Exemplo n.º 1
0
    def setUp(self):
        super(PolicyTestCase, self).setUp()
        rules.reset()
        # NOTE(vish): preload rules to circumvent reloading from file
        rules.init()
        self.rules = {
            "true": [],
            "example:allowed": [],
            "example:denied": [["false:false"]],
            "example:get_http": [["http:http://www.example.com"]],
            "example:my_file": [["role:compute_admin"],
                                ["project_id:%(project_id)s"]],
            "example:early_and_fail": [["false:false", "rule:true"]],
            "example:early_or_success": [["rule:true"], ["false:false"]],
            "example:lowercase_admin": [["role:admin"], ["role:sysadmin"]],
            "example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]],
        }

        # NOTE(vish): then overload underlying policy engine
        self._set_rules()
        self.credentials = {}
        self.target = {}

        fixture = self.useFixture(moxstubout.MoxStubout())
        self.stubs = fixture.stubs
Exemplo n.º 2
0
    def setUp(self):
        super(PolicyTestCase, self).setUp()
        rules.reset()
        self.addCleanup(rules.reset)
        # NOTE(vish): preload rules to circumvent reloading from file
        rules.init()
        self.rules = {
            "true": [],
            "example:allowed": [],
            "example:denied": [["false:false"]],
            "example:get_http": [["http:http://www.example.com"]],
            "example:my_file": [["role:compute_admin"],
                                ["project_id:%(project_id)s"]],
            "example:early_and_fail": [["false:false", "rule:true"]],
            "example:early_or_success": [["rule:true"], ["false:false"]],
            "example:lowercase_admin": [["role:admin"], ["role:sysadmin"]],
            "example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]],
        }

        # NOTE(vish): then overload underlying policy engine
        self._set_rules()
        self.credentials = {}
        self.target = {}

        fixture = self.useFixture(moxstubout.MoxStubout())
        self.stubs = fixture.stubs
Exemplo n.º 3
0
 def setUp(self):
     super(Policy, self).setUp()
     opts.set_defaults(self._config_fixture.conf)
     self._config_fixture.config(group='oslo_policy',
                                 policy_file=self._policy_file)
     rules.init()
     self.addCleanup(rules.reset)
Exemplo n.º 4
0
    def setUp(self):
        super(DefaultPolicyTestCase, self).setUp()
        rules.reset()
        rules.init()

        self.rules = {"default": [], "example:exist": [["false:false"]]}
        self._set_rules("default")
        self.credentials = {}
Exemplo n.º 5
0
    def setUp(self):
        super(DefaultPolicyTestCase, self).setUp()
        rules.reset()
        rules.init()

        self.rules = {"default": [], "example:exist": [["false:false"]]}
        self._set_rules('default')
        self.credentials = {}
Exemplo n.º 6
0
    def setUp(self):
        super(DefaultPolicyTestCase, self).setUp()
        rules.reset()
        rules.init()

        self.rules = {"default": [], "example:exist": [["false:false"]]}
        self._set_rules('default')
        self.credentials = {}

        # FIXME(gyee): latest Oslo policy Enforcer class reloads the rules in
        # its enforce() method even though rules has been initialized via
        # set_rules(). To make it easier to do our tests, we're going to
        # monkeypatch load_roles() so it does nothing. This seem like a bug in
        # Oslo policy as we shoudn't have to reload the rules if they have
        # already been set using set_rules().
        self._old_load_rules = rules._ENFORCER.load_rules
        setattr(rules._ENFORCER, 'load_rules', lambda *args, **kwargs: None)
Exemplo n.º 7
0
    def setUp(self):
        super(DefaultPolicyTestCase, self).setUp()
        rules.reset()
        self.addCleanup(rules.reset)
        rules.init()

        self.rules = {"default": [], "example:exist": [["false:false"]]}
        self._set_rules("default")
        self.credentials = {}

        # FIXME(gyee): latest Oslo policy Enforcer class reloads the rules in
        # its enforce() method even though rules has been initialized via
        # set_rules(). To make it easier to do our tests, we're going to
        # monkeypatch load_roles() so it does nothing. This seem like a bug in
        # Oslo policy as we shoudn't have to reload the rules if they have
        # already been set using set_rules().
        self._old_load_rules = rules._ENFORCER.load_rules
        self.addCleanup(setattr, rules._ENFORCER, "load_rules", self._old_load_rules)
        setattr(rules._ENFORCER, "load_rules", lambda *args, **kwargs: None)
Exemplo n.º 8
0
 def setUp(self):
     super(PolicyTestCase, self).setUp()
     rules.reset()
     # NOTE(vish): preload rules to circumvent reloading from file
     rules.init()
     brain = {
         "true": [],
         "example:allowed": [],
         "example:denied": [["false:false"]],
         "example:get_http": [["http:http://www.example.com"]],
         "example:my_file": [["role:compute_admin"], ["project_id:%(project_id)s"]],
         "example:early_and_fail": [["false:false", "rule:true"]],
         "example:early_or_success": [["rule:true"], ["false:false"]],
         "example:lowercase_admin": [["role:admin"], ["role:sysadmin"]],
         "example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]],
     }
     # NOTE(vish): then overload underlying brain
     common_policy.set_brain(common_policy.HttpBrain(brain))
     self.credentials = {}
     self.target = {}
Exemplo n.º 9
0
 def setUp(self):
     super(PolicyTestCase, self).setUp()
     rules.reset()
     # NOTE(vish): preload rules to circumvent reloading from file
     rules.init()
     brain = {
         "true": [],
         "example:allowed": [],
         "example:denied": [["false:false"]],
         "example:get_http": [["http:http://www.example.com"]],
         "example:my_file": [["role:compute_admin"],
                             ["project_id:%(project_id)s"]],
         "example:early_and_fail": [["false:false", "rule:true"]],
         "example:early_or_success": [["rule:true"], ["false:false"]],
         "example:lowercase_admin": [["role:admin"], ["role:sysadmin"]],
         "example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]],
     }
     # NOTE(vish): then overload underlying brain
     common_policy.set_brain(common_policy.HttpBrain(brain))
     self.credentials = {}
     self.target = {}
Exemplo n.º 10
0
VENDOR = os.path.join(ROOTDIR, 'vendor')
ETCDIR = os.path.join(ROOTDIR, 'etc')


def _calc_tmpdir():
    env_val = os.environ.get('KEYSTONE_TEST_TEMP_DIR')
    if not env_val:
        return os.path.join(TESTSDIR, 'tmp', PID)
    return os.path.join(env_val, PID)


TMPDIR = _calc_tmpdir()

CONF = cfg.CONF
log.register_options(CONF)
rules.init()

IN_MEM_DB_CONN_STRING = 'sqlite://'

exception._FATAL_EXCEPTION_FORMAT_ERRORS = True
os.makedirs(TMPDIR)
atexit.register(shutil.rmtree, TMPDIR)


class dirs(object):
    @staticmethod
    def root(*p):
        return os.path.join(ROOTDIR, *p)

    @staticmethod
    def etc(*p):
Exemplo n.º 11
0
VENDOR = os.path.join(ROOTDIR, 'vendor')
ETCDIR = os.path.join(ROOTDIR, 'etc')


def _calc_tmpdir():
    env_val = os.environ.get('KEYSTONE_TEST_TEMP_DIR')
    if not env_val:
        return os.path.join(TESTSDIR, 'tmp', PID)
    return os.path.join(env_val, PID)


TMPDIR = _calc_tmpdir()

CONF = cfg.CONF
log.register_options(CONF)
rules.init()

IN_MEM_DB_CONN_STRING = 'sqlite://'

TIME_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ'

exception._FATAL_EXCEPTION_FORMAT_ERRORS = True
os.makedirs(TMPDIR)
atexit.register(shutil.rmtree, TMPDIR)


class dirs(object):
    @staticmethod
    def root(*p):
        return os.path.join(ROOTDIR, *p)