def test_02_update_policies(self):
p = set_policy(name="pol1",
action="read",
scope="system",
realm="*",
resolver="*",
user="******",
client="0.0.0.0/0",
active="False")
self.assertTrue(p > 0)
p = set_policy(name="pol2",
action="tokentype=HOTP",
scope=SCOPE.AUTHZ,
realm="*")
self.assertTrue(p > 0)
p = set_policy(name="pol2a",
action="tokentype=TOTP",
scope=SCOPE.AUTHZ,
realm="realm2")
self.assertTrue(p > 0)
p = set_policy(name="pol3",
action="serial=OATH",
scope=SCOPE.AUTHZ,
realm="realm1",
resolver="resolver1")
self.assertTrue(p > 0)
p = set_policy(name="pol4",
action="enroll, init, disable , enable",
scope="admin",
realm="realm2",
user="******")
self.assertTrue(p > 0)
# enable and disable policies
policies = PolicyClass().get_policies(active=False)
num_old = len(policies)
p = enable_policy("pol4", False)
policies = PolicyClass().get_policies(active=False)
self.assertTrue(num_old + 1 == len(policies), (num_old, len(policies)))
p = enable_policy("pol4", True)
policies = PolicyClass().get_policies(active=False)
self.assertTrue(num_old == len(policies), len(policies))
# find inactive policies
P = PolicyClass()
policies = P.get_policies(active=False)
self.assertTrue(len(policies) == 1, len(policies))
self.assertTrue(policies[0].get("name") == "pol1")
# find policies action tokentype
policies = P.get_policies(action="tokentype")
self.assertTrue(len(policies) == 2, policies)
# find policies action serial
policies = P.get_policies(action="serial")
self.assertTrue(len(policies) == 1, policies)
# find policies with scope authorization
policies = P.get_policies(scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 3, policies)
# find policies authorization and realm2
policies = P.get_policies(action="tokentype", scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 2, policies)
# find policies with user admin
policies = P.get_policies(scope="admin", user="******")
self.assertTrue(len(policies) == 1, "{0!s}".format(len(policies)))
# find policies with resolver2 and authorization. THe result should
# be pol2 and pol2a
policies = P.get_policies(resolver="resolver2", scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 2, policies)
# find policies with realm1 and authorization. We also include the
# "*" into the result list. We find pol2 and pol3
policies = P.get_policies(realm="realm1", scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 2, policies)
# find policies with resolver1 and authorization.
# All other authorization policies will also match, since they either
# user * or
# have no destinct information about resolvers
policies = P.get_policies(resolver="resolver1", scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 3, policies)
def disable(name):
"""
disable a policy by name
"""
r = enable_policy(name, False)
print r
def test_02_update_policies(self):
p = set_policy(name="pol1",
action="read",
scope="system",
realm="*",
resolver="*",
user="******",
client="0.0.0.0/0",
active=False)
self.assertTrue(p > 0)
p = set_policy(name="pol2",
action="tokentype=HOTP",
scope=SCOPE.AUTHZ,
realm="*")
self.assertTrue(p > 0)
p = set_policy(name="pol2a",
action="tokentype=TOTP",
scope=SCOPE.AUTHZ,
realm="realm2")
self.assertTrue(p > 0)
p = set_policy(name="pol3",
action="serial=OATH",
scope=SCOPE.AUTHZ,
realm="realm1",
resolver="resolver1")
self.assertTrue(p > 0)
p = set_policy(name="pol4",
action="enroll, init, disable , enable",
scope="admin",
realm="realm2",
user="******")
self.assertTrue(p > 0)
# enable and disable policies
policies = PolicyClass().get_policies(active=False)
num_old = len(policies)
p = enable_policy("pol4", False)
policies = PolicyClass().get_policies(active=False)
self.assertTrue(num_old + 1 == len(policies), (num_old, len(policies)))
p = enable_policy("pol4", True)
policies = PolicyClass().get_policies(active=False)
self.assertTrue(num_old == len(policies), len(policies))
# find inactive policies
P = PolicyClass()
policies = P.get_policies(active=False)
self.assertTrue(len(policies) == 1, len(policies))
self.assertTrue(policies[0].get("name") == "pol1")
# find policies action tokentype
policies = P.get_policies(action="tokentype")
self.assertTrue(len(policies) == 2, policies)
# find policies action serial
policies = P.get_policies(action="serial")
self.assertTrue(len(policies) == 1, policies)
# find policies with scope authorization
policies = P.get_policies(scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 3, policies)
# find policies authorization and realm2
policies = P.get_policies(action="tokentype", scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 2, policies)
# find policies with user admin
policies = P.get_policies(scope="admin", user="******")
self.assertTrue(len(policies) == 1, "{0!s}".format(len(policies)))
# find policies with resolver2 and authorization. THe result should
# be pol2 and pol2a
policies = P.get_policies(resolver="resolver2", scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 2, policies)
# find policies with realm1 and authorization. We also include the
# "*" into the result list. We find pol2 and pol3
policies = P.get_policies(realm="realm1", scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 2, policies)
# find policies with resolver1 and authorization.
# All other authorization policies will also match, since they either
# user * or
# have no destinct information about resolvers
policies = P.get_policies(resolver="resolver1", scope=SCOPE.AUTHZ)
self.assertTrue(len(policies) == 3, policies)
def enable(name):
"""
enable a policy by name
"""
r = enable_policy(name)
print r
