def setUp(self):
"""Set up the group viewset tests."""
super().setUp()
request = self.request_context['request']
user = User()
user.username = self.user_data['username']
user.account = self.customer_data['account_id']
request.user = user
self.dummy_role_id = uuid4()
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data['username'])
self.principal.save()
self.principalB = Principal(username='******')
self.principalB.save()
self.principalC = Principal(
username='******')
self.principalC.save()
self.group = Group(name='groupA')
self.group.save()
self.role = Role.objects.create(name='roleA',
description='A role for a group.')
self.policy = Policy.objects.create(name='policyA',
group=self.group)
self.policy.roles.add(self.role)
self.policy.save()
self.group.policies.add(self.policy)
self.group.principals.add(self.principal, self.principalB)
self.group.save()
self.defGroup = Group(name='groupDef',
platform_default=True,
system=True)
self.defGroup.save()
self.defGroup.principals.add(self.principal)
self.defGroup.save()
self.emptyGroup = Group(name='groupE')
self.emptyGroup.save()
self.groupB = Group.objects.create(name='groupB')
self.groupB.principals.add(self.principal)
self.policyB = Policy.objects.create(name='policyB',
group=self.groupB)
self.roleB = Role.objects.create(name='roleB')
self.policyB.roles.add(self.roleB)
self.policyB.save()
# role that's not assigned to principal
self.roleOrphan = Role.objects.create(name='roleOrphan')
# group that associates with multipal roles
self.groupMultiRole = Group.objects.create(name='groupMultiRole')
self.policyMultiRole = Policy.objects.create(
name='policyMultiRole')
self.policyMultiRole.roles.add(self.role)
self.policyMultiRole.roles.add(self.roleB)
self.groupMultiRole.policies.add(self.policyMultiRole)
def setUp(self):
"""Set up the group viewset tests."""
super().setUp()
request = self.request_context["request"]
user = User()
user.username = self.user_data["username"]
user.account = self.customer_data["account_id"]
request.user = user
self.dummy_role_id = uuid4()
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data["username"])
self.principal.save()
self.principalB = Principal(username="******")
self.principalB.save()
self.principalC = Principal(
username="******")
self.principalC.save()
self.group = Group(name="groupA")
self.group.save()
self.role = Role.objects.create(name="roleA",
description="A role for a group.")
self.policy = Policy.objects.create(name="policyA",
group=self.group)
self.policy.roles.add(self.role)
self.policy.save()
self.group.policies.add(self.policy)
self.group.principals.add(self.principal, self.principalB)
self.group.save()
self.defGroup = Group(name="groupDef",
platform_default=True,
system=True)
self.defGroup.save()
self.defGroup.principals.add(self.principal)
self.defGroup.save()
self.emptyGroup = Group(name="groupE")
self.emptyGroup.save()
self.groupB = Group.objects.create(name="groupB")
self.groupB.principals.add(self.principal)
self.policyB = Policy.objects.create(name="policyB",
group=self.groupB)
self.roleB = Role.objects.create(name="roleB")
self.policyB.roles.add(self.roleB)
self.policyB.save()
# role that's not assigned to principal
self.roleOrphan = Role.objects.create(name="roleOrphan")
# group that associates with multipal roles
self.groupMultiRole = Group.objects.create(name="groupMultiRole")
self.policyMultiRole = Policy.objects.create(
name="policyMultiRole")
self.policyMultiRole.roles.add(self.role)
self.policyMultiRole.roles.add(self.roleB)
self.groupMultiRole.policies.add(self.policyMultiRole)
def setUp(self):
"""Set up the internal viewset tests."""
super().setUp()
self.client = APIClient()
self.customer = self._create_customer_data()
self.internal_request_context = self._create_request_context(
self.customer, self.user_data, create_customer=False, is_internal=True, create_tenant=True
)
self.request = self.internal_request_context["request"]
user = User()
user.username = self.user_data["username"]
user.account = self.customer_data["account_id"]
self.request.user = user
with tenant_context(self.tenant):
self.group = Group(name="System Group", system=True)
self.group.save()
self.role = Role.objects.create(name="System Role", description="A role for a group.", system=True)
self.policy = Policy.objects.create(name="System Policy", group=self.group)
self.policy.roles.add(self.role)
self.policy.save()
self.group.policies.add(self.policy)
self.group.save()
def setUp(self):
"""Set up the access view tests."""
super().setUp()
request = self.request_context["request"]
user = User()
user.username = self.user_data["username"]
user.account = self.customer_data["account_id"]
request.user = user
self.access_data = {
"permission":
"app:*:*",
"resourceDefinitions": [{
"attributeFilter": {
"key": "key1",
"operation": "equal",
"value": "value1"
}
}],
}
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data["username"])
self.principal.save()
self.admin_principal = Principal(username="******")
self.admin_principal.save()
self.group = Group(name="groupA")
self.group.save()
self.group.principals.add(self.principal)
self.group.save()
def setUp(self):
"""Set up the access view tests."""
super().setUp()
request = self.request_context['request']
user = User()
user.username = self.user_data['username']
user.account = self.customer_data['account_id']
request.user = user
self.access_data = {
'permission':
'app:*:*',
'resourceDefinitions': [{
'attributeFilter': {
'key': 'key1',
'operation': 'equal',
'value': 'value1'
}
}]
}
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data['username'])
self.principal.save()
self.admin_principal = Principal(username="******")
self.admin_principal.save()
self.group = Group(name='groupA')
self.group.save()
self.group.principals.add(self.principal)
self.group.save()
def setUp(self):
"""Set up the role viewset tests."""
super().setUp()
request = self.request_context['request']
user = User(username=self.user_data['username'],
tenant=self.tenant)
user.save()
request.user = user
sys_role_config = {
'name': 'system_role',
'system': True
}
def_role_config = {
'name': 'default_role',
'platform_default': True
}
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data['username'])
self.principal.save()
self.group = Group(name='groupA')
self.group.save()
self.group.principals.add(self.principal)
self.group.save()
self.sysRole = Role(**sys_role_config)
self.sysRole.save()
self.defRole = Role(**def_role_config)
self.defRole.save()
def setUp(self):
"""Set up the group view nonadmin tests."""
super().setUp()
self.user_data = self._create_user_data()
self.customer = self._create_customer_data()
self.request_context = self._create_request_context(self.customer,
self.user_data,
is_org_admin=False)
request = self.request_context["request"]
self.headers = request.META
self.access_data = {
"permission":
"app:*:*",
"resourceDefinitions": [{
"attributeFilter": {
"key": "key1",
"operation": "equal",
"value": "value1"
}
}],
}
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data["username"])
self.principal.save()
self.admin_principal = Principal(username="******")
self.admin_principal.save()
self.group = Group(name="groupA")
self.group.save()
self.group.principals.add(self.principal)
self.group.save()
def setUp(self):
"""Set up the group view nonadmin tests."""
super().setUp()
self.user_data = self._create_user_data()
self.customer = self._create_customer_data()
self.request_context = self._create_request_context(self.customer,
self.user_data,
is_org_admin=False)
request = self.request_context['request']
self.headers = request.META
self.access_data = {
'permission':
'app:*:*',
'resourceDefinitions': [{
'attributeFilter': {
'key': 'key1',
'operation': 'equal',
'value': 'value1'
}
}]
}
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data['username'])
self.principal.save()
self.admin_principal = Principal(username="******")
self.admin_principal.save()
self.group = Group(name='groupA')
self.group.save()
self.group.principals.add(self.principal)
self.group.save()
def setUp(self):
"""Set up the group viewset tests."""
super().setUp()
request = self.request_context['request']
user = User(username=self.user_data['username'], tenant=self.tenant)
user.save()
request.user = user
self.dummy_role_id = uuid4()
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data['username'])
self.principal.save()
self.group = Group(name='groupA')
self.group.save()
self.role = Role.objects.create(name='roleA')
self.policy = Policy.objects.create(name='policyA',
group=self.group)
self.policy.roles.add(self.role)
self.policy.save()
self.group.policies.add(self.policy)
self.group.principals.add(self.principal)
self.group.save()
self.defGroup = Group(name='groupDef',
platform_default=True,
system=True)
self.defGroup.save()
self.defGroup.principals.add(self.principal)
self.defGroup.save()
self.groupB = Group.objects.create(name='groupB')
self.groupB.principals.add(self.principal)
self.policyB = Policy.objects.create(name='policyB',
group=self.groupB)
self.roleB = Role.objects.create(name='roleB')
self.policyB.roles.add(self.roleB)
self.policyB.save()
def setUp(self):
"""Set up the role viewset tests."""
super().setUp()
request = self.request_context['request']
user = User(username=self.user_data['username'], tenant=self.tenant)
user.save()
request.user = user
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data['username'])
self.principal.save()
self.group = Group(name='groupA')
self.group.save()
self.group.principals.add(self.principal)
self.group.save()
def setUp(self):
"""Set up the policy viewset tests."""
super().setUp()
request = self.request_context["request"]
user = User()
user.username = self.user_data["username"]
user.account = self.customer_data["account_id"]
request.user = user
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data["username"])
self.principal.save()
self.group = Group(name="groupA")
self.group.save()
self.group.principals.add(self.principal)
self.group.save()
def setUp(self):
"""Set up the policy viewset tests."""
super().setUp()
request = self.request_context["request"]
user = User()
user.username = self.user_data["username"]
user.account = self.customer_data["account_id"]
request.user = user
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data["username"])
self.principal.save()
self.group = Group(name="groupA")
self.group.save()
self.group.principals.add(self.principal)
self.group.save()
Permission.objects.create(permission="app:*:*")
with tenant_context(Tenant.objects.get(schema_name="public")):
Permission.objects.create(permission="app:*:*")
def setUp(self):
"""Set up the role viewset tests."""
super().setUp()
request = self.request_context['request']
user = User()
user.username = self.user_data['username']
user.account = self.customer_data['account_id']
request.user = user
sys_role_config = {'name': 'system_role', 'system': True}
def_role_config = {'name': 'default_role', 'platform_default': True}
self.display_fields = {
'applications', 'description', 'uuid', 'name', 'system', 'created',
'policyCount', 'accessCount', 'modified', 'platform_default'
}
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data['username'])
self.principal.save()
self.policy = Policy.objects.create(name='policyA')
self.group = Group(name='groupA', description='groupA description')
self.group.save()
self.group.principals.add(self.principal)
self.group.policies.add(self.policy)
self.group.save()
self.sysRole = Role(**sys_role_config)
self.sysRole.save()
self.defRole = Role(**def_role_config)
self.defRole.save()
self.defRole.save()
self.policy.roles.add(self.defRole, self.sysRole)
self.policy.save()
self.access = Access.objects.create(permission='app:*:*',
role=self.defRole)
def setUp(self):
"""Set up the role viewset tests."""
super().setUp()
request = self.request_context["request"]
user = User()
user.username = self.user_data["username"]
user.account = self.customer_data["account_id"]
request.user = user
sys_role_config = {
"name": "system_role",
"display_name": "system_display",
"system": True
}
def_role_config = {
"name": "default_role",
"display_name": "default_display",
"platform_default": True
}
self.display_fields = {
"applications",
"description",
"uuid",
"name",
"display_name",
"system",
"created",
"policyCount",
"accessCount",
"modified",
"platform_default",
}
with tenant_context(self.tenant):
self.principal = Principal(username=self.user_data["username"])
self.principal.save()
self.policy = Policy.objects.create(name="policyA")
self.group = Group(name="groupA", description="groupA description")
self.group.save()
self.group.principals.add(self.principal)
self.group.policies.add(self.policy)
self.group.save()
self.sysRole = Role(**sys_role_config)
self.sysRole.save()
self.defRole = Role(**def_role_config)
self.defRole.save()
self.defRole.save()
self.policy.roles.add(self.defRole, self.sysRole)
self.policy.save()
self.permission = Permission.objects.create(permission="app:*:*")
self.permission2 = Permission.objects.create(permission="app2:*:*")
self.access = Access.objects.create(permission=self.permission,
role=self.defRole)
self.access2 = Access.objects.create(permission=self.permission2,
role=self.defRole)
self.access3 = Access.objects.create(permission=self.permission2,
role=self.sysRole)
Permission.objects.create(permission="cost-management:*:*")
# Create permission in public schema
with tenant_context(Tenant.objects.get(schema_name="public")):
Permission.objects.create(permission="cost-management:*:*")
Permission.objects.create(permission="app:*:*")
Permission.objects.create(permission="app2:*:*")