def test_delete_policies(db):
model = model_helper.add_model(model_id=uuid4().hex)
model_id = next(iter(model))
policy_name1 = uuid4().hex
value = {
"name": policy_name1,
"model_id": model_id,
"genre": "authz",
"description": "test",
}
policies = policy_helper.add_policies(value=value)
policy_id1 = list(policies.keys())[0]
policy_name2 = uuid4().hex
value = {
"name": policy_name2,
"model_id": model_id,
"genre": "authz",
"description": "test",
}
policies = policy_helper.add_policies(value=value)
policy_id2 = list(policies.keys())[0]
assert policy_id1 != policy_id2
policy_helper.delete_policies(policy_id1)
policies = policy_helper.get_policies()
assert policy_id1 not in policies
def test_delete_policies_with_rule(db):
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
rules = policy_helper.add_rule(policy_id, meta_rule_id)
with pytest.raises(DeletePolicyWithRules) as exception_info:
policy_helper.delete_policies(policy_id)
assert '400: Policy With Rule Error' == str(exception_info.value)
def test_delete_policies_with_action_assignment(db):
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy()
action_id = mock_data.create_action(policy_id)
data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id)
assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id)
with pytest.raises(DeletePolicyWithPerimeter) as exception_info:
policy_helper.delete_policies(policy_id)
assert '400: Policy With Perimeter Error' == str(exception_info.value)
def test_delete_policies_with_action_perimeter(db):
policies = policy_helper.add_policies()
policy_id1 = list(policies.keys())[0]
value = {
"name": "test_act",
"security_pipeline": [policy_id1],
"keystone_project_id": "keystone_project_id1",
"description": "...",
}
data_helper.add_action(policy_id=policy_id1, value=value)
with pytest.raises(DeletePolicyWithPerimeter) as exception_info:
policy_helper.delete_policies(policy_id1)
assert '400: Policy With Perimeter Error' == str(exception_info.value)
def test_delete_policies_with_pdp(db):
policies = policy_helper.add_policies()
policy_id1 = list(policies.keys())[0]
pdp_id = "pdp_id1"
value = {
"name": "test_pdp",
"security_pipeline": [policy_id1],
"keystone_project_id": "keystone_project_id1",
"description": "...",
}
pdp_helper.add_pdp(pdp_id=pdp_id, value=value)
with pytest.raises(DeletePolicyWithPdp) as exception_info:
policy_helper.delete_policies(policy_id1)
assert str(exception_info.value) == '400: Policy With PDP Error'
assert 'Cannot delete policy with pdp' == exception_info.value.description
def test_delete_policies_with_invalid_id(db):
policy_id = 'policy_id_1'
with pytest.raises(PolicyUnknown) as exception_info:
policy_helper.delete_policies(policy_id)
