diff options
author | sgdt6900 <rhanafy.ext@orange.com> | 2018-01-09 11:33:47 +0200 |
---|---|---|
committer | sgdt6900 <rhanafy.ext@orange.com> | 2018-01-10 10:44:44 +0200 |
commit | 8f6023b826d8b10e19018c4d0585f87d27314be4 (patch) | |
tree | 0fe1ae85d030c341c24eb11724f127ea1a8ec52c /moon_interface/moon_interface/authz_requests.py | |
parent | dc368bed1ff75f19553046570e1fad2990177783 (diff) |
adding comments for some issues and points
refactor retry method
apply the comments notes
adding test cases
adding more comments
adding test cases
adding more comments , refactoring, tests
Change-Id: I0949fcaed2b88f3cf75e66b6a90e6e9d7ca156b1
Signed-off-by: sgdt6900 <rhanafy.ext@orange.com>
Diffstat (limited to 'moon_interface/moon_interface/authz_requests.py')
-rw-r--r-- | moon_interface/moon_interface/authz_requests.py | 56 |
1 files changed, 30 insertions, 26 deletions
diff --git a/moon_interface/moon_interface/authz_requests.py b/moon_interface/moon_interface/authz_requests.py index 87e21152..12c190c7 100644 --- a/moon_interface/moon_interface/authz_requests.py +++ b/moon_interface/moon_interface/authz_requests.py @@ -7,6 +7,7 @@ import logging import itertools import pickle import requests +import sys from python_moonutilities import exceptions from python_moonutilities.context import Context from python_moonutilities.cache import Cache @@ -31,51 +32,53 @@ class AuthzRequest: if ctx['project_id'] not in CACHE.container_chaining: raise exceptions.KeystoneProjectError("Unknown Project ID {}".format(ctx['project_id'])) self.container_chaining = CACHE.container_chaining[ctx['project_id']] - if len(self.container_chaining) == 0: + + if len(self.container_chaining) == 0 or not all(k in self.container_data for k in ("container_id", "hostname", "hostip", "port")): raise exceptions.MoonError('Void container chaining') + self.pdp_container = self.container_chaining[0]["container_id"] self.run() def run(self): self.context.delete_cache() req = None - try: - req = requests.post("http://{}:{}/authz".format( - self.container_chaining[0]["hostip"], - self.container_chaining[0]["port"], - ), data=pickle.dumps(self.context)) - if req.status_code != 200: - raise exceptions.AuthzException( - "Receive bad response from Authz function " - "(with IP address - {})".format( - req.status_code - )) - except requests.exceptions.ConnectionError: - logger.error("Cannot connect to {}".format( - "http://{}:{}/authz".format( - self.container_chaining[0]["hostip"], - self.container_chaining[0]["port"] - ))) - except ValueError: + tries = 0 + success = False + + if "hostip" in self.container_chaining[0]: + hostname = self.container_chaining[0]["hostip"] + elif "hostname" in self.container_chaining[0]: + hostname = self.container_chaining[0]["hostname"] + else: + raise exceptions.AuthzException( + "error in address no hostname or hostip" + ) + while tries < 2: try: req = requests.post("http://{}:{}/authz".format( - self.container_chaining[0]["hostname"], + hostname, self.container_chaining[0]["port"], ), data=pickle.dumps(self.context)) if req.status_code != 200: raise exceptions.AuthzException( "Receive bad response from Authz function " - "(with hostname - {})".format( - req.status_code - )) + "(with address - {})".format(req.status_code) + ) + success = True except requests.exceptions.ConnectionError: logger.error("Cannot connect to {}".format( "http://{}:{}/authz".format( - self.container_chaining[0]["hostname"], + hostname, self.container_chaining[0]["port"] ))) - raise exceptions.AuthzException( - "Cannot connect to Authz function") + except: + logger.error("Unexpected error:", sys.exc_info()[0]) + hostname = self.container_chaining[0]["hostname"], + tries += 1 + + if not success: + raise exceptions.AuthzException("Cannot connect to Authz function") + self.context.set_cache(CACHE) if req and len(self.container_chaining) == 1: self.result = pickle.loads(req.content) @@ -132,6 +135,7 @@ class AuthzRequest: authz_results = [] for key in self.result.pdp_set: if "effect" in self.result.pdp_set[key]: + if self.result.pdp_set[key]["effect"] == "grant": # the pdp is a authorization PDP and grant the request authz_results.append(True) |