def test_deny_wrong_res_id(self):
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/etc/hosts'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_allow_wildcard_res_id(self):
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/etc/httpd/httpd.conf'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertTrue(action in perms)
def test_wrong_user(self):
perm = permissions.process(self.line)
user = '******'
collection = 'packages'
res_id = '/etc/httpd/httpd.conf'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_deny_wrong_res_id(self):
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/etc/hosts'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_sanitization(self):
line = " cortex hypervisors\t* CRUD\n \t"
result = [re.compile('cortex'),
re.compile('hypervisors'),
re.compile('.*'),
set(perm_mapping)]
test = permissions.process(line)
test[3] = set(test[3])
self.assertListEqual(test, result)
def test_wrong_user(self):
perm = permissions.process(self.line)
user = '******'
collection = 'packages'
res_id = '/etc/httpd/httpd.conf'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_wrong_permission(self):
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/etc/httpd/httpd.conf'
action = 'update'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_wrong_permission(self):
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/etc/httpd/httpd.conf'
action = 'update'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_allow_wildcard_res_id(self):
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/etc/httpd/httpd.conf'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertTrue(action in perms)
def test_allow_wildcard_collection(self):
self.line = "cortex * * CRD"
perm = permissions.process(self.line)
user = '******'
collection = 'packages'
res_id = 'httpd'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertTrue(action in perms)
def test_allow_wildcard_collection(self):
self.line = "cortex * * CRD"
perm = permissions.process(self.line)
user = '******'
collection = 'packages'
res_id = 'httpd'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertTrue(action in perms)
def test_nothing_allowed(self):
self.line = "* * * -"
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/etc/hosts'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_if_cannot_read_then_cannot_ping(self):
self.line = "* files * -"
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = ''
action = 'ping'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_allow_space_in_res_id(self):
self.line = """cortex files "/home/user/My Images/*" CRD"""
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/home/user/My Images/test.png'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertTrue(action in perms)
def test_allow_space_in_res_id(self):
self.line = """cortex files "/home/user/My Images/*" CRD"""
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/home/user/My Images/test.png'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertTrue(action in perms)
def test_nothing_allowed(self):
self.line = "* * * -"
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = '/etc/hosts'
action = 'read'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_if_cannot_read_then_cannot_ping(self):
self.line = "* files * -"
perm = permissions.process(self.line)
user = '******'
collection = 'files'
res_id = ''
action = 'ping'
perms = permissions.check([perm], user, collection, res_id)
self.assertFalse(action in perms)
def test_sanitization(self):
line = " cortex hypervisors\t* CRUD\n \t"
result = [
re.compile('cortex'),
re.compile('hypervisors'),
re.compile('.*'),
set(perm_mapping)
]
test = permissions.process(line)
test[3] = set(test[3])
self.assertListEqual(test, result)
def test_accept_dash_permission(self):
line = "cortex hypervisors * -"
# Check no exception is thrown
permissions.process(line)
def test_unordered_permissions_success(self):
line = "cortex hypervisors * DURC"
# Check no exception is thrown
permissions.process(line)
def test_unordered_permissions_success(self):
line = "cortex hypervisors * DURC"
# Check no exception is thrown
permissions.process(line)
def test_accept_dash_permission(self):
line = "cortex hypervisors * -"
# Check no exception is thrown
permissions.process(line)