def test_get_subject_data_with_invalid_category_id(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "subject-security-level", "description": {"low": "", "medium": "", "high": ""}, } subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id, value=value).get( 'data') subject_data_id = list(subject_data.keys())[0] found_subject_data = data_helper.get_subject_data(policy_id, subject_data_id, "invalid") assert len(found_subject_data) == 0
def test_delete_action_category_with_rule(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( ) policy_helper.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id) with pytest.raises(DeleteActionCategoryWithMetaRule) as exception_info: category_helper.delete_action_category(action_category_id) assert str( exception_info.value) == '400: Action Category With Meta Rule Error'
def test_add_pdp(db): pdp_id = "pdp_id1" subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1", model_name="model1") value = { "name": "test_pdp", "security_pipeline": [policy_id], "keystone_project_id": "keystone_project_id1", "description": "...", } pdp = pdp_helper.add_pdp(pdp_id, value) assert pdp
def test_add_action_assignments(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") action_id = mock_data.create_action(policy_id) data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) action_assignments = assignment_helper.add_action_assignment( policy_id, action_id, action_category_id, data_id) assert action_assignments action_id_1 = list(action_assignments.keys())[0] assert action_assignments[action_id_1]["policy_id"] == policy_id assert action_assignments[action_id_1]["action_id"] == action_id assert action_assignments[action_id_1]["category_id"] == action_category_id assert len(action_assignments[action_id_1].get("assignments")) == 1 assert data_id in action_assignments[action_id_1].get("assignments") with pytest.raises(ActionAssignmentExisting) as exception_info: assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id) assert str(exception_info.value) == '409: Action Assignment Existing' assert str(exception_info.value.description ) == 'The given action assignment value is existing.'
def test_get_object_assignments(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") object_id = mock_data.create_object(policy_id) data_id = mock_data.create_object_data(policy_id=policy_id, category_id=object_category_id) assignment_helper.add_object_assignment(policy_id, object_id, object_category_id, data_id) obj_assignments = assignment_helper.get_object_assignments( policy_id, object_id, object_category_id) object_id_1 = list(obj_assignments.keys())[0] assert obj_assignments[object_id_1]["policy_id"] == policy_id assert obj_assignments[object_id_1]["object_id"] == object_id assert obj_assignments[object_id_1]["category_id"] == object_category_id assert len(obj_assignments[object_id_1].get("assignments")) == 1 assert data_id in obj_assignments[object_id_1].get("assignments")
def test_get_available_metadata(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") metadata = data_helper.get_available_metadata(policy_id=policy_id) assert metadata assert metadata['object'][0] == object_category_id assert metadata['subject'][0] == subject_category_id assert metadata['action'][0] == action_category_id
def test_delete_action_data(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") data_helper.get_available_metadata(policy_id) value = { "name": "action-type", "description": {"vm-action": "", "storage-action": "", }, } action_data = data_helper.add_action_data(policy_id=policy_id, category_id=action_category_id, value=value) data_id = list(action_data["data"])[0] data_helper.delete_action_data(policy_id=policy_id, data_id=data_id) new_action_data = data_helper.get_action_data(policy_id) assert len(new_action_data[0]['data']) == 0
def test_get_action_data_with_invalid_category_id(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") action_data = data_helper.get_action_data(policy_id=policy_id, category_id="invalid") assert len(action_data) == 0
def test_add_action_multiple_times(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id1 = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1", model_name="model1") value = { "name": "test_action", "description": "test", } action = data_helper.add_action(policy_id=policy_id1, value=value) logger.info("action : {}".format(action)) action_id = list(action.keys())[0] perimeter_id = action[action_id].get('id') assert action value = { "name": "test_action", "description": "test", "policy_list": ['policy_id_3', 'policy_id_4'] } subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id2 = mock_data.create_new_policy( subject_category_name="subject_category2", object_category_name="object_category2", action_category_name="action_category2", meta_rule_name="meta_rule_2", model_name="model2") action = data_helper.add_action(policy_id=policy_id2, perimeter_id=perimeter_id, value=value) logger.info("action : {}".format(action)) assert action action_id = list(action.keys())[0] assert len(action[action_id].get('policy_list')) == 2
def test_add_action(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "test_action", "description": "test", } action = data_helper.add_action(policy_id=policy_id, value=value) assert action action_id = list(action.keys())[0] assert len(action[action_id].get('policy_list')) == 1
def test_add_action_twice(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "test_action", "description": "test", } data_helper.add_action(policy_id=policy_id, value=value) with pytest.raises(PolicyExisting) as exception_info: data_helper.add_action(policy_id=policy_id, value=value) assert str(exception_info.value) == '409: Policy Already Exists'
def test_delete_subject_data(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "subject-security-level", "description": {"low": "", "medium": "", "high": ""}, } subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id, value=value).get( 'data') subject_data_id = list(subject_data.keys())[0] data_helper.delete_subject_data(policy_id=subject_data[subject_data_id].get('policy_id'), data_id=subject_data_id) new_subject_data = data_helper.get_subject_data(policy_id) assert len(new_subject_data[0]['data']) == 0
def test_add_subject_data_duplicate(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "subject-security-level", "description": {"low": "", "medium": "", "high": ""}, } subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id, value=value).get( 'data') with pytest.raises(SubjectScopeExisting) as exception_info: subject_data = data_helper.add_subject_data(policy_id=policy_id, category_id=subject_category_id, value=value).get('data') assert str(exception_info.value) == '409: Subject Scope Existing'
def test_add_subject_data_with_no_category_id(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "subject-security-level", "description": {"low": "", "medium": "", "high": ""}, } with pytest.raises(SubjectCategoryUnknown) as exception_info: data_helper.add_subject_data(policy_id=policy_id, data_id=subject_category_id, value=value).get('data') assert str(exception_info.value) == '400: Subject Category Unknown'
def test_delete_subject(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "testuser", "description": "test", } subject = data_helper.add_subject(policy_id=policy_id, value=value) subject_id = list(subject.keys())[0] data_helper.delete_subject(policy_id, subject_id) subjects = data_helper.get_subjects(policy_id, ) assert not subjects
def test_delete_action(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "test_action", "description": "test", } action = data_helper.add_action(policy_id=policy_id, value=value) action_id = list(action.keys())[0] data_helper.delete_action(policy_id, action_id) actions = data_helper.get_actions(policy_id, ) assert not actions
def test_delete_action_with_assignment(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category" + uuid4().hex, object_category_name="object_category" + uuid4().hex, action_category_name="action_category" + uuid4().hex, meta_rule_name="meta_rule_" + uuid4().hex) action_id = mock_data.create_action(policy_id) data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id) with pytest.raises(DeletePerimeterWithAssignment) as exception_info: data_helper.delete_action(policy_id, action_id) assert '400: Perimeter With Assignment Error' == str(exception_info.value)
def test_add_action_data(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "action-type", "description": {"vm-action": "", "storage-action": "", }, } action_data = data_helper.add_action_data(policy_id=policy_id, category_id=action_category_id, value=value) assert action_data assert len(action_data['data']) == 1
def test_add_action_data_with_invalid_category_id(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "action-type", "description": {"vm-action": "", "storage-action": "", }, } with pytest.raises(ActionCategoryUnknown) as exception_info: data_helper.add_action_data(policy_id=policy_id, value=value).get('data') assert str(exception_info.value) == '400: Action Category Unknown'
def test_get_subjects(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "testuser", "description": "test", } data_helper.add_subject(policy_id=policy_id, value=value) subjects = data_helper.get_subjects(policy_id=policy_id) assert subjects assert len(subjects) == 1 subject_id = list(subjects.keys())[0] assert subjects[subject_id].get('policy_list')[0] == policy_id
def test_get_subject_assignments_by_policy_id(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") subject_id = mock_data.create_subject(policy_id) data_id = mock_data.create_subject_data(policy_id=policy_id, category_id=subject_category_id) assignment_helper.add_subject_assignment(policy_id, subject_id, subject_category_id, data_id) subj_assignments = assignment_helper.get_subject_assignments(policy_id) assert len(subj_assignments) == 1
def test_get_subjects_with_invalid_policy_id(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "testuser", "description": "test", } data_helper.add_subject(policy_id=policy_id, value=value) with pytest.raises(PolicyUnknown) as exception_info: data_helper.get_subjects(policy_id="invalid") assert str(exception_info.value) == '400: Policy Unknown'
def test_delete_action_assignment(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") action_id = mock_data.create_action(policy_id) data_id = mock_data.create_action_data(policy_id=policy_id, category_id=action_category_id) assignment_helper.add_action_assignment(policy_id, action_id, action_category_id, data_id) assignment_helper.delete_action_assignment(policy_id, "", "", "") assignments = assignment_helper.get_action_assignments(policy_id, ) assert len(assignments) == 1
def test_add_subject_with_same_policy_twice(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "testuser", "description": "test", } subject = data_helper.add_subject(policy_id=policy_id, value=value) assert subject subject_id = list(subject.keys())[0] assert len(subject[subject_id].get('policy_list')) == 1 with pytest.raises(PolicyExisting) as exception_info: data_helper.add_subject(policy_id=policy_id, value=value) assert str(exception_info.value) == '409: Policy Already Exists'
def test_delete_object_category_with_assignment(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( ) object_id = mock_data.create_object(policy_id) data_id = mock_data.create_object_data(policy_id, object_category_id) assignment_helper.add_object_assignment(policy_id, object_id, object_category_id, data_id) with pytest.raises(DeleteObjectCategoryWithMetaRule) as exception_info: category_helper.delete_object_category(object_category_id) assert str( exception_info.value) == '400: Object Category With Meta Rule Error'
def test_add_subjects_multiple_times(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1", model_name="model1") value = { "name": "testuser", "description": "test", } subject = data_helper.add_subject(policy_id=policy_id, value=value) subject_id = list(subject.keys())[0] perimeter_id = subject[subject_id].get('id') assert subject value = { "name": "testuser", "description": "test", } subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category2", object_category_name="object_category2", action_category_name="action_category2", meta_rule_name="meta_rule_2", model_name="model2") subject = data_helper.add_subject(policy_id=policy_id, perimeter_id=perimeter_id, value=value) assert subject subject_id = list(subject.keys())[0] assert len(subject[subject_id].get('policy_list')) == 2
def test_delete_data_categories_connected_to_meta_rule(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( ) with pytest.raises(DeleteSubjectCategoryWithMetaRule) as exception_info: category_helper.delete_subject_category(subject_category_id) assert str( exception_info.value) == '400: Subject Category With Meta Rule Error' with pytest.raises(DeleteObjectCategoryWithMetaRule) as exception_info: category_helper.delete_object_category(object_category_id) assert str( exception_info.value) == '400: Object Category With Meta Rule Error' with pytest.raises(DeleteActionCategoryWithMetaRule) as exception_info: category_helper.delete_action_category(action_category_id) assert str( exception_info.value) == '400: Action Category With Meta Rule Error'
def test_add_action_data_duplicate(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "action-type", "description": {"vm-action": "", "storage-action": "", }, } action_data = data_helper.add_action_data(policy_id=policy_id, category_id=action_category_id, value=value) with pytest.raises(ActionScopeExisting) as exception_info: action_data = data_helper.add_action_data(policy_id=policy_id, category_id=action_category_id, value=value) assert str(exception_info.value) == '409: Action Scope Existing'
def test_add_pdp_twice_with_same_id(db): pdp_id = "pdp_id1" subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1", model_name="model1") value = { "name": "test_pdp", "security_pipeline": [policy_id], "keystone_project_id": "keystone_project_id1", "description": "...", } pdp_helper.add_pdp(pdp_id, value) with pytest.raises(Exception) as exception_info: pdp_helper.add_pdp(pdp_id, value) assert str(exception_info.value) == '409: Pdp Error'
def test_add_object_data(db): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy( subject_category_name="subject_category1", object_category_name="object_category1", action_category_name="action_category1", meta_rule_name="meta_rule_1") value = { "name": "object-security-level", "description": {"low": "", "medium": "", "high": ""}, } object_data = data_helper.add_object_data(policy_id=policy_id, category_id=object_category_id, value=value).get( 'data') assert object_data object_data_id = list(object_data.keys())[0] assert object_data[object_data_id].get('policy_id') == policy_id