pyhbac-test.py revision 1e710acc5ce225c7e6aa33bc0dfe8af65f49d182
import unittest
import sys
import os
import copy
if not srcdir:
srcdir = "."
# add compat methods for old unittest.TestCase versions
# (python < 2.7, RHEL5 for instance)
" Make sure we load the in-tree module "
" Restore the system path "
def testImport(self):
" Import the module and assert it comes from tree "
try:
import pyhbac
except ImportError, e:
raise e
def testInstantiateEmpty(self):
def testGetSet(self):
# Test other iterables than list
def testCategory(self):
# negative tests
def testNotIterable(self):
def testRuleElementReference(self):
def _get_rule():
def testRuleGetSetName(self):
name = "testGetRule"
new_name = "testGetNewRule"
def testRuleGetSetEnabled(self):
# negative test
def testRuleElementInRule(self):
# rule should contain empty elements after instantiation
# Assign by copying a HbacRuleElement
# Assign directly
" Test that references to RuleElement are kept even if element goes out of scope "
def _get_rule():
return rule
"users <category 0 names [] groups []> "
"services <category 0 names [] groups []> "
"targethosts <category 0 names [] groups []> "
"srchosts <category 0 names [] groups []>>")
name = "someuser"
service = "ssh"
srchost = "host1"
targethost = "host2"
"users <category 0 names [%s] groups []> "
"services <category 0 names [%s] groups []> "
"targethosts <category 0 names [%s] groups []> "
"srchosts <category 0 names [%s] groups []>>" %
def testValidate(self):
def testInstantiateEmpty(self):
name = "foo"
def testGetSet(self):
name = "foo"
# Test other iterables than list
def testGroupsNotIterable(self):
r = pyhbac.HbacRequestElement()
r.name = 'foo'
name = "req_name"
# The request should be empty after instantiation
# Assign by copying a HbacRequestElement
# Assign directly
def testRuleName(self):
# python 2.4 raises TypError, 2.7 raises AttributeError
def testEvaluate(self):
name = "someuser"
service = "ssh"
srchost = "host1"
targethost = "host2"
# Test that an allow rule on its own allows access
# Test that a user not in the rule is not allowed
# But allows if the rule is an ALL rule
name = "someuser"
service = "ssh"
srchost = "host1"
targethost = "host2"
"service <name groups []> "
"targethost <name groups []> "
"srchost <name groups []>>")
"service <name %s groups []> "
"targethost <name %s groups []> "
"srchost <name %s groups []>>" %
def testEvaluateNegative(self):
name = "someuser"
service = "ssh"
srchost = "host1"
targethost = "host2"
# catch invalid category value
# Test that invalid type is raised
# catch invalid rule type
def testHasResultTypes(self):
def testHasErrorTypes(self):
def testHasCategories(self):
def testHasRuleElementTypes(self):
def testHbacResultString(self):
for r in results:
s = pyhbac.hbac_result_string(r)
assert len(s) > 0
def testHbacErrorString(self):
for e in errors:
s = pyhbac.hbac_error_string(e)
assert len(s) > 0
if __name__ == "__main__":
error = 0
if not res.wasSuccessful():
error |= 0x1
# need to bail out here because pyhbac could not be imported
# import the pyhbac module into the global namespace, but make sure it's
# the one in tree
import pyhbac
if not res.wasSuccessful():
error |= 0x2
if not res.wasSuccessful():
error |= 0x3
if not res.wasSuccessful():
error |= 0x4
if not res.wasSuccessful():
error |= 0x5
if not res.wasSuccessful():
error |= 0x6