def test_convert_old_acl_group(): rulestr = "( group x )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, group_ids=[99990000])
def test_convert_old_acl_ip_with_netmask(): rulestr = "( ip 1.2.3.0/24 )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, subnets=[IPv4Network("1.2.3.0/24")])
def test_convert_old_acl_and_2not(): rulestr = "( NOT ( group x ) ) AND ( NOT ( group y ) )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=True, blocking=True, group_ids=[99990000, 99990001])
def test_convert_old_acl_not_group_rule(): rulestr = "NOT ( group hanswurst )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=True, blocking=True, group_ids=[99990000])
def test_convert_old_acl_group_and_ip(): rulestr = "( group x ) AND ( ip 1.1.1.1 )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, group_ids=[99990000], subnets=[IPv4Network("1.1.1.1/32")])
def test_convert_old_acl_group_and_iplist(some_iplist): iplist = some_iplist rulestr = "( group x ) AND ( iplist {} )".format(iplist.name) access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, group_ids=[99990000], subnets=iplist.subnets)
def test_or_not_same_split(): rulestr = "( NOT ( group x ) ) OR ( user y )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 2 assert_access_rule_with_flags(access_rules[1], invert=True, blocking=True, group_ids=[99990001]) assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, group_ids=[99990000])
def test_or_not_mixed_split_2not(): rulestr = "( NOT ( group x ) OR ( NOT ( ip 1.1.1.1 ) ) )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 2 assert_access_rule_with_flags(access_rules[0], invert=True, blocking=True, group_ids=[99990000]) assert_access_rule_with_flags(access_rules[1], invert=True, blocking=True, subnets=[IPv4Network("1.1.1.1/32")])
def test_convert_old_acl_or_nested_and_not(): rulestr = "( ( user test ) ) OR ( NOT ( group x ) AND ( NOT ( group y ) ) )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 2 assert_access_rule_with_flags(access_rules[0], invert=True, blocking=True, group_ids=[99990001, 99990002]) assert_access_rule_with_flags(access_rules[1], invert=False, blocking=False, group_ids=[99990000])
def test_convert_old_acl_date_later(): rulestr = "( date > 01.01.2015 )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, dateranges=[ DateRange(datetime.date(2015, 1, 1), datetime.date(9999, 12, 31), '()') ])
def test_convert_old_acl_date_earlier_inc(): rulestr = "( date <= 01.01.2015 )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, dateranges=[ DateRange(datetime.date(1, 1, 1), datetime.date(2015, 1, 1), '(]') ])
def test_convert_old_acl_group_and_date(): rulestr = "( group x ) AND ( date > 01.01.2015 )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, group_ids=[99990000], dateranges=[ DateRange(datetime.date(2015, 1, 1), datetime.date(9999, 12, 31), '()') ])
def test_illegal_or_not_combination_fail(old_acl): with raises(CannotRepresentRule): convert_old_acl(old_acl)
def test_convert_old_acl_illegal_and_combinations_fail(rulestr): with raises(CannotRepresentRule): convert_old_acl(rulestr)
def test_illegal_not_no_literal_fail(old_acl): with raises(CannotRepresentRule): convert_old_acl(old_acl)
def test_convert_old_acl_group_and_date(): rulestr = "( group x ) AND ( date > 01.01.2015 )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, group_ids=[99990000], dateranges=[DateRange(datetime.date(2015, 1, 1), datetime.date(9999, 12, 31), '()')])
def test_convert_old_acl_date_earlier_inc(): rulestr = "( date <= 01.01.2015 )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, dateranges=[DateRange(datetime.date(1, 1, 1), datetime.date(2015, 1, 1), '(]')])
def test_convert_old_acl_nobody_rule(): rulestr = "NOT ( true )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=True, blocking=True)
def test_convert_old_acl_ip(): rulestr = "( ip 1.2.3.4 )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, subnets=[IPv4Network("1.2.3.4/32")])
def test_convert_old_acl_date_later(): rulestr = "( date > 01.01.2015 )" access_rules = convert_old_acl(rulestr) assert len(access_rules) == 1 assert_access_rule_with_flags(access_rules[0], invert=False, blocking=False, dateranges=[DateRange(datetime.date(2015, 1, 1), datetime.date(9999, 12, 31), '()')])