diff options
Diffstat (limited to 'moon_manager/moon_manager/api')
-rw-r--r-- | moon_manager/moon_manager/api/json_export.py | 25 | ||||
-rw-r--r-- | moon_manager/moon_manager/api/json_import.py | 58 | ||||
-rw-r--r-- | moon_manager/moon_manager/api/pdp.py | 2 | ||||
-rw-r--r-- | moon_manager/moon_manager/api/rules.py | 4 |
4 files changed, 61 insertions, 28 deletions
diff --git a/moon_manager/moon_manager/api/json_export.py b/moon_manager/moon_manager/api/json_export.py index feb4fde2..1d3643e7 100644 --- a/moon_manager/moon_manager/api/json_export.py +++ b/moon_manager/moon_manager/api/json_export.py @@ -1,3 +1,8 @@ +# Copyright 2018 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + import logging from flask_restful import Resource from python_moonutilities.security_functions import check_auth @@ -34,11 +39,19 @@ class JsonExport(Resource): JsonUtils.convert_id_to_name(policy_key, rule_dict, "policy", "policy", PolicyManager, self._user_id) ids = rule["rule"] rule_description = dict() - JsonUtils.convert_ids_to_names([ids[0]], rule_description, "subject_data", "subject_data", PolicyManager, self._user_id, policy_key) - JsonUtils.convert_ids_to_names([ids[1]], rule_description, "object_data", "object_data", PolicyManager, self._user_id, policy_key) - JsonUtils.convert_ids_to_names([ids[2]], rule_description, "action_data", "action_data", PolicyManager, self._user_id, policy_key) + meta_rule = ModelManager.get_meta_rules(self._user_id, rule["meta_rule_id"]) + meta_rule = [v for v in meta_rule.values()] + meta_rule = meta_rule[0] + index_subject_data = len(meta_rule["subject_categories"])-1 + index_object_data = len(meta_rule["subject_categories"]) + len(meta_rule["object_categories"])-1 + index_action_data = len(meta_rule["subject_categories"]) + len(meta_rule["object_categories"]) + len(meta_rule["action_categories"])-1 + ids_subject_data = [ids[0]] if len(meta_rule["subject_categories"]) == 1 else ids[0:index_subject_data] + ids_object_data = [ids[index_object_data]] if len(meta_rule["object_categories"]) == 1 else ids[index_subject_data+1:index_object_data] + ids_action_date = [ids[index_action_data]] if len(meta_rule["action_categories"]) == 1 else ids[index_object_data+1:index_action_data] + JsonUtils.convert_ids_to_names(ids_subject_data, rule_description, "subject_data", "subject_data", PolicyManager, self._user_id, policy_key) + JsonUtils.convert_ids_to_names(ids_object_data, rule_description, "object_data", "object_data", PolicyManager, self._user_id, policy_key) + JsonUtils.convert_ids_to_names(ids_action_date, rule_description, "action_data", "action_data", PolicyManager, self._user_id, policy_key) rule_dict["rule"] = rule_description - logger.info("Exporting rule {}".format(rule_dict)) rules_array.append(rule_dict) if len(rules_array) > 0: @@ -95,8 +108,8 @@ class JsonExport(Resource): JsonUtils.copy_field_if_exists(data_group["data"][data_key], data_dict, "name", str) JsonUtils.copy_field_if_exists(data_group["data"][data_key], data_dict, "description", str) else: - JsonUtils.copy_field_if_exists(data_group["data"][data_key]["value"], data_dict, "name", str) - JsonUtils.copy_field_if_exists(data_group["data"][data_key]["value"], data_dict, "description", str) + JsonUtils.copy_field_if_exists(data_group["data"][data_key], data_dict, "name", str) + JsonUtils.copy_field_if_exists(data_group["data"][data_key], data_dict, "description", str) JsonUtils.convert_id_to_name(policy_id, data_dict, "policy", "policy", PolicyManager, self._user_id) JsonUtils.convert_id_to_name(category_id, data_dict, "category", type_element + "_category", ModelManager, self._user_id, policy_key) diff --git a/moon_manager/moon_manager/api/json_import.py b/moon_manager/moon_manager/api/json_import.py index a048baee..ae9a21d0 100644 --- a/moon_manager/moon_manager/api/json_import.py +++ b/moon_manager/moon_manager/api/json_import.py @@ -79,6 +79,23 @@ class JsonImport(Resource): "/import/", ) + def _reorder_rules_ids(self, rule, ordered_perimeter_categories_ids, json_data_ids, policy_id, get_function): + ordered_json_ids = [None]*len(ordered_perimeter_categories_ids) + logger.info("ordered_json_ids {}".format(ordered_json_ids)) + logger.info("json_data_ids {}".format(json_data_ids)) + for json_id in json_data_ids: + logger.info("json_id {}".format(json_id)) + data = get_function(self._user_id, policy_id, data_id=json_id) + data = data[0] + logger.info("data {}".format(data)) + if data["category_id"] not in ordered_perimeter_categories_ids: + raise InvalidJson("The category id {} of the rule {} does not match the meta rule".format(data["category_id"], rule)) + if ordered_json_ids[ordered_perimeter_categories_ids.index(data["category_id"])] is not None: + raise InvalidJson("The category id {} of the rule {} shall not be used twice in the same rule".format(data["category_id"], rule)) + ordered_json_ids[ordered_perimeter_categories_ids.index(data["category_id"])] = json_id + logger.info(ordered_json_ids) + return ordered_json_ids + def _import_rules(self, json_rules): if not isinstance(json_rules, list): raise InvalidJson("rules shall be a list!") @@ -91,26 +108,28 @@ class JsonImport(Resource): json_ids = dict() JsonUtils.convert_name_to_id(json_rule, json_ids, "policy", "policy_id", "policy", PolicyManager, self._user_id) JsonUtils.convert_name_to_id(json_rule, json_to_use, "meta_rule", "meta_rule_id", "meta_rule", ModelManager, self._user_id) - json_subject_ids = dict() json_object_ids = dict() json_action_ids = dict() - json_rule_to_use = dict() JsonUtils.convert_names_to_ids(json_rule["rule"], json_subject_ids, "subject_data", "subject", "subject_data", PolicyManager, self._user_id, json_ids["policy_id"]) JsonUtils.convert_names_to_ids(json_rule["rule"], json_object_ids, "object_data", "object", "object_data", PolicyManager, self._user_id, json_ids["policy_id"]) JsonUtils.convert_names_to_ids(json_rule["rule"], json_action_ids, "action_data", "action", "action_data", PolicyManager, self._user_id, json_ids["policy_id"]) - logger.info(json_rule_to_use) - for json_subject_id in json_subject_ids["subject"]: - for json_object_id in json_object_ids["object"]: - for json_action_id in json_action_ids["action"]: - json_to_use["rule"] = [json_subject_id, json_object_id, json_action_id] - try: - logger.info("Adding / updating a rule from json {}".format(json_to_use)) - PolicyManager.add_rule(self._user_id, json_ids["policy_id"], json_to_use["meta_rule_id"], json_to_use) - except exceptions.RuleExisting: - pass - except exceptions.PolicyUnknown: - raise UnknownPolicy("Unknown policy with id {}".format(json_ids["policy_id"])) + + meta_rule = ModelManager.get_meta_rules(self._user_id, json_to_use["meta_rule_id"]) + meta_rule = [v for v in meta_rule.values()] + meta_rule = meta_rule[0] + + json_to_use_rule = self._reorder_rules_ids(json_rule, meta_rule["subject_categories"], json_subject_ids["subject"], json_ids["policy_id"], PolicyManager.get_subject_data) + json_to_use_rule = json_to_use_rule + self._reorder_rules_ids(json_rule, meta_rule["object_categories"], json_object_ids["object"], json_ids["policy_id"], PolicyManager.get_object_data) + json_to_use_rule = json_to_use_rule + self._reorder_rules_ids(json_rule, meta_rule["action_categories"], json_action_ids["action"], json_ids["policy_id"], PolicyManager.get_action_data) + json_to_use["rule"] = json_to_use_rule + try: + logger.info("Adding / updating a rule from json {}".format(json_to_use)) + PolicyManager.add_rule(self._user_id, json_ids["policy_id"], json_to_use["meta_rule_id"], json_to_use) + except exceptions.RuleExisting: + pass + except exceptions.PolicyUnknown: + raise UnknownPolicy("Unknown policy with id {}".format(json_ids["policy_id"])) def _import_meta_rules(self, json_meta_rules): logger.info("Input meta rules : {}".format(json_meta_rules)) @@ -188,19 +207,20 @@ class JsonImport(Resource): JsonUtils.copy_field_if_exists(json_item_data, json_to_use, "description", str) json_policy = dict() # field_mandatory : not mandatory if there is some mandatory policies - JsonUtils.convert_name_to_id(json_item_data, json_policy, "policy", "policy_id", "policy", + JsonUtils.convert_names_to_ids(json_item_data, json_policy, "policies", "policy_id", "policy", PolicyManager, self._user_id, field_mandatory=len(mandatory_policy_ids) == 0) logger.info("json_policy {}".format(json_policy)) json_category = dict() JsonUtils.convert_name_to_id(json_item_data, json_category, "category", "category_id", type_element+"_category", ModelManager, self._user_id) logger.info("json_category {}".format(json_category)) - policy_id = None + policy_ids = [] if "policy_id" in json_policy: - policy_id = json_policy["policy_id"] + policy_ids = json_policy["policy_id"] - if policy_id is not None and policy_id not in mandatory_policy_ids: - mandatory_policy_ids.append(policy_id) + for policy_id in policy_ids: + if policy_id is not None and policy_id not in mandatory_policy_ids: + mandatory_policy_ids.append(policy_id) if len(mandatory_policy_ids) == 0: raise InvalidJson("Invalid data, the policy shall be set when importing {}".format(json_item_data)) diff --git a/moon_manager/moon_manager/api/pdp.py b/moon_manager/moon_manager/api/pdp.py index 78931e1f..4bc34a24 100644 --- a/moon_manager/moon_manager/api/pdp.py +++ b/moon_manager/moon_manager/api/pdp.py @@ -73,7 +73,7 @@ def add_pod(uuid, data): time.sleep(1) else: break - logger.info(req.text) + logger.info("Pod add request answer : {}".format(req.text)) def check_keystone_pid(k_pid): diff --git a/moon_manager/moon_manager/api/rules.py b/moon_manager/moon_manager/api/rules.py index e6c46bf4..57dcd45c 100644 --- a/moon_manager/moon_manager/api/rules.py +++ b/moon_manager/moon_manager/api/rules.py @@ -40,9 +40,9 @@ class Rules(Resource): "policy_id": "policy_id1", "meta_rule_id": "meta_rule_id1", "rule_id1": - ["subject_data_id1", "object_data_id1", "action_data_id1"], + ["subject_data_id1", "subject_data_id2", "object_data_id1", "action_data_id1"], "rule_id2": - ["subject_data_id2", "object_data_id2", "action_data_id2"], + ["subject_data_id3", "subject_data_id4", "object_data_id2", "action_data_id2"], ] } :internal_api: get_rules |