def GetAllAcl():
acl = []
try:
with acl_cache_lock:
for item in acl_cache.keys():
if item.startswith(RESOURCE_KEY_PREFIX):
acl.extend(acl_cache[item])
except KeyError:
pass
if acl:
return acl
data_handler = None
try:
data_handler = DataHandler()
acl = data_handler.GetAcl()
resources = {}
identities = {}
for ace in acl:
res_key = RESOURCE_KEY_PREFIX + ace["resource"]
if res_key not in resources:
resources[res_key] = []
resources[res_key].append(ace)
id_key = IDENTITY_KEY_PREFIX + ace["identityName"]
if id_key not in identities:
identities[id_key] = []
identities[id_key].append(ace)
with acl_cache_lock:
acl_cache.update(resources)
acl_cache.update(identities)
except Exception as e:
logger.warning("Fail to get all ACLs. Ex: %s", e)
finally:
if data_handler is not None:
data_handler.Close()
return acl
def GetAllAcl():
acl = []
try:
with acl_cache_lock:
for item in acl_cache.keys():
if item.startswith(resourceKeyPrefix):
acl.extend(acl_cache[item])
except KeyError:
pass
if acl:
return acl
dataHandler = DataHandler()
try:
acl = dataHandler.GetAcl()
resources = {}
identities = {}
for ace in acl:
resourceKey = resourceKeyPrefix + ace["resource"]
if resourceKey not in resources:
resources[resourceKey] = []
resources[resourceKey].append(ace)
identityKey = identityKeyPrefix + ace["identityName"]
if identityKey not in identities:
identities[identityKey] = []
identities[identityKey].append(ace)
with acl_cache_lock:
acl_cache.update(resources)
acl_cache.update(identities)
except Exception as e:
logger.warn("Fail to get ACL for user %s, ex: %s", userName,
str(e))
finally:
dataHandler.Close()
return acl
def __GetAccessibleAcl(userName, permissions):
dataHandler = DataHandler()
try:
acl = dataHandler.GetAcl()
ret = []
for ace in acl:
if AuthorizationManager._HasAccess(userName, ace["resource"],
permissions): #resource
ret.append(ace)
return ret
except Exception as e:
logger.error('Exception: ' + str(e))
logger.warn("Fail to get ACL for user %s, return empty list" %
userName)
return []
finally:
dataHandler.Close()
