def raise_for_error(status_code, message=None, errors=None): """Helper method to raise exceptions based on the status code of a response received back from Vault. :param status_code: Status code received in a response from Vault. :type status_code: int :param message: Optional message to include in a resulting exception. :type message: str :param errors: Optional errors to include in a resulting exception. :type errors: list | str :raises: hvac.exceptions.InvalidRequest | hvac.exceptions.Unauthorized | hvac.exceptions.Forbidden | hvac.exceptions.InvalidPath | hvac.exceptions.RateLimitExceeded | hvac.exceptions.InternalServerError | hvac.exceptions.VaultNotInitialized | hvac.exceptions.VaultDown | hvac.exceptions.UnexpectedError """ if status_code == 400: raise exceptions.InvalidRequest(message, errors=errors) elif status_code == 401: raise exceptions.Unauthorized(message, errors=errors) elif status_code == 403: raise exceptions.Forbidden(message, errors=errors) elif status_code == 404: raise exceptions.InvalidPath(message, errors=errors) elif status_code == 429: raise exceptions.RateLimitExceeded(message, errors=errors) elif status_code == 500: raise exceptions.InternalServerError(message, errors=errors) elif status_code == 501: raise exceptions.VaultNotInitialized(message, errors=errors) elif status_code == 503: raise exceptions.VaultDown(message, errors=errors) else: raise exceptions.UnexpectedError(message)
def patch(self, path, secret, mount_point=DEFAULT_MOUNT_POINT): """Set or update data in the KV store without overwriting. :param path: Path :type path: str | unicode :param secret: The contents of the "secret" dict will be stored and returned on read. :type secret: dict :param mount_point: The "path" the secret engine was mounted on. :type mount_point: str | unicode :return: The JSON response of the create_or_update_secret request. :rtype: dict """ # First, do a read. try: current_secret_version = self.read_secret_version( path=path, mount_point=mount_point, ) except exceptions.InvalidPath: raise exceptions.InvalidPath('No value found at "{path}"; patch only works on existing data.'.format(path=path)) # Update existing secret dict. patched_secret = current_secret_version['data']['data'] patched_secret.update(secret) # Write back updated secret. return self.create_or_update_secret( path=path, cas=current_secret_version['data']['metadata']['version'], secret=patched_secret, mount_point=mount_point, )
def __raise_error(self, status_code, message=None, errors=None): if status_code == 400: raise exceptions.InvalidRequest(message, errors=errors) elif status_code == 401: raise exceptions.Unauthorized(message, errors=errors) elif status_code == 403: raise exceptions.Forbidden(message, errors=errors) elif status_code == 404: raise exceptions.InvalidPath(message, errors=errors) elif status_code == 429: raise exceptions.RateLimitExceeded(message, errors=errors) elif status_code == 500: raise exceptions.InternalServerError(message, errors=errors) elif status_code == 503: raise exceptions.VaultDown(message, errors=errors) else: raise exceptions.UnexpectedError(message)
def __request(self, method, url, headers=None, **kwargs): url = self._url + url if not headers: headers = {} if self.token: headers['X-Vault-Token'] = self.token _kwargs = self._kwargs.copy() _kwargs.update(kwargs) response = requests.request(method, url, headers=headers, **_kwargs) if response.status_code >= 400 and response.status_code < 600: errors = response.json().get('errors') if response.status_code == 400: raise exceptions.InvalidRequest(errors=errors) elif response.status_code == 401: raise exceptions.Unauthorized(errors=errors) elif response.status_code == 403: raise exceptions.Forbidden(errors=errors) elif response.status_code == 404: raise exceptions.InvalidPath(errors=errors) elif response.status_code == 429: raise exceptions.RateLimitExceeded(errors=errors) elif response.status_code == 500: raise exceptions.InternalServerError(errors=errors) elif response.status_code == 503: raise exceptions.VaultDown(errors=errors) else: raise exceptions.UnexpectedError() return response