def init():
# Set up logger.
root = logging.getLogger()
root.setLevel(logging.DEBUG)
root.addHandler(logging.StreamHandler())
# Here we instantiate the Policy Storage.
# We can opt to SQL, Memory or MongoDB Storage, any other third-party storage, etc.
def create_sql_storage(dsn):
engine = create_engine(dsn, echo=True)
Base.metadata.create_all(engine)
session = scoped_session(sessionmaker(bind=engine))
return SQLStorage(scoped_session=session)
use_storage = os.environ.get('STORAGE')
print('storage is ', use_storage)
if use_storage == 'mongo':
user, password, host = 'root', 'example', 'localhost:27017'
uri = 'mongodb://%s:%s@%s' % (user, password, host)
st = MongoStorage(MongoClient(host=host), 'vakt_db', collection='vakt_book_library')
elif use_storage == 'mysql':
st = create_sql_storage('mysql://*****:*****@localhost/vakt_db')
elif use_storage == 'pg':
st = create_sql_storage('postgresql+psycopg2://postgres:root@localhost/vakt_db')
else:
st = MemoryStorage()
# And persist all our Policies so that to start serving our library.
for p in policies:
st.add(p)
# Create global guard instance
global guard
guard = Guard(st, RegexChecker())
def _create_storage():
# Here we instantiate the Policy Storage.
# In this case it's Memory or MongoDB Storage,
# but we can opt to SQL Storage, any other third-party storage, etc.
def create_sql_storage(dsn):
engine = create_engine(dsn, echo=True)
Base.metadata.create_all(engine)
session = scoped_session(sessionmaker(bind=engine))
return SQLStorage(scoped_session=session)
print('storage is ', os.environ.get('STORAGE'))
use_storage = os.environ.get('STORAGE')
if use_storage == 'mongo':
user, password, host = 'root', 'root', 'localhost:27017'
uri = 'mongodb://%s:%s@%s' % (user, password, host)
return MongoStorage(pymongo.MongoClient(host=host),
'vakt_db',
collection='vakt_github_guard')
elif use_storage == 'mysql':
return create_sql_storage(
'mysql+pymysql://root:root@localhost/vakt_db')
elif use_storage == 'pg':
return create_sql_storage(
'postgresql+psycopg2://postgres:root@localhost/vakt_db')
else:
return vakt.MemoryStorage()
def get_storage():
if ARGS.storage == 'mongo':
db_name = 'vakt_db'
collection = 'vakt_policies_benchmark'
client = MongoClient('127.0.0.1', 27017)
yield MongoStorage(client, db_name, collection=collection)
client[db_name][collection].delete_many({})
client.close()
elif ARGS.storage == 'sql':
engine = create_engine(ARGS.sql_dsn)
sql_session = scoped_session(sessionmaker(bind=engine))
storage = SQLStorage(scoped_session=sql_session)
migration = SQLMigrationSet(storage)
migration.up()
yield storage
# todo - why is there left an uncommitted transaction?
sql_session.commit()
migration.down()
if ARGS.storage == 'redis':
collection = 'vakt_policies_benchmark'
client = Redis('127.0.0.1', 6379, db=0)
if ARGS.serializer == 'json':
serializer = JSONSerializer()
elif ARGS.serializer == 'pickle':
serializer = PickleSerializer()
else:
serializer = None
yield RedisStorage(client, collection=collection, serializer=serializer)
client.flushdb()
client.close()
else:
yield MemoryStorage()
def get_storage():
if ARGS.storage == 'mongo':
db_name = 'vakt_db'
collection = 'vakt_policies_benchmark'
client = MongoClient('127.0.0.1', 27017)
yield MongoStorage(client, db_name, collection=collection)
client[db_name][collection].delete_many({})
client.close()
else:
yield MemoryStorage()
def _create_storage():
# Here we instantiate the Policy Storage.
# In this case it's Memory or MongoDB Storage,
# but we can opt to SQL Storage, any other third-party storage, etc.
print('st', os.environ.get('STORAGE'))
if os.environ.get('STORAGE') == 'mongo':
user, password, host = 'root', 'root', 'localhost:27017'
uri = 'mongodb://%s:%s@%s' % (user, password, host)
return MongoStorage(pymongo.MongoClient(host=host),
'vakt_db',
collection='vakt_book_library')
else:
return vakt.MemoryStorage()
def init():
# Set up logger.
root = logging.getLogger()
root.setLevel(logging.DEBUG)
root.addHandler(logging.StreamHandler())
# Here we instantiate the Policy Storage.
# In this case it's Memory or MongoDB Storage, but we can opt to SQL Storage, any other third-party storage, etc.
if os.environ.get('STORAGE') == 'mongo':
user, password, host = 'root', 'example', 'localhost:27017'
uri = 'mongodb://%s:%s@%s' % (user, password, host)
st = MongoStorage(MongoClient(host=host),
'vakt_db',
collection='vakt_book_library')
else:
st = MemoryStorage()
# And persist all our Policies so that to start serving our library.
for p in policies:
st.add(p)
# Create global guard instance
global guard
guard = Guard(st, RegexChecker())
def get_storage():
if ARGS.storage == 'mongo':
db_name = 'vakt_db'
collection = 'vakt_policies_benchmark'
client = MongoClient('127.0.0.1', 27017)
yield MongoStorage(client, db_name, collection=collection)
client[db_name][collection].delete_many({})
client.close()
elif ARGS.storage == 'sql':
engine = create_engine(ARGS.sql_dsn)
sql_session = scoped_session(sessionmaker(bind=engine))
storage = SQLStorage(scoped_session=sql_session)
migration = SQLMigrationSet(storage)
migration.up()
yield storage
# todo - why is there left an uncommitted transaction?
sql_session.commit()
migration.down()
else:
yield MemoryStorage()
def __init__(self, config_file='options.conf'):
config = configparser.ConfigParser()
config.read(config_file)
try:
client = MongoClient(config['mongodb']['host'],
int(config['mongodb']['port']))
self._mongo_client = client
self._raw_policy_collection = client.get_database(
config['mongodb']['db']).get_collection(
config['mongodb']['raw_collection'])
self._storage = MongoStorage(client,
config['mongodb']['collection'])
self._influxdb = DataDB()
self._pgdb = PGDB()
except KeyError as v:
ex_str = None
if 'v' == 'mongodb':
ex_str = f"Configuration file error: \"{config_file}\" has no 'mongodb' section."
else:
ex_str = f"Configuration file error: \"{config_file}\" has no {str(v)} value defined on 'mongodb' section."
raise Irreversible(ex_str)
import atexit
from pymongo import MongoClient
from vakt import Policy, ALLOW_ACCESS
from vakt.storage.mongo import MongoStorage, MongoMigrationSet
from vakt.storage.migration import Migrator
# setup logging
root = logging.getLogger()
root.setLevel(logging.DEBUG)
root.addHandler(logging.StreamHandler())
# create storage object
client = MongoClient('localhost', 27017)
storage = MongoStorage(client,
'vakt_policies_migration_test',
collection='policies')
# save some policies
storage.add(
Policy('a',
actions=['<get.*>'],
resources=['test:<.*>', 'prod:<.*>'],
subjects=['Max'],
effect=ALLOW_ACCESS))
storage.add(
Policy('b', actions=['post'], resources=['<.*>'], subjects=['<.*>']))
# create a migrator
migrator = Migrator(MongoMigrationSet(storage))
def st(self):
client = create_client()
yield MongoStorage(client, DB_NAME, collection=COLLECTION)
client[DB_NAME][COLLECTION].remove()
client.close()
def migration(self):
client = create_client()
storage = MongoStorage(client, DB_NAME, collection=COLLECTION)
yield Migration0To1x0x3(storage)
client[DB_NAME][COLLECTION].remove()
client.close()