def test_process_acls_multiple(self):
"""Test function of _process_acls with a bad permission format."""
acls = [
{"permission": "cost-management:provider:read", "resourceDefinitions": []},
{
"permission": "cost-management:provider:write",
"resourceDefinitions": [
{"attributeFilter": {"key": "cost-management.provider", "operation": "in", "value": "1,3,5"}}
],
},
{
"permission": "cost-management:provider:write",
"resourceDefinitions": [
{"attributeFilter": {"key": "cost-management.provider", "operation": "equal", "value": "8"}}
],
},
]
access = _process_acls(acls) # pylint: disable=protected-access
expected = {
"provider": [
{"operation": "read", "resources": ["*"]},
{"operation": "write", "resources": ["1", "3", "5"]},
{"operation": "write", "resources": ["8"]},
]
}
print()
print(access)
self.assertEqual(access, expected)
def test_process_acls_attributeFilter_value_list(self):
"""Test that we correctly handle a list of values."""
acls = [
{
"permission": "cost-management:cost_model:read",
"resourceDefinitions": []
},
{
"permission":
"cost-management:cost_model:write",
"resourceDefinitions": [{
"attributeFilter": {
"key": "cost-management.cost_model",
"operation": "in",
"value": ["1", "3", "5"],
}
}],
},
]
access = _process_acls(acls)
expected = {
"cost_model": [
{
"operation": "read",
"resources": ["*"]
},
{
"operation": "write",
"resources": ["1", "3", "5"]
},
]
}
self.assertEqual(access, expected)
def test_process_acls_rate_to_cost_model_substitution(self):
"""Test function of _process_acls with a bad permission format."""
acls = [
{"permission": "cost-management:rate:read", "resourceDefinitions": []},
{
"permission": "cost-management:rate:write",
"resourceDefinitions": [
{"attributeFilter": {"key": "cost-management.rate", "operation": "in", "value": "1,3,5"}}
],
},
{
"permission": "cost-management:rate:write",
"resourceDefinitions": [
{"attributeFilter": {"key": "cost-management.rate", "operation": "equal", "value": "8"}}
],
},
]
access = _process_acls(acls)
expected = {
"cost_model": [
{"operation": "read", "resources": ["*"]},
{"operation": "write", "resources": ["1", "3", "5"]},
{"operation": "write", "resources": ["8"]},
]
}
self.assertEqual(access, expected)
def test_process_acls_bad_permission(self):
"""Test function of _process_acls with a bad permission format."""
acls = [
{
'permission': 'bad_permission'
}
]
access = _process_acls(acls) # pylint: disable=protected-access
self.assertIsNone(access)
def test_process_acls_multiple(self):
"""Test function of _process_acls with a bad permission format."""
acls = [{
'permission': 'cost-management:provider:read',
'resourceDefinitions': []
}, {
'permission':
'cost-management:provider:write',
'resourceDefinitions': [{
'attributeFilter': {
'key': 'cost-management.provider',
'operation': 'in',
'value': '1,3,5'
}
}]
}, {
'permission':
'cost-management:provider:write',
'resourceDefinitions': [{
'attributeFilter': {
'key': 'cost-management.provider',
'operation': 'equal',
'value': '8'
}
}]
}]
access = _process_acls(acls) # pylint: disable=protected-access
expected = {
'provider': [{
'operation': 'read',
'resources': ['*']
}, {
'operation': 'write',
'resources': ['1', '3', '5']
}, {
'operation': 'write',
'resources': ['8']
}]
}
print()
print(access)
self.assertEqual(access, expected)
def test_process_acls_bad_permission(self):
"""Test function of _process_acls with a bad permission format."""
acls = [{"permission": "bad_permission"}]
access = _process_acls(acls)
self.assertIsNone(access)