def get_active_service_access_policy_rules(self,
service_name='',
org_name=''):
"""Generates the set of all enabled access policies for the specified service within
the specified Org. If the org_name is not provided, then the root ION Org will be assumed.
"""
# TODO - extend to handle Org specific service policies at some point.
rq = ResourceQuery()
rq.set_filter(rq.filter_type(RT.Policy),
rq.filter_attribute("enabled", True))
if service_name:
rq.add_filter(
rq.or_(
rq.filter_attribute("policy_type",
PolicyTypeEnum.COMMON_SERVICE_ACCESS),
rq.and_(
rq.filter_attribute("policy_type", [
PolicyTypeEnum.SERVICE_ACCESS,
PolicyTypeEnum.SERVICE_OP_PRECOND
]),
rq.filter_attribute("details.service_name",
service_name))))
else:
rq.add_filter(
rq.filter_attribute("policy_type",
PolicyTypeEnum.COMMON_SERVICE_ACCESS))
policy_list = self.clients.resource_registry.find_resources_ext(
query=rq.get_query(), id_only=False)
policy_list.sort(key=lambda o: (o.ordinal, o.ts_created))
return policy_list
def get_active_process_operation_preconditions(self, process_key='', op='', org_name=''):
"""Generates the set of all enabled precondition policies for the specified process operation
within the specified Org. If the org_name is not provided, then the root ION Org will be assumed.
"""
# TODO - extend to handle Org specific service policies at some point.
if not process_key:
raise BadRequest("The process_key argument is missing")
rq = ResourceQuery()
rq.set_filter(rq.filter_type(RT.Policy),
rq.filter_attribute("enabled", True),
rq.filter_attribute("policy_type", PolicyTypeEnum.PROC_OP_PRECOND),
rq.filter_attribute("details.process_key", process_key))
if op:
rq.add_filter(rq.filter_attribute("details.op", op))
policy_list = self.clients.resource_registry.find_resources_ext(query=rq.get_query(), id_only=False)
policy_list.sort(key=lambda o: (o.ordinal, o.ts_created))
return policy_list
def get_active_service_access_policy_rules(self, service_name='', org_name=''):
"""Generates the set of all enabled access policies for the specified service within
the specified Org. If the org_name is not provided, then the root ION Org will be assumed.
"""
# TODO - extend to handle Org specific service policies at some point.
rq = ResourceQuery()
rq.set_filter(rq.filter_type(RT.Policy),
rq.filter_attribute("enabled", True))
if service_name:
rq.add_filter(rq.or_(rq.filter_attribute("policy_type", PolicyTypeEnum.COMMON_SERVICE_ACCESS),
rq.and_(rq.filter_attribute("policy_type", [PolicyTypeEnum.SERVICE_ACCESS, PolicyTypeEnum.SERVICE_OP_PRECOND]),
rq.filter_attribute("details.service_name", service_name))))
else:
rq.add_filter(rq.filter_attribute("policy_type", PolicyTypeEnum.COMMON_SERVICE_ACCESS))
policy_list = self.clients.resource_registry.find_resources_ext(query=rq.get_query(), id_only=False)
policy_list.sort(key=lambda o: (o.ordinal, o.ts_created))
return policy_list
def get_active_process_operation_preconditions(self,
process_key='',
op='',
org_name=''):
"""Generates the set of all enabled precondition policies for the specified process operation
within the specified Org. If the org_name is not provided, then the root ION Org will be assumed.
"""
# TODO - extend to handle Org specific service policies at some point.
if not process_key:
raise BadRequest("The process_key argument is missing")
rq = ResourceQuery()
rq.set_filter(
rq.filter_type(RT.Policy), rq.filter_attribute("enabled", True),
rq.filter_attribute("policy_type", PolicyTypeEnum.PROC_OP_PRECOND),
rq.filter_attribute("details.process_key", process_key))
if op:
rq.add_filter(rq.filter_attribute("details.op", op))
policy_list = self.clients.resource_registry.find_resources_ext(
query=rq.get_query(), id_only=False)
policy_list.sort(key=lambda o: (o.ordinal, o.ts_created))
return policy_list
