diff --git a/pyracf/__init__.py b/pyracf/__init__.py index 7c686b12..9254e04e 100644 --- a/pyracf/__init__.py +++ b/pyracf/__init__.py @@ -2,9 +2,9 @@ from .access.access_admin import AccessAdmin from .common.add_operation_error import AddOperationError from .common.alter_operation_error import AlterOperationError -from .common.invalid_segment_name_error import InvalidSegmentNameError -from .common.invalid_segment_trait_error import InvalidSegmentTraitError from .common.security_request_error import SecurityRequestError +from .common.segment_error import SegmentError +from .common.segment_trait_error import SegmentTraitError from .connection.connection_admin import ConnectionAdmin from .data_set.data_set_admin import DataSetAdmin from .group.group_admin import GroupAdmin diff --git a/pyracf/common/add_operation_error.py b/pyracf/common/add_operation_error.py index 57d7db15..4d1a1f4f 100644 --- a/pyracf/common/add_operation_error.py +++ b/pyracf/common/add_operation_error.py @@ -3,21 +3,21 @@ class AddOperationError(Exception): """ - Raised when a profile passed into an Add is successfully extracted. + Raised when a profile cannot be added because it already exists. """ def __init__(self, profile_name: str, class_name: str) -> None: self.message = "Security request made to IRRSMO00 failed." - admin_types = ["USER", "GROUP", "DATASET"] + admin_types = ["user", "group", "dataSet"] if class_name not in admin_types: self.message += ( "\n\nTarget profile " - + f"'{profile_name}' already exists as a profile in the {class_name} class." + + f"'{profile_name}' already exists as a profile in the '{class_name}' class." ) else: self.message += ( "\n\nTarget profile " - + f"'{profile_name}' already exists as a {class_name} profile." + + f"'{profile_name}' already exists as a '{class_name}' profile." ) def __str__(self) -> str: diff --git a/pyracf/common/alter_operation_error.py b/pyracf/common/alter_operation_error.py index 6f046938..67495833 100644 --- a/pyracf/common/alter_operation_error.py +++ b/pyracf/common/alter_operation_error.py @@ -3,21 +3,21 @@ class AlterOperationError(Exception): """ - Raised when a profile passed into an Alter is not successfully extracted. + Raised when a profile cannot be altered because it does not exist. """ def __init__(self, profile_name: str, class_name: str) -> None: self.message = "Security request made to IRRSMO00 failed." - admin_types = ["USER", "GROUP", "DATASET"] + admin_types = ["user", "group", "dataSet"] if class_name not in admin_types: self.message += ( "\n\nTarget profile " - + f"'{profile_name}' does not exist as a profile in the {class_name} class." + + f"'{profile_name}' does not exist as a profile in the '{class_name}' class." ) else: self.message += ( "\n\nTarget profile " - + f"'{profile_name}' does not exist as a {class_name} profile." + + f"'{profile_name}' does not exist as a '{class_name}' profile." ) def __str__(self) -> str: diff --git a/pyracf/common/invalid_segment_name_error.py b/pyracf/common/invalid_segment_name_error.py deleted file mode 100644 index e8d08e69..00000000 --- a/pyracf/common/invalid_segment_name_error.py +++ /dev/null @@ -1,18 +0,0 @@ -"""Exception to use when the user passes invalid segment name(s) on an extract request.""" - - -class InvalidSegmentNameError(Exception): - """ - Raised when a user passes an invalid segment name on an extract request. - """ - - def __init__(self, invalid_segments: list) -> None: - self.message = "Building of Security Request failed.\n\n" - for segment in invalid_segments: - self.message += ( - "Could not find " - + f"'{segment}' in valid segments for the requested operation.\n" - ) - - def __str__(self) -> str: - return self.message diff --git a/pyracf/common/invalid_segment_trait_error.py b/pyracf/common/invalid_segment_trait_error.py deleted file mode 100644 index be9d92ba..00000000 --- a/pyracf/common/invalid_segment_trait_error.py +++ /dev/null @@ -1,18 +0,0 @@ -"""Exception to use when the user passes invalid segment-trait(s) in the traits dictionary.""" - - -class InvalidSegmentTraitError(Exception): - """ - Raised when a user passes an invalid segment-trait combination in the traits dictionary. - """ - - def __init__(self, invalid_traits: list) -> None: - self.message = "Building of Security Request failed.\n\n" - for trait in invalid_traits: - self.message += ( - "Could not find " - + f"'{trait}' in valid segment traits for the requested operation.\n" - ) - - def __str__(self) -> str: - return self.message diff --git a/pyracf/common/security_admin.py b/pyracf/common/security_admin.py index cdc7a13b..8ff40445 100644 --- a/pyracf/common/security_admin.py +++ b/pyracf/common/security_admin.py @@ -5,13 +5,13 @@ from datetime import datetime from typing import Any, List, Tuple, Union -from .invalid_segment_name_error import InvalidSegmentNameError -from .invalid_segment_trait_error import InvalidSegmentTraitError from .irrsmo00 import IRRSMO00 from .logger import Logger from .security_request import SecurityRequest from .security_request_error import SecurityRequestError from .security_result import SecurityResult +from .segment_error import SegmentError +from .segment_trait_error import SegmentTraitError class SecurityAdmin: @@ -66,7 +66,7 @@ def __init__( "base:passphrase": "racf:phrase", } self.__irrsmo00 = IRRSMO00() - self.__profile_type = profile_type + self._profile_type = profile_type self._segment_traits = {} # used to preserve segment traits for debug logging. self.__preserved_segment_traits = {} @@ -262,21 +262,20 @@ def __validate_and_add_trait( def _build_bool_segment_dictionaries(self, segments: List[str]) -> None: """Build segment dictionaries for profile extract.""" - invalid_segments = [] + bad_segments = [] for segment in segments: if segment in self._valid_segment_traits: self._segment_traits[segment] = True else: - invalid_segments.append(segment) - - if invalid_segments: - raise InvalidSegmentNameError(invalid_segments) + bad_segments.append(segment) + if bad_segments: + raise SegmentError(bad_segments, self._profile_type) # preserve segment traits for debug logging. self.__preserved_segment_traits = self._segment_traits def _build_segment_dictionaries(self, traits: dict) -> None: """Build segemnt dictionaries for each segment.""" - invalid_traits = [] + bad_traits = [] for trait in traits: trait_valid = False for segment in self._valid_segment_traits: @@ -286,10 +285,9 @@ def _build_segment_dictionaries(self, traits: dict) -> None: if trait_valid: break if not trait_valid: - invalid_traits.append(trait) - - if invalid_traits: - raise InvalidSegmentTraitError(invalid_traits) + bad_traits.append(trait) + if bad_traits: + raise SegmentTraitError(bad_traits, self._profile_type) # preserve segment traits for debug logging. self.__preserved_segment_traits = self._segment_traits @@ -325,7 +323,7 @@ def _get_profile( if self._generate_requests_only: # Allows this function to work with "self._generate_requests_only" mode. return result - return result["securityResult"][self.__profile_type]["commands"][0]["profiles"][ + return result["securityResult"][self._profile_type]["commands"][0]["profiles"][ index ] @@ -373,15 +371,15 @@ def _format_profile_generic(self, messages: str) -> None: current_segment = messages[i].split()[0].lower() profile[current_segment] = {} i += 2 - if self.__profile_type in ("dataSet", "resource"): + if self._profile_type in ("dataSet", "resource"): i = self.__format_data_set_generic_profile_data( messages, profile, current_segment, i ) - if self.__profile_type == "user": + if self._profile_type == "user": i = self.__format_user_profile_data( messages, profile, current_segment, i ) - if self.__profile_type == "group": + if self._profile_type == "group": i = self.__format_group_profile_data( messages, profile, current_segment, i ) diff --git a/pyracf/common/security_request_error.py b/pyracf/common/security_request_error.py index 97e61b7a..6a20bbeb 100644 --- a/pyracf/common/security_request_error.py +++ b/pyracf/common/security_request_error.py @@ -18,14 +18,16 @@ def __init__(self, result: dict) -> None: def __str__(self) -> str: return self.message - def scan_for_error(self, security_definition_tag: str, error_id: str): + def contains_error_message( + self, security_definition_tag: str, error_message_id: str + ): commands = self.result["securityResult"][security_definition_tag].get( "commands" ) if not isinstance(commands, list): return False messages = commands[0].get("messages", []) - if error_id in "".join(messages): + if error_message_id in "".join(messages): return True else: return False diff --git a/pyracf/common/segment_error.py b/pyracf/common/segment_error.py new file mode 100644 index 00000000..4c2a11e3 --- /dev/null +++ b/pyracf/common/segment_error.py @@ -0,0 +1,17 @@ +"""Exception to use when the user passes bad segment name(s) on an extract request.""" + + +class SegmentError(Exception): + """ + Raised when a user passes a bad segment name on an extract request. + """ + + def __init__(self, invalid_segments: list, profile_type: str) -> None: + self.message = "Unable to build Security Request.\n\n" + for segment in invalid_segments: + self.message += ( + f"'{segment}' is not a valid segment for '{profile_type}'.\n" + ) + + def __str__(self) -> str: + return self.message diff --git a/pyracf/common/segment_trait_error.py b/pyracf/common/segment_trait_error.py new file mode 100644 index 00000000..23d713e6 --- /dev/null +++ b/pyracf/common/segment_trait_error.py @@ -0,0 +1,16 @@ +"""Exception to use when the user passes bad segment-trait name(s) on an add/alter request.""" + + +class SegmentTraitError(Exception): + """ + Raised when a user passes an invalid segment-trait combination in the traits dictionary. + """ + + def __init__(self, invalid_traits: list, profile_type: str) -> None: + self.message = "Unable to build Security Request.\n\n" + for trait in invalid_traits: + self.message += f"'{trait}' is not a valid segment-trait " + self.message += f"combination for '{profile_type}'.\n" + + def __str__(self) -> str: + return self.message diff --git a/pyracf/data_set/data_set_admin.py b/pyracf/data_set/data_set_admin.py index 1610617e..b5ab7eec 100644 --- a/pyracf/data_set/data_set_admin.py +++ b/pyracf/data_set/data_set_admin.py @@ -113,13 +113,13 @@ def add( try: self.extract(data_set, volume=volume, generic=generic) except SecurityRequestError as exception: - if not exception.scan_for_error("dataSet", "ICH35003I"): + if not exception.contains_error_message(self._profile_type, "ICH35003I"): raise exception self._build_segment_dictionaries(traits) data_set_request = DataSetRequest(data_set, "set", volume, generic) self._build_xml_segments(data_set_request) return self._make_request(data_set_request) - raise AddOperationError(data_set, "DATASET") + raise AddOperationError(data_set, self._profile_type) def alter( self, @@ -131,7 +131,7 @@ def alter( try: self.extract(data_set) except SecurityRequestError: - raise AlterOperationError(data_set, "DATASET") + raise AlterOperationError(data_set, self._profile_type) """Alter an existing data set profile.""" self._build_segment_dictionaries(traits) data_set_request = DataSetRequest(data_set, "set", volume, generic) diff --git a/pyracf/group/group_admin.py b/pyracf/group/group_admin.py index fde464f3..f144ce7f 100644 --- a/pyracf/group/group_admin.py +++ b/pyracf/group/group_admin.py @@ -130,20 +130,20 @@ def add(self, group: str, traits: dict = {}) -> Union[dict, bytes]: try: self.extract(group) except SecurityRequestError as exception: - if not exception.scan_for_error("group", "ICH51003I"): + if not exception.contains_error_message(self._profile_type, "ICH51003I"): raise exception self._build_segment_dictionaries(traits) group_request = GroupRequest(group, "set") self._build_xml_segments(group_request) return self._make_request(group_request) - raise AddOperationError(group, "GROUP") + raise AddOperationError(group, self._profile_type) def alter(self, group: str, traits: dict) -> Union[dict, bytes]: """Alter an existing group.""" try: self.extract(group) except SecurityRequestError: - raise AlterOperationError(group, "GROUP") + raise AlterOperationError(group, self._profile_type) self._build_segment_dictionaries(traits) group_request = GroupRequest(group, "set") self._build_xml_segments(group_request, alter=True) diff --git a/pyracf/resource/resource_admin.py b/pyracf/resource/resource_admin.py index 59c388da..619ca26e 100644 --- a/pyracf/resource/resource_admin.py +++ b/pyracf/resource/resource_admin.py @@ -231,7 +231,7 @@ def add( try: self.extract(resource, class_name) except SecurityRequestError as exception: - if not exception.scan_for_error("resource", "ICH13003I"): + if not exception.contains_error_message(self._profile_type, "ICH13003I"): raise exception self._build_segment_dictionaries(traits) profile_request = ResourceRequest(resource, class_name, "set") diff --git a/pyracf/setropts/setropts_admin.py b/pyracf/setropts/setropts_admin.py index 92bc7f68..19597907 100644 --- a/pyracf/setropts/setropts_admin.py +++ b/pyracf/setropts/setropts_admin.py @@ -51,8 +51,8 @@ def __init__( "base:list": "racf:list", "base:audit_log_always_classes": "racf:logalwys", "base:audit_log_default_classes": "racf:logdeflt", - "base:audit_log_failure_classesses": "racf:logfail", - "base:audit_log_never_classesse": "racf:lognever", + "base:audit_log_failure_classes": "racf:logfail", + "base:audit_log_never_classes": "racf:lognever", "base:audit_log_success_classes": "racf:logsucc", "base:min_password_change_interval": "racf:minchang", "base:mixed_case_password_support": "racf:mixdcase", @@ -124,7 +124,7 @@ def get_password_rules(self) -> Union[dict, bytes]: # ============================================================================ # Raclist Refresh # ============================================================================ - def refresh_raclist(self, class_names: Union[List[str], str]) -> Union[dict, bytes]: + def refresh_raclist(self, class_names: Union[str, List[str]]) -> Union[dict, bytes]: """Refresh raclist.""" result = self.alter(options={"base:raclist": class_names, "base:refresh": True}) return self._to_steps(result) @@ -148,14 +148,14 @@ def get_class_attributes(self, class_name: str) -> Union[list, bytes]: # Audit Classes # ============================================================================ def add_audit_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """Add class(es) to list of classes that RACF performs auditing for.""" result = self.alter(options={"base:audit_classes": class_names}) return self._to_steps(result) def remove_audit_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """Remove class(es) from the list of classes that RACF performs auditing for.""" result = self.alter(options={"delete:base:audit_classes": class_names}) @@ -165,7 +165,7 @@ def remove_audit_classes( # Active Classes # ============================================================================ def add_active_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """ Add class(es) to the list of classes that RACF performs access authorization checking for. @@ -174,7 +174,7 @@ def add_active_classes( return self._to_steps(result) def remove_active_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """ Remove class(es) from the list of classes that @@ -187,14 +187,14 @@ def remove_active_classes( # Statistics Classes # ============================================================================ def add_statistics_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """Add class(es) to the list of classes that RACF collects statistics for.""" result = self.alter(options={"base:statistics_classes": class_names}) return self._to_steps(result) def remove_statistics_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """Remove class(es) from the list of classes that RACF collects statistics for.""" result = self.alter(options={"delete:base:statistics_classes": class_names}) @@ -204,7 +204,7 @@ def remove_statistics_classes( # Generic Command Processing Classes # ============================================================================ def add_generic_command_processing_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """ Add class(es) to the list of classes that have @@ -214,7 +214,7 @@ def add_generic_command_processing_classes( return self._to_steps(result) def remove_generic_command_processing_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """ Remove class(es) from the list of classes that @@ -229,7 +229,7 @@ def remove_generic_command_processing_classes( # Generic Profile Checking Classes # ============================================================================ def add_generic_profile_checking_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """Add class(es) to the list of classes that have generic profile checking enabled.""" result = self.alter( @@ -238,7 +238,7 @@ def add_generic_profile_checking_classes( return self._to_steps(result) def remove_generic_profile_checking_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """Remove class(es) from the list of classes that have generic profile checking enabled.""" result = self.alter( @@ -250,7 +250,7 @@ def remove_generic_profile_checking_classes( # Generic Profile Sharing Classes # ============================================================================ def add_generic_profile_sharing_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """ Add class(es) to the list of classes that are eligible for @@ -262,7 +262,7 @@ def add_generic_profile_sharing_classes( return self._to_steps(result) def remove_generic_profile_sharing_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """ Remove class(es) from the list of classes that are eligible @@ -277,13 +277,13 @@ def remove_generic_profile_sharing_classes( # Global Access Classes # ============================================================================ def add_global_access_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """Add class(es) to the list of classes eligible for global access checking.""" return self.alter(options={"base:global_access_classes": class_names}) def remove_global_access_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """Remove class(es) from the list of classes eligible for global access checking.""" result = self.alter(options={"delete:base:global_access_classes": class_names}) @@ -293,14 +293,14 @@ def remove_global_access_classes( # Raclist Classes # ============================================================================ def add_raclist_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """Add class(es) to list of classes that have in-storage profile sharing activated.""" result = self.alter(options={"base:raclist": class_names}) return self._to_steps(result) def remove_raclist_classes( - self, class_names: Union[List[str], str] + self, class_names: Union[str, List[str]] ) -> Union[dict, bytes]: """ Remove class(es) from the list of classes that have in-storage profile sharing activated. @@ -622,7 +622,7 @@ def __to_list(self, value_raw: str, n: int = 1) -> List[str]: ] def __add_classes_list(self, profile: dict, class_key: str, value_raw: str) -> None: - """Add a class list to profile""" + """Add a class list to profile.""" if "classes" not in profile: profile["classes"] = {} class_key = class_key.replace("Classes", "") diff --git a/pyracf/user/user_admin.py b/pyracf/user/user_admin.py index 8db20d69..a126c58e 100644 --- a/pyracf/user/user_admin.py +++ b/pyracf/user/user_admin.py @@ -776,13 +776,13 @@ def add(self, userid: str, traits: dict = {}) -> Union[dict, bytes]: try: self.extract(userid) except SecurityRequestError as exception: - if not exception.scan_for_error("user", "ICH30001I"): + if not exception.contains_error_message(self._profile_type, "ICH30001I"): raise exception self._build_segment_dictionaries(traits) user_request = UserRequest(userid, "set") self._build_xml_segments(user_request) return self._make_request(user_request) - raise AddOperationError(userid, "USER") + raise AddOperationError(userid, self._profile_type) def alter(self, userid: str, traits: dict) -> Union[dict, bytes]: """Alter an existing user.""" @@ -794,7 +794,7 @@ def alter(self, userid: str, traits: dict) -> Union[dict, bytes]: try: self.extract(userid) except SecurityRequestError: - raise AlterOperationError(userid, "USER") + raise AlterOperationError(userid, self._profile_type) self._build_segment_dictionaries(traits) user_request = UserRequest(userid, "set") self._build_xml_segments(user_request, alter=True) diff --git a/tests/access/test_access_constants.py b/tests/access/test_access_constants.py index d05d1774..d21117d0 100644 --- a/tests/access/test_access_constants.py +++ b/tests/access/test_access_constants.py @@ -15,7 +15,7 @@ def get_sample(sample_file: str) -> Union[str, bytes]: # Access Administration Result Sample Data # ============================================================================ -# Alter Access +# Permit Access TEST_PERMIT_ACCESS_RESULT_SUCCESS_XML = get_sample("permit_access_result_success.xml") TEST_PERMIT_ACCESS_RESULT_SUCCESS_DICTIONARY = get_sample( "permit_access_result_success.json" @@ -40,7 +40,7 @@ def get_sample(sample_file: str) -> Union[str, bytes]: # Access Administration Request Sample Data # ============================================================================ -# Alter Access +# Permit Access TEST_PERMIT_ACCESS_REQUEST_XML = get_sample("permit_access_request.xml") # Delete Access diff --git a/tests/access/test_access_debug_logging.py b/tests/access/test_access_debug_logging.py index 89f25964..8f70e86b 100644 --- a/tests/access/test_access_debug_logging.py +++ b/tests/access/test_access_debug_logging.py @@ -24,7 +24,7 @@ class TestAccessDebugLogging(unittest.TestCase): ansi_escape = re.compile(r"\x1B(?:[@-Z\\-_]|\[[0-?]*[ -/]*[@-~])") # ============================================================================ - # Alter Access + # Permit Access # ============================================================================ def test_permit_access_request_debug_log_works_on_success( self, diff --git a/tests/access/test_access_result_parser.py b/tests/access/test_access_result_parser.py index f81c29ca..b8d15926 100644 --- a/tests/access/test_access_result_parser.py +++ b/tests/access/test_access_result_parser.py @@ -20,7 +20,7 @@ class TestAccessResultParser(unittest.TestCase): access_admin = AccessAdmin() # ============================================================================ - # Alter Access + # Permit Access # ============================================================================ def test_access_admin_can_parse_permit_access_success_xml( self, diff --git a/tests/connection/test_connection_constants.py b/tests/connection/test_connection_constants.py index 2af94ccf..ca1910af 100644 --- a/tests/connection/test_connection_constants.py +++ b/tests/connection/test_connection_constants.py @@ -15,7 +15,7 @@ def get_sample(sample_file: str) -> Union[str, bytes]: # Connection Administration Result Sample Data # ============================================================================ -# Alter Connection +# Connect Connection TEST_CONNECT_CONNECTION_RESULT_SUCCESS_XML = get_sample( "connect_connection_result_success.xml" ) @@ -48,7 +48,7 @@ def get_sample(sample_file: str) -> Union[str, bytes]: # Connection Administration Request Sample Data # ============================================================================ -# Alter Connection +# Connect Connection TEST_CONNECT_CONNECTION_REQUEST_XML = get_sample("connect_connection_request.xml") TEST_CONNECT_CONNECTION_REQUEST_TRAITS = { "base:operations": False, diff --git a/tests/connection/test_connection_debug_logging.py b/tests/connection/test_connection_debug_logging.py index 7fd94a08..7adabd20 100644 --- a/tests/connection/test_connection_debug_logging.py +++ b/tests/connection/test_connection_debug_logging.py @@ -24,7 +24,7 @@ class TestConnectionDebugLogging(unittest.TestCase): ansi_escape = re.compile(r"\x1B(?:[@-Z\\-_]|\[[0-?]*[ -/]*[@-~])") # ============================================================================ - # Alter Connection + # Connect Connection # ============================================================================ def test_connect_connection_request_debug_log_works_on_success( self, diff --git a/tests/connection/test_connection_result_parser.py b/tests/connection/test_connection_result_parser.py index 1a99f1c3..dcd724a2 100644 --- a/tests/connection/test_connection_result_parser.py +++ b/tests/connection/test_connection_result_parser.py @@ -20,7 +20,7 @@ class TestConnectionResultParser(unittest.TestCase): connection_admin = ConnectionAdmin() # ============================================================================ - # Alter Connection + # Connect Connection # ============================================================================ def test_connection_admin_can_parse_connect_connection_success_xml( self, diff --git a/tests/data_set/test_data_set_result_parser.py b/tests/data_set/test_data_set_result_parser.py index 48aaca27..9f956397 100644 --- a/tests/data_set/test_data_set_result_parser.py +++ b/tests/data_set/test_data_set_result_parser.py @@ -48,7 +48,6 @@ def test_data_set_admin_thows_error_on_add_existing_data_set_profile( call_racf_mock: Mock, ): profile_name = "ESWIFT.TEST.T1136242.P3020470" - class_name = "DATASET" call_racf_mock.side_effect = [ TestDataSetConstants.TEST_EXTRACT_DATA_SET_RESULT_BASE_ONLY_SUCCESS_XML, TestDataSetConstants.TEST_ADD_DATA_SET_RESULT_SUCCESS_XML, @@ -62,7 +61,8 @@ def test_data_set_admin_thows_error_on_add_existing_data_set_profile( exception.exception.message, "Security request made to IRRSMO00 failed." + "\n\nTarget profile " - + f"'{profile_name}' already exists as a {class_name} profile.", + + f"'{profile_name}' already exists as a " + + f"'{self.data_set_admin._profile_type}' profile.", ) # Error in command, ESWIFTTESTT1136242P3020470 is not a valid DATASET @@ -108,7 +108,6 @@ def test_data_set_admin_thows_error_on_alter_new_data_set_profile( call_racf_mock: Mock, ): profile_name = "ESWIFT.TEST.T1136242.P3020470" - class_name = "DATASET" call_racf_mock.side_effect = [ TestDataSetConstants.TEST_EXTRACT_DATA_SET_RESULT_BASE_ONLY_ERROR_XML, TestDataSetConstants.TEST_ALTER_DATA_SET_RESULT_SUCCESS_XML, @@ -122,7 +121,8 @@ def test_data_set_admin_thows_error_on_alter_new_data_set_profile( exception.exception.message, "Security request made to IRRSMO00 failed." + "\n\nTarget profile " - + f"'{profile_name}' does not exist as a {class_name} profile.", + + f"'{profile_name}' does not exist as a " + + f"'{self.data_set_admin._profile_type}' profile.", ) # Error in environment, ESWIFT.TEST.T1136242.P3020470 data set does not exist diff --git a/tests/group/test_group_result_parser.py b/tests/group/test_group_result_parser.py index 0dd2760b..7ac63b95 100644 --- a/tests/group/test_group_result_parser.py +++ b/tests/group/test_group_result_parser.py @@ -47,7 +47,6 @@ def test_group_admin_throws_error_on_add_existing_group( call_racf_mock: Mock, ): group_name = "TESTGRP0" - admin_name = "GROUP" call_racf_mock.side_effect = [ TestGroupConstants.TEST_EXTRACT_GROUP_RESULT_BASE_ONLY_SUCCESS_XML, TestGroupConstants.TEST_ADD_GROUP_RESULT_SUCCESS_XML, @@ -60,7 +59,7 @@ def test_group_admin_throws_error_on_add_existing_group( exception.exception.message, "Security request made to IRRSMO00 failed." + "\n\nTarget profile " - + f"'{group_name}' already exists as a {admin_name} profile.", + + f"'{group_name}' already exists as a '{self.group_admin._profile_type}' profile.", ) # Error in command, TESTGRPP0 is invalid GROUP @@ -104,7 +103,6 @@ def test_group_admin_throws_error_on_alter_new_group( call_racf_mock: Mock, ): group_name = "TESTGRP0" - admin_name = "GROUP" call_racf_mock.side_effect = [ TestGroupConstants.TEST_EXTRACT_GROUP_RESULT_BASE_OMVS_ERROR_XML, TestGroupConstants.TEST_ALTER_GROUP_RESULT_SUCCESS_XML, @@ -117,7 +115,7 @@ def test_group_admin_throws_error_on_alter_new_group( exception.exception.message, "Security request made to IRRSMO00 failed." + "\n\nTarget profile " - + f"'{group_name}' does not exist as a {admin_name} profile.", + + f"'{group_name}' does not exist as a '{self.group_admin._profile_type}' profile.", ) # Error: invalid gid "3000000000" diff --git a/tests/resource/test_resource_result_parser.py b/tests/resource/test_resource_result_parser.py index 624157de..632e44b6 100644 --- a/tests/resource/test_resource_result_parser.py +++ b/tests/resource/test_resource_result_parser.py @@ -60,7 +60,7 @@ def test_resource_admin_throws_error_on_add_existing_profile( exception.exception.message, "Security request made to IRRSMO00 failed." + "\n\nTarget profile " - + f"'{profile_name}' already exists as a profile in the {class_name} class.", + + f"'{profile_name}' already exists as a profile in the '{class_name}' class.", ) # Error: Invalid Entity Name ELIXTEST @@ -119,7 +119,7 @@ def test_resource_admin_throws_error_on_alter_new_profile( exception.exception.message, "Security request made to IRRSMO00 failed." + "\n\nTarget profile " - + f"'{profile_name}' does not exist as a profile in the {class_name} class.", + + f"'{profile_name}' does not exist as a profile in the '{class_name}' class.", ) # Error: Invalid Universal Access ALL diff --git a/tests/user/test_user_constants.py b/tests/user/test_user_constants.py index fedc6e55..3bfa719c 100644 --- a/tests/user/test_user_constants.py +++ b/tests/user/test_user_constants.py @@ -169,8 +169,8 @@ def get_sample(sample_file: str) -> Union[str, bytes]: "tso:user_data": "ABCD", "tso:data_set_allocation_unit": "SYSDA", } -TEST_ADD_USER_REQUEST_INVALID_TRAITS = dict(TEST_ADD_USER_REQUEST_TRAITS) -TEST_ADD_USER_REQUEST_INVALID_TRAITS["omvs:invalid_trait"] = "TESTING VALUE" +TEST_ADD_USER_REQUEST_BAD_TRAITS = dict(TEST_ADD_USER_REQUEST_TRAITS) +TEST_ADD_USER_REQUEST_BAD_TRAITS["omvs:bad_trait"] = "TESTING VALUE" # Alter User TEST_ALTER_USER_REQUEST_XML = get_sample("alter_user_request.xml") diff --git a/tests/user/test_user_request_builder.py b/tests/user/test_user_request_builder.py index f4035576..f3d88ee5 100644 --- a/tests/user/test_user_request_builder.py +++ b/tests/user/test_user_request_builder.py @@ -6,7 +6,7 @@ import __init__ import tests.user.test_user_constants as TestUserConstants -from pyracf import InvalidSegmentNameError, InvalidSegmentTraitError, UserAdmin +from pyracf import SegmentError, SegmentTraitError, UserAdmin from pyracf.common.irrsmo00 import IRRSMO00 # Resolves F401 @@ -124,32 +124,31 @@ def test_user_admin_build_alter_request_update_existing_segment_traits(self): # ============================================================================ # Request Builder Errors # ============================================================================ - def test_user_admin_build_add_request_with_invalid_segment_traits(self): - invalid_trait = "omvs:invalid_trait" + def test_user_admin_build_add_request_with_bad_segment_traits(self): + bad_trait = "omvs:bad_trait" user_admin = UserAdmin( generate_requests_only=True, ) - with self.assertRaises(InvalidSegmentTraitError) as exception: + with self.assertRaises(SegmentTraitError) as exception: user_admin.add( - "squidwrd", TestUserConstants.TEST_ADD_USER_REQUEST_INVALID_TRAITS + "squidwrd", TestUserConstants.TEST_ADD_USER_REQUEST_BAD_TRAITS ) self.assertEqual( exception.exception.message, - "Building of Security Request failed.\n\n" - + "Could not find " - + f"'{invalid_trait}' in valid segment traits for the requested operation.\n", + "Unable to build Security Request.\n\n" + + f"'{bad_trait}' is not a valid segment-trait " + + f"combination for '{self.user_admin._profile_type}'.\n", ) - def test_user_admin_build_extract_request_with_invalid_segment_name(self): - invalid_segment = "test_segment" + def test_user_admin_build_extract_request_with_bad_segment_name(self): + bad_segment = "bad_segment" user_admin = UserAdmin( generate_requests_only=True, ) - with self.assertRaises(InvalidSegmentNameError) as exception: - user_admin.extract("squidwrd", {invalid_segment: True}) + with self.assertRaises(SegmentError) as exception: + user_admin.extract("squidwrd", segments=[bad_segment]) self.assertEqual( exception.exception.message, - "Building of Security Request failed.\n\n" - + "Could not find " - + f"'{invalid_segment}' in valid segments for the requested operation.\n", + "Unable to build Security Request.\n\n" + + f"'{bad_segment}' is not a valid segment for '{self.user_admin._profile_type}'.\n", ) diff --git a/tests/user/test_user_result_parser.py b/tests/user/test_user_result_parser.py index 8096c33e..dc02d611 100644 --- a/tests/user/test_user_result_parser.py +++ b/tests/user/test_user_result_parser.py @@ -51,7 +51,6 @@ def test_user_admin_throws_error_on_add_existing_user( call_racf_mock: Mock, ): profile_name = "squidwrd" - admin_name = "USER" call_racf_mock.side_effect = [ TestUserConstants.TEST_EXTRACT_USER_RESULT_BASE_ONLY_SUCCESS_XML, TestUserConstants.TEST_ADD_USER_RESULT_SUCCESS_XML, @@ -64,7 +63,7 @@ def test_user_admin_throws_error_on_add_existing_user( exception.exception.message, "Security request made to IRRSMO00 failed." + "\n\nTarget profile " - + f"'{profile_name}' already exists as a {admin_name} profile.", + + f"'{profile_name}' already exists as a '{self.user_admin._profile_type}' profile.", ) # Error in command, SQUIDWARD is invalid USERID @@ -109,7 +108,6 @@ def test_user_admin_throws_error_on_alter_new_user( call_racf_mock: Mock, ): profile_name = "squidwrd" - admin_name = "USER" call_racf_mock.side_effect = [ TestUserConstants.TEST_EXTRACT_USER_RESULT_BASE_ONLY_ERROR_XML, TestUserConstants.TEST_ALTER_USER_RESULT_SUCCESS_XML, @@ -122,7 +120,7 @@ def test_user_admin_throws_error_on_alter_new_user( exception.exception.message, "Security request made to IRRSMO00 failed." + "\n\nTarget profile " - + f"'{profile_name}' does not exist as a {admin_name} profile.", + + f"'{profile_name}' does not exist as a '{self.user_admin._profile_type}' profile.", ) # Error: invalid uid '90000000000'