aboutsummaryrefslogtreecommitdiffstats
path: root/moon_manager
diff options
context:
space:
mode:
Diffstat (limited to 'moon_manager')
-rw-r--r--moon_manager/Changelog12
-rw-r--r--moon_manager/Dockerfile13
-rw-r--r--moon_manager/moon_manager/__init__.py2
-rw-r--r--moon_manager/moon_manager/api/assignments.py149
-rw-r--r--moon_manager/moon_manager/api/data.py124
-rw-r--r--moon_manager/moon_manager/api/json_import.py88
-rw-r--r--moon_manager/moon_manager/api/meta_data.py101
-rw-r--r--moon_manager/moon_manager/api/meta_rules.py51
-rw-r--r--moon_manager/moon_manager/api/models.py45
-rw-r--r--moon_manager/moon_manager/api/pdp.py83
-rw-r--r--moon_manager/moon_manager/api/perimeter.py254
-rw-r--r--moon_manager/moon_manager/api/policies.py50
-rw-r--r--moon_manager/moon_manager/api/rules.py37
-rw-r--r--moon_manager/moon_manager/api/slaves.py12
-rw-r--r--moon_manager/moon_manager/http_server.py7
-rw-r--r--moon_manager/tests/unit_python/api/import_export_utilities.py45
-rw-r--r--moon_manager/tests/unit_python/api/test_assignemnt.py161
-rw-r--r--moon_manager/tests/unit_python/api/test_data.py89
-rw-r--r--moon_manager/tests/unit_python/api/test_export.py40
-rw-r--r--moon_manager/tests/unit_python/api/test_import.py78
-rw-r--r--moon_manager/tests/unit_python/api/test_meta_data.py235
-rw-r--r--moon_manager/tests/unit_python/api/test_meta_rules.py175
-rw-r--r--moon_manager/tests/unit_python/api/test_pdp.py55
-rw-r--r--moon_manager/tests/unit_python/api/test_perimeter.py153
-rw-r--r--moon_manager/tests/unit_python/api/test_policies.py19
-rw-r--r--moon_manager/tests/unit_python/api/test_rules.py71
-rw-r--r--moon_manager/tests/unit_python/api/test_unit_models.py61
-rw-r--r--moon_manager/tests/unit_python/api/utilities.py24
-rw-r--r--moon_manager/tests/unit_python/conftest.py12
-rw-r--r--moon_manager/tests/unit_python/helpers/__init__.py0
-rw-r--r--moon_manager/tests/unit_python/helpers/assignment_helper.py49
-rw-r--r--moon_manager/tests/unit_python/helpers/category_helper.py40
-rw-r--r--moon_manager/tests/unit_python/helpers/data_builder.py209
-rw-r--r--moon_manager/tests/unit_python/helpers/data_helper.py99
-rw-r--r--moon_manager/tests/unit_python/helpers/meta_rule_helper.py49
-rw-r--r--moon_manager/tests/unit_python/helpers/model_helper.py51
-rw-r--r--moon_manager/tests/unit_python/helpers/pdp_helper.py23
-rw-r--r--moon_manager/tests/unit_python/helpers/policy_helper.py61
-rw-r--r--moon_manager/tests/unit_python/requirements.txt2
39 files changed, 1888 insertions, 941 deletions
diff --git a/moon_manager/Changelog b/moon_manager/Changelog
index 2bd01595..56521a0e 100644
--- a/moon_manager/Changelog
+++ b/moon_manager/Changelog
@@ -28,3 +28,15 @@ CHANGES
- use the threading capability of Flask app
- set the number of manager to 1
- update to the latest version of the python-moondb library
+
+4.5.2-1
+-----
+integrating validtion to send mandatory key names
+
+4.5.3
+-----
+- Removing try catch from all requets to allow raised exception to be passed to http server, to send actual error to client side
+- fixing test cases to assert on the expected exception after removing try-catch
+- allow 404 to be catched from our side instead of flask itself
+- revert the params in the get/post/patch/delete to be by default = None, so that we could catch the param if it was None
+instead of having not found url if the param is mandatory \ No newline at end of file
diff --git a/moon_manager/Dockerfile b/moon_manager/Dockerfile
index 630c275b..d264a113 100644
--- a/moon_manager/Dockerfile
+++ b/moon_manager/Dockerfile
@@ -1,10 +1,15 @@
FROM python:3
+LABEL Name=Manager
+LABEL Description="Manager component for the Moon platform"
+LABEL Maintainer="Thomas Duval"
+LABEL Url="https://wiki.opnfv.org/display/moon/Moon+Project+Proposal"
+
+USER root
+
ADD . /root
WORKDIR /root/
-RUN pip3 install -r requirements.txt
-RUN if [ -d /root/dist ]; then for FILE in $(ls /root/dist/*.tar.gz); do pip install $FILE --upgrade; done; fi
-RUN if [ -d /root/dist ]; then for FILE in $(ls /root/dist/*.whl); do pip install $FILE --upgrade; done; fi
-RUN pip3 install .
+RUN pip3 install --no-cache-dir -r requirements.txt
+RUN pip3 install --no-cache-dir .
CMD ["python3", "-m", "moon_manager"] \ No newline at end of file
diff --git a/moon_manager/moon_manager/__init__.py b/moon_manager/moon_manager/__init__.py
index 20a70977..205f6d8c 100644
--- a/moon_manager/moon_manager/__init__.py
+++ b/moon_manager/moon_manager/__init__.py
@@ -3,4 +3,4 @@
# license which can be found in the file 'LICENSE' in this package distribution
# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-__version__ = "4.5.2"
+__version__ = "4.5.3"
diff --git a/moon_manager/moon_manager/api/assignments.py b/moon_manager/moon_manager/api/assignments.py
index a1d10ccb..426789e6 100644
--- a/moon_manager/moon_manager/api/assignments.py
+++ b/moon_manager/moon_manager/api/assignments.py
@@ -53,17 +53,14 @@ class SubjectAssignments(Resource):
}
:internal_api: get_subject_assignments
"""
- try:
- data = PolicyManager.get_subject_assignments(
- user_id=user_id, policy_id=uuid,
- subject_id=perimeter_id, category_id=category_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_subject_assignments(
+ user_id=user_id, policy_id=uuid,
+ subject_id=perimeter_id, category_id=category_id)
+
return {"subject_assignments": data}
- @validate_input("post", kwargs_state=[True, False, False, False, False], body_state=[True, True, True])
+ @validate_input("post", kwargs_state=[True, False, False, False, False], body_state={"id":True, "category_id":True, "data_id":True})
@check_auth
def post(self, uuid, perimeter_id=None, category_id=None,
data_id=None, user_id=None):
@@ -89,18 +86,13 @@ class SubjectAssignments(Resource):
}
:internal_api: update_subject_assignment
"""
- try:
- data_id = request.json.get("data_id")
- category_id = request.json.get("category_id")
- perimeter_id = request.json.get("id")
- data = PolicyManager.add_subject_assignment(
- user_id=user_id, policy_id=uuid,
- subject_id=perimeter_id, category_id=category_id,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data_id = request.json.get("data_id")
+ category_id = request.json.get("category_id")
+ perimeter_id = request.json.get("id")
+ data = PolicyManager.add_subject_assignment(
+ user_id=user_id, policy_id=uuid,
+ subject_id=perimeter_id, category_id=category_id,
+ data_id=data_id)
return {"subject_assignments": data}
@validate_input("delete", kwargs_state=[True, True, True, True, False])
@@ -120,15 +112,12 @@ class SubjectAssignments(Resource):
}
:internal_api: delete_subject_assignment
"""
- try:
- data = PolicyManager.delete_subject_assignment(
- user_id=user_id, policy_id=uuid,
- subject_id=perimeter_id, category_id=category_id,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.delete_subject_assignment(
+ user_id=user_id, policy_id=uuid,
+ subject_id=perimeter_id, category_id=category_id,
+ data_id=data_id)
+
return {"result": True}
@@ -166,17 +155,14 @@ class ObjectAssignments(Resource):
}
:internal_api: get_object_assignments
"""
- try:
- data = PolicyManager.get_object_assignments(
- user_id=user_id, policy_id=uuid,
- object_id=perimeter_id, category_id=category_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_object_assignments(
+ user_id=user_id, policy_id=uuid,
+ object_id=perimeter_id, category_id=category_id)
+
return {"object_assignments": data}
- @validate_input("post", kwargs_state=[True, False, False, False, False], body_state=[True, True, True])
+ @validate_input("post", kwargs_state=[True, False, False, False, False], body_state={"id":True, "category_id":True, "data_id":True})
@check_auth
def post(self, uuid, perimeter_id=None, category_id=None,
data_id=None, user_id=None):
@@ -202,18 +188,15 @@ class ObjectAssignments(Resource):
}
:internal_api: update_object_assignment
"""
- try:
- data_id = request.json.get("data_id")
- category_id = request.json.get("category_id")
- perimeter_id = request.json.get("id")
- data = PolicyManager.add_object_assignment(
- user_id=user_id, policy_id=uuid,
- object_id=perimeter_id, category_id=category_id,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data_id = request.json.get("data_id")
+ category_id = request.json.get("category_id")
+ perimeter_id = request.json.get("id")
+ data = PolicyManager.add_object_assignment(
+ user_id=user_id, policy_id=uuid,
+ object_id=perimeter_id, category_id=category_id,
+ data_id=data_id)
+
return {"object_assignments": data}
@validate_input("delete", kwargs_state=[True, True, True, True, False])
@@ -233,15 +216,11 @@ class ObjectAssignments(Resource):
}
:internal_api: delete_object_assignment
"""
- try:
- data = PolicyManager.delete_object_assignment(
- user_id=user_id, policy_id=uuid,
- object_id=perimeter_id, category_id=category_id,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = PolicyManager.delete_object_assignment(
+ user_id=user_id, policy_id=uuid,
+ object_id=perimeter_id, category_id=category_id,
+ data_id=data_id)
+
return {"result": True}
@@ -279,17 +258,13 @@ class ActionAssignments(Resource):
}
:internal_api: get_action_assignments
"""
- try:
- data = PolicyManager.get_action_assignments(
- user_id=user_id, policy_id=uuid,
- action_id=perimeter_id, category_id=category_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = PolicyManager.get_action_assignments(
+ user_id=user_id, policy_id=uuid,
+ action_id=perimeter_id, category_id=category_id)
+
return {"action_assignments": data}
- @validate_input("post", kwargs_state=[True, False, False, False, False], body_state=[True, True, True])
+ @validate_input("post", kwargs_state=[True, False, False, False, False], body_state={"id":True, "category_id":True, "data_id":True})
@check_auth
def post(self, uuid, perimeter_id=None, category_id=None,
data_id=None, user_id=None):
@@ -315,18 +290,15 @@ class ActionAssignments(Resource):
}
:internal_api: update_action_assignment
"""
- try:
- data_id = request.json.get("data_id")
- category_id = request.json.get("category_id")
- perimeter_id = request.json.get("id")
- data = PolicyManager.add_action_assignment(
- user_id=user_id, policy_id=uuid,
- action_id=perimeter_id, category_id=category_id,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data_id = request.json.get("data_id")
+ category_id = request.json.get("category_id")
+ perimeter_id = request.json.get("id")
+ data = PolicyManager.add_action_assignment(
+ user_id=user_id, policy_id=uuid,
+ action_id=perimeter_id, category_id=category_id,
+ data_id=data_id)
+
return {"action_assignments": data}
@validate_input("delete", kwargs_state=[True, True, True, True, False])
@@ -346,13 +318,10 @@ class ActionAssignments(Resource):
}
:internal_api: delete_action_assignment
"""
- try:
- data = PolicyManager.delete_action_assignment(
- user_id=user_id, policy_id=uuid,
- action_id=perimeter_id, category_id=category_id,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.delete_action_assignment(
+ user_id=user_id, policy_id=uuid,
+ action_id=perimeter_id, category_id=category_id,
+ data_id=data_id)
+
return {"result": True}
diff --git a/moon_manager/moon_manager/api/data.py b/moon_manager/moon_manager/api/data.py
index 4b22f9dc..d887ac2b 100644
--- a/moon_manager/moon_manager/api/data.py
+++ b/moon_manager/moon_manager/api/data.py
@@ -54,18 +54,16 @@ class SubjectData(Resource):
}]
:internal_api: get_subject_data
"""
- try:
- data = PolicyManager.get_subject_data(user_id=user_id,
- policy_id=uuid,
- category_id=category_id,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ logger.info("api.get {} {} {}".format(uuid, category_id, data_id))
+ data = PolicyManager.get_subject_data(user_id=user_id,
+ policy_id=uuid,
+ category_id=category_id,
+ data_id=data_id)
+ logger.info("api.get data = {}".format(data))
+
return {"subject_data": data}
- @validate_input("post", kwargs_state=[True, True, False, False], body_state=[True, False])
+ @validate_input("post", kwargs_state=[True, True, False, False], body_state={"name":True})
@check_auth
def post(self, uuid, category_id=None, data_id=None, user_id=None):
"""Create or update a subject.
@@ -90,15 +88,11 @@ class SubjectData(Resource):
}
:internal_api: add_subject_data
"""
- try:
- data = PolicyManager.set_subject_data(user_id=user_id,
- policy_id=uuid,
+ data = PolicyManager.set_subject_data(user_id=user_id,
+ policy_id=uuid,
category_id=category_id,
value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
return {"subject_data": data}
@validate_input("delete", kwargs_state=[True, False, False, False])
@@ -116,14 +110,11 @@ class SubjectData(Resource):
}]
:internal_api: delete_subject_data
"""
- try:
- data = PolicyManager.delete_subject_data(user_id=user_id,
- policy_id=uuid,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ logger.info("api.delete {} {}".format(uuid, data_id))
+ data = PolicyManager.delete_subject_data(user_id=user_id,
+ policy_id=uuid,
+ data_id=data_id)
+
return {"result": True}
@@ -162,18 +153,14 @@ class ObjectData(Resource):
}]
:internal_api: get_object_data
"""
- try:
- data = PolicyManager.get_object_data(user_id=user_id,
- policy_id=uuid,
- category_id=category_id,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = PolicyManager.get_object_data(user_id=user_id,
+ policy_id=uuid,
+ category_id=category_id,
+ data_id=data_id)
+
return {"object_data": data}
- @validate_input("post", kwargs_state=[True, True, False, False], body_state=[True, False])
+ @validate_input("post", kwargs_state=[True, True, False, False], body_state={"name":True})
@check_auth
def post(self, uuid, category_id=None, data_id=None, user_id=None):
"""Create or update a object.
@@ -198,15 +185,11 @@ class ObjectData(Resource):
}
:internal_api: add_object_data
"""
- try:
- data = PolicyManager.add_object_data(user_id=user_id,
- policy_id=uuid,
- category_id=category_id,
- value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = PolicyManager.add_object_data(user_id=user_id,
+ policy_id=uuid,
+ category_id=category_id,
+ value=request.json)
+
return {"object_data": data}
@validate_input("delete", kwargs_state=[True, False, False, False])
@@ -224,14 +207,10 @@ class ObjectData(Resource):
}
:internal_api: delete_object_data
"""
- try:
- data = PolicyManager.delete_object_data(user_id=user_id,
- policy_id=uuid,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = PolicyManager.delete_object_data(user_id=user_id,
+ policy_id=uuid,
+ data_id=data_id)
+
return {"result": True}
@@ -270,18 +249,14 @@ class ActionData(Resource):
}]
:internal_api: get_action_data
"""
- try:
- data = PolicyManager.get_action_data(user_id=user_id,
- policy_id=uuid,
- category_id=category_id,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = PolicyManager.get_action_data(user_id=user_id,
+ policy_id=uuid,
+ category_id=category_id,
+ data_id=data_id)
+
return {"action_data": data}
- @validate_input("post", kwargs_state=[True, True, False, False], body_state=[True, False])
+ @validate_input("post", kwargs_state=[True, True, False, False], body_state={"name":True})
@check_auth
def post(self, uuid, category_id=None, data_id=None, user_id=None):
"""Create or update a action.
@@ -306,15 +281,10 @@ class ActionData(Resource):
}
:internal_api: add_action_data
"""
- try:
- data = PolicyManager.add_action_data(user_id=user_id,
- policy_id=uuid,
- category_id=category_id,
- value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = PolicyManager.add_action_data(user_id=user_id,
+ policy_id=uuid,
+ category_id=category_id,
+ value=request.json)
return {"action_data": data}
@validate_input("delete", kwargs_state=[True, False, False, False])
@@ -332,14 +302,10 @@ class ActionData(Resource):
}
:internal_api: delete_action_data
"""
- try:
- data = PolicyManager.delete_action_data(user_id=user_id,
- policy_id=uuid,
- data_id=data_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = PolicyManager.delete_action_data(user_id=user_id,
+ policy_id=uuid,
+ data_id=data_id)
+
return {"result": True}
diff --git a/moon_manager/moon_manager/api/json_import.py b/moon_manager/moon_manager/api/json_import.py
index ae9a21d0..e57a27c1 100644
--- a/moon_manager/moon_manager/api/json_import.py
+++ b/moon_manager/moon_manager/api/json_import.py
@@ -81,17 +81,15 @@ class JsonImport(Resource):
def _reorder_rules_ids(self, rule, ordered_perimeter_categories_ids, json_data_ids, policy_id, get_function):
ordered_json_ids = [None]*len(ordered_perimeter_categories_ids)
- logger.info("ordered_json_ids {}".format(ordered_json_ids))
- logger.info("json_data_ids {}".format(json_data_ids))
for json_id in json_data_ids:
- logger.info("json_id {}".format(json_id))
data = get_function(self._user_id, policy_id, data_id=json_id)
data = data[0]
- logger.info("data {}".format(data))
if data["category_id"] not in ordered_perimeter_categories_ids:
- raise InvalidJson("The category id {} of the rule {} does not match the meta rule".format(data["category_id"], rule))
+ raise InvalidJson("The category id {} of the rule {} does not match the meta rule".format(
+ data["category_id"], rule))
if ordered_json_ids[ordered_perimeter_categories_ids.index(data["category_id"])] is not None:
- raise InvalidJson("The category id {} of the rule {} shall not be used twice in the same rule".format(data["category_id"], rule))
+ raise InvalidJson("The category id {} of the rule {} shall not be used twice in the same rule".format(
+ data["category_id"], rule))
ordered_json_ids[ordered_perimeter_categories_ids.index(data["category_id"])] = json_id
logger.info(ordered_json_ids)
return ordered_json_ids
@@ -106,7 +104,8 @@ class JsonImport(Resource):
JsonUtils.copy_field_if_exists(json_rule, json_to_use, "enabled", bool, default_value=True)
json_ids = dict()
- JsonUtils.convert_name_to_id(json_rule, json_ids, "policy", "policy_id", "policy", PolicyManager, self._user_id)
+ JsonUtils.convert_name_to_id(json_rule, json_ids, "policy", "policy_id", "policy",
+ PolicyManager, self._user_id)
JsonUtils.convert_name_to_id(json_rule, json_to_use, "meta_rule", "meta_rule_id", "meta_rule", ModelManager, self._user_id)
json_subject_ids = dict()
json_object_ids = dict()
@@ -124,7 +123,7 @@ class JsonImport(Resource):
json_to_use_rule = json_to_use_rule + self._reorder_rules_ids(json_rule, meta_rule["action_categories"], json_action_ids["action"], json_ids["policy_id"], PolicyManager.get_action_data)
json_to_use["rule"] = json_to_use_rule
try:
- logger.info("Adding / updating a rule from json {}".format(json_to_use))
+ logger.debug("Adding / updating a rule from json {}".format(json_to_use))
PolicyManager.add_rule(self._user_id, json_ids["policy_id"], json_to_use["meta_rule_id"], json_to_use)
except exceptions.RuleExisting:
pass
@@ -135,15 +134,14 @@ class JsonImport(Resource):
logger.info("Input meta rules : {}".format(json_meta_rules))
for json_meta_rule in json_meta_rules:
json_to_use = dict()
- logger.info("Input meta rule : {}".format(json_meta_rule))
JsonUtils.copy_field_if_exists(json_meta_rule, json_to_use, "name", str)
JsonUtils.copy_field_if_exists(json_meta_rule, json_to_use, "description", str)
JsonUtils.convert_names_to_ids(json_meta_rule, json_to_use, "subject_categories", "subject_categories", "subject_category", ModelManager, self._user_id)
JsonUtils.convert_names_to_ids(json_meta_rule, json_to_use, "object_categories", "object_categories", "object_category", ModelManager, self._user_id)
JsonUtils.convert_names_to_ids(json_meta_rule, json_to_use, "action_categories", "action_categories", "action_category", ModelManager, self._user_id)
- logger.info("Adding / updating a metarule from json {}".format(json_meta_rule))
+ logger.debug("Adding / updating a metarule from json {}".format(json_meta_rule))
meta_rule = ModelManager.add_meta_rule(self._user_id, meta_rule_id=None, value=json_to_use)
- logger.info("Added / updated meta rule : {}".format(meta_rule))
+ logger.debug("Added / updated meta rule : {}".format(meta_rule))
def _import_subject_object_action_assignments(self, json_item_assignments, type_element):
import_method = getattr(PolicyManager, 'add_' + type_element + '_assignment')
@@ -178,14 +176,18 @@ class JsonImport(Resource):
# find the policy related to the current data
data = get_method(self._user_id, policy_id, data_id, json_assignment["category_id"])
if data is not None and len(data) == 1:
- logger.info("Adding / updating a {} assignment from json {}".format(type_element, json_assignment))
- import_method(self._user_id, policy_id, json_assignment["id"], json_assignment["category_id"], data_id)
+ logger.debug("Adding / updating a {} assignment from json {}".format(type_element,
+ json_assignment))
+ import_method(self._user_id, policy_id, json_assignment["id"], json_assignment["category_id"],
+ data_id)
else:
raise UnknownData("Unknown data with id {}".format(data_id))
# case the data has not been found in any policies
if has_found_data is False:
- raise InvalidJson("The json contains unknown {} data or category : {}".format(type_element,json_item_assignment))
+ raise InvalidJson("The json contains unknown {} data or category : {}".format(
+ type_element,
+ json_item_assignment))
def _import_subject_object_action_datas(self, json_items_data, mandatory_policy_ids, type_element):
if type_element == "subject":
@@ -201,7 +203,6 @@ class JsonImport(Resource):
item_override = JsonUtils.get_override(json_items_data)
if item_override is True:
raise ForbiddenOverride("{} datas do not support override flag !".format(type_element))
- logger.info("json_item_data {}".format(json_item_data))
json_to_use = dict()
JsonUtils.copy_field_if_exists(json_item_data, json_to_use, "name", str)
JsonUtils.copy_field_if_exists(json_item_data, json_to_use, "description", str)
@@ -209,11 +210,9 @@ class JsonImport(Resource):
# field_mandatory : not mandatory if there is some mandatory policies
JsonUtils.convert_names_to_ids(json_item_data, json_policy, "policies", "policy_id", "policy",
PolicyManager, self._user_id, field_mandatory=len(mandatory_policy_ids) == 0)
- logger.info("json_policy {}".format(json_policy))
json_category = dict()
JsonUtils.convert_name_to_id(json_item_data, json_category, "category", "category_id", type_element+"_category",
ModelManager, self._user_id)
- logger.info("json_category {}".format(json_category))
policy_ids = []
if "policy_id" in json_policy:
policy_ids = json_policy["policy_id"]
@@ -232,15 +231,12 @@ class JsonImport(Resource):
for policy_id in mandatory_policy_ids:
try:
- # existing_datas = get_method(self._user_id, policy_id,category_id=category_id)
- # logger.info(existing_datas)
- logger.info("Adding / updating a {} data with policy id {} and category id {} from json {}".format(type_element, policy_id, category_id, json_to_use))
data = import_method(self._user_id, policy_id, category_id=category_id, value=json_to_use)
- logger.info("Added / updated {} data : {}".format(type_element, data))
except exceptions.PolicyUnknown:
raise UnknownPolicy("Unknown policy with id {}".format(policy_id))
except Exception as e:
- raise BaseException(str(e))
+ logger.exception(str(e))
+ raise e
def _import_subject_object_action_categories(self, json_item_categories, type_element):
import_method = getattr(ModelManager, 'add_' + type_element + '_category')
@@ -267,14 +263,13 @@ class JsonImport(Resource):
raise ForbiddenOverride("{} categories do not support override flag !".format(type_element))
try:
- logger.info("Adding a {} category from json {}".format(type_element, json_to_use))
category = import_method(self._user_id, existing_id, json_to_use)
- logger.info("Added category {}".format(category))
except (exceptions.SubjectCategoryExisting, exceptions.ObjectCategoryExisting, exceptions.ActionCategoryExisting):
# it already exists: do nothing
- logger.info("Ignored {} category with name {} is already in the database".format(type_element, json_to_use["name"]))
+ logger.warning("Ignored {} category with name {} is already in the database".format(type_element, json_to_use["name"]))
except Exception as e:
- logger.info("Error while importing the category : {}".format(str(e)))
+ logger.warning("Error while importing the category : {}".format(str(e)))
+ logger.exception(str(e))
raise e
def _import_subject_object_action(self, json_items, mandatory_policy_ids, type_element):
@@ -302,7 +297,7 @@ class JsonImport(Resource):
raise ForbiddenOverride("{} does not support override flag !".format(type_element))
if len(policy_ids) == 0:
- raise MissingPolicy("a {} needs at least one policy to be created or updated : {}".format(type_element, json.dumps(json_item)))
+ raise MissingPolicy("a {} needs at least one policy to be created or updated : {}".format(type_element, json.dumps(json_item)))
for policy_id in policy_ids:
try:
@@ -312,16 +307,13 @@ class JsonImport(Resource):
if items_in_db[key_in_db]["name"] == json_without_policy_name["name"]:
key = key_in_db
break
- if key is None:
- logger.info("Adding a {} from json {} to the policy with id {}".format(type_element, json_without_policy_name, policy_id))
- else:
- logger.info("Updating a {} from json {} to the policy with id {}".format(type_element, json_without_policy_name, policy_id))
element = import_method(self._user_id, policy_id, perimeter_id=key, value=json_without_policy_name)
- logger.info("Added / updated {} : {}".format(type_element, element))
+ logger.debug("Added / updated {} : {}".format(type_element, element))
except exceptions.PolicyUnknown:
raise UnknownPolicy("Unknown policy when adding a {}!".format(type_element))
except Exception as e:
+ logger.exception(str(e))
raise BaseException(str(e))
def _import_policies(self, json_policies):
@@ -335,7 +327,7 @@ class JsonImport(Resource):
# policy_in_db = PolicyManager.get_policies_by_name(json_without_model_name["name"])
policies = PolicyManager.get_policies(self._user_id)
policy_in_db = None
- logger.info(policies)
+ policy_id = None
for policy_key in policies:
if policies[policy_key]["name"] == json_policy["name"]:
policy_in_db = policies[policy_key]
@@ -350,9 +342,10 @@ class JsonImport(Resource):
policy_mandatory = JsonUtils.get_mandatory(json_policy)
if policy_override is False and policy_does_exist:
- policy_mandatory_ids.append(policy_id)
- logger.warning("Existing policy not updated because of the override option is not set !")
- continue
+ if policy_id:
+ policy_mandatory_ids.append(policy_id)
+ logger.warning("Existing policy not updated because of the override option is not set !")
+ continue
json_without_model_name = dict()
JsonUtils.copy_field_if_exists(json_policy, json_without_model_name, "name", str)
@@ -361,16 +354,14 @@ class JsonImport(Resource):
JsonUtils.convert_name_to_id(json_policy, json_without_model_name, "model", "model_id", "model", ModelManager, self._user_id, field_mandatory=False)
if not policy_does_exist:
- logger.info("Creating policy {} ".format(json_without_model_name))
+ logger.debug("Creating policy {} ".format(json_without_model_name))
added_policy = PolicyManager.add_policy(self._user_id, None, json_without_model_name)
- logger.info("Added policy {}".format(added_policy))
if policy_mandatory is True:
keys = list(added_policy.keys())
policy_mandatory_ids.append(keys[0])
elif policy_override is True:
- logger.info("Updating policy {} ".format(json_without_model_name))
+ logger.debug("Updating policy {} ".format(json_without_model_name))
updated_policy = PolicyManager.update_policy(self._user_id, policy_id, json_without_model_name)
- logger.info("Updated policy {}".format(updated_policy))
if policy_mandatory is True:
policy_mandatory_ids.append(policy_id)
return policy_mandatory_ids
@@ -380,7 +371,7 @@ class JsonImport(Resource):
raise InvalidJson("models shall be a list!")
for json_model in json_models:
- logger.info("json_model {}".format(json_model))
+ logger.debug("json_model {}".format(json_model))
models = ModelManager.get_models(self._user_id)
model_in_db = None
model_id = None
@@ -389,19 +380,16 @@ class JsonImport(Resource):
model_in_db = models[model_key]
model_id = model_key
- logger.info("model in db".format(model_in_db))
# this should not occur as the model has been put in db previously in _import_models_without_new_meta_rules
if model_in_db is None:
- raise UnknownModel("Unknwon model ")
+ raise UnknownModel("Unknown model ")
json_key = dict()
JsonUtils.convert_names_to_ids(json_model, json_key, "meta_rules", "meta_rule_id", "meta_rule", ModelManager, self._user_id)
- logger.info("json_key {}".format(json_key))
for meta_rule_id in json_key["meta_rule_id"]:
if meta_rule_id not in model_in_db["meta_rules"]:
model_in_db["meta_rules"].append(meta_rule_id)
- logger.info("Updating model with id {} : {} ".format(model_id, model_in_db))
ModelManager.update_model(self._user_id, model_id, model_in_db)
def _import_models_without_new_meta_rules(self, json_models):
@@ -426,16 +414,14 @@ class JsonImport(Resource):
if model_in_db is None:
model_does_exist = False
else:
- logger.info("model_in_db {}".format(model_in_db))
- # JsonUtils.convert_names_to_ids(model_in_db, json_without_new_metarules, "meta_rules", "meta_rule_id", "meta_rule", ModelManager, self._user_id)
json_without_new_metarules["meta_rule_id"] = model_in_db["meta_rules"]
model_does_exist = True
model_override = JsonUtils.get_override(json_model)
if not model_does_exist:
- logger.info("Creating model {} ".format(json_without_new_metarules))
+ logger.debug("Creating model {} ".format(json_without_new_metarules))
ModelManager.add_model(self._user_id, None, json_without_new_metarules)
elif model_override is True:
- logger.info("Updating model with id {} : {} ".format(model_id, json_without_new_metarules))
+ logger.debug("Updating model with id {} : {} ".format(model_id, json_without_new_metarules))
ModelManager.update_model(self._user_id, model_id, json_without_new_metarules)
def _import_pdps(self, json_pdps):
@@ -462,11 +448,11 @@ class JsonImport(Resource):
self._user_id = user_id
if 'file' in request.files:
file = request.files['file']
- logger.info("Importing {} file...".format(file))
+ logger.debug("Importing {} file...".format(file))
json_content = json.load(file)
else:
json_content = request.json
- logger.info("Importing content: {} ...".format(json_content))
+ logger.debug("Importing content: {} ...".format(json_content))
# first import the models without the meta rules as they are not yet defined
if "models" in json_content:
diff --git a/moon_manager/moon_manager/api/meta_data.py b/moon_manager/moon_manager/api/meta_data.py
index f3b22d29..62ca050f 100644
--- a/moon_manager/moon_manager/api/meta_data.py
+++ b/moon_manager/moon_manager/api/meta_data.py
@@ -45,16 +45,12 @@ class SubjectCategories(Resource):
}
:internal_api: get_subject_categories
"""
- try:
- data = ModelManager.get_subject_categories(
- user_id=user_id, category_id=category_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = ModelManager.get_subject_categories(
+ user_id=user_id, category_id=category_id)
+
return {"subject_categories": data}
- @validate_input("post",body_state=[True,False])
+ @validate_input("post",body_state={"name":True})
@check_auth
def post(self, category_id=None, user_id=None):
"""Create or update a subject category.
@@ -73,13 +69,9 @@ class SubjectCategories(Resource):
}
:internal_api: add_subject_category
"""
- try:
- data = ModelManager.add_subject_category(
- user_id=user_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = ModelManager.add_subject_category(
+ user_id=user_id, value=request.json)
+
return {"subject_categories": data}
@validate_input("delete",kwargs_state=[True,False])
@@ -95,13 +87,10 @@ class SubjectCategories(Resource):
}
:internal_api: delete_subject_category
"""
- try:
- data = ModelManager.delete_subject_category(
- user_id=user_id, category_id=category_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = ModelManager.delete_subject_category(
+ user_id=user_id, category_id=category_id)
+
return {"result": True}
@@ -131,16 +120,12 @@ class ObjectCategories(Resource):
}
:internal_api: get_object_categories
"""
- try:
- data = ModelManager.get_object_categories(
- user_id=user_id, category_id=category_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = ModelManager.get_object_categories(
+ user_id=user_id, category_id=category_id)
+
return {"object_categories": data}
- @validate_input("post", body_state=[True, False])
+ @validate_input("post", body_state={"name":True})
@check_auth
def post(self, category_id=None, user_id=None):
"""Create or update a object category.
@@ -159,13 +144,10 @@ class ObjectCategories(Resource):
}
:internal_api: add_object_category
"""
- try:
- data = ModelManager.add_object_category(
- user_id=user_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = ModelManager.add_object_category(
+ user_id=user_id, value=request.json)
+
return {"object_categories": data}
@validate_input("delete", kwargs_state=[True, False])
@@ -181,13 +163,10 @@ class ObjectCategories(Resource):
}
:internal_api: delete_object_category
"""
- try:
- data = ModelManager.delete_object_category(
- user_id=user_id, category_id=category_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = ModelManager.delete_object_category(
+ user_id=user_id, category_id=category_id)
+
return {"result": True}
@@ -217,16 +196,13 @@ class ActionCategories(Resource):
}
:internal_api: get_action_categories
"""
- try:
- data = ModelManager.get_action_categories(
- user_id=user_id, category_id=category_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = ModelManager.get_action_categories(
+ user_id=user_id, category_id=category_id)
+
return {"action_categories": data}
- @validate_input("post", body_state=[True, False])
+ @validate_input("post", body_state={"name":True})
@check_auth
def post(self, category_id=None, user_id=None):
"""Create or update an action category.
@@ -245,13 +221,10 @@ class ActionCategories(Resource):
}
:internal_api: add_action_category
"""
- try:
- data = ModelManager.add_action_category(
- user_id=user_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = ModelManager.add_action_category(
+ user_id=user_id, value=request.json)
+
return {"action_categories": data}
@validate_input("delete", kwargs_state=[True, False])
@@ -267,11 +240,7 @@ class ActionCategories(Resource):
}
:internal_api: delete_action_category
"""
- try:
- data = ModelManager.delete_action_category(
- user_id=user_id, category_id=category_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = ModelManager.delete_action_category(
+ user_id=user_id, category_id=category_id)
+
return {"result": True}
diff --git a/moon_manager/moon_manager/api/meta_rules.py b/moon_manager/moon_manager/api/meta_rules.py
index afc11eba..3dc9996b 100644
--- a/moon_manager/moon_manager/api/meta_rules.py
+++ b/moon_manager/moon_manager/api/meta_rules.py
@@ -51,16 +51,13 @@ class MetaRules(Resource):
}
:internal_api: get_meta_rules
"""
- try:
- data = ModelManager.get_meta_rules(
- user_id=user_id, meta_rule_id=meta_rule_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = ModelManager.get_meta_rules(
+ user_id=user_id, meta_rule_id=meta_rule_id)
+
return {"meta_rules": data}
- @validate_input("post", body_state=[True, True, True, True])
+ @validate_input("post", body_state={"name":True, "subject_categories":True, "object_categories":True, "action_categories":True})
@check_auth
def post(self, meta_rule_id=None, user_id=None):
"""Add a meta rule
@@ -87,18 +84,15 @@ class MetaRules(Resource):
}
:internal_api: add_meta_rules
"""
- try:
- data = ModelManager.add_meta_rule(
- user_id=user_id, meta_rule_id=None, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = ModelManager.add_meta_rule(
+ user_id=user_id, meta_rule_id=None, value=request.json)
+
return {"meta_rules": data}
- @validate_input("patch", kwargs_state=[True, False], body_state=[True, True, True, True])
+ @validate_input("patch", kwargs_state=[True, False], body_state={"name":True, "subject_categories":True, "object_categories":True, "action_categories":True})
@check_auth
- def patch(self, meta_rule_id, user_id=None):
+ def patch(self, meta_rule_id=None, user_id=None):
"""Update a meta rule
:param meta_rule_id: Meta rule ID
@@ -123,18 +117,14 @@ class MetaRules(Resource):
}
:internal_api: set_meta_rules
"""
- try:
- data = ModelManager.set_meta_rule(
- user_id=user_id, meta_rule_id=meta_rule_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = ModelManager.set_meta_rule(
+ user_id=user_id, meta_rule_id=meta_rule_id, value=request.json)
+
return {"meta_rules": data}
@validate_input("delete", kwargs_state=[True, False])
@check_auth
- def delete(self, meta_rule_id, user_id=None):
+ def delete(self, meta_rule_id=None, user_id=None):
"""Delete a meta rule
:param meta_rule_id: Meta rule ID
@@ -152,12 +142,9 @@ class MetaRules(Resource):
}
:internal_api: delete_meta_rules
"""
- try:
- data = ModelManager.delete_meta_rule(
- user_id=user_id, meta_rule_id=meta_rule_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = ModelManager.delete_meta_rule(
+ user_id=user_id, meta_rule_id=meta_rule_id)
+
return {"result": True}
diff --git a/moon_manager/moon_manager/api/models.py b/moon_manager/moon_manager/api/models.py
index 440a4d2b..c3068367 100644
--- a/moon_manager/moon_manager/api/models.py
+++ b/moon_manager/moon_manager/api/models.py
@@ -46,15 +46,11 @@ class Models(Resource):
}
:internal_api: get_models
"""
- try:
- data = ModelManager.get_models(user_id=user_id, model_id=uuid)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = ModelManager.get_models(user_id=user_id, model_id=uuid)
+
return {"models": data}
- @validate_input("post", body_state=[True, False, True])
+ @validate_input("post", body_state={"name":True, "meta_rules":True})
@check_auth
def post(self, uuid=None, user_id=None):
"""Create model.
@@ -75,18 +71,14 @@ class Models(Resource):
}
:internal_api: add_model
"""
- try:
- data = ModelManager.add_model(
- user_id=user_id, model_id=uuid, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = ModelManager.add_model(
+ user_id=user_id, model_id=uuid, value=request.json)
+
return {"models": data}
@validate_input("delete", kwargs_state=[True, False])
@check_auth
- def delete(self, uuid, user_id=None):
+ def delete(self, uuid=None, user_id=None):
"""Delete a model
:param uuid: uuid of the model to delete
@@ -97,17 +89,14 @@ class Models(Resource):
}
:internal_api: delete_model
"""
- try:
- data = ModelManager.delete_model(user_id=user_id, model_id=uuid)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = ModelManager.delete_model(user_id=user_id, model_id=uuid)
+
return {"result": True}
- @validate_input("patch", kwargs_state=[True, False], body_state=[True, False, True])
+ @validate_input("patch", kwargs_state=[True, False], body_state={"name":True, "meta_rules":True})
@check_auth
- def patch(self, uuid, user_id=None):
+ def patch(self, uuid=None, user_id=None):
"""Update a model
:param uuid: uuid of the model to update
@@ -121,12 +110,8 @@ class Models(Resource):
}
:internal_api: update_model
"""
- try:
- data = ModelManager.update_model(
- user_id=user_id, model_id=uuid, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = ModelManager.update_model(
+ user_id=user_id, model_id=uuid, value=request.json)
+
return {"models": data}
diff --git a/moon_manager/moon_manager/api/pdp.py b/moon_manager/moon_manager/api/pdp.py
index fd20c85f..a5d7c007 100644
--- a/moon_manager/moon_manager/api/pdp.py
+++ b/moon_manager/moon_manager/api/pdp.py
@@ -114,15 +114,12 @@ class PDP(Resource):
}
:internal_api: get_pdp
"""
- try:
- data = PDPManager.get_pdp(user_id=user_id, pdp_id=uuid)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PDPManager.get_pdp(user_id=user_id, pdp_id=uuid)
+
return {"pdps": data}
- @validate_input("post", body_state=[True, True, True, False])
+ @validate_input("post", body_state={"name": True, "security_pipeline": True, "keystone_project_id": True})
@check_auth
def post(self, uuid=None, user_id=None):
"""Create pdp.
@@ -145,23 +142,20 @@ class PDP(Resource):
}
:internal_api: add_pdp
"""
- try:
- data = dict(request.json)
- if not data.get("keystone_project_id"):
- data["keystone_project_id"] = None
- else:
- if check_keystone_pid(data.get("keystone_project_id")):
- raise exceptions.PdpKeystoneMappingConflict
- data = PDPManager.add_pdp(
- user_id=user_id, pdp_id=None, value=request.json)
- uuid = list(data.keys())[0]
- logger.debug("data={}".format(data))
- logger.debug("uuid={}".format(uuid))
- add_pod(uuid=uuid, data=data[uuid])
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = dict(request.json)
+ if not data.get("keystone_project_id"):
+ data["keystone_project_id"] = None
+ else:
+ if check_keystone_pid(data.get("keystone_project_id")):
+ raise exceptions.PdpKeystoneMappingConflict
+ data = PDPManager.add_pdp(
+ user_id=user_id, pdp_id=None, value=request.json)
+ uuid = list(data.keys())[0]
+ logger.debug("data={}".format(data))
+ logger.debug("uuid={}".format(uuid))
+ add_pod(uuid=uuid, data=data[uuid])
+
return {"pdps": data}
@validate_input("delete", kwargs_state=[True, False])
@@ -177,16 +171,12 @@ class PDP(Resource):
}
:internal_api: delete_pdp
"""
- try:
- data = PDPManager.delete_pdp(user_id=user_id, pdp_id=uuid)
- delete_pod(uuid)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+ data = PDPManager.delete_pdp(user_id=user_id, pdp_id=uuid)
+ delete_pod(uuid)
+
return {"result": True}
- @validate_input("patch", kwargs_state=[True, False], body_state=[True, True, True, False])
+ @validate_input("patch", kwargs_state=[True, False], body_state={"name": True, "security_pipeline": True, "keystone_project_id": True})
@check_auth
def patch(self, uuid, user_id=None):
"""Update a pdp
@@ -203,21 +193,18 @@ class PDP(Resource):
}
:internal_api: update_pdp
"""
- try:
- _data = dict(request.json)
- if not _data.get("keystone_project_id"):
- _data["keystone_project_id"] = None
- else:
- if check_keystone_pid(_data.get("keystone_project_id")):
- raise exceptions.PdpKeystoneMappingConflict
- data = PDPManager.update_pdp(
- user_id=user_id, pdp_id=uuid, value=_data)
- logger.debug("data={}".format(data))
- logger.debug("uuid={}".format(uuid))
- add_pod(uuid=uuid, data=data[uuid])
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ _data = dict(request.json)
+ if not _data.get("keystone_project_id"):
+ _data["keystone_project_id"] = None
+ else:
+ if check_keystone_pid(_data.get("keystone_project_id")):
+ raise exceptions.PdpKeystoneMappingConflict
+ data = PDPManager.update_pdp(
+ user_id=user_id, pdp_id=uuid, value=_data)
+ logger.debug("data={}".format(data))
+ logger.debug("uuid={}".format(uuid))
+ add_pod(uuid=uuid, data=data[uuid])
+
return {"pdps": data}
diff --git a/moon_manager/moon_manager/api/perimeter.py b/moon_manager/moon_manager/api/perimeter.py
index 014aa4b9..6c39c43d 100644
--- a/moon_manager/moon_manager/api/perimeter.py
+++ b/moon_manager/moon_manager/api/perimeter.py
@@ -55,21 +55,18 @@ class Subjects(Resource):
}
:internal_api: get_subjects
"""
- try:
- data = PolicyManager.get_subjects(
- user_id=user_id,
- policy_id=uuid,
- perimeter_id=perimeter_id
- )
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_subjects(
+ user_id=user_id,
+ policy_id=uuid,
+ perimeter_id=perimeter_id
+ )
+
return {"subjects": data}
- @validate_input("post", body_state=[True, False, False, False])
+ @validate_input("post", body_state={"name":True})
@check_auth
- def post(self, uuid=None, perimeter_id=None, user_id=None):
+ def post(self, uuid, perimeter_id=None, user_id=None):
"""Create or update a subject.
:param uuid: uuid of the policy
@@ -92,25 +89,22 @@ class Subjects(Resource):
}
:internal_api: set_subject
"""
- try:
- if not perimeter_id:
- data = PolicyManager.get_subjects(user_id=user_id,
- policy_id=None)
- if 'name' in request.json:
- for data_id, data_value in data.items():
- if data_value['name'] == request.json['name']:
- perimeter_id = data_id
- break
- data = PolicyManager.add_subject(
- user_id=user_id, policy_id=uuid,
- perimeter_id=perimeter_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ if not perimeter_id:
+ data = PolicyManager.get_subjects(user_id=user_id,
+ policy_id=uuid)
+ if 'name' in request.json:
+ for data_id, data_value in data.items():
+ if data_value['name'] == request.json['name']:
+ perimeter_id = data_id
+ break
+ data = PolicyManager.add_subject(
+ user_id=user_id, policy_id=uuid,
+ perimeter_id=perimeter_id, value=request.json)
+
return {"subjects": data}
- @validate_input("patch", kwargs_state=[False, True, False], body_state=[True, False, False, False])
+ @validate_input("patch", kwargs_state=[False, True, False], body_state={"name":True})
@check_auth
def patch(self, uuid, perimeter_id=None, user_id=None):
"""Create or update a subject.
@@ -135,22 +129,19 @@ class Subjects(Resource):
}
:internal_api: set_subject
"""
- try:
- if not perimeter_id:
- data = PolicyManager.get_subjects(user_id=user_id,
- policy_id=None)
- if 'name' in request.json:
- for data_id, data_value in data.items():
- if data_value['name'] == request.json['name']:
- perimeter_id = data_id
- break
- data = PolicyManager.add_subject(
- user_id=user_id, policy_id=uuid,
- perimeter_id=perimeter_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ if not perimeter_id:
+ data = PolicyManager.get_subjects(user_id=user_id,
+ policy_id=None)
+ if 'name' in request.json:
+ for data_id, data_value in data.items():
+ if data_value['name'] == request.json['name']:
+ perimeter_id = data_id
+ break
+ data = PolicyManager.add_subject(
+ user_id=user_id, policy_id=uuid,
+ perimeter_id=perimeter_id, value=request.json)
+
return {"subjects": data}
@validate_input("delete", kwargs_state=[False, True, False])
@@ -172,13 +163,10 @@ class Subjects(Resource):
}
:internal_api: delete_subject
"""
- try:
- data = PolicyManager.delete_subject(
- user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.delete_subject(
+ user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id)
+
return {"result": True}
@@ -213,21 +201,18 @@ class Objects(Resource):
}
:internal_api: get_objects
"""
- try:
- data = PolicyManager.get_objects(
- user_id=user_id,
- policy_id=uuid,
- perimeter_id=perimeter_id
- )
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_objects(
+ user_id=user_id,
+ policy_id=uuid,
+ perimeter_id=perimeter_id
+ )
+
return {"objects": data}
- @validate_input("post", body_state=[True, False, False, False])
+ @validate_input("post", body_state={"name":True})
@check_auth
- def post(self, uuid=None, perimeter_id=None, user_id=None):
+ def post(self, uuid, perimeter_id=None, user_id=None):
"""Create or update a object.
:param uuid: uuid of the policy
@@ -245,23 +230,20 @@ class Objects(Resource):
}
:internal_api: set_object
"""
- try:
- data = PolicyManager.get_objects(user_id=user_id, policy_id=None)
- if 'name' in request.json:
- for data_id, data_value in data.items():
- if data_value['name'] == request.json['name']:
- perimeter_id = data_id
- break
- data = PolicyManager.add_object(
- user_id=user_id, policy_id=uuid,
- perimeter_id=perimeter_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_objects(user_id=user_id, policy_id=uuid)
+ if 'name' in request.json:
+ for data_id, data_value in data.items():
+ if data_value['name'] == request.json['name']:
+ perimeter_id = data_id
+ break
+ data = PolicyManager.add_object(
+ user_id=user_id, policy_id=uuid,
+ perimeter_id=perimeter_id, value=request.json)
+
return {"objects": data}
- @validate_input("patch", kwargs_state=[False, True, False], body_state=[True, False, False, False])
+ @validate_input("patch", kwargs_state=[False, True, False], body_state={"name":True})
@check_auth
def patch(self, uuid, perimeter_id=None, user_id=None):
"""Create or update a object.
@@ -281,20 +263,17 @@ class Objects(Resource):
}
:internal_api: set_object
"""
- try:
- data = PolicyManager.get_objects(user_id=user_id, policy_id=None)
- if 'name' in request.json:
- for data_id, data_value in data.items():
- if data_value['name'] == request.json['name']:
- perimeter_id = data_id
- break
- data = PolicyManager.add_object(
- user_id=user_id, policy_id=uuid,
- perimeter_id=perimeter_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_objects(user_id=user_id, policy_id=uuid)
+ if 'name' in request.json:
+ for data_id, data_value in data.items():
+ if data_value['name'] == request.json['name']:
+ perimeter_id = data_id
+ break
+ data = PolicyManager.add_object(
+ user_id=user_id, policy_id=uuid,
+ perimeter_id=perimeter_id, value=request.json)
+
return {"objects": data}
@validate_input("delete", kwargs_state=[False, True, False])
@@ -313,13 +292,10 @@ class Objects(Resource):
}
:internal_api: delete_object
"""
- try:
- data = PolicyManager.delete_object(
- user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.delete_object(
+ user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id)
+
return {"result": True}
@@ -354,18 +330,15 @@ class Actions(Resource):
}
:internal_api: get_actions
"""
- try:
- data = PolicyManager.get_actions(
- user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_actions(
+ user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id)
+
return {"actions": data}
- @validate_input("post", body_state=[True, False, False, False])
+ @validate_input("post", body_state={"name":True})
@check_auth
- def post(self, uuid=None, perimeter_id=None, user_id=None):
+ def post(self, uuid, perimeter_id=None, user_id=None):
"""Create or update a action.
:param uuid: uuid of the policy
@@ -383,23 +356,20 @@ class Actions(Resource):
}
:internal_api: set_action
"""
- try:
- data = PolicyManager.get_actions(user_id=user_id, policy_id=None)
- if 'name' in request.json:
- for data_id, data_value in data.items():
- if data_value['name'] == request.json['name']:
- perimeter_id = data_id
- break
- data = PolicyManager.add_action(
- user_id=user_id, policy_id=uuid,
- perimeter_id=perimeter_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_actions(user_id=user_id, policy_id=uuid)
+ if 'name' in request.json:
+ for data_id, data_value in data.items():
+ if data_value['name'] == request.json['name']:
+ perimeter_id = data_id
+ break
+ data = PolicyManager.add_action(
+ user_id=user_id, policy_id=uuid,
+ perimeter_id=perimeter_id, value=request.json)
+
return {"actions": data}
- @validate_input("patch", kwargs_state=[False, True, False], body_state=[True, False, False, False])
+ @validate_input("patch", kwargs_state=[False, True, False], body_state={"name":True})
@check_auth
def patch(self, uuid, perimeter_id=None, user_id=None):
"""Create or update a action.
@@ -419,20 +389,17 @@ class Actions(Resource):
}
:internal_api: set_action
"""
- try:
- data = PolicyManager.get_actions(user_id=user_id, policy_id=None)
- if 'name' in request.json:
- for data_id, data_value in data.items():
- if data_value['name'] == request.json['name']:
- perimeter_id = data_id
- break
- data = PolicyManager.add_action(
- user_id=user_id, policy_id=uuid,
- perimeter_id=perimeter_id, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_actions(user_id=user_id, policy_id=uuid)
+ if 'name' in request.json:
+ for data_id, data_value in data.items():
+ if data_value['name'] == request.json['name']:
+ perimeter_id = data_id
+ break
+ data = PolicyManager.add_action(
+ user_id=user_id, policy_id=uuid,
+ perimeter_id=perimeter_id, value=request.json)
+
return {"actions": data}
@validate_input("delete", kwargs_state=[False, True, False])
@@ -451,11 +418,8 @@ class Actions(Resource):
}
:internal_api: delete_action
"""
- try:
- data = PolicyManager.delete_action(
- user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.delete_action(
+ user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id)
+
return {"result": True}
diff --git a/moon_manager/moon_manager/api/policies.py b/moon_manager/moon_manager/api/policies.py
index 1a9e0bae..9fe237b2 100644
--- a/moon_manager/moon_manager/api/policies.py
+++ b/moon_manager/moon_manager/api/policies.py
@@ -12,6 +12,8 @@ from flask_restful import Resource
import logging
from python_moonutilities.security_functions import check_auth
from python_moondb.core import PolicyManager
+from python_moonutilities.security_functions import validate_input
+
__version__ = "4.3.2"
@@ -30,6 +32,7 @@ class Policies(Resource):
"/policies/<string:uuid>/",
)
+ @validate_input("get", kwargs_state=[False, False])
@check_auth
def get(self, uuid=None, user_id=None):
"""Retrieve all policies
@@ -46,14 +49,12 @@ class Policies(Resource):
}
:internal_api: get_policies
"""
- try:
- data = PolicyManager.get_policies(user_id=user_id, policy_id=uuid)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.get_policies(user_id=user_id, policy_id=uuid)
+
return {"policies": data}
+ @validate_input("post", body_state={"name": True, "model_id":True})
@check_auth
def post(self, uuid=None, user_id=None):
"""Create policy.
@@ -76,17 +77,15 @@ class Policies(Resource):
}
:internal_api: add_policy
"""
- try:
- data = PolicyManager.add_policy(
- user_id=user_id, policy_id=uuid, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.add_policy(
+ user_id=user_id, policy_id=uuid, value=request.json)
+
return {"policies": data}
+ @validate_input("delete", kwargs_state=[ True, False])
@check_auth
- def delete(self, uuid, user_id=None):
+ def delete(self, uuid=None, user_id=None):
"""Delete a policy
:param uuid: uuid of the policy to delete
@@ -97,16 +96,14 @@ class Policies(Resource):
}
:internal_api: delete_policy
"""
- try:
- data = PolicyManager.delete_policy(user_id=user_id, policy_id=uuid)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.delete_policy(user_id=user_id, policy_id=uuid)
+
return {"result": True}
+ @validate_input("patch", kwargs_state=[True, False], body_state={"name": True, "model_id":True})
@check_auth
- def patch(self, uuid, user_id=None):
+ def patch(self, uuid=None, user_id=None):
"""Update a policy
:param uuid: uuid of the policy to update
@@ -121,12 +118,9 @@ class Policies(Resource):
}
:internal_api: update_policy
"""
- try:
- data = PolicyManager.update_policy(
- user_id=user_id, policy_id=uuid, value=request.json)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.update_policy(
+ user_id=user_id, policy_id=uuid, value=request.json)
+
return {"policies": data}
diff --git a/moon_manager/moon_manager/api/rules.py b/moon_manager/moon_manager/api/rules.py
index ecb066d9..a0248097 100644
--- a/moon_manager/moon_manager/api/rules.py
+++ b/moon_manager/moon_manager/api/rules.py
@@ -49,17 +49,14 @@ class Rules(Resource):
}
:internal_api: get_rules
"""
- try:
- data = PolicyManager.get_rules(user_id=user_id,
+
+ data = PolicyManager.get_rules(user_id=user_id,
policy_id=uuid,
rule_id=rule_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
return {"rules": data}
- @validate_input("post", kwargs_state=[True, False, False], body_state=[True, False, False, False])
+ @validate_input("post", kwargs_state=[True, False, False], body_state={"meta_rule_id": True, "rule": True, "instructions": True})
@check_auth
def post(self, uuid=None, rule_id=None, user_id=None):
"""Add a rule to a meta rule
@@ -111,15 +108,12 @@ class Rules(Resource):
:internal_api: add_rule
"""
args = request.json
- try:
- data = PolicyManager.add_rule(user_id=user_id,
- policy_id=uuid,
- meta_rule_id=args['meta_rule_id'],
- value=args)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.add_rule(user_id=user_id,
+ policy_id=uuid,
+ meta_rule_id=args['meta_rule_id'],
+ value=args)
+
return {"rules": data}
@validate_input("delete", kwargs_state=[True, True, False])
@@ -133,12 +127,9 @@ class Rules(Resource):
:return: { "result": true }
:internal_api: delete_rule
"""
- try:
- data = PolicyManager.delete_rule(
- user_id=user_id, policy_id=uuid, rule_id=rule_id)
- except Exception as e:
- logger.error(e, exc_info=True)
- return {"result": False,
- "error": str(e)}, 500
+
+ data = PolicyManager.delete_rule(
+ user_id=user_id, policy_id=uuid, rule_id=rule_id)
+
return {"result": True}
diff --git a/moon_manager/moon_manager/api/slaves.py b/moon_manager/moon_manager/api/slaves.py
index f5b3fa14..769b681f 100644
--- a/moon_manager/moon_manager/api/slaves.py
+++ b/moon_manager/moon_manager/api/slaves.py
@@ -11,12 +11,11 @@ from flask import request
from flask_restful import Resource
import logging
import requests
-import time
from python_moonutilities.security_functions import check_auth
-from python_moondb.core import PDPManager
-from python_moondb.core import PolicyManager
-from python_moondb.core import ModelManager
-from python_moonutilities import configuration, exceptions
+
+from python_moonutilities import configuration
+from python_moonutilities.security_functions import validate_input
+
__version__ = "4.3.0"
@@ -42,6 +41,7 @@ class Slaves(Resource):
self.orchestrator_port = conf["components/orchestrator"].get("port",
80)
+ @validate_input("get", kwargs_state=[False, False])
@check_auth
def get(self, uuid=None, user_id=None):
"""Retrieve all slaves
@@ -66,6 +66,8 @@ class Slaves(Resource):
))
return {"slaves": req.json().get("slaves", dict())}
+ @validate_input("patch", kwargs_state=[False, False],
+ body_state={"op": True, "variable": True, "value": True})
@check_auth
def patch(self, uuid=None, user_id=None):
"""Update a slave
diff --git a/moon_manager/moon_manager/http_server.py b/moon_manager/moon_manager/http_server.py
index a7258a75..204e7e04 100644
--- a/moon_manager/moon_manager/http_server.py
+++ b/moon_manager/moon_manager/http_server.py
@@ -112,11 +112,12 @@ class CustomApi(Api):
@staticmethod
def handle_error(e):
try:
- error_message = dumps({'message': str(e), "code": getattr(e, "code", 500)})
+ error_message = dumps({"result": False, 'message': str(e), "code": getattr(e, "code", 500)})
+ logger.error(e, exc_info=True)
logger.error(error_message)
return make_response(error_message, getattr(e, "code", 500))
except Exception as e2: # unhandled exception in the api...
- logger.error(str(e2))
+ logger.exception(str(e2))
return make_response(error_message, 500)
@@ -132,7 +133,7 @@ class HTTPServer(Server):
self.manager_port = conf["components/manager"].get("port", 80)
# TODO : specify only few urls instead of *
CORS(self.app)
- self.api = CustomApi(self.app)
+ self.api = CustomApi(self.app, catch_all_404s=True)
self.__set_route()
def __set_route(self):
diff --git a/moon_manager/tests/unit_python/api/import_export_utilities.py b/moon_manager/tests/unit_python/api/import_export_utilities.py
index b1c8a541..12cb208e 100644
--- a/moon_manager/tests/unit_python/api/import_export_utilities.py
+++ b/moon_manager/tests/unit_python/api/import_export_utilities.py
@@ -3,13 +3,12 @@
# license which can be found in the file 'LICENSE' in this package distribution
# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-import api.utilities as utilities
import api.test_unit_models as test_models
import api.test_policies as test_policies
import api.test_perimeter as test_perimeter
-import api.meta_data_test as test_categories
+import api.test_meta_data as test_categories
import api.test_data as test_data
-import api.meta_rules_test as test_meta_rules
+import api.test_meta_rules as test_meta_rules
import api.test_assignemnt as test_assignments
import api.test_rules as test_rules
import logging
@@ -21,7 +20,6 @@ def clean_models(client):
req, models = test_models.get_models(client)
for key in models["models"]:
client.delete("/models/{}".format(key))
- print("deleted model with id {}".format(key))
def clean_policies(client):
@@ -29,7 +27,6 @@ def clean_policies(client):
for key in policies["policies"]:
req = client.delete("/policies/{}".format(key))
assert req.status_code == 200
- print("deleted policy with id {}".format(key))
def clean_subjects(client):
@@ -40,9 +37,8 @@ def clean_subjects(client):
policy_keys = subject["policy_list"]
logger.info("subjects policy_keys {}".format(policy_keys))
for policy_key in policy_keys:
- client.delete("/policies/{}/subjects/{}".format(policy_key,key))
+ client.delete("/policies/{}/subjects/{}".format(policy_key, key))
client.delete("/subjects/{}".format(key))
- print("deleted subject with id {}".format(key))
def clean_objects(client):
@@ -53,15 +49,13 @@ def clean_objects(client):
policy_keys = object_["policy_list"]
logger.info("objects policy_keys {}".format(policy_keys))
for policy_key in policy_keys:
- print("/policies/{}/objects/{}".format(policy_key, key))
- req = client.delete("/policies/{}/objects/{}".format(policy_key, key))
+ client.delete("/policies/{}/objects/{}".format(policy_key, key))
client.delete("/objects/{}".format(key))
- print("deleted object with id {}".format(key))
def clean_actions(client):
actions = test_perimeter.get_actions(client)
- logger.info("objects {}".format(actions))
+ logger.info("actions {}".format(actions))
for key in actions[1]["actions"]:
action = actions[1]["actions"][key]
policy_keys = action["policy_list"]
@@ -69,7 +63,6 @@ def clean_actions(client):
for policy_key in policy_keys:
client.delete("/policies/{}/actions/{}".format(policy_key, key))
client.delete("/actions/{}".format(key))
- print("deleted action with id {}".format(key))
def clean_subject_categories(client):
@@ -95,10 +88,12 @@ def clean_action_categories(client):
def clean_subject_data(client):
req, policies = test_policies.get_policies(client)
+ logger.info("clean_subject_data on {}".format(policies))
for policy_key in policies["policies"]:
req, data = test_data.get_subject_data(client, policy_id=policy_key)
- print(data)
+ logger.info("============= data {}".format(data))
for key in data["subject_data"]:
+ logger.info("============= Deleting {}/{}".format(policy_key, key))
client.delete("/policies/{}/subject_data/{}".format(policy_key, key))
@@ -106,7 +101,6 @@ def clean_object_data(client):
req, policies = test_policies.get_policies(client)
for policy_key in policies["policies"]:
req, data = test_data.get_object_data(client, policy_id=policy_key)
- print(data)
for key in data["object_data"]:
client.delete("/policies/{}/object_data/{}".format(policy_key, key))
@@ -123,7 +117,8 @@ def clean_meta_rule(client):
req, meta_rules = test_meta_rules.get_meta_rules(client)
meta_rules = meta_rules["meta_rules"]
for meta_rule_key in meta_rules:
- print(meta_rule_key)
+ logger.info("clean_meta_rule.meta_rule_key={}".format(meta_rule_key))
+ logger.info("clean_meta_rule.meta_rule={}".format(meta_rules[meta_rule_key]))
client.delete("/meta_rules/{}".format(meta_rule_key))
@@ -136,7 +131,8 @@ def clean_subject_assignments(client):
cat_key = assignments["subject_assignments"][key]["category_id"]
data_keys = assignments["subject_assignments"][key]["assignments"]
for data_key in data_keys:
- req = client.delete("/policies/{}/subject_assignments/{}/{}/{}".format(policy_key, subject_key, cat_key, data_key))
+ client.delete("/policies/{}/subject_assignments/{}/{}/{}".format(policy_key, subject_key,
+ cat_key, data_key))
def clean_object_assignments(client):
@@ -148,7 +144,8 @@ def clean_object_assignments(client):
cat_key = assignments["object_assignments"][key]["category_id"]
data_keys = assignments["object_assignments"][key]["assignments"]
for data_key in data_keys:
- req = client.delete("/policies/{}/object_assignments/{}/{}/{}".format(policy_key, object_key, cat_key, data_key))
+ client.delete("/policies/{}/object_assignments/{}/{}/{}".format(policy_key, object_key,
+ cat_key, data_key))
def clean_action_assignments(client):
@@ -160,14 +157,14 @@ def clean_action_assignments(client):
cat_key = assignments["action_assignments"][key]["category_id"]
data_keys = assignments["action_assignments"][key]["assignments"]
for data_key in data_keys:
- req = client.delete("/policies/{}/action_assignments/{}/{}/{}".format(policy_key, action_key, cat_key, data_key))
+ client.delete("/policies/{}/action_assignments/{}/{}/{}".format(policy_key, action_key,
+ cat_key, data_key))
def clean_rules(client):
req, policies = test_policies.get_policies(client)
for policy_key in policies["policies"]:
req, rules = test_rules.get_rules(client, policy_key)
- print(rules)
rules = rules["rules"]
rules = rules["rules"]
for rule_key in rules:
@@ -183,10 +180,6 @@ def clean_all(client):
clean_meta_rule(client)
- clean_subject_categories(client)
- clean_object_categories(client)
- clean_action_categories(client)
-
clean_subject_data(client)
clean_object_data(client)
clean_action_data(client)
@@ -195,5 +188,9 @@ def clean_all(client):
clean_objects(client)
clean_subjects(client)
+ clean_subject_categories(client)
+ clean_object_categories(client)
+ clean_action_categories(client)
+
clean_policies(client)
- clean_models(client) \ No newline at end of file
+ clean_models(client)
diff --git a/moon_manager/tests/unit_python/api/test_assignemnt.py b/moon_manager/tests/unit_python/api/test_assignemnt.py
index 4e2acddc..22c727af 100644
--- a/moon_manager/tests/unit_python/api/test_assignemnt.py
+++ b/moon_manager/tests/unit_python/api/test_assignemnt.py
@@ -1,5 +1,7 @@
import api.utilities as utilities
import json
+from helpers import data_builder as builder
+from uuid import uuid4
# subject_categories_test
@@ -11,11 +13,19 @@ def get_subject_assignment(client, policy_id):
return req, subject_assignment
-def add_subject_assignment(client, policy_id, category_id):
+def add_subject_assignment(client):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex)
+ subject_id = builder.create_subject(policy_id)
+ data_id = builder.create_subject_data(policy_id=policy_id, category_id=subject_category_id)
+
data = {
- "id": "id1",
- "category_id": category_id,
- "data_id": "data_id1"
+ "id": subject_id,
+ "category_id": subject_category_id,
+ "data_id": data_id
}
req = client.post("/policies/{}/subject_assignments".format(policy_id), data=json.dumps(data),
headers={'Content-Type': 'application/json'})
@@ -23,36 +33,42 @@ def add_subject_assignment(client, policy_id, category_id):
return req, subject_assignment
+def add_subject_assignment_without_cat_id(client):
+
+ data = {
+ "id": "subject_id",
+ "category_id": "",
+ "data_id": "data_id"
+ }
+ req = client.post("/policies/{}/subject_assignments".format("1111"), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ subject_assignment = utilities.get_json(req.data)
+ return req, subject_assignment
+
+
def delete_subject_assignment(client, policy_id, sub_id, cat_id,data_id):
req = client.delete("/policies/{}/subject_assignments/{}/{}/{}".format(policy_id, sub_id, cat_id,data_id))
return req
def test_add_subject_assignment():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, subject_assignment = add_subject_assignment(client, policy_id, "111")
+ req, subject_assignment = add_subject_assignment(client)
assert req.status_code == 200
assert isinstance(subject_assignment, dict)
- value = subject_assignment["subject_assignments"]
assert "subject_assignments" in subject_assignment
- id = list(value.keys())[0]
- assert value[id]['policy_id'] == policy_id
- assert value[id]['category_id'] == "111"
- assert value[id]['subject_id'] == "id1"
def test_add_subject_assignment_without_cat_id():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, subject_assignment = add_subject_assignment(client, policy_id, "")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == 'Empty String'
+ req, subject_assignment = add_subject_assignment_without_cat_id(client)
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'category_id', [Empty String]"
def test_get_subject_assignment():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
+ policy_id = builder.get_policy_id_with_subject_assignment()
req, subject_assignment = get_subject_assignment(client, policy_id)
assert req.status_code == 200
assert isinstance(subject_assignment, dict)
@@ -61,7 +77,7 @@ def test_get_subject_assignment():
def test_delete_subject_assignment():
client = utilities.register_client()
- policy_id = utilities.get_policy_id()
+ policy_id = builder.get_policy_id_with_subject_assignment()
req, subject_assignment = get_subject_assignment(client, policy_id)
value = subject_assignment["subject_assignments"]
id = list(value.keys())[0]
@@ -72,7 +88,7 @@ def test_delete_subject_assignment():
def test_delete_subject_assignment_without_policy_id():
client = utilities.register_client()
success_req = delete_subject_assignment(client, "", "id1", "111" ,"data_id1")
- assert success_req.status_code == 500
+ assert success_req.status_code == 404
# ---------------------------------------------------------------------------
@@ -86,13 +102,35 @@ def get_object_assignment(client, policy_id):
return req, object_assignment
-def add_object_assignment(client, policy_id, category_id):
+def add_object_assignment(client):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex)
+ object_id = builder.create_object(policy_id)
+ data_id = builder.create_object_data(policy_id=policy_id, category_id=object_category_id)
+
+ data = {
+ "id": object_id,
+ "category_id": object_category_id,
+ "data_id": data_id
+ }
+
+ req = client.post("/policies/{}/object_assignments".format(policy_id), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ object_assignment = utilities.get_json(req.data)
+ return req, object_assignment
+
+
+def add_object_assignment_without_cat_id(client):
+
data = {
- "id": "id1",
- "category_id": category_id,
- "data_id": "data_id1"
+ "id": "object_id",
+ "category_id": "",
+ "data_id": "data_id"
}
- req = client.post("/policies/{}/object_assignments/{}".format(policy_id, category_id), data=json.dumps(data),
+ req = client.post("/policies/{}/object_assignments".format("1111"), data=json.dumps(data),
headers={'Content-Type': 'application/json'})
object_assignment = utilities.get_json(req.data)
return req, object_assignment
@@ -104,7 +142,7 @@ def delete_object_assignment(client, policy_id, obj_id, cat_id, data_id):
def test_get_object_assignment():
- policy_id = utilities.get_policy_id()
+ policy_id = builder.get_policy_id_with_object_assignment()
client = utilities.register_client()
req, object_assignment = get_object_assignment(client, policy_id)
assert req.status_code == 200
@@ -113,30 +151,22 @@ def test_get_object_assignment():
def test_add_object_assignment():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, object_assignment = add_object_assignment(client, policy_id, "111")
+ req, object_assignment = add_object_assignment(client)
assert req.status_code == 200
- assert isinstance(object_assignment, dict)
- value = object_assignment["object_assignments"]
assert "object_assignments" in object_assignment
- id = list(value.keys())[0]
- assert value[id]['policy_id'] == policy_id
- assert value[id]['category_id'] == "111"
- assert value[id]['object_id'] == "id1"
def test_add_object_assignment_without_cat_id():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, object_assignment = add_object_assignment(client, policy_id, "")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == 'Empty String'
+ req, object_assignment = add_object_assignment_without_cat_id(client)
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'category_id', [Empty String]"
def test_delete_object_assignment():
client = utilities.register_client()
- policy_id = utilities.get_policy_id()
+ policy_id = builder.get_policy_id_with_object_assignment()
req, object_assignment = get_object_assignment(client, policy_id)
value = object_assignment["object_assignments"]
id = list(value.keys())[0]
@@ -146,8 +176,8 @@ def test_delete_object_assignment():
def test_delete_object_assignment_without_policy_id():
client = utilities.register_client()
- success_req = delete_object_assignment(client, "", "id1", "111" ,"data_id1")
- assert success_req.status_code == 500
+ success_req = delete_object_assignment(client, "", "id1", "111","data_id1")
+ assert success_req.status_code == 404
# ---------------------------------------------------------------------------
@@ -161,13 +191,34 @@ def get_action_assignment(client, policy_id):
return req, action_assignment
-def add_action_assignment(client, policy_id, category_id):
+def add_action_assignment(client):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex)
+ action_id = builder.create_action(policy_id)
+ data_id = builder.create_action_data(policy_id=policy_id, category_id=action_category_id)
+
+ data = {
+ "id": action_id,
+ "category_id": action_category_id,
+ "data_id": data_id
+ }
+ req = client.post("/policies/{}/action_assignments".format(policy_id), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ action_assignment = utilities.get_json(req.data)
+ return req, action_assignment
+
+
+def add_action_assignment_without_cat_id(client):
+
data = {
- "id": "id1",
- "category_id": category_id,
- "data_id": "data_id1"
+ "id": "action_id",
+ "category_id": "",
+ "data_id": "data_id"
}
- req = client.post("/policies/{}/action_assignments/{}".format(policy_id, category_id), data=json.dumps(data),
+ req = client.post("/policies/{}/action_assignments".format("1111"), data=json.dumps(data),
headers={'Content-Type': 'application/json'})
action_assignment = utilities.get_json(req.data)
return req, action_assignment
@@ -179,7 +230,7 @@ def delete_action_assignment(client, policy_id, action_id, cat_id, data_id):
def test_get_action_assignment():
- policy_id = utilities.get_policy_id()
+ policy_id = builder.get_policy_id_with_action_assignment()
client = utilities.register_client()
req, action_assignment = get_action_assignment(client, policy_id)
assert req.status_code == 200
@@ -188,30 +239,22 @@ def test_get_action_assignment():
def test_add_action_assignment():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, action_assignment = add_action_assignment(client, policy_id, "111")
+ req, action_assignment = add_action_assignment(client)
assert req.status_code == 200
- assert isinstance(action_assignment, dict)
- value = action_assignment["action_assignments"]
assert "action_assignments" in action_assignment
- id = list(value.keys())[0]
- assert value[id]['policy_id'] == policy_id
- assert value[id]['category_id'] == "111"
- assert value[id]['action_id'] == "id1"
def test_add_action_assignment_without_cat_id():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, action_assignment = add_action_assignment(client, policy_id, "")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == 'Empty String'
+ req, action_assignment = add_action_assignment_without_cat_id(client)
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'category_id', [Empty String]"
def test_delete_action_assignment():
client = utilities.register_client()
- policy_id = utilities.get_policy_id()
+ policy_id = builder.get_policy_id_with_action_assignment()
req, action_assignment = get_action_assignment(client, policy_id)
value = action_assignment["action_assignments"]
id = list(value.keys())[0]
@@ -222,6 +265,6 @@ def test_delete_action_assignment():
def test_delete_action_assignment_without_policy_id():
client = utilities.register_client()
success_req = delete_action_assignment(client, "", "id1", "111" ,"data_id1")
- assert success_req.status_code == 500
+ assert success_req.status_code == 404
# ---------------------------------------------------------------------------
diff --git a/moon_manager/tests/unit_python/api/test_data.py b/moon_manager/tests/unit_python/api/test_data.py
index f806ea2a..ff0856af 100644
--- a/moon_manager/tests/unit_python/api/test_data.py
+++ b/moon_manager/tests/unit_python/api/test_data.py
@@ -5,7 +5,8 @@
import api.utilities as utilities
import json
-
+from helpers import data_builder as builder
+from uuid import uuid4
# subject_categories_test
@@ -19,12 +20,17 @@ def get_subject_data(client, policy_id, category_id=None):
return req, subject_data
-def add_subject_data(client, name, policy_id, category_id):
+def add_subject_data(client, name):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex)
data = {
"name": name,
"description": "description of {}".format(name)
}
- req = client.post("/policies/{}/subject_data/{}".format(policy_id, category_id), data=json.dumps(data),
+ req = client.post("/policies/{}/subject_data/{}".format(policy_id, subject_category_id), data=json.dumps(data),
headers={'Content-Type': 'application/json'})
subject_data = utilities.get_json(req.data)
return req, subject_data
@@ -45,9 +51,8 @@ def test_get_subject_data():
def test_add_subject_data():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, subject_data = add_subject_data(client, "testuser", policy_id, "111")
+ req, subject_data = add_subject_data(client, "testuser")
assert req.status_code == 200
assert isinstance(subject_data, dict)
value = subject_data["subject_data"]['data']
@@ -59,31 +64,29 @@ def test_add_subject_data():
def test_delete_subject_data():
client = utilities.register_client()
- policy_id = utilities.get_policy_id()
+ subject_category_id, object_category_id, action_category_id, meta_rule_id,policy_id = builder.create_new_policy()
success_req = delete_subject_data(client, policy_id)
assert success_req.status_code == 200
def test_add_subject_data_with_empty_user():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, subject_data = add_subject_data(client, "", policy_id, "111")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "Empty String"
+ req, subject_data = add_subject_data(client, "")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
def test_add_subject_data_with_user_contain_space():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, subject_data = add_subject_data(client, "test user", policy_id, "111")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "String contains space"
+ req, subject_data = add_subject_data(client, "test user")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
def test_delete_subject_data_without_policy_id():
client = utilities.register_client()
success_req = delete_subject_data(client, "")
- assert success_req.status_code == 500
+ assert success_req.status_code == 404
# ---------------------------------------------------------------------------
@@ -99,12 +102,17 @@ def get_object_data(client, policy_id, category_id=None):
return req, object_data
-def add_object_data(client, name, policy_id, category_id):
+def add_object_data(client, name):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex)
data = {
"name": name,
"description": "description of {}".format(name)
}
- req = client.post("/policies/{}/object_data/{}".format(policy_id, category_id), data=json.dumps(data),
+ req = client.post("/policies/{}/object_data/{}".format(policy_id, object_category_id), data=json.dumps(data),
headers={'Content-Type': 'application/json'})
object_data = utilities.get_json(req.data)
return req, object_data
@@ -125,9 +133,8 @@ def test_get_object_data():
def test_add_object_data():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, object_data = add_object_data(client, "testuser", policy_id, "111")
+ req, object_data = add_object_data(client, "testuser")
assert req.status_code == 200
assert isinstance(object_data, dict)
value = object_data["object_data"]['data']
@@ -149,25 +156,23 @@ def test_delete_object_data():
def test_add_object_data_with_empty_user():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, subject_data = add_subject_data(client, "", policy_id, "111")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "Empty String"
+ req, subject_data = add_object_data(client, "")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
def test_add_object_data_with_user_contain_space():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, object_data = add_object_data(client, "test user", policy_id, "111")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "String contains space"
+ req, object_data = add_object_data(client, "test user")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
def test_delete_object_data_without_policy_id():
client = utilities.register_client()
success_req = delete_object_data(client, "")
- assert success_req.status_code == 500
+ assert success_req.status_code == 404
# ---------------------------------------------------------------------------
# action_categories_test
@@ -182,12 +187,17 @@ def get_action_data(client, policy_id, category_id=None):
return req, action_data
-def add_action_data(client, name, policy_id, category_id):
+def add_action_data(client, name):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex)
data = {
"name": name,
"description": "description of {}".format(name)
}
- req = client.post("/policies/{}/action_data/{}".format(policy_id, category_id), data=json.dumps(data),
+ req = client.post("/policies/{}/action_data/{}".format(policy_id, action_category_id), data=json.dumps(data),
headers={'Content-Type': 'application/json'})
action_data = utilities.get_json(req.data)
return req, action_data
@@ -208,9 +218,8 @@ def test_get_action_data():
def test_add_action_data():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, action_data = add_action_data(client, "testuser", policy_id, "111")
+ req, action_data = add_action_data(client, "testuser")
assert req.status_code == 200
assert isinstance(action_data, dict)
value = action_data["action_data"]['data']
@@ -228,23 +237,21 @@ def test_delete_action_data():
def test_add_action_data_with_empty_user():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, action_data = add_action_data(client, "", policy_id, "111")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "Empty String"
+ req, action_data = add_action_data(client, "")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
def test_add_action_data_with_user_contain_space():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, action_data = add_action_data(client, "test user", policy_id, "111")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "String contains space"
+ req, action_data = add_action_data(client, "test user")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
def test_delete_action_data_without_policy_id():
client = utilities.register_client()
success_req = delete_action_data(client, "")
- assert success_req.status_code == 500
+ assert success_req.status_code == 404
# ---------------------------------------------------------------------------
diff --git a/moon_manager/tests/unit_python/api/test_export.py b/moon_manager/tests/unit_python/api/test_export.py
index 122ab927..ac8e8d17 100644
--- a/moon_manager/tests/unit_python/api/test_export.py
+++ b/moon_manager/tests/unit_python/api/test_export.py
@@ -51,11 +51,11 @@ ASSIGNMENTS = {"models": [{"name": "test model", "description": "", "meta_rules"
"action_data": [{"name": "test action data", "description": "action data description", "policies": [{"name": "test policy"}], "category": {"name": "test action categories"}}],
"meta_rules": [{"name": "meta rule", "description": "valid meta rule", "subject_categories": [{"name": "test subject categories"}], "object_categories": [{"name": "test object categories"}], "action_categories": [{"name": "test action categories"}]}],
"subjects": [{"name": "testuser", "description": "description of the subject", "extra": {"field_extra_subject": "value extra subject"}, "policies": [{"name": "test policy"}]}],
- "objects": [{"name": "test object", "description": "description of the object", "extra": {"field_extra_object": "value extra object"}, "policies": [{"name": "test policy"}]}],
- "actions": [{"name": "test action", "description": "description of the action", "extra": {"field_extra_action": "value extra action"}, "policies": [{"name": "test policy"}]}],
+ "objects": [{"name": "test object e0", "description": "description of the object", "extra": {"field_extra_object": "value extra object"}, "policies": [{"name": "test policy"}]}],
+ "actions": [{"name": "test action e0", "description": "description of the action", "extra": {"field_extra_action": "value extra action"}, "policies": [{"name": "test policy"}]}],
"subject_assignments": [{"subject": {"name": "testuser"}, "category": {"name": "test subject categories"}, "assignments": [{"name": "test subject data"}]}],
- "object_assignments": [{"object": {"name": "test object"}, "category": {"name": "test object categories"}, "assignments": [{"name": "test object data"}]}],
- "action_assignments": [{"action": {"name": "test action"}, "category": {"name": "test action categories"}, "assignments": [{"name": "test action data"}]}]}
+ "object_assignments": [{"object": {"name": "test object e0"}, "category": {"name": "test object categories"}, "assignments": [{"name": "test object data"}]}],
+ "action_assignments": [{"action": {"name": "test action e0"}, "category": {"name": "test action categories"}, "assignments": [{"name": "test action data"}]}]}
RULES = {"models": [{"name": "test model", "description": "", "meta_rules": [{"name": "meta rule"}]}],
"policies": [{"name": "test policy", "genre": "authz", "description": "policy description", "model": {"name" : "test model"}}],
@@ -67,12 +67,12 @@ RULES = {"models": [{"name": "test model", "description": "", "meta_rules": [{"n
"action_data": [{"name": "test action data", "description": "action data description", "policies": [{"name": "test policy"}], "category": {"name": "test action categories"}}],
"meta_rules": [{"name": "meta rule", "description": "valid meta rule", "subject_categories": [{"name": "test subject categories"}], "object_categories": [{"name": "test object categories"}], "action_categories": [{"name": "test action categories"}]}],
"subjects": [{"name": "testuser", "description": "description of the subject", "extra": {"field_extra_subject": "value extra subject"}, "policies": [{"name": "test policy"}]}],
- "objects": [{"name": "test object", "description": "description of the object", "extra": {"field_extra_object": "value extra object"}, "policies": [{"name": "test policy"}]}],
- "actions": [{"name": "test action", "description": "description of the action", "extra": {"field_extra_action": "value extra action"}, "policies": [{"name": "test policy"}]}],
+ "objects": [{"name": "test object e1", "description": "description of the object", "extra": {"field_extra_object": "value extra object"}, "policies": [{"name": "test policy"}]}],
+ "actions": [{"name": "test action e1", "description": "description of the action", "extra": {"field_extra_action": "value extra action"}, "policies": [{"name": "test policy"}]}],
"subject_assignments": [{"subject": {"name": "testuser"}, "category": {"name": "test subject categories"}, "assignments": [{"name": "test subject data"}]}],
- "object_assignments": [{"object": {"name": "test object"}, "category": {"name": "test object categories"}, "assignments": [{"name": "test object data"}]}],
- "action_assignments": [{"action": {"name": "test action"}, "category": {"name": "test action categories"}, "assignments": [{"name": "test action data"}]}],
- "rules": [{"meta_rule": {"name" : "meta rule"}, "rule": {"subject_data" : [{"name":"test subject data"}], "object_data": [{"name": "test object data"}], "action_data": [{"name": "test action data"}]}, "policy": {"name" :"test policy"}, "instructions" : {"decision" : "grant"}, "enabled": True}]
+ "object_assignments": [{"object": {"name": "test object e1"}, "category": {"name": "test object categories"}, "assignments": [{"name": "test object data"}]}],
+ "action_assignments": [{"action": {"name": "test action e1"}, "category": {"name": "test action categories"}, "assignments": [{"name": "test action data"}]}],
+ "rules": [{"meta_rule": {"name": "meta rule"}, "rule": {"subject_data": [{"name": "test subject data"}], "object_data": [{"name": "test object data"}], "action_data": [{"name": "test action data"}]}, "policy": {"name":"test policy"}, "instructions": {"decision": "grant"}, "enabled": True}]
}
@@ -87,7 +87,6 @@ def test_export_models():
assert req.status_code == 200
data = utilities.get_json(req.data)
- print(data)
assert "content" in data
assert "models" in data["content"]
assert isinstance(data["content"]["models"], list)
@@ -110,7 +109,6 @@ def test_export_policies():
assert req.status_code == 200
data = utilities.get_json(req.data)
- print(data)
assert "content" in data
assert "policies" in data["content"]
assert isinstance(data["content"]["policies"], list)
@@ -136,7 +134,6 @@ def test_export_subject_object_action():
assert req.status_code == 200
data = utilities.get_json(req.data)
- print(data)
assert "content" in data
type_elements = ["subject", "object", "action"]
for type_element in type_elements:
@@ -158,10 +155,8 @@ def test_export_subject_object_action():
assert isinstance(element["extra"], dict)
key_dict = "field_extra_" + type_element
value_dict = "value extra " + type_element
- #TODO change this after bug fix on extra
- if False:
- assert key_dict in element["extra"]
- assert element["extra"][key_dict] == value_dict
+ assert key_dict in element["extra"]
+ assert element["extra"][key_dict] == value_dict
def test_export_subject_object_action_categories():
@@ -196,7 +191,6 @@ def test_export_subject_object_action_data():
req = client.get("/export")
assert req.status_code == 200
data = utilities.get_json(req.data)
- print(data)
assert "content" in data
type_elements = ["subject", "object", "action"]
for type_element in type_elements:
@@ -207,9 +201,9 @@ def test_export_subject_object_action_data():
data_elt = data["content"][key][0]
assert data_elt["name"] == "test " + type_element + " data"
assert data_elt["description"] == type_element + " data description"
- assert isinstance(data_elt["policy"],dict)
+ assert isinstance(data_elt["policy"], dict)
assert data_elt["policy"]["name"] == "test policy"
- assert isinstance(data_elt["category"],dict)
+ assert isinstance(data_elt["category"], dict)
assert data_elt["category"]["name"] == "test " + type_element + " categories"
@@ -223,7 +217,6 @@ def test_export_assignments():
req = client.get("/export")
assert req.status_code == 200
data = utilities.get_json(req.data)
- print(data)
assert "content" in data
type_elements = ["subject", "object", "action"]
for type_element in type_elements:
@@ -237,7 +230,7 @@ def test_export_assignments():
if type_element == "subject":
assert assignment_elt[type_element]["name"] == "testuser"
else:
- assert assignment_elt[type_element]["name"] == "test " + type_element
+ assert assignment_elt[type_element]["name"] == "test " + type_element + " e0"
assert "category" in assignment_elt
assert isinstance(assignment_elt["category"], dict)
assert assignment_elt["category"]["name"] == "test " + type_element + " categories"
@@ -246,6 +239,8 @@ def test_export_assignments():
assert len(assignment_elt["assignments"]) == 1
assert assignment_elt["assignments"][0]["name"] == "test " + type_element + " data"
+ import_export_utilities.clean_all(client)
+
def test_export_rules():
client = utilities.register_client()
@@ -257,7 +252,6 @@ def test_export_rules():
req = client.get("/export")
assert req.status_code == 200
data = utilities.get_json(req.data)
- print(data)
assert "content" in data
assert "rules" in data["content"]
assert isinstance(data["content"]["rules"], list)
@@ -267,7 +261,7 @@ def test_export_rules():
assert "decision" in rule["instructions"]
assert rule["instructions"]["decision"] == "grant"
assert "enabled" in rule
- assert rule["enabled"] == True
+ assert rule["enabled"]
assert "meta_rule" in rule
assert rule["meta_rule"]["name"] == "meta rule"
assert "policy" in rule
diff --git a/moon_manager/tests/unit_python/api/test_import.py b/moon_manager/tests/unit_python/api/test_import.py
index 12a1cc6b..f1ab8251 100644
--- a/moon_manager/tests/unit_python/api/test_import.py
+++ b/moon_manager/tests/unit_python/api/test_import.py
@@ -6,10 +6,9 @@
import api.utilities as utilities
import api.test_unit_models as test_models
import api.test_policies as test_policies
-import api.test_perimeter as test_perimeter
-import api.meta_data_test as test_categories
+import api.test_meta_data as test_categories
import api.test_data as test_data
-import api.meta_rules_test as test_meta_rules
+import api.test_meta_rules as test_meta_rules
import api.test_assignemnt as test_assignments
import api.test_rules as test_rules
import api.import_export_utilities as import_export_utilities
@@ -37,11 +36,17 @@ SUBJECTS = [{"subjects": [{"name": "testuser", "description": "description of th
{"policies": [{"name": "test policy", "genre": "authz", "description": "description", "model": {}, "mandatory": False}], "subjects": [{"name": "testuser", "description": "description of the subject", "extra": {}, "policies": [{"name": "test policy"}]}]}]
-OBJECTS = [{"objects": [{"name": "test object", "description": "description of the object", "extra": {}, "policies": []}]},
- {"policies": [{"name": "test policy", "genre": "authz", "description": "description", "model": {}, "mandatory": False}], "objects": [{"name": "test object", "description": "description of the object", "extra": {}, "policies": []}]},
- {"policies": [{"name": "test other policy", "genre": "authz", "description": "description", "model": {}, "mandatory": True}], "objects": [{"name": "test object", "description": "description of the object", "extra": {}, "policies": []}]},
- {"objects": [{"name": "test object", "description": "new description of the object", "extra": {"test": "test extra"}, "policies": [{"name": "test other policy"}]}]},
- {"policies": [{"name": "test policy", "genre": "authz", "description": "description", "model": {}, "mandatory": False}], "objects": [{"name": "test object", "description": "description of the object", "extra": {}, "policies": [{"name": "test policy"}]}]}]
+OBJECTS = [
+ {"objects": [{"name": "test object", "description": "description of the object", "extra": {}, "policies": []}]},
+ {"policies": [{"name": "test policy", "genre": "authz", "description": "description", "model": {}, "mandatory": False}],
+ "objects": [{"name": "test object", "description": "description of the object", "extra": {}, "policies": []}]},
+ {"policies": [{"name": "test other policy", "genre": "authz", "description": "description", "model": {}, "mandatory": True}],
+ "objects": [{"name": "test object", "description": "description of the object", "extra": {}, "policies": []}]},
+ {"objects": [{"name": "test object", "description": "new description of the object", "extra": {"test": "test extra"},
+ "policies": [{"name": "test other policy"}]}]},
+ {"policies": [{"name": "test policy", "genre": "authz", "description": "description", "model": {}, "mandatory": False}],
+ "objects": [{"name": "test object", "description": "description of the object", "extra": {}, "policies": [{"name": "test policy"}]}]},
+]
ACTIONS = [{"actions": [{"name": "test action", "description": "description of the action", "extra": {}, "policies": []}]},
@@ -100,7 +105,8 @@ META_RULES = [{"meta_rules" :[{"name": "bad meta rule", "description": "not vali
{"meta_rules": [{"name": "bad meta rule", "description": "not valid meta rule", "subject_categories": [{"name": "test subject categories"}], "object_categories": [{"name": "test object categories"}], "action_categories": [{"name": "not valid category"}]}]},
{"meta_rules": [{"name": "good meta rule", "description": "valid meta rule", "subject_categories": [{"name": "test subject categories"}], "object_categories": [{"name": "test object categories"}], "action_categories": [{"name": "test action categories"}]}]}]
-PRE_ASSIGNMENTS = {"models": [{"name": "test model", "description": "", "meta_rules": [{"name" : "good meta rule"}]}],
+
+PRE_ASSIGNMENTS = {"models": [{"name": "test model", "description": "", "meta_rules": [{"name": "good meta rule"}]}],
"policies": [{"name": "test policy", "genre": "authz", "description": "description", "model": {"name" : "test model"}, "mandatory": True}],
"subject_categories": [{"name": "test subject categories", "description": "subject category description"}],
"object_categories": [{"name": "test object categories", "description": "object category description"}],
@@ -168,8 +174,8 @@ def test_import_policies():
try:
data = utilities.get_json(req.data)
assert data == "Import ok !"
- except Exception as e:
- assert counter == 2 # this is an expected failure
+ except Exception:
+ assert counter == 2 # this is an expected failure
continue
req, policies = test_policies.get_policies(client)
@@ -189,7 +195,7 @@ def test_import_policies():
def test_import_subject_object_action():
client = utilities.register_client()
- type_elements =["object", "action"]
+ type_elements = ["object", "action"]
for type_element in type_elements:
import_export_utilities.clean_all(client)
@@ -197,21 +203,18 @@ def test_import_subject_object_action():
# set the getters and the comparison values
if type_element == "subject":
elements = SUBJECTS
- get_method = test_perimeter.get_subjects
- clean_method= import_export_utilities.clean_subjects
+ clean_method = import_export_utilities.clean_subjects
name = "testuser"
key_extra = "email"
value_extra = "new-email@test.com"
elif type_element == "object":
elements = OBJECTS
- get_method = test_perimeter.get_objects
clean_method = import_export_utilities.clean_objects
name = "test object"
key_extra = "test"
value_extra = "test extra"
else:
elements = ACTIONS
- get_method = test_perimeter.get_actions
clean_method = import_export_utilities.clean_actions
name = "test action"
key_extra = "test"
@@ -219,7 +222,6 @@ def test_import_subject_object_action():
for element in elements:
counter = counter + 1
- print("counter {}".format(counter))
if counter == 2 or counter == 4:
clean_method(client)
@@ -231,28 +233,23 @@ def test_import_subject_object_action():
try:
data = utilities.get_json(req.data)
except Exception as e:
- print(str(e))
assert False
#assert counter < 2 #  this is an expected failure
#continue
assert data == "Import ok !"
- get_elements = get_method(client)
- get_elements = get_elements[1][type_element + "s"]
+ get_elements = utilities.get_json(client.get("/"+type_element + "s").data)
+ get_elements = get_elements[type_element + "s"]
assert len(list(get_elements.keys())) == 1
values = list(get_elements.values())
assert values[0]["name"] == name
- print(values[0])
if counter == 2 or counter == 4:
assert values[0]["description"] == "description of the " + type_element
- print(values[0])
#assert not values[0]["extra"]
if counter == 3:
- #TODO uncomment this if update shall be done through import !
- #assert values[0]["description"] == "new description of the " + type_element
- #assert values[0]["extra"][key_extra] == value_extra
- assert True
+ assert values[0]["description"] == "new description of the " + type_element
+ assert values[0]["extra"][key_extra] == value_extra
# assert len(values[0]["policy_list"]) == 1
import_export_utilities.clean_all(client)
@@ -309,10 +306,9 @@ def test_import_meta_rules():
assert data == "Import ok !"
assert req.status_code == 200
- req ,meta_rules= test_meta_rules.get_meta_rules(client)
+ req, meta_rules = test_meta_rules.get_meta_rules(client)
meta_rules = meta_rules["meta_rules"]
key = list(meta_rules.keys())[0]
- print(meta_rules)
assert isinstance(meta_rules,dict)
assert meta_rules[key]["name"] == "good meta rule"
assert meta_rules[key]["description"] == "valid meta rule"
@@ -367,8 +363,6 @@ def test_import_subject_object_action_assignments():
assert req.status_code == 500
continue
else:
- print(data)
- print(req)
assert data == "Import ok !"
assert req.status_code == 200
req, policies = test_policies.get_policies(client)
@@ -398,16 +392,13 @@ def test_import_rules():
req, rules = test_rules.test_get_rules()
rules = rules["rules"]
- policy_key = rules["policy_id"]
rules = rules["rules"]
- print(rules)
assert len(rules) == 1
rules = rules[0]
- assert rules["enabled"] == True
+ assert rules["enabled"]
assert rules["instructions"]["decision"] == "grant"
req, meta_rules = test_meta_rules.get_meta_rules(client)
- print(meta_rules)
assert meta_rules["meta_rules"][list(meta_rules["meta_rules"].keys())[0]]["name"] == "good meta rule"
@@ -439,7 +430,6 @@ def test_import_subject_object_action_data():
if counter == 0 or counter == 1:
assert req.status_code == 500
continue
- print(counter)
assert req.status_code == 200
data = utilities.get_json(req.data)
assert data == "Import ok !"
@@ -448,30 +438,20 @@ def test_import_subject_object_action_data():
policies = policies["policies"]
req, categories = get_categories(client)
categories = categories[type_element + "_categories"]
- print("categories {}".format(categories))
- print("policies {}".format(policies))
- print("data in import {}".format(element))
case_tested = False
for policy_key in policies.keys():
- print("policy in test {}".format(policy_key))
policy = policies[policy_key]
- print("policy {}".format(policy))
for category_key in categories:
- print("category in test {}".format(category_key))
- print("looking for {} data with policy {} and category {}".format(type_element, policy_key,category_key))
req, get_elements = get_method(client, policy_id=policy_key, category_id=category_key)
if len(get_elements[type_element+"_data"]) == 0:
continue
- # do this because the backend gives an element with empty data if the policy_key, category_key couple does not have any data...
+ # do this because the backend gives an element with empty data if the policy_key,
+ # category_key couple does not have any data...
get_elements = get_elements[type_element+"_data"]
- print("test")
if len(get_elements[0]["data"]) == 0:
- print("test2")
continue
- print("get_elements {}".format(get_elements))
-
if policy["name"] == "test policy":
assert len(get_elements) == 1
el = get_elements[0]
@@ -481,7 +461,6 @@ def test_import_subject_object_action_data():
el = el["data"][list(el["data"].keys())[0]]
if "value" in el:
el = el["value"]
- print(el)
assert el["name"] == "one valid " + type_element + " data"
if counter == 3:
assert len(el["data"].keys()) == 2
@@ -503,7 +482,6 @@ def test_import_subject_object_action_data():
assert isinstance(el["data"], dict)
assert len(el["data"].keys()) == 1
el = el["data"][list(el["data"].keys())[0]]
- print(el)
if "value" in el:
el = el["value"]
assert el["name"] == "valid " + type_element + " data"
@@ -517,4 +495,4 @@ def test_clean():
client = utilities.register_client()
import_export_utilities.clean_all(client)
#restore the database as previously
- utilities.get_policy_id() \ No newline at end of file
+ utilities.get_policy_id()
diff --git a/moon_manager/tests/unit_python/api/test_meta_data.py b/moon_manager/tests/unit_python/api/test_meta_data.py
new file mode 100644
index 00000000..4cb86913
--- /dev/null
+++ b/moon_manager/tests/unit_python/api/test_meta_data.py
@@ -0,0 +1,235 @@
+import json
+import api.utilities as utilities
+
+#subject_categories_test
+
+
+def get_subject_categories(client):
+ req = client.get("/subject_categories")
+ subject_categories = utilities.get_json(req.data)
+ return req, subject_categories
+
+
+def add_subject_categories(client, name):
+ data = {
+ "name": name,
+ "description": "description of {}".format(name)
+ }
+ req = client.post("/subject_categories", data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ subject_categories = utilities.get_json(req.data)
+ return req, subject_categories
+
+
+def delete_subject_categories(client, name):
+ request, subject_categories = get_subject_categories(client)
+ for key, value in subject_categories['subject_categories'].items():
+ if value['name'] == name:
+ return client.delete("/subject_categories/{}".format(key))
+
+
+def delete_subject_categories_without_id(client):
+ req = client.delete("/subject_categories/{}".format(""))
+ return req
+
+
+def test_get_subject_categories():
+ client = utilities.register_client()
+ req, subject_categories = get_subject_categories(client)
+ assert req.status_code == 200
+ assert isinstance(subject_categories, dict)
+ assert "subject_categories" in subject_categories
+
+
+def test_add_subject_categories():
+ client = utilities.register_client()
+ req, subject_categories = add_subject_categories(client, "testuser")
+ assert req.status_code == 200
+ assert isinstance(subject_categories, dict)
+ value = list(subject_categories["subject_categories"].values())[0]
+ assert "subject_categories" in subject_categories
+ assert value['name'] == "testuser"
+ assert value['description'] == "description of {}".format("testuser")
+
+
+def test_add_subject_categories_with_empty_user():
+ client = utilities.register_client()
+ req, subject_categories = add_subject_categories(client, "")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
+
+
+def test_add_subject_categories_with_user_contain_space():
+ client = utilities.register_client()
+ req, subject_categories = add_subject_categories(client, "test user")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
+
+
+def test_delete_subject_categories():
+ client = utilities.register_client()
+ req = delete_subject_categories(client, "testuser")
+ assert req.status_code == 200
+
+
+def test_delete_subject_categories_without_id():
+ client = utilities.register_client()
+ req = delete_subject_categories_without_id(client)
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "400: Subject Category Unknown"
+
+
+#---------------------------------------------------------------------------
+#object_categories_test
+
+def get_object_categories(client):
+ req = client.get("/object_categories")
+ object_categories = utilities.get_json(req.data)
+ return req, object_categories
+
+
+def add_object_categories(client, name):
+ data = {
+ "name": name,
+ "description": "description of {}".format(name)
+ }
+ req = client.post("/object_categories", data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ object_categories = utilities.get_json(req.data)
+ return req, object_categories
+
+
+def delete_object_categories(client, name):
+ request, object_categories = get_object_categories(client)
+ for key, value in object_categories['object_categories'].items():
+ if value['name'] == name:
+ return client.delete("/object_categories/{}".format(key))
+
+
+def delete_object_categories_without_id(client):
+ req = client.delete("/object_categories/{}".format(""))
+ return req
+
+
+def test_get_object_categories():
+ client = utilities.register_client()
+ req, object_categories = get_object_categories(client)
+ assert req.status_code == 200
+ assert isinstance(object_categories, dict)
+ assert "object_categories" in object_categories
+
+
+def test_add_object_categories():
+ client = utilities.register_client()
+ req, object_categories = add_object_categories(client, "testuser")
+ assert req.status_code == 200
+ assert isinstance(object_categories, dict)
+ value = list(object_categories["object_categories"].values())[0]
+ assert "object_categories" in object_categories
+ assert value['name'] == "testuser"
+ assert value['description'] == "description of {}".format("testuser")
+
+
+def test_add_object_categories_with_empty_user():
+ client = utilities.register_client()
+ req, object_categories = add_object_categories(client, "")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
+
+
+def test_add_object_categories_with_user_contain_space():
+ client = utilities.register_client()
+ req, object_categories = add_object_categories(client, "test user")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
+
+
+def test_delete_object_categories():
+ client = utilities.register_client()
+ req = delete_object_categories(client, "testuser")
+ assert req.status_code == 200
+
+
+def test_delete_object_categories_without_id():
+ client = utilities.register_client()
+ req = delete_object_categories_without_id(client)
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "400: Object Category Unknown"
+
+
+#---------------------------------------------------------------------------
+#action_categories_test
+
+def get_action_categories(client):
+ req = client.get("/action_categories")
+ action_categories = utilities.get_json(req.data)
+ return req, action_categories
+
+
+def add_action_categories(client, name):
+ data = {
+ "name": name,
+ "description": "description of {}".format(name)
+ }
+ req = client.post("/action_categories", data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ action_categories = utilities.get_json(req.data)
+ return req, action_categories
+
+
+def delete_action_categories(client, name):
+ request, action_categories = get_action_categories(client)
+ for key, value in action_categories['action_categories'].items():
+ if value['name'] == name:
+ return client.delete("/action_categories/{}".format(key))
+
+
+def delete_action_categories_without_id(client):
+ req = client.delete("/action_categories/{}".format(""))
+ return req
+
+
+def test_get_action_categories():
+ client = utilities.register_client()
+ req, action_categories = get_action_categories(client)
+ assert req.status_code == 200
+ assert isinstance(action_categories, dict)
+ assert "action_categories" in action_categories
+
+
+def test_add_action_categories():
+ client = utilities.register_client()
+ req, action_categories = add_action_categories(client, "testuser")
+ assert req.status_code == 200
+ assert isinstance(action_categories, dict)
+ value = list(action_categories["action_categories"].values())[0]
+ assert "action_categories" in action_categories
+ assert value['name'] == "testuser"
+ assert value['description'] == "description of {}".format("testuser")
+
+
+def test_add_action_categories_with_empty_user():
+ client = utilities.register_client()
+ req, action_categories = add_action_categories(client, "")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
+
+
+def test_add_action_categories_with_user_contain_space():
+ client = utilities.register_client()
+ req, action_categories = add_action_categories(client, "test user")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
+
+
+def test_delete_action_categories():
+ client = utilities.register_client()
+ req = delete_action_categories(client, "testuser")
+ assert req.status_code == 200
+
+
+def test_delete_action_categories_without_id():
+ client = utilities.register_client()
+ req = delete_action_categories_without_id(client)
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "400: Action Category Unknown"
diff --git a/moon_manager/tests/unit_python/api/test_meta_rules.py b/moon_manager/tests/unit_python/api/test_meta_rules.py
new file mode 100644
index 00000000..80d648b4
--- /dev/null
+++ b/moon_manager/tests/unit_python/api/test_meta_rules.py
@@ -0,0 +1,175 @@
+import json
+import api.utilities as utilities
+from helpers import category_helper
+from uuid import uuid4
+
+
+def get_meta_rules(client):
+ req = client.get("/meta_rules")
+ meta_rules = utilities.get_json(req.data)
+ return req, meta_rules
+
+
+def add_meta_rules(client, name):
+ subject_category = category_helper.add_subject_category(value={"name": "subject category name"+uuid4().hex, "description": "description 1"})
+ subject_category_id = list(subject_category.keys())[0]
+ object_category = category_helper.add_object_category(value={"name": "object category name"+ uuid4().hex, "description": "description 1"})
+ object_category_id = list(object_category.keys())[0]
+ action_category = category_helper.add_action_category(value={"name": "action category name"+uuid4().hex, "description": "description 1"})
+ action_category_id = list(action_category.keys())[0]
+
+ data = {
+ "name": name,
+ "subject_categories": [subject_category_id],
+ "object_categories": [object_category_id],
+ "action_categories": [action_category_id]
+ }
+ req = client.post("/meta_rules", data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ meta_rules = utilities.get_json(req.data)
+ return req, meta_rules
+
+
+def add_meta_rules_without_subject_category_ids(client, name):
+ data = {
+ "name": name,
+ "subject_categories": [],
+ "object_categories": ["object_category_id1"],
+ "action_categories": ["action_category_id1"]
+ }
+ req = client.post("/meta_rules", data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ meta_rules = utilities.get_json(req.data)
+ return req, meta_rules
+
+
+def update_meta_rules(client, name, metaRuleId):
+ subject_category = category_helper.add_subject_category(
+ value={"name": "subject category name update" + uuid4().hex, "description": "description 1"})
+ subject_category_id = list(subject_category.keys())[0]
+ object_category = category_helper.add_object_category(
+ value={"name": "object category name update" + uuid4().hex, "description": "description 1"})
+ object_category_id = list(object_category.keys())[0]
+ action_category = category_helper.add_action_category(
+ value={"name": "action category name update" + uuid4().hex, "description": "description 1"})
+ action_category_id = list(action_category.keys())[0]
+ data = {
+ "name": name,
+ "subject_categories": [subject_category_id],
+ "object_categories": [object_category_id],
+ "action_categories": [action_category_id]
+ }
+ req = client.patch("/meta_rules/{}".format(metaRuleId), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ meta_rules = utilities.get_json(req.data)
+ return req, meta_rules
+
+
+def update_meta_rules_without_subject_category_ids(client, name):
+ data = {
+ "name": name,
+ "subject_categories": [],
+ "object_categories": ["object_category_id1"],
+ "action_categories": ["action_category_id1"]
+ }
+ req = client.post("/meta_rules", data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ meta_rules = utilities.get_json(req.data)
+ return req, meta_rules
+
+
+def delete_meta_rules(client, name):
+ request, meta_rules = get_meta_rules(client)
+ for key, value in meta_rules['meta_rules'].items():
+ if value['name'] == name:
+ req = client.delete("/meta_rules/{}".format(key))
+ break
+ return req
+
+
+def delete_meta_rules_without_id(client):
+ req = client.delete("/meta_rules/{}".format(""))
+ return req
+
+
+def test_get_meta_rules():
+ client = utilities.register_client()
+ req, meta_rules = get_meta_rules(client)
+ assert req.status_code == 200
+ assert isinstance(meta_rules, dict)
+ assert "meta_rules" in meta_rules
+
+
+def test_add_meta_rules():
+ client = utilities.register_client()
+ req, meta_rules = add_meta_rules(client, "testuser")
+ assert req.status_code == 200
+ assert isinstance(meta_rules, dict)
+ value = list(meta_rules["meta_rules"].values())[0]
+ assert "meta_rules" in meta_rules
+ assert value['name'] == "testuser"
+
+
+def test_add_meta_rules_with_empty_user():
+ client = utilities.register_client()
+ req, meta_rules = add_meta_rules(client, "")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
+
+
+def test_add_meta_rules_with_user_contain_space():
+ client = utilities.register_client()
+ req, meta_rules = add_meta_rules(client, "test user")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
+
+
+def test_add_meta_rules_without_subject_categories():
+ client = utilities.register_client()
+ req, meta_rules = add_meta_rules_without_subject_category_ids(client, "testuser")
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'subject_categories', [Empty Container]"
+
+
+def test_delete_meta_rules():
+ client = utilities.register_client()
+ req = delete_meta_rules(client, "testuser")
+ assert req.status_code == 200
+
+
+def test_delete_meta_rules_without_id():
+ client = utilities.register_client()
+ req = delete_meta_rules_without_id(client)
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "400: Meta Rule Unknown"
+
+
+def test_update_meta_rules():
+ client = utilities.register_client()
+ req = add_meta_rules(client, "testuser")
+ meta_rule_id = list(req[1]['meta_rules'])[0]
+ req_update = update_meta_rules(client, "testuser", meta_rule_id)
+ assert req_update[0].status_code == 200
+ delete_meta_rules(client, "testuser")
+ get_meta_rules(client)
+
+
+def test_update_meta_rules_without_id():
+ client = utilities.register_client()
+ req_update = update_meta_rules(client, "testuser", "")
+ assert req_update[0].status_code == 400
+ assert json.loads(req_update[0].data)["message"] == "400: Meta Rule Unknown"
+
+
+def test_update_meta_rules_without_user():
+ client = utilities.register_client()
+ req_update = update_meta_rules(client, "", "")
+ assert req_update[0].status_code == 400
+ assert json.loads(req_update[0].data)["message"] == "Key: 'name', [Empty String]"
+
+
+def test_update_meta_rules_without_subject_categories():
+ client = utilities.register_client()
+ req_update = update_meta_rules_without_subject_category_ids(client, "testuser")
+ assert req_update[0].status_code == 400
+ assert json.loads(req_update[0].data)["message"] == "Key: 'subject_categories', [Empty Container]"
diff --git a/moon_manager/tests/unit_python/api/test_pdp.py b/moon_manager/tests/unit_python/api/test_pdp.py
index fbaa6c7b..1ac9b84f 100644
--- a/moon_manager/tests/unit_python/api/test_pdp.py
+++ b/moon_manager/tests/unit_python/api/test_pdp.py
@@ -1,6 +1,7 @@
import json
import api.utilities as utilities
-import pytest
+from helpers import data_builder as builder
+from uuid import uuid4
def get_pdp(client):
@@ -42,9 +43,15 @@ def test_get_pdp():
def test_add_pdp():
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex,
+ model_name="model1" + uuid4().hex)
data = {
"name": "testuser",
- "security_pipeline": ["policy_id_1", "policy_id_2"],
+ "security_pipeline": [policy_id],
"keystone_project_id": "keystone_project_id",
"description": "description of testuser"
}
@@ -78,8 +85,8 @@ def test_add_pdp_with_empty_user():
}
client = utilities.register_client()
req, models = add_pdp(client, data)
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "Empty String"
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
def test_add_pdp_with_user_contain_space():
@@ -91,8 +98,8 @@ def test_add_pdp_with_user_contain_space():
}
client = utilities.register_client()
req, models = add_pdp(client, data)
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "String contains space"
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
def test_add_pdp_without_security_pipeline():
@@ -104,8 +111,8 @@ def test_add_pdp_without_security_pipeline():
}
client = utilities.register_client()
req, meta_rules = add_pdp(client, data)
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == 'Empty Container'
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'security_pipeline', [Empty Container]"
def test_add_pdp_without_keystone():
@@ -117,20 +124,33 @@ def test_add_pdp_without_keystone():
}
client = utilities.register_client()
req, meta_rules = add_pdp(client, data)
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == 'Empty String'
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'keystone_project_id', [Empty String]"
def test_update_pdp():
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
+ subject_category_name="subject_category1"+uuid4().hex,
+ object_category_name="object_category1"+uuid4().hex,
+ action_category_name="action_category1"+uuid4().hex,
+ meta_rule_name="meta_rule_1"+uuid4().hex,
+ model_name="model1"+uuid4().hex)
data_add = {
"name": "testuser",
- "security_pipeline": ["policy_id_1", "policy_id_2"],
+ "security_pipeline": [policy_id],
"keystone_project_id": "keystone_project_id",
"description": "description of testuser"
}
+
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id_update = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex,
+ model_name="model1" + uuid4().hex)
data_update = {
"name": "testuser",
- "security_pipeline": ["policy_id_1_update", "policy_id_2_update"],
+ "security_pipeline": [policy_id_update],
"keystone_project_id": "keystone_project_id_update",
"description": "description of testuser"
}
@@ -151,7 +171,8 @@ def test_update_pdp():
def test_update_pdp_without_id():
client = utilities.register_client()
req_update = update_pdp(client, "testuser", "")
- assert req_update[0].status_code == 500
+ assert req_update[0].status_code == 400
+ assert json.loads(req_update[0].data)["message"] == 'Invalid Key :name not found'
def test_update_pdp_without_user():
@@ -163,8 +184,8 @@ def test_update_pdp_without_user():
}
client = utilities.register_client()
req_update = update_pdp(client, data, "")
- assert req_update[0].status_code == 500
- assert json.loads(req_update[0].data)["message"] == "Empty String"
+ assert req_update[0].status_code == 400
+ assert json.loads(req_update[0].data)["message"] == "Key: 'name', [Empty String]"
def test_update_pdp_without_security_pipeline():
@@ -176,5 +197,5 @@ def test_update_pdp_without_security_pipeline():
}
client = utilities.register_client()
req_update = update_pdp(client, data, "")
- assert req_update[0].status_code == 500
- assert json.loads(req_update[0].data)["message"] == "Empty Container" \ No newline at end of file
+ assert req_update[0].status_code == 400
+ assert json.loads(req_update[0].data)["message"] == "Key: 'security_pipeline', [Empty Container]" \ No newline at end of file
diff --git a/moon_manager/tests/unit_python/api/test_perimeter.py b/moon_manager/tests/unit_python/api/test_perimeter.py
index b13bb2ed..322d90c6 100644
--- a/moon_manager/tests/unit_python/api/test_perimeter.py
+++ b/moon_manager/tests/unit_python/api/test_perimeter.py
@@ -2,6 +2,8 @@
# import moon_manager.api
import json
import api.utilities as utilities
+from helpers import data_builder as builder
+from uuid import uuid4
def get_subjects(client):
@@ -11,13 +13,19 @@ def get_subjects(client):
def add_subjects(client, name):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex,
+ model_name="model1" + uuid4().hex)
data = {
- "name": name,
+ "name": name + uuid4().hex,
"description": "description of {}".format(name),
"password": "password for {}".format(name),
"email": "{}@moon".format(name)
}
- req = client.post("/subjects", data=json.dumps(data),
+ req = client.post("/policies/{}/subjects".format(policy_id), data=json.dumps(data),
headers={'Content-Type': 'application/json'})
subjects = utilities.get_json(req.data)
return req, subjects
@@ -25,11 +33,10 @@ def add_subjects(client, name):
def delete_subject(client):
subjects = get_subjects(client)
- for key, value in subjects[1]['subjects'].items():
- if value['name'] == "testuser":
- req = client.delete("/subjects/{}".format(key))
- break
- return req
+ value = subjects[1]['subjects']
+ id = list(value.keys())[0]
+ policy_id = builder.get_policy_id_with_subject_assignment()
+ return client.delete("/policies/{}/subjects/{}".format(policy_id, id))
def delete_subjects_without_perimeter_id(client):
@@ -48,25 +55,39 @@ def test_perimeter_get_subject():
def test_perimeter_add_subject():
client = utilities.register_client()
req, subjects = add_subjects(client, "testuser")
- assert req.status_code == 200
value = list(subjects["subjects"].values())[0]
+ assert req.status_code == 200
assert "subjects" in subjects
- assert value['name'] == "testuser"
- assert value["email"] == "{}@moon".format("testuser")
+ assert value["name"] is not None
+ assert value["email"] is not None
def test_perimeter_add_subject_without_name():
client = utilities.register_client()
- req, subjects = add_subjects(client, "")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "Empty String"
+ data = {
+ "name": "",
+ "description": "description of {}".format(""),
+ "password": "password for {}".format(""),
+ "email": "{}@moon".format("")
+ }
+ req = client.post("/policies/{}/subjects".format("111"), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
def test_perimeter_add_subject_with_name_contain_spaces():
client = utilities.register_client()
- req, subjects = add_subjects(client, "test user")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "String contains space"
+ data = {
+ "name": "test user",
+ "description": "description of {}".format("test user"),
+ "password": "password for {}".format("test user"),
+ "email": "{}@moon".format("test user")
+ }
+ req = client.post("/policies/{}/subjects".format("111"), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
def test_perimeter_delete_subject():
@@ -78,7 +99,8 @@ def test_perimeter_delete_subject():
def test_perimeter_delete_subjects_without_perimeter_id():
client = utilities.register_client()
req = delete_subjects_without_perimeter_id(client)
- assert req.status_code == 500
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "400: Subject Unknown"
def get_objects(client):
@@ -88,11 +110,17 @@ def get_objects(client):
def add_objects(client, name):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policyId = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex,
+ model_name="model1" + uuid4().hex)
data = {
- "name": name,
+ "name": name + uuid4().hex,
"description": "description of {}".format(name),
}
- req = client.post("/objects", data=json.dumps(data),
+ req = client.post("/policies/{}/objects/".format(policyId), data=json.dumps(data),
headers={'Content-Type': 'application/json'})
objects = utilities.get_json(req.data)
return req, objects
@@ -100,11 +128,10 @@ def add_objects(client, name):
def delete_object(client):
objects = get_objects(client)
- for key, value in objects[1]['objects'].items():
- if value['name'] == "testuser":
- req = client.delete("/objects/{}".format(key))
- break
- return req
+ value = objects[1]['objects']
+ id = list(value.keys())[0]
+ policy_id = builder.get_policy_id_with_object_assignment()
+ return client.delete("/policies/{}/objects/{}".format(policy_id, id))
def delete_objects_without_perimeter_id(client):
@@ -123,24 +150,34 @@ def test_perimeter_get_object():
def test_perimeter_add_object():
client = utilities.register_client()
req, objects = add_objects(client, "testuser")
- assert req.status_code == 200
value = list(objects["objects"].values())[0]
+ assert req.status_code == 200
assert "objects" in objects
- assert value['name'] == "testuser"
+ assert value['name'] is not None
def test_perimeter_add_object_without_name():
client = utilities.register_client()
- req, objects = add_objects(client, "")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "Empty String"
+ data = {
+ "name": "",
+ "description": "description of {}".format(""),
+ }
+ req = client.post("/policies/{}/objects/".format("111"), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
def test_perimeter_add_object_with_name_contain_spaces():
client = utilities.register_client()
- req, objects = add_objects(client, "test user")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "String contains space"
+ data = {
+ "name": "test user",
+ "description": "description of {}".format("test user"),
+ }
+ req = client.post("/policies/{}/objects/".format("111"), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
def test_perimeter_delete_object():
@@ -152,7 +189,8 @@ def test_perimeter_delete_object():
def test_perimeter_delete_objects_without_perimeter_id():
client = utilities.register_client()
req = delete_objects_without_perimeter_id(client)
- assert req.status_code == 500
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "400: Object Unknown"
def get_actions(client):
@@ -162,11 +200,17 @@ def get_actions(client):
def add_actions(client, name):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policyId = builder.create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex,
+ model_name="model1" + uuid4().hex)
data = {
- "name": name,
+ "name": name + uuid4().hex,
"description": "description of {}".format(name),
}
- req = client.post("/actions", data=json.dumps(data),
+ req = client.post("/policies/{}/actions".format(policyId), data=json.dumps(data),
headers={'Content-Type': 'application/json'})
actions = utilities.get_json(req.data)
return req, actions
@@ -174,11 +218,10 @@ def add_actions(client, name):
def delete_actions(client):
actions = get_actions(client)
- for key, value in actions[1]['actions'].items():
- if value['name'] == "testuser":
- req = client.delete("/actions/{}".format(key))
- break
- return req
+ value = actions[1]['actions']
+ id = list(value.keys())[0]
+ policy_id = builder.get_policy_id_with_action_assignment()
+ return client.delete("/policies/{}/actions/{}".format(policy_id, id))
def delete_actions_without_perimeter_id(client):
@@ -197,24 +240,34 @@ def test_perimeter_get_actions():
def test_perimeter_add_actions():
client = utilities.register_client()
req, actions = add_actions(client, "testuser")
- assert req.status_code == 200
value = list(actions["actions"].values())[0]
+ assert req.status_code == 200
assert "actions" in actions
- assert value['name'] == "testuser"
+ assert value['name'] is not None
def test_perimeter_add_actions_without_name():
client = utilities.register_client()
- req, actions = add_actions(client, "")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "Empty String"
+ data = {
+ "name": "",
+ "description": "description of {}".format(""),
+ }
+ req = client.post("/policies/{}/actions".format("111"), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
def test_perimeter_add_actions_with_name_contain_spaces():
client = utilities.register_client()
- req, actions = add_actions(client, "test user")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "String contains space"
+ data = {
+ "name": "test user",
+ "description": "description of {}".format("test user"),
+ }
+ req = client.post("/policies/{}/actions".format("111"), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
def test_perimeter_delete_actions():
@@ -226,5 +279,5 @@ def test_perimeter_delete_actions():
def test_perimeter_delete_actions_without_perimeter_id():
client = utilities.register_client()
req = delete_actions_without_perimeter_id(client)
- assert req.status_code == 500
-
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "400: Action Unknown"
diff --git a/moon_manager/tests/unit_python/api/test_policies.py b/moon_manager/tests/unit_python/api/test_policies.py
index 40be35e6..cd50f4c7 100644
--- a/moon_manager/tests/unit_python/api/test_policies.py
+++ b/moon_manager/tests/unit_python/api/test_policies.py
@@ -4,8 +4,9 @@
# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
import json
-import api.utilities as utilities
from uuid import uuid4
+import api.utilities as utilities
+from helpers import model_helper
def get_policies(client):
@@ -15,10 +16,12 @@ def get_policies(client):
def add_policies(client, name):
+ req = model_helper.add_model(model_id="mls_model_id"+uuid4().hex)
+ model_id = list(req.keys())[0]
data = {
"name": name,
"description": "description of {}".format(name),
- "model_id": "modelId",
+ "model_id": model_id,
"genre": "genre"
}
req = client.post("/policies", data=json.dumps(data),
@@ -30,9 +33,8 @@ def add_policies(client, name):
def delete_policies(client, name):
request, policies = get_policies(client)
for key, value in policies['policies'].items():
- if value['name'] == name:
- req = client.delete("/policies/{}".format(key))
- break
+ req = client.delete("/policies/{}".format(key))
+ break
return req
@@ -50,8 +52,8 @@ def test_get_policies():
def test_add_policies():
- client = utilities.register_client()
policy_name = "testuser" + uuid4().hex
+ client = utilities.register_client()
req, policies = add_policies(client, policy_name)
assert req.status_code == 200
assert isinstance(policies, dict)
@@ -59,8 +61,6 @@ def test_add_policies():
assert "policies" in policies
assert value['name'] == policy_name
assert value["description"] == "description of {}".format(policy_name)
- assert value["model_id"] == "modelId"
- assert value["genre"] == "genre"
def test_delete_policies():
@@ -72,5 +72,6 @@ def test_delete_policies():
def test_delete_policies_without_id():
client = utilities.register_client()
req = delete_policies_without_id(client)
- assert req.status_code == 500
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == '400: Policy Unknown'
diff --git a/moon_manager/tests/unit_python/api/test_rules.py b/moon_manager/tests/unit_python/api/test_rules.py
index d12b7186..af1501e4 100644
--- a/moon_manager/tests/unit_python/api/test_rules.py
+++ b/moon_manager/tests/unit_python/api/test_rules.py
@@ -1,5 +1,8 @@
import api.utilities as utilities
import json
+from helpers import data_builder as builder
+from uuid import uuid4
+from helpers import policy_helper
def get_rules(client, policy_id):
@@ -8,10 +11,16 @@ def get_rules(client, policy_id):
return req, rules
-def add_rules(client, policy_id):
+def add_rules(client):
+ sub_id, obj_id, act_id, meta_rule_id, policy_id = builder.create_new_policy("sub_cat" + uuid4().hex,
+ "obj_cat" + uuid4().hex,
+ "act_cat" + uuid4().hex)
+ sub_data_id = builder.create_subject_data(policy_id, sub_id)
+ obj_data_id = builder.create_object_data(policy_id, obj_id)
+ act_data_id = builder.create_action_data(policy_id, act_id)
data = {
- "meta_rule_id": "meta_rule_id1",
- "rule": ["subject_data_id2", "object_data_id2", "action_data_id2"],
+ "meta_rule_id": meta_rule_id,
+ "rule": [sub_data_id, obj_data_id, act_data_id],
"instructions": (
{"decision": "grant"},
),
@@ -23,6 +32,21 @@ def add_rules(client, policy_id):
return req, rules
+def add_rules_without_policy_id(client):
+ data = {
+ "meta_rule_id": "meta_rule_id",
+ "rule": ["sub_data_id", "obj_data_id", "act_data_id"],
+ "instructions": (
+ {"decision": "grant"},
+ ),
+ "enabled": True
+ }
+ req = client.post("/policies/{}/rules".format(None), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ rules = utilities.get_json(req.data)
+ return req, rules
+
+
def add_rules_without_meta_rule_id(client, policy_id):
data = {
"meta_rule_id": "",
@@ -68,48 +92,57 @@ def test_get_rules():
def test_add_rules():
- policy_id = utilities.get_policy_id()
client = utilities.register_client()
- req, rules = add_rules(client, policy_id)
+ req, rules = add_rules(client, )
assert req.status_code == 200
- assert isinstance(rules, dict)
- value = rules["rules"]
- assert "rules" in rules
- id = list(value.keys())[0]
- assert value[id]["meta_rule_id"] == "meta_rule_id1"
def test_add_rules_without_policy_id():
client = utilities.register_client()
- req, rules = add_rules(client, None)
- assert req.status_code == 500
+ req, rules = add_rules_without_policy_id(client)
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "400: Policy Unknown"
def test_add_rules_without_meta_rule_id():
policy_id = utilities.get_policy_id()
client = utilities.register_client()
req, rules = add_rules_without_meta_rule_id(client, policy_id)
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == 'Empty String'
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'meta_rule_id', [Empty String]"
def test_add_rules_without_rule():
policy_id = utilities.get_policy_id()
client = utilities.register_client()
req, rules = add_rules_without_rule(client, policy_id)
- assert req.status_code == 500
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == 'Invalid Key :rule not found'
-def test_delete_rules():
+def test_delete_rules_with_invalid_parameters():
client = utilities.register_client()
rules = delete_rules(client, "", "")
- assert rules.status_code == 500
+ assert rules.status_code == 404
def test_delete_rules_without_policy_id():
client = utilities.register_client()
- policy_id = utilities.get_policy_id()
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy()
+ sub_data_id = builder.create_subject_data(policy_id, subject_category_id)
+ obj_data_id = builder.create_object_data(policy_id, object_category_id)
+ act_data_id = builder.create_action_data(policy_id, action_category_id)
+ data = {
+ "meta_rule_id": meta_rule_id,
+ "rule": [sub_data_id, obj_data_id, act_data_id],
+ "instructions": (
+ {"decision": "grant"},
+ ),
+ "enabled": True
+ }
+ client.post("/policies/{}/rules".format(policy_id), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
req, added_rules = get_rules(client, policy_id)
- id = added_rules["rules"]['rules'][0]['id']
+ id = list(added_rules["rules"]["rules"])[0]["id"]
rules = delete_rules(client, None, id)
assert rules.status_code == 200
diff --git a/moon_manager/tests/unit_python/api/test_unit_models.py b/moon_manager/tests/unit_python/api/test_unit_models.py
index 52cb2871..d754b976 100644
--- a/moon_manager/tests/unit_python/api/test_unit_models.py
+++ b/moon_manager/tests/unit_python/api/test_unit_models.py
@@ -5,6 +5,8 @@
import json
import api.utilities as utilities
+from helpers import data_builder as builder
+from uuid import uuid4
def get_models(client):
@@ -14,10 +16,14 @@ def get_models(client):
def add_models(client, name):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id = builder.create_new_meta_rule(
+ subject_category_name="subject_category"+uuid4().hex,
+ object_category_name="object_category"+uuid4().hex, action_category_name="action_category"+uuid4().hex,
+ meta_rule_name="meta_rule" + uuid4().hex)
data = {
"name": name,
"description": "description of {}".format(name),
- "meta_rules": ["meta_rule_id1", "meta_rule_id2"]
+ "meta_rules": [meta_rule_id]
}
req = client.post("/models", data=json.dumps(data),
headers={'Content-Type': 'application/json'})
@@ -26,13 +32,18 @@ def add_models(client, name):
def update_model(client, name, model_id):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id = builder.create_new_meta_rule(
+ subject_category_name="subject_category" + uuid4().hex,
+ object_category_name="object_category" + uuid4().hex, action_category_name="action_category" + uuid4().hex,
+ meta_rule_name="meta_rule" + uuid4().hex)
+
data = {
"name": name,
"description": "description of {}".format(name),
- "meta_rules": ["meta_rule_id1_update", "meta_rule_id2_update"]
+ "meta_rules": [meta_rule_id]
}
req = client.patch("/models/{}".format(model_id), data=json.dumps(data),
- headers={'Content-Type': 'application/json'})
+ headers={'Content-Type': 'application/json'})
models = utilities.get_json(req.data)
return req, models
@@ -56,7 +67,7 @@ def update_model_without_meta_rules_ids(client, name):
"meta_rules": []
}
req = client.patch("/models", data=json.dumps(data),
- headers={'Content-Type': 'application/json'})
+ headers={'Content-Type': 'application/json'})
models = utilities.get_json(req.data)
return req, models
@@ -77,7 +88,7 @@ def delete_models_without_id(client):
def clean_models():
client = utilities.register_client()
- req, models= get_models(client)
+ req, models = get_models(client)
for key, value in models['models'].items():
print(key)
print(value)
@@ -86,7 +97,7 @@ def clean_models():
def test_get_models():
client = utilities.register_client()
- req, models= get_models(client)
+ req, models = get_models(client)
assert req.status_code == 200
assert isinstance(models, dict)
assert "models" in models
@@ -98,11 +109,10 @@ def test_add_models():
req, models = add_models(client, "testuser")
assert req.status_code == 200
assert isinstance(models, dict)
- value = list(models["models"].values())[0]
+ model_id = list(models["models"])[0]
assert "models" in models
- assert value['name'] == "testuser"
- assert value["description"] == "description of {}".format("testuser")
- assert value["meta_rules"][0] == "meta_rule_id1"
+ assert models['models'][model_id]['name'] == "testuser"
+ assert models['models'][model_id]["description"] == "description of {}".format("testuser")
def test_delete_models():
@@ -114,31 +124,32 @@ def test_delete_models():
def test_delete_models_without_id():
client = utilities.register_client()
req = delete_models_without_id(client)
- assert req.status_code == 500
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "400: Model Unknown"
def test_add_model_with_empty_user():
clean_models()
client = utilities.register_client()
req, models = add_models(client, "")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "Empty String"
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [Empty String]"
def test_add_model_with_user_contain_space():
clean_models()
client = utilities.register_client()
req, models = add_models(client, "test user")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == "String contains space"
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'name', [String contains space]"
def test_add_model_without_meta_rules():
clean_models()
client = utilities.register_client()
req, meta_rules = add_model_without_meta_rules_ids(client, "testuser")
- assert req.status_code == 500
- assert json.loads(req.data)["message"] == 'Empty Container'
+ assert req.status_code == 400
+ assert json.loads(req.data)["message"] == "Key: 'meta_rules', [Empty Container]"
def test_update_model():
@@ -148,8 +159,8 @@ def test_update_model():
model_id = list(req[1]['models'])[0]
req_update = update_model(client, "testuser", model_id)
assert req_update[0].status_code == 200
- value = list(req_update[1]["models"].values())[0]
- assert value["meta_rules"][0] == "meta_rule_id1_update"
+ model_id = list(req_update[1]["models"])[0]
+ assert req_update[1]["models"][model_id]["meta_rules"][0] is not None
delete_models(client, "testuser")
@@ -157,19 +168,19 @@ def test_update_meta_rules_without_id():
clean_models()
client = utilities.register_client()
req_update = update_model(client, "testuser", "")
- assert req_update[0].status_code == 500
+ assert req_update[0].status_code == 400
+ assert json.loads(req_update[0].data)["message"] == "400: Model Unknown"
def test_update_meta_rules_without_user():
client = utilities.register_client()
req_update = update_model(client, "", "")
- assert req_update[0].status_code == 500
- assert json.loads(req_update[0].data)["message"] == "Empty String"
+ assert req_update[0].status_code == 400
+ assert json.loads(req_update[0].data)["message"] == "Key: 'name', [Empty String]"
def test_update_meta_rules_without_meta_rules():
client = utilities.register_client()
req_update = update_model_without_meta_rules_ids(client, "testuser")
- assert req_update[0].status_code == 500
- assert json.loads(req_update[0].data)["message"] == "Empty Container"
-
+ assert req_update[0].status_code == 400
+ assert json.loads(req_update[0].data)["message"] == "Key: 'meta_rules', [Empty Container]"
diff --git a/moon_manager/tests/unit_python/api/utilities.py b/moon_manager/tests/unit_python/api/utilities.py
index ce897619..2e51fec8 100644
--- a/moon_manager/tests/unit_python/api/utilities.py
+++ b/moon_manager/tests/unit_python/api/utilities.py
@@ -1,5 +1,5 @@
import json
-
+from uuid import uuid4
def get_json(data):
return json.loads(data.decode("utf-8"))
@@ -13,16 +13,14 @@ def register_client():
def get_policy_id():
- import api.test_policies as policies
- client = register_client()
- policy_id = ''
- req, policy = policies.get_policies(client)
- for id in policy['policies']:
- if id:
- policy_id = id
- break
- print("policy id {}".format(policy_id))
- if not policy_id:
- policies.add_policies(client, "testuser")
- policy_id = get_policy_id()
+ from helpers import policy_helper
+ value = {
+ "name": "test_policy"+uuid4().hex,
+ "model_id": "",
+ "genre": "authz",
+ "description": "test",
+ }
+ policy_helper.add_policies(value=value)
+ req = policy_helper.get_policies()
+ policy_id = list(req.keys())[0]
return policy_id
diff --git a/moon_manager/tests/unit_python/conftest.py b/moon_manager/tests/unit_python/conftest.py
index 902a41a2..d9899231 100644
--- a/moon_manager/tests/unit_python/conftest.py
+++ b/moon_manager/tests/unit_python/conftest.py
@@ -187,12 +187,14 @@ def no_requests(monkeypatch):
'DELETE', 'http://keystone:5000/v3/auth/tokens',
headers={'X-Subject-Token': "111111111"}
)
+
+ def match_request_text(request):
+ # request.url may be None, or '' prevents a TypeError.
+ return 'http://keystone:5000/v3/users?name=testuser' in request.url
+
m.register_uri(
- 'POST', 'http://keystone:5000/v3/users?name=testuser&domain_id=default',
- json={"users": {}}
- )
- m.register_uri(
- 'GET', 'http://keystone:5000/v3/users?name=testuser&domain_id=default',
+ requests_mock.ANY, '/v3/users',
+ additional_matcher=match_request_text,
json={"users": {}}
)
m.register_uri(
diff --git a/moon_manager/tests/unit_python/helpers/__init__.py b/moon_manager/tests/unit_python/helpers/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/moon_manager/tests/unit_python/helpers/__init__.py
diff --git a/moon_manager/tests/unit_python/helpers/assignment_helper.py b/moon_manager/tests/unit_python/helpers/assignment_helper.py
new file mode 100644
index 00000000..22a56e38
--- /dev/null
+++ b/moon_manager/tests/unit_python/helpers/assignment_helper.py
@@ -0,0 +1,49 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+def get_action_assignments(policy_id, action_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_action_assignments("", policy_id, action_id, category_id)
+
+
+def add_action_assignment(policy_id, action_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_action_assignment("", policy_id, action_id, category_id, data_id)
+
+
+def delete_action_assignment(policy_id, action_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_action_assignment("", policy_id, action_id, category_id, data_id)
+
+
+def get_object_assignments(policy_id, object_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_object_assignments("", policy_id, object_id, category_id)
+
+
+def add_object_assignment(policy_id, object_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_object_assignment("", policy_id, object_id, category_id, data_id)
+
+
+def delete_object_assignment(policy_id, object_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_object_assignment("", policy_id, object_id, category_id, data_id)
+
+
+def get_subject_assignments(policy_id, subject_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_subject_assignments("", policy_id, subject_id, category_id)
+
+
+def add_subject_assignment(policy_id, subject_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_subject_assignment("", policy_id, subject_id, category_id, data_id)
+
+
+def delete_subject_assignment(policy_id, subject_id, category_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_subject_assignment("", policy_id, subject_id, category_id, data_id)
+
diff --git a/moon_manager/tests/unit_python/helpers/category_helper.py b/moon_manager/tests/unit_python/helpers/category_helper.py
new file mode 100644
index 00000000..6c419ca8
--- /dev/null
+++ b/moon_manager/tests/unit_python/helpers/category_helper.py
@@ -0,0 +1,40 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+
+def add_subject_category(cat_id=None, value=None):
+ from python_moondb.core import ModelManager
+ category = ModelManager.add_subject_category(user_id=None, category_id=cat_id, value=value)
+ return category
+
+
+def get_subject_category(cat_id=None):
+ from python_moondb.core import ModelManager
+ category = ModelManager.get_subject_categories(user_id=None, category_id=cat_id)
+ return category
+
+
+def add_object_category(cat_id=None, value=None):
+ from python_moondb.core import ModelManager
+ category = ModelManager.add_object_category(user_id=None, category_id=cat_id, value=value)
+ return category
+
+
+def get_object_category(cat_id=None):
+ from python_moondb.core import ModelManager
+ category = ModelManager.get_object_categories(user_id=None, category_id=cat_id)
+ return category
+
+
+def add_action_category(cat_id=None, value=None):
+ from python_moondb.core import ModelManager
+ category = ModelManager.add_action_category(user_id=None, category_id=cat_id, value=value)
+ return category
+
+
+def get_action_category(cat_id=None):
+ from python_moondb.core import ModelManager
+ category = ModelManager.get_action_categories(user_id=None, category_id=cat_id)
+ return category
diff --git a/moon_manager/tests/unit_python/helpers/data_builder.py b/moon_manager/tests/unit_python/helpers/data_builder.py
new file mode 100644
index 00000000..2a7c5979
--- /dev/null
+++ b/moon_manager/tests/unit_python/helpers/data_builder.py
@@ -0,0 +1,209 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+from .category_helper import *
+from .policy_helper import *
+from .data_helper import *
+from helpers import model_helper
+from .meta_rule_helper import *
+import api.utilities as utilities
+import json
+
+
+def create_subject_category(name):
+ subject_category = add_subject_category(
+ value={"name": name + uuid4().hex, "description": "description 1"})
+ return list(subject_category.keys())[0]
+
+
+def create_object_category(name):
+ object_category = add_object_category(
+ value={"name": name + uuid4().hex, "description": "description 1"})
+ return list(object_category.keys())[0]
+
+
+def create_action_category(name):
+ action_category = add_action_category(
+ value={"name": name + uuid4().hex, "description": "description 1"})
+ return list(action_category.keys())[0]
+
+
+def create_model(meta_rule_id, model_name="test_model"):
+ value = {
+ "name": model_name + uuid4().hex,
+ "description": "test",
+ "meta_rules": [meta_rule_id]
+
+ }
+ return value
+
+
+def create_policy(model_id, policy_name="policy_1"):
+ value = {
+ "name": policy_name,
+ "model_id": model_id,
+ "genre": "authz",
+ "description": "test",
+ }
+ return value
+
+
+def create_pdp(policies_ids):
+ value = {
+ "name": "test_pdp",
+ "security_pipeline": policies_ids,
+ "keystone_project_id": "keystone_project_id1",
+ "description": "...",
+ }
+ return value
+
+
+def create_new_policy(subject_category_name="subjectCategory", object_category_name="objectCategory",
+ action_category_name="actionCategory",
+ model_name="test_model" + uuid4().hex, policy_name="policy_1" + uuid4().hex,
+ meta_rule_name="meta_rule1" + uuid4().hex):
+ subject_category_id, object_category_id, action_category_id, meta_rule_id = create_new_meta_rule(
+ subject_category_name=subject_category_name + uuid4().hex,
+ object_category_name=object_category_name + uuid4().hex,
+ action_category_name=action_category_name + uuid4().hex, meta_rule_name=meta_rule_name + uuid4().hex)
+ model = model_helper.add_model(value=create_model(meta_rule_id, model_name))
+ model_id = list(model.keys())[0]
+ value = create_policy(model_id, policy_name)
+ policy = add_policies(value=value)
+ assert policy
+ policy_id = list(policy.keys())[0]
+ return subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id
+
+
+def create_new_meta_rule(subject_category_name="subjectCategory", object_category_name="objectCategory",
+ action_category_name="actionCategory",
+ meta_rule_name="meta_rule1" + uuid4().hex):
+ subject_category_id = create_subject_category(subject_category_name)
+ object_category_id = create_object_category(object_category_name)
+ action_category_id = create_action_category(action_category_name)
+ value = {"name": meta_rule_name,
+ "algorithm": "name of the meta rule algorithm",
+ "subject_categories": [subject_category_id],
+ "object_categories": [object_category_id],
+ "action_categories": [action_category_id]
+ }
+ meta_rule = add_meta_rule(value=value)
+ return subject_category_id, object_category_id, action_category_id, list(meta_rule.keys())[0]
+
+
+def create_subject(policy_id):
+ value = {
+ "name": "testuser" + uuid4().hex,
+ "description": "test",
+ }
+ subject = add_subject(policy_id=policy_id, value=value)
+ return list(subject.keys())[0]
+
+
+def create_object(policy_id):
+ value = {
+ "name": "testobject" + uuid4().hex,
+ "description": "test",
+ }
+ object = add_object(policy_id=policy_id, value=value)
+ return list(object.keys())[0]
+
+
+def create_action(policy_id):
+ value = {
+ "name": "testaction" + uuid4().hex,
+ "description": "test",
+ }
+ action = add_action(policy_id=policy_id, value=value)
+ return list(action.keys())[0]
+
+
+def create_subject_data(policy_id, category_id):
+ value = {
+ "name": "subject-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ subject_data = add_subject_data(policy_id=policy_id, category_id=category_id, value=value).get('data')
+ assert subject_data
+ return list(subject_data.keys())[0]
+
+
+def create_object_data(policy_id, category_id):
+ value = {
+ "name": "object-security-level",
+ "description": {"low": "", "medium": "", "high": ""},
+ }
+ object_data = add_object_data(policy_id=policy_id, category_id=category_id, value=value).get('data')
+ return list(object_data.keys())[0]
+
+
+def create_action_data(policy_id, category_id):
+ value = {
+ "name": "action-type",
+ "description": {"vm-action": "", "storage-action": "", },
+ }
+ action_data = add_action_data(policy_id=policy_id, category_id=category_id, value=value).get('data')
+ return list(action_data.keys())[0]
+
+
+def get_policy_id_with_subject_assignment():
+ client = utilities.register_client()
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex)
+ subject_id = create_subject(policy_id)
+ data_id = create_subject_data(policy_id=policy_id, category_id=subject_category_id)
+
+ data = {
+ "id": subject_id,
+ "category_id": subject_category_id,
+ "data_id": data_id
+ }
+ client.post("/policies/{}/subject_assignments".format(policy_id), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ return policy_id
+
+
+def get_policy_id_with_object_assignment():
+ client = utilities.register_client()
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex)
+ object_id = create_object(policy_id)
+ data_id = create_object_data(policy_id=policy_id, category_id=object_category_id)
+
+ data = {
+ "id": object_id,
+ "category_id": object_category_id,
+ "data_id": data_id
+ }
+
+ client.post("/policies/{}/object_assignments".format(policy_id), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ return policy_id
+
+
+def get_policy_id_with_action_assignment():
+ client = utilities.register_client()
+ subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = create_new_policy(
+ subject_category_name="subject_category1" + uuid4().hex,
+ object_category_name="object_category1" + uuid4().hex,
+ action_category_name="action_category1" + uuid4().hex,
+ meta_rule_name="meta_rule_1" + uuid4().hex)
+ action_id = create_action(policy_id)
+ data_id = create_action_data(policy_id=policy_id, category_id=action_category_id)
+
+ data = {
+ "id": action_id,
+ "category_id": action_category_id,
+ "data_id": data_id
+ }
+ client.post("/policies/{}/action_assignments".format(policy_id), data=json.dumps(data),
+ headers={'Content-Type': 'application/json'})
+ return policy_id
diff --git a/moon_manager/tests/unit_python/helpers/data_helper.py b/moon_manager/tests/unit_python/helpers/data_helper.py
new file mode 100644
index 00000000..da6b9376
--- /dev/null
+++ b/moon_manager/tests/unit_python/helpers/data_helper.py
@@ -0,0 +1,99 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+
+def get_action_data(policy_id, data_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_action_data("", policy_id, data_id, category_id)
+
+
+def add_action_data(policy_id, data_id=None, category_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_action_data("", policy_id, data_id, category_id, value)
+
+
+def delete_action_data(policy_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_action_data("", policy_id, data_id)
+
+
+def get_object_data(policy_id, data_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_object_data("", policy_id, data_id, category_id)
+
+
+def add_object_data(policy_id, data_id=None, category_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_object_data("", policy_id, data_id, category_id, value)
+
+
+def delete_object_data(policy_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_object_data("", policy_id, data_id)
+
+
+def get_subject_data(policy_id, data_id=None, category_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_subject_data("", policy_id, data_id, category_id)
+
+
+def add_subject_data(policy_id, data_id=None, category_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.set_subject_data("", policy_id, data_id, category_id, value)
+
+
+def delete_subject_data(policy_id, data_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_subject_data("", policy_id, data_id)
+
+
+def get_actions(policy_id, perimeter_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_actions("", policy_id, perimeter_id)
+
+
+def add_action(policy_id, perimeter_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_action("", policy_id, perimeter_id, value)
+
+
+def delete_action(policy_id, perimeter_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_action("", policy_id, perimeter_id)
+
+
+def get_objects(policy_id, perimeter_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_objects("", policy_id, perimeter_id)
+
+
+def add_object(policy_id, perimeter_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_object("", policy_id, perimeter_id, value)
+
+
+def delete_object(policy_id, perimeter_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_object("", policy_id, perimeter_id)
+
+
+def get_subjects(policy_id, perimeter_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_subjects("", policy_id, perimeter_id)
+
+
+def add_subject(policy_id, perimeter_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.add_subject("", policy_id, perimeter_id, value)
+
+
+def delete_subject(policy_id, perimeter_id):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_subject("", policy_id, perimeter_id)
+
+
+def get_available_metadata(policy_id):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_available_metadata("", policy_id)
diff --git a/moon_manager/tests/unit_python/helpers/meta_rule_helper.py b/moon_manager/tests/unit_python/helpers/meta_rule_helper.py
new file mode 100644
index 00000000..e882706b
--- /dev/null
+++ b/moon_manager/tests/unit_python/helpers/meta_rule_helper.py
@@ -0,0 +1,49 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+from helpers import data_builder as builder
+from uuid import uuid4
+
+
+def set_meta_rule(meta_rule_id, value=None):
+ from python_moondb.core import ModelManager
+ if not value:
+ action_category_id = builder.create_action_category("action_category_id1"+uuid4().hex)
+ subject_category_id = builder.create_subject_category("subject_category_id1"+uuid4().hex)
+ object_category_id = builder.create_object_category("object_category_id1"+uuid4().hex)
+ value = {
+ "name": "MLS_meta_rule",
+ "description": "test",
+ "subject_categories": [subject_category_id],
+ "object_categories": [object_category_id],
+ "action_categories": [action_category_id]
+ }
+ return ModelManager.set_meta_rule(user_id=None, meta_rule_id=meta_rule_id, value=value)
+
+
+def add_meta_rule(meta_rule_id=None, value=None):
+ from python_moondb.core import ModelManager
+ if not value:
+ action_category_id = builder.create_action_category("action_category_id1"+uuid4().hex)
+ subject_category_id = builder.create_subject_category("subject_category_id1"+uuid4().hex)
+ object_category_id = builder.create_object_category("object_category_id1"+uuid4().hex)
+ value = {
+ "name": "MLS_meta_rule"+uuid4().hex,
+ "description": "test",
+ "subject_categories": [subject_category_id],
+ "object_categories": [object_category_id],
+ "action_categories": [action_category_id]
+ }
+ return ModelManager.add_meta_rule(user_id=None, meta_rule_id=meta_rule_id, value=value)
+
+
+def get_meta_rules(meta_rule_id=None):
+ from python_moondb.core import ModelManager
+ return ModelManager.get_meta_rules(user_id=None, meta_rule_id=meta_rule_id)
+
+
+def delete_meta_rules(meta_rule_id=None):
+ from python_moondb.core import ModelManager
+ ModelManager.delete_meta_rule(user_id=None, meta_rule_id=meta_rule_id)
diff --git a/moon_manager/tests/unit_python/helpers/model_helper.py b/moon_manager/tests/unit_python/helpers/model_helper.py
new file mode 100644
index 00000000..d2ffb85b
--- /dev/null
+++ b/moon_manager/tests/unit_python/helpers/model_helper.py
@@ -0,0 +1,51 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+from helpers import data_builder as builder
+from uuid import uuid4
+
+
+def get_models(model_id=None):
+ from python_moondb.core import ModelManager
+ return ModelManager.get_models(user_id=None, model_id=model_id)
+
+
+def add_model(model_id=None, value=None):
+ from python_moondb.core import ModelManager
+ if not value:
+ subject_category_id, object_category_id, action_category_id, meta_rule_id = builder.create_new_meta_rule(
+ subject_category_name="subject_category1"+uuid4().hex,
+ object_category_name="object_category1"+uuid4().hex,
+ action_category_name="action_category1"+uuid4().hex)
+ name = "MLS" if model_id is None else "MLS " + model_id
+ value = {
+ "name": name,
+ "description": "test",
+ "meta_rules": [meta_rule_id]
+ }
+ return ModelManager.add_model(user_id=None, model_id=model_id, value=value)
+
+
+def delete_models(uuid=None, name=None):
+ from python_moondb.core import ModelManager
+ if not uuid:
+ for model_id, model_value in get_models():
+ if name == model_value['name']:
+ uuid = model_id
+ break
+ ModelManager.delete_model(user_id=None, model_id=uuid)
+
+
+def delete_all_models():
+ from python_moondb.core import ModelManager
+ models_values = get_models()
+ print(models_values)
+ for model_id, model_value in models_values.items():
+ ModelManager.delete_model(user_id=None, model_id=model_id)
+
+
+def update_model(model_id=None, value=None):
+ from python_moondb.core import ModelManager
+ return ModelManager.update_model(user_id=None, model_id=model_id, value=value)
diff --git a/moon_manager/tests/unit_python/helpers/pdp_helper.py b/moon_manager/tests/unit_python/helpers/pdp_helper.py
new file mode 100644
index 00000000..3d169b06
--- /dev/null
+++ b/moon_manager/tests/unit_python/helpers/pdp_helper.py
@@ -0,0 +1,23 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+def update_pdp(pdp_id, value):
+ from python_moondb.core import PDPManager
+ return PDPManager.update_pdp("", pdp_id, value)
+
+
+def delete_pdp(pdp_id):
+ from python_moondb.core import PDPManager
+ PDPManager.delete_pdp("", pdp_id)
+
+
+def add_pdp(pdp_id=None, value=None):
+ from python_moondb.core import PDPManager
+ return PDPManager.add_pdp("", pdp_id, value)
+
+
+def get_pdp(pdp_id=None):
+ from python_moondb.core import PDPManager
+ return PDPManager.get_pdp("", pdp_id)
diff --git a/moon_manager/tests/unit_python/helpers/policy_helper.py b/moon_manager/tests/unit_python/helpers/policy_helper.py
new file mode 100644
index 00000000..c932ee3a
--- /dev/null
+++ b/moon_manager/tests/unit_python/helpers/policy_helper.py
@@ -0,0 +1,61 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+def get_policies():
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_policies("admin")
+
+
+def add_policies(policy_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ if not value:
+ value = {
+ "name": "test_policy",
+ "model_id": "",
+ "genre": "authz",
+ "description": "test",
+ }
+ return PolicyManager.add_policy("admin", policy_id=policy_id, value=value)
+
+
+def delete_policies(uuid=None, name=None):
+ from python_moondb.core import PolicyManager
+ if not uuid:
+ for policy_id, policy_value in get_policies():
+ if name == policy_value['name']:
+ uuid = policy_id
+ break
+ PolicyManager.delete_policy("admin", uuid)
+
+
+def update_policy(policy_id, value):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.update_policy("admin", policy_id, value)
+
+
+def get_policy_from_meta_rules(meta_rule_id):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_policy_from_meta_rules("admin", meta_rule_id)
+
+
+def get_rules(policy_id=None, meta_rule_id=None, rule_id=None):
+ from python_moondb.core import PolicyManager
+ return PolicyManager.get_rules("", policy_id, meta_rule_id, rule_id)
+
+
+def add_rule(policy_id=None, meta_rule_id=None, value=None):
+ from python_moondb.core import PolicyManager
+ if not value:
+ value = {
+ "rule": ("high", "medium", "vm-action"),
+ "instructions": ({"decision": "grant"}),
+ "enabled": "",
+ }
+ return PolicyManager.add_rule("", policy_id, meta_rule_id, value)
+
+
+def delete_rule(policy_id=None, rule_id=None):
+ from python_moondb.core import PolicyManager
+ PolicyManager.delete_rule("", policy_id, rule_id)
diff --git a/moon_manager/tests/unit_python/requirements.txt b/moon_manager/tests/unit_python/requirements.txt
index 21975ce3..6c6e5bb8 100644
--- a/moon_manager/tests/unit_python/requirements.txt
+++ b/moon_manager/tests/unit_python/requirements.txt
@@ -2,4 +2,4 @@ flask
flask_cors
flask_restful
python_moondb
-python_moonutilities \ No newline at end of file
+python_moonutilities