From cb23b06b64af120e0c6775dd2d59f6d970418995 Mon Sep 17 00:00:00 2001
From: RHE <rebirthmonkey@gmail.com>
Date: Thu, 21 Dec 2017 15:36:27 +0100
Subject: python_moonutilities rename

Change-Id: I306268f5b95dee283313f76db2e1cac49fc9c0ff
Signed-off-by: RHE <rebirthmonkey@gmail.com>
---
 .../tests/unit_python/conftest.py                  |  17 ++
 .../tests/unit_python/mock_cache.py                | 321 +++++++++++++++++++++
 .../tests/unit_python/mock_components.py           |  27 ++
 .../tests/unit_python/mock_keystone.py             |  23 ++
 .../tests/unit_python/requirements.txt             |   2 +
 .../tests/unit_python/test_cache.py                |  75 +++++
 .../tests/unit_python/test_configuration.py        |   5 +
 .../tests/unit_python/utilities.py                 | 136 +++++++++
 8 files changed, 606 insertions(+)
 create mode 100644 moonv4/python_moonutilities/tests/unit_python/conftest.py
 create mode 100644 moonv4/python_moonutilities/tests/unit_python/mock_cache.py
 create mode 100644 moonv4/python_moonutilities/tests/unit_python/mock_components.py
 create mode 100644 moonv4/python_moonutilities/tests/unit_python/mock_keystone.py
 create mode 100644 moonv4/python_moonutilities/tests/unit_python/requirements.txt
 create mode 100644 moonv4/python_moonutilities/tests/unit_python/test_cache.py
 create mode 100644 moonv4/python_moonutilities/tests/unit_python/test_configuration.py
 create mode 100644 moonv4/python_moonutilities/tests/unit_python/utilities.py

(limited to 'moonv4/python_moonutilities/tests/unit_python')

diff --git a/moonv4/python_moonutilities/tests/unit_python/conftest.py b/moonv4/python_moonutilities/tests/unit_python/conftest.py
new file mode 100644
index 00000000..7217586a
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/conftest.py
@@ -0,0 +1,17 @@
+import pytest
+import requests_mock
+import mock_components
+import mock_keystone
+import mock_cache
+
+
+@pytest.fixture(autouse=True)
+def no_requests(monkeypatch):
+    """ Modify the response from Requests module
+    """
+    with requests_mock.Mocker(real_http=True) as m:
+        mock_components.register_components(m)
+        mock_keystone.register_keystone(m)
+        mock_cache.register_cache(m)
+        print("End registering URI")
+        yield m
\ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/mock_cache.py b/moonv4/python_moonutilities/tests/unit_python/mock_cache.py
new file mode 100644
index 00000000..b2b287a9
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/mock_cache.py
@@ -0,0 +1,321 @@
+from utilities import CONF
+
+pdp_mock = {
+    "pdp_id1": {
+        "name": "...",
+        "security_pipeline": ["policy_id_1", "policy_id_2"],
+        "keystone_project_id": "keystone_project_id1",
+        "description": "...",
+    },
+    "pdp_id12": {
+        "name": "...",
+        "security_pipeline": ["policy_id_1", "policy_id_2"],
+        "keystone_project_id": "keystone_project_id1",
+        "description": "...",
+    }
+}
+
+meta_rules_mock = {
+    "meta_rule_id1": {
+        "name": "meta_rule1",
+        "algorithm": "name of the meta rule algorithm",
+        "subject_categories": ["subject_category_id1",
+                               "subject_category_id2"],
+        "object_categories": ["object_category_id1"],
+        "action_categories": ["action_category_id1"]
+    },
+    "meta_rule_id2": {
+        "name": "name of the meta rules2",
+        "algorithm": "name of the meta rule algorithm",
+        "subject_categories": ["subject_category_id1",
+                               "subject_category_id2"],
+        "object_categories": ["object_category_id1"],
+        "action_categories": ["action_category_id1"]
+    }
+}
+
+policies_mock = {
+    "policy_id_1": {
+        "name": "test_policy1",
+        "model_id": "model_id_1",
+        "genre": "authz",
+        "description": "test",
+    },
+    "policy_id_2": {
+        "name": "test_policy2",
+        "model_id": "model_id_2",
+        "genre": "authz",
+        "description": "test",
+    }
+}
+
+subject_mock = {
+    "policy_id_1": {
+        "subject_id": {
+            "name": "subject_name",
+            "keystone_id": "keystone_project_id1",
+            "description": "a description"
+        }
+    },
+    "policy_id_2": {
+        "subject_id": {
+            "name": "subject_name",
+            "keystone_id": "keystone_project_id1",
+            "description": "a description"
+        }
+    }
+}
+
+subject_assignment_mock = {
+    "subject_id": {
+        "policy_id": "ID of the policy",
+        "subject_id": "ID of the subject",
+        "category_id": "ID of the category",
+        "assignments": [],
+    }
+}
+
+object_mock = {
+    "policy_id_1": {
+        "object_id": {
+            "name": "object_name",
+            "description": "a description"
+        }
+    },
+    "policy_id_2": {
+        "object_id": {
+            "name": "object_name",
+            "description": "a description"
+        }
+    }
+}
+
+object_assignment_mock = {
+    "object_id": {
+        "policy_id": "ID of the policy",
+        "object_id": "ID of the object",
+        "category_id": "ID of the category",
+        "assignments": [],
+    }
+}
+
+action_mock = {
+    "policy_id_1": {
+        "action_id": {
+            "name": "action_name",
+            "description": "a description"
+        }
+    },
+    "policy_id_2": {
+        "action_id": {
+            "name": "action_name",
+            "description": "a description"
+        }
+    }
+}
+
+action_assignment_mock = {
+    "action_id": {
+        "policy_id": "ID of the policy",
+        "action_id": "ID of the action",
+        "category_id": "ID of the category",
+        "assignments": [],
+    }
+}
+
+models_mock = {
+    "model_id_1": {
+        "name": "test_model",
+        "description": "test",
+        "meta_rules": ["meta_rule_id1"]
+    },
+    "model_id_2": {
+        "name": "test_model",
+        "description": "test",
+        "meta_rules": ["meta_rule_id2"]
+    },
+}
+
+rules_mock = {
+    "rules": {
+        "meta_rule_id": "meta_rule_id1",
+        "rule_id1": {
+            "rule": ["subject_data_id1",
+                     "object_data_id1",
+                     "action_data_id1"],
+            "instructions": (
+                {"decision": "grant"},
+                # "grant" to immediately exit,
+                # "continue" to wait for the result of next policy
+                # "deny" to deny the request
+            )
+        },
+        "rule_id2": {
+            "rule": ["subject_data_id2",
+                     "object_data_id2",
+                     "action_data_id2"],
+            "instructions": (
+                {
+                    "update": {
+                        "operation": "add",
+                        # operations may be "add" or "delete"
+                        "target": "rbac:role:admin"
+                        # add the role admin to the current user
+                    }
+                },
+                {"chain": {"name": "rbac"}}
+                # chain with the policy named rbac
+            )
+        }
+    }
+}
+
+
+def register_cache(m):
+    """ Modify the response from Requests module
+    """
+    register_pdp(m)
+    register_meta_rules(m)
+    register_policies(m)
+    register_models(m)
+    register_policy_subject(m, "policy_id_1")
+    register_policy_subject(m, "policy_id_2")
+    register_policy_object(m, "policy_id_1")
+    register_policy_object(m, "policy_id_2")
+    register_policy_action(m, "policy_id_1")
+    register_policy_action(m, "policy_id_2")
+    register_policy_subject_assignment(m, "policy_id_1", "subject_id")
+    # register_policy_subject_assignment_list(m1, "policy_id_1")
+    register_policy_subject_assignment(m, "policy_id_2", "subject_id")
+    # register_policy_subject_assignment_list(m1, "policy_id_2")
+    register_policy_object_assignment(m, "policy_id_1", "object_id")
+    # register_policy_object_assignment_list(m1, "policy_id_1")
+    register_policy_object_assignment(m, "policy_id_2", "object_id")
+    # register_policy_object_assignment_list(m1, "policy_id_2")
+    register_policy_action_assignment(m, "policy_id_1", "action_id")
+    # register_policy_action_assignment_list(m1, "policy_id_1")
+    register_policy_action_assignment(m, "policy_id_2", "action_id")
+    # register_policy_action_assignment_list(m1, "policy_id_2")
+    register_rules(m, "policy_id1")
+
+
+def register_pdp(m):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'],
+                                        CONF['components']['manager']['port'], 'pdp'),
+        json={'pdps': pdp_mock}
+    )
+
+
+def register_meta_rules(m):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'],
+                                        CONF['components']['manager']['port'], 'meta_rules'),
+        json={'meta_rules': meta_rules_mock}
+    )
+
+
+def register_policies(m):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'],
+                                        CONF['components']['manager']['port'], 'policies'),
+        json={'policies': policies_mock}
+    )
+
+
+def register_models(m):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'],
+                                        CONF['components']['manager']['port'], 'models'),
+        json={'models': models_mock}
+    )
+
+
+def register_policy_subject(m, policy_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/subjects'.format(CONF['components']['manager']['hostname'],
+                                                    CONF['components']['manager']['port'], 'policies', policy_id),
+        json={'subjects': subject_mock[policy_id]}
+    )
+
+
+def register_policy_object(m, policy_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/objects'.format(CONF['components']['manager']['hostname'],
+                                                   CONF['components']['manager']['port'], 'policies', policy_id),
+        json={'objects': object_mock[policy_id]}
+    )
+
+
+def register_policy_action(m, policy_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/actions'.format(CONF['components']['manager']['hostname'],
+                                                   CONF['components']['manager']['port'], 'policies', policy_id),
+        json={'actions': action_mock[policy_id]}
+    )
+
+
+def register_policy_subject_assignment(m, policy_id, subj_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/subject_assignments/{}'.format(CONF['components']['manager']['hostname'],
+                                                                  CONF['components']['manager']['port'], 'policies',
+                                                                  policy_id,
+                                                                  subj_id),
+        json={'subject_assignments': subject_assignment_mock}
+    )
+
+
+def register_policy_subject_assignment_list(m, policy_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/subject_assignments'.format(CONF['components']['manager']['hostname'],
+                                                               CONF['components']['manager']['port'], 'policies',
+                                                               policy_id),
+        json={'subject_assignments': subject_assignment_mock}
+    )
+
+
+def register_policy_object_assignment(m, policy_id, obj_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/object_assignments/{}'.format(CONF['components']['manager']['hostname'],
+                                                                 CONF['components']['manager']['port'], 'policies',
+                                                                 policy_id,
+                                                                 obj_id),
+        json={'object_assignments': object_assignment_mock}
+    )
+
+
+def register_policy_object_assignment_list(m, policy_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/object_assignments'.format(CONF['components']['manager']['hostname'],
+                                                              CONF['components']['manager']['port'], 'policies',
+                                                              policy_id),
+        json={'object_assignments': object_assignment_mock}
+    )
+
+
+def register_policy_action_assignment(m, policy_id, action_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/action_assignments/{}'.format(CONF['components']['manager']['hostname'],
+                                                                 CONF['components']['manager']['port'], 'policies',
+                                                                 policy_id,
+                                                                 action_id),
+        json={'action_assignments': action_assignment_mock}
+    )
+
+
+def register_policy_action_assignment_list(m, policy_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/action_assignments'.format(CONF['components']['manager']['hostname'],
+                                                              CONF['components']['manager']['port'], 'policies',
+                                                              policy_id),
+        json={'action_assignments': action_assignment_mock}
+    )
+
+
+def register_rules(m, policy_id):
+    m.register_uri(
+        'GET', 'http://{}:{}/{}/{}/{}'.format(CONF['components']['manager']['hostname'],
+                                              CONF['components']['manager']['port'], 'policies',
+                                              policy_id, 'rules'),
+        json={'rules': rules_mock}
+    )
\ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/mock_components.py b/moonv4/python_moonutilities/tests/unit_python/mock_components.py
new file mode 100644
index 00000000..a0319e1a
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/mock_components.py
@@ -0,0 +1,27 @@
+import utilities
+
+COMPONENTS = (
+    "logging",
+    "openstack/keystone",
+    "database",
+    "slave",
+    "components/manager",
+    "components/orchestrator",
+    "components/interface",
+)
+
+
+def register_components(m):
+    for component in COMPONENTS:
+        m.register_uri(
+            'GET', 'http://consul:8500/v1/kv/{}'.format(component),
+            json=[{'Key': component, 'Value': utilities.get_b64_conf(component)}]
+        )
+
+    m.register_uri(
+        'GET', 'http://consul:8500/v1/kv/components?recurse=true',
+        json=[
+            {"Key": key, "Value": utilities.get_b64_conf(key)} for key in COMPONENTS
+            ],
+        # json={'Key': "components", 'Value': get_b64_conf("components")}
+    )
\ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/mock_keystone.py b/moonv4/python_moonutilities/tests/unit_python/mock_keystone.py
new file mode 100644
index 00000000..c0b26b88
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/mock_keystone.py
@@ -0,0 +1,23 @@
+def register_keystone(m):
+    m.register_uri(
+        'POST', 'http://keystone:5000/v3/auth/tokens',
+        headers={'X-Subject-Token': "111111111"}
+    )
+    m.register_uri(
+        'DELETE', 'http://keystone:5000/v3/auth/tokens',
+        headers={'X-Subject-Token': "111111111"}
+    )
+    m.register_uri(
+        'POST', 'http://keystone:5000/v3/users?name=testuser&domain_id=default',
+        json={"users": {}}
+    )
+    m.register_uri(
+        'GET', 'http://keystone:5000/v3/users?name=testuser&domain_id=default',
+        json={"users": {}}
+    )
+    m.register_uri(
+        'POST', 'http://keystone:5000/v3/users/',
+        json={"users": [{
+            "id": "1111111111111"
+        }]}
+    )
\ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/requirements.txt b/moonv4/python_moonutilities/tests/unit_python/requirements.txt
new file mode 100644
index 00000000..3c1ad607
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/requirements.txt
@@ -0,0 +1,2 @@
+pytest
+requests_mock
\ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/test_cache.py b/moonv4/python_moonutilities/tests/unit_python/test_cache.py
new file mode 100644
index 00000000..3d4f7292
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/test_cache.py
@@ -0,0 +1,75 @@
+import pytest
+
+
+def test_authz_request():
+    from moon_utilities import cache
+    c = cache.Cache()
+    assert isinstance(c.authz_requests, dict)
+
+
+def test_get_subject_success():
+    from moon_utilities import cache
+    cache_obj = cache.Cache()
+    policy_id = 'policy_id_1'
+    name = 'subject_name'
+    subject_id = cache_obj.get_subject(policy_id, name)
+    assert subject_id is not None
+
+
+def test_get_subject_failure():
+    from moon_utilities import cache
+    cache_obj = cache.Cache()
+    policy_id = 'policy_id_1'
+    name = 'invalid name'
+    with pytest.raises(Exception) as exception_info:
+        cache_obj.get_subject(policy_id, name)
+    assert str(exception_info.value) == '400: Subject Unknown'
+
+
+def test_get_object_success():
+    from moon_utilities import cache
+    cache_obj = cache.Cache()
+    policy_id = 'policy_id_1'
+    name = 'object_name'
+    object_id = cache_obj.get_object(policy_id, name)
+    assert object_id is not None
+
+
+def test_get_object_failure():
+    from moon_utilities import cache
+    cache_obj = cache.Cache()
+    policy_id = 'policy_id_1'
+    name = 'invalid name'
+    with pytest.raises(Exception) as exception_info:
+        cache_obj.get_object(policy_id, name)
+    assert str(exception_info.value) == '400: Subject Unknown'
+
+
+def test_get_action_success():
+    from moon_utilities import cache
+    cache_obj = cache.Cache()
+    policy_id = 'policy_id_1'
+    name = 'action_name'
+    action_id = cache_obj.get_action(policy_id, name)
+    assert action_id is not None
+
+
+def test_get_action_failure():
+    from moon_utilities import cache
+    cache_obj = cache.Cache()
+    policy_id = 'policy_id_1'
+    name = 'invalid name'
+    with pytest.raises(Exception) as exception_info:
+        cache_obj.get_action(policy_id, name)
+    assert str(exception_info.value) == '400: Subject Unknown'
+
+
+def test_cache_manager():
+    from moon_utilities import cache
+    cache_obj = cache.Cache()
+    assert cache_obj.pdp is not None
+    assert cache_obj.meta_rules is not None
+    assert len(cache_obj.meta_rules) == 2
+    assert cache_obj.policies is not None
+    assert len(cache_obj.policies) == 2
+    assert cache_obj.models is not None
\ No newline at end of file
diff --git a/moonv4/python_moonutilities/tests/unit_python/test_configuration.py b/moonv4/python_moonutilities/tests/unit_python/test_configuration.py
new file mode 100644
index 00000000..0ebff995
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/test_configuration.py
@@ -0,0 +1,5 @@
+
+def test_get_components():
+    from moon_utilities import configuration
+    assert isinstance(configuration.get_components(), dict)
+
diff --git a/moonv4/python_moonutilities/tests/unit_python/utilities.py b/moonv4/python_moonutilities/tests/unit_python/utilities.py
new file mode 100644
index 00000000..1d79d890
--- /dev/null
+++ b/moonv4/python_moonutilities/tests/unit_python/utilities.py
@@ -0,0 +1,136 @@
+import base64
+import json
+
+
+CONF = {
+    "openstack": {
+        "keystone": {
+            "url": "http://keystone:5000/v3",
+            "user": "admin",
+            "check_token": False,
+            "password": "p4ssw0rd",
+            "domain": "default",
+            "certificate": False,
+            "project": "admin"
+        }
+    },
+    "components": {
+        "wrapper": {
+            "bind": "0.0.0.0",
+            "port": 8080,
+            "container": "wukongsun/moon_wrapper:v4.3",
+            "timeout": 5,
+            "hostname": "wrapper"
+        },
+        "manager": {
+            "bind": "0.0.0.0",
+            "port": 8082,
+            "container": "wukongsun/moon_manager:v4.3",
+            "hostname": "manager"
+        },
+        "port_start": 31001,
+        "orchestrator": {
+            "bind": "0.0.0.0",
+            "port": 8083,
+            "container": "wukongsun/moon_orchestrator:v4.3",
+            "hostname": "interface"
+        },
+        "interface": {
+            "bind": "0.0.0.0",
+            "port": 8080,
+            "container": "wukongsun/moon_interface:v4.3",
+            "hostname": "interface"
+        }
+    },
+    "plugins": {
+        "session": {
+            "port": 8082,
+            "container": "asteroide/session:latest"
+        },
+        "authz": {
+            "port": 8081,
+            "container": "wukongsun/moon_authz:v4.3"
+        }
+    },
+    "logging": {
+        "handlers": {
+            "file": {
+                "filename": "/tmp/moon.log",
+                "class": "logging.handlers.RotatingFileHandler",
+                "level": "DEBUG",
+                "formatter": "custom",
+                "backupCount": 3,
+                "maxBytes": 1048576
+            },
+            "console": {
+                "class": "logging.StreamHandler",
+                "formatter": "brief",
+                "level": "INFO",
+                "stream": "ext://sys.stdout"
+            }
+        },
+        "formatters": {
+            "brief": {
+                "format": "%(levelname)s %(name)s %(message)-30s"
+            },
+            "custom": {
+                "format": "%(asctime)-15s %(levelname)s %(name)s %(message)s"
+            }
+        },
+        "root": {
+            "handlers": [
+                "console"
+            ],
+            "level": "ERROR"
+        },
+        "version": 1,
+        "loggers": {
+            "moon": {
+                "handlers": [
+                    "console",
+                    "file"
+                ],
+                "propagate": False,
+                "level": "DEBUG"
+            }
+        }
+    },
+    "slave": {
+        "name": None,
+        "master": {
+            "url": None,
+            "login": None,
+            "password": None
+        }
+    },
+    "docker": {
+        "url": "tcp://172.88.88.1:2376",
+        "network": "moon"
+    },
+    "database": {
+        "url": "sqlite:///database.db",
+        # "url": "mysql+pymysql://moon:p4sswOrd1@db/moon",
+        "driver": "sql"
+    },
+    "messenger": {
+        "url": "rabbit://moon:p4sswOrd1@messenger:5672/moon"
+    }
+}
+
+
+def get_b64_conf(component=None):
+    if component == "components":
+        return base64.b64encode(
+            json.dumps(CONF["components"]).encode('utf-8')+b"\n").decode('utf-8')
+    elif component in CONF:
+        return base64.b64encode(
+            json.dumps(
+                CONF[component]).encode('utf-8')+b"\n").decode('utf-8')
+    elif not component:
+        return base64.b64encode(
+            json.dumps(CONF).encode('utf-8')+b"\n").decode('utf-8')
+    elif "/" in component:
+        key1, _, key2 = component.partition("/")
+        return base64.b64encode(
+            json.dumps(
+                CONF[key1][key2]).encode('utf-8')+b"\n").decode('utf-8')
-- 
cgit 1.2.3-korg