コード例 #1
0
ファイル: PolicyDispatcher.py プロジェクト: ict-felix/stack 
def policy_edit(request,table):

	if "HTTP_REFERER" in request.META:
		# Checks if the referer page is the home or this page itself
		if "/dashboard" in request.META['HTTP_REFERER'] or "/policies" in request.META['HTTP_REFERER']:
			ruleTableSet = RuleTableManager.getAllInstances(RuleTableManager.getDefaultName())
			return simple.direct_to_template(request,
                                          template = 'policyEngine/policy_edit.html',
                                          extra_context = {'user': request.user,
                                                           'CurrentTable': ruleTableSet}
                                        )
	# If the access flow is incorrect, send home
	return HttpResponseRedirect("/")
コード例 #2
0
ファイル: PolicyDispatcher.py プロジェクト: ict-felix/stack 
def condition_create(request, TableName):
	return simple.direct_to_template(request,
                                          template = 'policyEngine/condition_create.html',
                                          extra_context = {'user': request.user,
							   'tableName' : TableName,
							   'mappings' : RuleTableManager.getConditionMappings()},
                                        )
コード例 #3
0
	def processProvisioning(provisioning):
		logging.debug("PROVISIONING STARTED...\n")
		for action in provisioning.action:
			actionModel = ActionController.ActionToModel(action,"provisioning")
			logging.debug("ACTION type: %s with id: %s" % (actionModel.type, actionModel.uuid))
			try:
				RuleTableManager.Evaluate(action,RuleTableManager.getDefaultName())
			except Exception as e:
				MAX_CHARS_ALLOWED = 200
				XmlRpcClient.callRPCMethod(threading.currentThread().callBackURL,"sendAsync",XmlHelper.craftXmlClass(XmlHelper.getProcessingResponse(Action.FAILED_STATUS, action,str(e)[0:MAX_CHARS_ALLOWED-1])))
				return None
			try:
				ProvisioningDispatcher.logger.debug("virtualization_type = " + action.server.virtualization_type)
				controller = VTDriver.getDriver(action.server.virtualization_type)
				
				#XXX:Change this when xml schema is updated
				ProvisioningDispatcher.logger.debug("XXX action.server.uuid = " + str(action.server.uuid))
				server = VTDriver.getServerByUUID(action.server.uuid)
				ProvisioningDispatcher.logger.debug("server.id = " + str(server.id))
				#if actionModel.getType() == Action.PROVISIONING_VM_CREATE_TYPE:
				#	server = VTDriver.getServerByUUID(action.virtual_machine.server_id)
				#else:
				#	server = VTDriver.getVMbyUUID(action.virtual_machine.uuid).Server.get()
			except Exception as e:
				logging.error(e)
				raise e
			try:	
				#PROVISIONING CREATE
				if actionModel.getType() == Action.PROVISIONING_VM_CREATE_TYPE:
					try:
						vm = ProvisioningDispatcher.__createVM(controller, actionModel, action)
					except:
						vm = None
						raise
				#PROVISIONING DELETE, START, STOP, REBOOT
				else :
					ProvisioningDispatcher.__deleteStartStopRebootVM(controller, actionModel, action)
				XmlRpcClient.callRPCMethod(server.getAgentURL() ,"send", UrlUtils.getOwnCallbackURL(), 1, server.getAgentPassword(),XmlHelper.craftXmlClass(XmlHelper.getSimpleActionQuery(action)) )
				logging.debug("PROVISIONING FINISHED...")
				return
			except Exception as e:
				logging.warn(traceback.format_exc())
				if actionModel.getType() == Action.PROVISIONING_VM_CREATE_TYPE:
					# If the VM creation was interrupted in the network
					# configuration, the created VM won't be returned
					try:
						if not vm:
							vm = controller.getVMbyUUID(action.server.virtual_machines[0].uuid)
						controller.deleteVM(vm)
						# Keep actions table up-to-date after each deletion
						actionModel.delete()
					except Exception as e:
						print "Could not delete VM. Exception: %s" % str(e)
				#XmlRpcClient.callRPCMethod(threading.currentThread().callBackURL,"sendAsync",XmlHelper.craftXmlClass(XmlHelper.getProcessingResponse(Action.FAILED_STATUS, action, str(e))))
		logging.debug("PROVISIONING FINISHED...")
		return
コード例 #4
0
ファイル: PolicyDispatcher.py プロジェクト: ict-felix/stack 
def policy_create(request,table):

	errors = []
        rules = []
	mapps = RuleTableManager.getActionMappings()
	priorityList = RuleTableManager.getPriorityList()
	condMapps = RuleTableManager.getConditionMappings()


	return simple.direct_to_template(request,
                                          template = 'policyEngine/policy_create.html',
                                          extra_context = {'user': request.user,
                                                           'CurrentTable': table,
							   'mappings':mapps,
							   'priorityList':priorityList,
							   'allMappings':RuleTableManager.GetResolverMappings(table),
							   'ConditionMappings':condMapps,
                                                           'ActionMappings':RuleTableManager.getActionMappings()},
                                        )
コード例 #5
0
ファイル: PolicyDispatcher.py プロジェクト: ict-felix/stack 
def rule_table_view(request, TableName = None):
	
	if (not request.user.is_superuser):

               return simple.direct_to_template(request,
                                                 template = 'not_admin.html',
                                                 extra_context = {'user':request.user},
                                                )
        else: #Admin
        	try:
        		ruleTable = RuleTableManager.getInstance(RuleTableManager.getDefaultName())
                        # If everything runs smoothly, return normal template
        		return simple.direct_to_template(
        			request,
        			template = 'policyEngine/table_view.html',
        			extra_context = {'user': request.user,
        				'table': ruleTable}
        			)
        	# Handle each exception and pass the error to template
        	except ZeroPolicyObjectsReturned:
			return HttpResponseRedirect("/policies/")
        	except MultiplePolicyObjectsReturned:
			return HttpResponseRedirect(reverse('policy_edit', args=(RuleTableManager.getDefaultName(),)))
コード例 #6
0
ファイル: PolicyDispatcher.py プロジェクト: ict-felix/stack 
def rule_edit(request,table_name,rule_uuid,context=None):
	
	load = request.POST.get('load')
	if not load == 'True':
		rule = RuleTableManager.getRuleOrIndexOrIsEnabled(rule_uuid,'Rule',table_name)
		rulevalues = RuleTableManager.getValue(rule)
		ruletypes = RuleTableManager.getType(rule)
		#Flag to be able to diferenciate edit state from creating estate                
        	edit = True
		actionList = RuleTableManager.SetActionList(rule,RuleTableManager.getActionMappings())
		priorityList = RuleTableManager.SetPriorityList(rule,table_name)
		error = str(rule.getErrorMsg())
		description = str(rule.getDescription())

		return simple.direct_to_template(request,
                                                 template = 'policyEngine/policy_create.html',
                                                 extra_context = {'user':request.user,
                                                                  'edit':edit,
                                                                  'rule':rule,
                                                                  'priority':RuleTableManager.getRuleOrIndexOrIsEnabled(rule_uuid,'Index',table_name),
								  'enabled':RuleTableManager.getRuleOrIndexOrIsEnabled(rule_uuid,'Enabled',table_name),
                                                                  'valueS':rulevalues[0],
                                                                  'valueD':rulevalues[1],
                                                                  'terminalS':ruletypes[0],
                                                                  'terminalD':ruletypes[1],
                                                                  'rule_uuid':rule_uuid,
								  'ptable':table_name,
								  'errorMsg':error,
								  'description':description,
								  'condition':rule.getConditionDump(),
								  'action':actionList[0],
								  'PrioritySel':priorityList[0], 
								  'priorityList':priorityList[1],
								  'allMappings':RuleTableManager.GetResolverMappings(),
								  'ConditionMappings':RuleTableManager.getConditionMappings(),
								  'ActionMappings':RuleTableManager.getActionMappings(),
                                                                  'CurrentTable':table_name},
                                        )
	else:
		return rule_create(request,table_name)
コード例 #7
0
ファイル: PolicyDispatcher.py プロジェクト: ict-felix/stack 
def rule_create(request,table_name=None):

	errors = list()
	formMode = request.POST.get("conditionMode")
	tableName = request.POST.get("table")
	PreviousPriority = request.POST.get("ppriority")
        editing = request.POST.get("editing")
        ruleid = request.POST.get("uuid")
        ruleCondition = request.POST.get("condition")
        ruleDesc = request.POST.get("description")
        ruleError = request.POST.get("error_message")
        ruleType = request.POST.get("type")
        ruleAction = request.POST.get("action")
        ruleValue = request.POST.get("value")
        rulePriority = request.POST.get("priority")
        ruleEnable = request.POST.get("enable")
        previousTable = request.POST.get("hidden_name")
	expertRule = request.POST.get("expertRule")
	newConditions = request.POST.get("conditionID")	
	saved = request.POST.get("saved")

        if rulePriority == 'Last' or rulePriority == '':
                priority = None
        else:
                priority = int(rulePriority)

	if formMode == "easy":
	#Avoid empty fields
#        	if ruleDesc == "":
#                	errors.append("Description Field is empty")
        	if ruleError == "":
                	errors.append("Error Message field is empty")
        	if ruleCondition == "":
                	errors.append("Condition field is empty")
		try:
			str(ruleDesc)
		except:
			errors.append("Only ascii characters are allowed in Description field")
		try:
			str(ruleError)
		except:
			errors.append("Only ascii characters are allowed in Error Message field")
		try:
			str(ruleCondition)
		except:
			errors.append("Only ascii characters are allowed in Conditions")

	

        if request.POST.get("enable") == 'enable':
           enable = True
        else:
           enable = False
	if ruleType == "terminal":
		ruleType = ""
	
	if saved == None:
		saved = False
	#Rule String convertion required
	if formMode == "easy":
		if ruleAction != "None":
			strings = "if " + ruleCondition +  " then " + ruleValue + " " + ruleType  + " do " + ruleAction + " denyMessage " + ruleError + " #" + ruleDesc
		else:
			strings = "if " + ruleCondition +  " then " + ruleValue + " " + ruleType  + " denyMessage " + ruleError + " #" + ruleDesc
	else:
		strings = expertRule
		try:
			str(expertRule)
		except:
			errors.append("Only ascii characters are allowed in a Rule")
	
	try:
		if errors:
                        raise Exception("")
		
		if editing == '1':
			#Editing Rules Case:
                	if previousTable == tableName:
				try:
					RuleTableManager.editRule(strings,enable,priority,PreviousPriority,tableName)
				except Exception as e:
					raise e
                	#else:
				#Moving a rule to a different RuleTable --> this is not possible yet 
                        	#print 'Changing table...'
                        	#RuleTableManager.AddRule(strings,enable,priority,tableName=tableName)
                        	#print 'successful add to ' + tableName
                        	#RuleTableManager.RemoveRule(None,int(PreviousPriority),'oldTableName')
                        	#print 'remove from ' +  previousTable + ' successful'
        	else:
                	RuleTableManager.AddRule(strings,enable,priority,tableName=tableName)

                return HttpResponseRedirect("/policies")		

	except Exception as e:

		errors.append(e)
		errors.insert(0,"The Rule cannot be generated. Reason(s):")#Insterting the main message error in the first position of the table
		priority = RuleTableManager.getPriorityList(tableName)
		priority = RuleTableManager.getPriorityList(tableName)
		
		#if a rule index is the last, insert "LAST" in the rule priority instead the true index.
		try:
			int(rulePriority)
			if int(rulePriority) in priority:
				priority.pop(priority.index(int(rulePriority)))
		except:
			rulePriority = "Last"

		if ruleValue == "accept":
			value2 = ["deny"]
		else:
			value2 = ["accept"]

		if ruleType == "nonterminal":
			type2 = ["terminal"]
		else:
			ruleType = "terminal"
			type2 = ["nonterminal"]


		context = {'user': request.user,
                           'saved':True,
                           'CurrentTable':tableName,
                           'priority':PreviousPriority,
                           'enabled':ruleEnable,
			   'load':'True',
                           'valueS':ruleValue,
                           'valueD':value2,
                           'terminalS':ruleType,
                           'terminalD':type2,
                           'errorMsg':ruleError,
                           'description':ruleDesc,
                           'condition':" " + ruleCondition + " ",
                           'ptable':tableName,
			   'edit': request.POST.get('edit'),
                           'action':ruleAction,
                           'PrioritySel':rulePriority,
                           'priorityList':priority,
                           'allMappings':RuleTableManager.GetResolverMappings(tableName),
                           'ConditionMappings':RuleTableManager.getConditionMappings(),
                           'ActionMappings':RuleTableManager.getActionMappings(),
                           'errors': errors,
                           'rule_uuid':ruleid,}

		return simple.direct_to_template(request,
        	       		template = 'policyEngine/policy_create.html',
                		extra_context = context)
コード例 #8
0
ファイル: PolicyDispatcher.py プロジェクト: ict-felix/stack 
def policy_delete(request,table_uuid):

	if request.method == "POST":
		RuleTableManager.deleteInstance(table_uuid)
	return HttpResponseRedirect("/policies")
コード例 #9
0
ファイル: PolicyDispatcher.py プロジェクト: ict-felix/stack 
def rule_delete(request, table_name):
	
	rule_uuid = request.POST.get("uuid")
	RuleTableManager.deleteRule(rule_uuid,table_name)

	return HttpResponseRedirect("/policies")