diff options
author | WuKong <rebirthmonkey@gmail.com> | 2017-12-23 21:49:35 +0100 |
---|---|---|
committer | WuKong <rebirthmonkey@gmail.com> | 2017-12-23 21:49:58 +0100 |
commit | 1100c66ce03a059ebe7ece9734e799b49b3a5a9e (patch) | |
tree | a057e7e7511f6675a9327b79e6919f07c5f89f07 /moonv4/moon_manager/moon_manager | |
parent | 7a4dfdde6314476ae2a1a1c881ff1e3c430f790e (diff) |
moonv4 cleanup
Change-Id: Icef927f3236d985ac13ff7376f6ce6314b2b39b0
Signed-off-by: WuKong <rebirthmonkey@gmail.com>
Diffstat (limited to 'moonv4/moon_manager/moon_manager')
-rw-r--r-- | moonv4/moon_manager/moon_manager/__init__.py | 6 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/__main__.py | 4 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/__init__.py | 0 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/assignments.py | 334 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/containers.py | 178 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/data.py | 335 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/generic.py | 131 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/meta_data.py | 267 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/meta_rules.py | 164 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/models.py | 127 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/pdp.py | 181 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/perimeter.py | 447 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/policies.py | 132 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/rules.py | 140 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/http_server.py | 157 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/server.py | 38 |
16 files changed, 0 insertions, 2641 deletions
diff --git a/moonv4/moon_manager/moon_manager/__init__.py b/moonv4/moon_manager/moon_manager/__init__.py deleted file mode 100644 index 903c6518..00000000 --- a/moonv4/moon_manager/moon_manager/__init__.py +++ /dev/null @@ -1,6 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -__version__ = "0.1.0" diff --git a/moonv4/moon_manager/moon_manager/__main__.py b/moonv4/moon_manager/moon_manager/__main__.py deleted file mode 100644 index 7d97f003..00000000 --- a/moonv4/moon_manager/moon_manager/__main__.py +++ /dev/null @@ -1,4 +0,0 @@ -from moon_manager.server import main - -server = main() -server.run() diff --git a/moonv4/moon_manager/moon_manager/api/__init__.py b/moonv4/moon_manager/moon_manager/api/__init__.py deleted file mode 100644 index e69de29b..00000000 --- a/moonv4/moon_manager/moon_manager/api/__init__.py +++ /dev/null diff --git a/moonv4/moon_manager/moon_manager/api/assignments.py b/moonv4/moon_manager/moon_manager/api/assignments.py deleted file mode 100644 index c3ac45c8..00000000 --- a/moonv4/moon_manager/moon_manager/api/assignments.py +++ /dev/null @@ -1,334 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -Assignments allow to connect data with elements of perimeter - -""" - -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moondb.core import PolicyManager - -__version__ = "0.2.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class SubjectAssignments(Resource): - """ - Endpoint for subject assignment requests - """ - - __urls__ = ( - "/policies/<string:uuid>/subject_assignments", - "/policies/<string:uuid>/subject_assignments/", - "/policies/<string:uuid>/subject_assignments/<string:perimeter_id>", - "/policies/<string:uuid>/subject_assignments/<string:perimeter_id>/<string:category_id>", - "/policies/<string:uuid>/subject_assignments/<string:perimeter_id>/<string:category_id>/<string:data_id>", - ) - - @check_auth - def get(self, uuid=None, perimeter_id=None, category_id=None, data_id=None, user_id=None): - """Retrieve all subject assignments or a specific one for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the subject - :param category_id: uuid of the subject category - :param data_id: uuid of the subject scope - :param user_id: user ID who do the request - :return: { - "subject_data_id": { - "policy_id": "ID of the policy", - "subject_id": "ID of the subject", - "category_id": "ID of the category", - "assignments": "Assignments list (list of data_id)", - } - } - :internal_api: get_subject_assignments - """ - # return call(ctx={"id": uuid, "method": "get_subject_assignments", "perimeter_id": perimeter_id, "category_id": category_id, "user_id": user_id}, - # args={"data_id": data_id}) - try: - # if "perimeter_name" in ctx: - # ctx["perimeter_id"] = self.__get_subject_id(ctx, ctx['perimeter_name']) - data = PolicyManager.get_subject_assignments(user_id=user_id, policy_id=uuid, - subject_id=perimeter_id, category_id=category_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"subject_assignments": data} - - @check_auth - def post(self, uuid=None, perimeter_id=None, category_id=None, data_id=None, user_id=None): - """Create a subject assignment. - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the subject (not used here) - :param category_id: uuid of the subject category (not used here) - :param data_id: uuid of the subject scope (not used here) - :param user_id: user ID who do the request - :request body: { - "id": "UUID of the subject", - "category_id": "UUID of the category" - "data_id": "UUID of the scope" - } - :return: { - "subject_data_id": { - "policy_id": "ID of the policy", - "subject_id": "ID of the subject", - "category_id": "ID of the category", - "assignments": "Assignments list (list of data_id)", - } - } - :internal_api: update_subject_assignment - """ - try: - data_id = request.json.get("data_id") - category_id = request.json.get("category_id") - perimeter_id = request.json.get("id") - data = PolicyManager.add_subject_assignment(user_id=user_id, policy_id=uuid, - subject_id=perimeter_id, category_id=category_id, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"subject_assignments": data} - - @check_auth - def delete(self, uuid=None, perimeter_id=None, category_id=None, data_id=None, user_id=None): - """Delete a subject assignment for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the subject - :param category_id: uuid of the subject category - :param data_id: uuid of the subject scope - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_subject_assignment - """ - try: - data = PolicyManager.delete_subject_assignment(user_id=user_id, policy_id=uuid, - subject_id=perimeter_id, category_id=category_id, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - -class ObjectAssignments(Resource): - """ - Endpoint for object assignment requests - """ - - __urls__ = ( - "/policies/<string:uuid>/object_assignments", - "/policies/<string:uuid>/object_assignments/", - "/policies/<string:uuid>/object_assignments/<string:perimeter_id>", - "/policies/<string:uuid>/object_assignments/<string:perimeter_id>/<string:category_id>", - "/policies/<string:uuid>/object_assignments/<string:perimeter_id>/<string:category_id>/<string:data_id>", - ) - - @check_auth - def get(self, uuid=None, perimeter_id=None, category_id=None, data_id=None, user_id=None): - """Retrieve all object assignment or a specific one for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the object - :param category_id: uuid of the object category - :param data_id: uuid of the object scope - :param user_id: user ID who do the request - :return: { - "object_data_id": { - "policy_id": "ID of the policy", - "object_id": "ID of the object", - "category_id": "ID of the category", - "assignments": "Assignments list (list of data_id)", - } - } - :internal_api: get_object_assignments - """ - try: - data = PolicyManager.get_object_assignments(user_id=user_id, policy_id=uuid, - object_id=perimeter_id, category_id=category_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"object_assignments": data} - - @check_auth - def post(self, uuid=None, perimeter_id=None, category_id=None, data_id=None, user_id=None): - """Create an object assignment. - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the object (not used here) - :param category_id: uuid of the object category (not used here) - :param data_id: uuid of the object scope (not used here) - :param user_id: user ID who do the request - :request body: { - "id": "UUID of the action", - "category_id": "UUID of the category" - "data_id": "UUID of the scope" - } - :return: { - "object_data_id": { - "policy_id": "ID of the policy", - "object_id": "ID of the object", - "category_id": "ID of the category", - "assignments": "Assignments list (list of data_id)", - } - } - :internal_api: update_object_assignment - """ - try: - data_id = request.json.get("data_id") - category_id = request.json.get("category_id") - perimeter_id = request.json.get("id") - data = PolicyManager.add_object_assignment(user_id=user_id, policy_id=uuid, - object_id=perimeter_id, category_id=category_id, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"object_assignments": data} - - @check_auth - def delete(self, uuid=None, perimeter_id=None, category_id=None, data_id=None, user_id=None): - """Delete a object assignment for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the object - :param category_id: uuid of the object category - :param data_id: uuid of the object scope - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_object_assignment - """ - try: - data = PolicyManager.delete_object_assignment(user_id=user_id, policy_id=uuid, - object_id=perimeter_id, category_id=category_id, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - -class ActionAssignments(Resource): - """ - Endpoint for action assignment requests - """ - - __urls__ = ( - "/policies/<string:uuid>/action_assignments", - "/policies/<string:uuid>/action_assignments/", - "/policies/<string:uuid>/action_assignments/<string:perimeter_id>", - "/policies/<string:uuid>/action_assignments/<string:perimeter_id>/<string:category_id>", - "/policies/<string:uuid>/action_assignments/<string:perimeter_id>/<string:category_id>/<string:data_id>", - ) - - @check_auth - def get(self, uuid=None, perimeter_id=None, category_id=None, data_id=None, user_id=None): - """Retrieve all action assignment or a specific one for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the action - :param category_id: uuid of the action category - :param data_id: uuid of the action scope - :param user_id: user ID who do the request - :return: { - "action_data_id": { - "policy_id": "ID of the policy", - "object_id": "ID of the action", - "category_id": "ID of the category", - "assignments": "Assignments list (list of data_id)", - } - } - :internal_api: get_action_assignments - """ - try: - data = PolicyManager.get_action_assignments(user_id=user_id, policy_id=uuid, - action_id=perimeter_id, category_id=category_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"action_assignments": data} - - @check_auth - def post(self, uuid=None, perimeter_id=None, category_id=None, data_id=None, user_id=None): - """Create an action assignment. - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the action (not used here) - :param category_id: uuid of the action category (not used here) - :param data_id: uuid of the action scope (not used here) - :param user_id: user ID who do the request - :request body: { - "id": "UUID of the action", - "category_id": "UUID of the category", - "data_id": "UUID of the scope" - } - :return: { - "action_data_id": { - "policy_id": "ID of the policy", - "object_id": "ID of the action", - "category_id": "ID of the category", - "assignments": "Assignments list (list of data_id)", - } - } - :internal_api: update_action_assignment - """ - try: - data_id = request.json.get("data_id") - category_id = request.json.get("category_id") - perimeter_id = request.json.get("id") - data = PolicyManager.add_action_assignment(user_id=user_id, policy_id=uuid, - action_id=perimeter_id, category_id=category_id, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"action_assignments": data} - - @check_auth - def delete(self, uuid=None, perimeter_id=None, category_id=None, data_id=None, user_id=None): - """Delete a action assignment for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the action - :param category_id: uuid of the action category - :param data_id: uuid of the action scope - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_action_assignment - """ - try: - data = PolicyManager.delete_action_assignment(user_id=user_id, policy_id=uuid, - action_id=perimeter_id, category_id=category_id, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} diff --git a/moonv4/moon_manager/moon_manager/api/containers.py b/moonv4/moon_manager/moon_manager/api/containers.py deleted file mode 100644 index 6dc50ea5..00000000 --- a/moonv4/moon_manager/moon_manager/api/containers.py +++ /dev/null @@ -1,178 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -PDP are Policy Decision Point. - -""" - -import copy -from docker import Client -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moonutilities import configuration - -docker_conf = configuration.get_configuration("docker")['docker'] -docker = Client(base_url=docker_conf['url']) - -__version__ = "0.1.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class Container(Resource): - """ - Endpoint for container requests - """ - - __urls__ = ( - "/containers", - "/containers/", - "/containers/<string:uuid>", - "/containers/<string:uuid>/", - ) - - def __init__(self): - self.containers = {} - self.update() - - def update(self): - for _container in docker.containers(): - if _container['Id'] not in self.containers: - self.containers[_container['Id']] = { - "name": _container["Names"], - "port": _container["Ports"], - } - - @check_auth - def get(self, uuid=None, user_id=None): - """Retrieve all containers - - :param uuid: uuid of the container - :param user_id: user ID who do the request - :return: { - "containers": { - "da0fd80fc1dc146e1b...a2e07d240cde09f0a": { - "name": [ - "/wrapper" - ], - "port": [ - { - "PrivatePort": 8080, - "Type": "tcp", - "IP": "0.0.0.0", - "PublicPort": 8080 - } - ] - }, - } - } - :internal_api: get_containers - """ - # try: - # data = [{"name": item["Names"], "port": item["Ports"], } for item in docker.containers()] - # except Exception as e: - # LOG.error(e, exc_info=True) - # return {"result": False, - # "error": str(e)} - return {"containers": self.containers} - - @check_auth - def post(self, uuid=None, user_id=None): - """Add a new container. - - :param uuid: uuid of the pdp (not used here) - :param user_id: user ID who do the request - :request body: { - "id": "id of the new container", - "name": "name of the new container", - "hostname": "hostname of the new container", - "port": { - "PrivatePort": 8080, - "Type": "tcp", - "IP": "0.0.0.0", - "PublicPort": 8080 - }, - "keystone_project_id": "keystone_project_id1", - "pdp_id": "PDP UUID", - "container_name": "wukongsun/moon_authz:v4.1" - } - :return: { - "containers": { - "da0fd80fc1dc146e1b...a2e07d240cde09f0a": { - "name": [ - "/wrapper" - ], - "port": [ - { - "PrivatePort": 8080, - "Type": "tcp", - "IP": "0.0.0.0", - "PublicPort": 8080 - } - ] - }, - } - } - :internal_api: add_container - """ - try: - self.update() - self.containers[request.json.get('id')] = copy.deepcopy(request.json) - LOG.info("Added a new container {}".format(request.json.get('name'))) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"containers": self.containers} - - @check_auth - def delete(self, uuid=None, user_id=None): - """Delete a pdp - - :param uuid: uuid of the pdp to delete - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_pdp - """ - # try: - # data = PDPManager.delete_pdp(user_id=user_id, pdp_id=uuid) - # except Exception as e: - # LOG.error(e, exc_info=True) - # return {"result": False, - # "error": str(e)} - # return {"result": True} - raise NotImplementedError - - @check_auth - def patch(self, uuid=None, user_id=None): - """Update a pdp - - :param uuid: uuid of the pdp to update - :param user_id: user ID who do the request - :return: { - "pdp_id1": { - "name": "...", - "security_pipeline": [...], - "keystone_project_id": "keystone_project_id1", - "description": "...", - } - } - :internal_api: update_pdp - """ - # try: - # data = PDPManager.update_pdp(user_id=user_id, pdp_id=uuid, value=request.json) - # add_container(uuid=uuid, pipeline=data[uuid]['security_pipeline']) - # except Exception as e: - # LOG.error(e, exc_info=True) - # return {"result": False, - # "error": str(e)} - # return {"pdps": data} - raise NotImplementedError - diff --git a/moonv4/moon_manager/moon_manager/api/data.py b/moonv4/moon_manager/moon_manager/api/data.py deleted file mode 100644 index 61fe92bf..00000000 --- a/moonv4/moon_manager/moon_manager/api/data.py +++ /dev/null @@ -1,335 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -Data are elements used to create rules - -""" - -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moondb.core import PolicyManager - -__version__ = "0.2.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class SubjectData(Resource): - """ - Endpoint for subject data requests - """ - - __urls__ = ( - "/policies/<string:uuid>/subject_data", - "/policies/<string:uuid>/subject_data/", - "/policies/<string:uuid>/subject_data/<string:category_id>", - "/policies/<string:uuid>/subject_data/<string:category_id>/" - "<string:data_id>", - ) - - @check_auth - def get(self, uuid=None, category_id=None, data_id=None, user_id=None): - """Retrieve all subject categories or a specific one if sid is given - for a given policy - - :param uuid: uuid of the policy - :param category_id: uuid of the subject category - :param data_id: uuid of the subject data - :param user_id: user ID who do the request - :return: [{ - "policy_id": "policy_id1", - "category_id": "category_id1", - "data": { - "subject_data_id": { - "name": "name of the data", - "description": "description of the data" - } - } - }] - :internal_api: get_subject_data - """ - try: - data = PolicyManager.get_subject_data(user_id=user_id, - policy_id=uuid, - category_id=category_id, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"subject_data": data} - - @check_auth - def post(self, uuid=None, category_id=None, data_id=None, user_id=None): - """Create or update a subject. - - :param uuid: uuid of the policy - :param category_id: uuid of the subject category - :param data_id: uuid of the subject data - :param user_id: user ID who do the request - :request body: { - "name": "name of the data", - "description": "description of the data" - } - :return: { - "policy_id": "policy_id1", - "category_id": "category_id1", - "data": { - "subject_data_id": { - "name": "name of the data", - "description": "description of the data" - } - } - } - :internal_api: add_subject_data - """ - try: - data = PolicyManager.set_subject_data(user_id=user_id, - policy_id=uuid, - category_id=category_id, - value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"subject_data": data} - - @check_auth - def delete(self, uuid=None, category_id=None, data_id=None, user_id=None): - """Delete a subject for a given policy - - :param uuid: uuid of the policy - :param category_id: uuid of the subject category - :param data_id: uuid of the subject data - :param user_id: user ID who do the request - :return: [{ - "result": "True or False", - "message": "optional message" - }] - :internal_api: delete_subject_data - """ - try: - data = PolicyManager.delete_subject_data(user_id=user_id, - policy_id=uuid, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - -class ObjectData(Resource): - """ - Endpoint for object data requests - """ - - __urls__ = ( - "/policies/<string:uuid>/object_data", - "/policies/<string:uuid>/object_data/", - "/policies/<string:uuid>/object_data/<string:category_id>", - "/policies/<string:uuid>/object_data/<string:category_id>/" - "<string:data_id>", - ) - - @check_auth - def get(self, uuid=None, category_id=None, data_id=None, user_id=None): - """Retrieve all object categories or a specific one if sid is given - for a given policy - - :param uuid: uuid of the policy - :param category_id: uuid of the object category - :param data_id: uuid of the object data - :param user_id: user ID who do the request - :return: [{ - "policy_id": "policy_id1", - "category_id": "category_id1", - "data": { - "object_data_id": { - "name": "name of the data", - "description": "description of the data" - } - } - }] - :internal_api: get_object_data - """ - try: - data = PolicyManager.get_object_data(user_id=user_id, - policy_id=uuid, - category_id=category_id, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"object_data": data} - - @check_auth - def post(self, uuid=None, category_id=None, data_id=None, user_id=None): - """Create or update a object. - - :param uuid: uuid of the policy - :param category_id: uuid of the object category - :param data_id: uuid of the object data - :param user_id: user ID who do the request - :request body: { - "name": "name of the data", - "description": "description of the data" - } - :return: { - "policy_id": "policy_id1", - "category_id": "category_id1", - "data": { - "object_data_id": { - "name": "name of the data", - "description": "description of the data" - } - } - } - :internal_api: add_object_data - """ - try: - data = PolicyManager.add_object_data(user_id=user_id, - policy_id=uuid, - category_id=category_id, - value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"object_data": data} - - @check_auth - def delete(self, uuid=None, category_id=None, data_id=None, user_id=None): - """Delete a object for a given policy - - :param uuid: uuid of the policy - :param category_id: uuid of the object category - :param data_id: uuid of the object data - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_object_data - """ - try: - data = PolicyManager.delete_object_data(user_id=user_id, - policy_id=uuid, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - -class ActionData(Resource): - """ - Endpoint for action data requests - """ - - __urls__ = ( - "/policies/<string:uuid>/action_data", - "/policies/<string:uuid>/action_data/", - "/policies/<string:uuid>/action_data/<string:category_id>", - "/policies/<string:uuid>/action_data/<string:category_id>/" - "<string:data_id>", - ) - - @check_auth - def get(self, uuid=None, category_id=None, data_id=None, user_id=None): - """Retrieve all action categories or a specific one if sid is given - for a given policy - - :param uuid: uuid of the policy - :param category_id: uuid of the action category - :param data_id: uuid of the action data - :param user_id: user ID who do the request - :return: [{ - "policy_id": "policy_id1", - "category_id": "category_id1", - "data": { - "action_data_id": { - "name": "name of the data", - "description": "description of the data" - } - } - }] - :internal_api: get_action_data - """ - try: - data = PolicyManager.get_action_data(user_id=user_id, - policy_id=uuid, - category_id=category_id, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"action_data": data} - - @check_auth - def post(self, uuid=None, category_id=None, data_id=None, user_id=None): - """Create or update a action. - - :param uuid: uuid of the policy - :param category_id: uuid of the action category - :param data_id: uuid of the action data - :param user_id: user ID who do the request - :request body: { - "name": "name of the data", - "description": "description of the data" - } - :return: { - "policy_id": "policy_id1", - "category_id": "category_id1", - "data": { - "action_data_id": { - "name": "name of the data", - "description": "description of the data" - } - } - } - :internal_api: add_action_data - """ - try: - data = PolicyManager.add_action_data(user_id=user_id, - policy_id=uuid, - category_id=category_id, - value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"action_data": data} - - @check_auth - def delete(self, uuid=None, category_id=None, data_id=None, user_id=None): - """Delete a action for a given policy - - :param uuid: uuid of the policy - :param category_id: uuid of the action category - :param data_id: uuid of the action data - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_action_data - """ - try: - data = PolicyManager.delete_action_data(user_id=user_id, - policy_id=uuid, - data_id=data_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - diff --git a/moonv4/moon_manager/moon_manager/api/generic.py b/moonv4/moon_manager/moon_manager/api/generic.py deleted file mode 100644 index bd7dcdac..00000000 --- a/moonv4/moon_manager/moon_manager/api/generic.py +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -Those API are helping API used to manage the Moon platform. -""" - -from flask_restful import Resource, request -from oslo_log import log as logging -import moon_manager.api -from python_moonutilities.security_functions import check_auth - -__version__ = "0.1.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class Status(Resource): - """ - Endpoint for status requests - """ - - __urls__ = ("/status", "/status/", "/status/<string:component_id>") - - def get(self, component_id=None): - """Retrieve status of all components - - :return: { - "orchestrator": { - "status": "Running" - }, - "security_router": { - "status": "Running" - } - } - """ - raise NotImplemented - - -class Logs(Resource): - """ - Endpoint for logs requests - """ - - __urls__ = ("/logs", "/logs/", "/logs/<string:component_id>") - - def get(self, component_id=None): - """Get logs from the Moon platform - - :param component_id: the ID of the component your are looking for (optional) - :return: [ - "2015-04-15-13:45:20 - "2015-04-15-13:45:21 - "2015-04-15-13:45:22 - "2015-04-15-13:45:23 - ] - """ - filter_str = request.args.get('filter', '') - from_str = request.args.get('from', '') - to_str = request.args.get('to', '') - event_number = request.args.get('event_number', '') - try: - event_number = int(event_number) - except ValueError: - event_number = None - args = dict() - args["filter"] = filter_str - args["from"] = from_str - args["to"] = to_str - args["event_number"] = event_number - - raise NotImplemented - - -class API(Resource): - """ - Endpoint for API requests - """ - - __urls__ = ( - "/api", - "/api/", - "/api/<string:group_id>", - "/api/<string:group_id>/", - "/api/<string:group_id>/<string:endpoint_id>") - - @check_auth - def get(self, group_id="", endpoint_id="", user_id=""): - """Retrieve all API endpoints or a specific endpoint if endpoint_id is given - - :param group_id: the name of one existing group (ie generic, ...) - :param endpoint_id: the name of one existing component (ie Logs, Status, ...) - :return: { - "group_name": { - "endpoint_name": { - "description": "a description", - "methods": { - "get": "description of the HTTP method" - }, - "urls": ('/api', '/api/', '/api/<string:endpoint_id>') - } - } - """ - __methods = ("get", "post", "put", "delete", "options", "patch") - api_list = filter(lambda x: "__" not in x, dir(moon_manager.api)) - api_desc = dict() - for api_name in api_list: - api_desc[api_name] = {} - group_api_obj = eval("moon_manager.api.{}".format(api_name)) - api_desc[api_name]["description"] = group_api_obj.__doc__ - if "__version__" in dir(group_api_obj): - api_desc[api_name]["version"] = group_api_obj.__version__ - object_list = list(filter(lambda x: "__" not in x, dir(group_api_obj))) - for obj in map(lambda x: eval("moon_manager.api.{}.{}".format(api_name, x)), object_list): - if "__urls__" in dir(obj): - api_desc[api_name][obj.__name__] = dict() - api_desc[api_name][obj.__name__]["urls"] = obj.__urls__ - api_desc[api_name][obj.__name__]["methods"] = dict() - for _method in filter(lambda x: x in __methods, dir(obj)): - docstring = eval("moon_manager.api.{}.{}.{}.__doc__".format(api_name, obj.__name__, _method)) - api_desc[api_name][obj.__name__]["methods"][_method] = docstring - api_desc[api_name][obj.__name__]["description"] = str(obj.__doc__) - if group_id in api_desc: - if endpoint_id in api_desc[group_id]: - return {group_id: {endpoint_id: api_desc[group_id][endpoint_id]}} - elif len(endpoint_id) > 0: - LOG.error("Unknown endpoint_id {}".format(endpoint_id)) - return {"error": "Unknown endpoint_id {}".format(endpoint_id)} - return {group_id: api_desc[group_id]} - return api_desc diff --git a/moonv4/moon_manager/moon_manager/api/meta_data.py b/moonv4/moon_manager/moon_manager/api/meta_data.py deleted file mode 100644 index 9dc04cc7..00000000 --- a/moonv4/moon_manager/moon_manager/api/meta_data.py +++ /dev/null @@ -1,267 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -Meta Data are elements used to create Meta data (skeleton of security policies) - -""" - -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moondb.core import ModelManager - -__version__ = "0.2.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class SubjectCategories(Resource): - """ - Endpoint for subject categories requests - """ - - __urls__ = ( - "/subject_categories", - "/subject_categories/", - "/subject_categories/<string:category_id>", - ) - - @check_auth - def get(self, category_id=None, user_id=None): - """Retrieve all subject categories or a specific one - - :param category_id: uuid of the subject category - :param user_id: user ID who do the request - :return: { - "subject_category_id": { - "name": "name of the category", - "description": "description of the category" - } - } - :internal_api: get_subject_categories - """ - try: - data = ModelManager.get_subject_categories( - user_id=user_id, category_id=category_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"subject_categories": data} - - @check_auth - def post(self, category_id=None, user_id=None): - """Create or update a subject category. - - :param category_id: must not be used here - :param user_id: user ID who do the request - :request body: { - "name": "name of the category", - "description": "description of the category" - } - :return: { - "subject_category_id": { - "name": "name of the category", - "description": "description of the category" - } - } - :internal_api: add_subject_category - """ - try: - data = ModelManager.add_subject_category( - user_id=user_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"subject_categories": data} - - @check_auth - def delete(self, category_id=None, user_id=None): - """Delete a subject category - - :param category_id: uuid of the subject category to delete - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_subject_category - """ - try: - data = ModelManager.delete_subject_category( - user_id=user_id, category_id=category_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - -class ObjectCategories(Resource): - """ - Endpoint for object categories requests - """ - - __urls__ = ( - "/object_categories", - "/object_categories/", - "/object_categories/<string:category_id>", - ) - - @check_auth - def get(self, category_id=None, user_id=None): - """Retrieve all object categories or a specific one - - :param category_id: uuid of the object category - :param user_id: user ID who do the request - :return: { - "object_category_id": { - "name": "name of the category", - "description": "description of the category" - } - } - :internal_api: get_object_categories - """ - try: - data = ModelManager.get_object_categories( - user_id=user_id, category_id=category_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"object_categories": data} - - @check_auth - def post(self, category_id=None, user_id=None): - """Create or update a object category. - - :param category_id: must not be used here - :param user_id: user ID who do the request - :request body: { - "name": "name of the category", - "description": "description of the category" - } - :return: { - "object_category_id": { - "name": "name of the category", - "description": "description of the category" - } - } - :internal_api: add_object_category - """ - try: - data = ModelManager.add_object_category( - user_id=user_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"object_categories": data} - - @check_auth - def delete(self, category_id=None, user_id=None): - """Delete an object category - - :param category_id: uuid of the object category to delete - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_object_category - """ - try: - data = ModelManager.delete_object_category( - user_id=user_id, category_id=category_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - -class ActionCategories(Resource): - """ - Endpoint for action categories requests - """ - - __urls__ = ( - "/action_categories", - "/action_categories/", - "/action_categories/<string:category_id>", - ) - - @check_auth - def get(self, category_id=None, user_id=None): - """Retrieve all action categories or a specific one - - :param category_id: uuid of the action category - :param user_id: user ID who do the request - :return: { - "action_category_id": { - "name": "name of the category", - "description": "description of the category" - } - } - :internal_api: get_action_categories - """ - try: - data = ModelManager.get_action_categories( - user_id=user_id, category_id=category_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"action_categories": data} - - @check_auth - def post(self, category_id=None, user_id=None): - """Create or update an action category. - - :param category_id: must not be used here - :param user_id: user ID who do the request - :request body: { - "name": "name of the category", - "description": "description of the category" - } - :return: { - "action_category_id": { - "name": "name of the category", - "description": "description of the category" - } - } - :internal_api: add_action_category - """ - try: - data = ModelManager.add_action_category( - user_id=user_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"action_categories": data} - - @check_auth - def delete(self, category_id=None, user_id=None): - """Delete an action - - :param category_id: uuid of the action category to delete - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_action_category - """ - try: - data = ModelManager.delete_action_category( - user_id=user_id, category_id=category_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} diff --git a/moonv4/moon_manager/moon_manager/api/meta_rules.py b/moonv4/moon_manager/moon_manager/api/meta_rules.py deleted file mode 100644 index ceba0ffb..00000000 --- a/moonv4/moon_manager/moon_manager/api/meta_rules.py +++ /dev/null @@ -1,164 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -Meta rules are skeleton for security policies - -""" - -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moondb.core import ModelManager - -__version__ = "0.1.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class MetaRules(Resource): - """ - Endpoint for meta rules requests - """ - - __urls__ = ("/meta_rules", - "/meta_rules/", - "/meta_rules/<string:meta_rule_id>", - "/meta_rules/<string:meta_rule_id>/") - - @check_auth - def get(self, meta_rule_id=None, user_id=None): - """Retrieve all sub meta rules - - :param meta_rule_id: Meta rule algorithm ID - :param user_id: user ID who do the request - :return: { - "meta_rules": { - "meta_rule_id1": { - "name": "name of the meta rule", - "algorithm": "name of the meta rule algorithm", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - }, - } - } - :internal_api: get_meta_rules - """ - try: - data = ModelManager.get_meta_rules( - user_id=user_id, meta_rule_id=meta_rule_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"meta_rules": data} - - @check_auth - def post(self, meta_rule_id=None, user_id=None): - """Add a meta rule - - :param meta_rule_id: Meta rule ID - :param user_id: user ID who do the request - :request body: post = { - "name": "name of the meta rule", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - } - :return: { - "meta_rules": { - "meta_rule_id1": { - "name": "name of the meta rule", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - }, - } - } - :internal_api: add_meta_rules - """ - try: - data = ModelManager.add_meta_rule( - user_id=user_id, meta_rule_id=None, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"meta_rules": data} - - @check_auth - def patch(self, meta_rule_id=None, user_id=None): - """Update a meta rule - - :param meta_rule_id: Meta rule ID - :param user_id: user ID who do the request - :request body: patch = { - "name": "name of the meta rule", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - } - :return: { - "meta_rules": { - "meta_rule_id1": { - "name": "name of the meta rule", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - }, - } - } - :internal_api: set_meta_rules - """ - try: - data = ModelManager.set_meta_rule( - user_id=user_id, meta_rule_id=meta_rule_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"meta_rules": data} - - @check_auth - def delete(self, meta_rule_id=None, user_id=None): - """Delete a meta rule - - :param meta_rule_id: Meta rule ID - :param user_id: user ID who do the request - :request body: delete = { - "name": "name of the meta rule", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - } - :return: { - "meta_rules": { - "meta_rule_id1": { - "name": "name of the meta rule", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - }, - } - } - :internal_api: delete_meta_rules - """ - try: - data = ModelManager.delete_meta_rule( - user_id=user_id, meta_rule_id=meta_rule_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - diff --git a/moonv4/moon_manager/moon_manager/api/models.py b/moonv4/moon_manager/moon_manager/api/models.py deleted file mode 100644 index 62866191..00000000 --- a/moonv4/moon_manager/moon_manager/api/models.py +++ /dev/null @@ -1,127 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -Models aggregate multiple meta rules -""" - -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moondb.core import ModelManager - -__version__ = "0.1.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class Models(Resource): - """ - Endpoint for model requests - """ - - __urls__ = ( - "/models", - "/models/", - "/models/<string:uuid>", - "/models/<string:uuid>/", - ) - - @check_auth - def get(self, uuid=None, user_id=None): - """Retrieve all models - - :param uuid: uuid of the model - :param user_id: user ID who do the request - :return: { - "model_id1": { - "name": "...", - "description": "...", - "meta_rules": ["meta_rule_id1", ] - } - } - :internal_api: get_models - """ - try: - data = ModelManager.get_models(user_id=user_id, model_id=uuid) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"models": data} - - @check_auth - def post(self, uuid=None, user_id=None): - """Create model. - - :param uuid: uuid of the model (not used here) - :param user_id: user ID who do the request - :request body: { - "name": "...", - "description": "...", - "meta_rules": ["meta_rule_id1", ] - } - :return: { - "model_id1": { - "name": "...", - "description": "...", - "meta_rules": ["meta_rule_id1", ] - } - } - :internal_api: add_model - """ - try: - data = ModelManager.add_model( - user_id=user_id, model_id=uuid, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"models": data} - - @check_auth - def delete(self, uuid=None, user_id=None): - """Delete a model - - :param uuid: uuid of the model to delete - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_model - """ - try: - data = ModelManager.delete_model(user_id=user_id, model_id=uuid) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - @check_auth - def patch(self, uuid=None, user_id=None): - """Update a model - - :param uuid: uuid of the model to update - :param user_id: user ID who do the request - :return: { - "model_id1": { - "name": "...", - "description": "...", - "meta_rules": ["meta_rule_id1", ] - } - } - :internal_api: update_model - """ - try: - data = ModelManager.update_model( - user_id=user_id, model_id=uuid, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"models": data} - diff --git a/moonv4/moon_manager/moon_manager/api/pdp.py b/moonv4/moon_manager/moon_manager/api/pdp.py deleted file mode 100644 index 9183c25d..00000000 --- a/moonv4/moon_manager/moon_manager/api/pdp.py +++ /dev/null @@ -1,181 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -PDP are Policy Decision Point. - -""" - -from flask import request -from flask_restful import Resource -import logging -import requests -import time -from python_moonutilities.security_functions import check_auth -from python_moondb.core import PDPManager -from python_moondb.core import PolicyManager -from python_moondb.core import ModelManager -from python_moonutilities import configuration - -__version__ = "0.1.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -def delete_pod(uuid): - raise NotImplementedError - - -def add_pod(uuid, data): - if not data.get("keystone_project_id"): - return - LOG.info("Add a new pod {}".format(data)) - if "pdp_id" not in data: - data["pdp_id"] = uuid - data['policies'] = PolicyManager.get_policies(user_id="admin") - data['models'] = ModelManager.get_models(user_id="admin") - conf = configuration.get_configuration("components/orchestrator") - hostname = conf["components/orchestrator"].get("hostname", "orchestrator") - port = conf["components/orchestrator"].get("port", 80) - proto = conf["components/orchestrator"].get("protocol", "http") - while True: - try: - req = requests.post( - "{}://{}:{}/pods".format(proto, hostname, port), - json=data, - headers={"content-type": "application/json"}) - except requests.exceptions.ConnectionError: - LOG.warning("Orchestrator is not ready, standby...") - time.sleep(1) - else: - break - LOG.info(req.text) - - -class PDP(Resource): - """ - Endpoint for pdp requests - """ - - __urls__ = ( - "/pdp", - "/pdp/", - "/pdp/<string:uuid>", - "/pdp/<string:uuid>/", - ) - - @check_auth - def get(self, uuid=None, user_id=None): - """Retrieve all pdp - - :param uuid: uuid of the pdp - :param user_id: user ID who do the request - :return: { - "pdp_id1": { - "name": "...", - "security_pipeline": [...], - "keystone_project_id": "keystone_project_id1", - "description": "...", - } - } - :internal_api: get_pdp - """ - try: - data = PDPManager.get_pdp(user_id=user_id, pdp_id=uuid) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"pdps": data} - - @check_auth - def post(self, uuid=None, user_id=None): - """Create pdp. - - :param uuid: uuid of the pdp (not used here) - :param user_id: user ID who do the request - :request body: { - "name": "...", - "security_pipeline": [...], - "keystone_project_id": "keystone_project_id1", - "description": "...", - } - :return: { - "pdp_id1": { - "name": "...", - "security_pipeline": [...], - "keystone_project_id": "keystone_project_id1", - "description": "...", - } - } - :internal_api: add_pdp - """ - try: - data = dict(request.json) - if not data.get("keystone_project_id"): - data["keystone_project_id"] = None - data = PDPManager.add_pdp( - user_id=user_id, pdp_id=None, value=request.json) - uuid = list(data.keys())[0] - LOG.info("data={}".format(data)) - LOG.info("uuid={}".format(uuid)) - add_pod(uuid=uuid, data=data[uuid]) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"pdps": data} - - @check_auth - def delete(self, uuid=None, user_id=None): - """Delete a pdp - - :param uuid: uuid of the pdp to delete - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_pdp - """ - try: - data = PDPManager.delete_pdp(user_id=user_id, pdp_id=uuid) - delete_pod(uuid) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - @check_auth - def patch(self, uuid=None, user_id=None): - """Update a pdp - - :param uuid: uuid of the pdp to update - :param user_id: user ID who do the request - :return: { - "pdp_id1": { - "name": "...", - "security_pipeline": [...], - "keystone_project_id": "keystone_project_id1", - "description": "...", - } - } - :internal_api: update_pdp - """ - try: - _data = dict(request.json) - if not _data.get("keystone_project_id"): - _data["keystone_project_id"] = None - data = PDPManager.update_pdp( - user_id=user_id, pdp_id=uuid, value=_data) - LOG.info("data={}".format(data)) - LOG.info("uuid={}".format(uuid)) - add_pod(uuid=uuid, data=data[uuid]) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"pdps": data} - diff --git a/moonv4/moon_manager/moon_manager/api/perimeter.py b/moonv4/moon_manager/moon_manager/api/perimeter.py deleted file mode 100644 index 8196e627..00000000 --- a/moonv4/moon_manager/moon_manager/api/perimeter.py +++ /dev/null @@ -1,447 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -* Subjects are the source of an action on an object - (examples : users, virtual machines) -* Objects are the destination of an action - (examples virtual machines, virtual Routers) -* Actions are what subject wants to do on an object -""" - -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moondb.core import PolicyManager - -__version__ = "0.2.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class Subjects(Resource): - """ - Endpoint for subjects requests - """ - - __urls__ = ( - "/subjects", - "/subjects/", - "/subjects/<string:perimeter_id>", - "/policies/<string:uuid>/subjects", - "/policies/<string:uuid>/subjects/", - "/policies/<string:uuid>/subjects/<string:perimeter_id>", - ) - - @check_auth - def get(self, uuid=None, perimeter_id=None, user_id=None): - """Retrieve all subjects or a specific one if perimeter_id is - given for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the subject - :param user_id: user ID who do the request - :return: { - "subject_id": { - "name": "name of the subject", - "keystone_id": "keystone id of the subject", - "description": "a description" - } - } - :internal_api: get_subjects - """ - try: - data = PolicyManager.get_subjects( - user_id=user_id, - policy_id=uuid, - perimeter_id=perimeter_id - ) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"subjects": data} - - @check_auth - def post(self, uuid=None, perimeter_id=None, user_id=None): - """Create or update a subject. - - :param uuid: uuid of the policy - :param perimeter_id: must not be used here - :param user_id: user ID who do the request - :request body: { - "name": "name of the subject", - "description": "description of the subject", - "password": "password for the subject", - "email": "email address of the subject" - } - :return: { - "subject_id": { - "name": "name of the subject", - "keystone_id": "keystone id of the subject", - "description": "description of the subject", - "password": "password for the subject", - "email": "email address of the subject" - } - } - :internal_api: set_subject - """ - try: - if not perimeter_id: - data = PolicyManager.get_subjects(user_id=user_id, - policy_id=None) - if 'name' in request.json: - for data_id, data_value in data.items(): - if data_value['name'] == request.json['name']: - perimeter_id = data_id - break - data = PolicyManager.add_subject( - user_id=user_id, policy_id=uuid, - perimeter_id=perimeter_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"subjects": data} - - @check_auth - def patch(self, uuid=None, perimeter_id=None, user_id=None): - """Create or update a subject. - - :param uuid: uuid of the policy - :param perimeter_id: must not be used here - :param user_id: user ID who do the request - :request body: { - "name": "name of the subject", - "description": "description of the subject", - "password": "password for the subject", - "email": "email address of the subject" - } - :return: { - "subject_id": { - "name": "name of the subject", - "keystone_id": "keystone id of the subject", - "description": "description of the subject", - "password": "password for the subject", - "email": "email address of the subject" - } - } - :internal_api: set_subject - """ - try: - if not perimeter_id: - data = PolicyManager.get_subjects(user_id=user_id, - policy_id=None) - if 'name' in request.json: - for data_id, data_value in data.items(): - if data_value['name'] == request.json['name']: - perimeter_id = data_id - break - data = PolicyManager.add_subject( - user_id=user_id, policy_id=uuid, - perimeter_id=perimeter_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"subjects": data} - - @check_auth - def delete(self, uuid=None, perimeter_id=None, user_id=None): - """Delete a subject for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the subject - :param user_id: user ID who do the request - :return: { - "subject_id": { - "name": "name of the subject", - "keystone_id": "keystone id of the subject", - "description": "description of the subject", - "password": "password for the subject", - "email": "email address of the subject" - } - } - :internal_api: delete_subject - """ - try: - data = PolicyManager.delete_subject( - user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - -class Objects(Resource): - """ - Endpoint for objects requests - """ - - __urls__ = ( - "/objects", - "/objects/", - "/objects/<string:perimeter_id>", - "/policies/<string:uuid>/objects", - "/policies/<string:uuid>/objects/", - "/policies/<string:uuid>/objects/<string:perimeter_id>", - ) - - @check_auth - def get(self, uuid=None, perimeter_id=None, user_id=None): - """Retrieve all objects or a specific one if perimeter_id is - given for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the object - :param user_id: user ID who do the request - :return: { - "object_id": { - "name": "name of the object", - "description": "description of the object" - } - } - :internal_api: get_objects - """ - try: - data = PolicyManager.get_objects( - user_id=user_id, - policy_id=uuid, - perimeter_id=perimeter_id - ) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"objects": data} - - @check_auth - def post(self, uuid=None, perimeter_id=None, user_id=None): - """Create or update a object. - - :param uuid: uuid of the policy - :param perimeter_id: must not be used here - :param user_id: user ID who do the request - :request body: { - "object_name": "name of the object", - "object_description": "description of the object" - } - :return: { - "object_id": { - "name": "name of the object", - "description": "description of the object" - } - } - :internal_api: set_object - """ - try: - data = PolicyManager.get_objects(user_id=user_id, policy_id=None) - if 'name' in request.json: - for data_id, data_value in data.items(): - if data_value['name'] == request.json['name']: - perimeter_id = data_id - break - data = PolicyManager.add_object( - user_id=user_id, policy_id=uuid, - perimeter_id=perimeter_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"objects": data} - - @check_auth - def patch(self, uuid=None, perimeter_id=None, user_id=None): - """Create or update a object. - - :param uuid: uuid of the policy - :param perimeter_id: must not be used here - :param user_id: user ID who do the request - :request body: { - "object_name": "name of the object", - "object_description": "description of the object" - } - :return: { - "object_id": { - "name": "name of the object", - "description": "description of the object" - } - } - :internal_api: set_object - """ - try: - data = PolicyManager.get_objects(user_id=user_id, policy_id=None) - if 'name' in request.json: - for data_id, data_value in data.items(): - if data_value['name'] == request.json['name']: - perimeter_id = data_id - break - data = PolicyManager.add_object( - user_id=user_id, policy_id=uuid, - perimeter_id=perimeter_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"objects": data} - - @check_auth - def delete(self, uuid=None, perimeter_id=None, user_id=None): - """Delete a object for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the object - :param user_id: user ID who do the request - :return: { - "object_id": { - "name": "name of the object", - "description": "description of the object" - } - } - :internal_api: delete_object - """ - try: - data = PolicyManager.delete_object( - user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - -class Actions(Resource): - """ - Endpoint for actions requests - """ - - __urls__ = ( - "/actions", - "/actions/", - "/actions/<string:perimeter_id>", - "/policies/<string:uuid>/actions", - "/policies/<string:uuid>/actions/", - "/policies/<string:uuid>/actions/<string:perimeter_id>", - ) - - @check_auth - def get(self, uuid=None, perimeter_id=None, user_id=None): - """Retrieve all actions or a specific one if perimeter_id - is given for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the action - :param user_id: user ID who do the request - :return: { - "action_id": { - "name": "name of the action", - "description": "description of the action" - } - } - :internal_api: get_actions - """ - try: - data = PolicyManager.get_actions( - user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"actions": data} - - @check_auth - def post(self, uuid=None, perimeter_id=None, user_id=None): - """Create or update a action. - - :param uuid: uuid of the policy - :param perimeter_id: must not be used here - :param user_id: user ID who do the request - :request body: { - "name": "name of the action", - "description": "description of the action" - } - :return: { - "action_id": { - "name": "name of the action", - "description": "description of the action" - } - } - :internal_api: set_action - """ - try: - data = PolicyManager.get_actions(user_id=user_id, policy_id=None) - if 'name' in request.json: - for data_id, data_value in data.items(): - if data_value['name'] == request.json['name']: - perimeter_id = data_id - break - data = PolicyManager.add_action( - user_id=user_id, policy_id=uuid, - perimeter_id=perimeter_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"actions": data} - - @check_auth - def patch(self, uuid=None, perimeter_id=None, user_id=None): - """Create or update a action. - - :param uuid: uuid of the policy - :param perimeter_id: must not be used here - :param user_id: user ID who do the request - :request body: { - "name": "name of the action", - "description": "description of the action" - } - :return: { - "action_id": { - "name": "name of the action", - "description": "description of the action" - } - } - :internal_api: set_action - """ - try: - data = PolicyManager.get_actions(user_id=user_id, policy_id=None) - if 'name' in request.json: - for data_id, data_value in data.items(): - if data_value['name'] == request.json['name']: - perimeter_id = data_id - break - data = PolicyManager.add_action( - user_id=user_id, policy_id=uuid, - perimeter_id=perimeter_id, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"actions": data} - - @check_auth - def delete(self, uuid=None, perimeter_id=None, user_id=None): - """Delete a action for a given policy - - :param uuid: uuid of the policy - :param perimeter_id: uuid of the action - :param user_id: user ID who do the request - :return: { - "action_id": { - "name": "name of the action", - "description": "description of the action" - } - } - :internal_api: delete_action - """ - try: - data = PolicyManager.delete_action( - user_id=user_id, policy_id=uuid, perimeter_id=perimeter_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} diff --git a/moonv4/moon_manager/moon_manager/api/policies.py b/moonv4/moon_manager/moon_manager/api/policies.py deleted file mode 100644 index f34276bb..00000000 --- a/moonv4/moon_manager/moon_manager/api/policies.py +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -Policies are instances of security models and implement security policies - -""" - -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moondb.core import PolicyManager - -__version__ = "0.1.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class Policies(Resource): - """ - Endpoint for policy requests - """ - - __urls__ = ( - "/policies", - "/policies/", - "/policies/<string:uuid>", - "/policies/<string:uuid>/", - ) - - @check_auth - def get(self, uuid=None, user_id=None): - """Retrieve all policies - - :param uuid: uuid of the policy - :param user_id: user ID who do the request - :return: { - "policy_id1": { - "name": "...", - "model_id": "...", - "genre": "...", - "description": "...", - } - } - :internal_api: get_policies - """ - try: - data = PolicyManager.get_policies(user_id=user_id, policy_id=uuid) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"policies": data} - - @check_auth - def post(self, uuid=None, user_id=None): - """Create policy. - - :param uuid: uuid of the policy (not used here) - :param user_id: user ID who do the request - :request body: { - "name": "...", - "model_id": "...", - "genre": "...", - "description": "...", - } - :return: { - "policy_id1": { - "name": "...", - "model_id": "...", - "genre": "...", - "description": "...", - } - } - :internal_api: add_policy - """ - try: - data = PolicyManager.add_policy( - user_id=user_id, policy_id=uuid, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"policies": data} - - @check_auth - def delete(self, uuid=None, user_id=None): - """Delete a policy - - :param uuid: uuid of the policy to delete - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_policy - """ - try: - data = PolicyManager.delete_policy(user_id=user_id, policy_id=uuid) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - - @check_auth - def patch(self, uuid=None, user_id=None): - """Update a policy - - :param uuid: uuid of the policy to update - :param user_id: user ID who do the request - :return: { - "policy_id1": { - "name": "...", - "model_id": "...", - "genre": "...", - "description": "...", - } - } - :internal_api: update_policy - """ - try: - data = PolicyManager.update_policy( - user_id=user_id, policy_id=uuid, value=request.json) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"policies": data} - diff --git a/moonv4/moon_manager/moon_manager/api/rules.py b/moonv4/moon_manager/moon_manager/api/rules.py deleted file mode 100644 index b25365df..00000000 --- a/moonv4/moon_manager/moon_manager/api/rules.py +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -Rules (TODO) -""" - -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moondb.core import PolicyManager - -__version__ = "0.1.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class Rules(Resource): - """ - Endpoint for rules requests - """ - - __urls__ = ("/policies/<string:uuid>/rules", - "/policies/<string:uuid>/rules/", - "/policies/<string:uuid>/rules/<string:rule_id>", - "/policies/<string:uuid>/rules/<string:rule_id>/", - ) - - @check_auth - def get(self, uuid=None, rule_id=None, user_id=None): - """Retrieve all rules or a specific one - - :param uuid: policy ID - :param rule_id: rule ID - :param user_id: user ID who do the request - :return: { - "rules": [ - "policy_id": "policy_id1", - "meta_rule_id": "meta_rule_id1", - "rule_id1": - ["subject_data_id1", "object_data_id1", "action_data_id1"], - "rule_id2": - ["subject_data_id2", "object_data_id2", "action_data_id2"], - ] - } - :internal_api: get_rules - """ - try: - data = PolicyManager.get_rules(user_id=user_id, - policy_id=uuid, - rule_id=rule_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"rules": data} - - @check_auth - def post(self, uuid=None, rule_id=None, user_id=None): - """Add a rule to a meta rule - - :param uuid: policy ID - :param rule_id: rule ID - :param user_id: user ID who do the request - :request body: post = { - "meta_rule_id": "meta_rule_id1", - "rule": ["subject_data_id2", "object_data_id2", "action_data_id2"], - "instructions": ( - {"decision": "grant"}, - ) - "enabled": True - } - :return: { - "rules": [ - "meta_rule_id": "meta_rule_id1", - "rule_id1": { - "rule": ["subject_data_id1", - "object_data_id1", - "action_data_id1"], - "instructions": ( - {"decision": "grant"}, - # "grant" to immediately exit, - # "continue" to wait for the result of next policy - # "deny" to deny the request - ) - } - "rule_id2": { - "rule": ["subject_data_id2", - "object_data_id2", - "action_data_id2"], - "instructions": ( - { - "update": { - "operation": "add", - # operations may be "add" or "delete" - "target": "rbac:role:admin" - # add the role admin to the current user - } - }, - {"chain": {"name": "rbac"}} - # chain with the policy named rbac - ) - } - ] - } - :internal_api: add_rule - """ - args = request.json - try: - data = PolicyManager.add_rule(user_id=user_id, - policy_id=uuid, - meta_rule_id=args['meta_rule_id'], - value=args) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"rules": data} - - @check_auth - def delete(self, uuid=None, rule_id=None, user_id=None): - """Delete one rule linked to a specific sub meta rule - - :param uuid: policy ID - :param rule_id: rule ID - :param user_id: user ID who do the request - :return: { "result": true } - :internal_api: delete_rule - """ - try: - data = PolicyManager.delete_rule( - user_id=user_id, policy_id=uuid, rule_id=rule_id) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"result": True} - diff --git a/moonv4/moon_manager/moon_manager/http_server.py b/moonv4/moon_manager/moon_manager/http_server.py deleted file mode 100644 index 584e71a2..00000000 --- a/moonv4/moon_manager/moon_manager/http_server.py +++ /dev/null @@ -1,157 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -from flask import Flask, jsonify -from flask_cors import CORS, cross_origin -from flask_restful import Resource, Api -import logging -import sqlalchemy.exc -import time -from moon_manager import __version__ -from moon_manager.api.generic import Status, Logs, API -from moon_manager.api.models import Models -from moon_manager.api.policies import Policies -from moon_manager.api.pdp import PDP -from moon_manager.api.meta_rules import MetaRules -from moon_manager.api.meta_data import SubjectCategories, ObjectCategories, ActionCategories -from moon_manager.api.perimeter import Subjects, Objects, Actions -from moon_manager.api.data import SubjectData, ObjectData, ActionData -from moon_manager.api.assignments import SubjectAssignments, ObjectAssignments, ActionAssignments -from moon_manager.api.rules import Rules -# from moon_manager.api.containers import Container -from python_moonutilities import configuration, exceptions -from python_moondb.core import PDPManager - - -LOG = logging.getLogger("moon.manager.http") - - -class Server: - """Base class for HTTP server""" - - def __init__(self, host="localhost", port=80, api=None, **kwargs): - """Run a server - - :param host: hostname of the server - :param port: port for the running server - :param kwargs: optional parameters - :return: a running server - """ - self._host = host - self._port = port - self._api = api - self._extra = kwargs - - @property - def host(self): - return self._host - - @host.setter - def host(self, name): - self._host = name - - @host.deleter - def host(self): - self._host = "" - - @property - def port(self): - return self._port - - @port.setter - def port(self, number): - self._port = number - - @port.deleter - def port(self): - self._port = 80 - - def run(self): - raise NotImplementedError() - -__API__ = ( - Status, Logs, API, - MetaRules, SubjectCategories, ObjectCategories, ActionCategories, - Subjects, Objects, Actions, - SubjectAssignments, ObjectAssignments, ActionAssignments, - SubjectData, ObjectData, ActionData, - Rules, #Container, - Models, Policies, PDP - ) - - -class Root(Resource): - """ - The root of the web service - """ - __urls__ = ("/", ) - __methods = ("get", "post", "put", "delete", "options") - - def get(self): - tree = {"/": {"methods": ("get",), "description": "List all methods for that service."}} - for item in __API__: - tree[item.__name__] = {"urls": item.__urls__} - _methods = [] - for _method in self.__methods: - if _method in dir(item): - _methods.append(_method) - tree[item.__name__]["methods"] = _methods - tree[item.__name__]["description"] = item.__doc__.strip() - return { - "version": __version__, - "tree": tree - } - - -class HTTPServer(Server): - - def __init__(self, host="localhost", port=80, **kwargs): - super(HTTPServer, self).__init__(host=host, port=port, **kwargs) - self.app = Flask(__name__) - conf = configuration.get_configuration("components/manager") - self.manager_hostname = conf["components/manager"].get("hostname", "manager") - self.manager_port = conf["components/manager"].get("port", 80) - #Todo : specify only few urls instead of * - CORS(self.app) - self.api = Api(self.app) - self.__set_route() - self.__hook_errors() - - def __hook_errors(self): - - def get_404_json(e): - return jsonify({"result": False, "code": 404, "description": str(e)}), 404 - self.app.register_error_handler(404, get_404_json) - - def get_400_json(e): - return jsonify({"result": False, "code": 400, "description": str(e)}), 400 - self.app.register_error_handler(400, lambda e: get_400_json) - self.app.register_error_handler(403, exceptions.AuthException) - - def __set_route(self): - self.api.add_resource(Root, '/') - - for api in __API__: - self.api.add_resource(api, *api.__urls__) - - @staticmethod - def __check_if_db_is_up(): - first = True - while True: - try: - PDPManager.get_pdp(user_id="admin", pdp_id=None) - except sqlalchemy.exc.ProgrammingError: - time.sleep(1) - if first: - LOG.warning("Waiting for the database...") - first = False - else: - LOG.warning("Database is up, resuming operations...") - break - - def run(self): - self.__check_if_db_is_up() - self.app.run(debug=True, host=self._host, port=self._port) # nosec - diff --git a/moonv4/moon_manager/moon_manager/server.py b/moonv4/moon_manager/moon_manager/server.py deleted file mode 100644 index bcc52cb3..00000000 --- a/moonv4/moon_manager/moon_manager/server.py +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -import os -from oslo_config import cfg -from oslo_log import log as logging -from python_moonutilities import configuration, exceptions -from moon_manager.http_server import HTTPServer - -LOG = logging.getLogger("moon.manager") -CONF = cfg.CONF -DOMAIN = "moon_manager" - -__CWD__ = os.path.dirname(os.path.abspath(__file__)) - - -def main(): - configuration.init_logging() - try: - conf = configuration.get_configuration("components/manager") - hostname = conf["components/manager"].get("hostname", "manager") - port = conf["components/manager"].get("port", 80) - bind = conf["components/manager"].get("bind", "127.0.0.1") - except exceptions.ConsulComponentNotFound: - hostname = "manager" - bind = "127.0.0.1" - port = 80 - configuration.add_component(uuid="manager", name=hostname, port=port, bind=bind) - LOG.info("Starting server with IP {} on port {} bind to {}".format(hostname, port, bind)) - server = HTTPServer(host=bind, port=port) - return server - - -if __name__ == '__main__': - server = main() - server.run() |