def __getPolicyActionsThatApply( decisionParams ):
'''
Method that matches the input dictionary with the policy actions
configuration in the CS. It returns a list of policy actions names that
matched.
'''
policyActionsThatApply = []
# Get policies configuration metadata from CS.
policyActionsConfig = RssConfiguration.getPolicyActions()
if not policyActionsConfig[ 'OK' ]:
return policyActionsConfig
policyActionsConfig = policyActionsConfig[ 'Value' ]
# Get policies that match the given decissionParameters
for policyActionName, policyActionConfig in policyActionsConfig.items():
policyMatch = Utils.configMatch( decisionParams, policyActionConfig )
if policyMatch:
policyActionsThatApply.append( policyActionName )
return S_OK( policyActionsThatApply )
def __getPolicyActionsThatApply2(decissionParams, singlePolicyResults,
policyCombinedResults):
'''
Method that matches the input dictionary with the policy actions
configuration in the CS. It returns a list of policy actions names that
matched.
'''
policyActionsThatApply = []
# Get policies configuration metadata from CS.
policyActionsConfig = RssConfiguration.getPolicyActions()
if not policyActionsConfig['OK']:
return policyActionsConfig
policyActionsConfig = policyActionsConfig['Value']
# Let's create a dictionary to use it with configMatch
policyResults = {}
for policyResult in singlePolicyResults:
try:
policyResults[policyResult['Policy']
['name']] = policyResult['Status']
except KeyError:
continue
# Get policies that match the given decissionParameters
for policyActionName, policyActionConfig in policyActionsConfig.items(
):
# The parameter policyType is mandatory. If not present, we pick policyActionName
try:
policyActionType = policyActionConfig['actionType'][0]
except KeyError:
policyActionType = policyActionName
#continue
# We get matchParams to be compared against decissionParams
policyActionMatchParams = policyActionConfig.get('matchParams', {})
policyMatch = Utils.configMatch(decissionParams,
policyActionMatchParams)
#policyMatch = Utils.configMatch( decissionParams, policyActionConfig )
if not policyMatch:
continue
# Let's check single policy results
# Assumed structure:
# ...
# policyResults
# <PolicyName> = <PolicyResult1>,<PolicyResult2>...
policyActionPolicyResults = policyActionConfig.get(
'policyResults', {})
policyResultsMatch = Utils.configMatch(policyResults,
policyActionPolicyResults)
if not policyResultsMatch:
continue
# combinedResult
# \Status = X,Y
# \Reason = asdasd,asdsa
policyActionCombinedResult = policyActionConfig.get(
'combinedResult', {})
policyCombinedMatch = Utils.configMatch(
policyCombinedResults, policyActionCombinedResult)
if not policyCombinedMatch:
continue
#policyActionsThatApply.append( policyActionName )
# They may not be necessarily the same
policyActionsThatApply.append((policyActionName, policyActionType))
return S_OK(policyActionsThatApply)
def __getPoliciesThatApply(self, decissionParams):
'''
Method that matches the input dictionary with the policies configuration in
the CS. It returns a list of policy dictionaries that matched.
'''
policiesThatApply = []
# Get policies configuration metadata from CS.
policiesConfig = RssConfiguration.getPolicies()
if not policiesConfig['OK']:
return policiesConfig
policiesConfig = policiesConfig['Value']
# Each policy, has the following format
# <policyName>
# \
# policyType = <policyType>
# matchParams
# \
# ...
# configParams
# \
# ...
# Get policies that match the given decissionParameters
for policyName, policySetup in policiesConfig.items():
# The parameter policyType replaces policyName, so if it is not present,
# we pick policyName
try:
policyType = policySetup['policyType'][0]
except KeyError:
policyType = policyName
#continue
# The section matchParams is not mandatory, so we set {} as default.
policyMatchParams = policySetup.get('matchParams', {})
# FIXME: make sure the values in the policyConfigParams dictionary are typed !!
policyConfigParams = {}
#policyConfigParams = policySetup.get( 'configParams', {} )
policyMatch = Utils.configMatch(decissionParams, policyMatchParams)
if policyMatch:
policiesThatApply.append(
(policyName, policyType, policyConfigParams))
policiesToBeLoaded = []
# Gets policies parameters from code.
for policyName, policyType, _policyConfigParams in policiesThatApply:
try:
policyMeta = self.policies[policyType]
except KeyError:
continue
# We are not going to use name / type anymore, but we keep them for debugging
# and future usage.
policyDict = {'name': policyName, 'type': policyType, 'args': {}}
# args is one of the parameters we are going to use on the policies. We copy
# the defaults and then we update if with whatever comes from the CS.
policyDict.update(policyMeta)
# FIXME: watch out, args can be None !
#policyDict[ 'args' ].update( policyConfigParams )
policiesToBeLoaded.append(policyDict)
return S_OK(policiesToBeLoaded)
def __getPolicyActionsThatApply2( decisionParams, singlePolicyResults,
policyCombinedResults ):
'''
Method that matches the input dictionary with the policy actions
configuration in the CS. It returns a list of policy actions names that
matched.
'''
policyActionsThatApply = []
# Get policies configuration metadata from CS.
policyActionsConfig = RssConfiguration.getPolicyActions()
if not policyActionsConfig[ 'OK' ]:
return policyActionsConfig
policyActionsConfig = policyActionsConfig[ 'Value' ]
# Let's create a dictionary to use it with configMatch
policyResults = {}
for policyResult in singlePolicyResults:
try:
policyResults[ policyResult[ 'Policy' ][ 'name' ] ] = policyResult[ 'Status' ]
except KeyError:
continue
# Get policies that match the given decissionParameters
for policyActionName, policyActionConfig in policyActionsConfig.items():
# The parameter policyType is mandatory. If not present, we pick policyActionName
try:
policyActionType = policyActionConfig[ 'actionType' ][ 0 ]
except KeyError:
policyActionType = policyActionName
#continue
# We get matchParams to be compared against decisionParams
policyActionMatchParams = policyActionConfig.get( 'matchParams', {} )
policyMatch = Utils.configMatch( decisionParams, policyActionMatchParams )
# policyMatch = Utils.configMatch( decisionParams, policyActionConfig )
if not policyMatch:
continue
# Let's check single policy results
# Assumed structure:
# ...
# policyResults
# <PolicyName> = <PolicyResult1>,<PolicyResult2>...
policyActionPolicyResults = policyActionConfig.get( 'policyResults', {} )
policyResultsMatch = Utils.configMatch( policyResults, policyActionPolicyResults )
if not policyResultsMatch:
continue
# combinedResult
# \Status = X,Y
# \Reason = asdasd,asdsa
policyActionCombinedResult = policyActionConfig.get( 'combinedResult', {} )
policyCombinedMatch = Utils.configMatch( policyCombinedResults, policyActionCombinedResult )
if not policyCombinedMatch:
continue
#policyActionsThatApply.append( policyActionName )
# They may not be necessarily the same
policyActionsThatApply.append( ( policyActionName, policyActionType ) )
return S_OK( policyActionsThatApply )
def __getPoliciesThatApply( self, decisionParams ):
'''
Method that matches the input dictionary with the policies configuration in
the CS. It returns a list of policy dictionaries that matched.
'''
policiesThatApply = []
# Get policies configuration metadata from CS.
policiesConfig = RssConfiguration.getPolicies()
if not policiesConfig[ 'OK' ]:
return policiesConfig
policiesConfig = policiesConfig[ 'Value' ]
# Each policy, has the following format
# <policyName>
# \
# policyType = <policyType>
# matchParams
# \
# ...
# configParams
# \
# ...
# Get policies that match the given decissionParameters
for policyName, policySetup in policiesConfig.items():
# The parameter policyType replaces policyName, so if it is not present,
# we pick policyName
try:
policyType = policySetup[ 'policyType' ][ 0 ]
except KeyError:
policyType = policyName
#continue
# The section matchParams is not mandatory, so we set {} as default.
policyMatchParams = policySetup.get( 'matchParams', {} )
# FIXME: make sure the values in the policyConfigParams dictionary are typed !!
policyConfigParams = {}
#policyConfigParams = policySetup.get( 'configParams', {} )
policyMatch = Utils.configMatch( decisionParams, policyMatchParams )
if policyMatch:
policiesThatApply.append( ( policyName, policyType, policyConfigParams ) )
policiesToBeLoaded = []
# Gets policies parameters from code.
for policyName, policyType, _policyConfigParams in policiesThatApply:
try:
policyMeta = self.policies[ policyType ]
except KeyError:
continue
# We are not going to use name / type anymore, but we keep them for debugging
# and future usage.
policyDict = {
'name' : policyName,
'type' : policyType,
'args' : {}
}
# args is one of the parameters we are going to use on the policies. We copy
# the defaults and then we update if with whatever comes from the CS.
policyDict.update( policyMeta )
# FIXME: watch out, args can be None !
#policyDict[ 'args' ].update( policyConfigParams )
policiesToBeLoaded.append( policyDict )
return S_OK( policiesToBeLoaded )
def getPoliciesThatApply( decisionParams ):
"""
Method that sanitizes the input parameters and returns the policies that
match them. Matches the input dictionary with the policies configuration in
the CS. It returns a list of policy dictionaries that matched.
"""
decisionParams = _sanitizedecisionParams( decisionParams )
gLogger.debug("Sanitized decisionParams: %s" % str(decisionParams))
policiesThatApply = []
# Get policies configuration metadata from CS.
policiesConfig = RssConfiguration.getPolicies()
if not policiesConfig[ 'OK' ]:
return policiesConfig
policiesConfig = policiesConfig[ 'Value' ]
gLogger.debug("All policies: %s" %str(policiesConfig))
# Each policy, has the following format
# <policyName>
# \
# policyType = <policyType>
# matchParams
# \
# ...
# configParams
# \
# ...
# Get policies that match the given decisionParameters
for policyName, policySetup in policiesConfig.items():
# The parameter policyType replaces policyName, so if it is not present,
# we pick policyName
try:
policyType = policySetup[ 'policyType' ][ 0 ]
except KeyError:
policyType = policyName
#continue
# The section matchParams is not mandatory, so we set {} as default.
policyMatchParams = policySetup.get( 'matchParams', {} )
gLogger.debug("matchParams of %s: %s" %(policyName, str(policyMatchParams)))
# FIXME: make sure the values in the policyConfigParams dictionary are typed !!
policyConfigParams = {}
#policyConfigParams = policySetup.get( 'configParams', {} )
policyMatch = Utils.configMatch( decisionParams, policyMatchParams )
gLogger.debug("PolicyMatch for decisionParams %s: %s" %(decisionParams, str(policyMatch)))
policyFilter = _filterPolicies( decisionParams, policyMatchParams )
#WARNING: we need an additional filtering function when the matching
#is not straightforward (e.g. when the policy specify a 'domain', while
#the decisionParams has only the name of the element)
if policyMatch and policyFilter:
policiesThatApply.append( ( policyName, policyType, policyConfigParams ) )
gLogger.debug("policies that apply: %s" %str(policiesThatApply))
policiesToBeLoaded = []
# Gets policies parameters from code.
for policyName, policyType, _policyConfigParams in policiesThatApply:
try:
configModule = Utils.voimport( 'DIRAC.ResourceStatusSystem.Policy.Configurations' )
policies = copy.deepcopy( configModule.POLICIESMETA )
policyMeta = policies[ policyType ]
except KeyError:
continue
# We are not going to use name / type anymore, but we keep them for debugging
# and future usage.
policyDict = { 'name' : policyName,
'type' : policyType,
'args' : {}
}
# args is one of the parameters we are going to use on the policies. We copy
# the defaults and then we update if with whatever comes from the CS.
policyDict.update( policyMeta )
policiesToBeLoaded.append( policyDict )
return S_OK( policiesToBeLoaded )
def getPoliciesThatApply( self, decisionParams ):
""" Given a dictionary, it matches it against all the policies configuration
dictionaries as they are on the CS. Returns the policy dictionaries that
produced a positive match plus their configuration in <self.policies>.
examples:
>>> # This matches all policies !
>>> iGetter.getPoliciesThatApply( {} )
[ {
'name' : 'AlwaysActiveForResource',
'type' : 'AlwaysActive',
'module' : 'AlwaysActivePolicy',
'description' : 'This is the AlwaysActive policy'
'command' : None,
'args' : {}
},... ]
>>> # There is no policy that matches BlahSite
>>> iGetter.getPoliciesThatApply( { 'name' : 'BlahSite' } )
[]
:Parameters:
**decisionParams** - `dict`
dictionary with the parameters to match policies.
:return: S_OK() / S_ERROR
"""
policiesToBeLoaded = []
# Get policies configuration metadata from CS.
policiesConfig = RssConfiguration.getPolicies()
if not policiesConfig[ 'OK' ]:
return policiesConfig
policiesConfig = policiesConfig[ 'Value' ]
# Get policies that match the given decissionParameters
for policyName, policySetup in policiesConfig.iteritems():
# The section matchParams is not mandatory, so we set {} as default.
policyMatchParams = policySetup.get( 'matchParams', {} )
if not Utils.configMatch( decisionParams, policyMatchParams ):
continue
# the policyName replaces the policyTipe if not present. This allows us to
# define several policies of the same type on the CS. We just need to
# give them different names and assign them the same policyType.
try:
policyType = policySetup[ 'policyType' ][ 0 ]
except KeyError:
policyType = policyName
policyDict = {
'name' : policyName,
'type' : policyType,
'args' : {}
}
# Get policy static configuration
try:
policyDict.update( self.policies[ policyType ] )
except KeyError:
continue
policiesToBeLoaded.append( policyDict )
return S_OK( policiesToBeLoaded )
def getPolicyActionsThatApply( self, decisionParams, singlePolicyResults, policyCombinedResults ):
""" Method that returns the actions to be triggered based on the original
decision parameters ( decisionParams ), which also can apply to the method
`getPoliciesThatApply`, each one of the policy results ( singlePolicyResults )
and the combined policy results ( policyCombinedResults ) as computed on the `PDP`.
examples:
>>> iGetter.getPolicyActionsThatApply( { 'name' : 'SiteA' },[],{} )[ 'Value' ]
[ ( 'BanSiteA', 'BanSite' ) ]
>>> iGetter.getPolicyActionsThatApply( { 'name' : 'SiteA' },[],
{ 'Status' : 'Active', 'Reason' : 'Blah' } )[ 'Value' ]
[ ( 'BanSiteA', 'BanSite' ), ( 'EmailActive2Banned', 'EmailAction' ) ]
:Parameters:
**decisionParams** - `dict`
dictionary with the parameters to match policies ( and actions in this case )
**singlePolicyResults** - `list( dict )`
list containing the dictionaries returned by the policies evaluated
**policyCombinedResults** - `dict`
dictionary containing the combined result of the policies evaluation
:return: S_OK( list ) / S_ERROR
"""
policyActionsThatApply = []
# Get policies configuration metadata from CS.
policyActionsConfig = RssConfiguration.getPolicyActions()
if not policyActionsConfig[ 'OK' ]:
return policyActionsConfig
policyActionsConfig = policyActionsConfig[ 'Value' ]
# Let's create a dictionary to use it with configMatch
policyResults = self._getPolicyResults( singlePolicyResults )
# Get policies that match the given decissionParameters
for policyActionName, policyActionConfig in policyActionsConfig.iteritems():
# The parameter policyType is mandatory. If not present, we pick policyActionName
try:
policyActionType = policyActionConfig[ 'actionType' ][ 0 ]
except KeyError:
policyActionType = policyActionName
# We get matchParams to be compared against decissionParams
policyActionMatchParams = policyActionConfig.get( 'matchParams', {} )
if not Utils.configMatch( decisionParams, policyActionMatchParams ):
continue
# Let's check single policy results
# Assumed structure:
# ...
# policyResults
# <PolicyName> = <PolicyResult1>,<PolicyResult2>...
policyActionPolicyResults = policyActionConfig.get( 'policyResults', {} )
if not Utils.configMatch( policyResults, policyActionPolicyResults ):
continue
# combinedResult
# \Status = X,Y
# \Reason = asdasd,asdsa
policyActionCombinedResult = policyActionConfig.get( 'combinedResult', {} )
if not Utils.configMatch( policyCombinedResults, policyActionCombinedResult ):
continue
# They may not be necessarily the same
policyActionsThatApply.append( ( policyActionName, policyActionType ) )
return S_OK( policyActionsThatApply )
