def test_get_uid(self): pack_1_db = PackDB(ref='test_pack') pack_2_db = PackDB(ref='examples') self.assertEqual(pack_1_db.get_uid(), 'pack:test_pack') self.assertEqual(pack_2_db.get_uid(), 'pack:examples') action_1_db = ActionDB(pack='examples', name='my_action', ref='examples.my_action') action_2_db = ActionDB(pack='core', name='local', ref='core.local') self.assertEqual(action_1_db.get_uid(), 'action:examples:my_action') self.assertEqual(action_2_db.get_uid(), 'action:core:local')
def test_get_uid(self): pack_1_db = PackDB(ref="test_pack") pack_2_db = PackDB(ref="examples") self.assertEqual(pack_1_db.get_uid(), "pack:test_pack") self.assertEqual(pack_2_db.get_uid(), "pack:examples") action_1_db = ActionDB(pack="examples", name="my_action", ref="examples.my_action") action_2_db = ActionDB(pack="core", name="local", ref="core.local") self.assertEqual(action_1_db.get_uid(), "action:examples:my_action") self.assertEqual(action_2_db.get_uid(), "action:core:local")
def setup_action_models(cls): action_db = ActionDB() action_db.name = 'action-1' action_db.description = 'awesomeness' action_db.enabled = True action_db.pack = 'wolfpack' action_db.ref = ResourceReference(name=action_db.name, pack=action_db.pack).ref action_db.entry_point = '' action_db.runner_type = {'name': 'test-runner'} action_db.parameters = { 'actionstr': {'type': 'string', 'position': 1, 'required': True}, 'actionint': {'type': 'number', 'default': 10, 'position': 0}, 'runnerdummy': {'type': 'string', 'default': 'actiondummy'} } ActionDBUtilsTestCase.action_db = Action.add_or_update(action_db) liveaction_db = LiveActionDB() liveaction_db.status = 'initializing' liveaction_db.start_timestamp = get_datetime_utc_now() liveaction_db.action = ActionDBUtilsTestCase.action_db.ref params = { 'actionstr': 'foo', 'some_key_that_aint_exist_in_action_or_runner': 'bar', 'runnerint': 555 } liveaction_db.parameters = params ActionDBUtilsTestCase.liveaction_db = LiveAction.add_or_update(liveaction_db)
def _create_save_action(runnertype, metadata=False): name = 'action-1' pack = 'wolfpack' ref = ResourceReference(pack=pack, name=name).ref created = ActionDB(name=name, description='awesomeness', enabled=True, entry_point='/tmp/action.py', pack=pack, ref=ref, runner_type={'name': runnertype.name}) if not metadata: created.parameters = {'p1': None, 'p2': None, 'p3': None} else: created.parameters = { 'p1': { 'type': 'string', 'required': True }, 'p2': { 'type': 'number', 'default': 2868 }, 'p3': { 'type': 'boolean', 'default': False } } return Action.add_or_update(created)
def setup_action_models(cls): pack = 'wolfpack' name = 'action-1' parameters = { 'actionint': {'type': 'number', 'default': 10, 'position': 0}, 'actionfloat': {'type': 'float', 'required': False, 'position': 1}, 'actionstr': {'type': 'string', 'required': True, 'position': 2}, 'actionbool': {'type': 'boolean', 'required': False, 'position': 3}, 'actionlist': {'type': 'list', 'required': False, 'position': 4}, 'actionobject': {'type': 'object', 'required': False, 'position': 5}, 'actionnull': {'type': 'null', 'required': False, 'position': 6}, 'runnerdummy': {'type': 'string', 'default': 'actiondummy'} } action_db = ActionDB(pack=pack, name=name, description='awesomeness', enabled=True, ref=ResourceReference(name=name, pack=pack).ref, entry_point='', runner_type={'name': 'test-runner'}, parameters=parameters) ActionDBUtilsTestCase.action_db = Action.add_or_update(action_db) liveaction_db = LiveActionDB() liveaction_db.status = 'initializing' liveaction_db.start_timestamp = get_datetime_utc_now() liveaction_db.action = ActionDBUtilsTestCase.action_db.ref params = { 'actionstr': 'foo', 'some_key_that_aint_exist_in_action_or_runner': 'bar', 'runnerint': 555 } liveaction_db.parameters = params ActionDBUtilsTestCase.liveaction_db = LiveAction.add_or_update(liveaction_db)
def user_has_rule_action_permission(user_db, action_ref): """ Check that the currently logged-in has necessary permissions on the action used / referenced inside the rule. Note: Rules can reference actions which don't yet exist in the system. """ if not cfg.CONF.rbac.enable: return True action_db = action_utils.get_action_by_ref(ref=action_ref) if not action_db: # We allow rules to be created for actions which don't yet exist in the # system ref = ResourceReference.from_string_reference(ref=action_ref) action_db = ActionDB(pack=ref.pack, name=ref.name, ref=action_ref) rbac_backend = get_backend_instance(cfg.CONF.rbac.backend) action_resolver = rbac_backend.get_resolver_for_resource_type( ResourceType.ACTION) has_action_permission = action_resolver.user_has_resource_db_permission( user_db=user_db, resource_db=action_db, permission_type=PermissionType.ACTION_EXECUTE) if has_action_permission: return True return False
def _setup_action_models(cls): action_db = ActionDB() action_db.name = 'action-1' action_db.description = 'awesomeness' action_db.enabled = True action_db.pack = 'wolfpack' action_db.entry_point = '' action_db.runner_type = {'name': 'test-runner'} action_db.parameters = { 'actionstr': { 'type': 'string', 'required': True }, 'actionint': { 'type': 'number', 'default': 10 }, 'runnerdummy': { 'type': 'string', 'default': 'actiondummy', 'immutable': True }, 'runnerimmutable': { 'type': 'string', 'default': 'failed_override' }, 'actionimmutable': { 'type': 'string', 'default': 'actionimmutable', 'immutable': True } } ParamsUtilsTest.action_db = action_db
def test_uid_is_populated_on_save(self): pack_1_db = PackDB( ref="test_pack", name="test", description="foo", version="1.0.0", author="dev", email="*****@*****.**", ) pack_1_db = Pack.add_or_update(pack_1_db) pack_1_db.reload() self.assertEqual(pack_1_db.uid, "pack:test_pack") action_1_db = ActionDB( name="local", pack="core", ref="core.local", entry_point="", runner_type={"name": "local-shell-cmd"}, ) action_1_db = Action.add_or_update(action_1_db) action_1_db.reload() self.assertEqual(action_1_db.uid, "action:core:local")
def _register_action(self, pack, action): content = self._meta_loader.load(action) try: model = Action.get_by_name(str(content['name'])) except ValueError: model = ActionDB() model.name = content['name'] model.description = content['description'] model.enabled = content['enabled'] model.pack = pack model.entry_point = content['entry_point'] model.parameters = content.get('parameters', {}) runner_type = str(content['runner_type']) valid_runner_type, runner_type_db = self._has_valid_runner_type( runner_type) if valid_runner_type: model.runner_type = {'name': runner_type_db.name} else: LOG.exception('Runner type %s doesn\'t exist.', runner_type) raise try: model = Action.add_or_update(model) LOG.audit('Action created. Action %s from %s.', model, action) except Exception: LOG.exception('Failed to write action to db %s.', model.name) raise
def test_format_secret_rule_parameters_are_masked( self, mock__get_referenced_action_model): expected_result = { 'description': 'Test description', 'tags': [], 'type': { 'ref': 'standard', 'parameters': {} }, 'enabled': True, 'trigger': 'test tigger', 'metadata_file': None, 'context': {}, 'criteria': {}, 'action': { 'ref': '1234', 'parameters': { 'parameter1': 'value1', 'parameter2': '********' } }, 'uid': 'rule:testpack:test.action', 'pack': 'testpack', 'ref': 'testpack.test.action', 'id': None, 'name': 'test.action' } parameters = { 'parameter1': { 'type': 'string', 'required': False }, 'parameter2': { 'type': 'string', 'required': False, 'secret': True } } mock_action_db = ActionDB(pack='testpack', name='test.action', parameters=parameters) mock__get_referenced_action_model.return_value = mock_action_db cfg.CONF.set_override(group='log', name='mask_secrets', override=True) mock_rule_db = RuleDB(pack='testpack', name='test.action', description='Test description', trigger='test tigger', action={ 'ref': '1234', 'parameters': { 'parameter1': 'value1', 'parameter2': 'value2' } }) result = mock_rule_db.to_serializable_dict(True) self.assertEqual(expected_result, result)
def test_uid_is_populated_on_save(self): pack_1_db = PackDB(ref='test_pack', name='test', description='foo', version='1.0', author='dev', email='*****@*****.**') pack_1_db = Pack.add_or_update(pack_1_db) pack_1_db.reload() self.assertEqual(pack_1_db.uid, 'pack:test_pack') action_1_db = ActionDB(name='local', pack='core', ref='core.local', entry_point='', runner_type={'name': 'local-shell-cmd'}) action_1_db = Action.add_or_update(action_1_db) action_1_db.reload() self.assertEqual(action_1_db.uid, 'action:core:local')
def _create_save_action(runnertype, metadata=False): created = ActionDB() created.name = 'action-1' created.description = 'awesomeness' created.enabled = True created.entry_point = '/tmp/action.py' created.pack = 'wolfpack' created.runner_type = {'name': runnertype.name} if not metadata: created.parameters = {'p1': None, 'p2': None, 'p3': None} else: created.parameters = { 'p1': {'type': 'string', 'required': True}, 'p2': {'type': 'number', 'default': 2868}, 'p3': {'type': 'boolean', 'default': False} } return Action.add_or_update(created)
def test_get_uid(self): pack_db = PackDB(ref='ma_pack') self.assertEqual(pack_db.get_uid(), 'pack:ma_pack') sensor_type_db = SensorTypeDB(name='sname', pack='spack') self.assertEqual(sensor_type_db.get_uid(), 'sensor_type:spack:sname') action_db = ActionDB(name='aname', pack='apack', runner_type={}) self.assertEqual(action_db.get_uid(), 'action:apack:aname') rule_db = RuleDB(name='rname', pack='rpack') self.assertEqual(rule_db.get_uid(), 'rule:rpack:rname') trigger_type_db = TriggerTypeDB(name='ttname', pack='ttpack') self.assertEqual(trigger_type_db.get_uid(), 'trigger_type:ttpack:ttname') trigger_db = TriggerDB(name='tname', pack='tpack') self.assertTrue(trigger_db.get_uid().startswith('trigger:tpack:tname:')) # Verify that same set of parameters always results in the same hash parameters = {'a': 1, 'b': 'unicode', 'c': [1, 2, 3], 'd': {'g': 1, 'h': 2}} paramers_hash = json.dumps(parameters, sort_keys=True) paramers_hash = hashlib.md5(paramers_hash).hexdigest() parameters = {'a': 1, 'b': 'unicode', 'c': [1, 2, 3], 'd': {'g': 1, 'h': 2}} trigger_db = TriggerDB(name='tname', pack='tpack', parameters=parameters) self.assertEqual(trigger_db.get_uid(), 'trigger:tpack:tname:%s' % (paramers_hash)) parameters = {'c': [1, 2, 3], 'b': u'unicode', 'd': {'h': 2, 'g': 1}, 'a': 1} trigger_db = TriggerDB(name='tname', pack='tpack', parameters=parameters) self.assertEqual(trigger_db.get_uid(), 'trigger:tpack:tname:%s' % (paramers_hash)) parameters = {'b': u'unicode', 'c': [1, 2, 3], 'd': {'h': 2, 'g': 1}, 'a': 1} trigger_db = TriggerDB(name='tname', pack='tpack', parameters=parameters) self.assertEqual(trigger_db.get_uid(), 'trigger:tpack:tname:%s' % (paramers_hash)) parameters = OrderedDict({'c': [1, 2, 3], 'b': u'unicode', 'd': {'h': 2, 'g': 1}, 'a': 1}) trigger_db = TriggerDB(name='tname', pack='tpack', parameters=parameters) self.assertEqual(trigger_db.get_uid(), 'trigger:tpack:tname:%s' % (paramers_hash)) policy_type_db = PolicyTypeDB(resource_type='action', name='concurrency') self.assertEqual(policy_type_db.get_uid(), 'policy_type:action:concurrency') policy_db = PolicyDB(pack='dummy', name='policy1') self.assertEqual(policy_db.get_uid(), 'policy:dummy:policy1')
def test_get_uid(self): pack_db = PackDB(ref='ma_pack') self.assertEqual(pack_db.get_uid(), 'pack:ma_pack') sensor_type_db = SensorTypeDB(name='sname', pack='spack') self.assertEqual(sensor_type_db.get_uid(), 'sensor_type:spack:sname') action_db = ActionDB(name='aname', pack='apack', runner_type={}) self.assertEqual(action_db.get_uid(), 'action:apack:aname') rule_db = RuleDB(name='rname', pack='rpack') self.assertEqual(rule_db.get_uid(), 'rule:rpack:rname') trigger_type_db = TriggerTypeDB(name='ttname', pack='ttpack') self.assertEqual(trigger_type_db.get_uid(), 'trigger_type:ttpack:ttname') trigger_db = TriggerDB(name='tname', pack='tpack') self.assertTrue(trigger_db.get_uid().startswith('trigger:tpack:tname:'))
def _create_save_action(runnertype, metadata=False): name = "action-1" pack = "wolfpack" ref = ResourceReference(pack=pack, name=name).ref created = ActionDB( name=name, description="awesomeness", enabled=True, entry_point="/tmp/action.py", pack=pack, ref=ref, runner_type={"name": runnertype.name}, ) if not metadata: created.parameters = { "p1": None, "p2": None, "p3": None, "p4": None } else: created.parameters = { "p1": { "type": "string", "required": True }, "p2": { "type": "number", "default": 2868 }, "p3": { "type": "boolean", "default": False }, "p4": { "type": "string", "secret": True }, } return Action.add_or_update(created)
def test_format_secret_action_parameters_are_masked(self): formatter = ConsoleLogFormatter() mock_message = 'test message 1' mock_action_db = ActionDB() mock_action_db.name = 'test.action' mock_action_db.pack = 'testpack' mock_action_db.parameters = { 'parameter1': { 'type': 'string', 'required': False }, 'parameter2': { 'type': 'string', 'required': False, 'secret': True } } mock_action_execution_db = ActionExecutionDB() mock_action_execution_db.action = mock_action_db.to_serializable_dict() mock_action_execution_db.parameters = { 'parameter1': 'value1', 'parameter2': 'value2' } record = MockRecord() record.msg = mock_message # Add "extra" attributes record._action_execution_db = mock_action_execution_db expected_msg_part = "'parameters': {'parameter1': 'value1', 'parameter2': '********'}" message = formatter.format(record=record) self.assertTrue('test message 1' in message) self.assertTrue(expected_msg_part in message)
def test_format_secret_action_parameters_are_masked(self): formatter = ConsoleLogFormatter() mock_message = 'test message 1' parameters = { 'parameter1': { 'type': 'string', 'required': False }, 'parameter2': { 'type': 'string', 'required': False, 'secret': True } } mock_action_db = ActionDB(pack='testpack', name='test.action', parameters=parameters) action = mock_action_db.to_serializable_dict() parameters = {'parameter1': 'value1', 'parameter2': 'value2'} mock_action_execution_db = ActionExecutionDB(action=action, parameters=parameters) record = MockRecord() record.msg = mock_message # Add "extra" attributes record._action_execution_db = mock_action_execution_db expected_msg_part = (r"'parameters': {u?'parameter1': u?'value1', " r"u?'parameter2': u?'\*\*\*\*\*\*\*\*'}") message = formatter.format(record=record) self.assertTrue('test message 1' in message) self.assertRegexpMatches(message, expected_msg_part)
class NotifierTestCase(CleanDbTestCase): class MockDispatcher(object): def __init__(self, tester): self.tester = tester self.notify_trigger = ResourceReference.to_string_reference( pack=NOTIFY_TRIGGER_TYPE['pack'], name=NOTIFY_TRIGGER_TYPE['name']) self.action_trigger = ResourceReference.to_string_reference( pack=ACTION_TRIGGER_TYPE['pack'], name=ACTION_TRIGGER_TYPE['name']) def dispatch(self, *args, **kwargs): try: self.tester.assertEqual(len(args), 1) self.tester.assertTrue('payload' in kwargs) payload = kwargs['payload'] if args[0] == self.notify_trigger: self.tester.assertEqual(payload['status'], 'succeeded') self.tester.assertTrue('execution_id' in payload) self.tester.assertEqual(payload['execution_id'], str(MOCK_EXECUTION.id)) self.tester.assertTrue('start_timestamp' in payload) self.tester.assertTrue('end_timestamp' in payload) self.tester.assertEqual('core.local', payload['action_ref']) self.tester.assertEqual('Action succeeded.', payload['message']) self.tester.assertTrue('data' in payload) self.tester.assertTrue('run-local-cmd', payload['runner_ref']) if args[0] == self.action_trigger: self.tester.assertEqual(payload['status'], 'succeeded') self.tester.assertTrue('execution_id' in payload) self.tester.assertEqual(payload['execution_id'], str(MOCK_EXECUTION.id)) self.tester.assertTrue('start_timestamp' in payload) self.tester.assertEqual('core.local', payload['action_name']) self.tester.assertEqual('core.local', payload['action_ref']) self.tester.assertTrue('result' in payload) self.tester.assertTrue('parameters' in payload) self.tester.assertTrue('run-local-cmd', payload['runner_ref']) except Exception: self.tester.fail('Test failed') @mock.patch( 'st2common.util.action_db.get_action_by_ref', mock.MagicMock( return_value=ActionDB(pack='core', name='local', runner_type={'name': 'run-local-cmd'}, parameters={}))) @mock.patch( 'st2common.util.action_db.get_runnertype_by_name', mock.MagicMock( return_value=RunnerTypeDB(name='foo', runner_parameters={}))) @mock.patch.object( Action, 'get_by_ref', mock.MagicMock(return_value={'runner_type': { 'name': 'run-local-cmd' }})) @mock.patch.object(Policy, 'query', mock.MagicMock(return_value=[])) @mock.patch.object(Notifier, '_get_trace_context', mock.MagicMock(return_value={})) def test_notify_triggers(self): liveaction_db = LiveActionDB(action='core.local') liveaction_db.id = bson.ObjectId() liveaction_db.description = '' liveaction_db.status = 'succeeded' liveaction_db.parameters = {} on_success = NotificationSubSchema(message='Action succeeded.') on_failure = NotificationSubSchema(message='Action failed.') liveaction_db.notify = NotificationSchema(on_success=on_success, on_failure=on_failure) liveaction_db.start_timestamp = date_utils.get_datetime_utc_now() liveaction_db.end_timestamp = (liveaction_db.start_timestamp + datetime.timedelta(seconds=50)) LiveAction.add_or_update(liveaction_db) execution = MOCK_EXECUTION execution.liveaction = vars(LiveActionAPI.from_model(liveaction_db)) execution.status = liveaction_db.status dispatcher = NotifierTestCase.MockDispatcher(self) notifier = Notifier(connection=None, queues=[], trigger_dispatcher=dispatcher) notifier.process(execution) @mock.patch( 'st2common.util.action_db.get_action_by_ref', mock.MagicMock( return_value=ActionDB(pack='core', name='local', runner_type={'name': 'run-local-cmd'}, parameters={}))) @mock.patch( 'st2common.util.action_db.get_runnertype_by_name', mock.MagicMock( return_value=RunnerTypeDB(name='foo', runner_parameters={}))) @mock.patch.object( Action, 'get_by_ref', mock.MagicMock(return_value={'runner_type': { 'name': 'run-local-cmd' }})) @mock.patch.object(Policy, 'query', mock.MagicMock(return_value=[])) @mock.patch.object(Notifier, '_get_trace_context', mock.MagicMock(return_value={})) def test_notify_triggers_end_timestamp_none(self): liveaction_db = LiveActionDB(action='core.local') liveaction_db.id = bson.ObjectId() liveaction_db.description = '' liveaction_db.status = 'succeeded' liveaction_db.parameters = {} on_success = NotificationSubSchema(message='Action succeeded.') on_failure = NotificationSubSchema(message='Action failed.') liveaction_db.notify = NotificationSchema(on_success=on_success, on_failure=on_failure) liveaction_db.start_timestamp = date_utils.get_datetime_utc_now() # This tests for end_timestamp being set to None, which can happen when a policy cancels # a request. # The assertions within "MockDispatcher.dispatch" will validate that the underlying code # handles this properly, so all we need to do is keep the call to "notifier.process" below liveaction_db.end_timestamp = None LiveAction.add_or_update(liveaction_db) execution = MOCK_EXECUTION execution.liveaction = vars(LiveActionAPI.from_model(liveaction_db)) execution.status = liveaction_db.status dispatcher = NotifierTestCase.MockDispatcher(self) notifier = Notifier(connection=None, queues=[], trigger_dispatcher=dispatcher) notifier.process(execution) @mock.patch( 'st2common.util.action_db.get_action_by_ref', mock.MagicMock(return_value=ActionDB( pack='core', name='local', runner_type={'name': 'run-local-cmd'}))) @mock.patch('st2common.util.action_db.get_runnertype_by_name', mock.MagicMock(return_value=RunnerTypeDB( name='foo', runner_parameters={'runner_foo': 'foo'}))) @mock.patch.object( Action, 'get_by_ref', mock.MagicMock(return_value={'runner_type': { 'name': 'run-local-cmd' }})) @mock.patch.object(Policy, 'query', mock.MagicMock(return_value=[])) @mock.patch.object(Notifier, '_post_generic_trigger', mock.MagicMock(return_value=True)) @mock.patch.object(Notifier, '_get_trace_context', mock.MagicMock(return_value={})) @mock.patch('st2common.transport.reactor.TriggerDispatcher.dispatch') def test_notify_triggers_jinja_patterns(self, dispatch): liveaction_db = LiveActionDB(action='core.local') liveaction_db.id = bson.ObjectId() liveaction_db.description = '' liveaction_db.status = 'succeeded' liveaction_db.parameters = {'cmd': 'mamma mia', 'runner_foo': 'foo'} on_success = NotificationSubSchema( message='Command {{action_parameters.cmd}} succeeded.', data={'stdout': '{{action_results.stdout}}'}) liveaction_db.notify = NotificationSchema(on_success=on_success) liveaction_db.start_timestamp = date_utils.get_datetime_utc_now() liveaction_db.end_timestamp = (liveaction_db.start_timestamp + datetime.timedelta(seconds=50)) LiveAction.add_or_update(liveaction_db) execution = MOCK_EXECUTION execution.liveaction = vars(LiveActionAPI.from_model(liveaction_db)) execution.status = liveaction_db.status notifier = Notifier(connection=None, queues=[]) notifier.process(execution) exp = { 'status': 'succeeded', 'start_timestamp': isotime.format(liveaction_db.start_timestamp), 'route': 'notify.default', 'runner_ref': 'run-local-cmd', 'channel': 'notify.default', 'message': u'Command mamma mia succeeded.', 'data': { 'result': '{}', 'stdout': 'stuff happens' }, 'action_ref': u'core.local', 'execution_id': str(MOCK_EXECUTION.id), 'end_timestamp': isotime.format(liveaction_db.end_timestamp) } dispatch.assert_called_once_with('core.st2.generic.notifytrigger', payload=exp, trace_context={}) notifier.process(execution)
def test_command_construction_correct_default_parameter_values_are_used(self): runner_parameters = {} action_db_parameters = { 'project': { 'type': 'string', 'default': 'st2', 'position': 0, }, 'version': { 'type': 'string', 'position': 1, 'required': True }, 'fork': { 'type': 'string', 'position': 2, 'default': 'StackStorm', }, 'branch': { 'type': 'string', 'position': 3, 'default': 'master', }, 'update_changelog': { 'type': 'boolean', 'position': 4, 'default': False }, 'local_repo': { 'type': 'string', 'position': 5, } } context = {} action_db = ActionDB(pack='dummy', name='action') runner = LocalShellScriptRunner('id') runner.runner_parameters = {} runner.action = action_db # 1. All default values used live_action_db_parameters = { 'project': 'st2flow', 'version': '3.0.0', 'fork': 'StackStorm', 'local_repo': '/tmp/repo' } runner_params, action_params = param_utils.render_final_params(runner_parameters, action_db_parameters, live_action_db_parameters, context) self.assertDictEqual(action_params, { 'project': 'st2flow', 'version': '3.0.0', 'fork': 'StackStorm', 'branch': 'master', # default value used 'update_changelog': False, # default value used 'local_repo': '/tmp/repo' }) action_db.parameters = action_db_parameters positional_args, named_args = runner._get_script_args(action_params) named_args = runner._transform_named_args(named_args) shell_script_action = ShellScriptAction(name='dummy', action_exec_id='dummy', script_local_path_abs='/tmp/local.sh', named_args=named_args, positional_args=positional_args) command_string = shell_script_action.get_full_command_string() expected = '/tmp/local.sh st2flow 3.0.0 StackStorm master 0 /tmp/repo' self.assertEqual(command_string, expected) # 2. Some default values used live_action_db_parameters = { 'project': 'st2web', 'version': '3.1.0', 'fork': 'StackStorm1', 'update_changelog': True, 'local_repo': '/tmp/repob' } runner_params, action_params = param_utils.render_final_params(runner_parameters, action_db_parameters, live_action_db_parameters, context) self.assertDictEqual(action_params, { 'project': 'st2web', 'version': '3.1.0', 'fork': 'StackStorm1', 'branch': 'master', # default value used 'update_changelog': True, # default value used 'local_repo': '/tmp/repob' }) action_db.parameters = action_db_parameters positional_args, named_args = runner._get_script_args(action_params) named_args = runner._transform_named_args(named_args) shell_script_action = ShellScriptAction(name='dummy', action_exec_id='dummy', script_local_path_abs='/tmp/local.sh', named_args=named_args, positional_args=positional_args) command_string = shell_script_action.get_full_command_string() expected = '/tmp/local.sh st2web 3.1.0 StackStorm1 master 1 /tmp/repob' self.assertEqual(command_string, expected) # 3. None is specified for a boolean parameter, should use a default live_action_db_parameters = { 'project': 'st2rbac', 'version': '3.2.0', 'fork': 'StackStorm2', 'update_changelog': None, 'local_repo': '/tmp/repoc' } runner_params, action_params = param_utils.render_final_params(runner_parameters, action_db_parameters, live_action_db_parameters, context) self.assertDictEqual(action_params, { 'project': 'st2rbac', 'version': '3.2.0', 'fork': 'StackStorm2', 'branch': 'master', # default value used 'update_changelog': False, # default value used 'local_repo': '/tmp/repoc' }) action_db.parameters = action_db_parameters positional_args, named_args = runner._get_script_args(action_params) named_args = runner._transform_named_args(named_args) shell_script_action = ShellScriptAction(name='dummy', action_exec_id='dummy', script_local_path_abs='/tmp/local.sh', named_args=named_args, positional_args=positional_args) command_string = shell_script_action.get_full_command_string() expected = '/tmp/local.sh st2rbac 3.2.0 StackStorm2 master 0 /tmp/repoc' self.assertEqual(command_string, expected)
def test_command_construction_correct_default_parameter_values_are_used( self): runner_parameters = {} action_db_parameters = { "project": { "type": "string", "default": "st2", "position": 0, }, "version": { "type": "string", "position": 1, "required": True }, "fork": { "type": "string", "position": 2, "default": "StackStorm", }, "branch": { "type": "string", "position": 3, "default": "master", }, "update_changelog": { "type": "boolean", "position": 4, "default": False }, "local_repo": { "type": "string", "position": 5, }, } context = {} action_db = ActionDB(pack="dummy", name="action") runner = LocalShellScriptRunner("id") runner.runner_parameters = {} runner.action = action_db # 1. All default values used live_action_db_parameters = { "project": "st2flow", "version": "3.0.0", "fork": "StackStorm", "local_repo": "/tmp/repo", } runner_params, action_params = param_utils.render_final_params( runner_parameters, action_db_parameters, live_action_db_parameters, context) self.assertDictEqual( action_params, { "project": "st2flow", "version": "3.0.0", "fork": "StackStorm", "branch": "master", # default value used "update_changelog": False, # default value used "local_repo": "/tmp/repo", }, ) action_db.parameters = action_db_parameters positional_args, named_args = runner._get_script_args(action_params) named_args = runner._transform_named_args(named_args) shell_script_action = ShellScriptAction( name="dummy", action_exec_id="dummy", script_local_path_abs="/tmp/local.sh", named_args=named_args, positional_args=positional_args, ) command_string = shell_script_action.get_full_command_string() expected = "/tmp/local.sh st2flow 3.0.0 StackStorm master 0 /tmp/repo" self.assertEqual(command_string, expected) # 2. Some default values used live_action_db_parameters = { "project": "st2web", "version": "3.1.0", "fork": "StackStorm1", "update_changelog": True, "local_repo": "/tmp/repob", } runner_params, action_params = param_utils.render_final_params( runner_parameters, action_db_parameters, live_action_db_parameters, context) self.assertDictEqual( action_params, { "project": "st2web", "version": "3.1.0", "fork": "StackStorm1", "branch": "master", # default value used "update_changelog": True, # default value used "local_repo": "/tmp/repob", }, ) action_db.parameters = action_db_parameters positional_args, named_args = runner._get_script_args(action_params) named_args = runner._transform_named_args(named_args) shell_script_action = ShellScriptAction( name="dummy", action_exec_id="dummy", script_local_path_abs="/tmp/local.sh", named_args=named_args, positional_args=positional_args, ) command_string = shell_script_action.get_full_command_string() expected = "/tmp/local.sh st2web 3.1.0 StackStorm1 master 1 /tmp/repob" self.assertEqual(command_string, expected) # 3. None is specified for a boolean parameter, should use a default live_action_db_parameters = { "project": "st2rbac", "version": "3.2.0", "fork": "StackStorm2", "update_changelog": None, "local_repo": "/tmp/repoc", } runner_params, action_params = param_utils.render_final_params( runner_parameters, action_db_parameters, live_action_db_parameters, context) self.assertDictEqual( action_params, { "project": "st2rbac", "version": "3.2.0", "fork": "StackStorm2", "branch": "master", # default value used "update_changelog": False, # default value used "local_repo": "/tmp/repoc", }, ) action_db.parameters = action_db_parameters positional_args, named_args = runner._get_script_args(action_params) named_args = runner._transform_named_args(named_args) shell_script_action = ShellScriptAction( name="dummy", action_exec_id="dummy", script_local_path_abs="/tmp/local.sh", named_args=named_args, positional_args=positional_args, ) command_string = shell_script_action.get_full_command_string() expected = "/tmp/local.sh st2rbac 3.2.0 StackStorm2 master 0 /tmp/repoc" self.assertEqual(command_string, expected)
class NotifierTestCase(unittest2.TestCase): class MockDispatcher(object): def __init__(self, tester): self.tester = tester self.notify_trigger = ResourceReference.to_string_reference( pack=NOTIFY_TRIGGER_TYPE['pack'], name=NOTIFY_TRIGGER_TYPE['name']) self.action_trigger = ResourceReference.to_string_reference( pack=ACTION_TRIGGER_TYPE['pack'], name=ACTION_TRIGGER_TYPE['name']) def dispatch(self, *args, **kwargs): try: self.tester.assertEqual(len(args), 1) self.tester.assertTrue('payload' in kwargs) payload = kwargs['payload'] if args[0] == self.notify_trigger: self.tester.assertEqual(payload['status'], 'succeeded') self.tester.assertTrue('execution_id' in payload) self.tester.assertEqual(payload['execution_id'], str(MOCK_EXECUTION.id)) self.tester.assertTrue('start_timestamp' in payload) self.tester.assertTrue('end_timestamp' in payload) self.tester.assertEqual('core.local', payload['action_ref']) self.tester.assertEqual('Action succeeded.', payload['message']) self.tester.assertTrue('data' in payload) self.tester.assertTrue('run-local-cmd', payload['runner_ref']) if args[0] == self.action_trigger: self.tester.assertEqual(payload['status'], 'succeeded') self.tester.assertTrue('execution_id' in payload) self.tester.assertEqual(payload['execution_id'], str(MOCK_EXECUTION.id)) self.tester.assertTrue('start_timestamp' in payload) self.tester.assertEqual('core.local', payload['action_name']) self.tester.assertEqual('core.local', payload['action_ref']) self.tester.assertTrue('result' in payload) self.tester.assertTrue('parameters' in payload) self.tester.assertTrue('run-local-cmd', payload['runner_ref']) except Exception: self.tester.fail('Test failed') @mock.patch('st2common.util.action_db.get_action_by_ref', mock.MagicMock( return_value=ActionDB(pack='core', name='local', runner_type={'name': 'run-local-cmd'}, parameters={}))) @mock.patch('st2common.util.action_db.get_runnertype_by_name', mock.MagicMock( return_value=RunnerTypeDB(runner_parameters={}))) @mock.patch.object(Action, 'get_by_ref', mock.MagicMock( return_value={'runner_type': {'name': 'run-local-cmd'}})) @mock.patch.object(Policy, 'query', mock.MagicMock( return_value=[])) @mock.patch.object(Notifier, '_get_execution_for_liveaction', mock.MagicMock( return_value=MOCK_EXECUTION)) @mock.patch.object(Notifier, '_get_trace_context', mock.MagicMock(return_value={})) def test_notify_triggers(self): liveaction = LiveActionDB(action='core.local') liveaction.description = '' liveaction.status = 'succeeded' liveaction.parameters = {} on_success = NotificationSubSchema(message='Action succeeded.') on_failure = NotificationSubSchema(message='Action failed.') liveaction.notify = NotificationSchema(on_success=on_success, on_failure=on_failure) liveaction.start_timestamp = date_utils.get_datetime_utc_now() liveaction.end_timestamp = liveaction.start_timestamp + datetime.timedelta(seconds=50) dispatcher = NotifierTestCase.MockDispatcher(self) notifier = Notifier(connection=None, queues=[], trigger_dispatcher=dispatcher) notifier.process(liveaction) @mock.patch('st2common.util.action_db.get_action_by_ref', mock.MagicMock( return_value=ActionDB(pack='core', name='local', runner_type={'name': 'run-local-cmd'}))) @mock.patch('st2common.util.action_db.get_runnertype_by_name', mock.MagicMock( return_value=RunnerTypeDB(runner_parameters={'runner_foo': 'foo'}))) @mock.patch.object(Action, 'get_by_ref', mock.MagicMock( return_value={'runner_type': {'name': 'run-local-cmd'}})) @mock.patch.object(Policy, 'query', mock.MagicMock( return_value=[])) @mock.patch.object(Notifier, '_get_execution_for_liveaction', mock.MagicMock( return_value=MOCK_EXECUTION)) @mock.patch.object(Notifier, '_post_generic_trigger', mock.MagicMock( return_value=True)) @mock.patch.object(Notifier, '_get_trace_context', mock.MagicMock(return_value={})) @mock.patch('st2common.transport.reactor.TriggerDispatcher.dispatch') def test_notify_triggers_jinja_patterns(self, dispatch): liveaction = LiveActionDB(action='core.local') liveaction.description = '' liveaction.status = 'succeeded' liveaction.parameters = {'cmd': 'mamma mia', 'runner_foo': 'foo'} on_success = NotificationSubSchema(message='Command {{action_parameters.cmd}} succeeded.', data={'stdout': '{{action_results.stdout}}'}) liveaction.notify = NotificationSchema(on_success=on_success) liveaction.start_timestamp = date_utils.get_datetime_utc_now() liveaction.end_timestamp = liveaction.start_timestamp + datetime.timedelta(seconds=50) notifier = Notifier(connection=None, queues=[]) notifier.process(liveaction) exp = {'status': 'succeeded', 'start_timestamp': isotime.format(liveaction.start_timestamp), 'route': 'notify.default', 'runner_ref': 'run-local-cmd', 'channel': 'notify.default', 'message': u'Command mamma mia succeeded.', 'data': {'result': '{}', 'stdout': 'stuff happens'}, 'action_ref': u'core.local', 'execution_id': str(MOCK_EXECUTION.id), 'end_timestamp': isotime.format(liveaction.end_timestamp)} dispatch.assert_called_once_with('core.st2.generic.notifytrigger', payload=exp, trace_context={}) notifier.process(liveaction)
def test_command_construction_correct_default_parameter_values_are_used( self): runner_parameters = {} action_db_parameters = { "project": { "type": "string", "default": "st2", "position": 0, }, "version": { "type": "string", "position": 1, "required": True }, "fork": { "type": "string", "position": 2, "default": "StackStorm", }, "branch": { "type": "string", "position": 3, "default": "master", }, "update_changelog": { "type": "boolean", "position": 4, "default": False }, "local_repo": { "type": "string", "position": 5, }, } context = {} action_db = ActionDB(pack="dummy", name="action") runner = ParamikoRemoteScriptRunner("id") runner.runner_parameters = {} runner.action = action_db # 1. All default values used live_action_db_parameters = { "project": "st2flow", "version": "3.0.0", "fork": "StackStorm", "local_repo": "/tmp/repo", } runner_params, action_params = param_utils.render_final_params( runner_parameters, action_db_parameters, live_action_db_parameters, context) self.assertDictEqual( action_params, { "project": "st2flow", "version": "3.0.0", "fork": "StackStorm", "branch": "master", # default value used "update_changelog": False, # default value used "local_repo": "/tmp/repo", }, ) action_db.parameters = action_db_parameters positional_args, named_args = runner._get_script_args(action_params) named_args = runner._transform_named_args(named_args) remote_action = ParamikoRemoteScriptAction( "foo-script", "id", script_local_path_abs="/tmp/script.sh", script_local_libs_path_abs=None, named_args=named_args, positional_args=positional_args, env_vars={}, on_behalf_user="******", user="******", remote_dir="/tmp", hosts=["127.0.0.1"], cwd="/test/cwd/", ) command_string = remote_action.get_full_command_string() expected = "cd /test/cwd/ && /tmp/script.sh st2flow 3.0.0 StackStorm master 0 /tmp/repo" self.assertEqual(command_string, expected) # 2. Some default values used live_action_db_parameters = { "project": "st2web", "version": "3.1.0", "fork": "StackStorm1", "update_changelog": True, "local_repo": "/tmp/repob", } runner_params, action_params = param_utils.render_final_params( runner_parameters, action_db_parameters, live_action_db_parameters, context) self.assertDictEqual( action_params, { "project": "st2web", "version": "3.1.0", "fork": "StackStorm1", "branch": "master", # default value used "update_changelog": True, # default value used "local_repo": "/tmp/repob", }, ) action_db.parameters = action_db_parameters positional_args, named_args = runner._get_script_args(action_params) named_args = runner._transform_named_args(named_args) remote_action = ParamikoRemoteScriptAction( "foo-script", "id", script_local_path_abs="/tmp/script.sh", script_local_libs_path_abs=None, named_args=named_args, positional_args=positional_args, env_vars={}, on_behalf_user="******", user="******", remote_dir="/tmp", hosts=["127.0.0.1"], cwd="/test/cwd/", ) command_string = remote_action.get_full_command_string() expected = "cd /test/cwd/ && /tmp/script.sh st2web 3.1.0 StackStorm1 master 1 /tmp/repob" self.assertEqual(command_string, expected) # 3. None is specified for a boolean parameter, should use a default live_action_db_parameters = { "project": "st2rbac", "version": "3.2.0", "fork": "StackStorm2", "update_changelog": None, "local_repo": "/tmp/repoc", } runner_params, action_params = param_utils.render_final_params( runner_parameters, action_db_parameters, live_action_db_parameters, context) self.assertDictEqual( action_params, { "project": "st2rbac", "version": "3.2.0", "fork": "StackStorm2", "branch": "master", # default value used "update_changelog": False, # default value used "local_repo": "/tmp/repoc", }, ) action_db.parameters = action_db_parameters positional_args, named_args = runner._get_script_args(action_params) named_args = runner._transform_named_args(named_args) remote_action = ParamikoRemoteScriptAction( "foo-script", "id", script_local_path_abs="/tmp/script.sh", script_local_libs_path_abs=None, named_args=named_args, positional_args=positional_args, env_vars={}, on_behalf_user="******", user="******", remote_dir="/tmp", hosts=["127.0.0.1"], cwd="/test/cwd/", ) command_string = remote_action.get_full_command_string() expected = "cd /test/cwd/ && /tmp/script.sh st2rbac 3.2.0 StackStorm2 master 0 /tmp/repoc" self.assertEqual(command_string, expected)
def test_get_uid(self): pack_db = PackDB(ref="ma_pack") self.assertEqual(pack_db.get_uid(), "pack:ma_pack") self.assertTrue(pack_db.has_valid_uid()) sensor_type_db = SensorTypeDB(name="sname", pack="spack") self.assertEqual(sensor_type_db.get_uid(), "sensor_type:spack:sname") self.assertTrue(sensor_type_db.has_valid_uid()) action_db = ActionDB(name="aname", pack="apack", runner_type={}) self.assertEqual(action_db.get_uid(), "action:apack:aname") self.assertTrue(action_db.has_valid_uid()) rule_db = RuleDB(name="rname", pack="rpack") self.assertEqual(rule_db.get_uid(), "rule:rpack:rname") self.assertTrue(rule_db.has_valid_uid()) trigger_type_db = TriggerTypeDB(name="ttname", pack="ttpack") self.assertEqual(trigger_type_db.get_uid(), "trigger_type:ttpack:ttname") self.assertTrue(trigger_type_db.has_valid_uid()) trigger_db = TriggerDB(name="tname", pack="tpack") self.assertTrue(trigger_db.get_uid().startswith("trigger:tpack:tname:")) # Verify that same set of parameters always results in the same hash parameters = {"a": 1, "b": "unicode", "c": [1, 2, 3], "d": {"g": 1, "h": 2}} paramers_hash = json.dumps(parameters, sort_keys=True) paramers_hash = hashlib.md5(paramers_hash.encode()).hexdigest() parameters = {"a": 1, "b": "unicode", "c": [1, 2, 3], "d": {"g": 1, "h": 2}} trigger_db = TriggerDB(name="tname", pack="tpack", parameters=parameters) self.assertEqual( trigger_db.get_uid(), "trigger:tpack:tname:%s" % (paramers_hash) ) self.assertTrue(trigger_db.has_valid_uid()) parameters = {"c": [1, 2, 3], "b": "unicode", "d": {"h": 2, "g": 1}, "a": 1} trigger_db = TriggerDB(name="tname", pack="tpack", parameters=parameters) self.assertEqual( trigger_db.get_uid(), "trigger:tpack:tname:%s" % (paramers_hash) ) self.assertTrue(trigger_db.has_valid_uid()) parameters = {"b": "unicode", "c": [1, 2, 3], "d": {"h": 2, "g": 1}, "a": 1} trigger_db = TriggerDB(name="tname", pack="tpack", parameters=parameters) self.assertEqual( trigger_db.get_uid(), "trigger:tpack:tname:%s" % (paramers_hash) ) self.assertTrue(trigger_db.has_valid_uid()) parameters = OrderedDict( {"c": [1, 2, 3], "b": "unicode", "d": {"h": 2, "g": 1}, "a": 1} ) trigger_db = TriggerDB(name="tname", pack="tpack", parameters=parameters) self.assertEqual( trigger_db.get_uid(), "trigger:tpack:tname:%s" % (paramers_hash) ) self.assertTrue(trigger_db.has_valid_uid()) policy_type_db = PolicyTypeDB(resource_type="action", name="concurrency") self.assertEqual(policy_type_db.get_uid(), "policy_type:action:concurrency") self.assertTrue(policy_type_db.has_valid_uid()) policy_db = PolicyDB(pack="dummy", name="policy1") self.assertEqual(policy_db.get_uid(), "policy:dummy:policy1") api_key_db = ApiKeyDB(key_hash="valid") self.assertEqual(api_key_db.get_uid(), "api_key:valid") self.assertTrue(api_key_db.has_valid_uid()) api_key_db = ApiKeyDB() self.assertEqual(api_key_db.get_uid(), "api_key:") self.assertFalse(api_key_db.has_valid_uid())
from st2common.util import reference from st2reactor.rules.enforcer import RuleEnforcer import st2tests.config as tests_config MOCK_TRIGGER = TriggerDB() MOCK_TRIGGER.id = 'trigger-test.id' MOCK_TRIGGER.name = 'trigger-test.name' MOCK_TRIGGER.pack = 'dummypack1' MOCK_TRIGGER_INSTANCE = TriggerInstanceDB() MOCK_TRIGGER_INSTANCE.id = 'triggerinstance-test' MOCK_TRIGGER_INSTANCE.trigger = reference.get_ref_from_model(MOCK_TRIGGER) MOCK_TRIGGER_INSTANCE.payload = {} MOCK_TRIGGER_INSTANCE.occurrence_time = datetime.datetime.utcnow() MOCK_ACTION = ActionDB() MOCK_ACTION.id = 'action-test-1.id' MOCK_ACTION.name = 'action-test-1.name' MOCK_ACTION_EXECUTION = ActionExecutionDB() MOCK_ACTION_EXECUTION.id = 'actionexec-test-1.id' MOCK_ACTION_EXECUTION.name = 'actionexec-test-1.name' MOCK_ACTION_EXECUTION.status = 'scheduled' MOCK_RULE_1 = RuleDB() MOCK_RULE_1.id = 'rule-test-1' MOCK_RULE_1.trigger = reference.get_str_resource_ref_from_model(MOCK_TRIGGER) MOCK_RULE_1.criteria = {} MOCK_RULE_1.action = ActionExecutionSpecDB() MOCK_RULE_1.action.ref = reference.get_ref_from_model(MOCK_ACTION) MOCK_RULE_1.enabled = True
name='trigger-test.name', type='system.test') MOCK_TRIGGER_INSTANCE = TriggerInstanceDB( trigger=MOCK_TRIGGER.get_reference().ref, occurrence_time=date_utils.get_datetime_utc_now(), payload={ 'p1': 'v1', 'p2': 'preYYYpost', 'bool': True, 'int': 1, 'float': 0.8 }) MOCK_ACTION = ActionDB(id=bson.ObjectId(), pack='wolfpack', name='action-test-1.name') MOCK_RULE_1 = RuleDB( id=bson.ObjectId(), pack='wolfpack', name='some1', trigger=reference.get_str_resource_ref_from_model(MOCK_TRIGGER), criteria={}, action=ActionExecutionSpecDB(ref="somepack.someaction")) MOCK_RULE_2 = RuleDB( id=bson.ObjectId(), pack='wolfpack', name='some2', trigger=reference.get_str_resource_ref_from_model(MOCK_TRIGGER),
def setUp(self): super(InquiryPermissionsResolverTestCase, self).setUp() # Create some mock users user_1_db = UserDB(name='custom_role_inquiry_list_grant') user_1_db = User.add_or_update(user_1_db) self.users['custom_role_inquiry_list_grant'] = user_1_db user_2_db = UserDB(name='custom_role_inquiry_view_grant') user_2_db = User.add_or_update(user_2_db) self.users['custom_role_inquiry_view_grant'] = user_2_db user_3_db = UserDB(name='custom_role_inquiry_respond_grant') user_3_db = User.add_or_update(user_3_db) self.users['custom_role_inquiry_respond_grant'] = user_3_db user_4_db = UserDB(name='custom_role_inquiry_all_grant') user_4_db = User.add_or_update(user_4_db) self.users['custom_role_inquiry_all_grant'] = user_4_db user_5_db = UserDB(name='custom_role_inquiry_inherit') user_5_db = User.add_or_update(user_5_db) self.users['custom_role_inquiry_inherit'] = user_5_db # Create a workflow for testing inheritance of action_execute permission # to inquiry_respond permission wf_db = ActionDB(pack='examples', name='mistral-ask-basic', entry_point='', runner_type={'name': 'mistral-v2'}) wf_db = Action.add_or_update(wf_db) self.resources['wf'] = wf_db runner = {'name': 'mistral-v2'} liveaction = {'action': 'examples.mistral-ask-basic'} status = action_constants.LIVEACTION_STATUS_PAUSED # Spawn workflow action = {'uid': wf_db.get_uid(), 'pack': 'examples'} wf_exc_db = ActionExecutionDB(action=action, runner=runner, liveaction=liveaction, status=status) wf_exc_db = ActionExecution.add_or_update(wf_exc_db) # Create an Inquiry on which permissions can be granted action_1_db = ActionDB(pack='core', name='ask', entry_point='', runner_type={'name': 'inquirer'}) action_1_db = Action.add_or_update(action_1_db) self.resources['action_1'] = action_1_db runner = {'name': 'inquirer'} liveaction = {'action': 'core.ask'} status = action_constants.LIVEACTION_STATUS_PENDING # For now, Inquiries are "borrowing" the ActionExecutionDB model, # so we have to test with that model action = {'uid': action_1_db.get_uid(), 'pack': 'core'} inquiry_1_db = ActionExecutionDB(action=action, runner=runner, liveaction=liveaction, status=status) # A separate inquiry that has a parent (so we can test workflow permission inheritance) inquiry_2_db = ActionExecutionDB(action=action, runner=runner, liveaction=liveaction, status=status, parent=str(wf_exc_db.id)) # A bit gross, but it's what we have to do since Inquiries # don't yet have their own data model def get_uid(): return "inquiry" inquiry_1_db.get_uid = get_uid inquiry_2_db.get_uid = get_uid inquiry_1_db = ActionExecution.add_or_update(inquiry_1_db) inquiry_2_db = ActionExecution.add_or_update(inquiry_2_db) self.resources['inquiry_1'] = inquiry_1_db self.resources['inquiry_2'] = inquiry_2_db ############################################################ # Create some mock roles with associated permission grants # ############################################################ # Custom role - "inquiry_list" grant grant_db = PermissionGrantDB( resource_uid=self.resources['inquiry_1'].get_uid(), resource_type=ResourceType.INQUIRY, permission_types=[PermissionType.INQUIRY_LIST]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_inquiry_list_grant', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_inquiry_list_grant'] = role_db # Custom role - "inquiry_view" grant grant_db = PermissionGrantDB( resource_uid=self.resources['inquiry_1'].get_uid(), resource_type=ResourceType.INQUIRY, permission_types=[PermissionType.INQUIRY_VIEW]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_inquiry_view_grant', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_inquiry_view_grant'] = role_db # Custom role - "inquiry_respond" grant grant_db = PermissionGrantDB( resource_uid=self.resources['inquiry_1'].get_uid(), resource_type=ResourceType.INQUIRY, permission_types=[PermissionType.INQUIRY_RESPOND]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_inquiry_respond_grant', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_inquiry_respond_grant'] = role_db # Custom role - "inquiry_all" grant grant_db = PermissionGrantDB( resource_uid=self.resources['inquiry_1'].get_uid(), resource_type=ResourceType.INQUIRY, permission_types=[PermissionType.INQUIRY_ALL]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_inquiry_all_grant', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_inquiry_all_grant'] = role_db # Custom role - inheritance grant grant_db = PermissionGrantDB( resource_uid=self.resources['wf'].get_uid(), resource_type=ResourceType.ACTION, permission_types=[PermissionType.ACTION_EXECUTE]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_inquiry_inherit', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_inquiry_inherit'] = role_db ##################################### # Create some mock role assignments # ##################################### user_db = self.users['custom_role_inquiry_list_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_inquiry_list_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_inquiry_view_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_inquiry_view_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_inquiry_respond_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_inquiry_respond_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_inquiry_all_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_inquiry_all_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_inquiry_inherit'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_inquiry_inherit'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db)
def setUp(self): super(ActionPermissionsResolverTestCase, self).setUp() # Create some mock users user_1_db = UserDB(name='1_role_action_pack_grant') user_1_db = User.add_or_update(user_1_db) self.users['custom_role_action_pack_grant'] = user_1_db user_2_db = UserDB(name='1_role_action_grant') user_2_db = User.add_or_update(user_2_db) self.users['custom_role_action_grant'] = user_2_db user_3_db = UserDB(name='custom_role_pack_action_all_grant') user_3_db = User.add_or_update(user_3_db) self.users['custom_role_pack_action_all_grant'] = user_3_db user_4_db = UserDB(name='custom_role_action_all_grant') user_4_db = User.add_or_update(user_4_db) self.users['custom_role_action_all_grant'] = user_4_db user_5_db = UserDB(name='custom_role_action_execute_grant') user_5_db = User.add_or_update(user_5_db) self.users['custom_role_action_execute_grant'] = user_5_db user_6_db = UserDB(name='action_pack_action_create_grant') user_6_db = User.add_or_update(user_6_db) self.users['action_pack_action_create_grant'] = user_6_db user_7_db = UserDB(name='action_pack_action_all_grant') user_7_db = User.add_or_update(user_7_db) self.users['action_pack_action_all_grant'] = user_7_db user_8_db = UserDB(name='action_action_create_grant') user_8_db = User.add_or_update(user_8_db) self.users['action_action_create_grant'] = user_8_db user_9_db = UserDB(name='action_action_all_grant') user_9_db = User.add_or_update(user_9_db) self.users['action_action_all_grant'] = user_9_db user_10_db = UserDB(name='custom_role_action_list_grant') user_10_db = User.add_or_update(user_10_db) self.users['custom_role_action_list_grant'] = user_10_db # Create some mock resources on which permissions can be granted action_1_db = ActionDB(pack='test_pack_1', name='action1', entry_point='', runner_type={'name': 'local-shell-cmd'}) action_1_db = Action.add_or_update(action_1_db) self.resources['action_1'] = action_1_db action_2_db = ActionDB(pack='test_pack_1', name='action2', entry_point='', runner_type={'name': 'local-shell-cmd'}) action_2_db = Action.add_or_update(action_1_db) self.resources['action_2'] = action_2_db action_3_db = ActionDB(pack='test_pack_2', name='action3', entry_point='', runner_type={'name': 'local-shell-cmd'}) action_3_db = Action.add_or_update(action_3_db) self.resources['action_3'] = action_3_db # Create some mock roles with associated permission grants # Custom role 2 - one grant on parent pack # "action_view" on pack_1 grant_db = PermissionGrantDB(resource_uid=self.resources['pack_1'].get_uid(), resource_type=ResourceType.PACK, permission_types=[PermissionType.ACTION_VIEW]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_3_db = RoleDB(name='custom_role_action_pack_grant', permission_grants=permission_grants) role_3_db = Role.add_or_update(role_3_db) self.roles['custom_role_action_pack_grant'] = role_3_db # Custom role 4 - one grant on action # "action_view" on action_3 grant_db = PermissionGrantDB(resource_uid=self.resources['action_3'].get_uid(), resource_type=ResourceType.ACTION, permission_types=[PermissionType.ACTION_VIEW]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_4_db = RoleDB(name='custom_role_action_grant', permission_grants=permission_grants) role_4_db = Role.add_or_update(role_4_db) self.roles['custom_role_action_grant'] = role_4_db # Custom role - "action_all" grant on a parent action pack grant_db = PermissionGrantDB(resource_uid=self.resources['pack_1'].get_uid(), resource_type=ResourceType.PACK, permission_types=[PermissionType.ACTION_ALL]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_4_db = RoleDB(name='custom_role_pack_action_all_grant', permission_grants=permission_grants) role_4_db = Role.add_or_update(role_4_db) self.roles['custom_role_pack_action_all_grant'] = role_4_db # Custom role - "action_all" grant on action grant_db = PermissionGrantDB(resource_uid=self.resources['action_1'].get_uid(), resource_type=ResourceType.ACTION, permission_types=[PermissionType.ACTION_ALL]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_4_db = RoleDB(name='custom_role_action_all_grant', permission_grants=permission_grants) role_4_db = Role.add_or_update(role_4_db) self.roles['custom_role_action_all_grant'] = role_4_db # Custom role - "action_execute" on action_1 grant_db = PermissionGrantDB(resource_uid=self.resources['action_1'].get_uid(), resource_type=ResourceType.ACTION, permission_types=[PermissionType.ACTION_EXECUTE]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_5_db = RoleDB(name='custom_role_action_execute_grant', permission_grants=permission_grants) role_5_db = Role.add_or_update(role_5_db) self.roles['custom_role_action_execute_grant'] = role_5_db # Custom role - "action_create" grant on pack_1 grant_db = PermissionGrantDB(resource_uid=self.resources['pack_1'].get_uid(), resource_type=ResourceType.PACK, permission_types=[PermissionType.ACTION_CREATE]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_6_db = RoleDB(name='action_pack_action_create_grant', permission_grants=permission_grants) role_6_db = Role.add_or_update(role_6_db) self.roles['action_pack_action_create_grant'] = role_6_db # Custom role - "action_all" grant on pack_1 grant_db = PermissionGrantDB(resource_uid=self.resources['pack_1'].get_uid(), resource_type=ResourceType.PACK, permission_types=[PermissionType.ACTION_ALL]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_7_db = RoleDB(name='action_pack_action_all_grant', permission_grants=permission_grants) role_7_db = Role.add_or_update(role_7_db) self.roles['action_pack_action_all_grant'] = role_7_db # Custom role - "action_create" grant on action_1 grant_db = PermissionGrantDB(resource_uid=self.resources['action_1'].get_uid(), resource_type=ResourceType.ACTION, permission_types=[PermissionType.ACTION_CREATE]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_8_db = RoleDB(name='action_action_create_grant', permission_grants=permission_grants) role_8_db = Role.add_or_update(role_8_db) self.roles['action_action_create_grant'] = role_8_db # Custom role - "action_all" grant on action_1 grant_db = PermissionGrantDB(resource_uid=self.resources['action_1'].get_uid(), resource_type=ResourceType.ACTION, permission_types=[PermissionType.ACTION_ALL]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_9_db = RoleDB(name='action_action_all_grant', permission_grants=permission_grants) role_9_db = Role.add_or_update(role_9_db) self.roles['action_action_all_grant'] = role_9_db # Custom role - "action_list" grant grant_db = PermissionGrantDB(resource_uid=None, resource_type=None, permission_types=[PermissionType.ACTION_LIST]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_10_db = RoleDB(name='custom_role_action_list_grant', permission_grants=permission_grants) role_10_db = Role.add_or_update(role_10_db) self.roles['custom_role_action_list_grant'] = role_10_db # Create some mock role assignments user_db = self.users['custom_role_action_pack_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_action_pack_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_action_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_action_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_pack_action_all_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_pack_action_all_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_action_all_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_action_all_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_action_execute_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_action_execute_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['action_pack_action_create_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['action_pack_action_create_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['action_pack_action_all_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['action_pack_action_all_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['action_action_create_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['action_action_create_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['action_action_all_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['action_action_all_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_action_list_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_action_list_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db)
"list": ["v1", True, 1], "recursive_list": [ { "field_name": "Status", "to_value": "Approved", }, { "field_name": "Signed off by", "to_value": "Stanley", }, ], }, ) MOCK_ACTION = ActionDB(id=bson.ObjectId(), pack="wolfpack", name="action-test-1.name") MOCK_RULE_1 = RuleDB( id=bson.ObjectId(), pack="wolfpack", name="some1", trigger=reference.get_str_resource_ref_from_model(MOCK_TRIGGER), criteria={}, action=ActionExecutionSpecDB(ref="somepack.someaction"), ) MOCK_RULE_2 = RuleDB( id=bson.ObjectId(), pack="wolfpack", name="some2",
def setUp(self): super(ExecutionPermissionsResolverTestCase, self).setUp() # Create some mock users user_1_db = UserDB(name='custom_role_unrelated_pack_action_grant') user_1_db = User.add_or_update(user_1_db) self.users['custom_role_unrelated_pack_action_grant'] = user_1_db user_2_db = UserDB( name='custom_role_pack_action_grant_unrelated_permission') user_2_db = User.add_or_update(user_2_db) self.users[ 'custom_role_pack_action_grant_unrelated_permission'] = user_2_db user_3_db = UserDB(name='custom_role_pack_action_view_grant') user_3_db = User.add_or_update(user_3_db) self.users['custom_role_pack_action_view_grant'] = user_3_db user_4_db = UserDB(name='custom_role_action_view_grant') user_4_db = User.add_or_update(user_4_db) self.users['custom_role_action_view_grant'] = user_4_db user_5_db = UserDB(name='custom_role_pack_action_execute_grant') user_5_db = User.add_or_update(user_5_db) self.users['custom_role_pack_action_execute_grant'] = user_5_db user_6_db = UserDB(name='custom_role_action_execute_grant') user_6_db = User.add_or_update(user_6_db) self.users['custom_role_action_execute_grant'] = user_6_db user_7_db = UserDB(name='custom_role_pack_action_all_grant') user_7_db = User.add_or_update(user_7_db) self.users['custom_role_pack_action_all_grant'] = user_7_db user_8_db = UserDB(name='custom_role_action_all_grant') user_8_db = User.add_or_update(user_8_db) self.users['custom_role_action_all_grant'] = user_8_db user_9_db = UserDB(name='custom_role_execution_list_grant') user_9_db = User.add_or_update(user_5_db) self.users['custom_role_execution_list_grant'] = user_9_db # Create some mock resources on which permissions can be granted action_1_db = ActionDB(pack='test_pack_2', name='action1', entry_point='', runner_type={'name': 'run-local'}) action_1_db = Action.add_or_update(action_1_db) self.resources['action_1'] = action_1_db runner = {'name': 'run-python'} liveaction = {'action': 'test_pack_2.action1'} status = action_constants.LIVEACTION_STATUS_REQUESTED action = {'uid': action_1_db.get_uid(), 'pack': 'test_pack_2'} exec_1_db = ActionExecutionDB(action=action, runner=runner, liveaction=liveaction, status=status) exec_1_db = ActionExecution.add_or_update(exec_1_db) self.resources['exec_1'] = exec_1_db # Create some mock roles with associated permission grants # Custom role - one grant to an unrelated pack grant_db = PermissionGrantDB( resource_uid=self.resources['pack_1'].get_uid(), resource_type=ResourceType.PACK, permission_types=[PermissionType.ACTION_VIEW]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_unrelated_pack_action_grant', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_unrelated_pack_action_grant'] = role_db # Custom role - one grant of unrelated permission type to parent action pack grant_db = PermissionGrantDB( resource_uid=self.resources['pack_2'].get_uid(), resource_type=ResourceType.PACK, permission_types=[PermissionType.RULE_VIEW]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB( name='custom_role_pack_action_grant_unrelated_permission', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles[ 'custom_role_pack_action_grant_unrelated_permission'] = role_db # Custom role - one grant of "action_view" to the parent pack of the action the execution # belongs to grant_db = PermissionGrantDB( resource_uid=self.resources['pack_2'].get_uid(), resource_type=ResourceType.PACK, permission_types=[PermissionType.ACTION_VIEW]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_pack_action_view_grant', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_pack_action_view_grant'] = role_db # Custom role - one grant of "action_view" to the action the execution belongs to grant_db = PermissionGrantDB( resource_uid=self.resources['action_1'].get_uid(), resource_type=ResourceType.ACTION, permission_types=[PermissionType.ACTION_VIEW]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_action_view_grant', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_action_view_grant'] = role_db # Custom role - one grant of "action_execute" to the parent pack of the action the # execution belongs to grant_db = PermissionGrantDB( resource_uid=self.resources['pack_2'].get_uid(), resource_type=ResourceType.PACK, permission_types=[PermissionType.ACTION_EXECUTE]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_pack_action_execute_grant', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_pack_action_execute_grant'] = role_db # Custom role - one grant of "action_execute" to the the action the execution belongs to grant_db = PermissionGrantDB( resource_uid=self.resources['action_1'].get_uid(), resource_type=ResourceType.ACTION, permission_types=[PermissionType.ACTION_EXECUTE]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_db = RoleDB(name='custom_role_action_execute_grant', permission_grants=permission_grants) role_db = Role.add_or_update(role_db) self.roles['custom_role_action_execute_grant'] = role_db # Custom role - "action_all" grant on a parent action pack the execution belongs to grant_db = PermissionGrantDB( resource_uid=self.resources['pack_2'].get_uid(), resource_type=ResourceType.PACK, permission_types=[PermissionType.ACTION_ALL]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_4_db = RoleDB(name='custom_role_pack_action_all_grant', permission_grants=permission_grants) role_4_db = Role.add_or_update(role_4_db) self.roles['custom_role_pack_action_all_grant'] = role_4_db # Custom role - "action_all" grant on action the execution belongs to grant_db = PermissionGrantDB( resource_uid=self.resources['action_1'].get_uid(), resource_type=ResourceType.ACTION, permission_types=[PermissionType.ACTION_ALL]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_4_db = RoleDB(name='custom_role_action_all_grant', permission_grants=permission_grants) role_4_db = Role.add_or_update(role_4_db) self.roles['custom_role_action_all_grant'] = role_4_db # Custom role - "execution_list" grant grant_db = PermissionGrantDB( resource_uid=None, resource_type=None, permission_types=[PermissionType.EXECUTION_LIST]) grant_db = PermissionGrant.add_or_update(grant_db) permission_grants = [str(grant_db.id)] role_5_db = RoleDB(name='custom_role_execution_list_grant', permission_grants=permission_grants) role_5_db = Role.add_or_update(role_5_db) self.roles['custom_role_execution_list_grant'] = role_5_db # Create some mock role assignments user_db = self.users['custom_role_unrelated_pack_action_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_unrelated_pack_action_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users[ 'custom_role_pack_action_grant_unrelated_permission'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self. roles['custom_role_pack_action_grant_unrelated_permission'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_pack_action_view_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_pack_action_view_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_action_view_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_action_view_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_pack_action_execute_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_pack_action_execute_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_action_execute_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_action_execute_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_pack_action_all_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_pack_action_all_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_action_all_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_action_all_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db) user_db = self.users['custom_role_execution_list_grant'] role_assignment_db = UserRoleAssignmentDB( user=user_db.name, role=self.roles['custom_role_execution_list_grant'].name, source='assignments/%s.yaml' % user_db.name) UserRoleAssignment.add_or_update(role_assignment_db)
class NotifierTestCase(unittest2.TestCase): class MockDispatcher(object): def __init__(self, tester): self.tester = tester self.notify_trigger = ResourceReference.to_string_reference( pack=NOTIFY_TRIGGER_TYPE['pack'], name=NOTIFY_TRIGGER_TYPE['name']) self.action_trigger = ResourceReference.to_string_reference( pack=ACTION_TRIGGER_TYPE['pack'], name=ACTION_TRIGGER_TYPE['name']) def dispatch(self, *args, **kwargs): try: self.tester.assertEqual(len(args), 1) self.tester.assertTrue('payload' in kwargs) payload = kwargs['payload'] if args[0] == self.notify_trigger: self.tester.assertEqual(payload['status'], 'succeeded') self.tester.assertTrue('execution_id' in payload) self.tester.assertEqual(payload['execution_id'], MOCK_EXECUTION_ID) self.tester.assertTrue('start_timestamp' in payload) self.tester.assertTrue('end_timestamp' in payload) self.tester.assertEqual('core.local', payload['action_ref']) self.tester.assertEqual('Action succeeded.', payload['message']) self.tester.assertTrue('data' in payload) self.tester.assertTrue('run-local-cmd', payload['runner_ref']) if args[0] == self.action_trigger: self.tester.assertEqual(payload['status'], 'succeeded') self.tester.assertTrue('execution_id' in payload) self.tester.assertEqual(payload['execution_id'], MOCK_EXECUTION_ID) self.tester.assertTrue('start_timestamp' in payload) self.tester.assertEqual('core.local', payload['action_name']) self.tester.assertEqual('core.local', payload['action_ref']) self.tester.assertTrue('result' in payload) self.tester.assertTrue('parameters' in payload) self.tester.assertTrue('run-local-cmd', payload['runner_ref']) except Exception: self.tester.fail('Test failed') @mock.patch( 'st2common.util.action_db.get_action_by_ref', mock.MagicMock(return_value=ActionDB( pack='core', name='local', runner_type={'name': 'run-local-cmd'}))) @mock.patch('st2common.util.action_db.get_runnertype_by_name', mock.MagicMock(return_value=RunnerTypeDB(runner_parameters={})) ) @mock.patch.object( Action, 'get_by_ref', mock.MagicMock(return_value={'runner_type': { 'name': 'run-local-cmd' }})) @mock.patch.object(Policy, 'query', mock.MagicMock(return_value=[])) @mock.patch.object(Notifier, '_get_execution_id_for_liveaction', mock.MagicMock(return_value=MOCK_EXECUTION_ID)) def test_notify_triggers(self): liveaction = LiveActionDB(action='core.local') liveaction.description = '' liveaction.status = 'succeeded' liveaction.parameters = {} on_success = NotificationSubSchema(message='Action succeeded.') on_failure = NotificationSubSchema(message='Action failed.') liveaction.notify = NotificationSchema(on_success=on_success, on_failure=on_failure) liveaction.start_timestamp = date_utils.get_datetime_utc_now() dispatcher = NotifierTestCase.MockDispatcher(self) notifier = Notifier(connection=None, queues=[], trigger_dispatcher=dispatcher) notifier.process(liveaction)