1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
# This software is distributed under the terms and conditions of the 'Apache-2.0'
# license which can be found in the file 'LICENSE' in this package distribution
# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
"""
PDP are Policy Decision Point.
"""
from flask import request
from flask_restful import Resource
from oslo_log import log as logging
from moon_utilities.security_functions import check_auth
from moon_db.core import PDPManager
__version__ = "0.1.0"
LOG = logging.getLogger("moon.manager.api." + __name__)
def add_container(uuid, pipeline):
# TODO: to implement
LOG.warning("Add container not implemented!")
LOG.info(uuid)
LOG.info(pipeline)
class PDP(Resource):
"""
Endpoint for pdp requests
"""
__urls__ = (
"/pdp",
"/pdp/",
"/pdp/<string:uuid>",
"/pdp/<string:uuid>/",
)
@check_auth
def get(self, uuid=None, user_id=None):
"""Retrieve all pdp
:param uuid: uuid of the pdp
:param user_id: user ID who do the request
:return: {
"pdp_id1": {
"name": "...",
"security_pipeline": [...],
"keystone_project_id": "keystone_project_id1",
"description": "...",
}
}
:internal_api: get_pdp
"""
try:
data = PDPManager.get_pdp(user_id=user_id, pdp_id=uuid)
except Exception as e:
LOG.error(e, exc_info=True)
return {"result": False,
"error": str(e)}
return {"pdps": data}
@check_auth
def post(self, uuid=None, user_id=None):
"""Create pdp.
:param uuid: uuid of the pdp (not used here)
:param user_id: user ID who do the request
:request body: {
"name": "...",
"security_pipeline": [...],
"keystone_project_id": "keystone_project_id1",
"description": "...",
}
:return: {
"pdp_id1": {
"name": "...",
"security_pipeline": [...],
"keystone_project_id": "keystone_project_id1",
"description": "...",
}
}
:internal_api: add_pdp
"""
try:
data = PDPManager.add_pdp(user_id=user_id, pdp_id=None, value=request.json)
except Exception as e:
LOG.error(e, exc_info=True)
return {"result": False,
"error": str(e)}
return {"pdps": data}
@check_auth
def delete(self, uuid=None, user_id=None):
"""Delete a pdp
:param uuid: uuid of the pdp to delete
:param user_id: user ID who do the request
:return: {
"result": "True or False",
"message": "optional message"
}
:internal_api: delete_pdp
"""
try:
data = PDPManager.delete_pdp(user_id=user_id, pdp_id=uuid)
except Exception as e:
LOG.error(e, exc_info=True)
return {"result": False,
"error": str(e)}
return {"result": True}
@check_auth
def patch(self, uuid=None, user_id=None):
"""Update a pdp
:param uuid: uuid of the pdp to update
:param user_id: user ID who do the request
:return: {
"pdp_id1": {
"name": "...",
"security_pipeline": [...],
"keystone_project_id": "keystone_project_id1",
"description": "...",
}
}
:internal_api: update_pdp
"""
try:
data = PDPManager.update_pdp(user_id=user_id, pdp_id=uuid, value=request.json)
add_container(uuid=uuid, pipeline=data[uuid]['security_pipeline'])
except Exception as e:
LOG.error(e, exc_info=True)
return {"result": False,
"error": str(e)}
return {"pdps": data}
|
