diff options
Diffstat (limited to 'moonv4/moon_interface/tests')
| -rw-r--r-- | moonv4/moon_interface/tests/apitests/scenario/mls.py | 1 | ||||
| -rw-r--r-- | moonv4/moon_interface/tests/apitests/scenario/rbac.py | 7 | ||||
| -rw-r--r-- | moonv4/moon_interface/tests/apitests/set_authz.py | 9 |
3 files changed, 13 insertions, 4 deletions
diff --git a/moonv4/moon_interface/tests/apitests/scenario/mls.py b/moonv4/moon_interface/tests/apitests/scenario/mls.py index fab1d528..e36a86bc 100644 --- a/moonv4/moon_interface/tests/apitests/scenario/mls.py +++ b/moonv4/moon_interface/tests/apitests/scenario/mls.py @@ -39,6 +39,7 @@ meta_rule = { rules = { "mls": ( ("high", "medium", "vm-action"), + ("high", "low", "vm-action"), ("medium", "low", "vm-action"), ) } diff --git a/moonv4/moon_interface/tests/apitests/scenario/rbac.py b/moonv4/moon_interface/tests/apitests/scenario/rbac.py index 073f1d65..cd08308e 100644 --- a/moonv4/moon_interface/tests/apitests/scenario/rbac.py +++ b/moonv4/moon_interface/tests/apitests/scenario/rbac.py @@ -4,7 +4,7 @@ policy_name = "RBAC policy example" model_name = "RBAC" subjects = {"user0": "", "user1": "", } -objects = {"vm0": "", } +objects = {"vm0": "", "vm1": "", } actions = {"start": "", "stop": ""} subject_categories = {"role": "", } @@ -12,11 +12,11 @@ object_categories = {"id": "", } action_categories = {"action-type": "", } subject_data = {"role": {"admin": "", "employee": ""}} -object_data = {"id": {"vm1": "", "vm2": ""}} +object_data = {"id": {"vm0": "", "vm1": ""}} action_data = {"action-type": {"vm-action": "", }} subject_assignments = {"user0": {"role": "admin"}, "user1": {"role": "employee"}, } -object_assignments = {"vm0": {"id": "vm1"}} +object_assignments = {"vm0": {"id": "vm0"}, "vm1": {"id": "vm1"}} action_assignments = {"start": {"action-type": "vm-action"}, "stop": {"action-type": "vm-action"}} meta_rule = { @@ -25,6 +25,7 @@ meta_rule = { rules = { "rbac": ( + ("admin", "vm0", "vm-action"), ("admin", "vm1", "vm-action"), ) } diff --git a/moonv4/moon_interface/tests/apitests/set_authz.py b/moonv4/moon_interface/tests/apitests/set_authz.py index 7d0d5069..38b63509 100644 --- a/moonv4/moon_interface/tests/apitests/set_authz.py +++ b/moonv4/moon_interface/tests/apitests/set_authz.py @@ -40,4 +40,11 @@ if not keystone_project_id: for rule in rules: url = "http://172.18.0.11:38001/authz/{}/{}".format(keystone_project_id, "/".join(rule)) req = requests.get(url) - print(url, req.status_code) + print("\033[1m{}\033[m {}".format(url, req.status_code)) + j = req.json() + # print(j) + if j.get("authz"): + print("\t\033[32m{}\033[m {}".format(j.get("authz"), j.get("error", ""))) + else: + print("\t\033[31m{}\033[m {}".format(j.get("authz"), j.get("error", ""))) + |