def get_active_service_access_policy_rules(self, service_name='', org_name=''): """Generates the set of all enabled access policies for the specified service within the specified Org. If the org_name is not provided, then the root ION Org will be assumed. """ # TODO - extend to handle Org specific service policies at some point. rq = ResourceQuery() rq.set_filter(rq.filter_type(RT.Policy), rq.filter_attribute("enabled", True)) if service_name: rq.add_filter( rq.or_( rq.filter_attribute("policy_type", PolicyTypeEnum.COMMON_SERVICE_ACCESS), rq.and_( rq.filter_attribute("policy_type", [ PolicyTypeEnum.SERVICE_ACCESS, PolicyTypeEnum.SERVICE_OP_PRECOND ]), rq.filter_attribute("details.service_name", service_name)))) else: rq.add_filter( rq.filter_attribute("policy_type", PolicyTypeEnum.COMMON_SERVICE_ACCESS)) policy_list = self.clients.resource_registry.find_resources_ext( query=rq.get_query(), id_only=False) policy_list.sort(key=lambda o: (o.ordinal, o.ts_created)) return policy_list
def get_active_process_operation_preconditions(self, process_key='', op='', org_name=''): """Generates the set of all enabled precondition policies for the specified process operation within the specified Org. If the org_name is not provided, then the root ION Org will be assumed. """ # TODO - extend to handle Org specific service policies at some point. if not process_key: raise BadRequest("The process_key argument is missing") rq = ResourceQuery() rq.set_filter(rq.filter_type(RT.Policy), rq.filter_attribute("enabled", True), rq.filter_attribute("policy_type", PolicyTypeEnum.PROC_OP_PRECOND), rq.filter_attribute("details.process_key", process_key)) if op: rq.add_filter(rq.filter_attribute("details.op", op)) policy_list = self.clients.resource_registry.find_resources_ext(query=rq.get_query(), id_only=False) policy_list.sort(key=lambda o: (o.ordinal, o.ts_created)) return policy_list
def get_active_service_access_policy_rules(self, service_name='', org_name=''): """Generates the set of all enabled access policies for the specified service within the specified Org. If the org_name is not provided, then the root ION Org will be assumed. """ # TODO - extend to handle Org specific service policies at some point. rq = ResourceQuery() rq.set_filter(rq.filter_type(RT.Policy), rq.filter_attribute("enabled", True)) if service_name: rq.add_filter(rq.or_(rq.filter_attribute("policy_type", PolicyTypeEnum.COMMON_SERVICE_ACCESS), rq.and_(rq.filter_attribute("policy_type", [PolicyTypeEnum.SERVICE_ACCESS, PolicyTypeEnum.SERVICE_OP_PRECOND]), rq.filter_attribute("details.service_name", service_name)))) else: rq.add_filter(rq.filter_attribute("policy_type", PolicyTypeEnum.COMMON_SERVICE_ACCESS)) policy_list = self.clients.resource_registry.find_resources_ext(query=rq.get_query(), id_only=False) policy_list.sort(key=lambda o: (o.ordinal, o.ts_created)) return policy_list
def get_active_process_operation_preconditions(self, process_key='', op='', org_name=''): """Generates the set of all enabled precondition policies for the specified process operation within the specified Org. If the org_name is not provided, then the root ION Org will be assumed. """ # TODO - extend to handle Org specific service policies at some point. if not process_key: raise BadRequest("The process_key argument is missing") rq = ResourceQuery() rq.set_filter( rq.filter_type(RT.Policy), rq.filter_attribute("enabled", True), rq.filter_attribute("policy_type", PolicyTypeEnum.PROC_OP_PRECOND), rq.filter_attribute("details.process_key", process_key)) if op: rq.add_filter(rq.filter_attribute("details.op", op)) policy_list = self.clients.resource_registry.find_resources_ext( query=rq.get_query(), id_only=False) policy_list.sort(key=lambda o: (o.ordinal, o.ts_created)) return policy_list