aboutsummaryrefslogtreecommitdiffstats
path: root/moonv4/moon_interface/moon_interface/api/wrapper.py
diff options
context:
space:
mode:
Diffstat (limited to 'moonv4/moon_interface/moon_interface/api/wrapper.py')
-rw-r--r--moonv4/moon_interface/moon_interface/api/wrapper.py120
1 files changed, 0 insertions, 120 deletions
diff --git a/moonv4/moon_interface/moon_interface/api/wrapper.py b/moonv4/moon_interface/moon_interface/api/wrapper.py
deleted file mode 100644
index 5ba5779f..00000000
--- a/moonv4/moon_interface/moon_interface/api/wrapper.py
+++ /dev/null
@@ -1,120 +0,0 @@
-# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
-# This software is distributed under the terms and conditions of the 'Apache-2.0'
-# license which can be found in the file 'LICENSE' in this package distribution
-# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
-"""
-Authz is the endpoint to get authorization response
-"""
-
-import flask
-from flask import request
-from flask_restful import Resource
-import logging
-import json
-import requests
-import time
-from uuid import uuid4
-
-from moon_interface.api.authz import pdp_in_cache, pdp_in_manager, container_exist, \
- create_containers, create_authz_request
-from moon_interface.authz_requests import AuthzRequest
-from moon_utilities import configuration
-
-__version__ = "0.1.0"
-
-LOG = logging.getLogger("moon.interface.api." + __name__)
-
-
-class Wrapper(Resource):
- """
- Endpoint for authz requests
- """
-
- __urls__ = (
- "/authz/wrapper",
- "/authz/wrapper/",
- )
-
- def __init__(self, **kwargs):
- self.port = kwargs.get("port")
- self.CACHE = kwargs.get("cache", {})
- self.INTERFACE_NAME = kwargs.get("interface_name", "interface")
- self.MANAGER_URL = kwargs.get("manager_url", "http://manager:8080")
- self.TIMEOUT = 5
-
- def get(self):
- LOG.info("GET")
- return self.manage_data()
-
- def post(self):
- LOG.info("POST {}".format(request.form))
- response = flask.make_response("False")
- if self.manage_data():
- response = flask.make_response("True")
- response.headers['content-type'] = 'application/octet-stream'
- return response
-
- @staticmethod
- def __get_subject(target, credentials):
- _subject = target.get("user_id", "")
- if not _subject:
- _subject = credentials.get("user_id", "none")
- return _subject
-
- @staticmethod
- def __get_object(target, credentials):
- try:
- # note: case of Glance
- return target['target']['name']
- except KeyError:
- pass
-
- # note: default case
- return target.get("project_id", "none")
-
- @staticmethod
- def __get_project_id(target, credentials):
- return target.get("project_id", "none")
-
- def manage_data(self):
- target = json.loads(request.form.get('target', {}))
- credentials = json.loads(request.form.get('credentials', {}))
- rule = request.form.get('rule', "")
- _subject = self.__get_subject(target, credentials)
- _object = self.__get_object(target, credentials)
- _project_id = self.__get_project_id(target, credentials)
- LOG.info("GET with args project={} / "
- "subject={} - object={} - action={}".format(
- _project_id, _subject, _object, rule))
- pdp_id, pdp_value = pdp_in_cache(self.CACHE, _project_id)
- if not pdp_id:
- pdp_id, pdp_value = pdp_in_manager(self.CACHE, _project_id)
- if not pdp_id:
- LOG.error("Unknown Project ID or "
- "Project ID is not bind to a PDP.")
- return False
- if not container_exist(self.CACHE, _project_id):
- create_containers(self.CACHE, _project_id, self.MANAGER_URL,
- plugin_name="authz")
- authz_request = create_authz_request(
- cache=self.CACHE,
- uuid=_project_id,
- interface_name=self.INTERFACE_NAME,
- manager_url=self.MANAGER_URL,
- subject_name=_subject,
- object_name=_object,
- action_name=rule)
- cpt = 0
- while True:
- LOG.info("Wait")
- if cpt > self.TIMEOUT*10:
- LOG.error("Authz request had timed out.")
- return False
- if authz_request.is_authz():
- if authz_request.final_result == "Grant":
- LOG.info("Grant")
- return True
- LOG.info("Deny")
- return False
- cpt += 1
- time.sleep(0.1)