Skip to content

Commit

Permalink
DSS0210,A2-7-2,7 OIR
Browse files Browse the repository at this point in the history
  • Loading branch information
Shastick committed Mar 19, 2024
1 parent 46c020a commit a2dbc13
Show file tree
Hide file tree
Showing 5 changed files with 741 additions and 4 deletions.
2 changes: 1 addition & 1 deletion monitoring/prober/infrastructure.py
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ def wrapper_default_scope(*args, **kwargs):
resource_type_code_descriptions: Dict[ResourceType, str] = {}


# Next code: 381
# Next code: 382
def register_resource_type(code: int, description: str) -> ResourceType:
"""Register that the specified code refers to the described resource.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,138 @@ it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../require
If the DSS does not allow searching for subscriptions when valid credentials are presented,
it is in violation of **[astm.f3548.v21.DSS0005,5](../../../../../requirements/astm/f3548/v21.md)**.

### Operational intents endpoints authentication test step

#### 🛑 Unauthorized requests return the proper error message body check

If the DSS under test does not return a proper error message body when an unauthorized request is received,
it fails to properly implement the OpenAPI specification that is part of **[astm.f3548.v21.DSS0005,1](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Create operational intent reference with missing credentials check

If the DSS under test allows the creation of an operational intent without any credentials being presented,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Create operational intent reference with invalid credentials check

If the DSS under test allows the creation of an operational intent with credentials that are well-formed but invalid,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Create operational intent reference with missing scope check

If the DSS under test allows the creation of an operational intent with valid credentials but a missing scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Create operational intent reference with incorrect scope check

If the DSS under test allows the creation of an operational intent with valid credentials but an incorrect scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Create operational intent reference with valid credentials check

If the DSS does not allow the creation of an operational intent when valid credentials are presented,
it is in violation of **[astm.f3548.v21.DSS0005,1](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Get operational intent reference with missing credentials check

If the DSS under test allows the fetching of an operational intent without any credentials being presented,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Get operational intent reference with invalid credentials check

If the DSS under test allows the fetching of an operational intent with credentials that are well-formed but invalid,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Get operational intent reference with missing scope check

If the DSS under test allows the fetching of an operational intent with valid credentials but a missing scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Get operational intent reference with incorrect scope check

If the DSS under test allows the fetching of an operational intent with valid credentials but an incorrect scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Get operational intent reference with valid credentials check

If the DSS does not allow fetching an operational intent when valid credentials are presented,
it is in violation of **[astm.f3548.v21.DSS0005,1](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Mutate operational intent reference with missing credentials check

If the DSS under test allows the mutation of an operational intent without any credentials being presented,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Mutate operational intent reference with invalid credentials check

If the DSS under test allows the mutation of an operational intent with credentials that are well-formed but invalid,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Mutate operational intent reference with missing scope check

If the DSS under test allows the mutation of an operational intent with valid credentials but a missing scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Mutate operational intent reference with incorrect scope check

If the DSS under test allows the mutation of an operational intent with valid credentials but an incorrect scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Mutate operational intent reference with valid credentials check

If the DSS does not allow the mutation of an operational intent when valid credentials are presented,
it is in violation of **[astm.f3548.v21.DSS0005,1](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Delete operational intent reference with missing credentials check

If the DSS under test allows the deletion of an operational intent without any credentials being presented,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Delete operational intent reference with invalid credentials check

If the DSS under test allows the deletion of an operational intent with credentials that are well-formed but invalid,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Delete operational intent reference with missing scope check

If the DSS under test allows the deletion of an operational intent with valid credentials but a missing scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Delete operational intent reference with incorrect scope check

If the DSS under test allows the deletion of an operational intent with valid credentials but an incorrect scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Delete operational intent reference with valid credentials check

If the DSS does not allow the deletion of an operational intent when valid credentials are presented,
it is in violation of **[astm.f3548.v21.DSS0005,1](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Search operational intent references with missing credentials check

If the DSS under test allows searching for operational intents without any credentials being presented,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Search operational intent references with invalid credentials check

If the DSS under test allows searching for operational intents with credentials that are well-formed but invalid,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Search operational intent references with missing scope check

If the DSS under test allows searching for operational intents with valid credentials but a missing scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Search operational intent references with incorrect scope check

If the DSS under test allows searching for operational intents with valid credentials but an incorrect scope,
it is in violation of **[astm.f3548.v21.DSS0210,A2-7-2,7](../../../../../requirements/astm/f3548/v21.md)**.

#### 🛑 Search operational intent references with valid credentials check

If the DSS does not allow searching for operational intents when valid credentials are presented,
it is in violation of **[astm.f3548.v21.DSS0005,1](../../../../../requirements/astm/f3548/v21.md)**.

## [Cleanup](../clean_workspace.md)

The cleanup phase of this test scenario removes the subscription with the known test ID if it has not been removed before.
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
)

from monitoring.monitorlib.auth import InvalidTokenSignatureAuth
from monitoring.monitorlib.fetch import QueryError
from monitoring.monitorlib.geotemporal import Volume4D
from monitoring.monitorlib.infrastructure import UTMClientSession
from monitoring.prober.infrastructure import register_resource_type
Expand All @@ -18,6 +19,9 @@
from monitoring.uss_qualifier.scenarios.astm.utm.dss.authentication.generic import (
GenericAuthValidator,
)
from monitoring.uss_qualifier.scenarios.astm.utm.dss.authentication.oir_api_validator import (
OperationalIntentRefAuthValidator,
)
from monitoring.uss_qualifier.scenarios.astm.utm.dss.authentication.sub_api_validator import (
SubscriptionAuthValidator,
)
Expand All @@ -37,7 +41,7 @@ class AuthenticationValidation(TestScenario):
"""

SUB_TYPE = register_resource_type(
380, "Subscription, Operational Entity Id, Constraint"
381, "Subscription, Operational Entity Id, Constraint"
)

# Reuse the same ID for every type of entity.
Expand Down Expand Up @@ -132,6 +136,19 @@ def __init__(
test_missing_scope=self._test_missing_scope,
)

self._oir_validator = OperationalIntentRefAuthValidator(
scenario=self,
generic_validator=generic_validator,
dss=self._dss,
test_id=self._test_id,
planning_area=self._planning_area,
planning_area_volume4d=self._planning_area_volume4d,
no_auth_session=self._no_auth_session,
invalid_token_session=self._invalid_token_session,
test_wrong_scope=self._wrong_scope,
test_missing_scope=self._test_missing_scope,
)

def run(self, context: ExecutionContext):
self.begin_test_scenario(context)
self._setup_case()
Expand All @@ -152,8 +169,15 @@ def run(self, context: ExecutionContext):

self.begin_test_step("Subscription endpoints authentication")
self._sub_validator.verify_sub_endpoints_authentication()

self.end_test_step()

self.begin_test_step("Operational intents endpoints authentication")
self._oir_validator.verify_oir_endpoints_authentication()
self.end_test_step()

# TODO consider adding test cases for:
# - valid credentials without the required scopes
self.end_test_case()
self.end_test_scenario()

Expand All @@ -173,6 +197,44 @@ def _ensure_clean_workspace_step(self):
self.end_test_step()

def _ensure_test_entities_dont_exist(self):

# Drop OIR's first: subscriptions may be tied to them and can't be deleted
# as long as they exist
# TODO cleanly move this into the test fragments once most of the open PRs are merged
with self.check(
"Operational intent references can be queried by ID", self._pid
) as check:
try:
oir, q = self._dss.get_op_intent_reference(self._test_id)
self.record_query(q)
except QueryError as qe:
self.record_queries(qe.queries)
if qe.queries[0].response.status_code == 404:
return # All is good
else:
query = qe.queries[0]
check.record_failed(
summary=f"Could not query OIR {self._test_id}",
details=f"When attempting to query OIR {self._test_id} from the DSS, received {query.response.status_code}: {qe.msg}",
query_timestamps=[query.request.timestamp],
)

with self.check(
"Operational intent references can be deleted by their owner", self._pid
):
try:
oir, subs, q = self._dss.delete_op_intent(oir.id, oir.ovn)
self.record_query(q)
except QueryError as qe:
self.record_queries(qe.queries)
query = qe.queries[0]
check.record_failed(
summary=f"Could not remove op intent reference {self._test_id}",
details=f"When attempting to remove op intent reference {self._test_id} from the DSS, received {query.status_code}: {qe.msg}",
query_timestamps=[query.request.timestamp],
)
self._dss.delete_op_intent(oir.id, oir.ovn)

test_step_fragments.cleanup_sub(self, self._dss, self._test_id)

def _ensure_no_active_subs_exist(self):
Expand Down
Loading

0 comments on commit a2dbc13

Please sign in to comment.