def policy_edit(request,table): if "HTTP_REFERER" in request.META: # Checks if the referer page is the home or this page itself if "/dashboard" in request.META['HTTP_REFERER'] or "/policies" in request.META['HTTP_REFERER']: ruleTableSet = RuleTableManager.getAllInstances(RuleTableManager.getDefaultName()) return simple.direct_to_template(request, template = 'policyEngine/policy_edit.html', extra_context = {'user': request.user, 'CurrentTable': ruleTableSet} ) # If the access flow is incorrect, send home return HttpResponseRedirect("/")
def condition_create(request, TableName): return simple.direct_to_template(request, template = 'policyEngine/condition_create.html', extra_context = {'user': request.user, 'tableName' : TableName, 'mappings' : RuleTableManager.getConditionMappings()}, )
def processProvisioning(provisioning): logging.debug("PROVISIONING STARTED...\n") for action in provisioning.action: actionModel = ActionController.ActionToModel(action,"provisioning") logging.debug("ACTION type: %s with id: %s" % (actionModel.type, actionModel.uuid)) try: RuleTableManager.Evaluate(action,RuleTableManager.getDefaultName()) except Exception as e: MAX_CHARS_ALLOWED = 200 XmlRpcClient.callRPCMethod(threading.currentThread().callBackURL,"sendAsync",XmlHelper.craftXmlClass(XmlHelper.getProcessingResponse(Action.FAILED_STATUS, action,str(e)[0:MAX_CHARS_ALLOWED-1]))) return None try: ProvisioningDispatcher.logger.debug("virtualization_type = " + action.server.virtualization_type) controller = VTDriver.getDriver(action.server.virtualization_type) #XXX:Change this when xml schema is updated ProvisioningDispatcher.logger.debug("XXX action.server.uuid = " + str(action.server.uuid)) server = VTDriver.getServerByUUID(action.server.uuid) ProvisioningDispatcher.logger.debug("server.id = " + str(server.id)) #if actionModel.getType() == Action.PROVISIONING_VM_CREATE_TYPE: # server = VTDriver.getServerByUUID(action.virtual_machine.server_id) #else: # server = VTDriver.getVMbyUUID(action.virtual_machine.uuid).Server.get() except Exception as e: logging.error(e) raise e try: #PROVISIONING CREATE if actionModel.getType() == Action.PROVISIONING_VM_CREATE_TYPE: try: vm = ProvisioningDispatcher.__createVM(controller, actionModel, action) except: vm = None raise #PROVISIONING DELETE, START, STOP, REBOOT else : ProvisioningDispatcher.__deleteStartStopRebootVM(controller, actionModel, action) XmlRpcClient.callRPCMethod(server.getAgentURL() ,"send", UrlUtils.getOwnCallbackURL(), 1, server.getAgentPassword(),XmlHelper.craftXmlClass(XmlHelper.getSimpleActionQuery(action)) ) logging.debug("PROVISIONING FINISHED...") return except Exception as e: logging.warn(traceback.format_exc()) if actionModel.getType() == Action.PROVISIONING_VM_CREATE_TYPE: # If the VM creation was interrupted in the network # configuration, the created VM won't be returned try: if not vm: vm = controller.getVMbyUUID(action.server.virtual_machines[0].uuid) controller.deleteVM(vm) # Keep actions table up-to-date after each deletion actionModel.delete() except Exception as e: print "Could not delete VM. Exception: %s" % str(e) #XmlRpcClient.callRPCMethod(threading.currentThread().callBackURL,"sendAsync",XmlHelper.craftXmlClass(XmlHelper.getProcessingResponse(Action.FAILED_STATUS, action, str(e)))) logging.debug("PROVISIONING FINISHED...") return
def policy_create(request,table): errors = [] rules = [] mapps = RuleTableManager.getActionMappings() priorityList = RuleTableManager.getPriorityList() condMapps = RuleTableManager.getConditionMappings() return simple.direct_to_template(request, template = 'policyEngine/policy_create.html', extra_context = {'user': request.user, 'CurrentTable': table, 'mappings':mapps, 'priorityList':priorityList, 'allMappings':RuleTableManager.GetResolverMappings(table), 'ConditionMappings':condMapps, 'ActionMappings':RuleTableManager.getActionMappings()}, )
def rule_table_view(request, TableName = None): if (not request.user.is_superuser): return simple.direct_to_template(request, template = 'not_admin.html', extra_context = {'user':request.user}, ) else: #Admin try: ruleTable = RuleTableManager.getInstance(RuleTableManager.getDefaultName()) # If everything runs smoothly, return normal template return simple.direct_to_template( request, template = 'policyEngine/table_view.html', extra_context = {'user': request.user, 'table': ruleTable} ) # Handle each exception and pass the error to template except ZeroPolicyObjectsReturned: return HttpResponseRedirect("/policies/") except MultiplePolicyObjectsReturned: return HttpResponseRedirect(reverse('policy_edit', args=(RuleTableManager.getDefaultName(),)))
def rule_edit(request,table_name,rule_uuid,context=None): load = request.POST.get('load') if not load == 'True': rule = RuleTableManager.getRuleOrIndexOrIsEnabled(rule_uuid,'Rule',table_name) rulevalues = RuleTableManager.getValue(rule) ruletypes = RuleTableManager.getType(rule) #Flag to be able to diferenciate edit state from creating estate edit = True actionList = RuleTableManager.SetActionList(rule,RuleTableManager.getActionMappings()) priorityList = RuleTableManager.SetPriorityList(rule,table_name) error = str(rule.getErrorMsg()) description = str(rule.getDescription()) return simple.direct_to_template(request, template = 'policyEngine/policy_create.html', extra_context = {'user':request.user, 'edit':edit, 'rule':rule, 'priority':RuleTableManager.getRuleOrIndexOrIsEnabled(rule_uuid,'Index',table_name), 'enabled':RuleTableManager.getRuleOrIndexOrIsEnabled(rule_uuid,'Enabled',table_name), 'valueS':rulevalues[0], 'valueD':rulevalues[1], 'terminalS':ruletypes[0], 'terminalD':ruletypes[1], 'rule_uuid':rule_uuid, 'ptable':table_name, 'errorMsg':error, 'description':description, 'condition':rule.getConditionDump(), 'action':actionList[0], 'PrioritySel':priorityList[0], 'priorityList':priorityList[1], 'allMappings':RuleTableManager.GetResolverMappings(), 'ConditionMappings':RuleTableManager.getConditionMappings(), 'ActionMappings':RuleTableManager.getActionMappings(), 'CurrentTable':table_name}, ) else: return rule_create(request,table_name)
def rule_create(request,table_name=None): errors = list() formMode = request.POST.get("conditionMode") tableName = request.POST.get("table") PreviousPriority = request.POST.get("ppriority") editing = request.POST.get("editing") ruleid = request.POST.get("uuid") ruleCondition = request.POST.get("condition") ruleDesc = request.POST.get("description") ruleError = request.POST.get("error_message") ruleType = request.POST.get("type") ruleAction = request.POST.get("action") ruleValue = request.POST.get("value") rulePriority = request.POST.get("priority") ruleEnable = request.POST.get("enable") previousTable = request.POST.get("hidden_name") expertRule = request.POST.get("expertRule") newConditions = request.POST.get("conditionID") saved = request.POST.get("saved") if rulePriority == 'Last' or rulePriority == '': priority = None else: priority = int(rulePriority) if formMode == "easy": #Avoid empty fields # if ruleDesc == "": # errors.append("Description Field is empty") if ruleError == "": errors.append("Error Message field is empty") if ruleCondition == "": errors.append("Condition field is empty") try: str(ruleDesc) except: errors.append("Only ascii characters are allowed in Description field") try: str(ruleError) except: errors.append("Only ascii characters are allowed in Error Message field") try: str(ruleCondition) except: errors.append("Only ascii characters are allowed in Conditions") if request.POST.get("enable") == 'enable': enable = True else: enable = False if ruleType == "terminal": ruleType = "" if saved == None: saved = False #Rule String convertion required if formMode == "easy": if ruleAction != "None": strings = "if " + ruleCondition + " then " + ruleValue + " " + ruleType + " do " + ruleAction + " denyMessage " + ruleError + " #" + ruleDesc else: strings = "if " + ruleCondition + " then " + ruleValue + " " + ruleType + " denyMessage " + ruleError + " #" + ruleDesc else: strings = expertRule try: str(expertRule) except: errors.append("Only ascii characters are allowed in a Rule") try: if errors: raise Exception("") if editing == '1': #Editing Rules Case: if previousTable == tableName: try: RuleTableManager.editRule(strings,enable,priority,PreviousPriority,tableName) except Exception as e: raise e #else: #Moving a rule to a different RuleTable --> this is not possible yet #print 'Changing table...' #RuleTableManager.AddRule(strings,enable,priority,tableName=tableName) #print 'successful add to ' + tableName #RuleTableManager.RemoveRule(None,int(PreviousPriority),'oldTableName') #print 'remove from ' + previousTable + ' successful' else: RuleTableManager.AddRule(strings,enable,priority,tableName=tableName) return HttpResponseRedirect("/policies") except Exception as e: errors.append(e) errors.insert(0,"The Rule cannot be generated. Reason(s):")#Insterting the main message error in the first position of the table priority = RuleTableManager.getPriorityList(tableName) priority = RuleTableManager.getPriorityList(tableName) #if a rule index is the last, insert "LAST" in the rule priority instead the true index. try: int(rulePriority) if int(rulePriority) in priority: priority.pop(priority.index(int(rulePriority))) except: rulePriority = "Last" if ruleValue == "accept": value2 = ["deny"] else: value2 = ["accept"] if ruleType == "nonterminal": type2 = ["terminal"] else: ruleType = "terminal" type2 = ["nonterminal"] context = {'user': request.user, 'saved':True, 'CurrentTable':tableName, 'priority':PreviousPriority, 'enabled':ruleEnable, 'load':'True', 'valueS':ruleValue, 'valueD':value2, 'terminalS':ruleType, 'terminalD':type2, 'errorMsg':ruleError, 'description':ruleDesc, 'condition':" " + ruleCondition + " ", 'ptable':tableName, 'edit': request.POST.get('edit'), 'action':ruleAction, 'PrioritySel':rulePriority, 'priorityList':priority, 'allMappings':RuleTableManager.GetResolverMappings(tableName), 'ConditionMappings':RuleTableManager.getConditionMappings(), 'ActionMappings':RuleTableManager.getActionMappings(), 'errors': errors, 'rule_uuid':ruleid,} return simple.direct_to_template(request, template = 'policyEngine/policy_create.html', extra_context = context)
def policy_delete(request,table_uuid): if request.method == "POST": RuleTableManager.deleteInstance(table_uuid) return HttpResponseRedirect("/policies")
def rule_delete(request, table_name): rule_uuid = request.POST.get("uuid") RuleTableManager.deleteRule(rule_uuid,table_name) return HttpResponseRedirect("/policies")