diff options
Diffstat (limited to 'keystonemiddleware/tests/unit/test_access_rules.py')
-rw-r--r-- | keystonemiddleware/tests/unit/test_access_rules.py | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/keystonemiddleware/tests/unit/test_access_rules.py b/keystonemiddleware/tests/unit/test_access_rules.py new file mode 100644 index 0000000..663b806 --- /dev/null +++ b/keystonemiddleware/tests/unit/test_access_rules.py @@ -0,0 +1,54 @@ +# Copyright 2019 SUSE LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from keystonemiddleware.auth_token import _path_matches +from keystonemiddleware.tests.unit import utils + + +class TestAccessRules(utils.BaseTestCase): + + def test_path_matches(self): + good_matches = [ + ('/v2/servers', '/v2/servers'), + ('/v2/servers/123', '/v2/servers/{server_id}'), + ('/v2/servers/123/', '/v2/servers/{server_id}/'), + ('/v2/servers/123', '/v2/servers/*'), + ('/v2/servers/123/', '/v2/servers/*/'), + ('/v2/servers/123', '/v2/servers/**'), + ('/v2/servers/123/', '/v2/servers/**'), + ('/v2/servers/123/456', '/v2/servers/**'), + ('/v2/servers', '**'), + ('/v2/servers/', '**'), + ('/v2/servers/123', '**'), + ('/v2/servers/123/456', '**'), + ('/v2/servers/123/volume/456', '**'), + ('/v2/servers/123/456', '/v2/*/*/*'), + ('/v2/123/servers/466', '/v2/{project_id}/servers/{server_id}'), + ] + for (request, pattern) in good_matches: + self.assertIsNotNone(_path_matches(request, pattern)) + bad_matches = [ + ('/v2/servers/someuuid', '/v2/servers'), + ('/v2/servers//', '/v2/servers/{server_id}'), + ('/v2/servers/123/', '/v2/servers/{server_id}'), + ('/v2/servers/123/456', '/v2/servers/{server_id}'), + ('/v2/servers/123/456', '/v2/servers/*'), + ('/v2/servers', 'v2/servers'), + ('/v2/servers/123/456/789', '/v2/*/*/*'), + ('/v2/servers/123/', '/v2/*/*/*'), + ('/v2/servers/', '/v2/servers/{server_id}'), + ('/v2/servers', '/v2/servers/{server_id}'), + ] + for (request, pattern) in bad_matches: + self.assertIsNone(_path_matches(request, pattern)) |