diff options
Diffstat (limited to 'moonv4/tests/11_user_scalability/scenario')
26 files changed, 2094 insertions, 0 deletions
diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_10.py b/moonv4/tests/11_user_scalability/scenario/rbac_10.py new file mode 100644 index 00000000..d764b715 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_10.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 10 +OBJECT_NUMBER = 10 +ROLE_NUMBER = 10 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_100.py b/moonv4/tests/11_user_scalability/scenario/rbac_100.py new file mode 100644 index 00000000..7197e2d0 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_100.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 100 +OBJECT_NUMBER = 100 +ROLE_NUMBER = 50 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_1000.py b/moonv4/tests/11_user_scalability/scenario/rbac_1000.py new file mode 100644 index 00000000..fb136f39 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_1000.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 1000 +OBJECT_NUMBER = 1000 +ROLE_NUMBER = 700 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_150.py b/moonv4/tests/11_user_scalability/scenario/rbac_150.py new file mode 100644 index 00000000..3221db07 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_150.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 150 +OBJECT_NUMBER = 150 +ROLE_NUMBER = 100 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_1500.py b/moonv4/tests/11_user_scalability/scenario/rbac_1500.py new file mode 100644 index 00000000..f6b298d0 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_1500.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 1500 +OBJECT_NUMBER = 1500 +ROLE_NUMBER = 1000 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_20.py b/moonv4/tests/11_user_scalability/scenario/rbac_20.py new file mode 100644 index 00000000..6f6e15d1 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_20.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 20 +OBJECT_NUMBER = 20 +ROLE_NUMBER = 10 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_200.py b/moonv4/tests/11_user_scalability/scenario/rbac_200.py new file mode 100644 index 00000000..3e355d3f --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_200.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 200 +OBJECT_NUMBER = 200 +ROLE_NUMBER = 100 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_250.py b/moonv4/tests/11_user_scalability/scenario/rbac_250.py new file mode 100644 index 00000000..614fbf52 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_250.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 250 +OBJECT_NUMBER = 250 +ROLE_NUMBER = 100 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_30.py b/moonv4/tests/11_user_scalability/scenario/rbac_30.py new file mode 100644 index 00000000..7f663060 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_30.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 30 +OBJECT_NUMBER = 30 +ROLE_NUMBER = 10 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_300.py b/moonv4/tests/11_user_scalability/scenario/rbac_300.py new file mode 100644 index 00000000..4413da67 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_300.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 300 +OBJECT_NUMBER = 300 +ROLE_NUMBER = 100 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_3000.py b/moonv4/tests/11_user_scalability/scenario/rbac_3000.py new file mode 100644 index 00000000..f51b78c4 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_3000.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 3000 +OBJECT_NUMBER = 3000 +ROLE_NUMBER = 1000 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_40.py b/moonv4/tests/11_user_scalability/scenario/rbac_40.py new file mode 100644 index 00000000..4503217b --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_40.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 40 +OBJECT_NUMBER = 40 +ROLE_NUMBER = 10 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_50.py b/moonv4/tests/11_user_scalability/scenario/rbac_50.py new file mode 100644 index 00000000..01b13005 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_50.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 50 +OBJECT_NUMBER = 50 +ROLE_NUMBER = 10 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_500.py b/moonv4/tests/11_user_scalability/scenario/rbac_500.py new file mode 100644 index 00000000..5ad2959f --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_500.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 500 +OBJECT_NUMBER = 500 +ROLE_NUMBER = 200 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/rbac_750.py b/moonv4/tests/11_user_scalability/scenario/rbac_750.py new file mode 100644 index 00000000..3fb509d6 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/rbac_750.py @@ -0,0 +1,89 @@ +import random + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +SUBJECT_NUMBER = 750 +OBJECT_NUMBER = 750 +ROLE_NUMBER = 500 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {} +for _id in range(OBJECT_NUMBER): + objects["vm{}".format(_id)] = "" +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": {"admin": "", "*": ""}} +for _id in range(ROLE_NUMBER): + subject_data["role"]["role{}".format(_id)] = "" +object_data = {"id": {"*": ""}} +for _id in range(OBJECT_NUMBER): + object_data["id"]["vm{}".format(_id)] = "" +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + subject_assignments["user{}".format(_id)] = [{"role": _role}, {"role": "*"}] +object_assignments = {"vm0": ({"id": "vm0"}, {"id": "*"}), "vm1": ({"id": "vm1"}, {"id": "*"})} +for _id in range(OBJECT_NUMBER): + object_assignments["vm{}".format(_id)] = [{"id": "vm{}".format(_id)}, {"id": "*"}] +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": [ + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ] +} + +for _id in range(SUBJECT_NUMBER): + _role = "role{}".format(random.randrange(ROLE_NUMBER)) + _vm = "vm{}".format(random.randrange(OBJECT_NUMBER)) + _action = random.choice(list(action_data['action-type'].keys())) + rules["rbac"].append( + { + "rule": (_role, _vm, _action), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) diff --git a/moonv4/tests/11_user_scalability/scenario/session_10.py b/moonv4/tests/11_user_scalability/scenario/session_10.py new file mode 100644 index 00000000..c119ba08 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_10.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 10 +OBJECT_NUMBER = 10 +ROLE_NUMBER = 10 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_100.py b/moonv4/tests/11_user_scalability/scenario/session_100.py new file mode 100644 index 00000000..fa4e29d5 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_100.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 100 +OBJECT_NUMBER = 100 +ROLE_NUMBER = 50 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_1000.py b/moonv4/tests/11_user_scalability/scenario/session_1000.py new file mode 100644 index 00000000..71c892a7 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_1000.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 1000 +OBJECT_NUMBER = 1000 +ROLE_NUMBER = 700 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_150.py b/moonv4/tests/11_user_scalability/scenario/session_150.py new file mode 100644 index 00000000..b15fd8d2 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_150.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 150 +OBJECT_NUMBER = 150 +ROLE_NUMBER = 100 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_1500.py b/moonv4/tests/11_user_scalability/scenario/session_1500.py new file mode 100644 index 00000000..8282d9f3 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_1500.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 1500 +OBJECT_NUMBER = 1500 +ROLE_NUMBER = 1000 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_200.py b/moonv4/tests/11_user_scalability/scenario/session_200.py new file mode 100644 index 00000000..08a25b0d --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_200.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 200 +OBJECT_NUMBER = 200 +ROLE_NUMBER = 100 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_250.py b/moonv4/tests/11_user_scalability/scenario/session_250.py new file mode 100644 index 00000000..b007d067 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_250.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 250 +OBJECT_NUMBER = 250 +ROLE_NUMBER = 100 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_300.py b/moonv4/tests/11_user_scalability/scenario/session_300.py new file mode 100644 index 00000000..bf894ec1 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_300.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 300 +OBJECT_NUMBER = 300 +ROLE_NUMBER = 100 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_50.py b/moonv4/tests/11_user_scalability/scenario/session_50.py new file mode 100644 index 00000000..e6e91b39 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_50.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 50 +OBJECT_NUMBER = 50 +ROLE_NUMBER = 10 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_500.py b/moonv4/tests/11_user_scalability/scenario/session_500.py new file mode 100644 index 00000000..34346323 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_500.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 500 +OBJECT_NUMBER = 500 +ROLE_NUMBER = 200 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) diff --git a/moonv4/tests/11_user_scalability/scenario/session_750.py b/moonv4/tests/11_user_scalability/scenario/session_750.py new file mode 100644 index 00000000..1a5aef28 --- /dev/null +++ b/moonv4/tests/11_user_scalability/scenario/session_750.py @@ -0,0 +1,69 @@ +import random + +pdp_name = "pdp1" +policy_name = "Session policy example" +model_name = "Session" +policy_genre = "session" + +SUBJECT_NUMBER = 750 +OBJECT_NUMBER = 750 +ROLE_NUMBER = 500 + +subjects = {} +for _id in range(SUBJECT_NUMBER): + subjects["user{}".format(_id)] = "" +objects = {"admin": "", } +for _id in range(ROLE_NUMBER): + objects["role{}".format(_id)] = "" +actions = {"activate": "", "deactivate": ""} + +subject_categories = {"subjectid": "", } +object_categories = {"role": "", } +action_categories = {"session-action": "", } + +subject_data = {"subjectid": {}} +for _id in range(SUBJECT_NUMBER): + subject_data["subjectid"]["user{}".format(_id)] = "" + +object_data = {"role": { + "admin": "", + "*": "" +}} +for _id in range(ROLE_NUMBER): + object_data["role"]["role{}".format(_id)] = "" +action_data = {"session-action": {"activate": "", "deactivate": "", "*": ""}} + +subject_assignments = {} +for _id in range(SUBJECT_NUMBER): + subject_assignments["user{}".format(_id)] = ({"subjectid": "user{}".format(_id)}, ) +object_assignments = {"admin": ({"role": "admin"}, {"role": "*"})} +for _id in range(ROLE_NUMBER): + _role = "role{}".format(_id) + object_assignments[_role] = ({"role": _role}, {"role": "*"}) +action_assignments = {"activate": ({"session-action": "activate"}, {"session-action": "*"}, ), + "deactivate": ({"session-action": "deactivate"}, {"session-action": "*"}, ) + } + +meta_rule = { + "session": {"id": "", "value": ("subjectid", "role", "session-action")}, +} + +rules = { + "session": [] +} + +for _id in range(SUBJECT_NUMBER): + _subject = "user{}".format(_id) + _object = "role{}".format(random.choice(range(ROLE_NUMBER))) + rules["session"].append({ + "rule": (_subject, _object, "*"), + "instructions": ( + { + "update": { + "operation": "add", + "target": "rbac:role:admin" # add the role admin to the current user + } + }, + {"chain": {"name": "rbac"}} # chain with the meta_rule named rbac + ) + }) |