def instance_hook(self, input, instance, attrs): # Parsing returns a generator which we exhaust be converting it into a list. # An exception is raised on any parsing error. list(parse_tls_channel_security_definition(self.request.input.value)) # So that username, an artificial and inherited field, is not an empty string. instance.username = input.username = input.name
def instance_hook(self, input, instance, attrs): # Parsing returns a generator which we exhaust be converting it into a list. # An exception is raised on any parsing error. list(parse_tls_channel_security_definition(self.request.input.value)) # So that username, an artificial and inherited field, is not an empty string. instance.username = input.username = input.name
def get_url_security(self, cluster_id, connection=None): """ Returns the security configuration of HTTP URLs. """ with closing(self.session()) as session: # What DB class to fetch depending on the string value of the security type. sec_type_db_class = { SEC_DEF_TYPE.APIKEY: APIKeySecurity, SEC_DEF_TYPE.BASIC_AUTH: HTTPBasicAuth, SEC_DEF_TYPE.OAUTH: OAuth, SEC_DEF_TYPE.TECH_ACCOUNT: TechnicalAccount, SEC_DEF_TYPE.WSS: WSSDefinition, SEC_DEF_TYPE.TLS_CHANNEL_SEC: TLSChannelSecurity, SEC_DEF_TYPE.XPATH_SEC: XPathSecurity, } result = {} q = query.http_soap_security_list(session, cluster_id, connection) columns = Bunch() # So ConfigDict has its data in the format it expects for c in q.statement.columns: columns[c.name] = None for item in q.all(): target = '{}{}{}'.format(item.soap_action, MISC.SEPARATOR, item.url_path) result[target] = Bunch() result[target].is_active = item.is_active result[target].transport = item.transport result[target].data_format = item.data_format if item.security_id: result[target].sec_def = Bunch() # Will raise KeyError if the DB gets somehow misconfigured. db_class = sec_type_db_class[item.sec_type] sec_def = session.query(db_class).\ filter(db_class.id==item.security_id).\ one() # Common things first result[target].sec_def.id = sec_def.id result[target].sec_def.name = sec_def.name result[target].sec_def.password = sec_def.password result[target].sec_def.sec_type = item.sec_type if item.sec_type == SEC_DEF_TYPE.TECH_ACCOUNT: result[target].sec_def.salt = sec_def.salt elif item.sec_type == SEC_DEF_TYPE.BASIC_AUTH: result[target].sec_def.username = sec_def.username result[target].sec_def.password = sec_def.password result[target].sec_def.realm = sec_def.realm elif item.sec_type == SEC_DEF_TYPE.APIKEY: result[target].sec_def.username = '******'.format( sec_def.username.upper().replace('-', '_')) result[target].sec_def.password = sec_def.password elif item.sec_type == SEC_DEF_TYPE.WSS: result[target].sec_def.username = sec_def.username result[target].sec_def.password = sec_def.password result[ target].sec_def.password_type = sec_def.password_type result[ target].sec_def.reject_empty_nonce_creat = sec_def.reject_empty_nonce_creat result[ target].sec_def.reject_stale_tokens = sec_def.reject_stale_tokens result[ target].sec_def.reject_expiry_limit = sec_def.reject_expiry_limit result[ target].sec_def.nonce_freshness_time = sec_def.nonce_freshness_time elif item.sec_type == SEC_DEF_TYPE.TLS_CHANNEL_SEC: result[target].sec_def.value = dict( parse_tls_channel_security_definition( sec_def.value)) elif item.sec_type == SEC_DEF_TYPE.XPATH_SEC: result[target].sec_def.username = sec_def.username result[target].sec_def.password = sec_def.password result[ target].sec_def.username_expr = sec_def.username_expr result[ target].sec_def.password_expr = sec_def.password_expr else: result[target].sec_def = ZATO_NONE return result, columns
def get_url_security(self, cluster_id, connection=None): """ Returns the security configuration of HTTP URLs. """ with closing(self.session()) as session: # What DB class to fetch depending on the string value of the security type. sec_type_db_class = { SEC_DEF_TYPE.APIKEY: APIKeySecurity, SEC_DEF_TYPE.BASIC_AUTH: HTTPBasicAuth, SEC_DEF_TYPE.OAUTH: OAuth, SEC_DEF_TYPE.TECH_ACCOUNT: TechnicalAccount, SEC_DEF_TYPE.WSS: WSSDefinition, SEC_DEF_TYPE.TLS_CHANNEL_SEC: TLSChannelSecurity, SEC_DEF_TYPE.XPATH_SEC: XPathSecurity, } result = {} q = query.http_soap_security_list(session, cluster_id, connection) columns = Bunch() # So ConfigDict has its data in the format it expects for c in q.statement.columns: columns[c.name] = None for item in q.all(): target = '{}{}{}'.format(item.soap_action, MISC.SEPARATOR, item.url_path) result[target] = Bunch() result[target].is_active = item.is_active result[target].transport = item.transport result[target].data_format = item.data_format if item.security_id: result[target].sec_def = Bunch() # Will raise KeyError if the DB gets somehow misconfigured. db_class = sec_type_db_class[item.sec_type] sec_def = session.query(db_class).\ filter(db_class.id==item.security_id).\ one() # Common things first result[target].sec_def.id = sec_def.id result[target].sec_def.name = sec_def.name result[target].sec_def.password = sec_def.password result[target].sec_def.sec_type = item.sec_type if item.sec_type == SEC_DEF_TYPE.TECH_ACCOUNT: result[target].sec_def.salt = sec_def.salt elif item.sec_type == SEC_DEF_TYPE.BASIC_AUTH: result[target].sec_def.username = sec_def.username result[target].sec_def.password = sec_def.password result[target].sec_def.realm = sec_def.realm elif item.sec_type == SEC_DEF_TYPE.APIKEY: result[target].sec_def.username = '******'.format(sec_def.username.upper().replace('-', '_')) result[target].sec_def.password = sec_def.password elif item.sec_type == SEC_DEF_TYPE.WSS: result[target].sec_def.username = sec_def.username result[target].sec_def.password = sec_def.password result[target].sec_def.password_type = sec_def.password_type result[target].sec_def.reject_empty_nonce_creat = sec_def.reject_empty_nonce_creat result[target].sec_def.reject_stale_tokens = sec_def.reject_stale_tokens result[target].sec_def.reject_expiry_limit = sec_def.reject_expiry_limit result[target].sec_def.nonce_freshness_time = sec_def.nonce_freshness_time elif item.sec_type == SEC_DEF_TYPE.TLS_CHANNEL_SEC: result[target].sec_def.value = dict(parse_tls_channel_security_definition(sec_def.value)) elif item.sec_type == SEC_DEF_TYPE.XPATH_SEC: result[target].sec_def.username = sec_def.username result[target].sec_def.password = sec_def.password result[target].sec_def.username_expr = sec_def.username_expr result[target].sec_def.password_expr = sec_def.password_expr else: result[target].sec_def = ZATO_NONE return result, columns
def instance_hook(self, input, instance, attrs): # Parsing returns a generator which we exhaust be converting it into a list. # An exception is raised on any parsing error. list(parse_tls_channel_security_definition(self.request.input.value))