def _set(self, request):
# NOTE: This encoding here should be kept
# Otherwise and unicode encoded text will be written into the
# configuration file with unknown side effects
ruleset_name = request["ruleset_name"].encode("utf-8")
# Future validation, currently the rule API actions are admin only, so the check is pointless
# may_edit_ruleset(ruleset_name)
# Check if configuration hash has changed in the meantime
ruleset_dict = self._get_ruleset_configuration(ruleset_name)
if "configuration_hash" in request:
validate_config_hash(request["configuration_hash"], ruleset_dict)
# Check permissions of new rules and rules we are going to delete
new_ruleset = request["ruleset"]
folders_set_ruleset = set(new_ruleset.keys())
folders_obsolete_ruleset = set(
ruleset_dict.keys()) - folders_set_ruleset
for check_folders in [folders_set_ruleset, folders_obsolete_ruleset]:
for folder_path in check_folders:
if not watolib.Folder.folder_exists(folder_path):
raise MKUserError(
None,
_("Folder %s does not exist") % folder_path)
rule_folder = watolib.Folder.folder(folder_path)
rule_folder.need_permission("write")
tag_to_group_map = ruleset_matcher.get_tag_to_group_map(config.tags)
# Verify all rules
rule_vs = watolib.Ruleset(ruleset_name,
tag_to_group_map).rulespec.valuespec
# Binary rulesets currently don't have a valuespec attribute set.
if rule_vs is None:
rule_vs = Checkbox()
for folder_path, rules in new_ruleset.items():
for rule in rules:
value = rule["value"]
try:
rule_vs.validate_datatype(value, "test_value")
rule_vs.validate_value(value, "test_value")
except MKException as e:
# TODO: The abstract MKException should never be instanciated directly
# Change this call site and make MKException an abstract base class
raise MKException("ERROR: %s. Affected Rule %r" %
(str(e), rule))
# Add new rulesets
for folder_path, rules in new_ruleset.items():
folder = watolib.Folder.folder(folder_path)
new_ruleset = watolib.Ruleset(ruleset_name, tag_to_group_map)
new_ruleset.from_config(folder, rules)
folder_rulesets = watolib.FolderRulesets(folder)
folder_rulesets.load()
# TODO: This add_change() call should be made by the data classes
watolib.add_change("edit-ruleset",
_("Set ruleset '%s' for '%s' with %d rules") % (
new_ruleset.title(),
folder.title(),
len(rules),
),
sites=folder.all_site_ids())
folder_rulesets.set(ruleset_name, new_ruleset)
folder_rulesets.save()
# Remove obsolete rulesets
for folder_path in folders_obsolete_ruleset:
folder = watolib.Folder.folder(folder_path)
folder_rulesets = watolib.FolderRulesets(folder)
folder_rulesets.load()
# TODO: This add_change() call should be made by the data classes
watolib.add_change(
"edit-ruleset",
_("Deleted ruleset '%s' for '%s'") % (
watolib.Ruleset(ruleset_name, tag_to_group_map).title(),
folder.title(),
),
sites=folder.all_site_ids())
new_ruleset = watolib.Ruleset(ruleset_name, tag_to_group_map)
new_ruleset.from_config(folder, [])
folder_rulesets.set(ruleset_name, new_ruleset)
folder_rulesets.save()
