def test_not_exist(self):
xml = """
<xml>
<role id="role-id"/>
</xml>
"""
self.assert_raises(
lib.AclRoleNotFound,
lambda: lib.find_role(etree.XML(xml), "role-id"),
{"role_id": "role-id"}
)
def test_success(self):
xml = """
<xml>
<acl_role id="role-id"/>
<role id="role-id"/>
</xml>
"""
assert_xml_equal(
'<acl_role id="role-id"/>',
etree.tostring(lib.find_role(etree.XML(xml), "role-id")).decode()
)
def assign_role_to_target(lib_env, role_id, target_id):
"""
Assign role with id role_id to target with id target_id.
Raises LibraryError on any failure.
lib_env -- LibraryEnvironment
role_id -- id of acl_role element which should be assigned to target
target_id -- id of acl_target element to which role should be assigned
"""
cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
try:
acl.assign_role(acl.find_target(cib, target_id),
acl.find_role(cib, role_id))
except acl.AclError as e:
raise LibraryError(acl.acl_error_to_report_item(e))
lib_env.push_cib(cib)
def assign_role_to_target(lib_env, role_id, target_id):
"""
Assign role with id role_id to target with id target_id.
Raises LibraryError on any failure.
lib_env -- LibraryEnvironment
role_id -- id of acl_role element which should be assigned to target
target_id -- id of acl_target element to which role should be assigned
"""
cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
try:
acl.assign_role(
acl.find_target(cib, target_id), acl.find_role(cib, role_id)
)
except acl.AclError as e:
raise LibraryError(acl.acl_error_to_report_item(e))
lib_env.push_cib(cib)
def _assign_roles_to_element(cib, element, role_id_list):
"""
Assign roles from role_id_list to element.
Raises LibraryError on any failure.
cib -- cib etree node
element -- element to which specified roles should be assigned
role_id_list -- list of role id
"""
report_list = []
for role_id in role_id_list:
try:
acl.assign_role(element, acl.find_role(cib, role_id))
except acl.AclError as e:
report_list.append(acl.acl_error_to_report_item(e))
if report_list:
raise LibraryError(*report_list)
def _assign_roles_to_element(cib, element, role_id_list):
"""
Assign roles from role_id_list to element.
Raises LibraryError on any failure.
cib -- cib etree node
element -- element to which specified roles should be assigned
role_id_list -- list of role id
"""
report_list = []
for role_id in role_id_list:
try:
acl.assign_role(element, acl.find_role(cib, role_id))
except acl.AclError as e:
report_list.append(acl.acl_error_to_report_item(e))
if report_list:
raise LibraryError(*report_list)
def assign_role_not_specific(lib_env, role_id, target_or_group_id):
"""
Assign role wth id role_id to target or group with id target_or_group_id.
Target element has bigger pririty so if there are target and group with same
id only target element will be affected by this function.
Raises LibraryError on any failure.
lib_env -- LibraryEnviroment
role_id -- id of role which should be assigne to target/group
target_or_group_id -- id of target/group element
"""
cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
try:
acl.assign_role(_get_target_or_group(cib, target_or_group_id),
acl.find_role(cib, role_id))
except acl.AclError as e:
raise LibraryError(acl.acl_error_to_report_item(e))
lib_env.push_cib(cib)
def assign_role_not_specific(lib_env, role_id, target_or_group_id):
"""
Assign role wth id role_id to target or group with id target_or_group_id.
Target element has bigger pririty so if there are target and group with same
id only target element will be affected by this function.
Raises LibraryError on any failure.
lib_env -- LibraryEnviroment
role_id -- id of role which should be assigne to target/group
target_or_group_id -- id of target/group element
"""
cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
try:
acl.assign_role(
_get_target_or_group(cib, target_or_group_id),
acl.find_role(cib, role_id)
)
except acl.AclError as e:
raise LibraryError(acl.acl_error_to_report_item(e))
lib_env.push_cib(cib)