def test_equal(self): xproto = \ """ policy output < ctx.user = obj.user > """ args = FakeArgs() args.inputs = xproto args.target = self.target output = XOSGenerator.generate(args) exec(output) # This loads the generated function, which should look like this: """ def policy_output_enforcer(obj, ctx): i1 = (ctx.user == obj.user) return i1 """ obj = FakeArgs() obj.user = 1 ctx = FakeArgs() ctx.user = 1 verdict = policy_output_enforcer(obj, ctx)
def test_equal(self): xproto = \ """ policy output < not (ctx.user = obj.user) > """ args = FakeArgs() args.inputs = xproto args.target = self.target output = XOSGenerator.generate(args) exec(output) # This loads the generated function, which should look like this: """ def policy_output_validator(obj, ctx): i2 = (ctx.user == obj.user) i1 = (not i2) if (not i1): raise Exception('Necessary Failure') """ obj = FakeArgs() obj.user = 1 ctx = FakeArgs() ctx.user = 1 with self.assertRaises(Exception): policy_output_validator(obj, ctx)
def test_equal(self): xproto = \ """ policy output < ctx.user = obj.user > """ args = FakeArgs() args.inputs = xproto args.target = self.target output = XOSGenerator.generate(args) exec( output ) # This loads the generated function, which should look like this: """ def output_security_check(obj, ctx): i1 = (ctx.user == obj.user) return i1 """ obj = FakeArgs() obj.user = 1 ctx = FakeArgs() ctx.user = 1 verdict = output_security_check(obj, ctx)
def test_call_policy(self): xproto = \ """ policy sub_policy < ctx.user = obj.user > policy output < *sub_policy(child) > """ args = FakeArgs() args.inputs = xproto args.target = self.target output = XOSGenerator.generate(args) exec(output, globals( )) # This loads the generated function, which should look like this: """ def policy_sub_policy_enforcer(obj, ctx): i1 = (ctx.user == obj.user) return i1 def policy_output_enforcer(obj, ctx): i1 = policy_sub_policy_enforcer(obj.child, ctx) return i1 """ obj = FakeArgs() obj.child = FakeArgs() obj.child.user = 1 ctx = FakeArgs() ctx.user = 1 verdict = policy_output_enforcer(obj, ctx) self.assertTrue(verdict)
def test_call_policy(self): xproto = \ """ policy sub_policy < ctx.user = obj.user > policy output < *sub_policy(child) > """ args = FakeArgs() args.inputs = xproto args.target = self.target output = XOSGenerator.generate(args) exec(output,globals()) # This loads the generated function, which should look like this: """ def policy_sub_policy_enforcer(obj, ctx): i1 = (ctx.user == obj.user) return i1 def policy_output_enforcer(obj, ctx): i1 = policy_sub_policy_enforcer(obj.child, ctx) return i1 """ obj = FakeArgs() obj.child = FakeArgs() obj.child.user = 1 ctx = FakeArgs() ctx.user = 1 verdict = policy_output_enforcer(obj, ctx) self.assertTrue(verdict)
def test_call_policy_child_none(self): xproto = \ """ policy sub_policy < ctx.user = obj.user > policy output < *sub_policy(child) > """ args = FakeArgs() args.inputs = xproto args.target = self.target output = XOSGenerator.generate(args) exec(output, globals( )) # This loads the generated function, which should look like this: """ def sub_policy_security_check(obj, ctx): i1 = (ctx.user == obj.user) return i1 def output_security_check(obj, ctx): if obj.child: i1 = sub_policy_security_check(obj.child, ctx) else: i1 = True return i1 """ obj = FakeArgs() obj.child = None ctx = FakeArgs() ctx.user = 1
def test_equal(self): xproto = \ """ policy slice_user < slice.user = obj.user > """ target = XProtoTestHelpers.write_tmp_target("{{ proto.policies.slice_user }}") args = FakeArgs() args.inputs = xproto args.target = target output = XOSGenerator.generate(args) slice = FakeArgs() slice.user = '******' obj = FakeArgs() obj.user = '******' (op, operands), = eval(output).items() expr = op.join(operands).replace('=','==') self.assertTrue(eval(expr))
def test_equal(self): xproto = \ """ policy slice_user < slice.user = obj.user > """ target = XProtoTestHelpers.write_tmp_target( "{{ proto.policies.slice_user }}") args = FakeArgs() args.inputs = xproto args.target = target output = XOSGenerator.generate(args) slice = FakeArgs() slice.user = '******' obj = FakeArgs() obj.user = '******' (op, operands), = eval(output).items() expr = op.join(operands).replace('=', '==') self.assertTrue(eval(expr))
def test_term(self): xproto = \ """ policy slice_user < slice.user.is_admin > """ target = XProtoTestHelpers.write_tmp_target("{{ proto.policies.slice_user }}") args = FakeArgs() args.inputs = xproto args.target = target output = XOSGenerator.generate(args) slice = FakeArgs() slice.user = FakeArgs() slice.user.is_admin = True expr = eval(output) self.assertTrue(expr)
def test_term(self): xproto = \ """ policy slice_user < slice.user.is_admin > """ target = XProtoTestHelpers.write_tmp_target( "{{ proto.policies.slice_user }}") args = FakeArgs() args.inputs = xproto args.target = target output = XOSGenerator.generate(args) slice = FakeArgs() slice.user = FakeArgs() slice.user.is_admin = True expr = eval(output) self.assertTrue(expr)
def test_function_term(self): xproto = \ """ policy slice_user < slice.user.compute_is_admin() > """ target = XProtoTestHelpers.write_tmp_target( "{{ proto.policies.slice_user }}") args = FakeArgs() args.inputs = xproto args.target = target output = XOSProcessor.process(args) slice = FakeArgs() slice.user = FakeArgs() slice.user.compute_is_admin = lambda: True expr = eval(output) self.assertTrue(expr)
def test_string_constant(self): xproto = \ """ policy slice_user < slice.user.email = "*****@*****.**" > """ target = XProtoTestHelpers.write_tmp_target( "{{ proto.policies.slice_user }}") args = FakeArgs() args.inputs = xproto args.target = target output = XOSProcessor.process(args) slice = FakeArgs() slice.user = FakeArgs() slice.user.is_admin = True expr = eval(output) self.assertTrue(expr)
def test_call_policy(self): xproto = \ """ policy sub_policy < ctx.user = obj.user > policy output < *sub_policy(child) > """ args = FakeArgs() args.inputs = xproto args.target = self.target output = XOSGenerator.generate(args) exec(output,globals()) # This loads the generated function, which should look like this: """ def policy_sub_policy_validator(obj, ctx): i1 = (ctx.user == obj.user) if (not i1): raise ValidationError('Necessary Failure') def policy_output_validator(obj, ctx): i1 = policy_sub_policy_validator(obj.child, ctx) if (not i1): raise ValidationError('Necessary Failure') """ obj = FakeArgs() obj.child = FakeArgs() obj.child.user = 1 ctx = FakeArgs() ctx.user = 1 with self.assertRaises(Exception): verdict = policy_output_enforcer(obj, ctx)