aboutsummaryrefslogtreecommitdiffstats
path: root/moonv4/moon_interface
diff options
context:
space:
mode:
Diffstat (limited to 'moonv4/moon_interface')
-rw-r--r--moonv4/moon_interface/moon_interface/tools.py1
-rw-r--r--moonv4/moon_interface/tests/apitests/scenario/mls.py1
-rw-r--r--moonv4/moon_interface/tests/apitests/scenario/rbac.py7
-rw-r--r--moonv4/moon_interface/tests/apitests/set_authz.py9
4 files changed, 13 insertions, 5 deletions
diff --git a/moonv4/moon_interface/moon_interface/tools.py b/moonv4/moon_interface/moon_interface/tools.py
index 3c0fffa5..443519ac 100644
--- a/moonv4/moon_interface/moon_interface/tools.py
+++ b/moonv4/moon_interface/moon_interface/tools.py
@@ -29,7 +29,6 @@ def timeit(function):
return wrapper
-@timeit
def call(topic="security_router", ctx=None, method="route", **kwargs):
if not ctx:
ctx = dict()
diff --git a/moonv4/moon_interface/tests/apitests/scenario/mls.py b/moonv4/moon_interface/tests/apitests/scenario/mls.py
index fab1d528..e36a86bc 100644
--- a/moonv4/moon_interface/tests/apitests/scenario/mls.py
+++ b/moonv4/moon_interface/tests/apitests/scenario/mls.py
@@ -39,6 +39,7 @@ meta_rule = {
rules = {
"mls": (
("high", "medium", "vm-action"),
+ ("high", "low", "vm-action"),
("medium", "low", "vm-action"),
)
}
diff --git a/moonv4/moon_interface/tests/apitests/scenario/rbac.py b/moonv4/moon_interface/tests/apitests/scenario/rbac.py
index 073f1d65..cd08308e 100644
--- a/moonv4/moon_interface/tests/apitests/scenario/rbac.py
+++ b/moonv4/moon_interface/tests/apitests/scenario/rbac.py
@@ -4,7 +4,7 @@ policy_name = "RBAC policy example"
model_name = "RBAC"
subjects = {"user0": "", "user1": "", }
-objects = {"vm0": "", }
+objects = {"vm0": "", "vm1": "", }
actions = {"start": "", "stop": ""}
subject_categories = {"role": "", }
@@ -12,11 +12,11 @@ object_categories = {"id": "", }
action_categories = {"action-type": "", }
subject_data = {"role": {"admin": "", "employee": ""}}
-object_data = {"id": {"vm1": "", "vm2": ""}}
+object_data = {"id": {"vm0": "", "vm1": ""}}
action_data = {"action-type": {"vm-action": "", }}
subject_assignments = {"user0": {"role": "admin"}, "user1": {"role": "employee"}, }
-object_assignments = {"vm0": {"id": "vm1"}}
+object_assignments = {"vm0": {"id": "vm0"}, "vm1": {"id": "vm1"}}
action_assignments = {"start": {"action-type": "vm-action"}, "stop": {"action-type": "vm-action"}}
meta_rule = {
@@ -25,6 +25,7 @@ meta_rule = {
rules = {
"rbac": (
+ ("admin", "vm0", "vm-action"),
("admin", "vm1", "vm-action"),
)
}
diff --git a/moonv4/moon_interface/tests/apitests/set_authz.py b/moonv4/moon_interface/tests/apitests/set_authz.py
index 7d0d5069..38b63509 100644
--- a/moonv4/moon_interface/tests/apitests/set_authz.py
+++ b/moonv4/moon_interface/tests/apitests/set_authz.py
@@ -40,4 +40,11 @@ if not keystone_project_id:
for rule in rules:
url = "http://172.18.0.11:38001/authz/{}/{}".format(keystone_project_id, "/".join(rule))
req = requests.get(url)
- print(url, req.status_code)
+ print("\033[1m{}\033[m {}".format(url, req.status_code))
+ j = req.json()
+ # print(j)
+ if j.get("authz"):
+ print("\t\033[32m{}\033[m {}".format(j.get("authz"), j.get("error", "")))
+ else:
+ print("\t\033[31m{}\033[m {}".format(j.get("authz"), j.get("error", "")))
+