def applicable_policies(application, user, policies):
"""
Given an *application* and a *user* object, returns the merged/resolved
policies from the given *policies* :class:`RUDict`.
.. note:: Policy settings always start with '*', 'user', or 'group'.
"""
# Start with the default policy
try:
policy = RUDict(policies['*'][application].copy())
except KeyError:
# No default policy--not good but not mandatory
policy = RUDict()
for key, value in policies.items():
if key == '*':
continue # Default policy was already handled
if application not in value:
continue # No sense processing inapplicable stuff
# Handle users and their properties first
if key.startswith('user='******'user.upn='):
# UPNs are very straightforward
upn = key.split('=', 1)[1]
if re.match(upn, user['upn']):
policy.update(value[application])
elif key.startswith('user.'):
# An attribute check (e.g. 'user.ip_address=10.1.1.1')
attribute = key.split('.', 1)[1] # Get rid of the 'user.' part
attribute, must_match = attribute.split('=', 1)
if attribute in user:
if re.match(must_match, user[attribute]):
policy.update(value[application])
# TODO: Group stuff here (need attribute repo stuff first)
return policy
def save_term_settings(term, location, session, settings):
"""
Saves the *settings* associated with the given *term*, *location*, and
*session* in the 'term_settings.json' file inside the user's session
directory.
When complete the given *callback* will be called (if given).
"""
term = str(term) # JSON wants strings as keys
term_settings = RUDict()
term_settings[location] = {term: settings}
session_dir = options.session_dir
session_dir = os.path.join(session_dir, session)
settings_path = os.path.join(session_dir, 'term_settings.json')
# First we read in the existing settings and then update them.
if os.path.exists(settings_path):
with io.open(settings_path, encoding='utf-8') as f:
term_settings.update(json_decode(f.read()))
term_settings[location][term].update(settings)
with io.open(settings_path, 'w', encoding='utf-8') as f:
f.write(json_encode(term_settings))
def save_term_settings(term, location, session, settings):
"""
Saves the *settings* associated with the given *term*, *location*, and
*session* in the 'term_settings.json' file inside the user's session
directory.
When complete the given *callback* will be called (if given).
"""
term = str(term) # JSON wants strings as keys
term_settings = RUDict()
term_settings[location] = {term: settings}
session_dir = options.session_dir
session_dir = os.path.join(session_dir, session)
settings_path = os.path.join(session_dir, 'term_settings.json')
# First we read in the existing settings and then update them.
if os.path.exists(settings_path):
with io.open(settings_path, encoding='utf-8') as f:
term_settings.update(json_decode(f.read()))
term_settings[location][term].update(settings)
with io.open(settings_path, 'w', encoding='utf-8') as f:
f.write(json_encode(term_settings))
def applicable_policies(application, user, policies):
"""
Given an *application* and a *user* object, returns the merged/resolved
policies from the given *policies* :class:`RUDict`.
.. note:: Policy settings always start with '*', 'user', or 'group'.
"""
# Start with the default policy
try:
policy = RUDict(policies["*"][application].copy())
except KeyError:
# No default policy--not good but not mandatory
policy = RUDict()
for key, value in policies.items():
if key == "*":
continue # Default policy was already handled
if application not in value:
continue # No sense processing inapplicable stuff
# Handle users and their properties first
if key.startswith("user="******"user.upn="):
# UPNs are very straightforward
upn = key.split("=", 1)[1]
if re.match(upn, user["upn"]):
policy.update(value[application])
elif key.startswith("user."):
# An attribute check (e.g. 'user.ip_address=10.1.1.1')
attribute = key.split(".", 1)[1] # Get rid of the 'user.' part
attribute, must_match = attribute.split("=", 1)
if attribute in user:
if re.match(must_match, user[attribute]):
policy.update(value[application])
# TODO: Group stuff here (need attribute repo stuff first)
return policy
# Localization support
_ = get_translation()
# Globals
RE_COMMENT = re.compile( # This removes JavaScript-style comments
'(^)?[^\S\n]*/(?:\*(.*?)\*/[^\S\n]*|/[^\n]*)($)?',
re.DOTALL | re.MULTILINE)
BLANKS = re.compile(r'^\s*$')
# NOTE about the above:
# * I MAY CHANGE ALL OF IT! Still a work in progress ;)
GATEONE_DIR = os.path.dirname(os.path.abspath(__file__))
# The security stuff below is a work-in-progress. Likely to change all around.
SECURITY_DIR = os.path.join(GATEONE_DIR, 'security')
# The default for security is 'allow everything'
SECURITY = RUDict(
{'*': {}}
) # Using an RUDict so that subsequent .conf files can safely override settings
# way down the chain without clobbering parent keys/dicts.
# Combine all .conf files in the 'security' dir into a single dict
#_security_files = [a for a in os.listdir(SECURITY_DIR) if a.endswith('.conf')]
#_security_files.sort()
#for fname in _security_files:
## Use this file to update SECURITY
#with open(os.path.join(SECURITY_DIR, fname)) as f:
#no_comments = RE_COMMENT.sub('', f.read())
## Remove empty lines so the json parser doesn't complain
#proper_json = filter(lambda x: not re.match(BLANKS, x), no_comments)
#SECURITY.update(json_decode(proper_json))
#del _security_files
