|
|
|---|
| 951 |
"""Returns a virtual policy object containing the values that |
951 |
"""Returns a virtual policy object containing the values that |
| 952 |
the given object or container inherits""" |
952 |
the given object or container inherits""" |
| 953 |
def _thread( request ): |
953 |
def _thread( request ): |
| 954 |
try: |
954 |
|
| 955 |
object_type = request.options[0].get( 'objectType' ) |
955 |
object_dn = None |
| 956 |
object_dn = request.options[0].get( 'objectDN' ) |
956 |
container_dn = None |
| 957 |
container = request.options[0].get( 'container' ) |
|
|
| 958 |
except IndexError: |
| 959 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
| 960 |
obj = None |
957 |
obj = None |
| 961 |
if object_dn: |
958 |
|
| 962 |
module = UDM_Module( object_type ) |
959 |
def _get_object(_dn, _module): |
| 963 |
if module.module is None: |
960 |
'''Get existing UDM object and corresponding module. Verify user input.''' |
|
|
961 |
if _module.module is None: |
| 964 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
962 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
| 965 |
obj = module.get( object_dn ) |
963 |
_obj = _module.get( _dn ) |
| 966 |
elif container: |
964 |
if _obj is None: |
| 967 |
module = get_module( None, container ) |
965 |
raise UMC_OptionTypeError( 'The object could not be found' ) |
| 968 |
if module.module is None: |
966 |
return _obj, _module |
|
|
967 |
|
| 968 |
def _get_object_parts(_options): |
| 969 |
'''Get object related information and corresponding UDM object/module. Verify user input.''' |
| 970 |
try: |
| 971 |
_object_type = _options.get('objectType') |
| 972 |
_object_dn = _options.get('objectDN') |
| 973 |
_container_dn = _options.get('container') |
| 974 |
except IndexError: |
| 969 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
975 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
| 970 |
obj = module.get( container ) |
|
|
| 971 |
if obj is None: |
| 972 |
raise UMC_OptionTypeError( 'The object could not be found' ) |
| 973 |
|
976 |
|
|
|
977 |
if (object_dn, container_dn) == (_object_dn, _container_dn): |
| 978 |
# nothing has changed w.r.t. last entry -> return last values |
| 979 |
return (object_dn, container_dn, obj) |
| 980 |
|
| 981 |
_obj = None |
| 982 |
_module = None |
| 983 |
if _object_dn: |
| 984 |
# editing an exiting UDM object -> use the object itself |
| 985 |
_obj, _module = _get_object(_object_dn, UDM_Module(_object_type)) |
| 986 |
elif _container_dn: |
| 987 |
# editing a new (i.e. non existing) object -> use the parent container |
| 988 |
_obj, _module = _get_object(_container_dn, get_module(None, _container_dn)) |
| 989 |
|
| 990 |
return (_object_dn, _container_dn, _obj) |
| 991 |
|
| 992 |
def _get_policy_parts(_options): |
| 993 |
'''Get policy related UDM object and DN. Verify user input.''' |
| 994 |
_policy_type = _options.get( 'policyType' ) |
| 995 |
_policy_dn = _options.get( 'policyDN' ) |
| 996 |
|
| 997 |
_policy_obj, _policy_module = _get_object(_policy_dn, UDM_Module(_policy_type)) |
| 998 |
|
| 999 |
return (_policy_obj, _policy_dn) |
| 974 |
|
1000 |
|
| 975 |
ret = [] |
1001 |
ret = [] |
| 976 |
for policy_options in request.options: |
1002 |
for ioptions in request.options: |
| 977 |
policy_type = policy_options.get( 'policyType' ) |
1003 |
object_dn, container_dn, obj = _get_object_parts(ioptions) |
| 978 |
policy_dn = policy_options.get( 'policyDN' ) |
1004 |
policy_obj, policy_dn = _get_policy_parts(ioptions) |
| 979 |
|
1005 |
policy_obj.clone(obj) |
| 980 |
policy_module = UDM_Module( policy_type ) |
1006 |
|
| 981 |
if policy_module.module is None: |
1007 |
# There are 2x2x2 (=8) cases that may occur (c.f., Bug #31916): |
| 982 |
raise UMC_OptionTypeError( 'The given policy type is not valid' ) |
1008 |
# (1) |
| 983 |
|
1009 |
# [edit] editing existing UDM object |
| 984 |
policy_obj = policy_module.get() |
1010 |
# -> the existing UDM object itself is loaded |
| 985 |
policy_obj.clone( obj ) |
1011 |
# [new] virtually edit non-existing UDM object (when a new object is being created) |
| 986 |
# ensure that the object itself is ignored |
1012 |
# -> the parent container UDM object is loaded |
| 987 |
policy_obj.referring_object_position_dn = None |
1013 |
# (2) |
| 988 |
policy_obj.policy_result( faked_policy_reference = policy_dn ) |
1014 |
# [w/pol] UDM object has assigend policies in LDAP directory |
|
|
1015 |
# [w/o_pol] UDM object has no policies assigend in LDAP directory |
| 1016 |
# (3) |
| 1017 |
# [inherit] user request to (virtually) change the policy to 'inherited' |
| 1018 |
# [set_pol] user request to (virtually) assign a particular policy |
| 1019 |
faked_policy_reference = None |
| 1020 |
if object_dn and not policy_dn: |
| 1021 |
# case: [edit; w/pol; inherit] |
| 1022 |
# -> current policy is (virtually) overwritten with 'None' |
| 1023 |
faked_policy_reference = [None] |
| 1024 |
elif not object_dn and policy_dn: |
| 1025 |
# cases: |
| 1026 |
# * [new; w/pol; inherit] |
| 1027 |
# * [new; w/pol; set_pol] |
| 1028 |
# -> old + temporary policy are both (virtually) set at the parent container |
| 1029 |
faked_policy_reference = obj.policies + [policy_dn] |
| 1030 |
else: |
| 1031 |
# cases: |
| 1032 |
# * [new; w/o_pol; inherit] |
| 1033 |
# * [new; w/o_pol; set_pol] |
| 1034 |
# * [edit; w/pol; set_pol] |
| 1035 |
# * [edit; w/o_pol; inherit] |
| 1036 |
# * [edit; w/o_pol; set_pol] |
| 1037 |
faked_policy_reference = policy_dn |
| 989 |
|
1038 |
|
|
|
1039 |
policy_obj.policy_result( faked_policy_reference ) |
| 990 |
infos = copy.copy( policy_obj.polinfo_more ) |
1040 |
infos = copy.copy( policy_obj.polinfo_more ) |
| 991 |
for key, value in infos.items(): |
1041 |
for key, value in infos.items(): |
| 992 |
if key in policy_obj.polinfo: |
1042 |
if key in policy_obj.polinfo: |