def setUp(self): super(PolicyTestCase, self).setUp() rules.reset() # NOTE(vish): preload rules to circumvent reloading from file rules.init() self.rules = { "true": [], "example:allowed": [], "example:denied": [["false:false"]], "example:get_http": [["http:http://www.example.com"]], "example:my_file": [["role:compute_admin"], ["project_id:%(project_id)s"]], "example:early_and_fail": [["false:false", "rule:true"]], "example:early_or_success": [["rule:true"], ["false:false"]], "example:lowercase_admin": [["role:admin"], ["role:sysadmin"]], "example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]], } # NOTE(vish): then overload underlying policy engine self._set_rules() self.credentials = {} self.target = {} fixture = self.useFixture(moxstubout.MoxStubout()) self.stubs = fixture.stubs
def setUp(self): super(PolicyTestCase, self).setUp() rules.reset() self.addCleanup(rules.reset) # NOTE(vish): preload rules to circumvent reloading from file rules.init() self.rules = { "true": [], "example:allowed": [], "example:denied": [["false:false"]], "example:get_http": [["http:http://www.example.com"]], "example:my_file": [["role:compute_admin"], ["project_id:%(project_id)s"]], "example:early_and_fail": [["false:false", "rule:true"]], "example:early_or_success": [["rule:true"], ["false:false"]], "example:lowercase_admin": [["role:admin"], ["role:sysadmin"]], "example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]], } # NOTE(vish): then overload underlying policy engine self._set_rules() self.credentials = {} self.target = {} fixture = self.useFixture(moxstubout.MoxStubout()) self.stubs = fixture.stubs
def setUp(self): super(Policy, self).setUp() opts.set_defaults(self._config_fixture.conf) self._config_fixture.config(group='oslo_policy', policy_file=self._policy_file) rules.init() self.addCleanup(rules.reset)
def setUp(self): super(DefaultPolicyTestCase, self).setUp() rules.reset() rules.init() self.rules = {"default": [], "example:exist": [["false:false"]]} self._set_rules("default") self.credentials = {}
def setUp(self): super(DefaultPolicyTestCase, self).setUp() rules.reset() rules.init() self.rules = {"default": [], "example:exist": [["false:false"]]} self._set_rules('default') self.credentials = {}
def setUp(self): super(DefaultPolicyTestCase, self).setUp() rules.reset() rules.init() self.rules = {"default": [], "example:exist": [["false:false"]]} self._set_rules('default') self.credentials = {} # FIXME(gyee): latest Oslo policy Enforcer class reloads the rules in # its enforce() method even though rules has been initialized via # set_rules(). To make it easier to do our tests, we're going to # monkeypatch load_roles() so it does nothing. This seem like a bug in # Oslo policy as we shoudn't have to reload the rules if they have # already been set using set_rules(). self._old_load_rules = rules._ENFORCER.load_rules setattr(rules._ENFORCER, 'load_rules', lambda *args, **kwargs: None)
def setUp(self): super(DefaultPolicyTestCase, self).setUp() rules.reset() self.addCleanup(rules.reset) rules.init() self.rules = {"default": [], "example:exist": [["false:false"]]} self._set_rules("default") self.credentials = {} # FIXME(gyee): latest Oslo policy Enforcer class reloads the rules in # its enforce() method even though rules has been initialized via # set_rules(). To make it easier to do our tests, we're going to # monkeypatch load_roles() so it does nothing. This seem like a bug in # Oslo policy as we shoudn't have to reload the rules if they have # already been set using set_rules(). self._old_load_rules = rules._ENFORCER.load_rules self.addCleanup(setattr, rules._ENFORCER, "load_rules", self._old_load_rules) setattr(rules._ENFORCER, "load_rules", lambda *args, **kwargs: None)
def setUp(self): super(PolicyTestCase, self).setUp() rules.reset() # NOTE(vish): preload rules to circumvent reloading from file rules.init() brain = { "true": [], "example:allowed": [], "example:denied": [["false:false"]], "example:get_http": [["http:http://www.example.com"]], "example:my_file": [["role:compute_admin"], ["project_id:%(project_id)s"]], "example:early_and_fail": [["false:false", "rule:true"]], "example:early_or_success": [["rule:true"], ["false:false"]], "example:lowercase_admin": [["role:admin"], ["role:sysadmin"]], "example:uppercase_admin": [["role:ADMIN"], ["role:sysadmin"]], } # NOTE(vish): then overload underlying brain common_policy.set_brain(common_policy.HttpBrain(brain)) self.credentials = {} self.target = {}
VENDOR = os.path.join(ROOTDIR, 'vendor') ETCDIR = os.path.join(ROOTDIR, 'etc') def _calc_tmpdir(): env_val = os.environ.get('KEYSTONE_TEST_TEMP_DIR') if not env_val: return os.path.join(TESTSDIR, 'tmp', PID) return os.path.join(env_val, PID) TMPDIR = _calc_tmpdir() CONF = cfg.CONF log.register_options(CONF) rules.init() IN_MEM_DB_CONN_STRING = 'sqlite://' exception._FATAL_EXCEPTION_FORMAT_ERRORS = True os.makedirs(TMPDIR) atexit.register(shutil.rmtree, TMPDIR) class dirs(object): @staticmethod def root(*p): return os.path.join(ROOTDIR, *p) @staticmethod def etc(*p):
VENDOR = os.path.join(ROOTDIR, 'vendor') ETCDIR = os.path.join(ROOTDIR, 'etc') def _calc_tmpdir(): env_val = os.environ.get('KEYSTONE_TEST_TEMP_DIR') if not env_val: return os.path.join(TESTSDIR, 'tmp', PID) return os.path.join(env_val, PID) TMPDIR = _calc_tmpdir() CONF = cfg.CONF log.register_options(CONF) rules.init() IN_MEM_DB_CONN_STRING = 'sqlite://' TIME_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ' exception._FATAL_EXCEPTION_FORMAT_ERRORS = True os.makedirs(TMPDIR) atexit.register(shutil.rmtree, TMPDIR) class dirs(object): @staticmethod def root(*p): return os.path.join(ROOTDIR, *p)