diff options
author | WuKong <rebirthmonkey@gmail.com> | 2017-04-22 13:25:07 +0200 |
---|---|---|
committer | WuKong <rebirthmonkey@gmail.com> | 2017-04-22 13:25:07 +0200 |
commit | d182202fc6001983541504ed323d68479086317e (patch) | |
tree | 11d4c10cdd3e995f519c3e0e324968fdaf175114 /moonv4/moon_manager | |
parent | 83c1c966baf73329fab8ddcfad19ad7fe0c41c2a (diff) |
add moonv4
Change-Id: I247af788d0b0fb961fbc85416486b241eb1d807c
Signed-off-by: WuKong <rebirthmonkey@gmail.com>
Diffstat (limited to 'moonv4/moon_manager')
-rw-r--r-- | moonv4/moon_manager/LICENSE | 204 | ||||
-rw-r--r-- | moonv4/moon_manager/MANIFEST.in | 9 | ||||
-rw-r--r-- | moonv4/moon_manager/README.rst | 9 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/__init__.py | 6 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/__main__.py | 3 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/__init__.py | 0 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/generic.py | 28 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/models.py | 199 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/pdp.py | 68 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/api/policies.py | 414 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/messenger.py | 73 | ||||
-rw-r--r-- | moonv4/moon_manager/moon_manager/server.py | 25 | ||||
-rw-r--r-- | moonv4/moon_manager/requirements.txt | 5 | ||||
-rw-r--r-- | moonv4/moon_manager/setup.py | 47 |
14 files changed, 1090 insertions, 0 deletions
diff --git a/moonv4/moon_manager/LICENSE b/moonv4/moon_manager/LICENSE new file mode 100644 index 00000000..4143aac2 --- /dev/null +++ b/moonv4/moon_manager/LICENSE @@ -0,0 +1,204 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + +--- License for python-keystoneclient versions prior to 2.1 --- + +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + 3. Neither the name of this project nor the names of its contributors may + be used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/moonv4/moon_manager/MANIFEST.in b/moonv4/moon_manager/MANIFEST.in new file mode 100644 index 00000000..1f674d50 --- /dev/null +++ b/moonv4/moon_manager/MANIFEST.in @@ -0,0 +1,9 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +include README.rst +include LICENSE +include setup.py +include requirements.txt diff --git a/moonv4/moon_manager/README.rst b/moonv4/moon_manager/README.rst new file mode 100644 index 00000000..ded4e99a --- /dev/null +++ b/moonv4/moon_manager/README.rst @@ -0,0 +1,9 @@ +Core module for the Moon project +================================ + +This package contains the core module for the Moon project +It is designed to provide authorization features to all OpenStack components. + +For any other information, refer to the parent project: + + https://git.opnfv.org/moon diff --git a/moonv4/moon_manager/moon_manager/__init__.py b/moonv4/moon_manager/moon_manager/__init__.py new file mode 100644 index 00000000..903c6518 --- /dev/null +++ b/moonv4/moon_manager/moon_manager/__init__.py @@ -0,0 +1,6 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +__version__ = "0.1.0" diff --git a/moonv4/moon_manager/moon_manager/__main__.py b/moonv4/moon_manager/moon_manager/__main__.py new file mode 100644 index 00000000..0b264ce6 --- /dev/null +++ b/moonv4/moon_manager/moon_manager/__main__.py @@ -0,0 +1,3 @@ +from moon_manager.server import main + +main() diff --git a/moonv4/moon_manager/moon_manager/api/__init__.py b/moonv4/moon_manager/moon_manager/api/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/moonv4/moon_manager/moon_manager/api/__init__.py diff --git a/moonv4/moon_manager/moon_manager/api/generic.py b/moonv4/moon_manager/moon_manager/api/generic.py new file mode 100644 index 00000000..db61188b --- /dev/null +++ b/moonv4/moon_manager/moon_manager/api/generic.py @@ -0,0 +1,28 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + + +class Status(object): + """ + Retrieve the current status of all components. + """ + + __version__ = "0.1.0" + + def get_status(self, ctx, args): + return {"status": "Running"} + + +class Logs(object): + """ + Retrieve the current status of all components. + """ + + __version__ = "0.1.0" + + def get_logs(self, ctx, args): + return {"error": "NotImplemented"} + + diff --git a/moonv4/moon_manager/moon_manager/api/models.py b/moonv4/moon_manager/moon_manager/api/models.py new file mode 100644 index 00000000..6cb81439 --- /dev/null +++ b/moonv4/moon_manager/moon_manager/api/models.py @@ -0,0 +1,199 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +from oslo_log import log as logging +from oslo_config import cfg +from moon_db.core import ModelManager + +LOG = logging.getLogger(__name__) +CONF = cfg.CONF + + +class Models(object): + + def __init__(self): + self.manager = ModelManager + + def get_models(self, ctx, args): + try: + data = self.manager.get_models(user_id=ctx["user_id"], model_id=ctx["id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"models": data} + + def add_model(self, ctx, args): + try: + data = self.manager.add_model(user_id=ctx["user_id"], model_id=ctx["id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"models": data} + + def delete_model(self, ctx, args): + try: + data = self.manager.delete_model(user_id=ctx["user_id"], model_id=ctx["id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def update_model(self, ctx, args): + try: + data = self.manager.update_model(user_id=ctx["user_id"], model_id=ctx["id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"models": data} + + +class MetaRules(object): + + def __init__(self): + self.manager = ModelManager + + def add_meta_rules(self, ctx, args): + try: + data = self.manager.add_meta_rule(user_id=ctx["user_id"], meta_rule_id=None, value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"meta_rules": data} + + def delete_meta_rules(self, ctx, args): + try: + data = self.manager.delete_meta_rule(user_id=ctx["user_id"], meta_rule_id=ctx["meta_rule_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def get_meta_rules(self, ctx, args): + try: + data = self.manager.get_meta_rules(user_id=ctx["user_id"], meta_rule_id=ctx["meta_rule_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"meta_rules": data} + + def set_meta_rules(self, ctx, args): + try: + data = self.manager.set_meta_rule(user_id=ctx["user_id"], meta_rule_id=ctx["meta_rule_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"meta_rules": data} + + +class MetaData(object): + + def __init__(self): + self.manager = ModelManager + + def get_subject_categories(self, ctx, args): + try: + data = self.manager.get_subject_categories(user_id=ctx["user_id"], category_id=args["category_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"subject_categories": data} + + def set_subject_category(self, ctx, args): + try: + data = self.manager.add_subject_category(user_id=ctx["user_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"subject_categories": data} + + def delete_subject_category(self, ctx, args): + try: + data = self.manager.delete_subject_category(user_id=ctx["user_id"], category_id=args["category_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def get_object_categories(self, ctx, args): + try: + data = self.manager.get_object_categories(user_id=ctx["user_id"], category_id=args["category_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"object_categories": data} + + def set_object_category(self, ctx, args): + try: + data = self.manager.add_object_category(user_id=ctx["user_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"object_categories": data} + + def delete_object_category(self, ctx, args): + try: + data = self.manager.delete_object_category(user_id=ctx["user_id"], category_id=args["category_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def get_action_categories(self, ctx, args): + try: + data = self.manager.get_action_categories(user_id=ctx["user_id"], category_id=args["category_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"action_categories": data} + + def set_action_category(self, ctx, args): + try: + data = self.manager.add_action_category(user_id=ctx["user_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"action_categories": data} + + def delete_action_category(self, ctx, args): + try: + data = self.manager.delete_action_category(user_id=ctx["user_id"], category_id=args["category_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} diff --git a/moonv4/moon_manager/moon_manager/api/pdp.py b/moonv4/moon_manager/moon_manager/api/pdp.py new file mode 100644 index 00000000..22504628 --- /dev/null +++ b/moonv4/moon_manager/moon_manager/api/pdp.py @@ -0,0 +1,68 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +import os +import json +import copy +from uuid import uuid4 +from oslo_log import log as logging +from oslo_config import cfg +from moon_utilities import exceptions +from moon_db.core import PDPManager +from moon_utilities.misc import get_uuid_from_name +from moon_utilities.security_functions import call + +LOG = logging.getLogger(__name__) +CONF = cfg.CONF + + +class PDP(object): + + def __init__(self): + self.manager = PDPManager + + def get_pdp(self, ctx, args=None): + try: + data = self.manager.get_pdp(user_id=ctx["user_id"], pdp_id=ctx.get("id")) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"pdps": data} + + def add_pdp(self, ctx, args): + try: + data = self.manager.add_pdp(user_id=ctx["user_id"], pdp_id=None, value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"pdps": data} + + def delete_pdp(self, ctx, args): + try: + data = self.manager.delete_pdp(user_id=ctx["user_id"], pdp_id=ctx.get("id")) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def update_pdp(self, ctx, args): + try: + data = self.manager.update_pdp(user_id=ctx["user_id"], pdp_id=ctx.get("id"), value=args) + call("orchestrator", method="add_container", + ctx={"id": ctx.get("id"), "pipeline": data[ctx.get("id")]['security_pipeline']}) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"pdps": data} + + diff --git a/moonv4/moon_manager/moon_manager/api/policies.py b/moonv4/moon_manager/moon_manager/api/policies.py new file mode 100644 index 00000000..e2f332e2 --- /dev/null +++ b/moonv4/moon_manager/moon_manager/api/policies.py @@ -0,0 +1,414 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +from oslo_log import log as logging +from oslo_config import cfg +from moon_db.core import PolicyManager + +LOG = logging.getLogger(__name__) +CONF = cfg.CONF + + +class Policies(object): + + def __init__(self): + self.manager = PolicyManager + + def get_policies(self, ctx, args): + try: + data = self.manager.get_policies(user_id=ctx["user_id"], policy_id=ctx["id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"policies": data} + + def add_policy(self, ctx, args): + try: + data = self.manager.add_policy(user_id=ctx["user_id"], policy_id=ctx["id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"policies": data} + + def delete_policy(self, ctx, args): + try: + data = self.manager.delete_policy(user_id=ctx["user_id"], policy_id=ctx["id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def update_policy(self, ctx, args): + try: + data = self.manager.update_policy(user_id=ctx["user_id"], policy_id=ctx["id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"policies": data} + + +class Perimeter(object): + + def __init__(self): + self.manager = PolicyManager + + def get_subjects(self, ctx, args): + try: + data = self.manager.get_subjects(user_id=ctx["user_id"], policy_id=ctx["id"], perimeter_id=args['perimeter_id']) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"subjects": data} + + def set_subject(self, ctx, args): + try: + data = self.manager.add_subject(user_id=ctx["user_id"], policy_id=ctx["id"], + perimeter_id=ctx["perimeter_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"subjects": data} + + def delete_subject(self, ctx, args): + try: + data = self.manager.delete_subject(user_id=ctx["user_id"], policy_id=ctx["id"], perimeter_id=args["perimeter_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def get_objects(self, ctx, args): + try: + data = self.manager.get_objects(user_id=ctx["user_id"], policy_id=ctx["id"], perimeter_id=args['perimeter_id']) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"objects": data} + + def set_object(self, ctx, args): + try: + data = self.manager.add_object(user_id=ctx["user_id"], policy_id=ctx["id"], + perimeter_id=ctx["perimeter_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"objects": data} + + def delete_object(self, ctx, args): + try: + data = self.manager.delete_object(user_id=ctx["user_id"], policy_id=ctx["id"], perimeter_id=args["perimeter_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def get_actions(self, ctx, args): + try: + data = self.manager.get_actions(user_id=ctx["user_id"], policy_id=ctx["id"], perimeter_id=args['perimeter_id']) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"actions": data} + + def set_action(self, ctx, args): + try: + data = self.manager.add_action(user_id=ctx["user_id"], policy_id=ctx["id"], + perimeter_id=ctx["perimeter_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"actions": data} + + def delete_action(self, ctx, args): + try: + data = self.manager.delete_action(user_id=ctx["user_id"], policy_id=ctx["id"], perimeter_id=args["perimeter_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + +class Data(object): + + def __init__(self): + self.manager = PolicyManager + + def get_subject_data(self, ctx, args): + try: + data = self.manager.get_subject_data(user_id=ctx["user_id"], policy_id=ctx["id"], + category_id=ctx["category_id"], data_id=args["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"subject_data": data} + + def add_subject_data(self, ctx, args): + try: + data = self.manager.set_subject_data(user_id=ctx["user_id"], policy_id=ctx["id"], + category_id=ctx["category_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"subject_data": data} + + def delete_subject_data(self, ctx, args): + try: + data = self.manager.delete_subject_data(user_id=ctx["user_id"], policy_id=ctx["id"], + data_id=["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def get_object_data(self, ctx, args): + try: + data = self.manager.get_object_data(user_id=ctx["user_id"], policy_id=ctx["id"], + category_id=ctx["category_id"], data_id=args["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"object_data": data} + + def add_object_data(self, ctx, args): + try: + data = self.manager.add_object_data(user_id=ctx["user_id"], policy_id=ctx["id"], + category_id=ctx["category_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"object_data": data} + + def delete_object_data(self, ctx, args): + try: + data = self.manager.delete_object_data(user_id=ctx["user_id"], policy_id=ctx["id"], + data_id=["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def get_action_data(self, ctx, args): + try: + data = self.manager.get_action_data(user_id=ctx["user_id"], policy_id=ctx["id"], + category_id=ctx["category_id"], data_id=args["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"action_data": data} + + def add_action_data(self, ctx, args): + try: + data = self.manager.add_action_data(user_id=ctx["user_id"], policy_id=ctx["id"], + category_id=ctx["category_id"], value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"action_data": data} + + def delete_action_data(self, ctx, args): + try: + data = self.manager.delete_action_data(user_id=ctx["user_id"], policy_id=ctx["id"], + data_id=["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + +class Assignments(object): + + def __init__(self): + self.manager = PolicyManager + + def get_subject_assignments(self, ctx, args): + try: + data = self.manager.get_subject_assignments(user_id=ctx["user_id"], policy_id=ctx["id"], + subject_id=ctx["perimeter_id"], category_id=ctx["category_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"subject_assignments": data} + + def update_subject_assignment(self, ctx, args): + try: + data = self.manager.add_subject_assignment(user_id=ctx["user_id"], policy_id=ctx["id"], + subject_id=args["id"], category_id=args["category_id"], + data_id=args["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"subject_assignments": data} + + def delete_subject_assignment(self, ctx, args): + try: + data = self.manager.delete_subject_assignment(user_id=ctx["user_id"], policy_id=ctx["id"], + subject_id=ctx["perimeter_id"], category_id=ctx["category_id"], + data_id=args["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def get_object_assignments(self, ctx, args): + try: + data = self.manager.get_object_assignments(user_id=ctx["user_id"], policy_id=ctx["id"], + object_id=ctx["perimeter_id"], category_id=ctx["category_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"object_assignments": data} + + def update_object_assignment(self, ctx, args): + try: + data = self.manager.add_object_assignment(user_id=ctx["user_id"], policy_id=ctx["id"], + object_id=args["id"], category_id=args["category_id"], + data_id=args["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"object_assignments": data} + + def delete_object_assignment(self, ctx, args): + try: + data = self.manager.delete_object_assignment(user_id=ctx["user_id"], policy_id=ctx["id"], + object_id=ctx["perimeter_id"], category_id=ctx["category_id"], + data_id=args["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + def get_action_assignments(self, ctx, args): + try: + data = self.manager.get_action_assignments(user_id=ctx["user_id"], policy_id=ctx["id"], + action_id=ctx["perimeter_id"], category_id=ctx["category_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"action_assignments": data} + + def update_action_assignment(self, ctx, args): + try: + data = self.manager.add_action_assignment(user_id=ctx["user_id"], policy_id=ctx["id"], + action_id=args["id"], category_id=args["category_id"], + data_id=args["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"action_assignments": data} + + def delete_action_assignment(self, ctx, args): + try: + data = self.manager.delete_action_assignment(user_id=ctx["user_id"], policy_id=ctx["id"], + action_id=ctx["perimeter_id"], category_id=ctx["category_id"], + data_id=args["data_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} + + +class Rules(object): + + def __init__(self): + self.manager = PolicyManager + + def get_rules(self, ctx, args): + try: + data = self.manager.get_rules(user_id=ctx["user_id"], + policy_id=ctx["id"], + # meta_rule_id=ctx["meta_rule_id"], + rule_id=ctx["rule_id"]) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"rules": data} + + def add_rule(self, ctx, args): + try: + data = self.manager.add_rule(user_id=ctx["user_id"], + policy_id=ctx["id"], + meta_rule_id=args["meta_rule_id"], + value=args) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"rules": data} + + def delete_rule(self, ctx, args): + try: + data = self.manager.delete_rule(user_id=ctx["user_id"], policy_id=ctx["id"], rule_id=ctx['rule_id']) + except Exception as e: + LOG.error(e, exc_info=True) + return {"result": False, + "error": str(e), + "ctx": ctx, "args": args} + return {"result": True} diff --git a/moonv4/moon_manager/moon_manager/messenger.py b/moonv4/moon_manager/moon_manager/messenger.py new file mode 100644 index 00000000..784b9eab --- /dev/null +++ b/moonv4/moon_manager/moon_manager/messenger.py @@ -0,0 +1,73 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +import time +from oslo_config import cfg +import oslo_messaging +from oslo_log import log as logging +from moon_manager.api.generic import Status, Logs +from moon_utilities.api import APIList +from moon_manager.api.models import Models, MetaRules, MetaData +from moon_manager.api.policies import Policies, Perimeter, Data, Assignments, Rules +from moon_manager.api.pdp import PDP +from moon_utilities.security_functions import call +from moon_utilities.exceptions import IntraExtensionUnknown + +LOG = logging.getLogger(__name__) +CONF = cfg.CONF + + +class Server: + + def __init__(self): + self.TOPIC = "moon_manager" + self.transport = oslo_messaging.get_transport(cfg.CONF) + self.target = oslo_messaging.Target(topic=self.TOPIC, server='moon_manager_server1') + # ctx = {'user_id': 'admin', 'id': intra_extension_id, 'method': 'get_intra_extensions'} + # if CONF.slave.slave_name: + # ctx['call_master'] = True + # intra_extension = call( + # endpoint="security_router", + # ctx=ctx, + # method='route', + # args={} + # ) + LOG.info("Starting MQ server with topic: {}".format(self.TOPIC)) + # if "intra_extensions" not in intra_extension: + # LOG.error("Error reading intra_extension from router") + # LOG.error("intra_extension: {}".format(intra_extension)) + # raise IntraExtensionUnknown + # intra_extension_id = list(intra_extension["intra_extensions"].keys())[0] + self.endpoints = [ + APIList((Status, Logs)), + Status(), + Logs(), + Models(), + MetaRules(), + MetaData(), + Policies(), + Perimeter(), + Data(), + Assignments(), + Rules(), + PDP() + ] + self.server = oslo_messaging.get_rpc_server(self.transport, self.target, self.endpoints, + executor='threading', + access_policy=oslo_messaging.DefaultRPCAccessPolicy) + + def run(self): + try: + self.server.start() + while True: + time.sleep(1) + except KeyboardInterrupt: + print("Stopping server by crtl+c") + except SystemExit: + print("Stopping server") + + self.server.stop() + self.server.wait() + diff --git a/moonv4/moon_manager/moon_manager/server.py b/moonv4/moon_manager/moon_manager/server.py new file mode 100644 index 00000000..715a74c3 --- /dev/null +++ b/moonv4/moon_manager/moon_manager/server.py @@ -0,0 +1,25 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +import os +from oslo_config import cfg +from oslo_log import log as logging +from moon_utilities import options # noqa +from moon_manager.messenger import Server + +LOG = logging.getLogger(__name__) +CONF = cfg.CONF +DOMAIN = "moon_manager" + +__CWD__ = os.path.dirname(os.path.abspath(__file__)) + + +def main(): + server = Server() + server.run() + + +if __name__ == '__main__': + main() diff --git a/moonv4/moon_manager/requirements.txt b/moonv4/moon_manager/requirements.txt new file mode 100644 index 00000000..3b684f8d --- /dev/null +++ b/moonv4/moon_manager/requirements.txt @@ -0,0 +1,5 @@ +kombu !=4.0.1,!=4.0.0 +oslo.messaging +oslo.config +vine +oslo.log
\ No newline at end of file diff --git a/moonv4/moon_manager/setup.py b/moonv4/moon_manager/setup.py new file mode 100644 index 00000000..a6fc5fc7 --- /dev/null +++ b/moonv4/moon_manager/setup.py @@ -0,0 +1,47 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +from setuptools import setup, find_packages +import moon_manager + + +setup( + + name='moon_manager', + + version=moon_manager.__version__, + + packages=find_packages(), + + author="Thomas Duval", + + author_email="thomas.duval@orange.com", + + description="", + + long_description=open('README.rst').read(), + + # install_requires= , + + include_package_data=True, + + url='https://git.opnfv.org/cgit/moon', + + classifiers=[ + "Programming Language :: Python", + "Development Status :: 1 - Planning", + "License :: OSI Approved", + "Natural Language :: French", + "Operating System :: OS Independent", + "Programming Language :: Python :: 3", + ], + + entry_points={ + 'console_scripts': [ + 'moon_manager = moon_manager.server:main', + ], + } + +) |