def test_add_policies_with_same_name(): name = uuid4().hex policy_name = name client = utilities.register_client() req, policies = add_policies(client, policy_name) assert req.status_code == 200 assert isinstance(policies, dict) value = list(policies["policies"].values())[0] assert "policies" in policies assert value['name'] == policy_name assert value["description"] == "description of {}".format(policy_name) client = utilities.register_client() req, policies = add_policies(client, policy_name) assert req.status_code == 409 assert json.loads(req.data)["message"] == '409: Policy Already Exists'
def test_add_three_meta_rules_with_different_combination_but_similar_items(): client = utilities.register_client() meta_rule_name1 = uuid4().hex req, meta_rules = add_meta_rules(client, meta_rule_name1) assert req.status_code == 200 for meta_rule_id in meta_rules['meta_rules']: if meta_rules['meta_rules'][meta_rule_id]['name'] == meta_rule_name1: data = meta_rules['meta_rules'][meta_rule_id] break meta_rule_name2 = uuid4().hex req, meta_rules = add_meta_rules(client, meta_rule_name2) for meta_rule_id in meta_rules['meta_rules']: if meta_rules['meta_rules'][meta_rule_id]['name'] == meta_rule_name2: data['subject_categories'] += meta_rules['meta_rules'][ meta_rule_id]['subject_categories'] data['object_categories'] += meta_rules['meta_rules'][ meta_rule_id]['object_categories'] data['action_categories'] += meta_rules['meta_rules'][ meta_rule_id]['action_categories'] break data['name'] = uuid4().hex req, meta_rules = add_meta_rules(client, name=data['name'], data=data) assert req.status_code == 200
def test_get_subject_assignment(): client = utilities.register_client() policy_id = builder.get_policy_id_with_subject_assignment() req, subject_assignment = get_subject_assignment(client, policy_id) assert req.status_code == 200 assert isinstance(subject_assignment, dict) assert "subject_assignments" in subject_assignment
def test_add_model_with_name_contain_space(): clean_models() client = utilities.register_client() req, models = add_models(client, "test<br>user") assert req.status_code == 400 assert json.loads( req.data)["message"] == "Key: 'name', [Forbidden characters in string]"
def clean_models(): client = utilities.register_client() req, models = get_models(client) for key, value in models['models'].items(): print(key) print(value) client.delete("/models/{}".format(key))
def test_import_subject_object_action_categories(): client = utilities.register_client() type_elements = ["subject", "object", "action"] for type_element in type_elements: import_export_utilities.clean_all(client) counter = -1 # set the getters and the comparison values if type_element == "subject": elements = SUBJECT_CATEGORIES get_method = test_categories.get_subject_categories elif type_element == "object": elements = OBJECT_CATEGORIES get_method = test_categories.get_object_categories else: elements = ACTION_CATEGORIES get_method = test_categories.get_action_categories for element in elements: req = client.post("/import", content_type='application/json', data=json.dumps(element)) counter = counter + 1 data = utilities.get_json(req.data) assert data == "Import ok !" req, get_elements = get_method(client) get_elements = get_elements[type_element + "_categories"] assert len(list(get_elements.keys())) == 1 values = list(get_elements.values()) assert values[0]["name"] == "test " + type_element + " categories" assert values[0][ "description"] == type_element + " category description"
def test_export_subject_object_action(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(SUBJECTS_OBJECTS_ACTIONS)) data = utilities.get_json(req.data) assert data == "Import ok !" req = client.get("/export") assert req.status_code == 200 data = utilities.get_json(req.data) assert "content" in data type_elements = ["subject", "object", "action"] for type_element in type_elements: key = type_element + "s" assert key in data["content"] assert isinstance(data["content"][key], list) assert len(data["content"][key]) == 1 element = data["content"][key][0] if type_element == "subject": assert element["name"] == "testuser" else: assert element["name"] == "test "+ type_element assert element["description"] == "description of the " + type_element assert "policies" in element assert isinstance(element["policies"], list) assert len(element["policies"]) == 1 assert isinstance(element["policies"][0], dict) assert element["policies"][0]["name"] == "test policy" assert isinstance(element["extra"], dict) key_dict = "field_extra_" + type_element value_dict = "value extra " + type_element assert key_dict in element["extra"] assert element["extra"][key_dict] == value_dict
def test_get_subject_data(): policy_id = utilities.get_policy_id() client = utilities.register_client() req, subject_data = get_subject_data(client, policy_id) assert req.status_code == 200 assert isinstance(subject_data, dict) assert "subject_data" in subject_data
def test_get_action_data(): policy_id = utilities.get_policy_id() client = utilities.register_client() req, action_data = get_action_data(client, policy_id) assert req.status_code == 200 assert isinstance(action_data, dict) assert "action_data" in action_data
def test_perimeter_delete_object(): client = utilities.register_client() policies = policy_helper.add_policies() policy_id = list(policies.keys())[0] object_id = builder.create_object(policy_id) req = client.delete("/policies/{}/objects/{}".format(policy_id, object_id)) assert req.status_code == 200
def test_export_assignments(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(ASSIGNMENTS)) data = utilities.get_json(req.data) assert data == "Import ok !" req = client.get("/export") assert req.status_code == 200 data = utilities.get_json(req.data) assert "content" in data type_elements = ["subject", "object", "action"] for type_element in type_elements: key = type_element + "_assignments" assert key in data["content"] assert isinstance(data["content"][key], list) assert len(data["content"][key]) == 1 assignment_elt = data["content"][key][0] assert type_element in assignment_elt assert isinstance(assignment_elt[type_element], dict) if type_element == "subject": assert assignment_elt[type_element]["name"] == "testuser" else: assert assignment_elt[type_element]["name"] == "test " + type_element + " e0" assert "category" in assignment_elt assert isinstance(assignment_elt["category"], dict) assert assignment_elt["category"]["name"] == "test " + type_element + " categories" assert "assignments" in assignment_elt assert isinstance(assignment_elt["assignments"], list) assert len(assignment_elt["assignments"]) == 1 assert assignment_elt["assignments"][0]["name"] == "test " + type_element + " data" import_export_utilities.clean_all(client)
def test_perimeter_add_same_subject_perimeter_id_with_new_policy_id(): client = utilities.register_client() policies1 = policy_helper.add_policies() policy_id1 = list(policies1.keys())[0] name = "testuser" perimeter_id = uuid4().hex data = { "name": name + uuid4().hex, "description": "description of {}".format(name), "password": "******".format(name), "email": "{}@moon".format(name) } add_subjects(client, policy_id1, data['name'], perimeter_id=perimeter_id, data=data) policies2 = policy_helper.add_policies() policy_id2 = list(policies2.keys())[0] req, subjects = add_subjects(client, policy_id2, data['name'], perimeter_id=perimeter_id, data=data) value = list(subjects["subjects"].values())[0] assert req.status_code == 200 assert value["name"] assert value["email"] assert len(value['policy_list']) == 2 assert policy_id1 in value['policy_list'] assert policy_id2 in value['policy_list']
def test_perimeter_update_object_name_with_existed_one(): client = utilities.register_client() name = 'testuser' + uuid4().hex policies1 = policy_helper.add_policies() policy_id1 = list(policies1.keys())[0] data1 = { "name": name, "description": "description of {}".format('testuser'), } req, objects = add_objects(client, 'testuser', policyId=policy_id1, data=data1) value1 = list(objects["objects"].values())[0] name = 'testuser' + uuid4().hex data2 = { "name": name, "description": "description of {}".format('testuser'), } req, objects = add_objects(client, 'testuser', policyId=policy_id1, data=data2) value2 = list(objects["objects"].values())[0] perimeter_id2 = value2['id'] data3 = {'name': value1['name']} req = client.patch("/objects/{}".format(perimeter_id2), data=json.dumps(data3), headers={'Content-Type': 'application/json'}) assert req.status_code == 409 assert json.loads(req.data)["message"] == '409: Object Existing'
def test_get_action_assignment(): policy_id = builder.get_policy_id_with_action_assignment() client = utilities.register_client() req, action_assignment = get_action_assignment(client, policy_id) assert req.status_code == 200 assert isinstance(action_assignment, dict) assert "action_assignments" in action_assignment
def test_perimeter_update_object_description_and_name(): client = utilities.register_client() name = 'testuser' + uuid4().hex policies1 = policy_helper.add_policies() policy_id1 = list(policies1.keys())[0] data = { "name": name, "description": "description of {}".format('testuser'), } req, objects = add_objects(client, 'testuser', policyId=policy_id1, data=data) value1 = list(objects["objects"].values())[0] perimeter_id = value1['id'] data = { 'name': value1['name'] + "update", 'description': value1['description'] + "update" } req = client.patch("/objects/{}".format(perimeter_id), data=json.dumps(data), headers={'Content-Type': 'application/json'}) objects = utilities.get_json(req.data) value2 = list(objects["objects"].values())[0] assert req.status_code == 200 assert value1['name'] + 'update' == value2['name'] assert value1['id'] == value2['id'] assert value1['description'] + 'update' == value2['description']
def test_perimeter_add_same_subject_name_with_same_policy_id(): client = utilities.register_client() policies1 = policy_helper.add_policies() policy_id1 = list(policies1.keys())[0] perimeter_id = uuid4().hex name = "testuser" + uuid4().hex data = { "name": name, "description": "description of {}".format(name), "password": "******".format(name), "email": "{}@moon".format(name) } req, subjects = add_subjects(client, policy_id1, None, perimeter_id=perimeter_id, data=data) value = list(subjects["subjects"].values())[0] data = { "name": value['name'], "description": "description of {}".format(value['name']), "password": "******".format(value['name']), "email": "{}@moon".format(value['name']) } req, subjects = add_subjects(client, policy_id1, None, data=data) assert req.status_code == 409 assert json.loads(req.data)["message"] == '409: Policy Already Exists'
def test_perimeter_update_subject_wrong_id(): client = utilities.register_client() name = 'testuser' + uuid4().hex policies1 = policy_helper.add_policies() policy_id1 = list(policies1.keys())[0] data = { "name": name, "description": "description of {}".format('testuser'), } req, subjects = add_subjects(client, policy_id=policy_id1, name='testuser', data=data) value1 = list(subjects["subjects"].values())[0] perimeter_id = value1['id'] data = { 'name': value1['name'] + "update", 'description': value1['description'] + "update" } req = client.patch("/subjects/{}".format(perimeter_id + "wrong"), data=json.dumps(data), headers={'Content-Type': 'application/json'}) assert req.status_code == 400 assert json.loads( req.data)["message"] == '400: Perimeter content is invalid.'
def test_import_policies(): client = utilities.register_client() import_export_utilities.clean_all(client) counter = -1 for policy_description in POLICIES: counter = counter + 1 req = client.post("/import", content_type='application/json', data=json.dumps(policy_description)) try: data = utilities.get_json(req.data) assert data == "Import ok !" except Exception: assert counter == 2 # this is an expected failure continue req, policies = test_policies.get_policies(client) policies = policies["policies"] assert len(list(policies.keys())) == 1 values = list(policies.values()) assert values[0]["name"] == "test policy" if counter < 3: assert values[0]["genre"] == "authz" assert values[0]["description"] == "description" else: assert values[0]["genre"] == "not authz ?" assert values[0]["description"] == "changes taken into account" assert len(values[0]["model_id"]) > 0 import_export_utilities.clean_all(client)
def test_update_meta_rules_without_name(): client = utilities.register_client() req_update = update_model(client, "<a></a>", "1234567") assert req_update[0].status_code == 400 assert json.loads( req_update[0].data )["message"] == "Key: 'name', [Forbidden characters in string]"
def test_import_rules(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(PRE_ASSIGNMENTS)) data = utilities.get_json(req.data) assert data == "Import ok !" counter = -1 for rule in RULES: counter = counter + 1 req = client.post("/import", content_type='application/json', data=json.dumps(rule)) if counter < 5: assert req.status_code == 500 continue assert req.status_code == 200 req, rules = test_rules.test_get_rules() rules = rules["rules"] rules = rules["rules"] assert len(rules) == 1 rules = rules[0] assert rules["enabled"] assert rules["instructions"]["decision"] == "grant" req, meta_rules = test_meta_rules.get_meta_rules(client) assert meta_rules["meta_rules"][list( meta_rules["meta_rules"].keys())[0]]["name"] == "good meta rule"
def test_update_policies_with_blank_model(): policy_name = "testuser" + uuid4().hex client = utilities.register_client() req = model_helper.add_model(model_id="mls_model_id" + uuid4().hex) model_id = list(req.keys())[0] data = { "name": policy_name, "description": "description of {}".format(policy_name), "model_id": model_id, "genre": "genre" } req = client.post("/policies/", data=json.dumps(data), headers={'Content-Type': 'application/json'}) policy_id = next(iter(utilities.get_json(req.data)['policies'])) data = { "name": policy_name, "description": "description of {}".format(policy_name), "model_id": "", "genre": "genre" } req = client.patch("/policies/{}".format(policy_id), data=json.dumps(data), headers={'Content-Type': 'application/json'}) assert req.status_code == 200
def test_update_meta_rules(): client = utilities.register_client() req = add_meta_rules(client, "testuser") meta_rule_id = list(req[1]['meta_rules'])[0] req_update = update_meta_rules(client, "testuser", meta_rule_id) assert req_update[0].status_code == 200 delete_meta_rules(client, "testuser") get_meta_rules(client)
def test_delete_policy_with_dependencies_subject_data(): client = utilities.register_client() req, rules, policy_id = data_builder.add_rules(client) req = client.delete("/policies/{}/rules/{}".format(policy_id, next(iter(rules['rules'])))) assert req.status_code == 200 req = client.delete("/policies/{}".format(policy_id)) assert req.status_code == 400 assert json.loads(req.data)["message"] == '400: Policy With Data Error'
def test_delete_policies(): client = utilities.register_client() policy = policy_helper.add_policies() policy_id = list(policy.keys())[0] req = client.delete("/policies/{}".format(policy_id)) assert req.status_code == 200
def test_delete_subject_data(): client = utilities.register_client() subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy( ) data_id = builder.create_subject_data(policy_id, subject_category_id) success_req = delete_subject_data(client, policy_id, subject_category_id, data_id) assert success_req.status_code == 200
def test_add_subject_categories_with_existed_name(): client = utilities.register_client() name = uuid4().hex req, subject_categories = add_subject_categories(client, name) assert req.status_code == 200 req, subject_categories = add_subject_categories(client, name) assert req.status_code == 409 assert json.loads(req.data)["message"] == '409: Subject Category Existing'
def test_update_model_with_empty_name(): clean_models() client = utilities.register_client() req = add_models(client, "testuser") model_id = list(req[1]['models'])[0] req_update = update_model(client, "", model_id) assert req_update[0].status_code == 400 assert req_update[1]['message'] == '400: Model Unknown'
def test_get_rules(): policy_id = utilities.get_policy_id() client = utilities.register_client() req, rules = get_rules(client, policy_id) assert req.status_code == 200 assert isinstance(rules, dict) assert "rules" in rules return req, rules
def test_add_meta_rule_with_existing_name_error(): client = utilities.register_client() name = uuid4().hex req, meta_rules = add_meta_rules(client, name) assert req.status_code == 200 req, meta_rules = add_meta_rules(client, name) assert req.status_code == 409 assert json.loads(req.data)["message"] == '409: Meta Rule Existing'
def test_perimeter_delete_subject(): client = utilities.register_client() policies = policy_helper.add_policies() policy_id = list(policies.keys())[0] req, subjects = add_subjects(client, policy_id, "testuser") subject_id = list(subjects["subjects"].values())[0]["id"] req = client.delete("/policies/{}/subjects/{}".format( policy_id, subject_id)) assert req.status_code == 200