def _check_role_permission_validate_multiple(self,user_id,user_role,bucket_name,final_user_role,no_bucket_access=None,no_access_bucket_name=None):
failure_list = []
result = True
user_details = user_id.split(":")
final_roles = self._return_roles(user_role)
payload = "name=" + user_details[0] + "&roles=" + final_roles
rbacmain(self.master_ip,self.auth_type)._set_user_roles(user_name=user_details[0],payload=payload)
master, expected, expected_neg = rbacRoles()._return_permission_set(final_user_role)
if no_bucket_access:
temp_dict = expected_neg['permissionSet']
bucket_name = no_access_bucket_name
else:
temp_dict = expected['permissionSet']
for permission in temp_dict.iterkeys():
if "[<bucket_name>]" in permission:
new_key = permission.replace("<bucket_name>",bucket_name)
temp_dict[new_key] = temp_dict.pop(permission)
permission_set = master['permissionSet'].split(',')
for idx, permission in enumerate(permission_set):
if "[<bucket_name>]" in permission:
permission = permission.replace("<bucket_name>",bucket_name)
permission_set[idx] = permission
permission_str = ','.join(permission_set)
status, content, header = rbacmain(self.master_ip)._check_user_permission(user_details[0],user_details[1],permission_str)
content = json.loads(content)
log.info ("Value of content is {0}".format(content))
for item in temp_dict.iterkeys():
if temp_dict[item] != content[item]:
log.info ("Item is {0} -- Expected Value is - {1} and Actual Value is {2}".format(item,temp_dict[item],content[item]))
result = False
return result
def _check_role_permission_validate_multiple(self,user_id,user_role,bucket_name,final_user_role,no_bucket_access=None,no_access_bucket_name=None):
failure_list = []
result = True
user_details = user_id.split(":")
final_roles = self._return_roles(user_role)
payload = "name=" + user_details[0] + "&roles=" + final_roles
status, content, header = rbacmain(self.master_ip)._set_user_roles(user_name=user_details[0],payload=payload)
master, expected, expected_neg = rbacRoles()._return_permission_set(final_user_role)
if no_bucket_access:
temp_dict = expected_neg['permissionSet']
bucket_name = no_access_bucket_name
else:
temp_dict = expected['permissionSet']
for permission in temp_dict.iterkeys():
if "[<bucket_name>]" in permission:
new_key = permission.replace("<bucket_name>",bucket_name)
temp_dict[new_key] = temp_dict.pop(permission)
permission_set = master['permissionSet'].split(',')
for idx, permission in enumerate(permission_set):
if "[<bucket_name>]" in permission:
permission = permission.replace("<bucket_name>",bucket_name)
permission_set[idx] = permission
permission_str = ','.join(permission_set)
status, content, header = rbacmain(self.master_ip)._check_user_permission(user_details[0],user_details[1],permission_str)
content = json.loads(content)
log.info ("Value of content is {0}".format(content))
for item in temp_dict.iterkeys():
if temp_dict[item] != content[item]:
log.info ("Item is {0} -- Expected Value is - {1} and Actual Value is {2}".format(item,temp_dict[item],content[item]))
result = False
return result
def _check_role_permission_validate_multiple_rest_api(
self,
user_id,
user_role,
bucket_name,
final_user_role,
no_bucket_access=None,
no_access_bucket_name=None):
final_result = True
user_details = user_id.split(":")
final_roles = self._return_roles(user_role)
payload = "name=" + user_details[0] + "&roles=" + final_roles
status, content, header = rbacmain(self.master_ip,
self.auth_type)._set_user_roles(
user_name=user_details[0],
payload=payload)
master, expected, expected_neg = rbacRoles()._return_permission_set(
final_user_role)
if no_bucket_access:
temp_dict = expected_neg['permissionSet']
bucket_name = no_access_bucket_name
else:
temp_dict = expected['permissionSet']
f = open(user_role, 'w')
f.close()
for key, value in temp_dict.iteritems():
temp_str = str(key) + ":" + str(value)
result = self.test_perm_rest_api(temp_str, user_details[0],
'password', user_role)
with open(user_role, "r") as ins:
log.info(" -------- FINAL RESULT for role - {0} ---------".format(
user_role))
array = []
for line in ins:
array.append(line)
log.info(line)
log.info("----------END FINAL RESULT ------------")
for item in array:
json_acceptable_string = item.replace("'", "\"")
item = json.loads(json_acceptable_string)
if item['final_result'] == 'False':
final_result = False
return final_result
def _check_role_permission_validate_multiple_rest_api(self,user_id,user_role,bucket_name,final_user_role,no_bucket_access=None,no_access_bucket_name=None):
final_result = True
user_details = user_id.split(":")
final_roles = self._return_roles(user_role)
payload = "name=" + user_details[0] + "&roles=" + final_roles
status, content, header = rbacmain(self.master_ip)._set_user_roles(user_name=user_details[0],payload=payload)
master, expected, expected_neg = rbacRoles()._return_permission_set(final_user_role)
if no_bucket_access:
temp_dict = expected_neg['permissionSet']
bucket_name = no_access_bucket_name
else:
temp_dict = expected['permissionSet']
f = open(user_role,'w')
f.close()
for key,value in temp_dict.iteritems():
temp_str = str(key) + ":" + str(value)
result = self.test_perm_rest_api(temp_str,user_details[0],'password',user_role)
with open(user_role, "r") as ins:
log.info(" -------- FINAL RESULT for role - {0} ---------".format(user_role))
array = []
for line in ins:
array.append(line)
log.info(line)
log.info("----------END FINAL RESULT ------------")
for item in array:
json_acceptable_string = item.replace("'", "\"")
item = json.loads(json_acceptable_string)
if item['final_result'] == 'False':
final_result = False
return final_result
