def _save_service_enable_disable_rules(self, services, value): if not services: return rulesets = watolib.AllRulesets() rulesets.load() try: ruleset = rulesets.get("ignored_services") except KeyError: ruleset = watolib.Ruleset("ignored_services", ruleset_matcher.get_tag_to_group_map(config.tags)) modified_folders = [] service_patterns = [service_description_to_condition(s) for s in services] modified_folders += self._remove_from_rule_of_host(ruleset, service_patterns, value=not value) # Check whether or not the service still needs a host specific setting after removing # the host specific setting above and remove all services from the service list # that are fine without an additional change. for service in list(services): value_without_host_rule = ruleset.analyse_ruleset(self._host.name(), service, service)[0] if (not value and value_without_host_rule in [None, False]) \ or value == value_without_host_rule: services.remove(service) service_patterns = [service_description_to_condition(s) for s in services] modified_folders += self._update_rule_of_host(ruleset, service_patterns, value=value) for folder in modified_folders: rulesets.save_folder(folder)
def _save_service_enable_disable_rules(self, services, value): if not services: return def _compile_patterns(_services, unescaped="exclude"): ret = [] for svc in _services: ret.append({"$regex": "%s$" % re.escape(svc)}) if unescaped == "include": ret.append({"$regex": "%s$" % svc}) return ret rulesets = watolib.AllRulesets() rulesets.load() try: ruleset = rulesets.get("ignored_services") except KeyError: ruleset = watolib.Ruleset( "ignored_services", ruleset_matcher.get_tag_to_group_map(config.tags)) modified_folders = [] service_patterns = _compile_patterns(services, unescaped="include") modified_folders += self._remove_from_rule_of_host(ruleset, service_patterns, value=not value) # Check whether or not the service still needs a host specific setting after removing # the host specific setting above and remove all services from the service list # that are fine without an additional change. for service in list(services): value_without_host_rule = ruleset.analyse_ruleset( self._host.name(), service, service)[0] if (not value and value_without_host_rule in [None, False]) \ or value == value_without_host_rule: services.remove(service) service_patterns = _compile_patterns(services) modified_folders += self._update_rule_of_host(ruleset, service_patterns, value=value) for folder in modified_folders: rulesets.save_folder(folder)
def _set(self, request): # Py2: This encoding here should be kept Otherwise and unicode encoded text will be written # into the configuration file with unknown side effects ruleset_name = ensure_str(request["ruleset_name"]) # Future validation, currently the rule API actions are admin only, so the check is pointless # may_edit_ruleset(ruleset_name) # Check if configuration hash has changed in the meantime ruleset_dict = self._get_ruleset_configuration(ruleset_name) if "configuration_hash" in request: validate_config_hash(request["configuration_hash"], ruleset_dict) # Check permissions of new rules and rules we are going to delete new_ruleset = request["ruleset"] folders_set_ruleset = set(new_ruleset.keys()) folders_obsolete_ruleset = set(ruleset_dict.keys()) - folders_set_ruleset for check_folders in [folders_set_ruleset, folders_obsolete_ruleset]: for folder_path in check_folders: if not watolib.Folder.folder_exists(folder_path): raise MKUserError(None, _("Folder %s does not exist") % folder_path) rule_folder = watolib.Folder.folder(folder_path) rule_folder.need_permission("write") tag_to_group_map = ruleset_matcher.get_tag_to_group_map(config.tags) # Verify all rules rule_vs = watolib.Ruleset(ruleset_name, tag_to_group_map).rulespec.valuespec for folder_path, rules in new_ruleset.items(): for rule in rules: value = rule["value"] try: rule_vs.validate_datatype(value, "test_value") rule_vs.validate_value(value, "test_value") except MKException as e: raise MKGeneralException("ERROR: %s. Affected Rule %r" % (str(e), rule)) # Add new rulesets for folder_path, rules in new_ruleset.items(): folder = watolib.Folder.folder(folder_path) new_ruleset = watolib.Ruleset(ruleset_name, tag_to_group_map) new_ruleset.from_config(folder, rules) folder_rulesets = watolib.FolderRulesets(folder) folder_rulesets.load() # TODO: This add_change() call should be made by the data classes watolib.add_change("edit-ruleset", _("Set ruleset '%s' for '%s' with %d rules") % ( new_ruleset.title(), folder.title(), len(rules), ), sites=folder.all_site_ids(), object_ref=new_ruleset.object_ref()) folder_rulesets.set(ruleset_name, new_ruleset) folder_rulesets.save() # Remove obsolete rulesets for folder_path in folders_obsolete_ruleset: folder = watolib.Folder.folder(folder_path) folder_rulesets = watolib.FolderRulesets(folder) folder_rulesets.load() new_ruleset = watolib.Ruleset(ruleset_name, tag_to_group_map) new_ruleset.from_config(folder, []) # TODO: This add_change() call should be made by the data classes watolib.add_change("edit-ruleset", _("Deleted ruleset '%s' for '%s'") % ( new_ruleset.title(), folder.title(), ), sites=folder.all_site_ids(), object_ref=new_ruleset.object_ref()) folder_rulesets.set(ruleset_name, new_ruleset) folder_rulesets.save()
def _set(self, request): # NOTE: This encoding here should be kept # Otherwise and unicode encoded text will be written into the # configuration file with unknown side effects ruleset_name = request["ruleset_name"].encode("utf-8") # Future validation, currently the rule API actions are admin only, so the check is pointless # may_edit_ruleset(ruleset_name) # Check if configuration hash has changed in the meantime ruleset_dict = self._get_ruleset_configuration(ruleset_name) if "configuration_hash" in request: validate_config_hash(request["configuration_hash"], ruleset_dict) # Check permissions of new rules and rules we are going to delete new_ruleset = request["ruleset"] folders_set_ruleset = set(new_ruleset.keys()) folders_obsolete_ruleset = set( ruleset_dict.keys()) - folders_set_ruleset for check_folders in [folders_set_ruleset, folders_obsolete_ruleset]: for folder_path in check_folders: if not watolib.Folder.folder_exists(folder_path): raise MKUserError( None, _("Folder %s does not exist") % folder_path) rule_folder = watolib.Folder.folder(folder_path) rule_folder.need_permission("write") # Verify all rules rule_vs = watolib.Ruleset(ruleset_name).rulespec.valuespec for folder_path, rules in new_ruleset.items(): for rule in rules: if "negate" in rule: continue # ugly, rules with a boolean value have a different representation value = rule["value"] try: rule_vs.validate_datatype(value, "test_value") rule_vs.validate_value(value, "test_value") except MKException as e: # TODO: The abstract MKException should never be instanciated directly # Change this call site and make MKException an abstract base class raise MKException("ERROR: %s. Affected Rule %r" % (str(e), rule)) # Add new rulesets for folder_path, rules in new_ruleset.items(): folder = watolib.Folder.folder(folder_path) new_ruleset = watolib.Ruleset(ruleset_name) new_ruleset.from_config(folder, rules) folder_rulesets = watolib.FolderRulesets(folder) folder_rulesets.load() # TODO: This add_change() call should be made by the data classes watolib.add_change("edit-ruleset", _("Set ruleset '%s' for '%s' with %d rules") % ( new_ruleset.title(), folder.title(), len(rules), ), sites=folder.all_site_ids()) folder_rulesets.set(ruleset_name, new_ruleset) folder_rulesets.save() # Remove obsolete rulesets for folder_path in folders_obsolete_ruleset: folder = watolib.Folder.folder(folder_path) folder_rulesets = watolib.FolderRulesets(folder) folder_rulesets.load() # TODO: This add_change() call should be made by the data classes watolib.add_change("edit-ruleset", _("Deleted ruleset '%s' for '%s'") % ( watolib.Ruleset(ruleset_name).title(), folder.title(), ), sites=folder.all_site_ids()) new_ruleset = watolib.Ruleset(ruleset_name) new_ruleset.from_config(folder, []) folder_rulesets.set(ruleset_name, new_ruleset) folder_rulesets.save()