def test_update(self, st):
id = str(uuid.uuid4())
policy = Policy(id)
st.add(policy)
assert id == st.get(id).uid
assert None is st.get(id).description
assert () == st.get(id).actions or [] == st.get(id).actions
policy.description = 'foo'
policy.actions = ['a', 'b', 'c']
st.update(policy)
assert id == st.get(id).uid
assert 'foo' == st.get(id).description
assert ['a', 'b', 'c'] == st.get(id).actions
p = Policy(2, actions=[Any()], subjects=[Eq('max'), Eq('bob')])
st.add(p)
assert 2 == st.get(2).uid
p.actions = [Eq('get')]
st.update(p)
assert 1 == len(st.get(2).actions)
assert 'get' == st.get(2).actions[0].val
def test_update(self, st):
# SQL storage stores all uids as string
id = str(uuid.uuid4())
policy = Policy(id)
st.add(policy)
assert id == st.get(id).uid
assert None is st.get(id).description
assert [] == st.get(id).actions
policy.description = 'foo'
policy.actions = ['a', 'b', 'c']
st.update(policy)
assert id == st.get(id).uid
assert 'foo' == st.get(id).description
assert ['a', 'b', 'c'] == st.get(id).actions
p = Policy('2', actions=[Any()], subjects=[Eq('max'), Eq('bob')])
st.add(p)
assert '2' == st.get('2').uid
p.actions = [Eq('get')]
st.update(p)
assert 1 == len(st.get('2').actions)
assert 'get' == st.get('2').actions[0].val
def test_update(self, st):
id = str(uuid.uuid4())
policy = Policy(id)
st.add(policy)
assert id == st.get(id).uid
assert None is st.get(id).description
assert [] == st.get(id).actions
policy.description = 'foo'
policy.actions = ['a', 'b', 'c']
st.update(policy)
assert id == st.get(id).uid
assert 'foo' == st.get(id).description
assert ['a', 'b', 'c'] == st.get(id).actions
def test_update(st):
policy = Policy('1')
st.add(policy)
assert '1' == st.get('1').uid
assert None is st.get('1').description
policy.description = 'foo'
st.update(policy)
assert '1' == st.get('1').uid
assert 'foo' == st.get('1').description
p = Policy(2, actions=[Any()], subjects=[Eq('max'), Eq('bob')])
st.add(p)
assert 2 == st.get(2).uid
p.actions = [Eq('get')]
st.update(p)
assert 1 == len(st.get(2).actions)
assert 'get' == st.get(2).actions[0].val
def test_policy_type_on_attribute_change():
p = Policy(1,
actions=['<foo.bar>'],
resources=['asdf'],
subjects=['<qwerty>'])
assert TYPE_STRING_BASED == p.type
p.effect = ALLOW_ACCESS
assert TYPE_STRING_BASED == p.type
with pytest.raises(PolicyCreationError):
p.actions = [{'ip': CIDR('0.0.0.0')}]
assert TYPE_STRING_BASED == p.type
with pytest.raises(PolicyCreationError):
p.subjects = [{'ip': CIDR('0.0.0.0')}]
with pytest.raises(PolicyCreationError):
p.actions = [Any()]
assert TYPE_STRING_BASED == p.type
p.actions = ['<.*>']
assert TYPE_STRING_BASED == p.type
p.subjects = ['<.*>']
assert TYPE_STRING_BASED == p.type
p.type = TYPE_RULE_BASED # explicit assign doesn't help
assert TYPE_STRING_BASED == p.type
# testing the from the opposite direction
p = Policy(2,
actions=[Any()],
resources=[{
'book': Eq('UX Manual')
}],
subjects=[Eq('Sally'), Eq('Bob')])
assert TYPE_RULE_BASED == p.type
p.effect = ALLOW_ACCESS
assert TYPE_RULE_BASED == p.type
with pytest.raises(PolicyCreationError):
p.actions = ['<foo.bar>']
assert TYPE_RULE_BASED == p.type
with pytest.raises(PolicyCreationError):
p.subjects = ['<foo.bar>', 'baz']
with pytest.raises(PolicyCreationError):
p.actions = ['baz<.*>']
assert TYPE_RULE_BASED == p.type
p.actions = [Any()]
assert TYPE_RULE_BASED == p.type
p.subjects = [Any()]
assert TYPE_RULE_BASED == p.type
p.type = TYPE_STRING_BASED # explicit assign doesn't help
assert TYPE_RULE_BASED == p.type
