Blame - lib/xos-genx/xos-genx-tests/test_xos_validation.py - xos

blob: f2f8ce39b8775e05803d3b4c26ec4bdb0e51a125 [file] [log] [blame]

Matteo Scandolo	d2044a4	2017-08-07 16:08:28 -0700	[diff] [blame]	1
				2	# Copyright 2017-present Open Networking Foundation
				3	#
				4	# Licensed under the Apache License, Version 2.0 (the "License");
				5	# you may not use this file except in compliance with the License.
				6	# You may obtain a copy of the License at
				7	#
				8	# http://www.apache.org/licenses/LICENSE-2.0
				9	#
				10	# Unless required by applicable law or agreed to in writing, software
				11	# distributed under the License is distributed on an "AS IS" BASIS,
				12	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	# See the License for the specific language governing permissions and
				14	# limitations under the License.
				15
				16
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	17	import unittest
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	18	from xosgenx.generator import XOSProcessor, XOSProcessorArgs
				19	from helpers import FakeObject, XProtoTestHelpers
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	20
				21	"""The function below is for eliminating warnings arising due to the missing policy_output_validator,
				22	which is generated and loaded dynamically.
				23	"""
				24	def policy_output_validator(x, y):
				25	raise Exception("Validator not generated. Test failed.")
				26	return False
				27
				28	"""
				29	The tests below use the Python code target to generate
				30	Python validation policies, set up an appropriate environment and execute the Python.
				31	"""
				32	class XProtoXOSModelValidationTest(unittest.TestCase):
				33	def setUp(self):
				34	self.target = XProtoTestHelpers.write_tmp_target("{{ xproto_fol_to_python_validator('output', proto.policies.test_policy, None, 'Necessary Failure') }}")
				35
				36	def test_instance_container(self):
				37	xproto = \
				38	"""
				39	policy test_policy < (obj.isolation = "container" \| obj.isolation = "container_vm" ) -> (obj.image.kind = "container") >
				40	"""
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	41	args = XOSProcessorArgs()
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	42	args.inputs = xproto
				43	args.target = self.target
				44
Sapan Bhatia	bfb233a	2018-02-09 14:53:09 -0800	[diff] [blame]	45	output = XOSProcessor.process(args)
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	46
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	47	obj = FakeObject()
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	48	obj.isolation = 'container'
				49	obj.kind = 'not a container'
				50
				51	exec(output) # This loads the generated function, which should look like this:
				52
				53	"""
				54	def policy_output_validator(obj, ctx):
				55	i4 = (obj.isolation == 'container')
				56	i5 = (self.isolation == 'container_vm')
				57	i2 = (i4 or i5)
				58	i3 = (obj.image.kind == 'container')
				59	i1 = (i2 or i3)
				60	return i1
				61	"""
				62
				63	with self.assertRaises(Exception):
				64	policy_output_validator(obj, {})
				65
				66	def test_slice_name_validation(self):
				67	xproto = \
				68	"""
				69	policy test_policy < not obj.id -> {{ obj.name.startswith(obj.site.login_base) }} >
				70	"""
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	71	args = XOSProcessorArgs()
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	72	args.inputs = xproto
				73	args.target = self.target
				74
Sapan Bhatia	bfb233a	2018-02-09 14:53:09 -0800	[diff] [blame]	75	output = XOSProcessor.process(args)
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	76
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	77	obj = FakeObject()
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	78	obj.isolation = 'container'
				79	obj.kind = 'not a container'
				80
				81	exec(output) # This loads the generated function, which should look like this:
				82
				83	"""
				84	def policy_output_validator(obj, ctx):
				85	i3 = obj.id
				86	i4 = obj.name.startswith(obj.site.login_base)
				87	i2 = ((not i3) or i4)
				88	i1 = (not i2)
				89	if (not i1):
				90	raise ValidationError('Necessary Failure')
				91	"""
				92
				93	with self.assertRaises(Exception):
				94	policy_output_validator(obj, {})
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	95
				96	def test_equal(self):
				97	xproto = \
				98	"""
				99	policy test_policy < not (ctx.user = obj.user) >
				100	"""
				101
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	102	args = XOSProcessorArgs()
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	103	args.inputs = xproto
				104	args.target = self.target
				105
Sapan Bhatia	bfb233a	2018-02-09 14:53:09 -0800	[diff] [blame]	106	output = XOSProcessor.process(args)
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	107
				108	exec(output) # This loads the generated function, which should look like this:
				109
				110	"""
				111	def policy_output_validator(obj, ctx):
				112	i2 = (ctx.user == obj.user)
				113	i1 = (not i2)
				114	if (not i1):
				115	raise Exception('Necessary Failure')
				116	"""
				117
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	118	obj = FakeObject()
				119	obj.user = 1
				120	ctx = FakeObject()
				121	ctx.user = 1
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	122
				123	with self.assertRaises(Exception):
				124	policy_output_validator(obj, ctx)
				125
				126	def test_bin(self):
				127	xproto = \
				128	"""
Sapan Bhatia	b69f470	2017-07-31 16:03:33 -0400	[diff] [blame]	129	policy test_policy < not (ctx.is_admin = True \| obj.empty = True) \| False>
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	130	"""
				131
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	132	args = XOSProcessorArgs()
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	133	args.inputs = xproto
				134	args.target = self.target
				135
Sapan Bhatia	bfb233a	2018-02-09 14:53:09 -0800	[diff] [blame]	136	output = XOSProcessor.process(args)
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	137	exec(output) # This loads the generated function, which should look like this:
				138
				139	"""
				140	def policy_output_validator(obj, ctx):
				141	i2 = (ctx.is_admin == True)
				142	i3 = (obj.empty == True)
				143	i1 = (i2 or i3)
				144	if (not i1):
				145	raise Exception('Necessary Failure')
				146	"""
				147
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	148	obj = FakeObject()
				149	obj.empty = True
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	150
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	151	ctx = FakeObject()
				152	ctx.is_admin = True
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	153
				154	with self.assertRaises(Exception):
				155	verdict = policy_output_validator(obj, ctx)
				156
				157
				158	def test_exists(self):
				159	xproto = \
				160	"""
				161	policy test_policy < exists Privilege: Privilege.object_id = obj.id >
				162	"""
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	163	args = XOSProcessorArgs()
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	164	args.inputs = xproto
				165	args.target = self.target
				166
Sapan Bhatia	bfb233a	2018-02-09 14:53:09 -0800	[diff] [blame]	167	output = XOSProcessor.process(args)
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	168	exec(output) # This loads the generated function, which should look like this:
				169
				170	"""
				171	def policy_output_validator(obj, ctx):
				172	i1 = Privilege.objects.filter(Q(object_id=obj.id))[0]
				173	if (not i1):
				174	raise Exception('Necessary Failure')
				175	"""
				176
				177	self.assertTrue(policy_output_validator is not None)
				178
				179	def test_python(self):
				180	xproto = \
				181	"""
				182	policy test_policy < {{ "jack" in ["the", "box"] }} = True >
				183	"""
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	184	args = XOSProcessorArgs()
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	185	args.inputs = xproto
				186	args.target = self.target
Sapan Bhatia	bfb233a	2018-02-09 14:53:09 -0800	[diff] [blame]	187	output = XOSProcessor.process(args)
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	188	exec(output) # This loads the generated function, which should look like this:
				189
				190	"""
				191	def policy_output_validator(obj, ctx):
				192	i2 = ('jack' in ['the', 'box'])
				193	i1 = (i2 == True)
				194	if (not i1):
				195	raise Exception('Necessary Failure')
				196	"""
				197
				198	with self.assertRaises(Exception):
				199	self.assertTrue(policy_output_validator({}, {}) is True)
				200
				201	def test_forall(self):
				202	# This one we only parse
				203	xproto = \
				204	"""
				205	policy test_policy < forall Credential: Credential.obj_id = obj_id >
				206	"""
				207
Scott Baker	1f7791d	2018-10-04 13:21:20 -0700	[diff] [blame^]	208	args = XOSProcessorArgs()
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	209	args.inputs = xproto
				210	args.target = self.target
				211
Sapan Bhatia	bfb233a	2018-02-09 14:53:09 -0800	[diff] [blame]	212	output = XOSProcessor.process(args)
Sapan Bhatia	5ea307d	2017-07-19 00:13:21 -0400	[diff] [blame]	213
				214	"""
				215	def policy_output_enforcer(obj, ctx):
				216	i2 = Credential.objects.filter((~ Q(obj_id=obj_id)))[0]
				217	i1 = (not i2)
				218	return i1
				219	"""
				220
				221	self.assertIn('policy_output_validator', output)
				222
				223	if __name__ == '__main__':
				224	unittest.main()