Python RolesPoliciesManager Examples

Programming Language: Python

Namespace/Package Name: wazuh.rbac.orm

Method/Function: RolesPoliciesManager

Examples at hotexamples.com: 5

Python RolesPoliciesManager - 5 examples found. These are the top rated real world Python examples of wazuh.rbac.orm.RolesPoliciesManager extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

def get_policies_from_roles(roles=None):
    """This function will return the final policies of a user according to its roles"""
    policies = list()
    with orm.RolesPoliciesManager() as rpm:
        for role in roles:
            for policy in rpm.get_all_policies_from_role(role):
                policies.append(json.loads(policy.policy))

    return policies

Example #2

Show file

    def run_auth_context(self):
        """This function will return the final policies of an user according to the roles matching the authorization
        context"""
        user_roles = self.get_user_roles()
        user_policies = list()
        with orm.RolesPoliciesManager() as rpm:
            for role in user_roles:
                for policy in rpm.get_all_policies_from_role(role):
                    user_policies.append(policy['policy'])

        return user_policies

Example #3

Show file

    def run_user_role_link(user_id):
        """This function will return the final policies of a user according to its roles in the RBAC database"""
        with orm.UserRolesManager() as urm:
            user_roles = list(role for role in urm.get_all_roles_from_user(user_id=user_id))
        user_roles_policies = defaultdict(list)
        with orm.RolesPoliciesManager() as rpm:
            for role in user_roles:
                for policy in rpm.get_all_policies_from_role(role_id=role.id):
                    user_roles_policies['policies'].append(policy.to_dict()['policy'])
                user_roles_policies['roles'].append(role.id)

        return user_roles_policies

Example #4

Show file

    def run_auth_context(self):
        """This function will return the final policies of a user according to the roles matching the authorization
        context"""
        user_roles = self.get_user_roles()
        user_roles_policies = defaultdict(list)
        with orm.RolesPoliciesManager() as rpm:
            for role in user_roles:
                for policy in rpm.get_all_policies_from_role(role):
                    user_roles_policies['policies'].append(json.loads(policy.policy))
                user_roles_policies['roles'].append(role)

        return user_roles_policies

Example #5

Show file

File: test_security.py Project: miriks/OPSEC-wazuh

def test_migrate_default_policies(new_default_resources):
    """Check that the migration process overwrites default policies in the user range including their relationships
    and positions."""
    def mock_open_default_resources(*args, **kwargs):
        args = list(args)
        file_path = args[0]

        if file_path.endswith('policies.yaml'):
            new_args = [
                os.path.join(test_data_path, 'default',
                             'migration_policies.yml')
            ]
        elif file_path.endswith('relationships.yaml'):
            new_args = [
                os.path.join(test_data_path, 'default',
                             'mock_relationships.yml')
            ]
        else:
            new_args = [file_path]

        new_args += args[1:]

        return open(*new_args, **kwargs)

    security, orm = new_default_resources
    with orm.RolesManager() as rm:
        role1, role2 = rm.get_role('new_role1')['id'], rm.get_role(
            'new_role2')['id']
    policy1, policy2 = 'new_policy1', 'new_policy2'
    user_policy = 'user_policy'
    with orm.PoliciesManager() as pm:
        policies = sorted([p.id for p in pm.get_policies()]) or [1]
        max_default_policy_id = max(
            filter(lambda x: not (x > orm.cloud_reserved_range), policies))

    with orm.RolesPoliciesManager() as rpm:
        role1_policies = [
            p.id for p in rpm.get_all_policies_from_role(role_id=role1)
        ]
        role2_policies = [
            p.id for p in rpm.get_all_policies_from_role(role_id=role2)
        ]

    # Assert these new policies are in the user range
    with orm.PoliciesManager() as pm:
        policy1_id = pm.get_policy(policy1)['id']
        policy2_id = pm.get_policy(policy2)['id']
        user_policy_id = pm.get_policy(user_policy)['id']
        assert policy1_id > orm.max_id_reserved
        assert policy2_id > orm.max_id_reserved
        assert user_policy_id > orm.max_id_reserved
        assert {policy1_id, policy2_id, user_policy_id} == set(role1_policies)
        assert {policy1_id, policy2_id, user_policy_id} == set(role2_policies)

    with patch('wazuh.rbac.orm.open', side_effect=mock_open_default_resources):
        security, orm = reload_default_rbac_resources()

    with orm.RolesPoliciesManager() as rpm:
        new_role1_policies = [
            p.id for p in rpm.get_all_policies_from_role(role_id=role1)
        ]
        new_role2_policies = [
            p.id for p in rpm.get_all_policies_from_role(role_id=role2)
        ]

    new_policy1_id, new_policy2_id = max_default_policy_id + 1, max_default_policy_id + 2
    with orm.PoliciesManager() as pm:
        assert new_policy1_id == pm.get_policy(policy1)['id']
        assert new_policy2_id == pm.get_policy(policy2)['id']

    assert role1_policies.index(policy1_id) == new_role1_policies.index(
        new_policy1_id)
    assert role1_policies.index(policy2_id) == new_role1_policies.index(
        new_policy2_id)

    assert role2_policies.index(policy1_id) == new_role2_policies.index(
        new_policy1_id)
    assert role2_policies.index(policy2_id) == new_role2_policies.index(
        new_policy2_id)

    assert role1_policies.index(user_policy_id) == new_role1_policies.index(
        user_policy_id)
    assert role2_policies.index(user_policy_id) == new_role2_policies.index(
        user_policy_id)