def parse_permissions(permissions):
roles = {}
path_config = load_path_config()
policy_dir = path_config.policy_dir
if permissions is not None:
for role_name in permissions:
policy_name = permissions[role_name]
policy_path = os.path.join(policy_dir, policy_name)
rules = []
if os.path.exists(policy_path):
with open(policy_path) as policy_file:
rules = policy_file.read().splitlines()
entries = []
for rule in rules:
rule = rule.split(" ")
if rule[0] == "PERMIT_KEY":
entry = Policy.Entry(type=Policy.PERMIT_KEY,
key=rule[1])
entries.append(entry)
elif rule[0] == "DENY_KEY":
entry = Policy.Entry(type=Policy.DENY_KEY, key=rule[1])
entries.append(entry)
policy = Policy(name=policy_name, entries=entries)
roles[role_name] = policy
else:
LOGGER.warning("%s does not exist. %s will not be set.",
policy_path, role_name)
if not roles:
return None
return roles
def make_policy(name, rules):
entries = []
for rule in rules:
rule = rule.split(" ")
if rule[0] == "PERMIT_KEY":
entry = Policy.Entry(type=Policy.PERMIT_KEY, key=rule[1])
entries.append(entry)
elif rule[0] == "DENY_KEY":
entry = Policy.Entry(type=Policy.DENY_KEY, key=rule[1])
entries.append(entry)
policy = Policy(name=name, entries=entries)
return policy
def add_policy(self, name, rules):
entries = []
for rule in rules:
rule = rule.split(" ")
if rule[0] == "PERMIT_KEY":
entry = Policy.Entry(type=Policy.PERMIT_KEY, key=rule[1])
entries.append(entry)
elif rule[0] == "DENY_KEY":
entry = Policy.Entry(type=Policy.DENY_KEY, key=rule[1])
entries.append(entry)
policy = Policy(name=name, entries=entries)
self.policies[name] = policy