def get_pickled_context():
from python_moonutilities.context import Context
from python_moonutilities.cache import Cache
CACHE = Cache()
CACHE.update()
_context = Context(context(), CACHE)
_context.increment_index()
_context.pdp_set['effect'] = 'grant'
_context.pdp_set[os.environ['META_RULE_ID']]['effect'] = 'grant'
return pickle.dumps(_context)
def test_authz_with_empty_pdp_set(context):
from python_moonutilities.context import Context
from python_moonutilities.cache import Cache
CACHE = Cache()
CACHE.update()
_context = Context(context, CACHE)
component_data = {
'component_id': 'component_id1',
'pdp_id': 'pdp_id1',
'meta_rule_id': 'meta_rule_id1',
'keystone_project_id': 'keystone_project_id1',
}
with pytest.raises(Exception) as exception_info:
run(component_data, CACHE, _context)
assert str(exception_info.value) == '400: Pdp Unknown'
def test_user_not_allowed(context):
import moon_authz.server
from python_moonutilities.context import Context
from python_moonutilities.cache import Cache
server = moon_authz.server.create_server()
client = server.app.test_client()
CACHE = Cache()
CACHE.update()
context['subject_name'] = "user_not_allowed"
_context = Context(context, CACHE)
req = client.post("/authz", data=pickle.dumps(_context))
assert req.status_code == 400
data = get_json(req.data)
assert data
assert isinstance(data, dict)
assert "message" in data
assert data["message"] == "Cannot find subject user_not_allowed"
def test_authz_true(context):
import moon_authz.server
from python_moonutilities.context import Context
from python_moonutilities.cache import Cache
server = moon_authz.server.create_server()
client = server.app.test_client()
CACHE = Cache()
CACHE.update()
print(CACHE.pdp)
_context = Context(context, CACHE)
req = client.post("/authz", data=pickle.dumps(_context))
assert req.status_code == 200
data = get_data(req.data)
assert data
assert isinstance(data, Context)
policy_id = data.headers[0]
assert policy_id
assert "effect" in data.pdp_set[policy_id]
assert data.pdp_set[policy_id]['effect'] == "grant"
# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
# This software is distributed under the terms and conditions of the 'Apache-2.0'
# license which can be found in the file 'LICENSE' in this package distribution
# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
import logging
import itertools
import pickle
import requests
from python_moonutilities import exceptions
from python_moonutilities.context import Context
from python_moonutilities.cache import Cache
logger = logging.getLogger("moon.interface.authz_requests")
CACHE = Cache()
CACHE.update()
class AuthzRequest:
result = None
final_result = "Deny"
req_max_delay = 2
def __init__(self, ctx, args=None):
self.context = Context(ctx, CACHE)
self.args = args
self.request_id = ctx["request_id"]
if ctx['project_id'] not in CACHE.container_chaining:
raise exceptions.KeystoneProjectError(
# This software is distributed under the terms and conditions of the 'Apache-2.0'
# license which can be found in the file 'LICENSE' in this package distribution
# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
from flask import Flask, jsonify
from flask_restful import Resource, Api
import logging
from moon_wrapper import __version__
from moon_wrapper.api.generic import Status, Logs, API
from moon_wrapper.api.oslowrapper import OsloWrapper
from python_moonutilities.cache import Cache
from python_moonutilities import configuration, exceptions
logger = logging.getLogger("moon.wrapper.http_server")
CACHE = Cache()
__API__ = (Status, Logs, API)
class Server:
"""Base class for HTTP server"""
def __init__(self, host="localhost", port=80, api=None, **kwargs):
"""Run a server
:param host: hostname of the server
:param port: port for the running server
:param kwargs: optional parameters
:return: a running server
"""
self._host = host