Aether-3397: roc-umbrella add new 2.1.0 models
Change-Id: I935fad4da414c074831ae681f3c51048f88989c0
diff --git a/aether-roc-umbrella/files/opa-rbac/aether-2.1.0.rego b/aether-roc-umbrella/files/opa-rbac/aether-2.1.0.rego
index d764f4a..c377dba 100644
--- a/aether-roc-umbrella/files/opa-rbac/aether-2.1.0.rego
+++ b/aether-roc-umbrella/files/opa-rbac/aether-2.1.0.rego
@@ -9,20 +9,36 @@
}
allowed[config] {
- enterprise := enterprise_rule
+ application := application_rule
+ site := site_rule
+ template := template_rule
+ traffic_class := traffic_class_rule
config := {
- "connectivity_services": object.get(input, "connectivity_services", {}),
- "enterprises": {
- "enterprise": [
- enterprise
- ]
- }
+ "application": application,
+ "site": site,
+ "template": template,
+ "traffic_class": traffic_class
}
}
-enterprise_rule[enterprise] {
- enterprise := input.enterprises.enterprise[_]
- ["AetherROCAdmin", enterprise.enterprise_id][_] == input.groups[i]
+application_rule[application] {
+ ["AetherROCAdmin", input.target][_] == input.groups[i]
+ application := input.application
+}
+
+site_rule[site] {
+ ["AetherROCAdmin", input.target][_] == input.groups[i]
+ site := input.site
+}
+
+template_rule[template] {
+ ["AetherROCAdmin", input.target][_] == input.groups[i]
+ template := input.template
+}
+
+traffic_class_rule[traffic_class] {
+ ["AetherROCAdmin", input.target][_] == input.groups[i]
+ traffic_class := input.traffic_class
}
can_update_enterprise = true {
diff --git a/aether-roc-umbrella/files/opa-rbac/test/aether-2.1.0-test-group-ent.json b/aether-roc-umbrella/files/opa-rbac/test/aether-2.1.0-test-group-ent.json
new file mode 100644
index 0000000..f57834f
--- /dev/null
+++ b/aether-roc-umbrella/files/opa-rbac/test/aether-2.1.0-test-group-ent.json
@@ -0,0 +1,46 @@
+{
+ "groups": [
+ "AetherROCAdmin"
+ ],
+ "target": "starbucks",
+ "site": [
+ {
+ "site_id": "site_1",
+ "display_name": "Site 1",
+ "small_cell": [
+ {
+ "small_cell_id": "sc_1_1",
+ "display_name": "SC 1_1"
+ },
+ {
+ "small_cell_id": "sc_1_2",
+ "display_name": "SC 1_2"
+ }
+ ]
+ },
+ {
+ "site_id": "site_2",
+ "display_name": "Site 2",
+ "small_cell": [
+ {
+ "small_cell_id": "sc_2_1",
+ "display_name": "SC 2_1"
+ },
+ {
+ "small_cell_id": "sc_2_2",
+ "display_name": "SC 2_2"
+ }
+ ]
+ }
+ ],
+ "template": [
+ {
+ "template_id": "template_1",
+ "display_name": "Template 1"
+ },
+ {
+ "template_id": "template_1",
+ "display_name": "Template 1"
+ }
+ ]
+}
diff --git a/aether-roc-umbrella/files/opa-rbac/test/aether-2.1.0-test-no-ent.json b/aether-roc-umbrella/files/opa-rbac/test/aether-2.1.0-test-no-ent.json
new file mode 100644
index 0000000..e3b5ca4
--- /dev/null
+++ b/aether-roc-umbrella/files/opa-rbac/test/aether-2.1.0-test-no-ent.json
@@ -0,0 +1,46 @@
+{
+ "groups": [
+ "mixedGroup"
+ ],
+ "target": "starbucks",
+ "site": [
+ {
+ "site_id": "site_1",
+ "display_name": "Site 1",
+ "small_cell": [
+ {
+ "small_cell_id": "sc_1_1",
+ "display_name": "SC 1_1"
+ },
+ {
+ "small_cell_id": "sc_1_2",
+ "display_name": "SC 1_2"
+ }
+ ]
+ },
+ {
+ "site_id": "site_2",
+ "display_name": "Site 2",
+ "small_cell": [
+ {
+ "small_cell_id": "sc_2_1",
+ "display_name": "SC 2_1"
+ },
+ {
+ "small_cell_id": "sc_2_2",
+ "display_name": "SC 2_2"
+ }
+ ]
+ }
+ ],
+ "template": [
+ {
+ "template_id": "template_1",
+ "display_name": "Template 1"
+ },
+ {
+ "template_id": "template_1",
+ "display_name": "Template 1"
+ }
+ ]
+}
diff --git a/aether-roc-umbrella/files/opa-rbac/test/aether-2.1.0-test-single-ent.json b/aether-roc-umbrella/files/opa-rbac/test/aether-2.1.0-test-single-ent.json
new file mode 100644
index 0000000..940f96c
--- /dev/null
+++ b/aether-roc-umbrella/files/opa-rbac/test/aether-2.1.0-test-single-ent.json
@@ -0,0 +1,46 @@
+{
+ "groups": [
+ "starbucks"
+ ],
+ "target": "starbucks",
+ "site": [
+ {
+ "site_id": "site_1",
+ "display_name": "Site 1",
+ "small_cell": [
+ {
+ "small_cell_id": "sc_1_1",
+ "display_name": "SC 1_1"
+ },
+ {
+ "small_cell_id": "sc_1_2",
+ "display_name": "SC 1_2"
+ }
+ ]
+ },
+ {
+ "site_id": "site_2",
+ "display_name": "Site 2",
+ "small_cell": [
+ {
+ "small_cell_id": "sc_2_1",
+ "display_name": "SC 2_1"
+ },
+ {
+ "small_cell_id": "sc_2_2",
+ "display_name": "SC 2_2"
+ }
+ ]
+ }
+ ],
+ "template": [
+ {
+ "template_id": "template_1",
+ "display_name": "Template 1"
+ },
+ {
+ "template_id": "template_1",
+ "display_name": "Template 1"
+ }
+ ]
+}
diff --git a/aether-roc-umbrella/files/opa-rbac/test/out/aether-2.1.0-test-group-ent.out b/aether-roc-umbrella/files/opa-rbac/test/out/aether-2.1.0-test-group-ent.out
new file mode 100644
index 0000000..4a617e4
--- /dev/null
+++ b/aether-roc-umbrella/files/opa-rbac/test/out/aether-2.1.0-test-group-ent.out
@@ -0,0 +1,50 @@
+[
+ {
+ "application": [],
+ "site": [
+ [
+ {
+ "display_name": "Site 1",
+ "site_id": "site_1",
+ "small_cell": [
+ {
+ "display_name": "SC 1_1",
+ "small_cell_id": "sc_1_1"
+ },
+ {
+ "display_name": "SC 1_2",
+ "small_cell_id": "sc_1_2"
+ }
+ ]
+ },
+ {
+ "display_name": "Site 2",
+ "site_id": "site_2",
+ "small_cell": [
+ {
+ "display_name": "SC 2_1",
+ "small_cell_id": "sc_2_1"
+ },
+ {
+ "display_name": "SC 2_2",
+ "small_cell_id": "sc_2_2"
+ }
+ ]
+ }
+ ]
+ ],
+ "template": [
+ [
+ {
+ "display_name": "Template 1",
+ "template_id": "template_1"
+ },
+ {
+ "display_name": "Template 1",
+ "template_id": "template_1"
+ }
+ ]
+ ],
+ "traffic_class": []
+ }
+]
\ No newline at end of file
diff --git a/aether-roc-umbrella/files/opa-rbac/test/out/aether-2.1.0-test-no-ent.out b/aether-roc-umbrella/files/opa-rbac/test/out/aether-2.1.0-test-no-ent.out
new file mode 100644
index 0000000..15e32dd
--- /dev/null
+++ b/aether-roc-umbrella/files/opa-rbac/test/out/aether-2.1.0-test-no-ent.out
@@ -0,0 +1,8 @@
+[
+ {
+ "application": [],
+ "site": [],
+ "template": [],
+ "traffic_class": []
+ }
+]
\ No newline at end of file
diff --git a/aether-roc-umbrella/files/opa-rbac/test/out/aether-2.1.0-test-single-ent.out b/aether-roc-umbrella/files/opa-rbac/test/out/aether-2.1.0-test-single-ent.out
new file mode 100644
index 0000000..4a617e4
--- /dev/null
+++ b/aether-roc-umbrella/files/opa-rbac/test/out/aether-2.1.0-test-single-ent.out
@@ -0,0 +1,50 @@
+[
+ {
+ "application": [],
+ "site": [
+ [
+ {
+ "display_name": "Site 1",
+ "site_id": "site_1",
+ "small_cell": [
+ {
+ "display_name": "SC 1_1",
+ "small_cell_id": "sc_1_1"
+ },
+ {
+ "display_name": "SC 1_2",
+ "small_cell_id": "sc_1_2"
+ }
+ ]
+ },
+ {
+ "display_name": "Site 2",
+ "site_id": "site_2",
+ "small_cell": [
+ {
+ "display_name": "SC 2_1",
+ "small_cell_id": "sc_2_1"
+ },
+ {
+ "display_name": "SC 2_2",
+ "small_cell_id": "sc_2_2"
+ }
+ ]
+ }
+ ]
+ ],
+ "template": [
+ [
+ {
+ "display_name": "Template 1",
+ "template_id": "template_1"
+ },
+ {
+ "display_name": "Template 1",
+ "template_id": "template_1"
+ }
+ ]
+ ],
+ "traffic_class": []
+ }
+]
\ No newline at end of file