Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / keystone / e124c3b316223fad6c0d54abf0a474f5337cfd2d / . / _modules / keystone_policy.py
blob: 4803150db34e4fc3c9b7fc1de78e9780fac22b59 [file] [log] [blame]
Adam Tenglerb1ebaca2017-05-04 21:06:08 +0000[diff] [blame]1import io
2import json
3import logging
4
Alexey Stupnikove124c3b2017-10-19 19:58:09 +0300[diff] [blame^]5from collections import OrderedDict
6
Kirill Bespalov4fe0d082017-06-29 19:02:13 +0300[diff] [blame]7import yaml
8
Adam Tenglerb1ebaca2017-05-04 21:06:08 +0000[diff] [blame]9LOG = logging.getLogger(__name__)
10
11
12def __virtual__():
13 return True
14
15
16def rule_list(path, **kwargs):
17 try:
18 with io.open(path, 'r') as file_handle:
Kirill Bespalov4fe0d082017-06-29 19:02:13 +0300[diff] [blame]19 rules = yaml.safe_load(file_handle) or {}
Alexey Stupnikove124c3b2017-10-19 19:58:09 +0300[diff] [blame^]20 rules = OrderedDict(str(k): str(v) for (k, v) in rules.items())
Adam Tenglerb1ebaca2017-05-04 21:06:08 +0000[diff] [blame]21 except Exception as e:
Kirill Bespalov4fe0d082017-06-29 19:02:13 +0300[diff] [blame]22 msg = "Unable to load policy file %s: %s" % (path, repr(e))
Adam Tenglerb1ebaca2017-05-04 21:06:08 +0000[diff] [blame]23 LOG.debug(msg)
24 rules = {'Error': msg}
25 return rules
26
27
28def rule_delete(name, path, **kwargs):
29 ret = {}
30 rules = __salt__['keystone_policy.rule_list'](path, **kwargs)
31 if 'Error' not in rules:
32 if name not in rules:
33 return ret
34 del rules[name]
35 try:
36 with io.open(path, 'w') as file_handle:
Kirill Bespalov4fe0d082017-06-29 19:02:13 +0300[diff] [blame]37 if path.endswith('json'):
38 serialized = json.dumps(rules, indent=4)
39 else:
40 serialized = yaml.safe_dump(rules, indent=4)
41 file_handle.write(unicode(serialized))
Adam Tenglerb1ebaca2017-05-04 21:06:08 +0000[diff] [blame]42 except Exception as e:
Kirill Bespalov4fe0d082017-06-29 19:02:13 +0300[diff] [blame]43 msg = "Unable to save policy file: %s" % repr(e)
Adam Tenglerb1ebaca2017-05-04 21:06:08 +0000[diff] [blame]44 LOG.error(msg)
45 return {'Error': msg}
46 ret = 'Rule {0} deleted'.format(name)
47 return ret
48
49
50def rule_set(name, rule, path, **kwargs):
51 rules = __salt__['keystone_policy.rule_list'](path, **kwargs)
52 if 'Error' not in rules:
53 if name in rules and rules[name] == rule:
54 return {name: 'Rule %s already exists and is in correct state' % name}
55 rules.update({name: rule})
56 try:
57 with io.open(path, 'w') as file_handle:
Kirill Bespalov4fe0d082017-06-29 19:02:13 +0300[diff] [blame]58 if path.endswith('json'):
59 serialized = json.dumps(rules, indent=4)
60 else:
61 serialized = yaml.safe_dump(rules, indent=4)
62 file_handle.write(unicode(serialized))
Adam Tenglerb1ebaca2017-05-04 21:06:08 +0000[diff] [blame]63 except Exception as e:
Kirill Bespalov4fe0d082017-06-29 19:02:13 +0300[diff] [blame]64 msg = "Unable to save policy file %s: %s" % (path, repr(e))
Adam Tenglerb1ebaca2017-05-04 21:06:08 +0000[diff] [blame]65 LOG.error(msg)
66 return {'Error': msg}
67 return rule_get(name, path, **kwargs)
68 return rules
69
70
71def rule_get(name, path, **kwargs):
72 ret = {}
73 rules = __salt__['keystone_policy.rule_list'](path, **kwargs)
74 if 'Error' in rules:
75 ret['Error'] = rules['Error']
76 elif name in rules:
77 ret[name] = rules.get(name)
78
79 return ret
80