|
951 |
"""Returns a virtual policy object containing the values that |
951 |
"""Returns a virtual policy object containing the values that |
952 |
the given object or container inherits""" |
952 |
the given object or container inherits""" |
953 |
def _thread( request ): |
953 |
def _thread( request ): |
954 |
try: |
954 |
|
955 |
object_type = request.options[0].get( 'objectType' ) |
955 |
object_dn = None |
956 |
object_dn = request.options[0].get( 'objectDN' ) |
956 |
container_dn = None |
957 |
container = request.options[0].get( 'container' ) |
|
|
958 |
except IndexError: |
959 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
960 |
obj = None |
957 |
obj = None |
961 |
if object_dn: |
958 |
|
962 |
module = UDM_Module( object_type ) |
959 |
def _get_object(_dn, _module): |
963 |
if module.module is None: |
960 |
'''Get existing UDM object and corresponding module. Verify user input.''' |
|
|
961 |
if _module.module is None: |
964 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
962 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
965 |
obj = module.get( object_dn ) |
963 |
_obj = _module.get( _dn ) |
966 |
elif container: |
964 |
if _obj is None: |
967 |
module = get_module( None, container ) |
965 |
raise UMC_OptionTypeError( 'The object could not be found' ) |
968 |
if module.module is None: |
966 |
return _obj, _module |
|
|
967 |
|
968 |
def _get_object_parts(_options): |
969 |
'''Get object related information and corresponding UDM object/module. Verify user input.''' |
970 |
try: |
971 |
_object_type = _options.get('objectType') |
972 |
_object_dn = _options.get('objectDN') |
973 |
_container_dn = _options.get('container') |
974 |
except IndexError: |
969 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
975 |
raise UMC_OptionTypeError( 'The given object type is not valid' ) |
970 |
obj = module.get( container ) |
|
|
971 |
if obj is None: |
972 |
raise UMC_OptionTypeError( 'The object could not be found' ) |
973 |
|
976 |
|
|
|
977 |
if (object_dn, container_dn) == (_object_dn, _container_dn): |
978 |
# nothing has changed w.r.t. last entry -> return last values |
979 |
return (object_dn, container_dn, obj) |
980 |
|
981 |
_obj = None |
982 |
_module = None |
983 |
if _object_dn: |
984 |
# editing an exiting UDM object -> use the object itself |
985 |
_obj, _module = _get_object(_object_dn, UDM_Module(_object_type)) |
986 |
elif _container_dn: |
987 |
# editing a new (i.e. non existing) object -> use the parent container |
988 |
_obj, _module = _get_object(_container_dn, get_module(None, _container_dn)) |
989 |
|
990 |
return (_object_dn, _container_dn, _obj) |
991 |
|
992 |
def _get_policy_parts(_options): |
993 |
'''Get policy related UDM object and DN. Verify user input.''' |
994 |
_policy_type = _options.get( 'policyType' ) |
995 |
_policy_dn = _options.get( 'policyDN' ) |
996 |
|
997 |
_policy_obj, _policy_module = _get_object(_policy_dn, UDM_Module(_policy_type)) |
998 |
|
999 |
return (_policy_obj, _policy_dn) |
974 |
|
1000 |
|
975 |
ret = [] |
1001 |
ret = [] |
976 |
for policy_options in request.options: |
1002 |
for ioptions in request.options: |
977 |
policy_type = policy_options.get( 'policyType' ) |
1003 |
object_dn, container_dn, obj = _get_object_parts(ioptions) |
978 |
policy_dn = policy_options.get( 'policyDN' ) |
1004 |
policy_obj, policy_dn = _get_policy_parts(ioptions) |
979 |
|
1005 |
policy_obj.clone(obj) |
980 |
policy_module = UDM_Module( policy_type ) |
1006 |
|
981 |
if policy_module.module is None: |
1007 |
# There are 2x2x2 (=8) cases that may occur (c.f., Bug #31916): |
982 |
raise UMC_OptionTypeError( 'The given policy type is not valid' ) |
1008 |
# (1) |
983 |
|
1009 |
# [edit] editing existing UDM object |
984 |
policy_obj = policy_module.get() |
1010 |
# -> the existing UDM object itself is loaded |
985 |
policy_obj.clone( obj ) |
1011 |
# [new] virtually edit non-existing UDM object (when a new object is being created) |
986 |
# ensure that the object itself is ignored |
1012 |
# -> the parent container UDM object is loaded |
987 |
policy_obj.referring_object_position_dn = None |
1013 |
# (2) |
988 |
policy_obj.policy_result( faked_policy_reference = policy_dn ) |
1014 |
# [w/pol] UDM object has assigend policies in LDAP directory |
|
|
1015 |
# [w/o_pol] UDM object has no policies assigend in LDAP directory |
1016 |
# (3) |
1017 |
# [inherit] user request to (virtually) change the policy to 'inherited' |
1018 |
# [set_pol] user request to (virtually) assign a particular policy |
1019 |
faked_policy_reference = None |
1020 |
if object_dn and not policy_dn: |
1021 |
# case: [edit; w/pol; inherit] |
1022 |
# -> current policy is (virtually) overwritten with 'None' |
1023 |
faked_policy_reference = [None] |
1024 |
elif not object_dn and policy_dn: |
1025 |
# cases: |
1026 |
# * [new; w/pol; inherit] |
1027 |
# * [new; w/pol; set_pol] |
1028 |
# -> old + temporary policy are both (virtually) set at the parent container |
1029 |
faked_policy_reference = obj.policies + [policy_dn] |
1030 |
else: |
1031 |
# cases: |
1032 |
# * [new; w/o_pol; inherit] |
1033 |
# * [new; w/o_pol; set_pol] |
1034 |
# * [edit; w/pol; set_pol] |
1035 |
# * [edit; w/o_pol; inherit] |
1036 |
# * [edit; w/o_pol; set_pol] |
1037 |
faked_policy_reference = policy_dn |
989 |
|
1038 |
|
|
|
1039 |
policy_obj.policy_result( faked_policy_reference ) |
990 |
infos = copy.copy( policy_obj.polinfo_more ) |
1040 |
infos = copy.copy( policy_obj.polinfo_more ) |
991 |
for key, value in infos.items(): |
1041 |
for key, value in infos.items(): |
992 |
if key in policy_obj.polinfo: |
1042 |
if key in policy_obj.polinfo: |