Update test script for ABAC.

acs/management/commands/test-abac.py

@@ -25,10 +25,11 @@ from django.core.management.base import BaseCommand, CommandError
 from django.db import transaction
 from django.contrib.auth.models import User
 
-from attribute_aggregator.xacml_constants import *
-from attribute_aggregator.models import AttributeSource, LdapSource, \
+from acs.attribute_aggregator.xacml_constants import *
+from acs.attribute_aggregator.models import AttributeSource, LdapSource, \
     AttributeData
-from attribute_aggregator.core import set_user_alias_in_source
+from acs.attribute_aggregator.core import set_user_alias_in_source, \
+    load_or_create_user_profile
 
 from acs.abac.models import *
 from acs.abac.core import check_predicates, \
@@ -93,30 +94,25 @@ class Command(BaseCommand):
             rule.save()
 
             adef_sn1 = AssertionDefinition(definition='surname')
-            adef_sn1.save()
             adef_sn1.add_source(s1)
             print "AssertionDefinition: %s" % adef_sn1
             adef_sn2 = AssertionDefinition(definition='surname')
-            adef_sn2.save()
             adef_sn2.add_source(s4)
             print "AssertionDefinition: %s" % adef_sn2
 
-            p1 = PredicateRequired(assertion_definition=adef_sn1,
-                rule=rule)
-            p1.save()
+            p1 = PredicateRequired(assertion_definition=adef_sn1)
+            rule.add_predicate(p1)
             print "PredicateRequired: %s" % p1
-            p2 = PredicateRequired(assertion_definition=adef_sn2,
-                rule=rule)
-            p2.save()
+            p2 = PredicateRequired(assertion_definition=adef_sn2)
+            rule.add_predicate(p2)
             print "PredicateRequired: %s" % p2
 
             p3 = PredicateComparison(operand1=adef_sn1, operand2=adef_sn2,
                 comparison_type=ACS_XACML_COMPARISON_EQUALITY_STRING_IGN_CASE,
-                multivalues='EQUAL_OP1_SUBSET_OP2', rule=rule)
-            p3.save()
+                multivalues='EQUAL_OP1_SUBSET_OP2')
+            rule.add_predicate(p3)
 
             adef_age1 = AssertionDefinition(definition='age')
-            adef_age1.save()
             adef_age1.add_source(s1)
             print "AssertionDefinition: %s" % adef_sn1
 
@@ -124,28 +120,24 @@ class Command(BaseCommand):
             print "AttributeData: %s" % val18.__unicode__()
             val18_d = AssertionData()
             val18_d.set_attribute_data(val18)
-            val18_d.save()
             print "AssertionData: %s" % val18_d
 
             p4 = PredicateComparison(operand1=adef_age1, operand2=val18_d,
                 comparison_type=ACS_XACML_COMPARISON_INTEGER_GRT_OE,
-                operand1_single_value=True, operand2_single_value=True,
-                rule=rule)
-            p4.save()
+                operand1_single_value=True, operand2_single_value=True)
+            rule.add_predicate(p4)
 
-            adef_fn1 = AssertionDefinition(definition='firstname')
-            adef_fn1.save()
+            adef_fn1 = AssertionDefinition(definition='gn')
             adef_fn1.add_source(s1)
             print "AssertionDefinition: %s" % adef_fn1
-            adef_fn2 = AssertionDefinition(definition='firstname')
-            adef_fn2.save()
+            adef_fn2 = AssertionDefinition(definition='gn')
             adef_fn2.add_source(s2)
             print "AssertionDefinition: %s" % adef_fn2
 
             p5 = PredicateComparison(operand1=adef_fn1, operand2=adef_fn2,
                 comparison_type=ACS_XACML_COMPARISON_EQUALITY_STRING_IGN_CASE,
-                multivalues='EQUAL_EXACT_MATCH', rule=rule)
-            p5.save()
+                multivalues='EQUAL_EXACT_MATCH')
+            rule.add_predicate(p5)
 
             print '--> Create a user'
             rdm_str = ''.join(random.choice(string.ascii_uppercase + \
@@ -218,21 +210,21 @@ class Command(BaseCommand):
             print '<--\n'
 
             print '--> Create one predicateRole'
-            p16 = PredicateRole(role=role_2, rule=rule)
-            p16.save()
-            print "Predicate role 16 %s, id: %s" % (p16, p16.id)
+            p6 = PredicateRole(role=role_2)
+            print "Predicate role 16 %s" % (p6)
+            rule.add_predicate(p6)
 
             '''
                 Set ABAC Rule
             '''
-            str_rule = "%s&%s&%s&%s&%s&%s" % (p1.id, p2.id, p3.id, p4.id, p5.id, p16.id)
+            str_rule = "1&2&3&4&5&6"
             #TODO: set_rule (strip space!)
             rule.expression=str_rule
             rule.save()
 
             '''
                 r1 -- user
-                  \_ r2 
+                  \_ r2
                 v1 -- o1
                   \_ v2 -- o2
                 A1 -- a1
@@ -342,7 +334,7 @@ class Command(BaseCommand):
             attr = {}
             attr['name'] = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth'
             attr['namespace'] = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims'
-            attr['values'] = ('19', )
+            attr['values'] = ('18', )
             data.append(attr)
             attributes['IdP1'] = data
 
@@ -354,6 +346,14 @@ class Command(BaseCommand):
             data.append(attr)
             attributes['IdP2'] = data
 
+            profile = load_or_create_user_profile(user=user)
+            print '--> The profile is %s' % profile
+            print '<--\n'
+
+            profile.load_by_dic(attributes)
+            print '--> The profile is %s' % profile
+            print '<--\n'
+
             decision, msg, error = \
                 is_authorized_by_names_with_abac(requestor_name=user.username,
                 who_name=user.username,