Example #1
0
def acl_error_to_report_item(e):
    if e.__class__ == AclTargetNotFound:
        return reports.id_not_found(e.target_id, "user")
    elif e.__class__ == AclGroupNotFound:
        return reports.id_not_found(e.group_id, "group")
    elif e.__class__ == AclRoleNotFound:
        return reports.id_not_found(e.role_id, "role")
    raise e
Example #2
0
    def get_errors(self):
        """
        Report why the element has not been found or booking its id failed
        """
        if (self.element_found()
                or (self._book_errors is not None and not self._book_errors)):
            raise AssertionError(
                "Improper usage: cannot report errors when there are none")

        element = get_root(
            self._context_element).find(f'.//*[@id="{self._element_id}"]')

        if element is not None:
            if element.tag in self._tag_list:
                return [
                    reports.object_with_id_in_unexpected_context(
                        element.tag, self._element_id,
                        self._context_element.tag,
                        self._context_element.attrib.get("id", ""))
                ]
            return [
                reports.id_belongs_to_unexpected_type(
                    self._element_id,
                    expected_types=self._expected_types,
                    current_type=element.tag)
            ]
        if self._book_errors is None:
            return [
                reports.id_not_found(
                    self._element_id, self._expected_types,
                    self._context_element.tag,
                    self._context_element.attrib.get("id", ""))
            ]
        return self._book_errors
Example #3
0
def validate_permissions(tree, permission_info_list):
    """
    Validate given permission list.
    Raise LibraryError if any of permission is not valid.

    tree -- cib tree
    permission_info_list -- list of tuples like this:
        ("read|write|deny", "xpath|id", <id-or-xpath-string>)
    """
    report_items = []
    allowed_permissions = ["read", "write", "deny"]
    allowed_scopes = ["xpath", "id"]
    for permission, scope_type, scope in permission_info_list:
        if not permission in allowed_permissions:
            report_items.append(
                reports.invalid_option_value("permission", permission,
                                             allowed_permissions))

        if not scope_type in allowed_scopes:
            report_items.append(
                reports.invalid_option_value("scope type", scope_type,
                                             allowed_scopes))

        if scope_type == 'id' and not does_id_exist(tree, scope):
            report_items.append(reports.id_not_found(scope, ["id"]))

    if report_items:
        raise LibraryError(*report_items)
Example #4
0
def validate_permissions(tree, permission_info_list):
    """
    Validate given permission list.
    Raise LibraryError if any of permission is not valid.

    tree -- cib tree
    permission_info_list -- list of tuples like this:
        ("read|write|deny", "xpath|id", <id-or-xpath-string>)
    """
    report_items = []
    allowed_permissions = ["read", "write", "deny"]
    allowed_scopes = ["xpath", "id"]
    for permission, scope_type, scope in permission_info_list:
        if not permission in allowed_permissions:
            report_items.append(reports.invalid_option_value(
                "permission",
                permission,
                allowed_permissions
            ))

        if not scope_type in allowed_scopes:
            report_items.append(reports.invalid_option_value(
                "scope type",
                scope_type,
                allowed_scopes
            ))

        if scope_type == 'id' and not does_id_exist(tree, scope):
            report_items.append(reports.id_not_found(scope, "id"))

    if report_items:
        raise LibraryError(*report_items)
Example #5
0
def find_element_by_tag_and_id(
    tag, context_element, element_id, none_if_id_unused=False, id_description=""
):
    """
    Return element with given tag and element_id under context_element. When
    element does not exists raises LibraryError or return None if specified in
    none_if_id_unused.

    etree.Element(Tree) context_element is part of tree for element scan
    string|list tag is expected tag (or list of tags) of search element
    string element_id is id of search element
    bool none_if_id_unused if the element is not found then return None if True
        or raise a LibraryError if False
    string id_description optional description for id
    """
    tag_list = [tag] if is_string(tag) else tag
    element_list = context_element.xpath(
        './/*[({0}) and @id="{1}"]'.format(
            " or ".join(["self::{0}".format(one_tag) for one_tag in tag_list]),
            element_id
        )
    )

    if element_list:
        return element_list[0]

    element = get_root(context_element).find(
        './/*[@id="{0}"]'.format(element_id)
    )

    if element is not None:
        raise LibraryError(
            reports.id_belongs_to_unexpected_type(
                element_id,
                expected_types=tag_list,
                current_type=element.tag
            ) if element.tag not in tag_list
            else reports.object_with_id_in_unexpected_context(
                element.tag,
                element_id,
                context_element.tag,
                context_element.attrib.get("id", "")
            )
        )

    if none_if_id_unused:
        return None

    raise LibraryError(
        reports.id_not_found(
            element_id,
            id_description if id_description else "/".join(tag_list),
            context_element.tag,
            context_element.attrib.get("id", "")
        )
    )
Example #6
0
def find_element_by_tag_and_id(
    tag, context_element, element_id, none_if_id_unused=False, id_description=""
):
    """
    Return element with given tag and element_id under context_element. When
    element does not exists raises LibraryError or return None if specified in
    none_if_id_unused.

    etree.Element(Tree) context_element is part of tree for element scan
    string|list tag is expected tag (or list of tags) of search element
    string element_id is id of search element
    bool none_if_id_unused is flag, when is True and element with element_id
        does not exists function returns None
    string id_description optional description for id
    """
    tag_list = [tag] if is_string(tag) else tag
    element_list = context_element.xpath(
        './/*[({0}) and @id="{1}"]'.format(
            " or ".join(["self::{0}".format(one_tag) for one_tag in tag_list]),
            element_id
        )
    )

    if element_list:
        return element_list[0]

    element = get_root(context_element).find(
        './/*[@id="{0}"]'.format(element_id)
    )

    if element is not None:
        raise LibraryError(
            reports.id_belongs_to_unexpected_type(
                element_id,
                expected_types=tag_list,
                current_type=element.tag
            ) if element.tag not in tag_list
            else reports.object_with_id_in_unexpected_context(
                element.tag,
                element_id,
                context_element.tag,
                context_element.attrib.get("id", "")
            )
        )

    if none_if_id_unused:
        return None

    raise LibraryError(
       reports.id_not_found(
           element_id,
           id_description if id_description else "/".join(tag_list),
           context_element.tag,
           context_element.attrib.get("id", "")
       )
    )
Example #7
0
def _find_permission(tree, permission_id):
    """
    Returns acl_permission element with specified id.
    Raises LibraryError if that permission doesn't exist.

    tree -- etree node
    permisson_id -- id of permision element
    """
    permission = tree.find(".//acl_permission[@id='{0}']".format(permission_id))
    if permission is not None:
        return permission
    raise LibraryError(reports.id_not_found(permission_id, "permission"))
Example #8
0
def _resource_list_enable_disable(resource_el_list, func, cluster_state):
    report_list = []
    for resource_el in resource_el_list:
        res_id = resource_el.attrib["id"]
        try:
            if not is_resource_managed(cluster_state, res_id):
                report_list.append(reports.resource_is_unmanaged(res_id))
            func(resource_el)
        except ResourceNotFound:
            report_list.append(
                reports.id_not_found(
                    res_id, id_description="resource/clone/master/group"))
    return report_list
Example #9
0
def remove_group(tree, group_id):
    """
    Removes acl_group element from tree with specified id.
    Raises LibraryError if group with id group_id doesn't exist.

    tree -- etree node
    group_id -- id of group element to remove
    """
    try:
        group = find_group(tree, group_id)
        group.getparent().remove(group)
    except AclGroupNotFound:
        raise LibraryError(reports.id_not_found(group_id, "group"))
Example #10
0
def _resource_list_enable_disable(resource_el_list, func, cluster_state):
    report_list = []
    for resource_el in resource_el_list:
        res_id = resource_el.attrib["id"]
        try:
            if not is_resource_managed(cluster_state, res_id):
                report_list.append(reports.resource_is_unmanaged(res_id))
            func(resource_el)
        except ResourceNotFound:
            report_list.append(
                reports.id_not_found(
                    res_id, ["primitive", "clone", "group", "bundle"]))
    return report_list
Example #11
0
def remove_target(tree, target_id):
    """
    Removes acl_target element from tree with specified id.
    Raises LibraryError if target with id target_id doesn't exist.

    tree -- etree node
    target_id -- id of target element to remove
    """
    try:
        target = find_target(tree, target_id)
        target.getparent().remove(target)
    except AclTargetNotFound:
        raise LibraryError(reports.id_not_found(target_id, "user"))
Example #12
0
def get_recipient_by_id(tree, recipient_id):
    """
    Returns recipient element with value recipient_value which belong to
    specified alert.
    Raises LibraryError if recipient doesn't exist.

    tree -- cib etree node
    recipient_id -- id of recipient
    """
    recipient = get_alerts(tree).find(
        "./alert/recipient[@id='{0}']".format(recipient_id))
    if recipient is None:
        raise LibraryError(reports.id_not_found(recipient_id, "Recipient"))
    return recipient
Example #13
0
def get_recipient_by_id(tree, recipient_id):
    """
    Returns recipient element with value recipient_value which belong to
    specified alert.
    Raises LibraryError if recipient doesn't exist.

    tree -- cib etree node
    recipient_id -- id of recipient
    """
    recipient = get_alerts(tree).find(
        "./alert/recipient[@id='{0}']".format(recipient_id)
    )
    if recipient is None:
        raise LibraryError(reports.id_not_found(recipient_id, "Recipient"))
    return recipient
Example #14
0
def _resource_list_enable_disable(
    resource_el_list, func, id_provider, cluster_state
):
    report_list = []
    for resource_el in resource_el_list:
        res_id = resource_el.attrib["id"]
        try:
            if not is_resource_managed(cluster_state, res_id):
                report_list.append(reports.resource_is_unmanaged(res_id))
            func(resource_el, id_provider)
        except ResourceNotFound:
            report_list.append(
                reports.id_not_found(
                    res_id,
                    ["primitive", "clone", "group", "bundle", "master"]
               )
            )
    return report_list
Example #15
0
    def get_errors(self):
        """
        Report why the element has not been found or booking its id failed
        """
        if (
            self.element_found()
            or
            (self._book_errors is not None and not self._book_errors)
        ):
            raise AssertionError(
                "Improper usage: cannot report errors when there are none"
            )

        element = get_root(self._context_element).find(
            f'.//*[@id="{self._element_id}"]'
        )

        if element is not None:
            if element.tag in self._tag_list:
                return [
                    reports.object_with_id_in_unexpected_context(
                        element.tag,
                        self._element_id,
                        self._context_element.tag,
                        self._context_element.attrib.get("id", "")
                    )
                ]
            return [
                reports.id_belongs_to_unexpected_type(
                    self._element_id,
                    expected_types=self._expected_types,
                    current_type=element.tag
                )
            ]
        if self._book_errors is None:
            return [
                reports.id_not_found(
                    self._element_id,
                    self._expected_types,
                    self._context_element.tag,
                    self._context_element.attrib.get("id", "")
                )
            ]
        return self._book_errors
Example #16
0
File: acl.py Project: jmartign/pcs
def _get_target_or_group(cib, target_or_group_id):
    """
    Returns acl_target or acl_group element with id target_or_group_id. Target
    element has bigger pririty so if there are target and group with same id
    only target element will be affected by this function.
    Raises LibraryError if there is no target or group element with
    specified id.

    cib -- cib etree node
    target_or_group_id -- id of target/group element which should be returned
    """
    try:
        return acl.find_target(cib, target_or_group_id)
    except acl.AclTargetNotFound:
        try:
            return acl.find_group(cib, target_or_group_id)
        except acl.AclGroupNotFound:
            raise LibraryError(
                reports.id_not_found(target_or_group_id, "user/group"))
Example #17
0
def _get_target_or_group(cib, target_or_group_id):
    """
    Returns acl_target or acl_group element with id target_or_group_id. Target
    element has bigger pririty so if there are target and group with same id
    only target element will be affected by this function.
    Raises LibraryError if there is no target or group element with
    specified id.

    cib -- cib etree node
    target_or_group_id -- id of target/group element which should be returned
    """
    try:
        return acl.find_target(cib, target_or_group_id)
    except acl.AclTargetNotFound:
        try:
            return acl.find_group(cib, target_or_group_id)
        except acl.AclGroupNotFound:
            raise LibraryError(
                reports.id_not_found(target_or_group_id, "user/group")
            )
Example #18
0
File: acl.py Project: dchirikov/pcs
def __validate_permissions(tree, permission_info_list):
    report_items = []
    allowed_permissions = ["read", "write", "deny"]
    allowed_scopes = ["xpath", "id"]
    for permission, scope_type, scope in permission_info_list:
        if not permission in allowed_permissions:
            report_items.append(reports.invalid_option_value(
                "permission",
                permission,
                allowed_permissions
            ))

        if not scope_type in allowed_scopes:
            report_items.append(reports.invalid_option_value(
                "scope type",
                scope_type,
                allowed_scopes
            ))

        if scope_type == 'id' and not does_id_exist(tree, scope):
            report_items.append(reports.id_not_found(scope, "id"))

    if report_items:
        raise LibraryError(*report_items)
Example #19
0
File: acl.py Project: dchirikov/pcs
def __find_role(tree, role_id):
    role = tree.find('.//acl_role[@id="{0}"]'.format(role_id))
    if role is not None:
        return role
    raise AclRoleNotFound(reports.id_not_found(role_id, "role"))