def get_client_policy(
client,
scope=None,
action=None,
realm=None,
user=None,
find_resolver=True,
userObj=None,
active_only=True,
):
"""
This function returns the dictionary of policies for the given client.
1. First it searches for all policies matching (scope, action, realm) and
checks, whether the given client is contained in the policy field client.
If no policy for the given client is found it takes the policy without
a client
2. Then it strips down the returnable policies to those, that only contain
the username - UNLESS - none of the above policies contains a username
3. then we try to find resolvers in the username (OPTIONAL)
4. if nothing matched so far, we try the extended policy check
"""
policy_eval = PolicyEvaluator(get_policies())
if realm:
policy_eval.filter_for_realm(realm)
if scope:
policy_eval.filter_for_scope(scope)
if action:
policy_eval.filter_for_action(action)
if client:
policy_eval.filter_for_client(client)
policy_eval.filter_for_time()
if active_only:
policy_eval.filter_for_active(state=True)
if userObj:
policy_eval.filter_for_user(userObj)
elif user:
policy_eval.filter_for_user(user)
policies = policy_eval.evaluate()
return policies
def new_get_client_policy(client, scope=None, action=None, realm=None,
user=None, find_resolver=True, userObj=None,
active_only=True):
'''
This function returns the dictionary of policies for the given client.
1. First it searches for all policies matching (scope, action, realm) and
checks, whether the given client is contained in the policy field client.
If no policy for the given client is found it takes the policy without
a client
2. Then it strips down the returnable policies to those, that only contain
the username - UNLESS - none of the above policies contains a username
3. then we try to find resolvers in the username (OPTIONAL)
4. if nothing matched so far, we try the extended policy check
'''
policy_eval = PolicyEvaluator(get_policies())
if realm:
policy_eval.filter_for_realm(realm)
if scope:
policy_eval.filter_for_scope(scope)
if action:
policy_eval.filter_for_action(action)
if client:
policy_eval.filter_for_client(client)
policy_eval.filter_for_time()
if active_only:
policy_eval.filter_for_active(state=True)
if userObj:
policy_eval.filter_for_user(userObj)
elif user:
policy_eval.filter_for_user(user)
policies = policy_eval.evaluate(multiple=False)
return policies
def new_getPolicy(param, only_active=True):
'''
Function to retrieve the list of policies.
attributes:
- name: (optional) will only return the policy with the name
- user: (optional) will only return the policies for this user
- realm: (optional) will only return the policies of this realm
- scope: (optional) will only return the policies within this scope
- action: (optional) will only return the policies with this action
The action can also be something like "otppin" and will
return policies containing "otppin = 2"
:return: a dictionary with the policies. The name of the policy being
the key
'''
#
# filter the policies with the new engine
policy_elve = PolicyEvaluator(get_policies())
#
# install the filters
policy_elve.set_filters(params=param)
#
# add the special filter for activ or inactive policies
if only_active:
policy_elve.filter_for_active(state=True)
if (('user' in param and param['user'] is not None)
or ('action' in param and param['action'] is not None)):
policy_elve.filter_for_time()
#
# finally we apply the filter
new_pols = policy_elve.evaluate()
return new_pols
def new_getPolicy(param, only_active=True):
'''
Function to retrieve the list of policies.
attributes:
- name: (optional) will only return the policy with the name
- user: (optional) will only return the policies for this user
- realm: (optional) will only return the policies of this realm
- scope: (optional) will only return the policies within this scope
- action: (optional) will only return the policies with this action
The action can also be something like "otppin" and will
return policies containing "otppin = 2"
:return: a dictionary with the policies. The name of the policy being
the key
'''
#
# filter the policies with the new engine
policy_elve = PolicyEvaluator(get_policies())
#
# install the filters
policy_elve.set_filters(params=param)
#
# add the special filter for activ or inactive policies
if only_active:
policy_elve.filter_for_active(state=True)
if (('user' in param and param['user'] is not None) or
('action' in param and param['action'] is not None)):
policy_elve.filter_for_time()
#
# finally we apply the filter
new_pols = policy_elve.evaluate()
return new_pols
