def _register_sensor_from_pack(self, pack, sensor):
sensor_metadata_file_path = sensor
LOG.debug("Loading sensor from %s.", sensor_metadata_file_path)
content = self._meta_loader.load(file_path=sensor_metadata_file_path)
pack_field = content.get("pack", None)
if not pack_field:
content["pack"] = pack
pack_field = pack
if pack_field != pack:
raise Exception(
'Model is in pack "%s" but field "pack" is different: %s'
% (pack, pack_field)
)
entry_point = content.get("entry_point", None)
if not entry_point:
raise ValueError("Sensor definition missing entry_point")
# Add in "metadata_file" attribute which stores path to the pack metadata file relative to
# the pack directory
metadata_file = content_utils.get_relative_path_to_pack_file(
pack_ref=pack, file_path=sensor, use_pack_cache=True
)
content["metadata_file"] = metadata_file
# Pass override information
altered = self._override_loader.override(pack, "sensors", content)
sensors_dir = os.path.dirname(sensor_metadata_file_path)
sensor_file_path = os.path.join(sensors_dir, entry_point)
artifact_uri = "file://%s" % (sensor_file_path)
content["artifact_uri"] = artifact_uri
content["entry_point"] = entry_point
sensor_api = SensorTypeAPI(**content)
sensor_model = SensorTypeAPI.to_model(sensor_api)
sensor_types = SensorType.query(pack=sensor_model.pack, name=sensor_model.name)
if len(sensor_types) >= 1:
sensor_type = sensor_types[0]
LOG.debug(
"Found existing sensor id:%s with name:%s. Will update it.",
sensor_type.id,
sensor_type.name,
)
sensor_model.id = sensor_type.id
try:
sensor_model = SensorType.add_or_update(sensor_model)
except:
LOG.exception("Failed creating sensor model for %s", sensor)
return sensor_model, altered
def test_run(self):
pack = 'dummy_pack_1'
# Verify all the resources are there
pack_dbs = Pack.query(ref=pack)
action_dbs = Action.query(pack=pack)
alias_dbs = ActionAlias.query(pack=pack)
rule_dbs = Rule.query(pack=pack)
sensor_dbs = Sensor.query(pack=pack)
trigger_type_dbs = TriggerType.query(pack=pack)
policy_dbs = Policy.query(pack=pack)
config_schema_dbs = ConfigSchema.query(pack=pack)
config_dbs = Config.query(pack=pack)
self.assertEqual(len(pack_dbs), 1)
self.assertEqual(len(action_dbs), 1)
self.assertEqual(len(alias_dbs), 3)
self.assertEqual(len(rule_dbs), 1)
self.assertEqual(len(sensor_dbs), 3)
self.assertEqual(len(trigger_type_dbs), 4)
self.assertEqual(len(policy_dbs), 2)
self.assertEqual(len(config_schema_dbs), 1)
self.assertEqual(len(config_dbs), 1)
# Run action
action = self.get_action_instance()
action.run(packs=[pack])
# Make sure all resources have been removed from the db
pack_dbs = Pack.query(ref=pack)
action_dbs = Action.query(pack=pack)
alias_dbs = ActionAlias.query(pack=pack)
rule_dbs = Rule.query(pack=pack)
sensor_dbs = Sensor.query(pack=pack)
trigger_type_dbs = TriggerType.query(pack=pack)
policy_dbs = Policy.query(pack=pack)
config_schema_dbs = ConfigSchema.query(pack=pack)
config_dbs = Config.query(pack=pack)
self.assertEqual(len(pack_dbs), 0)
self.assertEqual(len(action_dbs), 0)
self.assertEqual(len(alias_dbs), 0)
self.assertEqual(len(rule_dbs), 0)
self.assertEqual(len(sensor_dbs), 0)
self.assertEqual(len(trigger_type_dbs), 0)
self.assertEqual(len(policy_dbs), 0)
self.assertEqual(len(config_schema_dbs), 0)
self.assertEqual(len(config_dbs), 0)
def test_run(self):
pack = 'dummy_pack_1'
# Verify all the resources are there
pack_dbs = Pack.query(ref=pack)
action_dbs = Action.query(pack=pack)
alias_dbs = ActionAlias.query(pack=pack)
rule_dbs = Rule.query(pack=pack)
sensor_dbs = Sensor.query(pack=pack)
trigger_type_dbs = TriggerType.query(pack=pack)
policy_dbs = Policy.query(pack=pack)
config_schema_dbs = ConfigSchema.query(pack=pack)
config_dbs = Config.query(pack=pack)
self.assertEqual(len(pack_dbs), 1)
self.assertEqual(len(action_dbs), 1)
self.assertEqual(len(alias_dbs), 2)
self.assertEqual(len(rule_dbs), 1)
self.assertEqual(len(sensor_dbs), 3)
self.assertEqual(len(trigger_type_dbs), 4)
self.assertEqual(len(policy_dbs), 2)
self.assertEqual(len(config_schema_dbs), 1)
self.assertEqual(len(config_dbs), 1)
# Run action
action = self.get_action_instance()
action.run(packs=[pack])
# Make sure all resources have been removed from the db
pack_dbs = Pack.query(ref=pack)
action_dbs = Action.query(pack=pack)
alias_dbs = ActionAlias.query(pack=pack)
rule_dbs = Rule.query(pack=pack)
sensor_dbs = Sensor.query(pack=pack)
trigger_type_dbs = TriggerType.query(pack=pack)
policy_dbs = Policy.query(pack=pack)
config_schema_dbs = ConfigSchema.query(pack=pack)
config_dbs = Config.query(pack=pack)
self.assertEqual(len(pack_dbs), 0)
self.assertEqual(len(action_dbs), 0)
self.assertEqual(len(alias_dbs), 0)
self.assertEqual(len(rule_dbs), 0)
self.assertEqual(len(sensor_dbs), 0)
self.assertEqual(len(trigger_type_dbs), 0)
self.assertEqual(len(policy_dbs), 0)
self.assertEqual(len(config_schema_dbs), 0)
self.assertEqual(len(config_dbs), 0)
def main():
try:
_setup()
container_manager = SensorContainerManager()
sensors = None
if cfg.CONF.sensor_ref:
# pick the sensor even if it is disabled since it has been specifically
# asked to be run. This is debug/test usecase so it is reasonable to run
# a disabled sensor.
sensor = SensorType.get_by_ref(cfg.CONF.sensor_ref)
if not sensor:
raise SensorNotFoundException('Sensor %s not found in db.' % cfg.CONF.sensor_ref)
sensors = [sensor]
else:
sensors = _get_all_enabled_sensors()
if not sensors:
msg = 'No sensors configured to run. See http://docs.stackstorm.com/sensors.html. ' + \
'Register some sensors and a container will pick them to run.'
LOG.info(msg)
return container_manager.run_sensors(sensors=sensors)
except SystemExit as exit_code:
return exit_code
except SensorNotFoundException as e:
LOG.exception(e)
return 1
except:
LOG.exception('(PID:%s) SensorContainer quit due to exception.', os.getpid())
return 2
finally:
_teardown()
def get_sensors(self):
sensor = SensorType.get_by_ref(self._sensor_ref)
if not sensor:
raise SensorNotFoundException(
"Sensor %s not found in db." % self._sensor_ref
)
return [sensor]
def _register_sensor_from_pack(self, pack, sensor):
sensor_metadata_file_path = sensor
LOG.debug('Loading sensor from %s.', sensor_metadata_file_path)
content = self._meta_loader.load(file_path=sensor_metadata_file_path)
pack_field = content.get('pack', None)
if not pack_field:
content['pack'] = pack
pack_field = pack
if pack_field != pack:
raise Exception('Model is in pack "%s" but field "pack" is different: %s' %
(pack, pack_field))
entry_point = content.get('entry_point', None)
if not entry_point:
raise ValueError('Sensor definition missing entry_point')
# Add in "metadata_file" attribute which stores path to the pack metadata file relative to
# the pack directory
metadata_file = content_utils.get_relative_path_to_pack_file(pack_ref=pack,
file_path=sensor,
use_pack_cache=True)
content['metadata_file'] = metadata_file
sensors_dir = os.path.dirname(sensor_metadata_file_path)
sensor_file_path = os.path.join(sensors_dir, entry_point)
artifact_uri = 'file://%s' % (sensor_file_path)
content['artifact_uri'] = artifact_uri
content['entry_point'] = entry_point
sensor_api = SensorTypeAPI(**content)
sensor_model = SensorTypeAPI.to_model(sensor_api)
sensor_types = SensorType.query(pack=sensor_model.pack, name=sensor_model.name)
if len(sensor_types) >= 1:
sensor_type = sensor_types[0]
LOG.debug('Found existing sensor id:%s with name:%s. Will update it.',
sensor_type.id, sensor_type.name)
sensor_model.id = sensor_type.id
try:
sensor_model = SensorType.add_or_update(sensor_model)
except:
LOG.exception('Failed creating sensor model for %s', sensor)
return sensor_model
def _register_sensor_from_pack(self, pack, sensor):
sensor_metadata_file_path = sensor
LOG.debug('Loading sensor from %s.', sensor_metadata_file_path)
content = self._meta_loader.load(file_path=sensor_metadata_file_path)
pack_field = content.get('pack', None)
if not pack_field:
content['pack'] = pack
pack_field = pack
if pack_field != pack:
raise Exception(
'Model is in pack "%s" but field "pack" is different: %s' %
(pack, pack_field))
entry_point = content.get('entry_point', None)
if not entry_point:
raise ValueError('Sensor definition missing entry_point')
sensors_dir = os.path.dirname(sensor_metadata_file_path)
sensor_file_path = os.path.join(sensors_dir, entry_point)
artifact_uri = 'file://%s' % (sensor_file_path)
content['artifact_uri'] = artifact_uri
content['entry_point'] = entry_point
sensor_api = SensorTypeAPI(**content)
sensor_model = SensorTypeAPI.to_model(sensor_api)
sensor_types = SensorType.query(pack=sensor_model.pack,
name=sensor_model.name)
if len(sensor_types) >= 1:
sensor_type = sensor_types[0]
LOG.debug(
'Found existing sensor id:%s with name:%s. Will update it.',
sensor_type.id, sensor_type.name)
sensor_model.id = sensor_type.id
try:
sensor_model = SensorType.add_or_update(sensor_model)
except:
LOG.exception('Failed creating sensor model for %s', sensor)
return sensor_model
def put(self, sensor_type, ref_or_id, requester_user):
# Note: Right now this function only supports updating of "enabled"
# attribute on the SensorType model.
# The reason for that is that SensorTypeAPI.to_model right now only
# knows how to work with sensor type definitions from YAML files.
sensor_type_db = self._get_by_ref_or_id(ref_or_id=ref_or_id)
permission_type = PermissionType.SENSOR_MODIFY
rbac_utils = get_rbac_backend().get_utils_class()
rbac_utils.assert_user_has_resource_db_permission(
user_db=requester_user,
resource_db=sensor_type_db,
permission_type=permission_type,
)
sensor_type_id = sensor_type_db.id
try:
validate_not_part_of_system_pack(sensor_type_db)
except ValueValidationException as e:
abort(http_client.BAD_REQUEST, six.text_type(e))
return
if not getattr(sensor_type, "pack", None):
sensor_type.pack = sensor_type_db.pack
try:
old_sensor_type_db = sensor_type_db
sensor_type_db.id = sensor_type_id
sensor_type_db.enabled = getattr(sensor_type, "enabled", False)
sensor_type_db = SensorType.add_or_update(sensor_type_db)
except (ValidationError, ValueError) as e:
LOG.exception("Unable to update sensor_type data=%s", sensor_type)
abort(http_client.BAD_REQUEST, six.text_type(e))
return
extra = {
"old_sensor_type_db": old_sensor_type_db,
"new_sensor_type_db": sensor_type_db,
}
LOG.audit("Sensor updated. Sensor.id=%s." % (sensor_type_db.id), extra=extra)
sensor_type_api = SensorTypeAPI.from_model(sensor_type_db)
return sensor_type_api
def put(self, sensor_type, ref_or_id, requester_user):
# Note: Right now this function only supports updating of "enabled"
# attribute on the SensorType model.
# The reason for that is that SensorTypeAPI.to_model right now only
# knows how to work with sensor type definitions from YAML files.
sensor_type_db = self._get_by_ref_or_id(ref_or_id=ref_or_id)
permission_type = PermissionType.SENSOR_MODIFY
rbac_utils = get_rbac_backend().get_utils_class()
rbac_utils.assert_user_has_resource_db_permission(user_db=requester_user,
resource_db=sensor_type_db,
permission_type=permission_type)
sensor_type_id = sensor_type_db.id
try:
validate_not_part_of_system_pack(sensor_type_db)
except ValueValidationException as e:
abort(http_client.BAD_REQUEST, six.text_type(e))
return
if not getattr(sensor_type, 'pack', None):
sensor_type.pack = sensor_type_db.pack
try:
old_sensor_type_db = sensor_type_db
sensor_type_db.id = sensor_type_id
sensor_type_db.enabled = getattr(sensor_type, 'enabled', False)
sensor_type_db = SensorType.add_or_update(sensor_type_db)
except (ValidationError, ValueError) as e:
LOG.exception('Unable to update sensor_type data=%s', sensor_type)
abort(http_client.BAD_REQUEST, six.text_type(e))
return
extra = {
'old_sensor_type_db': old_sensor_type_db,
'new_sensor_type_db': sensor_type_db
}
LOG.audit('Sensor updated. Sensor.id=%s.' % (sensor_type_db.id), extra=extra)
sensor_type_api = SensorTypeAPI.from_model(sensor_type_db)
return sensor_type_api
def put(self, ref_or_id, sensor_type):
# Note: Right now this function only supports updating of "enabled"
# attribute on the SensorType model.
# The reason for that is that SensorTypeAPI.to_model right now only
# knows how to work with sensor type definitions from YAML files.
try:
sensor_type_db = self._get_by_ref_or_id(ref_or_id=ref_or_id)
except Exception as e:
LOG.exception(e.message)
abort(http_client.NOT_FOUND, e.message)
return
sensor_type_id = sensor_type_db.id
try:
validate_not_part_of_system_pack(sensor_type_db)
except ValueValidationException as e:
abort(http_client.BAD_REQUEST, str(e))
return
if not getattr(sensor_type, 'pack', None):
sensor_type.pack = sensor_type_db.pack
try:
old_sensor_type_db = sensor_type_db
sensor_type_db.id = sensor_type_id
sensor_type_db.enabled = getattr(sensor_type, 'enabled', False)
sensor_type_db = SensorType.add_or_update(sensor_type_db)
except (ValidationError, ValueError) as e:
LOG.exception('Unable to update sensor_type data=%s', sensor_type)
abort(http_client.BAD_REQUEST, str(e))
return
extra = {
'old_sensor_type_db': old_sensor_type_db,
'new_sensor_type_db': sensor_type_db
}
LOG.audit('Sensor updated. Sensor.id=%s.' % (sensor_type_db.id),
extra=extra)
sensor_type_api = SensorTypeAPI.from_model(sensor_type_db)
return sensor_type_api
def put(self, ref_or_id, sensor_type):
# Note: Right now this function only supports updating of "enabled"
# attribute on the SensorType model.
# The reason for that is that SensorTypeAPI.to_model right now only
# knows how to work with sensor type definitions from YAML files.
try:
sensor_type_db = self._get_by_ref_or_id(ref_or_id=ref_or_id)
except Exception as e:
LOG.exception(e.message)
abort(http_client.NOT_FOUND, e.message)
return
sensor_type_id = sensor_type_db.id
try:
validate_not_part_of_system_pack(sensor_type_db)
except ValueValidationException as e:
abort(http_client.BAD_REQUEST, str(e))
return
if not getattr(sensor_type, 'pack', None):
sensor_type.pack = sensor_type_db.pack
try:
old_sensor_type_db = sensor_type_db
sensor_type_db.id = sensor_type_id
sensor_type_db.enabled = getattr(sensor_type, 'enabled', False)
sensor_type_db = SensorType.add_or_update(sensor_type_db)
except (ValidationError, ValueError) as e:
LOG.exception('Unable to update sensor_type data=%s', sensor_type)
abort(http_client.BAD_REQUEST, str(e))
return
extra = {
'old_sensor_type_db': old_sensor_type_db,
'new_sensor_type_db': sensor_type_db
}
LOG.audit('Sensor updated. Sensor.id=%s.' % (sensor_type_db.id), extra=extra)
sensor_type_api = SensorTypeAPI.from_model(sensor_type_db)
return sensor_type_api
def _get_all_sensors():
sensors = SensorType.get_all()
LOG.info('Found %d registered sensors in db scan.', len(sensors))
return sensors
def setUp(self):
super(SensorPermissionsResolverTestCase, self).setUp()
# Create some mock users
user_1_db = UserDB(name='1_role_sensor_pack_grant')
user_1_db = User.add_or_update(user_1_db)
self.users['custom_role_sensor_pack_grant'] = user_1_db
user_2_db = UserDB(name='1_role_sensor_grant')
user_2_db = User.add_or_update(user_2_db)
self.users['custom_role_sensor_grant'] = user_2_db
user_3_db = UserDB(name='custom_role_pack_sensor_all_grant')
user_3_db = User.add_or_update(user_3_db)
self.users['custom_role_pack_sensor_all_grant'] = user_3_db
user_4_db = UserDB(name='custom_role_sensor_all_grant')
user_4_db = User.add_or_update(user_4_db)
self.users['custom_role_sensor_all_grant'] = user_4_db
user_5_db = UserDB(name='custom_role_sensor_list_grant')
user_5_db = User.add_or_update(user_5_db)
self.users['custom_role_sensor_list_grant'] = user_5_db
# Create some mock resources on which permissions can be granted
sensor_1_db = SensorTypeDB(pack='test_pack_1', name='sensor1')
sensor_1_db = SensorType.add_or_update(sensor_1_db)
self.resources['sensor_1'] = sensor_1_db
sensor_2_db = SensorTypeDB(pack='test_pack_1', name='sensor2')
sensor_2_db = SensorType.add_or_update(sensor_2_db)
self.resources['sensor_2'] = sensor_2_db
sensor_3_db = SensorTypeDB(pack='test_pack_2', name='sensor3')
sensor_3_db = SensorType.add_or_update(sensor_3_db)
self.resources['sensor_3'] = sensor_3_db
# Create some mock roles with associated permission grants
# Custom role 2 - one grant on parent pack
# "sensor_view" on pack_1
grant_db = PermissionGrantDB(
resource_uid=self.resources['pack_1'].get_uid(),
resource_type=ResourceType.PACK,
permission_types=[PermissionType.SENSOR_VIEW])
grant_db = PermissionGrant.add_or_update(grant_db)
permission_grants = [str(grant_db.id)]
role_3_db = RoleDB(name='custom_role_sensor_pack_grant',
permission_grants=permission_grants)
role_3_db = Role.add_or_update(role_3_db)
self.roles['custom_role_sensor_pack_grant'] = role_3_db
# Custom role 4 - one grant on pack
# "sensor_view on sensor_3
grant_db = PermissionGrantDB(
resource_uid=self.resources['sensor_3'].get_uid(),
resource_type=ResourceType.SENSOR,
permission_types=[PermissionType.SENSOR_VIEW])
grant_db = PermissionGrant.add_or_update(grant_db)
permission_grants = [str(grant_db.id)]
role_4_db = RoleDB(name='custom_role_sensor_grant',
permission_grants=permission_grants)
role_4_db = Role.add_or_update(role_4_db)
self.roles['custom_role_sensor_grant'] = role_4_db
# Custom role - "sensor_all" grant on a parent sensor pack
grant_db = PermissionGrantDB(
resource_uid=self.resources['pack_1'].get_uid(),
resource_type=ResourceType.PACK,
permission_types=[PermissionType.SENSOR_ALL])
grant_db = PermissionGrant.add_or_update(grant_db)
permission_grants = [str(grant_db.id)]
role_4_db = RoleDB(name='custom_role_pack_sensor_all_grant',
permission_grants=permission_grants)
role_4_db = Role.add_or_update(role_4_db)
self.roles['custom_role_pack_sensor_all_grant'] = role_4_db
# Custom role - "sensor_all" grant on a sensor
grant_db = PermissionGrantDB(
resource_uid=self.resources['sensor_1'].get_uid(),
resource_type=ResourceType.SENSOR,
permission_types=[PermissionType.SENSOR_ALL])
grant_db = PermissionGrant.add_or_update(grant_db)
permission_grants = [str(grant_db.id)]
role_4_db = RoleDB(name='custom_role_sensor_all_grant',
permission_grants=permission_grants)
role_4_db = Role.add_or_update(role_4_db)
self.roles['custom_role_sensor_all_grant'] = role_4_db
# Custom role - "sensor_list" grant
grant_db = PermissionGrantDB(
resource_uid=None,
resource_type=None,
permission_types=[PermissionType.SENSOR_LIST])
grant_db = PermissionGrant.add_or_update(grant_db)
permission_grants = [str(grant_db.id)]
role_5_db = RoleDB(name='custom_role_sensor_list_grant',
permission_grants=permission_grants)
role_5_db = Role.add_or_update(role_5_db)
self.roles['custom_role_sensor_list_grant'] = role_5_db
# Create some mock role assignments
user_db = self.users['custom_role_sensor_pack_grant']
role_assignment_db = UserRoleAssignmentDB(
user=user_db.name,
role=self.roles['custom_role_sensor_pack_grant'].name,
source='assignments/%s.yaml' % user_db.name)
UserRoleAssignment.add_or_update(role_assignment_db)
user_db = self.users['custom_role_sensor_grant']
role_assignment_db = UserRoleAssignmentDB(
user=user_db.name,
role=self.roles['custom_role_sensor_grant'].name,
source='assignments/%s.yaml' % user_db.name)
UserRoleAssignment.add_or_update(role_assignment_db)
user_db = self.users['custom_role_pack_sensor_all_grant']
role_assignment_db = UserRoleAssignmentDB(
user=user_db.name,
role=self.roles['custom_role_pack_sensor_all_grant'].name,
source='assignments/%s.yaml' % user_db.name)
UserRoleAssignment.add_or_update(role_assignment_db)
user_db = self.users['custom_role_sensor_all_grant']
role_assignment_db = UserRoleAssignmentDB(
user=user_db.name,
role=self.roles['custom_role_sensor_all_grant'].name,
source='assignments/%s.yaml' % user_db.name)
UserRoleAssignment.add_or_update(role_assignment_db)
user_db = self.users['custom_role_sensor_list_grant']
role_assignment_db = UserRoleAssignmentDB(
user=user_db.name,
role=self.roles['custom_role_sensor_list_grant'].name,
source='assignments/%s.yaml' % user_db.name)
UserRoleAssignment.add_or_update(role_assignment_db)
def test_register_sensors(self):
# Verify DB is empty at the beginning
self.assertEqual(len(SensorType.get_all()), 0)
self.assertEqual(len(TriggerType.get_all()), 0)
self.assertEqual(len(Trigger.get_all()), 0)
registrar = SensorsRegistrar()
registrar.register_from_packs(base_dirs=[PACKS_DIR])
# Verify objects have been created
sensor_dbs = SensorType.get_all()
trigger_type_dbs = TriggerType.get_all()
trigger_dbs = Trigger.get_all()
self.assertEqual(len(sensor_dbs), 2)
self.assertEqual(len(trigger_type_dbs), 2)
self.assertEqual(len(trigger_dbs), 2)
self.assertEqual(sensor_dbs[0].name, 'TestSensor')
self.assertEqual(sensor_dbs[0].poll_interval, 10)
self.assertTrue(sensor_dbs[0].enabled)
self.assertEqual(sensor_dbs[1].name, 'TestSensorDisabled')
self.assertEqual(sensor_dbs[1].poll_interval, 10)
self.assertFalse(sensor_dbs[1].enabled)
self.assertEqual(trigger_type_dbs[0].name, 'trigger_type_1')
self.assertEqual(trigger_type_dbs[0].pack, 'pack_with_sensor')
self.assertEqual(len(trigger_type_dbs[0].tags), 0)
self.assertEqual(trigger_type_dbs[1].name, 'trigger_type_2')
self.assertEqual(trigger_type_dbs[1].pack, 'pack_with_sensor')
self.assertEqual(len(trigger_type_dbs[1].tags), 2)
self.assertEqual(trigger_type_dbs[1].tags[0].name, 'tag1name')
self.assertEqual(trigger_type_dbs[1].tags[0].value, 'tag1 value')
# Verify second call to registration doesn't create a duplicate objects
registrar.register_from_packs(base_dirs=[PACKS_DIR])
sensor_dbs = SensorType.get_all()
trigger_type_dbs = TriggerType.get_all()
trigger_dbs = Trigger.get_all()
self.assertEqual(len(sensor_dbs), 2)
self.assertEqual(len(trigger_type_dbs), 2)
self.assertEqual(len(trigger_dbs), 2)
self.assertEqual(sensor_dbs[0].name, 'TestSensor')
self.assertEqual(sensor_dbs[0].poll_interval, 10)
self.assertEqual(trigger_type_dbs[0].name, 'trigger_type_1')
self.assertEqual(trigger_type_dbs[0].pack, 'pack_with_sensor')
self.assertEqual(trigger_type_dbs[1].name, 'trigger_type_2')
self.assertEqual(trigger_type_dbs[1].pack, 'pack_with_sensor')
# Verify sensor and trigger data is updated on registration
original_load = registrar._meta_loader.load
def mock_load(*args, **kwargs):
# Update poll_interval and trigger_type_2 description
data = original_load(*args, **kwargs)
data['poll_interval'] = 50
data['trigger_types'][1]['description'] = 'test 2'
return data
registrar._meta_loader.load = mock_load
registrar.register_from_packs(base_dirs=[PACKS_DIR])
sensor_dbs = SensorType.get_all()
trigger_type_dbs = TriggerType.get_all()
trigger_dbs = Trigger.get_all()
self.assertEqual(len(sensor_dbs), 2)
self.assertEqual(len(trigger_type_dbs), 2)
self.assertEqual(len(trigger_dbs), 2)
self.assertEqual(sensor_dbs[0].name, 'TestSensor')
self.assertEqual(sensor_dbs[0].poll_interval, 50)
self.assertEqual(trigger_type_dbs[0].name, 'trigger_type_1')
self.assertEqual(trigger_type_dbs[0].pack, 'pack_with_sensor')
self.assertEqual(trigger_type_dbs[1].name, 'trigger_type_2')
self.assertEqual(trigger_type_dbs[1].pack, 'pack_with_sensor')
self.assertEqual(trigger_type_dbs[1].description, 'test 2')
def setUp(self):
super(SensorPermissionsResolverTestCase, self).setUp()
# Create some mock users
user_1_db = UserDB(name='1_role_sensor_pack_grant')
user_1_db = User.add_or_update(user_1_db)
self.users['custom_role_sensor_pack_grant'] = user_1_db
user_2_db = UserDB(name='1_role_sensor_grant')
user_2_db = User.add_or_update(user_2_db)
self.users['custom_role_sensor_grant'] = user_2_db
user_3_db = UserDB(name='custom_role_pack_sensor_all_grant')
user_3_db = User.add_or_update(user_3_db)
self.users['custom_role_pack_sensor_all_grant'] = user_3_db
user_4_db = UserDB(name='custom_role_sensor_all_grant')
user_4_db = User.add_or_update(user_4_db)
self.users['custom_role_sensor_all_grant'] = user_4_db
# Create some mock resources on which permissions can be granted
sensor_1_db = SensorTypeDB(pack='test_pack_1', name='sensor1')
sensor_1_db = SensorType.add_or_update(sensor_1_db)
self.resources['sensor_1'] = sensor_1_db
sensor_2_db = SensorTypeDB(pack='test_pack_1', name='sensor2')
sensor_2_db = SensorType.add_or_update(sensor_2_db)
self.resources['sensor_2'] = sensor_2_db
sensor_3_db = SensorTypeDB(pack='test_pack_2', name='sensor3')
sensor_3_db = SensorType.add_or_update(sensor_3_db)
self.resources['sensor_3'] = sensor_3_db
# Create some mock roles with associated permission grants
# Custom role 2 - one grant on parent pack
# "sensor_view" on pack_1
grant_db = PermissionGrantDB(resource_uid=self.resources['pack_1'].get_uid(),
resource_type=ResourceType.PACK,
permission_types=[PermissionType.SENSOR_VIEW])
grant_db = PermissionGrant.add_or_update(grant_db)
permission_grants = [str(grant_db.id)]
role_3_db = RoleDB(name='custom_role_sensor_pack_grant',
permission_grants=permission_grants)
role_3_db = Role.add_or_update(role_3_db)
self.roles['custom_role_sensor_pack_grant'] = role_3_db
# Custom role 4 - one grant on pack
# "sensor_view on sensor_3
grant_db = PermissionGrantDB(resource_uid=self.resources['sensor_3'].get_uid(),
resource_type=ResourceType.SENSOR,
permission_types=[PermissionType.SENSOR_VIEW])
grant_db = PermissionGrant.add_or_update(grant_db)
permission_grants = [str(grant_db.id)]
role_4_db = RoleDB(name='custom_role_sensor_grant', permission_grants=permission_grants)
role_4_db = Role.add_or_update(role_4_db)
self.roles['custom_role_sensor_grant'] = role_4_db
# Custom role - "sensor_all" grant on a parent sensor pack
grant_db = PermissionGrantDB(resource_uid=self.resources['pack_1'].get_uid(),
resource_type=ResourceType.PACK,
permission_types=[PermissionType.SENSOR_ALL])
grant_db = PermissionGrant.add_or_update(grant_db)
permission_grants = [str(grant_db.id)]
role_4_db = RoleDB(name='custom_role_pack_sensor_all_grant',
permission_grants=permission_grants)
role_4_db = Role.add_or_update(role_4_db)
self.roles['custom_role_pack_sensor_all_grant'] = role_4_db
# Custom role - "sensor_all" grant on a sensor
grant_db = PermissionGrantDB(resource_uid=self.resources['sensor_1'].get_uid(),
resource_type=ResourceType.SENSOR,
permission_types=[PermissionType.SENSOR_ALL])
grant_db = PermissionGrant.add_or_update(grant_db)
permission_grants = [str(grant_db.id)]
role_4_db = RoleDB(name='custom_role_sensor_all_grant', permission_grants=permission_grants)
role_4_db = Role.add_or_update(role_4_db)
self.roles['custom_role_sensor_all_grant'] = role_4_db
# Create some mock role assignments
user_db = self.users['custom_role_sensor_pack_grant']
role_assignment_db = UserRoleAssignmentDB(
user=user_db.name,
role=self.roles['custom_role_sensor_pack_grant'].name)
UserRoleAssignment.add_or_update(role_assignment_db)
user_db = self.users['custom_role_sensor_grant']
role_assignment_db = UserRoleAssignmentDB(user=user_db.name,
role=self.roles['custom_role_sensor_grant'].name)
UserRoleAssignment.add_or_update(role_assignment_db)
user_db = self.users['custom_role_pack_sensor_all_grant']
role_assignment_db = UserRoleAssignmentDB(
user=user_db.name,
role=self.roles['custom_role_pack_sensor_all_grant'].name)
UserRoleAssignment.add_or_update(role_assignment_db)
user_db = self.users['custom_role_sensor_all_grant']
role_assignment_db = UserRoleAssignmentDB(
user=user_db.name,
role=self.roles['custom_role_sensor_all_grant'].name)
UserRoleAssignment.add_or_update(role_assignment_db)
def _get_all_sensors():
sensors = SensorType.get_all()
LOG.info('Found %d registered sensors in db scan.', len(sensors))
return sensors
def get_all_enabled_sensors():
# only query for enabled sensors.
sensors = SensorType.query(enabled=True)
LOG.info('Found %d registered sensors in db scan.', len(sensors))
return sensors
def get_sensors(self):
sensor = SensorType.get_by_ref(self._sensor_ref)
if not sensor:
raise SensorNotFoundException('Sensor %s not found in db.' % self._sensor_ref)
return [sensor]
def get_all_enabled_sensors():
# only query for enabled sensors.
sensors = SensorType.query(enabled=True)
LOG.info('Found %d registered sensors in db scan.', len(sensors))
return sensors
def test_register_sensors(self):
# Verify DB is empty at the beginning
self.assertEqual(len(SensorType.get_all()), 0)
self.assertEqual(len(TriggerType.get_all()), 0)
self.assertEqual(len(Trigger.get_all()), 0)
registrar = SensorsRegistrar()
registrar.register_sensors_from_packs(base_dirs=[PACKS_DIR])
# Verify objects have been created
sensor_dbs = SensorType.get_all()
trigger_type_dbs = TriggerType.get_all()
trigger_dbs = Trigger.get_all()
self.assertEqual(len(sensor_dbs), 2)
self.assertEqual(len(trigger_type_dbs), 2)
self.assertEqual(len(trigger_dbs), 2)
self.assertEqual(sensor_dbs[0].name, 'TestSensor')
self.assertEqual(sensor_dbs[0].poll_interval, 10)
self.assertTrue(sensor_dbs[0].enabled)
self.assertEqual(sensor_dbs[1].name, 'TestSensorDisabled')
self.assertEqual(sensor_dbs[1].poll_interval, 10)
self.assertFalse(sensor_dbs[1].enabled)
self.assertEqual(trigger_type_dbs[0].name, 'trigger_type_1')
self.assertEqual(trigger_type_dbs[0].pack, 'pack_with_sensor')
self.assertEqual(len(trigger_type_dbs[0].tags), 0)
self.assertEqual(trigger_type_dbs[1].name, 'trigger_type_2')
self.assertEqual(trigger_type_dbs[1].pack, 'pack_with_sensor')
self.assertEqual(len(trigger_type_dbs[1].tags), 2)
self.assertEqual(trigger_type_dbs[1].tags[0].name, 'tag1name')
self.assertEqual(trigger_type_dbs[1].tags[0].value, 'tag1 value')
# Verify second call to registration doesn't create a duplicate objects
registrar.register_sensors_from_packs(base_dirs=[PACKS_DIR])
sensor_dbs = SensorType.get_all()
trigger_type_dbs = TriggerType.get_all()
trigger_dbs = Trigger.get_all()
self.assertEqual(len(sensor_dbs), 2)
self.assertEqual(len(trigger_type_dbs), 2)
self.assertEqual(len(trigger_dbs), 2)
self.assertEqual(sensor_dbs[0].name, 'TestSensor')
self.assertEqual(sensor_dbs[0].poll_interval, 10)
self.assertEqual(trigger_type_dbs[0].name, 'trigger_type_1')
self.assertEqual(trigger_type_dbs[0].pack, 'pack_with_sensor')
self.assertEqual(trigger_type_dbs[1].name, 'trigger_type_2')
self.assertEqual(trigger_type_dbs[1].pack, 'pack_with_sensor')
# Verify sensor and trigger data is updated on registration
original_load = registrar._meta_loader.load
def mock_load(*args, **kwargs):
# Update poll_interval and trigger_type_2 description
data = original_load(*args, **kwargs)
data['poll_interval'] = 50
data['trigger_types'][1]['description'] = 'test 2'
return data
registrar._meta_loader.load = mock_load
registrar.register_sensors_from_packs(base_dirs=[PACKS_DIR])
sensor_dbs = SensorType.get_all()
trigger_type_dbs = TriggerType.get_all()
trigger_dbs = Trigger.get_all()
self.assertEqual(len(sensor_dbs), 2)
self.assertEqual(len(trigger_type_dbs), 2)
self.assertEqual(len(trigger_dbs), 2)
self.assertEqual(sensor_dbs[0].name, 'TestSensor')
self.assertEqual(sensor_dbs[0].poll_interval, 50)
self.assertEqual(trigger_type_dbs[0].name, 'trigger_type_1')
self.assertEqual(trigger_type_dbs[0].pack, 'pack_with_sensor')
self.assertEqual(trigger_type_dbs[1].name, 'trigger_type_2')
self.assertEqual(trigger_type_dbs[1].pack, 'pack_with_sensor')
self.assertEqual(trigger_type_dbs[1].description, 'test 2')
def test_register_sensors(self):
# Verify DB is empty at the beginning
self.assertEqual(len(SensorType.get_all()), 0)
self.assertEqual(len(TriggerType.get_all()), 0)
self.assertEqual(len(Trigger.get_all()), 0)
registrar = SensorsRegistrar()
registrar.register_from_packs(base_dirs=[PACKS_DIR])
# Verify objects have been created
sensor_dbs = SensorType.get_all()
trigger_type_dbs = TriggerType.get_all()
trigger_dbs = Trigger.get_all()
self.assertEqual(len(sensor_dbs), 2)
self.assertEqual(len(trigger_type_dbs), 2)
self.assertEqual(len(trigger_dbs), 2)
self.assertEqual(sensor_dbs[0].name, "TestSensor")
self.assertEqual(sensor_dbs[0].poll_interval, 10)
self.assertTrue(sensor_dbs[0].enabled)
self.assertEqual(sensor_dbs[0].metadata_file,
"sensors/test_sensor_1.yaml")
self.assertEqual(sensor_dbs[1].name, "TestSensorDisabled")
self.assertEqual(sensor_dbs[1].poll_interval, 10)
self.assertFalse(sensor_dbs[1].enabled)
self.assertEqual(sensor_dbs[1].metadata_file,
"sensors/test_sensor_2.yaml")
self.assertEqual(trigger_type_dbs[0].name, "trigger_type_1")
self.assertEqual(trigger_type_dbs[0].pack, "pack_with_sensor")
self.assertEqual(len(trigger_type_dbs[0].tags), 0)
self.assertEqual(trigger_type_dbs[1].name, "trigger_type_2")
self.assertEqual(trigger_type_dbs[1].pack, "pack_with_sensor")
self.assertEqual(len(trigger_type_dbs[1].tags), 2)
self.assertEqual(trigger_type_dbs[1].tags[0].name, "tag1name")
self.assertEqual(trigger_type_dbs[1].tags[0].value, "tag1 value")
# Triggered which are registered via sensors have metadata_file pointing to the sensor
# definition file
self.assertEqual(trigger_type_dbs[0].metadata_file,
"sensors/test_sensor_1.yaml")
self.assertEqual(trigger_type_dbs[1].metadata_file,
"sensors/test_sensor_1.yaml")
# Verify second call to registration doesn't create a duplicate objects
registrar.register_from_packs(base_dirs=[PACKS_DIR])
sensor_dbs = SensorType.get_all()
trigger_type_dbs = TriggerType.get_all()
trigger_dbs = Trigger.get_all()
self.assertEqual(len(sensor_dbs), 2)
self.assertEqual(len(trigger_type_dbs), 2)
self.assertEqual(len(trigger_dbs), 2)
self.assertEqual(sensor_dbs[0].name, "TestSensor")
self.assertEqual(sensor_dbs[0].poll_interval, 10)
self.assertEqual(trigger_type_dbs[0].name, "trigger_type_1")
self.assertEqual(trigger_type_dbs[0].pack, "pack_with_sensor")
self.assertEqual(trigger_type_dbs[1].name, "trigger_type_2")
self.assertEqual(trigger_type_dbs[1].pack, "pack_with_sensor")
# Verify sensor and trigger data is updated on registration
original_load = registrar._meta_loader.load
def mock_load(*args, **kwargs):
# Update poll_interval and trigger_type_2 description
data = original_load(*args, **kwargs)
data["poll_interval"] = 50
data["trigger_types"][1]["description"] = "test 2"
return data
registrar._meta_loader.load = mock_load
registrar.register_from_packs(base_dirs=[PACKS_DIR])
sensor_dbs = SensorType.get_all()
trigger_type_dbs = TriggerType.get_all()
trigger_dbs = Trigger.get_all()
self.assertEqual(len(sensor_dbs), 2)
self.assertEqual(len(trigger_type_dbs), 2)
self.assertEqual(len(trigger_dbs), 2)
self.assertEqual(sensor_dbs[0].name, "TestSensor")
self.assertEqual(sensor_dbs[0].poll_interval, 50)
self.assertEqual(trigger_type_dbs[0].name, "trigger_type_1")
self.assertEqual(trigger_type_dbs[0].pack, "pack_with_sensor")
self.assertEqual(trigger_type_dbs[1].name, "trigger_type_2")
self.assertEqual(trigger_type_dbs[1].pack, "pack_with_sensor")
self.assertEqual(trigger_type_dbs[1].description, "test 2")
