def _set_role(data, context): role = Role() role.ParseFromString(data) if not role.name: raise InvalidTransaction("The name must be set in a role") if not role.policy_name: raise InvalidTransaction("A role must contain a policy name.") # Check that the policy refernced exists policy_address = _get_policy_address(role.policy_name) entries_list = _get_data(policy_address, context) if entries_list == []: raise InvalidTransaction( "Cannot set Role: {}, the Policy: {} is not set.".format( role.name, role.policy_name)) else: policy_list = PolicyList() policy_list.ParseFromString(entries_list[0].data) exist = False for policy in policy_list.policies: if policy.name == role.policy_name: exist = True break if not exist: raise InvalidTransaction( "Cannot set Role {}, the Policy {} is not set.".format( role.name, role.policy_name)) address = _get_role_address(role.name) entries_list = _get_data(address, context) # Store role in a Roleist incase of hash collisions role_list = RoleList() if entries_list != []: role_list.ParseFromString(entries_list[0].data) # sort all roles by using sorted(roles, Role.name) roles = [x for x in role_list.roles if x.name != role.name] roles.append(role) roles = sorted(roles, key=lambda role: role.name) # set RoleList at the address above. addresses = context.set_state([ StateEntry(address=address, data=RoleList(roles=roles).SerializeToString()) ]) if not addresses: LOGGER.warning('Failed to set role %s at %s', role.name, address) raise InternalError('Unable to save role {}'.format(role.name)) context.add_event(event_type="identity_update", attributes=[("updated", role.name)]) LOGGER.debug("Set role: \n%s", role)
def _create_tp_process_request(self, payload): inputs = [] outputs = [] if payload.type == IdentityPayload.ROLE: role = Role() role.ParseFromString(payload.data) inputs = [self._role_to_address(role.name), self._policy_to_address(role.policy_name)] outputs = [self._role_to_address(role.name)] else: policy = Policy() policy.ParseFromString(payload.data) inputs = [self._policy_to_address(policy.name)] outputs = [self._role_to_address(policy.name)] return self._factory.create_tp_process_request( payload.SerializeToString(), inputs, outputs, [])