aboutsummaryrefslogtreecommitdiffstats
path: root/moon_manager/moon_manager/api/policies.py
blob: 9fe237b2aff46b04bfb47648a308918802ff4f6a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
# This software is distributed under the terms and conditions of the 'Apache-2.0'
# license which can be found in the file 'LICENSE' in this package distribution
# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
"""
Policies are instances of security models and implement security policies

"""

from flask import request
from flask_restful import Resource
import logging
from python_moonutilities.security_functions import check_auth
from python_moondb.core import PolicyManager
from python_moonutilities.security_functions import validate_input


__version__ = "4.3.2"

logger = logging.getLogger("moon.manager.api." + __name__)


class Policies(Resource):
    """
    Endpoint for policy requests
    """

    __urls__ = (
        "/policies",
        "/policies/",
        "/policies/<string:uuid>",
        "/policies/<string:uuid>/",
    )

    @validate_input("get", kwargs_state=[False, False])
    @check_auth
    def get(self, uuid=None, user_id=None):
        """Retrieve all policies

        :param uuid: uuid of the policy
        :param user_id: user ID who do the request
        :return: {
            "policy_id1": {
                "name": "name of the policy (mandatory)",
                "model_id": "ID of the model linked to this policy",
                "genre": "authz of admin (optional, default to authz)",
                "description": "description of the policy (optional)",
            }
        }
        :internal_api: get_policies
        """

        data = PolicyManager.get_policies(user_id=user_id, policy_id=uuid)

        return {"policies": data}

    @validate_input("post", body_state={"name": True, "model_id":True})
    @check_auth
    def post(self, uuid=None, user_id=None):
        """Create policy.

        :param uuid: uuid of the policy (not used here if a new policy is created)
        :param user_id: user ID who do the request
        :request body: {
            "name": "name of the policy (mandatory)",
            "model_id": "ID of the model linked to this policy",
            "genre": "authz of admin (optional, default to authz)",
            "description": "description of the policy (optional)",
        }
        :return: {
            "policy_id1": {
                "name": "name of the policy (mandatory)",
                "model_id": "ID of the model linked to this policy",
                "genre": "authz of admin (optional, default to authz)",
                "description": "description of the policy (optional)",
            }
        }
        :internal_api: add_policy
        """

        data = PolicyManager.add_policy(
            user_id=user_id, policy_id=uuid, value=request.json)

        return {"policies": data}

    @validate_input("delete", kwargs_state=[ True, False])
    @check_auth
    def delete(self, uuid=None, user_id=None):
        """Delete a policy

        :param uuid: uuid of the policy to delete
        :param user_id: user ID who do the request
        :return: {
            "result": "True or False",
            "message": "optional message (optional)"
        }
        :internal_api: delete_policy
        """

        data = PolicyManager.delete_policy(user_id=user_id, policy_id=uuid)

        return {"result": True}

    @validate_input("patch", kwargs_state=[True, False], body_state={"name": True, "model_id":True})
    @check_auth
    def patch(self, uuid=None, user_id=None):
        """Update a policy

        :param uuid: uuid of the policy to update
        :param user_id: user ID who do the request
        :return: {
            "policy_id1": {
                "name": "name of the policy (mandatory)",
                "model_id": "ID of the model linked to this policy",
                "genre": "authz of admin (optional, default to authz)",
                "description": "description of the policy (optional)",
            }
        }
        :internal_api: update_policy
        """

        data = PolicyManager.update_policy(
            user_id=user_id, policy_id=uuid, value=request.json)

        return {"policies": data}