def test_parse_rule_with_list_claim_from_yaml(self):
rule_d = {
'name':
'my-rule',
'conditions': [{
'groups': 'ghostbusters',
'iss': 'my-idp'
}, {
'sub': 'user2',
'iss': 'my-2nd-idp'
}],
}
rule = AuthorizationRuleParser().fromYaml(rule_d)
self.assertEqual('my-rule', rule.name)
claims = {
'iss': 'my-idp',
'sub': 'user1',
'groups': ['admin', 'ghostbusters']
}
self.assertTrue(rule(claims))
claims = {
'iss': 'my-idp',
'sub': 'user1',
'groups': ['admin', 'ghostbeaters']
}
self.assertFalse(rule(claims))
claims = {
'iss': 'my-2nd-idp',
'sub': 'user2',
'groups': ['admin', 'ghostbusters']
}
self.assertTrue(rule(claims))
def test_check_complex_rule_from_yaml_nested_dict(self):
rule_d = {
'name': 'my-rule',
'conditions': [
{
'hello': {
'this': {
'is': 'a complex value'
}
}
},
],
}
rule = AuthorizationRuleParser().fromYaml(rule_d)
self.assertEqual('my-rule', rule.name)
claims = {
'iss': 'my-idp',
'hello': {
'this': {
'is': 'a complex value'
},
'and': {
'this one': 'too'
}
}
}
self.assertTrue(rule(claims))