def test_make_data_policy_action(data_policy_actions_dict, tagger): action_type = data_policy_actions_dict[0]["type"] rules_config = data_policy_actions_dict[0]["rules"] rule1 = rules_config[0] rule1_conditions = rule1["exceptions"]["conditions"] rule1_iam_groups = rule1_conditions[0]["iam_groups"] rule2 = rules_config[1] rule2_conditions = rule2["exceptions"]["conditions"] rule2_iam_groups = (rule2_conditions[0]["iam_groups"] + rule2_conditions[1]["iam_groups"]) expected_action = pol.MaskingAction( type=action_type, rules=[ pol.PolicyRule( type=rule1["type"], exceptions=pol.make_policy_exceptions( iam_groups=rule1_iam_groups, operator=rule1["exceptions"]["operator"], ), config=pol.MaskingRuleConfig( fields=[ pol.ColumnTag( name=rule1["config"]["fields"]["tags"][0], hasLeafNodes=tagger.is_root_tag( rule1["config"]["fields"]["tags"][0]), ) ], maskingConfig=pol.MaskingConfig(type="Consistent Value"), ), ), pol.PolicyRule( type=rule2["type"], exceptions=pol.make_policy_exceptions( iam_groups=rule2_iam_groups, operator=rule2["exceptions"]["operator"], ), config=pol.MaskingRuleConfig( fields=[ pol.ColumnTag( name=rule2["config"]["fields"]["tags"][0], hasLeafNodes=tagger.is_root_tag( rule2["config"]["fields"]["tags"][0]), ), pol.ColumnTag( name=rule2["config"]["fields"]["tags"][1], hasLeafNodes=tagger.is_root_tag( rule2["config"]["fields"]["tags"][1]), ), ], maskingConfig=pol.MaskingConfig(type="Consistent Value"), ), ), ], ) action = pol.make_data_policy_action( action_type=action_type, rules_config=rules_config, tagger=tagger, ) assert action == expected_action
def test_make_policy_rule(data_policy_actions_dict, tagger): example_rule = data_policy_actions_dict[0]["rules"][0] rule_type = example_rule["type"] config_field_tags = example_rule["config"]["fields"]["tags"] exceptions_config = example_rule["exceptions"] iam_groups = exceptions_config["conditions"][0]["iam_groups"] operator = exceptions_config["operator"] expected_rule = pol.PolicyRule( type=rule_type, exceptions=pol.make_policy_exceptions(iam_groups=iam_groups, operator=operator), config=pol.MaskingRuleConfig( fields=[ pol.ColumnTag( name=config_field_tags[0], hasLeafNodes=tagger.is_root_tag(config_field_tags[0]), ) ], maskingConfig=pol.MaskingConfig(type="Consistent Value"), ), ) rule = pol.make_policy_rule( rule_type=rule_type, exceptions_config=exceptions_config, config_field_tags=config_field_tags, tagger=tagger, ) assert rule == expected_rule
def test_build_policy_circumstance(data_policy_circumstances_dict, tagger): circumstance_type = data_policy_circumstances_dict[0]["type"] tags = data_policy_circumstances_dict[0]["tags"] expected_circumstance = pol.ColumnTagCircumstance( operator="or", columnTag=pol.ColumnTag(name=tags[0], hasLeafNodes=tagger.is_root_tag(tags[0])), ) circumstance = pol.build_policy_circumstance( tag=tags[0], tagger=tagger, circumstance_type=circumstance_type, ) assert circumstance == expected_circumstance