cedar-py/tests/unit/test_format_policy.py at main · Iamrodos/cedar-py · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
import unittest

from textwrap import dedent

from cedarpy import format_policies, policies_from_json_str, policies_to_json_str

from unit import load_file_as_str

import json

class FormatPolicyTestCase(unittest.TestCase):
    def setUp(self) -> None:
        super().setUp()

    def test_policy_gets_formatted(self):
        input_policy = dedent("""
            permit(
                principal,
                action == Action::"edit",
                resource
            )
            when {
                resource.owner == principal
            };
        """).strip()

        expect_result = dedent("""
            permit (
              principal,
              action == Action::"edit",
              resource
            )
            when { resource.owner == principal };
        """).lstrip()

        actual_result = format_policies(input_policy, indent_width=2)

        self.assertEqual(expect_result, actual_result)

    def test_policy_formatting_error(self):
        input_policy = dedent("""
            invalid(
                principal,
                action == Action::"edit",
                resource
            )
            when {
                resource.owner == principal
            };
        """).strip()

        try:
            format_policies(input_policy, indent_width=2)
            self.fail("should have failed to parse")
        except ValueError as e:
            pass

    def test_policy_to_json(self):
        result: dict = json.loads(policies_to_json_str(load_file_as_str("resources/json/bob_policy1.cedar")))
        expected: dict = json.loads(load_file_as_str("resources/json/bob_policy.json"))
        self.assertEqual(expected, result, msg='expected cedar to be parsed to json correctly')

    def test_policy_from_json(self):
        json_str = load_file_as_str("resources/json/bob_policy.json")
        # this is required as conversion order in rust cedar library is non deterministic so could be one of n! variants
        # good thing bob only has three policies!!!
        expected = [
            load_file_as_str("resources/json/bob_policy1.cedar"),
            load_file_as_str("resources/json/bob_policy2.cedar"),
            load_file_as_str("resources/json/bob_policy3.cedar"),
            load_file_as_str("resources/json/bob_policy4.cedar"),
            load_file_as_str("resources/json/bob_policy5.cedar"),
            load_file_as_str("resources/json/bob_policy6.cedar"),
        ]
        result = format_policies(policies_from_json_str(json_str))
        self.assertIn(result, expected, msg='expected json to be parsed to cedar correctly')