def test_update_pdp():
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
subject_category_name="subject_category1" + uuid4().hex,
object_category_name="object_category1" + uuid4().hex,
action_category_name="action_category1" + uuid4().hex,
meta_rule_name="meta_rule_1" + uuid4().hex,
model_name="model1" + uuid4().hex)
data_add = {
"name": "testuser",
"security_pipeline": [policy_id],
"keystone_project_id": "keystone_project_id",
"description": "description of testuser"
}
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id_update = builder.create_new_policy(
subject_category_name="subject_category1" + uuid4().hex,
object_category_name="object_category1" + uuid4().hex,
action_category_name="action_category1" + uuid4().hex,
meta_rule_name="meta_rule_1" + uuid4().hex,
model_name="model1" + uuid4().hex)
data_update = {
"name": "testuser",
"security_pipeline": [policy_id_update],
"keystone_project_id": "keystone_project_id_update",
"description": "description of testuser"
}
client = utilities.register_client()
req = add_pdp(client, data_add)
pdp_id = list(req[1]['pdps'])[0]
req_update = update_pdp(client, data_update, pdp_id)
assert req_update[0].status_code == 200
value = list(req_update[1]["pdps"].values())[0]
assert value["keystone_project_id"] == "keystone_project_id_update"
request, pdp = get_pdp(client)
for key, value in pdp['pdps'].items():
if value['name'] == "testuser":
delete_pdp(client, key)
break
def test_add_pdp():
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
subject_category_name="subject_category1" + uuid4().hex,
object_category_name="object_category1" + uuid4().hex,
action_category_name="action_category1" + uuid4().hex,
meta_rule_name="meta_rule_1" + uuid4().hex,
model_name="model1" + uuid4().hex)
data = {
"name": "testuser",
"security_pipeline": [policy_id],
"keystone_project_id": "keystone_project_id",
"description": "description of testuser"
}
client = utilities.register_client()
req, pdp = add_pdp(client, data)
assert req.status_code == 200
assert isinstance(pdp, dict)
value = list(pdp["pdps"].values())[0]
assert "pdps" in pdp
assert value['name'] == "testuser"
assert value["description"] == "description of {}".format("testuser")
assert value["keystone_project_id"] == "keystone_project_id"
def add_action_assignment(client):
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
subject_category_name="subject_category1" + uuid4().hex,
object_category_name="object_category1" + uuid4().hex,
action_category_name="action_category1" + uuid4().hex,
meta_rule_name="meta_rule_1" + uuid4().hex)
action_id = builder.create_action(policy_id)
data_id = builder.create_action_data(policy_id=policy_id,
category_id=action_category_id)
data = {
"id": action_id,
"category_id": action_category_id,
"data_id": data_id
}
req = client.post("/policies/{}/action_assignments".format(policy_id),
data=json.dumps(data),
headers={'Content-Type': 'application/json'})
action_assignment = utilities.get_json(req.data)
return req, action_assignment
def add_actions(client, name, policy_id=None, data=None, perimeter_id=None):
if not policy_id:
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
subject_category_name="subject_category1" + uuid4().hex,
object_category_name="object_category1" + uuid4().hex,
action_category_name="action_category1" + uuid4().hex,
meta_rule_name="meta_rule_1" + uuid4().hex,
model_name="model1" + uuid4().hex)
if not data:
data = {
"name": name + uuid4().hex,
"description": "description of {}".format(name),
}
if not perimeter_id:
req = client.post("/policies/{}/actions/".format(policy_id),
data=json.dumps(data),
headers={'Content-Type': 'application/json'})
else:
req = client.post("/policies/{}/actions/{}".format(
policy_id, perimeter_id),
data=json.dumps(data),
headers={'Content-Type': 'application/json'})
actions = utilities.get_json(req.data)
return req, actions
def test_delete_subject_data():
client = utilities.register_client()
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
)
data_id = builder.create_subject_data(policy_id, subject_category_id)
success_req = delete_subject_data(client, policy_id, subject_category_id,
data_id)
assert success_req.status_code == 200
def add_subject_data(client, name):
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
subject_category_name="subject_category1" + uuid4().hex,
object_category_name="object_category1" + uuid4().hex,
action_category_name="action_category1" + uuid4().hex,
meta_rule_name="meta_rule_1" + uuid4().hex)
data = {"name": name, "description": "description of {}".format(name)}
req = client.post("/policies/{}/subject_data/{}".format(
policy_id, subject_category_id),
data=json.dumps(data),
headers={'Content-Type': 'application/json'})
subject_data = utilities.get_json(req.data)
return req, subject_data
def test_delete_rules_without_policy_id():
client = utilities.register_client()
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy(
)
sub_data_id = builder.create_subject_data(policy_id, subject_category_id)
obj_data_id = builder.create_object_data(policy_id, object_category_id)
act_data_id = builder.create_action_data(policy_id, action_category_id)
data = {
"meta_rule_id": meta_rule_id,
"rule": [sub_data_id, obj_data_id, act_data_id],
"instructions": ({
"decision": "grant"
}, ),
"enabled": True
}
client.post("/policies/{}/rules".format(policy_id),
data=json.dumps(data),
headers={'Content-Type': 'application/json'})
req, added_rules = get_rules(client, policy_id)
id = list(added_rules["rules"]["rules"])[0]["id"]
rules = delete_rules(client, None, id)
assert rules.status_code == 200
