aboutsummaryrefslogtreecommitdiffstats
path: root/moonv4/python_moonclient
diff options
context:
space:
mode:
Diffstat (limited to 'moonv4/python_moonclient')
-rw-r--r--moonv4/python_moonclient/Changelog12
-rw-r--r--moonv4/python_moonclient/LICENSE202
-rw-r--r--moonv4/python_moonclient/MANIFEST.in10
-rw-r--r--moonv4/python_moonclient/README.md33
-rw-r--r--moonv4/python_moonclient/python_moonclient/__init__.py6
-rw-r--r--moonv4/python_moonclient/python_moonclient/authz.py178
-rw-r--r--moonv4/python_moonclient/python_moonclient/config.py44
-rw-r--r--moonv4/python_moonclient/python_moonclient/models.py319
-rw-r--r--moonv4/python_moonclient/python_moonclient/parse.py83
-rw-r--r--moonv4/python_moonclient/python_moonclient/pdp.py211
-rw-r--r--moonv4/python_moonclient/python_moonclient/policies.py763
-rw-r--r--moonv4/python_moonclient/requirements.txt3
-rw-r--r--moonv4/python_moonclient/setup.py42
-rw-r--r--moonv4/python_moonclient/tests/unit_python/conftest.py12
-rw-r--r--moonv4/python_moonclient/tests/unit_python/mock_config.py35
-rw-r--r--moonv4/python_moonclient/tests/unit_python/requirements.txt2
-rw-r--r--moonv4/python_moonclient/tests/unit_python/test_config.py8
-rw-r--r--moonv4/python_moonclient/tests/unit_python/test_models.py37
-rw-r--r--moonv4/python_moonclient/tests/unit_python/test_pdp.py16
-rw-r--r--moonv4/python_moonclient/tests/unit_python/test_policies.py157
-rw-r--r--moonv4/python_moonclient/tests/unit_python/utilities.py153
21 files changed, 0 insertions, 2326 deletions
diff --git a/moonv4/python_moonclient/Changelog b/moonv4/python_moonclient/Changelog
deleted file mode 100644
index 854200cb..00000000
--- a/moonv4/python_moonclient/Changelog
+++ /dev/null
@@ -1,12 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-
-CHANGES
-=======
-
-0.1.0
------
-- First version of the python-moonclient \ No newline at end of file
diff --git a/moonv4/python_moonclient/LICENSE b/moonv4/python_moonclient/LICENSE
deleted file mode 100644
index d6456956..00000000
--- a/moonv4/python_moonclient/LICENSE
+++ /dev/null
@@ -1,202 +0,0 @@
-
- Apache License
- Version 2.0, January 2004
- http://www.apache.org/licenses/
-
- TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
- 1. Definitions.
-
- "License" shall mean the terms and conditions for use, reproduction,
- and distribution as defined by Sections 1 through 9 of this document.
-
- "Licensor" shall mean the copyright owner or entity authorized by
- the copyright owner that is granting the License.
-
- "Legal Entity" shall mean the union of the acting entity and all
- other entities that control, are controlled by, or are under common
- control with that entity. For the purposes of this definition,
- "control" means (i) the power, direct or indirect, to cause the
- direction or management of such entity, whether by contract or
- otherwise, or (ii) ownership of fifty percent (50%) or more of the
- outstanding shares, or (iii) beneficial ownership of such entity.
-
- "You" (or "Your") shall mean an individual or Legal Entity
- exercising permissions granted by this License.
-
- "Source" form shall mean the preferred form for making modifications,
- including but not limited to software source code, documentation
- source, and configuration files.
-
- "Object" form shall mean any form resulting from mechanical
- transformation or translation of a Source form, including but
- not limited to compiled object code, generated documentation,
- and conversions to other media types.
-
- "Work" shall mean the work of authorship, whether in Source or
- Object form, made available under the License, as indicated by a
- copyright notice that is included in or attached to the work
- (an example is provided in the Appendix below).
-
- "Derivative Works" shall mean any work, whether in Source or Object
- form, that is based on (or derived from) the Work and for which the
- editorial revisions, annotations, elaborations, or other modifications
- represent, as a whole, an original work of authorship. For the purposes
- of this License, Derivative Works shall not include works that remain
- separable from, or merely link (or bind by name) to the interfaces of,
- the Work and Derivative Works thereof.
-
- "Contribution" shall mean any work of authorship, including
- the original version of the Work and any modifications or additions
- to that Work or Derivative Works thereof, that is intentionally
- submitted to Licensor for inclusion in the Work by the copyright owner
- or by an individual or Legal Entity authorized to submit on behalf of
- the copyright owner. For the purposes of this definition, "submitted"
- means any form of electronic, verbal, or written communication sent
- to the Licensor or its representatives, including but not limited to
- communication on electronic mailing lists, source code control systems,
- and issue tracking systems that are managed by, or on behalf of, the
- Licensor for the purpose of discussing and improving the Work, but
- excluding communication that is conspicuously marked or otherwise
- designated in writing by the copyright owner as "Not a Contribution."
-
- "Contributor" shall mean Licensor and any individual or Legal Entity
- on behalf of whom a Contribution has been received by Licensor and
- subsequently incorporated within the Work.
-
- 2. Grant of Copyright License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- copyright license to reproduce, prepare Derivative Works of,
- publicly display, publicly perform, sublicense, and distribute the
- Work and such Derivative Works in Source or Object form.
-
- 3. Grant of Patent License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- (except as stated in this section) patent license to make, have made,
- use, offer to sell, sell, import, and otherwise transfer the Work,
- where such license applies only to those patent claims licensable
- by such Contributor that are necessarily infringed by their
- Contribution(s) alone or by combination of their Contribution(s)
- with the Work to which such Contribution(s) was submitted. If You
- institute patent litigation against any entity (including a
- cross-claim or counterclaim in a lawsuit) alleging that the Work
- or a Contribution incorporated within the Work constitutes direct
- or contributory patent infringement, then any patent licenses
- granted to You under this License for that Work shall terminate
- as of the date such litigation is filed.
-
- 4. Redistribution. You may reproduce and distribute copies of the
- Work or Derivative Works thereof in any medium, with or without
- modifications, and in Source or Object form, provided that You
- meet the following conditions:
-
- (a) You must give any other recipients of the Work or
- Derivative Works a copy of this License; and
-
- (b) You must cause any modified files to carry prominent notices
- stating that You changed the files; and
-
- (c) You must retain, in the Source form of any Derivative Works
- that You distribute, all copyright, patent, trademark, and
- attribution notices from the Source form of the Work,
- excluding those notices that do not pertain to any part of
- the Derivative Works; and
-
- (d) If the Work includes a "NOTICE" text file as part of its
- distribution, then any Derivative Works that You distribute must
- include a readable copy of the attribution notices contained
- within such NOTICE file, excluding those notices that do not
- pertain to any part of the Derivative Works, in at least one
- of the following places: within a NOTICE text file distributed
- as part of the Derivative Works; within the Source form or
- documentation, if provided along with the Derivative Works; or,
- within a display generated by the Derivative Works, if and
- wherever such third-party notices normally appear. The contents
- of the NOTICE file are for informational purposes only and
- do not modify the License. You may add Your own attribution
- notices within Derivative Works that You distribute, alongside
- or as an addendum to the NOTICE text from the Work, provided
- that such additional attribution notices cannot be construed
- as modifying the License.
-
- You may add Your own copyright statement to Your modifications and
- may provide additional or different license terms and conditions
- for use, reproduction, or distribution of Your modifications, or
- for any such Derivative Works as a whole, provided Your use,
- reproduction, and distribution of the Work otherwise complies with
- the conditions stated in this License.
-
- 5. Submission of Contributions. Unless You explicitly state otherwise,
- any Contribution intentionally submitted for inclusion in the Work
- by You to the Licensor shall be under the terms and conditions of
- this License, without any additional terms or conditions.
- Notwithstanding the above, nothing herein shall supersede or modify
- the terms of any separate license agreement you may have executed
- with Licensor regarding such Contributions.
-
- 6. Trademarks. This License does not grant permission to use the trade
- names, trademarks, service marks, or product names of the Licensor,
- except as required for reasonable and customary use in describing the
- origin of the Work and reproducing the content of the NOTICE file.
-
- 7. Disclaimer of Warranty. Unless required by applicable law or
- agreed to in writing, Licensor provides the Work (and each
- Contributor provides its Contributions) on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied, including, without limitation, any warranties or conditions
- of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- PARTICULAR PURPOSE. You are solely responsible for determining the
- appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.
-
- 8. Limitation of Liability. In no event and under no legal theory,
- whether in tort (including negligence), contract, or otherwise,
- unless required by applicable law (such as deliberate and grossly
- negligent acts) or agreed to in writing, shall any Contributor be
- liable to You for damages, including any direct, indirect, special,
- incidental, or consequential damages of any character arising as a
- result of this License or out of the use or inability to use the
- Work (including but not limited to damages for loss of goodwill,
- work stoppage, computer failure or malfunction, or any and all
- other commercial damages or losses), even if such Contributor
- has been advised of the possibility of such damages.
-
- 9. Accepting Warranty or Additional Liability. While redistributing
- the Work or Derivative Works thereof, You may choose to offer,
- and charge a fee for, acceptance of support, warranty, indemnity,
- or other liability obligations and/or rights consistent with this
- License. However, in accepting such obligations, You may act only
- on Your own behalf and on Your sole responsibility, not on behalf
- of any other Contributor, and only if You agree to indemnify,
- defend, and hold each Contributor harmless for any liability
- incurred by, or claims asserted against, such Contributor by reason
- of your accepting any such warranty or additional liability.
-
- END OF TERMS AND CONDITIONS
-
- APPENDIX: How to apply the Apache License to your work.
-
- To apply the Apache License to your work, attach the following
- boilerplate notice, with the fields enclosed by brackets "[]"
- replaced with your own identifying information. (Don't include
- the brackets!) The text should be enclosed in the appropriate
- comment syntax for the file format. We also recommend that a
- file or class name and description of purpose be included on the
- same "printed page" as the copyright notice for easier
- identification within third-party archives.
-
- Copyright [yyyy] [name of copyright owner]
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
diff --git a/moonv4/python_moonclient/MANIFEST.in b/moonv4/python_moonclient/MANIFEST.in
deleted file mode 100644
index 2a5ac509..00000000
--- a/moonv4/python_moonclient/MANIFEST.in
+++ /dev/null
@@ -1,10 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-include README.md
-include LICENSE
-include Changelog
-include setup.py
-include requirements.txt
diff --git a/moonv4/python_moonclient/README.md b/moonv4/python_moonclient/README.md
deleted file mode 100644
index d1ebc786..00000000
--- a/moonv4/python_moonclient/README.md
+++ /dev/null
@@ -1,33 +0,0 @@
-# python-moonclient Package
-This package contains the core module for the Moon project.
-It is designed to provide authorization feature to all OpenStack components.
-
-For any other information, refer to the parent project:
-
- https://git.opnfv.org/moon
-
-python_moonutilities is a common Python lib for other Moon Python packages
-
-## Build
-### Build Python Package
-```bash
-cd ${MOON_HOME}/moonv4/python_moonclient
-python3 setup.py sdist bdist_wheel
-```
-
-### Push Python Package to PIP
-```bash
-cd ${MOON_HOME}/moonv4/python_moonclient
-gpg --detach-sign -u "${GPG_ID}" -a dist/python_moonclient-X.Y.Z-py3-none-any.whl
-gpg --detach-sign -u "${GPG_ID}" -a dist/python_moonclient-X.Y.Z.tar.gz
-twine upload dist/python_moonclient-X.Y.Z-py3-none-any.whl dist/python_moonclient-X.Y.Z-py3-none-any.whl.asc
-twine upload dist/python_moonclient-X.Y.Z.tar.gz dist/python_moonclient-X.Y.Z.tar.gz.asc
-```
-
-## Test
-### Python Unit Test
-launch Docker for Python unit tests
-```bash
-cd ${MOON_HOME}/moonv4/python_moonclient
-docker run --rm --volume $(pwd):/data wukongsun/moon_python_unit_test:latest
-```
diff --git a/moonv4/python_moonclient/python_moonclient/__init__.py b/moonv4/python_moonclient/python_moonclient/__init__.py
deleted file mode 100644
index d7cdd111..00000000
--- a/moonv4/python_moonclient/python_moonclient/__init__.py
+++ /dev/null
@@ -1,6 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-__version__ = "0.0.1"
diff --git a/moonv4/python_moonclient/python_moonclient/authz.py b/moonv4/python_moonclient/python_moonclient/authz.py
deleted file mode 100644
index 9458767e..00000000
--- a/moonv4/python_moonclient/python_moonclient/authz.py
+++ /dev/null
@@ -1,178 +0,0 @@
-import copy
-import logging
-import threading
-import requests
-import time
-import json
-import random
-from uuid import uuid4
-
-HOST_MANAGER = None
-PORT_MANAGER = None
-HOST_KEYSTONE = None
-PORT_KEYSTONE = None
-
-lock = threading.Lock()
-logger = logging.getLogger(__name__)
-
-
-def _construct_payload(creds, current_rule, enforcer, target):
- # Convert instances of object() in target temporarily to
- # empty dict to avoid circular reference detection
- # errors in jsonutils.dumps().
- temp_target = copy.deepcopy(target)
- for key in target.keys():
- element = target.get(key)
- if type(element) is object:
- temp_target[key] = {}
- _data = _json = None
- if enforcer:
- _data = {'rule': current_rule,
- 'target': json.dumps(temp_target),
- 'credentials': json.dumps(creds)}
- else:
- _json = {'rule': current_rule,
- 'target': temp_target,
- 'credentials': creds}
- return _data, _json
-
-
-def _send(url, data=None, stress_test=False):
- current_request = dict()
- current_request['url'] = url
- try:
- if stress_test:
- current_request['start'] = time.time()
- # with lock:
- res = requests.get(url)
- current_request['end'] = time.time()
- current_request['delta'] = current_request["end"] - current_request["start"]
- else:
- with lock:
- current_request['start'] = time.time()
- if data:
- data, _ = _construct_payload(data['credentials'], data['rule'], True, data['target'])
- res = requests.post(url, json=data,
- headers={'content-type': "application/x-www-form-urlencode"}
- )
- else:
- res = requests.get(url)
- current_request['end'] = time.time()
- current_request['delta'] = current_request["end"] - current_request["start"]
- except requests.exceptions.ConnectionError:
- logger.warning("Unable to connect to server")
- return {}
- if not stress_test:
- try:
- j = res.json()
- if res.status_code == 200:
- logger.warning("\033[1m{}\033[m \033[32mGrant\033[m".format(url))
- elif res.status_code == 401:
- logger.warning("\033[1m{}\033[m \033[31mDeny\033[m".format(url))
- else:
- logger.error("\033[1m{}\033[m {} {}".format(url, res.status_code, res.text))
- except Exception as e:
- if res.text == "True":
- logger.warning("\033[1m{}\033[m \033[32mGrant\033[m".format(url))
- elif res.text == "False":
- logger.warning("\033[1m{}\033[m \033[31mDeny\033[m".format(url))
- else:
- logger.error("\033[1m{}\033[m {} {}".format(url, res.status_code, res.text))
- logger.exception(e)
- logger.error(res.text)
- else:
- if j.get("result"):
- # logger.warning("{} \033[32m{}\033[m".format(url, j.get("result")))
- logger.debug("{}".format(j.get("error", "")))
- current_request['result'] = "Grant"
- else:
- # logger.warning("{} \033[31m{}\033[m".format(url, "Deny"))
- logger.debug("{}".format(j))
- current_request['result'] = "Deny"
- return current_request
-
-
-class AsyncGet(threading.Thread):
-
- def __init__(self, url, semaphore=None, **kwargs):
- threading.Thread.__init__(self)
- self.url = url
- self.kwargs = kwargs
- self.sema = semaphore
- self.result = dict()
- self.uuid = uuid4().hex
- self.index = kwargs.get("index", 0)
-
- def run(self):
- self.result = _send(self.url,
- data=self.kwargs.get("data"),
- stress_test=self.kwargs.get("stress_test", False))
- self.result['index'] = self.index
-
-
-def send_requests(scenario, authz_host, authz_port, keystone_project_id, request_second=1, limit=500,
- dry_run=None, stress_test=False, destination="wrapper"):
- backgrounds = []
- time_data = list()
- start_timing = time.time()
- request_cpt = 0
- SUBJECTS = tuple(scenario.subjects.keys())
- OBJECTS = tuple(scenario.objects.keys())
- ACTIONS = tuple(scenario.actions.keys())
- while request_cpt < limit:
- rule = (random.choice(SUBJECTS), random.choice(OBJECTS), random.choice(ACTIONS))
- if destination.lower() == "wrapper":
- url = "http://{}:{}/authz".format(authz_host, authz_port)
- data = {
- 'target': {
- "user_id": random.choice(SUBJECTS),
- "target": {
- "name": random.choice(OBJECTS)
- },
- "project_id": keystone_project_id
- },
- 'credentials': None,
- 'rule': random.choice(ACTIONS)
- }
- else:
- url = "http://{}:{}/authz/{}/{}".format(authz_host, authz_port, keystone_project_id, "/".join(rule))
- data = None
- if dry_run:
- logger.info(url)
- continue
- request_cpt += 1
- if stress_test:
- time_data.append(copy.deepcopy(_send(url, stress_test=stress_test)))
- else:
- background = AsyncGet(url, stress_test=stress_test, data=data,
- index=request_cpt)
- backgrounds.append(background)
- background.start()
- if request_second > 0:
- if request_cpt % request_second == 0:
- if time.time()-start_timing < 1:
- while True:
- if time.time()-start_timing > 1:
- break
- start_timing = time.time()
- if not stress_test:
- for background in backgrounds:
- background.join()
- if background.result:
- time_data.append(copy.deepcopy(background.result))
- return time_data
-
-
-def save_data(filename, time_data):
- json.dump(time_data, open(filename, "w"))
-
-
-def get_delta(time_data):
- time_delta = list()
- time_delta_sum1 = 0
- for item in time_data:
- time_delta.append(item['delta'])
- time_delta_sum1 += item['delta']
- time_delta_average1 = time_delta_sum1 / len(time_data)
- return time_delta, time_delta_average1
-
diff --git a/moonv4/python_moonclient/python_moonclient/config.py b/moonv4/python_moonclient/python_moonclient/config.py
deleted file mode 100644
index d6317820..00000000
--- a/moonv4/python_moonclient/python_moonclient/config.py
+++ /dev/null
@@ -1,44 +0,0 @@
-import base64
-import json
-import requests
-
-
-def get_configuration(consul_host, consul_port, key):
- url = "http://{}:{}/v1/kv/{}".format(consul_host, consul_port, key)
- req = requests.get(url)
- if req.status_code != 200:
- raise Exception("xxx")
- data = req.json()
- if len(data) == 1:
- data = data[0]
- return {data["Key"]: json.loads(base64.b64decode(data["Value"]).decode("utf-8"))}
- else:
- return [
- {item["Key"]: json.loads(base64.b64decode(item["Value"]).decode("utf-8"))}
- for item in data
- ]
-
-
-def get_config_data(consul_host, consul_port):
- conf_data = dict()
- conf_data['manager_host'] = get_configuration(consul_host, consul_port,
- 'components/manager')['components/manager']['external']['hostname']
- conf_data['manager_port'] = get_configuration(consul_host, consul_port,
- 'components/manager')['components/manager']['external']['port']
- # conf_data['authz_host'] = get_configuration(consul_host, consul_port,
- # 'components/interface')['components/interface']['external']['hostname']
- # conf_data['authz_port'] = get_configuration(consul_host, consul_port,
- # 'components/interface')['components/interface']['external']['port']
- conf_data['keystone_host'] = get_configuration(consul_host, consul_port,
- 'openstack/keystone')['openstack/keystone']['external']['url']
- # conf_data['keystone_port'] = '5000'
- conf_data['keystone_user'] = get_configuration(consul_host, consul_port,
- 'openstack/keystone')['openstack/keystone']['user']
- conf_data['keystone_password'] = get_configuration(consul_host, consul_port,
- 'openstack/keystone')['openstack/keystone']['password']
- conf_data['keystone_project'] = get_configuration(consul_host, consul_port,
- 'openstack/keystone')['openstack/keystone']['project']
- return conf_data
-
-# get_conf_data('88.88.88.2', '30005')
-# get_conf_data('127.0.0.1', 8082)
diff --git a/moonv4/python_moonclient/python_moonclient/models.py b/moonv4/python_moonclient/python_moonclient/models.py
deleted file mode 100644
index 069c673b..00000000
--- a/moonv4/python_moonclient/python_moonclient/models.py
+++ /dev/null
@@ -1,319 +0,0 @@
-import logging
-import requests
-import copy
-from . import config
-
-logger = logging.getLogger("moonclient.models")
-
-
-URL = None
-HEADERS = None
-
-model_template = {
- "name": "test_model",
- "description": "test",
- "meta_rules": []
-}
-
-category_template = {
- "name": "name of the category",
- "description": "description of the category"
-}
-
-meta_rule_template = {
- "name": "test_meta_rule",
- "subject_categories": [],
- "object_categories": [],
- "action_categories": []
-}
-
-
-def init(consul_host, consul_port):
- conf_data = config.get_config_data(consul_host, consul_port)
- global URL, HEADERS
- URL = "http://{}:{}".format(
- conf_data['manager_host'],
- conf_data['manager_port'])
- URL = URL + "{}"
- HEADERS = {"content-type": "application/json"}
-
-
-def check_model(model_id=None, check_model_name=True):
- req = requests.get(URL.format("/models"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "models" in result
- if model_id:
- assert result["models"]
- assert model_id in result['models']
- assert "name" in result['models'][model_id]
- if check_model_name:
- assert model_template["name"] == result['models'][model_id]["name"]
- return result
-
-
-def add_model(name=None):
- if name:
- model_template['name'] = name
- req = requests.post(URL.format("/models"), json=model_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- model_id = list(result['models'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['models'][model_id]
- assert model_template["name"] == result['models'][model_id]["name"]
- return model_id
-
-
-def delete_model(model_id):
- req = requests.delete(URL.format("/models/{}".format(model_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
-
-def add_subject_category(name="subject_cat_1"):
- category_template["name"] = name
- req = requests.post(URL.format("/subject_categories"), json=category_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "subject_categories" in result
- category_id = list(result['subject_categories'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['subject_categories'][category_id]
- assert category_template["name"] == result['subject_categories'][category_id]["name"]
- return category_id
-
-
-def check_subject_category(category_id):
- req = requests.get(URL.format("/subject_categories"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "subject_categories" in result
- if "result" in result:
- assert result["result"]
- assert category_id in result['subject_categories']
- assert "name" in result['subject_categories'][category_id]
- assert category_template["name"] == result['subject_categories'][category_id]["name"]
-
-
-def delete_subject_category(category_id):
- req = requests.delete(URL.format("/subject_categories/{}".format(category_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
-
-
-def add_object_category(name="object_cat_1"):
- category_template["name"] = name
- req = requests.post(URL.format("/object_categories"), json=category_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "object_categories" in result
- category_id = list(result['object_categories'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['object_categories'][category_id]
- assert category_template["name"] == result['object_categories'][category_id]["name"]
- return category_id
-
-
-def check_object_category(category_id):
- req = requests.get(URL.format("/object_categories"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "object_categories" in result
- if "result" in result:
- assert result["result"]
- assert category_id in result['object_categories']
- assert "name" in result['object_categories'][category_id]
- assert category_template["name"] == result['object_categories'][category_id]["name"]
-
-
-def delete_object_category(category_id):
- req = requests.delete(URL.format("/object_categories/{}".format(category_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
-
-
-def add_action_category(name="action_cat_1"):
- category_template["name"] = name
- req = requests.post(URL.format("/action_categories"), json=category_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "action_categories" in result
- category_id = list(result['action_categories'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['action_categories'][category_id]
- assert category_template["name"] == result['action_categories'][category_id]["name"]
- return category_id
-
-
-def check_action_category(category_id):
- req = requests.get(URL.format("/action_categories"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "action_categories" in result
- if "result" in result:
- assert result["result"]
- assert category_id in result['action_categories']
- assert "name" in result['action_categories'][category_id]
- assert category_template["name"] == result['action_categories'][category_id]["name"]
-
-
-def delete_action_category(category_id):
- req = requests.delete(URL.format("/action_categories/{}".format(category_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
-
-
-def add_categories_and_meta_rule(name="test_meta_rule"):
- scat_id = add_subject_category()
- ocat_id = add_object_category()
- acat_id = add_action_category()
- _meta_rule_template = copy.deepcopy(meta_rule_template)
- _meta_rule_template["name"] = name
- _meta_rule_template["subject_categories"].append(scat_id)
- _meta_rule_template["object_categories"].append(ocat_id)
- _meta_rule_template["action_categories"].append(acat_id)
- req = requests.post(URL.format("/meta_rules"), json=_meta_rule_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "meta_rules" in result
- meta_rule_id = list(result['meta_rules'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['meta_rules'][meta_rule_id]
- assert _meta_rule_template["name"] == result['meta_rules'][meta_rule_id]["name"]
- return meta_rule_id, scat_id, ocat_id, acat_id
-
-
-def add_meta_rule(name="test_meta_rule", scat=[], ocat=[], acat=[]):
- _meta_rule_template = copy.deepcopy(meta_rule_template)
- _meta_rule_template["name"] = name
- _meta_rule_template["subject_categories"] = []
- _meta_rule_template["subject_categories"].extend(scat)
- _meta_rule_template["object_categories"] = []
- _meta_rule_template["object_categories"].extend(ocat)
- _meta_rule_template["action_categories"] = []
- _meta_rule_template["action_categories"].extend(acat)
- req = requests.post(URL.format("/meta_rules"), json=_meta_rule_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "meta_rules" in result
- meta_rule_id = list(result['meta_rules'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['meta_rules'][meta_rule_id]
- assert _meta_rule_template["name"] == result['meta_rules'][meta_rule_id]["name"]
- return meta_rule_id
-
-
-def check_meta_rule(meta_rule_id, scat_id=None, ocat_id=None, acat_id=None):
- req = requests.get(URL.format("/meta_rules"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "meta_rules" in result
- if "result" in result:
- assert result["result"]
- if not meta_rule_id:
- return result
- assert meta_rule_id in result['meta_rules']
- assert "name" in result['meta_rules'][meta_rule_id]
- if scat_id:
- assert scat_id in result['meta_rules'][meta_rule_id]["subject_categories"]
- if ocat_id:
- assert ocat_id in result['meta_rules'][meta_rule_id]["object_categories"]
- if acat_id:
- assert acat_id in result['meta_rules'][meta_rule_id]["action_categories"]
-
-
-def delete_meta_rule(meta_rule_id):
- req = requests.delete(URL.format("/meta_rules/{}".format(meta_rule_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
-
-
-def add_meta_rule_to_model(model_id, meta_rule_id):
- model = check_model(model_id, check_model_name=False)['models']
- meta_rule_list = model[model_id]["meta_rules"]
- if meta_rule_id not in meta_rule_list:
- meta_rule_list.append(meta_rule_id)
- req = requests.patch(URL.format("/models/{}".format(model_id)),
- json={"meta_rules": meta_rule_list},
- headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- model_id = list(result['models'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "meta_rules" in result['models'][model_id]
- assert meta_rule_list == result['models'][model_id]["meta_rules"]
-
-
-def create_model(scenario, model_id=None):
- logger.info("Creating model {}".format(scenario.model_name))
- if not model_id:
- logger.info("Add model")
- model_id = add_model(name=scenario.model_name)
- logger.info("Add subject categories")
- for cat in scenario.subject_categories:
- scenario.subject_categories[cat] = add_subject_category(name=cat)
- logger.info("Add object categories")
- for cat in scenario.object_categories:
- scenario.object_categories[cat] = add_object_category(name=cat)
- logger.info("Add action categories")
- for cat in scenario.action_categories:
- scenario.action_categories[cat] = add_action_category(name=cat)
- sub_cat = []
- ob_cat = []
- act_cat = []
- meta_rule_list = []
- for item_name, item_value in scenario.meta_rule.items():
- for item in item_value["value"]:
- if item in scenario.subject_categories:
- sub_cat.append(scenario.subject_categories[item])
- elif item in scenario.object_categories:
- ob_cat.append(scenario.object_categories[item])
- elif item in scenario.action_categories:
- act_cat.append(scenario.action_categories[item])
- meta_rules = check_meta_rule(meta_rule_id=None)
- for _meta_rule_id, _meta_rule_value in meta_rules['meta_rules'].items():
- if _meta_rule_value['name'] == item_name:
- meta_rule_id = _meta_rule_id
- break
- else:
- logger.info("Add meta rule")
- meta_rule_id = add_meta_rule(item_name, sub_cat, ob_cat, act_cat)
- item_value["id"] = meta_rule_id
- if meta_rule_id not in meta_rule_list:
- meta_rule_list.append(meta_rule_id)
- return model_id, meta_rule_list
diff --git a/moonv4/python_moonclient/python_moonclient/parse.py b/moonv4/python_moonclient/python_moonclient/parse.py
deleted file mode 100644
index 34a4a996..00000000
--- a/moonv4/python_moonclient/python_moonclient/parse.py
+++ /dev/null
@@ -1,83 +0,0 @@
-import logging
-import argparse
-
-
-logger = None
-
-
-def parse():
- global logger
- logger = logging.getLogger(__name__)
- requests_log = logging.getLogger("requests.packages.urllib3")
- requests_log.setLevel(logging.WARNING)
- requests_log.propagate = True
-
- parser = argparse.ArgumentParser()
- parser.add_argument('filename', help='scenario filename', nargs=1)
- parser.add_argument("--verbose", "-v", action='store_true',
- help="verbose mode")
- parser.add_argument("--debug", "-d", action='store_true',
- help="debug mode")
- parser.add_argument("--dry-run", "-n", action='store_true',
- help="Dry run", dest="dry_run")
- parser.add_argument("--destination",
- help="Set the type of output needed "
- "(default: wrapper, other possible type: "
- "interface).",
- default="wrapper")
- parser.add_argument("--consul-host",
- help="Set the name of the consul server"
- "(default: 127.0.0.1).",
- default="127.0.0.1")
- parser.add_argument("--consul-port",
- help="Set the port of the consult server"
- "(default: 8082).",
- default="8082")
- parser.add_argument("--authz-host",
- help="Set the name of the authz server to test"
- "(default: 127.0.0.1).",
- default="127.0.0.1")
- parser.add_argument("--authz-port",
- help="Set the port of the authz server to test"
- "(default: 31002).",
- default="31002")
- parser.add_argument("--keystone-pid", "--keystone-project-id",
- help="Set the Keystone project ID"
- "(default: None).",
- default=None)
- parser.add_argument("--stress-test", "-s", action='store_true',
- dest='stress_test',
- help="Execute stressing tests (warning delta measures "
- "will be false, implies -t)")
- parser.add_argument("--write", "-w", help="Write test data to a JSON file",
- default="/tmp/data.json")
- parser.add_argument("--pdp", help="Test on pdp PDP")
- parser.add_argument("--request-per-second",
- help="Number of requests per seconds",
- type=int, dest="request_second", default=-1)
- parser.add_argument("--limit", help="Limit request to LIMIT", type=int,
- default=500)
-
- args = parser.parse_args()
-
- FORMAT = '%(asctime)-15s %(levelname)s %(message)s'
- if args.debug:
- logging.basicConfig(
- format=FORMAT,
- level=logging.DEBUG)
- elif args.verbose:
- logging.basicConfig(
- format=FORMAT,
- level=logging.INFO)
- else:
- logging.basicConfig(
- format=FORMAT,
- level=logging.WARNING)
-
- if args.stress_test:
- args.testonly = True
-
- if args.filename:
- logger.info("Loading: {}".format(args.filename[0]))
-
- return args
diff --git a/moonv4/python_moonclient/python_moonclient/pdp.py b/moonv4/python_moonclient/python_moonclient/pdp.py
deleted file mode 100644
index a7c75a61..00000000
--- a/moonv4/python_moonclient/python_moonclient/pdp.py
+++ /dev/null
@@ -1,211 +0,0 @@
-import sys
-import logging
-import requests
-from python_moonclient import config
-
-logger = logging.getLogger("moonforming.utils.policies")
-URL = None
-HEADER = None
-KEYSTONE_USER = None
-KEYSTONE_PASSWORD = None
-KEYSTONE_PROJECT = None
-KEYSTONE_SERVER = None
-
-# config = utils.config.get_config_data()
-
-
-pdp_template = {
- "name": "test_pdp",
- "security_pipeline": [],
- "keystone_project_id": None,
- "description": "test",
-}
-
-
-def init(consul_host, consul_port):
- conf_data = config.get_config_data(consul_host, consul_port)
- global URL, HEADER, KEYSTONE_USER, KEYSTONE_PASSWORD, KEYSTONE_PROJECT, KEYSTONE_SERVER
- URL = "http://{}:{}".format(
- conf_data['manager_host'],
- conf_data['manager_port'])
- # URL = URL + "{}"
- HEADER = {"content-type": "application/json"}
- KEYSTONE_USER = conf_data['keystone_user']
- KEYSTONE_PASSWORD = conf_data['keystone_password']
- KEYSTONE_PROJECT = conf_data['keystone_project']
- KEYSTONE_SERVER = conf_data['keystone_host']
-
-
-def get_keystone_projects():
- global HEADERS
- HEADERS = {
- "Content-Type": "application/json"
- }
-
- data_auth = {
- "auth": {
- "identity": {
- "methods": [
- "password"
- ],
- "password": {
- "user": {
- "name": KEYSTONE_USER,
- "domain": {
- "name": "Default"
- },
- "password": KEYSTONE_PASSWORD
- }
- }
- }
- }
- }
-
- req = requests.post("{}/auth/tokens".format(KEYSTONE_SERVER), json=data_auth, headers=HEADERS)
- logger.debug("{}/auth/tokens".format(KEYSTONE_SERVER))
- logger.debug(req.text)
- assert req.status_code in (200, 201)
- TOKEN = req.headers['X-Subject-Token']
- HEADERS['X-Auth-Token'] = TOKEN
- req = requests.get("{}/projects".format(KEYSTONE_SERVER), headers=HEADERS)
- if req.status_code not in (200, 201):
- data_auth["auth"]["scope"] = {
- "project": {
- "name": KEYSTONE_PROJECT,
- "domain": {
- "id": "default"
- }
- }
- }
- req = requests.post("{}/auth/tokens".format(KEYSTONE_SERVER), json=data_auth, headers=HEADERS)
- assert req.status_code in (200, 201)
- TOKEN = req.headers['X-Subject-Token']
- HEADERS['X-Auth-Token'] = TOKEN
- req = requests.get("{}/projects".format(KEYSTONE_SERVER), headers=HEADERS)
- assert req.status_code in (200, 201)
- return req.json()
-
-
-def get_keystone_id(pdp_name):
- keystone_project_id = None
- for pdp_key, pdp_value in check_pdp()["pdps"].items():
- if pdp_name:
- if pdp_name != pdp_value["name"]:
- continue
- if pdp_value['security_pipeline'] and pdp_value["keystone_project_id"]:
- logger.debug("Found pdp with keystone_project_id={}".format(pdp_value["keystone_project_id"]))
- keystone_project_id = pdp_value["keystone_project_id"]
-
- if not keystone_project_id:
- logger.error("Cannot find PDP with keystone project ID")
- sys.exit(1)
- return keystone_project_id
-
-
-def check_pdp(pdp_id=None, keystone_project_id=None, moon_url=None):
- _URL = URL
- if moon_url:
- _URL = moon_url
- req = requests.get(_URL + "/pdp")
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "pdps" in result
- if pdp_id:
- assert result["pdps"]
- assert pdp_id in result['pdps']
- assert "name" in result['pdps'][pdp_id]
- assert pdp_template["name"] == result['pdps'][pdp_id]["name"]
- if keystone_project_id:
- assert result["pdps"]
- assert pdp_id in result['pdps']
- assert "keystone_project_id" in result['pdps'][pdp_id]
- assert keystone_project_id == result['pdps'][pdp_id]["keystone_project_id"]
- return result
-
-
-def add_pdp(name="test_pdp", policy_id=None):
- pdp_template['name'] = name
- if policy_id:
- pdp_template['security_pipeline'].append(policy_id)
- req = requests.post(URL + "/pdp", json=pdp_template, headers=HEADERS)
- logger.debug(req.status_code)
- logger.debug(req)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- pdp_id = list(result['pdps'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['pdps'][pdp_id]
- assert pdp_template["name"] == result['pdps'][pdp_id]["name"]
- return pdp_id
-
-
-def update_pdp(pdp_id, policy_id=None):
- req = requests.get(URL + "/pdp/{}".format(pdp_id))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "pdps" in result
- assert pdp_id in result['pdps']
- pipeline = result['pdps'][pdp_id]["security_pipeline"]
- if policy_id not in pipeline:
- pipeline.append(policy_id)
- req = requests.patch(URL + "/pdp/{}".format(pdp_id),
- json={"security_pipeline": pipeline})
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "pdps" in result
- assert pdp_id in result['pdps']
-
- req = requests.get(URL + "/pdp/{}".format(pdp_id))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "pdps" in result
- assert pdp_id in result['pdps']
- assert policy_id in pipeline
-
-
-def map_to_keystone(pdp_id, keystone_project_id):
- req = requests.patch(URL + "/pdp/{}".format(pdp_id), json={"keystone_project_id": keystone_project_id},
- headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- if "result" in result:
- assert result["result"]
- assert pdp_id in result['pdps']
- assert "name" in result['pdps'][pdp_id]
- assert pdp_template["name"] == result['pdps'][pdp_id]["name"]
- return pdp_id
-
-
-def delete_pdp(pdp_id):
- req = requests.delete(URL + "/pdp/{}".format(pdp_id))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
-
-def create_pdp(scenario, policy_id=None, project_id=None):
- logger.info("Creating PDP {}".format(scenario.pdp_name))
- projects = get_keystone_projects()
- if not project_id:
- for _project in projects['projects']:
- if _project['name'] == "admin":
- project_id = _project['id']
- assert project_id
- pdps = check_pdp()["pdps"]
- for pdp_id, pdp_value in pdps.items():
- if scenario.pdp_name == pdp_value["name"]:
- update_pdp(pdp_id, policy_id=policy_id)
- logger.debug("Found existing PDP named {} (will add policy {})".format(scenario.pdp_name, policy_id))
- return pdp_id
- _pdp_id = add_pdp(name=scenario.pdp_name, policy_id=policy_id)
- map_to_keystone(pdp_id=_pdp_id, keystone_project_id=project_id)
- return _pdp_id \ No newline at end of file
diff --git a/moonv4/python_moonclient/python_moonclient/policies.py b/moonv4/python_moonclient/python_moonclient/policies.py
deleted file mode 100644
index 80210811..00000000
--- a/moonv4/python_moonclient/python_moonclient/policies.py
+++ /dev/null
@@ -1,763 +0,0 @@
-import logging
-import requests
-from . import config, models
-
-logger = logging.getLogger("moonclient.models")
-
-URL = None
-HEADERS = None
-FILE = open("/tmp/test.log", "w")
-logger = logging.getLogger("utils.policies")
-
-policy_template = {
- "name": "test_policy",
- "model_id": "",
- "genre": "authz",
- "description": "test",
-}
-
-subject_template = {
- "name": "test_subject",
- "description": "test",
- "email": "mail",
- "password": "my_pass",
-}
-
-object_template = {
- "name": "test_subject",
- "description": "test"
-}
-
-action_template = {
- "name": "test_subject",
- "description": "test"
-}
-
-subject_data_template = {
- "name": "subject_data1",
- "description": "description of the data subject"
-}
-
-object_data_template = {
- "name": "object_data1",
- "description": "description of the data subject"
-}
-
-action_data_template = {
- "name": "action_data1",
- "description": "description of the data subject"
-}
-
-subject_assignment_template = {
- "id": "",
- "category_id": "",
- "scope_id": ""
-}
-
-
-def init(consul_host, consul_port):
- conf_data = config.get_config_data(consul_host, consul_port)
- global URL, HEADERS
- URL = "http://{}:{}".format(
- conf_data['manager_host'],
- conf_data['manager_port'])
- URL = URL + "{}"
- HEADERS = {"content-type": "application/json"}
-
-
-def check_policy(policy_id=None):
- req = requests.get(URL.format("/policies"))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "policies" in result
- if policy_id:
- assert result["policies"]
- assert policy_id in result['policies']
- assert "name" in result['policies'][policy_id]
- assert policy_template["name"] == result['policies'][policy_id]["name"]
- return result
-
-
-def add_policy(name="test_policy", genre="authz"):
- policy_template["name"] = name
- policy_template["genre"] = genre
- req = requests.post(URL.format("/policies"), json=policy_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- policy_id = list(result['policies'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "name" in result['policies'][policy_id]
- assert policy_template["name"] == result['policies'][policy_id]["name"]
- return policy_id
-
-
-def update_policy(policy_id, model_id):
- req = requests.patch(URL.format("/policies/{}".format(policy_id)),
- json={"model_id": model_id}, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- policy_id = list(result['policies'].keys())[0]
- if "result" in result:
- assert result["result"]
- assert "model_id" in result['policies'][policy_id]
- assert model_id == result['policies'][policy_id]["model_id"]
-
-
-def delete_policy(policy_id):
- req = requests.delete(URL.format("/policies/{}".format(policy_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
-
-def add_subject(policy_id=None, name="test_subject"):
- subject_template['name'] = name
- if policy_id:
- logger.debug(URL.format("/policies/{}/subjects".format(policy_id)))
- req = requests.post(URL.format("/policies/{}/subjects".format(policy_id)),
- json=subject_template, headers=HEADERS)
- else:
- logger.debug(URL.format("/subjects"))
- req = requests.post(URL.format("/subjects"), json=subject_template, headers=HEADERS)
- logger.debug(req.text)
- assert req.status_code == 200
- result = req.json()
- assert "subjects" in result
- subject_id = list(result['subjects'].keys())[0]
- return subject_id
-
-
-def update_subject(subject_id, policy_id=None, description=None):
- if policy_id and not description:
- req = requests.patch(URL.format("/policies/{}/subjects/{}".format(policy_id, subject_id)),
- json={})
- elif policy_id and description:
- req = requests.patch(URL.format("/policies/{}/subjects/{}".format(policy_id, subject_id)),
- json={"description": description})
- else:
- req = requests.patch(URL.format("/subjects/{}".format(subject_id)),
- json={"description": description})
- assert req.status_code == 200
- result = req.json()
- assert "subjects" in result
- assert "name" in result["subjects"][subject_id]
- assert subject_template["name"] == result["subjects"][subject_id]["name"]
- assert "policy_list" in result["subjects"][subject_id]
- if policy_id:
- assert policy_id in result["subjects"][subject_id]["policy_list"]
- if description:
- assert description in result["subjects"][subject_id]["description"]
-
-
-def check_subject(subject_id=None, policy_id=None):
- if policy_id:
- req = requests.get(URL.format("/policies/{}/subjects".format(policy_id)))
- else:
- req = requests.get(URL.format("/subjects"))
- assert req.status_code == 200
- result = req.json()
- assert "subjects" in result
- assert "name" in result["subjects"][subject_id]
- assert subject_template["name"] == result["subjects"][subject_id]["name"]
- if policy_id:
- assert "policy_list" in result["subjects"][subject_id]
- assert policy_id in result["subjects"][subject_id]["policy_list"]
-
-
-def delete_subject(subject_id, policy_id=None):
- if policy_id:
- req = requests.delete(URL.format("/policies/{}/subjects/{}".format(policy_id, subject_id)))
- else:
- req = requests.delete(URL.format("/subjects/{}".format(subject_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
- if policy_id:
- req = requests.get(URL.format("/policies/{}/subjects".format(policy_id)))
- else:
- req = requests.get(URL.format("/subjects"))
- assert req.status_code == 200
- result = req.json()
- assert "subjects" in result
- if subject_id in result["subjects"]:
- assert "name" in result["subjects"][subject_id]
- assert subject_template["name"] == result["subjects"][subject_id]["name"]
- if policy_id:
- assert "policy_list" in result["subjects"][subject_id]
- assert policy_id not in result["subjects"][subject_id]["policy_list"]
-
-
-def add_object(policy_id=None, name="test_object"):
- object_template['name'] = name
- if policy_id:
- req = requests.post(URL.format("/policies/{}/objects".format(policy_id)),
- json=object_template, headers=HEADERS)
- else:
- req = requests.post(URL.format("/objects"), json=object_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "objects" in result
- object_id = list(result['objects'].keys())[0]
- return object_id
-
-
-def update_object(object_id, policy_id):
- req = requests.patch(URL.format("/policies/{}/objects/{}".format(policy_id, object_id)), json={})
- assert req.status_code == 200
- result = req.json()
- assert "objects" in result
- assert "name" in result["objects"][object_id]
- assert object_template["name"] == result["objects"][object_id]["name"]
- assert "policy_list" in result["objects"][object_id]
- assert policy_id in result["objects"][object_id]["policy_list"]
-
-
-def check_object(object_id=None, policy_id=None):
- if policy_id:
- req = requests.get(URL.format("/policies/{}/objects".format(policy_id)))
- else:
- req = requests.get(URL.format("/objects"))
- assert req.status_code == 200
- result = req.json()
- assert "objects" in result
- assert "name" in result["objects"][object_id]
- assert object_template["name"] == result["objects"][object_id]["name"]
- if policy_id:
- assert "policy_list" in result["objects"][object_id]
- assert policy_id in result["objects"][object_id]["policy_list"]
-
-
-def delete_object(object_id, policy_id=None):
- if policy_id:
- req = requests.delete(URL.format("/policies/{}/objects/{}".format(policy_id, object_id)))
- else:
- req = requests.delete(URL.format("/objects/{}".format(object_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
- if policy_id:
- req = requests.get(URL.format("/policies/{}/objects".format(policy_id)))
- else:
- req = requests.get(URL.format("/objects"))
- assert req.status_code == 200
- result = req.json()
- assert "objects" in result
- if object_id in result["objects"]:
- assert "name" in result["objects"][object_id]
- assert object_template["name"] == result["objects"][object_id]["name"]
- if policy_id:
- assert "policy_list" in result["objects"][object_id]
- assert policy_id not in result["objects"][object_id]["policy_list"]
-
-
-def add_action(policy_id=None, name="test_action"):
- action_template['name'] = name
- if policy_id:
- req = requests.post(URL.format("/policies/{}/actions".format(policy_id)),
- json=action_template, headers=HEADERS)
- else:
- req = requests.post(URL.format("/actions"), json=action_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "actions" in result
- action_id = list(result['actions'].keys())[0]
- return action_id
-
-
-def update_action(action_id, policy_id):
- req = requests.patch(URL.format("/policies/{}/actions/{}".format(policy_id, action_id)), json={})
- assert req.status_code == 200
- result = req.json()
- assert "actions" in result
- assert "name" in result["actions"][action_id]
- assert action_template["name"] == result["actions"][action_id]["name"]
- assert "policy_list" in result["actions"][action_id]
- assert policy_id in result["actions"][action_id]["policy_list"]
-
-
-def check_action(action_id=None, policy_id=None):
- if policy_id:
- req = requests.get(URL.format("/policies/{}/actions".format(policy_id)))
- else:
- req = requests.get(URL.format("/actions"))
- assert req.status_code == 200
- result = req.json()
- assert "actions" in result
- assert "name" in result["actions"][action_id]
- assert action_template["name"] == result["actions"][action_id]["name"]
- if policy_id:
- assert "policy_list" in result["actions"][action_id]
- assert policy_id in result["actions"][action_id]["policy_list"]
-
-
-def delete_action(action_id, policy_id=None):
- if policy_id:
- req = requests.delete(URL.format("/policies/{}/actions/{}".format(policy_id, action_id)))
- else:
- req = requests.delete(URL.format("/actions/{}".format(action_id)))
- assert req.status_code == 200
- result = req.json()
- assert type(result) is dict
- assert "result" in result
- assert result["result"]
-
- if policy_id:
- req = requests.get(URL.format("/policies/{}/actions".format(policy_id)))
- else:
- req = requests.get(URL.format("/actions"))
- assert req.status_code == 200
- result = req.json()
- assert "actions" in result
- if action_id in result["actions"]:
- assert "name" in result["actions"][action_id]
- assert action_template["name"] == result["actions"][action_id]["name"]
- if policy_id:
- assert "policy_list" in result["actions"][action_id]
- assert policy_id not in result["actions"][action_id]["policy_list"]
-
-
-def add_subject_data(policy_id, category_id, name="subject_data1"):
- subject_data_template['name'] = name
- req = requests.post(URL.format("/policies/{}/subject_data/{}".format(policy_id, category_id)),
- json=subject_data_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "subject_data" in result
- subject_id = list(result['subject_data']['data'].keys())[0]
- return subject_id
-
-
-def check_subject_data(policy_id, data_id, category_id):
- req = requests.get(URL.format("/policies/{}/subject_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "subject_data" in result
- for _data in result['subject_data']:
- assert data_id in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def delete_subject_data(policy_id, category_id, data_id):
- req = requests.delete(URL.format("/policies/{}/subject_data/{}/{}".format(policy_id, category_id, data_id)),
- headers=HEADERS)
- assert req.status_code == 200
- req = requests.get(URL.format("/policies/{}/subject_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "subject_data" in result
- for _data in result['subject_data']:
- assert data_id not in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def add_object_data(policy_id, category_id, name="object_data1"):
- object_data_template['name'] = name
- req = requests.post(URL.format("/policies/{}/object_data/{}".format(policy_id, category_id)),
- json=object_data_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "object_data" in result
- object_id = list(result['object_data']['data'].keys())[0]
- return object_id
-
-
-def check_object_data(policy_id, data_id, category_id):
- req = requests.get(URL.format("/policies/{}/object_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "object_data" in result
- for _data in result['object_data']:
- assert data_id in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def delete_object_data(policy_id, category_id, data_id):
- req = requests.delete(URL.format("/policies/{}/object_data/{}/{}".format(policy_id, category_id, data_id)),
- headers=HEADERS)
- assert req.status_code == 200
- req = requests.get(URL.format("/policies/{}/object_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "object_data" in result
- for _data in result['object_data']:
- assert data_id not in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def add_action_data(policy_id, category_id, name="action_data1"):
- action_data_template['name'] = name
- req = requests.post(URL.format("/policies/{}/action_data/{}".format(policy_id, category_id)),
- json=action_data_template, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "action_data" in result
- action_id = list(result['action_data']['data'].keys())[0]
- return action_id
-
-
-def check_action_data(policy_id, data_id, category_id):
- req = requests.get(URL.format("/policies/{}/action_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "action_data" in result
- for _data in result['action_data']:
- assert data_id in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def delete_action_data(policy_id, category_id, data_id):
- req = requests.delete(URL.format("/policies/{}/action_data/{}/{}".format(policy_id, category_id, data_id)),
- headers=HEADERS)
- assert req.status_code == 200
- req = requests.get(URL.format("/policies/{}/action_data/{}".format(policy_id, category_id)))
- assert req.status_code == 200
- result = req.json()
- assert "action_data" in result
- for _data in result['action_data']:
- assert data_id not in list(_data['data'].keys())
- assert category_id == _data["category_id"]
-
-
-def add_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id):
- req = requests.post(URL.format("/policies/{}/subject_assignments".format(policy_id)),
- json={
- "id": subject_id,
- "category_id": subject_cat_id,
- "data_id": subject_data_id
- }, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "subject_assignments" in result
- assert result["subject_assignments"]
-
-
-def check_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id):
- req = requests.get(URL.format("/policies/{}/subject_assignments/{}/{}/{}".format(
- policy_id, subject_id, subject_cat_id, subject_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "subject_assignments" in result
- assert result["subject_assignments"]
- for key in result["subject_assignments"]:
- assert "subject_id" in result["subject_assignments"][key]
- assert "category_id" in result["subject_assignments"][key]
- assert "assignments" in result["subject_assignments"][key]
- if result["subject_assignments"][key]['subject_id'] == subject_id and \
- result["subject_assignments"][key]["category_id"] == subject_cat_id:
- assert subject_data_id in result["subject_assignments"][key]["assignments"]
-
-
-def check_object_assignments(policy_id, object_id, object_cat_id, object_data_id):
- req = requests.get(URL.format("/policies/{}/object_assignments/{}/{}/{}".format(
- policy_id, object_id, object_cat_id, object_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "object_assignments" in result
- assert result["object_assignments"]
- for key in result["object_assignments"]:
- assert "object_id" in result["object_assignments"][key]
- assert "category_id" in result["object_assignments"][key]
- assert "assignments" in result["object_assignments"][key]
- if result["object_assignments"][key]['object_id'] == object_id and \
- result["object_assignments"][key]["category_id"] == object_cat_id:
- assert object_data_id in result["object_assignments"][key]["assignments"]
-
-
-def check_action_assignments(policy_id, action_id, action_cat_id, action_data_id):
- req = requests.get(URL.format("/policies/{}/action_assignments/{}/{}/{}".format(
- policy_id, action_id, action_cat_id, action_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "action_assignments" in result
- assert result["action_assignments"]
- for key in result["action_assignments"]:
- assert "action_id" in result["action_assignments"][key]
- assert "category_id" in result["action_assignments"][key]
- assert "assignments" in result["action_assignments"][key]
- if result["action_assignments"][key]['action_id'] == action_id and \
- result["action_assignments"][key]["category_id"] == action_cat_id:
- assert action_data_id in result["action_assignments"][key]["assignments"]
-
-
-def add_object_assignments(policy_id, object_id, object_cat_id, object_data_id):
- req = requests.post(URL.format("/policies/{}/object_assignments".format(policy_id)),
- json={
- "id": object_id,
- "category_id": object_cat_id,
- "data_id": object_data_id
- }, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "object_assignments" in result
- assert result["object_assignments"]
-
-
-def add_action_assignments(policy_id, action_id, action_cat_id, action_data_id):
- req = requests.post(URL.format("/policies/{}/action_assignments".format(policy_id)),
- json={
- "id": action_id,
- "category_id": action_cat_id,
- "data_id": action_data_id
- }, headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "action_assignments" in result
- assert result["action_assignments"]
-
-
-def delete_subject_assignment(policy_id, subject_id, subject_cat_id, subject_data_id):
- req = requests.delete(URL.format("/policies/{}/subject_assignments/{}/{}/{}".format(
- policy_id, subject_id, subject_cat_id, subject_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "result" in result
- assert result["result"]
-
- req = requests.get(URL.format("/policies/{}/subject_assignments/{}/{}/{}".format(
- policy_id, subject_id, subject_cat_id, subject_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "subject_assignments" in result
- assert result["subject_assignments"]
- for key in result["subject_assignments"]:
- assert "subject_id" in result["subject_assignments"][key]
- assert "category_id" in result["subject_assignments"][key]
- assert "assignments" in result["subject_assignments"][key]
- if result["subject_assignments"][key]['subject_id'] == subject_id and \
- result["subject_assignments"][key]["category_id"] == subject_cat_id:
- assert subject_data_id not in result["subject_assignments"][key]["assignments"]
-
-
-def delete_object_assignment(policy_id, object_id, object_cat_id, object_data_id):
- req = requests.delete(URL.format("/policies/{}/object_assignments/{}/{}/{}".format(
- policy_id, object_id, object_cat_id, object_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "result" in result
- assert result["result"]
-
- req = requests.get(URL.format("/policies/{}/object_assignments/{}/{}/{}".format(
- policy_id, object_id, object_cat_id, object_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "object_assignments" in result
- assert result["object_assignments"]
- for key in result["object_assignments"]:
- assert "object_id" in result["object_assignments"][key]
- assert "category_id" in result["object_assignments"][key]
- assert "assignments" in result["object_assignments"][key]
- if result["object_assignments"][key]['object_id'] == object_id and \
- result["object_assignments"][key]["category_id"] == object_cat_id:
- assert object_data_id not in result["object_assignments"][key]["assignments"]
-
-
-def delete_action_assignment(policy_id, action_id, action_cat_id, action_data_id):
- req = requests.delete(URL.format("/policies/{}/action_assignments/{}/{}/{}".format(
- policy_id, action_id, action_cat_id, action_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "result" in result
- assert result["result"]
-
- req = requests.get(URL.format("/policies/{}/action_assignments/{}/{}/{}".format(
- policy_id, action_id, action_cat_id, action_data_id)))
- assert req.status_code == 200
- result = req.json()
- assert "action_assignments" in result
- assert result["action_assignments"]
- for key in result["action_assignments"]:
- assert "action_id" in result["action_assignments"][key]
- assert "category_id" in result["action_assignments"][key]
- assert "assignments" in result["action_assignments"][key]
- if result["action_assignments"][key]['action_id'] == action_id and \
- result["action_assignments"][key]["category_id"] == action_cat_id:
- assert action_data_id not in result["action_assignments"][key]["assignments"]
-
-
-def add_rule(policy_id, meta_rule_id, rule, instructions={"chain": [{"security_pipeline": "rbac"}]}):
- req = requests.post(URL.format("/policies/{}/rules".format(policy_id)),
- json={
- "meta_rule_id": meta_rule_id,
- "rule": rule,
- "instructions": instructions,
- "enabled": True
- },
- headers=HEADERS)
- assert req.status_code == 200
- result = req.json()
- assert "rules" in result
- try:
- rule_id = list(result["rules"].keys())[0]
- except Exception as e:
- return False
- assert "policy_id" in result["rules"][rule_id]
- assert policy_id == result["rules"][rule_id]["policy_id"]
- assert "meta_rule_id" in result["rules"][rule_id]
- assert meta_rule_id == result["rules"][rule_id]["meta_rule_id"]
- assert rule == result["rules"][rule_id]["rule"]
- return rule_id
-
-
-def check_rule(policy_id, meta_rule_id, rule_id, rule):
- req = requests.get(URL.format("/policies/{}/rules".format(policy_id)))
- assert req.status_code == 200
- result = req.json()
- assert "rules" in result
- assert "policy_id" in result["rules"]
- assert policy_id == result["rules"]["policy_id"]
- for item in result["rules"]["rules"]:
- assert "meta_rule_id" in item
- if meta_rule_id == item["meta_rule_id"]:
- if rule_id == item["id"]:
- assert rule == item["rule"]
-
-
-def delete_rule(policy_id, rule_id):
- req = requests.delete(URL.format("/policies/{}/rules/{}".format(policy_id, rule_id)))
- assert req.status_code == 200
- result = req.json()
- assert "result" in result
- assert result["result"]
-
- req = requests.get(URL.format("/policies/{}/rules".format(policy_id)))
- assert req.status_code == 200
- result = req.json()
- assert "rules" in result
- assert "policy_id" in result["rules"]
- assert policy_id == result["rules"]["policy_id"]
- found_rule = False
- for item in result["rules"]["rules"]:
- if rule_id == item["id"]:
- found_rule = True
- assert not found_rule
-
-
-def create_policy(scenario, model_id, meta_rule_list):
- logger.info("Creating policy {}".format(scenario.policy_name))
- _policies = check_policy()
- for _policy_id, _policy_value in _policies["policies"].items():
- if _policy_value['name'] == scenario.policy_name:
- policy_id = _policy_id
- break
- else:
- policy_id = add_policy(name=scenario.policy_name, genre=scenario.policy_genre)
-
- update_policy(policy_id, model_id)
-
- for meta_rule_id in meta_rule_list:
- logger.debug("add_meta_rule_to_model {} {}".format(model_id, meta_rule_id))
- models.add_meta_rule_to_model(model_id, meta_rule_id)
-
- logger.info("Add subject data")
- for subject_cat_name in scenario.subject_data:
- for subject_data_name in scenario.subject_data[subject_cat_name]:
- data_id = scenario.subject_data[subject_cat_name][subject_data_name] = add_subject_data(
- policy_id=policy_id,
- category_id=scenario.subject_categories[subject_cat_name], name=subject_data_name)
- scenario.subject_data[subject_cat_name][subject_data_name] = data_id
- logger.info("Add object data")
- for object_cat_name in scenario.object_data:
- for object_data_name in scenario.object_data[object_cat_name]:
- data_id = scenario.object_data[object_cat_name][object_data_name] = add_object_data(
- policy_id=policy_id,
- category_id=scenario.object_categories[object_cat_name], name=object_data_name)
- scenario.object_data[object_cat_name][object_data_name] = data_id
- logger.info("Add action data")
- for action_cat_name in scenario.action_data:
- for action_data_name in scenario.action_data[action_cat_name]:
- data_id = scenario.action_data[action_cat_name][action_data_name] = add_action_data(
- policy_id=policy_id,
- category_id=scenario.action_categories[action_cat_name], name=action_data_name)
- scenario.action_data[action_cat_name][action_data_name] = data_id
-
- logger.info("Add subjects")
- for name in scenario.subjects:
- scenario.subjects[name] = add_subject(policy_id, name=name)
- logger.info("Add objects")
- for name in scenario.objects:
- scenario.objects[name] = add_object(policy_id, name=name)
- logger.info("Add actions")
- for name in scenario.actions:
- scenario.actions[name] = add_action(policy_id, name=name)
-
- logger.info("Add subject assignments")
- for subject_name in scenario.subject_assignments:
- if type(scenario.subject_assignments[subject_name]) in (list, tuple):
- for items in scenario.subject_assignments[subject_name]:
- for subject_category_name in items:
- subject_id = scenario.subjects[subject_name]
- subject_cat_id = scenario.subject_categories[subject_category_name]
- for data in scenario.subject_assignments[subject_name]:
- subject_data_id = scenario.subject_data[subject_category_name][data[subject_category_name]]
- add_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id)
- else:
- for subject_category_name in scenario.subject_assignments[subject_name]:
- subject_id = scenario.subjects[subject_name]
- subject_cat_id = scenario.subject_categories[subject_category_name]
- subject_data_id = scenario.subject_data[subject_category_name][scenario.subject_assignments[subject_name][subject_category_name]]
- add_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id)
-
- logger.info("Add object assignments")
- for object_name in scenario.object_assignments:
- if type(scenario.object_assignments[object_name]) in (list, tuple):
- for items in scenario.object_assignments[object_name]:
- for object_category_name in items:
- object_id = scenario.objects[object_name]
- object_cat_id = scenario.object_categories[object_category_name]
- for data in scenario.object_assignments[object_name]:
- object_data_id = scenario.object_data[object_category_name][data[object_category_name]]
- add_object_assignments(policy_id, object_id, object_cat_id, object_data_id)
- else:
- for object_category_name in scenario.object_assignments[object_name]:
- object_id = scenario.objects[object_name]
- object_cat_id = scenario.object_categories[object_category_name]
- object_data_id = scenario.object_data[object_category_name][scenario.object_assignments[object_name][object_category_name]]
- add_object_assignments(policy_id, object_id, object_cat_id, object_data_id)
-
- logger.info("Add action assignments")
- for action_name in scenario.action_assignments:
- if type(scenario.action_assignments[action_name]) in (list, tuple):
- for items in scenario.action_assignments[action_name]:
- for action_category_name in items:
- action_id = scenario.actions[action_name]
- action_cat_id = scenario.action_categories[action_category_name]
- for data in scenario.action_assignments[action_name]:
- action_data_id = scenario.action_data[action_category_name][data[action_category_name]]
- add_action_assignments(policy_id, action_id, action_cat_id, action_data_id)
- else:
- for action_category_name in scenario.action_assignments[action_name]:
- action_id = scenario.actions[action_name]
- action_cat_id = scenario.action_categories[action_category_name]
- action_data_id = scenario.action_data[action_category_name][scenario.action_assignments[action_name][action_category_name]]
- add_action_assignments(policy_id, action_id, action_cat_id, action_data_id)
-
- logger.info("Add rules")
- for meta_rule_name in scenario.rules:
- meta_rule_value = scenario.meta_rule[meta_rule_name]
- for rule in scenario.rules[meta_rule_name]:
- data_list = []
- _meta_rule = list(meta_rule_value["value"])
- for data_name in rule["rule"]:
- category_name = _meta_rule.pop(0)
- if category_name in scenario.subject_categories:
- data_list.append(scenario.subject_data[category_name][data_name])
- elif category_name in scenario.object_categories:
- data_list.append(scenario.object_data[category_name][data_name])
- elif category_name in scenario.action_categories:
- data_list.append(scenario.action_data[category_name][data_name])
- instructions = rule["instructions"]
- add_rule(policy_id, meta_rule_value["id"], data_list, instructions)
- return policy_id
-
diff --git a/moonv4/python_moonclient/requirements.txt b/moonv4/python_moonclient/requirements.txt
deleted file mode 100644
index 5b80e5f2..00000000
--- a/moonv4/python_moonclient/requirements.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-werkzeug
-flask
-requests \ No newline at end of file
diff --git a/moonv4/python_moonclient/setup.py b/moonv4/python_moonclient/setup.py
deleted file mode 100644
index 000e87ca..00000000
--- a/moonv4/python_moonclient/setup.py
+++ /dev/null
@@ -1,42 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-
-from setuptools import setup, find_packages
-import python_moonclient
-
-with open('requirements.txt') as f:
- required = f.read().splitlines()
-
-setup(
-
- name='python-moonclient',
-
- version=python_moonclient.__version__,
-
- packages=find_packages(),
-
- author='Thomas Duval & Ruan He',
-
- author_email='thomas.duval@orange.com, ruan.he@orange.com',
-
- description='client lib for all the Moon components',
-
- long_description=open('README.md').read(),
-
- install_requires=required,
-
- include_package_data=True,
-
- url='https://git.opnfv.org/cgit/moon',
-
- classifiers=[
- 'Programming Language :: Python :: 3',
- 'Development Status :: 1 - Planning',
- 'License :: OSI Approved',
- 'Natural Language :: English',
- 'Operating System :: OS Independent',
- ],
-
-)
diff --git a/moonv4/python_moonclient/tests/unit_python/conftest.py b/moonv4/python_moonclient/tests/unit_python/conftest.py
deleted file mode 100644
index e98f48c5..00000000
--- a/moonv4/python_moonclient/tests/unit_python/conftest.py
+++ /dev/null
@@ -1,12 +0,0 @@
-import pytest
-import requests_mock
-from . import mock_config
-
-
-@pytest.fixture(autouse=True)
-def no_requests(monkeypatch):
- """ Modify the response from Requests module
- """
- with requests_mock.Mocker(real_http=True) as m:
- mock_config.register_consul(m)
- yield m
diff --git a/moonv4/python_moonclient/tests/unit_python/mock_config.py b/moonv4/python_moonclient/tests/unit_python/mock_config.py
deleted file mode 100644
index 6d6c8249..00000000
--- a/moonv4/python_moonclient/tests/unit_python/mock_config.py
+++ /dev/null
@@ -1,35 +0,0 @@
-from . import utilities
-
-
-components_manager_mock = {
- "port": 8082,
- "bind": "0.0.0.0",
- "hostname": "manager",
- "container": "wukongsun/moon_manager:v4.3.1",
- "external": {
- "port": 30001,
- "hostname": "88.88.88.2"
- }
-}
-
-
-openstack_keystone_mock = {
- "url": "http://keystone:5000/v3",
- "user": "admin",
- "password": "p4ssw0rd",
- "domain": "default",
- "project": "admin",
- "check_token": False,
- "certificate": False,
- "external": {
- "url": "http://88.88.88.2:30006/v3"
- }
-}
-
-
-def register_consul(m):
- for component in utilities.COMPONENTS:
- m.register_uri(
- 'GET', 'http://consul:8500/v1/kv/{}'.format(component),
- json=[{'Key': component, 'Value': utilities.get_b64_conf(component)}]
- )
diff --git a/moonv4/python_moonclient/tests/unit_python/requirements.txt b/moonv4/python_moonclient/tests/unit_python/requirements.txt
deleted file mode 100644
index 3c1ad607..00000000
--- a/moonv4/python_moonclient/tests/unit_python/requirements.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-pytest
-requests_mock \ No newline at end of file
diff --git a/moonv4/python_moonclient/tests/unit_python/test_config.py b/moonv4/python_moonclient/tests/unit_python/test_config.py
deleted file mode 100644
index ebdfacf0..00000000
--- a/moonv4/python_moonclient/tests/unit_python/test_config.py
+++ /dev/null
@@ -1,8 +0,0 @@
-import pytest
-from . import utilities
-
-
-def test_authz_request():
- from python_moonclient import config
- conf_data = config.get_config_data("consul", 8500)
- assert isinstance(conf_data, dict)
diff --git a/moonv4/python_moonclient/tests/unit_python/test_models.py b/moonv4/python_moonclient/tests/unit_python/test_models.py
deleted file mode 100644
index f708c6e4..00000000
--- a/moonv4/python_moonclient/tests/unit_python/test_models.py
+++ /dev/null
@@ -1,37 +0,0 @@
-from python_moonclient.models import *
-
-
-def test_models():
- check_model()
- model_id = add_model()
- check_model(model_id)
- delete_model(model_id)
-
-
-def test_meta_data_subject():
- category_id = add_subject_category()
- check_subject_category(category_id)
- # TODO (asteroide): must implement the deletion of linked data
- # delete_subject_category(category_id)
-
-
-def test_meta_data_object():
- category_id = add_object_category()
- check_object_category(category_id)
- # TODO (asteroide): must implement the deletion of linked data
- # delete_object_category(category_id)
-
-
-def test_meta_data_action():
- category_id = add_action_category()
- check_action_category(category_id)
- # TODO (asteroide): must implement the deletion of linked data
- # delete_action_category(category_id)
-
-
-def test_meta_rule():
- meta_rule_id, scat_id, ocat_id, acat_id = add_categories_and_meta_rule()
- check_meta_rule(meta_rule_id, scat_id, ocat_id, acat_id)
- delete_meta_rule(meta_rule_id)
-
-
diff --git a/moonv4/python_moonclient/tests/unit_python/test_pdp.py b/moonv4/python_moonclient/tests/unit_python/test_pdp.py
deleted file mode 100644
index 8d9a3ac3..00000000
--- a/moonv4/python_moonclient/tests/unit_python/test_pdp.py
+++ /dev/null
@@ -1,16 +0,0 @@
-from python_moonclient.pdp import *
-
-
-def test_pdp():
- projects = get_keystone_projects()
- admin_project_id = None
- for _project in projects['projects']:
- if _project['name'] == "admin":
- admin_project_id = _project['id']
- assert admin_project_id
- check_pdp()
- pdp_id = add_pdp()
- check_pdp(pdp_id)
- map_to_keystone(pdp_id=pdp_id, keystone_project_id=admin_project_id)
- check_pdp(pdp_id=pdp_id, keystone_project_id=admin_project_id)
- delete_pdp(pdp_id)
diff --git a/moonv4/python_moonclient/tests/unit_python/test_policies.py b/moonv4/python_moonclient/tests/unit_python/test_policies.py
deleted file mode 100644
index 386c37af..00000000
--- a/moonv4/python_moonclient/tests/unit_python/test_policies.py
+++ /dev/null
@@ -1,157 +0,0 @@
-from python_moonclient.policies import *
-from python_moonclient.models import *
-
-
-def test_policies():
- check_policy()
- policy_id = add_policy()
- check_policy(policy_id)
- delete_policy(policy_id)
-
-
-def test_subjects():
- policy_id = add_policy()
- subject_id = add_subject()
-
- update_subject(subject_id=subject_id, policy_id=policy_id)
-
- check_subject(subject_id=subject_id, policy_id=policy_id)
-
- delete_subject(subject_id, policy_id=policy_id)
- delete_subject(subject_id)
-
-
-def test_objects():
- policy_id = add_policy()
- object_id = add_object()
-
- update_object(object_id=object_id, policy_id=policy_id)
- check_object(object_id=object_id, policy_id=policy_id)
-
- delete_object(object_id=object_id, policy_id=policy_id)
- delete_object(object_id=object_id)
-
-
-def test_actions():
- policy_id = add_policy()
- action_id = add_action()
-
- update_action(action_id=action_id, policy_id=policy_id)
- check_action(action_id=action_id, policy_id=policy_id)
-
- delete_action(action_id=action_id, policy_id=policy_id)
- delete_action(action_id=action_id)
-
-
-def test_subject_data():
- policy_id = add_policy()
-
- model_id = add_model()
-
- update_policy(policy_id, model_id)
-
- meta_rule_id, subject_cat_id, object_cat_id, action_cat_id = add_categories_and_meta_rule()
- add_meta_rule_to_model(model_id, meta_rule_id)
-
- subject_data_id = add_subject_data(policy_id=policy_id, category_id=subject_cat_id)
- check_subject_data(policy_id=policy_id, data_id=subject_data_id, category_id=subject_cat_id)
- delete_subject_data(policy_id=policy_id, data_id=subject_data_id, category_id=subject_cat_id)
-
-
-def test_object_data():
- policy_id = add_policy()
-
- model_id = add_model()
-
- update_policy(policy_id, model_id)
-
- meta_rule_id, object_cat_id, object_cat_id, action_cat_id = add_categories_and_meta_rule()
- add_meta_rule_to_model(model_id, meta_rule_id)
-
- object_data_id = add_object_data(policy_id=policy_id, category_id=object_cat_id)
- check_object_data(policy_id=policy_id, data_id=object_data_id, category_id=object_cat_id)
- delete_object_data(policy_id=policy_id, data_id=object_data_id, category_id=object_cat_id)
-
-
-def test_action_data():
- policy_id = add_policy()
-
- model_id = add_model()
-
- update_policy(policy_id, model_id)
-
- meta_rule_id, action_cat_id, action_cat_id, action_cat_id = add_categories_and_meta_rule()
- add_meta_rule_to_model(model_id, meta_rule_id)
-
- action_data_id = add_action_data(policy_id=policy_id, category_id=action_cat_id)
- check_action_data(policy_id=policy_id, data_id=action_data_id, category_id=action_cat_id)
- delete_action_data(policy_id=policy_id, data_id=action_data_id, category_id=action_cat_id)
-
-
-def test_assignments():
- policy_id = add_policy()
-
- model_id = add_model()
-
- update_policy(policy_id, model_id)
-
- meta_rule_id, subject_cat_id, object_cat_id, action_cat_id = add_categories_and_meta_rule()
- add_meta_rule_to_model(model_id, meta_rule_id)
-
- subject_data_id = add_subject_data(policy_id=policy_id, category_id=subject_cat_id)
- subject_data_id_bis = add_subject_data(policy_id=policy_id, category_id=subject_cat_id)
- object_data_id = add_object_data(policy_id=policy_id, category_id=object_cat_id)
- object_data_id_bis = add_object_data(policy_id=policy_id, category_id=object_cat_id)
- action_data_id = add_action_data(policy_id=policy_id, category_id=action_cat_id)
- action_data_id_bis = add_action_data(policy_id=policy_id, category_id=action_cat_id)
-
- subject_id = add_subject(policy_id)
- object_id = add_object(policy_id)
- action_id = add_action(policy_id)
-
- add_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id)
- add_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id_bis)
- add_object_assignments(policy_id, object_id, object_cat_id, object_data_id)
- add_object_assignments(policy_id, object_id, object_cat_id, object_data_id_bis)
- add_action_assignments(policy_id, action_id, action_cat_id, action_data_id)
- add_action_assignments(policy_id, action_id, action_cat_id, action_data_id_bis)
-
- check_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id)
- check_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id_bis)
- check_object_assignments(policy_id, object_id, object_cat_id, object_data_id)
- check_object_assignments(policy_id, object_id, object_cat_id, object_data_id_bis)
- check_action_assignments(policy_id, action_id, action_cat_id, action_data_id)
- check_action_assignments(policy_id, action_id, action_cat_id, action_data_id_bis)
-
- delete_subject_assignment(policy_id, subject_id, subject_cat_id, subject_data_id)
- delete_object_assignment(policy_id, object_id, object_cat_id, object_data_id)
- delete_action_assignment(policy_id, action_id, action_cat_id, action_data_id)
-
-
-def test_rule():
- policy_id = add_policy()
-
- model_id = add_model()
-
- update_policy(policy_id, model_id)
-
- meta_rule_id, subject_cat_id, object_cat_id, action_cat_id = add_categories_and_meta_rule()
- add_meta_rule_to_model(model_id, meta_rule_id)
-
- subject_data_id = add_subject_data(policy_id=policy_id, category_id=subject_cat_id)
- object_data_id = add_object_data(policy_id=policy_id, category_id=object_cat_id)
- action_data_id = add_action_data(policy_id=policy_id, category_id=action_cat_id)
-
- subject_id = add_subject(policy_id)
- object_id = add_object(policy_id)
- action_id = add_action(policy_id)
-
- add_subject_assignments(policy_id, subject_id, subject_cat_id, subject_data_id)
- add_object_assignments(policy_id, object_id, object_cat_id, object_data_id)
- add_action_assignments(policy_id, action_id, action_cat_id, action_data_id)
-
- rule_id = add_rule(policy_id, meta_rule_id, [subject_data_id, object_data_id, action_data_id])
- check_rule(policy_id, meta_rule_id, rule_id, [subject_data_id, object_data_id, action_data_id])
-
- delete_rule(policy_id, rule_id)
-
diff --git a/moonv4/python_moonclient/tests/unit_python/utilities.py b/moonv4/python_moonclient/tests/unit_python/utilities.py
deleted file mode 100644
index ae2932c7..00000000
--- a/moonv4/python_moonclient/tests/unit_python/utilities.py
+++ /dev/null
@@ -1,153 +0,0 @@
-import base64
-import json
-
-CONF = {
- "openstack": {
- "keystone": {
- "url": "http://keystone:5000/v3",
- "user": "admin",
- "check_token": False,
- "password": "p4ssw0rd",
- "domain": "default",
- "certificate": False,
- "project": "admin",
- "external": {
- "url": "http://keystone:5000/v3",
- }
- }
- },
- "components": {
- "wrapper": {
- "bind": "0.0.0.0",
- "port": 8080,
- "container": "wukongsun/moon_wrapper:v4.3",
- "timeout": 5,
- "hostname": "wrapper"
- },
- "manager": {
- "bind": "0.0.0.0",
- "port": 8082,
- "container": "wukongsun/moon_manager:v4.3",
- "hostname": "manager",
- "external": {
- "hostname": "manager",
- "port": 30001
- }
- },
- "port_start": 31001,
- "orchestrator": {
- "bind": "0.0.0.0",
- "port": 8083,
- "container": "wukongsun/moon_orchestrator:v4.3",
- "hostname": "orchestrator"
- },
- "interface": {
- "bind": "0.0.0.0",
- "port": 8080,
- "container": "wukongsun/moon_interface:v4.3",
- "hostname": "interface"
- }
- },
- "plugins": {
- "session": {
- "port": 8082,
- "container": "asteroide/session:latest"
- },
- "authz": {
- "port": 8081,
- "container": "wukongsun/moon_authz:v4.3"
- }
- },
- "logging": {
- "handlers": {
- "file": {
- "filename": "/tmp/moon.log",
- "class": "logging.handlers.RotatingFileHandler",
- "level": "DEBUG",
- "formatter": "custom",
- "backupCount": 3,
- "maxBytes": 1048576
- },
- "console": {
- "class": "logging.StreamHandler",
- "formatter": "brief",
- "level": "INFO",
- "stream": "ext://sys.stdout"
- }
- },
- "formatters": {
- "brief": {
- "format": "%(levelname)s %(name)s %(message)-30s"
- },
- "custom": {
- "format": "%(asctime)-15s %(levelname)s %(name)s %(message)s"
- }
- },
- "root": {
- "handlers": [
- "console"
- ],
- "level": "ERROR"
- },
- "version": 1,
- "loggers": {
- "moon": {
- "handlers": [
- "console",
- "file"
- ],
- "propagate": False,
- "level": "DEBUG"
- }
- }
- },
- "slave": {
- "name": None,
- "master": {
- "url": None,
- "login": None,
- "password": None
- }
- },
- "docker": {
- "url": "tcp://172.88.88.1:2376",
- "network": "moon"
- },
- "database": {
- "url": "sqlite:///database.db",
- # "url": "mysql+pymysql://moon:p4sswOrd1@db/moon",
- "driver": "sql"
- },
- "messenger": {
- "url": "rabbit://moon:p4sswOrd1@messenger:5672/moon"
- }
-}
-
-COMPONENTS = (
- "logging",
- "openstack/keystone",
- "database",
- "slave",
- "components/manager",
- "components/orchestrator",
- "components/interface",
- "components/wrapper",
-)
-
-
-def get_b64_conf(component=None):
- if component == "components":
- return base64.b64encode(
- json.dumps(CONF["components"]).encode('utf-8')+b"\n").decode('utf-8')
- elif component in CONF:
- return base64.b64encode(
- json.dumps(
- CONF[component]).encode('utf-8')+b"\n").decode('utf-8')
- elif not component:
- return base64.b64encode(
- json.dumps(CONF).encode('utf-8')+b"\n").decode('utf-8')
- elif "/" in component:
- key1, _, key2 = component.partition("/")
- return base64.b64encode(
- json.dumps(
- CONF[key1][key2]).encode('utf-8')+b"\n").decode('utf-8')