def GetAllAcl(): acl = [] try: with acl_cache_lock: for item in acl_cache.keys(): if item.startswith(RESOURCE_KEY_PREFIX): acl.extend(acl_cache[item]) except KeyError: pass if acl: return acl data_handler = None try: data_handler = DataHandler() acl = data_handler.GetAcl() resources = {} identities = {} for ace in acl: res_key = RESOURCE_KEY_PREFIX + ace["resource"] if res_key not in resources: resources[res_key] = [] resources[res_key].append(ace) id_key = IDENTITY_KEY_PREFIX + ace["identityName"] if id_key not in identities: identities[id_key] = [] identities[id_key].append(ace) with acl_cache_lock: acl_cache.update(resources) acl_cache.update(identities) except Exception as e: logger.warning("Fail to get all ACLs. Ex: %s", e) finally: if data_handler is not None: data_handler.Close() return acl
def GetAllAcl(): acl = [] try: with acl_cache_lock: for item in acl_cache.keys(): if item.startswith(resourceKeyPrefix): acl.extend(acl_cache[item]) except KeyError: pass if acl: return acl dataHandler = DataHandler() try: acl = dataHandler.GetAcl() resources = {} identities = {} for ace in acl: resourceKey = resourceKeyPrefix + ace["resource"] if resourceKey not in resources: resources[resourceKey] = [] resources[resourceKey].append(ace) identityKey = identityKeyPrefix + ace["identityName"] if identityKey not in identities: identities[identityKey] = [] identities[identityKey].append(ace) with acl_cache_lock: acl_cache.update(resources) acl_cache.update(identities) except Exception as e: logger.warn("Fail to get ACL for user %s, ex: %s", userName, str(e)) finally: dataHandler.Close() return acl
def __GetAccessibleAcl(userName, permissions): dataHandler = DataHandler() try: acl = dataHandler.GetAcl() ret = [] for ace in acl: if AuthorizationManager._HasAccess(userName, ace["resource"], permissions): #resource ret.append(ace) return ret except Exception as e: logger.error('Exception: ' + str(e)) logger.warn("Fail to get ACL for user %s, return empty list" % userName) return [] finally: dataHandler.Close()