def execute_method_with_resource(self, resource_id, method_name, **kwargs):
try:
args = [resource_id]
return execute_method(self, method_name, *args, **kwargs)
except Unauthorized:
# No need to do anything if the user was unauthorized. This is NOT an error, just means the user does not have the proper rights.
pass
except Exception, e:
log.error("Error executing method %s for resource id %s: %s" % (method_name, resource_id, str(e)))
def execute_method_with_resource(self, resource_id, method_name, **kwargs):
try:
args = [resource_id]
return execute_method(self, method_name, *args, **kwargs)
except Unauthorized:
#No need to do anything if the user was unauthorized. This is NOT an error, just means the user does not have the proper rights.
pass
except Exception as e:
log.error('Error executing method %s for resource id %s: %s' %
(method_name, resource_id, str(e)))
return None
def evaluate(self, *inputs):
"""Match input attribute values
@param attribute1: the name of a function to execute
@type attribute1: ndg.xacml.core.attributevalue.AttributeValue derived
@param attribute2: an object where the function is located
@type attribute2: ndg.xacml.core.attributevalue.AttributeValue derived
@param attribute3: an optional dict with the message parameters
@type attribute3: ndg.xacml.core.attributevalue.AttributeValue derived
@return: True if code evaluates to True, False otherwise
@rtype: bool
"""
error_msg = ""
function_name = inputs[0]
if not isinstance(function_name, AttributeValue) and not isinstance(
function_name.elementType, self.__class__.ATTRIB1_TYPE
):
raise XacmlContextTypeError(
'Expecting %r derived type for "attribute1"; got %r'
% (self.__class__.ATTRIB1_TYPE, type(function_name))
)
if isinstance(inputs[1], Bag):
parameter_dict = inputs[1][0]
else:
parameter_dict = inputs[1]
if not isinstance(parameter_dict, AttributeValue) and not isinstance(
parameter_dict.elementType, self.__class__.ATTRIB2_TYPE
):
raise XacmlContextTypeError(
'Expecting %r derived type for "attribute2"; got %r'
% (self.__class__.ATTRIB2_TYPE, type(parameter_dict))
)
try:
ret_val, error_msg = execute_method(
execution_object=parameter_dict.value["process"],
method_name=function_name.value,
**parameter_dict.value
)
if not ret_val:
parameter_dict.value["annotations"][GovernanceDispatcher.POLICY__STATUS_REASON_ANNOTATION] = error_msg
except Exception as e:
log.exception(e)
ret_val = False
parameter_dict.value["annotations"][GovernanceDispatcher.POLICY__STATUS_REASON_ANNOTATION] = e.message
return ret_val
def evaluate(self, *inputs):
"""Match input attribute values
@param attribute1: the name of a function to execute
@type attribute1: ndg.xacml.core.attributevalue.AttributeValue derived
@param attribute2: an object where the function is located
@type attribute2: ndg.xacml.core.attributevalue.AttributeValue derived
@param attribute3: an optional dict with the message parameters
@type attribute3: ndg.xacml.core.attributevalue.AttributeValue derived
@return: True if code evaluates to True, False otherwise
@rtype: bool
"""
error_msg = ''
function_name = inputs[0]
if not isinstance(function_name, AttributeValue) and not isinstance(
function_name.elementType, self.__class__.ATTRIB1_TYPE):
raise XacmlContextTypeError(
'Expecting %r derived type for "attribute1"; got %r' %
(self.__class__.ATTRIB1_TYPE, type(function_name)))
if isinstance(inputs[1], Bag):
parameter_dict = inputs[1][0]
else:
parameter_dict = inputs[1]
if not isinstance(parameter_dict, AttributeValue) and not isinstance(
parameter_dict.elementType, self.__class__.ATTRIB2_TYPE):
raise XacmlContextTypeError(
'Expecting %r derived type for "attribute2"; got %r' %
(self.__class__.ATTRIB2_TYPE, type(parameter_dict)))
try:
ret_val, error_msg = execute_method(
execution_object=parameter_dict.value['process'],
method_name=function_name.value,
**parameter_dict.value)
if not ret_val:
parameter_dict.value['annotations'][
GovernanceDispatcher.
POLICY__STATUS_REASON_ANNOTATION] = error_msg
except Exception as e:
log.exception(e)
ret_val = False
parameter_dict.value['annotations'][
GovernanceDispatcher.
POLICY__STATUS_REASON_ANNOTATION] = e.message
return ret_val
