You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ch...@apache.org on 2016/01/24 17:46:38 UTC
[1/2] qpid-dispatch git commit: Make the built-in config a test
function in policy_local. Add default policy settings.
Repository: qpid-dispatch
Updated Branches:
refs/heads/crolke-DISPATCH-188-1 f4f5d966b -> 6bfd1272d
Make the built-in config a test function in policy_local. Add default policy settings.
Project: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/commit/e84dee4f
Tree: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/tree/e84dee4f
Diff: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/diff/e84dee4f
Branch: refs/heads/crolke-DISPATCH-188-1
Commit: e84dee4f352d747905410674405fb65c299525ce
Parents: f4f5d96
Author: Chuck Rolke <cr...@redhat.com>
Authored: Sun Jan 24 11:23:01 2016 -0500
Committer: Chuck Rolke <cr...@redhat.com>
Committed: Sun Jan 24 11:23:01 2016 -0500
----------------------------------------------------------------------
.../management/policy_local.py | 52 +++++++++++---------
tests/policy-1/test-router-with-policy.json | 14 ++++++
2 files changed, 43 insertions(+), 23 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/e84dee4f/python/qpid_dispatch_internal/management/policy_local.py
----------------------------------------------------------------------
diff --git a/python/qpid_dispatch_internal/management/policy_local.py b/python/qpid_dispatch_internal/management/policy_local.py
index 4716907..dbdb339 100644
--- a/python/qpid_dispatch_internal/management/policy_local.py
+++ b/python/qpid_dispatch_internal/management/policy_local.py
@@ -573,6 +573,25 @@ class PolicyLocal(object):
#pdb.set_trace()
return False
+ def test_load_config(self):
+ ruleset_str = '["policyAccessRuleset", {"applicationName": "photoserver","maxConnections": 50,"maxConnPerUser": 5,"maxConnPerHost": 20,"userGroups": {"anonymous": "anonymous","users": "u1, u2","paidsubscribers": "p1, p2","test": "zeke, ynot","admin": "alice, bob, ellen","superuser": "ellen"},"connectionGroups": {"Ten18": "10.18.0.0-10.18.255.255","EllensWS": "72.135.2.9","TheLabs": "10.48.0.0-10.48.255.255, 192.168.100.0-192.168.100.255","localhost": "127.0.0.1, ::1","TheWorld": "*"},"connectionIngressPolicies": {"anonymous": "TheWorld","users": "TheWorld","paidsubscribers": "TheWorld","test": "TheLabs","admin": "Ten18, TheLabs, localhost","superuser": "EllensWS, localhost"},"connectionAllowDefault": true}]'
+ ruleset = json.loads(ruleset_str)
+
+ self.create_ruleset(ruleset[1])
+
+ settings_strs = []
+ settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"anonymous", "maxFrameSize": 111111,"maxMessageSize": 111111,"maxSessionWindow": 111111,"maxSessions": 1,"maxSenders": 11,"maxReceivers": 11,"allowDynamicSrc": false,"allowAnonymousSender": false,"sources": "public", "targets": ""}]')
+ settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"users", "maxFrameSize": 222222,"maxMessageSize": 222222,"maxSessionWindow": 222222,"maxSessions": 2,"maxSenders": 22,"maxReceivers": 22,"allowDynamicSrc": false,"allowAnonymousSender": false,"sources": "public, private", "targets": "public"}]')
+ settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"paidsubscribers","maxFrameSize": 333333,"maxMessageSize": 333333,"maxSessionWindow": 333333,"maxSessions": 3,"maxSenders": 33,"maxReceivers": 33,"allowDynamicSrc": true, "allowAnonymousSender": false,"sources": "public, private", "targets": "public, private"}]')
+ settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"test", "maxFrameSize": 444444,"maxMessageSize": 444444,"maxSessionWindow": 444444,"maxSessions": 4,"maxSenders": 44,"maxReceivers": 44,"allowDynamicSrc": true, "allowAnonymousSender": true, "sources": "private", "targets": "private"}]')
+ settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"admin", "maxFrameSize": 555555,"maxMessageSize": 555555,"maxSessionWindow": 555555,"maxSessions": 5,"maxSenders": 55,"maxReceivers": 55,"allowDynamicSrc": true, "allowAnonymousSender": true, "sources": "public, private, management", "targets": "public, private, management"}]')
+ settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"superuser", "maxFrameSize": 666666,"maxMessageSize": 666666,"maxSessionWindow": 666666,"maxSessions": 6,"maxSenders": 66,"maxReceivers": 66,"allowDynamicSrc": false,"allowAnonymousSender": false,"sources": "public, private, management, root","targets": "public, private, management, root"}]')
+ settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"default", "maxFrameSize": 222222,"maxMessageSize": 222222,"maxSessionWindow": 222222,"maxSessions": 2,"maxSenders": 22,"maxReceivers": 22,"allowDynamicSrc": false,"allowAnonymousSender": false,"sources": "public, private", "targets": "public"}]')
+
+ for sstr in settings_strs:
+ settings = json.loads(sstr)
+ self.create_settings(settings[1])
+
#
# HACK ALERT: Temporary
@@ -619,13 +638,13 @@ def main_except(argv):
usage = "usage: %prog [options]\nExercise policy_local functions."
parser = optparse.OptionParser(usage=usage)
- parser.set_defaults(folder="../../../tests/policy-1")
+ parser.set_defaults(folder="")
parser.add_option("-f", "--folder", action="store", type="string", dest="folder",
- help="By default all .json files in ../../../tests/policy-1 are loaded."
- " Use '-f /some/path' to load a different folder."
- " Use '-f <blank>' to skip loading any folder and use built-in configuration settings")
- parser.add_option("-d", "--exercise", action="store_true", dest="exercise",
- help="Run canned tests. Expect good results only on built-in or policy-1 settings.")
+ help="Built-in configuration settings are loaded by default or by using an empty folder string."
+ " Use '-f /some/path' to load a config from all .json files in that folder."
+ " Paths may be absolute or relative to policy_local.py.")
+ parser.add_option("-e", "--exercise", action="store_true", dest="exercise",
+ help="Run canned tests. Expect canned tests to work with configs in ../../../tests/policy-1.")
(options, args) = parser.parse_args()
@@ -633,26 +652,13 @@ def main_except(argv):
if options.folder == "":
# Empty folder name uses built-in configuration
- ruleset_str = '["policyAccessRuleset", {"applicationName": "photoserver","maxConnections": 50,"maxConnPerUser": 5,"maxConnPerHost": 20,"userGroups": {"anonymous": "anonymous","users": "u1, u2","paidsubscribers": "p1, p2","test": "zeke, ynot","admin": "alice, bob, ellen","superuser": "ellen"},"connectionGroups": {"Ten18": "10.18.0.0-10.18.255.255","EllensWS": "72.135.2.9","TheLabs": "10.48.0.0-10.48.255.255, 192.168.100.0-192.168.100.255","localhost": "127.0.0.1, ::1","TheWorld": "*"},"connectionIngressPolicies": {"anonymous": "TheWorld","users": "TheWorld","paidsubscribers": "TheWorld","test": "TheLabs","admin": "Ten18, TheLabs, localhost","superuser": "EllensWS, localhost"},"connectionAllowDefault": true}]'
- ruleset = json.loads(ruleset_str)
-
- policy.create_ruleset(ruleset[1])
- print("policy ruleset names: %s" % policy.policy_db_get_names())
-
- settings_strs = []
- settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"anonymous", "maxFrameSize": 111111,"maxMessageSize": 111111,"maxSessionWindow": 111111,"maxSessions": 1,"maxSenders": 11,"maxReceivers": 11,"allowDynamicSrc": false,"allowAnonymousSender": false,"sources": "public", "targets": ""}]')
- settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"users", "maxFrameSize": 222222,"maxMessageSize": 222222,"maxSessionWindow": 222222,"maxSessions": 2,"maxSenders": 22,"maxReceivers": 22,"allowDynamicSrc": false,"allowAnonymousSender": false,"sources": "public, private", "targets": "public"}]')
- settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"paidsubscribers","maxFrameSize": 333333,"maxMessageSize": 333333,"maxSessionWindow": 333333,"maxSessions": 3,"maxSenders": 33,"maxReceivers": 33,"allowDynamicSrc": true, "allowAnonymousSender": false,"sources": "public, private", "targets": "public, private"}]')
- settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"test", "maxFrameSize": 444444,"maxMessageSize": 444444,"maxSessionWindow": 444444,"maxSessions": 4,"maxSenders": 44,"maxReceivers": 44,"allowDynamicSrc": true, "allowAnonymousSender": true, "sources": "private", "targets": "private"}]')
- settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"admin", "maxFrameSize": 555555,"maxMessageSize": 555555,"maxSessionWindow": 555555,"maxSessions": 5,"maxSenders": 55,"maxReceivers": 55,"allowDynamicSrc": true, "allowAnonymousSender": true, "sources": "public, private, management", "targets": "public, private, management"}]')
- settings_strs.append('["policyAppSettings", {"applicationName": "photoserver","userGroupName":"superuser", "maxFrameSize": 666666,"maxMessageSize": 666666,"maxSessionWindow": 666666,"maxSessions": 6,"maxSenders": 66,"maxReceivers": 66,"allowDynamicSrc": false,"allowAnonymousSender": false,"sources": "public, private, management, root","targets": "public, private, management, root"}]')
-
- for sstr in settings_strs:
- settings = json.loads(sstr)
- policy.create_settings(settings[1])
+ policy.test_load_config()
else:
# Load all .json files in given folder
read_files(policy, options.folder)
+
+ print("Policy rulesets available: %s" % policy.policy_db_get_names())
+
if not options.exercise:
return
http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/e84dee4f/tests/policy-1/test-router-with-policy.json
----------------------------------------------------------------------
diff --git a/tests/policy-1/test-router-with-policy.json b/tests/policy-1/test-router-with-policy.json
index 544bb8c..38a6f08 100644
--- a/tests/policy-1/test-router-with-policy.json
+++ b/tests/policy-1/test-router-with-policy.json
@@ -174,5 +174,19 @@
"sources": "public, private, management, root",
"targets": "public, private, management, root"
}
+ ], ["policyAppSettings", {
+ "applicationName": "photoserver",
+ "userGroupName": "users",
+ "maxFrameSize": 222222,
+ "maxMessageSize": 222222,
+ "maxSessionWindow": 222222,
+ "maxSessions": 2,
+ "maxSenders": 22,
+ "maxReceivers": 22,
+ "allowDynamicSrc": false,
+ "allowAnonymousSender": false,
+ "sources": "public, private",
+ "targets": "public"
+ }
]
]
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org
[2/2] qpid-dispatch git commit: Adjust tests to use new lookup scheme.
Posted by ch...@apache.org.
Adjust tests to use new lookup scheme.
Project: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/commit/6bfd1272
Tree: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/tree/6bfd1272
Diff: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/diff/6bfd1272
Branch: refs/heads/crolke-DISPATCH-188-1
Commit: 6bfd1272d7bd7c4ef13aa8db9b84240c59f63e29
Parents: e84dee4
Author: Chuck Rolke <cr...@redhat.com>
Authored: Sun Jan 24 11:46:28 2016 -0500
Committer: Chuck Rolke <cr...@redhat.com>
Committed: Sun Jan 24 11:46:28 2016 -0500
----------------------------------------------------------------------
.../management/policy_local.py | 2 +-
tests/system_tests_policy.py | 45 ++++++++++++--------
2 files changed, 28 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/6bfd1272/python/qpid_dispatch_internal/management/policy_local.py
----------------------------------------------------------------------
diff --git a/python/qpid_dispatch_internal/management/policy_local.py b/python/qpid_dispatch_internal/management/policy_local.py
index dbdb339..6c455a7 100644
--- a/python/qpid_dispatch_internal/management/policy_local.py
+++ b/python/qpid_dispatch_internal/management/policy_local.py
@@ -489,7 +489,7 @@ class PolicyLocal(object):
return True
if not app in self.policydb:
- print("LogMe: no policy defined for application %s" % app)
+ # TODO: ("LogMe: no policy defined for application %s" % app)
policyname.append("")
return False
http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/6bfd1272/tests/system_tests_policy.py
----------------------------------------------------------------------
diff --git a/tests/system_tests_policy.py b/tests/system_tests_policy.py
index fa531e4..be7389f 100644
--- a/tests/system_tests_policy.py
+++ b/tests/system_tests_policy.py
@@ -162,7 +162,8 @@ class PolicyHostAddrTest(TestCase):
class PolicyFile(TestCase):
- policy = PolicyLocal("../../../tests/policy-1")
+ policy = PolicyLocal()
+ policy.test_load_config()
def dict_compare(self, d1, d2):
d1_keys = set(d1.keys())
@@ -175,10 +176,14 @@ class PolicyFile(TestCase):
return len(added) == 0 and len(removed) == 0 and len(modified) == 0
def test_policy1_test_zeke_ok(self):
+ unames = []
+ self.assertTrue(
+ PolicyFile.policy.lookup_user('zeke', '192.168.100.5', 'photoserver', '192.168.100.5:33333', unames)
+ )
upolicy = {}
- self.assertTrue(
- PolicyFile.policy.policy_lookup('192.168.100.5:33333', 'zeke', '192.168.100.5', 'photoserver', upolicy) )
- self.assertTrue(upolicy['policyVersion'] == 1)
+ self.assertTrue(
+ PolicyFile.policy.lookup_settings('photoserver', unames[0], upolicy)
+ )
self.assertTrue(upolicy['maxFrameSize'] == 444444)
self.assertTrue(upolicy['maxMessageSize'] == 444444)
self.assertTrue(upolicy['maxSessionWindow'] == 444444)
@@ -193,33 +198,37 @@ class PolicyFile(TestCase):
self.assertTrue('private' in upolicy['sources'])
def test_policy1_test_zeke_bad_IP(self):
- upolicy = {}
+ unames = []
self.assertFalse(
- PolicyFile.policy.policy_lookup('192.168.100.5:33333', 'zeke', '10.18.0.1', 'photoserver', upolicy) )
+ PolicyFile.policy.lookup_user('zeke', '10.18.0.1', 'photoserver', "connid", unames) )
self.assertFalse(
- PolicyFile.policy.policy_lookup('192.168.100.5:33333', 'zeke', '72.135.2.9', 'photoserver', upolicy) )
+ PolicyFile.policy.lookup_user('zeke', '72.135.2.9', 'photoserver', "connid", unames) )
self.assertFalse(
- PolicyFile.policy.policy_lookup('192.168.100.5:33333', 'zeke', '127.0.0.1', 'photoserver', upolicy) )
+ PolicyFile.policy.lookup_user('zeke', '127.0.0.1', 'photoserver', "connid", unames) )
def test_policy1_test_zeke_bad_app(self):
- upolicy = {}
+ unames = []
self.assertFalse(
- PolicyFile.policy.policy_lookup('192.168.100.5:33333', 'zeke', '192.168.100.5','galleria', upolicy) )
+ PolicyFile.policy.lookup_user('zeke', '192.168.100.5','galleria', "connid", unames) )
def test_policy1_test_users_same_permissions(self):
- zpolicy = {}
+ znames = []
self.assertTrue(
- PolicyFile.policy.policy_lookup('192.168.100.5:33333', 'zeke', '192.168.100.5', 'photoserver', zpolicy) )
- ypolicy = {}
+ PolicyFile.policy.lookup_user('zeke', '192.168.100.5', 'photoserver', '192.168.100.5:33333', znames) )
+ ynames = []
self.assertTrue(
- PolicyFile.policy.policy_lookup('192.168.100.5:33334', 'ynot', '10.48.255.254', 'photoserver', ypolicy) )
- self.assertTrue( self.dict_compare(zpolicy, ypolicy) )
+ PolicyFile.policy.lookup_user('ynot', '10.48.255.254', 'photoserver', '192.168.100.5:33334', ynames) )
+ self.assertTrue( znames[0] == ynames[0] )
def test_policy1_superuser_aggregation(self):
+ unames = []
+ self.assertTrue(
+ PolicyFile.policy.lookup_user('ellen', '72.135.2.9', 'photoserver', '75.135.2.9:33333', unames)
+ )
upolicy = {}
- self.assertTrue(
- PolicyFile.policy.policy_lookup('192.168.100.5:33335', 'ellen', '72.135.2.9', 'photoserver', upolicy) )
- self.assertTrue(upolicy['policyVersion'] == 1)
+ self.assertTrue(
+ PolicyFile.policy.lookup_settings('photoserver', unames[0], upolicy)
+ )
self.assertTrue(upolicy['maxFrameSize'] == 666666)
self.assertTrue(upolicy['maxMessageSize'] == 666666)
self.assertTrue(upolicy['maxSessionWindow'] == 666666)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org