def testEmptyAnonymousTerms(self):
"""Test inserting multiple anonymous empty terms"""
a = acl.ACL()
for i in range(5):
a.terms.append(acl.Term())
self.assertEqual(a.terms[i].name, None)
self.assertEqual(len(a.terms), 5)
class ToDo(base.MixyModel):
acl = acl.ACL(owner=acl.Permission(create=True,
read=True,
write=True,
execute=True),
group=acl.Permission(create=True,
read=True,
write=False,
execute=True),
world=acl.Permission(create=False,
read=True,
write=False,
execute=False))
task = ndb.StringProperty()
assignee = ndb.StringProperty()
due = ndb.DateProperty()
def _post_put_hook(self, future):
TODO_INDEX.put(self._document)
@classmethod
def _post_delete_hook(cls, key, future):
TODO_INDEX.delete(key.string_id())
@property
def _document(self):
return search.Document(doc_id=self.id,
fields=[
search.TextField(name='task',
value=self.task),
search.TextField(name='assignee',
value=self.assignee),
search.DateField(name='due',
value=self.due),
])
def testEmptyNamedTerms(self):
"""Test inserting multiple anonymous named terms"""
a = acl.ACL()
for i in range(5):
name = 'term' + str(i)
a.terms.append(acl.Term(name))
self.assertEqual(a.terms[i].name, name)
self.assertEqual(len(a.terms), 5)
def testBadNames(self):
"""Test names that are valid in no vendor's ACLs"""
for name in ('', 'x' * 25):
try:
a = acl.ACL(name=name)
except exceptions.ACLNameError:
pass
else:
self.fail('expected ACLNameError on "' + name + '"')
def testReplace(self):
'''Test "firewall { replace:" addition.'''
a = acl.ACL('test')
self.assertEqual(
'\n'.join(a.output_junos(replace=True)), '''\
firewall {
replace:
filter test {
}
}''')
def testNameTerms(self):
"""Test automatic naming of terms."""
a = acl.ACL()
a.terms.append(acl.Term())
a.terms.append(acl.Term())
a.terms.append(acl.Term(name='foo'))
a.name_terms()
self.assertNotEqual(a.terms[0].name, None)
self.assertNotEqual(a.terms[0].name, a.terms[1].name)
self.assertEqual(a.terms[2].name, 'foo')
class BaseModel(object):
"""Base object mixin for base Model classes."""
acl = acl.ACL(owner=acl.Permission(create=True,
read=True,
write=True,
execute=True),
group=acl.Permission(create=True,
read=True,
write=False,
execute=False),
world=acl.Permission(create=False,
read=False,
write=False,
execute=False))
groups = []
# Note(eric): This contains a list of fields that should be used as tags.
_tag_attrs = ()
@property
def url_title(self):
"""Slugified title for use in URLs."""
return common.slugify(self.title)
@property
def key_str(self):
"""String version of the instance key."""
return self.key.urlsafe()
@classmethod
def CreateKey(cls, **kwargs):
"""Create a key for a new instance."""
# Note(eric): Will kwargs cause breakage? Intended for parent support.
future_ids = cls.allocate_ids_async(size=1)
int_id, last_id = future_ids.get_result()
str_id = crock32.urlencode(int_id)
logging.debug('Allocate %s: %s to %s as %s', cls, int_id, last_id,
str_id)
return ndb.Key(cls, str_id, **kwargs)
def make_tags(self):
"""Populate tags property with values from other fields, then clean up."""
# Build list of tags from property names.
tags = [getattr(self, x) for x in self._tag_attrs]
# Slugify tags.
tags = map(common.slugify, tags)
# Remove dupes.
tags = list(set(tags))
# Return, if anything is left.
return tags or None
def setUp(self):
super(CheckOutput, self).setUp()
self.a = acl.ACL()
self.t1 = acl.Term(name='p99')
self.t1.match['protocol'] = [99]
self.t1.action = 'accept'
self.a.terms.append(self.t1)
self.t2 = acl.Term(name='windows')
self.t2.match['protocol'] = ['tcp']
self.t2.match['source-address'] = ['192.0.2.0/24']
self.t2.match['destination-port'] = range(135, 139) + [445]
self.t2.action = 'reject'
self.t2.modifiers['syslog'] = True
self.a.terms.append(self.t2)
def __init__(self, loop):
self.loop = loop
logging.info("Initializing proxy...")
self.next_sess_id = 1
# Load blacklist, whitelist, and cache list
self.blacklist = resource.ResourceList()
self.whitelist = resource.ResourceList()
self.cachelist = resource.CacheList()
self.blacklist.load(config.blacklist)
self.whitelist.load(config.whitelist)
self.cachelist.load(config.cachelist)
# Start periodic refresh
self.start_periodic_refresh(config.list_refresh)
# create the acl object to handle incoming connections
logging.info("Initializing Access Control Lists (ACL's)")
self.acl = acl.ACL(config.ip_acl)
def can_write(self, user, default_acl=None, acl_r=None, acl_w=None):
return acl.ACL(default_acl, self.acl_read, self.acl_write).can_write(user, acl_r, acl_w)
def testOkNames(self):
"""Test names that are valid in at least one vendor's ACLs"""
names = ('101', '131mj', 'STR-MDC-ATM', 'with space', '3.14', None)
for name in names:
a = acl.ACL(name=name)
def testBadACLNames(self):
"""Test conversion of ACLs with vendor-invalid names"""
a = acl.ACL()
for bad_name in ('blah', '500', '1', '131dj'):
a.name = bad_name
self.assertRaises(exceptions.BadACLName, a.output_ios)
def testMissingACLName(self):
"""Test conversion of anonymous ACLs to JunOS format"""
self.assertRaises(exceptions.MissingACLName, acl.ACL().output_junos)
def setUp(self):
self.acl = acl.ACL(config.ip_acl)
