def test_scp_init(self, sshclient_patch, scpclient_patch, inspect_patch):
self.assertIsInstance(SCP('device', progress=True), SCP)
# callable progress
sobject = SCP('device', progress=SCP.open)
self.assertEqual(sobject.host, "device")
self.assertEqual(sobject.user, None)
self.assertEqual(sobject.password, None)
self.assertTrue(scpclient_patch.called)
obj = MagicMock()
inspect_patch.getargspec.return_value = obj
obj.args = [1, 2, 3]
sobject = SCP('device',
user="******",
password="******",
progress=SCP.open)
self.assertEqual(sobject.host, "device")
self.assertEqual(sobject.user, "regress")
self.assertEqual(sobject.password, "MaRtInI")
self.assertTrue(scpclient_patch.called)
sobject = MagicMock(spec=SCP)
sobject._progress = True
SCP('device', progress=SCP.open)
obj.args = [1, 2]
sobject = SCP('device',
user="******",
password="******",
progress=SCP.open)
obj.args = [1]
sobject = SCP('device',
user="******",
password="******",
progress=SCP.open)
def test_update_record(self):
"""
Update an existing record by running ara_record a second time on the
same key.
"""
task = MagicMock(Task)
task. async = MagicMock()
task.args = {
'key': 'test-update',
'value': 'test-value',
'type': 'text'
}
action = ara_record.ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-update').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-update')
self.assertEqual(r_data.value, 'test-value')
self.assertEqual(r_data.type, 'text')
task.args = {
'key': 'test-update',
'value': 'http://another-value',
'type': 'url'
}
action = ara_record.ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
action.run()
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-update').one()
self.assertEqual(r_data.value, 'http://another-value')
self.assertEqual(r_data.type, 'url')
def test_create_record_with_no_type(self):
"""
Create a new record with ara_record with no type specified.
"""
task = MagicMock(Task)
task.async_ = 0
task.async_val = False
task.args = {
'key': 'test-notype',
'value': 'test-value'
}
action = ara_record.ActionModule(task, self.connection,
self.play_context, loader=None,
templar=None, shared_loader_obj=None)
action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-notype').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-notype')
self.assertEqual(r_data.value, 'test-value')
self.assertEqual(r_data.type, 'text')
def test_create_record_as_wrong_type(self):
"""
Create a new record with ara_record.
"""
task = MagicMock(Task)
task.async_ = 0
task.async_val = False
task.args = {
'key': 'test-wrongtype',
'value': ['foo', 'bar'],
'type': 'text'
}
action = ara_record.ActionModule(task, self.connection,
self.play_context, loader=None,
templar=None, shared_loader_obj=None)
action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-wrongtype').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-wrongtype')
self.assertEqual(r_data.value, ['foo', 'bar'])
self.assertEqual(r_data.type, 'text')
def test_create_text_record_with_playbook(self):
"""
Create a new record with ara_record on a specified playbook
"""
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
task = MagicMock(Task)
task.async_ = 0
task.async_val = False
task.args = {
'playbook': r_playbook.id,
'key': 'test-text',
'value': 'test-with-playbook',
'type': 'text'
}
action = ara_record.ActionModule(task, self.connection,
self.play_context, loader=None,
templar=None, shared_loader_obj=None)
action.run()
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-text').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-text')
self.assertEqual(r_data.value, 'test-with-playbook')
self.assertEqual(r_data.type, 'text')
def test_render_GET_bad_args(self):
vector = [
({}, "Missing 'policy' parameter."),
({"policy": ["a", "b"]}, "Multiple 'policy' parameters unsupported."),
({"policy": ["best"]}, "Only 'policy=all' parameter supported."),
({"policy": ["all"], "format": ["a", "b"]}, "Multiple 'format' parameters unsupported."),
({"policy": ["all"], "format": ["foo"]}, "Only 'format=json' parameter supported."),
]
for (args, errmsg) in vector:
m_db = MagicMock()
m_request = MagicMock()
m_request.args = args
lsr = lookup.LookupSimulatorResource(m_db)
retval = lsr.render_GET(m_request)
# Verifications:
self.assertEqual(server.NOT_DONE_YET, retval)
# Verify that a 400 response was sent:
self.assertEqual(m_request.mock_calls, [call.sendJsonErrorMessage(errmsg)])
# Verify that db was not touched:
self.assertEqual(m_db.mock_calls, [])
def test_read_record_with_no_key(self):
"""
Read an existing record that does not exist with ara_read
"""
task = MagicMock(Task)
task.async_ = 0
task.async_val = False
task.args = {
'key': 'key',
}
action = ara_read.ActionModule(task, self.connection,
self.play_context, loader=None,
templar=None, shared_loader_obj=None)
data = action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
# There is no exception raised in the action module, we instead
# properly return a failure status to Ansible.
# If there is a failure, no data will be returned so we can catch this.
with self.assertRaises(Exception):
m.Data.query.filter_by(playbook_id=r_playbook.id, key='key').one()
self.assertEqual(data['failed'], True)
self.assertEqual(data['playbook_id'], None)
self.assertEqual(data['key'], None)
self.assertEqual(data['value'], None)
def test_read_record(self):
"""
Read an existing record with ara_read
"""
task = MagicMock(Task)
task. async = MagicMock()
task.args = {
'key': 'test-key',
}
action = ara_read.ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
data = action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-key').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-key')
self.assertEqual(r_data.value, 'test-value')
self.assertEqual(r_data.type, 'text')
self.assertEqual(data['playbook_id'], r_data.playbook_id)
self.assertEqual(data['key'], r_data.key)
self.assertEqual(data['value'], r_data.value)
self.assertEqual(data['type'], r_data.type)
def test_read_record_with_no_key(self):
"""
Read a existing record that does not exist with ara_read
"""
task = MagicMock(Task)
task. async = MagicMock()
task.args = {
'key': 'key',
}
action = ara_read.ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
data = action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
# There is no exception raised in the action module, we instead
# properly return a failure status to Ansible.
# If there is a failure, no data will be returned so we can catch this.
with self.assertRaises(Exception):
m.Data.query.filter_by(playbook_id=r_playbook.id, key='key').one()
self.assertEqual(data['failed'], True)
self.assertEqual(data['playbook_id'], None)
self.assertEqual(data['key'], None)
self.assertEqual(data['value'], None)
def test_create_text_record_with_playbook(self):
"""
Create a new record with ara_record on a specified playbook
"""
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
task = MagicMock(Task)
task. async = MagicMock()
task.args = {
'playbook': r_playbook.id,
'key': 'test-text',
'value': 'test-with-playbook',
'type': 'text'
}
action = ara_record.ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
action.run()
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-text').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-text')
self.assertEqual(r_data.value, 'test-with-playbook')
self.assertEqual(r_data.type, 'text')
def test_create_json_record(self):
"""
Create a new record with ara_record.
"""
task = MagicMock(Task)
task. async = 0
task.args = {
'key': 'test-json',
'value': '{"foo": "bar"}',
'type': 'json'
}
action = ara_record.ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-json').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-json')
self.assertEqual(r_data.value, '{"foo": "bar"}')
self.assertEqual(r_data.type, 'json')
def test_record_with_no_value(self):
"""
Trying to use ara_record with no value parameter should properly fail
"""
task = MagicMock(Task)
task. async = MagicMock()
task.args = {
'key': 'test-key',
}
action = ara_record.ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
# There is no exception raised in the action module, we instead
# properly return a failure status to Ansible.
# If there is a failure, no data will be recorded so we can catch this.
with self.assertRaises(Exception):
m.Data.query.filter_by(playbook_id=r_playbook.id).one()
def test_read_record(self):
"""
Read an existing record with ara_read
"""
task = MagicMock(Task)
task.async_ = 0
task.async_val = False
task.args = {
'key': 'test-key',
}
action = ara_read.ActionModule(task, self.connection,
self.play_context, loader=None,
templar=None, shared_loader_obj=None)
data = action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-key').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-key')
self.assertEqual(r_data.value, 'test-value')
self.assertEqual(r_data.type, 'text')
self.assertEqual(data['playbook_id'], r_data.playbook_id)
self.assertEqual(data['key'], r_data.key)
self.assertEqual(data['value'], r_data.value)
self.assertEqual(data['type'], r_data.type)
def test_create_record_as_wrong_type(self):
"""
Create a new record with ara_record.
"""
task = MagicMock(Task)
task. async = MagicMock()
task.args = {
'key': 'test-wrongtype',
'value': ['foo', 'bar'],
'type': 'text'
}
action = ara_record.ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-wrongtype').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-wrongtype')
self.assertEqual(r_data.value, ['foo', 'bar'])
self.assertEqual(r_data.type, 'text')
def test_update_record(self):
"""
Update an existing record by running ara_record a second time on the
same key.
"""
task = MagicMock(Task)
task.async_ = 0
task.async_val = False
task.args = {
'key': 'test-update',
'value': 'test-value',
'type': 'text'
}
action = ara_record.ActionModule(task, self.connection,
self.play_context, loader=None,
templar=None, shared_loader_obj=None)
action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-update').one()
self.assertIsNotNone(r_data)
self.assertEqual(r_data.playbook_id, r_playbook.id)
self.assertEqual(r_data.key, 'test-update')
self.assertEqual(r_data.value, 'test-value')
self.assertEqual(r_data.type, 'text')
task.args = {
'key': 'test-update',
'value': 'http://another-value',
'type': 'url'
}
action = ara_record.ActionModule(task, self.connection,
self.play_context, loader=None,
templar=None, shared_loader_obj=None)
action.run()
r_data = m.Data.query.filter_by(playbook_id=r_playbook.id,
key='test-update').one()
self.assertEqual(r_data.value, 'http://another-value')
self.assertEqual(r_data.type, 'url')
def test_action_base__compute_environment_string(self):
fake_loader = DictDataLoader({})
# create our fake task
mock_task = MagicMock()
mock_task.action = "copy"
mock_task.args = dict(a=1)
# create a mock connection, so we don't actually try and connect to things
def env_prefix(**args):
return ' '.join([
'%s=%s' % (k, shlex_quote(text_type(v)))
for k, v in args.items()
])
mock_connection = MagicMock()
mock_connection._shell.env_prefix.side_effect = env_prefix
# we're using a real play context here
play_context = PlayContext()
# and we're using a real templar here too
templar = Templar(loader=fake_loader)
# our test class
action_base = DerivedActionBase(
task=mock_task,
connection=mock_connection,
play_context=play_context,
loader=fake_loader,
templar=templar,
shared_loader_obj=None,
)
# test standard environment setup
mock_task.environment = [dict(FOO='foo'), None]
env_string = action_base._compute_environment_string()
self.assertEqual(env_string, "FOO=foo")
# test where environment is not a list
mock_task.environment = dict(FOO='foo')
env_string = action_base._compute_environment_string()
self.assertEqual(env_string, "FOO=foo")
# test environment with a variable in it
templar.available_variables = dict(the_var='bar')
mock_task.environment = [dict(FOO='{{the_var}}')]
env_string = action_base._compute_environment_string()
self.assertEqual(env_string, "FOO=bar")
# test with a bad environment set
mock_task.environment = dict(FOO='foo')
mock_task.environment = ['hi there']
self.assertRaises(AnsibleError,
action_base._compute_environment_string)
def test_parameter_validator(monkeypatch):
request = MagicMock(name='request')
request.args = {}
request.headers = {}
request.params = {}
app = MagicMock(name='app')
app.response_class = flask.Response
monkeypatch.setattr('flask.request', request)
monkeypatch.setattr('flask.current_app', app)
def orig_handler(*args, **kwargs):
return 'OK'
params = [{'name': 'p1', 'in': 'path', 'type': 'integer', 'required': True},
{'name': 'h1', 'in': 'header', 'type': 'string', 'enum': ['a', 'b']},
{'name': 'q1', 'in': 'query', 'type': 'integer', 'maximum': 3},
{'name': 'a1', 'in': 'query', 'type': 'array', 'minItems': 2, 'maxItems': 3,
'items': {'type': 'integer', 'minimum': 0}}]
validator = ParameterValidator(params, FlaskApi)
handler = validator(orig_handler)
kwargs = {'query': {}, 'headers': {}}
request = MagicMock(path_params={}, **kwargs)
assert json.loads(handler(request).data.decode())['detail'] == "Missing path parameter 'p1'"
request = MagicMock(path_params={'p1': '123'}, **kwargs)
assert handler(request) == 'OK'
request = MagicMock(path_params={'p1': ''}, **kwargs)
assert json.loads(handler(request).data.decode())['detail'] == "Wrong type, expected 'integer' for path parameter 'p1'"
request = MagicMock(path_params={'p1': 'foo'}, **kwargs)
assert json.loads(handler(request).data.decode())['detail'] == "Wrong type, expected 'integer' for path parameter 'p1'"
request = MagicMock(path_params={'p1': '1.2'}, **kwargs)
assert json.loads(handler(request).data.decode())['detail'] == "Wrong type, expected 'integer' for path parameter 'p1'"
request = MagicMock(path_params={'p1': 1}, query={'q1': '4'}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith('4 is greater than the maximum of 3')
request = MagicMock(path_params={'p1': 1}, query={'q1': '3'}, headers={})
assert handler(request) == 'OK'
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1', '2']}, headers={})
assert handler(request) == "OK"
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1', 'a']}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith("'a' is not of type 'integer'")
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1', '-1']}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith("-1 is less than the minimum of 0")
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1']}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith("[1] is too short")
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1', '2', '3', '4']}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith("[1, 2, 3, 4] is too long")
request = MagicMock(path_params={'p1': '123'}, query={}, headers={'h1': 'a'})
assert handler(request) == 'OK'
request = MagicMock(path_params={'p1': '123'}, query={}, headers={'h1': 'x'})
assert json.loads(handler(request).data.decode())['detail'].startswith("'x' is not one of ['a', 'b']")
def test_parameter_validator(monkeypatch):
request = MagicMock(name='request')
request.args = {}
request.headers = {}
request.params = {}
app = MagicMock(name='app')
app.response_class = flask.Response
monkeypatch.setattr('flask.request', request)
monkeypatch.setattr('flask.current_app', app)
def orig_handler(*args, **kwargs):
return 'OK'
params = [{'name': 'p1', 'in': 'path', 'type': 'integer', 'required': True},
{'name': 'h1', 'in': 'header', 'type': 'string', 'enum': ['a', 'b']},
{'name': 'q1', 'in': 'query', 'type': 'integer', 'maximum': 3},
{'name': 'a1', 'in': 'query', 'type': 'array', 'minItems': 2, 'maxItems': 3,
'items': {'type': 'integer', 'minimum': 0}}]
validator = ParameterValidator(params, FlaskApi)
handler = validator(orig_handler)
kwargs = {'query': {}, 'headers': {}}
request = MagicMock(path_params={}, **kwargs)
assert json.loads(handler(request).data.decode())['detail'] == "Missing path parameter 'p1'"
request = MagicMock(path_params={'p1': '123'}, **kwargs)
assert handler(request) == 'OK'
request = MagicMock(path_params={'p1': ''}, **kwargs)
assert json.loads(handler(request).data.decode())['detail'] == "Wrong type, expected 'integer' for path parameter 'p1'"
request = MagicMock(path_params={'p1': 'foo'}, **kwargs)
assert json.loads(handler(request).data.decode())['detail'] == "Wrong type, expected 'integer' for path parameter 'p1'"
request = MagicMock(path_params={'p1': '1.2'}, **kwargs)
assert json.loads(handler(request).data.decode())['detail'] == "Wrong type, expected 'integer' for path parameter 'p1'"
request = MagicMock(path_params={'p1': 1}, query={'q1': '4'}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith('4 is greater than the maximum of 3')
request = MagicMock(path_params={'p1': 1}, query={'q1': '3'}, headers={})
assert handler(request) == 'OK'
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1', '2']}, headers={})
assert handler(request) == "OK"
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1', 'a']}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith("'a' is not of type 'integer'")
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1', '-1']}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith("-1 is less than the minimum of 0")
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1']}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith("[1] is too short")
request = MagicMock(path_params={'p1': 1}, query={'a1': ['1', '2', '3', '4']}, headers={})
assert json.loads(handler(request).data.decode())['detail'].startswith("[1, 2, 3, 4] is too long")
request = MagicMock(path_params={'p1': '123'}, query={}, headers={'h1': 'a'})
assert handler(request) == 'OK'
request = MagicMock(path_params={'p1': '123'}, query={}, headers={'h1': 'x'})
assert json.loads(handler(request).data.decode())['detail'].startswith("'x' is not one of ['a', 'b']")
def test_shorten_url_no_url(self):
redis_wrapper_mocked = MagicMock(specset=RedisWrapper)
short_code_generator_mocked = MagicMock(specset=ShortCodeGenerator)
request_mocked = MagicMock(specset=LocalProxy)
scg = RequestHandler(short_code_generator_mocked, redis_wrapper_mocked)
request_mocked.args = {}
result = scg.shorten_url(request_mocked)
self.assertEqual('Url not present', result[0])
self.assertEqual(400, result[1])
def test_get_output_channel(input_channels: List[Text], output_channel_to_use,
expected_channel: Type):
request = MagicMock()
app = MagicMock()
app.input_channels = input_channels
request.app = app
request.args = {"output_channel": output_channel_to_use}
actual = rasa.server._get_output_channel(request, None)
assert isinstance(actual, expected_channel)
def test_parameter_validator(monkeypatch):
request = MagicMock(name='request')
request.args = {}
request.headers = {}
request.params = {}
app = MagicMock(name='app')
app.response_class = lambda a, mimetype, status: json.loads(''.join(a))['detail']
monkeypatch.setattr('flask.request', request)
monkeypatch.setattr('flask.current_app', app)
def orig_handler(*args, **kwargs):
return 'OK'
params = [{'name': 'p1', 'in': 'path', 'type': 'integer', 'required': True},
{'name': 'h1', 'in': 'header', 'type': 'string', 'enum': ['a', 'b']},
{'name': 'q1', 'in': 'query', 'type': 'integer', 'maximum': 3},
{'name': 'a1', 'in': 'query', 'type': 'array', 'minItems': 2, 'maxItems': 3,
'items': {'type': 'integer', 'minimum': 0}}]
validator = ParameterValidator(params)
handler = validator(orig_handler)
assert handler() == "Missing path parameter 'p1'"
assert handler(p1='123') == 'OK'
assert handler(p1='') == "Wrong type, expected 'integer' for path parameter 'p1'"
assert handler(p1='foo') == "Wrong type, expected 'integer' for path parameter 'p1'"
assert handler(p1='1.2') == "Wrong type, expected 'integer' for path parameter 'p1'"
request.args = {'q1': '4'}
assert handler(p1=1).startswith('4 is greater than the maximum of 3')
request.args = {'q1': '3'}
assert handler(p1=1) == 'OK'
request.args = {'a1': "1,2"}
assert handler(p1=1) == "OK"
request.args = {'a1': "1,a"}
assert handler(p1=1).startswith("'a' is not of type 'integer'")
request.args = {'a1': "1,-1"}
assert handler(p1=1).startswith("-1 is less than the minimum of 0")
request.args = {'a1': "1"}
assert handler(p1=1).startswith("[1] is too short")
request.args = {'a1': "1,2,3,4"}
assert handler(p1=1).startswith("[1, 2, 3, 4] is too long")
del request.args['a1']
request.headers = {'h1': 'a'}
assert handler(p1='123') == 'OK'
request.headers = {'h1': 'x'}
assert handler(p1='123').startswith("'x' is not one of ['a', 'b']")
def test_get_short_code_does_not_exist(self):
redis_wrapper_mocked = MagicMock(specset=RedisWrapper)
short_code_generator_mocked = MagicMock(specset=ShortCodeGenerator)
request_mocked = MagicMock(specset=LocalProxy)
redis_wrapper_mocked.short_code_exists.return_value = None
scg = RequestHandler(short_code_generator_mocked, redis_wrapper_mocked)
request_mocked.args = {'short_code': 'qwe123'}
result = scg.get_short_code(request_mocked)
self.assertEqual('Short code not found', result[0])
self.assertEqual(404, result[1])
def test_get_latest_output_channel(input_channels: List[Text],
expected_channel: Type):
request = MagicMock()
app = MagicMock()
app.input_channels = input_channels
request.app = app
request.args = {"output_channel": "latest"}
tracker = DialogueStateTracker.from_events(
"default", [UserUttered("text", input_channel="slack")])
actual = rasa.server._get_output_channel(request, tracker)
assert isinstance(actual, expected_channel)
def test_shorten_url_url_already_exists(self):
redis_wrapper_mocked = MagicMock(specset=RedisWrapper)
short_code_generator_mocked = MagicMock(specset=ShortCodeGenerator)
request_mocked = MagicMock(specset=LocalProxy)
redis_wrapper_mocked.get_short_code_by_url.return_value = 'qwe123'
redis_wrapper_mocked.url_already_exists.return_value = True
scg = RequestHandler(short_code_generator_mocked, redis_wrapper_mocked)
request_mocked.args = {'url': 'test_url_which_is_already_shortened'}
result = scg.shorten_url(request_mocked)
self.assertEqual('url is already shortened', result[0].json['msg'])
self.assertEqual('qwe123', result[0].json['shortcode'])
self.assertEqual(200, result[1])
def test_injection(monkeypatch):
request = MagicMock(name='request', path_params={'p1': '123'})
request.args = {}
request.headers = {}
request.params = {}
func = MagicMock()
def handler(**kwargs):
func(**kwargs)
parameter_to_arg({}, [], handler)(request)
func.assert_called_with(p1='123')
def test_render_GET_valid_parameters(self):
# Test data:
entries = [
{
'fqdn': 'blah',
'city': 'Somewheresville',
'country': 'US',
'ip': ['127.2.3.4', '::1'],
'port': 8421,
'site': 'mlab01',
'tool_extra': {
'collector_onion': 'testfakenotreal.onion',
},
},
{
'fqdn': 'blorp',
'city': 'Elsewhereton',
'country': 'US',
'ip': ['127.2.3.8', '::7'],
'port': 1248,
'site': 'mlab02',
'tool_extra': {
'collector_onion': 'yetanother.onion',
},
},
]
# Mocks:
db = dict((entry['fqdn'], entry) for entry in entries)
m_request = MagicMock()
# Fake a request with sufficient parameters:
m_request.args = {
'format': ['json'],
'policy': ['all'],
}
# Execute the code under test:
lsr = lookup.LookupSimulatorResource(db)
retval = lsr.render_GET(m_request)
# Verifications:
self.assertEqual(server.NOT_DONE_YET, retval)
# Verify that a 200 response was sent:
self.assertEqual(m_request.mock_calls,
[call.sendJsonResponse(entries)])
def test_shorten_url_url_does_not_exists_short_code_wrong(self):
redis_wrapper_mocked = MagicMock(specset=RedisWrapper)
short_code_generator_mocked = MagicMock(specset=ShortCodeGenerator)
request_mocked = MagicMock(specset=LocalProxy)
redis_wrapper_mocked.get_short_code_by_url.return_value = 'qwe123'
redis_wrapper_mocked.url_already_exists.return_value = False
short_code_generator_mocked.validate_short_code.return_value = False
scg = RequestHandler(short_code_generator_mocked, redis_wrapper_mocked)
request_mocked.args = {
'url': 'test_url_which_is_not_yet_shortened',
'short_code': 'qwe123'
}
result = scg.shorten_url(request_mocked)
self.assertEqual('Invalid short code', result[0])
self.assertEqual(412, result[1])
def test_shorten_url_url_does_not_exists_short_code_not_provided(self):
redis_wrapper_mocked = MagicMock(specset=RedisWrapper)
short_code_generator_mocked = MagicMock(specset=ShortCodeGenerator)
request_mocked = MagicMock(specset=LocalProxy)
redis_wrapper_mocked.url_already_exists.return_value = False
short_code_generator_mocked.generate_short_code.return_value = 'qwe123'
scg = RequestHandler(short_code_generator_mocked, redis_wrapper_mocked)
request_mocked.args = {
'url': 'test_url_which_is_not_yet_shortened',
}
result = scg.shorten_url(request_mocked)
self.assertEqual('qwe123', result[0].json['shortcode'])
self.assertEqual(201, result[1])
def test_raw_check_mode_is_True(self):
task = MagicMock(Task)
task.async_val = False
task.args = {'_raw_params': 'Args1'}
self.play_context.check_mode = True
try:
self.mock_am = ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
except AnsibleActionFail:
pass
def test_raw_test_environment_is_None(self):
task = MagicMock(Task)
task.async_val = False
task.args = {'_raw_params': 'Args1'}
task.environment = None
self.play_context.check_mode = False
self.mock_am = ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
self.mock_am._low_level_execute_command = Mock(return_value={})
self.mock_am.display = Mock()
self.assertEqual(task.environment, None)
def test_injection():
request = MagicMock(name='request', path_params={'p1': '123'})
request.args = {}
request.headers = {}
request.params = {}
func = MagicMock()
def handler(**kwargs):
func(**kwargs)
parameter_to_arg({}, [], handler)(request)
func.assert_called_with(p1='123')
parameter_to_arg({}, [],
handler,
pass_context_arg_name='framework_request_ctx')(request)
func.assert_called_with(p1='123', framework_request_ctx=request.context)
def test_action_base_run(self):
mock_task = MagicMock()
mock_task.action = "foo"
mock_task.args = dict(a=1, b=2, c=3)
mock_connection = MagicMock()
play_context = PlayContext()
mock_task.async_val = None
action_base = DerivedActionBase(mock_task, mock_connection,
play_context, None, None, None)
results = action_base.run()
self.assertEqual(results, dict())
mock_task.async_val = 0
action_base = DerivedActionBase(mock_task, mock_connection,
play_context, None, None, None)
results = action_base.run()
self.assertEqual(results, {})
def test_raw_executable_is_not_empty_string(self):
task = MagicMock(Task)
task.async_val = False
task.args = {'_raw_params': 'Args1'}
self.play_context.check_mode = False
self.mock_am = ActionModule(task,
self.connection,
self.play_context,
loader=None,
templar=None,
shared_loader_obj=None)
self.mock_am._low_level_execute_command = Mock(return_value={})
self.mock_am.display = Mock()
self.mock_am._admin_users = ['root', 'toor']
self.mock_am.run()
self.mock_am._low_level_execute_command.assert_called_with(
'Args1', executable=False)
def test_render_GET_valid_parameters(self):
# Test data:
entries = [
{
"fqdn": "blah",
"city": "Somewheresville",
"country": "US",
"ip": ["127.2.3.4", "::1"],
"port": 8421,
"site": "mlab01",
"tool_extra": {"collector_onion": "testfakenotreal.onion"},
},
{
"fqdn": "blorp",
"city": "Elsewhereton",
"country": "US",
"ip": ["127.2.3.8", "::7"],
"port": 1248,
"site": "mlab02",
"tool_extra": {"collector_onion": "yetanother.onion"},
},
]
# Mocks:
db = dict((entry["fqdn"], entry) for entry in entries)
m_request = MagicMock()
# Fake a request with sufficient parameters:
m_request.args = {"format": ["json"], "policy": ["all"]}
# Execute the code under test:
lsr = lookup.LookupSimulatorResource(db)
retval = lsr.render_GET(m_request)
# Verifications:
self.assertEqual(server.NOT_DONE_YET, retval)
# Verify that a 200 response was sent:
self.assertEqual(m_request.mock_calls, [call.sendJsonResponse(entries)])
def test_injection():
request = MagicMock(name='request', path_params={'p1': '123'})
request.args = {}
request.headers = {}
request.params = {}
func = MagicMock()
def handler(**kwargs):
func(**kwargs)
class Op(object):
consumes = ['application/json']
def get_arguments(self, *args, **kwargs):
return {"p1": "123"}
parameter_to_arg(Op(), handler)(request)
func.assert_called_with(p1='123')
parameter_to_arg(Op(), handler, pass_context_arg_name='framework_request_ctx')(request)
func.assert_called_with(p1='123', framework_request_ctx=request.context)
def test_parameter_validator(monkeypatch):
request = MagicMock(name='request')
request.args = {}
request.headers = {}
request.params = {}
app = MagicMock(name='app')
app.response_class = lambda a, mimetype, status: json.loads(a)['detail']
monkeypatch.setattr('flask.request', request)
monkeypatch.setattr('flask.current_app', app)
def orig_handler(*args, **kwargs):
return 'OK'
params = [{'name': 'p1', 'in': 'path', 'type': 'integer', 'required': True},
{'name': 'h1', 'in': 'header', 'type': 'string', 'enum': ['a', 'b']},
{'name': 'q1', 'in': 'query', 'type': 'integer', 'maximum': 3},
{'name': 'a1', 'in': 'query', 'type': 'array', 'items': {'type': 'integer', 'minimum': 0}}]
validator = ParameterValidator(params)
handler = validator(orig_handler)
assert handler() == "Missing path parameter 'p1'"
assert handler(p1='123') == 'OK'
assert handler(p1='') == "Wrong type, expected 'integer' for path parameter 'p1'"
assert handler(p1='foo') == "Wrong type, expected 'integer' for path parameter 'p1'"
assert handler(p1='1.2') == "Wrong type, expected 'integer' for path parameter 'p1'"
request.args = {'q1': '4'}
assert handler(p1=1).startswith('4 is greater than the maximum of 3')
request.args = {'q1': '3'}
assert handler(p1=1) == 'OK'
request.args = {'a1': "1,2"}
assert handler(p1=1) == "OK"
request.args = {'a1': "1,a"}
assert handler(p1=1).startswith("'a' is not of type 'integer'")
request.args = {'a1': "1,-1"}
assert handler(p1=1).startswith("-1 is less than the minimum of 0")
del request.args['a1']
request.headers = {'h1': 'a'}
assert handler(p1='123') == 'OK'
request.headers = {'h1': 'x'}
assert handler(p1='123').startswith("'x' is not one of ['a', 'b']")
def test_parameter_validator(monkeypatch):
request = MagicMock(name='request')
request.args = {}
request.headers = {}
request.params = {}
app = MagicMock(name='app')
app.response_class = lambda a, mimetype, status: json.loads(a)['detail']
monkeypatch.setattr('flask.request', request)
monkeypatch.setattr('flask.current_app', app)
def orig_handler(*args, **kwargs):
return 'OK'
params = [{'name': 'p1', 'in': 'path', 'type': 'integer', 'required': True},
{'name': 'h1', 'in': 'header', 'type': 'string', 'enum': ['a', 'b']},
{'name': 'q1', 'in': 'query', 'type': 'integer', 'maximum': 3},
{'name': 'a1', 'in': 'query', 'type': 'array', 'items': {'type': 'integer', 'minimum': 0}}]
validator = ParameterValidator(params)
handler = validator(orig_handler)
assert handler() == "Missing path parameter 'p1'"
assert handler(p1='123') == 'OK'
assert handler(p1='') == "Wrong type, expected 'integer' for path parameter 'p1'"
assert handler(p1='foo') == "Wrong type, expected 'integer' for path parameter 'p1'"
assert handler(p1='1.2') == "Wrong type, expected 'integer' for path parameter 'p1'"
request.args = {'q1': '4'}
assert handler(p1=1) == 'Invalid value, must be at most 3'
request.args = {'q1': '3'}
assert handler(p1=1) == 'OK'
request.args = {'a1': '1,2'}
assert handler(p1=1) == "OK"
request.args = {'a1': '1,a'}
assert handler(p1=1) == "Wrong type, expected 'integer' for query parameter 'a1'"
request.args = {'a1': '1,-1'}
assert handler(p1=1) == "Invalid value, must be at least 0"
del request.args['a1']
request.headers = {'h1': 'a'}
assert handler(p1='123') == 'OK'
request.headers = {'h1': 'x'}
assert handler(p1='123') == "Enum value must be one of ['a', 'b']"
def test_render_GET_bad_args(self):
vector = [
({}, "Missing 'policy' parameter."),
({
'policy': ['a', 'b']
}, "Multiple 'policy' parameters unsupported."),
({
'policy': ['best']
}, "Only 'policy=all' parameter supported."),
({
'policy': ['all'],
'format': ['a', 'b']
}, "Multiple 'format' parameters unsupported."),
({
'policy': ['all'],
'format': ['foo']
}, "Only 'format=json' parameter supported."),
]
for (args, errmsg) in vector:
m_db = MagicMock()
m_request = MagicMock()
m_request.args = args
lsr = lookup.LookupSimulatorResource(m_db)
retval = lsr.render_GET(m_request)
# Verifications:
self.assertEqual(server.NOT_DONE_YET, retval)
# Verify that a 400 response was sent:
self.assertEqual(m_request.mock_calls,
[call.sendJsonErrorMessage(errmsg)])
# Verify that db was not touched:
self.assertEqual(m_db.mock_calls, [])
def test_record_with_no_value(self):
"""
Trying to use ara_record with no value parameter should properly fail
"""
task = MagicMock(Task)
task.async_ = 0
task.async_val = False
task.args = {
'key': 'test-key',
}
action = ara_record.ActionModule(task, self.connection,
self.play_context, loader=None,
templar=None, shared_loader_obj=None)
action.run()
r_playbook = m.Playbook.query.first()
self.assertIsNotNone(r_playbook)
# There is no exception raised in the action module, we instead
# properly return a failure status to Ansible.
# If there is a failure, no data will be recorded so we can catch this.
with self.assertRaises(Exception):
m.Data.query.filter_by(playbook_id=r_playbook.id).one()
def test_get_short_code_exists(self):
redis_wrapper_mocked = MagicMock(specset=RedisWrapper)
short_code_generator_mocked = MagicMock(specset=ShortCodeGenerator)
request_mocked = MagicMock(specset=LocalProxy)
redis_wrapper_mocked.short_code_exists.return_value = 'test_url'
redis_wrapper_mocked.get_short_code_info_by_url.return_value = {
'shortcode': 'qwe123',
'created': '2021-01-10T20:45:00.000Z',
'lastRedirect': '2021-01-11T20:45:00.000Z',
'redirectCount': 1
}
scg = RequestHandler(short_code_generator_mocked, redis_wrapper_mocked)
request_mocked.args = {'short_code': 'qwe123'}
result = scg.get_short_code(request_mocked)
self.assertEqual('qwe123', result[0].json['shortcode'])
self.assertEqual('2021-01-10T20:45:00.000Z', result[0].json['created'])
self.assertEqual('2021-01-11T20:45:00.000Z',
result[0].json['lastRedirect'])
self.assertEqual(1, result[0].json['redirectCount'])
self.assertEqual(302, result[1])
def test_resource_policies(self):
gc = Mock()
resource_id = 'resource_key'
pdpm = PolicyDecisionPointManager(gc)
# see that the PDP for resource is empty
self.assertEqual(pdpm.get_resource_pdp(resource_id), pdpm.empty_pdp)
pdpm.set_resource_policy_rules(resource_id, self.permit_SUPERUSER_rule)
# see that the PDP for resource is not empty anymore
self.assertNotEqual(pdpm.get_resource_pdp(resource_id), pdpm.empty_pdp)
# check request without a resource_id raises NotFound error
invocation = MagicMock()
invocation.message_annotations = {}
with self.assertRaises(NotFound) as chk_res:
pdpm.check_resource_request_policies(invocation, None)
self.assertIn(chk_res.exception.message, 'The resource_id is not set')
# (really Not Applicable, because of the inelegant hack of a policy we are setting up our pdp with)
mock_header = Mock()
def get_header_value(key, default):
return invocation.headers.get(key, default)
mock_header.side_effect = get_header_value
invocation.get_header_value = mock_header
mock_args = Mock()
class MockProcess(Mock):
def check_test_value(self, process, message, headers):
if message['argument1'] > 3:
return False, 'The value of argument1 is larger than 3'
return True, ''
mock_process = MockProcess()
mock_process.org_governance_name = 'org_name'
invocation.args = {'process': mock_process}
def get_arg_value(key, default):
return invocation.args.get(key, default)
mock_args.side_effect = get_arg_value
invocation.get_arg_value = mock_args
# check that, because actor does not have SUPERUSER role, policy evaluates to a denial
invocation.message_annotations = {}
invocation.message = {'argument1': 0}
invocation.headers = {
'op': 'op',
'process': mock_process,
'request': 'request',
'ion-actor-id': 'ion-actor-id',
'receiver': 'resource-registry',
'sender-type': 'sender-type',
'sender-service': 'sender-service',
'ion-actor-roles': {
'org_name': ['ion-actor-roles']
}
}
invocation.get_message_sender.return_value = ['Unknown', 'Unknown']
gc.system_root_org_name = 'sys_org_name'
response = pdpm.check_resource_request_policies(
invocation, resource_id)
self.assertEqual(response.value, "NotApplicable")
# check that policy evaluates to Permit because actor has SUPERUSER role
invocation.headers = {
'op': 'op',
'process': mock_process,
'request': 'request',
'ion-actor-id': 'ion-actor-id',
'receiver': 'resource-registry',
'sender-type': 'sender-type',
'sender-service': 'sender-service',
'ion-actor-roles': {
'sys_org_name': ['SUPERUSER']
}
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(
invocation, resource_id)
self.assertEqual(response.value, "Permit")
pdpm.set_resource_policy_rules(resource_id,
self.deny_message_parameter_rule)
invocation.message = {'argument1': 0}
invocation.headers = {
'op': 'op',
'process': mock_process,
'request': 'request',
'ion-actor-id': 'ion-actor-id',
'receiver': 'resource-registry',
'sender-type': 'sender-type',
'sender-service': 'sender-service',
'ion-actor-roles': {
'sys_org_name': ['SUPERUSER']
}
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(
invocation, resource_id)
self.assertEqual(response.value, "Deny")
self.assertTrue(
'POLICY_STATUS_REASON' in invocation.message_annotations)
self.assertEqual(
invocation.message_annotations['POLICY_STATUS_REASON'],
'The value of argument1 is less than or equal to 3')
invocation.message = {'argument1': 5}
invocation.headers = {
'op': 'op',
'process': mock_process,
'request': 'request',
'ion-actor-id': 'ion-actor-id',
'receiver': 'resource-registry',
'sender-type': 'sender-type',
'sender-service': 'sender-service',
'ion-actor-roles': {
'sys_org_name': ['SUPERUSER']
}
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(
invocation, resource_id)
self.assertEqual(response.value, "Permit")
self.assertFalse(
'POLICY_STATUS_REASON' in invocation.message_annotations)
pdpm.set_resource_policy_rules(
resource_id, self.deny_message_parameter_function_rule)
invocation.message = {'argument1': 0}
invocation.headers = {
'op': 'op',
'process': mock_process,
'request': 'request',
'ion-actor-id': 'ion-actor-id',
'receiver': 'resource-registry',
'sender-type': 'sender-type',
'sender-service': 'sender-service',
'ion-actor-roles': {
'sys_org_name': ['SUPERUSER']
}
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(
invocation, resource_id)
self.assertEqual(response.value, "Permit")
self.assertFalse(
'POLICY_STATUS_REASON' in invocation.message_annotations)
invocation.message = {'argument1': 5}
invocation.headers = {
'op': 'op',
'process': mock_process,
'request': 'request',
'ion-actor-id': 'ion-actor-id',
'receiver': 'resource-registry',
'sender-type': 'sender-type',
'sender-service': 'sender-service',
'ion-actor-roles': {
'sys_org_name': ['SUPERUSER']
}
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(
invocation, resource_id)
self.assertTrue(
'POLICY_STATUS_REASON' in invocation.message_annotations)
self.assertEqual(
invocation.message_annotations['POLICY_STATUS_REASON'],
'The value of argument1 is larger than 3')
def test_resource_policies(self):
gc = Mock()
resource_id = "resource_key"
pdpm = PolicyDecisionPointManager(gc)
# see that the PDP for resource is empty
self.assertEqual(pdpm.get_resource_pdp(resource_id), pdpm.empty_pdp)
pdpm.set_resource_policy_rules(resource_id, self.permit_SUPERUSER_rule)
# see that the PDP for resource is not empty anymore
self.assertNotEqual(pdpm.get_resource_pdp(resource_id), pdpm.empty_pdp)
# check request without a resource_id raises NotFound error
invocation = MagicMock()
invocation.message_annotations = {}
with self.assertRaises(NotFound) as chk_res:
pdpm.check_resource_request_policies(invocation, None)
self.assertIn(chk_res.exception.message, "The resource_id is not set")
# (really Not Applicable, because of the inelegant hack of a policy we are setting up our pdp with)
mock_header = Mock()
def get_header_value(key, default):
return invocation.headers.get(key, default)
mock_header.side_effect = get_header_value
invocation.get_header_value = mock_header
mock_args = Mock()
class MockProcess(Mock):
def check_test_value(self, process, message, headers):
if message["argument1"] > 3:
return False, "The value of argument1 is larger than 3"
return True, ""
mock_process = MockProcess()
mock_process.org_governance_name = "org_name"
invocation.args = {"process": mock_process}
def get_arg_value(key, default):
return invocation.args.get(key, default)
mock_args.side_effect = get_arg_value
invocation.get_arg_value = mock_args
# check that, because actor does not have SUPERUSER role, policy evaluates to a denial
invocation.message_annotations = {}
invocation.message = {"argument1": 0}
invocation.headers = {
"op": "op",
"process": mock_process,
"request": "request",
"ion-actor-id": "ion-actor-id",
"receiver": "resource-registry",
"sender-type": "sender-type",
"sender-service": "sender-service",
"ion-actor-roles": {"org_name": ["ion-actor-roles"]},
}
invocation.get_message_sender.return_value = ["Unknown", "Unknown"]
gc.system_root_org_name = "sys_org_name"
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "NotApplicable")
# check that policy evaluates to Permit because actor has SUPERUSER role
invocation.headers = {
"op": "op",
"process": mock_process,
"request": "request",
"ion-actor-id": "ion-actor-id",
"receiver": "resource-registry",
"sender-type": "sender-type",
"sender-service": "sender-service",
"ion-actor-roles": {"sys_org_name": ["SUPERUSER"]},
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "Permit")
pdpm.set_resource_policy_rules(resource_id, self.deny_message_parameter_rule)
invocation.message = {"argument1": 0}
invocation.headers = {
"op": "op",
"process": mock_process,
"request": "request",
"ion-actor-id": "ion-actor-id",
"receiver": "resource-registry",
"sender-type": "sender-type",
"sender-service": "sender-service",
"ion-actor-roles": {"sys_org_name": ["SUPERUSER"]},
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "Deny")
self.assertTrue("POLICY_STATUS_REASON" in invocation.message_annotations)
self.assertEqual(
invocation.message_annotations["POLICY_STATUS_REASON"], "The value of argument1 is less than or equal to 3"
)
invocation.message = {"argument1": 5}
invocation.headers = {
"op": "op",
"process": mock_process,
"request": "request",
"ion-actor-id": "ion-actor-id",
"receiver": "resource-registry",
"sender-type": "sender-type",
"sender-service": "sender-service",
"ion-actor-roles": {"sys_org_name": ["SUPERUSER"]},
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "Permit")
self.assertFalse("POLICY_STATUS_REASON" in invocation.message_annotations)
pdpm.set_resource_policy_rules(resource_id, self.deny_message_parameter_function_rule)
invocation.message = {"argument1": 0}
invocation.headers = {
"op": "op",
"process": mock_process,
"request": "request",
"ion-actor-id": "ion-actor-id",
"receiver": "resource-registry",
"sender-type": "sender-type",
"sender-service": "sender-service",
"ion-actor-roles": {"sys_org_name": ["SUPERUSER"]},
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "Permit")
self.assertFalse("POLICY_STATUS_REASON" in invocation.message_annotations)
invocation.message = {"argument1": 5}
invocation.headers = {
"op": "op",
"process": mock_process,
"request": "request",
"ion-actor-id": "ion-actor-id",
"receiver": "resource-registry",
"sender-type": "sender-type",
"sender-service": "sender-service",
"ion-actor-roles": {"sys_org_name": ["SUPERUSER"]},
}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertTrue("POLICY_STATUS_REASON" in invocation.message_annotations)
self.assertEqual(
invocation.message_annotations["POLICY_STATUS_REASON"], "The value of argument1 is larger than 3"
)
def test_resource_policies(self):
gc = Mock()
resource_id = 'resource_key'
pdpm = PolicyDecisionPointManager(gc)
# see that the PDP for resource is empty
self.assertEqual(pdpm.get_resource_pdp(resource_id), pdpm.empty_pdp)
pdpm.load_resource_policy_rules(resource_id, self.permit_ION_MANAGER_rule )
# see that the PDP for resource is not empty anymore
self.assertNotEqual(pdpm.get_resource_pdp(resource_id), pdpm.empty_pdp)
# check request without a resource_id raises NotFound error
invocation = MagicMock()
invocation.message_annotations = {}
with self.assertRaises(NotFound) as chk_res:
pdpm.check_resource_request_policies(invocation, None)
self.assertIn(chk_res.exception.message, 'The resource_id is not set')
# (really Not Applicable, because of the inelegant hack of a policy we are setting up our pdp with)
mock_header = Mock()
def get_header_value(key, default):
return invocation.headers.get(key, default)
mock_header.side_effect = get_header_value
invocation.get_header_value = mock_header
mock_args = Mock()
class MockProcess(Mock):
def check_test_value(self, process, message, headers):
if message['argument1'] > 3:
return False, 'The value of argument1 is larger than 3'
return True, ''
mock_process = MockProcess()
mock_process.org_governance_name = 'org_name'
invocation.args = {'process': mock_process}
def get_arg_value(key, default):
return invocation.args.get(key, default)
mock_args.side_effect = get_arg_value
invocation.get_arg_value = mock_args
# check that, because actor does not have ION_MANAGER role, policy evaluates to a denial
invocation.message_annotations = {}
invocation.message = {'argument1': 0}
invocation.headers = {'op': 'op', 'process': mock_process, 'request': 'request', 'ion-actor-id': 'ion-actor-id', 'receiver': 'resource-registry',
'sender-type': 'sender-type', 'sender-service': 'sender-service', 'ion-actor-roles': {'org_name': ['ion-actor-roles']}}
invocation.get_message_sender.return_value = ['Unknown','Unknown']
gc.system_root_org_name = 'sys_org_name'
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "NotApplicable")
# check that policy evaluates to Permit because actor has ION_MANAGER role
invocation.headers = {'op': 'op', 'process': mock_process, 'request': 'request', 'ion-actor-id': 'ion-actor-id', 'receiver': 'resource-registry',
'sender-type': 'sender-type', 'sender-service': 'sender-service', 'ion-actor-roles': {'sys_org_name': ['ION_MANAGER']}}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "Permit")
pdpm.load_resource_policy_rules(resource_id, self.deny_message_parameter_rule)
invocation.message = {'argument1': 0}
invocation.headers = {'op': 'op', 'process': mock_process, 'request': 'request', 'ion-actor-id': 'ion-actor-id', 'receiver': 'resource-registry',
'sender-type': 'sender-type', 'sender-service': 'sender-service', 'ion-actor-roles': {'sys_org_name': ['ION_MANAGER']}}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "Deny")
self.assertEqual(invocation.message_annotations.has_key('POLICY_STATUS_REASON'), True)
self.assertEqual(invocation.message_annotations['POLICY_STATUS_REASON'],'The value of argument1 is less than or equal to 3')
invocation.message = {'argument1': 5}
invocation.headers = {'op': 'op', 'process': mock_process, 'request': 'request', 'ion-actor-id': 'ion-actor-id', 'receiver': 'resource-registry',
'sender-type': 'sender-type', 'sender-service': 'sender-service', 'ion-actor-roles': {'sys_org_name': ['ION_MANAGER']}}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "Permit")
self.assertEqual(invocation.message_annotations.has_key('POLICY_STATUS_REASON'), False)
pdpm.load_resource_policy_rules(resource_id, self.deny_message_parameter_function_rule)
invocation.message = {'argument1': 0}
invocation.headers = {'op': 'op', 'process': mock_process, 'request': 'request', 'ion-actor-id': 'ion-actor-id', 'receiver': 'resource-registry',
'sender-type': 'sender-type', 'sender-service': 'sender-service', 'ion-actor-roles': {'sys_org_name': ['ION_MANAGER']}}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(response.value, "Permit")
self.assertEqual(invocation.message_annotations.has_key('POLICY_STATUS_REASON'), False)
invocation.message = {'argument1': 5}
invocation.headers = {'op': 'op', 'process': mock_process, 'request': 'request', 'ion-actor-id': 'ion-actor-id', 'receiver': 'resource-registry',
'sender-type': 'sender-type', 'sender-service': 'sender-service', 'ion-actor-roles': {'sys_org_name': ['ION_MANAGER']}}
invocation.message_annotations = {}
response = pdpm.check_resource_request_policies(invocation, resource_id)
self.assertEqual(invocation.message_annotations.has_key('POLICY_STATUS_REASON'), True)
self.assertEqual(invocation.message_annotations['POLICY_STATUS_REASON'],'The value of argument1 is larger than 3')
