def compile(source_text, filename='', content=None, credentials=None, verify=True, node=None): # Steps taken: # 1) Verify signature when credentials supplied # 2) parser .calvin file -> IR. May produce syntax errors/warnings # 3) checker IR -> IR. May produce syntax errors/warnings # 4) analyzer IR -> app. Should not fail. Sets 'valid' property of IR to True/False deployable = {'valid': False, 'actors': {}, 'connections': {}} errors = [] #TODO: fill in something meaningful warnings = [] if credentials: _log.debug("Check credentials...") sec = Security(node) sec.set_subject(credentials) if not sec.authenticate_subject(): _log.error("Check credentials...failed authentication") # This error reason is detected in calvin control and gives proper REST response errors.append({'reason': "401: UNAUTHORIZED", 'line': 0, 'col': 0}) return deployable, errors, warnings if (not sec.verify_signature_content(content, "application") or not sec.check_security_policy()): # Verification not OK if sign or cert not OK or if the signer is denied by security policies print "\n IN DEPLOYER\n " _log.error("Check credentials...failed application verification") # This error reason is detected in calvin control and gives proper REST response errors.append({'reason': "401: UNAUTHORIZED", 'line': None, 'col': None}) return deployable, errors, warnings _log.debug("Parsing...") ir, errors, warnings = calvin_parser(source_text, filename) _log.debug("Parsed %s, %s, %s" % (ir, errors, warnings)) # If there were errors during parsing no IR will be generated if not errors: c_errors, c_warnings = check(ir, verify=verify) errors.extend(c_errors) warnings.extend(c_warnings) deployable = generate_app_info(ir, verify=verify) if errors: deployable['valid'] = False _log.debug("Compiled %s, %s, %s" % (deployable, errors, warnings)) return deployable, errors, warnings
def compile_script_check_security(data, filename, cb, security=None, content=None, verify=True, node=None, signature=None): """ Compile a script and return a tuple (deployable, errors, warnings). 'credentials' are optional security credentials(?) 'verify' is deprecated and will be removed 'node' is the runtime performing security check(?) 'cb' is a CalvinCB callback N.B. If callback 'cb' is given, this method calls cb(deployable, errors, warnings) and returns None N.B. If callback 'cb' is given, and method runs to completion, cb is called with additional parameter 'security' (?) """ def _exit_with_error(callback): """Helper method to generate a proper error""" it = IssueTracker() it.add_error("UNAUTHORIZED", info={'status': 401}) callback({}, it) return def _handle_policy_decision(data, appname, verify, access_decision, org_cb, security=None): if not access_decision: _log.error("Access denied") # This error reason is detected in calvin control and gives proper REST response _exit_with_error(org_cb) return if 'app_info' not in data and 'script' in data: deployable, issuetracker = compile_script(data['script'], appname) elif 'app_info' in data: deployable = data['app_info'] issuetracker = IssueTracker() else: _log.error("Neither app_info or script supplied") # This error reason is detected in calvin control and gives proper REST response _exit_with_error(org_cb) return org_cb(deployable, issuetracker, security=security) # # Actual code for compile_script # appname = appname_from_filename(filename) # FIXME: if node is None we bypass security even if enabled. Is that the intention? if node is not None and security_enabled(): # FIXME: If cb is None, we will return from this method with None instead of a tuple, failing silently if security: sec = security else: sec = Security(node) verified, signer = sec.verify_signature_content(content, "application") if not verified: # Verification not OK if sign or cert not OK. _log.error("Failed application verification") # This error reason is detected in calvin control and gives proper REST response _exit_with_error(cb) return sec.check_security_policy(CalvinCB(_handle_policy_decision, data, appname, verify, security=security, org_cb=cb), element_type="application", element_value=signer) return # # We get here if node is None, or security is disabled # # This used to be # _handle_policy_decision(data, filename, verify, access_decision=True, security=None, org_cb=cb) # but since _handle_policy_decision is called with access_decision=True, security=None only compile_script would be called if 'app_info' not in data and 'script' in data: deployable, issuetracker = compile_script(data['script'], appname) elif 'app_info' in data: deployable = data['app_info'] issuetracker = IssueTracker() else: _log.error("Neither app_info or script supplied") # This error reason is detected in calvin control and gives proper REST response _exit_with_error(org_cb) return cb(deployable, issuetracker, security=None)
def compile_script_check_security(data, filename, cb, security=None, content=None, verify=True, node=None, signature=None): """ Compile a script and return a tuple (deployable, errors, warnings). 'credentials' are optional security credentials(?) 'verify' is deprecated and will be removed 'node' is the runtime performing security check(?) 'cb' is a CalvinCB callback N.B. If callback 'cb' is given, this method calls cb(deployable, errors, warnings) and returns None N.B. If callback 'cb' is given, and method runs to completion, cb is called with additional parameter 'security' (?) """ def _exit_with_error(callback): """Helper method to generate a proper error""" it = IssueTracker() it.add_error("UNAUTHORIZED", info={'status':401}) callback({}, it) return def _handle_policy_decision(data, appname, verify, access_decision, org_cb, security=None): if not access_decision: _log.error("Access denied") # This error reason is detected in calvin control and gives proper REST response _exit_with_error(org_cb) return if 'app_info' not in data and 'script' in data: deployable, issuetracker = compile_script(data['script'], appname) elif 'app_info' in data: deployable = data['app_info'] issuetracker = IssueTracker() else: _log.error("Neither app_info or script supplied") # This error reason is detected in calvin control and gives proper REST response _exit_with_error(org_cb) return org_cb(deployable, issuetracker, security=security) # # Actual code for compile_script # appname = appname_from_filename(filename) # FIXME: if node is None we bypass security even if enabled. Is that the intention? if node is not None and security_enabled(): # FIXME: If cb is None, we will return from this method with None instead of a tuple, failing silently if security: sec = security else: sec = Security(node) verified, signer = sec.verify_signature_content(content, "application") if not verified: # Verification not OK if sign or cert not OK. _log.error("Failed application verification") # This error reason is detected in calvin control and gives proper REST response _exit_with_error(cb) return sec.check_security_policy( CalvinCB(_handle_policy_decision, data, appname, verify, security=security, org_cb=cb), element_type = "application", element_value = signer ) return # # We get here if node is None, or security is disabled # # This used to be # _handle_policy_decision(data, filename, verify, access_decision=True, security=None, org_cb=cb) # but since _handle_policy_decision is called with access_decision=True, security=None only compile_script would be called if 'app_info' not in data and 'script' in data: deployable, issuetracker = compile_script(data['script'], appname) elif 'app_info' in data: deployable = data['app_info'] issuetracker = IssueTracker() else: _log.error("Neither app_info or script supplied") # This error reason is detected in calvin control and gives proper REST response _exit_with_error(org_cb) return cb(deployable, issuetracker, security=None)