def assert_configuration(config):
"""
Checks that configuration is OK
"""
if not is_basic_identifier(config.get_safe("system.name", "")):
raise ContainerConfigError("Config entry 'system.name' has illegal value")
if not is_basic_identifier(config.get_safe("system.root_org", "")):
raise ContainerConfigError("Config entry 'system.root_org' has illegal value")
def create_policy(self, policy=None):
"""Persists the provided Policy object. Returns the policy id.
"""
self._validate_resource_obj("policy",
policy,
RT.Policy,
checks="noid,name")
if not is_basic_identifier(policy.name):
raise BadRequest(
"The policy name '%s' can only contain alphanumeric and underscore characters"
% policy.name)
try:
# If there is a policy_rule field then try to add the policy name and description to the rule text
if policy.definition:
rule_tokens = dict(rule_id=policy.name,
description=policy.description)
policy.definition = policy.definition.format(**rule_tokens)
except Exception as e:
raise Inconsistent(
"Missing the elements in the policy rule to set the description: "
+ e.message)
policy_id, _ = self.clients.resource_registry.create(policy)
policy._id = policy_id
log.debug('Policy created: ' + policy.name)
self._publish_policy_event(policy)
return policy_id
def create_role(self, user_role=None):
"""Persists the provided UserRole object. The name of a role can only contain
alphanumeric and underscore characters while the description can me human
readable. The id string returned is the internal id by which a UserRole will
be indentified in the data store.
@param user_role UserRole
@retval user_role_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not user_role:
raise BadRequest("The user_role parameter is missing")
#If this governance identifier is not set, then set to a safe version of the policy name.
if not user_role.governance_name:
user_role.governance_name = create_basic_identifier(user_role.name)
if not is_basic_identifier(user_role.governance_name):
raise BadRequest(
"The governance_name field '%s' can only contain alphanumeric and underscore characters"
% user_role.governance_name)
user_role_id, version = self.clients.resource_registry.create(
user_role)
return user_role_id
def add_org_role(self, org_id="", user_role=None):
"""Adds a UserRole to an Org, if the role by the specified
name does not exist.
"""
org_obj = self._validate_resource_id("org_id", org_id, RT.Org)
self._validate_resource_obj("user_role",
user_role,
RT.UserRole,
checks="noid,name")
if not is_basic_identifier(user_role.governance_name):
raise BadRequest("Invalid role governance_name")
user_role.org_governance_name = org_obj.org_governance_name
try:
self._find_org_role(org_id, user_role.governance_name)
raise BadRequest("Role '%s' is already associated with this Org" %
user_role.governance_name)
except NotFound:
pass
user_role_id, _ = self.rr.create(user_role)
self.rr.create_association(org_obj, PRED.hasRole, user_role_id)
return user_role_id
def create_role(self, user_role=None):
"""Persists the provided UserRole object. The name of a role can only contain
alphanumeric and underscore characters while the description can me human
readable. The id string returned is the internal id by which a UserRole will
be indentified in the data store.
@param user_role UserRole
@retval user_role_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not user_role:
raise BadRequest("The user_role parameter is missing")
# If this governance identifier is not set, then set to a safe version of the policy name.
if not user_role.governance_name:
user_role.governance_name = create_basic_identifier(user_role.name)
if not is_basic_identifier(user_role.governance_name):
raise BadRequest(
"The governance_name field '%s' can only contain alphanumeric and underscore characters"
% user_role.governance_name
)
user_role_id, version = self.clients.resource_registry.create(user_role)
return user_role_id
def update_role(self, user_role=None):
"""Updates the provided UserRole object. The name of a role can only contain
alphanumeric and underscore characters while the description can me human
readable.Throws NotFound exception if an existing version of UserRole is
not found. Throws Conflict if the provided UserRole object is not based on
the latest persisted version of the object.
@param user_role UserRole
@retval success bool
@throws BadRequest if object does not have _id or _rev attribute
@throws NotFound object with specified id does not exist
@throws Conflict object not based on latest persisted object version
"""
if not user_role:
raise BadRequest("The user_role parameter is missing")
# If this governance identifier is not set, then set to a safe version of the policy name.
if not user_role.governance_name:
user_role.governance_name = create_basic_identifier(user_role.name)
if not is_basic_identifier(user_role.governance_name):
raise BadRequest(
"The governance_name field '%s' can only contain alphanumeric and underscore characters"
% user_role.governance_name
)
self.clients.resource_registry.update(user_role)
def create_org(self, org=None):
"""Creates an Org based on the provided object. The id string returned
is the internal id by which Org will be identified in the data store.
"""
# Only allow one root ION Org in the system
self._validate_resource_obj("org",
org,
RT.Org,
checks="noid,name,unique")
# If this governance identifier is not set, then set to a safe version of the org name.
if not org.org_governance_name:
org.org_governance_name = create_basic_identifier(org.name)
if not is_basic_identifier(org.org_governance_name):
raise BadRequest(
"The Org org_governance_name '%s' contains invalid characters"
% org.org_governance_name)
org_id, _ = self.rr.create(org)
# Instantiate a Directory for this Org
directory = Directory(orgname=org.name)
# Instantiate initial set of User Roles for this Org
self._create_org_roles(org_id)
return org_id
def create_policy(self, policy=None):
"""Persists the provided Policy object The id string returned
is the internal id by which Policy will be identified in the data store.
@param policy Policy
@retval policy_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not policy:
raise BadRequest("The policy parameter is missing")
if not is_basic_identifier(policy.name):
raise BadRequest(
"The policy name '%s' can only contain alphanumeric and underscore characters"
% policy.name)
try:
#If there is a policy_rule field then try to add the policy name and decription to the rule text
if hasattr(policy.policy_type, 'policy_rule'):
policy.policy_type.policy_rule = policy.policy_type.policy_rule % (
policy.name, policy.description)
except Exception, e:
raise Inconsistent(
"Missing the elements in the policy rule to set the description: "
+ e.message)
def update_role(self, user_role=None):
"""Updates the provided UserRole object. The name of a role can only contain
alphanumeric and underscore characters while the description can me human
readable.Throws NotFound exception if an existing version of UserRole is
not found. Throws Conflict if the provided UserRole object is not based on
the latest persisted version of the object.
@param user_role UserRole
@retval success bool
@throws BadRequest if object does not have _id or _rev attribute
@throws NotFound object with specified id does not exist
@throws Conflict object not based on latest persisted object version
"""
if not user_role:
raise BadRequest("The user_role parameter is missing")
#If this governance identifier is not set, then set to a safe version of the policy name.
if not user_role.governance_name:
user_role.governance_name = create_basic_identifier(user_role.name)
if not is_basic_identifier(user_role.governance_name):
raise BadRequest(
"The governance_name field '%s' can only contain alphanumeric and underscore characters"
% user_role.governance_name)
self.clients.resource_registry.update(user_role)
def assert_configuration(config):
"""
Checks that configuration is OK.
This is separate so that it can be called after config changes (from directory, command line etc)
"""
from pyon.core.exception import ContainerConfigError
from pyon.util.containers import is_basic_identifier
if not is_basic_identifier(config.get_safe("system.root_org", "")):
raise ContainerConfigError("Config entry 'system.root_org' has illegal value")
def update_policy(self, policy=None):
"""Updates the provided Policy object.
"""
self._validate_resource_obj("policy", policy, RT.Policy, checks="id,name")
if not is_basic_identifier(policy.name):
raise BadRequest("The policy name '%s' can only contain alphanumeric and underscore characters" % policy.name)
self.clients.resource_registry.update(policy)
self._publish_policy_event(policy)
def assert_configuration(config):
"""
Checks that configuration is OK.
This is separate so that it can be called after config changes (from directory, command line etc)
"""
from pyon.core.exception import ContainerConfigError
from pyon.util.containers import is_basic_identifier
if not is_basic_identifier(config.get_safe("system.root_org", "")):
raise ContainerConfigError(
"Config entry 'system.root_org' has illegal value")
def update_conversation_type(self, conversation_type=None):
"""Updates an existing Conversation Type resource.
@param conversation_type ConversationType
@throws BadRequest if object does not have _id or _rev attribute
@throws NotFound object with specified id does not exist
@throws Conflict object not based on latest persisted object version
"""
if not is_basic_identifier(conversation_type.name):
raise BadRequest("The conversation type name '%s' can only contain alphanumeric and underscore characters" % conversation_type.name)
self.clients.resource_registry.update(conversation_type)
def create_conversation_type(self, conversation_type=None):
"""Creates a Conversation Type resource from the parameter ConversationType object.
@param conversation_type ConversationType
@retval conversation_type_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(conversation_type.name):
raise BadRequest("The conversation type name '%s' can only contain alphanumeric and underscore characters" % conversation_type.name)
conversation_type_id, version = self.clients.resource_registry.create(conversation_type)
return conversation_type_id
def update_service_definition(self, service_definition=None):
""" Should receive a ServiceDefinition object
"""
# Return Value
# ------------
# {success: true}
#
if not is_basic_identifier(service_definition.name):
raise BadRequest("Invalid service_definition name: %s" % service_definition.name)
if not is_yaml_string_valid(service_definition.definition):
raise BadRequest("Invalid YAML definition")
service_id , version = self.clients.resource_registry.update(service_definition)
return service_id
def update_object_type(self, object_type=None):
""" Should receive an ObjectType object
"""
# Return Value
# ------------
# {success: true}
#
if not is_basic_identifier(object_type.name):
raise BadRequest("Invalid object_type name: %s" % object_type.name)
if not is_yaml_string_valid(object_type.definition):
raise BadRequest("Invalid YAML definition")
object_id, version = self.clients.resource_registry.update(object_type)
return object_id
def update_object_type(self, object_type=None):
""" Should receive an ObjectType object
"""
# Return Value
# ------------
# {success: true}
#
if not is_basic_identifier(object_type.name):
raise BadRequest("Invalid object_type name: %s" % object_type.name)
if not is_yaml_string_valid(object_type.definition):
raise BadRequest("Invalid YAML definition")
object_id, version = self.clients.resource_registry.update(object_type)
return object_id
def create_policy(self, policy=None):
"""Persists the provided Policy object for the specified Org id. The id string returned
is the internal id by which Policy will be identified in the data store.
@param policy Policy
@retval policy_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(policy.name):
raise BadRequest("The policy name '%s' can only contain alphanumeric and underscore characters" % user_role.name)
policy.rule = policy.rule % (policy.name, policy.description)
policy_id, version = self.clients.resource_registry.create(policy)
return policy_id
def update_workflow_definition(self, workflow_definition=None):
"""Updates an existing Workflow Definition resource.
@param workflow_definition WorkflowDefinition
@throws BadRequest if object does not have _id or _rev attribute
@throws NotFound object with specified id does not exist
@throws Conflict object not based on latest persisted object version
"""
if not is_basic_identifier(workflow_definition.name):
raise BadRequest("The workflow definition name '%s' can only contain alphanumeric and underscore characters" % workflow_definition.name)
self.clients.resource_registry.update(workflow_definition)
self._update_workflow_associations(workflow_definition)
def update_conversation_type(self, conversation_type=None):
"""Updates an existing Conversation Type resource.
@param conversation_type ConversationType
@throws BadRequest if object does not have _id or _rev attribute
@throws NotFound object with specified id does not exist
@throws Conflict object not based on latest persisted object version
"""
if not is_basic_identifier(conversation_type.name):
raise BadRequest(
"The conversation type name '%s' can only contain alphanumeric and underscore characters"
% conversation_type.name)
self.clients.resource_registry.update(conversation_type)
def update_workflow_definition(self, workflow_definition=None):
"""Updates an existing Workflow Definition resource.
@param workflow_definition WorkflowDefinition
@throws BadRequest if object does not have _id or _rev attribute
@throws NotFound object with specified id does not exist
@throws Conflict object not based on latest persisted object version
"""
if not is_basic_identifier(workflow_definition.name):
raise BadRequest("The workflow definition name '%s' can only contain alphanumeric and underscore characters" % workflow_definition.name)
self.clients.resource_registry.update(workflow_definition)
self._update_workflow_associations(workflow_definition)
def update_policy(self, policy=None):
"""Updates the provided Policy object. Throws NotFound exception if
an existing version of Policy is not found. Throws Conflict if
the provided Policy object is not based on the latest persisted
version of the object.
@param policy Policy
@throws NotFound object with specified id does not exist
@throws BadRequest if object does not have _id or _rev attribute
@throws Conflict object not based on latest persisted object version
"""
if not is_basic_identifier(policy.name):
raise BadRequest("The policy name '%s' can only contain alphanumeric and underscore characters" % user_role.name)
self.clients.resource_registry.update(policy)
def create_conversation_type(self, conversation_type=None):
"""Creates a Conversation Type resource from the parameter ConversationType object.
@param conversation_type ConversationType
@retval conversation_type_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(conversation_type.name):
raise BadRequest(
"The conversation type name '%s' can only contain alphanumeric and underscore characters"
% conversation_type.name)
conversation_type_id, version = self.clients.resource_registry.create(
conversation_type)
return conversation_type_id
def update_policy(self, policy=None):
"""Updates the provided Policy object.
"""
self._validate_resource_obj("policy",
policy,
RT.Policy,
checks="id,name")
if not is_basic_identifier(policy.name):
raise BadRequest(
"The policy name '%s' can only contain alphanumeric and underscore characters"
% policy.name)
self.clients.resource_registry.update(policy)
self._publish_policy_event(policy)
def create_role(self, user_role=None):
"""Persists the provided UserRole object. The name of a role can only contain
alphanumeric and underscore characters while the description can me human
readable. The id string returned is the internal id by which a UserRole will
be indentified in the data store.
@param user_role UserRole
@retval user_role_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(user_role.name):
raise BadRequest("The role name '%s' can only contain alphanumeric and underscore characters" % user_role.name)
user_role_id, version = self.clients.resource_registry.create(user_role)
return user_role_id
def create_policy(self, policy=None):
"""Persists the provided Policy object for the specified Org id. The id string returned
is the internal id by which Policy will be identified in the data store.
@param policy Policy
@retval policy_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(policy.name):
raise BadRequest(
"The policy name '%s' can only contain alphanumeric and underscore characters"
% policy.name)
policy.rule = policy.rule % (policy.name, policy.description)
policy_id, version = self.clients.resource_registry.create(policy)
return policy_id
def update_policy(self, policy=None):
"""Updates the provided Policy object. Throws NotFound exception if
an existing version of Policy is not found. Throws Conflict if
the provided Policy object is not based on the latest persisted
version of the object.
@param policy Policy
@throws NotFound object with specified id does not exist
@throws BadRequest if object does not have _id or _rev attribute
@throws Conflict object not based on latest persisted object version
"""
if not is_basic_identifier(policy.name):
raise BadRequest(
"The policy name '%s' can only contain alphanumeric and underscore characters"
% policy.name)
self.clients.resource_registry.update(policy)
def create_org(self, org=None):
"""Persists the provided Org object. The id string returned
is the internal id by which Org will be identified in the data store.
@param org Org
@retval org_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not org:
raise BadRequest("The org parameter is missing")
#Only allow one root ION Org in the system
if org.name == ROOT_ION_ORG_NAME:
res_list, _ = self.clients.resource_registry.find_resources(
restype=RT.Org, name=ROOT_ION_ORG_NAME)
if len(res_list) > 0:
raise BadRequest('There can only be one Org named %s' %
ROOT_ION_ORG_NAME)
if not is_basic_identifier(org.name):
raise BadRequest(
"The Org name '%s' can only contain alphanumeric and underscore characters"
% org.name)
org_id, org_rev = self.clients.resource_registry.create(org)
org._id = org_id
org._rev = org_rev
#Instantiate a Directory for this Org
directory = Directory(orgname=org.name)
#Instantiate initial set of User Roles for this Org
manager_role = IonObject(RT.UserRole,
name=MANAGER_ROLE,
label='Org Manager',
description='Org Manager')
self.add_user_role(org_id, manager_role)
member_role = IonObject(RT.UserRole,
name=MEMBER_ROLE,
label='Org Member',
description='Org Member')
self.add_user_role(org_id, member_role)
return org_id
def create_resource_type(self, resource_type=None, object_id=""):
""" Should receive a ResourceType object
"""
# Return Value
# ------------
# {resource_type_id: ''}
#
if not is_basic_identifier(resource_type.name):
raise BadRequest("Invalid resource name: %s " % resource_type.name)
if not object_id:
raise BadRequest("Object_id is missing")
object_type= self.clients.resource_registry.read(object_id)
if resource_type.name != object_type.name:
raise BadRequest("Resource and object name don't match: %s - %s" (resource_type.name,object_type.name))
resource_id, version = self.clients.resource_registry.create(resource_type)
self.clients.resource_registry.create_association(resource_id, PRED.hasObjectType, object_id)
return resource_id
def create_resource_type(self, resource_type=None, object_id=""):
""" Should receive a ResourceType object
"""
# Return Value
# ------------
# {resource_type_id: ''}
#
if not is_basic_identifier(resource_type.name):
raise BadRequest("Invalid resource name: %s " % resource_type.name)
if not object_id:
raise BadRequest("Object_id is missing")
object_type= self.clients.resource_registry.read(object_id)
if resource_type.name != object_type.name:
raise BadRequest("Resource and object name don't match: %s - %s" (resource_type.name,object_type.name))
resource_id, version = self.clients.resource_registry.create(resource_type)
self.clients.resource_registry.create_association(resource_id, PRED.hasObjectType, object_id)
return resource_id
def create_workflow_definition(self, workflow_definition=None):
"""Creates a Workflow Definition resource which specifies the steps involved in a workflow process.
@param workflow_definition WorkflowDefinition
@retval workflow_definition_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(workflow_definition.name):
raise BadRequest("The workflow definition name '%s' can only contain alphanumeric and underscore characters" % workflow_definition.name)
workflow_definition_id, version = self.clients.resource_registry.create(workflow_definition)
workflow_definition = self.read_workflow_definition(workflow_definition_id)
self._update_workflow_associations(workflow_definition)
return workflow_definition_id
def create_role(self, user_role=None):
"""Persists the provided UserRole object. The name of a role can only contain
alphanumeric and underscore characters while the description can me human
readable. The id string returned is the internal id by which a UserRole will
be indentified in the data store.
@param user_role UserRole
@retval user_role_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(user_role.name):
raise BadRequest(
"The role name '%s' can only contain alphanumeric and underscore characters"
% user_role.name)
user_role_id, version = self.clients.resource_registry.create(
user_role)
return user_role_id
def create_workflow_definition(self, workflow_definition=None):
"""Creates a Workflow Definition resource which specifies the steps involved in a workflow process.
@param workflow_definition WorkflowDefinition
@retval workflow_definition_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(workflow_definition.name):
raise BadRequest("The workflow definition name '%s' can only contain alphanumeric and underscore characters" % workflow_definition.name)
workflow_definition_id, version = self.clients.resource_registry.create(workflow_definition)
workflow_definition = self.read_workflow_definition(workflow_definition_id)
self._update_workflow_associations(workflow_definition)
return workflow_definition_id
def update_org(self, org=None):
"""Updates the Org based on provided object.
@param org Org
@throws BadRequest if object does not have _id or _rev attribute
@throws NotFound object with specified id does not exist
@throws Conflict object not based on latest persisted object version
"""
if not org:
raise BadRequest("The org parameter is missing")
#If this governance identifier is not set, then set to a safe version of the org name.
if not org.org_governance_name:
org.org_governance_name = create_basic_identifier(org.name)
if not is_basic_identifier(org.org_governance_name):
raise BadRequest("The Org org_governance_name '%s' can only contain alphanumeric and underscore characters" % org.org_governance_name)
self.clients.resource_registry.update(org)
def create_policy(self, policy=None):
"""Persists the provided Policy object The id string returned
is the internal id by which Policy will be identified in the data store.
@param policy Policy
@retval policy_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(policy.name):
raise BadRequest("The policy name '%s' can only contain alphanumeric and underscore characters" % policy.name)
#If there is a policy_rule field then try to add the policy name and decription to the rule text
if hasattr(policy.policy_type, 'policy_rule'):
policy.policy_type.policy_rule = policy.policy_type.policy_rule % (policy.name, policy.description)
policy_id, version = self.clients.resource_registry.create(policy)
log.debug('Policy created: ' + policy.name)
return policy_id
def create_org(self, org=None):
"""Creates an Org based on the provided object. The id string returned
is the internal id by which Org will be identified in the data store.
@param org Org
@retval org_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not org:
raise BadRequest("The org parameter is missing")
#Only allow one root ION Org in the system
if org.name == self._get_root_org_name():
res_list,_ = self.clients.resource_registry.find_resources(restype=RT.Org, name=self._get_root_org_name())
if len(res_list) > 0:
raise BadRequest('There can only be one Org named %s' % self._get_root_org_name())
#If this governance identifier is not set, then set to a safe version of the org name.
if not org.org_governance_name:
org.org_governance_name = create_basic_identifier(org.name)
if not is_basic_identifier(org.org_governance_name):
raise BadRequest("The Org org_governance_name '%s' can only contain alphanumeric and underscore characters" % org.org_governance_name)
org_id, org_rev = self.clients.resource_registry.create(org)
org._id = org_id
org._rev = org_rev
#Instantiate a Directory for this Org
directory = Directory(orgname=org.name)
#Instantiate initial set of User Roles for this Org
manager_role = IonObject(RT.UserRole, name='Facility Administrator', governance_name=ORG_MANAGER_ROLE, description='Change Facility Information, assign Roles, post Facility events')
self.add_user_role(org_id, manager_role)
member_role = IonObject(RT.UserRole, name='Facility Member', governance_name=ORG_MEMBER_ROLE, description='Subscribe to events, set personal preferences')
self.add_user_role(org_id, member_role)
return org_id
def create_policy(self, policy=None):
"""Persists the provided Policy object The id string returned
is the internal id by which Policy will be identified in the data store.
@param policy Policy
@retval policy_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not policy:
raise BadRequest("The policy parameter is missing")
if not is_basic_identifier(policy.name):
raise BadRequest("The policy name '%s' can only contain alphanumeric and underscore characters" % policy.name)
try:
#If there is a policy_rule field then try to add the policy name and decription to the rule text
if hasattr(policy.policy_type, 'policy_rule'):
policy.policy_type.policy_rule = policy.policy_type.policy_rule % (policy.name, policy.description)
except Exception, e:
raise Inconsistent("Missing the elements in the policy rule to set the description: " + e.message)
def add_org_role(self, org_id="", user_role=None):
"""Adds a UserRole to an Org, if the role by the specified
name does not exist.
"""
org_obj = self._validate_resource_id("org_id", org_id, RT.Org)
self._validate_resource_obj("user_role", user_role, RT.UserRole, checks="noid,name")
if not is_basic_identifier(user_role.governance_name):
raise BadRequest("Invalid role governance_name")
user_role.org_governance_name = org_obj.org_governance_name
try:
self._find_org_role(org_id, user_role.governance_name)
raise BadRequest("Role '%s' is already associated with this Org" % user_role.governance_name)
except NotFound:
pass
user_role_id, _ = self.rr.create(user_role)
self.rr.create_association(org_obj, PRED.hasRole, user_role_id)
return user_role_id
def create_org(self, org=None):
"""Creates an Org based on the provided object. The id string returned
is the internal id by which Org will be identified in the data store.
"""
# Only allow one root ION Org in the system
self._validate_resource_obj("org", org, RT.Org, checks="noid,name,unique")
# If this governance identifier is not set, then set to a safe version of the org name.
if not org.org_governance_name:
org.org_governance_name = create_basic_identifier(org.name)
if not is_basic_identifier(org.org_governance_name):
raise BadRequest("The Org org_governance_name '%s' contains invalid characters" % org.org_governance_name)
org_id, _ = self.rr.create(org)
# Instantiate a Directory for this Org
directory = Directory(orgname=org.name)
# Instantiate initial set of User Roles for this Org
self._create_org_roles(org_id)
return org_id
def create_policy(self, policy=None):
"""Persists the provided Policy object. Returns the policy id.
"""
self._validate_resource_obj("policy", policy, RT.Policy, checks="noid,name")
if not is_basic_identifier(policy.name):
raise BadRequest("The policy name '%s' can only contain alphanumeric and underscore characters" % policy.name)
try:
# If there is a policy_rule field then try to add the policy name and description to the rule text
if policy.definition:
rule_tokens = dict(rule_id=policy.name, description=policy.description)
policy.definition = policy.definition.format(**rule_tokens)
except Exception as e:
raise Inconsistent("Missing the elements in the policy rule to set the description: " + e.message)
policy_id, _ = self.clients.resource_registry.create(policy)
policy._id = policy_id
log.debug('Policy created: ' + policy.name)
self._publish_policy_event(policy)
return policy_id
def create_policy(self, policy=None):
"""Persists the provided Policy object The id string returned
is the internal id by which Policy will be identified in the data store.
@param policy Policy
@retval policy_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not is_basic_identifier(policy.name):
raise BadRequest(
"The policy name '%s' can only contain alphanumeric and underscore characters"
% policy.name)
#If there is a policy_rule field then try to add the policy name and decription to the rule text
if hasattr(policy.policy_type, 'policy_rule'):
policy.policy_type.policy_rule = policy.policy_type.policy_rule % (
policy.name, policy.description)
policy_id, version = self.clients.resource_registry.create(policy)
log.debug('Policy created: ' + policy.name)
return policy_id
def create_org(self, org=None):
"""Persists the provided Org object. The id string returned
is the internal id by which Org will be identified in the data store.
@param org Org
@retval org_id str
@throws BadRequest if object passed has _id or _rev attribute
"""
if not org:
raise BadRequest("The org parameter is missing")
#Only allow one root ION Org in the system
if org.name == ROOT_ION_ORG_NAME:
res_list,_ = self.clients.resource_registry.find_resources(restype=RT.Org, name=ROOT_ION_ORG_NAME)
if len(res_list) > 0:
raise BadRequest('There can only be one Org named %s' % ROOT_ION_ORG_NAME)
if not is_basic_identifier(org.name):
raise BadRequest("The Org name '%s' can only contain alphanumeric and underscore characters" % org.name)
org_id, org_rev = self.clients.resource_registry.create(org)
org._id = org_id
org._rev = org_rev
#Instantiate a Directory for this Org
directory = Directory(orgname=org.name)
#Instantiate initial set of User Roles for this Org
manager_role = IonObject(RT.UserRole, name=MANAGER_ROLE,label='Org Manager', description='Org Manager')
self.add_user_role(org_id, manager_role)
member_role = IonObject(RT.UserRole, name=MEMBER_ROLE,label='Org Member', description='Org Member')
self.add_user_role(org_id, member_role)
return org_id
def test_is_basic_identifier(self):
self.assertFalse(is_basic_identifier('abc 123'))
self.assertTrue(is_basic_identifier('abc_123'))
def test_is_basic_identifier(self):
self.assertFalse(is_basic_identifier("abc 123"))
self.assertTrue(is_basic_identifier("abc_123"))
