def _getAuthorization(scope, action): """ migration stub for the new policy engine """ use_new_one = boolean(context['Config'].get('NewPolicyEvaluation', False)) compare = boolean(context['Config'].get('NewPolicyEvaluation.compare', False)) if use_new_one or compare: new_pols = new_getAuthorization(scope, action) if not use_new_one or compare: old_pols = legacy_getAuthorization(scope, action) if use_new_one: return_policies = new_pols else: return_policies = old_pols if not compare: return return_policies if not are_the_same(old_pols, new_pols): LOG.error('PolicyEvaluation is not the same for params %r,%r', scope, action) LOG.error('old: new %r <> %r', old_pols, new_pols) return return_policies
def getPolicy(param, only_active=False): """ migration method for the getPolicy old and new """ use_new_one = boolean(context['Config'].get('NewPolicyEvaluation', False)) compare = boolean(context['Config'].get('NewPolicyEvaluation.compare', False)) if use_new_one or compare: pols_new = new_getPolicy(param, only_active=only_active) if not use_new_one or compare: pols_old = legacy_getPolicy(param, only_active=only_active) if use_new_one: return_policies = pols_new else: return_policies = pols_old if return_policies: pass if not compare: return return_policies if not are_the_same(pols_old, pols_new): LOG.error('PolicyEvaluation is not the same for params %r', param) LOG.error('old: new %r <> %r', pols_old, pols_new) return return_policies
def search_policy(param, only_active=True): """ migration stub for the new policy engine """ use_new_one = boolean(context['Config'].get('NewPolicyEvaluation', False)) compare = boolean(context['Config'].get('NewPolicyEvaluation.compare', False)) if use_new_one or compare: pols_new = new_search_policy(param, only_active=only_active) if not use_new_one or compare: pols_old = legacy_getPolicy(param, only_active=only_active) if use_new_one: return_policies = pols_new else: return_policies = pols_old if not compare: return return_policies if not are_the_same(pols_old, pols_new): LOG.error('PolicyEvaluation is not the same for params %r', param) LOG.error('old: new %r <> %r', pols_old, pols_new) return return_policies
def _getAuthorization(scope, action): """ migration stub for the new policy engine """ use_new_one = boolean(context['Config'].get( 'NewPolicyEvaluation', False)) compare = boolean(context['Config'].get( 'NewPolicyEvaluation.compare', False)) if use_new_one or compare: new_pols = new_getAuthorization(scope, action) if not use_new_one or compare: old_pols = legacy_getAuthorization(scope, action) if use_new_one: return_policies = new_pols else: return_policies = old_pols if not compare: return return_policies if not are_the_same(old_pols, new_pols): LOG.error('PolicyEvaluation is not the same for params %r,%r', scope, action) LOG.error('old: new %r <> %r', old_pols, new_pols) return return_policies
def search_policy(param, only_active=True): """ migration stub for the new policy engine """ use_new_one = boolean(context['Config'].get( 'NewPolicyEvaluation', False)) compare = boolean(context['Config'].get( 'NewPolicyEvaluation.compare', False)) if use_new_one or compare: pols_new = new_search_policy(param, only_active=only_active) if not use_new_one or compare: pols_old = legacy_getPolicy(param, only_active=only_active) if use_new_one: return_policies = pols_new else: return_policies = pols_old if not compare: return return_policies if not are_the_same(pols_old, pols_new): LOG.error('PolicyEvaluation is not the same for params %r', param) LOG.error('old: new %r <> %r', pols_old, pols_new) return return_policies
def has_client_policy(client, scope=None, action=None, realm=None, user=None, find_resolver=True, userObj=None, active_only=True): """ migration stub for the new policy engine Remark: has_client_policy is different to the method get_client_policy as the filters for the has_client_policy are reseted after usage """ use_new_one = boolean(context['Config'].get('NewPolicyEvaluation', False)) compare = boolean(context['Config'].get('NewPolicyEvaluation.compare', False)) if use_new_one or compare: new_pols = new_has_client_policy(client, scope=scope, action=action, realm=realm, user=user, find_resolver=find_resolver, userObj=userObj, active_only=active_only) if not use_new_one or compare: old_pols = legacy_get_client_policy(client, scope=scope, action=action, realm=realm, user=user, find_resolver=find_resolver, userObj=userObj) if use_new_one: return_policies = new_pols else: return_policies = old_pols if not compare: return return_policies if not are_the_same(old_pols, new_pols): LOG.error('PolicyEvaluation is not the same for params %r', client) LOG.error('old: new %r <> %r', old_pols, new_pols) return return_policies
def get_client_policy(client, scope=None, action=None, realm=None, user=None, find_resolver=True, userObj=None, active_only=True): """ migration stub for the new policy engine """ use_new_one = boolean(context['Config'].get('NewPolicyEvaluation', False)) compare = boolean(context['Config'].get('NewPolicyEvaluation.compare', False)) if use_new_one or compare: pols_new = new_get_client_policy(client, scope=scope, action=action, realm=realm, user=user, find_resolver=find_resolver, userObj=userObj, active_only=active_only) if not use_new_one or compare: pols_old = legacy_get_client_policy(client, scope=scope, action=action, realm=realm, user=user, find_resolver=find_resolver, userObj=userObj) if use_new_one: return_policies = pols_new else: return_policies = pols_old if not compare: return return_policies if not are_the_same(pols_old, pols_new): LOG.error('PolicyEvaluation is not the same for params %r', client) LOG.error('old: new %r <> %r', pols_old, pols_new) return return_policies
def has_client_policy(client, scope=None, action=None, realm=None, user=None, find_resolver=True, userObj=None, active_only=True): """ migration stub for the new policy engine Remark: has_client_policy is different to the method get_client_policy as the filters for the has_client_policy are reseted after usage """ use_new_one = boolean(context['Config'].get( 'NewPolicyEvaluation', False)) compare = boolean(context['Config'].get( 'NewPolicyEvaluation.compare', False)) if use_new_one or compare: new_pols = new_has_client_policy(client, scope=scope, action=action, realm=realm, user=user, find_resolver=find_resolver, userObj=userObj, active_only=active_only) if not use_new_one or compare: old_pols = legacy_get_client_policy(client, scope=scope, action=action, realm=realm, user=user, find_resolver=find_resolver, userObj=userObj) if use_new_one: return_policies = new_pols else: return_policies = old_pols if not compare: return return_policies if not are_the_same(old_pols, new_pols): LOG.error('PolicyEvaluation is not the same for params %r', client) LOG.error('old: new %r <> %r', old_pols, new_pols) return return_policies
def get_client_policy(client, scope=None, action=None, realm=None, user=None, find_resolver=True, userObj=None, active_only=True): """ migration stub for the new policy engine """ use_new_one = boolean(context['Config'].get( 'NewPolicyEvaluation', False)) compare = boolean(context['Config'].get( 'NewPolicyEvaluation.compare', False)) if use_new_one or compare: pols_new = new_get_client_policy(client, scope=scope, action=action, realm=realm, user=user, find_resolver=find_resolver, userObj=userObj, active_only=active_only) if not use_new_one or compare: pols_old = legacy_get_client_policy(client, scope=scope, action=action, realm=realm, user=user, find_resolver=find_resolver, userObj=userObj) if use_new_one: return_policies = pols_new else: return_policies = pols_old if not compare: return return_policies if not are_the_same(pols_old, pols_new): LOG.error('PolicyEvaluation is not the same for params %r', client) LOG.error('old: new %r <> %r', pols_old, pols_new) return return_policies