aboutsummaryrefslogtreecommitdiffstats
path: root/old/python_moonclient/python_moonclient/core/authz.py
diff options
context:
space:
mode:
Diffstat (limited to 'old/python_moonclient/python_moonclient/core/authz.py')
-rw-r--r--old/python_moonclient/python_moonclient/core/authz.py180
1 files changed, 180 insertions, 0 deletions
diff --git a/old/python_moonclient/python_moonclient/core/authz.py b/old/python_moonclient/python_moonclient/core/authz.py
new file mode 100644
index 00000000..d331004c
--- /dev/null
+++ b/old/python_moonclient/python_moonclient/core/authz.py
@@ -0,0 +1,180 @@
+from uuid import uuid4
+import copy
+import logging
+import threading
+import time
+import json
+import random
+import requests
+
+HOST_MANAGER = None
+PORT_MANAGER = None
+HOST_KEYSTONE = None
+PORT_KEYSTONE = None
+
+LOCK = threading.Lock()
+LOGGER = logging.getLogger("moonclient.core.authz")
+
+
+def _construct_payload(creds, current_rule, enforcer, target):
+ # Convert instances of object() in target temporarily to
+ # empty dict to avoid circular reference detection
+ # errors in jsonutils.dumps().
+ temp_target = copy.deepcopy(target)
+ for key in target.keys():
+ element = target.get(key)
+ if type(element) is object:
+ temp_target[key] = {}
+ _data = _json = None
+ if enforcer:
+ _data = {'rule': current_rule,
+ 'target': json.dumps(temp_target),
+ 'credentials': json.dumps(creds)}
+ else:
+ _json = {'rule': current_rule,
+ 'target': temp_target,
+ 'credentials': creds}
+ return _data, _json
+
+
+def _send(url, data=None, stress_test=False):
+ current_request = dict()
+ current_request['url'] = url
+ try:
+ if stress_test:
+ current_request['start'] = time.time()
+ # with LOCK:
+ res = requests.get(url)
+ current_request['end'] = time.time()
+ current_request['delta'] = current_request["end"] - current_request["start"]
+ else:
+ with LOCK:
+ current_request['start'] = time.time()
+ if data:
+ data, _ = _construct_payload(data['credentials'], data['rule'], True,
+ data['target'])
+ res = requests.post(url, json=data,
+ headers={'content-type': "application/x-www-form-urlencode"}
+ )
+ else:
+ res = requests.get(url)
+ current_request['end'] = time.time()
+ current_request['delta'] = current_request["end"] - current_request["start"]
+ except requests.exceptions.ConnectionError:
+ LOGGER.warning("Unable to connect to server")
+ return {}
+ if not stress_test:
+ try:
+ j = res.json()
+ if res.status_code == 200:
+ LOGGER.warning("\033[1m{}\033[m \033[32mGrant\033[m".format(url))
+ elif res.status_code == 401:
+ LOGGER.warning("\033[1m{}\033[m \033[31mDeny\033[m".format(url))
+ else:
+ LOGGER.error("\033[1m{}\033[m {} {}".format(url, res.status_code, res.text))
+ except Exception as e:
+ if res.text == "True":
+ LOGGER.warning("\033[1m{}\033[m \033[32mGrant\033[m".format(url))
+ elif res.text == "False":
+ LOGGER.warning("\033[1m{}\033[m \033[31mDeny\033[m".format(url))
+ else:
+ LOGGER.error("\033[1m{}\033[m {} {}".format(url, res.status_code, res.text))
+ LOGGER.exception(e)
+ LOGGER.error(res.text)
+ else:
+ if j.get("result"):
+ # logger.warning("{} \033[32m{}\033[m".format(url, j.get("result")))
+ LOGGER.debug("{}".format(j.get("error", "")))
+ current_request['result'] = "Grant"
+ else:
+ # logger.warning("{} \033[31m{}\033[m".format(url, "Deny"))
+ LOGGER.debug("{}".format(j))
+ current_request['result'] = "Deny"
+ return current_request
+
+
+class AsyncGet(threading.Thread):
+
+ def __init__(self, url, semaphore=None, **kwargs):
+ threading.Thread.__init__(self)
+ self.url = url
+ self.kwargs = kwargs
+ self.sema = semaphore
+ self.result = dict()
+ self.uuid = uuid4().hex
+ self.index = kwargs.get("index", 0)
+
+ def run(self):
+ self.result = _send(self.url,
+ data=self.kwargs.get("data"),
+ stress_test=self.kwargs.get("stress_test", False))
+ self.result['index'] = self.index
+
+
+def send_requests(scenario, authz_host, authz_port, keystone_project_id, request_second=1,
+ limit=500,
+ dry_run=None, stress_test=False, destination="wrapper"):
+ backgrounds = []
+ time_data = list()
+ start_timing = time.time()
+ request_cpt = 0
+ subjects = tuple(scenario.subjects.keys())
+ objects = tuple(scenario.objects.keys())
+ actions = tuple(scenario.actions.keys())
+ while request_cpt < limit:
+ rule = (random.choice(subjects), random.choice(objects), random.choice(actions))
+ if destination.lower() == "wrapper":
+ url = "http://{}:{}/authz/oslo".format(authz_host, authz_port)
+ data = {
+ 'target': {
+ "user_id": random.choice(subjects),
+ "target": {
+ "name": random.choice(objects)
+ },
+ "project_id": keystone_project_id
+ },
+ 'credentials': None,
+ 'rule': random.choice(actions)
+ }
+ else:
+ url = "http://{}:{}/authz/{}/{}".format(authz_host, authz_port, keystone_project_id,
+ "/".join(rule))
+ data = None
+ if dry_run:
+ LOGGER.info(url)
+ continue
+ request_cpt += 1
+ if stress_test:
+ time_data.append(copy.deepcopy(_send(url, stress_test=stress_test)))
+ else:
+ background = AsyncGet(url, stress_test=stress_test, data=data,
+ index=request_cpt)
+ backgrounds.append(background)
+ background.start()
+ if request_second > 0:
+ if request_cpt % request_second == 0:
+ if time.time() - start_timing < 1:
+ while True:
+ if time.time() - start_timing > 1:
+ break
+ start_timing = time.time()
+ if not stress_test:
+ for background in backgrounds:
+ background.join()
+ if background.result:
+ time_data.append(copy.deepcopy(background.result))
+ return time_data
+
+
+def save_data(filename, time_data):
+ json.dump(time_data, open(filename, "w"))
+
+
+def get_delta(time_data):
+ time_delta = list()
+ time_delta_sum1 = 0
+ for item in time_data:
+ time_delta.append(item['delta'])
+ time_delta_sum1 += item['delta']
+ time_delta_average1 = time_delta_sum1 / len(time_data)
+ return time_delta, time_delta_average1