def test_add_two_rules_and_get(self):
id1 = uuidutils.generate_uuid()
rule1_str = "p(x) :- q(x)"
id2 = uuidutils.generate_uuid()
rule2_str = "z(x) :- q(x)"
policy_name = "classification"
comment = "None"
db_policy_rules.add_policy_rule(id=id1,
policy_name=policy_name,
rule=rule1_str,
comment=comment)
db_policy_rules.add_policy_rule(id=id2,
policy_name=policy_name,
rule=rule2_str,
comment=comment)
rules = db_policy_rules.get_policy_rules(policy_name)
self.assertEqual(len(rules), 2)
self.assertEqual(id1, rules[0].id)
self.assertEqual(policy_name, rules[0].policy_name)
self.assertEqual(rule1_str, rules[0].rule)
self.assertEqual(comment, rules[0].comment)
self.assertEqual(id2, rules[1].id)
self.assertEqual(policy_name, rules[1].policy_name)
self.assertEqual(rule2_str, rules[1].rule)
self.assertEqual(comment, rules[1].comment)
self.assertEqual(len(db_policy_rules.get_policy_rules()), 2)
def test_add_two_rules_and_get(self):
id1 = uuidutils.generate_uuid()
rule1_str = "p(x) :- q(x)"
id2 = uuidutils.generate_uuid()
rule2_str = "z(x) :- q(x)"
policy_name = "classification"
comment = "None"
db_policy_rules.add_policy_rule(id=id1,
policy_name=policy_name,
rule=rule1_str,
comment=comment)
db_policy_rules.add_policy_rule(id=id2,
policy_name=policy_name,
rule=rule2_str,
comment=comment)
rules = db_policy_rules.get_policy_rules(policy_name)
self.assertEqual(len(rules), 2)
self.assertEqual(id1, rules[0].id)
self.assertEqual(policy_name, rules[0].policy_name)
self.assertEqual(rule1_str, rules[0].rule)
self.assertEqual(comment, rules[0].comment)
self.assertEqual(id2, rules[1].id)
self.assertEqual(policy_name, rules[1].policy_name)
self.assertEqual(rule2_str, rules[1].rule)
self.assertEqual(comment, rules[1].comment)
self.assertEqual(len(db_policy_rules.get_policy_rules()), 2)
def add_item(self, item, params, id_=None, context=None):
"""Add item to model.
Args:
item: The item to add to the model
params: A dict-like object containing parameters
from the request query string and body.
id_: The ID of the item, or None if an ID should be generated
context: Key-values providing frame of reference of request
Returns:
Tuple of (ID, newly_created_item)
Raises:
KeyError: ID already exists.
"""
if id_ is not None:
raise webservice.DataModelException(
*error_codes.get('add_item_id'))
str_rule = item['rule']
try:
rule = self.engine.parse(str_rule)
if len(rule) == 1:
rule = rule[0]
else:
(num, desc) = error_codes.get('multiple_rules')
raise webservice.DataModelException(
num, desc + ":: Received multiple rules: " +
"; ".join(str(x) for x in rule))
changes = self.change_rule(rule, context)
except PolicyException as e:
LOG.debug("add_item error: invalid rule syntax")
(num, desc) = error_codes.get('rule_syntax')
raise webservice.DataModelException(num, desc + "::" + str(e))
for change in changes:
if change.formula == rule:
d = {'rule': rule.pretty_str(),
'id': str(uuid.uuid4()),
'comment': None,
'name': item.get('name')}
policy_name = self.policy_name(context)
try:
db_policy_rules.add_policy_rule(
d['id'], policy_name, str_rule, d['comment'],
rule_name=d['name'])
return (d['id'], d)
except Exception as db_exception:
try:
self.change_rule(rule, context, insert=False)
except Exception as change_exception:
raise Exception(
"Error thrown during recovery from DB error. "
"Inconsistent state. DB error: %s. "
"New error: %s.", str(db_exception),
str(change_exception))
num, desc = error_codes.get('rule_already_exists')
raise webservice.DataModelException(
num, desc, http_status_code=httplib.CONFLICT)
def add_item(self, item, params, id_=None, context=None):
"""Add item to model.
Args:
item: The item to add to the model
params: A dict-like object containing parameters
from the request query string and body.
id_: The ID of the item, or None if an ID should be generated
context: Key-values providing frame of reference of request
Returns:
Tuple of (ID, newly_created_item)
Raises:
KeyError: ID already exists.
"""
if id_ is not None:
LOG.debug("add_item error: should not be given ID")
raise webservice.DataModelException(
*error_codes.get('add_item_id'))
str_rule = item['rule']
try:
rule = self.engine.parse(str_rule)
if len(rule) == 1:
rule = rule[0]
else:
LOG.debug("add_item error: given too many rules")
(num, desc) = error_codes.get('multiple_rules')
raise webservice.DataModelException(
num, desc + ":: Received multiple rules: " +
"; ".join(str(x) for x in rule))
changes = self.change_rule(rule, context)
except compile.CongressException as e:
LOG.debug("add_item error: invalid rule syntax")
(num, desc) = error_codes.get('rule_syntax')
raise webservice.DataModelException(num, desc + "::" + str(e))
for change in changes:
if change.formula == rule:
d = {
'rule': rule.pretty_str(),
'id': str(uuid.uuid4()),
'comment': None,
'name': item.get('name')
}
policy_name = self.policy_name(context)
db_policy_rules.add_policy_rule(d['id'],
policy_name,
str_rule,
d['comment'],
rule_name=d['name'])
return (d['id'], d)
num, desc = error_codes.get('rule_already_exists')
raise webservice.DataModelException(num,
desc,
http_status_code=httplib.CONFLICT)
def test_add_delete_get_policy_rule(self):
id = uuidutils.generate_uuid()
rule_str = "p(x) :- q(x)"
policy_name = "classification"
comment = "None"
db_policy_rules.add_policy_rule(id=id,
policy_name=policy_name,
rule=rule_str,
comment=comment)
db_policy_rules.delete_policy_rule(id)
rule = db_policy_rules.get_policy_rule(id, policy_name)
self.assertIsNone(rule)
def test_add_delete_get_policy_rule(self):
id = uuidutils.generate_uuid()
rule_str = "p(x) :- q(x)"
policy_name = "classification"
comment = "None"
db_policy_rules.add_policy_rule(id=id,
policy_name=policy_name,
rule=rule_str,
comment=comment)
db_policy_rules.delete_policy_rule(id)
rule = db_policy_rules.get_policy_rule(id, policy_name)
self.assertEqual(rule, None)
def test_add_get_policy_rule(self):
id = uuidutils.generate_uuid()
rule_str = "p(x) :- q(x)"
policy_name = "classification"
comment = "None"
db_policy_rules.add_policy_rule(id=id,
policy_name=policy_name,
rule=rule_str,
comment=comment)
rule = db_policy_rules.get_policy_rule(id, policy_name)
self.assertEqual(id, rule.id)
self.assertEqual(policy_name, rule.policy_name)
self.assertEqual(rule_str, rule.rule)
self.assertEqual(comment, rule.comment)
def add_item(self, item, params, id_=None, context=None):
"""Add item to model.
Args:
item: The item to add to the model
params: A dict-like object containing parameters
from the request query string and body.
id_: The ID of the item, or None if an ID should be generated
context: Key-values providing frame of reference of request
Returns:
Tuple of (ID, newly_created_item)
Raises:
KeyError: ID already exists.
"""
if id_ is not None:
LOG.debug("add_item error: should not be given ID")
raise webservice.DataModelException(
*error_codes.get('add_item_id'))
str_rule = item['rule']
try:
rule = compile.parse(str_rule, self.engine.module_schemas)
if len(rule) == 1:
rule = rule[0]
else:
LOG.debug("add_item error: given too many rules")
(num, desc) = error_codes.get('multiple_rules')
raise webservice.DataModelException(
num, desc + ":: Received multiple rules: " +
"; ".join(str(x) for x in rule))
changes = self.change_rule(rule, context)
except compile.CongressException as e:
LOG.debug("add_item error: invalid rule syntax")
(num, desc) = error_codes.get('rule_syntax')
raise webservice.DataModelException(num, desc + "::" + str(e))
for change in changes:
if change.formula == rule:
d = {'rule': rule.pretty_str(),
'id': rule.id,
'comment': None}
policy_name = self.policy_name(context)
db_policy_rules.add_policy_rule(d['id'], policy_name,
str_rule, d['comment'])
return (rule.id, d)
num, desc = error_codes.get('rule_already_exists')
raise webservice.DataModelException(
num, desc, http_status_code=httplib.CONFLICT)
def test_add_delete_get_deleted_policy_rule(self):
id = uuidutils.generate_uuid()
rule_str = "p(x) :- q(x)"
policy_name = "classification"
comment = "None"
rule1 = db_policy_rules.add_policy_rule(id=id,
policy_name=policy_name,
rule=rule_str,
comment=comment)
db_policy_rules.delete_policy_rule(id)
rule2 = db_policy_rules.get_policy_rule(id, policy_name, deleted=True)
self.assertEqual(rule1.id, rule2.id)
self.assertNotEqual(rule1.deleted, rule2.deleted)
def test_add_policy_rule(self):
id = uuidutils.generate_uuid()
rule_str = "p(x) :- q(x)"
policy_name = "classification"
comment = "None"
rule = db_policy_rules.add_policy_rule(id=id,
policy_name=policy_name,
rule=rule_str,
comment=comment)
self.assertEqual(id, rule.id)
self.assertEqual(policy_name, rule.policy_name)
self.assertEqual(rule_str, rule.rule)
self.assertEqual(comment, rule.comment)
def add_item(self, item, params, id_=None, context=None):
"""Add item to model.
Args:
item: The item to add to the model
params: A dict-like object containing parameters
from the request query string and body.
id_: The ID of the item, or None if an ID should be generated
context: Key-values providing frame of reference of request
Returns:
Tuple of (ID, newly_created_item)
Raises:
KeyError: ID already exists.
"""
if id_ is not None:
raise webservice.DataModelException(
*error_codes.get('add_item_id'))
# Reject rules inserted into non-persisted policies
# (i.e. datasource policies)
policy_name = self.policy_name(context)
policies = db_policy_rules.get_policies()
persisted_policies = set([p.name for p in policies])
if policy_name not in persisted_policies:
if policy_name in self.engine.theory:
LOG.debug("add_item error: rule not permitted for policy %s",
policy_name)
raise webservice.DataModelException(
*error_codes.get('rule_not_permitted'),
http_status_code=httplib.FORBIDDEN)
else:
LOG.debug("add_item error: policy %s not exist", policy_name)
raise webservice.DataModelException(
*error_codes.get('policy_not_exist'),
http_status_code=httplib.NOT_FOUND)
str_rule = item['rule']
id = uuid.uuid4()
try:
rule = self.engine.parse(str_rule)
if len(rule) == 1:
rule = rule[0]
else:
(num, desc) = error_codes.get('multiple_rules')
raise webservice.DataModelException(
num, desc + ":: Received multiple rules: " +
"; ".join(str(x) for x in rule))
rule.set_id(id)
rule.set_name(item.get('name'))
rule.set_comment(None)
rule.set_original_str(str_rule)
changes = self.change_rule(rule, context)
except exception.PolicyException as e:
LOG.debug("add_item error: invalid rule syntax")
(num, desc) = error_codes.get('rule_syntax')
raise webservice.DataModelException(num, desc + "::" + str(e))
for change in changes:
if change.formula == rule:
d = {'rule': rule.pretty_str(),
'id': str(id),
'comment': rule.comment,
'name': item.get('name')}
try:
db_policy_rules.add_policy_rule(
d['id'], policy_name, str_rule, d['comment'],
rule_name=d['name'])
return (d['id'], d)
except Exception as db_exception:
try:
self.change_rule(rule, context, insert=False)
except Exception as change_exception:
raise Exception(
"Error thrown during recovery from DB error. "
"Inconsistent state. DB error: %s. "
"New error: %s.", str(db_exception),
str(change_exception))
num, desc = error_codes.get('rule_already_exists')
raise webservice.DataModelException(
num, desc, http_status_code=httplib.CONFLICT)
