901 - fixed test_single_action_space.py to reflect new acl structure and added new acl_implicit_rule class attribute

2023-06-27 11:43:33 +01:00
parent df42a791c9
commit ef4d2c6cdd
4 changed files with 17 additions and 23 deletions
--- a/src/primaite/acl/access_control_list.py
+++ b/src/primaite/acl/access_control_list.py
@@ -23,20 +23,12 @@ class AccessControlList:
        # A list of ACL Rules
        self._acl: List[ACLRule] = []
        # Implicit rule
-
-    @property
-    def acl_implicit_rule(self):
-        """ACL implicit rule class attribute with added logic to change it depending on option in main_config."""
-        # Create implicit rule based on input
+        self.acl_implicit_rule = None
        if self.apply_implicit_rule:
            if self.acl_implicit_permission == "DENY":
-                return ACLRule("DENY", "ANY", "ANY", "ANY", "ANY")
+                self.acl_implicit_rule = ACLRule("DENY", "ANY", "ANY", "ANY", "ANY")
            elif self.acl_implicit_permission == "ALLOW":
-                return ACLRule("ALLOW", "ANY", "ANY", "ANY", "ANY")
-            else:
-                return None
-        else:
-            return None
+                self.acl_implicit_rule = ACLRule("ALLOW", "ANY", "ANY", "ANY", "ANY")

    @property
    def acl(self):
--- a/src/primaite/environment/observations.py
+++ b/src/primaite/environment/observations.py
@@ -352,7 +352,6 @@ class AccessControlList(AbstractObservationComponent):
            len(env.ports_list),
            env.max_number_acl_rules,
        ]
-        len(acl_shape)
        # shape = acl_shape
        shape = acl_shape * self.env.max_number_acl_rules

@@ -446,7 +445,6 @@ class AccessControlList(AbstractObservationComponent):
                        position += 1

        self.current_observation = obs
-        print("current observation space:", self.current_observation)


 class ObservationsHandler:
--- a/tests/config/single_action_space_lay_down_config.yaml
+++ b/tests/config/single_action_space_lay_down_config.yaml
@@ -1,9 +1,9 @@
 - item_type: PORTS
  ports_list:
-  - port: '21'
+  - port: '80'
 - item_type: SERVICES
  service_list:
-  - name: ftp
+  - name: TCP
 - item_type: NODE
  node_id: '1'
  name: node
@@ -15,8 +15,8 @@
  software_state: GOOD
  file_system_state: GOOD
  services:
-  - name: ftp
-    port: '21'
+  - name: TCP
+    port: '80'
    state: COMPROMISED
 - item_type: NODE
  node_id: '2'
@@ -29,8 +29,8 @@
  software_state: GOOD
  file_system_state: GOOD
  services:
-  - name: ftp
-    port: '21'
+  - name: TCP
+    port: '80'
    state: COMPROMISED
 - item_type: POSITION
  positions:
@@ -45,7 +45,7 @@
  start_step: 2
  end_step: 15
  load: 1000
-  protocol: ftp
+  protocol: TCP
  port: CORRUPT
  source: '1'
  destination: '2'
--- a/tests/test_single_action_space.py
+++ b/tests/test_single_action_space.py
@@ -9,7 +9,7 @@ from tests.conftest import _get_primaite_env_from_config
 def run_generic_set_actions(env: Primaite):
    """Run against a generic agent with specified blue agent actions."""
    # Reset the environment at the start of the episode
-    # env.reset()
+    env.reset()
    training_config = env.training_config
    for episode in range(0, training_config.num_episodes):
        for step in range(0, training_config.num_steps):
@@ -96,7 +96,11 @@ def test_agent_is_executing_actions_from_both_spaces():
    # Length of this list tells you how many items are in the dictionary
    # This number is the frequency of Access Control Rules in the environment
    # In the scenario, we specified that the agent should create only 1 acl rule
-    num_of_rules = len(acl_rules_list)
+    # This 1 rule added to the implicit deny means there should be 2 rules in total.
+    rules_count = 0
+    for rule in acl_rules_list:
+        if rule != -1:
+            rules_count += 1
    # Therefore these statements below MUST be true
    assert computer_node_hardware_state == HardwareState.OFF
-    assert num_of_rules == 1
+    assert rules_count == 2