Ejemplo n.º 1
0
 def test_autodelete(self):
     target = self.cib.tree.find(".//acl_group[@id='{0}']".format("group1"))
     lib.unassign_role(target, "role1", True)
     self.assert_cib_equal(self.create_cib().append_to_first_tag_name(
         "configuration", """
             <acls>
                 <acl_role id="role1"/>
                 <acl_role id="role2"/>
                 <acl_target id="target1">
                     <role id="role3"/>
                     <role id="role2"/>
                 </acl_target>
             </acls>
         """))
Ejemplo n.º 2
0
 def test_autodelete(self):
     target = self.cib.tree.find(".//acl_group[@id='{0}']".format("group1"))
     lib.unassign_role(target, "role1", True)
     self.assert_cib_equal(self.create_cib().append_to_first_tag_name(
         "configuration",
         """
             <acls>
                 <acl_role id="role1"/>
                 <acl_role id="role2"/>
                 <acl_target id="target1">
                     <role id="role3"/>
                     <role id="role2"/>
                 </acl_target>
             </acls>
         """
     ))
Ejemplo n.º 3
0
def unassign_role_from_group(lib_env,
                             role_id,
                             group_id,
                             autodelete_group=False):
    """
    Unassign role with role_id from group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from group
    group_id -- id of acl_group element
    autodelete_target -- if True remove group element if has no more role
        assigned
    """
    with cib_acl_section(lib_env) as acl_section:
        acl.unassign_role(acl.find_group(acl_section, group_id), role_id,
                          autodelete_group)
Ejemplo n.º 4
0
 def test_success_group(self):
     group = self.cib.tree.find(".//acl_group[@id='{0}']".format("group1"))
     lib.unassign_role(group, "role1")
     self.assert_cib_equal(self.create_cib().append_to_first_tag_name(
         "configuration",
         """
             <acls>
                 <acl_role id="role1"/>
                 <acl_role id="role2"/>
                 <acl_target id="target1">
                     <role id="role3"/>
                     <role id="role2"/>
                 </acl_target>
                 <acl_group id="group1"/>
             </acls>
         """,
     ))
Ejemplo n.º 5
0
 def test_role_not_assigned(self):
     target = self.cib.tree.find(
         ".//acl_target[@id='{0}']".format("target1"))
     assert_raise_library_error(
         lambda: lib.unassign_role(target, "role1"),
         (severities.ERROR,
          report_codes.CIB_ACL_ROLE_IS_NOT_ASSIGNED_TO_TARGET, {
              "role_id": "role1",
              "target_id": "target1",
          }))
Ejemplo n.º 6
0
def unassign_role_from_group(
    lib_env, role_id, group_id, autodelete_group=False
):
    """
    Unassign role with role_id from group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from group
    group_id -- id of acl_group element
    autodelete_target -- if True remove group element if has no more role
        assigned
    """
    with cib_acl_section(lib_env) as acl_section:
        acl.unassign_role(
            acl.find_group(acl_section, group_id),
            role_id,
            autodelete_group
        )
Ejemplo n.º 7
0
Archivo: acl.py Proyecto: wuyeliang/pcs
def unassign_role_not_specific(lib_env,
                               role_id,
                               target_or_group_id,
                               autodelete_target_group=False):
    """
    Unassign role with role_id from target/group with id target_or_group_id.
    Target element has bigger priority so if there are target and group with
    the same id only target element will be affected by this function.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from target/group
    target_or_group_id -- id of acl_target/acl_group element
    autodelete_target_group -- if True remove target/group element if has no
        more role assigned
    """
    with cib_acl_section(lib_env) as acl_section:
        acl.unassign_role(
            acl.find_target_or_group(acl_section, target_or_group_id), role_id,
            autodelete_target_group)
Ejemplo n.º 8
0
Archivo: acl.py Proyecto: jmartign/pcs
def unassign_role_not_specific(lib_env,
                               role_id,
                               target_or_group_id,
                               autodelete_target_group=False):
    """
    Unassign role with role_id from target/group with id target_or_group_id.
    Target element has bigger pririty so if there are target and group with same
    id only target element will be affected by this function.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from target/group
    target_or_group_id -- id of acl_target/acl_group element
    autodelete_target_group -- if True remove target/group element if has no
        more role assigned
    """
    cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
    acl.unassign_role(_get_target_or_group(cib, target_or_group_id), role_id,
                      autodelete_target_group)
    lib_env.push_cib(cib)
Ejemplo n.º 9
0
Archivo: acl.py Proyecto: jmartign/pcs
def unassign_role_from_group(lib_env,
                             role_id,
                             group_id,
                             autodelete_group=False):
    """
    Unassign role with role_id from group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from group
    group_id -- id of acl_group element
    autodelete_target -- if True remove group element if has no more role
        assigned
    """
    cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
    try:
        acl.unassign_role(acl.find_group(cib, group_id), role_id,
                          autodelete_group)
    except acl.AclError as e:
        raise LibraryError(acl.acl_error_to_report_item(e))
    lib_env.push_cib(cib)
Ejemplo n.º 10
0
def unassign_role_not_specific(
    lib_env, role_id, target_or_group_id, autodelete_target_group=False
):
    """
    Unassign role with role_id from target/group with id target_or_group_id.
    Target element has bigger pririty so if there are target and group with same
    id only target element will be affected by this function.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from target/group
    target_or_group_id -- id of acl_target/acl_group element
    autodelete_target_group -- if True remove target/group element if has no
        more role assigned
    """
    with cib_acl_section(lib_env) as acl_section:
        acl.unassign_role(
            acl.find_target_or_group(acl_section, target_or_group_id),
            role_id,
            autodelete_target_group
        )
Ejemplo n.º 11
0
def unassign_role_not_specific(
    lib_env, role_id, target_or_group_id, autodelete_target_group=False
):
    """
    Unassign role with role_id from target/group with id target_or_group_id.
    Target element has bigger pririty so if there are target and group with same
    id only target element will be affected by this function.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from target/group
    target_or_group_id -- id of acl_target/acl_group element
    autodelete_target_group -- if True remove target/group element if has no
        more role assigned
    """
    cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
    acl.unassign_role(
        _get_target_or_group(cib, target_or_group_id),
        role_id,
        autodelete_target_group
    )
    lib_env.push_cib(cib)
Ejemplo n.º 12
0
def unassign_role_from_group(
    lib_env, role_id, group_id, autodelete_group=False
):
    """
    Unassign role with role_id from group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from group
    group_id -- id of acl_group element
    autodelete_target -- if True remove group element if has no more role
        assigned
    """
    cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
    try:
        acl.unassign_role(
            acl.find_group(cib, group_id),
            role_id,
            autodelete_group
        )
    except acl.AclError as e:
        raise LibraryError(acl.acl_error_to_report_item(e))
    lib_env.push_cib(cib)
Ejemplo n.º 13
0
 def test_role_not_assigned(self):
     target = self.cib.tree.find(
         ".//acl_target[@id='{0}']".format("target1")
     )
     assert_raise_library_error(
         lambda: lib.unassign_role(target, "role1"),
         (
             severities.ERROR,
             report_codes.CIB_ACL_ROLE_IS_NOT_ASSIGNED_TO_TARGET,
             {
                 "role_id": "role1",
                 "target_id": "target1",
             }
         )
     )