def update_policy_neutron(request):
try:
#shutil.copy('/etc/nova/test_nova_policy.json', '/etc/nova/new.json')
LOG.info("==================== action =====================")
#action = request.data['action']
LOG.info(request.data.get("action"))
LOG.info(request.data['roles'])
mypolicy = policy.Enforcer()
mypolicy._load_policy_file('/etc/neutron/policy.json', False)
out = {}
for key, value in mypolicy.rules.items():
if isinstance(value, policy.TrueCheck):
out[key] = ''
else:
out[key] = str(value)
if request.data['roles'] == "all":
new_roles = ""
elif request.data['roles'] == '':
return Response(
{
'success': False,
"msg": _('No role is selected!')
},
status=status.HTTP_201_CREATED)
else:
new_roles = request.data['roles'].replace(',', ' or ')
#new_roles = new_roles.replace('owner', 'project_id:%(project_id)s')
#new_roles = new_roles.replace('owner', 'admin_or_owner')
#LOG.info(new_roles)
for key in out:
if key == request.data['action']:
out[key] = new_roles
#LOG.info(out[key])
policy_json = jsonutils.dumps(out)
policy_json = policy_json.replace(',', ',\n')
f = open('/etc/neutron/policy.json', 'w')
try:
f.write(policy_json)
except:
write_fail_msg = 'Failed to write policy information to file!'
f.close()
return Response({"success": False, "msg": _(write_fail_msg)})
f.close()
return Response(
{
'success': True,
"msg": _('Policy_Neutron is updated successfully!')
},
status=status.HTTP_201_CREATED)
except Exception as e:
LOG.error("Failed to update policy_neutron, msg:[%s]" % e)
return Response({
"success":
False,
"msg":
_('Failed to update policy_neutron for unknown reason.')
})
def _get_enforcer():
global _ENFORCER
if not _ENFORCER:
_ENFORCER = {}
policy_files = getattr(settings, 'POLICY_FILES', {})
for service in policy_files.keys():
enforcer = policy.Enforcer()
enforcer.policy_path = os.path.join(_BASE_PATH,
policy_files[service])
if os.path.isfile(enforcer.policy_path):
LOG.debug("adding enforcer for service: %s" % service)
_ENFORCER[service] = enforcer
else:
LOG.warn("policy file for service: %s not found at %s" %
(service, enforcer.policy_path))
return _ENFORCER
def list(self, request):
#queryset = Policy_Neutron.objects.all()
LOG.info("******** list method **********")
mypolicy = policy.Enforcer()
LOG.info("********* mypolicy is ***********" + str(mypolicy))
mypolicy._load_policy_file('/etc/neutron/policy.json', False)
LOG.info("**************")
out = {}
LOG.info(mypolicy.rules)
for key, value in mypolicy.rules.items():
if isinstance(value, policy.TrueCheck):
out[key] = ''
else:
out[key] = str(value)
#------------------------- get role -------------------------------------
#rc = create_rc_by_dc(DataCenter.objects.all()[0])
#roles = []
#for role in keystone.role_list(rc):
# roles.append({"role":role.name})
#sorted_rule = sorted(out.iteritems(), key=lambda d:d[0])
result = []
action = [
'create_subnet', "get_subnet", "update_subnet", "delete_subnet",
"create_network", "get_network", "update_network", "delete_network"
]
#-------------------------- return policy-------------------------------------
for key in out:
if key in action:
if out[key] == '':
out[key] = ['all']
else:
out[key] = format_role(out[key])
result.append({'action': key, 'role': out[key]})
#role_data = User.objects.all().filter(username= '******')
#LOG.info(role_data)
#role_udc = UserDataCenter.objects.all().filter(user=role_data[0].id)
#role_udc = UserDataCenter.objects.get(user=role_data[0])
#LOG.info("-----------UserDataCenter---------------")
#LOG.info(role_data.is_superuser)
#LOG.info(DataCenter.objects.all())
#LOG.info(type(UserDataCenter.objects.all().filter(user=role_data[0])[0].user))
#LOG.info(role_udc.keystone_user)
#LOG.info(role_udc.keystone_password)
#LOG.info(role_udc.tenant_name)
#LOG.info(role_udc.tenant_uuid)
#LOG.info(role_udc.data_center.auth_url)
#LOG.info(str(request.session))
#LOG.info(UDC)
# rc = create_rc_by_dc(DataCenter.objects.all()[0])
# roles = keystone.role_list(rc)
# for name in roles:
# LOG.info(name.name)
#LOG.info(rc)
#LOG.info(request.data.get("auth_url"))
#try:
# LOG.info(keystone.role_list(request))
return Response(result)