diff options
author | Thomas Duval <thomas.duval@orange.com> | 2020-06-03 10:06:52 +0200 |
---|---|---|
committer | Thomas Duval <thomas.duval@orange.com> | 2020-06-03 10:06:52 +0200 |
commit | 7bb53c64da2dcf88894bfd31503accdd81498f3d (patch) | |
tree | 4310e12366818af27947b5e2c80cb162da93a4b5 /old/moon_manager/moon_manager/api/pdp.py | |
parent | cbea4e360e9bfaa9698cf7c61c83c96a1ba89b8c (diff) |
Update to new version 5.4HEADstable/jermamaster
Signed-off-by: Thomas Duval <thomas.duval@orange.com>
Change-Id: Idcd868133d75928a1ffd74d749ce98503e0555ea
Diffstat (limited to 'old/moon_manager/moon_manager/api/pdp.py')
-rw-r--r-- | old/moon_manager/moon_manager/api/pdp.py | 214 |
1 files changed, 214 insertions, 0 deletions
diff --git a/old/moon_manager/moon_manager/api/pdp.py b/old/moon_manager/moon_manager/api/pdp.py new file mode 100644 index 00000000..65a6a5f1 --- /dev/null +++ b/old/moon_manager/moon_manager/api/pdp.py @@ -0,0 +1,214 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. +""" +PDP are Policy Decision Point. + +""" + +from flask import request +from flask_restful import Resource +import logging +import requests +import time +from python_moonutilities.security_functions import check_auth +from python_moondb.core import PDPManager +from python_moondb.core import PolicyManager +from python_moondb.core import ModelManager +from python_moonutilities import configuration, exceptions +from python_moonutilities.security_functions import validate_input + +__version__ = "4.3.2" + +logger = logging.getLogger("moon.manager.api." + __name__) + + +def delete_pod(uuid): + conf = configuration.get_configuration("components/orchestrator") + hostname = conf["components/orchestrator"].get("hostname", "orchestrator") + port = conf["components/orchestrator"].get("port", 80) + proto = conf["components/orchestrator"].get("protocol", "http") + # while True: + # try: + url = "{}://{}:{}/pods".format(proto, hostname, port) + req = requests.get(url) + # except requests.exceptions.ConnectionError: + # logger.warning("Orchestrator is not ready, standby... {}".format(url)) + # time.sleep(1) + # else: + # break + for pod_key, pod_list in req.json().get("pods", {}).items(): + for pod_value in pod_list: + if "pdp_id" in pod_value: + if pod_value["pdp_id"] == uuid: + req = requests.delete( + "{}://{}:{}/pods/{}".format(proto, hostname, port, pod_key)) + if req.status_code != 200: + logger.warning( + "Cannot delete pod {} - {}".format(pod_key, pod_value['name'])) + logger.debug(req.content) + # Note (Asteroide): no need to go further if one match + break + + +def add_pod(uuid, data): + if not data.get("keystone_project_id"): + return + logger.info("Add a new pod {}".format(data)) + if "pdp_id" not in data: + data["pdp_id"] = uuid + data['policies'] = PolicyManager.get_policies(user_id="admin") + data['models'] = ModelManager.get_models(user_id="admin") + conf = configuration.get_configuration("components/orchestrator") + hostname = conf["components/orchestrator"].get("hostname", "orchestrator") + port = conf["components/orchestrator"].get("port", 80) + proto = conf["components/orchestrator"].get("protocol", "http") + while True: + try: + req = requests.post( + "{}://{}:{}/pods".format(proto, hostname, port), + json=data, + headers={"content-type": "application/json"}) + except requests.exceptions.ConnectionError as e: + logger.warning("add_pod: Orchestrator is not ready, standby...") + logger.exception(e) + time.sleep(1) + else: + break + logger.info("Pod add request answer : {}".format(req.text)) + + +def check_keystone_pid(k_pid): + data = PDPManager.get_pdp(user_id="admin") + for pdp_key, pdp_value in data.items(): + logger.info("pdp={}".format(pdp_value)) + if pdp_value["keystone_project_id"] == k_pid: + return True + + +class PDP(Resource): + """ + Endpoint for pdp requests + """ + + __urls__ = ( + "/pdp", + "/pdp/", + "/pdp/<string:uuid>", + "/pdp/<string:uuid>/", + ) + + @validate_input("get", kwargs_state=[False, False]) + @check_auth + def get(self, uuid=None, user_id=None): + """Retrieve all pdp + + :param uuid: uuid of the pdp + :param user_id: user ID who do the request + :return: { + "pdp_id1": { + "name": "...", + "security_pipeline": [...], + "keystone_project_id": "keystone_project_id1", + "description": "... (optional)", + } + } + :internal_api: get_pdp + """ + + data = PDPManager.get_pdp(user_id=user_id, pdp_id=uuid) + + return {"pdps": data} + + @validate_input("post", body_state={"name": True, "security_pipeline": True, + "keystone_project_id": True}) + @check_auth + def post(self, uuid=None, user_id=None): + """Create pdp. + + :param uuid: uuid of the pdp (not used here) + :param user_id: user ID who do the request + :request body: { + "name": "name of the PDP (mandatory)", + "security_pipeline": ["may be empty"], + "keystone_project_id": "keystone_project_id1 (may be empty)", + "description": "description of the PDP (optional)", + } + :return: { + "pdp_id1": { + "name": "...", + "security_pipeline": [...], + "keystone_project_id": "keystone_project_id1", + "description": "... (optional)", + } + } + :internal_api: add_pdp + """ + + data = dict(request.json) + if not data.get("keystone_project_id"): + data["keystone_project_id"] = None + else: + if check_keystone_pid(data.get("keystone_project_id")): + raise exceptions.PdpKeystoneMappingConflict + data = PDPManager.add_pdp( + user_id=user_id, pdp_id=None, value=request.json) + uuid = list(data.keys())[0] + logger.debug("data={}".format(data)) + logger.debug("uuid={}".format(uuid)) + add_pod(uuid=uuid, data=data[uuid]) + + return {"pdps": data} + + @validate_input("delete", kwargs_state=[True, False]) + @check_auth + def delete(self, uuid, user_id=None): + """Delete a pdp + + :param uuid: uuid of the pdp to delete + :param user_id: user ID who do the request + :return: { + "result": "True or False", + "message": "optional message (optional)" + } + :internal_api: delete_pdp + """ + data = PDPManager.delete_pdp(user_id=user_id, pdp_id=uuid) + delete_pod(uuid) + + return {"result": True} + + @validate_input("patch", kwargs_state=[True, False], + body_state={"name": True, "security_pipeline": True, + "keystone_project_id": True}) + @check_auth + def patch(self, uuid, user_id=None): + """Update a pdp + + :param uuid: uuid of the pdp to update + :param user_id: user ID who do the request + :return: { + "pdp_id1": { + "name": "name of the PDP", + "security_pipeline": ["may be empty"], + "keystone_project_id": "keystone_project_id1 (may be empty)", + "description": "description of the PDP (optional)", + } + } + :internal_api: update_pdp + """ + + _data = dict(request.json) + if not _data.get("keystone_project_id"): + _data["keystone_project_id"] = None + else: + if check_keystone_pid(_data.get("keystone_project_id")): + raise exceptions.PdpKeystoneMappingConflict + data = PDPManager.update_pdp( + user_id=user_id, pdp_id=uuid, value=_data) + logger.debug("data={}".format(data)) + logger.debug("uuid={}".format(uuid)) + add_pod(uuid=uuid, data=data[uuid]) + + return {"pdps": data} |