def _runtime_search_cont(self, node_id, authz_response, callback, request, possible_nodes, counter): _log.debug( "_runtime_search_cont:\n\tnode_id={}\n\tauthz_response={}\n\tcallback={}\n\trequest={}\n\tpossible_nodes={}\n\tcounter={}" .format(node_id, authz_response, callback, request, possible_nodes, counter)) if authz_response["decision"] == "permit": valid = True if authz_response.get("obligations", []): # Look at obligations to check if authorization decision is valid right now. if any( isinstance(elem, list) for elem in authz_response["obligations"]): # If list of lists, True must be found in each list. for plugin_list in authz_response["obligations"]: if not check_authorization_plugin_list(plugin_list): valid = False break else: if not check_authorization_plugin_list( authz_response["obligations"]): valid = False if valid: callback(search_result=(node_id, authz_response)) return counter += 1 if counter < len(possible_nodes): # Continue searching self._runtime_search_authorize(request, possible_nodes, callback, counter) return else: _log.info( "Did not find any runtime where actor is allowed to execute") callback(search_result=None)
def _runtime_search_cont(self, node_id, authz_response, callback, request, possible_nodes, counter): if authz_response["decision"] == "permit": valid = True if authz_response.get("obligations", []): # Look at obligations to check if authorization decision is valid right now. if any( isinstance(elem, list) for elem in authz_response["obligations"]): # If list of lists, True must be found in each list. for plugin_list in authz_response["obligations"]: if not check_authorization_plugin_list(plugin_list): valid = False break else: if not check_authorization_plugin_list( authz_response["obligations"]): valid = False if valid: callback(search_result=(node_id, authz_response)) return counter += 1 if counter < len(possible_nodes): # Continue searching self._runtime_search_authorize(request, possible_nodes, callback, counter) return else: callback(search_result=None)
def _runtime_search_cont(self, node_id, authz_response, callback, request, possible_nodes, counter): _log.debug("_runtime_search_cont:\n\tnode_id={}\n\tauthz_response={}\n\tcallback={}\n\trequest={}\n\tpossible_nodes={}\n\tcounter={}".format(node_id, authz_response, callback, request, possible_nodes, counter)) if authz_response["decision"] == "permit": valid = True if authz_response.get("obligations", []): # Look at obligations to check if authorization decision is valid right now. if any(isinstance(elem, list) for elem in authz_response["obligations"]): # If list of lists, True must be found in each list. for plugin_list in authz_response["obligations"]: if not check_authorization_plugin_list(plugin_list): valid = False break else: if not check_authorization_plugin_list(authz_response["obligations"]): valid = False if valid: callback(search_result=(node_id, authz_response)) return counter += 1 if counter < len(possible_nodes): # Continue searching self._runtime_search_authorize(request, possible_nodes, callback, counter) return else: _log.info("Did not find any runtime where actor is allowed to execute") callback(search_result=None)
def check_authorization_decision(self): """Check if authorization decision is still valid""" if self.authorization_checks: if any(isinstance(elem, list) for elem in self.authorization_checks): # If list of lists, True must be found in each list. for plugin_list in self.authorization_checks: if not check_authorization_plugin_list(plugin_list): return False return True else: return check_authorization_plugin_list(self.authorization_checks) return True
def check_authorization_decision(self): """Check if authorization decision is still valid""" if self.authorization_checks: if any( isinstance(elem, list) for elem in self.authorization_checks): # If list of lists, True must be found in each list. for plugin_list in self.authorization_checks: if not check_authorization_plugin_list(plugin_list): return False return True else: return check_authorization_plugin_list( self.authorization_checks) return True
def _runtime_search_cont(self, node_id, authz_response, callback, request, possible_nodes, counter): if authz_response["decision"] == "permit": valid = True if authz_response.get("obligations", []): # Look at obligations to check if authorization decision is valid right now. if any(isinstance(elem, list) for elem in authz_response["obligations"]): # If list of lists, True must be found in each list. for plugin_list in authz_response["obligations"]: if not check_authorization_plugin_list(plugin_list): valid = False break else: if not check_authorization_plugin_list(authz_response["obligations"]): valid = False if valid: callback(search_result=(node_id, authz_response)) return counter += 1 if counter < len(possible_nodes): # Continue searching self._runtime_search_authorize(request, possible_nodes, callback, counter) return else: callback(search_result=None)