def test_delete_action_category_with_data(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( ) mock_data.create_subject_data(policy_id, subject_category_id) mock_data.create_action_data(policy_id, action_category_id) with pytest.raises(DeleteActionCategoryWithMetaRule) as exception_info: category_helper.delete_action_category(action_category_id) assert str( exception_info.value) == '400: Action Category With Meta Rule Error'
def test_check_existing_rule_valid_request(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1", model_name="model1") subject_data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id) object_data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id) action_data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) value = { "rule": (subject_data_id, object_data_id, action_data_id), "instructions": ({"decision": "grant"}), "enabled": "", } rules = policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value) assert rules assert len(rules) == 1 assert isinstance(rules, dict) rule_id = list(rules.keys())[0] for key in ("rule", "instructions", "enabled"): assert key in rules[rule_id] assert rules[rule_id][key] == value[key] with pytest.raises(RuleExisting) as exception_info: policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value) assert str(exception_info.value) == '409: Rule Existing'
def test_add_action_assignments(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") action_id = mock_data.create_action(policy_id) data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) action_assignments = assignment_helper.add_action_assignment( policy_id, action_id, action_category_id, data_id) assert action_assignments action_id_1 = list(action_assignments.keys())[0] assert action_assignments[action_id_1]["policy_id"] == policy_id assert action_assignments[action_id_1]["action_id"] == action_id assert action_assignments[action_id_1]["category_id"] == action_category_id assert len(action_assignments[action_id_1].get("assignments")) == 1 assert data_id in action_assignments[action_id_1].get("assignments") with pytest.raises(ActionAssignmentExisting) as exception_info: assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id) assert str(exception_info.value) == '409: Action Assignment Existing' assert str(exception_info.value.description ) == 'The given action assignment value is existing.'
def test_delete_policies_with_action_data(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy() data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) with pytest.raises(DeletePolicyWithData) as exception_info: policy_helper.delete_policies(policy_id) assert '400: Policy With Data Error' == str(exception_info.value)
def test_delete_action_assignment(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") action_id = mock_data.create_action(policy_id) data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id) assignment_helper.delete_action_assignment(policy_id, "", "", "") assignments = assignment_helper.get_action_assignments(policy_id, ) assert len(assignments) == 1
def test_delete_action_with_assignment(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category" + uuid4().hex, object_category_name="object_category" + uuid4().hex, action_category_name="action_category" + uuid4().hex, meta_rule_name="meta_rule_" + uuid4().hex) action_id = mock_data.create_action(policy_id) data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id) with pytest.raises(DeletePerimeterWithAssignment) as exception_info: data_helper.delete_action(policy_id, action_id) assert '400: Perimeter With Assignment Error' == str(exception_info.value)
def test_get_action_assignments(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") action_id = mock_data.create_action(policy_id) data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id) act_assignments = assignment_helper.get_action_assignments( policy_id, action_id, action_category_id) action_id_1 = list(act_assignments.keys())[0] assert act_assignments[action_id_1]["policy_id"] == policy_id assert act_assignments[action_id_1]["action_id"] == action_id assert act_assignments[action_id_1]["category_id"] == action_category_id assert len(act_assignments[action_id_1].get("assignments")) == 1 assert data_id in act_assignments[action_id_1].get("assignments")
def test_update_meta_rule_connected_with_policy_and_rule(): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1", model_name="model1") subject_data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id) object_data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id) action_data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) value = { "rule": (subject_data_id, object_data_id, action_data_id), "instructions": ({"decision": "grant"}), "enabled": "", } rules = policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value) assert rules assert len(rules) == 1 action_category_id = mock_data.create_action_category("action_category_id2") subject_category_id = mock_data.create_subject_category("subject_category_id2") object_category_id = mock_data.create_object_category("object_category_id2") updated_value = { "name": "MLS_meta_rule", "description": "test", "subject_categories": [subject_category_id], "object_categories": [object_category_id], "action_categories": [action_category_id] } with pytest.raises(MetaRuleUpdateError) as exception_info: updated_meta_rule = meta_rule_helper.update_meta_rule(meta_rule_id, updated_value) assert str(exception_info.value) == '400: Meta_Rule Update Error'
def add_rule(policy_id, meta_rule_id, value=None): from python_moondb.core import PolicyManager if not value: meta_rule = meta_rule_helper.get_meta_rules(meta_rule_id) sub_cat_id = meta_rule[meta_rule_id]['subject_categories'][0] ob_cat_id = meta_rule[meta_rule_id]['object_categories'][0] act_cat_id = meta_rule[meta_rule_id]['action_categories'][0] subject_data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=sub_cat_id) object_data_id = mock_data.create_object_data(policy_id=policy_id, category_id=ob_cat_id) action_data_id = mock_data.create_action_data(policy_id=policy_id, category_id=act_cat_id) value = { "rule": (subject_data_id, object_data_id, action_data_id), "instructions": ({ "decision": "grant" }), "enabled": "", } return PolicyManager.add_rule("", policy_id, meta_rule_id, value)
def test_check_existing_rule_wrong_action_data_id(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1", model_name="model1") subject_data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id) object_data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id) action_data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) value = { "rule": (subject_data_id, object_data_id, uuid4().hex), "instructions": ({"decision": "grant"}), "enabled": "", } with pytest.raises(RuleContentError) as exception_info: policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value) assert str(exception_info.value) == '400: Rule Error' assert "Missing Action_category" in exception_info.value.description