示例#1
0
    def test_policies_loads(self):
        action = 'identity:list_projects'
        target = {
            'user_id': uuid.uuid4().hex,
            'user.domain_id': uuid.uuid4().hex,
            'group.domain_id': uuid.uuid4().hex,
            'project.domain_id': uuid.uuid4().hex,
            'project_id': uuid.uuid4().hex,
            'domain_id': uuid.uuid4().hex
        }
        credentials = {
            'username': uuid.uuid4().hex,
            'token': uuid.uuid4().hex,
            'project_name': None,
            'user_id': uuid.uuid4().hex,
            'roles': [u'admin'],
            'is_admin': True,
            'is_admin_project': True,
            'project_id': None,
            'domain_id': uuid.uuid4().hex
        }

        # Since we are moving policy.json defaults to code, we instead call
        # `policy.init()` which does the enforce setup for us with the added
        # bonus of registering the in code default policies.
        policy.init()
        result = policy._ENFORCER.enforce(action, target, credentials)
        self.assertTrue(result)

        domain_policy = unit.dirs.etc('policy.v3cloudsample.json')
        enforcer = common_policy.Enforcer(CONF, policy_file=domain_policy)
        result = enforcer.enforce(action, target, credentials)
        self.assertTrue(result)
示例#2
0
 def setUp(self):
     super(Policy, self).setUp()
     opts.set_defaults(self._config_fixture.conf)
     self._config_fixture.config(group='oslo_policy',
                                 policy_file=self._policy_file)
     policy.init()
     self.addCleanup(policy.reset)
示例#3
0
 def setUp(self):
     super(Policy, self).setUp()
     opts.set_defaults(self._config_fixture.conf)
     self._config_fixture.config(group='oslo_policy',
                                 policy_file=self._policy_file)
     policy.init()
     self.addCleanup(policy.reset)
示例#4
0
    def test_policies_loads(self):
        action = 'identity:list_projects'
        target = {'user_id': uuid.uuid4().hex,
                  'user.domain_id': uuid.uuid4().hex,
                  'group.domain_id': uuid.uuid4().hex,
                  'project.domain_id': uuid.uuid4().hex,
                  'project_id': uuid.uuid4().hex,
                  'domain_id': uuid.uuid4().hex}
        credentials = {'username': uuid.uuid4().hex, 'token': uuid.uuid4().hex,
                       'project_name': None, 'user_id': uuid.uuid4().hex,
                       'roles': [u'admin'], 'is_admin': True,
                       'is_admin_project': True, 'project_id': None,
                       'domain_id': uuid.uuid4().hex}

        # Since we are moving policy.json defaults to code, we instead call
        # `policy.init()` which does the enforce setup for us with the added
        # bonus of registering the in code default policies.
        policy.init()
        result = policy._ENFORCER.enforce(action, target, credentials)
        self.assertTrue(result)

        domain_policy = unit.dirs.etc('policy.v3cloudsample.json')
        enforcer = common_policy.Enforcer(CONF, policy_file=domain_policy)
        result = enforcer.enforce(action, target, credentials)
        self.assertTrue(result)
示例#5
0
 def setUp(self):
     super(PolicyScopeTypesEnforcementTestCase, self).setUp()
     policy.init()
     rule = common_policy.RuleDefault(name='foo',
                                      check_str='',
                                      scope_types=['system'])
     policy._ENFORCER.register_default(rule)
     self.credentials = {}
     self.action = 'foo'
     self.target = {}
示例#6
0
 def setUp(self):
     super(PolicyScopeTypesEnforcementTestCase, self).setUp()
     policy.init()
     rule = common_policy.RuleDefault(
         name='foo',
         check_str='',
         scope_types=['system']
     )
     policy._ENFORCER.register_default(rule)
     self.credentials = {}
     self.action = 'foo'
     self.target = {}