aboutsummaryrefslogtreecommitdiffstats
path: root/moonv4/python_moonutilities/tests/unit_python
diff options
context:
space:
mode:
Diffstat (limited to 'moonv4/python_moonutilities/tests/unit_python')
-rw-r--r--moonv4/python_moonutilities/tests/unit_python/conftest.py17
-rw-r--r--moonv4/python_moonutilities/tests/unit_python/mock_cache.py321
-rw-r--r--moonv4/python_moonutilities/tests/unit_python/mock_components.py27
-rw-r--r--moonv4/python_moonutilities/tests/unit_python/mock_keystone.py23
-rw-r--r--moonv4/python_moonutilities/tests/unit_python/requirements.txt2
-rw-r--r--moonv4/python_moonutilities/tests/unit_python/test_cache.py75
-rw-r--r--moonv4/python_moonutilities/tests/unit_python/test_configuration.py5
-rw-r--r--moonv4/python_moonutilities/tests/unit_python/utilities.py136
8 files changed, 606 insertions, 0 deletions
diff --git a/moonv4/python_moonutilities/tests/unit_python/conftest.py b/moonv4/python_moonutilities/tests/unit_python/conftest.py
new file mode 100644
index 00000000..7217586a
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/conftest.py
@@ -0,0 +1,17 @@
+import pytest
+import requests_mock
+import mock_components
+import mock_keystone
+import mock_cache
+
+
+@pytest.fixture(autouse=True)
+def no_requests(monkeypatch):
+ """ Modify the response from Requests module
+ """
+ with requests_mock.Mocker(real_http=True) as m:
+ mock_components.register_components(m)
+ mock_keystone.register_keystone(m)
+ mock_cache.register_cache(m)
+ print("End registering URI")
+ yield m \ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/mock_cache.py b/moonv4/python_moonutilities/tests/unit_python/mock_cache.py
new file mode 100644
index 00000000..b2b287a9
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/mock_cache.py
@@ -0,0 +1,321 @@
+from utilities import CONF
+
+pdp_mock = {
+ "pdp_id1": {
+ "name": "...",
+ "security_pipeline": ["policy_id_1", "policy_id_2"],
+ "keystone_project_id": "keystone_project_id1",
+ "description": "...",
+ },
+ "pdp_id12": {
+ "name": "...",
+ "security_pipeline": ["policy_id_1", "policy_id_2"],
+ "keystone_project_id": "keystone_project_id1",
+ "description": "...",
+ }
+}
+
+meta_rules_mock = {
+ "meta_rule_id1": {
+ "name": "meta_rule1",
+ "algorithm": "name of the meta rule algorithm",
+ "subject_categories": ["subject_category_id1",
+ "subject_category_id2"],
+ "object_categories": ["object_category_id1"],
+ "action_categories": ["action_category_id1"]
+ },
+ "meta_rule_id2": {
+ "name": "name of the meta rules2",
+ "algorithm": "name of the meta rule algorithm",
+ "subject_categories": ["subject_category_id1",
+ "subject_category_id2"],
+ "object_categories": ["object_category_id1"],
+ "action_categories": ["action_category_id1"]
+ }
+}
+
+policies_mock = {
+ "policy_id_1": {
+ "name": "test_policy1",
+ "model_id": "model_id_1",
+ "genre": "authz",
+ "description": "test",
+ },
+ "policy_id_2": {
+ "name": "test_policy2",
+ "model_id": "model_id_2",
+ "genre": "authz",
+ "description": "test",
+ }
+}
+
+subject_mock = {
+ "policy_id_1": {
+ "subject_id": {
+ "name": "subject_name",
+ "keystone_id": "keystone_project_id1",
+ "description": "a description"
+ }
+ },
+ "policy_id_2": {
+ "subject_id": {
+ "name": "subject_name",
+ "keystone_id": "keystone_project_id1",
+ "description": "a description"
+ }
+ }
+}
+
+subject_assignment_mock = {
+ "subject_id": {
+ "policy_id": "ID of the policy",
+ "subject_id": "ID of the subject",
+ "category_id": "ID of the category",
+ "assignments": [],
+ }
+}
+
+object_mock = {
+ "policy_id_1": {
+ "object_id": {
+ "name": "object_name",
+ "description": "a description"
+ }
+ },
+ "policy_id_2": {
+ "object_id": {
+ "name": "object_name",
+ "description": "a description"
+ }
+ }
+}
+
+object_assignment_mock = {
+ "object_id": {
+ "policy_id": "ID of the policy",
+ "object_id": "ID of the object",
+ "category_id": "ID of the category",
+ "assignments": [],
+ }
+}
+
+action_mock = {
+ "policy_id_1": {
+ "action_id": {
+ "name": "action_name",
+ "description": "a description"
+ }
+ },
+ "policy_id_2": {
+ "action_id": {
+ "name": "action_name",
+ "description": "a description"
+ }
+ }
+}
+
+action_assignment_mock = {
+ "action_id": {
+ "policy_id": "ID of the policy",
+ "action_id": "ID of the action",
+ "category_id": "ID of the category",
+ "assignments": [],
+ }
+}
+
+models_mock = {
+ "model_id_1": {
+ "name": "test_model",
+ "description": "test",
+ "meta_rules": ["meta_rule_id1"]
+ },
+ "model_id_2": {
+ "name": "test_model",
+ "description": "test",
+ "meta_rules": ["meta_rule_id2"]
+ },
+}
+
+rules_mock = {
+ "rules": {
+ "meta_rule_id": "meta_rule_id1",
+ "rule_id1": {
+ "rule": ["subject_data_id1",
+ "object_data_id1",
+ "action_data_id1"],
+ "instructions": (
+ {"decision": "grant"},
+ # "grant" to immediately exit,
+ # "continue" to wait for the result of next policy
+ # "deny" to deny the request
+ )
+ },
+ "rule_id2": {
+ "rule": ["subject_data_id2",
+ "object_data_id2",
+ "action_data_id2"],
+ "instructions": (
+ {
+ "update": {
+ "operation": "add",
+ # operations may be "add" or "delete"
+ "target": "rbac:role:admin"
+ # add the role admin to the current user
+ }
+ },
+ {"chain": {"name": "rbac"}}
+ # chain with the policy named rbac
+ )
+ }
+ }
+}
+
+
+def register_cache(m):
+ """ Modify the response from Requests module
+ """
+ register_pdp(m)
+ register_meta_rules(m)
+ register_policies(m)
+ register_models(m)
+ register_policy_subject(m, "policy_id_1")
+ register_policy_subject(m, "policy_id_2")
+ register_policy_object(m, "policy_id_1")
+ register_policy_object(m, "policy_id_2")
+ register_policy_action(m, "policy_id_1")
+ register_policy_action(m, "policy_id_2")
+ register_policy_subject_assignment(m, "policy_id_1", "subject_id")
+ # register_policy_subject_assignment_list(m1, "policy_id_1")
+ register_policy_subject_assignment(m, "policy_id_2", "subject_id")
+ # register_policy_subject_assignment_list(m1, "policy_id_2")
+ register_policy_object_assignment(m, "policy_id_1", "object_id")
+ # register_policy_object_assignment_list(m1, "policy_id_1")
+ register_policy_object_assignment(m, "policy_id_2", "object_id")
+ # register_policy_object_assignment_list(m1, "policy_id_2")
+ register_policy_action_assignment(m, "policy_id_1", "action_id")
+ # register_policy_action_assignment_list(m1, "policy_id_1")
+ register_policy_action_assignment(m, "policy_id_2", "action_id")
+ # register_policy_action_assignment_list(m1, "policy_id_2")
+ register_rules(m, "policy_id1")
+
+
+def register_pdp(m):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'pdp'),
+ json={'pdps': pdp_mock}
+ )
+
+
+def register_meta_rules(m):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'meta_rules'),
+ json={'meta_rules': meta_rules_mock}
+ )
+
+
+def register_policies(m):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies'),
+ json={'policies': policies_mock}
+ )
+
+
+def register_models(m):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'models'),
+ json={'models': models_mock}
+ )
+
+
+def register_policy_subject(m, policy_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/subjects'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies', policy_id),
+ json={'subjects': subject_mock[policy_id]}
+ )
+
+
+def register_policy_object(m, policy_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/objects'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies', policy_id),
+ json={'objects': object_mock[policy_id]}
+ )
+
+
+def register_policy_action(m, policy_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/actions'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies', policy_id),
+ json={'actions': action_mock[policy_id]}
+ )
+
+
+def register_policy_subject_assignment(m, policy_id, subj_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/subject_assignments/{}'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies',
+ policy_id,
+ subj_id),
+ json={'subject_assignments': subject_assignment_mock}
+ )
+
+
+def register_policy_subject_assignment_list(m, policy_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/subject_assignments'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies',
+ policy_id),
+ json={'subject_assignments': subject_assignment_mock}
+ )
+
+
+def register_policy_object_assignment(m, policy_id, obj_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/object_assignments/{}'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies',
+ policy_id,
+ obj_id),
+ json={'object_assignments': object_assignment_mock}
+ )
+
+
+def register_policy_object_assignment_list(m, policy_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/object_assignments'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies',
+ policy_id),
+ json={'object_assignments': object_assignment_mock}
+ )
+
+
+def register_policy_action_assignment(m, policy_id, action_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/action_assignments/{}'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies',
+ policy_id,
+ action_id),
+ json={'action_assignments': action_assignment_mock}
+ )
+
+
+def register_policy_action_assignment_list(m, policy_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/action_assignments'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies',
+ policy_id),
+ json={'action_assignments': action_assignment_mock}
+ )
+
+
+def register_rules(m, policy_id):
+ m.register_uri(
+ 'GET', 'http://{}:{}/{}/{}/{}'.format(CONF['components']['manager']['hostname'],
+ CONF['components']['manager']['port'], 'policies',
+ policy_id, 'rules'),
+ json={'rules': rules_mock}
+ ) \ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/mock_components.py b/moonv4/python_moonutilities/tests/unit_python/mock_components.py
new file mode 100644
index 00000000..a0319e1a
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/mock_components.py
@@ -0,0 +1,27 @@
+import utilities
+
+COMPONENTS = (
+ "logging",
+ "openstack/keystone",
+ "database",
+ "slave",
+ "components/manager",
+ "components/orchestrator",
+ "components/interface",
+)
+
+
+def register_components(m):
+ for component in COMPONENTS:
+ m.register_uri(
+ 'GET', 'http://consul:8500/v1/kv/{}'.format(component),
+ json=[{'Key': component, 'Value': utilities.get_b64_conf(component)}]
+ )
+
+ m.register_uri(
+ 'GET', 'http://consul:8500/v1/kv/components?recurse=true',
+ json=[
+ {"Key": key, "Value": utilities.get_b64_conf(key)} for key in COMPONENTS
+ ],
+ # json={'Key': "components", 'Value': get_b64_conf("components")}
+ ) \ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/mock_keystone.py b/moonv4/python_moonutilities/tests/unit_python/mock_keystone.py
new file mode 100644
index 00000000..c0b26b88
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/mock_keystone.py
@@ -0,0 +1,23 @@
+def register_keystone(m):
+ m.register_uri(
+ 'POST', 'http://keystone:5000/v3/auth/tokens',
+ headers={'X-Subject-Token': "111111111"}
+ )
+ m.register_uri(
+ 'DELETE', 'http://keystone:5000/v3/auth/tokens',
+ headers={'X-Subject-Token': "111111111"}
+ )
+ m.register_uri(
+ 'POST', 'http://keystone:5000/v3/users?name=testuser&domain_id=default',
+ json={"users": {}}
+ )
+ m.register_uri(
+ 'GET', 'http://keystone:5000/v3/users?name=testuser&domain_id=default',
+ json={"users": {}}
+ )
+ m.register_uri(
+ 'POST', 'http://keystone:5000/v3/users/',
+ json={"users": [{
+ "id": "1111111111111"
+ }]}
+ ) \ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/requirements.txt b/moonv4/python_moonutilities/tests/unit_python/requirements.txt
new file mode 100644
index 00000000..3c1ad607
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/requirements.txt
@@ -0,0 +1,2 @@
+pytest
+requests_mock \ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/test_cache.py b/moonv4/python_moonutilities/tests/unit_python/test_cache.py
new file mode 100644
index 00000000..3d4f7292
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/test_cache.py
@@ -0,0 +1,75 @@
+import pytest
+
+
+def test_authz_request():
+ from moon_utilities import cache
+ c = cache.Cache()
+ assert isinstance(c.authz_requests, dict)
+
+
+def test_get_subject_success():
+ from moon_utilities import cache
+ cache_obj = cache.Cache()
+ policy_id = 'policy_id_1'
+ name = 'subject_name'
+ subject_id = cache_obj.get_subject(policy_id, name)
+ assert subject_id is not None
+
+
+def test_get_subject_failure():
+ from moon_utilities import cache
+ cache_obj = cache.Cache()
+ policy_id = 'policy_id_1'
+ name = 'invalid name'
+ with pytest.raises(Exception) as exception_info:
+ cache_obj.get_subject(policy_id, name)
+ assert str(exception_info.value) == '400: Subject Unknown'
+
+
+def test_get_object_success():
+ from moon_utilities import cache
+ cache_obj = cache.Cache()
+ policy_id = 'policy_id_1'
+ name = 'object_name'
+ object_id = cache_obj.get_object(policy_id, name)
+ assert object_id is not None
+
+
+def test_get_object_failure():
+ from moon_utilities import cache
+ cache_obj = cache.Cache()
+ policy_id = 'policy_id_1'
+ name = 'invalid name'
+ with pytest.raises(Exception) as exception_info:
+ cache_obj.get_object(policy_id, name)
+ assert str(exception_info.value) == '400: Subject Unknown'
+
+
+def test_get_action_success():
+ from moon_utilities import cache
+ cache_obj = cache.Cache()
+ policy_id = 'policy_id_1'
+ name = 'action_name'
+ action_id = cache_obj.get_action(policy_id, name)
+ assert action_id is not None
+
+
+def test_get_action_failure():
+ from moon_utilities import cache
+ cache_obj = cache.Cache()
+ policy_id = 'policy_id_1'
+ name = 'invalid name'
+ with pytest.raises(Exception) as exception_info:
+ cache_obj.get_action(policy_id, name)
+ assert str(exception_info.value) == '400: Subject Unknown'
+
+
+def test_cache_manager():
+ from moon_utilities import cache
+ cache_obj = cache.Cache()
+ assert cache_obj.pdp is not None
+ assert cache_obj.meta_rules is not None
+ assert len(cache_obj.meta_rules) == 2
+ assert cache_obj.policies is not None
+ assert len(cache_obj.policies) == 2
+ assert cache_obj.models is not None \ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/test_configuration.py b/moonv4/python_moonutilities/tests/unit_python/test_configuration.py
new file mode 100644
index 00000000..0ebff995
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/test_configuration.py
@@ -0,0 +1,5 @@
+
+def test_get_components():
+ from moon_utilities import configuration
+ assert isinstance(configuration.get_components(), dict)
+
diff --git a/moonv4/python_moonutilities/tests/unit_python/utilities.py b/moonv4/python_moonutilities/tests/unit_python/utilities.py
new file mode 100644
index 00000000..1d79d890
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/utilities.py
@@ -0,0 +1,136 @@
+import base64
+import json
+
+
+CONF = {
+ "openstack": {
+ "keystone": {
+ "url": "http://keystone:5000/v3",
+ "user": "admin",
+ "check_token": False,
+ "password": "p4ssw0rd",
+ "domain": "default",
+ "certificate": False,
+ "project": "admin"
+ }
+ },
+ "components": {
+ "wrapper": {
+ "bind": "0.0.0.0",
+ "port": 8080,
+ "container": "wukongsun/moon_wrapper:v4.3",
+ "timeout": 5,
+ "hostname": "wrapper"
+ },
+ "manager": {
+ "bind": "0.0.0.0",
+ "port": 8082,
+ "container": "wukongsun/moon_manager:v4.3",
+ "hostname": "manager"
+ },
+ "port_start": 31001,
+ "orchestrator": {
+ "bind": "0.0.0.0",
+ "port": 8083,
+ "container": "wukongsun/moon_orchestrator:v4.3",
+ "hostname": "interface"
+ },
+ "interface": {
+ "bind": "0.0.0.0",
+ "port": 8080,
+ "container": "wukongsun/moon_interface:v4.3",
+ "hostname": "interface"
+ }
+ },
+ "plugins": {
+ "session": {
+ "port": 8082,
+ "container": "asteroide/session:latest"
+ },
+ "authz": {
+ "port": 8081,
+ "container": "wukongsun/moon_authz:v4.3"
+ }
+ },
+ "logging": {
+ "handlers": {
+ "file": {
+ "filename": "/tmp/moon.log",
+ "class": "logging.handlers.RotatingFileHandler",
+ "level": "DEBUG",
+ "formatter": "custom",
+ "backupCount": 3,
+ "maxBytes": 1048576
+ },
+ "console": {
+ "class": "logging.StreamHandler",
+ "formatter": "brief",
+ "level": "INFO",
+ "stream": "ext://sys.stdout"
+ }
+ },
+ "formatters": {
+ "brief": {
+ "format": "%(levelname)s %(name)s %(message)-30s"
+ },
+ "custom": {
+ "format": "%(asctime)-15s %(levelname)s %(name)s %(message)s"
+ }
+ },
+ "root": {
+ "handlers": [
+ "console"
+ ],
+ "level": "ERROR"
+ },
+ "version": 1,
+ "loggers": {
+ "moon": {
+ "handlers": [
+ "console",
+ "file"
+ ],
+ "propagate": False,
+ "level": "DEBUG"
+ }
+ }
+ },
+ "slave": {
+ "name": None,
+ "master": {
+ "url": None,
+ "login": None,
+ "password": None
+ }
+ },
+ "docker": {
+ "url": "tcp://172.88.88.1:2376",
+ "network": "moon"
+ },
+ "database": {
+ "url": "sqlite:///database.db",
+ # "url": "mysql+pymysql://moon:p4sswOrd1@db/moon",
+ "driver": "sql"
+ },
+ "messenger": {
+ "url": "rabbit://moon:p4sswOrd1@messenger:5672/moon"
+ }
+}
+
+
+def get_b64_conf(component=None):
+ if component == "components":
+ return base64.b64encode(
+ json.dumps(CONF["components"]).encode('utf-8')+b"\n").decode('utf-8')
+ elif component in CONF:
+ return base64.b64encode(
+ json.dumps(
+ CONF[component]).encode('utf-8')+b"\n").decode('utf-8')
+ elif not component:
+ return base64.b64encode(
+ json.dumps(CONF).encode('utf-8')+b"\n").decode('utf-8')
+ elif "/" in component:
+ key1, _, key2 = component.partition("/")
+ return base64.b64encode(
+ json.dumps(
+ CONF[key1][key2]).encode('utf-8')+b"\n").decode('utf-8')