def test_policies_loads(self):
action = 'identity:list_projects'
target = {
'user_id': uuid.uuid4().hex,
'user.domain_id': uuid.uuid4().hex,
'group.domain_id': uuid.uuid4().hex,
'project.domain_id': uuid.uuid4().hex,
'project_id': uuid.uuid4().hex,
'domain_id': uuid.uuid4().hex
}
credentials = {
'username': uuid.uuid4().hex,
'token': uuid.uuid4().hex,
'project_name': None,
'user_id': uuid.uuid4().hex,
'roles': [u'admin'],
'is_admin': True,
'is_admin_project': True,
'project_id': None,
'domain_id': uuid.uuid4().hex
}
# Since we are moving policy.json defaults to code, we instead call
# `policy.init()` which does the enforce setup for us with the added
# bonus of registering the in code default policies.
policy.init()
result = policy._ENFORCER.enforce(action, target, credentials)
self.assertTrue(result)
domain_policy = unit.dirs.etc('policy.v3cloudsample.json')
enforcer = common_policy.Enforcer(CONF, policy_file=domain_policy)
result = enforcer.enforce(action, target, credentials)
self.assertTrue(result)
def setUp(self):
super(Policy, self).setUp()
opts.set_defaults(self._config_fixture.conf)
self._config_fixture.config(group='oslo_policy',
policy_file=self._policy_file)
policy.init()
self.addCleanup(policy.reset)
def setUp(self):
super(Policy, self).setUp()
opts.set_defaults(self._config_fixture.conf)
self._config_fixture.config(group='oslo_policy',
policy_file=self._policy_file)
policy.init()
self.addCleanup(policy.reset)
def test_policies_loads(self):
action = 'identity:list_projects'
target = {'user_id': uuid.uuid4().hex,
'user.domain_id': uuid.uuid4().hex,
'group.domain_id': uuid.uuid4().hex,
'project.domain_id': uuid.uuid4().hex,
'project_id': uuid.uuid4().hex,
'domain_id': uuid.uuid4().hex}
credentials = {'username': uuid.uuid4().hex, 'token': uuid.uuid4().hex,
'project_name': None, 'user_id': uuid.uuid4().hex,
'roles': [u'admin'], 'is_admin': True,
'is_admin_project': True, 'project_id': None,
'domain_id': uuid.uuid4().hex}
# Since we are moving policy.json defaults to code, we instead call
# `policy.init()` which does the enforce setup for us with the added
# bonus of registering the in code default policies.
policy.init()
result = policy._ENFORCER.enforce(action, target, credentials)
self.assertTrue(result)
domain_policy = unit.dirs.etc('policy.v3cloudsample.json')
enforcer = common_policy.Enforcer(CONF, policy_file=domain_policy)
result = enforcer.enforce(action, target, credentials)
self.assertTrue(result)
def setUp(self):
super(PolicyScopeTypesEnforcementTestCase, self).setUp()
policy.init()
rule = common_policy.RuleDefault(name='foo',
check_str='',
scope_types=['system'])
policy._ENFORCER.register_default(rule)
self.credentials = {}
self.action = 'foo'
self.target = {}
def setUp(self):
super(PolicyScopeTypesEnforcementTestCase, self).setUp()
policy.init()
rule = common_policy.RuleDefault(
name='foo',
check_str='',
scope_types=['system']
)
policy._ENFORCER.register_default(rule)
self.credentials = {}
self.action = 'foo'
self.target = {}