def add(isamAppliance,
name,
uri,
description="",
attributes=None,
properties=None,
predefined=False,
typeName=None,
check_mode=False,
force=False):
"""
Create a new Authentication Mechanism
"""
if force is False:
ret_obj = search(isamAppliance, name)
if force is True or ret_obj['data'] == {}:
if check_mode is True:
return isamAppliance.create_return_object(changed=True)
else:
ret_obj = mechanism_types.search(isamAppliance, typeName)
if ret_obj['data'] == {}:
from ibmsecurity.appliance.ibmappliance import IBMError
raise IBMError(
"999",
"Unable to find Authentication Mechanim Type: {0}".format(
typeName))
else:
typeId = ret_obj['data']
json_data = {
"name": name,
"uri": uri,
"description": description,
"predefined": predefined,
"typeId": typeId
}
if attributes is not None:
json_data['attributes'] = attributes
if properties is not None:
json_data['properties'] = properties
return isamAppliance.invoke_post(
"Create a new Authentication Mechanism",
module_uri,
json_data,
requires_modules=requires_modules,
requires_version=requires_version)
return isamAppliance.create_return_object()
def _check(isamAppliance, name, description, attributes, properties,
predefined, uri, typeName, new_name):
"""
Check and return True if update needed
TODO: Need to check for updated by only checking the attribute and properties that are provided (dont compare all)
"""
update_required = False
json_data = {"uri": uri}
ret_obj = get(isamAppliance, name)
if ret_obj['data'] == {}:
logger.info(
"Authentication Mechanism not found, returning no update required."
)
return None, update_required, json_data
else:
mech_id = ret_obj['data']['id']
if new_name is not None:
json_data['name'] = new_name
else:
json_data['name'] = name
if typeName is not None:
ret_obj_type = mechanism_types.search(isamAppliance, typeName)
if ret_obj_type['data'] == {}:
from ibmsecurity.appliance.ibmappliance import IBMError
raise IBMError(
"999",
"Unable to find Authentication Mechanim Type: {0}".format(
typeName))
else:
json_data['typeId'] = ret_obj_type['data']
else:
del ret_obj['data']['typeId']
if description is not None:
json_data['description'] = description
else:
del ret_obj['data']['description']
if predefined is not None:
json_data['predefined'] = predefined
else:
del ret_obj['data']['predefined']
if attributes is not None:
json_data['attributes'] = attributes
else:
# May not exist so skip any exceptions when deleting
try:
del ret_obj['data']['attributes']
except:
pass
if properties is not None:
logger.info("Searching for keys to substitute value with uuids")
id = {}
for property in properties:
if property['key'] == "EmailMessage.serverConnection":
id = smtp._get_id(isamAppliance, property['value'])['data']
logger.info(
"Found EmailMessage.serverConnection by name[{}] with uuid[{}]"
.format(property['value'], id))
elif property['key'] == "ScimConfig.serverConnection":
id = ws.search(isamAppliance, property['value'])['data']
logger.info(
"Found ScimConfig.serverConnection by name[{}] with uuid[{}]"
.format(property['value'], id))
elif property['key'] == "CI.serverConnection":
id = ci._get_id(isamAppliance, property['value'])['data']
logger.info(
"Found CI.serverConnection by name[{}] with uuid[{}]".
format(property['value'], id))
if id != {}:
property['value'] = id
json_data['properties'] = properties
else:
# May not exist so skip any exceptions when deleting
try:
del ret_obj['data']['properties']
except:
pass
del ret_obj['data']['id']
import ibmsecurity.utilities.tools
sorted_json_data = ibmsecurity.utilities.tools.json_sort(json_data)
logger.debug("Sorted input: {0}".format(sorted_json_data))
sorted_ret_obj = ibmsecurity.utilities.tools.json_sort(ret_obj['data'])
logger.debug("Sorted existing data: {0}".format(sorted_ret_obj))
if sorted_ret_obj != sorted_json_data:
logger.info("Changes detected, update needed.")
update_required = True
return mech_id, update_required, json_data
def add(isamAppliance,
name,
uri,
description="",
attributes=None,
properties=None,
predefined=False,
typeName=None,
check_mode=False,
force=False):
"""
Create a new Authentication Mechanism
"""
if force is False:
ret_obj = search(isamAppliance, name)
if force is True or ret_obj['data'] == {}:
if check_mode is True:
return isamAppliance.create_return_object(changed=True)
else:
ret_obj = mechanism_types.search(isamAppliance, typeName)
if ret_obj['data'] == {}:
from ibmsecurity.appliance.ibmappliance import IBMError
raise IBMError(
"999",
"Unable to find Authentication Mechanim Type: {0}".format(
typeName))
else:
typeId = ret_obj['data']
json_data = {
"name": name,
"uri": uri,
"description": description,
"predefined": predefined,
"typeId": typeId
}
if attributes is not None:
json_data['attributes'] = attributes
if properties is not None:
logger.info(
"Searching for keys to substitute value with uuids")
id = {}
for property in properties:
if property['key'] == "EmailMessage.serverConnection":
id = smtp._get_id(isamAppliance,
property['value'])['data']
logger.info(
"Found EmailMessage.serverConnection by name[{}] with uuid[{}]"
.format(property['value'], id))
elif property['key'] == "ScimConfig.serverConnection":
id = ws.search(isamAppliance,
property['value'])['data']
logger.info(
"Found ScimConfig.serverConnection by name[{}] with uuid[{}]"
.format(property['value'], id))
elif property['key'] == "CI.serverConnection":
id = ci._get_id(isamAppliance,
property['value'])['data']
logger.info(
"Found CI.serverConnection by name[{}] with uuid[{}]"
.format(property['value'], id))
if id != {}:
property['value'] = id
json_data['properties'] = properties
return isamAppliance.invoke_post("Create a new federation",
module_uri,
json_data,
requires_modules=requires_modules,
requires_version=requires_version)
return isamAppliance.create_return_object()
def _check(isamAppliance, name, description, attributes, properties,
predefined, uri, typeName, new_name):
"""
Check and return True if update needed
TODO: Need to check for updated by only checking the attribute and properties that are provided (dont compare all)
"""
update_required = False
json_data = {"uri": uri}
ret_obj = get(isamAppliance, name)
if ret_obj['data'] == {}:
logger.info(
"Authentication Mechanism not found, returning no update required."
)
return None, update_required, json_data
else:
mech_id = ret_obj['data']['id']
if new_name is not None:
json_data['name'] = new_name
else:
json_data['name'] = name
if typeName is not None:
ret_obj_type = mechanism_types.search(isamAppliance, typeName)
if ret_obj_type['data'] == {}:
from ibmsecurity.appliance.ibmappliance import IBMError
raise IBMError(
"999",
"Unable to find Authentication Mechanim Type: {0}".format(
typeName))
else:
json_data['typeId'] = ret_obj_type['data']
else:
del ret_obj['data']['typeId']
if description is not None:
json_data['description'] = description
else:
del ret_obj['data']['description']
if predefined is not None:
json_data['predefined'] = predefined
else:
del ret_obj['data']['predefined']
if attributes is not None:
json_data['attributes'] = attributes
else:
# May not exist so skip any exceptions when deleting
try:
del ret_obj['data']['attributes']
except:
pass
if properties is not None:
json_data['properties'] = properties
else:
# May not exist so skip any exceptions when deleting
try:
del ret_obj['data']['properties']
except:
pass
del ret_obj['data']['id']
import ibmsecurity.utilities.tools
sorted_json_data = ibmsecurity.utilities.tools.json_sort(json_data)
logger.debug("Sorted input: {0}".format(sorted_json_data))
sorted_ret_obj = ibmsecurity.utilities.tools.json_sort(ret_obj['data'])
logger.debug("Sorted existing data: {0}".format(sorted_ret_obj))
if sorted_ret_obj != sorted_json_data:
logger.info("Changes detected, update needed.")
update_required = True
return mech_id, update_required, json_data