def setUp(self):
"""Set up."""
self.fake_timestamp = '12345'
self.org789 = Organization('778899', display_name='My org')
self.project1 = Project('my-project-1',
12345,
display_name='My project 1',
parent=self.org789)
self.project2 = Project('my-project-2',
12346,
display_name='My project 2')
self.folder1 = folder.Folder('333',
display_name='Folder 1',
parent=self.org789)
self.project3 = Project('my-project-3',
12347,
display_name='My project 3',
parent=self.folder1)
# patch the organization resource relation dao
self.patcher = mock.patch(
'google.cloud.security.common.data_access.org_resource_rel_dao.OrgResourceRelDao'
)
self.mock_org_rel_dao = self.patcher.start()
self.mock_org_rel_dao.return_value = None
def setUp(self):
"""Set up."""
self.maxDiff = None
self.fake_timestamp = '12345'
self.org789 = Organization('778899', display_name='My org')
self.project1 = Project('my-project-1',
12345,
display_name='My project 1',
parent=self.org789)
self.project2 = Project('my-project-2',
12346,
display_name='My project 2')
# patch the daos
self.org_patcher = mock.patch(
'google.cloud.security.common.data_access.'
'org_resource_rel_dao.OrgResourceRelDao')
self.mock_org_rel_dao = self.org_patcher.start()
self.mock_org_rel_dao.return_value = None
self.project_patcher = mock.patch(
'google.cloud.security.common.data_access.'
'project_dao.ProjectDao')
self.mock_project_dao = self.project_patcher.start()
self.mock_project_dao.return_value = None
def test_project_in_folder_returns_folder_ancestor(self):
"""Test whether the ancestry includes the folder, for a project."""
folder = Folder('folder-1', folder_name='My folder name')
project = Project('my-project-id', 333,
project_name='My project',
parent=folder)
expected = [folder]
actual = [a for a in project.get_ancestors(include_self=False)]
self.assertEqual(expected, actual)
def test_create_resource_is_ok(self):
"""Test the ResourceUtil.create_resource() creates the types."""
expect_org = Organization(12345, 'Org a')
actual_org = ResourceUtil.create_resource(12345, 'Org a')
self.assertEqual(expect_org, actual_org)
expect_proj = Project('abcd', 'Proj a')
actual_proj = ResourceUtil.create_resource('abcd', 'Proj a')
self.assertEqual(expect_proj, expect_proj)
def test_org_notequals_project_is_true(self):
"""Test inequality of an Organization to a Project."""
id_1 = 'my-project-1'
number_1 = 1234567890
name_1 = 'My project 1'
project = Project(id_1, number_1, project_name=name_1)
id_2 = '1234567890'
name_2 = 'My org 1'
org = Organization(id_2, org_name=name_2)
self.assertTrue(project != org)
def test_org_notequals_project(self):
"""Test that an Organization != Project."""
proj_id = 'my-project-1'
proj_num = 1234567890
proj_name = 'My project 1'
project1 = Project(proj_id, proj_num, display_name=proj_name)
folder_id = '88888'
folder_name = 'My folder'
folder1 = folder.Folder(folder_id, display_name=folder_name)
org_id = '1234567890'
org_name = 'My org 1'
org1 = Organization(org_id, display_name=org_name)
self.assertTrue(org1 != project1)
self.assertTrue(org1 != folder1)
def setUp(self):
"""Set up."""
self.project1 = Project('my-project-1',
12345,
project_name='My project 1')
self.project2 = Project('my-project-2',
12346,
project_name='My project 2')
self.org789 = Organization('778899', org_name='My org')
self.RULES1 = {
'rules': [{
'name':
'my rule',
'mode':
'whitelist',
'resource': [{
'type': 'organization',
'applies_to': 'self_and_children',
'resource_ids': ['778899']
}, {
'type': 'project',
'applies_to': 'self',
'resource_ids': [
'my-project-1',
'my-project-2',
]
}],
'inherit_from_parent':
False,
'bindings': [{
'role': 'roles/*',
'members': ['user:*@company.com']
}]
}]
}
self.RULES2 = {
'rules': [{
'name':
'my rule',
'mode':
'whitelist',
'resource': [{
'type': 'organization',
'applies_to': 'self_and_children',
'resource_ids': ['778899']
}, {
'type': 'project',
'applies_to': 'self',
'resource_ids': [
'my-project-1',
'my-project-2',
]
}],
'inherit_from_parent':
False,
'bindings': [{
'role': 'roles/*',
'members': ['user:*@company.com']
}]
}, {
'name':
'my other rule',
'mode':
'blacklist',
'resource': [{
'type': 'project',
'applies_to': 'self',
'resource_ids': [
'my-project-2',
]
}],
'inherit_from_parent':
False,
'bindings': [{
'role': 'roles/*',
'members': ['user:[email protected]']
}]
}, {
'name':
'required rule',
'mode':
'required',
'resource': [{
'type': 'project',
'applies_to': 'self',
'resource_ids': [
'my-project-1',
]
}],
'inherit_from_parent':
False,
'bindings': [{
'role': 'roles/viewer',
'members': ['user:[email protected]']
}]
}]
}
self.RULES3 = {
'rules': [{
'name':
'my whitelist rule',
'mode':
'whitelist',
'resource': [{
'type': 'organization',
'applies_to': 'self_and_children',
'resource_ids': ['778899']
}, {
'type': 'project',
'applies_to': 'self',
'resource_ids': [
'my-project-1',
'my-project-2',
]
}],
'inherit_from_parent':
False,
'bindings': [{
'role': 'roles/*',
'members': ['user:*@company.com']
}]
}, {
'name':
'my blacklist rule',
'mode':
'blacklist',
'resource': [{
'type': 'organization',
'applies_to': 'self_and_children',
'resource_ids': ['778899']
}],
'inherit_from_parent':
False,
'bindings': [{
'role': 'roles/*',
'members': ['user:[email protected]']
}]
}, {
'name':
'my required rule',
'mode':
'required',
'resource': [{
'type': 'project',
'applies_to': 'self',
'resource_ids': [
'my-project-1',
]
}],
'inherit_from_parent':
False,
'bindings': [{
'role': 'roles/viewer',
'members': ['user:[email protected]']
}]
}]
}
