def __update_subject_assignments(self, policy_id, perimeter_id=None): if perimeter_id: response = requests.get("{}/policies/{}/subject_assignments/{}".format( self.manager_url, policy_id, perimeter_id)) else: response = requests.get("{}/policies/{}/subject_assignments".format( self.manager_url, policy_id)) if 'subject_assignments' in response.json(): if policy_id not in self.subject_assignments: self.__SUBJECT_ASSIGNMENTS[policy_id] = {} self.__SUBJECT_ASSIGNMENTS[policy_id] = response.json()['subject_assignments'] else: raise exceptions.SubjectAssignmentUnknown( "Cannot find subject assignment within policy_id {}".format(policy_id))
def __update_action_categories(self): response = requests.get("{}/policies/action_categories".format(self.manager_url)) if 'action_categories' in response.json(): self.__ACTION_CATEGORIES.update(response.json()['action_categories']) else: raise exceptions.ActionCategoryUnknown("Cannot find action category")
def __update_object_categories(self): response = requests.get("{}/policies/object_categories".format(self.manager_url)) if 'object_categories' in response.json(): self.__OBJECT_CATEGORIES.update(response.json()['object_categories']) else: raise exceptions.ObjectCategoryUnknown("Cannot find object category")
def __update_action_assignments(self, policy_id, perimeter_id=None): if perimeter_id: response = requests.get("{}/policies/{}/action_assignments/{}".format( self.manager_url, policy_id, perimeter_id)) else: response = requests.get("{}/policies/{}/action_assignments".format( self.manager_url, policy_id)) if 'action_assignments' in response.json(): if policy_id not in self.__ACTION_ASSIGNMENTS: self.__ACTION_ASSIGNMENTS[policy_id] = {} self.__ACTION_ASSIGNMENTS[policy_id] = response.json()['action_assignments'] else: raise exceptions.ActionAssignmentUnknown( "Cannot find action assignment within policy_id {}".format(policy_id))
def __update_meta_rules(self): response = requests.get("{}/meta_rules".format(self.manager_url)) if 'meta_rules' in response.json(): self.__META_RULES = response.json()['meta_rules'] else: raise exceptions.MetaRuleUnknown("Cannot find meta rules")
def __update_actions(self, policy_id): response = requests.get("{}/policies/{}/actions".format(self.manager_url, policy_id)) if 'actions' in response.json(): self.__ACTIONS[policy_id] = response.json()['actions'] else: raise exceptions.ActionUnknown("Cannot find action within policy_id {}".format(policy_id))
def get_configuration(key): url = "http://{}:{}/v1/kv/{}".format(CONSUL_HOST, CONSUL_PORT, key) req = requests.get(url) if req.status_code != 200: logger.error("url={}".format(url)) raise exceptions.ConsulComponentNotFound("error={}: {}".format( req.status_code, req.text)) data = req.json() if len(data) == 1: data = data[0] if all(k in data for k in ("Key", "Value")): return { data["Key"]: json.loads(base64.b64decode(data["Value"]).decode("utf-8")) } raise exceptions.ConsulComponentContentError("error={}".format(data)) else: for item in data: if not all(k in item for k in ("Key", "Value")): logger.warning("invalidate content {}".format(item)) raise exceptions.ConsulComponentContentError( "error={}".format(data)) return [{ item["Key"]: json.loads(base64.b64decode(item["Value"]).decode("utf-8")) } for item in data]
def get_components(): url = "http://{}:{}/v1/kv/components?recurse=true".format( CONSUL_HOST, CONSUL_PORT) req = requests.get(url) if req.status_code != 200: logger.info("url={}".format(url)) raise exceptions.ConsulError data = req.json() if len(data) == 1: data = data[0] if all(k in data for k in ("Key", "Value")): return { data["Key"].replace("components/", ""): json.loads(base64.b64decode(data["Value"]).decode("utf-8")) } raise exceptions.ConsulComponentContentError("error={}".format(data)) else: for item in data: if not all(k in item for k in ("Key", "Value")): logger.warning("invalidate content {}".format(item)) raise exceptions.ConsulComponentContentError( "error={}".format(data)) return { item["Key"].replace("components/", ""): json.loads(base64.b64decode(item["Value"]).decode("utf-8")) for item in data }
def __update_models(self): response = requests.get("{}/models".format(self.manager_url)) models = response.json() if 'models' in models: for key, value in models["models"].items(): self.__MODELS[key] = value else: raise exceptions.ModelNotFound("Cannot find 'models' key")
def __update_policies(self): response = requests.get("{}/policies".format(self.manager_url)) policies = response.json() if 'policies' in policies: for key, value in policies["policies"].items(): self.__POLICIES[key] = value else: raise exceptions.PolicytNotFound("Cannot find 'policies' key")
def __update_container(self): response = requests.get("{}/pods".format(self.orchestrator_url)) pods = response.json() if "pods" in pods: for key, value in pods["pods"].items(): # if key not in self.__CONTAINERS: self.__CONTAINERS[key] = value # else: # for container in value: # self.__CONTAINERS[key].update(value) else: raise exceptions.PodError("Cannot find 'pods' key")
def __update_rules(self): for policy_id in self.policies: logger.debug("Get {}".format("{}/policies/{}/rules".format( self.manager_url, policy_id))) response = requests.get("{}/policies/{}/rules".format( self.manager_url, policy_id)) if 'rules' in response.json(): self.__RULES[policy_id] = response.json()['rules'] else: logger.warning(" no 'rules' found within policy_id: {}".format(policy_id)) logger.debug("UPDATE RULES {}".format(self.__RULES))
def __update_pdp(self): response = requests.get("{}/pdp".format(self.manager_url)) pdp = response.json() if 'pdps' in pdp: for _pdp in pdp["pdps"].values(): if "keystone_project_id" in _pdp and _pdp['keystone_project_id'] not in self.container_chaining: self.__CONTAINER_CHAINING[_pdp['keystone_project_id']] = {} # Note (asteroide): force update of chaining self.__update_container_chaining(_pdp['keystone_project_id']) for key, value in pdp["pdps"].items(): self.__PDP[key] = value else: raise exceptions.PdpError("Cannot find 'pdps' key")
def __update_subjects(self, policy_id): response = requests.get("{}/policies/{}/subjects".format(self.manager_url, policy_id)) if 'subjects' in response.json(): self.__SUBJECTS[policy_id] = response.json()['subjects'] else: raise exceptions.SubjectUnknown("Cannot find subject within policy_id {}".format(policy_id))