def setUp(self):
super(PolicyTestCase, self).setUp()
rules.reset()
# NOTE(vish): preload rules to circumvent reloading from file
rules.init()
self.rules = {
"true": [],
"example:allowed": [],
"example:denied": [["false:false"]],
"example:get_http": [["http:http://www.example.com"]],
"example:my_file": [["role:compute_admin"],
["project_id:%(project_id)s"]],
"example:early_and_fail": [["false:false", "rule:true"]],
"example:early_or_success": [["rule:true"], ["false:false"]],
"example:lowercase_admin": [["role:admin"], ["role:sysadmin"]],
"example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]],
}
# NOTE(vish): then overload underlying policy engine
self._set_rules()
self.credentials = {}
self.target = {}
fixture = self.useFixture(moxstubout.MoxStubout())
self.stubs = fixture.stubs
def setUp(self):
super(PolicyTestCase, self).setUp()
rules.reset()
self.addCleanup(rules.reset)
# NOTE(vish): preload rules to circumvent reloading from file
rules.init()
self.rules = {
"true": [],
"example:allowed": [],
"example:denied": [["false:false"]],
"example:get_http": [["http:http://www.example.com"]],
"example:my_file": [["role:compute_admin"],
["project_id:%(project_id)s"]],
"example:early_and_fail": [["false:false", "rule:true"]],
"example:early_or_success": [["rule:true"], ["false:false"]],
"example:lowercase_admin": [["role:admin"], ["role:sysadmin"]],
"example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]],
}
# NOTE(vish): then overload underlying policy engine
self._set_rules()
self.credentials = {}
self.target = {}
fixture = self.useFixture(moxstubout.MoxStubout())
self.stubs = fixture.stubs
def setUp(self):
super(Policy, self).setUp()
opts.set_defaults(self._config_fixture.conf)
self._config_fixture.config(group='oslo_policy',
policy_file=self._policy_file)
rules.init()
self.addCleanup(rules.reset)
def setUp(self):
super(DefaultPolicyTestCase, self).setUp()
rules.reset()
rules.init()
self.rules = {"default": [], "example:exist": [["false:false"]]}
self._set_rules("default")
self.credentials = {}
def setUp(self):
super(DefaultPolicyTestCase, self).setUp()
rules.reset()
rules.init()
self.rules = {"default": [], "example:exist": [["false:false"]]}
self._set_rules('default')
self.credentials = {}
def setUp(self):
super(DefaultPolicyTestCase, self).setUp()
rules.reset()
rules.init()
self.rules = {"default": [], "example:exist": [["false:false"]]}
self._set_rules('default')
self.credentials = {}
# FIXME(gyee): latest Oslo policy Enforcer class reloads the rules in
# its enforce() method even though rules has been initialized via
# set_rules(). To make it easier to do our tests, we're going to
# monkeypatch load_roles() so it does nothing. This seem like a bug in
# Oslo policy as we shoudn't have to reload the rules if they have
# already been set using set_rules().
self._old_load_rules = rules._ENFORCER.load_rules
setattr(rules._ENFORCER, 'load_rules', lambda *args, **kwargs: None)
def setUp(self):
super(DefaultPolicyTestCase, self).setUp()
rules.reset()
self.addCleanup(rules.reset)
rules.init()
self.rules = {"default": [], "example:exist": [["false:false"]]}
self._set_rules("default")
self.credentials = {}
# FIXME(gyee): latest Oslo policy Enforcer class reloads the rules in
# its enforce() method even though rules has been initialized via
# set_rules(). To make it easier to do our tests, we're going to
# monkeypatch load_roles() so it does nothing. This seem like a bug in
# Oslo policy as we shoudn't have to reload the rules if they have
# already been set using set_rules().
self._old_load_rules = rules._ENFORCER.load_rules
self.addCleanup(setattr, rules._ENFORCER, "load_rules", self._old_load_rules)
setattr(rules._ENFORCER, "load_rules", lambda *args, **kwargs: None)
def setUp(self):
super(PolicyTestCase, self).setUp()
rules.reset()
# NOTE(vish): preload rules to circumvent reloading from file
rules.init()
brain = {
"true": [],
"example:allowed": [],
"example:denied": [["false:false"]],
"example:get_http": [["http:http://www.example.com"]],
"example:my_file": [["role:compute_admin"], ["project_id:%(project_id)s"]],
"example:early_and_fail": [["false:false", "rule:true"]],
"example:early_or_success": [["rule:true"], ["false:false"]],
"example:lowercase_admin": [["role:admin"], ["role:sysadmin"]],
"example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]],
}
# NOTE(vish): then overload underlying brain
common_policy.set_brain(common_policy.HttpBrain(brain))
self.credentials = {}
self.target = {}
def setUp(self):
super(PolicyTestCase, self).setUp()
rules.reset()
# NOTE(vish): preload rules to circumvent reloading from file
rules.init()
brain = {
"true": [],
"example:allowed": [],
"example:denied": [["false:false"]],
"example:get_http": [["http:http://www.example.com"]],
"example:my_file": [["role:compute_admin"],
["project_id:%(project_id)s"]],
"example:early_and_fail": [["false:false", "rule:true"]],
"example:early_or_success": [["rule:true"], ["false:false"]],
"example:lowercase_admin": [["role:admin"], ["role:sysadmin"]],
"example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]],
}
# NOTE(vish): then overload underlying brain
common_policy.set_brain(common_policy.HttpBrain(brain))
self.credentials = {}
self.target = {}
VENDOR = os.path.join(ROOTDIR, 'vendor')
ETCDIR = os.path.join(ROOTDIR, 'etc')
def _calc_tmpdir():
env_val = os.environ.get('KEYSTONE_TEST_TEMP_DIR')
if not env_val:
return os.path.join(TESTSDIR, 'tmp', PID)
return os.path.join(env_val, PID)
TMPDIR = _calc_tmpdir()
CONF = cfg.CONF
log.register_options(CONF)
rules.init()
IN_MEM_DB_CONN_STRING = 'sqlite://'
exception._FATAL_EXCEPTION_FORMAT_ERRORS = True
os.makedirs(TMPDIR)
atexit.register(shutil.rmtree, TMPDIR)
class dirs(object):
@staticmethod
def root(*p):
return os.path.join(ROOTDIR, *p)
@staticmethod
def etc(*p):
VENDOR = os.path.join(ROOTDIR, 'vendor')
ETCDIR = os.path.join(ROOTDIR, 'etc')
def _calc_tmpdir():
env_val = os.environ.get('KEYSTONE_TEST_TEMP_DIR')
if not env_val:
return os.path.join(TESTSDIR, 'tmp', PID)
return os.path.join(env_val, PID)
TMPDIR = _calc_tmpdir()
CONF = cfg.CONF
log.register_options(CONF)
rules.init()
IN_MEM_DB_CONN_STRING = 'sqlite://'
TIME_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ'
exception._FATAL_EXCEPTION_FORMAT_ERRORS = True
os.makedirs(TMPDIR)
atexit.register(shutil.rmtree, TMPDIR)
class dirs(object):
@staticmethod
def root(*p):
return os.path.join(ROOTDIR, *p)