3 # © Copyright 2021-2022, Scott Gasch
10 from pyutils import unittest_utils # Needed for --unittests_ignore_perf flag
11 from pyutils.security import acl
14 class TestSimpleACL(unittest.TestCase):
15 def test_set_based_acl(self):
16 even = acl.SetBasedACL(
17 allow_set=set([2, 4, 6, 8, 10]),
18 deny_set=set([1, 3, 5, 7, 9]),
19 order_to_check_allow_deny=acl.Order.ALLOW_DENY,
22 self.assertTrue(even(2))
23 self.assertFalse(even(3))
24 self.assertFalse(even(-4))
26 def test_wildcard_based_acl(self):
27 a_or_b = acl.StringWildcardBasedACL(
28 allowed_patterns=['a*', 'b*'],
29 order_to_check_allow_deny=acl.Order.ALLOW_DENY,
32 self.assertTrue(a_or_b('aardvark'))
33 self.assertTrue(a_or_b('baboon'))
34 self.assertFalse(a_or_b('cheetah'))
36 def test_re_based_acl(self):
37 weird = acl.StringREBasedACL(
38 denied_regexs=[re.compile('^a.*a$'), re.compile('^b.*b$')],
39 order_to_check_allow_deny=acl.Order.DENY_ALLOW,
42 self.assertTrue(weird('aardvark'))
43 self.assertFalse(weird('anaconda'))
44 self.assertFalse(weird('blackneb'))
45 self.assertTrue(weird('crow'))
47 def test_compound_acls_disjunction(self):
48 a_b_c = acl.StringWildcardBasedACL(
49 allowed_patterns=['a*', 'b*', 'c*'],
50 order_to_check_allow_deny=acl.Order.ALLOW_DENY,
53 c_d_e = acl.StringWildcardBasedACL(
54 allowed_patterns=['c*', 'd*', 'e*'],
55 order_to_check_allow_deny=acl.Order.ALLOW_DENY,
58 disjunction = acl.AnyCompoundACL(
59 subacls=[a_b_c, c_d_e],
60 order_to_check_allow_deny=acl.Order.ALLOW_DENY,
63 self.assertTrue(disjunction('aardvark'))
64 self.assertTrue(disjunction('caribou'))
65 self.assertTrue(disjunction('eagle'))
66 self.assertFalse(disjunction('newt'))
68 def test_compound_acls_conjunction(self):
69 a_b_c = acl.StringWildcardBasedACL(
70 allowed_patterns=['a*', 'b*', 'c*'],
71 order_to_check_allow_deny=acl.Order.ALLOW_DENY,
74 c_d_e = acl.StringWildcardBasedACL(
75 allowed_patterns=['c*', 'd*', 'e*'],
76 order_to_check_allow_deny=acl.Order.ALLOW_DENY,
79 conjunction = acl.AllCompoundACL(
80 subacls=[a_b_c, c_d_e],
81 order_to_check_allow_deny=acl.Order.ALLOW_DENY,
84 self.assertFalse(conjunction('aardvark'))
85 self.assertTrue(conjunction('caribou'))
86 self.assertTrue(conjunction('condor'))
87 self.assertFalse(conjunction('eagle'))
88 self.assertFalse(conjunction('newt'))
91 if __name__ == '__main__':