def test_export_assignments(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(ASSIGNMENTS)) data = utilities.get_json(req.data) assert data == "Import ok !" req = client.get("/export") assert req.status_code == 200 data = utilities.get_json(req.data) assert "content" in data type_elements = ["subject", "object", "action"] for type_element in type_elements: key = type_element + "_assignments" assert key in data["content"] assert isinstance(data["content"][key], list) assert len(data["content"][key]) == 1 assignment_elt = data["content"][key][0] assert type_element in assignment_elt assert isinstance(assignment_elt[type_element], dict) if type_element == "subject": assert assignment_elt[type_element]["name"] == "testuser" else: assert assignment_elt[type_element]["name"] == "test " + type_element + " e0" assert "category" in assignment_elt assert isinstance(assignment_elt["category"], dict) assert assignment_elt["category"]["name"] == "test " + type_element + " categories" assert "assignments" in assignment_elt assert isinstance(assignment_elt["assignments"], list) assert len(assignment_elt["assignments"]) == 1 assert assignment_elt["assignments"][0]["name"] == "test " + type_element + " data" import_export_utilities.clean_all(client)
def test_export_subject_object_action(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(SUBJECTS_OBJECTS_ACTIONS)) data = utilities.get_json(req.data) assert data == "Import ok !" req = client.get("/export") assert req.status_code == 200 data = utilities.get_json(req.data) assert "content" in data type_elements = ["subject", "object", "action"] for type_element in type_elements: key = type_element + "s" assert key in data["content"] assert isinstance(data["content"][key], list) assert len(data["content"][key]) == 1 element = data["content"][key][0] if type_element == "subject": assert element["name"] == "testuser" else: assert element["name"] == "test "+ type_element assert element["description"] == "description of the " + type_element assert "policies" in element assert isinstance(element["policies"], list) assert len(element["policies"]) == 1 assert isinstance(element["policies"][0], dict) assert element["policies"][0]["name"] == "test policy" assert isinstance(element["extra"], dict) key_dict = "field_extra_" + type_element value_dict = "value extra " + type_element assert key_dict in element["extra"] assert element["extra"][key_dict] == value_dict
def test_import_meta_rules(): client = utilities.register_client() import_export_utilities.clean_all(client) # import some categories req = client.post("/import", content_type='application/json', data=json.dumps(PRE_META_RULES)) data = utilities.get_json(req.data) assert data == "Import ok !" counter = -1 for meta_rule in META_RULES: counter = counter + 1 req = client.post("/import", content_type='application/json', data=json.dumps(meta_rule)) if counter != 3: assert req.status_code == 500 continue else: data = utilities.get_json(req.data) assert data == "Import ok !" assert req.status_code == 200 req, meta_rules = test_meta_rules.get_meta_rules(client) meta_rules = meta_rules["meta_rules"] key = list(meta_rules.keys())[0] assert isinstance(meta_rules, dict) assert meta_rules[key]["name"] == "good meta rule" assert meta_rules[key]["description"] == "valid meta rule" assert len(meta_rules[key]["subject_categories"]) == 1 assert len(meta_rules[key]["object_categories"]) == 1 assert len(meta_rules[key]["action_categories"]) == 1 subject_category_key = meta_rules[key]["subject_categories"][0] object_category_key = meta_rules[key]["object_categories"][0] action_category_key = meta_rules[key]["action_categories"][0] req, sub_cat = test_categories.get_subject_categories(client) sub_cat = sub_cat["subject_categories"] assert sub_cat[subject_category_key][ "name"] == "test subject categories" req, ob_cat = test_categories.get_object_categories(client) ob_cat = ob_cat["object_categories"] assert ob_cat[object_category_key]["name"] == "test object categories" req, ac_cat = test_categories.get_action_categories(client) ac_cat = ac_cat["action_categories"] assert ac_cat[action_category_key]["name"] == "test action categories" import_export_utilities.clean_all(client)
def test_import_policies(): client = utilities.register_client() import_export_utilities.clean_all(client) counter = -1 for policy_description in POLICIES: counter = counter + 1 req = client.post("/import", content_type='application/json', data=json.dumps(policy_description)) try: data = utilities.get_json(req.data) assert data == "Import ok !" except Exception: assert counter == 2 # this is an expected failure continue req, policies = test_policies.get_policies(client) policies = policies["policies"] assert len(list(policies.keys())) == 1 values = list(policies.values()) assert values[0]["name"] == "test policy" if counter < 3: assert values[0]["genre"] == "authz" assert values[0]["description"] == "description" else: assert values[0]["genre"] == "not authz ?" assert values[0]["description"] == "changes taken into account" assert len(values[0]["model_id"]) > 0 import_export_utilities.clean_all(client)
def test_import_rules(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(PRE_ASSIGNMENTS)) data = utilities.get_json(req.data) assert data == "Import ok !" counter = -1 for rule in RULES: counter = counter + 1 req = client.post("/import", content_type='application/json', data=json.dumps(rule)) if counter < 5: assert req.status_code == 500 continue assert req.status_code == 200 req, rules = test_rules.test_get_rules() rules = rules["rules"] rules = rules["rules"] assert len(rules) == 1 rules = rules[0] assert rules["enabled"] assert rules["instructions"]["decision"] == "grant" req, meta_rules = test_meta_rules.get_meta_rules(client) assert meta_rules["meta_rules"][list( meta_rules["meta_rules"].keys())[0]]["name"] == "good meta rule"
def test_perimeter_update_object_description_and_name(): client = utilities.register_client() name = 'testuser' + uuid4().hex policies1 = policy_helper.add_policies() policy_id1 = list(policies1.keys())[0] data = { "name": name, "description": "description of {}".format('testuser'), } req, objects = add_objects(client, 'testuser', policyId=policy_id1, data=data) value1 = list(objects["objects"].values())[0] perimeter_id = value1['id'] data = { 'name': value1['name'] + "update", 'description': value1['description'] + "update" } req = client.patch("/objects/{}".format(perimeter_id), data=json.dumps(data), headers={'Content-Type': 'application/json'}) objects = utilities.get_json(req.data) value2 = list(objects["objects"].values())[0] assert req.status_code == 200 assert value1['name'] + 'update' == value2['name'] assert value1['id'] == value2['id'] assert value1['description'] + 'update' == value2['description']
def add_actions(client, name, policy_id=None, data=None, perimeter_id=None): if not policy_id: subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy( subject_category_name="subject_category1" + uuid4().hex, object_category_name="object_category1" + uuid4().hex, action_category_name="action_category1" + uuid4().hex, meta_rule_name="meta_rule_1" + uuid4().hex, model_name="model1" + uuid4().hex) if not data: data = { "name": name + uuid4().hex, "description": "description of {}".format(name), } if not perimeter_id: req = client.post("/policies/{}/actions/".format(policy_id), data=json.dumps(data), headers={'Content-Type': 'application/json'}) else: req = client.post("/policies/{}/actions/{}".format( policy_id, perimeter_id), data=json.dumps(data), headers={'Content-Type': 'application/json'}) actions = utilities.get_json(req.data) return req, actions
def get_actions(client): req = client.get("/actions") assert req.status_code == 200 actions = utilities.get_json(req.data) assert isinstance(actions, dict) assert "actions" in actions return actions
def test_import_subject_object_action_categories(): client = utilities.register_client() type_elements = ["subject", "object", "action"] for type_element in type_elements: import_export_utilities.clean_all(client) counter = -1 # set the getters and the comparison values if type_element == "subject": elements = SUBJECT_CATEGORIES get_method = test_categories.get_subject_categories elif type_element == "object": elements = OBJECT_CATEGORIES get_method = test_categories.get_object_categories else: elements = ACTION_CATEGORIES get_method = test_categories.get_action_categories for element in elements: req = client.post("/import", content_type='application/json', data=json.dumps(element)) counter = counter + 1 data = utilities.get_json(req.data) assert data == "Import ok !" req, get_elements = get_method(client) get_elements = get_elements[type_element + "_categories"] assert len(list(get_elements.keys())) == 1 values = list(get_elements.values()) assert values[0]["name"] == "test " + type_element + " categories" assert values[0][ "description"] == type_element + " category description"
def get_subjects(client): req = client.get("/subjects") assert req.status_code == 200 subjects = utilities.get_json(req.data) assert isinstance(subjects, dict) assert "subjects" in subjects return subjects
def test_update_policies_with_blank_model(): policy_name = "testuser" + uuid4().hex client = utilities.register_client() req = model_helper.add_model(model_id="mls_model_id" + uuid4().hex) model_id = list(req.keys())[0] data = { "name": policy_name, "description": "description of {}".format(policy_name), "model_id": model_id, "genre": "genre" } req = client.post("/policies/", data=json.dumps(data), headers={'Content-Type': 'application/json'}) policy_id = next(iter(utilities.get_json(req.data)['policies'])) data = { "name": policy_name, "description": "description of {}".format(policy_name), "model_id": "", "genre": "genre" } req = client.patch("/policies/{}".format(policy_id), data=json.dumps(data), headers={'Content-Type': 'application/json'}) assert req.status_code == 200
def get_objects(client): req = client.get("/objects") assert req.status_code == 200 objects = utilities.get_json(req.data) assert isinstance(objects, dict) assert "objects" in objects return objects
def update_meta_rules(client, name, metaRuleId, data=None): if not data: subject_category = category_helper.add_subject_category( value={ "name": "subject category name update" + uuid4().hex, "description": "description 1" }) subject_category_id = list(subject_category.keys())[0] object_category = category_helper.add_object_category( value={ "name": "object category name update" + uuid4().hex, "description": "description 1" }) object_category_id = list(object_category.keys())[0] action_category = category_helper.add_action_category( value={ "name": "action category name update" + uuid4().hex, "description": "description 1" }) action_category_id = list(action_category.keys())[0] data = { "name": name, "subject_categories": [subject_category_id], "object_categories": [object_category_id], "action_categories": [action_category_id] } req = client.patch("/meta_rules/{}".format(metaRuleId), data=json.dumps(data), headers={'Content-Type': 'application/json'}) meta_rules = utilities.get_json(req.data) return req, meta_rules
def add_object_categories(client, name): data = {"name": name, "description": "description of {}".format(name)} req = client.post("/object_categories", data=json.dumps(data), headers={'Content-Type': 'application/json'}) object_categories = utilities.get_json(req.data) return req, object_categories
def add_subject_assignment_without_cat_id(client): data = {"id": "subject_id", "category_id": "", "data_id": "data_id"} req = client.post("/policies/{}/subject_assignments".format("1111"), data=json.dumps(data), headers={'Content-Type': 'application/json'}) subject_assignment = utilities.get_json(req.data) return req, subject_assignment
def get_object_data(client, policy_id, category_id=None): if category_id is None: req = client.get("/policies/{}/object_data".format(policy_id)) else: req = client.get("/policies/{}/object_data/{}".format( policy_id, category_id)) object_data = utilities.get_json(req.data) return req, object_data
def add_models(client, name): data = { "name": name, "description": "description of {}".format(name), "meta_rules": ["meta_rule_id1", "meta_rule_id2"] } req = client.post("/models", data=json.dumps(data), headers={'Content-Type': 'application/json'}) models = utilities.get_json(req.data) return req, models
def test_export_subject_object_action_categories(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(SUBJECT_OBJECT_ACTION_CATEGORIES)) data = utilities.get_json(req.data) assert data == "Import ok !" req = client.get("/export") assert req.status_code == 200 data = utilities.get_json(req.data) assert "content" in data type_elements = ["subject", "object", "action"] for type_element in type_elements: key = type_element + "_categories" assert key in data["content"] assert isinstance(data["content"][key], list) assert len(data["content"][key]) == 1 category = data["content"][key][0] assert category["name"] == "test " + type_element + " categories" assert category["description"] == type_element + " category description"
def test_export_models(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(MODEL_WITHOUT_META_RULES)) data = utilities.get_json(req.data) assert data == "Import ok !" req = client.get("/export") assert req.status_code == 200 data = utilities.get_json(req.data) assert "content" in data assert "models" in data["content"] assert isinstance(data["content"]["models"], list) assert len(data["content"]["models"]) == 1 model = data["content"]["models"][0] assert model["name"] == "test model" assert model["description"] == "model description" assert isinstance(model["meta_rules"], list) assert len(model["meta_rules"]) == 0
def update_meta_rules_without_subject_category_ids(client, name): data = { "name": name, "subject_categories": [], "object_categories": ["object_category_id1"], "action_categories": ["action_category_id1"] } req = client.post("/meta_rules", data=json.dumps(data), headers={'Content-Type': 'application/json'}) meta_rules = utilities.get_json(req.data) return req, meta_rules
def update_model_without_meta_rules_ids(client, model_id): name = "model_id" + uuid4().hex data = { "name": name, "description": "description of {}".format(name), "meta_rules": [] } req = client.patch("/models/{}".format(model_id), data=json.dumps(data), headers={'Content-Type': 'application/json'}) models = utilities.get_json(req.data) return req, models
def add_policies(client, name): data = { "name": name, "description": "description of {}".format(name), "model_id": "modelId", "genre": "genre" } req = client.post("/policies", data=json.dumps(data), headers={'Content-Type': 'application/json'}) policies = utilities.get_json(req.data) return req, policies
def add_rules_without_rule(client, policy_id): data = { "meta_rule_id": "meta_rule_id1", "instructions": ({ "decision": "grant" }, ), "enabled": True } req = client.post("/policies/{}/rules".format(policy_id), data=json.dumps(data), headers={'Content-Type': 'application/json'}) rules = utilities.get_json(req.data) return req, rules
def test_update_policy_name_with_existed_one(): policy_name1 = "testuser" + uuid4().hex client = utilities.register_client() req = model_helper.add_model(model_id="mls_model_id" + uuid4().hex) model_id = list(req.keys())[0] data = { "name": policy_name1, "description": "description of {}".format(policy_name1), "model_id": model_id, "genre": "genre" } req = client.post("/policies/", data=json.dumps(data), headers={'Content-Type': 'application/json'}) policy_id1 = next(iter(utilities.get_json(req.data)['policies'])) policy_name2 = "testuser" + uuid4().hex client = utilities.register_client() req = model_helper.add_model(model_id="mls_model_id" + uuid4().hex) model_id = list(req.keys())[0] data = { "name": policy_name2, "description": "description of {}".format(policy_name2), "model_id": model_id, "genre": "genre" } req = client.post("/policies/", data=json.dumps(data), headers={'Content-Type': 'application/json'}) policy_id2 = next(iter(utilities.get_json(req.data)['policies'])) data = { "name": policy_name1, "description": "description of {}".format(policy_name1), "model_id": model_id, "genre": "genre" } req = client.patch("/policies/{}".format(policy_id2), data=json.dumps(data), headers={'Content-Type': 'application/json'}) assert req.status_code == 409 assert json.loads(req.data)["message"] == '409: Policy Already Exists'
def add_subject_data(client, name): subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = builder.create_new_policy( subject_category_name="subject_category1" + uuid4().hex, object_category_name="object_category1" + uuid4().hex, action_category_name="action_category1" + uuid4().hex, meta_rule_name="meta_rule_1" + uuid4().hex) data = {"name": name, "description": "description of {}".format(name)} req = client.post("/policies/{}/subject_data/{}".format( policy_id, subject_category_id), data=json.dumps(data), headers={'Content-Type': 'application/json'}) subject_data = utilities.get_json(req.data) return req, subject_data
def add_policies(client, name): req = model_helper.add_model(model_id="mls_model_id" + uuid4().hex) model_id = list(req.keys())[0] data = { "name": name, "description": "description of {}".format(name), "model_id": model_id, "genre": "genre" } req = client.post("/policies", data=json.dumps(data), headers={'Content-Type': 'application/json'}) policies = utilities.get_json(req.data) return req, policies
def test_update_policies_connected_to_rules_with_blank_model(): client = utilities.register_client() req, rules, policy_id = data_builder.add_rules(client) req = client.get("/policies") data = utilities.get_json(req.data) for policy_obj_id in data['policies']: if policy_obj_id == policy_id: policy = data['policies'][policy_obj_id] policy['model_id'] = '' req = client.patch("/policies/{}".format(policy_id), data=json.dumps(policy), headers={'Content-Type': 'application/json'}) assert req.status_code == 400 assert json.loads(req.data)["message"] == '400: Policy update error'
def test_export_rules(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(RULES)) data = utilities.get_json(req.data) assert data == "Import ok !" req = client.get("/export") assert req.status_code == 200 data = utilities.get_json(req.data) assert "content" in data assert "rules" in data["content"] assert isinstance(data["content"]["rules"], list) assert len(data["content"]["rules"]) == 1 rule = data["content"]["rules"][0] assert "instructions" in rule assert "decision" in rule["instructions"] assert rule["instructions"]["decision"] == "grant" assert "enabled" in rule assert rule["enabled"] assert "meta_rule" in rule assert rule["meta_rule"]["name"] == "meta rule" assert "policy" in rule assert rule["policy"]["name"] == "test policy" assert "rule" in rule rule = rule["rule"] assert "subject_data" in rule assert isinstance(rule["subject_data"], list) assert len(rule["subject_data"]) == 1 assert rule["subject_data"][0]["name"] == "test subject data" assert "object_data" in rule assert isinstance(rule["object_data"], list) assert len(rule["object_data"]) == 1 assert rule["object_data"][0]["name"] == "test object data" assert "action_data" in rule assert isinstance(rule["action_data"], list) assert len(rule["action_data"]) == 1 assert rule["action_data"][0]["name"] == "test action data"
def test_export_policies(): client = utilities.register_client() import_export_utilities.clean_all(client) req = client.post("/import", content_type='application/json', data=json.dumps(POLICIES)) data = utilities.get_json(req.data) assert data == "Import ok !" req = client.get("/export") assert req.status_code == 200 data = utilities.get_json(req.data) assert "content" in data assert "policies" in data["content"] assert isinstance(data["content"]["policies"], list) assert len(data["content"]["policies"]) == 1 policy = data["content"]["policies"][0] assert policy["name"] == "test policy" assert policy["genre"] == "authz" assert policy["description"] == "policy description" assert "model" in policy assert "name" in policy["model"] model = policy["model"] assert model["name"] == "test model"
def update_meta_rules(client, name, metaRuleId): data = { "name": name, "subject_categories": ["subject_category_id1_update", "subject_category_id2_update"], "object_categories": ["object_category_id1_update"], "action_categories": ["action_category_id1_update"] } req = client.patch("/meta_rules/{}".format(metaRuleId), data=json.dumps(data), headers={'Content-Type': 'application/json'}) meta_rules = utilities.get_json(req.data) return req, meta_rules