def create_target(tree, target_id): """ Creates new acl_target element with id target_id. Raises LibraryError if target with wpecified id aleready exists. tree -- etree node target_id -- id of new target """ acl_el = get_acls(tree) # id of element acl_target is not type ID in CIB ACL schema so we don't need # to check if it is unique ID in whole CIB if acl_el.find("./acl_target[@id='{0}']".format(target_id)) is not None: raise LibraryError(reports.acl_target_already_exists(target_id)) return etree.SubElement(get_acls(tree), "acl_target", id=target_id)
def _get_target_like_list_with_tag(tree, tag): output_list = [] for target_el in get_acls(tree).findall("./{0}".format(tag)): output_list.append({ "id": target_el.get("id"), "role_list": _get_role_list_of_target(target_el), }) return output_list
def create_role(tree, role_id, description=""): """ role_id id of desired role description role description """ check_new_id_applicable(tree, "ACL role", role_id) role = etree.SubElement(get_acls(tree), "acl_role", id=role_id) if description: role.set("description", description)
def create_role(tree, role_id, description=""): """ role_id id of desired role description role description """ __validate_role_id_for_create(tree, role_id) role = etree.SubElement(get_acls(tree), "acl_role", id=role_id) if description: role.set("description", description)
def test_success_if_exists(self): self.cib.append_to_first_tag_name( "configuration", '<acls><acl_role id="test_role" /></acls>' ) self.assertEqual( "test_role", lib.get_acls(self.cib.tree)[0].get("id") )
def create_group(tree, group_id): """ Creates new acl_group element with specified id. Raises LibraryError if tree contains element with id group_id. tree -- etree node group_id -- id of new group """ check_new_id_applicable(tree, "ACL group", group_id) return etree.SubElement(get_acls(tree), "acl_group", id=group_id)
def find_group(tree, group_id): """ Returns acl_group etree element with specified id. Raise AclGroupNotFound if group with group_id doesn't exist. tree -- etree node group_id -- id of group to find """ role = get_acls(tree).find('./acl_group[@id="{0}"]'.format(group_id)) if role is None: raise AclGroupNotFound(group_id) return role
def find_target(tree, target_id): """ Return acl_target etree element with specified id. Raise AclTargetNotFound if target with specified id doesn't exist. tree -- etree node target_id -- if of target to find """ role = get_acls(tree).find('./acl_target[@id="{0}"]'.format(target_id)) if role is None: raise AclTargetNotFound(target_id) return role
def create_role(tree, role_id, description=None): """ Create new role element and add it to cib. Returns newly created role element. role_id id of desired role description role description """ check_new_id_applicable(tree, "ACL role", role_id) role = etree.SubElement(get_acls(tree), "acl_role", id=role_id) if description: role.set("description", description) return role
def get_config(lib_env): """ Returns ACL configuration in disctionary. Fromat of output: { "target_list": <list of targets>, "group_list": <list og groups>, "role_list": <list of roles>, } lib_env -- LibraryEnvironment """ acl_section = get_acls(lib_env.get_cib(REQUIRED_CIB_VERSION)) return { "target_list": acl.get_target_list(acl_section), "group_list": acl.get_group_list(acl_section), "role_list": acl.get_role_list(acl_section), }
def get_config(lib_env): """ Returns ACL configuration in dictionary. Format of output: { "target_list": <list of targets>, "group_list": <list og groups>, "role_list": <list of roles>, } lib_env -- LibraryEnvironment """ acl_section = get_acls(lib_env.get_cib(REQUIRED_CIB_VERSION)) return { "target_list": acl.get_target_list(acl_section), "group_list": acl.get_group_list(acl_section), "role_list": acl.get_role_list(acl_section), }
def get_role_list(tree): """ Returns list of all acl_role elements from tree. Format of items of output list: { "id": <role-id>, "description": <role-description>, "permission_list": [<see function _get_all_permission_list>, ...] } tree -- etree node """ output_list = [] for role_el in get_acls(tree).findall("./acl_role"): role = etree_element_attibutes_to_dict( role_el, ["id", "description"] ) role["permission_list"] = _get_permission_list(role_el) output_list.append(role) return output_list
def test_success_if_missing(self): acls = lib.get_acls(self.cib.tree) self.assertEqual("acls", acls.tag) self.assertEqual("configuration", acls.getparent().tag)
def cib_acl_section(env): yield get_acls(env.get_cib(REQUIRED_CIB_VERSION)) env.push_cib()
def acls(self): return get_acls(self.cib.tree)
def cib_acl_section(env): cib = env.get_cib(REQUIRED_CIB_VERSION) yield get_acls(cib) env.push_cib(cib)
def cib_acl_section(env): yield get_acls(env.get_cib()) env.push_cib()