diff options
Diffstat (limited to 'moon_manager/tests/unit_python/helpers')
11 files changed, 1089 insertions, 0 deletions
diff --git a/moon_manager/tests/unit_python/helpers/__init__.py b/moon_manager/tests/unit_python/helpers/__init__.py new file mode 100644 index 00000000..582be686 --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/__init__.py @@ -0,0 +1,11 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + diff --git a/moon_manager/tests/unit_python/helpers/assignment_helper.py b/moon_manager/tests/unit_python/helpers/assignment_helper.py new file mode 100644 index 00000000..05d13c46 --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/assignment_helper.py @@ -0,0 +1,57 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + + +def get_action_assignments(policy_id, action_id=None, category_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_action_assignments("", policy_id, action_id, category_id) + + +def add_action_assignment(policy_id, action_id, category_id, data_id): + from moon_manager.db_driver import PolicyManager + return PolicyManager.add_action_assignment("", policy_id, action_id, category_id, data_id) + + +def delete_action_assignment(policy_id, action_id, category_id, data_id): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_action_assignment("", policy_id, action_id, category_id, data_id) + + +def get_object_assignments(policy_id, object_id=None, category_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_object_assignments("", policy_id, object_id, category_id) + + +def add_object_assignment(policy_id, object_id, category_id, data_id): + from moon_manager.db_driver import PolicyManager + return PolicyManager.add_object_assignment("", policy_id, object_id, category_id, data_id) + + +def delete_object_assignment(policy_id, object_id, category_id, data_id): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_object_assignment("", policy_id, object_id, category_id, data_id) + + +def get_subject_assignments(policy_id, subject_id=None, category_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_subject_assignments("", policy_id, subject_id, category_id) + + +def add_subject_assignment(policy_id, subject_id, category_id, data_id): + from moon_manager.db_driver import PolicyManager + return PolicyManager.add_subject_assignment("", policy_id, subject_id, category_id, data_id) + + +def delete_subject_assignment(policy_id, subject_id, category_id, data_id): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_subject_assignment("", policy_id, subject_id, category_id, data_id) + diff --git a/moon_manager/tests/unit_python/helpers/category_helper.py b/moon_manager/tests/unit_python/helpers/category_helper.py new file mode 100644 index 00000000..bbb04e09 --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/category_helper.py @@ -0,0 +1,47 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + + +def add_subject_category(cat_id=None, value=None): + from moon_manager.db_driver import ModelManager + category = ModelManager.add_subject_category(moon_user_id=None, category_id=cat_id, value=value) + return category + + +def get_subject_category(cat_id=None): + from moon_manager.db_driver import ModelManager + category = ModelManager.get_subject_categories(moon_user_id=None, category_id=cat_id) + return category + + +def add_object_category(cat_id=None, value=None): + from moon_manager.db_driver import ModelManager + category = ModelManager.add_object_category(moon_user_id=None, category_id=cat_id, value=value) + return category + + +def get_object_category(cat_id=None): + from moon_manager.db_driver import ModelManager + category = ModelManager.get_object_categories(moon_user_id=None, category_id=cat_id) + return category + + +def add_action_category(cat_id=None, value=None): + from moon_manager.db_driver import ModelManager + category = ModelManager.add_action_category(moon_user_id=None, category_id=cat_id, value=value) + return category + + +def get_action_category(cat_id=None): + from moon_manager.db_driver import ModelManager + category = ModelManager.get_action_categories(moon_user_id=None, category_id=cat_id) + return category diff --git a/moon_manager/tests/unit_python/helpers/data_builder.py b/moon_manager/tests/unit_python/helpers/data_builder.py new file mode 100644 index 00000000..e2799375 --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/data_builder.py @@ -0,0 +1,283 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +import hug +from .category_helper import * +from .policy_helper import * +from .data_helper import * +from helpers import model_helper +from .meta_rule_helper import * +from uuid import uuid4 + + +def create_subject_category(name): + subject_category = add_subject_category( + value={"name": name + uuid4().hex, "description": "description 1"}) + return list(subject_category.keys())[0] + + +def create_object_category(name): + object_category = add_object_category( + value={"name": name + uuid4().hex, "description": "description 1"}) + return list(object_category.keys())[0] + + +def create_action_category(name): + action_category = add_action_category( + value={"name": name + uuid4().hex, "description": "description 1"}) + return list(action_category.keys())[0] + + +def create_model(meta_rule_id, model_name="test_model"): + value = { + "name": model_name + uuid4().hex, + "description": "test", + "meta_rules": [meta_rule_id] + + } + return value + + +def create_policy(model_id, policy_name="policy_1"): + value = { + "name": policy_name, + "model_id": model_id, + "genre": "authz", + "description": "test", + } + return value + + +def create_pdp(policies_ids): + value = { + "name": "test_pdp", + "security_pipeline": policies_ids, + "vim_project_id": "vim_project_id1", + "description": "...", + } + return value + + +def create_new_policy(subject_category_name=None, object_category_name=None, + action_category_name=None, model_name=None, policy_name=None, + meta_rule_name=None): + if not subject_category_name: + subject_category_name = "subjectCategory_" + uuid4().hex + if not object_category_name: + object_category_name = "objectCategory_" + uuid4().hex + if not action_category_name: + action_category_name = "actionCategory_" + uuid4().hex + + if not meta_rule_name: + meta_rule_name = "meta_rule_" + uuid4().hex + + if not model_name: + model_name = "model_name_" + uuid4().hex + if not policy_name: + policy_name = "policy_name_" + uuid4().hex + + subject_category_id, object_category_id, action_category_id, meta_rule_id = create_new_meta_rule( + subject_category_name=subject_category_name + uuid4().hex, + object_category_name=object_category_name + uuid4().hex, + action_category_name=action_category_name + uuid4().hex, + meta_rule_name=meta_rule_name + uuid4().hex + ) + + model = model_helper.add_model(value=create_model(meta_rule_id, model_name + uuid4().hex)) + model_id = list(model.keys())[0] + value = create_policy(model_id, policy_name + uuid4().hex) + policy = add_policies(value=value) + assert policy + policy_id = list(policy.keys())[0] + return subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id + + +def create_new_meta_rule(subject_category_name=None, object_category_name=None, + action_category_name=None, meta_rule_name=None, empty=None): + if not subject_category_name: + subject_category_name = "subjectCategory_" + uuid4().hex + if not object_category_name: + object_category_name = "objectCategory_" + uuid4().hex + if not action_category_name: + action_category_name = "actionCategory_" + uuid4().hex + + if not meta_rule_name: + meta_rule_name = "meta_rule_" + uuid4().hex + + subject_category_id = create_subject_category(subject_category_name) + object_category_id = create_object_category(object_category_name) + action_category_id = create_action_category(action_category_name) + value = {"name": meta_rule_name, + "description": "name of the meta rule algorithm", + "subject_categories": [subject_category_id], + "object_categories": [object_category_id], + "action_categories": [action_category_id] + } + if empty == 'subject': + value["subject_categories"] = [] + if empty == 'object': + value["object_categories"] = [] + if empty == 'action': + value["action_categories"] = [] + meta_rule = add_meta_rule(value=value) + return subject_category_id, object_category_id, action_category_id, list(meta_rule.keys())[0] + + +def create_subject(policy_id): + value = { + "name": "testuser" + uuid4().hex, + "description": "test", + } + subject = add_subject(policy_id=policy_id, value=value) + return list(subject.keys())[0] + + +def create_object(policy_id): + value = { + "name": "testobject" + uuid4().hex, + "description": "test", + } + object = add_object(policy_id=policy_id, value=value) + return list(object.keys())[0] + + +def create_action(policy_id): + value = { + "name": "testaction" + uuid4().hex, + "description": "test", + } + action = add_action(policy_id=policy_id, value=value) + return list(action.keys())[0] + + +def create_subject_data(policy_id, category_id): + value = { + "name": "subject-security-level", + "description": {"low": "", "medium": "", "high": ""}, + } + subject_data = add_subject_data(policy_id=policy_id, category_id=category_id, value=value).get( + 'data') + assert subject_data + return list(subject_data.keys())[0] + + +def create_object_data(policy_id, category_id): + value = { + "name": "object-security-level", + "description": {"low": "", "medium": "", "high": ""}, + } + object_data = add_object_data(policy_id=policy_id, category_id=category_id, value=value).get( + 'data') + return list(object_data.keys())[0] + + +def create_action_data(policy_id, category_id): + value = { + "name": "action-type", + "description": {"vm-action": "", "storage-action": "", }, + } + action_data = add_action_data(policy_id=policy_id, category_id=category_id, value=value).get( + 'data') + return list(action_data.keys())[0] + + +def get_policy_id_with_subject_assignment(): + from moon_manager.api import assignments + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = create_new_policy( + subject_category_name="subject_category1" + uuid4().hex, + object_category_name="object_category1" + uuid4().hex, + action_category_name="action_category1" + uuid4().hex, + meta_rule_name="meta_rule_1" + uuid4().hex) + subject_id = create_subject(policy_id) + data_id = create_subject_data(policy_id=policy_id, category_id=subject_category_id) + + data = { + "id": subject_id, + "category_id": subject_category_id, + "data_id": data_id + } + response = hug.test.post(assignments, "/policies/{}/subject_assignments/".format(policy_id), + body=data, headers=auth_headers) + return policy_id + + +def get_policy_id_with_object_assignment(): + from moon_manager.api import assignments + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = create_new_policy( + subject_category_name="subject_category1" + uuid4().hex, + object_category_name="object_category1" + uuid4().hex, + action_category_name="action_category1" + uuid4().hex, + meta_rule_name="meta_rule_1" + uuid4().hex) + object_id = create_object(policy_id) + data_id = create_object_data(policy_id=policy_id, category_id=object_category_id) + + data = { + "id": object_id, + "category_id": object_category_id, + "data_id": data_id + } + + hug.test.post(assignments, "policies/{}/object_assignments".format(policy_id), body=data, + headers=auth_headers) + return policy_id + + +def get_policy_id_with_action_assignment(): + from moon_manager.api import assignments + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = create_new_policy( + subject_category_name="subject_category1" + uuid4().hex, + object_category_name="object_category1" + uuid4().hex, + action_category_name="action_category1" + uuid4().hex, + meta_rule_name="meta_rule_1" + uuid4().hex) + action_id = create_action(policy_id) + data_id = create_action_data(policy_id=policy_id, category_id=action_category_id) + + data = { + "id": action_id, + "category_id": action_category_id, + "data_id": data_id + } + hug.test.post(assignments, "policies/{}/action_assignments".format(policy_id), body =data, + headers=auth_headers) + return policy_id + + +def add_rules(): + from moon_manager.api import rules + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + sub_id, obj_id, act_id, meta_rule_id, policy_id = create_new_policy("sub_cat" + uuid4().hex, + "obj_cat" + uuid4().hex, + "act_cat" + uuid4().hex) + sub_data_id = create_subject_data(policy_id, sub_id) + obj_data_id = create_object_data(policy_id, obj_id) + act_data_id = create_action_data(policy_id, act_id) + data = { + "meta_rule_id": meta_rule_id, + "rule": [sub_data_id, obj_data_id, act_data_id], + "instructions": [ + {"decision": "grant"}, + ], + "enabled": True + } + req = hug.test.post(rules, "policies/{}/rules".format(policy_id), body=data, headers=auth_headers) + return req, req.data, policy_id diff --git a/moon_manager/tests/unit_python/helpers/data_helper.py b/moon_manager/tests/unit_python/helpers/data_helper.py new file mode 100644 index 00000000..cb1ee38c --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/data_helper.py @@ -0,0 +1,106 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + + +def get_action_data(policy_id, data_id=None, category_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_action_data(moon_user_id="admin", policy_id=policy_id, data_id=data_id, category_id=category_id) + + +def add_action_data(policy_id, data_id=None, category_id=None, value=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.add_action_data(moon_user_id="admin", policy_id=policy_id, data_id=data_id, category_id=category_id, value=value) + + +def delete_action_data(policy_id, data_id): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_action_data(moon_user_id="admin", policy_id=policy_id, data_id=data_id) + + +def get_object_data(policy_id, data_id=None, category_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_object_data(moon_user_id="admin", policy_id=policy_id, data_id=data_id, category_id=category_id) + + +def add_object_data(policy_id, data_id=None, category_id=None, value=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.add_object_data(moon_user_id="admin", policy_id=policy_id, data_id=data_id, category_id=category_id, value=value) + + +def delete_object_data(policy_id, data_id): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_object_data(moon_user_id="admin", policy_id=policy_id, data_id=data_id) + + +def get_subject_data(policy_id, data_id=None, category_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_subject_data(moon_user_id="admin", policy_id=policy_id, data_id=data_id, category_id=category_id) + + +def add_subject_data(policy_id, data_id=None, category_id=None, value=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.set_subject_data(moon_user_id="admin", policy_id=policy_id, data_id=data_id, category_id=category_id, value=value) + + +def delete_subject_data(policy_id, data_id): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_subject_data(moon_user_id="admin", policy_id=policy_id, data_id=data_id) + + +def get_actions(policy_id, perimeter_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_actions(moon_user_id="admin", policy_id=policy_id, perimeter_id=perimeter_id) + + +def add_action(policy_id, perimeter_id=None, value=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.add_action(moon_user_id="admin", policy_id=policy_id, perimeter_id=perimeter_id, value=value) + + +def delete_action(policy_id, perimeter_id): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_action(moon_user_id="admin", policy_id=policy_id, perimeter_id=perimeter_id) + + +def get_objects(policy_id, perimeter_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_objects(moon_user_id="admin", policy_id=policy_id, perimeter_id=perimeter_id) + + +def add_object(policy_id, perimeter_id=None, value=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.add_object(moon_user_id="admin", policy_id=policy_id, perimeter_id=perimeter_id, value=value) + + +def delete_object(policy_id, perimeter_id): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_object(moon_user_id="admin", policy_id=policy_id, perimeter_id=perimeter_id) + + +def get_subjects(policy_id, perimeter_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_subjects(moon_user_id="admin", policy_id=policy_id, perimeter_id=perimeter_id) + + +def add_subject(policy_id, perimeter_id=None, value=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.add_subject(moon_user_id="admin", policy_id=policy_id, perimeter_id=perimeter_id, value=value) + + +def delete_subject(policy_id, perimeter_id): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_subject(moon_user_id="admin", policy_id=policy_id, perimeter_id=perimeter_id) + + +def get_available_metadata(policy_id): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_available_metadata(moon_user_id="admin", policy_id=policy_id) diff --git a/moon_manager/tests/unit_python/helpers/import_export_helper.py b/moon_manager/tests/unit_python/helpers/import_export_helper.py new file mode 100644 index 00000000..1ba94fd0 --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/import_export_helper.py @@ -0,0 +1,287 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from api import test_models as test_models +from api import test_policies as test_policies +from api import test_perimeter as test_perimeter +from api import test_meta_data as test_categories +from api import test_data as test_data +from api import test_meta_rules as test_meta_rules +from api import test_assignement as test_assignments +from api import test_rules as test_rules +import logging +import hug + +logger = logging.getLogger("moon.manager.test.api." + __name__) + + +def clean_models(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + req, models = test_models.get_models() + for key in models["models"]: + from moon_manager.api import models + hug.test.delete(models, "/models/{}".format(key), headers=auth_headers) + + +def clean_policies(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + req = test_policies.get_policies(auth_headers=auth_headers) + + policies = req.data + for key in policies["policies"]: + from moon_manager.api import policy + req = hug.test.delete(policy, "/policies/{}".format(key), headers=auth_headers) + assert req.status == hug.HTTP_200 + + +def clean_subjects(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + subjects = test_perimeter.get_subjects() + logger.info("subjects {}".format(subjects)) + for key in subjects[1]["subjects"]: + subject = subjects[1]["subjects"][key] + policy_keys = subject["policy_list"] + logger.info("subjects policy_keys {}".format(policy_keys)) + for policy_key in policy_keys: + from moon_manager.api import perimeter + hug.test.delete(perimeter, "/policies/{}/subjects/{}".format(policy_key, key), headers=auth_headers ) + hug.test.delete(perimeter, "/subjects/{}".format(key), headers=auth_headers) + + +def clean_objects(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + objects = test_perimeter.get_objects() + logger.info("objects {}".format(objects)) + for key in objects[1]["objects"]: + object_ = objects[1]["objects"][key] + policy_keys = object_["policy_list"] + logger.info("objects policy_keys {}".format(policy_keys)) + for policy_key in policy_keys: + from moon_manager.api import perimeter + hug.test.delete(perimeter, "/policies/{}/objects/{}".format(policy_key, key), headers=auth_headers ) + hug.test.delete(perimeter, "/objects/{}".format(key), headers=auth_headers) + +def clean_actions(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + actions = test_perimeter.get_actions() + logger.info("actions {}".format(actions)) + for key in actions[1]["actions"]: + action = actions[1]["actions"][key] + policy_keys = action["policy_list"] + logger.info("action policy_keys {}".format(policy_keys)) + from moon_manager.api import perimeter + for policy_key in policy_keys: + hug.test.delete(perimeter, "/policies/{}/actions/{}".format(policy_key, key), headers=auth_headers) + hug.test.delete(perimeter, "/actions/{}".format(key), headers=auth_headers) + + + +def clean_subject_categories(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + req, categories = test_categories.get_subject_categories() + logger.info(categories) + for key in categories["subject_categories"]: + from moon_manager.api import meta_data + hug.test.delete(meta_data, "/subject_categories/{}".format(key), headers=auth_headers) + + +def clean_object_categories(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + req, categories = test_categories.get_object_categories() + logger.info(categories) + for key in categories["object_categories"]: + from moon_manager.api import meta_data + hug.test.delete(meta_data, "/object_categories/{}".format(key), headers=auth_headers) + + +def clean_action_categories(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + req, categories = test_categories.get_action_categories() + logger.info(categories) + for key in categories["action_categories"]: + from moon_manager.api import meta_data + hug.test.delete(meta_data, "/action_categories/{}".format(key), headers=auth_headers) + + +def clean_subject_data(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + req = test_policies.get_policies(auth_headers=auth_headers) + + policies = req.data + logger.info("clean_subject_data on {}".format(policies)) + for policy_key in policies["policies"]: + req, data = test_data.get_subject_data(policy_id=policy_key) + logger.info("============= data {}".format(data)) + for data_item in data["subject_data"]: + if data_item["data"]: + for data_id in data_item["data"]: + logger.info("============= Deleting {}/{}".format(policy_key, data_id)) + from moon_manager.api import data + hug.test.delete(data, "/policies/{}/subject_data/{}/{}".format(policy_key, + data_item['category_id'], data_id), headers=auth_headers) + + +def clean_object_data(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + req = test_policies.get_policies(auth_headers=auth_headers) + + policies = req.data + for policy_key in policies["policies"]: + req, data = test_data.get_object_data(policy_id=policy_key) + for data_item in data["object_data"]: + if data_item["data"]: + for data_id in data_item["data"]: + logger.info("============= object_data {}/{}".format(policy_key, data_id)) + from moon_manager.api import data + hug.test.delete(data, "/policies/{}/object_data/{}/{}".format(policy_key, + data_item['category_id'], data_id), headers=auth_headers) + + +def clean_action_data(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + req = test_policies.get_policies(auth_headers=auth_headers) + + policies = req.data + for policy_key in policies["policies"]: + req, data = test_data.get_action_data(policy_id=policy_key) + for data_item in data["action_data"]: + if data_item["data"]: + for data_id in data_item["data"]: + logger.info("============= action_data {}/{}".format(policy_key, data_id)) + from moon_manager.api import data + hug.test.delete(data, "/policies/{}/action_data/{}/{}".format(policy_key, + data_item['category_id'], data_id), headers=auth_headers) + + +def clean_meta_rule(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + + req, meta_rules_obj = test_meta_rules.get_meta_rules() + meta_rules_obj = meta_rules_obj["meta_rules"] + for meta_rule_key in meta_rules_obj: + logger.info("clean_meta_rule.meta_rule_key={}".format(meta_rule_key)) + logger.info("clean_meta_rule.meta_rule={}".format(meta_rules_obj[meta_rule_key])) + from moon_manager.api import meta_rules + hug.test.delete(meta_rules, "/meta_rules/{}".format(meta_rule_key), headers=auth_headers) + + +def clean_subject_assignments(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + req = test_policies.get_policies(auth_headers=auth_headers) + + policies = req.data + for policy_key in policies["policies"]: + req, assignments = test_assignments.get_subject_assignment(policy_key) + for key in assignments["subject_assignments"]: + subject_key = assignments["subject_assignments"][key]["subject_id"] + cat_key = assignments["subject_assignments"][key]["category_id"] + data_keys = assignments["subject_assignments"][key]["assignments"] + for data_key in data_keys: + from moon_manager.api import assignments + hug.test.delete(assignments, + "/policies/{}/subject_assignments/{}/{}/{}".format(policy_key, + subject_key, cat_key, data_key), headers=auth_headers) + + +def clean_object_assignments(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + req = test_policies.get_policies(auth_headers=auth_headers) + + policies = req.data + for policy_key in policies["policies"]: + req, assignments = test_assignments.get_object_assignment(policy_key) + for key in assignments["object_assignments"]: + object_key = assignments["object_assignments"][key]["object_id"] + cat_key = assignments["object_assignments"][key]["category_id"] + data_keys = assignments["object_assignments"][key]["assignments"] + for data_key in data_keys: + from moon_manager.api import assignments + hug.test.delete(assignments, + "/policies/{}/object_assignments/{}/{}/{}".format(policy_key, + object_key, cat_key, data_key), headers=auth_headers) + + +def clean_action_assignments(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + req = test_policies.get_policies(auth_headers=auth_headers) + + policies = req.data + for policy_key in policies["policies"]: + req, assignments = test_assignments.get_action_assignment(policy_key) + for key in assignments["action_assignments"]: + action_key = assignments["action_assignments"][key]["action_id"] + cat_key = assignments["action_assignments"][key]["category_id"] + data_keys = assignments["action_assignments"][key]["assignments"] + for data_key in data_keys: + from moon_manager.api import assignments + hug.test.delete(assignments, + "/policies/{}/action_assignments/{}/{}/{}".format(policy_key, + action_key, cat_key, data_key), headers=auth_headers) + + +def clean_rules(): + from moon_utilities.auth_functions import get_api_key_for_user + auth_headers = {"X-Api-Key": get_api_key_for_user("admin")} + req = test_policies.get_policies(auth_headers=auth_headers) + + policies = req.data + for policy_key in policies["policies"]: + req, rules = test_rules.get_rules(policy_key) + rules = rules["rules"]["rules"] + for rule_key in rules: + from moon_manager.api import rules + hug.test.delete(rules, "/policies/{}/rules/{}".format(policy_key, rule_key["id"]), headers=auth_headers) + + +def clean_all(): + clean_rules() + + clean_subject_assignments() + clean_object_assignments() + clean_action_assignments() + + clean_subject_data() + clean_object_data() + clean_action_data() + + clean_actions() + clean_objects() + clean_subjects() + + clean_policies() + clean_models() + clean_meta_rule() + + clean_subject_categories() + clean_object_categories() + clean_action_categories() diff --git a/moon_manager/tests/unit_python/helpers/meta_rule_helper.py b/moon_manager/tests/unit_python/helpers/meta_rule_helper.py new file mode 100644 index 00000000..0542d394 --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/meta_rule_helper.py @@ -0,0 +1,84 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from helpers import data_builder as builder +from uuid import uuid4 + + +def set_meta_rule(meta_rule_id, value=None): + from moon_manager.db_driver import ModelManager + if not value: + action_category_id = builder.create_action_category("action_category_id1" + uuid4().hex) + subject_category_id = builder.create_subject_category("subject_category_id1" + uuid4().hex) + object_category_id = builder.create_object_category("object_category_id1" + uuid4().hex) + value = { + "name": "MLS_meta_rule", + "description": "test", + "subject_categories": [subject_category_id], + "object_categories": [object_category_id], + "action_categories": [action_category_id] + } + return ModelManager.set_meta_rule(moon_user_id=None, meta_rule_id=meta_rule_id, value=value) + + +def add_meta_rule(meta_rule_id=None, value=None): + from moon_manager.db_driver import ModelManager + if not value: + action_category_id = builder.create_action_category("action_category_id1" + uuid4().hex) + subject_category_id = builder.create_subject_category("subject_category_id1" + uuid4().hex) + object_category_id = builder.create_object_category("object_category_id1" + uuid4().hex) + value = { + "name": "MLS_meta_rule" + uuid4().hex, + "description": "test", + "subject_categories": [subject_category_id], + "object_categories": [object_category_id], + "action_categories": [action_category_id] + } + return ModelManager.add_meta_rule(moon_user_id=None, meta_rule_id=meta_rule_id, value=value) + + +def get_body_meta_rule_with_empty_category_in_mid(type=None): + action_category_id1 = builder.create_action_category("action_category_id1" + uuid4().hex) + subject_category_id1 = builder.create_subject_category("subject_category_id1" + uuid4().hex) + object_category_id1 = builder.create_object_category("object_category_id1" + uuid4().hex) + + action_category_id2 = builder.create_action_category("action_category_id1" + uuid4().hex) + subject_category_id2 = builder.create_subject_category("subject_category_id1" + uuid4().hex) + object_category_id2 = builder.create_object_category("object_category_id1" + uuid4().hex) + value = { + "name": "MLS_meta_rule" + uuid4().hex, + "description": "test", + "subject_categories": [subject_category_id1], + "object_categories": [object_category_id1], + "action_categories": [action_category_id1] + } + if type == 'subject': + value['subject_categories'].append("") + if type == 'object': + value['object_categories'].append("") + if type == 'action': + value['action_categories'].append("") + + value['subject_categories'].append(subject_category_id2) + value['object_categories'].append(object_category_id2) + value['action_categories'].append(action_category_id2) + return value + + +def get_meta_rules(meta_rule_id=None): + from moon_manager.db_driver import ModelManager + return ModelManager.get_meta_rules(moon_user_id=None, meta_rule_id=meta_rule_id) + + +def delete_meta_rules(meta_rule_id=None): + from moon_manager.db_driver import ModelManager + ModelManager.delete_meta_rule(moon_user_id=None, meta_rule_id=meta_rule_id) diff --git a/moon_manager/tests/unit_python/helpers/model_helper.py b/moon_manager/tests/unit_python/helpers/model_helper.py new file mode 100644 index 00000000..ed705af8 --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/model_helper.py @@ -0,0 +1,81 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from helpers import data_builder as builder +from uuid import uuid4 + + +def get_models(model_id=None): + from moon_manager.db_driver import ModelManager + return ModelManager.get_models(moon_user_id=None, model_id=model_id) + + +def add_model(model_id=None, value=None): + from moon_manager.db_driver import ModelManager + if not value: + subject_category_id, object_category_id, action_category_id, meta_rule_id = builder.create_new_meta_rule() + name = "MLS"+uuid4().hex if model_id is None else "MLS " + model_id + value = { + "name": name, + "description": "test", + "meta_rules": [meta_rule_id] + } + return ModelManager.add_model(moon_user_id=None, model_id=model_id, value=value) + + +def add_model_without_meta_rule(model_id=None, value=None): + from moon_manager.db_driver import ModelManager + if not value: + name = "MLS"+uuid4().hex if model_id is None else "MLS " + model_id + value = { + "name": name, + "description": "test", + "meta_rules": "" + } + return ModelManager.add_model(moon_user_id=None, model_id=model_id, value=value) + + +def add_model_with_blank_subject_meta_rule(model_id=None, value=None): + from moon_manager.db_driver import ModelManager + if not value: + subject_category_id, object_category_id, action_category_id, meta_rule_id = builder.create_new_meta_rule(empty='subject') + name = "MLS"+uuid4().hex if model_id is None else "MLS " + model_id + value = { + "name": name, + "description": "test", + "meta_rules": [meta_rule_id] + } + return ModelManager.add_model(moon_user_id=None, model_id=model_id, value=value) + + + +def delete_models(uuid=None, name=None): + from moon_manager.db_driver import ModelManager + if not uuid: + for model_id, model_value in get_models(): + if name == model_value['name']: + uuid = model_id + break + ModelManager.delete_model(moon_user_id=None, model_id=uuid) + + +def delete_all_models(): + from moon_manager.db_driver import ModelManager + models_values = get_models() + print(models_values) + for model_id, model_value in models_values.items(): + ModelManager.delete_model(moon_user_id=None, model_id=model_id) + + +def update_model(model_id=None, value=None): + from moon_manager.db_driver import ModelManager + return ModelManager.update_model(moon_user_id=None, model_id=model_id, value=value) diff --git a/moon_manager/tests/unit_python/helpers/pdp_helper.py b/moon_manager/tests/unit_python/helpers/pdp_helper.py new file mode 100644 index 00000000..e970961a --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/pdp_helper.py @@ -0,0 +1,31 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + + +def update_pdp(pdp_id, value): + from moon_manager.db_driver import PDPManager + return PDPManager.update_pdp("", pdp_id, value) + + +def delete_pdp(pdp_id): + from moon_manager.db_driver import PDPManager + PDPManager.delete_pdp("", pdp_id) + + +def add_pdp(pdp_id=None, value=None): + from moon_manager.db_driver import PDPManager + return PDPManager.add_pdp("", pdp_id, value) + + +def get_pdp(pdp_id=None): + from moon_manager.db_driver import PDPManager + return PDPManager.get_pdp("", pdp_id) diff --git a/moon_manager/tests/unit_python/helpers/policy_helper.py b/moon_manager/tests/unit_python/helpers/policy_helper.py new file mode 100644 index 00000000..ffd0d1bb --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/policy_helper.py @@ -0,0 +1,84 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +from uuid import uuid4 +from helpers import model_helper + +def get_policies(): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_policies("admin") + + +def add_policies(policy_id=None, value=None): + from moon_manager.db_driver import PolicyManager + if not value: + value = { + "name": "test_policy"+ uuid4().hex, + "model_id": "", + "genre": "authz", + "description": "test", + } + return PolicyManager.add_policy(moon_user_id="admin", policy_id=policy_id, value=value) + + +def add_policies_with_model(policy_id=None, value=None): + from moon_manager.db_driver import PolicyManager + req = model_helper.add_model(model_id="mls_model_id" + uuid4().hex) + model_id = list(req.keys())[0] + data = { + "name": "test_policy"+ uuid4().hex, + "description": "test", + "model_id": model_id, + "genre": "genre" + } + return PolicyManager.add_policy(moon_user_id="admin", policy_id=policy_id, value=data) + + +def delete_policies(uuid=None, name=None): + from moon_manager.db_driver import PolicyManager + if not uuid: + for policy_id, policy_value in get_policies(): + if name == policy_value['name']: + uuid = policy_id + break + PolicyManager.delete_policy("admin", uuid) + + +def update_policy(policy_id, value): + from moon_manager.db_driver import PolicyManager + return PolicyManager.update_policy("admin", policy_id, value) + + +def get_policy_from_meta_rules(meta_rule_id): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_policy_from_meta_rules("admin", meta_rule_id) + + +def get_rules(policy_id=None, meta_rule_id=None, rule_id=None): + from moon_manager.db_driver import PolicyManager + return PolicyManager.get_rules("", policy_id, meta_rule_id, rule_id) + + +def add_rule(policy_id=None, meta_rule_id=None, value=None): + from moon_manager.db_driver import PolicyManager + if not value: + value = { + "rule": ("high", "medium", "vm-action"), + "instructions": [{"decision": "grant"}], + "enabled": "", + } + return PolicyManager.add_rule("", policy_id, meta_rule_id, value) + + +def delete_rule(policy_id=None, rule_id=None): + from moon_manager.db_driver import PolicyManager + PolicyManager.delete_rule("", policy_id, rule_id) diff --git a/moon_manager/tests/unit_python/helpers/rules_helper.py b/moon_manager/tests/unit_python/helpers/rules_helper.py new file mode 100644 index 00000000..ce7e8bd2 --- /dev/null +++ b/moon_manager/tests/unit_python/helpers/rules_helper.py @@ -0,0 +1,18 @@ +# Software Name: MOON + +# Version: 5.4 + +# SPDX-FileCopyrightText: Copyright (c) 2018-2020 Orange and its contributors +# SPDX-License-Identifier: Apache-2.0 + +# This software is distributed under the 'Apache License 2.0', +# the text of which is available at 'http://www.apache.org/licenses/LICENSE-2.0.txt' +# or see the "LICENSE" file for more details. + + +def get_headers(): + from moon_utilities.auth_functions import get_api_key_for_user + + auth_headers = {"X-Api-Key": get_api_key_for_user("admin"), + 'Content-Type': 'application/json'} + return auth_headers |