def setUp(self): super(DefaultPolicyTestCase, self).setUp() policy.reset() policy.init(suppress_deprecation_warnings=True) self.rules = {"default": [], "example:exist": "false:false"} self._set_rules('default') self.context = context.RequestContext('fake', 'fake')
def setUp(self): super(DefaultPolicyTestCase, self).setUp() policy.reset() policy.init() self.rules = {"default": [], "example:exist": [["false:false"]]} self._set_rules('default') self.context = context.RequestContext('fake', 'fake')
def test_authorize_does_not_raise_forbidden(self, method): self.fixture.config(enforce_scope=False, group='oslo_policy') project_context = context.RequestContext(project_id='fake-project-id', roles=['bar']) policy.reset() policy.init() rule = common_policy.RuleDefault('foo', 'role:bar', scope_types=['system']) policy._ENFORCER.register_defaults([rule]) self.assertTrue(getattr(policy, method)(project_context, 'foo', {}))
def setUp(self): super(DefaultPolicyTestCase, self).setUp() policy.reset() policy.init() self.rules = { "default": [], "example:exist": [["false:false"]] } self._set_rules('default') self.context = context.RequestContext('fake', 'fake')
def test_authorize_properly_handles_invalid_scope_exception(self, method): self.fixture.config(enforce_scope=True, group='oslo_policy') project_context = context.RequestContext(project_id='fake-project-id', roles=['bar']) policy.reset() policy.init() rule = common_policy.RuleDefault('foo', 'role:bar', scope_types=['system']) policy._ENFORCER.register_defaults([rule]) self.assertRaises(exception.PolicyNotAuthorized, getattr(policy, method), project_context, 'foo', {})
def setUp(self): super(PolicyTestCase, self).setUp() policy.reset() policy.init() self.rules = { "true": [], "example:allowed": [], "example:denied": [["false:false"]], "example:get_http": [["http:http://www.example.com"]], "example:my_file": [["role:compute_admin"], ["project_id:%(project_id)s"]], "example:early_and_fail": [["false:false", "rule:true"]], "example:early_or_success": [["rule:true"], ["false:false"]], "example:lowercase_admin": [["role:admin"], ["role:sysadmin"]], "example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]], } self._set_rules() self.context = context.RequestContext('fake', 'fake', roles=['member']) self.target = {}
def setUp(self): super(PolicyTestCase, self).setUp() rules = [ common_policy.RuleDefault("true", '@'), common_policy.RuleDefault("test:allowed", '@'), common_policy.RuleDefault("test:denied", "!"), common_policy.RuleDefault( "test:my_file", "role:compute_admin or " "project_id:%(project_id)s"), common_policy.RuleDefault("test:early_and_fail", "! and @"), common_policy.RuleDefault("test:early_or_success", "@ or !"), common_policy.RuleDefault("test:lowercase_admin", "role:admin"), common_policy.RuleDefault("test:uppercase_admin", "role:ADMIN"), ] policy.reset() policy.init(suppress_deprecation_warnings=True) # before a policy rule can be used, its default has to be registered. policy._ENFORCER.register_defaults(rules) self.context = context.RequestContext('fake', 'fake', roles=['member']) self.target = {} self.addCleanup(policy.reset)
def setUp(self): super(ContextIsAdminPolicyTestCase, self).setUp() policy.reset() policy.init()
def tearDown(self): super(DefaultPolicyTestCase, self).tearDown() policy.reset()
def tearDown(self): policy.reset() super(PolicyTestCase, self).tearDown()
def setUp(self): super(ContextIsAdminPolicyTestCase, self).setUp() policy.reset() policy.init(suppress_deprecation_warnings=True)
def setUp(self): super(PolicyFileTestCase, self).setUp() # since is_admin is defined by policy, create context before reset self.context = context.RequestContext('fake', 'fake') policy.reset() self.target = {}
def tearDown(self): super(PolicyFileTestCase, self).tearDown() policy.reset()