source: TI12-security/trunk/NDG_XACML/ndg/xacml/test/test_context.py @ 7072

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDG_XACML/ndg/xacml/test/test_context.py@7072
Revision 7072, 6.1 KB checked in by pjkersha, 9 years ago (diff)

Incomplete - task 2: XACML-Security Integration

  • Major cleanup of function factories for efficiency. Only the required factories and function classes are loaded and any loaded classes are cached for future calls. All unit tests pass.
  • Property svn:keywords set to Id
Line 
1#!/usr/bin/env python
2"""NDG XACML Context unit test package
3
4NERC DataGrid Project
5"""
6__author__ = "P J Kershaw"
7__date__ = "26/03/10"
8__copyright__ = "(C) 2010 Science and Technology Facilities Council"
9__contact__ = "Philip.Kershaw@stfc.ac.uk"
10__license__ = "BSD - see LICENSE file in top-level directory"
11__contact__ = "Philip.Kershaw@stfc.ac.uk"
12__revision__ = "$Id$"
13import unittest
14from os import path
15import logging
16logging.basicConfig(level=logging.DEBUG)
17
18from ndg.xacml.test import XACML_NDGTEST1_FILEPATH
19from ndg.xacml.parsers.etree.factory import ReaderFactory
20from ndg.xacml.core.context.pdpinterface import PDPInterface
21from ndg.xacml.core.context.pdp import PDP
22from ndg.xacml.core.context.handler import CtxHandlerInterface
23from ndg.xacml.core.attribute import Attribute
24from ndg.xacml.core.attributevalue import AttributeValueClassFactory
25from ndg.xacml.core.context.request import Request
26from ndg.xacml.core.context.response import Response
27from ndg.xacml.core.context.result import Result, Decision
28from ndg.xacml.core.context.subject import Subject
29from ndg.xacml.core.context.resource import Resource
30from ndg.xacml.core.context.action import Action
31
32               
33class TestContextHandler(CtxHandlerInterface):
34    """Test implementation of Context Handler"""
35   
36    def __init__(self):
37        """Add an attribute to hold a reference to a policy information point"""
38       
39        super(TestContextHandler, self).__init__()
40        self.pip = None       
41       
42    def handlePEPRequest(self, myRequest):
43        """Handle request from Policy Enforcement Point
44       
45        @param pepRequest: request from PEP, derived class determines its type
46        e.g. SAML AuthzDecisionQuery
47        @type pepRequest: type
48        @return: PEP response - derived class determines type
49        @rtype: None
50        """
51       
52        # Convert myRequest to XACML context request - var assignment here is
53        # representative of this process rather than actually doing anything.
54        request = myRequest
55       
56        if self.pdp is None:
57            raise TypeError('No "pdp" attribute set')
58       
59        response = self.pdp.evaluate(request)
60       
61        # Convert XACML context response to domain specific request
62        myResponse = response
63       
64        return myResponse
65
66
67class XACMLContextTestCase(unittest.TestCase):
68    """Test PDP, PAP, PIP and Context handler"""
69   
70    def _createRequestCtx(self):
71        request = Request()
72        subject = Subject()
73       
74        attributeValueFactory = AttributeValueClassFactory()
75       
76        openidSubjectAttribute = Attribute()
77        roleAttribute = Attribute()
78       
79        openidSubjectAttribute.attributeId = "urn:esg:openid"
80        AnyUriAttributeValue = attributeValueFactory(
81                                    'http://www.w3.org/2001/XMLSchema#anyURI')
82        openidSubjectAttribute.dataType = AnyUriAttributeValue.IDENTIFIER
83       
84        openidSubjectAttribute.attributeValues.append(AnyUriAttributeValue())
85        openidSubjectAttribute.attributeValues[-1].value = \
86                                    'https://my.name.somewhere.ac.uk'
87       
88        subject.attributes.append(openidSubjectAttribute)
89
90        StringAttributeValue = attributeValueFactory(
91                                    'http://www.w3.org/2001/XMLSchema#string')
92
93        roleAttribute.attributeId = "urn:ndg:security:authz:1.0:attr"
94        roleAttribute.dataType = StringAttributeValue.IDENTIFIER
95       
96        roleAttribute.attributeValues.append(StringAttributeValue())
97        roleAttribute.attributeValues[-1].value = 'staff' 
98       
99        subject.attributes.append(roleAttribute)
100                                 
101        request.subjects.append(subject)
102       
103        resource = Resource()
104        resourceAttribute = Attribute()
105        resource.attributes.append(resourceAttribute)
106       
107        resourceAttribute.attributeId = \
108                            "urn:oasis:names:tc:xacml:1.0:resource:resource-id"
109                           
110        resourceAttribute.dataType = AnyUriAttributeValue.IDENTIFIER
111        resourceAttribute.attributeValues.append(AnyUriAttributeValue())
112        resourceAttribute.attributeValues[-1].value = \
113                                            'http://localhost/test_securedURI'
114
115        request.resources.append(resource)
116       
117        request.action = Action()
118        actionAttribute = Attribute()
119        request.action.attributes.append(actionAttribute)
120       
121        actionAttribute.attributeId = \
122                                "urn:oasis:names:tc:xacml:1.0:action:action-id"
123        actionAttribute.dataType = StringAttributeValue.IDENTIFIER
124        actionAttribute.attributeValues.append(StringAttributeValue())
125        actionAttribute.attributeValues[-1].value = 'read'
126       
127        return request
128   
129    def test01CreateRequest(self):
130        requestCtx = self._createRequestCtx()
131        self.assert_(requestCtx)
132       
133    def test02CreateResponse(self):
134        response = Response()
135        result = Result()
136        response.results.append(result)
137        result.decision = Decision()
138        result.decision.value = Decision.NOT_APPLICABLE
139       
140    def test03AbstractCtxHandler(self):
141        self.assertRaises(TypeError, CtxHandlerInterface, 
142                          "Context handler is an abstract base class")
143       
144    def test04CreateCtxHandler(self):
145        ctxHandler = TestContextHandler()
146       
147    def test04PDPInterface(self):
148        self.assertRaises(TypeError, PDPInterface)
149       
150    def test05CreatePDP(self):
151        pdp = PDP()
152        self.assert_(pdp)
153       
154    def _createPDPfromPolicy(self):
155        pdp = PDP.fromPolicySource(XACML_NDGTEST1_FILEPATH, ReaderFactory)
156        return pdp
157       
158    def test06CreatePDPfromPolicy(self):
159        pdp = self._createPDPfromPolicy()
160        self.assert_(pdp)
161       
162    def test07EvaluatePDP(self):
163        request = self._createRequestCtx()
164        pdp = self._createPDPfromPolicy()
165        response = pdp.evaluate(request)
166        self.assert_(response)
167
168       
169if __name__ == "__main__":
170    unittest.main()
Note: See TracBrowser for help on using the repository browser.