Exemplo n.º 1
0
def _set_policy(data, context):
    new_policy = Policy()
    new_policy.ParseFromString(data)

    if not new_policy.entries:
        raise InvalidTransaction("Atleast one entry must be in a policy.")

    if not new_policy.name:
        raise InvalidTransaction("The name must be set in a policy.")

    # check entries in the policy
    for entry in new_policy.entries:
        if not entry.key:
            raise InvalidTransaction("Every policy entry must have a key.")

    address = _get_policy_address(new_policy.name)
    entries_list = _get_data(address, context)

    policy_list = PolicyList()
    policies = []

    if entries_list != []:
        policy_list.ParseFromString(entries_list[0].data)

        # sort all roles by using sorted(roles, policy.name)
        # if a policy with the same name exists, replace that policy
        policies = [
            x for x in policy_list.policies if x.name != new_policy.name
        ]
        policies.append(new_policy)
        policies = sorted(policies, key=lambda role: role.name)
    else:
        policies.append(new_policy)

    address = _get_policy_address(new_policy.name)

    # Store policy in a PolicyList incase of hash collisions
    new_policy_list = PolicyList(policies=policies)
    addresses = context.set_state([
        StateEntry(address=address, data=new_policy_list.SerializeToString())
    ])

    if not addresses:
        LOGGER.warning('Failed to set policy %s at %s', new_policy.name,
                       address)
        raise InternalError('Unable to save policy {}'.format(new_policy.name))

    context.add_event(event_type="identity_update",
                      attributes=[("updated", new_policy.name)])
    LOGGER.debug("Set policy : \n%s", new_policy)
Exemplo n.º 2
0
    def _create_tp_process_request(self, payload):
        inputs = []
        outputs = []
        if payload.type == IdentityPayload.ROLE:
            role = Role()
            role.ParseFromString(payload.data)
            inputs = [self._role_to_address(role.name),
                      self._policy_to_address(role.policy_name)]

            outputs = [self._role_to_address(role.name)]
        else:
            policy = Policy()
            policy.ParseFromString(payload.data)
            inputs = [self._policy_to_address(policy.name)]

            outputs = [self._role_to_address(policy.name)]

        return self._factory.create_tp_process_request(
            payload.SerializeToString(), inputs, outputs, [])