import requests
from python_moonclient import config
-logger = logging.getLogger("moonforming.utils.policies")
+logger = logging.getLogger("python_moonclient.utils.pdp")
URL = None
-HEADER = None
+HEADERS = None
KEYSTONE_USER = None
KEYSTONE_PASSWORD = None
KEYSTONE_PROJECT = None
def init(consul_host, consul_port):
conf_data = config.get_config_data(consul_host, consul_port)
- global URL, HEADER, KEYSTONE_USER, KEYSTONE_PASSWORD, KEYSTONE_PROJECT, KEYSTONE_SERVER
+ global URL, HEADERS, KEYSTONE_USER, KEYSTONE_PASSWORD, KEYSTONE_PROJECT, KEYSTONE_SERVER
URL = "http://{}:{}".format(
conf_data['manager_host'],
conf_data['manager_port'])
# URL = URL + "{}"
- HEADER = {"content-type": "application/json"}
+ HEADERS = {"content-type": "application/json"}
KEYSTONE_USER = conf_data['keystone_user']
KEYSTONE_PASSWORD = conf_data['keystone_password']
KEYSTONE_PROJECT = conf_data['keystone_project']
def map_to_keystone(pdp_id, keystone_project_id):
- req = requests.patch(URL + "/pdp/{}".format(pdp_id), json={"keystone_project_id": keystone_project_id},
+ req = requests.patch(URL + "/pdp/{}".format(pdp_id),
+ json={"keystone_project_id": keystone_project_id},
headers=HEADERS)
assert req.status_code == 200
result = req.json()
if "result" in result:
assert result["result"]
assert pdp_id in result['pdps']
- assert "name" in result['pdps'][pdp_id]
- assert pdp_template["name"] == result['pdps'][pdp_id]["name"]
+ # assert "name" in result['pdps'][pdp_id]
+ # assert pdp_template["name"] == result['pdps'][pdp_id]["name"]
return pdp_id
def create_pdp(scenario, policy_id=None, project_id=None):
logger.info("Creating PDP {}".format(scenario.pdp_name))
projects = get_keystone_projects()
- if not project_id:
- for _project in projects['projects']:
- if _project['name'] == "admin":
- project_id = _project['id']
- assert project_id
+ # if not project_id:
+ # for _project in projects['projects']:
+ # if _project['name'] == "admin":
+ # project_id = _project['id']
+ # assert project_id
pdps = check_pdp()["pdps"]
for pdp_id, pdp_value in pdps.items():
if scenario.pdp_name == pdp_value["name"]:
logger.debug("Found existing PDP named {} (will add policy {})".format(scenario.pdp_name, policy_id))
return pdp_id
_pdp_id = add_pdp(name=scenario.pdp_name, policy_id=policy_id)
- map_to_keystone(pdp_id=_pdp_id, keystone_project_id=project_id)
+ # map_to_keystone(pdp_id=_pdp_id, keystone_project_id=project_id)
return _pdp_id
\ No newline at end of file
from . import parse, models, policies, pdp, authz
-logger = logging.getLogger("moonclient.scripts")
+logger = logging.getLogger("python_moonclient.scripts")
def get_keystone_projects():
projects = pdp.get_keystone_projects()
for _project in projects['projects']:
- print("{} {}".format(_project['id'], _project['name']))
+ print(" {} {}".format(_project['id'], _project['name']))
-def populate_values():
+def create_pdp():
requests_log = logging.getLogger("requests.packages.urllib3")
requests_log.setLevel(logging.WARNING)
requests_log.propagate = True
args = parse.parse()
consul_host = args.consul_host
consul_port = args.consul_port
- project_id = args.keystone_pid
+ # project_id = args.keystone_pid
models.init(consul_host, consul_port)
policies.init(consul_host, consul_port)
pdp.init(consul_host, consul_port)
if args.filename:
- print("Loading: {}".format(args.filename[0]))
+ logger.info("Loading: {}".format(args.filename[0]))
m = SourceFileLoader("scenario", args.filename[0])
scenario = m.load_module()
else:
model_id, meta_rule_list = models.create_model(scenario)
policy_id = policies.create_policy(scenario, model_id, meta_rule_list)
- pdp_id = pdp.create_pdp(scenario, policy_id=policy_id, project_id=project_id)
+ pdp_id = pdp.create_pdp(scenario, policy_id=policy_id)
-def send_authz():
+def send_authz_to_wrapper():
args = parse.parse()
consul_host = args.consul_host
consul_port = args.consul_port
pdp.init(consul_host, consul_port)
if args.filename:
- print("Loading: {}".format(args.filename[0]))
+ logger.info("Loading: {}".format(args.filename[0]))
m = SourceFileLoader("scenario", args.filename[0])
scenario = m.load_module()
)
if not args.dry_run:
authz.save_data(args.write, time_data)
+
+
+def get_pdp():
+ args = parse.parse()
+ consul_host = args.consul_host
+ consul_port = args.consul_port
+
+ models.init(consul_host, consul_port)
+ policies.init(consul_host, consul_port)
+ pdp.init(consul_host, consul_port)
+
+ pdps = pdp.check_pdp()
+ for _pdp_key, _pdp_value in pdps["pdps"].items():
+ print(" {} {} ({})".format(_pdp_key, _pdp_value['name'],
+ _pdp_value['keystone_project_id']))
+
+
+def delete_pdp():
+ args = parse.parse()
+ consul_host = args.consul_host
+ consul_port = args.consul_port
+
+ models.init(consul_host, consul_port)
+ policies.init(consul_host, consul_port)
+ pdp.init(consul_host, consul_port)
+
+ if args.filename:
+ logger.info("Deleting: {}".format(args.filename[0]))
+ _search = args.filename[0]
+ pdps = pdp.check_pdp()
+ for _pdp_key, _pdp_value in pdps["pdps"].items():
+ if _pdp_key == _search or _pdp_value['name'] == _search:
+ logger.info("Found {}".format(_pdp_key))
+ pdp.delete_pdp(_pdp_key)
+ pdps = pdp.check_pdp()
+ logger.info("Listing all PDP:")
+ for _pdp_key, _pdp_value in pdps["pdps"].items():
+ print(" {} {}".format(_pdp_key, _pdp_value['name']))
+ if _pdp_key == _search or _pdp_value['name'] == _search:
+ logger.error("Error in deleting {}".format(_search))
+
+
+def delete_policy():
+ args = parse.parse()
+ consul_host = args.consul_host
+ consul_port = args.consul_port
+
+ models.init(consul_host, consul_port)
+ policies.init(consul_host, consul_port)
+ pdp.init(consul_host, consul_port)
+
+ if args.filename:
+ logger.info("Deleting: {}".format(args.filename[0]))
+ _search = args.filename[0]
+ _policies = policies.check_policy()
+ for _policy_key, _policy_value in _policies["policies"].items():
+ if _policy_key == _search or _policy_value['name'] == _search:
+ logger.info("Found {}".format(_policy_key))
+ pdp.delete_pdp(_policy_key)
+ _policies = policies.check_policy()
+ logger.info("Listing all Policies:")
+ for _policy_key, _policy_value in _policies["policies"].items():
+ print(" {} {}".format(_policy_key, _policy_value['name']))
+ if _policy_key == _search or _policy_value['name'] == _search:
+ logger.error("Error in deleting {}".format(_search))
+
+
+def map_pdp_to_project():
+ args = parse.parse()
+ consul_host = args.consul_host
+ consul_port = args.consul_port
+
+ models.init(consul_host, consul_port)
+ policies.init(consul_host, consul_port)
+ pdp.init(consul_host, consul_port)
+
+ if args.filename and len(args.filename) == 2:
+ logger.info("Mapping: {}=>{}".format(args.filename[0], args.filename[1]))
+ # TODO: check if pdp_id and keystone_project_id exist
+ pdp.map_to_keystone(pdp_id=args.filename[0], keystone_project_id=args.filename[1])
Code Review / moon.git / commitdiff