Access Control & Security

2 test modules, 72 test cases. ← Back to overview

testACP.py — Access Control Policy (<ACP>) resource lifecycle and permission evaluation (61 tests)

#	Test Method	Requests Performed
1	`test_createACP`	CREATE an <ACP> under <CSEBase> with `pv` listing 5 originators (including 2 wildcard patterns) and `pvs` listing 2 -> expects CREATED.
2	`test_retrieveACP`	RETRIEVE the <ACP> -> expects OK.
3	`test_retrieveACPwrongOriginator`	RETRIEVE the <ACP> with an unauthorized originator -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
4	`test_attributesACP`	RETRIEVE the <ACP> -> expects OK; checks `ty`, timestamps ordering, `pv.acr` (originators/`acop=ALL`), and `pvs.acr` (originators/`acop=ALL`) all match what was created.
5	`test_updateACP`	UPDATE the <ACP> setting `lbl` -> expects UPDATED; checks `lbl`.
6	`test_updateACPwrongOriginator`	UPDATE the <ACP> with an unauthorized originator -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
7	`test_addACPtoAE`	CREATE an <AE> referencing the <ACP> via `acpi` -> expects CREATED; checks `acpi` contains the ACP's `ri`.
8	`test_updateAEACPIWrong`	UPDATE the <AE> setting both `lbl` and `acpi` together (not allowed in combination) -> expects something other than UPDATED.
9	`test_updateAEACPIWrong2`	UPDATE the <AE> setting `acpi` to a non-existent ACP reference -> expects something other than UPDATED.
10	`test_updateAEACPIWrongOriginator`	UPDATE the <AE>'s `acpi` using an originator not authorized on the referenced ACP -> expects something other than UPDATED.
11	`test_updateAEACPIOtherOriginator`	UPDATE the <AE>'s `acpi` using a second authorized originator -> expects UPDATED.
12	`test_updateAElblWithWildCardOriginator`	UPDATE the <AE>'s `lbl` using an originator matching a wildcard ACP pattern (`Canother*`) -> expects UPDATED; checks `lbl`.
13	`test_updateAElblWithWildCardOriginator2`	Same but using an originator matching a different wildcard pattern (`Cyet*Originator`) -> expects UPDATED; checks `lbl`.
14	`test_updateAElblWithWildCardOriginator3WrongFail`	Same but with an originator that does NOT match either wildcard pattern -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
15	`test_updateACPEmptyPVSFail`	UPDATE the <ACP> setting `pvs={}` (empty) -> expects BAD_REQUEST.
16	`test_updateACPNoPVSFail`	UPDATE the <ACP> setting `pvs=None` (removing self-privileges) -> expects BAD_REQUEST.
17	`test_createACPNoPVSFail`	CREATE an <ACP> with no `pvs` at all -> expects BAD_REQUEST.
18	`test_createACPEmptyPVSFail`	CREATE an <ACP> with `pvs={}` -> expects BAD_REQUEST.
19	`test_createCNTwithNoACPI`	CREATE a <CNT> with no `acpi` -> expects CREATED; checks `acpi` absent.
20	`test_retrieveCNTwithNoACPI`	RETRIEVE the <CNT> (no ACP, falls back to parent's permissions) with the admin originator -> expects OK.
21	`test_retrieveCNTwithNoACPIWrongOriginator`	RETRIEVE the same <CNT> with an unauthorized originator -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
22	`test_deleteCNTwithNoACPI`	DELETE the <CNT> -> expects DELETED.
23	`test_createCNTwithNoACPIAndCustodian`	CREATE a <CNT> with no `acpi` but a `cstn` (custodian) set -> expects CREATED.
24	`test_retrieveCNTwithNoACPIAndCustodian`	RETRIEVE the <CNT> using the custodian's originator -> expects OK.
25	`test_retrieveCNTwithNoACPIAndCustodianAEOriginator`	RETRIEVE the same <CNT> using the parent <AE>'s originator (not the custodian) -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
26	`test_retrieveCNTwithNoACPIAndCustodianWrongOriginator`	RETRIEVE the <CNT> with a wholly unrelated originator -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
27	`test_deleteCNTwithNoACPIAndCustodian`	DELETE the <CNT> using the custodian's originator -> expects DELETED.
28	`test_removeACPfromAEWrong`	UPDATE the <AE> removing the ACP reference from `acpi` while also keeping other entries but as the only attribute besides `pvs` issue (effectively malformed) -> expects BAD_REQUEST.
29	`test_removeACPfromAEWrong2`	UPDATE the <AE> setting `acpi=None` using the AE's own originator (which would remove its own self-privileges) -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
30	`test_removeACPfromAE`	UPDATE the <AE> setting `acpi=None` using an authorized ACP originator -> expects UPDATED.
31	`test_deleteACPwrongOriginator`	DELETE the <ACP> with an unauthorized originator -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
32	`test_deleteACP`	DELETE the <ACP> with the correct originator -> expects DELETED.
33	`test_createACPUnderCSEBaseWithOriginator`	CREATE an <ACP> directly under <CSEBase> using the <AE>'s own originator, with an empty `pv.acr` -> expects CREATED.
34	`test_deleteACPUnderCSEBaseWithOriginator`	DELETE that <ACP> using the same originator -> expects DELETED.
35	`test_createACPUnderAEWithChty`	CREATE an <ACP> under the <AE> with `acod.chty=[CNT]` (restrict child-create to CNT type only) -> expects CREATED; checks `acod.chty`.
36	`test_updateAEACPIForChty`	UPDATE the <AE> to reference that ACP via `acpi` -> expects UPDATED; checks `acpi`.
37	`test_testACPChty`	CREATE a <CNT> under the <AE> (allowed by `chty`) -> expects CREATED; CREATE a <FCNT> (not allowed by `chty`) -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
38	`test_deleteACPUnderAEWithChty`	DELETE the chty-restricted <ACP> -> expects DELETED.
39	`test_accessCINwithDifferentAENoAcpi`	Set up 2 <AE>s, an <ACP> and a <CNT>/<CIN> under the 2nd <AE> (no `acpi` on the CNT) -> all CREATEs expect CREATED; RETRIEVE the <CIN>'s `la` using the 1st <AE>'s originator -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
40	`test_accessCINwithDifferentAEWithAcpi`	UPDATE the <CNT> to add the <ACP> (which grants the 1st AE access) via `acpi` -> expects UPDATED; RETRIEVE the <CIN>'s `la` with the 1st AE's originator -> expects OK.
41	`test_discoverCINwithDifferentAEWithAcpi`	Discover <CIN>s (`fu=1&ty=4`) under the <CNT> using the 1st AE's originator -> expects OK; checks exactly 1 matching result.
42	`test_retrieveACPwithoutRETRIEVEAccessFail`	CREATE an <ACP> whose `pvs` grants all permissions except RETRIEVE -> expects CREATED; RETRIEVE the <ACP> itself using that originator -> expects ORIGINATOR_HAS_NO_PRIVILEGE.
43	`test_createACPWithWrongTyFail`	CREATE an <ACP> with `acod.ty` given as a single value instead of a list -> expects BAD_REQUEST.
44	`test_createACPWithTy`	CREATE an <ACP> with `acod.ty=CNT` (correct list-free form accepted) and `acod.chty=[CNT]` -> expects CREATED; checks `acod.chty`; CREATE a <CNT> referencing it -> expects CREATED; attempt to CREATE a <CIN> under it (RETRIEVE+CREATE granted, but CIN not in `chty`) -> expects ORIGINATOR_HAS_NO_PRIVILEGE; RETRIEVE the <CNT> -> expects OK; CREATE a nested <CNT> (matches `acod.ty`/`chty`) -> expects CREATED.
45	`test_testACPacorGRP`	Set up an <AE>, a <GRP> containing the AE as a member, an <ACP> whose `pv.acor` references the <GRP> itself, and a <CNT> using that ACP -> all CREATEs expect CREATED; CREATE a <CIN> using the AE's originator (group member) -> expects CREATED; CREATE a <CIN> with an unrelated originator -> expects ORIGINATOR_HAS_NO_PRIVILEGE; cleanup DELETEs (not checked).
46	`test_createACPwithACA`	CREATE an <AE>; CREATE an <ACP> with `pv.acr.aca=['lbl']` (attribute-restricted access) -> expects CREATED; checks `aca`; DELETE the <AE> (cascading the ACP) -> expects DELETED.
47	`test_updateACPwithACA`	Same setup, re-verifying `aca` creation behavior -> expects CREATED, checks `aca`; cleanup DELETE -> expects DELETED.
48	`test_createACPwithACARetrieveCntFail`	CREATE an <AE>, an <ACP> with `aca=['lbl']` for a different originator, and a <CNT> using it -> all expect CREATED; RETRIEVE the full <CNT> with that originator (full retrieve not allowed when `aca` restricts to non-RETRIEVE-relevant attrs) -> expects ORIGINATOR_HAS_NO_PRIVILEGE; cleanup DELETE -> expects DELETED.
49	`test_createACPwithACARetrieveCnt`	Same setup but `aca` lists nearly all attributes -> CREATE all expect CREATED; RETRIEVE the full <CNT> -> expects OK; cleanup DELETE -> expects DELETED.
50	`test_createACPwithACARetrieveCntPartial`	Same setup with `aca=['lbl']` only -> CREATE all expect CREATED; partial RETRIEVE (`atrl=lbl`) -> expects OK; cleanup DELETE -> expects DELETED.
51	`test_createACPwithACARetrieveCntPartialFail`	Same `aca=['lbl']` setup -> partial RETRIEVE of a different attribute (`atrl=rn`, not in `aca`) -> expects ORIGINATOR_HAS_NO_PRIVILEGE; cleanup DELETE -> expects DELETED.
52	`test_createACPwithACAAndSimpleACPRetrieveCntPartial`	CREATE 2 ACPs (one with `aca=['lbl']`, one plain full-RETRIEVE) both referenced on the same <CNT> -> all expect CREATED; partial RETRIEVE of `rn` -> expects OK (the simple ACP grants it); cleanup DELETE -> expects DELETED.
53	`test_createACPwithACADeleteCntFail`	Same `aca=['lbl']` pattern but with `acop=DELETE` -> DELETE the <CNT> with that originator -> expects ORIGINATOR_HAS_NO_PRIVILEGE; cleanup DELETE -> expects DELETED.
54	`test_createACPwithACADeleteCnt`	Same but `aca` lists all attributes -> DELETE the <CNT> -> expects DELETED; cleanup DELETE of the AE -> expects DELETED.
55	`test_createACPwithACACREATECntFail`	ACP with `acop=CREATE`, `aca=['lbl','rn']` -> CREATE a nested <CNT> with an attribute (`mni`) not in `aca` -> expects ORIGINATOR_HAS_NO_PRIVILEGE; cleanup DELETE -> expects DELETED.
56	`test_createACPwithACACREATECnt`	Same but `aca` also includes `mni` -> CREATE the nested <CNT> with `mni` -> expects CREATED, checks only `rn`/`lbl`/`mni` are present in the response (CSE-internal attributes suppressed); cleanup DELETE -> expects DELETED.
57	`test_createACPwithACAUPDATECntFail`	ACP with `acop=UPDATE`, `aca=['lbl']` -> UPDATE the <CNT>'s `mni` (not in `aca`) -> expects ORIGINATOR_HAS_NO_PRIVILEGE; cleanup DELETE -> expects DELETED.
58	`test_createACPwithACAUPDATECnt`	Same but UPDATE `lbl` (in `aca`) -> expects UPDATED; cleanup DELETE -> expects DELETED.
59	`test_createACPwithACAFRetrieveCnt`	(HTTP Basic Auth only) CREATE an <ACP> with `acaf` (authenticated-only access flag) for a different originator, and a <CNT> using it -> expect CREATED; RETRIEVE the <CNT> -> expects OK if HTTP/token/OAuth authentication is configured, otherwise ORIGINATOR_HAS_NO_PRIVILEGE; cleanup DELETE -> expects DELETED.
60	`test_createACPwithACTWRetrieveCnt`	CREATE an <AE>, an <ACP> with `acco.actw` (access control time window) set to an always-matching cron expression, and a <CNT> using it -> all expect CREATED; RETRIEVE the <CNT> -> expects OK (inside the window); cleanup DELETE -> expects DELETED.
61	`test_createACPwithACTWRetrieveCntFail`	Same but `actw` set to a cron expression that never matches (year 1984) -> RETRIEVE the <CNT> -> expects ORIGINATOR_HAS_NO_PRIVILEGE (outside the window); cleanup DELETE -> expects DELETED.

testDAC.py — Dynamic Authorization Consultation (DAC) functionality (11 tests)

#	Test Method	Requests Performed
1	`test_createDACunderCSEFail`	CREATE a <DAC> under the <CSEBase> missing the mandatory `dap` attribute -> expects BAD_REQUEST.
2	`test_createDACunderCSE`	CREATE a <DAC> under the <CSEBase> with `dae=False` and `dap=['aURL']` -> expects CREATED.
3	`test_retrieveDACunderCSE`	RETRIEVE the <DAC> under the <CSEBase> -> expects OK; checks `rn`, `dae`, `dap` match what was created.
4	`test_updateDACunderCSEFail`	UPDATE the <DAC> setting `dap` to `None` (removing the mandatory attribute) -> expects BAD_REQUEST.
5	`test_updateDACunderCSE2Fail`	UPDATE the <DAC> setting `dap` to an empty list -> expects BAD_REQUEST.
6	`test_updateDACunderCSE`	UPDATE the <DAC> setting `dae=True`, a new `dap` list, and `dal` (a future timestamp) -> expects UPDATED; RETRIEVE it -> expects OK, checks all updated attributes.
7	`test_deleteDACunderCSE`	DELETE the <DAC> under the <CSEBase> -> expects DELETED.
8	`test_createDACunderAE`	CREATE a <DAC> under the <AE> with `dae=False`, `dap=['aURL']` -> expects CREATED.
9	`test_retrieveDACunderAE`	RETRIEVE the <DAC> under the <AE> -> expects OK; checks `rn`, `dae`, `dap`.
10	`test_updateDACunderAE`	UPDATE the <DAC> under the <AE> setting `dae=True`, new `dap`, and `dal` -> expects UPDATED; RETRIEVE it -> expects OK, checks updated attributes.
11	`test_deleteDACunderAE`	DELETE the <DAC> under the <AE> -> expects DELETED.