def test_no_empty_rules(self):
rules = policy.get_rules()
for rule in rules:
self.assertNotEqual(
'', str(rule),
'%s should not be empty, use "@" instead if the policy '
'should allow everything' % rule)
def test_rule_missing(self):
rules = policy.get_rules()
# eliqiao os_compute_api:os-quota-class-sets:show requires
# admin=True or quota_class match, this rule won't belong to
# admin_only, non_admin, admin_or_user, empty_rule
special_rules = ('admin_api', 'admin_or_owner', 'context_is_admin',
'os_compute_api:os-quota-class-sets:show')
result = set(rules.keys()) - set(self.admin_only_rules +
self.admin_or_owner_rules + self.non_admin_only_rules +
self.allow_all_rules + special_rules)
self.assertEqual(set([]), result)
def test_rule_missing(self):
rules = policy.get_rules()
# eliqiao os_compute_api:os-quota-class-sets:show requires
# admin=True or quota_class match, this rule won't belong to
# admin_only, non_admin, admin_or_user, empty_rule
special_rules = ('admin_api', 'admin_or_owner', 'context_is_admin',
'os_compute_api:os-quota-class-sets:show')
result = set(rules.keys()) - set(self.admin_only_rules +
self.admin_or_owner_rules +
self.allow_all_rules + special_rules)
self.assertEqual(set([]), result)
def test_all_rules_in_sample_file(self):
special_rules = ["context_is_admin", "admin_or_owner", "default"]
for (name, rule) in self.fake_policy.items():
if name in special_rules:
continue
self.assertIn(name, policy.get_rules())
def setUp(self):
super(AdminRolePolicyTestCase, self).setUp()
self.policy = self.useFixture(policy_fixture.RoleBasedPolicyFixture())
self.context = context.RequestContext('fake', 'fake', roles=['member'])
self.actions = policy.get_rules().keys()
self.target = {}
def test_all_rules_in_sample_file(self):
special_rules = ["context_is_admin", "admin_or_owner", "default"]
for (name, rule) in self.fake_policy.items():
if name in special_rules:
continue
self.assertIn(name, policy.get_rules())
def setUp(self):
super(AdminRolePolicyTestCase, self).setUp()
self.policy = self.useFixture(policy_fixture.RoleBasedPolicyFixture())
self.context = context.RequestContext('fake', 'fake', roles=['member'])
self.actions = policy.get_rules().keys()
self.target = {}
def test_empty_rules(self):
rules = policy.get_rules()
for rule in self.empty_rules:
self.assertEqual('@', str(rules[rule]),
"%s isn't empty rule" % rule)
def test_empty_rules(self):
rules = policy.get_rules()
for rule in self.empty_rules:
self.assertEqual("@", str(rules[rule]), "%s isn't empty rule" % rule)
def test_no_empty_rules(self):
rules = policy.get_rules()
for rule in rules:
self.assertNotEqual('', str(rule),
'%s should not be empty, use "@" instead if the policy '
'should allow everything' % rule)
