def setPolicy(policy): ''' define and store a policy definition :param policy: dict with the following keys: * name * action * scope * realm * user * time * client :return: dict with the results of the stored entries ''' ret = {} _ = context['translate'] name = policy.get('name') if 'active' not in policy: policy['active'] = "True" # check that the name does not contain any bad characters if not PolicyNameRegex.match(name): raise Exception( _("The name of the policy may only contain " "the characters a-zA-Z0-9_.")) # verify the required policy attributes required_attributes = ['action', 'scope', 'realm'] for required_attribute in required_attributes: if (required_attribute not in policy or not policy[required_attribute]): raise PolicyWarning("Missing attribute %s in " "policy %s" % (required_attribute, name)) # before storing the policy, we have to check the impact: # if there is a problem, we will raise an exception with a warning _check_policy_impact(**policy) # transpose the forwardServer policy action as it might # contain sensitive data policy["action"] = ForwardServerPolicy.prepare_forward(policy["action"]) attributes = [ 'action', 'scope', 'realm', 'user', 'time', 'client', 'active' ] for attr in attributes: key = "Policy.%s.%s" % (name, attr) value = policy[attr] typ = "" descr = "a policy definition" ret[attr] = storeConfig(key, value, typ, descr) return ret
def setPolicy(policy): ''' define and store a policy definition :param policy: dict with the following keys: * name * action * scope * realm * user * time * client :return: dict with the results of the stored entries ''' ret = {} _ = context['translate'] name = policy.get('name') if 'active' not in policy: policy['active'] = "True" # check that the name does not contain any bad characters if not PolicyNameRegex.match(name): raise Exception(_("The name of the policy may only contain " "the characters a-zA-Z0-9_.")) # verify the required policy attributes required_attributes = ['action', 'scope', 'realm'] for required_attribute in required_attributes: if (required_attribute not in policy or not policy[required_attribute]): raise PolicyWarning("Missing attribute %s in " "policy %s" % (required_attribute, name)) # before storing the policy, we have to check the impact: # if there is a problem, we will raise an exception with a warning _check_policy_impact(**policy) # transpose the forwardServer policy action as it might # contain sensitive data policy["action"] = ForwardServerPolicy.prepare_forward(policy["action"]) attributes = ['action', 'scope', 'realm', 'user', 'time', 'client', 'active'] for attr in attributes: key = "Policy.%s.%s" % (name, attr) value = policy[attr] typ = "" descr = "a policy definition" ret[attr] = storeConfig(key, value, typ, descr) return ret
def setPolicy(param): ''' Function to set a policy. It expects a dict of with the following keys: * name * action * scope * realm * user * time * client ''' ret = {} name = param.get('name') action = param.get('action') scope = param.get('scope') realm = param.get('realm') user = param.get('user') time = param.get('time') client = param.get('client') active = param.get('active', "True") # before storing the policy, we have to check the impact: # if there is a problem, we will raise an exception with a warning if context and 'Policies' in context: policies = context['Policies'] else: policies = getPolicies() _check_policy_impact(policies=policies, **param) action = ForwardServerPolicy.prepare_forward(action) ret["action"] = storeConfig("Policy.%s.action" % name, action, "", "a policy definition") ret["scope"] = storeConfig("Policy.%s.scope" % name, scope, "", "a policy definition") ret["realm"] = storeConfig("Policy.%s.realm" % name, realm, "", "a policy definition") ret["user"] = storeConfig("Policy.%s.user" % name, user, "", "a policy definition") ret["time"] = storeConfig("Policy.%s.time" % name, time, "", "a policy definition") ret["client"] = storeConfig("Policy.%s.client" % name, client, "", "a policy definition") ret["active"] = storeConfig("Policy.%s.active" % name, active, "", "a policy definition") return ret