def test_access_allowed_resource(self):
"""Test if we can access resource - allowed by policy"""
s = session()
s.headers = {
'X-OpenAM-Username': '******',
'X-OpenAM-Password': '******',
'Content-Type': 'application/json',
'Accept-API-Version': 'resource=2.0, protocol=1.0'
}
resp = s.post(verify=self.amcfg.ssl_verify,
url=self.amcfg.rest_authn_url,
headers=s.headers)
self.assertEqual(200, resp.status_code, 'User needs to login')
resp = s.get(verify=self.amcfg.ssl_verify,
url=self.agent_cfg.agent_url + self.policy_url)
self.assertEqual(200, resp.status_code,
'Expecting HTTP-200 from autosubmit page')
r = process_autosubmit_form(resp, s)
self.assertTrue('Policy testing page' in r.text,
"Expecting Policy testing page string")
self.assertEqual(200, r.status_code, "Expecting HTTP-200 in response")
s.close()
def test_access_denied_resource(self):
s = session()
s.headers = {'X-OpenAM-Username': '******', 'X-OpenAM-Password': '******',
'Content-Type': 'application/json', 'Accept-API-Version': 'resource=2.0, protocol=1.0'}
resp = s.post(url=self.amcfg.rest_authn_url, headers=s.headers)
self.assertEqual(200, resp.status_code, 'User login, expecting HTTP-200')
resp = s.get(self.agent_cfg.agent_url + self.deny_policy_url)
r = process_autosubmit_form(resp, s)
self.assertEqual(403, r.status_code, 'Expecting HTTP-403 when accessing allowed resource')
s.close()