def test_save_policy(self):
model = casbin.Enforcer(get_fixture('rbac_model.conf'),
get_fixture('rbac_policy.csv')).model
adapter = Adapter('sqlite://')
adapter.save_policy(model)
e = casbin.Enforcer(get_fixture('rbac_model.conf'), adapter)
self.assertTrue(e.enforce('alice', 'data1', 'read'))
self.assertFalse(e.enforce('bob', 'data1', 'read'))
self.assertTrue(e.enforce('bob', 'data2', 'write'))
self.assertTrue(e.enforce('alice', 'data2', 'read'))
self.assertTrue(e.enforce('alice', 'data2', 'write'))
def _create_adapter(cls):
"""Create database adapter for casbin enforcer."""
if connections['default'].get_connection_params().get('user'):
connection_string = cls._create_connection_string()
else:
connection_string = "sqlite://" # in-memory database
return Adapter(connection_string)
def get_enforcer():
engine = create_engine("sqlite://")
adapter = Adapter(engine)
session = sessionmaker(bind=engine)
Base.metadata.create_all(engine)
s = session()
s.add(CasbinRule(ptype='p', v0='alice', v1='data1', v2='read'))
s.add(CasbinRule(ptype='p', v0='bob', v1='data2', v2='write'))
s.add(CasbinRule(ptype='p', v0='data2_admin', v1='data2', v2='read'))
s.add(CasbinRule(ptype='p', v0='data2_admin', v1='data2', v2='write'))
s.add(CasbinRule(ptype='g', v0='alice', v1='data2_admin'))
s.commit()
s.close()
return casbin.Enforcer(get_fixture('rbac_model.conf'), adapter, True)
def get_enforcer():
engine = create_engine("sqlite://")
# engine = create_engine('sqlite:///' + os.path.split(os.path.realpath(__file__))[0] + '/test.db', echo=True)
adapter = Adapter(engine)
session = sessionmaker(bind=engine)
Base.metadata.create_all(engine)
s = session()
s.query(CasbinRule).delete()
s.add(CasbinRule(ptype="p", v0="alice", v1="data1", v2="read"))
s.add(CasbinRule(ptype="p", v0="bob", v1="data2", v2="write"))
s.add(CasbinRule(ptype="p", v0="data2_admin", v1="data2", v2="read"))
s.add(CasbinRule(ptype="p", v0="data2_admin", v1="data2", v2="write"))
s.add(CasbinRule(ptype="g", v0="alice", v1="data2_admin"))
s.commit()
s.close()
return casbin.Enforcer(get_fixture("rbac_model.conf"), adapter)
def get_enforcer():
engine = create_engine("sqlite://")
# engine = create_engine('sqlite:///' + os.path.split(os.path.realpath(__file__))[0] + '/test.db', echo=True)
adapter = Adapter(engine)
session = sessionmaker(bind=engine)
Base.metadata.create_all(engine)
s = session()
s.query(CasbinRule).delete()
s.add(CasbinRule(ptype='p', v0='alice', v1='data1', v2='read'))
s.add(CasbinRule(ptype='p', v0='bob', v1='data2', v2='write'))
s.add(CasbinRule(ptype='p', v0='data2_admin', v1='data2', v2='read'))
s.add(CasbinRule(ptype='p', v0='data2_admin', v1='data2', v2='write'))
s.add(CasbinRule(ptype='g', v0='alice', v1='data2_admin'))
s.commit()
s.close()
return casbin.Enforcer(get_fixture('rbac_model.conf'), adapter)
def enforcer_partial():
engine = create_engine("sqlite://")
adapter = Adapter(engine)
session = sessionmaker(bind=engine)
Base.metadata.create_all(engine)
s = session()
s.query(CasbinRule).delete()
s.add(CasbinRule(ptype="p", v0="alice", v1="/item", v2="GET"))
s.add(CasbinRule(ptype="p", v0="bob", v1="/item", v2="GET"))
s.add(CasbinRule(ptype="p", v0="data2_admin", v1="/item", v2="POST"))
s.add(CasbinRule(ptype="p", v0="data2_admin", v1="/item", v2="DELETE"))
s.add(CasbinRule(ptype="p", v0="data2_admin", v1="/item", v2="GET"))
s.add(CasbinRule(ptype="g", v0="alice", v1="data2_admin"))
s.add(CasbinRule(ptype="g", v0="users", v1="data2_admin"))
s.commit()
s.close()
return CasbinEnforcer(adapter=adapter)
def test_add_policy(self):
adapter = Adapter('sqlite://')
e = casbin.Enforcer(get_fixture('rbac_model.conf'), adapter, True)
try:
self.assertFalse(e.enforce('alice', 'data1', 'read'))
self.assertFalse(e.enforce('bob', 'data1', 'read'))
self.assertFalse(e.enforce('bob', 'data2', 'write'))
self.assertFalse(e.enforce('alice', 'data2', 'read'))
self.assertFalse(e.enforce('alice', 'data2', 'write'))
except simpleeval.NameNotDefined:
# This is caused by an upstream bug when there is no policy loaded
# Should be resolved in pycasbin >= 0.3
pass
adapter.add_policy(sec=None,
ptype='p',
rule=['alice', 'data1', 'read'])
adapter.add_policy(sec=None, ptype='p', rule=['bob', 'data2', 'write'])
adapter.add_policy(sec=None,
ptype='p',
rule=['data2_admin', 'data2', 'read'])
adapter.add_policy(sec=None,
ptype='p',
rule=['data2_admin', 'data2', 'write'])
adapter.add_policy(sec=None, ptype='g', rule=['alice', 'data2_admin'])
e.load_policy()
self.assertTrue(e.enforce('alice', 'data1', 'read'))
self.assertFalse(e.enforce('bob', 'data1', 'read'))
self.assertTrue(e.enforce('bob', 'data2', 'write'))
self.assertTrue(e.enforce('alice', 'data2', 'read'))
self.assertTrue(e.enforce('alice', 'data2', 'write'))
self.assertFalse(e.enforce('bogus', 'data2', 'write'))
def get_enforcer():
engine = create_engine("sqlite:///test.db")
# engine = create_engine('sqlite:///' + os.path.split(os.path.realpath(__file__))[0] + '/test.db', echo=True)
adapter = Adapter(engine)
return casbin.Enforcer(get_fixture('rbac_model.conf'), adapter)