def test_import_subject_object_action_categories():
client = utilities.register_client()
type_elements = ["subject", "object", "action"]
for type_element in type_elements:
import_export_utilities.clean_all(client)
counter = -1
# set the getters and the comparison values
if type_element == "subject":
elements = SUBJECT_CATEGORIES
get_method = test_categories.get_subject_categories
elif type_element == "object":
elements = OBJECT_CATEGORIES
get_method = test_categories.get_object_categories
else:
elements = ACTION_CATEGORIES
get_method = test_categories.get_action_categories
for element in elements:
req = client.post("/import",
content_type='application/json',
data=json.dumps(element))
counter = counter + 1
data = utilities.get_json(req.data)
assert data == "Import ok !"
req, get_elements = get_method(client)
get_elements = get_elements[type_element + "_categories"]
assert len(list(get_elements.keys())) == 1
values = list(get_elements.values())
assert values[0]["name"] == "test " + type_element + " categories"
assert values[0][
"description"] == type_element + " category description"
def test_import_rules():
client = utilities.register_client()
import_export_utilities.clean_all(client)
req = client.post("/import",
content_type='application/json',
data=json.dumps(PRE_ASSIGNMENTS))
data = utilities.get_json(req.data)
assert data == "Import ok !"
counter = -1
for rule in RULES:
counter = counter + 1
req = client.post("/import",
content_type='application/json',
data=json.dumps(rule))
if counter < 5:
assert req.status_code == 500
continue
assert req.status_code == 200
req, rules = test_rules.test_get_rules()
rules = rules["rules"]
rules = rules["rules"]
assert len(rules) == 1
rules = rules[0]
assert rules["enabled"]
assert rules["instructions"]["decision"] == "grant"
req, meta_rules = test_meta_rules.get_meta_rules(client)
assert meta_rules["meta_rules"][list(
meta_rules["meta_rules"].keys())[0]]["name"] == "good meta rule"
def test_import_policies():
client = utilities.register_client()
import_export_utilities.clean_all(client)
counter = -1
for policy_description in POLICIES:
counter = counter + 1
req = client.post("/import",
content_type='application/json',
data=json.dumps(policy_description))
try:
data = utilities.get_json(req.data)
assert data == "Import ok !"
except Exception:
assert counter == 2 # this is an expected failure
continue
req, policies = test_policies.get_policies(client)
policies = policies["policies"]
assert len(list(policies.keys())) == 1
values = list(policies.values())
assert values[0]["name"] == "test policy"
if counter < 3:
assert values[0]["genre"] == "authz"
assert values[0]["description"] == "description"
else:
assert values[0]["genre"] == "not authz ?"
assert values[0]["description"] == "changes taken into account"
assert len(values[0]["model_id"]) > 0
import_export_utilities.clean_all(client)
def test_export_assignments():
client = utilities.register_client()
import_export_utilities.clean_all(client)
req = client.post("/import", content_type='application/json', data=json.dumps(ASSIGNMENTS))
data = utilities.get_json(req.data)
assert data == "Import ok !"
req = client.get("/export")
assert req.status_code == 200
data = utilities.get_json(req.data)
assert "content" in data
type_elements = ["subject", "object", "action"]
for type_element in type_elements:
key = type_element + "_assignments"
assert key in data["content"]
assert isinstance(data["content"][key], list)
assert len(data["content"][key]) == 1
assignment_elt = data["content"][key][0]
assert type_element in assignment_elt
assert isinstance(assignment_elt[type_element], dict)
if type_element == "subject":
assert assignment_elt[type_element]["name"] == "testuser"
else:
assert assignment_elt[type_element]["name"] == "test " + type_element + " e0"
assert "category" in assignment_elt
assert isinstance(assignment_elt["category"], dict)
assert assignment_elt["category"]["name"] == "test " + type_element + " categories"
assert "assignments" in assignment_elt
assert isinstance(assignment_elt["assignments"], list)
assert len(assignment_elt["assignments"]) == 1
assert assignment_elt["assignments"][0]["name"] == "test " + type_element + " data"
import_export_utilities.clean_all(client)
def test_export_subject_object_action():
client = utilities.register_client()
import_export_utilities.clean_all(client)
req = client.post("/import", content_type='application/json', data=json.dumps(SUBJECTS_OBJECTS_ACTIONS))
data = utilities.get_json(req.data)
assert data == "Import ok !"
req = client.get("/export")
assert req.status_code == 200
data = utilities.get_json(req.data)
assert "content" in data
type_elements = ["subject", "object", "action"]
for type_element in type_elements:
key = type_element + "s"
assert key in data["content"]
assert isinstance(data["content"][key], list)
assert len(data["content"][key]) == 1
element = data["content"][key][0]
if type_element == "subject":
assert element["name"] == "testuser"
else:
assert element["name"] == "test "+ type_element
assert element["description"] == "description of the " + type_element
assert "policies" in element
assert isinstance(element["policies"], list)
assert len(element["policies"]) == 1
assert isinstance(element["policies"][0], dict)
assert element["policies"][0]["name"] == "test policy"
assert isinstance(element["extra"], dict)
key_dict = "field_extra_" + type_element
value_dict = "value extra " + type_element
assert key_dict in element["extra"]
assert element["extra"][key_dict] == value_dict
def test_import_meta_rules():
client = utilities.register_client()
import_export_utilities.clean_all(client)
# import some categories
req = client.post("/import",
content_type='application/json',
data=json.dumps(PRE_META_RULES))
data = utilities.get_json(req.data)
assert data == "Import ok !"
counter = -1
for meta_rule in META_RULES:
counter = counter + 1
req = client.post("/import",
content_type='application/json',
data=json.dumps(meta_rule))
if counter != 3:
assert req.status_code == 500
continue
else:
data = utilities.get_json(req.data)
assert data == "Import ok !"
assert req.status_code == 200
req, meta_rules = test_meta_rules.get_meta_rules(client)
meta_rules = meta_rules["meta_rules"]
key = list(meta_rules.keys())[0]
assert isinstance(meta_rules, dict)
assert meta_rules[key]["name"] == "good meta rule"
assert meta_rules[key]["description"] == "valid meta rule"
assert len(meta_rules[key]["subject_categories"]) == 1
assert len(meta_rules[key]["object_categories"]) == 1
assert len(meta_rules[key]["action_categories"]) == 1
subject_category_key = meta_rules[key]["subject_categories"][0]
object_category_key = meta_rules[key]["object_categories"][0]
action_category_key = meta_rules[key]["action_categories"][0]
req, sub_cat = test_categories.get_subject_categories(client)
sub_cat = sub_cat["subject_categories"]
assert sub_cat[subject_category_key][
"name"] == "test subject categories"
req, ob_cat = test_categories.get_object_categories(client)
ob_cat = ob_cat["object_categories"]
assert ob_cat[object_category_key]["name"] == "test object categories"
req, ac_cat = test_categories.get_action_categories(client)
ac_cat = ac_cat["action_categories"]
assert ac_cat[action_category_key]["name"] == "test action categories"
import_export_utilities.clean_all(client)
def test_export_models():
client = utilities.register_client()
import_export_utilities.clean_all(client)
req = client.post("/import", content_type='application/json', data=json.dumps(MODEL_WITHOUT_META_RULES))
data = utilities.get_json(req.data)
assert data == "Import ok !"
req = client.get("/export")
assert req.status_code == 200
data = utilities.get_json(req.data)
assert "content" in data
assert "models" in data["content"]
assert isinstance(data["content"]["models"], list)
assert len(data["content"]["models"]) == 1
model = data["content"]["models"][0]
assert model["name"] == "test model"
assert model["description"] == "model description"
assert isinstance(model["meta_rules"], list)
assert len(model["meta_rules"]) == 0
def test_export_subject_object_action_categories():
client = utilities.register_client()
import_export_utilities.clean_all(client)
req = client.post("/import", content_type='application/json', data=json.dumps(SUBJECT_OBJECT_ACTION_CATEGORIES))
data = utilities.get_json(req.data)
assert data == "Import ok !"
req = client.get("/export")
assert req.status_code == 200
data = utilities.get_json(req.data)
assert "content" in data
type_elements = ["subject", "object", "action"]
for type_element in type_elements:
key = type_element + "_categories"
assert key in data["content"]
assert isinstance(data["content"][key], list)
assert len(data["content"][key]) == 1
category = data["content"][key][0]
assert category["name"] == "test " + type_element + " categories"
assert category["description"] == type_element + " category description"
def test_import_subject_object_action_assignments():
client = utilities.register_client()
import_export_utilities.clean_all(client)
req = client.post("/import",
content_type='application/json',
data=json.dumps(PRE_ASSIGNMENTS))
data = utilities.get_json(req.data)
assert data == "Import ok !"
type_elements = ["subject", "object", "action"]
for type_element in type_elements:
counter = -1
if type_element == "subject":
datas = SUBJECT_ASSIGNMENTS
get_method = test_assignments.get_subject_assignment
elif type_element == "object":
datas = OBJECT_ASSIGNMENTS
get_method = test_assignments.get_object_assignment
else:
datas = ACTION_ASSIGNMENTS
get_method = test_assignments.get_action_assignment
for assignments in datas:
counter = counter + 1
req = client.post("/import",
content_type='application/json',
data=json.dumps(assignments))
if counter != 3:
assert req.status_code == 500
continue
else:
assert data == "Import ok !"
assert req.status_code == 200
req, policies = test_policies.get_policies(client)
for policy_key in policies["policies"]:
req, get_assignments = get_method(client, policy_key)
get_assignments = get_assignments[type_element +
"_assignments"]
assert len(get_assignments) == 1
def test_import_models_without_new_meta_rules():
client = utilities.register_client()
import_export_utilities.clean_all(client)
counter = 0
for models_description in MODEL_WITHOUT_META_RULES:
req = client.post("/import",
content_type='application/json',
data=json.dumps(models_description))
data = utilities.get_json(req.data)
assert data == "Import ok !"
req, models = test_models.get_models(client)
models = models["models"]
assert len(list(models.keys())) == 1
values = list(models.values())
assert values[0]["name"] == "test model"
if counter == 0:
assert len(values[0]["description"]) == 0
if counter == 1 or counter == 2:
assert values[0]["description"] == "new description"
counter = counter + 1
import_export_utilities.clean_all(client)
def test_export_rules():
client = utilities.register_client()
import_export_utilities.clean_all(client)
req = client.post("/import", content_type='application/json', data=json.dumps(RULES))
data = utilities.get_json(req.data)
assert data == "Import ok !"
req = client.get("/export")
assert req.status_code == 200
data = utilities.get_json(req.data)
assert "content" in data
assert "rules" in data["content"]
assert isinstance(data["content"]["rules"], list)
assert len(data["content"]["rules"]) == 1
rule = data["content"]["rules"][0]
assert "instructions" in rule
assert "decision" in rule["instructions"]
assert rule["instructions"]["decision"] == "grant"
assert "enabled" in rule
assert rule["enabled"]
assert "meta_rule" in rule
assert rule["meta_rule"]["name"] == "meta rule"
assert "policy" in rule
assert rule["policy"]["name"] == "test policy"
assert "rule" in rule
rule = rule["rule"]
assert "subject_data" in rule
assert isinstance(rule["subject_data"], list)
assert len(rule["subject_data"]) == 1
assert rule["subject_data"][0]["name"] == "test subject data"
assert "object_data" in rule
assert isinstance(rule["object_data"], list)
assert len(rule["object_data"]) == 1
assert rule["object_data"][0]["name"] == "test object data"
assert "action_data" in rule
assert isinstance(rule["action_data"], list)
assert len(rule["action_data"]) == 1
assert rule["action_data"][0]["name"] == "test action data"
def test_export_policies():
client = utilities.register_client()
import_export_utilities.clean_all(client)
req = client.post("/import", content_type='application/json', data=json.dumps(POLICIES))
data = utilities.get_json(req.data)
assert data == "Import ok !"
req = client.get("/export")
assert req.status_code == 200
data = utilities.get_json(req.data)
assert "content" in data
assert "policies" in data["content"]
assert isinstance(data["content"]["policies"], list)
assert len(data["content"]["policies"]) == 1
policy = data["content"]["policies"][0]
assert policy["name"] == "test policy"
assert policy["genre"] == "authz"
assert policy["description"] == "policy description"
assert "model" in policy
assert "name" in policy["model"]
model = policy["model"]
assert model["name"] == "test model"
def test_clean():
client = utilities.register_client()
import_export_utilities.clean_all(client)
#restore the database as previously
utilities.get_policy_id()
def test_import_subject_object_action_data():
client = utilities.register_client()
type_elements = ["subject", "object", "action"]
for type_element in type_elements:
import_export_utilities.clean_all(client)
req = client.post("/import",
content_type='application/json',
data=json.dumps(PRE_DATA))
counter = -1
# set the getters and the comparison values
if type_element == "subject":
elements = SUBJECT_DATA
get_method = test_data.get_subject_data
get_categories = test_categories.get_subject_categories
elif type_element == "object":
elements = OBJECT_DATA
get_method = test_data.get_object_data
get_categories = test_categories.get_object_categories
else:
elements = ACTION_DATA
get_method = test_data.get_action_data
get_categories = test_categories.get_action_categories
for element in elements:
req = client.post("/import",
content_type='application/json',
data=json.dumps(element))
counter = counter + 1
if counter == 0 or counter == 1:
assert req.status_code == 500
continue
assert req.status_code == 200
data = utilities.get_json(req.data)
assert data == "Import ok !"
req, policies = test_policies.get_policies(client)
policies = policies["policies"]
req, categories = get_categories(client)
categories = categories[type_element + "_categories"]
case_tested = False
for policy_key in policies.keys():
policy = policies[policy_key]
for category_key in categories:
req, get_elements = get_method(client,
policy_id=policy_key,
category_id=category_key)
if len(get_elements[type_element + "_data"]) == 0:
continue
# do this because the backend gives an element with empty data if the policy_key,
# category_key couple does not have any data...
get_elements = get_elements[type_element + "_data"]
if len(get_elements[0]["data"]) == 0:
continue
if policy["name"] == "test policy":
assert len(get_elements) == 1
el = get_elements[0]
assert isinstance(el["data"], dict)
if counter == 2:
assert len(el["data"].keys()) == 1
el = el["data"][list(el["data"].keys())[0]]
if "value" in el:
el = el["value"]
assert el[
"name"] == "one valid " + type_element + " data"
if counter == 3:
assert len(el["data"].keys()) == 2
el1 = el["data"][list(el["data"].keys())[0]]
el2 = el["data"][list(el["data"].keys())[1]]
if "value" in el1:
el1 = el1["value"]
el2 = el2["value"]
assert (el1["name"] == "one valid " +
type_element + " data" and el2["name"]
== "valid " + type_element + " data") or (
el2["name"] == "one valid " +
type_element + " data" and el1["name"]
== "valid " + type_element + " data")
assert el1["description"] == "description"
assert el2["description"] == "description"
case_tested = True
if policy["name"] == "test other policy":
if counter == 4:
assert len(get_elements) == 1
el = get_elements[0]
assert isinstance(el["data"], dict)
assert len(el["data"].keys()) == 1
el = el["data"][list(el["data"].keys())[0]]
if "value" in el:
el = el["value"]
assert el[
"name"] == "valid " + type_element + " data"
assert el["description"] == "new description"
case_tested = True
assert case_tested is True
def test_import_subject_object_action():
client = utilities.register_client()
type_elements = ["object", "action"]
for type_element in type_elements:
import_export_utilities.clean_all(client)
counter = -1
# set the getters and the comparison values
if type_element == "subject":
elements = SUBJECTS
clean_method = import_export_utilities.clean_subjects
name = "testuser"
key_extra = "email"
value_extra = "*****@*****.**"
elif type_element == "object":
elements = OBJECTS
clean_method = import_export_utilities.clean_objects
name = "test object"
key_extra = "test"
value_extra = "test extra"
else:
elements = ACTIONS
clean_method = import_export_utilities.clean_actions
name = "test action"
key_extra = "test"
value_extra = "test extra"
for element in elements:
counter = counter + 1
if counter == 2 or counter == 4:
clean_method(client)
if counter == 3:
req = client.patch(
"/{}s/{}".format(type_element, perimeter_id),
content_type='application/json',
data=json.dumps(element["{}s".format(type_element)][0]))
else:
req = client.post("/import",
content_type='application/json',
data=json.dumps(element))
if counter < 2:
assert req.status_code == 500
continue
try:
data = utilities.get_json(req.data)
except Exception as e:
assert False
#assert counter < 2 # this is an expected failure
#continue
if counter != 3:
assert data == "Import ok !"
get_elements = utilities.get_json(
client.get("/" + type_element + "s").data)
get_elements = get_elements[type_element + "s"]
perimeter_id = list(get_elements.keys())[0]
assert len(list(get_elements.keys())) == 1
values = list(get_elements.values())
assert values[0]["name"] == name
if counter == 2 or counter == 4:
assert values[0][
"description"] == "description of the " + type_element
#assert not values[0]["extra"]
if counter == 3:
assert values[0][
"description"] == "new description of the " + type_element
assert values[0]["extra"][key_extra] == value_extra
# assert len(values[0]["policy_list"]) == 1
import_export_utilities.clean_all(client)