def __getPolicyActionsThatApply( decisionParams ): ''' Method that matches the input dictionary with the policy actions configuration in the CS. It returns a list of policy actions names that matched. ''' policyActionsThatApply = [] # Get policies configuration metadata from CS. policyActionsConfig = RssConfiguration.getPolicyActions() if not policyActionsConfig[ 'OK' ]: return policyActionsConfig policyActionsConfig = policyActionsConfig[ 'Value' ] # Get policies that match the given decissionParameters for policyActionName, policyActionConfig in policyActionsConfig.items(): policyMatch = Utils.configMatch( decisionParams, policyActionConfig ) if policyMatch: policyActionsThatApply.append( policyActionName ) return S_OK( policyActionsThatApply )
def __getPolicyActionsThatApply2(decissionParams, singlePolicyResults, policyCombinedResults): ''' Method that matches the input dictionary with the policy actions configuration in the CS. It returns a list of policy actions names that matched. ''' policyActionsThatApply = [] # Get policies configuration metadata from CS. policyActionsConfig = RssConfiguration.getPolicyActions() if not policyActionsConfig['OK']: return policyActionsConfig policyActionsConfig = policyActionsConfig['Value'] # Let's create a dictionary to use it with configMatch policyResults = {} for policyResult in singlePolicyResults: try: policyResults[policyResult['Policy'] ['name']] = policyResult['Status'] except KeyError: continue # Get policies that match the given decissionParameters for policyActionName, policyActionConfig in policyActionsConfig.items( ): # The parameter policyType is mandatory. If not present, we pick policyActionName try: policyActionType = policyActionConfig['actionType'][0] except KeyError: policyActionType = policyActionName #continue # We get matchParams to be compared against decissionParams policyActionMatchParams = policyActionConfig.get('matchParams', {}) policyMatch = Utils.configMatch(decissionParams, policyActionMatchParams) #policyMatch = Utils.configMatch( decissionParams, policyActionConfig ) if not policyMatch: continue # Let's check single policy results # Assumed structure: # ... # policyResults # <PolicyName> = <PolicyResult1>,<PolicyResult2>... policyActionPolicyResults = policyActionConfig.get( 'policyResults', {}) policyResultsMatch = Utils.configMatch(policyResults, policyActionPolicyResults) if not policyResultsMatch: continue # combinedResult # \Status = X,Y # \Reason = asdasd,asdsa policyActionCombinedResult = policyActionConfig.get( 'combinedResult', {}) policyCombinedMatch = Utils.configMatch( policyCombinedResults, policyActionCombinedResult) if not policyCombinedMatch: continue #policyActionsThatApply.append( policyActionName ) # They may not be necessarily the same policyActionsThatApply.append((policyActionName, policyActionType)) return S_OK(policyActionsThatApply)
def __getPoliciesThatApply(self, decissionParams): ''' Method that matches the input dictionary with the policies configuration in the CS. It returns a list of policy dictionaries that matched. ''' policiesThatApply = [] # Get policies configuration metadata from CS. policiesConfig = RssConfiguration.getPolicies() if not policiesConfig['OK']: return policiesConfig policiesConfig = policiesConfig['Value'] # Each policy, has the following format # <policyName> # \ # policyType = <policyType> # matchParams # \ # ... # configParams # \ # ... # Get policies that match the given decissionParameters for policyName, policySetup in policiesConfig.items(): # The parameter policyType replaces policyName, so if it is not present, # we pick policyName try: policyType = policySetup['policyType'][0] except KeyError: policyType = policyName #continue # The section matchParams is not mandatory, so we set {} as default. policyMatchParams = policySetup.get('matchParams', {}) # FIXME: make sure the values in the policyConfigParams dictionary are typed !! policyConfigParams = {} #policyConfigParams = policySetup.get( 'configParams', {} ) policyMatch = Utils.configMatch(decissionParams, policyMatchParams) if policyMatch: policiesThatApply.append( (policyName, policyType, policyConfigParams)) policiesToBeLoaded = [] # Gets policies parameters from code. for policyName, policyType, _policyConfigParams in policiesThatApply: try: policyMeta = self.policies[policyType] except KeyError: continue # We are not going to use name / type anymore, but we keep them for debugging # and future usage. policyDict = {'name': policyName, 'type': policyType, 'args': {}} # args is one of the parameters we are going to use on the policies. We copy # the defaults and then we update if with whatever comes from the CS. policyDict.update(policyMeta) # FIXME: watch out, args can be None ! #policyDict[ 'args' ].update( policyConfigParams ) policiesToBeLoaded.append(policyDict) return S_OK(policiesToBeLoaded)
def __getPolicyActionsThatApply2( decisionParams, singlePolicyResults, policyCombinedResults ): ''' Method that matches the input dictionary with the policy actions configuration in the CS. It returns a list of policy actions names that matched. ''' policyActionsThatApply = [] # Get policies configuration metadata from CS. policyActionsConfig = RssConfiguration.getPolicyActions() if not policyActionsConfig[ 'OK' ]: return policyActionsConfig policyActionsConfig = policyActionsConfig[ 'Value' ] # Let's create a dictionary to use it with configMatch policyResults = {} for policyResult in singlePolicyResults: try: policyResults[ policyResult[ 'Policy' ][ 'name' ] ] = policyResult[ 'Status' ] except KeyError: continue # Get policies that match the given decissionParameters for policyActionName, policyActionConfig in policyActionsConfig.items(): # The parameter policyType is mandatory. If not present, we pick policyActionName try: policyActionType = policyActionConfig[ 'actionType' ][ 0 ] except KeyError: policyActionType = policyActionName #continue # We get matchParams to be compared against decisionParams policyActionMatchParams = policyActionConfig.get( 'matchParams', {} ) policyMatch = Utils.configMatch( decisionParams, policyActionMatchParams ) # policyMatch = Utils.configMatch( decisionParams, policyActionConfig ) if not policyMatch: continue # Let's check single policy results # Assumed structure: # ... # policyResults # <PolicyName> = <PolicyResult1>,<PolicyResult2>... policyActionPolicyResults = policyActionConfig.get( 'policyResults', {} ) policyResultsMatch = Utils.configMatch( policyResults, policyActionPolicyResults ) if not policyResultsMatch: continue # combinedResult # \Status = X,Y # \Reason = asdasd,asdsa policyActionCombinedResult = policyActionConfig.get( 'combinedResult', {} ) policyCombinedMatch = Utils.configMatch( policyCombinedResults, policyActionCombinedResult ) if not policyCombinedMatch: continue #policyActionsThatApply.append( policyActionName ) # They may not be necessarily the same policyActionsThatApply.append( ( policyActionName, policyActionType ) ) return S_OK( policyActionsThatApply )
def __getPoliciesThatApply( self, decisionParams ): ''' Method that matches the input dictionary with the policies configuration in the CS. It returns a list of policy dictionaries that matched. ''' policiesThatApply = [] # Get policies configuration metadata from CS. policiesConfig = RssConfiguration.getPolicies() if not policiesConfig[ 'OK' ]: return policiesConfig policiesConfig = policiesConfig[ 'Value' ] # Each policy, has the following format # <policyName> # \ # policyType = <policyType> # matchParams # \ # ... # configParams # \ # ... # Get policies that match the given decissionParameters for policyName, policySetup in policiesConfig.items(): # The parameter policyType replaces policyName, so if it is not present, # we pick policyName try: policyType = policySetup[ 'policyType' ][ 0 ] except KeyError: policyType = policyName #continue # The section matchParams is not mandatory, so we set {} as default. policyMatchParams = policySetup.get( 'matchParams', {} ) # FIXME: make sure the values in the policyConfigParams dictionary are typed !! policyConfigParams = {} #policyConfigParams = policySetup.get( 'configParams', {} ) policyMatch = Utils.configMatch( decisionParams, policyMatchParams ) if policyMatch: policiesThatApply.append( ( policyName, policyType, policyConfigParams ) ) policiesToBeLoaded = [] # Gets policies parameters from code. for policyName, policyType, _policyConfigParams in policiesThatApply: try: policyMeta = self.policies[ policyType ] except KeyError: continue # We are not going to use name / type anymore, but we keep them for debugging # and future usage. policyDict = { 'name' : policyName, 'type' : policyType, 'args' : {} } # args is one of the parameters we are going to use on the policies. We copy # the defaults and then we update if with whatever comes from the CS. policyDict.update( policyMeta ) # FIXME: watch out, args can be None ! #policyDict[ 'args' ].update( policyConfigParams ) policiesToBeLoaded.append( policyDict ) return S_OK( policiesToBeLoaded )
def getPoliciesThatApply( decisionParams ): """ Method that sanitizes the input parameters and returns the policies that match them. Matches the input dictionary with the policies configuration in the CS. It returns a list of policy dictionaries that matched. """ decisionParams = _sanitizedecisionParams( decisionParams ) gLogger.debug("Sanitized decisionParams: %s" % str(decisionParams)) policiesThatApply = [] # Get policies configuration metadata from CS. policiesConfig = RssConfiguration.getPolicies() if not policiesConfig[ 'OK' ]: return policiesConfig policiesConfig = policiesConfig[ 'Value' ] gLogger.debug("All policies: %s" %str(policiesConfig)) # Each policy, has the following format # <policyName> # \ # policyType = <policyType> # matchParams # \ # ... # configParams # \ # ... # Get policies that match the given decisionParameters for policyName, policySetup in policiesConfig.items(): # The parameter policyType replaces policyName, so if it is not present, # we pick policyName try: policyType = policySetup[ 'policyType' ][ 0 ] except KeyError: policyType = policyName #continue # The section matchParams is not mandatory, so we set {} as default. policyMatchParams = policySetup.get( 'matchParams', {} ) gLogger.debug("matchParams of %s: %s" %(policyName, str(policyMatchParams))) # FIXME: make sure the values in the policyConfigParams dictionary are typed !! policyConfigParams = {} #policyConfigParams = policySetup.get( 'configParams', {} ) policyMatch = Utils.configMatch( decisionParams, policyMatchParams ) gLogger.debug("PolicyMatch for decisionParams %s: %s" %(decisionParams, str(policyMatch))) policyFilter = _filterPolicies( decisionParams, policyMatchParams ) #WARNING: we need an additional filtering function when the matching #is not straightforward (e.g. when the policy specify a 'domain', while #the decisionParams has only the name of the element) if policyMatch and policyFilter: policiesThatApply.append( ( policyName, policyType, policyConfigParams ) ) gLogger.debug("policies that apply: %s" %str(policiesThatApply)) policiesToBeLoaded = [] # Gets policies parameters from code. for policyName, policyType, _policyConfigParams in policiesThatApply: try: configModule = Utils.voimport( 'DIRAC.ResourceStatusSystem.Policy.Configurations' ) policies = copy.deepcopy( configModule.POLICIESMETA ) policyMeta = policies[ policyType ] except KeyError: continue # We are not going to use name / type anymore, but we keep them for debugging # and future usage. policyDict = { 'name' : policyName, 'type' : policyType, 'args' : {} } # args is one of the parameters we are going to use on the policies. We copy # the defaults and then we update if with whatever comes from the CS. policyDict.update( policyMeta ) policiesToBeLoaded.append( policyDict ) return S_OK( policiesToBeLoaded )
def getPoliciesThatApply( self, decisionParams ): """ Given a dictionary, it matches it against all the policies configuration dictionaries as they are on the CS. Returns the policy dictionaries that produced a positive match plus their configuration in <self.policies>. examples: >>> # This matches all policies ! >>> iGetter.getPoliciesThatApply( {} ) [ { 'name' : 'AlwaysActiveForResource', 'type' : 'AlwaysActive', 'module' : 'AlwaysActivePolicy', 'description' : 'This is the AlwaysActive policy' 'command' : None, 'args' : {} },... ] >>> # There is no policy that matches BlahSite >>> iGetter.getPoliciesThatApply( { 'name' : 'BlahSite' } ) [] :Parameters: **decisionParams** - `dict` dictionary with the parameters to match policies. :return: S_OK() / S_ERROR """ policiesToBeLoaded = [] # Get policies configuration metadata from CS. policiesConfig = RssConfiguration.getPolicies() if not policiesConfig[ 'OK' ]: return policiesConfig policiesConfig = policiesConfig[ 'Value' ] # Get policies that match the given decissionParameters for policyName, policySetup in policiesConfig.iteritems(): # The section matchParams is not mandatory, so we set {} as default. policyMatchParams = policySetup.get( 'matchParams', {} ) if not Utils.configMatch( decisionParams, policyMatchParams ): continue # the policyName replaces the policyTipe if not present. This allows us to # define several policies of the same type on the CS. We just need to # give them different names and assign them the same policyType. try: policyType = policySetup[ 'policyType' ][ 0 ] except KeyError: policyType = policyName policyDict = { 'name' : policyName, 'type' : policyType, 'args' : {} } # Get policy static configuration try: policyDict.update( self.policies[ policyType ] ) except KeyError: continue policiesToBeLoaded.append( policyDict ) return S_OK( policiesToBeLoaded )
def getPolicyActionsThatApply( self, decisionParams, singlePolicyResults, policyCombinedResults ): """ Method that returns the actions to be triggered based on the original decision parameters ( decisionParams ), which also can apply to the method `getPoliciesThatApply`, each one of the policy results ( singlePolicyResults ) and the combined policy results ( policyCombinedResults ) as computed on the `PDP`. examples: >>> iGetter.getPolicyActionsThatApply( { 'name' : 'SiteA' },[],{} )[ 'Value' ] [ ( 'BanSiteA', 'BanSite' ) ] >>> iGetter.getPolicyActionsThatApply( { 'name' : 'SiteA' },[], { 'Status' : 'Active', 'Reason' : 'Blah' } )[ 'Value' ] [ ( 'BanSiteA', 'BanSite' ), ( 'EmailActive2Banned', 'EmailAction' ) ] :Parameters: **decisionParams** - `dict` dictionary with the parameters to match policies ( and actions in this case ) **singlePolicyResults** - `list( dict )` list containing the dictionaries returned by the policies evaluated **policyCombinedResults** - `dict` dictionary containing the combined result of the policies evaluation :return: S_OK( list ) / S_ERROR """ policyActionsThatApply = [] # Get policies configuration metadata from CS. policyActionsConfig = RssConfiguration.getPolicyActions() if not policyActionsConfig[ 'OK' ]: return policyActionsConfig policyActionsConfig = policyActionsConfig[ 'Value' ] # Let's create a dictionary to use it with configMatch policyResults = self._getPolicyResults( singlePolicyResults ) # Get policies that match the given decissionParameters for policyActionName, policyActionConfig in policyActionsConfig.iteritems(): # The parameter policyType is mandatory. If not present, we pick policyActionName try: policyActionType = policyActionConfig[ 'actionType' ][ 0 ] except KeyError: policyActionType = policyActionName # We get matchParams to be compared against decissionParams policyActionMatchParams = policyActionConfig.get( 'matchParams', {} ) if not Utils.configMatch( decisionParams, policyActionMatchParams ): continue # Let's check single policy results # Assumed structure: # ... # policyResults # <PolicyName> = <PolicyResult1>,<PolicyResult2>... policyActionPolicyResults = policyActionConfig.get( 'policyResults', {} ) if not Utils.configMatch( policyResults, policyActionPolicyResults ): continue # combinedResult # \Status = X,Y # \Reason = asdasd,asdsa policyActionCombinedResult = policyActionConfig.get( 'combinedResult', {} ) if not Utils.configMatch( policyCombinedResults, policyActionCombinedResult ): continue # They may not be necessarily the same policyActionsThatApply.append( ( policyActionName, policyActionType ) ) return S_OK( policyActionsThatApply )