diff options
Diffstat (limited to 'python_moondb/python_moondb')
-rw-r--r-- | python_moondb/python_moondb/__init__.py | 7 | ||||
-rw-r--r-- | python_moondb/python_moondb/api/__init__.py | 0 | ||||
-rw-r--r-- | python_moondb/python_moondb/api/keystone.py | 106 | ||||
-rw-r--r-- | python_moondb/python_moondb/api/managers.py | 15 | ||||
-rw-r--r-- | python_moondb/python_moondb/api/model.py | 123 | ||||
-rw-r--r-- | python_moondb/python_moondb/api/pdp.py | 43 | ||||
-rw-r--r-- | python_moondb/python_moondb/api/policy.py | 290 | ||||
-rw-r--r-- | python_moondb/python_moondb/backends/__init__.py | 97 | ||||
-rw-r--r-- | python_moondb/python_moondb/backends/sql.py | 1661 | ||||
-rw-r--r-- | python_moondb/python_moondb/core.py | 228 | ||||
-rw-r--r-- | python_moondb/python_moondb/db_manager.py | 82 | ||||
-rw-r--r-- | python_moondb/python_moondb/migrate_repo/__init__.py | 0 | ||||
-rw-r--r-- | python_moondb/python_moondb/migrate_repo/versions/001_moon.py | 252 | ||||
-rw-r--r-- | python_moondb/python_moondb/migrate_repo/versions/__init__.py | 0 |
14 files changed, 0 insertions, 2904 deletions
diff --git a/python_moondb/python_moondb/__init__.py b/python_moondb/python_moondb/__init__.py deleted file mode 100644 index b266a9d4..00000000 --- a/python_moondb/python_moondb/__init__.py +++ /dev/null @@ -1,7 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -__version__ = "1.2.8" - diff --git a/python_moondb/python_moondb/api/__init__.py b/python_moondb/python_moondb/api/__init__.py deleted file mode 100644 index e69de29b..00000000 --- a/python_moondb/python_moondb/api/__init__.py +++ /dev/null diff --git a/python_moondb/python_moondb/api/keystone.py b/python_moondb/python_moondb/api/keystone.py deleted file mode 100644 index 582ae710..00000000 --- a/python_moondb/python_moondb/api/keystone.py +++ /dev/null @@ -1,106 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -import os -import requests -import json -from uuid import uuid4 -import logging -from python_moonutilities import exceptions, configuration -from python_moonutilities.security_functions import filter_input, login, logout -from python_moondb.api.managers import Managers - -logger = logging.getLogger("moon.db.api.keystone") - - -class KeystoneManager(Managers): - - def __init__(self, connector=None): - self.driver = connector.driver - Managers.KeystoneManager = self - conf = configuration.get_configuration("openstack/keystone")['openstack/keystone'] - - self.__url = conf['url'] - self.__user = conf['user'] - self.__password = conf['password'] - self.__domain = conf['domain'] - self.__project = conf['project'] - try: - os.environ.pop("http_proxy") - os.environ.pop("https_proxy") - except KeyError: - pass - - def __get(self, endpoint, _exception=exceptions.KeystoneError): - _headers = login() - req = requests.get("{}{}".format(self.__url, endpoint), headers=_headers, verify=False) - if req.status_code not in (200, 201): - logger.error(req.text) - raise _exception - data = req.json() - logout(_headers) - return data - - def __post(self, endpoint, data=None, _exception=exceptions.KeystoneError): - _headers = login() - req = requests.post("{}{}".format(self.__url, endpoint), - data=json.dumps(data), - headers=_headers, verify=False) - if req.status_code == 409: - logger.warning(req.text) - raise exceptions.KeystoneUserConflict - if req.status_code not in (200, 201): - logger.error(req.text) - raise _exception - data = req.json() - logout(_headers) - return data - - def list_projects(self): - return self.__get(endpoint="/projects/", _exception=exceptions.KeystoneProjectError) - - @filter_input - def create_project(self, tenant_dict): - if "name" not in tenant_dict: - raise exceptions.KeystoneProjectError("Cannot get the project name.") - _project = { - "project": { - "description": tenant_dict['description'] if 'description' in tenant_dict else "", - "domain_id": tenant_dict['domain'] if 'domain' in tenant_dict else "default", - "enabled": True, - "is_domain": False, - "name": tenant_dict['name'] - } - } - return self.__post(endpoint="/projects/", - data=_project, - _exception=exceptions.KeystoneProjectError) - - @filter_input - def get_user_by_name(self, username, domain_id="default"): - return self.__get(endpoint="/users?name={}&domain_id={}".format(username, domain_id), - _exception=exceptions.KeystoneUserError) - - @filter_input - def create_user(self, subject_dict): - _user = { - "user": { - "enabled": True, - "name": subject_dict['name'] if 'name' in subject_dict else uuid4().hex, - } - } - if 'project' in subject_dict: - _user['user']['default_project_id'] = subject_dict['project'] - if 'domain' in subject_dict: - _user['user']['domain_id'] = subject_dict['domain'] - if 'password' in subject_dict: - _user['user']['password'] = subject_dict['password'] - try: - return self.__post(endpoint="/users/", - data=_user, - _exception=exceptions.KeystoneUserError) - except exceptions.KeystoneUserConflict: - return True - diff --git a/python_moondb/python_moondb/api/managers.py b/python_moondb/python_moondb/api/managers.py deleted file mode 100644 index f500d02e..00000000 --- a/python_moondb/python_moondb/api/managers.py +++ /dev/null @@ -1,15 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -import logging -logger = logging.getLogger("moon.db.api.managers") - - -class Managers(object): - """Object that links managers together""" - ModelManager = None - KeystoneManager = None - PDPManager = None - PolicyManager = None diff --git a/python_moondb/python_moondb/api/model.py b/python_moondb/python_moondb/api/model.py deleted file mode 100644 index 57857cd2..00000000 --- a/python_moondb/python_moondb/api/model.py +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -from uuid import uuid4 -import logging -from python_moonutilities import exceptions -from python_moonutilities.security_functions import filter_input, enforce -from python_moondb.api.managers import Managers - - -logger = logging.getLogger("moon.db.api.model") - - -class ModelManager(Managers): - - def __init__(self, connector=None): - self.driver = connector.driver - Managers.ModelManager = self - - @enforce(("read", "write"), "models") - def update_model(self, user_id, model_id, value): - if model_id not in self.driver.get_models(model_id=model_id): - raise exceptions.ModelUnknown - return self.driver.update_model(model_id=model_id, value=value) - - @enforce(("read", "write"), "models") - def delete_model(self, user_id, model_id): - if model_id not in self.driver.get_models(model_id=model_id): - raise exceptions.ModelUnknown - # TODO (asteroide): check that no policy is connected to this model - return self.driver.delete_model(model_id=model_id) - - @enforce(("read", "write"), "models") - def add_model(self, user_id, model_id=None, value=None): - if model_id in self.driver.get_models(model_id=model_id): - raise exceptions.ModelExisting - if not model_id: - model_id = uuid4().hex - return self.driver.add_model(model_id=model_id, value=value) - - @enforce("read", "models") - def get_models(self, user_id, model_id=None): - return self.driver.get_models(model_id=model_id) - - @enforce(("read", "write"), "meta_rules") - def set_meta_rule(self, user_id, meta_rule_id, value): - if meta_rule_id not in self.driver.get_meta_rules(meta_rule_id=meta_rule_id): - raise exceptions.MetaRuleUnknown - return self.driver.set_meta_rule(meta_rule_id=meta_rule_id, value=value) - - @enforce("read", "meta_rules") - def get_meta_rules(self, user_id, meta_rule_id=None): - return self.driver.get_meta_rules(meta_rule_id=meta_rule_id) - - @enforce(("read", "write"), "meta_rules") - def add_meta_rule(self, user_id, meta_rule_id=None, value=None): - if meta_rule_id in self.driver.get_meta_rules(meta_rule_id=meta_rule_id): - raise exceptions.MetaRuleExisting - return self.driver.set_meta_rule(meta_rule_id=meta_rule_id, value=value) - - @enforce(("read", "write"), "meta_rules") - def delete_meta_rule(self, user_id, meta_rule_id=None): - if meta_rule_id not in self.driver.get_meta_rules(meta_rule_id=meta_rule_id): - raise exceptions.MetaRuleUnknown - # TODO (asteroide): check and/or delete data and assignments and rules linked to that meta_rule - return self.driver.delete_meta_rule(meta_rule_id=meta_rule_id) - - @enforce("read", "meta_data") - def get_subject_categories(self, user_id, category_id=None): - return self.driver.get_subject_categories(category_id=category_id) - - @enforce(("read", "write"), "meta_data") - def add_subject_category(self, user_id, category_id=None, value=None): - if category_id in self.driver.get_subject_categories(category_id=category_id): - raise exceptions.SubjectCategoryExisting - return self.driver.add_subject_category(name=value["name"], description=value["description"], uuid=category_id) - - @enforce(("read", "write"), "meta_data") - def delete_subject_category(self, user_id, category_id): - # TODO (asteroide): delete all data linked to that category - # TODO (asteroide): delete all meta_rules linked to that category - if category_id not in self.driver.get_subject_categories(category_id=category_id): - raise exceptions.SubjectCategoryUnknown - return self.driver.delete_subject_category(category_id=category_id) - - @enforce("read", "meta_data") - def get_object_categories(self, user_id, category_id=None): - return self.driver.get_object_categories(category_id) - - @enforce(("read", "write"), "meta_data") - def add_object_category(self, user_id, category_id=None, value=None): - if category_id in self.driver.get_object_categories(category_id=category_id): - raise exceptions.ObjectCategoryExisting - return self.driver.add_object_category(name=value["name"], description=value["description"], uuid=category_id) - - @enforce(("read", "write"), "meta_data") - def delete_object_category(self, user_id, category_id): - # TODO (asteroide): delete all data linked to that category - # TODO (asteroide): delete all meta_rules linked to that category - if category_id not in self.driver.get_object_categories(category_id=category_id): - raise exceptions.ObjectCategoryUnknown - return self.driver.delete_object_category(category_id=category_id) - - @enforce("read", "meta_data") - def get_action_categories(self, user_id, category_id=None): - return self.driver.get_action_categories(category_id=category_id) - - @enforce(("read", "write"), "meta_data") - def add_action_category(self, user_id, category_id=None, value=None): - if category_id in self.driver.get_action_categories(category_id=category_id): - raise exceptions.ActionCategoryExisting - return self.driver.add_action_category(name=value["name"], description=value["description"], uuid=category_id) - - @enforce(("read", "write"), "meta_data") - def delete_action_category(self, user_id, category_id): - # TODO (asteroide): delete all data linked to that category - # TODO (asteroide): delete all meta_rules linked to that category - if category_id not in self.driver.get_action_categories(category_id=category_id): - raise exceptions.ActionCategoryExisting - return self.driver.delete_action_category(category_id=category_id) - diff --git a/python_moondb/python_moondb/api/pdp.py b/python_moondb/python_moondb/api/pdp.py deleted file mode 100644 index 7e852ca8..00000000 --- a/python_moondb/python_moondb/api/pdp.py +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -from uuid import uuid4 -import logging -from python_moonutilities.security_functions import enforce -from python_moondb.api.managers import Managers -from python_moonutilities import exceptions - -logger = logging.getLogger("moon.db.api.pdp") - - -class PDPManager(Managers): - - def __init__(self, connector=None): - self.driver = connector.driver - Managers.PDPManager = self - - @enforce(("read", "write"), "pdp") - def update_pdp(self, user_id, pdp_id, value): - if pdp_id not in self.driver.get_pdp(pdp_id=pdp_id): - raise exceptions.PdpUnknown - return self.driver.update_pdp(pdp_id=pdp_id, value=value) - - @enforce(("read", "write"), "pdp") - def delete_pdp(self, user_id, pdp_id): - if pdp_id not in self.driver.get_pdp(pdp_id=pdp_id): - raise exceptions.PdpUnknown - return self.driver.delete_pdp(pdp_id=pdp_id) - - @enforce(("read", "write"), "pdp") - def add_pdp(self, user_id, pdp_id=None, value=None): - if pdp_id in self.driver.get_pdp(pdp_id=pdp_id): - raise exceptions.PdpExisting - if not pdp_id: - pdp_id = uuid4().hex - return self.driver.add_pdp(pdp_id=pdp_id, value=value) - - @enforce("read", "pdp") - def get_pdp(self, user_id, pdp_id=None): - return self.driver.get_pdp(pdp_id=pdp_id) diff --git a/python_moondb/python_moondb/api/policy.py b/python_moondb/python_moondb/api/policy.py deleted file mode 100644 index 9e7ad96c..00000000 --- a/python_moondb/python_moondb/api/policy.py +++ /dev/null @@ -1,290 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -from uuid import uuid4 -import logging -from python_moonutilities.security_functions import enforce -from python_moondb.api.managers import Managers -from python_moonutilities import exceptions - -logger = logging.getLogger("moon.db.api.policy") - - -class PolicyManager(Managers): - - def __init__(self, connector=None): - self.driver = connector.driver - Managers.PolicyManager = self - - def get_policy_from_meta_rules(self, user_id, meta_rule_id): - policies = self.PolicyManager.get_policies("admin") - models = self.ModelManager.get_models("admin") - for pdp_key, pdp_value in self.PDPManager.get_pdp(user_id).items(): - if 'security_pipeline' not in pdp_value: - raise exceptions.PdpContentError - for policy_id in pdp_value["security_pipeline"]: - if not policies or policy_id not in policies: - raise exceptions.PolicyUnknown - model_id = policies[policy_id]["model_id"] - if not models: - raise exceptions.ModelUnknown - if model_id not in models: - raise exceptions.ModelUnknown - if meta_rule_id in models[model_id]["meta_rules"]: - return policy_id - - @enforce(("read", "write"), "policies") - def update_policy(self, user_id, policy_id, value): - if policy_id not in self.driver.get_policies(policy_id=policy_id): - raise exceptions.PolicyUnknown - return self.driver.update_policy(policy_id=policy_id, value=value) - - @enforce(("read", "write"), "policies") - def delete_policy(self, user_id, policy_id): - # TODO (asteroide): unmap PDP linked to that policy - if policy_id not in self.driver.get_policies(policy_id=policy_id): - raise exceptions.PolicyUnknown - return self.driver.delete_policy(policy_id=policy_id) - - @enforce(("read", "write"), "policies") - def add_policy(self, user_id, policy_id=None, value=None): - if policy_id in self.driver.get_policies(policy_id=policy_id): - raise exceptions.PolicyExisting - if not policy_id: - policy_id = uuid4().hex - return self.driver.add_policy(policy_id=policy_id, value=value) - - @enforce("read", "policies") - def get_policies(self, user_id, policy_id=None): - return self.driver.get_policies(policy_id=policy_id) - - @enforce("read", "perimeter") - def get_subjects(self, user_id, policy_id, perimeter_id=None): - return self.driver.get_subjects(policy_id=policy_id, perimeter_id=perimeter_id) - - @enforce(("read", "write"), "perimeter") - def add_subject(self, user_id, policy_id, perimeter_id=None, value=None): - k_user = Managers.KeystoneManager.get_user_by_name(value.get('name')) - if not k_user['users']: - k_user = Managers.KeystoneManager.create_user(value) - if not perimeter_id: - try: - logger.info("k_user={}".format(k_user)) - perimeter_id = k_user['users'][0].get('id', uuid4().hex) - except IndexError: - k_user = Managers.KeystoneManager.get_user_by_name( - value.get('name')) - perimeter_id = uuid4().hex - except KeyError: - k_user = Managers.KeystoneManager.get_user_by_name( - value.get('name')) - perimeter_id = uuid4().hex - value.update(k_user['users'][0]) - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - return self.driver.set_subject(policy_id=policy_id, perimeter_id=perimeter_id, value=value) - - @enforce(("read", "write"), "perimeter") - def delete_subject(self, user_id, policy_id, perimeter_id): - return self.driver.delete_subject(policy_id=policy_id, perimeter_id=perimeter_id) - - @enforce("read", "perimeter") - def get_objects(self, user_id, policy_id, perimeter_id=None): - return self.driver.get_objects(policy_id=policy_id, perimeter_id=perimeter_id) - - @enforce(("read", "write"), "perimeter") - def add_object(self, user_id, policy_id, perimeter_id=None, value=None): - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - if not perimeter_id: - perimeter_id = uuid4().hex - return self.driver.set_object(policy_id=policy_id, perimeter_id=perimeter_id, value=value) - - @enforce(("read", "write"), "perimeter") - def delete_object(self, user_id, policy_id, perimeter_id): - return self.driver.delete_object(policy_id=policy_id, perimeter_id=perimeter_id) - - @enforce("read", "perimeter") - def get_actions(self, user_id, policy_id, perimeter_id=None): - return self.driver.get_actions(policy_id=policy_id, perimeter_id=perimeter_id) - - @enforce(("read", "write"), "perimeter") - def add_action(self, user_id, policy_id, perimeter_id=None, value=None): - logger.info("add_action {}".format(policy_id)) - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - return self.driver.set_action(policy_id=policy_id, perimeter_id=perimeter_id, value=value) - - @enforce(("read", "write"), "perimeter") - def delete_action(self, user_id, policy_id, perimeter_id): - return self.driver.delete_action(policy_id=policy_id, perimeter_id=perimeter_id) - - @enforce("read", "data") - def get_subject_data(self, user_id, policy_id, data_id=None, category_id=None): - available_metadata = self.get_available_metadata(user_id, policy_id) - results = [] - if not category_id: - for cat in available_metadata["subject"]: - results.append(self.driver.get_subject_data(policy_id=policy_id, data_id=data_id, - category_id=cat)) - if category_id and category_id in available_metadata["subject"]: - results.append(self.driver.get_subject_data(policy_id=policy_id, data_id=data_id, - category_id=category_id)) - return results - - @enforce(("read", "write"), "data") - def set_subject_data(self, user_id, policy_id, data_id=None, category_id=None, value=None): - if not category_id: - raise Exception('Invalid category id') - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - if not data_id: - data_id = uuid4().hex - return self.driver.set_subject_data(policy_id=policy_id, data_id=data_id, category_id=category_id, value=value) - - @enforce(("read", "write"), "data") - def delete_subject_data(self, user_id, policy_id, data_id): - # TODO (asteroide): check and/or delete assignments linked to that data - return self.driver.delete_subject_data(policy_id=policy_id, data_id=data_id) - - @enforce("read", "data") - def get_object_data(self, user_id, policy_id, data_id=None, category_id=None): - available_metadata = self.get_available_metadata(user_id, policy_id) - results = [] - if not category_id: - for cat in available_metadata["object"]: - results.append(self.driver.get_object_data(policy_id=policy_id, data_id=data_id, - category_id=cat)) - if category_id and category_id in available_metadata["object"]: - results.append(self.driver.get_object_data(policy_id=policy_id, data_id=data_id, - category_id=category_id)) - return results - - @enforce(("read", "write"), "data") - def add_object_data(self, user_id, policy_id, data_id=None, category_id=None, value=None): - if not category_id: - raise Exception('Invalid category id') - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - if not data_id: - data_id = uuid4().hex - return self.driver.set_object_data(policy_id=policy_id, data_id=data_id, category_id=category_id, value=value) - - @enforce(("read", "write"), "data") - def delete_object_data(self, user_id, policy_id, data_id): - # TODO (asteroide): check and/or delete assignments linked to that data - return self.driver.delete_object_data(policy_id=policy_id, data_id=data_id) - - @enforce("read", "data") - def get_action_data(self, user_id, policy_id, data_id=None, category_id=None): - available_metadata = self.get_available_metadata(user_id, policy_id) - results = [] - if not category_id: - for cat in available_metadata["action"]: - results.append(self.driver.get_action_data(policy_id=policy_id, data_id=data_id, - category_id=cat)) - if category_id and category_id in available_metadata["action"]: - results.append(self.driver.get_action_data(policy_id=policy_id, data_id=data_id, - category_id=category_id)) - return results - - @enforce(("read", "write"), "data") - def add_action_data(self, user_id, policy_id, data_id=None, category_id=None, value=None): - if not category_id: - raise Exception('Invalid category id') - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - if not data_id: - data_id = uuid4().hex - return self.driver.set_action_data(policy_id=policy_id, data_id=data_id, category_id=category_id, value=value) - - @enforce(("read", "write"), "data") - def delete_action_data(self, user_id, policy_id, data_id): - # TODO (asteroide): check and/or delete assignments linked to that data - return self.driver.delete_action_data(policy_id=policy_id, data_id=data_id) - - @enforce("read", "assignments") - def get_subject_assignments(self, user_id, policy_id, subject_id=None, category_id=None): - return self.driver.get_subject_assignments(policy_id=policy_id, subject_id=subject_id, category_id=category_id) - - @enforce(("read", "write"), "assignments") - def add_subject_assignment(self, user_id, policy_id, subject_id, category_id, data_id): - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - return self.driver.add_subject_assignment(policy_id=policy_id, subject_id=subject_id, - category_id=category_id, data_id=data_id) - - @enforce(("read", "write"), "assignments") - def delete_subject_assignment(self, user_id, policy_id, subject_id, category_id, data_id): - return self.driver.delete_subject_assignment(policy_id=policy_id, subject_id=subject_id, - category_id=category_id, data_id=data_id) - - @enforce("read", "assignments") - def get_object_assignments(self, user_id, policy_id, object_id=None, category_id=None): - return self.driver.get_object_assignments(policy_id=policy_id, object_id=object_id, category_id=category_id) - - @enforce(("read", "write"), "assignments") - def add_object_assignment(self, user_id, policy_id, object_id, category_id, data_id): - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - return self.driver.add_object_assignment(policy_id=policy_id, object_id=object_id, - category_id=category_id, data_id=data_id) - - @enforce(("read", "write"), "assignments") - def delete_object_assignment(self, user_id, policy_id, object_id, category_id, data_id): - return self.driver.delete_object_assignment(policy_id=policy_id, object_id=object_id, - category_id=category_id, data_id=data_id) - - @enforce("read", "assignments") - def get_action_assignments(self, user_id, policy_id, action_id=None, category_id=None): - return self.driver.get_action_assignments(policy_id=policy_id, action_id=action_id, category_id=category_id) - - @enforce(("read", "write"), "assignments") - def add_action_assignment(self, user_id, policy_id, action_id, category_id, data_id): - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - return self.driver.add_action_assignment(policy_id=policy_id, action_id=action_id, - category_id=category_id, data_id=data_id) - - @enforce(("read", "write"), "assignments") - def delete_action_assignment(self, user_id, policy_id, action_id, category_id, data_id): - return self.driver.delete_action_assignment(policy_id=policy_id, action_id=action_id, - category_id=category_id, data_id=data_id) - - @enforce("read", "rules") - def get_rules(self, user_id, policy_id, meta_rule_id=None, rule_id=None): - return self.driver.get_rules(policy_id=policy_id, meta_rule_id=meta_rule_id, rule_id=rule_id) - - @enforce(("read", "write"), "rules") - def add_rule(self, user_id, policy_id, meta_rule_id, value): - if not self.get_policies(user_id=user_id, policy_id=policy_id): - raise exceptions.PolicyUnknown - return self.driver.add_rule(policy_id=policy_id, meta_rule_id=meta_rule_id, value=value) - - @enforce(("read", "write"), "rules") - def delete_rule(self, user_id, policy_id, rule_id): - return self.driver.delete_rule(policy_id=policy_id, rule_id=rule_id) - - @enforce("read", "meta_data") - def get_available_metadata(self, user_id, policy_id): - categories = { - "subject": [], - "object": [], - "action": [] - } - policy = self.driver.get_policies(policy_id=policy_id) - if not policy: - raise exceptions.PolicyUnknown - model_id = policy[policy_id]["model_id"] - model = Managers.ModelManager.get_models(user_id=user_id, model_id=model_id) - try: - meta_rule_list = model[model_id]["meta_rules"] - for meta_rule_id in meta_rule_list: - meta_rule = Managers.ModelManager.get_meta_rules(user_id=user_id, meta_rule_id=meta_rule_id) - categories["subject"].extend(meta_rule[meta_rule_id]["subject_categories"]) - categories["object"].extend(meta_rule[meta_rule_id]["object_categories"]) - categories["action"].extend(meta_rule[meta_rule_id]["action_categories"]) - finally: - return categories diff --git a/python_moondb/python_moondb/backends/__init__.py b/python_moondb/python_moondb/backends/__init__.py deleted file mode 100644 index 237bdc3e..00000000 --- a/python_moondb/python_moondb/backends/__init__.py +++ /dev/null @@ -1,97 +0,0 @@ - -""" -intra_extensions = { - intra_extension_id1: { - name: xxx, - model: yyy, - description: zzz}, - intra_extension_id2: {...}, - ... -} - -tenants = { - tenant_id1: { - name: xxx, - description: yyy, - intra_authz_extension_id: zzz, - intra_admin_extension_id: zzz, - }, - tenant_id2: {...}, - ... -} - ---------------- for each intra-extension ----------------- - -subject_categories = { - subject_category_id1: { - name: xxx, - description: yyy}, - subject_category_id2: {...}, - ... -} - -subjects = { - subject_id1: { - name: xxx, - description: yyy, - ...}, - subject_id2: {...}, - ... -} - -subject_scopes = { - subject_category_id1: { - subject_scope_id1: { - name: xxx, - description: aaa}, - subject_scope_id2: { - name: yyy, - description: bbb}, - ...}, - subject_scope_id3: { - ...} - subject_category_id2: {...}, - ... -} - -subject_assignments = { - subject_id1: { - subject_category_id1: [subject_scope_id1, subject_scope_id2, ...], - subject_category_id2: [subject_scope_id3, subject_scope_id4, ...], - ... - }, - subject_id2: { - subject_category_id1: [subject_scope_id1, subject_scope_id2, ...], - subject_category_id2: [subject_scope_id3, subject_scope_id4, ...], - ... - }, - ... -} - -aggregation_algorithm = { - aggregation_algorithm_id: { - name: xxx, - description: yyy - } - } - -sub_meta_rules = { - sub_meta_rule_id_1: { - "name": xxx, - "algorithm": yyy, - "subject_categories": [subject_category_id1, subject_category_id2,...], - "object_categories": [object_category_id1, object_category_id2,...], - "action_categories": [action_category_id1, action_category_id2,...] - sub_meta_rule_id_2: {...}, - ... -} - -rules = { - sub_meta_rule_id1: { - rule_id1: [subject_scope1, subject_scope2, ..., action_scope1, ..., object_scope1, ... ], - rule_id2: [subject_scope3, subject_scope4, ..., action_scope3, ..., object_scope3, ... ], - rule_id3: [thomas, write, admin.subjects] - ...}, - sub_meta_rule_id2: { }, - ...} -"""
\ No newline at end of file diff --git a/python_moondb/python_moondb/backends/sql.py b/python_moondb/python_moondb/backends/sql.py deleted file mode 100644 index a838a854..00000000 --- a/python_moondb/python_moondb/backends/sql.py +++ /dev/null @@ -1,1661 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -import copy -import json -from uuid import uuid4 -import sqlalchemy as sql -import logging -from sqlalchemy.orm import sessionmaker -from sqlalchemy.ext.declarative import declarative_base, declared_attr -from sqlalchemy import create_engine -from contextlib import contextmanager -from sqlalchemy import types as sql_types -from python_moonutilities import configuration -from python_moonutilities.exceptions import * -from python_moondb.core import PDPDriver, PolicyDriver, ModelDriver -import sqlalchemy - -logger = logging.getLogger("moon.db.driver.sql") -Base = declarative_base() -DEBUG = True if configuration.get_configuration("logging")['logging']['loggers']['moon']['level'] == "DEBUG" else False - - -class DictBase: - attributes = [] - - @classmethod - def from_dict(cls, d): - new_d = d.copy() - return cls(**new_d) - # new_d = d.copy() - # - # new_d['extra'] = {k: new_d.pop(k) for k in six.iterkeys(d) - # if k not in cls.attributes and k != 'extra'} - # - # return cls(**new_d) - - def to_dict(self): - d = dict() - for attr in self.__class__.attributes: - d[attr] = getattr(self, attr) - return d - - def __getitem__(self, key): - # if "extra" in dir(self) and key in self.extra: - # return self.extra[key] - return getattr(self, key) - - -class JsonBlob(sql_types.TypeDecorator): - - impl = sql.Text - - def process_bind_param(self, value, dialect): - return json.dumps(value) - - def process_result_value(self, value, dialect): - return json.loads(value) - - -class Model(Base, DictBase): - __tablename__ = 'models' - attributes = ['id', 'name', 'value'] - id = sql.Column(sql.String(64), primary_key=True) - name = sql.Column(sql.String(256), nullable=False) - value = sql.Column(JsonBlob(), nullable=True) - - def to_dict(self): - return { - "name": self.name, - "description": self.value.get("description", ""), - "meta_rules": self.value.get("meta_rules", list()), - } - - -class Policy(Base, DictBase): - __tablename__ = 'policies' - attributes = ['id', 'name', 'model_id', 'value'] - id = sql.Column(sql.String(64), primary_key=True) - name = sql.Column(sql.String(256), nullable=False) - model_id = sql.Column(sql.String(64), nullable=True, default="") - value = sql.Column(JsonBlob(), nullable=True) - - def to_dict(self): - return { - "description": self.value.get("description", ""), - "genre": self.value.get("genre", ""), - "model_id": self.model_id, - "name": self.name - } - - -class PDP(Base, DictBase): - __tablename__ = 'pdp' - attributes = ['id', 'name', 'keystone_project_id', 'value'] - id = sql.Column(sql.String(64), primary_key=True) - name = sql.Column(sql.String(256), nullable=False) - keystone_project_id = sql.Column(sql.String(64), nullable=True, default="") - value = sql.Column(JsonBlob(), nullable=True) - - def to_dict(self): - return { - "name": self.name, - "description": self.value.get("description", ""), - "keystone_project_id": self.keystone_project_id, - "security_pipeline": self.value.get("security_pipeline", []), - } - - -class PerimeterCategoryBase(DictBase): - attributes = ['id', 'name', 'description'] - id = sql.Column(sql.String(64), primary_key=True) - name = sql.Column(sql.String(256), nullable=False) - description = sql.Column(sql.String(256), nullable=True) - - -class SubjectCategory(Base, PerimeterCategoryBase): - __tablename__ = 'subject_categories' - - -class ObjectCategory(Base, PerimeterCategoryBase): - __tablename__ = 'object_categories' - - -class ActionCategory(Base, PerimeterCategoryBase): - __tablename__ = 'action_categories' - - -class PerimeterBase(DictBase): - attributes = ['id', 'name', 'value'] - id = sql.Column(sql.String(64), primary_key=True) - name = sql.Column(sql.String(256), nullable=False) - value = sql.Column(JsonBlob(), nullable=True) - __mapper_args__ = {'concrete': True} - def __repr__(self): - return "{} with name {} : {}".format(self.id, self.name, json.dumps(self.value)) - - def to_return(self): - return { - 'id': self.id, - 'name': self.name, - 'description': self.value.get("description", ""), - 'email': self.value.get("email", ""), - 'extra': self.value.get("extra", dict()), - 'policy_list': self.value.get("policy_list", []) - } - - def to_dict(self): - dict_value = copy.deepcopy(self.value) - dict_value["name"] = self.name - return { - 'id': self.id, - 'value': dict_value - } - -class Subject(Base, PerimeterBase): - __tablename__ = 'subjects' - - -class Object(Base, PerimeterBase): - __tablename__ = 'objects' - - -class Action(Base, PerimeterBase): - __tablename__ = 'actions' - - -class PerimeterDataBase(DictBase): - attributes = ['id', 'name', 'value', 'category_id', 'policy_id'] - id = sql.Column(sql.String(64), primary_key=True) - name = sql.Column(sql.String(256), nullable=False) - value = sql.Column(JsonBlob(), nullable=True) - @declared_attr - def policy_id(cls): - return sql.Column(sql.ForeignKey("policies.id"), nullable=False) - - def to_dict(self): - return { - 'id': self.id, - 'name': self.name, - 'description': self.value.get("description", ""), - 'category_id': self.category_id, - 'policy_id': self.policy_id - } - - -class SubjectData(Base, PerimeterDataBase): - __tablename__ = 'subject_data' - category_id = sql.Column(sql.ForeignKey("subject_categories.id"), nullable=False) - - -class ObjectData(Base, PerimeterDataBase): - __tablename__ = 'object_data' - category_id = sql.Column(sql.ForeignKey("object_categories.id"), nullable=False) - - -class ActionData(Base, PerimeterDataBase): - __tablename__ = 'action_data' - category_id = sql.Column(sql.ForeignKey("action_categories.id"), nullable=False) - - -class PerimeterAssignmentBase(DictBase): - attributes = ['id', 'assignments', 'policy_id', 'subject_id', 'category_id'] - id = sql.Column(sql.String(64), primary_key=True) - assignments = sql.Column(JsonBlob(), nullable=True) - category_id = None - - @declared_attr - def policy_id(cls): - return sql.Column(sql.ForeignKey("policies.id"), nullable=False) - - def _to_dict(self, element_key, element_value): - return { - "id": self.id, - "policy_id": self.policy_id, - element_key: element_value, - "category_id": self.category_id, - "assignments": self.assignments, - } - - -class SubjectAssignment(Base, PerimeterAssignmentBase): - __tablename__ = 'subject_assignments' - subject_id = sql.Column(sql.ForeignKey("subjects.id"), nullable=False) - category_id = sql.Column(sql.ForeignKey("subject_categories.id"), nullable=False) - - def to_dict(self): - return self._to_dict("subject_id", self.subject_id) - - -class ObjectAssignment(Base, PerimeterAssignmentBase): - __tablename__ = 'object_assignments' - attributes = ['id', 'assignments', 'policy_id', 'object_id', 'category_id'] - object_id = sql.Column(sql.ForeignKey("objects.id"), nullable=False) - category_id = sql.Column(sql.ForeignKey("object_categories.id"), nullable=False) - - def to_dict(self): - return self._to_dict("object_id", self.object_id) - - -class ActionAssignment(Base, PerimeterAssignmentBase): - __tablename__ = 'action_assignments' - attributes = ['id', 'assignments', 'policy_id', 'action_id', 'category_id'] - action_id = sql.Column(sql.ForeignKey("actions.id"), nullable=False) - category_id = sql.Column(sql.ForeignKey("action_categories.id"), nullable=False) - - def to_dict(self): - return self._to_dict("action_id", self.action_id) - - -class MetaRule(Base, DictBase): - __tablename__ = 'meta_rules' - attributes = ['id', 'name', 'subject_categories', 'object_categories', 'action_categories', 'value'] - id = sql.Column(sql.String(64), primary_key=True) - name = sql.Column(sql.String(256), nullable=False) - subject_categories = sql.Column(JsonBlob(), nullable=True) - object_categories = sql.Column(JsonBlob(), nullable=True) - action_categories = sql.Column(JsonBlob(), nullable=True) - value = sql.Column(JsonBlob(), nullable=True) - - def to_dict(self): - return { - "name": self.name, - "description": self.value.get("description", ""), - "subject_categories": self.subject_categories, - "object_categories": self.object_categories, - "action_categories": self.action_categories, - } - - -class Rule(Base, DictBase): - __tablename__ = 'rules' - attributes = ['id', 'rule', 'policy_id', 'meta_rule_id'] - id = sql.Column(sql.String(64), primary_key=True) - rule = sql.Column(JsonBlob(), nullable=True) - policy_id = sql.Column(sql.ForeignKey("policies.id"), nullable=False) - meta_rule_id = sql.Column(sql.ForeignKey("meta_rules.id"), nullable=False) - - def to_dict(self): - return { - 'id': self.id, - 'rule': self.rule["rule"], - 'instructions': self.rule["instructions"], - 'enabled': self.rule["enabled"], - 'policy_id': self.policy_id, - 'meta_rule_id': self.meta_rule_id - } - - def __repr__(self): - return "{}".format(self.rule) - - -@contextmanager -def session_scope(engine): - """Provide a transactional scope around a series of operations.""" - if type(engine) is str: - echo = DEBUG - engine = create_engine(engine, echo=echo) - session = sessionmaker(bind=engine)() - try: - yield session - session.commit() - except: - session.rollback() - raise - finally: - session.close() - - -class BaseConnector(object): - """Provide a base connector to connect them all""" - engine = "" - - def __init__(self, engine_name): - echo = DEBUG - self.engine = create_engine(engine_name, echo=echo) - - def init_db(self): - Base.metadata.create_all(self.engine) - - def set_engine(self, engine_name): - self.engine = engine_name - - def get_session(self): - return session_scope(self.engine) - - def get_session_for_read(self): - return self.get_session() - - def get_session_for_write(self): - return self.get_session() - - -class PDPConnector(BaseConnector, PDPDriver): - - def update_pdp(self, pdp_id, value): - try: - with self.get_session_for_write() as session: - query = session.query(PDP) - query = query.filter_by(id=pdp_id) - ref = query.first() - if ref: - value_wo_name = copy.deepcopy(value) - value_wo_name.pop("name", None) - value_wo_name.pop("keystone_project_id", None) - ref.name = value["name"] - ref.keystone_project_id = value["keystone_project_id"] - d = dict(ref.value) - d.update(value_wo_name) - setattr(ref, "value", d) - return {ref.id: ref.to_dict()} - except sqlalchemy.exc.IntegrityError: - raise PdpExisting - - def delete_pdp(self, pdp_id): - with self.get_session_for_write() as session: - ref = session.query(PDP).get(pdp_id) - session.delete(ref) - - def add_pdp(self, pdp_id=None, value=None): - try: - with self.get_session_for_write() as session: - value_wo_name = copy.deepcopy(value) - value_wo_name.pop("name", None) - value_wo_name.pop("keystone_project_id", None) - new = PDP.from_dict({ - "id": pdp_id if pdp_id else uuid4().hex, - "name": value["name"], - "keystone_project_id": value["keystone_project_id"], - "value": value_wo_name - }) - session.add(new) - return {new.id: new.to_dict()} - except sqlalchemy.exc.IntegrityError: - raise PdpExisting - - def get_pdp(self, pdp_id=None): - with self.get_session_for_read() as session: - query = session.query(PDP) - if pdp_id: - query = query.filter_by(id=pdp_id) - ref_list = query.all() - return {_ref.id: _ref.to_dict() for _ref in ref_list} - - -class PolicyConnector(BaseConnector, PolicyDriver): - - def update_policy(self, policy_id, value): - with self.get_session_for_write() as session: - query = session.query(Policy) - query = query.filter_by(id=policy_id) - ref = query.first() - if ref: - value_wo_other_info = copy.deepcopy(value) - value_wo_other_info.pop("name", None) - value_wo_other_info.pop("model_id", None) - ref.name = value["name"] - ref.model_id= value["model_id"] - d = dict(ref.value) - d.update(value_wo_other_info) - setattr(ref, "value", d) - return {ref.id: ref.to_dict()} - - def delete_policy(self, policy_id): - with self.get_session_for_write() as session: - ref = session.query(Policy).get(policy_id) - session.delete(ref) - - def add_policy(self, policy_id=None, value=None): - with self.get_session_for_write() as session: - value_wo_other_info = copy.deepcopy(value) - value_wo_other_info.pop("name", None) - value_wo_other_info.pop("model_id", None) - new = Policy.from_dict({ - "id": policy_id if policy_id else uuid4().hex, - "name": value["name"], - "model_id": value["model_id"], - "value": value_wo_other_info - }) - session.add(new) - return {new.id: new.to_dict()} - - def get_policies(self, policy_id=None): - with self.get_session_for_read() as session: - query = session.query(Policy) - if policy_id: - query = query.filter_by(id=policy_id) - ref_list = query.all() - return {_ref.id: _ref.to_dict() for _ref in ref_list} - - def __get_perimeters(self, ClassType, policy_id, perimeter_id=None): - with self.get_session_for_read() as session: - query = session.query(ClassType) - ref_list = copy.deepcopy(query.all()) - if perimeter_id: - for _ref in ref_list: - _ref_value = _ref.to_return() - if perimeter_id == _ref.id: - if policy_id and policy_id in _ref_value["policy_list"]: - return {_ref.id: _ref_value} - else: - return {} - elif policy_id: - results = [] - for _ref in ref_list: - _ref_value = _ref.to_return() - if policy_id in _ref_value["policy_list"]: - results.append(_ref) - return {_ref.id: _ref.to_return() for _ref in results} - return {_ref.id: _ref.to_return() for _ref in ref_list} - - def __set_perimeter(self, ClassType, ClassTypeException, policy_id, perimeter_id=None, value=None): - _perimeter = None - with self.get_session_for_write() as session: - if perimeter_id: - query = session.query(ClassType) - query = query.filter_by(id=perimeter_id) - _perimeter = query.first() - logger.info("+++++++++++++ {}".format(_perimeter)) - if not _perimeter: - if "policy_list" not in value or type(value["policy_list"]) is not list: - value["policy_list"] = [] - if policy_id and policy_id not in value["policy_list"]: - value["policy_list"] = [policy_id, ] - - value_wo_name = copy.deepcopy(value) - value_wo_name.pop("name",None) - new = ClassType.from_dict({ - "id": uuid4().hex, - "name": value["name"], - "value": value_wo_name - }) - session.add(new) - return {new.id: new.to_return()} - else: - _value = copy.deepcopy(_perimeter.to_dict()) - if "policy_list" not in _value["value"] or type(_value["value"]["policy_list"]) is not list: - _value["value"]["policy_list"] = [] - if policy_id and policy_id not in _value["value"]["policy_list"]: - _value["value"]["policy_list"].append(policy_id) - logger.info("-------------_value- {}".format(_value)) - - name = _value["value"]["name"] - _value["value"].pop("name") - new_perimeter = ClassType.from_dict({ - "id": _value["id"], - "name": name, - "value": _value["value"] - }) - logger.info("-------------- new {}".format(new_perimeter)) - logger.info("-------------- old {}".format(_perimeter)) - _perimeter.value = new_perimeter.value - _perimeter.name = new_perimeter.name - return {_perimeter.id: _perimeter.to_return()} - - def __delete_perimeter(self,ClassType, ClassUnknownException, policy_id, perimeter_id): - with self.get_session_for_write() as session: - query = session.query(ClassType) - query = query.filter_by(id=perimeter_id) - _perimeter = query.first() - if not _perimeter: - raise ClassUnknownException - old_perimeter = copy.deepcopy(_perimeter.to_dict()) - # value = _subject.to_dict() - try: - old_perimeter["value"]["policy_list"].remove(policy_id) - new_perimeter = ClassType.from_dict(old_perimeter) - setattr(_perimeter, "value", getattr(new_perimeter, "value")) - except ValueError: - if not _perimeter.value["policy_list"]: - session.delete(_perimeter) - - def get_subjects(self, policy_id, perimeter_id=None): - return self.__get_perimeters(Subject, policy_id, perimeter_id) - - def set_subject(self, policy_id, perimeter_id=None, value=None): - try: - return self.__set_perimeter(Subject, SubjectExisting, policy_id, perimeter_id=perimeter_id, value=value) - except sqlalchemy.exc.IntegrityError: - raise SubjectExisting - - def delete_subject(self, policy_id, perimeter_id): - self.__delete_perimeter(Subject, SubjectUnknown, policy_id, perimeter_id) - - def get_objects(self, policy_id, perimeter_id=None): - return self.__get_perimeters(Object, policy_id, perimeter_id) - - def set_object(self, policy_id, perimeter_id=None, value=None): - try: - return self.__set_perimeter(Object, ObjectExisting, policy_id, perimeter_id=perimeter_id, value=value) - except sqlalchemy.exc.IntegrityError: - raise ObjectExisting - - def delete_object(self, policy_id, perimeter_id): - self.__delete_perimeter(Object, ObjectUnknown, policy_id, perimeter_id) - - def get_actions(self, policy_id, perimeter_id=None): - return self.__get_perimeters(Action, policy_id, perimeter_id) - - def set_action(self, policy_id, perimeter_id=None, value=None): - try: - return self.__set_perimeter(Action, ActionExisting, policy_id, perimeter_id=perimeter_id, value=value) - except sqlalchemy.exc.IntegrityError: - raise ActionExisting - - def delete_action(self, policy_id, perimeter_id): - self.__delete_perimeter(Action, ActionUnknown, policy_id, perimeter_id) - - def __get_perimeter_data(self, ClassType, policy_id, data_id=None, category_id=None): - logger.info("driver {} {} {}".format(policy_id, data_id, category_id)) - with self.get_session_for_read() as session: - query = session.query(ClassType) - if data_id: - query = query.filter_by(policy_id=policy_id, id=data_id, category_id=category_id) - else: - query = query.filter_by(policy_id=policy_id, category_id=category_id) - ref_list = query.all() - logger.info("ref_list={}".format(ref_list)) - return { - "policy_id": policy_id, - "category_id": category_id, - "data": {_ref.id: _ref.to_dict() for _ref in ref_list} - } - - def __set_perimeter_data(self, ClassType, ClassTypeData, policy_id, data_id=None, category_id=None, value=None): - with self.get_session_for_write() as session: - query = session.query(ClassTypeData) - query = query.filter_by(policy_id=policy_id, id=data_id, category_id=category_id) - ref = query.first() - if not ref: - value_wo_name = copy.deepcopy(value) - value_wo_name.pop("name", None) - new_ref = ClassTypeData.from_dict( - { - "id": data_id if data_id else uuid4().hex, - 'name': value["name"], - 'value': value_wo_name, - 'category_id': category_id, - 'policy_id': policy_id, - } - ) - session.add(new_ref) - ref = new_ref - else: - for attr in ClassType.attributes: - if attr != 'id': - setattr(ref, attr, getattr(ref, attr)) - # session.flush() - return { - "policy_id": policy_id, - "category_id": category_id, - "data": {ref.id: ref.to_dict()} - } - - def __delete_perimeter_data(self, ClassType, policy_id, data_id): - with self.get_session_for_write() as session: - query = session.query(ClassType) - query = query.filter_by(policy_id=policy_id, id=data_id) - ref = query.first() - if ref: - session.delete(ref) - - def get_subject_data(self, policy_id, data_id=None, category_id=None): - return self.__get_perimeter_data(SubjectData, policy_id, data_id=data_id, category_id=category_id) - - def set_subject_data(self, policy_id, data_id=None, category_id=None, value=None): - try: - return self.__set_perimeter_data(Subject, SubjectData, policy_id, data_id=data_id, category_id=category_id, value=value) - except sqlalchemy.exc.IntegrityError: - raise SubjectScopeExisting - - def delete_subject_data(self, policy_id, data_id): - return self.__delete_perimeter_data(SubjectData, policy_id, data_id) - - def get_object_data(self, policy_id, data_id=None, category_id=None): - return self.__get_perimeter_data(ObjectData, policy_id, data_id=data_id, category_id=category_id) - - def set_object_data(self, policy_id, data_id=None, category_id=None, value=None): - try: - return self.__set_perimeter_data(Object, ObjectData, policy_id, data_id=data_id, category_id=category_id, value=value) - except sqlalchemy.exc.IntegrityError: - raise ObjectScopeExisting - - def delete_object_data(self, policy_id, data_id): - return self.__delete_perimeter_data(ObjectData, policy_id, data_id) - - def get_action_data(self, policy_id, data_id=None, category_id=None): - return self.__get_perimeter_data(ActionData, policy_id, data_id=data_id, category_id=category_id) - - def set_action_data(self, policy_id, data_id=None, category_id=None, value=None): - try: - return self.__set_perimeter_data(Action, ActionData, policy_id, data_id=data_id, category_id=category_id, value=value) - except sqlalchemy.exc.IntegrityError: - raise ActionScopeExisting - - def delete_action_data(self, policy_id, data_id): - return self.__delete_perimeter_data(ActionData, policy_id, data_id) - - def get_subject_assignments(self, policy_id, subject_id=None, category_id=None): - with self.get_session_for_write() as session: - query = session.query(SubjectAssignment) - if subject_id and category_id: - #TODO change the subject_id to perimeter_id to allow code refactoring - query = query.filter_by(policy_id=policy_id, subject_id=subject_id, category_id=category_id) - elif subject_id: - query = query.filter_by(policy_id=policy_id, subject_id=subject_id) - else: - query = query.filter_by(policy_id=policy_id) - ref_list = query.all() - return {_ref.id: _ref.to_dict() for _ref in ref_list} - - def add_subject_assignment(self, policy_id, subject_id, category_id, data_id): - with self.get_session_for_write() as session: - query = session.query(SubjectAssignment) - query = query.filter_by(policy_id=policy_id, subject_id=subject_id, category_id=category_id) - ref = query.first() - if ref: - old_ref = copy.deepcopy(ref.to_dict()) - assignments = old_ref["assignments"] - if data_id not in assignments: - assignments.append(data_id) - setattr(ref, "assignments", assignments) - else: - raise SubjectAssignmentExisting - else: - ref = SubjectAssignment.from_dict( - { - "id": uuid4().hex, - "policy_id": policy_id, - "subject_id": subject_id, - "category_id": category_id, - "assignments": [data_id, ], - } - ) - session.add(ref) - return {ref.id: ref.to_dict()} - - def delete_subject_assignment(self, policy_id, subject_id, category_id, data_id): - with self.get_session_for_write() as session: - query = session.query(SubjectAssignment) - query = query.filter_by(policy_id=policy_id, subject_id=subject_id, category_id=category_id) - ref = query.first() - if ref: - old_ref = copy.deepcopy(ref.to_dict()) - assignments = old_ref["assignments"] - # TODO (asteroide): if data_id is None, delete all - if data_id in assignments: - assignments.remove(data_id) - # FIXME (asteroide): the setattr doesn't work here ; the assignments is not updated in the database - setattr(ref, "assignments", assignments) - if not assignments: - session.delete(ref) - - def get_object_assignments(self, policy_id, object_id=None, category_id=None): - with self.get_session_for_write() as session: - query = session.query(ObjectAssignment) - if object_id and category_id: - #TODO change the object_id to perimeter_id to allow code refactoring - query = query.filter_by(policy_id=policy_id, object_id=object_id, category_id=category_id) - elif object_id: - query = query.filter_by(policy_id=policy_id, object_id=object_id) - else: - query = query.filter_by(policy_id=policy_id) - ref_list = query.all() - return {_ref.id: _ref.to_dict() for _ref in ref_list} - - def add_object_assignment(self, policy_id, object_id, category_id, data_id): - with self.get_session_for_write() as session: - query = session.query(ObjectAssignment) - query = query.filter_by(policy_id=policy_id, object_id=object_id, category_id=category_id) - ref = query.first() - if ref: - old_ref = copy.deepcopy(ref.to_dict()) - assignments = old_ref["assignments"] - if data_id not in assignments: - assignments.append(data_id) - setattr(ref, "assignments", assignments) - else: - raise ObjectAssignmentExisting - else: - ref = ObjectAssignment.from_dict( - { - "id": uuid4().hex, - "policy_id": policy_id, - "object_id": object_id, - "category_id": category_id, - "assignments": [data_id, ], - } - ) - session.add(ref) - return {ref.id: ref.to_dict()} - - def delete_object_assignment(self, policy_id, object_id, category_id, data_id): - with self.get_session_for_write() as session: - query = session.query(ObjectAssignment) - query = query.filter_by(policy_id=policy_id, object_id=object_id, category_id=category_id) - ref = query.first() - if ref: - old_ref = copy.deepcopy(ref.to_dict()) - assignments = old_ref["assignments"] - # TODO (asteroide): if data_id is None, delete all - if data_id in assignments: - assignments.remove(data_id) - # FIXME (asteroide): the setattr doesn't work here ; the assignments is not updated in the database - setattr(ref, "assignments", assignments) - if not assignments: - session.delete(ref) - - def get_action_assignments(self, policy_id, action_id=None, category_id=None): - with self.get_session_for_write() as session: - query = session.query(ActionAssignment) - if action_id and category_id: - # TODO change the action_id to perimeter_id to allow code refactoring - query = query.filter_by(policy_id=policy_id, action_id=action_id, category_id=category_id) - elif action_id: - query = query.filter_by(policy_id=policy_id, action_id=action_id) - else: - query = query.filter_by(policy_id=policy_id) - ref_list = query.all() - return {_ref.id: _ref.to_dict() for _ref in ref_list} - - def add_action_assignment(self, policy_id, action_id, category_id, data_id): - with self.get_session_for_write() as session: - query = session.query(ActionAssignment) - query = query.filter_by(policy_id=policy_id, action_id=action_id, category_id=category_id) - ref = query.first() - if ref: - old_ref = copy.deepcopy(ref.to_dict()) - assignments = old_ref["assignments"] - if data_id not in assignments: - assignments.append(data_id) - setattr(ref, "assignments", assignments) - else: - raise ActionAssignmentExisting - else: - ref = ActionAssignment.from_dict( - { - "id": uuid4().hex, - "policy_id": policy_id, - "action_id": action_id, - "category_id": category_id, - "assignments": [data_id, ], - } - ) - session.add(ref) - return {ref.id: ref.to_dict()} - - def delete_action_assignment(self, policy_id, action_id, category_id, data_id): - with self.get_session_for_write() as session: - query = session.query(ActionAssignment) - query = query.filter_by(policy_id=policy_id, action_id=action_id, category_id=category_id) - ref = query.first() - if ref: - old_ref = copy.deepcopy(ref.to_dict()) - assignments = old_ref["assignments"] - # TODO (asteroide): if data_id is None, delete all - if data_id in assignments: - assignments.remove(data_id) - # FIXME (asteroide): the setattr doesn't work here ; the assignments is not updated in the database - setattr(ref, "assignments", assignments) - if not assignments: - session.delete(ref) - - def get_rules(self, policy_id, rule_id=None, meta_rule_id=None): - with self.get_session_for_read() as session: - query = session.query(Rule) - if rule_id: - query = query.filter_by(policy_id=policy_id, rule_id=rule_id) - ref = query.first() - return {ref.id: ref.to_dict()} - elif meta_rule_id: - query = query.filter_by(policy_id=policy_id, meta_rule_id=meta_rule_id) - ref_list = query.all() - return { - "meta_rule_id": meta_rule_id, - "policy_id": policy_id, - "rules": list(map(lambda x: x.to_dict(), ref_list)) - } - else: - query = query.filter_by(policy_id=policy_id) - ref_list = query.all() - return { - "policy_id": policy_id, - "rules": list(map(lambda x: x.to_dict(), ref_list)) - } - - def add_rule(self, policy_id, meta_rule_id, value): - try: - with self.get_session_for_write() as session: - ref = Rule.from_dict( - { - "id": uuid4().hex, - "policy_id": policy_id, - "meta_rule_id": meta_rule_id, - "rule": value - } - ) - session.add(ref) - return {ref.id: ref.to_dict()} - except sqlalchemy.exc.IntegrityError: - raise RuleExisting - - def delete_rule(self, policy_id, rule_id): - with self.get_session_for_write() as session: - query = session.query(Rule) - query = query.filter_by(policy_id=policy_id, id=rule_id) - ref = query.first() - if ref: - session.delete(ref) - - -class ModelConnector(BaseConnector, ModelDriver): - - def update_model(self, model_id, value): - with self.get_session_for_write() as session: - query = session.query(Model) - if model_id: - query = query.filter_by(id=model_id) - ref = query.first() - if ref: - value_wo_name = copy.deepcopy(value) - value_wo_name.pop("name", None) - setattr(ref, "name", value["name"]) - d = dict(ref.value) - d.update(value_wo_name) - setattr(ref, "value", d) - return {ref.id: ref.to_dict()} - - def delete_model(self, model_id): - with self.get_session_for_write() as session: - ref = session.query(Model).get(model_id) - session.delete(ref) - - def add_model(self, model_id=None, value=None): - try: - with self.get_session_for_write() as session: - value_wo_name = copy.deepcopy(value) - value_wo_name.pop("name", None) - new = Model.from_dict({ - "id": model_id if model_id else uuid4().hex, - "name": value["name"], - "value": value_wo_name - }) - session.add(new) - return {new.id: new.to_dict()} - except sqlalchemy.exc.IntegrityError as e: - raise ModelExisting - - def get_models(self, model_id=None): - with self.get_session_for_read() as session: - query = session.query(Model) - if model_id: - ref_list = query.filter(Model.id == model_id) - else: - ref_list = query.all() - - r = {_ref.id: _ref.to_dict() for _ref in ref_list} - return r - - def set_meta_rule(self, meta_rule_id, value): - with self.get_session_for_write() as session: - value_wo_other_data = copy.deepcopy(value) - value_wo_other_data.pop("name", None) - value_wo_other_data.pop("subject_categories", None) - value_wo_other_data.pop("object_categories", None) - value_wo_other_data.pop("action_categories", None) - if meta_rule_id is None: - try: - ref = MetaRule.from_dict( - { - "id": uuid4().hex, - "name": value["name"], - "subject_categories": value["subject_categories"], - "object_categories": value["object_categories"], - "action_categories": value["action_categories"], - "value": value_wo_other_data - } - ) - session.add(ref) - except sqlalchemy.exc.IntegrityError as e: - raise MetaRuleExisting - else: - query = session.query(MetaRule) - query = query.filter_by(id=meta_rule_id) - ref = query.first() - setattr(ref, "name", value["name"]) - setattr(ref, "subject_categories", value["subject_categories"]) - setattr(ref, "object_categories", value["object_categories"]) - setattr(ref, "action_categories", value["action_categories"]) - setattr(ref, "value", value_wo_other_data) - return {ref.id: ref.to_dict()} - - def get_meta_rules(self, meta_rule_id=None): - with self.get_session_for_read() as session: - query = session.query(MetaRule) - if meta_rule_id: - query = query.filter_by(id=meta_rule_id) - ref_list = query.all() - return {_ref.id: _ref.to_dict() for _ref in ref_list} - - def delete_meta_rule(self, meta_rule_id=None): - with self.get_session_for_write() as session: - query = session.query(MetaRule) - query = query.filter_by(id=meta_rule_id) - ref = query.first() - if ref: - session.delete(ref) - - def __get_perimeter_categories(self, ClassType, category_id=None): - with self.get_session_for_read() as session: - query = session.query(ClassType) - if category_id: - query = query.filter_by(id=category_id) - ref_list = query.all() - return {_ref.id: _ref.to_dict() for _ref in ref_list} - - def __add_perimeter_category(self, ClassType, name, description, uuid=None): - with self.get_session_for_write() as session: - ref = ClassType.from_dict( - { - "id": uuid if uuid else uuid4().hex, - "name": name, - "description": description - } - ) - session.add(ref) - return {ref.id: ref.to_dict()} - - def __delete_perimeter_category(self, ClassType, category_id): - with self.get_session_for_write() as session: - query = session.query(ClassType) - query = query.filter_by(id=category_id) - ref = query.first() - if ref: - session.delete(ref) - - def get_subject_categories(self, category_id=None): - return self.__get_perimeter_categories(SubjectCategory, category_id=category_id) - - def add_subject_category(self, name, description, uuid=None): - try: - return self.__add_perimeter_category(SubjectCategory, name, description, uuid=uuid) - except sql.exc.IntegrityError as e: - raise SubjectCategoryExisting() - - def delete_subject_category(self, category_id): - self.__delete_perimeter_category(SubjectCategory, category_id) - - def get_object_categories(self, category_id=None): - return self.__get_perimeter_categories(ObjectCategory, category_id=category_id) - - def add_object_category(self, name, description, uuid=None): - try: - return self.__add_perimeter_category(ObjectCategory, name, description, uuid=uuid) - except sql.exc.IntegrityError as e: - raise ObjectCategoryExisting() - - def delete_object_category(self, category_id): - self.__delete_perimeter_category(ObjectCategory, category_id) - - def get_action_categories(self, category_id=None): - - return self.__get_perimeter_categories(ActionCategory, category_id=category_id) - - def add_action_category(self, name, description, uuid=None): - try: - return self.__add_perimeter_category(ActionCategory, name, description, uuid=uuid) - except sql.exc.IntegrityError as e: - raise ActionCategoryExisting() - - def delete_action_category(self, category_id): - self.__delete_perimeter_category(ActionCategory, category_id) - - # Getter and Setter for subject_category - - # def get_subject_categories_dict(self, intra_extension_id): - # with self.get_session_for_read() as session: - # query = session.query(SubjectCategory) - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref_list = query.all() - # return {_ref.id: _ref.subject_category for _ref in ref_list} - # - # def set_subject_category_dict(self, intra_extension_id, subject_category_id, subject_category_dict): - # with self.get_session_for_write() as session: - # query = session.query(SubjectCategory) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_category_id) - # ref = query.first() - # new_ref = SubjectCategory.from_dict( - # { - # "id": subject_category_id, - # 'subject_category': subject_category_dict, - # 'intra_extension_id': intra_extension_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in SubjectCategory.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # # session.flush() - # return {subject_category_id: SubjectCategory.to_dict(ref)['subject_category']} - # - # def del_subject_category(self, intra_extension_id, subject_category_id): - # with self.get_session_for_write() as session: - # query = session.query(SubjectCategory) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_category_id) - # ref = query.first() - # self.del_subject_assignment(intra_extension_id, None, None, None) - # session.delete(ref) - # - # # Getter and Setter for object_category - # - # def get_object_categories_dict(self, intra_extension_id): - # with self.get_session_for_read() as session: - # query = session.query(ObjectCategory) - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref_list = query.all() - # return {_ref.id: _ref.object_category for _ref in ref_list} - # - # def set_object_category_dict(self, intra_extension_id, object_category_id, object_category_dict): - # with self.get_session_for_write() as session: - # query = session.query(ObjectCategory) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=object_category_id) - # ref = query.first() - # new_ref = ObjectCategory.from_dict( - # { - # "id": object_category_id, - # 'object_category': object_category_dict, - # 'intra_extension_id': intra_extension_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in ObjectCategory.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return {object_category_id: ObjectCategory.to_dict(ref)['object_category']} - # - # def del_object_category(self, intra_extension_id, object_category_id): - # with self.get_session_for_write() as session: - # query = session.query(ObjectCategory) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=object_category_id) - # ref = query.first() - # self.del_object_assignment(intra_extension_id, None, None, None) - # session.delete(ref) - # - # # Getter and Setter for action_category - # - # def get_action_categories_dict(self, intra_extension_id): - # with self.get_session_for_read() as session: - # query = session.query(ActionCategory) - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref_list = query.all() - # return {_ref.id: _ref.action_category for _ref in ref_list} - # - # def set_action_category_dict(self, intra_extension_id, action_category_id, action_category_dict): - # with self.get_session_for_write() as session: - # query = session.query(ActionCategory) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=action_category_id) - # ref = query.first() - # new_ref = ActionCategory.from_dict( - # { - # "id": action_category_id, - # 'action_category': action_category_dict, - # 'intra_extension_id': intra_extension_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in ActionCategory.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return {action_category_id: ActionCategory.to_dict(ref)['action_category']} - # - # def del_action_category(self, intra_extension_id, action_category_id): - # with self.get_session_for_write() as session: - # query = session.query(ActionCategory) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=action_category_id) - # ref = query.first() - # self.del_action_assignment(intra_extension_id, None, None, None) - # session.delete(ref) - - # Perimeter - - # def get_subjects_dict(self, intra_extension_id): - # with self.get_session_for_read() as session: - # query = session.query(Subject) - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref_list = query.all() - # return {_ref.id: _ref.subject for _ref in ref_list} - # - # def set_subject_dict(self, intra_extension_id, subject_id, subject_dict): - # with self.get_session_for_write() as session: - # query = session.query(Subject) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_id) - # ref = query.first() - # # if 'id' in subject_dict: - # # subject_dict['id'] = subject_id - # new_ref = Subject.from_dict( - # { - # "id": subject_id, - # 'subject': subject_dict, - # 'intra_extension_id': intra_extension_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in Subject.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return {subject_id: Subject.to_dict(ref)['subject']} - # - # def del_subject(self, intra_extension_id, subject_id): - # with self.get_session_for_write() as session: - # query = session.query(Subject) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_id) - # ref = query.first() - # session.delete(ref) - # - # def get_objects_dict(self, intra_extension_id): - # with self.get_session_for_read() as session: - # query = session.query(Object) - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref_list = query.all() - # return {_ref.id: _ref.object for _ref in ref_list} - # - # def set_object_dict(self, intra_extension_id, object_id, object_dict): - # with self.get_session_for_write() as session: - # query = session.query(Object) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=object_id) - # ref = query.first() - # new_ref = Object.from_dict( - # { - # "id": object_id, - # 'object': object_dict, - # 'intra_extension_id': intra_extension_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in Object.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return {object_id: Object.to_dict(ref)['object']} - # - # def del_object(self, intra_extension_id, object_id): - # with self.get_session_for_write() as session: - # query = session.query(Object) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=object_id) - # ref = query.first() - # session.delete(ref) - # - # def get_actions_dict(self, intra_extension_id): - # with self.get_session_for_read() as session: - # query = session.query(Action) - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref_list = query.all() - # return {_ref.id: _ref.action for _ref in ref_list} - # - # def set_action_dict(self, intra_extension_id, action_id, action_dict): - # with self.get_session_for_write() as session: - # query = session.query(Action) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=action_id) - # ref = query.first() - # new_ref = Action.from_dict( - # { - # "id": action_id, - # 'action': action_dict, - # 'intra_extension_id': intra_extension_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in Action.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return {action_id: Action.to_dict(ref)['action']} - # - # def del_action(self, intra_extension_id, action_id): - # with self.get_session_for_write() as session: - # query = session.query(Action) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=action_id) - # ref = query.first() - # session.delete(ref) - - # Getter and Setter for subject_scope - - # def get_subject_scopes_dict(self, intra_extension_id, subject_category_id): - # with self.get_session_for_read() as session: - # query = session.query(SubjectScope) - # query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id) - # ref_list = query.all() - # return {_ref.id: _ref.subject_scope for _ref in ref_list} - # - # def set_subject_scope_dict(self, intra_extension_id, subject_category_id, subject_scope_id, subject_scope_dict): - # with self.get_session_for_write() as session: - # query = session.query(SubjectScope) - # query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id, id=subject_scope_id) - # ref = query.first() - # new_ref = SubjectScope.from_dict( - # { - # "id": subject_scope_id, - # 'subject_scope': subject_scope_dict, - # 'intra_extension_id': intra_extension_id, - # 'subject_category_id': subject_category_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in Subject.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return {subject_scope_id: SubjectScope.to_dict(ref)['subject_scope']} - # - # def del_subject_scope(self, intra_extension_id, subject_category_id, subject_scope_id): - # with self.get_session_for_write() as session: - # query = session.query(SubjectScope) - # if not subject_category_id or not subject_scope_id: - # query = query.filter_by(intra_extension_id=intra_extension_id) - # for ref in query.all(): - # session.delete(ref) - # else: - # query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id, id=subject_scope_id) - # ref = query.first() - # session.delete(ref) - # - # # Getter and Setter for object_category_scope - # - # def get_object_scopes_dict(self, intra_extension_id, object_category_id): - # with self.get_session_for_read() as session: - # query = session.query(ObjectScope) - # query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id) - # ref_list = query.all() - # return {_ref.id: _ref.object_scope for _ref in ref_list} - # - # def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_id, object_scope_dict): - # with self.get_session_for_write() as session: - # query = session.query(ObjectScope) - # query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id, id=object_scope_id) - # ref = query.first() - # new_ref = ObjectScope.from_dict( - # { - # "id": object_scope_id, - # 'object_scope': object_scope_dict, - # 'intra_extension_id': intra_extension_id, - # 'object_category_id': object_category_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in Object.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return {object_scope_id: ObjectScope.to_dict(ref)['object_scope']} - # - # def del_object_scope(self, intra_extension_id, object_category_id, object_scope_id): - # with self.get_session_for_write() as session: - # query = session.query(ObjectScope) - # if not object_category_id or not object_scope_id: - # query = query.filter_by(intra_extension_id=intra_extension_id) - # for ref in query.all(): - # session.delete(ref) - # else: - # query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id, id=object_scope_id) - # ref = query.first() - # session.delete(ref) - # - # # Getter and Setter for action_scope - # - # def get_action_scopes_dict(self, intra_extension_id, action_category_id): - # with self.get_session_for_read() as session: - # query = session.query(ActionScope) - # query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id) - # ref_list = query.all() - # return {_ref.id: _ref.action_scope for _ref in ref_list} - # - # def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id, action_scope_dict): - # with self.get_session_for_write() as session: - # query = session.query(ActionScope) - # query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id, id=action_scope_id) - # ref = query.first() - # new_ref = ActionScope.from_dict( - # { - # "id": action_scope_id, - # 'action_scope': action_scope_dict, - # 'intra_extension_id': intra_extension_id, - # 'action_category_id': action_category_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in Action.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return {action_scope_id: ActionScope.to_dict(ref)['action_scope']} - # - # def del_action_scope(self, intra_extension_id, action_category_id, action_scope_id): - # with self.get_session_for_write() as session: - # query = session.query(ActionScope) - # if not action_category_id or not action_scope_id: - # query = query.filter_by(intra_extension_id=intra_extension_id) - # for ref in query.all(): - # session.delete(ref) - # else: - # query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id, id=action_scope_id) - # ref = query.first() - # session.delete(ref) - # - # # Getter and Setter for subject_category_assignment - # - # def get_subject_assignment_list(self, intra_extension_id, subject_id, subject_category_id): - # with self.get_session_for_read() as session: - # query = session.query(SubjectAssignment) - # if not subject_id or not subject_category_id or not subject_category_id: - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref = query.all() - # return ref - # else: - # query = query.filter_by(intra_extension_id=intra_extension_id, subject_id=subject_id, subject_category_id=subject_category_id) - # ref = query.first() - # if not ref: - # return list() - # LOG.info("get_subject_assignment_list {}".format(ref.subject_assignment)) - # return list(ref.subject_assignment) - # - # def set_subject_assignment_list(self, intra_extension_id, subject_id, subject_category_id, subject_assignment_list=[]): - # with self.get_session_for_write() as session: - # query = session.query(SubjectAssignment) - # query = query.filter_by(intra_extension_id=intra_extension_id, subject_id=subject_id, subject_category_id=subject_category_id) - # ref = query.first() - # new_ref = SubjectAssignment.from_dict( - # { - # "id": uuid4().hex, - # 'subject_assignment': subject_assignment_list, - # 'intra_extension_id': intra_extension_id, - # 'subject_id': subject_id, - # 'subject_category_id': subject_category_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in SubjectAssignment.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return subject_assignment_list - # - # def add_subject_assignment_list(self, intra_extension_id, subject_id, subject_category_id, subject_scope_id): - # new_subject_assignment_list = self.get_subject_assignment_list(intra_extension_id, subject_id, subject_category_id) - # if subject_scope_id not in new_subject_assignment_list: - # new_subject_assignment_list.append(subject_scope_id) - # return self.set_subject_assignment_list(intra_extension_id, subject_id, subject_category_id, new_subject_assignment_list) - # - # def del_subject_assignment(self, intra_extension_id, subject_id, subject_category_id, subject_scope_id): - # if not subject_id or not subject_category_id or not subject_category_id: - # with self.get_session_for_write() as session: - # for ref in self.get_subject_assignment_list(intra_extension_id, None, None): - # session.delete(ref) - # session.flush() - # return - # new_subject_assignment_list = self.get_subject_assignment_list(intra_extension_id, subject_id, subject_category_id) - # new_subject_assignment_list.remove(subject_scope_id) - # return self.set_subject_assignment_list(intra_extension_id, subject_id, subject_category_id, new_subject_assignment_list) - # - # # Getter and Setter for object_category_assignment - # - # def get_object_assignment_list(self, intra_extension_id, object_id, object_category_id): - # with self.get_session_for_read() as session: - # query = session.query(ObjectAssignment) - # if not object_id or not object_category_id or not object_category_id: - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref = query.all() - # return ref - # else: - # query = query.filter_by(intra_extension_id=intra_extension_id, object_id=object_id, object_category_id=object_category_id) - # ref = query.first() - # if not ref: - # return list() - # return list(ref.object_assignment) - # - # def set_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_assignment_list=[]): - # with self.get_session_for_write() as session: - # query = session.query(ObjectAssignment) - # query = query.filter_by(intra_extension_id=intra_extension_id, object_id=object_id, object_category_id=object_category_id) - # ref = query.first() - # new_ref = ObjectAssignment.from_dict( - # { - # "id": uuid4().hex, - # 'object_assignment': object_assignment_list, - # 'intra_extension_id': intra_extension_id, - # 'object_id': object_id, - # 'object_category_id': object_category_id - # } - # ) - # if not ref: - # session.add(new_ref) - # else: - # for attr in ObjectAssignment.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return self.get_object_assignment_list(intra_extension_id, object_id, object_category_id) - # - # def add_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_scope_id): - # new_object_assignment_list = self.get_object_assignment_list(intra_extension_id, object_id, object_category_id) - # if object_scope_id not in new_object_assignment_list: - # new_object_assignment_list.append(object_scope_id) - # return self.set_object_assignment_list(intra_extension_id, object_id, object_category_id, new_object_assignment_list) - # - # def del_object_assignment(self, intra_extension_id, object_id, object_category_id, object_scope_id): - # if not object_id or not object_category_id or not object_category_id: - # with self.get_session_for_write() as session: - # for ref in self.get_object_assignment_list(intra_extension_id, None, None): - # session.delete(ref) - # session.flush() - # return - # new_object_assignment_list = self.get_object_assignment_list(intra_extension_id, object_id, object_category_id) - # new_object_assignment_list.remove(object_scope_id) - # return self.set_object_assignment_list(intra_extension_id, object_id, object_category_id, new_object_assignment_list) - # - # # Getter and Setter for action_category_assignment - # - # def get_action_assignment_list(self, intra_extension_id, action_id, action_category_id): - # with self.get_session_for_read() as session: - # query = session.query(ActionAssignment) - # if not action_id or not action_category_id or not action_category_id: - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref = query.all() - # return ref - # else: - # query = query.filter_by(intra_extension_id=intra_extension_id, action_id=action_id, action_category_id=action_category_id) - # ref = query.first() - # if not ref: - # return list() - # return list(ref.action_assignment) - # - # def set_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_assignment_list=[]): - # with self.get_session_for_write() as session: - # query = session.query(ActionAssignment) - # query = query.filter_by(intra_extension_id=intra_extension_id, action_id=action_id, action_category_id=action_category_id) - # ref = query.first() - # new_ref = ActionAssignment.from_dict( - # { - # "id": uuid4().hex, - # 'action_assignment': action_assignment_list, - # 'intra_extension_id': intra_extension_id, - # 'action_id': action_id, - # 'action_category_id': action_category_id - # } - # ) - # if not ref: - # session.add(new_ref) - # else: - # for attr in ActionAssignment.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return self.get_action_assignment_list(intra_extension_id, action_id, action_category_id) - # - # def add_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_scope_id): - # new_action_assignment_list = self.get_action_assignment_list(intra_extension_id, action_id, action_category_id) - # if action_scope_id not in new_action_assignment_list: - # new_action_assignment_list.append(action_scope_id) - # return self.set_action_assignment_list(intra_extension_id, action_id, action_category_id, new_action_assignment_list) - # - # def del_action_assignment(self, intra_extension_id, action_id, action_category_id, action_scope_id): - # if not action_id or not action_category_id or not action_category_id: - # with self.get_session_for_write() as session: - # for ref in self.get_action_assignment_list(intra_extension_id, None, None): - # session.delete(ref) - # session.flush() - # return - # new_action_assignment_list = self.get_action_assignment_list(intra_extension_id, action_id, action_category_id) - # new_action_assignment_list.remove(action_scope_id) - # return self.set_action_assignment_list(intra_extension_id, action_id, action_category_id, new_action_assignment_list) - # - # # Getter and Setter for sub_meta_rule - # - # def get_aggregation_algorithm_id(self, intra_extension_id): - # with self.get_session_for_read() as session: - # query = session.query(IntraExtension) - # query = query.filter_by(id=intra_extension_id) - # ref = query.first() - # try: - # return {"aggregation_algorithm": ref.intra_extension["aggregation_algorithm"]} - # except KeyError: - # return "" - # - # def set_aggregation_algorithm_id(self, intra_extension_id, aggregation_algorithm_id): - # with self.get_session_for_write() as session: - # query = session.query(IntraExtension) - # query = query.filter_by(id=intra_extension_id) - # ref = query.first() - # intra_extension_dict = dict(ref.intra_extension) - # intra_extension_dict["aggregation_algorithm"] = aggregation_algorithm_id - # setattr(ref, "intra_extension", intra_extension_dict) - # # session.flush() - # return {"aggregation_algorithm": ref.intra_extension["aggregation_algorithm"]} - # - # def del_aggregation_algorithm(self, intra_extension_id): - # with self.get_session_for_write() as session: - # query = session.query(IntraExtension) - # query = query.filter_by(id=intra_extension_id) - # ref = query.first() - # intra_extension_dict = dict(ref.intra_extension) - # intra_extension_dict["aggregation_algorithm"] = "" - # setattr(ref, "intra_extension", intra_extension_dict) - # return self.get_aggregation_algorithm_id(intra_extension_id) - # - # # Getter and Setter for sub_meta_rule - # - # def get_sub_meta_rules_dict(self, intra_extension_id): - # with self.get_session_for_read() as session: - # query = session.query(SubMetaRule) - # query = query.filter_by(intra_extension_id=intra_extension_id) - # ref_list = query.all() - # return {_ref.id: _ref.sub_meta_rule for _ref in ref_list} - # - # def set_sub_meta_rule_dict(self, intra_extension_id, sub_meta_rule_id, sub_meta_rule_dict): - # with self.get_session_for_write() as session: - # query = session.query(SubMetaRule) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=sub_meta_rule_id) - # ref = query.first() - # new_ref = SubMetaRule.from_dict( - # { - # "id": sub_meta_rule_id, - # 'sub_meta_rule': sub_meta_rule_dict, - # 'intra_extension_id': intra_extension_id - # } - # ) - # if not ref: - # session.add(new_ref) - # else: - # _sub_meta_rule_dict = dict(ref.sub_meta_rule) - # _sub_meta_rule_dict.update(sub_meta_rule_dict) - # setattr(new_ref, "sub_meta_rule", _sub_meta_rule_dict) - # for attr in SubMetaRule.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return self.get_sub_meta_rules_dict(intra_extension_id) - # - # def del_sub_meta_rule(self, intra_extension_id, sub_meta_rule_id): - # with self.get_session_for_write() as session: - # query = session.query(SubMetaRule) - # query = query.filter_by(intra_extension_id=intra_extension_id, id=sub_meta_rule_id) - # ref = query.first() - # session.delete(ref) - # - # # Getter and Setter for rules - # - # def get_rules_dict(self, intra_extension_id, sub_meta_rule_id): - # with self.get_session_for_read() as session: - # query = session.query(Rule) - # query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id) - # ref_list = query.all() - # return {_ref.id: _ref.rule for _ref in ref_list} - # - # def set_rule_dict(self, intra_extension_id, sub_meta_rule_id, rule_id, rule_list): - # with self.get_session_for_write() as session: - # query = session.query(Rule) - # query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id, id=rule_id) - # ref = query.first() - # new_ref = Rule.from_dict( - # { - # "id": rule_id, - # 'rule': rule_list, - # 'intra_extension_id': intra_extension_id, - # 'sub_meta_rule_id': sub_meta_rule_id - # } - # ) - # if not ref: - # session.add(new_ref) - # ref = new_ref - # else: - # for attr in Rule.attributes: - # if attr != 'id': - # setattr(ref, attr, getattr(new_ref, attr)) - # # session.flush() - # return {rule_id: ref.rule} - # - # def del_rule(self, intra_extension_id, sub_meta_rule_id, rule_id): - # with self.get_session_for_write() as session: - # query = session.query(Rule) - # query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id, id=rule_id) - # ref = query.first() - # session.delete(ref) - - -class SQLConnector(PDPConnector, PolicyConnector, ModelConnector): - pass diff --git a/python_moondb/python_moondb/core.py b/python_moondb/python_moondb/core.py deleted file mode 100644 index 984b81a7..00000000 --- a/python_moondb/python_moondb/core.py +++ /dev/null @@ -1,228 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -import logging -from stevedore.driver import DriverManager -from python_moonutilities import configuration -from python_moondb.api import model, policy, pdp, keystone - -logger = logging.getLogger("moon.db") - - -class Driver(DriverManager): - - def __init__(self, driver_name, engine_name): - logger.info("initialization of Driver {}".format(driver_name)) - super(Driver, self).__init__( - namespace='moon_db.driver', - name=driver_name, - invoke_on_load=True, - invoke_args=(engine_name, ), - ) - - -class ModelDriver(Driver): - - def __init__(self, driver_name, engine_name): - super(ModelDriver, self).__init__(driver_name, engine_name) - - def update_model(self, model_id, value): - raise NotImplementedError() # pragma: no cover - - def delete_model(self, model_id): - raise NotImplementedError() # pragma: no cover - - def add_model(self, model_id=None, value=None): - raise NotImplementedError() # pragma: no cover - - def get_models(self, model_id=None): - raise NotImplementedError() # pragma: no cover - - def set_meta_rule(self, meta_rule_id, value): - raise NotImplementedError() # pragma: no cover - - def get_meta_rules(self, meta_rule_id=None): - raise NotImplementedError() # pragma: no cover - - def delete_meta_rule(self, meta_rule_id=None): - raise NotImplementedError() # pragma: no cover - - def get_subject_categories(self, category_id=None): - raise NotImplementedError() # pragma: no cover - - def add_subject_category(self, name, description): - raise NotImplementedError() # pragma: no cover - - def delete_subject_category(self, category_id): - raise NotImplementedError() # pragma: no cover - - def get_object_categories(self, category_id): - raise NotImplementedError() # pragma: no cover - - def add_object_category(self, category_id, value): - raise NotImplementedError() # pragma: no cover - - def delete_object_category(self, category_id): - raise NotImplementedError() # pragma: no cover - - def get_action_categories(self, category_id): - raise NotImplementedError() # pragma: no cover - - def add_action_category(self, category_id, value): - raise NotImplementedError() # pragma: no cover - - def delete_action_category(self, category_id): - raise NotImplementedError() # pragma: no cover - - -class PolicyDriver(Driver): - - def __init__(self, driver_name, engine_name): - super(PolicyDriver, self).__init__(driver_name, engine_name) - - def update_policy(self, policy_id, value): - raise NotImplementedError() # pragma: no cover - - def delete_policy(self, policy_id): - raise NotImplementedError() # pragma: no cover - - def add_policy(self, policy_id=None, value=None): - raise NotImplementedError() # pragma: no cover - - def get_policies(self, policy_id=None): - raise NotImplementedError() # pragma: no cover - - def get_subjects(self, policy_id, perimeter_id=None): - raise NotImplementedError() # pragma: no cover - - def set_subject(self, policy_id, perimeter_id=None, value=None): - raise NotImplementedError() # pragma: no cover - - def delete_subject(self, policy_id, perimeter_id): - raise NotImplementedError() # pragma: no cover - - def get_objects(self, policy_id, perimeter_id=None): - raise NotImplementedError() # pragma: no cover - - def set_object(self, policy_id, perimeter_id=None, value=None): - raise NotImplementedError() # pragma: no cover - - def delete_object(self, policy_id, perimeter_id): - raise NotImplementedError() # pragma: no cover - - def get_actions(self, policy_id, perimeter_id=None): - raise NotImplementedError() # pragma: no cover - - def set_action(self, policy_id, perimeter_id=None, value=None): - raise NotImplementedError() # pragma: no cover - - def delete_action(self, policy_id, perimeter_id): - raise NotImplementedError() # pragma: no cover - - def get_subject_data(self, policy_id, data_id=None, category_id=None): - raise NotImplementedError() # pragma: no cover - - def set_subject_data(self, policy_id, data_id=None, category_id=None, value=None): - raise NotImplementedError() # pragma: no cover - - def delete_subject_data(self, policy_id, data_id): - raise NotImplementedError() # pragma: no cover - - def get_object_data(self, policy_id, data_id=None, category_id=None): - raise NotImplementedError() # pragma: no cover - - def set_object_data(self, policy_id, data_id=None, category_id=None, value=None): - raise NotImplementedError() # pragma: no cover - - def delete_object_data(self, policy_id, data_id): - raise NotImplementedError() # pragma: no cover - - def get_action_data(self, policy_id, data_id=None, category_id=None): - raise NotImplementedError() # pragma: no cover - - def set_action_data(self, policy_id, data_id=None, category_id=None, value=None): - raise NotImplementedError() # pragma: no cover - - def delete_action_data(self, policy_id, data_id): - raise NotImplementedError() # pragma: no cover - - def get_subject_assignments(self, policy_id, subject_id=None, category_id=None): - raise NotImplementedError() # pragma: no cover - - def add_subject_assignment(self, policy_id, subject_id, category_id, data_id): - raise NotImplementedError() # pragma: no cover - - def delete_subject_assignment(self, policy_id, subject_id, category_id, data_id): - raise NotImplementedError() # pragma: no cover - - def get_object_assignments(self, policy_id, assignment_id=None): - raise NotImplementedError() # pragma: no cover - - def add_object_assignment(self, policy_id, subject_id, category_id, data_id): - raise NotImplementedError() # pragma: no cover - - def delete_object_assignment(self, policy_id, object_id, category_id, data_id): - raise NotImplementedError() # pragma: no cover - - def get_action_assignments(self, policy_id, assignment_id=None): - raise NotImplementedError() # pragma: no cover - - def add_action_assignment(self, policy_id, action_id, category_id, data_id): - raise NotImplementedError() # pragma: no cover - - def delete_action_assignment(self, policy_id, action_id, category_id, data_id): - raise NotImplementedError() # pragma: no cover - - def get_rules(self, policy_id, rule_id=None, meta_rule_id=None): - raise NotImplementedError() # pragma: no cover - - def add_rule(self, policy_id, meta_rule_id, value): - raise NotImplementedError() # pragma: no cover - - def delete_rule(self, policy_id, rule_id): - raise NotImplementedError() # pragma: no cover - - -class PDPDriver(Driver): - - def __init__(self, driver_name, engine_name): - super(PDPDriver, self).__init__(driver_name, engine_name) - - def update_pdp(self, pdp_id, value): - raise NotImplementedError() # pragma: no cover - - def delete_pdp(self, pdp_id): - raise NotImplementedError() # pragma: no cover - - def add_pdp(self, pdp_id=None, value=None): - raise NotImplementedError() # pragma: no cover - - def get_pdp(self, pdp_id=None): - raise NotImplementedError() # pragma: no cover - - -class KeystoneDriver(Driver): - - def __init__(self, driver_name, engine_name): - super(KeystoneDriver, self).__init__(driver_name, engine_name) - - -conf = configuration.get_configuration("database")['database'] - -KeystoneManager = keystone.KeystoneManager( - KeystoneDriver(conf['driver'], conf['url']) -) - -ModelManager = model.ModelManager( - ModelDriver(conf['driver'], conf['url']) -) - -PolicyManager = policy.PolicyManager( - PolicyDriver(conf['driver'], conf['url']) -) - -PDPManager = pdp.PDPManager( - PDPDriver(conf['driver'], conf['url']) -) diff --git a/python_moondb/python_moondb/db_manager.py b/python_moondb/python_moondb/db_manager.py deleted file mode 100644 index c251afbb..00000000 --- a/python_moondb/python_moondb/db_manager.py +++ /dev/null @@ -1,82 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -""" - -import os -import glob -import importlib -import argparse -import logging -from sqlalchemy import create_engine -from python_moonutilities import configuration -from python_moondb.migrate_repo import versions - - -def init_args(): - parser = argparse.ArgumentParser() - parser.add_argument('command', help='command (upgrade or downgrade)', - nargs=1) - parser.add_argument("--verbose", "-v", action='store_true', - help="verbose mode") - parser.add_argument("--debug", "-d", action='store_true', - help="debug mode") - args = parser.parse_args() - - FORMAT = '%(asctime)-15s %(levelname)s %(message)s' - if args.debug: - logging.basicConfig( - format=FORMAT, - level=logging.DEBUG) - elif args.verbose: - logging.basicConfig( - format=FORMAT, - level=logging.INFO) - else: - logging.basicConfig( - format=FORMAT, - level=logging.WARNING) - - requests_log = logging.getLogger("requests.packages.urllib3") - requests_log.setLevel(logging.WARNING) - requests_log.propagate = True - - logger = logging.getLogger("moon.db.manager") - return args, logger - - -def init_engine(): - db_conf = configuration.get_configuration("database")["database"] - return create_engine(db_conf['url']) - - -def main(command, logger, engine): - files = glob.glob(versions.__path__[0] + "/[0-9][0-9][0-9]*.py") - for filename in files: - filename = os.path.basename(filename).replace(".py", "") - o = importlib.import_module( - "python_moondb.migrate_repo.versions.{}".format(filename)) - logger.info("Command is {}".format(command)) - if command in ("upgrade", "u", "up"): - logger.info( - "upgrading python_moondb.migrate_repo.versions.{}".format(filename)) - o.upgrade(engine) - elif command in ("downgrade", "d", "down"): - logger.info( - "downgrading python_moondb.migrate_repo.versions.{}".format( - filename)) - o.downgrade(engine) - else: - logger.critical("Cannot understand the command!") - - -def run(): - args, logger = init_args() - engine = init_engine() - main(args.command[0], logger, engine) - - -if __name__ == "__main__": - run() diff --git a/python_moondb/python_moondb/migrate_repo/__init__.py b/python_moondb/python_moondb/migrate_repo/__init__.py deleted file mode 100644 index e69de29b..00000000 --- a/python_moondb/python_moondb/migrate_repo/__init__.py +++ /dev/null diff --git a/python_moondb/python_moondb/migrate_repo/versions/001_moon.py b/python_moondb/python_moondb/migrate_repo/versions/001_moon.py deleted file mode 100644 index f69d708d..00000000 --- a/python_moondb/python_moondb/migrate_repo/versions/001_moon.py +++ /dev/null @@ -1,252 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -import sqlalchemy as sql - - -def upgrade(migrate_engine): - meta = sql.MetaData() - meta.bind = migrate_engine - - table = sql.Table( - 'pdp', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('keystone_project_id', sql.String(64), nullable=True, default=""), - sql.Column('value', sql.Text(), nullable=True), - sql.UniqueConstraint('name', 'keystone_project_id', name='unique_constraint_models'), - mysql_engine='InnoDB', - mysql_charset='utf8') - table.create(migrate_engine, checkfirst=True) - - table = sql.Table( - 'policies', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('model_id', sql.String(64), nullable=True, default=""), - sql.Column('value', sql.Text(), nullable=True), - sql.UniqueConstraint('name', 'model_id', name='unique_constraint_models'), - mysql_engine='InnoDB', - mysql_charset='utf8') - table.create(migrate_engine, checkfirst=True) - - table = sql.Table( - 'models', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('value', sql.Text(), nullable=True), - sql.UniqueConstraint('name', name='unique_constraint_models'), - mysql_engine='InnoDB', - mysql_charset='utf8') - table.create(migrate_engine, checkfirst=True) - - subject_categories_table = sql.Table( - 'subject_categories', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('description', sql.String(256), nullable=True), - - sql.UniqueConstraint('name', name='unique_constraint_subject_categories'), - mysql_engine='InnoDB', - mysql_charset='utf8') - subject_categories_table.create(migrate_engine, checkfirst=True) - - object_categories_table = sql.Table( - 'object_categories', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('description', sql.String(256), nullable=True), - - sql.UniqueConstraint('name', name='unique_constraint_object_categories'), - mysql_engine='InnoDB', - mysql_charset='utf8') - object_categories_table.create(migrate_engine, checkfirst=True) - - action_categories_table = sql.Table( - 'action_categories', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('description', sql.String(256), nullable=True), - - sql.UniqueConstraint('name', name='unique_constraint_action_categories'), - mysql_engine='InnoDB', - mysql_charset='utf8') - action_categories_table.create(migrate_engine, checkfirst=True) - - subjects_table = sql.Table( - 'subjects', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('value', sql.Text(), nullable=True), - sql.UniqueConstraint('name', name='unique_constraint_subjects'), - mysql_engine='InnoDB', - mysql_charset='utf8') - subjects_table.create(migrate_engine, checkfirst=True) - - objects_table = sql.Table( - 'objects', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('value', sql.Text(), nullable=True), - sql.UniqueConstraint('name', name='unique_constraint_objects'), - mysql_engine='InnoDB', - mysql_charset='utf8') - objects_table.create(migrate_engine, checkfirst=True) - - actions_table = sql.Table( - 'actions', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('value', sql.Text(), nullable=True), - sql.UniqueConstraint('name', name='unique_constraint_actions'), - mysql_engine='InnoDB', - mysql_charset='utf8') - actions_table.create(migrate_engine, checkfirst=True) - - subject_data_table = sql.Table( - 'subject_data', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('value', sql.Text(), nullable=True), - sql.Column('category_id', sql.ForeignKey("subject_categories.id"), nullable=False), - sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False), - sql.UniqueConstraint('name', 'category_id', 'policy_id', name='unique_constraint_subject_data'), - mysql_engine='InnoDB', - mysql_charset='utf8') - subject_data_table.create(migrate_engine, checkfirst=True) - - object_data_table = sql.Table( - 'object_data', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('value', sql.Text(), nullable=True), - sql.Column('category_id', sql.ForeignKey("object_categories.id"), nullable=False), - sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False), - sql.UniqueConstraint('name', 'category_id', 'policy_id', name='unique_constraint_object_data'), - mysql_engine='InnoDB', - mysql_charset='utf8') - object_data_table.create(migrate_engine, checkfirst=True) - - action_data_table = sql.Table( - 'action_data', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('value', sql.Text(), nullable=True), - sql.Column('category_id', sql.ForeignKey("action_categories.id"), nullable=False), - sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False), - sql.UniqueConstraint('name', 'category_id', 'policy_id', name='unique_constraint_action_data'), - mysql_engine='InnoDB', - mysql_charset='utf8') - action_data_table.create(migrate_engine, checkfirst=True) - - subject_assignments_table = sql.Table( - 'subject_assignments', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('assignments', sql.Text(), nullable=True), - sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False), - sql.Column('subject_id', sql.ForeignKey("subjects.id"), nullable=False), - sql.Column('category_id', sql.ForeignKey("subject_categories.id"), nullable=False), - sql.UniqueConstraint('policy_id', 'subject_id', 'category_id', name='unique_constraint_subject_assignment'), - mysql_engine='InnoDB', - mysql_charset='utf8') - subject_assignments_table.create(migrate_engine, checkfirst=True) - - object_assignments_table = sql.Table( - 'object_assignments', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('assignments', sql.Text(), nullable=True), - sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False), - sql.Column('object_id', sql.ForeignKey("objects.id"), nullable=False), - sql.Column('category_id', sql.ForeignKey("object_categories.id"), nullable=False), - sql.UniqueConstraint('policy_id', 'object_id', 'category_id', name='unique_constraint_object_assignment'), - mysql_engine='InnoDB', - mysql_charset='utf8') - object_assignments_table.create(migrate_engine, checkfirst=True) - - action_assignments_table = sql.Table( - 'action_assignments', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('assignments', sql.Text(), nullable=True), - sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False), - sql.Column('action_id', sql.ForeignKey("actions.id"), nullable=False), - sql.Column('category_id', sql.ForeignKey("action_categories.id"), nullable=False), - sql.UniqueConstraint('policy_id', 'action_id', 'category_id', name='unique_constraint_action_assignment'), - mysql_engine='InnoDB', - mysql_charset='utf8') - action_assignments_table.create(migrate_engine, checkfirst=True) - - meta_rules_table = sql.Table( - 'meta_rules', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('name', sql.String(256), nullable=False), - sql.Column('subject_categories', sql.Text(), nullable=False), - sql.Column('object_categories', sql.Text(), nullable=False), - sql.Column('action_categories', sql.Text(), nullable=False), - sql.Column('value', sql.Text(), nullable=True), - sql.UniqueConstraint('name', name='unique_constraint_meta_rule_name'), - sql.UniqueConstraint('subject_categories', 'object_categories', 'action_categories', name='unique_constraint_meta_rule_def'), - mysql_engine='InnoDB', - mysql_charset='utf8') - meta_rules_table.create(migrate_engine, checkfirst=True) - - rules_table = sql.Table( - 'rules', - meta, - sql.Column('id', sql.String(64), primary_key=True), - sql.Column('rule', sql.Text(), nullable=True), - sql.Column('policy_id', sql.ForeignKey("policies.id"), nullable=False), - sql.Column('meta_rule_id', sql.ForeignKey("meta_rules.id"), nullable=False), - sql.UniqueConstraint('rule', 'policy_id', 'meta_rule_id', name='unique_constraint_rule'), - mysql_engine='InnoDB', - mysql_charset='utf8') - rules_table.create(migrate_engine, checkfirst=True) - - -def downgrade(migrate_engine): - meta = sql.MetaData() - meta.bind = migrate_engine - - for _table in ( - 'rules', - 'meta_rules', - 'action_assignments', - 'object_assignments', - 'subject_assignments', - 'action_data', - 'object_data', - 'subject_data', - 'actions', - 'objects', - 'subjects', - 'action_categories', - 'object_categories', - 'subject_categories', - 'models', - 'policies', - 'pdp' - ): - try: - table = sql.Table(_table, meta, autoload=True) - table.drop(migrate_engine, checkfirst=True) - except Exception as e: - print(e) - - diff --git a/python_moondb/python_moondb/migrate_repo/versions/__init__.py b/python_moondb/python_moondb/migrate_repo/versions/__init__.py deleted file mode 100644 index e69de29b..00000000 --- a/python_moondb/python_moondb/migrate_repo/versions/__init__.py +++ /dev/null |