def parse_permissions(permissions): roles = {} path_config = load_path_config() policy_dir = path_config.policy_dir if permissions is not None: for role_name in permissions: policy_name = permissions[role_name] policy_path = os.path.join(policy_dir, policy_name) rules = [] if os.path.exists(policy_path): with open(policy_path) as policy_file: rules = policy_file.read().splitlines() entries = [] for rule in rules: rule = rule.split(" ") if rule[0] == "PERMIT_KEY": entry = Policy.Entry(type=Policy.PERMIT_KEY, key=rule[1]) entries.append(entry) elif rule[0] == "DENY_KEY": entry = Policy.Entry(type=Policy.DENY_KEY, key=rule[1]) entries.append(entry) policy = Policy(name=policy_name, entries=entries) roles[role_name] = policy else: LOGGER.warning("%s does not exist. %s will not be set.", policy_path, role_name) if not roles: return None return roles
def make_policy(name, rules): entries = [] for rule in rules: rule = rule.split(" ") if rule[0] == "PERMIT_KEY": entry = Policy.Entry(type=Policy.PERMIT_KEY, key=rule[1]) entries.append(entry) elif rule[0] == "DENY_KEY": entry = Policy.Entry(type=Policy.DENY_KEY, key=rule[1]) entries.append(entry) policy = Policy(name=name, entries=entries) return policy
def add_policy(self, name, rules): entries = [] for rule in rules: rule = rule.split(" ") if rule[0] == "PERMIT_KEY": entry = Policy.Entry(type=Policy.PERMIT_KEY, key=rule[1]) entries.append(entry) elif rule[0] == "DENY_KEY": entry = Policy.Entry(type=Policy.DENY_KEY, key=rule[1]) entries.append(entry) policy = Policy(name=name, entries=entries) self.policies[name] = policy