def _import_subject_object_action_categories(self, json_item_categories,
type_element):
import_method = getattr(ModelManager,
'add_' + type_element + '_category')
get_method = getattr(ModelManager,
'get_' + type_element + '_categories')
categories = get_method(self._user_id)
if not isinstance(json_item_categories, list):
raise InvalidJson(type_element + " categories shall be a list!")
for json_item_category in json_item_categories:
json_to_use = dict()
JsonUtils.copy_field_if_exists(json_item_category, json_to_use,
"name", str)
# check if category with the same name exists : do this in moondb ?
existing_id = None
for category_key in categories:
if categories[category_key]["name"] == json_to_use["name"]:
existing_id = category_key
JsonUtils.copy_field_if_exists(json_item_category, json_to_use,
"description", str)
item_override = JsonUtils.get_override(json_item_category)
if item_override is True:
raise ForbiddenOverride(
"{} categories do not support override flag !".format(
type_element))
try:
category = import_method(self._user_id, existing_id,
json_to_use)
except (exceptions.SubjectCategoryExisting,
exceptions.ObjectCategoryExisting,
exceptions.ActionCategoryExisting):
# it already exists: do nothing
logger.warning(
"Ignored {} category with name {} is already in the database"
.format(type_element, json_to_use["name"]))
except Exception as e:
logger.warning(
"Error while importing the category : {}".format(str(e)))
logger.exception(str(e))
raise e
def _import_models_without_new_meta_rules(self, json_models):
if not isinstance(json_models, list):
raise InvalidJson("models shall be a list!")
for json_model in json_models:
json_without_new_metarules = dict()
JsonUtils.copy_field_if_exists(json_model,
json_without_new_metarules, "name",
str)
# TODO put this in moondb
# model_in_db = ModelManager.get_models_by_name(json_without_new_metarules["name"])
models = ModelManager.get_models(self._user_id)
model_in_db = None
for model_key in models:
if models[model_key]["name"] == json_without_new_metarules[
"name"]:
model_in_db = models[model_key]
model_id = model_key
# end TODO
JsonUtils.copy_field_if_exists(json_model,
json_without_new_metarules,
"description", str)
if model_in_db is None:
model_does_exist = False
else:
json_without_new_metarules["meta_rules"] = model_in_db[
"meta_rules"]
model_does_exist = True
model_override = JsonUtils.get_override(json_model)
if not model_does_exist:
logger.debug(
"Creating model {} ".format(json_without_new_metarules))
ModelManager.add_model(self._user_id, None,
json_without_new_metarules)
elif model_override is True:
logger.debug("Updating model with id {} : {} ".format(
model_id, json_without_new_metarules))
ModelManager.update_model(self._user_id, model_id,
json_without_new_metarules)
def _import_policies(self, json_policies):
policy_mandatory_ids = []
if not isinstance(json_policies, list):
raise InvalidJson("policies shall be a list!")
for json_policy in json_policies:
# TODO put this in moondb
# policy_in_db = PolicyManager.get_policies_by_name(json_without_model_name["name"])
policies = PolicyManager.get_policies(self._user_id)
policy_in_db = None
policy_id = None
for policy_key in policies:
if policies[policy_key]["name"] == json_policy["name"]:
policy_in_db = policies[policy_key]
policy_id = policy_key
# end TODO
if policy_in_db is None:
policy_does_exist = False
else:
policy_does_exist = True
policy_override = JsonUtils.get_override(json_policy)
policy_mandatory = JsonUtils.get_mandatory(json_policy)
if policy_override is False and policy_does_exist:
if policy_id:
policy_mandatory_ids.append(policy_id)
logger.warning(
"Existing policy not updated because of the override option is not set !"
)
continue
json_without_model_name = dict()
JsonUtils.copy_field_if_exists(json_policy,
json_without_model_name, "name",
str)
JsonUtils.copy_field_if_exists(json_policy,
json_without_model_name,
"description", str)
JsonUtils.copy_field_if_exists(json_policy,
json_without_model_name, "genre",
str)
JsonUtils.convert_name_to_id(json_policy,
json_without_model_name,
"model",
"model_id",
"model",
ModelManager,
self._user_id,
field_mandatory=False)
if not policy_does_exist:
logger.debug(
"Creating policy {} ".format(json_without_model_name))
added_policy = PolicyManager.add_policy(
self._user_id, None, json_without_model_name)
if policy_mandatory is True:
keys = list(added_policy.keys())
policy_mandatory_ids.append(keys[0])
elif policy_override is True:
logger.debug(
"Updating policy {} ".format(json_without_model_name))
updated_policy = PolicyManager.update_policy(
self._user_id, policy_id, json_without_model_name)
if policy_mandatory is True:
policy_mandatory_ids.append(policy_id)
return policy_mandatory_ids
def _import_subject_object_action(self, json_items, mandatory_policy_ids,
type_element):
import_method = getattr(PolicyManager, 'add_' + type_element)
get_method = getattr(PolicyManager, 'get_' + type_element + 's')
if not isinstance(json_items, list):
raise InvalidJson(type_element + " items shall be a list!")
for json_item in json_items:
json_without_policy_name = dict()
JsonUtils.copy_field_if_exists(json_item, json_without_policy_name,
"name", str)
JsonUtils.copy_field_if_exists(json_item, json_without_policy_name,
"description", str)
JsonUtils.copy_field_if_exists(json_item, json_without_policy_name,
"extra", dict)
JsonUtils.convert_names_to_ids(json_item,
json_without_policy_name,
"policies",
"policy_list",
"policy",
PolicyManager,
self._user_id,
field_mandatory=False)
policy_ids = json_without_policy_name["policy_list"]
for mandatory_policy_id in mandatory_policy_ids:
if mandatory_policy_id not in policy_ids:
policy_ids.append(mandatory_policy_id)
# policy_ids and json_without_policy_name are references to the same array...
# json_without_policy_name["policy_list"].append(mandatory_policy_id)
item_override = JsonUtils.get_override(json_item)
if item_override is True:
raise ForbiddenOverride(
"{} does not support override flag !".format(type_element))
if len(policy_ids) == 0:
raise MissingPolicy(
"a {} needs at least one policy to be created or updated : {}"
.format(type_element, json.dumps(json_item)))
for policy_id in policy_ids:
try:
items_in_db = get_method(self._user_id, policy_id)
key = None
for key_in_db in items_in_db:
if items_in_db[key_in_db][
"name"] == json_without_policy_name["name"]:
key = key_in_db
break
element = import_method(self._user_id,
policy_id,
perimeter_id=key,
value=json_without_policy_name)
logger.debug("Added / updated {} : {}".format(
type_element, element))
except exceptions.PolicyUnknown:
raise UnknownPolicy(
"Unknown policy when adding a {}!".format(
type_element))
except Exception as e:
logger.exception(str(e))
raise BaseException(str(e))
def _import_subject_object_action_datas(self, json_items_data,
mandatory_policy_ids,
type_element):
if type_element == "subject":
import_method = getattr(PolicyManager,
'set_' + type_element + '_data')
else:
import_method = getattr(PolicyManager,
'add_' + type_element + '_data')
# get_method = getattr(PolicyManager, 'get_' + type_element + '_data')
if not isinstance(json_items_data, list):
raise InvalidJson(type_element + " data shall be a list!")
for json_item_data in json_items_data:
item_override = JsonUtils.get_override(json_items_data)
if item_override is True:
raise ForbiddenOverride(
"{} datas do not support override flag !".format(
type_element))
json_to_use = dict()
JsonUtils.copy_field_if_exists(json_item_data, json_to_use, "name",
str)
JsonUtils.copy_field_if_exists(json_item_data, json_to_use,
"description", str)
json_policy = dict()
# field_mandatory : not mandatory if there is some mandatory policies
JsonUtils.convert_names_to_ids(
json_item_data,
json_policy,
"policies",
"policy_id",
"policy",
PolicyManager,
self._user_id,
field_mandatory=len(mandatory_policy_ids) == 0)
json_category = dict()
JsonUtils.convert_name_to_id(json_item_data, json_category,
"category", "category_id",
type_element + "_category",
ModelManager, self._user_id)
policy_ids = []
if "policy_id" in json_policy:
policy_ids = json_policy["policy_id"]
for policy_id in policy_ids:
if policy_id is not None and policy_id not in mandatory_policy_ids:
mandatory_policy_ids.append(policy_id)
if len(mandatory_policy_ids) == 0:
raise InvalidJson(
"Invalid data, the policy shall be set when importing {}".
format(json_item_data))
category_id = None
if "category_id" in json_category:
category_id = json_category["category_id"]
if category_id is None:
raise InvalidJson(
"Invalid data, the category shall be set when importing {}"
.format(json_item_data))
for policy_id in mandatory_policy_ids:
try:
data = import_method(self._user_id,
policy_id,
category_id=category_id,
value=json_to_use)
except exceptions.PolicyUnknown:
raise UnknownPolicy(
"Unknown policy with id {}".format(policy_id))
except Exception as e:
logger.exception(str(e))
raise e
def _import_subject_object_action_assignments(self, json_item_assignments,
type_element):
import_method = getattr(PolicyManager,
'add_' + type_element + '_assignment')
get_method = getattr(PolicyManager, 'get_' + type_element + '_data')
if not isinstance(json_item_assignments, list):
raise InvalidJson(type_element + " assignments shall be a list!")
# get the policy id related to the user
policies = PolicyManager.get_policies(self._user_id)
for json_item_assignment in json_item_assignments:
item_override = JsonUtils.get_override(json_item_assignment)
if item_override is True:
raise ForbiddenOverride(
"{} assignments do not support override flag !".format(
type_element))
json_assignment = dict()
JsonUtils.convert_name_to_id(json_item_assignment, json_assignment,
"category", "category_id",
type_element + "_category",
ModelManager, self._user_id)
has_found_data = False
# loop over policies
for policy_id in policies:
json_data = dict()
try:
JsonUtils.convert_name_to_id(json_item_assignment,
json_assignment, type_element,
"id", type_element,
PolicyManager, self._user_id,
policy_id)
JsonUtils.convert_names_to_ids(
json_item_assignment, json_data, "assignments",
"data_id", type_element + "_data", PolicyManager,
self._user_id, policy_id,
json_assignment["category_id"])
has_found_data = True
except UnknownName:
# the category or data has not been found in this policy : we look into the next one
continue
for data_id in json_data["data_id"]:
# find the policy related to the current data
data = get_method(self._user_id, policy_id, data_id,
json_assignment["category_id"])
if data is not None and len(data) == 1:
logger.debug(
"Adding / updating a {} assignment from json {}".
format(type_element, json_assignment))
import_method(self._user_id, policy_id,
json_assignment["id"],
json_assignment["category_id"], data_id)
else:
raise UnknownData(
"Unknown data with id {}".format(data_id))
# case the data has not been found in any policies
if has_found_data is False:
raise InvalidJson(
"The json contains unknown {} data or category : {}".
format(type_element, json_item_assignment))