Beispiel #1
0
    def test_postgresql_writes_for_all(self):
        os.environ["CIS_ENVIRONMENT"] = "testing"
        os.environ["CIS_REGION_NAME"] = "us-east-1"
        os.environ["DEFAULT_AWS_REGION"] = "us-east-1"
        os.environ["CIS_DYNAMODB_ARN"] = boto3.client(
            "dynamodb", region_name="us-east-1").describe_table(
                TableName="testing-identity-vault")["Table"]["TableArn"]
        from cis_identity_vault import vault

        self.v = vault.IdentityVault()
        os.environ["CIS_ENVIRONMENT"] = "testing"
        os.environ["CIS_REGION_NAME"] = "us-east-1"
        os.environ["DEFAULT_AWS_REGION"] = "us-east-1"

        os.environ["CIS_POSTGRES_HOST"] = "db"
        os.environ["CIS_POSTGRES_PORT"] = "5432"
        os.environ["CIS_DB_USER"] = "******"
        os.environ["CIS_DB_PASSWORD"] = "******"
        self.v.connect()
        result = self.v.find_or_create()
        self.v.tag_vault()
        self.seed_fake_users()
        exch = exchange.DynamoStream()
        user_ids = None
        profiles = exch.profiles(user_ids)
        postgres_vault = exchange.PostgresqlMapper()
        result = postgres_vault.to_postgres(profiles)
        assert len(result) == len(profiles)
Beispiel #2
0
def handle(event, context={}):
    """Handle the publishing of users."""
    logger = setup_logging()
    v = vault.RelationalIdentityVault()
    v.find_or_create()
    exch = exchange.DynamoStream()
    user_ids = exch.user_ids_from_stream(event)
    profiles = exch.profiles(user_ids)
    postgres_vault = exchange.PostgresqlMapper()
    result = postgres_vault.to_postgres(profiles)
    logger.info(f'Profiles have been written to the vault with result: {result}')
    return 200
Beispiel #3
0
    def test_query_interfaces(self):
        os.environ["CIS_ENVIRONMENT"] = "testing"
        os.environ["CIS_REGION_NAME"] = "us-east-1"
        os.environ["DEFAULT_AWS_REGION"] = "us-east-1"
        os.environ["CIS_DYNAMODB_ARN"] = boto3.client(
            "dynamodb", region_name="us-east-1").describe_table(
                TableName="testing-identity-vault")["Table"]["TableArn"]
        from cis_identity_vault import vault

        self.v = vault.IdentityVault()
        os.environ["CIS_POSTGRES_HOST"] = "db"
        os.environ["CIS_POSTGRES_PORT"] = "5432"
        os.environ["CIS_DB_USER"] = "******"
        os.environ["CIS_DB_PASSWORD"] = "******"
        self.v.connect()
        self.v.find_or_create()
        self.v.tag_vault()
        self.seed_fake_users()
        exch = exchange.DynamoStream()
        user_ids = None
        profiles = exch.profiles(user_ids)

        postgres_vault = exchange.PostgresqlMapper()
        postgres_vault.to_postgres(profiles)

        from cis_postgresql import execute
        from cis_identity_vault.vault import RelationalIdentityVault

        r = RelationalIdentityVault()
        query = execute.raw_query(r.session(), "select * from people")
        assert query is not None
        query = execute.sql_alchemy_select(r.engine(), "active", "True",
                                           "contains")
        assert len(query) > 0
        query = execute.sql_alchemy_select(r.engine(), "active", "True",
                                           "contains")

        # Test the grouping functionality
        from cis_identity_vault.models import rds

        Session = sqlalchemy.orm.sessionmaker(bind=r.session())
        session = Session()
        q = session.query(rds.People)
        valid_sample_user = q.filter().all()[0]
        valid_sample_groups_from_user = list(
            valid_sample_user.profile["access_information"]["ldap"]["values"])

        query = execute.sql_alchemy_select(
            r.engine(),
            "access_information.ldap",
            valid_sample_groups_from_user[0],
            "contains",
        )
Beispiel #4
0
    def test_dynamo_stream(self):
        os.environ["CIS_ENVIRONMENT"] = "testing"
        os.environ["CIS_REGION_NAME"] = "us-east-1"
        os.environ["DEFAULT_AWS_REGION"] = "us-east-1"
        os.environ["CIS_DYNAMODB_ARN"] = boto3.client(
            "dynamodb", region_name="us-east-1").describe_table(
                TableName="testing-identity-vault")["Table"]["TableArn"]
        from cis_identity_vault import vault

        self.v = vault.IdentityVault()
        os.environ["CIS_ENVIRONMENT"] = "testing"
        os.environ["CIS_REGION_NAME"] = "us-east-1"
        os.environ["DEFAULT_AWS_REGION"] = "us-east-1"
        self.v.connect()
        result = self.v.find_or_create()
        assert result is not None
        self.v.tag_vault()
        self.seed_fake_users()
        exch = exchange.DynamoStream()
        user_ids = exch.user_ids_from_stream(self.events_and_users["event"])
        assert user_ids is not None
        profiles = exch.profiles(user_ids)
        assert profiles is not None