def test_fetch_rbac_not_disabled(self, monkeypatch):
"""Test RBAC fetch with not set url and not disabled"""
rbac_mng = RbacManager()
monkeypatch.setattr(rbac_mng, "rbac_url", None)
monkeypatch.setattr(manager.rbac_manager.CFG, "disable_rbac", False)
with pytest.raises(RbacException):
rbac_mng.fetch_permissions(0)
def test_fetch_rbac_unavailable(self, monkeypatch):
"""Test RBAC permission fetch with rbac not working"""
rbac_mng = RbacManager()
def _mock_get(*_, **__):
raise requests.exceptions.RequestException
monkeypatch.setattr(manager.rbac_manager.CFG, "disable_rbac", False)
monkeypatch.setattr(requests, "get", _mock_get)
with pytest.raises(RbacException):
rbac_mng.fetch_permissions(0)
def test_fetch_permissions(self, monkeypatch):
"""Test permission fetching and parsing"""
rbac_mng = RbacManager()
self._prepare_user_permissions(RBAC_RESPONSE, rbac_mng, monkeypatch)
perms = rbac_mng.fetch_permissions(0)
assert RBAC_PERM_VULN_RES in perms
assert RBAC_PERM_OPT_WRITE in perms
def test_fetch_rbac_disabled(self, monkeypatch):
"""Test RBAC fetch with not set url and disabled RBAC"""
rbac_mng = RbacManager()
monkeypatch.setattr(rbac_mng, "rbac_url", None)
monkeypatch.setattr(manager.rbac_manager.CFG, "disable_rbac", True)
perms = rbac_mng.fetch_permissions(0)
# if rbac does not have set URL and is disabled return vulnerability:*:*
assert perms == [
RbacPermission(RbacApp.VULNERABILITY, RbacResource.ANY,
RbacAction.ANY),
RbacPermission(RbacApp.INVENTORY, RbacResource.HOSTS,
RbacAction.READ)
]