def test_add_subjects_multiple_times(db):
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
subject_category_name="subject_category1",
object_category_name="object_category1",
action_category_name="action_category1",
meta_rule_name="meta_rule_1",
model_name="model1")
value = {
"name": "testuser",
"description": "test",
}
subject = data_helper.add_subject(policy_id=policy_id, value=value)
subject_id = list(subject.keys())[0]
perimeter_id = subject[subject_id].get('id')
assert subject
value = {
"name": "testuser",
"description": "test",
}
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
subject_category_name="subject_category2",
object_category_name="object_category2",
action_category_name="action_category2",
meta_rule_name="meta_rule_2",
model_name="model2")
subject = data_helper.add_subject(policy_id=policy_id, perimeter_id=perimeter_id, value=value)
assert subject
subject_id = list(subject.keys())[0]
assert len(subject[subject_id].get('policy_list')) == 2
def test_get_subjects_with_invalid_policy_id(db):
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
subject_category_name="subject_category1",
object_category_name="object_category1",
action_category_name="action_category1",
meta_rule_name="meta_rule_1")
value = {
"name": "testuser",
"description": "test",
}
data_helper.add_subject(policy_id=policy_id, value=value)
with pytest.raises(PolicyUnknown) as exception_info:
data_helper.get_subjects(policy_id="invalid")
assert str(exception_info.value) == '400: Policy Unknown'
def test_delete_policies_with_subject_perimeter(db):
policies = policy_helper.add_policies()
policy_id1 = list(policies.keys())[0]
value = {
"name": "testuser",
"security_pipeline": [policy_id1],
"keystone_project_id": "keystone_project_id1",
"description": "...",
}
data_helper.add_subject(policy_id=policy_id1, value=value)
with pytest.raises(DeletePolicyWithPerimeter) as exception_info:
policy_helper.delete_policies(policy_id1)
assert str(exception_info.value) == '400: Policy With Perimeter Error'
assert 'Cannot delete policy with perimeter'== exception_info.value.description
def test_get_subjects(db):
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
subject_category_name="subject_category1",
object_category_name="object_category1",
action_category_name="action_category1",
meta_rule_name="meta_rule_1")
value = {
"name": "testuser",
"description": "test",
}
data_helper.add_subject(policy_id=policy_id, value=value)
subjects = data_helper.get_subjects(policy_id=policy_id)
assert subjects
assert len(subjects) == 1
subject_id = list(subjects.keys())[0]
assert subjects[subject_id].get('policy_list')[0] == policy_id
def test_add_subject_with_same_policy_twice(db):
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
subject_category_name="subject_category1",
object_category_name="object_category1",
action_category_name="action_category1",
meta_rule_name="meta_rule_1")
value = {
"name": "testuser",
"description": "test",
}
subject = data_helper.add_subject(policy_id=policy_id, value=value)
assert subject
subject_id = list(subject.keys())[0]
assert len(subject[subject_id].get('policy_list')) == 1
with pytest.raises(PolicyExisting) as exception_info:
data_helper.add_subject(policy_id=policy_id, value=value)
assert str(exception_info.value) == '409: Policy Already Exists'
def test_delete_subject(db):
subject_category_id, object_category_id, action_category_id, meta_rule_id, policy_id = mock_data.create_new_policy(
subject_category_name="subject_category1",
object_category_name="object_category1",
action_category_name="action_category1",
meta_rule_name="meta_rule_1")
value = {
"name": "testuser",
"description": "test",
}
subject = data_helper.add_subject(policy_id=policy_id, value=value)
subject_id = list(subject.keys())[0]
data_helper.delete_subject(policy_id, subject_id)
subjects = data_helper.get_subjects(policy_id, )
assert not subjects