Home | Trees | Indices | Help |
|
---|
|
1 """NDG XACML tests for custom function 2 3 NERC DataGrid 4 """ 5 __author__ = "R B Wilkinson" 6 __date__ = "14/03/12" 7 __copyright__ = "" 8 __license__ = "BSD - see LICENSE file in top-level directory" 9 __contact__ = "Philip.Kershaw@stfc.ac.uk" 10 __revision__ = '$Id$' 11 12 import logging 13 from os import path 14 import unittest 15 16 # Imports for custom functions 17 import hashlib 18 import urllib 19 from ndg.xacml.core.attributevalue import AttributeValueClassFactory 20 from ndg.xacml.core.context.exceptions import XacmlContextTypeError 21 from ndg.xacml.core.functions import (AbstractFunction, 22 FunctionClassFactoryBase, 23 functionMap) 24 25 # Imports for tests 26 from ndg.xacml.core.context.pdp import PDP 27 from ndg.xacml.core.context.result import Decision 28 from ndg.xacml.parsers.etree.factory import ReaderFactory 29 from ndg.xacml.test.context import XacmlContextBaseTestCase 30 31 logging.basicConfig(level=logging.DEBUG) 32 33 THIS_DIR = path.dirname(__file__) 34 XACML_CUSTOM_FUNCTION_TEST_FILEPATH = path.join(THIS_DIR, "policy_custom_function.xml") 35 36 attributeValueClassFactory = AttributeValueClassFactory() 37 38 # Custom function definitions40 FUNCTION_NS = None 41 TYPE = attributeValueClassFactory('http://www.w3.org/2001/XMLSchema#string') 42 RETURN_TYPE = attributeValueClassFactory( 43 'http://www.w3.org/2001/XMLSchema#string')60 6145 """URL encodes a value 46 47 @param arg: 48 @type arg: str 49 @return: URL encoded value 50 @rtype: str 51 @raise XacmlContextTypeError: incorrect type for input 52 """ 53 if not isinstance(arg, self.__class__.TYPE): 54 raise XacmlContextTypeError('Expecting type %r for ' 55 'argument; got %r' % 56 (self.__class__.TYPE, 57 type(arg))) 58 result = hashlib.md5(arg.value).hexdigest() 59 return self.__class__.RETURN_TYPE(result)63 """Class Factory for *-md5hex XACML custom function classes 64 65 @cvar FUNCTION_NAMES: function URNs 66 @type FUNCTION_NAMES: tuple 67 68 @cvar FUNCTION_NS_SUFFIX: generic suffix for md5hex function URNs 69 @type FUNCTION_NS_SUFFIX: string 70 71 @cvar FUNCTION_BASE_CLASS: base class for all md5hex classes 72 @type FUNCTION_BASE_CLASS: type 73 """ 74 FUNCTION_NAMES = ( 75 'urn:ndg:xacml:2.0:function:string-md5hex', 76 'urn:ndg:xacml:2.0:function:anyURI-md5hex' 77 ) 78 FUNCTION_NS_SUFFIX = '-md5hex' 79 FUNCTION_BASE_CLASS = Md5HexBase80 8183 FUNCTION_NS = None 84 TYPE = attributeValueClassFactory('http://www.w3.org/2001/XMLSchema#string') 85 RETURN_TYPE = attributeValueClassFactory( 86 'http://www.w3.org/2001/XMLSchema#string')103 10488 """URL encodes a value 89 90 @param arg: 91 @type arg: str 92 @return: URL encoded value 93 @rtype: str 94 @raise XacmlContextTypeError: incorrect type for input 95 """ 96 if not isinstance(arg, self.__class__.TYPE): 97 raise XacmlContextTypeError('Expecting type %r for ' 98 'argument; got %r' % 99 (self.__class__.TYPE, 100 type(arg))) 101 result = urllib.quote_plus(arg.value) 102 return self.__class__.RETURN_TYPE(result)106 """Class Factory for *-urlencode XACML custom function classes 107 108 @cvar FUNCTION_NAMES: function URNs 109 @type FUNCTION_NAMES: tuple 110 111 @cvar FUNCTION_NS_SUFFIX: generic suffix for urlencode function URNs 112 @type FUNCTION_NS_SUFFIX: string 113 114 @cvar FUNCTION_BASE_CLASS: base class for all urlencode classes 115 @type FUNCTION_BASE_CLASS: type 116 """ 117 FUNCTION_NAMES = ( 118 'urn:ndg:xacml:2.0:function:string-urlencode', 119 'urn:ndg:xacml:2.0:function:anyURI-urlencode' 120 ) 121 FUNCTION_NS_SUFFIX = '-urlencode' 122 FUNCTION_BASE_CLASS = UrlencodeBase123 124126 """Add functions to encode values for, e.g., constructing paths from 127 subject IDs. 128 """ 129 for name in Md5HexFunctionClassFactory.FUNCTION_NAMES: 130 functionMap.load_custom_function(name, Md5HexFunctionClassFactory()) 131 for name in UrlencodeFunctionClassFactory.FUNCTION_NAMES: 132 functionMap.load_custom_function(name, UrlencodeFunctionClassFactory())133 134136 137 RESOURCE1_ID = 'http://localhost/resource1' 138 RESOURCE2_ID = 'http://localhost/resource2' 139 RESOURCE3_ID = 'http://localhost/resource3' 140 RESOURCE4_ID = 'http://localhost/resource4' 141 RESOURCE5_ID = 'http://localhost/resource5' 142 RESOURCE6_ID = 'http://localhost/resource6' 143 RESOURCE7_ID = 'http://localhost/resource7' 144 RESOURCE8_ID = 'http://localhost/resource8' 145 146257 258 if __name__ == "__main__": 259 unittest.main() 260148 addXacmlEncodeFunctions()149151 """Test URL encoding of a string value resulting in a permit decision. 152 """ 153 self.pdp = PDP.fromPolicySource(XACML_CUSTOM_FUNCTION_TEST_FILEPATH, 154 ReaderFactory) 155 request = self._createRequestCtx(self.__class__.RESOURCE1_ID, 156 subjectRoles=('role1',)) 157 response = self.pdp.evaluate(request) 158 self.failIf(response is None, "Null response") 159 for result in response.results: 160 self.failIf(result.decision != Decision.PERMIT, 161 "Expecting Permit decision")162164 """Test URL encoding of a string value resulting in a deny decision. 165 """ 166 self.pdp = PDP.fromPolicySource(XACML_CUSTOM_FUNCTION_TEST_FILEPATH, 167 ReaderFactory) 168 request = self._createRequestCtx(self.__class__.RESOURCE2_ID, 169 subjectRoles=('role1',)) 170 response = self.pdp.evaluate(request) 171 self.failIf(response is None, "Null response") 172 for result in response.results: 173 self.failIf(result.decision != Decision.DENY, 174 "Expecting Deny decision")175177 """Test URL encoding of a URI value resulting in a permit decision. 178 """ 179 self.pdp = PDP.fromPolicySource(XACML_CUSTOM_FUNCTION_TEST_FILEPATH, 180 ReaderFactory) 181 request = self._createRequestCtx(self.__class__.RESOURCE3_ID, 182 subjectRoles=('role1',)) 183 response = self.pdp.evaluate(request) 184 self.failIf(response is None, "Null response") 185 for result in response.results: 186 self.failIf(result.decision != Decision.PERMIT, 187 "Expecting Permit decision")188190 """Test URL encoding of a URI value resulting in a deny decision. 191 """ 192 self.pdp = PDP.fromPolicySource(XACML_CUSTOM_FUNCTION_TEST_FILEPATH, 193 ReaderFactory) 194 request = self._createRequestCtx(self.__class__.RESOURCE4_ID, 195 subjectRoles=('role1',)) 196 response = self.pdp.evaluate(request) 197 self.failIf(response is None, "Null response") 198 for result in response.results: 199 self.failIf(result.decision != Decision.DENY, 200 "Expecting Deny decision")201203 """Test MD5 hex encoding of a string value resulting in a permit 204 decision. 205 """ 206 self.pdp = PDP.fromPolicySource(XACML_CUSTOM_FUNCTION_TEST_FILEPATH, 207 ReaderFactory) 208 request = self._createRequestCtx(self.__class__.RESOURCE5_ID, 209 subjectRoles=('role1',)) 210 response = self.pdp.evaluate(request) 211 self.failIf(response is None, "Null response") 212 for result in response.results: 213 self.failIf(result.decision != Decision.PERMIT, 214 "Expecting Permit decision")215217 """Test MD5 hex encoding of a string value resulting in a deny 218 decision. 219 """ 220 self.pdp = PDP.fromPolicySource(XACML_CUSTOM_FUNCTION_TEST_FILEPATH, 221 ReaderFactory) 222 request = self._createRequestCtx(self.__class__.RESOURCE6_ID, 223 subjectRoles=('role1',)) 224 response = self.pdp.evaluate(request) 225 self.failIf(response is None, "Null response") 226 for result in response.results: 227 self.failIf(result.decision != Decision.DENY, 228 "Expecting Deny decision")229231 """Test MD5 hex encoding of a URI value resulting in a permit 232 decision. 233 """ 234 self.pdp = PDP.fromPolicySource(XACML_CUSTOM_FUNCTION_TEST_FILEPATH, 235 ReaderFactory) 236 request = self._createRequestCtx(self.__class__.RESOURCE7_ID, 237 subjectRoles=('role1',)) 238 response = self.pdp.evaluate(request) 239 self.failIf(response is None, "Null response") 240 for result in response.results: 241 self.failIf(result.decision != Decision.PERMIT, 242 "Expecting Permit decision")243245 """Test MD5 hex encoding of a URI value resulting in a deny 246 decision. 247 """ 248 self.pdp = PDP.fromPolicySource(XACML_CUSTOM_FUNCTION_TEST_FILEPATH, 249 ReaderFactory) 250 request = self._createRequestCtx(self.__class__.RESOURCE8_ID, 251 subjectRoles=('role1',)) 252 response = self.pdp.evaluate(request) 253 self.failIf(response is None, "Null response") 254 for result in response.results: 255 self.failIf(result.decision != Decision.DENY, 256 "Expecting Deny decision")
Home | Trees | Indices | Help |
|
---|
Generated by Epydoc 3.0.1 on Thu Apr 5 08:44:41 2012 | http://epydoc.sourceforge.net |