def test_23_priorities_equal_actions(self):
# create two policies with the same action values
set_policy(name="email1",
scope=SCOPE.AUTH,
action="emailtext='text 1'",
priority=1)
set_policy(name="email2",
scope=SCOPE.AUTH,
action="emailtext='text 1'",
priority=1)
# this reduces the action values to unique values
P = PolicyClass()
self.assertEqual(
P.get_action_values(scope=SCOPE.AUTH, action="emailtext"),
["text 1"])
# this is allowed if the policies agree
self.assertEqual(
P.get_action_values(scope=SCOPE.AUTH,
action="emailtext",
unique=True), ["text 1"])
set_policy(name="email2", action="emailtext='text 2'")
P.reload_from_db()
with self.assertRaises(PolicyError):
P.get_action_values(scope=SCOPE.AUTH,
action="emailtext",
unique=True)
delete_policy("email1")
delete_policy("email2")
def test_23_priorities(self):
# create three policies with three different texts and different priorities
set_policy(name="email1",
scope=SCOPE.AUTH,
action="emailtext=text 1",
priority=4)
set_policy(name="email2",
scope=SCOPE.AUTH,
action="emailtext=text 2",
priority=1)
set_policy(name="email3",
scope=SCOPE.AUTH,
action="emailtext=text 3",
priority=77)
# this chooses email2, because it has the highest priority
P = PolicyClass()
self.assertEqual(
P.get_action_values(action="emailtext",
scope=SCOPE.AUTH,
unique=True,
allow_white_space_in_action=True), ["text 2"])
delete_policy("email2")
P.reload_from_db()
# with email2 gone, this chooses email1
self.assertEqual(
P.get_action_values(action="emailtext",
scope=SCOPE.AUTH,
unique=True,
allow_white_space_in_action=True), ["text 1"])
# if we now add another policy with priority 77, we get no conflict
# because email1 is chosen
set_policy(name="email4",
scope=SCOPE.AUTH,
action="emailtext=text 4",
priority=77)
P.reload_from_db()
self.assertEqual(
P.get_action_values(action="emailtext",
scope=SCOPE.AUTH,
unique=True,
allow_white_space_in_action=True), ["text 1"])
# but we get a conflict if we change the priority of email4 to 4
set_policy(name="email4",
scope=SCOPE.AUTH,
action="emailtext=text 4",
priority=4)
P.reload_from_db()
with self.assertRaises(PolicyError) as cm:
P.get_action_values(action="emailtext",
scope=SCOPE.AUTH,
unique=True,
allow_white_space_in_action=True)
self.assertIn("policies with conflicting actions", str(cm.exception))
pols = P.get_policies(action="emailtext", scope=SCOPE.AUTH)
self.assertEqual(len(pols), 3)
with self.assertRaises(PolicyError) as cm:
P.check_for_conflicts(pols, "emailtext")
P.check_for_conflicts([], "emailtext")
P.check_for_conflicts([pols[0]], "emailtext")
# we can also change the priority
set_policy(name="email4", priority=3)
P.reload_from_db()
self.assertEqual(
P.get_action_values(action="emailtext",
scope=SCOPE.AUTH,
unique=True,
allow_white_space_in_action=True), ["text 4"])
# now we have
# email1, priority=4
# email3, priority=77
# email4, priority=3
# export, delete all, re-import
exported = export_policies(P.get_policies())
self.assertIn("priority = 4", exported)
self.assertIn("priority = 77", exported)
delete_all_policies()
import_policies(exported)
pols = P.get_policies(action="emailtext", scope=SCOPE.AUTH)
self.assertEqual(len(pols), 3)
# this sorts by priority
self.assertEqual([p['name'] for p in pols],
['email4', 'email1', 'email3'])
# priority must be at least 1
with self.assertRaises(ParameterError):
set_policy(name="email4", scope=SCOPE.AUTH, priority=0)
with self.assertRaises(ParameterError):
set_policy(name="email4", scope=SCOPE.AUTH, priority=-5)
delete_policy("email1")
delete_policy("email3")
delete_policy("email4")
