def _validate_security_rules(self) -> None: """Checks if the security rules defined in the plugin configuration are valid boolean expressions or raises a ConfigurationError exception otherwise.""" def _get_error_msg_for(rule_name: str) -> str: return f"Invalid boolean expression for '{rule_name}' in {self.label} file source plugin configuration." if self.requires_roles and not BooleanExpressionEvaluator.is_valid_expression(self.requires_roles): raise ConfigurationError(_get_error_msg_for("requires_roles")) if self.requires_groups and not BooleanExpressionEvaluator.is_valid_expression(self.requires_groups): raise ConfigurationError(_get_error_msg_for("requires_groups"))
def contained_evaluator() -> BooleanExpressionEvaluator: """Boolean expression evaluator using the TokenContainedEvaluator. All the tokens in TOKENS_THAT_ARE_TRUE will be evaluated to True and any other token to False.""" token_evaluator = TokenContainedEvaluator(TOKENS_THAT_ARE_TRUE) evaluator = BooleanExpressionEvaluator(token_evaluator, TOKEN_FORMAT) return evaluator
def _evaluate_security_rules(self, rule_expression: str, user_credentials: Set[str]) -> bool: token_evaluator = TokenContainedEvaluator(user_credentials) evaluator = BooleanExpressionEvaluator(token_evaluator) return evaluator.evaluate_expression(rule_expression)
def test_is_valid_expression_return_false_when_invalid(expr: str): result = BooleanExpressionEvaluator.is_valid_expression(expr) assert result is False
def test_is_valid_expression_return_true_when_valid(expr: str, _: bool): result = BooleanExpressionEvaluator.is_valid_expression(expr) assert result is True
def test_invalid_expression_raises_exception( expr: str, contained_evaluator: BooleanExpressionEvaluator): with pytest.raises(Exception): contained_evaluator.evaluate_expression(expr)
def test_expression_evaluates_as_expected( expr: str, expected: bool, contained_evaluator: BooleanExpressionEvaluator): actual = contained_evaluator.evaluate_expression(expr) assert actual == expected