionDocument | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after object perimeter deletion then addition + When the user sets to delete the following object perimeter + | objectperimetername | policies | + | ProfessorsPromotionDocument | Stanford Policy | + And the user sets to add the following object perimeter + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after action perimeter deletion + When the user sets to delete the following action perimeter + | actionperimetername | policies | + | Read | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after action perimeter deletion then addition + When the user sets to delete the following action perimeter + | actionperimetername | policies | + | Read | Stanford Policy | + And the user sets to add the following action perimeter + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + And the following authorization request is sent through pipeline + | subjectperimetername | objectperimetername | actionperimetername | + | JohnLewis | ProfessorsPromotionDocument | Read | + Then the authorization response should be the following + | auth_response | + | grant | diff --git a/moon_manager/tests/func_tests/features/authorization_wrapper.feature b/moon_manager/tests/func_tests/features/authorization_wrapper.feature new file mode 100644 index 00000000..43fdb519 --- /dev/null +++ b/moon_manager/tests/func_tests/features/authorization_wrapper.feature @@ -0,0 +1,386 @@ +Feature: Authorization Wrapper + + Background: + + Given no slave is created + And the slave is created + And the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + | Degree: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + | Class: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + | Recommendation: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | metarule2 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Clearance: | + | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Clearance: | + | metarule4 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Clearance: | + | metarule5 | Thisisabasicmetarule | Affiliation: | Action-Class: | Type: | + | metarule6 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Type: | + | metarule7 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Type: | + | metarule8 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Type: | + | metarule9 | Thisisabasicmetarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + And the following model exists + | modelname | modeldescription | metarule | + | universitymodel | Thisisabasicmodel | metarule1 | + | universitymodel2 | Thisisabasicmodel | metarule3,metarule5,metarule8 | + | universitymodel3 | Thisisabasicmodel | metarule9 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | Stanford Policy | This is a basic policy | universitymodel | Education | + | Cambridge Policy | This is a basic policy | universitymodel3 | Education | + And the following pdp exists + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | A-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Stanford Policy | + And the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | Stanford Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | Cambridge Policy | + #| WilliamsGeorge | Thisdatahasthevalueofsubjectperimeter | gwilliams@orange.com | abc1234 | | + And the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | Stanford Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | Cambridge Policy | + #| Vacations | Thisistherequesttoaccessfile | | + And the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + | Delete | Thisistheactionrequired | Stanford Policy | + | Delete | Thisistheactionrequired | Cambridge Policy | + #| Edit | Thisistheactionrequired | | + And the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + | Stanford Policy | Affiliation: | Stanford | This data has the value of subject category | + | Cambridge Policy | Affiliation: | University-of-Cambridge | This data has the value of subject category | + | Cambridge Policy | Authorization-Level: | Professor | This data has the value of subject category | + | Cambridge Policy | Authorization-Level: | Lecturer | This data has the value of subject category | + And the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Top-Secret | This data has the value of object category | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + | Stanford Policy | Clearance: | Public | This data has the value of object category | + | Cambridge Policy | Type: | Adminstrative | This data has the value of object category | + | Cambridge Policy | Type: | Teaching-Staff | This data has the value of object category | + | Cambridge Policy | Clearance: | Confidential | This data has the value of object category | + | Cambridge Policy | Clearance: | Access-with-permission | This data has the value of object category | + | Cambridge Policy | Clearance: | Public | This data has the value of object category | + + And the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + | Stanford Policy | Action-Class: | Low | This data has the value of action category | + | Cambridge Policy | Action-Priority: | High | This data has the value of action category | + | Cambridge Policy | Action-Priority: | Medium | This data has the value of action category | + | Cambridge Policy | Action-Priority: | Low | This data has the value of action category | + | Cambridge Policy | Action-Class: | Severe | This data has the value of action category | + | Cambridge Policy | Action-Class: | Intermediate | This data has the value of action category | + | Cambridge Policy | Action-Class: | Low | This data has the value of action category | + + And the following subject assignment exists + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + | WilliamsJoeseph | Affiliation: | Stanford | Stanford Policy | + + And the following object assignment exists + | objectperimetername | objectcategory | objectdata | policyname | + | StudentsGradesSheet | Clearance: | Access-with-permission | Cambridge Policy | + | StudentsGradesSheet | Clearance: | Public | Cambridge Policy | + #| StudentsGradesSheet | Clearance: | Top-Secret | Stanford Policy | + | StudentsGradesSheet | Clearance: | Confidential | Stanford Policy | + #| StudentsGradesSheet | Clearance: | Public | Stanford Policy | + And the following action assignment exists + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + #| Read | Action-Class: | Low | Stanford Policy | + | Delete | Action-Priority: | High | Cambridge Policy | + | Delete | Action-Priority: | Medium | Cambridge Policy | + | Delete | Action-Priority: | Low | Cambridge Policy | + And the following rule exists + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Stanford Policy | + #| University-of-Stanford,Professor,Public,Adminstrative,Low,Low | metarule9 | grant | Stanford Policy | + And the following authorization request is granted through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + + Scenario: Check authorization response after rule deletion + When the user sets to delete the following rules + | rule | metarulename | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after rule deletion then addition + When the user sets to delete the following rules + | rule | metarulename | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | Stanford Policy | + And the user sets to add the following rules + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after subject assignment deletion + When the user sets to delete the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after subject assignment deletion then addition + When the user sets to delete the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + And the user sets to add the following subject assignment + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after object assignment deletion + When the user sets to delete the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after object assignment deletion then addition + When the user sets to delete the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Confidential | Stanford Policy | + And the user sets to add the following object assignment + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Confidential | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after action assignment deletion + When When the user sets to delete the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after action assignment deletion then addition + When the user sets to delete the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + And the user sets to add the following action assignment + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Low | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + + Scenario: Check authorization response after subject data deletion + When the user sets to delete the following subject data + | policyname | subjectcategory | subjectdataname | + | Stanford Policy | Affiliation: | University-of-Stanford | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after subject data deletion then addition + When the user sets to delete the following subject data + | policyname | subjectcategory | subjectdataname | + | Stanford Policy | Affiliation: | University-of-Stanford | + And the user sets to add the following subject data + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after object data deletion + When the user sets to delete the following object data + | policyname | objectcategory | objectdataname | + | Stanford Policy | Clearance: | Top-Secret | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after object data deletion then addition + When the user sets to delete the following object data + | policyname | objectcategory | objectdataname | + | Stanford Policy | Clearance: | Top-Secret | + And the user sets to add the following object data + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after action data deletion + When the user sets to delete the following action data + | policyname | actioncategory | actiondataname | + | Stanford Policy | Action-Class: | Severe | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after action data deletion then addition + When the user sets to delete the following action data + | policyname | actioncategory | actiondataname | + | Stanford Policy | Action-Class: | Severe | + And the user sets to add the following action data + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + + Scenario: Check authorization response after subject perimeter deletion + When the user sets to delete the following subject perimeter for a given policy + | subjectperimetername | policies | + | JohnLewis | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after subject perimeter deletion then addition + When the user sets to delete the following subject perimeter for a given policy + | subjectperimetername | policies | + | JohnLewis | Stanford Policy | + And the user sets to add the following subject perimeter + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after object perimeter deletion + When the user sets to delete the following object perimeter + | objectperimetername | policies | + | ProfessorsPromotionDocument | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after object perimeter deletion then addition + When the user sets to delete the following object perimeter + | objectperimetername | policies | + | ProfessorsPromotionDocument | Stanford Policy | + And the user sets to add the following object perimeter + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | + + Scenario: Check authorization response after action perimeter deletion + When the user sets to delete the following action perimeter + | actionperimetername | policies | + | Read | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | denied | + + Scenario: Check authorization response after action perimeter deletion then addition + When the user sets to delete the following action perimeter + | actionperimetername | policies | + | Read | Stanford Policy | + And the user sets to add the following action perimeter + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + And the following authorization request is sent through wrapper + | keystone_project_id | subjectperimetername | objectperimetername | actionperimetername | + | 0000000000000000000000000000000000000000000000000000000000000000 | JohnLewis | StudentsGradesSheet | Read | + Then the authorization response should be the following + | auth_response | + | grant | diff --git a/moon_manager/tests/func_tests/features/data.feature b/moon_manager/tests/func_tests/features/data.feature new file mode 100644 index 00000000..1edb4098 --- /dev/null +++ b/moon_manager/tests/func_tests/features/data.feature @@ -0,0 +1,330 @@ +Feature: Data + + Background: + Given the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + | Degree: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + | Class: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + | Recommendation: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | metarule2 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Clearance: | + | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Clearance: | + | metarule4 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Clearance: | + | metarule5 | Thisisabasicmetarule | Affiliation: | Action-Class: | Type: | + | metarule6 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Type: | + | metarule7 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Type: | + | metarule8 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Type: | + | metarule9 | Thisisabasicmetarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + And the following model exists + | modelname | modeldescription | metarule | + | universitymodel | Thisisabasicmodel | metarule1 | + | universitymodel2 | Thisisabasicmodel | metarule3,metarule5,metarule8 | + | universitymodel3 | Thisisabasicmodel | metarule8 | + | universitymodel4 | Thisisabasicmodel | metarule9 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | Stanford Policy | This is a basic policy | universitymodel | Education | + | Cambridge Policy | This is a basic policy | universitymodel3 | Education | + | MIT Policy | This is a basic policy | universitymodel2 | Education | + | Oxford Policy | This is a basic policy | universitymodel4 | Education | + + + Scenario: Add subject data + When the user sets to add the following subject data + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Cambridge Policy | Authorization-Level: | Teaching-staff | This data has the value of subject category | + | MIT Policy | Authorization-Level: | Teaching-staff | This data has the value of subject category | + | MIT Policy | Affiliation: | University-of-MIT | This data has the value of subject category | + | Oxford Policy | Affiliation: | University-of-Oxford | This data has the value of subject category | + | Oxford Policy | Authorization-Level: | Teaching-staff | This data has the value of subject category | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + Then the following subject data should be existed in the system + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Cambridge Policy | Authorization-Level: | Teaching-staff | This data has the value of subject category | + | MIT Policy | Authorization-Level: | Teaching-staff | This data has the value of subject category | + | MIT Policy | Affiliation: | University-of-MIT | This data has the value of subject category | + | Oxford Policy | Affiliation: | University-of-Oxford | This data has the value of subject category | + | Oxford Policy | Authorization-Level: | Teaching-staff | This data has the value of subject category | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + + Scenario Outline: Add subject data validations + When the user sets to add the following subject data + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | <policyname> | <subjectcategory> | <subjectdataname> | <subjectdatadescription> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | policyname | subjectcategory | subjectdataname | subjectdatadescription | flag | + | | Affiliation: | University-of-Stanford | This data has the value of subject category | False | + | 000000000000000000000000000000000000000000000000000000000 | Affiliation: | University-of-Stanford | This data has the value of subject category | False | + | 0000000000000000000000000000000000000000000000000000000000000000 | Affiliation: | University-of-Stanford | This data has the value of subject category | False | + | 0000000000000000000000000000000000000000000000000000000000000000000 | Affiliation: | University-of-Stanford | This data has the value of subject category | False | + | Cambridge Policy | Affiliation: | University-of-Cambridge | This data has the value of subject category | False | + | Stanford Policy | | University-of-Stanford | This data has the value of subject category | False | + | Stanford Policy | 000000000000000000000000000000000000000000000000000000000 | University-of-Stanford | This data has the value of subject category | False | + | Stanford Policy | 0000000000000000000000000000000000000000000000000000000000000000 | University-of-Stanford | This data has the value of subject category | False | + | Stanford Policy | 0000000000000000000000000000000000000000000000000000000000000000000 | University-of-Stanford | This data has the value of subject category | False | + | Stanford Policy | Affiliation: | | This data has the value of subject category | False | + | Stanford Policy | Affiliation: | _%University-of-Stanford%_ | This data has the value of subject category | True | + | Stanford Policy | Affiliation: | 1 | This data has the value of subject category | True | + | Stanford Policy | Affiliation: | University-of-Stanford | | True | + | Stanford Policy | Affiliation: | University-of-Stanford | _%This data has the value of subject category%_ | True | + + Scenario Outline: Add an existing subject data + Given the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + When the user sets to add the following subject data + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | <policyname> | <subjectcategory> | <subjectdataname> | <subjectdatadescription> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | policyname | subjectcategory | subjectdataname | subjectdatadescription | flag | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | False | + | Stanford Policy | Affiliation: | University-of-Stanford,Faculty-of-Computer-Science | This data has the value of subject category | True | + + Scenario: Delete subject data + Given the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + When the user sets to delete the following subject data + | policyname | subjectcategory | subjectdataname | + | Stanford Policy | Affiliation: | University-of-Stanford | + Then the following subject data should be existed in the system + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | | | | | + + Scenario: Delete subject data that has a recorded assignment dependency + Given the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + And the following subject perimeter exists + | policies | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | + | Stanford Policy | JohnLewis | This data has the value of subject perimeter | jlewis@orange.com | abc1234 | + And the following subject assignment exists + | subjectperimetername | subjectcategory | subjectdata | policyname | + | John Lewis | Affiliation: | University-of-Stanford | Stanford Policy | + When the user sets to delete the following subject data + | policyname | subjectcategory | subjectdataname | + | Stanford Policy | Affiliation: | University-of-Stanford | + Then the system should reply the following + | flag | + | True | + And the following subject data should be existed in the system + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | | | | | + + + Scenario: Add object data + When the user sets to add the following object data + | policyname | objectcategory | objectdataname | objectdatadescription | + | Cambridge Policy | Type: | Adminstrative | This data has the value of object category | + | MIT Policy | Type: | Adminstrative | This data has the value of object category | + | MIT Policy | Clearance: | Confidential | This data has the value of object category | + | Oxford Policy | Type: | Adminstrative | This data has the value of object category | + | Oxford Policy | Clearance: | Confidential | This data has the value of object category | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + + Then the following object data should be existed in the system + | policyname | objectcategory | objectdataname | objectdatadescription | + | Cambridge Policy | Type: | Adminstrative | This data has the value of object category | + | MIT Policy | Type: | Adminstrative | This data has the value of object category | + | MIT Policy | Clearance: | Confidential | This data has the value of object category | + | Oxford Policy | Type: | Adminstrative | This data has the value of object category | + | Oxford Policy | Clearance: | Confidential | This data has the value of object category | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + + Scenario Outline: Add object data validations + When the user sets to add the following object data + | policyname | objectcategory | objectdataname | objectdatadescription | + | <policyname> | <objectcategory> | <objectdataname> | <objectdatadescription> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | policyname | objectcategory | objectdataname | objectdatadescription | flag | + | | Clearance: | Confidential | This data has the value of object category | False | + | 000000000000000000000000000000000000000000000000000000000 | Clearance: | Confidential | This data has the value of object category | False | + | 0000000000000000000000000000000000000000000000000000000000000000 | Clearance: | Confidential | This data has the value of object category | False | + | 0000000000000000000000000000000000000000000000000000000000000000000 | Clearance: | Confidential | This data has the value of object category | False | + #| Cambridge Policy | Clearance: | Confidential | This data has the value of object category | False | + | Stanford Policy | | Confidential | This data has the value of object category | False | + #| Stanford Policy | Type: | Confidential | This data has the value of object category | False | + | Stanford Policy | 000000000000000000000000000000000000000000000000000000000 | Confidential | This data has the value of object category | False | + | Stanford Policy | 0000000000000000000000000000000000000000000000000000000000000000 | Confidential | This data has the value of object category | False | + | Stanford Policy | 0000000000000000000000000000000000000000000000000000000000000000000 | Confidential | This data has the value of object category | False | + | Stanford Policy | Clearance: | | This data has the value of object category | False | + | Stanford Policy | Clearance: | _%Confidential%_ | This data has the value of object category | True | + | Stanford Policy | Clearance: | 1 | This data has the value of object category | True | + | Stanford Policy | Clearance: | Confidential | | True | + | Stanford Policy | Clearance: | Confidential | _%This data has the value of object category%_ | True | + + Scenario Outline: Add an existing object data + Given the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + When the user sets to add the following object data + | policyname | objectcategory | objectdataname | objectdatadescription | + | <policyname> | <objectcategory> | <objectdataname> | <objectdatadescription> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | policyname | objectcategory | objectdataname | objectdatadescription | flag | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | False | + | Stanford Policy | Clearance: | Top-Secret | This data has the value of object category | True | + + Scenario: Delete object data + Given the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Top-Secret | This data has the value of object category | + When the user sets to delete the following object data + | policyname | objectcategory | objectdataname | + | Stanford Policy | Clearance: | Top-Secret | + Then the following object data should be existed in the system + | policyname | objectcategory | objectdataname | objectdatadescription | + | | | | | + + Scenario: Delete object data that has a recorded assignment dependency + Given the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Top-Secret | This data has the value of object category | + | Cambridge Policy | Type: | Top-Secret | This data has the value of object category | + And the following object perimeter exists + | policies | objectperimetername | objectperimeterdescription | + | Stanford Policy | ProfessorsPromotionDocument | This data has the value of object perimeter | + And the following object assignment exists + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Top-Secret | Stanford Policy | + When the user sets to delete the following object data + | policyname | objectcategory | objectdataname | + | Stanford Policy | Clearance: | Top-Secret | + Then the system should reply the following + | flag | + | True | + And the following object data should be existed in the system + | policyname | objectcategory | objectdataname | objectdatadescription | + | Cambridge Policy | Type: | Top-Secret | This data has the value of object category | + + + Scenario: Add action data + When the user sets to add the following action data + | policyname | actioncategory | actiondataname | actiondatadescription | + | Cambridge Policy | Action-Priority: | high | This data has the value of action category | + | MIT Policy | Action-Priority: | high | This data has the value of action category | + | MIT Policy | Action-Class: | Severe | This data has the value of action category | + | Oxford Policy | Action-Priority: | high | This data has the value of action category | + | Oxford Policy | Action-Class: | Severe | This data has the value of action category | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + + Then the following action data should be existed in the system + | policyname | actioncategory | actiondataname | actiondatadescription | + | Cambridge Policy | Action-Priority: | high | This data has the value of action category | + | MIT Policy | Action-Priority: | high | This data has the value of action category | + | MIT Policy | Action-Class: | Severe | This data has the value of action category | + | Oxford Policy | Action-Priority: | high | This data has the value of action category | + | Oxford Policy | Action-Class: | Severe | This data has the value of action category | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + + Scenario Outline: Add action data validations + When the user sets to add the following action data + | policyname | actioncategory | actiondataname | actiondatadescription | + | <policyname> | <actioncategory> | <actiondataname> | <actiondatadescription> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | policyname | actioncategory | actiondataname | actiondatadescription | flag | + | | Action-Class: | Severe | This data has the value of action category | False | + | 000000000000000000000000000000000000000000000000000000000 | Action-Class: | Severe | This data has the value of action category | False | + | 0000000000000000000000000000000000000000000000000000000000000000 | Action-Class: | Severe | This data has the value of action category | False | + | 0000000000000000000000000000000000000000000000000000000000000000000 | Action-Class: | Severe | This data has the value of action category | False | + #| Cambridge Policy | Action-Class: | Severe | This data has the value of action category | False | + | Stanford Policy | | Severe | This data has the value of action category | False | + | Stanford Policy | 000000000000000000000000000000000000000000000000000000000 | Severe | This data has the value of action category | False | + | Stanford Policy | 0000000000000000000000000000000000000000000000000000000000000000 | Severe | This data has the value of action category | False | + | Stanford Policy | 0000000000000000000000000000000000000000000000000000000000000000000 | Severe | This data has the value of action category | False | + | Stanford Policy | Action-Class: | | This data has the value of action category | False | + | Stanford Policy | Action-Class: | _%Severe%_ | This data has the value of action category | True | + | Stanford Policy | Action-Class: | 1 | This data has the value of action category | True | + | Stanford Policy | Action-Class: | Severe | | True | + | Stanford Policy | Action-Class: | Severe | _%This data has the value of action category%_ | True | + + Scenario Outline: Add an existing action data + Given the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + When the user sets to add the following action data + | policyname | actioncategory | actiondataname | actiondatadescription | + | <policyname> | <actioncategory> | <actiondataname> | <actiondatadescription> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | policyname | actioncategory | actiondataname | actiondatadescription | flag | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | False | + | Stanford Policy | Action-Class: | high | This data has the value of action category | True | + + Scenario: Delete action data + Given the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + When the user sets to delete the following action data + | policyname | actioncategory | actiondataname | + | Stanford Policy | Action-Class: | Severe | + Then the following action data should be existed in the system + | policyname | actioncategory | actiondataname | actiondatadescription | + | | | | | + + Scenario: Delete action data that has a recorded assignment dependency + Given the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + | Cambridge Policy | Action-Priority: | Medium | This data has the value of action category | + And the following action perimeter exists + | policies | actionperimetername | actionperimeterdescription | + | Stanford Policy | Read | This data has the value of action perimeter | + And the following action assignment exists + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + When the user sets to delete the following action data + | policyname | actioncategory | actiondataname | + | Stanford Policy | Action-Class: | Severe | + Then the system should reply the following + | flag | + | True | + And the following action data should be existed in the system + | policyname | actioncategory | actiondataname | actiondatadescription | + | Cambridge Policy | Action-Priority: | Medium | This data has the value of action category | diff --git a/moon_manager/tests/func_tests/features/environment.py b/moon_manager/tests/func_tests/features/environment.py new file mode 100644 index 00000000..b65c292d --- /dev/null +++ b/moon_manager/tests/func_tests/features/environment.py @@ -0,0 +1,27 @@ +# Software Name: MOON: + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + +from __future__ import print_function +import logging + +logger = logging.getLogger(__name__) + +def before_feature(context, feature): + handler = logging.FileHandler(filename='Logs/'+"Automation Testing Log- "+ feature.name + ".log") + formatter = logging.Formatter('%(asctime)s : %(levelname)s : %(message)s') + handler.setFormatter(formatter) + handler.setLevel(logging.INFO) + logger.addHandler(handler) + + +def before_all(context): + logging.getLogger("requests").setLevel(logging.WARN) + diff --git a/moon_manager/tests/func_tests/features/meta_data.feature b/moon_manager/tests/func_tests/features/meta_data.feature new file mode 100644 index 00000000..18817e2e --- /dev/null +++ b/moon_manager/tests/func_tests/features/meta_data.feature @@ -0,0 +1,295 @@ +Feature: Meta Data ( Category ) + + Background: + Given the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + + + + Scenario: Add subject category + When the user sets to add the following meta data subject category + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + Then the following meta data subject category should be existed in the system + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + + Scenario Outline: Add meta data subject validations + When the user sets to add the following meta data subject category + | subjectmetadataname | subjectmetadatadescription | + | <subjectmetadataname> | <subjectmetadatadescription> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | subjectmetadataname | subjectmetadatadescription | flag | + | | This meta data has the categorical information about a subject | False | + | Affiliation: | | True | + | 1 | This meta data has the categorical information about a subject% | True | + | _%Affiliation:%_ | This meta data has the categorical information about a subject | True | + + Scenario: Add an existing meta data subject + Given the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about an subject1 | + When the user sets to add the following meta data subject category + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about an subject1 | + Then the system should reply the following + | flag | + | False | + + Scenario: Delete subject category + Given the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + When the user sets to delete the following meta data subject category + | subjectmetadataname | + | Affiliation: | + Then the following meta data subject category should be existed in the system + | subjectmetadataname | subjectmetadatadescription | + | | | + + Scenario: Delete subject category that has a recorded meta-rule dependency + Given the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | This is a basic meta rule | Affiliation: | Action-Class: | Clearance: | + When the user sets to delete the following meta data subject category + | subjectmetadataname | + | Affiliation: | + Then the system should reply the following + | flag | + | False | + And the following meta data subject category should be existed in the system + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + + Scenario: Delete subject category after deleting the recorded meta-rule dependency + Given the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | This is a basic meta rule | Affiliation: | Action-Class: | Clearance: | + When the user sets to delete the following meta-rule + | metarulename | + | metarule1 | + And the user sets to delete the following meta data subject category + | subjectmetadataname | + | Affiliation: | + Then the following meta data subject category should be existed in the system + | subjectmetadataname | subjectmetadatadescription | + | | | + + + Scenario: Add object category + When the user sets to add the following meta data object category + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + Then the following meta data object category should be existed in the system + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + + Scenario Outline: Add meta data object validations + When the user sets to add the following meta data object category + | objectmetadataname | objectmetadatadescription | + | <objectmetadataname> | <objectmetadatadescription> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | objectmetadataname | objectmetadatadescription | flag | + | | This meta data has the categorical information about an object | False | + | Clearance: | | True | + | 1 | This meta data has the categorical information about an object % | True | + | _%Clearance:%_ | This meta data has the categorical information about an object | True | + + Scenario: Add an existing meta data object + Given the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + When the user sets to add the following meta data object category + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + Then the system should reply the following + | flag | + | False | + + Scenario: Delete object category + Given the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object1 | + When the user sets to delete the following meta data object category + | objectmetadataname | + | Clearance: | + Then the following meta data object category should be existed in the system + | objectmetadataname | objectmetadatadescription | + | | | + + Scenario: Delete object category that has a recorded meta-rule dependency + Given the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | This is a basic meta rule | Affiliation: | Action-Class: | Clearance: | + When the user sets to delete the following meta data object category + | objectmetadataname | + | Clearance: | + Then the system should reply the following + | flag | + | False | + And the following meta data object category should be existed in the system + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + + Scenario: Delete object category after deleting the recorded meta-rule dependency + Given the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | This is a basic meta rule | Affiliation: | Action-Class: | Clearance: | + When the user sets to delete the following meta-rule + | metarulename | + | metarule1 | + And the user sets to delete the following meta data object category + | objectmetadataname | + | Clearance: | + Then the following meta data object category should be existed in the system + | objectmetadataname | objectmetadatadescription | + | | | + + + Scenario: Add action category + When the user sets to add the following meta data action category + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + Then the following meta data action category should be existed in the system + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + + Scenario Outline: Add meta data action validations + When the user sets to add the following meta data action category + | actionmetadataname | actionmetadatadescription | + | <actionmetadataname> | <actionmetadatadescription> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | actionmetadataname | actionmetadatadescription | flag | + | | This meta data has the categorical information about the action | False | + | Action-Class: | | True | + | 1 | This meta data has the categorical information about the action% | True | + | _%Action-Class:%_ | This meta data has the categorical information about the action | True | + + Scenario: Add an existing meta data action + Given the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + When the user sets to add the following meta data action category + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + Then the system should reply the following + | flag | + | False | + + Scenario: Delete action category + Given the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + When the user sets to delete the following meta data action category + | actionmetadataname | + | Action-Class: | + Then the following meta data action category should be existed in the system + | actionmetadataname | actionmetadatadescription | + | | | + + Scenario: Delete action category that has a recorded meta-rule + Given the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | This is a basic meta rule | Affiliation: | Action-Class: | Clearance: | + When the user sets to delete the following meta data action category + | actionmetadataname | + | Action-Class: | + Then the system should reply the following + | flag | + | False | + And the following meta data action category should be existed in the system + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + + Scenario: Delete action Category after deleting the recorded meta-rule dependency + Given the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | This is a basic meta rule | Affiliation: | Action-Class: | Clearance: | + When the user sets to delete the following meta-rule + | metarulename | + | metarule1 | + And the user sets to delete the following meta data action category + | actionmetadataname | + | Action-Class: | + Then the following meta data action category should be existed in the system + | actionmetadataname | actionmetadatadescription | + | | | + diff --git a/moon_manager/tests/func_tests/features/meta_rules.feature b/moon_manager/tests/func_tests/features/meta_rules.feature new file mode 100644 index 00000000..2941d1f3 --- /dev/null +++ b/moon_manager/tests/func_tests/features/meta_rules.feature @@ -0,0 +1,234 @@ +Feature: Meta Rule + + Background: + Given the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + | Degree: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + | Class: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + | Recommendation: | This meta data has the categorical information about an action | + + + Scenario: Add meta rules + When the user sets to add the following meta-rule + | metarulename | subjectmetadata | actionmetadata | objectmetadata | metaruledescription | + | A-rule | Affiliation: | Action-Class: | Clearance: | AThisisabasicmetarule | + | Z-rule | Authorization-Level:,Affiliation: | Action-Priority:,Action-Class: | Type:,Clearance: | ZThisisabasicmetarule | + Then the following meta-rules should be existed in the system + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | A-rule | AThisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | Z-rule | ZThisisabasicmetarule | Authorization-Level:,Affiliation: | Action-Priority:,Action-Class: | Type:,Clearance: | + + Scenario Outline: Add meta-rule validations + When the user sets to add the following meta-rule + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | <metarulename> | <metaruledescription> | <subjectmetadata> | <actionmetadata> | <objectmetadata> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | flag | + | | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | False | + | metarule1 | | Affiliation: | Action-Class: | Clearance: | True | + | 1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | True | + | _%metarule%_ | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | True | + | metarule1 | Thisisabasicmetarule | | Action-Class: | Clearance: | True | + | metarule1 | Thisisabasicmetarule | 00000000000000000000000000000000000000000 | Action-Class: | Clearance: | False | + | metarule1 | Thisisabasicmetarule | 0000000000000000000000000000000000000000000000000000000000000000 | Action-Class: | Clearance: | False | + | metarule1 | Thisisabasicmetarule | 0000000000000000000000000000000000000000000000000000000000000000000000000 | Action-Class: | Clearance: | False | + | metarule1 | Thisisabasicmetarule | Affiliation:,,Authorization-Level: | Action-Class: | Clearance: | False | + | metarule1 | Thisisabasicmetarule | Affiliation: | | Clearance: | True | + | metarule1 | Thisisabasicmetarule | Affiliation: | 00000000000000000000000000000000000000000 | Clearance: | False | + | metarule1 | Thisisabasicmetarule | Affiliation: | 0000000000000000000000000000000000000000000000000000000000000000 | Clearance: | False | + | metarule1 | Thisisabasicmetarule | Affiliation: | 0000000000000000000000000000000000000000000000000000000000000000000000000 | Clearance: | False | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class:,,Action-Priority: | Clearance: | False | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | | True | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | 00000000000000000000000000000000000000000 | False | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | 0000000000000000000000000000000000000000000000000000000000000000 | False | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | 0000000000000000000000000000000000000000000000000000000000000000000000000 | False | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance:,,Type: | False | + + Scenario Outline: Add an existing meta-rule + Given the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + When the user sets to add the following meta-rule + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | <metarulename> | <metaruledescription> | <subjectmetadata> | <actionmetadata> | <objectmetadata> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | flag | + | metarule1 | Thisisabasicmetarule | Service | Action-Priority: | Service | False | + | metarule2 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | False | + + Scenario: Update meta rules + Given the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Clearance: | + When the user sets to update the following meta-rule + | metarulename | updatedmetarulename | updatedmetaruledescription | updatedsubjectmetadata | updatedactionmetadata | updatedobjectmetadata | + | metarule1 | 1-MR-% | Thisisabasicmetarule% | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + Then the following meta-rules should be existed in the system + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | 1-MR-% | Thisisabasicmetarule% | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Clearance: | + + Scenario Outline: Update meta rules validations + Given the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | metarule3 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Type: | + When the user sets to update the following meta-rule + | metarulename | updatedmetarulename | updatedmetaruledescription | updatedsubjectmetadata | updatedactionmetadata | updatedobjectmetadata | + | <metarulename> | <updatedmetarulename> | <updatedmetaruledescription> | <updatedsubjectmetadata> | <updatedactionmetadata> | <updatedobjectmetadata> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | metarulename | updatedmetarulename | updatedmetaruledescription | updatedsubjectmetadata | updatedactionmetadata | updatedobjectmetadata | flag | + | metarule1 | | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | False | + | metarule1 | metaruleX | | Affiliation: | Action-Class: | Clearance: | True | + | metarule1 | 1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | True | + | metarule1 | _%metarule%_ | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | True | +# | metarule1 | metarule1 | Thisisabasicmetarule | 0000000000000000000000 | Action-Class: | Clearance: | False | + | metarule1 | metarule1 | Thisisabasicmetarule | 0000000000000000000000000000000000000000000000000000000000000000 | Action-Class: | Clearance: | False | + | metarule1 | metarule1 | Thisisabasicmetarule | 0000000000000000000000000000000000000000000000000000000000000000000000000 | Action-Class: | Clearance: | False | + | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation:,,Authorization-Level: | Action-Class: | Clearance: | False | +# | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | 0000000000000000000000 | Clearance: | False | + | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | 0000000000000000000000000000000000000000000000000000000000000000 | Clearance: | False | + | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | 0000000000000000000000000000000000000000000000000000000000000000000000000 | Clearance: | False | + | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class:,,Action-Priority: | Clearance: | False | +# | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | 0000000000000000000000 | False | + | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | 0000000000000000000000000000000000000000000000000000000000000000 | False | + | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | 0000000000000000000000000000000000000000000000000000000000000000000000000 | False | + | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance:,,Type: | False | + | metarule1 | metarule1 | Thisisabasicmetarule | | Action-Class: | Clearance: | True | + | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | | Clearance: | True | + | metarule1 | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | | True | + | metarule1 | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | False | + | metarule1 | metarule1 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Type: | False | + + Scenario: Update a meta rule that has a recorded rule dependency + Given the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + And the following model exists + | modelname | modeldescription | metarule | + | universitymodel | Thisisabasicmodel | metarule1 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | Stanford-Policy | Thisisabasicpolicy | universitymodel | Education | + And the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford-Policy | + And the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford-Policy | + And the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford-Policy | + And the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford-Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + And the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford-Policy | Clearance: | Top-Secret | This data has the value of object category | + And the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford-Policy | Action-Class: | Severe | This data has the value of action category | + And the following subject assignment exists + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford-Policy | + And the following object assignment exists + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Top-Secret | Stanford-Policy | + And the following action assignment exists + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford-Policy | + And the following rule exists + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Top-Secret,Severe | metarule1 | grant | Stanford-Policy | + When the user sets to update the following meta-rule + | metarulename | updatedmetarulename | updatedmetaruledescription | updatedsubjectmetadata | updatedactionmetadata | updatedobjectmetadata | + | metarule1 | metarule1 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Type: | + Then the system should reply the following + | flag | + | False | + And the following meta-rules should be existed in the system + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + + + Scenario: Delete meta rules + Given the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + When the user sets to delete the following meta-rule + | metarulename | + | metarule1 | + Then the following meta-rules should be existed in the system + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | | | | | | + + Scenario: Delete meta rules that has a recorded model dependency + Given the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + And the following model exists + | modelname | modeldescription | metarule | + | generalmodel | Thisisabasicmodel | metarule1 | + When the user sets to delete the following meta-rule + | metarulename | + | metarule1 | + Then the system should reply the following + | flag | + | False | + And the following meta-rules should be existed in the system + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + + Scenario: Delete meta rules after deleting the recorded model dependency + Given the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + And the following model exists + | modelname | modeldescription | metarule | + | generalmodel | Thisisabasicmodel | metarule1 | + When the user sets to delete the following model + | modelname | + | generalmodel | + And the user sets to delete the following meta-rule + | metarulename | + | metarule1 | + Then the following meta-rules should be existed in the system + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | | | | | |
\ No newline at end of file diff --git a/moon_manager/tests/func_tests/features/model.feature b/moon_manager/tests/func_tests/features/model.feature new file mode 100644 index 00000000..1f6399ab --- /dev/null +++ b/moon_manager/tests/func_tests/features/model.feature @@ -0,0 +1,176 @@ +Feature: Model + + Background: + Given the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + | Degree: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + | Class: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + | Recommendation: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | This is a basic metarule | Affiliation: | Action-Class: | Clearance: | + | metarule2 | This is a basic metarule | Authorization-Level: | Action-Class: | Clearance: | + | metarule3 | This is a basic metarule | Affiliation: | Action-Priority: | Clearance: | + | metarule4 | This is a basic metarule | Authorization-Level: | Action-Priority: | Clearance: | + | metarule5 | This is a basic metarule | Affiliation: | Action-Class: | Type: | + | metarule6 | This is a basic metarule | Authorization-Level: | Action-Class: | Type: | + | metarule7 | This is a basic metarule | Affiliation: | Action-Priority: | Type: | + | metarule8 | This is a basic metarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + | metarule9 | This is a basic metarule | | Action-Class:,Action-Priority: | Clearance:,Type: | + | metarule10 | This is a basic metarule | Affiliation:,Authorization-Level: | | Clearance:,Type: | + | metarule11 | This is a basic metarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | | + + + Scenario: Add model + When the user sets to add the following model + | modelname | modeldescription | metarule | + | A-model | Thisisabasicmodel | metarule1,metarule2,metarule6 | + | B-model | Thisisabasicmodel | metarule3,metarule4,metarule5 | + Then the following model should be existed in the system + | modelname | modeldescription | metarule | + | A-model | Thisisabasicmodel | metarule1,metarule2,metarule6 | + | B-model | Thisisabasicmodel | metarule3,metarule4,metarule5 | + + Scenario Outline: Add model validations + When the user sets to add the following model + | modelname | modeldescription | metarule | + | <modelname> | <modeldescription> | <metarule> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | modelname | modeldescription | metarule | flag | + | | This model is for creating policy prototype | metarule8,metarule3 | False | + | generalmodel | | metarule8 | True | + | 1 | This model is for creating policy prototype% | metarule8 | True | + | _%model%_ | This model is for creating policy prototype1 | metarule8 | True | + | generalmodel | This model is for creating policy prototype | | True | + | generalmodel | This model is for creating policy prototype | metarule9 | True | + | generalmodel | This model is for creating policy prototype | metarule10 | True | + | generalmodel | This model is for creating policy prototype | metarule11 | True | + | generalmodel | This model is for creating policy prototype | metarule20 | False | + | generalmodel | This model is for creating policy prototype | metarule3,,metarule20 | False | + | generalmodel | This model is for creating policy prototype | 000000000000000000000 | False | + | generalmodel | This model is for creating policy prototype | 0000000000000000000000000000000000000000000000000000000000000000000 | False | + | generalmodel | This model is for creating policy prototype | 00000000000000000000000000000000000000000000000000000000000000000000000 | False | + | generalmodel | This model is for creating policy prototype | metarule8,metarule10 | True | + +Scenario Outline: Add an existing model + Given the following model exists + | modelname | modeldescription | metarule | + | generalmodel | This is a basic model | metarule1,metarule2,metarule6 | + When the user sets to add the following model + | modelname | modeldescription | metarule | + | <modelname> | <modeldescription> | <metarule> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | modelname | modeldescription | metarule | flag | + | generalmodel | Thisisabasicmodel | metarule1,metarule3,metarule5 | False | + | generalmodel1 | Thisisabasicmodel | metarule1,metarule2,metarule6 | False | + + Scenario: Update model + Given the following model exists + | modelname | modeldescription | metarule | + | generalmodel | Thisisabasicmodel | metarule1,metarule2,metarule6 | + When the user sets to update the following model + | modelname | updatedmodelname | updatedmodeldescription | updatedmetarule | + | generalmodel | 1-M-% | This model is for creating policy prototype | metarule3,metarule5,metarule7 | + Then the following model should be existed in the system + | modelname | modeldescription | metarule | + | 1-M-% | This model is for creating policy prototype | metarule3,metarule5,metarule7 | + + Scenario Outline: Update model validations + Given the following model exists + | modelname | modeldescription | metarule | + | generalmodel | This model is for creating policy prototype | metarule1,metarule2,metarule6 | + When the user sets to update the following model + | modelname | updatedmodelname | updatedmodeldescription | updatedmetarule | + | <modelname> | <updatedmodelname> | <updatedmodeldescription> | <updatedmetarule> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | modelname | updatedmodelname | updatedmodeldescription | updatedmetarule | flag | + | generalmodel | | This model is for creating policy prototype | metarule8,metarule3 | False | + | generalmodel | generalmodel | | metarule8 | True | + | generalmodel | 1 | This model is for creating policy prototype% | metarule8 | True | + | generalmodel | _%model%_ | This model is for creating policy prototype1 | metarule8 | True | + | generalmodel | generalmodel | This model is for creating policy prototype | | True | + | generalmodel | generalmodel | This model is for creating policy prototype | metarule9 | True | + | generalmodel | generalmodel | This model is for creating policy prototype | metarule10 | True | + | generalmodel | generalmodel | This model is for creating policy prototype | metarule11 | True | + | generalmodel | generalmodel | This model is for creating policy prototype | metarule3, | False | + | generalmodel | generalmodel | This model is for creating policy prototype | 0000000000000000000000000000000000000000000000000000000000000000000 | False | + | generalmodel | generalmodel | This model is for creating policy prototype | 00000000000000000000000000000000000000000000000000000000000000000000000 | False | + | generalmodel | generalmodel | This model is for creating policy prototype | metarule8,metarule10 | True | + + Scenario: Delete a model + Given the following model exists + | modelname | modeldescription | metarule | + | generalmodel | This model is for creating policy prototype | metarule1 | + When the user sets to delete the following model + | modelname | + | generalmodel | + Then the following model should be existed in the system + | modelname | modeldescription | metarule | + | | | | + + Scenario: Delete a model that has a recorded policy dependency + Given the following model exists + | modelname | modeldescription | metarule | + | generalmodel | This model is for creating policy prototype | metarule1 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | generalpolicy | This is a basic policy | generalmodel | financial | + When the user sets to delete the following model + | modelname | + | generalmodel | + Then the following model should be existed in the system + | modelname | modeldescription | metarule | + | generalmodel | This model is for creating policy prototype | metarule1 | + + Scenario: Delete a model after deleting the recorded policy dependency + Given the following model exists + | modelname | modeldescription | metarule | + | generalmodel | This model is for creating policy prototype | metarule1 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | generalpolicy | This is a basic policy | generalmodel | financial | + When the user sets to delete the following policy + | policyname | + | generalpolicy | + And the user sets to delete the following model + | modelname | + | generalmodel | + Then the following model should be existed in the system + | modelname | modeldescription | metarule | + | | | | diff --git a/moon_manager/tests/func_tests/features/partner.feature b/moon_manager/tests/func_tests/features/partner.feature new file mode 100644 index 00000000..ebce3393 --- /dev/null +++ b/moon_manager/tests/func_tests/features/partner.feature @@ -0,0 +1,7 @@ +Feature: Partner + + Scenario: Add Partner + + Scenario: Update Partner + + Scenario: Delete Partner
\ No newline at end of file diff --git a/moon_manager/tests/func_tests/features/pdp.feature b/moon_manager/tests/func_tests/features/pdp.feature new file mode 100644 index 00000000..0ba73bac --- /dev/null +++ b/moon_manager/tests/func_tests/features/pdp.feature @@ -0,0 +1,141 @@ +Feature: PDP + + Background: + + Given the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | metarule2 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Clearance: | + | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Clearance: | + | metarule4 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Clearance: | + | metarule5 | Thisisabasicmetarule | Affiliation: | Action-Class: | Type: | + | metarule6 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Type: | + | metarule7 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Type: | + | metarule8 | Thisisabasicmetarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + And the following model exists + | modelname | modeldescription | metarule | + | generalmodel | Thisisabasicmodel | metarule1,metarule2,metarule6 | + | generalmodel2 | Thisisabasicmodel | metarule3,metarule5,metarule8 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | Policy A | Thisisabasicpolicy | generalmodel | financial | + | Policy B | Thisisabasicpolicy | generalmodel2 | financial | + | Policy C | Thisisabasicpolicy | generalmodel2 | financial | + + + Scenario: Add PDP + When the user sets to add the following pdp + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | A-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Policy A | + | B-pdp | Thisisabasicpolicy | 1111111111111111111111111111111111111111111111111111111111111111 | Policy C | + + Then the following pdp should be existed in the system + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | A-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Policy A | + | B-pdp | Thisisabasicpolicy | 1111111111111111111111111111111111111111111111111111111111111111 | Policy C | + + Scenario Outline: Add PDP validations + When the user sets to add the following pdp + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | <pdpname> | <pdpdescription> | <keystone_project_id> | <security_pipeline> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | pdpname | pdpdescription | keystone_project_id | security_pipeline | flag | + | | This pdp is for creating a collection of policies | 0000000000000000000000000000000000000000000000000000000000000000 | Policy A | False | + | generalpdp | | 0000000000000000000000000000000000000000000000000000000000000000 | Policy A | True | + | 1 P | This pdp is for creating a collection of policies | 0000000000000000000000000000000000000000000000000000000000000000 | Policy A | True | + | _%Pdp%_ | This pdp is for creating a collection of policies% | 0000000000000000000000000000000000000000000000000000000000000000 | Policy A | True | + | generalpdp | This pdp is for creating a collection of policies% | | Policy A | False | + | generalpdp | This pdp is for creating a collection of policies | 0000000000000000000000000000000000000000000000000000000000000000 | | False | + | generalpdp | This pdp is for creating a collection of policies | 0000000000000000000000000000000000000000000000000000000000000000 | Policy A, | False | + + Scenario Outline: Add an existing PDP + Given the following pdp exists + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | A-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Policy C | + When the user sets to add the following pdp + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | <pdpname> | <pdpdescription> | <keystone_project_id> | <security_pipeline> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | pdpname | pdpdescription | keystone_project_id | security_pipeline | flag | + | B-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Policy C | False | + | A-pdp | Thisisabasicpolicy | 3333333333333333333333333333333333333333333333333333333333333333 | Policy A | False | + + Scenario: Update PDP + Given the following pdp exists + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | A-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Policy A | + When the user sets to update the following pdp + | pdpname | updatedpdpname | updatedpdpdescription | updatedkeystone_project_id | updatedsecurity_pipeline | + | A-pdp | B-pdp | Thisisabasicpolicy | 111111111111111111111111111111111111111111111111111111111 | Policy B | + Then the following pdp should be existed in the system + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | B-pdp | Thisisabasicpolicy | 111111111111111111111111111111111111111111111111111111111 | Policy B | + + Scenario Outline: Update PDP validations + Given the following pdp exists + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | A-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Policy B | + | B-pdp | Thisisabasicpolicy | 2222222222222222222222222222222222222222222222222222222222222222 | Policy C | + When the user sets to update the following pdp + | pdpname | updatedpdpname | updatedpdpdescription | updatedkeystone_project_id | updatedsecurity_pipeline | + | <pdpname> | <updatedpdpname> | <updatedpdpdescription> | <updatedkeystone_project_id> | <updatedsecurity_pipeline> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | pdpname | updatedpdpname | updatedpdpdescription | updatedkeystone_project_id | updatedsecurity_pipeline | flag | + | A-pdp | | Thispdpisforcreatingacollectionofpolicies | 111111111111111111111111111111111111111111111111111111111 | Policy A | False | + | A-pdp | generalpdp | | 111111111111111111111111111111111111111111111111111111111 | Policy A | True | + | A-pdp | 1 P | Thispdpisforcreatingacollectionofpolicies | 111111111111111111111111111111111111111111111111111111111 | Policy A | True | + | A-pdp | _%Pdp%_ | Thispdpisforcreatingacollectionofpolicies% | 111111111111111111111111111111111111111111111111111111111 | Policy A | True | + | A-pdp | generalpdp | Thispdpisforcreatingacollectionofpolicies% | | Policy A | False | + | A-pdp | generalpdp | Thispdpisforcreatingacollectionofpolicies | 111111111111111111111111111111111111111111111111111111111 | | False | + | A-pdp | generalpdp | Thispdpisforcreatingacollectionofpolicies | 111111111111111111111111111111111111111111111111111111111 | Policy A, | False | + | A-pdp | A-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Policy B | True | + | A-pdp | B-pdp | Thisisabasicpolicy | 111111111111111111111111111111111111111111111111111111111 | Policy C | False | + + Scenario: Delete PDP + Given the following pdp exists + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | A-pdp | Thisisabasicpolicy | 0000000000000000000000000000000000000000000000000000000000000000 | Policy A | + When the user sets to delete the following pdp + | pdpname | + | A-pdp | + Then the following pdp should be existed in the system + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | | | | | diff --git a/moon_manager/tests/func_tests/features/perimeter.feature b/moon_manager/tests/func_tests/features/perimeter.feature new file mode 100644 index 00000000..39820e15 --- /dev/null +++ b/moon_manager/tests/func_tests/features/perimeter.feature @@ -0,0 +1,465 @@ +Feature: Perimeter + + Background: + Given the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + | Degree: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + | Class: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + | Recommendation: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | metarule2 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Clearance: | + | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Clearance: | + | metarule4 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Clearance: | + | metarule5 | Thisisabasicmetarule | Affiliation: | Action-Class: | Type: | + | metarule6 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Type: | + | metarule7 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Type: | + | metarule8 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Type: | + | metarule9 | Thisisabasicmetarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + And the following model exists + | modelname | modeldescription | metarule | + | universitymodel | Thisisabasicmodel | metarule1,metarule9 | + | universitymodel2 | Thisisabasicmodel | metarule3,metarule5,metarule8 | + | universitymodel3 | Thisisabasicmodel | metarule9 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | Stanford Policy | This is a basic policy | universitymodel | Education | + | Cambridge Policy | This is a basic policy | universitymodel2 | Education | + + + Scenario: Add subject perimeter + When the user sets to add the following subject perimeter + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Cambridge Policy | + Then the following subject perimeter should be existed in the system + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Cambridge Policy,Stanford Policy | + + Scenario Outline: Add subject perimeter validations + When the user sets to add the following subject perimeter + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | <subjectperimetername> | <subjectperimeterdescription> | <subjectperimeteremail> | <subjectperimeterpassword> | <policies> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | flag | + | | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | False | + | _%JohnLewis%_ | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | True | + | JohnLewis | | jlewis@orange.com | abc1234 | Stanford Policy | True | + | JohnLewis | Thisistheexpecteduser% | jlewis@orange.com | abc1234 | Stanford Policy | True | + | JohnLewis | Thisistheexpecteduser% | jlewis@orange.com | abc1234 | | True | + + Scenario Outline: Add an existing subject perimeter + Given the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + When the user sets to add the following subject perimeter + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | <subjectperimetername> | <subjectperimeterdescription> | <subjectperimeteremail> | <subjectperimeterpassword> | <policies> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | flag | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | False | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Cambridge Policy | True | + + Scenario: Update subject perimeter + Given the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Cambridge Policy | + When the user sets to update the following subject perimeter + | subjectperimetername | updatedsubjectperimetername | updatedsubjectperimeterdescription | updatedsubjectperimeteremail | updatedsubjectperimeterpassword | policies | + | JohnLewis | JoesephWilliams | Thisdatahasthevalueofsubjectperimeter | jwilliams@orange.com | abc1234 | Stanford Policy | + Then the following subject perimeter should be existed in the system + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JoesephWilliams | Thisdatahasthevalueofsubjectperimeter | jwilliams@orange.com | abc1234 | Cambridge Policy,Stanford Policy | + + Scenario Outline: Update subject perimeter validations + Given the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + When the user sets to update the following subject perimeter + | subjectperimetername | updatedsubjectperimetername | updatedsubjectperimeterdescription | updatedsubjectperimeteremail | updatedsubjectperimeterpassword | policies | + | <subjectperimetername> | <updatedsubjectperimetername> | <updatedsubjectperimeterdescription> | <updatedsubjectperimeteremail> | <updatedsubjectperimeterpassword> | <policies> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | subjectperimetername | updatedsubjectperimetername | updatedsubjectperimeterdescription | updatedsubjectperimeteremail | updatedsubjectperimeterpassword | policies | flag | + #| JohnLewis | | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | False | + | JohnLewis | _%JohnLewis%_ | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | True | + #| JohnLewis | JohnLewis | | jlewis@orange.com | abc1234 | Stanford Policy | True | + #| JohnLewis | JohnLewis | Thisistheexpecteduser% | jlewis@orange.com | abc1234 | Stanford Policy | True | + +Scenario: Delete subject perimeter with a policy and no assignments + Given the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + When the user sets to delete the following subject perimeter + | subjectperimetername | + | JohnLewis | + Then the system should reply the following + | flag | + | False | + And the following subject perimeter should be existed in the system + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + + Scenario: Check subject perimeter after removing the policy + Given the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + When the user sets to delete the following subject perimeter for a given policy + | subjectperimetername | policies | + | JohnLewis | Stanford Policy | + Then the following subject perimeter should be existed in the system + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | | + +Scenario: Delete subject perimeter with no policy + Given the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + When the user sets to delete the following subject perimeter for a given policy + | subjectperimetername | policies | + | JohnLewis | Stanford Policy | + And the user sets to delete the following subject perimeter + | subjectperimetername | + | JohnLewis | + Then the following subject perimeter should be existed in the system + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | | | | | | + + Scenario: Delete subject perimeter with a policy and with assignments + Given the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + And the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + | Stanford Policy | Affiliation: | Stanford | This data has the value of subject category | + And the following subject assignment exists + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + | JohnLewis | Affiliation: | Stanford | Stanford Policy | + When the user sets to delete the following subject perimeter for a given policy + | subjectperimetername | policies | + | JohnLewis | Stanford Policy | + Then the system should reply the following + | flag | + | True | + And the following subject perimeter should be existed in the system + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | | + And the following subject assignment should be existed in the system + | subjectperimetername | subjectcategory | subjectdata | policyname | + | | | | Stanford Policy | + + Scenario: Add object perimeter + When the user sets to add the following object perimeter + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Cambridge Policy | + + Then the following object perimeter should be existed in the system + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Cambridge Policy,Stanford Policy | + + Scenario Outline: Add object perimeter validations + When the user sets to add the following object perimeter + | objectperimetername | objectperimeterdescription | policies | + | <objectperimetername> | <objectperimeterdescription> | <policies> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | objectperimetername | objectperimeterdescription | policies | flag | + | | Thisistherequesttoaccessfile | Stanford Policy | False | + | _%ProfessorsPromotionDocument%_ | Thisistherequesttoaccessfile | Stanford Policy | True | + | ProfessorsPromotionDocument | | Stanford Policy | True | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile% | Stanford Policy | True | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile% | | True | + + + Scenario Outline: Add an existing object perimeter + Given the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + When the user sets to add the following object perimeter + | objectperimetername | objectperimeterdescription | policies | + | <objectperimetername> | <objectperimeterdescription> | <policies> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | objectperimetername | objectperimeterdescription | policies | flag | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | False | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Cambridge Policy | True | + + Scenario: Update object perimeter + Given the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Cambridge Policy | + When the user sets to update the following object perimeter + | objectperimetername | updatedobjectperimetername | updatedobjectperimeterdescription | policies | + | ProfessorsPromotionDocument | StudentsGradsSheet | Thisistherequesttoaccessfile | Stanford Policy | + Then the following object perimeter should be existed in the system + | objectperimetername | objectperimeterdescription | policies | + | StudentsGradsSheet | Thisistherequesttoaccessfile | Cambridge Policy,Stanford Policy | + + Scenario Outline: Update object perimeter validations + Given the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + When the user sets to update the following object perimeter + | objectperimetername | updatedobjectperimetername | updatedobjectperimeterdescription | policies | + | <objectperimetername> | <updatedobjectperimetername> | <updatedobjectperimeterdescription> | <policies> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | objectperimetername | updatedobjectperimetername | updatedobjectperimeterdescription | policies | flag | + | ProfessorsPromotionDocument | | Thisistherequesttoaccessfile | Stanford Policy | False | + | ProfessorsPromotionDocument | _%ProfessorsPromotionDocument%_ | Thisistherequesttoaccessfile | Stanford Policy | True | + | ProfessorsPromotionDocument | ProfessorsPromotionDocument | | Stanford Policy | True | + | ProfessorsPromotionDocument | ProfessorsPromotionDocument | Thisistherequesttoaccessfile% | Stanford Policy | True | + + Scenario: Delete object perimeter with a policy + Given the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + When the user sets to delete the following object perimeter + | objectperimetername | + | ProfessorsPromotionDocument | + Then the system should reply the following + | flag | + | False | + And the following object perimeter should be existed in the system + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + + Scenario: Check object perimeter after removing the policy + Given the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + When the user sets to delete the following object perimeter for a given policy + | objectperimetername | policies | + | ProfessorsPromotionDocument | Stanford Policy | + Then the following object perimeter should be existed in the system + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | | + + Scenario: Delete object perimeter after removing the policy + Given the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + When the user sets to delete the following object perimeter for a given policy + | objectperimetername | policies | + | ProfessorsPromotionDocument | Stanford Policy | + And the user sets to delete the following object perimeter + | objectperimetername | + | ProfessorsPromotionDocument | + Then the following object perimeter should be existed in the system + | objectperimetername | objectperimeterdescription | policies | + | | | | + + Scenario: Delete object perimeter with a policy and with assignments + Given the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + And the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Top-Secret | This data has the value of object category | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + | Stanford Policy | Clearance: | Public | This data has the value of object category | + | Stanford Policy | Type: | Adminstrative | This data has the value of object category | + | Stanford Policy | Type: | Staff | This data has the value of object category | + And the following object assignment exists + | objectperimetername | objectcategory | objectdata | policyname | + | ProfessorsPromotionDocument | Clearance: | Public | Stanford Policy | + | ProfessorsPromotionDocument | Clearance: | Confidential | Stanford Policy | + When the user sets to delete the following object perimeter for a given policy + | objectperimetername | policies | + | ProfessorsPromotionDocument | Stanford Policy | + Then the system should reply the following + | flag | + | True | + And the following object perimeter should be existed in the system + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | | + And the following object assignment should be existed in the system + | objectperimetername | objectcategory | objectdata | policyname | + | | | | Stanford Policy | + + + Scenario: Add action perimeter + When the user sets to add the following action perimeter + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + | Read | Thisistheactionrequired | Cambridge Policy | + | Delete | Thisistheactionrequired | Stanford Policy | + | Delete | Thisistheactionrequired | Cambridge Policy | + Then the following action perimeter should be existed in the system + | actionperimetername | actionperimeterdescription | policies | + | Delete | Thisistheactionrequired | Cambridge Policy,Stanford Policy | + | Read | Thisistheactionrequired | Cambridge Policy,Stanford Policy | + + Scenario Outline: Add action perimeter validations + When the user sets to add the following action perimeter + | actionperimetername | actionperimeterdescription | policies | + | <actionperimetername> | <actionperimeterdescription> | <policies> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | actionperimetername | actionperimeterdescription | policies | flag | + | | Thisistheactionrequired | Stanford Policy | False | + | _%Read%_ | Thisistheactionrequired | Stanford Policy | True | + | Read | | Stanford Policy | True | + | Read | Thisistheactionrequired% | Stanford Policy | True | + | Read | Thisistheactionrequired% | | True | + + + Scenario Outline: Add an existing action perimeter + Given the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + When the user sets to add the following action perimeter + | actionperimetername | actionperimeterdescription | policies | + | <actionperimetername> | <actionperimeterdescription> | <policies> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | actionperimetername | actionperimeterdescription | policies | flag | + | Read | Thisistheactionrequired | Stanford Policy | False | + | Read | Thisistheactionrequired | Cambridge Policy | True | + + Scenario: Update action perimeter + Given the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + | Read | Thisistheactionrequired | Cambridge Policy | + When the user sets to update the following action perimeter + | actionperimetername | updatedactionperimetername | updatedactionperimeterdescription | policies | + | Read | Delete | Thisistheactionrequired | Stanford Policy | + Then the following action perimeter should be existed in the system + | actionperimetername | actionperimeterdescription | policies | + | Delete | Thisistheactionrequired | Cambridge Policy,Stanford Policy | + + Scenario Outline: Update action perimeter validations + Given the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + When the user sets to update the following action perimeter + | actionperimetername | updatedactionperimetername | updatedactionperimeterdescription | policies | + | <actionperimetername> | <updatedactionperimetername> | <updatedactionperimeterdescription> | <policies> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | actionperimetername | updatedactionperimetername | updatedactionperimeterdescription | policies | flag | + | Read | | Thisistheactionrequired | Stanford Policy | False | + | Read | _%Read%_ | Thisistheactionrequired | Stanford Policy | True | + | Read | Read | | Stanford Policy | True | + | Read | Read | Thisistheactionrequired% | Stanford Policy | True | + + Scenario: Delete action perimeter with a policy + Given the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | This is the action required | Stanford Policy | + When the user sets to delete the following action perimeter + | actionperimetername | + | Read | + Then the system should reply the following + | flag | + | False | + And the following action perimeter should be existed in the system + | actionperimetername | actionperimeterdescription | policies | + | Read | This is the action required | Stanford Policy | + + Scenario: Check action perimeter after removing the policy + Given the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + When the user sets to delete the following action perimeter for a given policy + | actionperimetername | policies | + | Read | Stanford Policy | + Then the following action perimeter should be existed in the system + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | | + + Scenario: Delete action perimeter after removing the policy + Given the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + When the user sets to delete the following action perimeter for a given policy + | actionperimetername | policies | + | Read | Stanford Policy | + And the user sets to delete the following action perimeter + | actionperimetername | + | Read | + Then the following action perimeter should be existed in the system + | actionperimetername | actionperimeterdescription | policies | + | | | | + + Scenario: Delete action perimeter with a policy and with assignments + Given the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + And the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + | Stanford Policy | Action-Class: | Low | This data has the value of action category | + | Stanford Policy | Action-Priority: | Low | This data has the value of action category | + And the following action assignment exists + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + | Read | Action-Class: | Low | Stanford Policy | + When the user sets to delete the following action perimeter for a given policy + | actionperimetername | policies | + | Read | Stanford Policy | + Then the system should reply the following + | flag | + | True | + And the following action perimeter should be existed in the system + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | | + And the following action assignment should be existed in the system + | actionperimetername | actioncategory | actiondata | policyname | + | | | | Stanford Policy | + + diff --git a/moon_manager/tests/func_tests/features/policy.feature b/moon_manager/tests/func_tests/features/policy.feature new file mode 100644 index 00000000..e8d4077d --- /dev/null +++ b/moon_manager/tests/func_tests/features/policy.feature @@ -0,0 +1,245 @@ +Feature: Policy + + Background: + Given the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + | Degree: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + | Class: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + | Recommendation: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | This is a basic metarule | Affiliation: | Action-Class: | Clearance: | + | metarule2 | This is a basic metarule | Authorization-Level: | Action-Class: | Clearance: | + | metarule3 | This is a basic metarule | Affiliation: | Action-Priority: | Clearance: | + | metarule4 | This is a basic metarule | Authorization-Level: | Action-Priority: | Clearance: | + | metarule5 | This is a basic metarule | Affiliation: | Action-Class: | Type: | + | metarule6 | This is a basic metarule | Authorization-Level: | Action-Class: | Type: | + | metarule7 | This is a basic metarule | Affiliation: | Action-Priority: | Type: | + | metarule8 | This is a basic metarule | Authorization-Level: | Action-Priority: | Type: | + | metarule9 | This is a basic metarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + And the following model exists + | modelname | modeldescription | metarule | + | generalmodel | This is a basic model | metarule9 | + | generalmodel2 | This is a basic model | metarule3,metarule5,metarule8 | + | generalmodel3 | This is a basic model | metarule9 | + + Scenario: Add policy + When the user sets to add the following policy + | policyname | policydescription | modelname | genre | + | A policy | This is a basic policy | generalmodel | financial | + | B policy | This is a basic policy | generalmodel | administrative | + Then the following policy should be existed in the system + | policyname | policydescription | modelname | genre | + | A policy | This is a basic policy | generalmodel | financial | + | B policy | This is a basic policy | generalmodel | administrative | + + Scenario Outline: Add policy validations + When the user sets to add the following policy + | policyname | policydescription | modelname | genre | + | <policyname> | <policydescription> | <modelname> | <genre> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | policyname | policydescription | modelname | genre | flag | + | | This is a basic policy | generalmodel | financial | False | + | generalpolicy | | generalmodel | financial | True | + | generalpolicy | This is a basic policy | | financial | False | + | generalpolicy | This is a basic policy | 0000000000000000000000 | financial | False | + | generalpolicy | This is a basic policy | 0000000000000000000000000000000000000000000000000000000000000000 | financial | False | + | generalpolicy | This is a basic policy | 00000000000000000000000000000000000000000000000000000000000000000000 | financial | False | + | generalpolicy | This is a basic policy | generalmodel | | True | + | 1 | This is a basic policy | generalmodel | financial | True | + | _%policy%_ | This is a basic policy | generalmodel | financial | True | + | policy | This is a basic policy % | generalmodel | 1 | True | + | policy | This is a basic policy % | generalmodel2 | 1 | True | + | policy | This is a basic policy % | generalmodel | _%genere%_ | True | + + Scenario Outline: Add an existing policy + Given the following policy exists + | policyname | policydescription | modelname | genre | + | generalpolicy | This is a basic policy | generalmodel | financial | + When the user sets to add the following policy + | policyname | policydescription | modelname | genre | + | <policyname> | <policydescription> | <modelname> | <genre> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | policyname | policydescription | modelname | genre | flag | + | generalpolicy | This is a basic policy | generalmodel2 | financial | False | + | generalpolicy2 | This is a basic policy | generalmodel | financial | True | + + Scenario: Update policy + Given the following policy exists + | policyname | policydescription | modelname | genre | + | generalpolicy | This is a basic policy | generalmodel | financial | + When the user sets to update the following policy + | policyname | updatedpolicyname | updatedpolicydescription | updatedmodelname | updatedgenre | + | generalpolicy | 1 P % | This is a basic policy | generalmodel | financial | + Then the following policy should be existed in the system + | policyname | policydescription | modelname | genre | + | 1 P % | This is a basic policy | generalmodel | financial | + + Scenario Outline: Update policy validations + Given the following policy exists + | policyname | policydescription | modelname | genre | + | mainpolicy | This is a basic policy | generalmodel | adminstrative | + | mainpolicy2 | This is a basic policy | generalmodel | adminstrative | + When the user sets to update the following policy + | policyname | updatedpolicyname | updatedpolicydescription | updatedmodelname | updatedgenre | + | <policyname> | <updatedpolicyname> | <updatedpolicydescription> | <updatedmodelname> | <updatedgenre> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | policyname | updatedpolicyname | updatedpolicydescription | updatedmodelname | updatedgenre | flag | + | mainpolicy | | This is a basic policy | generalmodel | financial | False | + | mainpolicy | generalpolicy | | generalmodel | financial | True | + | mainpolicy | generalpolicy | This is a basic policy | | financial | False | + | mainpolicy | generalpolicy | This is a basic policy | 0000000000000000000000 | financial | False | + | mainpolicy | generalpolicy | This is a basic policy | 0000000000000000000000000000000000000000000000000000000000000000 | financial | False | + | mainpolicy | generalpolicy | This is a basic policy | 00000000000000000000000000000000000000000000000000000000000000000000 | financial | False | + | mainpolicy | generalpolicy | This is a basic policy | generalmodel | | True | + | mainpolicy | 1 | This is a basic policy | generalmodel | financial | True | + | mainpolicy | _%policy%_ | This is a basic policy | generalmodel | financial | True | + | mainpolicy | policy | This is a basic policy % | generalmodel | financial | True | + | mainpolicy | policy | This is a basic policy % | generalmodel | 1 | True | + | mainpolicy | policy | This is a basic policy % | generalmodel2 | 1 | False | + | mainpolicy | policy | This is a basic policy % | generalmodel | _%genere%_ | True | + | mainpolicy | mainpolicy | This is a basic policy % | generalmodel | adminstrative | True | + | mainpolicy | mainpolicy2 | This is a basic policy % | generalmodel | adminstrative | False | + + Scenario: Delete policy + Given the following policy exists + | policyname | policydescription | modelname | genre | + | generalpolicy | This is a basic policy | generalmodel | financial | + When the user sets to delete the following policy + | policyname | + | generalpolicy | + Then the following policy should be existed in the system + | policyname | policydescription | modelname | genre | + | | | | | + + + Scenario: Delete a policy that has a system attributes dependency + Given the following policy exists + | policyname | policydescription | modelname | genre | + | Stanford Policy | This is a basic policy | generalmodel | financial | + | Cambridge Policy | This is a basic policy | generalmodel2 | Education | + And the following pdp exists + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | generalpdp | This is a basic pdp | 0000000000000000000000000000000000000000000000000000000000000000 | Stanford Policy | + And the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Cambridge Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | Stanford Policy | + And the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Cambridge Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | Stanford Policy | + And the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Delete | Thisistheactionrequired | Stanford Policy | + | Read | Thisistheactionrequired | Stanford Policy | + | Read | Thisistheactionrequired | Cambridge Policy | + And the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + | Stanford Policy | Affiliation: | Stanford | This data has the value of subject category | + | Stanford Policy | Authorization-Level: | Professor | This data has the value of subject category | + And the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Top-Secret | This data has the value of object category | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + | Stanford Policy | Clearance: | Public | This data has the value of object category | + | Stanford Policy | Type: | Adminstrative | This data has the value of object category | + | Stanford Policy | Type: | Staff | This data has the value of object category | + And the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + | Stanford Policy | Action-Class: | Low | This data has the value of action category | + | Stanford Policy | Action-Priority: | Low | This data has the value of action category | + And the following subject assignment exists + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + | WilliamsJoeseph | Affiliation: | Stanford | Stanford Policy | + And the following object assignment exists + | objectperimetername | objectcategory | objectdata | policyname | + | StudentsGradesSheet | Clearance: | Public | Stanford Policy | + | StudentsGradesSheet | Clearance: | Top-Secret | Stanford Policy | + | StudentsGradesSheet | Clearance: | Confidential | Stanford Policy | + And the following action assignment exists + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + | Read | Action-Class: | Low | Stanford Policy | + | Read | Action-Priority: | Low | Stanford Policy | + When the user sets to delete the following policy + | policyname | + | Stanford Policy | + Then the following policy should be existed in the system + | policyname | policydescription | modelname | genre | + | Cambridge Policy | This is a basic policy | generalmodel2 | Education | + And the following pdp should be existed in the system + | pdpname | pdpdescription | keystone_project_id | security_pipeline | + | generalpdp | This is a basic pdp | 0000000000000000000000000000000000000000000000000000000000000000 | | + And the following subject perimeter should be existed in the system + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Cambridge Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | | + And the following object perimeter should be existed in the system + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Cambridge Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | | + And the following action perimeter should be existed in the system + | actionperimetername | actionperimeterdescription | policies | + | Delete | Thisistheactionrequired | | + | Read | Thisistheactionrequired | Cambridge Policy | + And the following subject data should be existed in the system + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | | | | | + And the following object data should be existed in the system + | policyname | objectcategory | objectdataname | objectdatadescription | + | | | | | + And the following action data should be existed in the system + | policyname | actioncategory | actiondataname | actiondatadescription | + | | | | | + And the following subject assignment should be existed in the system + | subjectperimetername | subjectcategory | subjectdata | policyname | + | | | | | + And the following object assignment should be existed in the system + | objectperimetername | objectcategory | objectdata | policyname | + | | | | | + And the following action assignment should be existed in the system + | actionperimetername | actioncategory | actiondata | policyname | + | | | | | + diff --git a/moon_manager/tests/func_tests/features/rules.feature b/moon_manager/tests/func_tests/features/rules.feature new file mode 100644 index 00000000..e98e2b30 --- /dev/null +++ b/moon_manager/tests/func_tests/features/rules.feature @@ -0,0 +1,188 @@ +Feature: Rules + + Background: + Given the system has no rules + And the system has no subject assignments + And the system has no action assignments + And the system has no object assignments + And the system has no subject data + And the system has no action data + And the system has no object data + And the system has no subject perimeter + And the system has no object perimeter + And the system has no action perimeter + And the system has no pdps + And the system has no policies + And the system has no models + And the system has no meta-rules + And the system has no subject categories + And the system has no action categories + And the system has no object categories + And the following meta data subject category exists + | subjectmetadataname | subjectmetadatadescription | + | Affiliation: | This meta data has the categorical information about a subject | + | Authorization-Level: | This meta data has the categorical information about an object | + | Degree: | This meta data has the categorical information about an object | + And the following meta data object category exists + | objectmetadataname | objectmetadatadescription | + | Clearance: | This meta data has the categorical information about an object | + | Type: | This meta data has the categorical information about an object | + | Class: | This meta data has the categorical information about an object | + And the following meta data action category exists + | actionmetadataname | actionmetadatadescription | + | Action-Class: | This meta data has the categorical information about an action | + | Action-Priority: | This meta data has the categorical information about an action | + | Recommendation: | This meta data has the categorical information about an action | + And the following meta rule exists + | metarulename | metaruledescription | subjectmetadata | actionmetadata | objectmetadata | + | metarule1 | Thisisabasicmetarule | Affiliation: | Action-Class: | Clearance: | + | metarule2 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Clearance: | + | metarule3 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Clearance: | + | metarule4 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Clearance: | + | metarule5 | Thisisabasicmetarule | Affiliation: | Action-Class: | Type: | + | metarule6 | Thisisabasicmetarule | Authorization-Level: | Action-Class: | Type: | + | metarule7 | Thisisabasicmetarule | Affiliation: | Action-Priority: | Type: | + | metarule8 | Thisisabasicmetarule | Authorization-Level: | Action-Priority: | Type: | + | metarule9 | Thisisabasicmetarule | Affiliation:,Authorization-Level: | Action-Class:,Action-Priority: | Clearance:,Type: | + And the following model exists + | modelname | modeldescription | metarule | + | universitymodel | Thisisabasicmodel | metarule1,metarule9 | + | universitymodel2 | Thisisabasicmodel | metarule3,metarule5,metarule8 | + | universitymodel3 | Thisisabasicmodel | metarule9 | + And the following policy exists + | policyname | policydescription | modelname | genre | + | Stanford Policy | This is a basic policy | universitymodel | Education | + | Cambridge Policy | This is a basic policy | universitymodel3 | Education | + And the following subject perimeter exists + | subjectperimetername | subjectperimeterdescription | subjectperimeteremail | subjectperimeterpassword | policies | + | JohnLewis | Thisistheexpecteduser | jlewis@orange.com | abc1234 | Stanford Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | Stanford Policy | + | WilliamsJoeseph | Thisistheexpecteduser | wjoeseph@orange.com | abc1234 | Cambridge Policy | + | WilliamsGeorge | Thisdatahasthevalueofsubjectperimeter | gwilliams@orange.com | abc1234 | | + And the following object perimeter exists + | objectperimetername | objectperimeterdescription | policies | + | ProfessorsPromotionDocument | Thisistherequesttoaccessfile | Stanford Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | Stanford Policy | + | StudentsGradesSheet | Thisistherequesttoaccessfile | Cambridge Policy | + | Vacations | Thisistherequesttoaccessfile | | + And the following action perimeter exists + | actionperimetername | actionperimeterdescription | policies | + | Read | Thisistheactionrequired | Stanford Policy | + | Delete | Thisistheactionrequired | Stanford Policy | + | Edit | Thisistheactionrequired | | + And the following subject data exists + | policyname | subjectcategory | subjectdataname | subjectdatadescription | + | Stanford Policy | Affiliation: | University-of-Stanford | This data has the value of subject category | + | Stanford Policy | Affiliation: | Stanford | This data has the value of subject category | + | Cambridge Policy | Affiliation: | University-of-Cambridge | This data has the value of subject category | + | Cambridge Policy | Authorization-Level: | Professor | This data has the value of subject category | + | Cambridge Policy | Authorization-Level: | Lecturer | This data has the value of subject category | + And the following object data exists + | policyname | objectcategory | objectdataname | objectdatadescription | + | Stanford Policy | Clearance: | Top-Secret | This data has the value of object category | + | Stanford Policy | Clearance: | Confidential | This data has the value of object category | + | Stanford Policy | Clearance: | Public | This data has the value of object category | + | Cambridge Policy | Type: | Adminstrative | This data has the value of object category | + | Cambridge Policy | Type: | Teaching-Staff | This data has the value of object category | + | Cambridge Policy | Clearance: | Confidential | This data has the value of object category | + | Cambridge Policy | Clearance: | Access-with-permission | This data has the value of object category | + | Cambridge Policy | Clearance: | Public | This data has the value of object category | + + And the following action data exists + | policyname | actioncategory | actiondataname | actiondatadescription | + | Stanford Policy | Action-Class: | Severe | This data has the value of action category | + | Stanford Policy | Action-Class: | Low | This data has the value of action category | + | Cambridge Policy | Action-Priority: | High | This data has the value of action category | + | Cambridge Policy | Action-Priority: | Medium | This data has the value of action category | + | Cambridge Policy | Action-Priority: | Low | This data has the value of action category | + | Cambridge Policy | Action-Class: | Severe | This data has the value of action category | + | Cambridge Policy | Action-Class: | Intermediate | This data has the value of action category | + | Cambridge Policy | Action-Class: | Low | This data has the value of action category | + + And the following subject assignment exists + | subjectperimetername | subjectcategory | subjectdata | policyname | + | JohnLewis | Affiliation: | University-of-Stanford | Stanford Policy | + | WilliamsJoeseph | Affiliation: | Stanford | Stanford Policy | + + And the following object assignment exists + | objectperimetername | objectcategory | objectdata | policyname | + | StudentsGradesSheet | Clearance: | Access-with-permission | Cambridge Policy | + | StudentsGradesSheet | Clearance: | Public | Cambridge Policy | + #| StudentsGradesSheet | Clearance: | Top-Secret | Stanford Policy | + | StudentsGradesSheet | Clearance: | Confidential | Stanford Policy | + #| StudentsGradesSheet | Clearance: | Public | Stanford Policy | + And the following action assignment exists + | actionperimetername | actioncategory | actiondata | policyname | + | Read | Action-Class: | Severe | Stanford Policy | + #| Read | Action-Class: | Low | Stanford Policy | + | Delete | Action-Priority: | High | Cambridge Policy | + | Delete | Action-Priority: | Medium | Cambridge Policy | + | Delete | Action-Priority: | Low | Cambridge Policy | + + Scenario: Add rule + When the user sets to add the following rules + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Stanford Policy | + | University-of-Cambridge,Professor,Public,Adminstrative,Low,Low | metarule9 | grant | Cambridge Policy | + Then the following rules should be existed in the system + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Stanford Policy | + | University-of-Cambridge,Professor,Public,Adminstrative,Low,Low | metarule9 | grant | Cambridge Policy | + +Scenario Outline: Add rules validations + When the user sets to add the following rules + | rule | metarulename | instructions | policyname | + | <rule> | <metarulename> | <instructions> | <policyname> | + Then the system should reply the following + | flag | + | <flag> | + Examples: + | rule | metarulename | instructions | policyname | flag | + | | metarule1 | grant | Stanford Policy | False | + | Confidential,Severe | metarule1 | grant | Stanford Policy | False | + | ,Confidential,Severe | metarule1 | grant | Stanford Policy | False | + | 0000000000000000000000000000000000000000,Confidential,Severe | metarule1 | grant | Stanford Policy | False | + | University of USA,Confidential,Severe | metarule1 | grant | Stanford Policy | False | + | University-of-Stanford,,Confidential,Severe | metarule1 | grant | Stanford Policy | False | + | University-of-Stanford,,Confidential | metarule1 | grant | Stanford Policy | False | + | University-of-Stanford,Superficial,Severe | metarule1 | grant | Stanford Policy | False | + | University-of-Stanford,0000000000000000000000000000000000000000,Severe | metarule1 | grant | Stanford Policy | False | + | University-of-Stanford,Confidential,,Severe | metarule1 | grant | Stanford Policy | False | + | University-of-Stanford,Confidential, | metarule1 | grant | Stanford Policy | False | + | University-of-Stanford,Confidential,Non-Accessable | metarule1 | grant | Stanford Policy | False | + | University-of-Stanford,Confidential,0000000000000000000000000000000000000000 | metarule1 | grant | Stanford Policy | False | + #| University-of-Stanford,Confidential,Severe, | metarule1 | grant | Stanford Policy | False | + | University-of-Stanford,Confidential,Severe | | grant | Stanford Policy | False | + | University-of-Stanford,Confidential,Severe | metarule9 | grant | Stanford Policy | False | + | University-of-Stanford,Confidential,Severe | 000000000000000000000000000000000000000000000000000 | grant | Stanford Policy | False | + | University-of-Stanford,Confidential,Severe | metarule1 | not grant | Stanford Policy | False | + | University-of-Stanford,Confidential,Severe | metarule1 | | Stanford Policy | True | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | | False | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | 000000000000000000000000000000000000000000000000000 | False | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Cambridge Policy | False | + + + Scenario: Add existing rule + Given the following rule exists + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Stanford Policy | + When the user sets to add the following rules + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Stanford Policy | + Then the system should reply the following + | flag | + | False | + + + Scenario: Delete rule + Given the following rule exists + | rule | metarulename | instructions | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | grant | Stanford Policy | + When the user sets to delete the following rules + | rule | metarulename | policyname | + | University-of-Stanford,Confidential,Severe | metarule1 | Stanford Policy | + Then the system should reply the following + | flag | + | True | + + diff --git a/moon_manager/tests/func_tests/features/steps/Static_Variables.py b/moon_manager/tests/func_tests/features/steps/Static_Variables.py new file mode 100644 index 00000000..471f92fa --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/Static_Variables.py @@ -0,0 +1,89 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +class GeneralVariables: + serverURL="http://127.0.0.1:8000/" + + serverIP="10.237.71.141" + + serverport = "22" + + serverusername="ubuntu" + + serverpassword="ubuntu-007" + + token = "{{TOKEN}}" + + auth_headers = {"X-Api-Key": token} + + actual_authresponse = {'value': False} + + api_responseflag = {'value': False} + + pipelinePort = {'value': ""} + + wrapperPort = {'value': ""} + + projectAPI = "" + + slaveAPI="slave" + + getslavesAPI = "slaves" + + pdpAPI = "pdp" + + modelAPI = "models" + + policyAPI = "policies" + + assignpolicyid={'value': ""} + + assignsubjectperimeterid = {'value': ""} + + assignsubjectcategoryid = {'value': ""} + + assignobjectperimeterid = {'value': ""} + + assignobjectcategoryid = {'value': ""} + + assignactionperimeterid = {'value': ""} + + assignactioncategoryid = {'value': ""} + + metarulesAPI = "meta_rules" + + metadatasubjectcategoryAPI = "subject_categories" + + metadataobjectcategoryAPI = "object_categories" + + metadataactioncategoryAPI = "action_categories" + + perimetersubjectAPI = "subjects" + + perimeterobjectAPI = "objects" + + perimeteractionAPI = "actions" + + datasubjectAPI = "subject_data" + + dataobjectAPI = "object_data" + + dataactionAPI = "action_data" + + assignementssubjectAPI = "subject_assignments" + + assignementsobjectAPI = "object_assignments" + + assignementsactionAPI = "action_assignments" + + rulesAPI = "rules" + diff --git a/moon_manager/tests/func_tests/features/steps/__init__.py b/moon_manager/tests/func_tests/features/steps/__init__.py new file mode 100644 index 00000000..582be686 --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/__init__.py @@ -0,0 +1,11 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + diff --git a/moon_manager/tests/func_tests/features/steps/assignments.py b/moon_manager/tests/func_tests/features/steps/assignments.py new file mode 100644 index 00000000..e3f7b5a7 --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/assignments.py @@ -0,0 +1,858 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from astropy.table import Table, Column +from common_functions import * +import requests +import json +import logging + +apis_urls = GeneralVariables() +commonfunctions = commonfunctions() + +logger = logging.getLogger(__name__) + +# Step Definition Implementation: +# 1) Get all the existing subject meta data in the system by getting the policies then their models then the model attached meta rules and then the categories +# 2) Get subject assignment id using both the policy id, data id & the category id +# 3) Loop by assignment id and delete it +@Given('the system has no subject assignments') +def step_impl(context): + logger.info("Given the system has no subject assignments") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response_policies = requests.get(apis_urls.serverURL + apis_urls.policyAPI, headers=apis_urls.auth_headers) + if len(response_policies.json()[apis_urls.policyAPI]) != 0: + for policies_ids in dict(response_policies.json()[apis_urls.policyAPI]).keys(): + # subjectcategoryidslist = [] + # subjectdataidslist = [] + # modelid = response_policies.json()[apis_urls.policyAPI][policies_ids]['model_id'] + # if (modelid != None and modelid != ""): + # metaruleslist = \ + # requests.get(apis_urls.serverURL + apis_urls.modelAPI, headers=apis_urls.auth_headers).json()[apis_urls.modelAPI][modelid]['meta_rules'] + # for metarule_ids in metaruleslist: + # categorieslist = \ + # requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, + # headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + # metarule_ids]['subject_categories'] + # for categoryid in categorieslist: + # if (categoryid not in subjectcategoryidslist): + # subjectcategoryidslist.append(categoryid) + # + # response_perimeters = requests.get(apis_urls.serverURL + apis_urls.perimetersubjectAPI, + # headers=apis_urls.auth_headers).json()[ + # apis_urls.perimetersubjectAPI] + # for perimeterid in dict(response_perimeters).keys(): + # for categoryid in subjectcategoryidslist: + # response_assignment = requests.get( + # apis_urls.serverURL + "policies/" + policies_ids + "/" + apis_urls.assignementssubjectAPI + "/" + + # perimeterid + "/" + categoryid, headers=apis_urls.auth_headers) + # if len(response_assignment.json()[apis_urls.assignementssubjectAPI]) != 0: + # for ids in dict(response_assignment.json()[apis_urls.assignementssubjectAPI]).keys(): + # assignmentsid = response_assignment.json()[apis_urls.assignementssubjectAPI][str(ids)][ + # 'assignments'] + # for dataid in assignmentsid: + response = requests.delete( + apis_urls.serverURL + "policies/" + policies_ids + "/" + apis_urls.assignementssubjectAPI , headers=headers) + +# Step Definition Implementation: +# 1) Get all the existing object meta data in the system by getting the policies then their models then the model attached meta rules and then the categories +# 2) Get object assignment id using both the policy id, data id & the category id +# 3) Loop by assignment id and delete it +@Given('the system has no object assignments') +def step_impl(context): + logger.info("Given the system has no object assignments") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response_policies = requests.get(apis_urls.serverURL + apis_urls.policyAPI, headers=apis_urls.auth_headers) + if len(response_policies.json()[apis_urls.policyAPI]) != 0: + for policies_ids in dict(response_policies.json()[apis_urls.policyAPI]).keys(): + # objectcategoryidslist = [] + # objectdataidslist = [] + # modelid = response_policies.json()[apis_urls.policyAPI][policies_ids]['model_id'] + # if (modelid != None and modelid != ""): + # metaruleslist = \ + # requests.get(apis_urls.serverURL + apis_urls.modelAPI, headers=apis_urls.auth_headers).json()[ + # apis_urls.modelAPI][modelid][ + # 'meta_rules'] + # for metarule_ids in metaruleslist: + # categorieslist = \ + # requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, + # headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + # metarule_ids]['object_categories'] + # for categoryid in categorieslist: + # if (categoryid not in objectcategoryidslist): + # objectcategoryidslist.append(categoryid) + # + # response_perimeters = \ + # requests.get(apis_urls.serverURL + apis_urls.perimeterobjectAPI, + # headers=apis_urls.auth_headers).json()[ + # apis_urls.perimeterobjectAPI] + # for perimeterid in dict(response_perimeters).keys(): + # for categoryid in objectcategoryidslist: + # response_assignment = requests.get( + # apis_urls.serverURL + "policies/" + policies_ids + "/" + apis_urls.assignementsobjectAPI + "/" + + # perimeterid + "/" + categoryid, headers=apis_urls.auth_headers) + # if len(response_assignment.json()[apis_urls.assignementsobjectAPI]) != 0: + # for ids in dict(response_assignment.json()[apis_urls.assignementsobjectAPI]).keys(): + # assignmentsid = response_assignment.json()[apis_urls.assignementsobjectAPI][str(ids)][ + # 'assignments'] + # for dataid in assignmentsid: + response = requests.delete( + apis_urls.serverURL + "policies/" + policies_ids + "/" + apis_urls.assignementsobjectAPI , headers=headers) + +# Step Definition Implementation: +# 1) Get all the existing action meta data in the system by getting the policies then their models then the model attached meta rules and then the categories +# 2) Get action assignment id using both the policy id, data id & the category id +# 3) Loop by assignment id and delete it +@Given('the system has no action assignments') +def step_impl(context): + logger.info("Given the system has no action assignments") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response_policies = requests.get(apis_urls.serverURL + apis_urls.policyAPI, headers=apis_urls.auth_headers) + if len(response_policies.json()[apis_urls.policyAPI]) != 0: + for policies_ids in dict(response_policies.json()[apis_urls.policyAPI]).keys(): + # actioncategoryidslist = [] + # actiondataidslist = [] + # modelid = response_policies.json()[apis_urls.policyAPI][policies_ids]['model_id'] + # if (modelid != None and modelid != ""): + # metaruleslist = \ + # requests.get(apis_urls.serverURL + apis_urls.modelAPI, headers=apis_urls.auth_headers).json()[ + # apis_urls.modelAPI][modelid][ + # 'meta_rules'] + # for metarule_ids in metaruleslist: + # categorieslist = \ + # requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, + # headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + # metarule_ids]['action_categories'] + # for categoryid in categorieslist: + # if (categoryid not in actioncategoryidslist): + # actioncategoryidslist.append(categoryid) + # + # response_perimeters = \ + # requests.get(apis_urls.serverURL + apis_urls.perimeteractionAPI, + # headers=apis_urls.auth_headers).json()[ + # apis_urls.perimeteractionAPI] + # for perimeterid in dict(response_perimeters).keys(): + # for categoryid in actioncategoryidslist: + # response_assignment = requests.get( + # apis_urls.serverURL + "policies/" + policies_ids + "/" + apis_urls.assignementsactionAPI + "/" + + # perimeterid + "/" + categoryid, headers=apis_urls.auth_headers) + # if len(response_assignment.json()[apis_urls.assignementsactionAPI]) != 0: + # for ids in dict(response_assignment.json()[apis_urls.assignementsactionAPI]).keys(): + # assignmentsid = response_assignment.json()[apis_urls.assignementsactionAPI][str(ids)][ + # 'assignments'] + # for dataid in assignmentsid: + response = requests.delete( + apis_urls.serverURL + "policies/" + policies_ids + "/" + apis_urls.assignementsactionAPI , headers=headers) + +# Step Definition Implementation: +# 1) Post subject assignment using the policy id, subject perimeter id, subject category, list of subject data ids +@Given('the following subject assignment exists') +def step_impl(context): + logger.info("Given the following subject assignment exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "subject perimeter name: '" + row["subjectperimetername"] + "' subject data: '" + row[ + "subjectdata"] + "' and subject category: '" + row[ + "subjectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + perimeter_id = "" + categoriesname = "" + dataname = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + policies_id = commonfunctions.get_policyid(row['policyname']) + perimeter_id = commonfunctions.get_subjectperimeterid(row['subjectperimetername']) + categories_id = commonfunctions.get_subjectcategoryid(row['subjectcategory']) + dataids = commonfunctions.get_subjectdataid(row['subjectdata'], categories_id, policies_id) + data = { + 'id': perimeter_id, + 'category_id': categories_id, + 'data_id': dataids, + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.assignementssubjectAPI, + headers=headers, data=json.dumps(data)) + + GeneralVariables.assignpolicyid['value'] = policies_id + GeneralVariables.assignsubjectperimeterid['value'] = perimeter_id + GeneralVariables.assignsubjectcategoryid['value'] = categories_id + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Post object assignment using the policy id, object perimeter id, object category, list of object data ids +@Given('the following object assignment exists') +def step_impl(context): + logger.info("Given the following object assignment exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "object perimeter name: '" + row["objectperimetername"] + "' object data: '" + row[ + "objectdata"] + "' and object category: '" + row[ + "objectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + perimeter_id = "" + categoriesname = "" + dataname = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + policies_id = commonfunctions.get_policyid(row['policyname']) + perimeter_id = commonfunctions.get_objectperimeterid(row['objectperimetername']) + categories_id = commonfunctions.get_objectcategoryid(row['objectcategory']) + dataids = commonfunctions.get_objectdataid(row['objectdata'], categories_id, policies_id) + + data = { + 'id': perimeter_id, + 'category_id': categories_id, + 'policy_id': policies_id, + 'data_id': dataids, + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.assignementsobjectAPI, + headers=headers, data=json.dumps(data)) + + GeneralVariables.assignpolicyid['value'] = policies_id + GeneralVariables.assignobjectperimeterid['value'] = perimeter_id + GeneralVariables.assignobjectcategoryid['value'] = categories_id + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Post action assignment using the policy id, action perimeter id, action category, list of action data ids +@Given('the following action assignment exists') +def step_impl(context): + logger.info("Given the following action assignment exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "action perimeter name: '" + row["actionperimetername"] + "' action data: '" + row[ + "actiondata"] + "' and action category: '" + row[ + "actioncategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + perimeter_id = "" + categoriesname = "" + dataname = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + policies_id = commonfunctions.get_policyid(row['policyname']) + perimeter_id = commonfunctions.get_actionperimeterid(row['actionperimetername']) + categories_id = commonfunctions.get_actioncategoryid(row['actioncategory']) + dataids = commonfunctions.get_actiondataid(row['actiondata'], categories_id, policies_id) + + data = { + 'id': perimeter_id, + 'category_id': categories_id, + 'policy_id': policies_id, + 'data_id': dataids, + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.assignementsactionAPI, + headers=headers, data=json.dumps(data)) + + GeneralVariables.assignpolicyid['value'] = policies_id + GeneralVariables.assignactionperimeterid['value'] = perimeter_id + GeneralVariables.assignactioncategoryid['value'] = categories_id + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Post action assignment using the policy id, action perimeter id, action category, list of action data ids +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following subject assignment') +def step_impl(context): + logger.info("When the user sets to add the following subject assignment") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "subject perimeter name: '" + row["subjectperimetername"] + "' subject data: '" + row[ + "subjectdata"] + "' and subject category: '" + row[ + "subjectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + perimeter_id = "" + categoriesname = "" + dataids = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policyname'] == "" or row['policyname'] == "000000000000000000000000000000000000000000000000000"): + policyname = "Stanford Policy" + else: + policyname = row['policyname'] + policies_id = commonfunctions.get_policyid(policyname) + + if (row["subjectperimetername"] == "" or row[ + "subjectperimetername"] == "000000000000000000000000000000000000000000000000000"): + perimetername = "WilliamsJoeseph" + else: + perimetername = row["subjectperimetername"] + perimeter_id = commonfunctions.get_subjectperimeterid(perimetername) + + if (row["subjectcategory"] == "" or row[ + "subjectcategory"] == "000000000000000000000000000000000000000000000000000"): + categoriesname = "Affiliation:" + else: + categoriesname = row['subjectcategory'] + categories_id = commonfunctions.get_subjectcategoryid(categoriesname) + + if (row["subjectdata"] == "" or row["subjectdata"] == "000000000000000000000000000000000000000000000000000"): + dataids = "Professor" + else: + dataids = row['subjectdata'] + dataids = commonfunctions.get_subjectdataid(dataids, categories_id, policies_id) + + if (dataids == None): + dataids = "" + + if (row["policyname"] == "" or row["policyname"] == "000000000000000000000000000000000000000000000000000"): + policies_id = row["policyname"] + if (row["subjectperimetername"] == "" or row[ + "subjectperimetername"] == "000000000000000000000000000000000000000000000000000"): + perimeter_id = row["subjectperimetername"] + if (row["subjectcategory"] == "" or row[ + "subjectcategory"] == "000000000000000000000000000000000000000000000000000"): + categories_id = row["subjectcategory"] + if (row["subjectdata"] == "" or row["subjectdata"] == "000000000000000000000000000000000000000000000000000"): + dataids = row['subjectdata'] + data = { + 'id': perimeter_id, + 'category_id': categories_id, + 'data_id': dataids, + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.assignementssubjectAPI, + headers=headers, data=json.dumps(data)) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Post action assignment using the policy id, action perimeter id, action category, list of action data ids +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following object assignment') +def step_impl(context): + logger.info("When the user sets to add the following object assignment") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "object perimeter name: '" + row["objectperimetername"] + "' object data: '" + row[ + "objectdata"] + "' and object category: '" + row[ + "objectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + perimeter_id = "" + categoriesname = "" + dataids = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policyname'] == "" or row['policyname'] == "000000000000000000000000000000000000000000000000000"): + policyname = "Stanford Policy" + else: + policyname = row['policyname'] + policies_id = commonfunctions.get_policyid(policyname) + + if (row["objectperimetername"] == "" or row[ + "objectperimetername"] == "000000000000000000000000000000000000000000000000000"): + perimetername = "StudentsGradesSheet" + else: + perimetername = row["objectperimetername"] + perimeter_id = commonfunctions.get_objectperimeterid(perimetername) + + if (row["objectcategory"] == "" or row[ + "objectcategory"] == "000000000000000000000000000000000000000000000000000"): + categoriesname = "Clearance:" + else: + categoriesname = row['objectcategory'] + categories_id = commonfunctions.get_objectcategoryid(categoriesname) + + if (row["objectdata"] == "" or row["objectdata"] == "000000000000000000000000000000000000000000000000000"): + dataids = "Confidential" + else: + dataids = row['objectdata'] + dataids = commonfunctions.get_objectdataid(dataids, categories_id, policies_id) + + if (dataids == None): + dataids = "" + + if (row["policyname"] == "" or row["policyname"] == "000000000000000000000000000000000000000000000000000"): + policies_id = row["policyname"] + if (row["objectperimetername"] == "" or row[ + "objectperimetername"] == "000000000000000000000000000000000000000000000000000"): + perimeter_id = row["objectperimetername"] + if (row["objectcategory"] == "" or row[ + "objectcategory"] == "000000000000000000000000000000000000000000000000000"): + categories_id = row["objectcategory"] + if (row["objectdata"] == "" or row["objectdata"] == "000000000000000000000000000000000000000000000000000"): + dataids = row['objectdata'] + data = { + 'id': perimeter_id, + 'category_id': categories_id, + 'data_id': dataids, + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.assignementsobjectAPI, + headers=headers, data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Post action assignment using the policy id, action perimeter id, action category, list of action data ids +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following action assignment') +def step_impl(context): + logger.info("When the user sets to add the following action assignment") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "action perimeter name: '" + row["actionperimetername"] + "' action data: '" + row[ + "actiondata"] + "' and action category: '" + row[ + "actioncategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + perimeter_id = "" + categoriesname = "" + dataids = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policyname'] == "" or row['policyname'] == "000000000000000000000000000000000000000000000000000"): + policyname = "Stanford Policy" + else: + policyname = row['policyname'] + policies_id = commonfunctions.get_policyid(policyname) + + if (row["actionperimetername"] == "" or row[ + "actionperimetername"] == "000000000000000000000000000000000000000000000000000"): + perimetername = "Read" + else: + perimetername = row["actionperimetername"] + perimeter_id = commonfunctions.get_actionperimeterid(perimetername) + + if (row["actioncategory"] == "" or row[ + "actioncategory"] == "000000000000000000000000000000000000000000000000000"): + categoriesname = "Action-Class:" + else: + categoriesname = row['actioncategory'] + categories_id = commonfunctions.get_actioncategoryid(categoriesname) + + if (row["actiondata"] == "" or row["actiondata"] == "000000000000000000000000000000000000000000000000000"): + dataids = "Severe" + else: + dataids = row['actiondata'] + dataids = commonfunctions.get_actiondataid(dataids, categories_id, policies_id) + + if (dataids == None): + dataids = "" + + if (row["policyname"] == "" or row["policyname"] == "000000000000000000000000000000000000000000000000000"): + policies_id = row["policyname"] + if (row["actionperimetername"] == "" or row[ + "actionperimetername"] == "000000000000000000000000000000000000000000000000000"): + perimeter_id = row["actionperimetername"] + if (row["actioncategory"] == "" or row[ + "actioncategory"] == "000000000000000000000000000000000000000000000000000"): + categories_id = row["actioncategory"] + if (row["actiondata"] == "" or row["actiondata"] == "000000000000000000000000000000000000000000000000000"): + dataids = row['actiondata'] + data = { + 'id': perimeter_id, + 'category_id': categories_id, + 'policy_id': policies_id, + 'data_id': dataids, + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.assignementsactionAPI, + headers=headers, data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Delete subject assignment by policy id,subject perimeter id, subject data id, subject category id +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following subject assignment') +def step_impl(context): + logging.info("When the user sets to delete the following subject assignment") + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "subject perimeter name: '" + row["subjectperimetername"] + "' subject data list: '" + row[ + "subjectdata"] + "' and subject category: '" + row[ + "subjectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + perimeter_id = "" + dataid = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + policies_id = commonfunctions.get_policyid(row['policyname']) + perimeter_id = commonfunctions.get_subjectperimeterid(row['subjectperimetername']) + categories_id = commonfunctions.get_subjectcategoryid(row['subjectcategory']) + dataid = commonfunctions.get_subjectdataid(row["subjectdata"], categories_id, policies_id) + + response_assignment = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.assignementssubjectAPI + "/" + + perimeter_id + "/" + categories_id, headers=apis_urls.auth_headers) + logging.info(response_assignment.json()[apis_urls.assignementssubjectAPI]) + if len(response_assignment.json()[apis_urls.assignementssubjectAPI]) != 0: + for ids in dict(response_assignment.json()[apis_urls.assignementssubjectAPI]).keys(): + assignmentsidlist = response_assignment.json()[apis_urls.assignementssubjectAPI][str(ids)][ + 'assignments'] + if dataid in assignmentsidlist: + response = requests.delete( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.assignementssubjectAPI + "/" + + perimeter_id + "/" + categories_id + "/" + dataid, headers=apis_urls.auth_headers) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + + +# Step Definition Implementation: +# 1) Delete object assignment by policy id, object perimeter id, object data id, object category id +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following object assignment') +def step_impl(context): + logging.info("When the user sets to delete the following object assignment") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "object perimeter name: '" + row["objectperimetername"] + "' object data list: '" + row[ + "objectdata"] + "' and object category: '" + row[ + "objectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + perimeter_id = "" + datalistids = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + policies_id = commonfunctions.get_policyid(row['policyname']) + perimeter_id = commonfunctions.get_objectperimeterid(row['objectperimetername']) + categories_id = commonfunctions.get_objectcategoryid(row['objectcategory']) + dataid = commonfunctions.get_objectdataid(row["objectdata"], categories_id, policies_id) + + response_assignment = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.assignementsobjectAPI + "/" + + perimeter_id + "/" + categories_id, headers=apis_urls.auth_headers) + if len(response_assignment.json()[apis_urls.assignementsobjectAPI]) != 0: + for ids in dict(response_assignment.json()[apis_urls.assignementsobjectAPI]).keys(): + assignmentsidlist = response_assignment.json()[apis_urls.assignementsobjectAPI][str(ids)][ + 'assignments'] + if dataid in assignmentsidlist: + response = requests.delete( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.assignementsobjectAPI + "/" + + perimeter_id + "/" + categories_id + "/" + dataid, headers=headers) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + + +# Step Definition Implementation: +# 1) Delete action assignment by policy id, action perimeter id, action data id, action category id +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following action assignment') +def step_impl(context): + logging.info("When the user sets to delete the following action assignment") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "action perimeter name: '" + row["actionperimetername"] + "' action data list: '" + row[ + "actiondata"] + "' and action category: '" + row[ + "actioncategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + perimeter_id = "" + datalistids = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + policies_id = commonfunctions.get_policyid(row['policyname']) + perimeter_id = commonfunctions.get_actionperimeterid(row['actionperimetername']) + categories_id = commonfunctions.get_actioncategoryid(row['actioncategory']) + dataid = commonfunctions.get_actiondataid(row["actiondata"], categories_id, policies_id) + + response_assignment = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.assignementsactionAPI + "/" + + perimeter_id + "/" + categories_id, headers=apis_urls.auth_headers) + if len(response_assignment.json()[apis_urls.assignementsactionAPI]) != 0: + for ids in dict(response_assignment.json()[apis_urls.assignementsactionAPI]).keys(): + assignmentsidlist = response_assignment.json()[apis_urls.assignementsactionAPI][str(ids)][ + 'assignments'] + if dataid in assignmentsidlist: + response = requests.delete( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.assignementsactionAPI + "/" + + perimeter_id + "/" + categories_id + "/" + dataid, headers=apis_urls.auth_headers) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the existing subject assignment per a given policy, subject perimeter and subject category by get request and put them into a table +# 2) Sort the table by subject perimeter name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following subject assignment should be existed in the system') +def step_impl(context): + logger.info("Then the following subject assignment should be existed in the system") + model = getattr(context, "model", None) + apiresult = Table(names=('subjectperimetername', 'subjectcategory', 'subjectdata', 'policyname'), + dtype=('S100', 'S100', 'S100', 'S100')) + for row in context.table: + logger.info( + "subject perimeter name: '" + row["subjectperimetername"] + "' subject data list: '" + row[ + "subjectdata"] + "' and subject category: '" + row[ + "subjectcategory"] + "' and policies: '" + row['policyname'] + "'") + if (row['policyname'] == "" or row['subjectperimetername'] == ""): + response = requests.get( + apis_urls.serverURL + "policies/" + GeneralVariables.assignpolicyid[ + 'value'] + "/" + apis_urls.assignementssubjectAPI + "/" + + GeneralVariables.assignsubjectperimeterid['value'] + "/" + + GeneralVariables.assignsubjectcategoryid['value'], headers=apis_urls.auth_headers) + else: + response = requests.get( + apis_urls.serverURL + "policies/" + commonfunctions.get_policyid( + row['policyname']) + "/" + apis_urls.assignementssubjectAPI + "/" + + commonfunctions.get_subjectperimeterid(row['subjectperimetername']) + "/" + + commonfunctions.get_subjectcategoryid(row['subjectcategory']), headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.assignementssubjectAPI]) != 0: + for ids in dict(response.json()[apis_urls.assignementssubjectAPI]).keys(): + apipolicies = "" + apisubjectname = commonfunctions.get_subjectperimetername( + response.json()[apis_urls.assignementssubjectAPI][str(ids)]['subject_id']) + apisubjectcategory = commonfunctions.get_subjectcategoryname( + response.json()[apis_urls.assignementssubjectAPI][str(ids)]['category_id']) + apiassignments = commonfunctions.get_subjectdataname( + response.json()[apis_urls.assignementssubjectAPI][str(ids)]['assignments'], + response.json()[apis_urls.assignementssubjectAPI][str(ids)]['category_id'], + response.json()[apis_urls.assignementssubjectAPI][str(ids)]['policy_id']) + apipolicies = commonfunctions.get_policyname( + response.json()[apis_urls.assignementssubjectAPI][str(ids)]['policy_id']) + if ((row['policyname'] == "" or row['subjectperimetername'] == "") and "".join(apiassignments)==""): + apiresult.add_row(vals=("", "", "", "")) + else: + apiresult.add_row(vals=( + apisubjectname, apisubjectcategory, apiassignments, apipolicies)) + else: + apiresult.add_row(vals=("", "", "", "")) + + apiresult.sort('subjectperimetername') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected subject perimeter name: '" + str( + row1["subjectperimetername"]) + "' is the same as the actual existing '" + str( + row2["subjectperimetername"]) + "'") + assert str(row1["subjectperimetername"]) == str( + row2["subjectperimetername"]), "subject perimeter name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected subject data description: '" + str( + row1["subjectcategory"]) + "' is the same as the actual existing '" + str( + row2["subjectcategory"]) + "'") + assert str(row1["subjectcategory"]) == str( + row2["subjectcategory"]), "subject category is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected subject data password: '" + str( + row1["subjectdata"]) + "' is the same as the actual existing '" + str( + row2["subjectdata"]) + "'") + assert str(row1["subjectdata"]) == str( + row2["subjectdata"]), "subject data list is not correct!" + logger.info("assertion passed!") + + #logger.info("asserting the expected policies: '" + str( + # row1["policyname"]) + "' is the same as the actual existing '" + str( + # row2["policyname"]) + "'") + #assert str(row1["policyname"]) == str(row2["policyname"]), " policies is not correct!" + #logger.info("assertion passed!") + +# Step Definition Implementation: +# 1) Get all the existing object assignment per a given policy, object perimeter and object category by get request and put them into a table +# 2) Sort the table by object perimeter name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following object assignment should be existed in the system') +def step_impl(context): + logger.info("Then the following object assignment should be existed in the system") + model = getattr(context, "model", None) + apiresult = Table(names=('objectperimetername', 'objectcategory', 'objectdata', 'policyname'), + dtype=('S100', 'S100', 'S400', 'S100')) + for row in context.table: + if (row['policyname'] == "" or row['objectperimetername'] == ""): + response = requests.get( + apis_urls.serverURL + "policies/" + GeneralVariables.assignpolicyid[ + 'value'] + "/" + apis_urls.assignementsobjectAPI + "/" + + GeneralVariables.assignobjectperimeterid['value'] + "/" + + GeneralVariables.assignobjectcategoryid['value'], headers=apis_urls.auth_headers) + else: + response = requests.get( + apis_urls.serverURL + "policies/" + commonfunctions.get_policyid( + row['policyname']) + "/" + apis_urls.assignementsobjectAPI + "/" + + commonfunctions.get_objectperimeterid(row['objectperimetername']) + "/" + + commonfunctions.get_objectcategoryid(row['objectcategory']), headers=apis_urls.auth_headers) + + if len(response.json()[apis_urls.assignementsobjectAPI]) != 0: + for ids in dict(response.json()[apis_urls.assignementsobjectAPI]).keys(): + apipolicies = "" + apiobjectname = commonfunctions.get_objectperimetername( + response.json()[apis_urls.assignementsobjectAPI][str(ids)]['object_id']) + apiobjectcategory = commonfunctions.get_objectcategoryname( + response.json()[apis_urls.assignementsobjectAPI][str(ids)]['category_id']) + apiassignments = commonfunctions.get_objectdataname( + response.json()[apis_urls.assignementsobjectAPI][str(ids)]['assignments'], + response.json()[apis_urls.assignementsobjectAPI][str(ids)]['category_id'], + response.json()[apis_urls.assignementsobjectAPI][str(ids)]['policy_id']) + apipolicies = commonfunctions.get_policyname( + response.json()[apis_urls.assignementsobjectAPI][str(ids)]['policy_id']) + if ((row['policyname'] == "" or row['objectperimetername'] == "") and "".join(apiassignments) == ""): + apiresult.add_row(vals=("", "", "", "")) + else: + apiresult.add_row(vals=( + apiobjectname, apiobjectcategory, ",".join(apiassignments), apipolicies)) + else: + apiresult.add_row(vals=("", "", "", "")) + + apiresult.sort('objectperimetername') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected object perimeter name: '" + str( + row1["objectperimetername"]) + "' is the same as the actual existing '" + str( + row2["objectperimetername"]) + "'") + assert str(row1["objectperimetername"]) == str( + row2["objectperimetername"]), "object perimeter name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected object data description: '" + str( + row1["objectcategory"]) + "' is the same as the actual existing '" + str( + row2["objectcategory"]) + "'") + assert str(row1["objectcategory"]) == str( + row2["objectcategory"]), "object category is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected object data password: '" + str( + row1["objectdata"]) + "' is the same as the actual existing '" + str( + row2["objectdata"]) + "'") + assert str(row1["objectdata"]) == str( + row2["objectdata"]), "object data list is not correct!" + logger.info("assertion passed!") + + #logger.info("asserting the expected policies: '" + str( + # row1["policyname"]) + "' is the same as the actual existing '" + str( + # row2["policyname"]) + "'") + #assert str(row1["policyname"]) == str(row2["policyname"]), " policies is not correct!" + #logger.info("assertion passed!") + +# Step Definition Implementation: +# 1) Get all the existing action assignment per a given policy, action perimeter and action category by get request and put them into a table +# 2) Sort the table by action perimeter name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following action assignment should be existed in the system') +def step_impl(context): + logger.info("Then the following action assignment should be existed in the system") + model = getattr(context, "model", None) + apiresult = Table(names=('actionperimetername', 'actioncategory', 'actiondata', 'policyname'), + dtype=('S100', 'S100', 'S100', 'S100')) + for row in context.table: + if (row['policyname'] == "" or row['actionperimetername'] == ""): + response = requests.get( + apis_urls.serverURL + "policies/" + GeneralVariables.assignpolicyid[ + 'value'] + "/" + apis_urls.assignementsactionAPI + "/" + + GeneralVariables.assignactionperimeterid['value'] + "/" + + GeneralVariables.assignactioncategoryid['value'], headers=apis_urls.auth_headers) + else: + response = requests.get( + apis_urls.serverURL + "policies/" + commonfunctions.get_policyid( + row['policyname']) + "/" + apis_urls.assignementsactionAPI + "/" + + commonfunctions.get_actionperimeterid(row['actionperimetername']) + "/" + + commonfunctions.get_actioncategoryid(row['actioncategory']), headers=apis_urls.auth_headers) + + if len(response.json()[apis_urls.assignementsactionAPI]) != 0: + for ids in dict(response.json()[apis_urls.assignementsactionAPI]).keys(): + apipolicies = "" + apiactionname = commonfunctions.get_actionperimetername( + response.json()[apis_urls.assignementsactionAPI][str(ids)]['action_id']) + apiactioncategory = commonfunctions.get_actioncategoryname( + response.json()[apis_urls.assignementsactionAPI][str(ids)]['category_id']) + apiassignments = commonfunctions.get_actiondataname( + response.json()[apis_urls.assignementsactionAPI][str(ids)]['assignments'], + response.json()[apis_urls.assignementsactionAPI][str(ids)]['category_id'], + response.json()[apis_urls.assignementsactionAPI][str(ids)]['policy_id']) + apipolicies = commonfunctions.get_policyname( + response.json()[apis_urls.assignementsactionAPI][str(ids)]['policy_id']) + logger.info(apiassignments) + if ((row['policyname'] == "" or row['actionperimetername'] == "") and "".join(apiassignments) == ""): + apiresult.add_row(vals=("", "", "", "")) + else: + apiresult.add_row(vals=( + apiactionname, apiactioncategory, apiassignments, apipolicies)) + else: + apiresult.add_row(vals=("", "", "", "")) + + apiresult.sort('actionperimetername') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected action perimeter name: '" + str( + row1["actionperimetername"]) + "' is the same as the actual existing '" + str( + row2["actionperimetername"]) + "'") + assert str(row1["actionperimetername"]) == str( + row2["actionperimetername"]), "action perimeter name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected action data description: '" + str( + row1["actioncategory"]) + "' is the same as the actual existing '" + str( + row2["actioncategory"]) + "'") + assert str(row1["actioncategory"]) == str( + row2["actioncategory"]), "action category is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected action data password: '" + str( + row1["actiondata"]) + "' is the same as the actual existing '" + str( + row2["actiondata"]) + "'") + assert str(row1["actiondata"]) == str( + row2["actiondata"]), "action data list is not correct!" + logger.info("assertion passed!") + + #logger.info("asserting the expected policies: '" + str( + # row1["policyname"]) + "' is the same as the actual existing '" + str( + # row2["policyname"]) + "'") + #assert str(row1["policyname"]) == str(row2["policyname"]), " policies is not correct!" + #logger.info("assertion passed!") diff --git a/moon_manager/tests/func_tests/features/steps/authorization.py b/moon_manager/tests/func_tests/features/steps/authorization.py new file mode 100644 index 00000000..5fa0ebe7 --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/authorization.py @@ -0,0 +1,217 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from common_functions import * +import requests +import json +import logging +import paramiko + +apis_urls = GeneralVariables() +commonfunctions = commonfunctions() + +logger = logging.getLogger(__name__) + +# Step Definition Implementation: Incomplete Step +# 1) Connect to the server +# 2) Launch Moon Manager +# 3) Set the token in the global variables +@Given('the manager is configured') +def step_impl(context): + logger.info("\n") + logger.info("******************** Scenario: " + context.scenario.name + " ********************") + logger.info("Given the manager is configured") + api_responseflag = {'value': False} + client = paramiko.SSHClient() + client.load_system_host_keys() + # client.set_missing_host_key_policy(paramiko.WarningPolicy) + client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + client.connect(hostname=apis_urls.serverIP, port=apis_urls.serverport, username=apis_urls.serverusername, + password=apis_urls.serverpassword) + logger.info("before ") + stdin, stdout, stderr = client.exec_command( + + "sudo nohup hug -m moon_manager.server &" + " /usr/bin/python3 " + ) + #stdin, stdout, stderr = client.exec_command(" sudo /usr/local/bin/moon_manager add_user alaa00 admin") + #stdin, stdout, stderr = client.exec_command(" sudo /usr/local/bin/moon_manager get_key alaa00 admin ") + #logger.info(stdout.readlines()) + #GeneralVariables.auth_headers['X-Api-Key'] = str(stdout.readlines()) + #logger.info("token: " + str(GeneralVariables.auth_headers['X-Api-Key'])) + #logger.info("after ") + # client.close() + +# Step Definition Implementation: Incomplete Step +# 1) Get all the moon slaves +# 2) Loop on the slave by id and delete them +@Given('no slave is created') +def step_impl(context): + logger.info("\n") + logger.info("******************** Scenario: " + context.scenario.name + " ********************") + logger.info("Given no slave is created") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + response = requests.get(apis_urls.serverURL + apis_urls.getslavesAPI, headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.getslavesAPI]) != 0: + for ids in dict(response.json()[apis_urls.getslavesAPI]).keys(): + response = requests.delete(apis_urls.serverURL + apis_urls.slaveAPI + "/" + ids, + headers=headers) + +# Step Definition Implementation: +# 1) Create a slave by post request +# 2) Get the wrapper port id from the slave posting request & set it to the wrapperPort global variable +@Given('the slave is created') +def step_impl(context): + logger.info("Given the slave is created") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + data = { + 'name': "default", + 'description': "description", + 'address': "111", + } + response = requests.post(apis_urls.serverURL + apis_urls.slaveAPI, headers=headers, + data=json.dumps(data)) + slaveid = list(response.json()[apis_urls.getslavesAPI])[0] + GeneralVariables.wrapperPort['value'] = str(response.json()[apis_urls.getslavesAPI][slaveid]['extra']['port']) + +# Step Definition Implementation: Incomplete Step +# 1) Check the Pipeline is up and running +@Given('the pipeline is running') +def step_impl(context): + logger.info("Given the pipeline is running") + +# Step Definition Implementation: Incomplete Step +# 1) Connect to the server +# 2) execute the authorization curl command using the wrapperPort +@Given('the following authorization request is granted through pipeline') +def step_impl(context): + logger.info("Given the following authorization request is granted through pipeline") + api_responseflag = {'value': False} + client = paramiko.SSHClient() + client.load_system_host_keys() + client.set_missing_host_key_policy(paramiko.WarningPolicy) + client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + client.connect(hostname=apis_urls.serverIP, port=apis_urls.serverport, username=apis_urls.serverusername, + password=apis_urls.serverpassword) + for row in context.table: + logger.info("curl http://" + str( + apis_urls.serverIP) + ":" + GeneralVariables.pipelinePort['value'] + "/authz/" + str( + row["subjectperimetername"]) + "/" + str(row["objectperimetername"]) + "/" + + str(row["actionperimetername"])) + stdin, stdout, stderr = client.exec_command("curl http://" + str( + apis_urls.serverIP) + ":" + GeneralVariables.pipelinePort['value'] + "/authz/" + str( + row["subjectperimetername"]) + "/" + str(row["objectperimetername"]) + "/" + + str(row["actionperimetername"])) + logger.info(stdout.readlines()) + GeneralVariables.actual_authresponse['value'] = str(stdout.readlines()) + +# Step Definition Implementation: Incomplete Step +# 1) Connect to the server +# 2) execute the authorization curl command using the wrapperPort +@Given('the following authorization request is granted through wrapper') +def step_impl(context): + logger.info("Given the following authorization request is granted through wrapper") + api_responseflag = {'value': False} + client = paramiko.SSHClient() + client.load_system_host_keys() + client.set_missing_host_key_policy(paramiko.WarningPolicy) + client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + client.connect(hostname=apis_urls.serverIP, port=apis_urls.serverport, username=apis_urls.serverusername, + password=apis_urls.serverpassword) + for row in context.table: + logger.info("curl http://" + str( + apis_urls.serverIP) + ":" + GeneralVariables.wrapperPort['value'] + "/authz/" + str(row[ + "keystone_project_id"]) + "/" + str( + row["subjectperimetername"]) + "/" + str(row["objectperimetername"]) + "/" + + str(row["actionperimetername"])) + stdin, stdout, stderr = client.exec_command("curl http://" + str( + apis_urls.serverIP) + ":" + GeneralVariables.wrapperPort['value'] + "/authz/" + str(row[ + "keystone_project_id"]) + "/" + str( + row["subjectperimetername"]) + "/" + str(row["objectperimetername"]) + "/" + + str(row["actionperimetername"])) + logger.info(stdout.readlines()) + GeneralVariables.actual_authresponse['value'] = str(stdout.readlines()) + +# Step Definition Implementation: Incomplete Step +# 1) Connect to the server +# 2) execute the authorization curl command using the pipelinePort +# 3) set the actual_authresponse global variable with the curl response +@When('the following authorization request is sent through pipeline') +def step_impl(context): + logger.info("Given the following authorization request is sent through pipeline") + api_responseflag = {'value': False} + client = paramiko.SSHClient() + client.load_system_host_keys() + client.set_missing_host_key_policy(paramiko.WarningPolicy) + client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + client.connect(hostname=apis_urls.serverIP, port=apis_urls.serverport, username=apis_urls.serverusername, + password=apis_urls.serverpassword) + + for row in context.table: + logger.info("curl http://" + str( + apis_urls.serverIP) + ":" + GeneralVariables.pipelinePort['value'] + "/authz/" + str( + row["subjectperimetername"]) + "/" + str(row["objectperimetername"]) + "/" + + str(row["actionperimetername"])) + stdin, stdout, stderr = client.exec_command("curl http://" + str( + apis_urls.serverIP) + ":" + GeneralVariables.pipelinePort['value'] + "/authz/" + str( + row["subjectperimetername"]) + "/" + str(row["objectperimetername"]) + "/" + + str(row["actionperimetername"])) + logger.info(stdout.readlines()) + GeneralVariables.actual_authresponse['value'] = str(stdout.readlines()) + +# Step Definition Implementation: Incomplete Step +# 1) Connect to the server +# 2) execute the authorization curl command using the pipelinePort +# 3) set the actual_authresponse global variable with the curl response +@When('the following authorization request is sent through wrapper') +def step_impl(context): + logger.info("Given the following authorization request is sent through wrapper") + api_responseflag = {'value': False} + client = paramiko.SSHClient() + client.load_system_host_keys() + client.set_missing_host_key_policy(paramiko.WarningPolicy) + client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + client.connect(hostname=apis_urls.serverIP, port=apis_urls.serverport, username=apis_urls.serverusername, + password=apis_urls.serverpassword) + + for row in context.table: + logger.info("curl http://" + str( + apis_urls.serverIP) + ":" + GeneralVariables.wrapperPort['value'] + "/authz/" + str(row[ + "keystone_project_id"]) + "/" + str( + row["subjectperimetername"]) + "/" + str(row["objectperimetername"]) + "/" + + str(row["actionperimetername"])) + stdin, stdout, stderr = client.exec_command("curl http://" + str( + apis_urls.serverIP) + ":" + GeneralVariables.wrapperPort['value'] + "/authz/" + str(row[ + "keystone_project_id"]) + "/" + str( + row["subjectperimetername"]) + "/" + str(row["objectperimetername"]) + "/" + + str(row["actionperimetername"])) + logger.info(stdout.readlines()) + GeneralVariables.actual_authresponse['value'] = str(stdout.readlines()) + +# Step Definition Implementation: Untested Step +# 1) Assert that the actual authresponse is the same as the expected. +@Then('the authorization response should be the following') +def step_impl(context): + logger.info("Then the authorization response should be the following") + for row in context.table: + logger.info("asserting the expected api response: '" + row["auth_response"] + "' and the actual response: '" + + GeneralVariables.actual_authresponse['value'] + "'") + assert row["auth_response"] == GeneralVariables.actual_authresponse[ + 'value'], "Validation is not correct, Expected: " + \ + row[ + "auth_response"] + " but the API response was: " + \ + GeneralVariables.actual_authresponse['value'] + logger.info("assertion passed!") diff --git a/moon_manager/tests/func_tests/features/steps/common_functions.py b/moon_manager/tests/func_tests/features/steps/common_functions.py new file mode 100644 index 00000000..b9b9f0bc --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/common_functions.py @@ -0,0 +1,279 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from steps.Static_Variables import GeneralVariables +import requests +import json +import logging + + +logger = logging.getLogger(__name__) + +class commonfunctions: + apis_urls = GeneralVariables() + + def get_subjectcategoryid(self, subjectcategoryname): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.metadatasubjectcategoryAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.metadatasubjectcategoryAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.metadatasubjectcategoryAPI]).keys(): + if (response.json()[self.apis_urls.metadatasubjectcategoryAPI][ids]['name'] == subjectcategoryname): + return response.json()[self.apis_urls.metadatasubjectcategoryAPI][ids]['id'] + + def get_objectcategoryid(self, objectcategoryname): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.metadataobjectcategoryAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.metadataobjectcategoryAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.metadataobjectcategoryAPI]).keys(): + if (response.json()[self.apis_urls.metadataobjectcategoryAPI][ids]['name'] == objectcategoryname): + return response.json()[self.apis_urls.metadataobjectcategoryAPI][ids]['id'] + + def get_actioncategoryid(self, actioncategoryname): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.metadataactioncategoryAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.metadataactioncategoryAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.metadataactioncategoryAPI]).keys(): + if (response.json()[self.apis_urls.metadataactioncategoryAPI][ids]['name'] == actioncategoryname): + return response.json()[self.apis_urls.metadataactioncategoryAPI][ids]['id'] + + def get_metaruleid(self, metarulename): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.metarulesAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.metarulesAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.metarulesAPI]).keys(): + if (response.json()[self.apis_urls.metarulesAPI][ids]['name'] == metarulename): + return ids + + def get_modelid(self, modelname): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.modelAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.modelAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.modelAPI]).keys(): + if (response.json()[self.apis_urls.modelAPI][ids]['name'] == modelname): + return ids + + def get_policyid(self, policyname): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.policyAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.policyAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.policyAPI]).keys(): + if (response.json()[self.apis_urls.policyAPI][ids]['name'] == policyname): + return ids + + def get_subjectperimeterid(self,subjectperimeter ): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.perimetersubjectAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.perimetersubjectAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.perimetersubjectAPI]).keys(): + if (response.json()[self.apis_urls.perimetersubjectAPI][ids]['name'] == subjectperimeter): + return ids + + def get_objectperimeterid(self,objectperimeter ): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.perimeterobjectAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.perimeterobjectAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.perimeterobjectAPI]).keys(): + if (response.json()[self.apis_urls.perimeterobjectAPI][ids]['name'] == objectperimeter): + return ids + + def get_actionperimeterid(self, actionperimeter): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.perimeteractionAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.perimeteractionAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.perimeteractionAPI]).keys(): + if (response.json()[self.apis_urls.perimeteractionAPI][ids]['name'] == actionperimeter): + return ids + + def get_subjectdataid(self,subjectdataname,subjectcategoryid,policyid ): + response_data = requests.get( + self.apis_urls.serverURL + "policies/" + policyid + "/" + self.apis_urls.datasubjectAPI + "/" + subjectcategoryid,headers=self.apis_urls.auth_headers) + if(len(response_data.json()[self.apis_urls.datasubjectAPI]))!=0: + subjectdataidslist = [] + matcheddataidslist = [] + dataids=response_data.json()[self.apis_urls.datasubjectAPI][0]['data'] + for ids in dataids: + apisubjectdataid = response_data.json()[self.apis_urls.datasubjectAPI][0]['data'][str(ids)]['id'] + subjectdataidslist.append(apisubjectdataid) + + if ((str(subjectdataname)).find(",") != -1): + datanameslist = subjectdataname.split(",") + for dataname in datanameslist: + for data_id in subjectdataidslist: + if ((response_data.json()[self.apis_urls.datasubjectAPI][0]['data'][str(data_id)][ + 'name']) == dataname): + matcheddataidslist.append(data_id) + return ",".join(matcheddataidslist) + else: + for data_id in subjectdataidslist: + if (( + response_data.json()[self.apis_urls.datasubjectAPI][0]['data'][str(data_id)]['name']) == subjectdataname): + return data_id + + def get_objectdataid(self,objectdataname,objectcategoryid,policyid ): + response_data = requests.get( + self.apis_urls.serverURL + self.apis_urls.policyAPI + "/" + policyid + "/" + self.apis_urls.dataobjectAPI + "/" + objectcategoryid,headers=self.apis_urls.auth_headers) + if (len(response_data.json()[self.apis_urls.dataobjectAPI])) != 0: + objectdataidslist = [] + matcheddataidslist=[] + for ids in response_data.json()[ self.apis_urls.dataobjectAPI][0]['data']: + apiobjectdataid = response_data.json()[ self.apis_urls.dataobjectAPI][0]['data'][str(ids)]['id'] + objectdataidslist.append(apiobjectdataid) + if ((str(objectdataname)).find(",") != -1): + datanameslist = objectdataname.split(",") + for dataname in datanameslist: + for data_id in objectdataidslist: + if ((response_data.json()[self.apis_urls.dataobjectAPI][0]['data'][str(data_id)]['name']) == dataname): + matcheddataidslist.append(data_id) + return ",".join(matcheddataidslist) + + else: + for data_id in objectdataidslist: + if ((response_data.json()[self.apis_urls.dataobjectAPI][0]['data'][str(data_id)]['name']) == objectdataname): + return data_id + + def get_actiondataid(self,actiondataname,actioncategoryid,policyid ): + response_data = requests.get( + self.apis_urls.serverURL + self.apis_urls.policyAPI + "/" + policyid + "/" + self.apis_urls.dataactionAPI + "/" + actioncategoryid,headers=self.apis_urls.auth_headers) + if (len(response_data.json()[self.apis_urls.dataactionAPI])) != 0: + actiondataidslist = [] + matcheddataidslist = [] + for ids in response_data.json()[self.apis_urls.dataactionAPI][0]['data']: + apiactiondataid = response_data.json()[self.apis_urls.dataactionAPI][0]['data'][str(ids)]['id'] + actiondataidslist.append(apiactiondataid) + if ((str(actiondataname)).find(",") != -1): + datanameslist = actiondataname.split(",") + for dataname in datanameslist: + for data_id in actiondataidslist: + if ((response_data.json()[self.apis_urls.dataactionAPI][0]['data'][str(data_id)][ + 'name']) == dataname): + matcheddataidslist.append(data_id) + return ",".join(matcheddataidslist) + else: + for data_id in actiondataidslist: + if ((response_data.json()[self.apis_urls.dataactionAPI][0]['data'][str(data_id)]['name']) == actiondataname): + return data_id + + def get_subjectcategoryname(self, subjectcategoryid): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.metadatasubjectcategoryAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.metadatasubjectcategoryAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.metadatasubjectcategoryAPI]).keys(): + if (response.json()[self.apis_urls.metadatasubjectcategoryAPI][ids]['id'] == subjectcategoryid): + return response.json()[self.apis_urls.metadatasubjectcategoryAPI][ids]['name'] + + def get_objectcategoryname(self, objectcategoryid): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.metadataobjectcategoryAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.metadataobjectcategoryAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.metadataobjectcategoryAPI]).keys(): + if (response.json()[self.apis_urls.metadataobjectcategoryAPI][ids]['id'] == objectcategoryid): + return response.json()[self.apis_urls.metadataobjectcategoryAPI][ids]['name'] + + def get_actioncategoryname(self, actioncategoryid): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.metadataactioncategoryAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.metadataactioncategoryAPI]) != 0: + for ids in dict(response.json()[self.apis_urls.metadataactioncategoryAPI]).keys(): + if (response.json()[self.apis_urls.metadataactioncategoryAPI][ids]['id'] == actioncategoryid): + return response.json()[self.apis_urls.metadataactioncategoryAPI][ids]['name'] + + def get_metarulename(self, metaruleid): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.metarulesAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.metarulesAPI]) != 0: + for id in dict(response.json()[self.apis_urls.metarulesAPI]).keys(): + if (id == metaruleid): + return response.json()[self.apis_urls.metarulesAPI][id]['name'] + + def get_modelname(self, modelid): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.modelAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.modelAPI]) != 0: + for id in dict(response.json()[self.apis_urls.modelAPI]).keys(): + if (id == modelid): + return response.json()[self.apis_urls.modelAPI][id]['name'] + + def get_policyname(self, policyid): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.policyAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.policyAPI]) != 0: + for id in dict(response.json()[self.apis_urls.policyAPI]).keys(): + if (id == policyid): + return response.json()[self.apis_urls.policyAPI][id]['name'] + + def get_subjectperimetername(self, subjectperimeterid): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.perimetersubjectAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.perimetersubjectAPI]) != 0: + for id in dict(response.json()[self.apis_urls.perimetersubjectAPI]).keys(): + if (id == subjectperimeterid): + return response.json()[self.apis_urls.perimetersubjectAPI][id]['name'] + + def get_objectperimetername(self, objectperimeterid): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.perimeterobjectAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.perimeterobjectAPI]) != 0: + for id in dict(response.json()[self.apis_urls.perimeterobjectAPI]).keys(): + if (id == objectperimeterid): + return response.json()[self.apis_urls.perimeterobjectAPI][id]['name'] + + def get_actionperimetername(self, actionperimeterid): + response = requests.get(self.apis_urls.serverURL + self.apis_urls.perimeteractionAPI,headers=self.apis_urls.auth_headers) + if len(response.json()[self.apis_urls.perimeteractionAPI]) != 0: + for id in dict(response.json()[self.apis_urls.perimeteractionAPI]).keys(): + if (id == actionperimeterid): + return response.json()[self.apis_urls.perimeteractionAPI][id]['name'] + + def get_subjectdataname(self, subjectdataids, subjectcategoryid, policyid): + subjectdatanames=[] + for subjectdataid in subjectdataids: + response_data = requests.get( + self.apis_urls.serverURL + "policies/" + policyid + "/" + self.apis_urls.datasubjectAPI + "/" + subjectcategoryid+"/"+subjectdataid,headers=self.apis_urls.auth_headers) + + subjectdataidslist = [] + if(response_data.status_code==200): + for ids in response_data.json()[self.apis_urls.datasubjectAPI][0]['data']: + apisubjectdataid = response_data.json()[self.apis_urls.datasubjectAPI][0]['data'][str(ids)]['id'] + subjectdataidslist.append(apisubjectdataid) + + for data_id in subjectdataidslist: + if (str((response_data.json()[self.apis_urls.datasubjectAPI][0]['data'][str(data_id)][ + 'id'])) == subjectdataid): + subjectdatanames.append(str(response_data.json()[self.apis_urls.datasubjectAPI][0]['data'][str(data_id)]['name'])) + else: + subjectdataidslist = "" + return subjectdatanames + + def get_objectdataname(self, objectdataids, objectcategoryid, policyid): + objectdatanames = [] + for objectdataid in objectdataids: + response_data = requests.get( + self.apis_urls.serverURL + "policies/" + policyid + "/" + self.apis_urls.dataobjectAPI + "/" + objectcategoryid + "/" + objectdataid,headers=self.apis_urls.auth_headers) + objectdataidslist = [] + if (response_data.status_code == 200): + for ids in response_data.json()[self.apis_urls.dataobjectAPI][0]['data']: + apiobjectdataid = response_data.json()[self.apis_urls.dataobjectAPI][0]['data'][str(ids)]['id'] + objectdataidslist.append(apiobjectdataid) + for data_id in objectdataidslist: + if (str((response_data.json()[self.apis_urls.dataobjectAPI][0]['data'][str(data_id)][ + 'id'])) == objectdataid): + objectdatanames.append( + str(response_data.json()[self.apis_urls.dataobjectAPI][0]['data'][str(data_id)]['name'])) + else: + objectdataidslist = "" + return objectdatanames + + def get_actiondataname(self, actiondataids, actioncategoryid, policyid): + actiondatanames = [] + for actiondataid in actiondataids: + response_data = requests.get( + self.apis_urls.serverURL + "policies/" + policyid + "/" + self.apis_urls.dataactionAPI + "/" + actioncategoryid + "/" + actiondataid,headers=self.apis_urls.auth_headers) + #logger.info(response_data.json()[self.apis_urls.dataactionAPI][0]) + + actiondataidslist = [] + if (response_data.status_code == 200): + for ids in response_data.json()[self.apis_urls.dataactionAPI][0]['data']: + apiactiondataid = response_data.json()[self.apis_urls.dataactionAPI][0]['data'][str(ids)]['id'] + actiondataidslist.append(apiactiondataid) + logging.info(actiondataidslist) + for data_id in actiondataidslist: + if (str((response_data.json()[self.apis_urls.dataactionAPI][0]['data'][str(data_id)][ + 'id'])) == actiondataid): + actiondatanames.append( + str(response_data.json()[self.apis_urls.dataactionAPI][0]['data'][str(data_id)]['name'])) + else: + actiondataidslist = "" + return actiondatanames
\ No newline at end of file diff --git a/moon_manager/tests/func_tests/features/steps/data.py b/moon_manager/tests/func_tests/features/steps/data.py new file mode 100644 index 00000000..67d743c2 --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/data.py @@ -0,0 +1,629 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from astropy.table import Table, Column +from common_functions import * +import requests +import json +import logging + +apis_urls = GeneralVariables() +commonfunctions = commonfunctions() + +logger = logging.getLogger(__name__) + +# Step Definition Implementation: +# 1) Get all the existing subject meta data in the system by getting the policies then their models then the model attached meta rules and then the categories +# 2) Get subject data using both the policy id & the category id +# 3) Loop by data id and delete it +@Given('the system has no subject data') +def step_impl(context): + logger.info("Given the system has no subject data") + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response_policies = requests.get(apis_urls.serverURL + apis_urls.policyAPI,headers=apis_urls.auth_headers) + if len(response_policies.json()[apis_urls.policyAPI]) != 0: + for policies_ids in dict(response_policies.json()[apis_urls.policyAPI]).keys(): + subjectcategoryidslist = [] + modelid = response_policies.json()[apis_urls.policyAPI][policies_ids]['model_id'] + if (modelid != None and modelid != ""): + metaruleslist = \ + requests.get(apis_urls.serverURL + apis_urls.modelAPI,headers=apis_urls.auth_headers).json()[apis_urls.modelAPI][modelid][ + 'meta_rules'] + for metarule_ids in metaruleslist: + categorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI,headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metarule_ids]['subject_categories'] + for categoryid in categorieslist: + if (categoryid not in subjectcategoryidslist): + subjectcategoryidslist.append(categoryid) + + for categoryid in subjectcategoryidslist: + response_data = requests.get( + apis_urls.serverURL + apis_urls.policyAPI + "/" + policies_ids + "/" + apis_urls.datasubjectAPI + "/" + categoryid,headers=apis_urls.auth_headers) + for ids in response_data.json()[apis_urls.datasubjectAPI][0]['data']: + data_id = response_data.json()[apis_urls.datasubjectAPI][0]['data'][str(ids)]['id'] + requests.delete( + apis_urls.serverURL + apis_urls.policyAPI + "/" + policies_ids + "/" + apis_urls.datasubjectAPI + "/" + categoryid + "/" + data_id, + headers=headers) + +# Step Definition Implementation: +# 1) Post subject data using the policy id & the category id +@Given('the following subject data exists') +def step_impl(context): + logger.info("Given the following subject data exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "subject data name: '" + row["subjectdataname"] + "' subject data description: '" + row[ + "subjectdatadescription"] + "' and subject category: '" + row[ + "subjectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['policyname']) > 25): + policies_id = row['policyname'] + else: + policies_id = commonfunctions.get_policyid(row['policyname']) + + if (len(row['subjectcategory']) > 25): + categories_id = row['subjectcategory'] + else: + categories_id = commonfunctions.get_subjectcategoryid(row['subjectcategory']) + + data = { + 'name': row["subjectdataname"], + 'description': row["subjectdatadescription"], + + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.datasubjectAPI + "/" + str( + categories_id), headers=headers, data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Get all the existing object meta data in the system by getting the policies then their models then the model attached meta rules and then the categories +# 2) Get object data using both the policy id & the category id +# 3) Loop by data id and delete it +@Given('the system has no object data') +def step_impl(context): + logger.info("Given the system has no object data") + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response_policies = requests.get(apis_urls.serverURL + apis_urls.policyAPI,headers=apis_urls.auth_headers) + if len(response_policies.json()[apis_urls.policyAPI]) != 0: + for policies_ids in dict(response_policies.json()[apis_urls.policyAPI]).keys(): + objectcategoryidslist = [] + modelid = response_policies.json()[apis_urls.policyAPI][policies_ids]['model_id'] + if (modelid != None and modelid != ""): + metaruleslist = \ + requests.get(apis_urls.serverURL + apis_urls.modelAPI,headers=apis_urls.auth_headers).json()[apis_urls.modelAPI][modelid][ + 'meta_rules'] + for metarule_ids in metaruleslist: + for categoryid in \ + (requests.get(apis_urls.serverURL + apis_urls.metarulesAPI,headers=apis_urls.auth_headers)).json()[apis_urls.metarulesAPI][ + metarule_ids][ + 'object_categories']: + if (categoryid not in objectcategoryidslist): + objectcategoryidslist.append(categoryid) + + for categoryid in objectcategoryidslist: + response_data = requests.get( + apis_urls.serverURL + apis_urls.policyAPI + "/" + policies_ids + "/" + apis_urls.dataobjectAPI + "/" + categoryid,headers=apis_urls.auth_headers) + for ids in response_data.json()[apis_urls.dataobjectAPI][0]['data']: + data_id = response_data.json()[apis_urls.dataobjectAPI][0]['data'][str(ids)]['id'] + requests.delete( + apis_urls.serverURL + apis_urls.policyAPI + "/" + policies_ids + "/" + apis_urls.dataobjectAPI + "/" + categoryid + "/" + data_id, + headers=headers) + +# Step Definition Implementation: +# 1) Post object data using the policy id & the category id +@Given('the following object data exists') +def step_impl(context): + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "subject data name: '" + row["objectdataname"] + "' object data description: '" + row[ + "objectdatadescription"] + "' and object category: '" + row[ + "objectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['policyname']) > 25): + policies_id = row['policyname'] + else: + policies_id = commonfunctions.get_policyid(row['policyname']) + + if (len(row['objectcategory']) > 25): + categories_id = row['objectcategory'] + else: + categories_id = commonfunctions.get_objectcategoryid(row['objectcategory']) + + data = { + 'name': row["objectdataname"], + 'description': row["objectdatadescription"], + + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.dataobjectAPI + "/" + str( + categories_id), headers=headers, data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Get all the existing action meta data in the system by getting the policies then their models then the model attached meta rules and then the categories +# 2) Get action data using both the policy id & the category id +# 3) Loop by data id and delete it +@Given('the system has no action data') +def step_impl(context): + logger.info("Given the system has no action data") + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + actioncategoryidslist = [] + response_policies = requests.get(apis_urls.serverURL + apis_urls.policyAPI,headers=apis_urls.auth_headers) + if len(response_policies.json()[apis_urls.policyAPI]) != 0: + for policies_ids in dict(response_policies.json()[apis_urls.policyAPI]).keys(): + actioncategoryidslist = [] + modelid = response_policies.json()[apis_urls.policyAPI][policies_ids]['model_id'] + if (modelid != None and modelid != ""): + metaruleslist = \ + requests.get(apis_urls.serverURL + apis_urls.modelAPI,headers=apis_urls.auth_headers).json()[apis_urls.modelAPI][modelid][ + 'meta_rules'] + for metarule_ids in metaruleslist: + for categoryid in \ + (requests.get(apis_urls.serverURL + apis_urls.metarulesAPI,headers=apis_urls.auth_headers)).json()[apis_urls.metarulesAPI][ + metarule_ids][ + 'action_categories']: + if (categoryid not in actioncategoryidslist): + actioncategoryidslist.append(categoryid) + + for categoryid in actioncategoryidslist: + response_data = requests.get( + apis_urls.serverURL + apis_urls.policyAPI + "/" + policies_ids + "/" + apis_urls.dataactionAPI + "/" + categoryid,headers=apis_urls.auth_headers) + for ids in response_data.json()[apis_urls.dataactionAPI][0]['data']: + data_id = response_data.json()[apis_urls.dataactionAPI][0]['data'][str(ids)]['id'] + requests.delete( + apis_urls.serverURL + apis_urls.policyAPI + "/" + policies_ids + "/" + apis_urls.dataactionAPI + "/" + categoryid + "/" + data_id, + headers=headers) + +# Step Definition Implementation: +# 1) Post action data using the policy id & the category id +@Given('the following action data exists') +def step_impl(context): + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "subject data name: '" + row["actiondataname"] + "' action data description: '" + row[ + "actiondatadescription"] + "' and action category: '" + row[ + "actioncategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['policyname']) > 25): + policies_id = row['policyname'] + else: + policies_id = commonfunctions.get_policyid(row['policyname']) + + if (len(row['actioncategory']) > 25): + categories_id = row['actioncategory'] + else: + categories_id = commonfunctions.get_actioncategoryid(row['actioncategory']) + + data = { + 'name': row["actiondataname"], + 'description': row["actiondatadescription"], + + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.dataactionAPI + "/" + str( + categories_id), headers=headers, data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Add subject data using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following subject data') +def step_impl(context): + logger.info("When the user sets to add the following subject data") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "subject data name: '" + row["subjectdataname"] + "' subject data description: '" + row[ + "subjectdatadescription"] + "' and subject category: '" + row[ + "subjectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['policyname']) > 25): + policies_id = row['policyname'] + else: + policies_id = commonfunctions.get_policyid(row['policyname']) + + if (len(row['subjectcategory']) > 25): + categories_id = row['subjectcategory'] + else: + categories_id = commonfunctions.get_subjectcategoryid(row['subjectcategory']) + + data = { + 'name': row["subjectdataname"], + 'description': row["subjectdatadescription"], + + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.datasubjectAPI + "/" + str( + categories_id), headers=headers, data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Delete subject data by policy id, subject data id, subject category id +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following subject data') +def step_impl(context): + logging.info("When the user sets to delete the following subject data") + + model = getattr(context, "model", None) + for row in context.table: + + logger.info("subject data name:'" + row["subjectdataname"] + "' and subject category name:'" + row[ + "subjectcategory"] + "' and policy name:'" + row["policyname"] + "'") + + policies_id = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response_data = requests.delete( + apis_urls.serverURL + apis_urls.policyAPI + "/" + commonfunctions.get_policyid(row[ + "policyname"]) + "/" + apis_urls.datasubjectAPI + "/" + commonfunctions.get_subjectcategoryid( + row["subjectcategory"]) + "/" + commonfunctions.get_subjectdataid(row["subjectdataname"], + commonfunctions.get_subjectcategoryid( + row["subjectcategory"]), + commonfunctions.get_policyid( + row["policyname"])), + headers=headers) + + if response_data.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Add object data using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following object data') +def step_impl(context): + logger.info("When the user sets to add the following object data") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "object data name: '" + row["objectdataname"] + "' object data description: '" + row[ + "objectdatadescription"] + "' and object category: '" + row[ + "objectcategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_list = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['policyname']) > 25): + policies_id = row['policyname'] + else: + policies_id = commonfunctions.get_policyid(row['policyname']) + + if (len(row['objectcategory']) > 25): + categories_id = row['objectcategory'] + else: + categories_id = commonfunctions.get_objectcategoryid(row['objectcategory']) + + data = { + 'name': row["objectdataname"], + 'description': row["objectdatadescription"], + } + + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.dataobjectAPI + "/" + str( + categories_id), headers=headers, data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Delete object data by policy id, object data id, object category id +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following object data') +def step_impl(context): + logging.info("When the user sets to delete the following object data") + model = getattr(context, "model", None) + for row in context.table: + + logger.info("object data name:'" + row["objectdataname"] + "' and object category name:'" + row[ + "objectcategory"] + "' and policy name:'" + row["policyname"] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response_data = requests.delete( + apis_urls.serverURL + apis_urls.policyAPI + "/" + commonfunctions.get_policyid(row[ + "policyname"]) + "/" + apis_urls.dataobjectAPI + "/" + commonfunctions.get_objectcategoryid( + row["objectcategory"]) + "/" + commonfunctions.get_objectdataid(row["objectdataname"], + commonfunctions.get_objectcategoryid( + row["objectcategory"]), + commonfunctions.get_policyid( + row["policyname"])), + headers=headers) + + if response_data.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Add action data using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following action data') +def step_impl(context): + logger.info("When the user sets to add the following action data") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "action data name: '" + row["actiondataname"] + "' action data description: '" + row[ + "actiondatadescription"] + "' and action category: '" + row[ + "actioncategory"] + "' and policies: '" + row['policyname'] + "'") + + policies_id = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['policyname']) > 25): + policies_id = row['policyname'] + else: + policies_id = commonfunctions.get_policyid(row['policyname']) + + if (len(row['actioncategory']) > 25): + categories_id = row['actioncategory'] + else: + categories_id = commonfunctions.get_actioncategoryid(row['actioncategory']) + + data = { + 'name': row["actiondataname"], + 'description': row["actiondatadescription"], + + } + response = requests.post( + apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.dataactionAPI + "/" + str( + categories_id), headers=headers, data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Delete action data by policy id, action data id, action category id +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following action data') +def step_impl(context): + logging.info("When the user sets to delete the following action data") + model = getattr(context, "model", None) + for row in context.table: + + logger.info("action data name:'" + row["actiondataname"] + "' and action category name:'" + row[ + "actioncategory"] + "' and policy name:'" + row["policyname"] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response_data = requests.delete( + apis_urls.serverURL + apis_urls.policyAPI + "/" + commonfunctions.get_policyid(row[ + "policyname"]) + "/" + apis_urls.dataactionAPI + "/" + commonfunctions.get_actioncategoryid( + row["actioncategory"]) + "/" + commonfunctions.get_actiondataid(row["actiondataname"], + commonfunctions.get_actioncategoryid( + row["actioncategory"]), + commonfunctions.get_policyid( + row["policyname"])), + headers=headers) + + if response_data.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the existing subject data by get request and put them into a table +# 2) Sort the table by policy name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following subject data should be existed in the system') +def step_impl(context): + logger.info("Then the following subject data should be existed in the system") + model = getattr(context, "model", None) + apiresult = Table(names=('subjectdataname', 'subjectdatadescription', 'subjectcategory', 'policyname'), + dtype=('S100', 'S100', 'S100', 'S100')) + for row in context.table: + if (row['policyname'] != ""): + response = requests.get( + apis_urls.serverURL + "policies/" + commonfunctions.get_policyid( + row['policyname']) + "/" + apis_urls.datasubjectAPI + "/" + + commonfunctions.get_subjectcategoryid(row['subjectcategory']),headers=apis_urls.auth_headers) + + if len(response.json()[apis_urls.datasubjectAPI]) != 0: + for ids in response.json()[apis_urls.datasubjectAPI][0]['data']: + apipolicies = "" + apisubjectdataname = response.json()[apis_urls.datasubjectAPI][0]['data'][str(ids)]['name'] + apisubjectdatadescription = response.json()[apis_urls.datasubjectAPI][0]['data'][str(ids)][ + 'description'] + apisubjectcategory = commonfunctions.get_subjectcategoryname( + response.json()[apis_urls.datasubjectAPI][0]['data'][str(ids)]['category_id']) + apipolicies = commonfunctions.get_policyname( + response.json()[apis_urls.datasubjectAPI][0]['data'][str(ids)]['policy_id']) + apiresult.add_row(vals=( + apisubjectdataname, apisubjectdatadescription, apisubjectcategory, apipolicies)) + else: + apiresult.add_row(vals=("", "", "", "")) + + else: + apiresult.add_row(vals=("", "", "", "")) + + apiresult.sort('policyname') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected subject data name: '" + str( + row1["subjectdataname"]) + "' is the same as the actual existing '" + str( + row2["subjectdataname"]) + "'") + assert str(row1["subjectdataname"]) == str(row2["subjectdataname"]), "subject data name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected subject data description: '" + str( + row1["subjectdatadescription"]) + "' is the same as the actual existing '" + str( + row2["subjectdatadescription"]) + "'") + assert str(row1["subjectdatadescription"]) == str( + row2["subjectdatadescription"]), "subject data description is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected subject data password: '" + str( + row1["subjectcategory"]) + "' is the same as the actual existing '" + str( + row2["subjectcategory"]) + "'") + assert str(row1["subjectcategory"]) == str( + row2["subjectcategory"]), "subject category is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected policies: '" + str( + row1["policyname"]) + "' is the same as the actual existing '" + str( + row2["policyname"]) + "'") + assert str(row1["policyname"]) == str(row2["policyname"]), " policies is not correct!" + logger.info("assertion passed!") + +# Step Definition Implementation: +# 1) Get all the existing object data by get request and put them into a table +# 2) Sort the table by policy name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following object data should be existed in the system') +def step_impl(context): + logger.info("Then the following object data should be existed in the system") + model = getattr(context, "model", None) + apiresult = Table(names=('objectdataname', 'objectdatadescription', 'objectcategory', 'policyname'), + dtype=('S100', 'S100', 'S100', 'S100')) + + for row in context.table: + if (row['policyname'] != ""): + response = requests.get( + apis_urls.serverURL + "policies/" + commonfunctions.get_policyid( + row['policyname']) + "/" + apis_urls.dataobjectAPI + "/" + + commonfunctions.get_objectcategoryid(row['objectcategory']),headers=apis_urls.auth_headers) + + if len(response.json()[apis_urls.dataobjectAPI]) != 0: + for ids in response.json()[apis_urls.dataobjectAPI][0]['data']: + apipolicies = "" + apiobjectdataname = response.json()[apis_urls.dataobjectAPI][0]['data'][str(ids)]['name'] + apiobjectdatadescription = response.json()[apis_urls.dataobjectAPI][0]['data'][str(ids)][ + 'description'] + apiobjectcategory = commonfunctions.get_objectcategoryname( + response.json()[apis_urls.dataobjectAPI][0]['data'][str(ids)]['category_id']) + apipolicies = commonfunctions.get_policyname( + response.json()[apis_urls.dataobjectAPI][0]['data'][str(ids)]['policy_id']) + + apiresult.add_row(vals=( + apiobjectdataname, apiobjectdatadescription, apiobjectcategory, apipolicies)) + else: + apiresult.add_row(vals=("", "", "", "")) + else: + apiresult.add_row(vals=("", "", "", "")) + + apiresult.sort('policyname') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected object data name: '" + str( + row1["objectdataname"]) + "' is the same as the actual existing '" + str( + row2["objectdataname"]) + "'") + assert str(row1["objectdataname"]) == str(row2["objectdataname"]), "subject data name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected object data description: '" + str( + row1["objectdatadescription"]) + "' is the same as the actual existing '" + str( + row2["objectdatadescription"]) + "'") + assert str(row1["objectdatadescription"]) == str( + row2["objectdatadescription"]), "object data description is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected object data category: '" + str( + row1["objectcategory"]) + "' is the same as the actual existing '" + str( + row2["objectcategory"]) + "'") + assert str(row1["objectcategory"]) == str( + row2["objectcategory"]), "object category is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected policies: '" + str( + row1["policyname"]) + "' is the same as the actual existing '" + str( + row2["policyname"]) + "'") + assert str(row1["policyname"]) == str(row2["policyname"]), " policies is not correct!" + logger.info("assertion passed!") + +# Step Definition Implementation: +# 1) Get all the existing action data by get request and put them into a table +# 2) Sort the table by policy name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following action data should be existed in the system') +def step_impl(context): + logger.info("Then the following action data should be existed in the system") + model = getattr(context, "model", None) + apiresult = Table(names=('actiondataname', 'actiondatadescription', 'actioncategory', 'policyname'), + dtype=('S100', 'S100', 'S100', 'S100')) + for row in context.table: + if (row['policyname'] != ""): + response = requests.get( + apis_urls.serverURL + "policies/" + commonfunctions.get_policyid( + row['policyname']) + "/" + apis_urls.dataactionAPI + "/" + + commonfunctions.get_actioncategoryid(row['actioncategory']),headers=apis_urls.auth_headers) + + if len(response.json()[apis_urls.dataactionAPI]) != 0: + for ids in response.json()[apis_urls.dataactionAPI][0]['data']: + apipolicies = "" + apiactiondataname = response.json()[apis_urls.dataactionAPI][0]['data'][str(ids)]['name'] + apiactiondatadescription = response.json()[apis_urls.dataactionAPI][0]['data'][str(ids)][ + 'description'] + apiactioncategory = commonfunctions.get_actioncategoryname( + response.json()[apis_urls.dataactionAPI][0]['data'][str(ids)]['category_id']) + apipolicies = commonfunctions.get_policyname( + response.json()[apis_urls.dataactionAPI][0]['data'][str(ids)]['policy_id']) + + apiresult.add_row(vals=( + apiactiondataname, apiactiondatadescription, apiactioncategory, apipolicies)) + else: + apiresult.add_row(vals=("", "", "", "")) + + else: + apiresult.add_row(vals=("", "", "", "")) + apiresult.sort('policyname') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected action data name: '" + str( + row1["actiondataname"]) + "' is the same as the actual existing '" + str( + row2["actiondataname"]) + "'") + assert str(row1["actiondataname"]) == str(row2["actiondataname"]), "action data name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected action data description: '" + str( + row1["actiondatadescription"]) + "' is the same as the actual existing '" + str( + row2["actiondatadescription"]) + "'") + assert str(row1["actiondatadescription"]) == str( + row2["actiondatadescription"]), "action data description is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected action data category: '" + str( + row1["actioncategory"]) + "' is the same as the actual existing '" + str( + row2["actioncategory"]) + "'") + assert str(row1["actioncategory"]) == str( + row2["actioncategory"]), "action category is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected policies: '" + str( + row1["policyname"]) + "' is the same as the actual existing '" + str( + row2["policyname"]) + "'") + assert str(row1["policyname"]) == str(row2["policyname"]), " policies is not correct!" + logger.info("assertion passed!") diff --git a/moon_manager/tests/func_tests/features/steps/meta_data.py b/moon_manager/tests/func_tests/features/steps/meta_data.py new file mode 100644 index 00000000..b2a6d02c --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/meta_data.py @@ -0,0 +1,394 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from astropy.table import Table, Column +from common_functions import * +import requests +import json +import logging + +apis_urls = GeneralVariables() +api_subjectcategory = {'name': "", 'description': ""} +api_objectcategory = {'name': "", 'description': ""} +api_actioncategory = {'name': "", 'description': ""} + +logger = logging.getLogger(__name__) + + +# Step Definition Implementation: +# 1) Get all the existing subject meta data in the system +# 2) Loop by id and delete them +@Given('the system has no subject categories') +def step_impl(context): + logger.info("Given the system has no subject categories") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response = requests.get(apis_urls.serverURL + apis_urls.metadatasubjectcategoryAPI, headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.metadatasubjectcategoryAPI]) != 0: + for ids in dict(response.json()[apis_urls.metadatasubjectcategoryAPI]).keys(): + response = requests.delete(apis_urls.serverURL + apis_urls.metadatasubjectcategoryAPI + "/" + ids, + headers=headers) + +# Step Definition Implementation: +# 1) Get all the existing action meta data in the system +# 2) Loop by id and delete them +@Given('the system has no action categories') +def step_impl(context): + logger.info("Given the system has no action categories") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response = requests.get(apis_urls.serverURL + apis_urls.metadataactioncategoryAPI, headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.metadataactioncategoryAPI]) != 0: + for ids in dict(response.json()[apis_urls.metadataactioncategoryAPI]).keys(): + response = requests.delete(apis_urls.serverURL + apis_urls.metadataactioncategoryAPI + "/" + ids, + headers=headers) + + +# Step Definition Implementation: +# 1) Get all the existing object meta data in the system +# 2) Loop by id and delete them +@Given('the system has no object categories') +def step_impl(context): + logger.info("Given the system has no object categories") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response = requests.get(apis_urls.serverURL + apis_urls.metadataobjectcategoryAPI, headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.metadataobjectcategoryAPI]) != 0: + for ids in dict(response.json()[apis_urls.metadataobjectcategoryAPI]).keys(): + response = requests.delete(apis_urls.serverURL + apis_urls.metadataobjectcategoryAPI + "/" + ids, + headers=headers) + + + +# Step Definition Implementation: +# 1) Insert subject meta data using the post request +@Given('the following meta data subject category exists') +def step_impl(context): + logger.info("Given the following meta data subject category exists") + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + data = { + 'name': row["subjectmetadataname"], + 'description': row["subjectmetadatadescription"], + } + logger.info( + "subject category name: '" + row["subjectmetadataname"] + "' and subject category description: '" + row[ + "subjectmetadatadescription"] + "'") + response = requests.post(apis_urls.serverURL + apis_urls.metadatasubjectcategoryAPI, headers=headers, + data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Insert object meta data using the post request +@Given('the following meta data object category exists') +def step_impl(context): + logger.info("Given the following meta data object category exists") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + data = { + 'name': row["objectmetadataname"], + 'description': row["objectmetadatadescription"], + } + logger.info( + "object category name: '" + row["objectmetadataname"] + "' and object category description: '" + row[ + "objectmetadatadescription"] + "'") + response = requests.post(apis_urls.serverURL + apis_urls.metadataobjectcategoryAPI, headers=headers, + data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Insert action meta data using the post request +@Given('the following meta data action category exists') +def step_impl(context): + logger.info("Given the following meta data action category exists") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + data = { + 'name': row["actionmetadataname"], + 'description': row["actionmetadatadescription"], + } + logger.info( + "action category name: '" + row["actionmetadataname"] + "' and action category description: '" + row[ + "actionmetadatadescription"] + "'") + response = requests.post(apis_urls.serverURL + apis_urls.metadataactioncategoryAPI, headers=headers, + data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Add subject meta data using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following meta data subject category') +def step_impl(context): + logger.info("When the user sets to add the following meta data subject category") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + data = { + 'name': row["subjectmetadataname"], + 'description': row["subjectmetadatadescription"], + } + logger.info( + "subject category name: '" + row["subjectmetadataname"] + "' and subject category description: '" + row[ + "subjectmetadatadescription"] + "'") + + response = requests.post(apis_urls.serverURL + apis_urls.metadatasubjectcategoryAPI, headers=headers, + data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + + +# Step Definition Implementation: +# 1) Get all the subject meta data by get request +# 2) Loop by ids and search for the matching subject meta data by name and delete it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following meta data subject category') +def step_impl(context): + logger.info("When the user sets to delete the following meta data subject category") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + logger.info("subject category name: '" + row["subjectmetadataname"] + "'") + + response = requests.get(apis_urls.serverURL + apis_urls.metadatasubjectcategoryAPI, + headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.metadatasubjectcategoryAPI]).keys(): + if (response.json()[apis_urls.metadatasubjectcategoryAPI][ids]['name'] == row["subjectmetadataname"]): + response = requests.delete(apis_urls.serverURL + apis_urls.metadatasubjectcategoryAPI + "/" + ids, + headers=headers) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Add object meta data using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following meta data object category') +def step_impl(context): + logger.info("When the user sets to add the following meta data object category") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + data = { + 'name': row["objectmetadataname"], + 'description': row["objectmetadatadescription"], + } + logger.info( + "object category Name: '" + row["objectmetadataname"] + "' and object category description: '" + row[ + "objectmetadatadescription"] + "''") + response = requests.post(apis_urls.serverURL + apis_urls.metadataobjectcategoryAPI, headers=headers, + data=json.dumps(data)) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the object meta data by get request +# 2) Loop by ids and search for the matching object meta data by name and delete it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following meta data object category') +def step_impl(context): + logger.info("When the user sets to delete the following meta data object category") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + logger.info("object category name: '" + row["objectmetadataname"] + "'") + + response = requests.get(apis_urls.serverURL + apis_urls.metadataobjectcategoryAPI, + headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.metadataobjectcategoryAPI]).keys(): + if (response.json()[apis_urls.metadataobjectcategoryAPI][ids]['name'] == row["objectmetadataname"]): + response = requests.delete(apis_urls.serverURL + apis_urls.metadataobjectcategoryAPI + "/" + ids, + headers=headers) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Add subject meta data using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following meta data action category') +def step_impl(context): + logger.info("When the user sets to add the following meta data action category") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + data = { + 'name': row["actionmetadataname"], + 'description': row["actionmetadatadescription"], + } + logger.info( + "action category name: '" + row["actionmetadataname"] + "' and action category description: '" + row[ + "actionmetadatadescription"] + "'") + + response = requests.post(apis_urls.serverURL + apis_urls.metadataactioncategoryAPI, headers=headers, + data=json.dumps(data)) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the action meta data by get request +# 2) Loop by ids and search for the matching action meta data by name and delete it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following meta data action category') +def step_impl(context): + logger.info("When the user sets to delete the following meta data action category") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + logger.info("action category name: '" + row["actionmetadataname"] + "'") + + response = requests.get(apis_urls.serverURL + apis_urls.metadataactioncategoryAPI, + headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.metadataactioncategoryAPI]).keys(): + # logger.info(ids) + if (response.json()[apis_urls.metadataactioncategoryAPI][ids]['name'] == row["actionmetadataname"]): + response = requests.delete(apis_urls.serverURL + apis_urls.metadataactioncategoryAPI + "/" + ids, + headers=headers) + # logger.info(response.status_code) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the existing subject meta data by get request and put them into a table +# 2) Loop using both the expected and actual tables and assert the data row by row +@Then('the following meta data subject category should be existed in the system') +def step_impl(context): + logger.info("Then the following meta data subject category should be existed in the system") + + model = getattr(context, "model", None) + response = requests.get(apis_urls.serverURL + apis_urls.metadatasubjectcategoryAPI, headers=apis_urls.auth_headers) + apiresult = Table(names=('subjectcategoryname', 'subjectcategorydescription'), dtype=('S100', 'S100')) + if len(response.json()[apis_urls.metadatasubjectcategoryAPI]) != 0: + for ids in dict(response.json()[apis_urls.metadatasubjectcategoryAPI]).keys(): + apisubjectcategoryname = response.json()[apis_urls.metadatasubjectcategoryAPI][ids]['name'] + apisubjectcategorydescription = response.json()[apis_urls.metadatasubjectcategoryAPI][ids]['description'] + apiresult.add_row(vals=(apisubjectcategoryname, apisubjectcategorydescription)) + else: + apiresult.add_row(vals=("", "")) + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected subject category name: '" + str( + row1["subjectmetadataname"]) + "' is the same as the actual existing '" + str( + row2["subjectcategoryname"]) + "'") + assert str(row1["subjectmetadataname"]) == str( + row2["subjectcategoryname"]), "subject category name is not correct!" + logger.info("assertion passed!") + logger.info("asserting the expected subject category description: '" + str( + row1["subjectmetadatadescription"]) + "' is the same as the actual existing '" + str( + row2["subjectcategorydescription"]) + "'") + assert str(row1["subjectmetadatadescription"]) == str( + row2["subjectcategorydescription"]), "Subject meta-data category description is not correct!" + logger.info("assertion passed!") + +# Step Definition Implementation: +# 1) Get all the existing object meta data by get request and put them into a table +# 2) Loop using both the expected and actual tables and assert the data row by row +@Then('the following meta data object category should be existed in the system') +def step_impl(context): + model = getattr(context, "model", None) + logger.info("Then the following meta data object category should be existed in the system") + response = requests.get(apis_urls.serverURL + apis_urls.metadataobjectcategoryAPI, headers=apis_urls.auth_headers) + apiresult = Table(names=('objectcategoryname', 'objectcategorydescription'), dtype=('S100', 'S100')) + + if len(response.json()[apis_urls.metadataobjectcategoryAPI]) != 0: + for ids in dict(response.json()[apis_urls.metadataobjectcategoryAPI]).keys(): + apiobjectcategoryname = response.json()[apis_urls.metadataobjectcategoryAPI][ids]['name'] + apiobjectcategorydescription = response.json()[apis_urls.metadataobjectcategoryAPI][ids]['description'] + apiresult.add_row(vals=(apiobjectcategoryname, apiobjectcategorydescription)) + else: + apiresult.add_row(vals=("", "")) + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected object category description: '" + str( + row1["objectmetadataname"]) + "' is the same as the actual existing '" + str( + row2["objectcategoryname"]) + "'") + assert str(row1["objectmetadataname"]) == str( + row2["objectcategoryname"]), "object category name is not correct!" + logger.info("assertion passed!") + logger.info("asserting the expected object category description: '" + str( + row1["objectmetadatadescription"]) + "' is the same as the actual existing '" + str( + row2["objectcategorydescription"]) + "'") + assert str(row1["objectmetadatadescription"]) == str( + row2["objectcategorydescription"]), "object meta-data category description is not correct!" + logger.info("assertion passed!") + +# Step Definition Implementation: +# 1) Get all the existing action meta data by get request and put them into a table +# 2) Loop using both the expected and actual tables and assert the data row by row +@Then('the following meta data action category should be existed in the system') +def step_impl(context): + logger.info("Then the following meta data action category should be existed in the system") + + model = getattr(context, "model", None) + response = requests.get(apis_urls.serverURL + apis_urls.metadataactioncategoryAPI, headers=apis_urls.auth_headers) + apiresult = Table(names=('actioncategoryname', 'actioncategorydescription'), dtype=('S100', 'S100')) + if len(response.json()[apis_urls.metadataactioncategoryAPI]) != 0: + for ids in dict(response.json()[apis_urls.metadataactioncategoryAPI]).keys(): + apiactioncategoryname = response.json()[apis_urls.metadataactioncategoryAPI][ids]['name'] + apiactioncategorydescription = response.json()[apis_urls.metadataactioncategoryAPI][ids]['description'] + apiresult.add_row(vals=(apiactioncategoryname, apiactioncategorydescription)) + else: + apiresult.add_row(vals=("", "")) + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected action category description: '" + str( + row1["actionmetadataname"]) + "' is the same as the actual existing '" + str( + row2["actioncategoryname"]) + "'") + + assert str(row1["actionmetadataname"]) == str( + row2["actioncategoryname"]), "action category name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected action category description: '" + str( + row1["actionmetadatadescription"]) + "' is the same as the actual existing '" + str( + row2["actioncategorydescription"]) + "'") + + assert str(row1["actionmetadatadescription"]) == str( + row2["actioncategorydescription"]), "action meta-data category description is not correct!" + logger.info("assertion passed!") + +# Step Definition Implementation: +# Assert the saved api response flag with the expected flag +@Then('the system should reply the following') +def step_impl(context): + logger.info("Then the system should reply the following:") + model = getattr(context, "model", None) + for row in context.table: + logger.info("asserting the expected api response: '" + row["flag"] + "' and the actual response: '" + + GeneralVariables.api_responseflag['value'] + "'") + assert row["flag"] == GeneralVariables.api_responseflag['value'], "Validation is not correct, Expected: " + row[ + "flag"] + " but the API response was: " + GeneralVariables.api_responseflag['value'] + logger.info("assertion passed!") diff --git a/moon_manager/tests/func_tests/features/steps/meta_rules.py b/moon_manager/tests/func_tests/features/steps/meta_rules.py new file mode 100644 index 00000000..f56d4d4c --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/meta_rules.py @@ -0,0 +1,335 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from astropy.table import Table, Column +from common_functions import * +import numpy as np +import requests +import json +import logging + +apis_urls = GeneralVariables() +commonfunctions = commonfunctions() + +logger = logging.getLogger(__name__) + +# Step Definition Implementation: +# 1) Get all the existing meta rule in the system +# 2) Loop by id and delete them +@Given('the system has no meta-rules') +def step_impl(context): + logger.info("Given the system has no meta-rules") + + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response = requests.get(apis_urls.serverURL + apis_urls.metarulesAPI,headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.metarulesAPI]) != 0: + for ids in dict(response.json()[apis_urls.metarulesAPI]).keys(): + response = requests.delete(apis_urls.serverURL + apis_urls.metarulesAPI + "/" + ids, + headers=headers) + +# Step Definition Implementation: +# 1) Get subject, object, action categories ids list by calling the common funtion: get_subjectcategoryid, get_objectcategoryid and get_actioncategoryid +# 2) create the meta rule data jason then post it +@Given('the following meta rule exists') +def step_impl(context): + logger.info("Given the following meta rule exists") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "meta-rule name: '" + row["metarulename"] + "' and meta-rule description: '" + row[ + "metaruledescription"] + "' and subject categories:'" + row[ + "subjectmetadata"] + "' and object categories:'" + row["objectmetadata"] + "' and action categories:'" + + row["actionmetadata"] + "'") + subjectcategoryids = [] + objectcategoryids = [] + actioncategoryids = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row["subjectmetadata"]) < 40 and str(row["subjectmetadata"])!=""): + if(str(row["subjectmetadata"]).find(",")!=-1): + for category in row["subjectmetadata"].split(","): + subjectcategoryids.append(commonfunctions.get_subjectcategoryid(category)) + else: + subjectcategoryids.append(commonfunctions.get_subjectcategoryid(row["subjectmetadata"])) + else: + if(str(row["subjectmetadata"])==""): + subjectcategoryids=[] + else: + subjectcategoryids.append(row["subjectmetadata"]) + + if (len(row["objectmetadata"]) < 40 and str(row["objectmetadata"])!=""): + if(str(row["objectmetadata"]).find(",")!=-1): + for category in row["objectmetadata"].split(","): + objectcategoryids.append(commonfunctions.get_objectcategoryid(category)) + else: + objectcategoryids.append(commonfunctions.get_objectcategoryid(row["objectmetadata"])) + else: + if (str(row["objectmetadata"]) == ""): + objectcategoryids = [] + else: + objectcategoryids.append(row["objectmetadata"]) + + if (len(row["actionmetadata"]) < 40 and str(row["actionmetadata"])!=""): + if(str(row["actionmetadata"]).find(",")!=-1): + for category in row["actionmetadata"].split(","): + actioncategoryids.append(commonfunctions.get_actioncategoryid(category)) + else: + actioncategoryids.append(commonfunctions.get_actioncategoryid(row["actionmetadata"])) + else: + if(str(row["actionmetadata"]) == ""): + actioncategoryids = [] + else: + actioncategoryids.append(row["actionmetadata"]) + + data = { + 'name': row["metarulename"], + 'description': row["metaruledescription"], + 'subject_categories': subjectcategoryids, + 'object_categories': objectcategoryids, + 'action_categories': actioncategoryids + } + response = requests.post(apis_urls.serverURL + apis_urls.metarulesAPI, headers=headers, + data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Get subject, object, action categories ids list by calling the common funtion: get_subjectcategoryid, get_objectcategoryid and get_actioncategoryid +# 2) create the meta rule data jason then post it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following meta-rule') +def step_impl(context): + logger.info("When the user sets to add the following meta-rule") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "meta-rule name: '" + row["metarulename"] + "' and meta-rule description: '" + row[ + "metaruledescription"] + "' and subject categories:'" + row[ + "subjectmetadata"] + "' and object categories:'" + row["objectmetadata"] + "' and action categories:'" + + row["actionmetadata"] + "'") + + subjectcategoryids = [] + objectcategoryids = [] + actioncategoryids = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row["subjectmetadata"]) < 40 and str(row["subjectmetadata"])!=""): + if (str(row["subjectmetadata"]).find(",") != -1): + for category in row["subjectmetadata"].split(","): + subjectcategoryids.append(commonfunctions.get_subjectcategoryid(category)) + else: + subjectcategoryids.append(commonfunctions.get_subjectcategoryid(row["subjectmetadata"])) + else: + subjectcategoryids.append(row["subjectmetadata"]) + + if (len(row["objectmetadata"]) < 40 and str(row["objectmetadata"])!=""): + if (str(row["objectmetadata"]).find(",") != -1): + for category in row["objectmetadata"].split(","): + objectcategoryids.append(commonfunctions.get_objectcategoryid(category)) + else: + objectcategoryids.append(commonfunctions.get_objectcategoryid(row["objectmetadata"])) + else: + objectcategoryids.append(row["objectmetadata"]) + + if (len(row["actionmetadata"]) < 40 and str(row["actionmetadata"])!=""): + if (str(row["actionmetadata"]).find(",") != -1): + for category in row["actionmetadata"].split(","): + actioncategoryids.append(commonfunctions.get_actioncategoryid(category)) + else: + actioncategoryids.append(commonfunctions.get_actioncategoryid(row["actionmetadata"])) + else: + actioncategoryids.append(row["actionmetadata"]) + + + data = { + 'name': row["metarulename"], + 'description': row["metaruledescription"], + 'subject_categories': subjectcategoryids, + 'object_categories': objectcategoryids, + 'action_categories': actioncategoryids + } + + response = requests.post(apis_urls.serverURL + apis_urls.metarulesAPI, headers=headers, + data=json.dumps(data)) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get subject, object, action categories ids list by calling the common funtion: get_subjectcategoryid, get_objectcategoryid and get_actioncategoryid +# 2) create the meta rule data jason then patch the meta rule after searching for it's id. +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to update the following meta-rule') +def step_impl(context): + logger.info("When the user sets to update the following meta-rule") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "meta-rule name: '" + row["metarulename"] + "' which will be updated to metarule name:" + row[ + "updatedmetarulename"] + "' and meta-rule description: '" + row[ + "updatedmetaruledescription"] + "' and subject categories:'" + row[ + "updatedsubjectmetadata"] + "' and object categories:'" + row[ + "updatedobjectmetadata"] + "' and action categories:'" + + row["updatedactionmetadata"] + "'") + + subjectcategoryids = [] + objectcategoryids = [] + actioncategoryids = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row["updatedsubjectmetadata"]) > 40): + subjectcategoryids.append(row["updatedsubjectmetadata"]) + else: + for category in row["updatedsubjectmetadata"].split(","): + subjectcategoryids.append(commonfunctions.get_subjectcategoryid(category)) + + if (len(row["updatedobjectmetadata"]) > 40): + objectcategoryids.append(row["updatedobjectmetadata"]) + else: + for category in row["updatedobjectmetadata"].split(","): + objectcategoryids.append(commonfunctions.get_objectcategoryid(category)) + + if (len(row["updatedactionmetadata"]) > 40): + actioncategoryids.append(row["updatedactionmetadata"]) + else: + for category in row["updatedactionmetadata"].split(","): + actioncategoryids.append(commonfunctions.get_actioncategoryid(category)) + + data = { + 'name': row["updatedmetarulename"], + 'description': row["updatedmetaruledescription"], + 'subject_categories': subjectcategoryids, + 'object_categories': objectcategoryids, + 'action_categories': actioncategoryids + } + + response = requests.get(apis_urls.serverURL + apis_urls.metarulesAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.metarulesAPI]).keys(): + if (response.json()[apis_urls.metarulesAPI][ids]['name'] == row["metarulename"]): + response = requests.patch(apis_urls.serverURL + apis_urls.metarulesAPI + '/' + ids, headers=headers, + data=json.dumps(data)) + break + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the meta rule by get request +# 2) Loop by ids and search for the matching meta rule by name and delete it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following meta-rule') +def step_impl(context): + logger.info("When the user sets to delete the following meta-rule") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + logger.info( + "meta-rule name: '" + row["metarulename"] + "'") + response = requests.get(apis_urls.serverURL + apis_urls.metarulesAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.metarulesAPI]).keys(): + if (response.json()[apis_urls.metarulesAPI][ids]['name'] == row["metarulename"]): + response = requests.delete(apis_urls.serverURL + apis_urls.metarulesAPI + "/" + ids, + headers=headers) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the existing action meta data by get request and put them into a table +# 2) Sort the table by meta rule name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following meta-rules should be existed in the system') +def step_impl(context): + logger.info("Then the following meta-rules should be existed in the system") + response = requests.get(apis_urls.serverURL + apis_urls.metarulesAPI,headers=apis_urls.auth_headers) + apimetarulesubjectcategoryname = "" + apimetaruleobjectcategoryname = "" + apimetaruleactioncategoryname = "" + apiresult = Table( + names=('metarulename', 'metaruledescription', 'subjectmetadata', 'actionmetadata', 'objectmetadata'), + dtype=('S10', 'S100', 'S100', 'S100', 'S100')) + if len(response.json()[apis_urls.metarulesAPI]) != 0: + for ids in dict(response.json()[apis_urls.metarulesAPI]).keys(): + apimetarulesubjectcategoryname = "" + apimetaruleobjectcategoryname = "" + apimetaruleactioncategoryname = "" + apimetarulename = response.json()[apis_urls.metarulesAPI][ids]['name'] + apimetaruledescription = response.json()[apis_urls.metarulesAPI][ids]['description'] + for categoryid in response.json()[apis_urls.metarulesAPI][ids]['subject_categories']: + if (len(apimetarulesubjectcategoryname) > 2): + apimetarulesubjectcategoryname = apimetarulesubjectcategoryname + ',' + commonfunctions.get_subjectcategoryname( + categoryid) + else: + apimetarulesubjectcategoryname = commonfunctions.get_subjectcategoryname(categoryid) + for categoryid in response.json()[apis_urls.metarulesAPI][ids]['object_categories']: + if (len(apimetaruleobjectcategoryname) > 2): + apimetaruleobjectcategoryname = apimetaruleobjectcategoryname + ',' + commonfunctions.get_objectcategoryname( + categoryid) + else: + apimetaruleobjectcategoryname = commonfunctions.get_objectcategoryname(categoryid) + for categoryid in response.json()[apis_urls.metarulesAPI][ids]['action_categories']: + if (len(apimetaruleactioncategoryname) > 2): + apimetaruleactioncategoryname = apimetaruleactioncategoryname + ',' + commonfunctions.get_actioncategoryname( + categoryid) + else: + apimetaruleactioncategoryname = commonfunctions.get_actioncategoryname(categoryid) + + apiresult.add_row(vals=( + apimetarulename, apimetaruledescription, apimetarulesubjectcategoryname, apimetaruleactioncategoryname, + apimetaruleobjectcategoryname)) + + else: + apiresult.add_row(vals=("", "", "", "", "")) + + apiresult.sort('metarulename') + + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected meta rule name: '" + str( + row1["metarulename"]) + "' is the same as the actual existing '" + str( + row2["metarulename"]) + "'") + assert str(row1["metarulename"]) == str(row2["metarulename"]), "meta-rule name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected meta rule description: '" + str( + row1["metaruledescription"]) + "' is the same as the actual existing '" + str( + row2["metaruledescription"]) + "'") + assert str(row1["metaruledescription"]) == str( + row2["metaruledescription"]), "meta-rule description is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected subject categories: '" + str( + row1["subjectmetadata"]) + "' is the same as the actual existing '" + str( + row2["subjectmetadata"]) + "'") + assert str(row1["subjectmetadata"]) == str(row2["subjectmetadata"]), "subject category is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected object categories: '" + str( + row1["objectmetadata"]) + "' is the same as the actual existing '" + str( + row2["objectmetadata"]) + "'") + assert str(row1["objectmetadata"]) == str(row2["objectmetadata"]), "object category is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected action categories: '" + str( + row1["actionmetadata"]) + "' is the same as the actual existing '" + str( + row2["actionmetadata"]) + "'") + assert str(row1["actionmetadata"]) == str(row2["actionmetadata"]), "action category is not correct!" + logger.info("assertion passed!") diff --git a/moon_manager/tests/func_tests/features/steps/model.py b/moon_manager/tests/func_tests/features/steps/model.py new file mode 100644 index 00000000..36b16746 --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/model.py @@ -0,0 +1,230 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from astropy.table import Table, Column +from common_functions import * +import requests +import json +import logging + +apis_urls = GeneralVariables() +commonfunctions = commonfunctions() + +logger = logging.getLogger(__name__) + +# Step Definition Implementation: +# 1) Get all the existing models in the system +# 2) Loop by id and delete them +@Given('the system has no models') +def step_impl(context): + logger.info("Given the system has no models") + + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response = requests.get(apis_urls.serverURL + apis_urls.modelAPI, headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.modelAPI]) != 0: + for ids in dict(response.json()[apis_urls.modelAPI]).keys(): + response = requests.delete(apis_urls.serverURL + apis_urls.modelAPI + "/" + ids, + headers=headers) + +# Step Definition Implementation: +# 1) Get meta rule ids list by calling the common funtion: get_metaruleid +# 2) create the model data jason then post it +@Given('the following model exists') +def step_impl(context): + logger.info("Given the following model exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "model name: '" + row["modelname"] + "' model description: '" + row[ + "modeldescription"] + "' and meta-rules:'" + row[ + "metarule"]+"'") + + metarulesids = [] + + if (len(row["metarule"]) > 35): + metarulesids.append(row["metarule"]) + else: + for metarule in row["metarule"].split(","): + metarulesids.append(commonfunctions.get_metaruleid(metarule)) + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + data = { + 'name': row["modelname"], + 'description': row["modeldescription"], + 'meta_rules': metarulesids + } + response = requests.post(apis_urls.serverURL + apis_urls.modelAPI, headers=headers, + data=json.dumps(data)) + + +# Step Definition Implementation: +# 1) Get meta rule ids list by calling the common funtion: get_metaruleid +# 2) create the model data jason then post it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following model') +def step_impl(context): + logger.info("When the user sets to add the following model") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "model name: '" + row["modelname"] + "' model description: '" + row[ + "modeldescription"] + "' and meta-rules:'" + row[ + "metarule"] + "'") + + metarules = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if(row["metarule"]!=""): + if (len(row["metarule"]) > 35): + metarules.append(row["metarule"]) + else: + for metarule in row["metarule"].split(","): + metarules.append(commonfunctions.get_metaruleid(metarule)) + + data = { + 'name': row["modelname"], + 'description': row["modeldescription"], + 'meta_rules': metarules, + } + else: + data = { + 'name': row["modelname"], + 'description': row["modeldescription"], + 'meta_rules': "", + } + response = requests.post(apis_urls.serverURL + apis_urls.modelAPI, headers=headers, + data=json.dumps(data)) + + if response.status_code==200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + + +# Step Definition Implementation: +# 1) Get meta rule ids list by calling the common funtion: get_modelid +# 2) create the model jason then patch the model after searching for it's id. +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to update the following model') +def step_impl(context): + logging.info("When the user sets to update the following model") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "model name: '" + row["modelname"] + "' which will be updated to model name:" + row[ + "updatedmodelname"] + "' and model description: '" + row[ + "updatedmodeldescription"] + "' meta-rules: '"+row["updatedmetarule"] + "'") + + metarules = [] + data={} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + if(row["updatedmetarule"]!=""): + if (len(row["updatedmetarule"]) > 35): + metarules.append(row["updatedmetarule"]) + else: + for metarule in row["updatedmetarule"].split(","): + metarules.append(commonfunctions.get_metaruleid(metarule)) + data = { + 'name': row["updatedmodelname"], + 'description': row["updatedmodeldescription"], + 'meta_rules': metarules, + } + else: + data = { + 'name': row["updatedmodelname"], + 'description': row["updatedmodeldescription"], + 'meta_rules': "", + } + response = requests.get(apis_urls.serverURL + apis_urls.modelAPI, headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.modelAPI]).keys(): + if (response.json()[apis_urls.modelAPI][ids]['name'] == row["modelname"]): + response = requests.patch(apis_urls.serverURL + apis_urls.modelAPI+'/'+ids, headers=headers, + data=json.dumps(data)) + + if response.status_code==200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the model by get request +# 2) Loop by ids and search for the matching model by name and delete it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following model') +def step_impl(context): + logging.info("When the user sets to delete the following model") + model = getattr(context, "model", None) + for row in context.table: + logger.info("model name: '" + row["modelname"] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + logger.info("policy name:'" + row["modelname"] + "'") + response = requests.get(apis_urls.serverURL + apis_urls.modelAPI, headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.modelAPI]).keys(): + if (response.json()[apis_urls.modelAPI][ids]['name'] == row["modelname"]): + response = requests.delete(apis_urls.serverURL + apis_urls.modelAPI + "/" + ids, + headers=headers) + if response.status_code==200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the existing models by get request and put them into a table +# 2) Sort the table by model name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following model should be existed in the system') +def step_impl(context): + logger.info("Then the following model should be existed in the system") + response = requests.get(apis_urls.serverURL + apis_urls.modelAPI, headers=apis_urls.auth_headers) + apimetarulesname="" + apiresult = Table( + names=('modelname', 'modeldescription', 'metarule'), + dtype=('S100', 'S100', 'S100')) + if len(response.json()[apis_urls.modelAPI]) != 0: + for ids in dict(response.json()[apis_urls.modelAPI]).keys(): + apimetarulesname = [] + apimodelname = response.json()[apis_urls.modelAPI][ids]['name'] + apimodeldescription = response.json()[apis_urls.modelAPI][ids]['description'] + for metaruleid in response.json()[apis_urls.modelAPI][ids]['meta_rules']: + apimetarulesname.append(commonfunctions.get_metarulename(metaruleid)) + apiresult.add_row(vals=( + apimodelname, apimodeldescription, ",".join(apimetarulesname))) + else: + apiresult.add_row(vals=("", "", "")) + + apiresult.sort('modelname') + + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected model name: '" + str( + row1["modelname"]) + "' is the same as the actual existing '" + str( + row2["modelname"]) + "'") + assert str(row1["modelname"]) == str(row2["modelname"]), "model name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected model description: '" + str( + row1["modeldescription"]) + "' is the same as the actual existing '" + str( + row2["modeldescription"]) + "'") + assert str(row1["modeldescription"]) == str(row2["modeldescription"]), "model description is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected meta rules: '" + str( + row1["metarule"]) + "' is the same as the actual existing '" + str( + row2["metarule"]) + "'") + assert str(row1["metarule"]) == str(row2["metarule"]), "metarule is not correct!" + logger.info("assertion passed!") diff --git a/moon_manager/tests/func_tests/features/steps/pdp.py b/moon_manager/tests/func_tests/features/steps/pdp.py new file mode 100644 index 00000000..bf839658 --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/pdp.py @@ -0,0 +1,248 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from astropy.table import Table +from common_functions import * +import requests +import json +import logging + +apis_urls = GeneralVariables() +commonfunctions = commonfunctions() + +logger = logging.getLogger(__name__) + +# Step Definition Implementation: +# 1) Get all the existing pdps in the system +# 2) Loop by id and delete them +@Given('the system has no pdps') +def step_impl(context): + logger.info("Given the system has no pdps") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response = requests.get(apis_urls.serverURL + apis_urls.pdpAPI, headers=apis_urls.auth_headers) + pdpjason=apis_urls.pdpAPI+"s" + if len(response.json()[pdpjason]) != 0: + for ids in dict(response.json()[pdpjason]).keys(): + response = requests.delete(apis_urls.serverURL + apis_urls.pdpAPI + "/" + ids, + headers=headers) + +# Step Definition Implementation: +# 1) Get model id by calling the common funtion: get_policyid +# 2) create the pdp data jason then post it +@Given('the following pdp exists') +def step_impl(context): + logger.info("Given the following pdp exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "pdp name: '" + row["pdpname"] + "' pdp description: '" + row[ + "pdpdescription"] + "' and keystone project:'" + row[ + "keystone_project_id"] + "' and security pipeline '" + row['security_pipeline'] + "'") + policies_list = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['security_pipeline']) > 25): + policies_list = row['security_pipeline'] + else: + for policy in row["security_pipeline"].split(","): + policies_list.append(commonfunctions.get_policyid(policy)) + + data = { + 'name': row["pdpname"], + 'description': row["pdpdescription"], + 'vim_project_id': row['keystone_project_id'], + 'security_pipeline': policies_list + } + response = requests.post(apis_urls.serverURL + apis_urls.pdpAPI, headers=headers, + data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Get policy id by calling the common funtion: get_policyid +# 2) create the pdp jason then patch the policy after searching for it's id. +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following pdp') +def step_impl(context): + logger.info("When the user sets to add the following pdp") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "pdp name: '" + row["pdpname"] + "' pdp description: '" + row[ + "pdpdescription"] + "' and keystone project:'" + row[ + "keystone_project_id"] + "' and security pipeline '" + row['security_pipeline'] + "'") + + policies_list = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + if (row["security_pipeline"] != ""): + if (len(row['security_pipeline']) > 25): + policies_list = row['security_pipeline'] + else: + for policy in row["security_pipeline"].split(","): + policies_list.append(commonfunctions.get_policyid(policy)) + data = { + 'name': row["pdpname"], + 'description': row["pdpdescription"], + 'vim_project_id': row['keystone_project_id'], + 'security_pipeline': policies_list + } + else: + data = { + 'name': row["pdpname"], + 'description': row["pdpdescription"], + 'vim_project_id': row['keystone_project_id'], + 'security_pipeline': "" + } + response = requests.post(apis_urls.serverURL + apis_urls.pdpAPI, headers=headers, + data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get model id by calling the common funtion: get_policyid +# 2) create the pdp data jason then patch it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to update the following pdp') +def step_impl(context): + logger.info("When the user sets to update the following pdp") + + model = getattr(context, "model", None) + policies_list=[] + for row in context.table: + logger.info( + "pdp name: '" + row["pdpname"] + "' which will be updated to pdp name:" + row[ + "updatedpdpname"] + "' and pdp description: '" + row[ + "updatedpdpdescription"] + "' keystone_project: '" + row["updatedkeystone_project_id"] + "' security pipeline: '"+row["updatedsecurity_pipeline"]+"'") + + policies_list = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['updatedsecurity_pipeline']) > 25): + policies_list = row['updatedsecurity_pipeline'] + else: + for policy in row["updatedsecurity_pipeline"].split(","): + policies_list.append(commonfunctions.get_policyid(policy)) + + data = { + 'name': row["updatedpdpname"], + 'description': row["updatedpdpdescription"], + 'vim_project_id': row['updatedkeystone_project_id'], + 'security_pipeline': policies_list + } + + response = requests.get(apis_urls.serverURL + apis_urls.pdpAPI,headers=apis_urls.auth_headers) + logger.info(response.json()) + pdpjason = apis_urls.pdpAPI + "s" + for ids in dict(response.json()[pdpjason]).keys(): + logger.info(str(response.json()[pdpjason][ids]['name'])) + if (response.json()[pdpjason][ids]['name'] == row["pdpname"]): + logger.info(apis_urls.serverURL + apis_urls.pdpAPI+ '/' + ids) + response = requests.patch(apis_urls.serverURL + apis_urls.pdpAPI+ '/' + ids, headers=headers, + data=json.dumps(data)) + logger.info(response.json()) + + if response.status_code==200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + break + +# Step Definition Implementation: +# 1) Get all the pdps by get request +# 2) Loop by ids and search for the matching pdp by name and delete it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following pdp') +def step_impl(context): + logging.info("When the user sets to delete the following pdp") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + logger.info("pdp name:'" + row["pdpname"] + "'") + + response = requests.get(apis_urls.serverURL + apis_urls.pdpAPI,headers=apis_urls.auth_headers) + pdpjason=apis_urls.pdpAPI+"s" + for ids in dict(response.json()[pdpjason]).keys(): + if (response.json()[pdpjason][ids]['name'] == row["pdpname"]): + response = requests.delete(apis_urls.serverURL + apis_urls.pdpAPI + "/" + ids, + headers=headers) + + if response.status_code==200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the existing pdps by get request and put them into a table +# 2) Sort the table by pdp name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following pdp should be existed in the system') +def step_impl(context): + logger.info("Then the following pdp should be existed in the system") + + response = requests.get(apis_urls.serverURL + apis_urls.pdpAPI,headers=apis_urls.auth_headers) + apiresult = Table( + names=('pdpname', 'pdpdescription', 'keystone_project_id','security_pipeline'), + dtype=('S10', 'S100', 'S100','S100')) + pdp_jason=apis_urls.pdpAPI+"s" + if len(response.json()[pdp_jason]) != 0: + for ids in dict(response.json()[pdp_jason]).keys(): + apipdppolicies = "" + apipdpname = response.json()[pdp_jason][ids]['name'] + apipdpdescription = response.json()[pdp_jason][ids]['description'] + apipdpprojectid = response.json()[pdp_jason][ids]['vim_project_id'] + for policies in response.json()[pdp_jason][ids]['security_pipeline']: + if(len(apipdppolicies)>2): + apipdppolicies = apipdppolicies +','+ commonfunctions.get_policyname(policies) + else: + apipdppolicies=commonfunctions.get_policyname(policies) + + apiresult.add_row(vals=( + apipdpname, apipdpdescription, apipdpprojectid,apipdppolicies)) + + else: + apiresult.add_row(vals=("", "", "","")) + + apiresult.sort('pdpname') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected pdp name: '" + str( + row1["pdpname"]) + "' is the same as the actual existing '" + str( + row2["pdpname"]) + "'") + assert str(row1["pdpname"]) == str(row2["pdpname"]), "pdp name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected pdp description: '" + str( + row1["pdpdescription"]) + "' is the same as the actual existing '" + str( + row2["pdpdescription"]) + "'") + + assert str(row1["pdpdescription"]) == str(row2["pdpdescription"]), "pdp description is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected keystone project id description: '" + str( + row1["keystone_project_id"]) + "' is the same as the actual existing '" + str( + row2["keystone_project_id"]) + "'") + assert str(row1["keystone_project_id"]) == str(row2["keystone_project_id"]), "project id is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected security pipeline description: '" + str( + row1["security_pipeline"]) + "' is the same as the actual existing '" + str( + row2["security_pipeline"]) + "'") + assert str(row1["security_pipeline"]) == str(row2["security_pipeline"]), "security_pipeline policies is not correct!" + logger.info("assertion passed!") + diff --git a/moon_manager/tests/func_tests/features/steps/perimeter.py b/moon_manager/tests/func_tests/features/steps/perimeter.py new file mode 100644 index 00000000..a4a53120 --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/perimeter.py @@ -0,0 +1,727 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from astropy.table import Table +from common_functions import * +import requests +import json +import logging + +apis_urls = GeneralVariables() +commonfunctions = commonfunctions() + +logger = logging.getLogger(__name__) + +# Step Definition Implementation: +# 1) Get all the existing subject preimeters in the system +# 2) Loop by id to unlink the policies attached +# 3) Then delete the perimeter itself +@Given('the system has no subject perimeter') +def step_impl(context): + logger.info("Given the system has no subject perimeter") + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + response = requests.get(apis_urls.serverURL + apis_urls.perimetersubjectAPI,headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.perimetersubjectAPI]) != 0: + for ids in dict(response.json()[apis_urls.perimetersubjectAPI]).keys(): + policies_list = response.json()[apis_urls.perimetersubjectAPI][ids]['policy_list'] + for policy in policies_list: + response_delete_policies = requests.delete( + apis_urls.serverURL + "policies/" + policy + "/" + apis_urls.perimetersubjectAPI + "/" + ids, + headers=apis_urls.auth_headers) + response_delete = requests.delete(apis_urls.serverURL + apis_urls.perimetersubjectAPI + "/" + ids, + headers=apis_urls.auth_headers) + + # exit(0) + +# Step Definition Implementation: +# 1) Post subject perimeter using the policy id +@Given('the following subject perimeter exists') +def step_impl(context): + logger.info("Given the following subject perimeter exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "subject perimeter name: '" + row["subjectperimetername"] + "' subject perimeter description: '" + row[ + "subjectperimeterdescription"] # "' and subject perimeter email:'" + row[ + # "subjectperimeteremail"] + "' and subject perimeter password '" + row['subjectperimeterpassword'] + + "' and policies '" + row['policies'] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + policyid="" + if (row['policies'] != ""): + policyid = commonfunctions.get_policyid(row['policies']) + data = { + 'name': row["subjectperimetername"], + 'description': row["subjectperimeterdescription"], + # 'email': row['subjectperimeteremail'], + # 'password': row['subjectperimeterpassword'], + + } + response = requests.post( + apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimetersubjectAPI, headers=headers, + data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Get all the existing object preimeters in the system +# 2) Loop by id to unlink the policies attached +# 3) Then delete the perimeter itself +@Given('the system has no object perimeter') +def step_impl(context): + logger.info("Given the system has no object perimeter") + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + response = requests.get(apis_urls.serverURL + apis_urls.perimeterobjectAPI,headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.perimeterobjectAPI]) != 0: + for ids in dict(response.json()[apis_urls.perimeterobjectAPI]).keys(): + policies_list = response.json()[apis_urls.perimeterobjectAPI][ids]['policy_list'] + for policy in policies_list: + response_delete_policies = requests.delete( + apis_urls.serverURL + "policies/" + policy + "/" + apis_urls.perimeterobjectAPI + "/" + ids, + headers=headers) + response_delete = requests.delete(apis_urls.serverURL + apis_urls.perimeterobjectAPI + "/" + ids, + headers=apis_urls.auth_headers) + +# Step Definition Implementation: +# 1) Post object perimeter using the policy id +@Given('the following object perimeter exists') +def step_impl(context): + logger.info("Given the following object perimeter exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "object perimeter name: '" + row["objectperimetername"] + "' object perimeter description: '" + row[ + "objectperimeterdescription"] + "' and policies '" + row['policies'] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + if (row['policies'] != ""): + policyid = commonfunctions.get_policyid(row['policies']) + + data = { + 'name': row["objectperimetername"], + 'description': row["objectperimeterdescription"], + + } + response = requests.post(apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimeterobjectAPI, + headers=headers, + data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Get all the existing action preimeters in the system +# 2) Loop by id to unlink the policies attached +# 3) Then delete the perimeter itself +@Given('the system has no action perimeter') +def step_impl(context): + logger.info("Given the system has no action perimeter") + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response = requests.get(apis_urls.serverURL + apis_urls.perimeteractionAPI,headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.perimeteractionAPI]) != 0: + for ids in dict(response.json()[apis_urls.perimeteractionAPI]).keys(): + policies_list = response.json()[apis_urls.perimeteractionAPI][ids]['policy_list'] + for policy in policies_list: + response_delete_policies = requests.delete( + apis_urls.serverURL + "policies/" + policy + "/" + apis_urls.perimeteractionAPI + "/" + ids, + headers=headers) + response_delete = requests.delete(apis_urls.serverURL + apis_urls.perimeteractionAPI + "/" + ids, + headers=apis_urls.auth_headers) + + +# Step Definition Implementation: +# 1) Post action perimeter using the policy id +@Given('the following action perimeter exists') +def step_impl(context): + logger.info("Given the following action perimeter exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "action perimeter name: '" + row["actionperimetername"] + "' action perimeter description: '" + row[ + "actionperimeterdescription"] + "' and policies '" + row['policies'] + "'") + + policyid="" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policies'] != ""): + policyid = commonfunctions.get_policyid(row['policies']) + data = { + 'name': row["actionperimetername"], + 'description': row["actionperimeterdescription"], + + } + response = requests.post(apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimeteractionAPI, + headers=headers, + data=json.dumps(data)) + +# Step Definition Implementation: +# 1) Insert subject perimeter using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following subject perimeter') +def step_impl(context): + logger.info("When the user sets to add the following subject perimeter") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "subject perimeter name: '" + row["subjectperimetername"] + "' subject perimeter description: '" + row[ + "subjectperimeterdescription"] + + # "' and subject perimeter email:'" + row["subjectperimeteremail"] + "' and subject perimeter password '" + row['subjectperimeterpassword'] + + "' and policies '" + row['policies'] + "'") + + policyid = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policies'] != ""): + policyid = commonfunctions.get_policyid(row['policies']) + data = { + 'name': row["subjectperimetername"], + 'description': row["subjectperimeterdescription"], + # 'email': row['subjectperimeteremail'], + # 'password': row['subjectperimeterpassword'], + } + response = requests.post(apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimetersubjectAPI, headers=headers, + data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Search for the existing subject perimeter & get its id +# 2) create the new perimeter jason and patch it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to update the following subject perimeter') +def step_impl(context): + logger.info("When the user sets to update the following subject perimeter") + model = getattr(context, "model", None) + policies_list = [] + for row in context.table: + logger.info( + "subject perimeter name: '" + row[ + 'subjectperimetername'] + "' which will be updated to subject perimeter name:'" + row[ + "updatedsubjectperimetername"] + "' subject perimeter description: '" + row[ + "updatedsubjectperimeterdescription"] + + # "' and subject perimeter email:'" + row["updatedsubjectperimeteremail"] + "' and subject perimeter password '" + row['updatedsubjectperimeterpassword'] + "' and policies '" + row['policies'] + "'") + + policyid = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policies'] != ""): + policyid=commonfunctions.get_policyid(row['policies']) + else: + policyid="" + data = { + 'name': row["updatedsubjectperimetername"], + 'description': row["updatedsubjectperimeterdescription"], + # 'email': row['subjectperimeteremail'], + # 'password': row['subjectperimeterpassword'], + } + response = requests.get(apis_urls.serverURL + apis_urls.perimetersubjectAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.perimetersubjectAPI]).keys(): + if (response.json()[apis_urls.perimetersubjectAPI][ids]['name'] == row["subjectperimetername"]): + #print(apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimetersubjectAPI + '/' + ids) + response = requests.patch(apis_urls.serverURL + apis_urls.perimetersubjectAPI + '/' + ids, + headers=headers,data=json.dumps(data)) + print(response) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Search for the existing subject perimeter & get its id +# 2) Delete it without having the policy id in the request +@When('the user sets to delete the following subject perimeter') +def step_impl(context): + logging.info("When the user sets to delete the following subject perimeter") + + model = getattr(context, "model", None) + for row in context.table: + headers = { + 'Content-Type': 'application/json', + } + logger.info("subject perimeter name:'" + row["subjectperimetername"] + "'") + response = requests.get(apis_urls.serverURL + apis_urls.perimetersubjectAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.perimetersubjectAPI]).keys(): + if (response.json()[apis_urls.perimetersubjectAPI][ids]['name'] == row["subjectperimetername"]): + response = requests.delete(apis_urls.serverURL + apis_urls.perimetersubjectAPI + "/" + ids, + headers=apis_urls.auth_headers) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Search for the existing subject perimeter & get its id +# 2) Delete it while having the policy id in the request +@When('the user sets to delete the following subject perimeter for a given policy') +def step_impl(context): + logging.info("the user sets to delete the following subject perimeter for a given policy") + + model = getattr(context, "model", None) + for row in context.table: + headers = { + 'Content-Type': 'application/json', + } + logger.info("subject perimeter name:'" + row["subjectperimetername"] + "' and policy:"+ row["policies"]+"'") + policyid = commonfunctions.get_policyid(row['policies']) + response = requests.get(apis_urls.serverURL + apis_urls.perimetersubjectAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.perimetersubjectAPI]).keys(): + if (response.json()[apis_urls.perimetersubjectAPI][ids]['name'] == row["subjectperimetername"]): + response = requests.delete(apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimetersubjectAPI + "/" + ids, + headers=apis_urls.auth_headers) + logger.info(response.json()) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Insert object perimeter using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following object perimeter') +def step_impl(context): + logger.info("When the user sets to add the following object perimeter") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "object perimeter name: '" + row["objectperimetername"] + "' object perimeter description: '" + row[ + "objectperimeterdescription"] + "' and policies '" + row['policies'] + "'") + + policies_list = [] + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policies'] != ""): + policyid = commonfunctions.get_policyid(row['policies']) + else: + policyid="" + data = { + 'name': row["objectperimetername"], + 'description': row["objectperimeterdescription"], + } + response = requests.post(apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimeterobjectAPI, headers=headers, + data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Search for the existing object perimeter & get its id +# 2) create the new perimeter jason and patch it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to update the following object perimeter') +def step_impl(context): + logger.info("When the user sets to update the following object perimeter") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "object perimeter name: '" + row[ + 'objectperimetername'] + "' which will be updated to object perimeter name:" + row[ + "updatedobjectperimetername"] + "' object perimeter description: '" + row[ + "updatedobjectperimeterdescription"] + "' and policies '" + row['policies'] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policies'] != ""): + policyid = commonfunctions.get_policyid(row['policies']) + else: + policyid="" + data = { + 'name': row["updatedobjectperimetername"], + 'description': row["updatedobjectperimeterdescription"], + } + response = requests.get(apis_urls.serverURL + apis_urls.perimeterobjectAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.perimeterobjectAPI]).keys(): + if (response.json()[apis_urls.perimeterobjectAPI][ids]['name'] == row["objectperimetername"]): + response = requests.patch(apis_urls.serverURL + apis_urls.perimeterobjectAPI + '/' + ids, + headers=headers,data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Search for the existing object perimeter & get its id +# 2) Delete it without having the policy id in the request +@When('the user sets to delete the following object perimeter') +def step_impl(context): + logging.info("When the user sets to delete the following object perimeter") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + logger.info("object perimeter name:'" + row["objectperimetername"] + "'") + + response = requests.get(apis_urls.serverURL + apis_urls.perimeterobjectAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.perimeterobjectAPI]).keys(): + if (response.json()[apis_urls.perimeterobjectAPI][ids]['name'] == row["objectperimetername"]): + response = requests.delete(apis_urls.serverURL + apis_urls.perimeterobjectAPI + "/" + ids, + headers=apis_urls.auth_headers) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Search for the existing object perimeter & get its id +# 2) Delete it while having the policy id in the request +@When('the user sets to delete the following object perimeter for a given policy') +def step_impl(context): + logging.info("the user sets to delete the following object perimeter for a given policy") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + logger.info("object perimeter name:'" + row["objectperimetername"] + "' and policy:"+ row["policies"]+"'") + policyid = commonfunctions.get_policyid(row['policies']) + response = requests.get(apis_urls.serverURL + apis_urls.perimeterobjectAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.perimeterobjectAPI]).keys(): + if (response.json()[apis_urls.perimeterobjectAPI][ids]['name'] == row["objectperimetername"]): + response = requests.delete(apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimeterobjectAPI + "/" + ids, + headers=apis_urls.auth_headers) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Insert action perimeter using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following action perimeter') +def step_impl(context): + logger.info("When the user sets to add the following action perimeter") + + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "action perimeter name: '" + row["actionperimetername"] + "' action perimeter description: '" + row[ + "actionperimeterdescription"] + "' and policies '" + row['policies'] + "'") + + policyid="" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policies'] != ""): + policyid = commonfunctions.get_policyid(row['policies']) + else: + policyid="" + data = { + 'name': row["actionperimetername"], + 'description': row["actionperimeterdescription"], + + } + response = requests.post( + apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimeteractionAPI, headers=headers, + data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Search for the existing action perimeter & get its id +# 2) create the new perimeter jason and patch it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to update the following action perimeter') +def step_impl(context): + logger.info("When the user sets to update the following action perimeter") + + model = getattr(context, "model", None) + + for row in context.table: + + logger.info( + "action perimeter name: '" + row[ + 'actionperimetername'] + "' which will be updated to action perimeter name:" + row[ + "updatedactionperimetername"] + "' action perimeter description: '" + row[ + "updatedactionperimeterdescription"] + "' and policies '" + row['policies'] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (row['policies'] != ""): + policyid = commonfunctions.get_policyid(row['policies']) + else: + policyid="" + data = { + 'name': row["updatedactionperimetername"], + 'description': row["updatedactionperimeterdescription"], + } + response = requests.get(apis_urls.serverURL + apis_urls.perimeteractionAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.perimeteractionAPI]).keys(): + if (response.json()[apis_urls.perimeteractionAPI][ids]['name'] == row["actionperimetername"]): + response = requests.patch( + apis_urls.serverURL + apis_urls.perimeteractionAPI + '/' + ids, + headers=headers,data=json.dumps(data)) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Search for the existing action perimeter & get its id +# 2) Delete it without having the policy id in the request +@When('the user sets to delete the following action perimeter') +def step_impl(context): + logging.info("When the user sets to delete the following action perimeter") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + logger.info("action perimeter name:'" + row["actionperimetername"] + "'") + response = requests.get(apis_urls.serverURL + apis_urls.perimeteractionAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.perimeteractionAPI]).keys(): + if (response.json()[apis_urls.perimeteractionAPI][ids]['name'] == row["actionperimetername"]): + response = requests.delete(apis_urls.serverURL + apis_urls.perimeteractionAPI + "/" + ids, + headers=apis_urls.auth_headers) + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Search for the existing action perimeter & get its id +# 2) Delete it while having the policy id in the request +@When('the user sets to delete the following action perimeter for a given policy') +def step_impl(context): + logging.info("the user sets to delete the following action perimeter for a given policy") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + logger.info("action perimeter name:'" + row["actionperimetername"] + "' and policy:"+ row["policies"]+"'") + policyid = commonfunctions.get_policyid(row['policies']) + response = requests.get(apis_urls.serverURL + apis_urls.perimeteractionAPI,headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.perimeteractionAPI]).keys(): + if (response.json()[apis_urls.perimeteractionAPI][ids]['name'] == row["actionperimetername"]): + response = requests.delete(apis_urls.serverURL + "policies/" + policyid + "/" + apis_urls.perimeteractionAPI + "/" + ids, + headers=apis_urls.auth_headers) + + if response.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the existing subject perimeter by get request and put them into a table +# 2) Sort the table by subject perimeter +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following subject perimeter should be existed in the system') +def step_impl(context): + logger.info("Then the following subject perimeter should be existed in the system") + + response = requests.get(apis_urls.serverURL + apis_urls.perimetersubjectAPI,headers=apis_urls.auth_headers) + apiresult = Table( + names=('subjectperimetername', 'subjectperimeterdescription', + # 'subjectperimeteremail', + # 'subjectperimeterpassword', + 'policies'), + dtype=('S100', 'S100', 'S100')) + + if len(response.json()[apis_urls.perimetersubjectAPI]) != 0: + for ids in dict(response.json()[apis_urls.perimetersubjectAPI]).keys(): + apipoliciesid = [] + apipolicies = "" + GeneralVariables.assignsubjectperimeterid['value']=ids + apisubjectperimetername = response.json()[apis_urls.perimetersubjectAPI][ids]['name'] + apisubjectperimeterdescription = response.json()[apis_urls.perimetersubjectAPI][ids]['description'] + # apisubjectperimeteremail = response.json()[apis_urls.perimetersubjectAPI][ids]['email'] + # apisubjectperimeterpassword = response.json()[apis_urls.perimetersubjectAPI][ids]['password'] + if (len(response.json()[apis_urls.perimetersubjectAPI][ids]['policy_list']) != 0): + for policies in response.json()[apis_urls.perimetersubjectAPI][ids]['policy_list']: + apipoliciesid.append(commonfunctions.get_policyname(str(policies))) + apipolicies = ",".join(apipoliciesid) + else: + apipolicies = "" + apiresult.add_row(vals=( + apisubjectperimetername, apisubjectperimeterdescription, + # apisubjectperimeteremail,# apisubjectperimeterpassword, + apipolicies)) + else: + apiresult.add_row(vals=("", "", "")) + + apiresult.sort('subjectperimetername') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected subject perimeter name: '" + str( + row1["subjectperimetername"]) + "' is the same as the actual existing '" + str( + row2["subjectperimetername"]) + "'") + assert str(row1["subjectperimetername"]) == str( + row2["subjectperimetername"]), "subject perimeter name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected subject perimeter description: '" + str( + row1["subjectperimeterdescription"]) + "' is the same as the actual existing '" + str( + row2["subjectperimeterdescription"]) + "'") + assert str(row1["subjectperimeterdescription"]) == str( + row2["subjectperimeterdescription"]), "subject perimeter description is not correct!" + logger.info("assertion passed!") + + # logger.info("asserting the expected subject perimeter email: '" + str( + # row1["subjectperimeteremail"]) + "' is the same as the actual existing '" + str( + # row2["subjectperimeteremail"]) + "'") + # assert str(row1["subjectperimeteremail"]) == str( + # row2["subjectperimeteremail"]), "subject perimeter email is not correct!" + # logger.info("assertion passed!") + # + # logger.info("asserting the expected subject perimeter password: '" + str( + # row1["subjectperimeterpassword"]) + "' is the same as the actual existing '" + str( + # row2["subjectperimeterpassword"]) + "'") + # assert str(row1["subjectperimeterpassword"]) == str( + # row2["subjectperimeterpassword"]), "subject perimeter password is not correct!" + # logger.info("assertion passed!") + + if (str(row1["policies"]).find(',') == -1): + logger.info("asserting the expected policies: '" + str( + row1["policies"]) + "' is the same as the actual existing '" + str( + row2["policies"]) + "'") + logger.info("policies is not correct!") + assert str(row1["policies"]) == str(row2["policies"]), " policies is not correct!" + else: + + logger.info("asserting the expected policies: '" + ','.join( + sorted(str(row1["policies"]).split(','), key=str.lower)) + "' is the same as the actual existing '" + + ','.join(sorted(str(row2["policies"]).split(','), key=str.lower)) + "'") + logger.info("policies is not correct!") + assert ','.join(sorted(str(row1["policies"]).split(','), key=str.lower)) == ','.join( + sorted(str(row2["policies"]).split(','), key=str.lower)), " policies is not correct!" + logger.info("assertion passed!") + +# Step Definition Implementation: +# 1) Get all the existing object perimeter by get request and put them into a table +# 2) Sort the table by subject perimeter +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following object perimeter should be existed in the system') +def step_impl(context): + logger.info("Then the following object perimeter should be existed in the system") + response = requests.get(apis_urls.serverURL + apis_urls.perimeterobjectAPI,headers=apis_urls.auth_headers) + apiresult = Table( + names=('objectperimetername', 'objectperimeterdescription', 'policies'), + dtype=('S100', 'S100', 'S100')) + if len(response.json()[apis_urls.perimeterobjectAPI]) != 0: + for ids in dict(response.json()[apis_urls.perimeterobjectAPI]).keys(): + apipolicies = "" + apipoliciesid = [] + apiobjectperimetername = response.json()[apis_urls.perimeterobjectAPI][ids]['name'] + apiobjectperimeterdescription = response.json()[apis_urls.perimeterobjectAPI][ids]['description'] + if (len(response.json()[apis_urls.perimeterobjectAPI][ids]['policy_list']) != 0): + for policies in response.json()[apis_urls.perimeterobjectAPI][ids]['policy_list']: + apipoliciesid.append(commonfunctions.get_policyname(str(policies))) + apipolicies = ",".join(apipoliciesid) + else: + apipolicies = "" + apiresult.add_row(vals=( + apiobjectperimetername, apiobjectperimeterdescription, apipolicies)) + else: + apiresult.add_row(vals=("", "", "")) + + apiresult.sort('objectperimetername') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected object perimeter name: '" + str( + row1["objectperimetername"]) + "' is the same as the actual existing '" + str( + row2["objectperimetername"]) + "'") + assert str(row1["objectperimetername"]) == str( + row2["objectperimetername"]), "object perimeter name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected object perimeter description: '" + str( + row1["objectperimeterdescription"]) + "' is the same as the actual existing '" + str( + row2["objectperimeterdescription"]) + "'") + assert str(row1["objectperimeterdescription"]) == str( + row2["objectperimeterdescription"]), "object perimeter description is not correct!" + logger.info("assertion passed!") + + if (str(row1["policies"]).find(',') == -1): + logger.info("asserting the expected policies: '" + str( + row1["policies"]) + "' is the same as the actual existing '" + str( + row2["policies"]) + "'") + logger.info("policies is not correct!") + assert str(row1["policies"]) == str(row2["policies"]), " policies is not correct!" + else: + logger.info("asserting the expected policies: '" + ','.join( + sorted(str(row1["policies"]).split(','), key=str.lower)) + "' is the same as the actual existing '" + + ','.join(sorted(str(row2["policies"]).split(','), key=str.lower)) + "'") + logger.info("policies is not correct!") + assert ','.join(sorted(str(row1["policies"]).split(','), key=str.lower)) == ','.join( + sorted(str(row2["policies"]).split(','), key=str.lower)), " policies is not correct!" + logger.info("assertion passed!") + +# Step Definition Implementation: +# 1) Get all the existing subject perimeter by get request and put them into a table +# 2) Sort the table by subject perimeter +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following action perimeter should be existed in the system') +def step_impl(context): + logger.info("Then the following action perimeter should be existed in the system") + response = requests.get(apis_urls.serverURL + apis_urls.perimeteractionAPI,headers=apis_urls.auth_headers) + apiresult = Table( + names=('actionperimetername', 'actionperimeterdescription', 'policies'), + dtype=('S100', 'S100', 'S100')) + if len(response.json()[apis_urls.perimeteractionAPI]) != 0: + for ids in dict(response.json()[apis_urls.perimeteractionAPI]).keys(): + apipolicies = "" + apipoliciesid = [] + apiactionperimetername = response.json()[apis_urls.perimeteractionAPI][ids]['name'] + apiactionperimeterdescription = response.json()[apis_urls.perimeteractionAPI][ids]['description'] + if (len(response.json()[apis_urls.perimeteractionAPI][ids]['policy_list']) != 0): + for policies in response.json()[apis_urls.perimeteractionAPI][ids]['policy_list']: + apipoliciesid.append(commonfunctions.get_policyname(str(policies))) + apipolicies = ",".join(apipoliciesid) + else: + apipolicies = "" + apiresult.add_row(vals=( + apiactionperimetername, apiactionperimeterdescription, apipolicies)) + else: + apiresult.add_row(vals=("", "", "")) + + apiresult.sort('actionperimetername') + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected action perimeter name: '" + str( + row1["actionperimetername"]) + "' is the same as the actual existing '" + str( + row2["actionperimetername"]) + "'") + assert str(row1["actionperimetername"]) == str( + row2["actionperimetername"]), "action perimeter name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected action perimeter description: '" + str( + row1["actionperimeterdescription"]) + "' is the same as the actual existing '" + str( + row2["actionperimeterdescription"]) + "'") + assert str(row1["actionperimeterdescription"]) == str( + row2["actionperimeterdescription"]), "action perimeter description is not correct!" + logger.info("assertion passed!") + + if(str(row1["policies"]).find(',')==-1): + logger.info("asserting the expected policies: '" + str( + row1["policies"]) + "' is the same as the actual existing '" + str( + row2["policies"]) + "'") + logger.info("policies is not correct!") + assert str(row1["policies"]) == str(row2["policies"]), " policies is not correct!" + else: + + logger.info("asserting the expected policies: '" + ','.join(sorted(str(row1["policies"]).split(','),key=str.lower)) + "' is the same as the actual existing '" + + ','.join(sorted(str(row2["policies"]).split(','), key=str.lower)) + "'") + logger.info("policies is not correct!") + assert ','.join(sorted(str(row1["policies"]).split(','),key=str.lower)) == ','.join(sorted(str(row2["policies"]).split(','),key=str.lower)), " policies is not correct!" + logger.info("assertion passed!") diff --git a/moon_manager/tests/func_tests/features/steps/policy.py b/moon_manager/tests/func_tests/features/steps/policy.py new file mode 100644 index 00000000..faa7156a --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/policy.py @@ -0,0 +1,219 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from astropy.table import Table, Column +from common_functions import * +import requests +import json +import logging + +apis_urls = GeneralVariables() +commonfunctions = commonfunctions() + +logger = logging.getLogger(__name__) + +# Step Definition Implementation: +# 1) Get all the existing policies in the system +# 2) Loop by id and delete them +@Given('the system has no policies') +def step_impl(context): + logger.info("Given the system has no policies") + api_responseflag = {'value': False} + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + response = requests.get(apis_urls.serverURL + apis_urls.policyAPI, headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.policyAPI]) != 0: + for ids in dict(response.json()[apis_urls.policyAPI]).keys(): + response = requests.delete(apis_urls.serverURL + apis_urls.policyAPI + "/" + ids, + headers=headers) + + +# Step Definition Implementation: +# 1) Get model id by calling the common funtion: get_modelid +# 2) create the policy data jason then post it +@Given('the following policy exists') +def step_impl(context): + logger.info("Given the following policy exists") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "policy name: '" + row["policyname"] + "' policy description: '" + row[ + "policydescription"] + "' and model name:'" + row[ + "modelname"] + "' and genre '"+row['genre']+"'") + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + data = { + 'name': row["policyname"], + 'description': row["policydescription"], + 'model_id': commonfunctions.get_modelid(row['modelname']), + 'genre': row['genre'] + } + response = requests.post(apis_urls.serverURL + apis_urls.policyAPI, headers=headers, + data=json.dumps(data)) + + +# Step Definition Implementation: +# 1) Get model id by calling the common funtion: get_modelid +# 2) create the policy data jason then post it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following policy') +def step_impl(context): + logger.info("When the user sets to add the following policy") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "policy name: '" + row["policyname"] + "' policy description: '" + row[ + "policydescription"] + "' and model name:'" + row[ + "modelname"] + "' and genre '" + row['genre'] + "'") + policymodel = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['modelname']) > 20): + policymodel=row['modelname'] + else: + policymodel=commonfunctions.get_modelid(row['modelname']) + + data = { + 'name': row["policyname"], + 'description': row["policydescription"], + 'model_id': policymodel, + 'genre': row['genre'] + } + response = requests.post(apis_urls.serverURL + apis_urls.policyAPI, headers=headers, + data=json.dumps(data)) + + if response.status_code==200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + + +# Step Definition Implementation: +# 1) Get model id by calling the common funtion: get_modelid +# 2) create the policy jason then patch the policy after searching for it's id. +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to update the following policy') +def step_impl(context): + logger.info("When the user sets to update the following policy") + model = getattr(context, "model", None) + for row in context.table: + logger.info( + "policy name: '" + row["policyname"] + "' which will be updated to policy name:" + row[ + "updatedpolicyname"] + "' and policy description: '" + row[ + "updatedpolicydescription"] + "' model name: '" + row["updatedmodelname"] + "' and genre: '"+row["updatedgenre"]+"'") + policymodel = "" + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['updatedmodelname']) > 20): + policymodel = row['updatedmodelname'] + else: + policymodel = commonfunctions.get_modelid(row['updatedmodelname']) + + data = { + 'name': row["updatedpolicyname"], + 'description': row["updatedpolicydescription"], + 'model_id': policymodel, + 'genre': row['updatedgenre'] + } + response = requests.get(apis_urls.serverURL + apis_urls.policyAPI, headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.policyAPI]).keys(): + if (response.json()[apis_urls.policyAPI][ids]['name'] == row["policyname"]): + print(apis_urls.serverURL + apis_urls.policyAPI + '/' + ids) + response = requests.patch(apis_urls.serverURL + apis_urls.policyAPI + '/' + ids, headers=headers, + data=json.dumps(data)) + logger.info(response.json()) + logger.info(response.status_code) + break + if response.status_code==200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the policy by get request +# 2) Loop by ids and search for the matching policy by name and delete it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following policy') +def step_impl(context): + logger.info("When the user sets to delete the following policy") + + model = getattr(context, "model", None) + for row in context.table: + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + logger.info("policy name:'" +row["policyname"]+"'") + response = requests.get(apis_urls.serverURL + apis_urls.policyAPI, headers=apis_urls.auth_headers) + for ids in dict(response.json()[apis_urls.policyAPI]).keys(): + if (response.json()[apis_urls.policyAPI][ids]['name'] == row["policyname"]): + GeneralVariables.assignpolicyid['value']=ids + response = requests.delete(apis_urls.serverURL + apis_urls.policyAPI + "/" + ids, + headers=headers) + break + + if response.status_code==200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the existing policies by get request and put them into a table +# 2) Sort the table by policy name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following policy should be existed in the system') +def step_impl(context): + logger.info("Then the following policy should be existed in the system") + response = requests.get(apis_urls.serverURL + apis_urls.policyAPI, headers=apis_urls.auth_headers) + #print(response) + apiresult = Table( + names=('policyname', 'policydescription', 'modelname','genre'), + dtype=('S100', 'S100', 'S100','S100')) + if len(response.json()[apis_urls.policyAPI]) != 0: + for ids in dict(response.json()[apis_urls.policyAPI]).keys(): + apipolicyname = response.json()[apis_urls.policyAPI][ids]['name'] + apipolicydescription = response.json()[apis_urls.policyAPI][ids]['description'] + apipolicymodel = commonfunctions.get_modelname(response.json()[apis_urls.policyAPI][ids]['model_id']) + apipolicygenre=response.json()[apis_urls.policyAPI][ids]['genre'] + + apiresult.add_row(vals=( + apipolicyname, apipolicydescription, apipolicymodel,apipolicygenre)) + + else: + apiresult.add_row(vals=("", "", "","")) + + apiresult.sort('policyname') + + for row1, row2 in zip(context.table, apiresult): + logger.info("asserting the expected policy name: '" + str( + row1["policyname"]) + "' is the same as the actual existing '" + str( + row2["policyname"]) + "'") + assert str(row1["policyname"]) == str(row2["policyname"]), "policy name is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected policy description: '" + str( + row1["policydescription"]) + "' is the same as the actual existing '" + str( + row2["policydescription"]) + "'") + assert str(row1["policydescription"]) == str(row2["policydescription"]), "policy description is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected genre: '" + str( + row1["genre"]) + "' is the same as the actual existing '" + str( + row2["genre"]) + "'") + assert str(row1["genre"]) == str(row2["genre"]), "genre is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected model name: '" + str( + row1["modelname"]) + "' is the same as the actual existing '" + str( + row2["modelname"]) + "'") + assert str(row1["modelname"]) == str(row2["modelname"]), "model name is not correct!" + logger.info("assertion passed!")
\ No newline at end of file diff --git a/moon_manager/tests/func_tests/features/steps/rules.py b/moon_manager/tests/func_tests/features/steps/rules.py new file mode 100644 index 00000000..4dd85e2c --- /dev/null +++ b/moon_manager/tests/func_tests/features/steps/rules.py @@ -0,0 +1,495 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from behave import * +from Static_Variables import GeneralVariables +from astropy.table import Table, Column +from common_functions import * +import numpy as np +import requests +import json +import logging + +apis_urls = GeneralVariables() +commonfunctions = commonfunctions() + +logger = logging.getLogger(__name__) + +# Step Definition Implementation: +# 1) Get all the existing rules by the policy id +# 2) Loop by assignment id and delete it +@Given('the system has no rules') +def step_impl(context): + logger.info("Given the system has no rules") + + response_policies = requests.get(apis_urls.serverURL + apis_urls.policyAPI, headers=apis_urls.auth_headers) + #logger.info(response_policies.json()) + if len(response_policies.json()[apis_urls.policyAPI]) != 0: + apiruleid = [] + for policies_ids in dict(response_policies.json()[apis_urls.policyAPI]).keys(): + response = requests.get( + apis_urls.serverURL + "policies/" + policies_ids + "/" + apis_urls.rulesAPI + "/", headers=apis_urls.auth_headers) + if len(response.json()[apis_urls.rulesAPI]['rules']) != 0: + for ids in range(len(response.json()[apis_urls.rulesAPI]['rules'])): + apiruleid.append(dict(response.json()[apis_urls.rulesAPI]['rules'][ids])['id']) + for ruleid in apiruleid: + response = requests.delete( + apis_urls.serverURL + "policies/" + policies_ids + "/" + apis_urls.rulesAPI + "/" + ruleid, headers=apis_urls.auth_headers) + +# Step Definition Implementation: +# 1) Add rule using the post request +@Given('the following rule exists') +def step_impl(context): + logger.info("Given the following rule exists") + api_responseflag = {'value': False} + model = getattr(context, "model", None) + for row in context.table: + subjectcategoryidslist = [] + subjectdataidslist = [] + objectcategoryidslist = [] + objectdataidslist = [] + actioncategoryidslist = [] + actiondataidslist = [] + ruleidslist = [] + metaruleids = "" + subjectindex = 0 + objectindex = 0 + actionindex = 0 + logger.info( + "rule '" + row["rule"] + "' and metarule name:'" + row[ + "metarulename"] + "' and instructions: '" + row[ + "instructions"] + "' and policyname:'" + row[ + "policyname"] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['policyname']) > 25): + policies_id = row['policyname'] + else: + policies_id = commonfunctions.get_policyid(row['policyname']) + + ruleparameter = row["rule"].split(",") + metarules_response = requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers) + for metaruleids in dict(metarules_response.json()[apis_urls.metarulesAPI]).keys(): + if (metarules_response.json()[apis_urls.metarulesAPI][metaruleids]['name'] == row["metarulename"]): + meta_rule_id = metaruleids + subjectcategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['subject_categories'] + objectcategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['object_categories'] + actioncategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['action_categories'] + break + + index = 0 + for categoryid in subjectcategorieslist: + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.datasubjectAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.datasubjectAPI]) != 0: + for ids in data_response.json()[apis_urls.datasubjectAPI][0]['data']: + if (data_response.json()[apis_urls.datasubjectAPI][0]['data'][str(ids)]['name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + + for categoryid in objectcategorieslist: + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.dataobjectAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.dataobjectAPI]) != 0: + for ids in data_response.json()[apis_urls.dataobjectAPI][0]['data']: + if (data_response.json()[apis_urls.dataobjectAPI][0]['data'][str(ids)]['name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + for categoryid in actioncategorieslist: + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.dataactionAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.dataactionAPI]) != 0: + for ids in data_response.json()[apis_urls.dataactionAPI][0]['data']: + if (data_response.json()[apis_urls.dataactionAPI][0]['data'][str(ids)]['name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + + data = { + 'meta_rule_id': meta_rule_id, + 'rule': ruleidslist, + 'instructions': [{"decision": row['instructions']}], + 'enabled': 'True' + } + rulesresponse = requests.post(apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.rulesAPI, + headers=headers, + data=json.dumps(data)) + + +# Step Definition Implementation: +# 1) Add subject meta data using the post request +# 2) If the request code was 200 set the api response flag to true else false +@When('the user sets to add the following rules') +def step_impl(context): + logger.info("When the user sets to add the following rules") + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + api_responseflag = {'value': False} + model = getattr(context, "model", None) + for row in context.table: + subjectcategoryidslist = [] + subjectdataidslist = [] + objectcategoryidslist = [] + objectdataidslist = [] + actioncategoryidslist = [] + actiondataidslist = [] + ruleidslist = [] + metaruleids = "" + subjectindex = 0 + objectindex = 0 + actionindex = 0 + logger.info( + "rule '" + row["rule"] + "' and metarule name:'" + row[ + "metarulename"] + "' and instructions: '" + row[ + "instructions"] + "' and policyname:'" + row[ + "policyname"] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if(row['policyname']=="" or row['policyname']=="000000000000000000000000000000000000000000000000000"): + policyname="Stanford Policy" + else: + policyname=row['policyname'] + policies_id = commonfunctions.get_policyid(policyname) + + if(row["metarulename"]=="" or row["metarulename"]=="000000000000000000000000000000000000000000000000000"): + mata_rule_name="metarule1" + else: + mata_rule_name = row['metarulename'] + + + if (row["rule"] != ""): + ruleparameter = row["rule"].split(",") + metarules_response = requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers) + for metaruleids in dict(metarules_response.json()[apis_urls.metarulesAPI]).keys(): + if (metarules_response.json()[apis_urls.metarulesAPI][metaruleids]['name'] == mata_rule_name): + meta_rule_id = metaruleids + subjectcategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['subject_categories'] + objectcategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['object_categories'] + actioncategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['action_categories'] + break + + index = 0 + for categoryid in subjectcategorieslist: + if (index < len(ruleparameter)): + if (len(ruleparameter[index]) < 30): + if (ruleparameter[index] != ""): + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.datasubjectAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.datasubjectAPI]) != 0: + for ids in data_response.json()[apis_urls.datasubjectAPI][0]['data']: + if (index < len(ruleparameter)): + if (data_response.json()[apis_urls.datasubjectAPI][0]['data'][str(ids)][ + 'name'] == + ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + else: + break + else: + ruleidslist.append("") + index = index + 1 + else: + ruleidslist.append(ruleparameter[index]) + index = index + 1 + for categoryid in objectcategorieslist: + if (index < len(ruleparameter)): + if (len(ruleparameter[index]) < 30): + if (ruleparameter[index] != ""): + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.dataobjectAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.dataobjectAPI]) != 0: + for ids in data_response.json()[apis_urls.dataobjectAPI][0]['data']: + if (index < len(ruleparameter)): + if (data_response.json()[apis_urls.dataobjectAPI][0]['data'][str(ids)][ + 'name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + else: + break + else: + ruleidslist.append("") + index = index + 1 + else: + ruleidslist.append(ruleparameter[index]) + index = index + 1 + + for categoryid in actioncategorieslist: + if (index < len(ruleparameter)): + if (len(ruleparameter[index]) < 30): + if (ruleparameter[index] != ""): + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.dataactionAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.dataactionAPI]) != 0: + for ids in data_response.json()[apis_urls.dataactionAPI][0]['data']: + if (index < len(ruleparameter)): + if (data_response.json()[apis_urls.dataactionAPI][0]['data'][str(ids)][ + 'name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + else: + break + else: + ruleidslist.append("") + index = index + 1 + else: + ruleidslist.append(ruleparameter[index]) + index = index + 1 + if(row["metarulename"]=="" or row["metarulename"] == "000000000000000000000000000000000000000000000000000"): + meta_rule_id=row["metarulename"] + if (row["policyname"] == "" or row["policyname"] == "000000000000000000000000000000000000000000000000000"): + policies_id = row["policyname"] + data = { + 'meta_rule_id': meta_rule_id, + 'rule': ruleidslist, + 'instructions': [{"decision": row['instructions']}], + 'enabled': 'True' + } + else: + + data = { + 'meta_rule_id': commonfunctions.get_metaruleid(mata_rule_name), + 'rule': [], + 'instructions': [{"decision": row['instructions']}], + 'enabled': 'True' + } + rulesresponse = requests.post(apis_urls.serverURL + "policies/" + str(policies_id) + "/" + apis_urls.rulesAPI, + headers=headers, + data=json.dumps(data)) + logger.info(rulesresponse.json()) + if rulesresponse.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the meta rule by get request +# 2) Loop by ids and search for the matching meta rule by name and delete it +# 3) If the request code was 200 set the api response flag to true else false +@When('the user sets to delete the following rules') +def step_impl(context): + logger.info("When the user sets to delete the following rules") + for row in context.table: + subjectcategoryidslist = [] + subjectdataidslist = [] + objectcategoryidslist = [] + objectdataidslist = [] + actioncategoryidslist = [] + actiondataidslist = [] + ruleidslist = [] + metaruleids = "" + subjectindex = 0 + objectindex = 0 + actionindex = 0 + logger.info( + "rule '" + row["rule"] + "' and metarule name:'" + row[ + "metarulename"] + "' and policyname:'" + row[ + "policyname"] + "'") + + headers = {"Content-Type": "application/json", "X-Api-Key": apis_urls.token} + + if (len(row['policyname']) > 25): + policies_id = row['policyname'] + else: + policies_id = commonfunctions.get_policyid(row['policyname']) + + ruleparameter = row["rule"].split(",") + metarules_response = requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers) + for metaruleids in dict(metarules_response.json()[apis_urls.metarulesAPI]).keys(): + if (metarules_response.json()[apis_urls.metarulesAPI][metaruleids]['name'] == row["metarulename"]): + meta_rule_id = metaruleids + subjectcategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['subject_categories'] + objectcategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['object_categories'] + actioncategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['action_categories'] + break + + index = 0 + for categoryid in subjectcategorieslist: + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.datasubjectAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.datasubjectAPI]) != 0: + for ids in data_response.json()[apis_urls.datasubjectAPI][0]['data']: + if (data_response.json()[apis_urls.datasubjectAPI][0]['data'][str(ids)]['name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + + for categoryid in objectcategorieslist: + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.dataobjectAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.dataobjectAPI]) != 0: + for ids in data_response.json()[apis_urls.dataobjectAPI][0]['data']: + if (data_response.json()[apis_urls.dataobjectAPI][0]['data'][str(ids)]['name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + for categoryid in actioncategorieslist: + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.dataactionAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.dataactionAPI]) != 0: + for ids in data_response.json()[apis_urls.dataactionAPI][0]['data']: + if (data_response.json()[apis_urls.dataactionAPI][0]['data'][str(ids)]['name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + + rulesresponse = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.rulesAPI + "/", headers=apis_urls.auth_headers) + + if len(rulesresponse.json()[apis_urls.rulesAPI]) != 0: + for ids in range(len(rulesresponse.json()[apis_urls.rulesAPI]['rules'])): + if (dict(rulesresponse.json()[apis_urls.rulesAPI]['rules'][ids])[ + 'rule'] == ruleidslist): + ruleid = dict(rulesresponse.json()[apis_urls.rulesAPI]['rules'][ids])['id'] + rulesresponse = requests.delete( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.rulesAPI + "/" + ruleid,headers=apis_urls.auth_headers) + + if rulesresponse.status_code == 200: + GeneralVariables.api_responseflag['value'] = 'True' + else: + GeneralVariables.api_responseflag['value'] = 'False' + +# Step Definition Implementation: +# 1) Get all the existing rules per a given policy, metarule using get request and put them into a table +# 2) Sort the table by policy name +# 3) Loop using both the expected and actual tables and assert the data row by row +@Then('the following rules should be existed in the system') +def step_impl(context): + logger.info("Then the following rule should be existed in the system") + model = getattr(context, "model", None) + apiresult = Table(names=('rule', 'metarule', 'instructions', 'policyname'), + dtype=('S1000', 'S100', 'S100', 'S100')) + + expectedresult = Table(names=('rule', 'metarule', 'instructions', 'policyname'), + dtype=('S1000', 'S100', 'S100', 'S100')) + + for row in context.table: + ruleidslist = [] + apirule = [] + if (len(row['policyname']) > 25): + policies_id = row['policyname'] + else: + policies_id = commonfunctions.get_policyid(row['policyname']) + + ruleparameter = row["rule"].split(",") + metarules_response = requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers) + for metaruleids in dict(metarules_response.json()[apis_urls.metarulesAPI]).keys(): + if (metarules_response.json()[apis_urls.metarulesAPI][metaruleids]['name'] == row["metarulename"]): + meta_rule_id = metaruleids + subjectcategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['subject_categories'] + objectcategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['object_categories'] + actioncategorieslist = \ + requests.get(apis_urls.serverURL + apis_urls.metarulesAPI, headers=apis_urls.auth_headers).json()[apis_urls.metarulesAPI][ + metaruleids]['action_categories'] + + index = 0 + for categoryid in subjectcategorieslist: + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.datasubjectAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.datasubjectAPI]) != 0: + for ids in data_response.json()[apis_urls.datasubjectAPI][0]['data']: + if (data_response.json()[apis_urls.datasubjectAPI][0]['data'][ids]['name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + + for categoryid in objectcategorieslist: + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.dataobjectAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.dataobjectAPI]) != 0: + for ids in data_response.json()[apis_urls.dataobjectAPI][0]['data']: + if (data_response.json()[apis_urls.dataobjectAPI][0]['data'][ids]['name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + + for categoryid in actioncategorieslist: + data_response = requests.get( + apis_urls.serverURL + "policies/" + policies_id + "/" + apis_urls.dataactionAPI + "/" + categoryid, headers=apis_urls.auth_headers) + if len(data_response.json()[apis_urls.dataactionAPI]) != 0: + for ids in data_response.json()[apis_urls.dataactionAPI][0]['data']: + if (data_response.json()[apis_urls.dataactionAPI][0]['data'][ids]['name'] == ruleparameter[ + index]): + ruleidslist.append(ids) + index = index + 1 + expectedresult.add_row(vals=(','.join(ruleidslist), meta_rule_id, row['instructions'], policies_id)) + + if (row['policyname'] != ""): + apipolicyid = commonfunctions.get_policyid( + row['policyname']) + response = requests.get( + apis_urls.serverURL + "policies/" + commonfunctions.get_policyid( + row['policyname']) + "/" + apis_urls.rulesAPI + "/", headers=apis_urls.auth_headers) + + if len(response.json()[apis_urls.rulesAPI]) != 0: + for ids in range(len(response.json()[apis_urls.rulesAPI]['rules'])): + if (dict(response.json()[apis_urls.rulesAPI]['rules'][ids])[ + 'meta_rule_id'] == commonfunctions.get_metaruleid(row['metarulename'])): + apirule = dict(response.json()[apis_urls.rulesAPI]['rules'][ids])['rule'] + #logger.info(dict(dict(response.json()[apis_urls.rulesAPI]['rules'][ids])['instructions'][0])['decision']) + apiinstructions = dict(dict(response.json()[apis_urls.rulesAPI]['rules'][ids])['instructions'][0])['decision'] + apimetaruleid = dict(response.json()[apis_urls.rulesAPI]['rules'][ids])['meta_rule_id'] + apiresult.add_row(vals=(','.join(apirule), apimetaruleid, apiinstructions, apipolicyid)) + + else: + apiresult.add_row(vals=("", "", "", "")) + + else: + apiresult.add_row(vals=("", "", "", "")) + + apiresult.sort('policyname') + expectedresult.sort('policyname') + for row1, row2 in zip(expectedresult, apiresult): + logger.info("asserting the expected rule: '" + str( + row1["rule"]) + "' is the same as the actual existing '" + str( + row2["rule"]) + "'") + assert str(row1["rule"]) == str(row2["rule"]), "rule is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected instructions: '" + str( + row1["instructions"]) + "' is the same as the actual existing '" + str( + row2["instructions"]) + "'") + assert str(row1["instructions"]) == str(row2["instructions"]), "instructions is not correct!" + logger.info("assertion passed!") + + logger.info("asserting the expected metarule: '" + str( + row1["metarule"]) + "' is the same as the actual existing '" + str( + row2["metarule"]) + "'") + assert str(row1["metarule"]) == str(row2["metarule"]), "metarule is not correct!" + logger.info("assertion passed!") |