def list_evals_impl(dbsession, userId, policyId=None, imageDigest=None, tag=None, evalId=None, newest_only=False):
logger.debug("looking up eval record: " + userId)
# set up the filter based on input
dbfilter = {}
if policyId is not None:
dbfilter['policyId'] = policyId
if imageDigest is not None:
dbfilter['imageDigest'] = imageDigest
if tag is not None:
dbfilter['tag'] = tag
if evalId is not None:
dbfilter['evalId'] = evalId
if newest_only:
records = db_policyeval.tsget_byfilter(userId, session=dbsession, **dbfilter)
if len(records) > 0:
return records
# perform an interactive eval to get/install the latest
try:
logger.debug("performing eval refresh: " + str(dbfilter))
imageDigest = dbfilter['imageDigest']
if 'tag' in dbfilter:
evaltag = dbfilter['tag']
else:
evaltag = None
if 'policyId' in dbfilter:
policyId = dbfilter['policyId']
else:
policyId = None
rc = catalog_impl.perform_policy_evaluation(userId, imageDigest, dbsession, evaltag=evaltag, policyId=policyId)
except Exception as err:
logger.error(
"interactive eval failed, will return any in place evaluation records - exception: " + str(err))
records = db_policyeval.tsget_byfilter(userId, session=dbsession, **dbfilter)
# Return None instead?
#if not records:
# raise Exception("eval not found in DB")
return records
def do_policy_delete(userId, policy_record, dbsession, cleanup_evals=False, force=False):
"""
Non-api delete of policy
:param userId:
:param policy_record:
:param dbsession:
:param cleanup_evals:
:param force:
:return:
"""
return_object = False
httpcode = 500
try:
policyId = policy_record['policyId']
rc = db_policybundle.delete(policyId, userId, session=dbsession)
if not rc:
httpcode = 500
raise Exception("DB delete of policyId ("+str(policyId)+") failed")
else:
if cleanup_evals:
dbfilter = {"policyId": policyId}
eval_records = db_policyeval.tsget_byfilter(userId, session=dbsession, **dbfilter)
for eval_record in eval_records:
db_policyeval.delete_record(eval_record, session=dbsession)
return_object = True
httpcode = 200
except Exception as err:
return_object = str(err)
return return_object, httpcode
def list_evals_impl(dbsession, userId, policyId=None, imageDigest=None, tag=None, evalId=None, newest_only=False, interactive=False):
logger.debug("looking up eval record: " + userId)
object_store_mgr = object_store.get_manager()
# set up the filter based on input
dbfilter = {}
latest_eval_record = latest_eval_result = None
if policyId is not None:
dbfilter['policyId'] = policyId
if imageDigest is not None:
dbfilter['imageDigest'] = imageDigest
if tag is not None:
dbfilter['tag'] = tag
if evalId is not None:
dbfilter['evalId'] = evalId
# perform an interactive eval to get/install the latest
try:
logger.debug("performing eval refresh: " + str(dbfilter))
imageDigest = dbfilter['imageDigest']
if 'tag' in dbfilter:
evaltag = dbfilter['tag']
else:
evaltag = None
if 'policyId' in dbfilter:
policyId = dbfilter['policyId']
else:
policyId = None
latest_eval_record, latest_eval_result = catalog_impl.perform_policy_evaluation(userId, imageDigest, dbsession, evaltag=evaltag, policyId=policyId, interactive=interactive, newest_only=newest_only)
except Exception as err:
logger.error("interactive eval failed - exception: {}".format(err))
records = []
if interactive or newest_only:
try:
latest_eval_record['result'] = latest_eval_result
records = [latest_eval_record]
except:
raise Exception("interactive or newest_only eval requested, but unable to perform eval at this time")
else:
records = db_policyeval.tsget_byfilter(userId, session=dbsession, **dbfilter)
for record in records:
try:
result = object_store_mgr.get_document(userId, 'policy_evaluations', record['evalId'])
record['result'] = result
except:
record['result'] = {}
return records
def list_evals_impl(dbsession,
userId,
policyId=None,
imageDigest=None,
tag=None,
evalId=None,
newest_only=False,
interactive=False):
logger.debug("looking up eval record: " + userId)
# set up the filter based on input
dbfilter = {}
if policyId is not None:
dbfilter['policyId'] = policyId
if imageDigest is not None:
dbfilter['imageDigest'] = imageDigest
if tag is not None:
dbfilter['tag'] = tag
if evalId is not None:
dbfilter['evalId'] = evalId
# perform an interactive eval to get/install the latest
try:
logger.debug("performing eval refresh: " + str(dbfilter))
imageDigest = dbfilter['imageDigest']
if 'tag' in dbfilter:
evaltag = dbfilter['tag']
else:
evaltag = None
if 'policyId' in dbfilter:
policyId = dbfilter['policyId']
else:
policyId = None
latest_eval_record, latest_eval_result = catalog_impl.perform_policy_evaluation(
userId,
imageDigest,
dbsession,
evaltag=evaltag,
policyId=policyId,
interactive=interactive,
newest_only=newest_only)
except Exception as err:
logger.error(
"interactive eval failed, will return any in place evaluation records - exception: "
+ str(err))
records = []
if interactive or newest_only:
latest_eval_record['result'] = latest_eval_result
records = [latest_eval_record]
else:
records = db_policyeval.tsget_byfilter(userId,
session=dbsession,
**dbfilter)
for record in records:
try:
result = archive_sys.get_document(userId, 'policy_evaluations',
record['evalId'])
record['result'] = result
except:
record['result'] = {}
return records