import requests
from connexion import NoContent
-from flask import Flask, escape, request, Response, make_response
+from flask import Flask, request, Response
from jsonschema import validate
from var_declaration import policy_instances, policy_types, policy_status, callbacks, forced_settings, policy_fingerprint, hosts_set
from utils import calcFingerprint
from maincommon import check_apipath, apipath, get_supported_interfaces_response, extract_host_name, is_duplicate_check
+from models.enforceStatus import EnforceStatus
-#Constsants
+# Constants
APPL_JSON='application/json'
APPL_PROB_JSON='application/problem+json'
EXT_SRV_URL=os.getenv('EXT_SRV_URL')
-
+KAFKA_DISPATCHER_URL=os.getenv('KAFKA_DISPATCHER_URL')
# API Function: Get all policy type ids
def get_all_policy_types():
return r
res = list(policy_types.keys())
- return (res, 200)
+ return Response(json.dumps(res), 200, mimetype=APPL_JSON)
# API Function: Get a policy type
def get_policy_type(policyTypeId):
pjson=create_problem_json(None, "The policy type does not exist.", 404, None, policy_type_id)
return Response(json.dumps(pjson), 404, mimetype=APPL_PROB_JSON)
- return (list(policy_instances[policy_type_id].keys()), 200)
+ res = list(policy_instances[policy_type_id].keys())
+ return Response(json.dumps(res), 200, mimetype=APPL_JSON)
# API Function: Create or update a policy
def put_policy(policyTypeId, policyId):
pjson=create_problem_json(None, "Duplicate, the policy json already exists.", 400, None, policy_id)
return Response(json.dumps(pjson), 400, mimetype=APPL_PROB_JSON)
- #Callout hooks for external server
- #When it fails, break and return 419 HTTP status code
+ #Callout hooks for kafka dispatcher
+ if (KAFKA_DISPATCHER_URL is not None):
+ resp = callout_kafka_dispatcher(policy_type_id, policy_id, data, retcode)
+ if (resp != 200):
+ pjson=create_error_response(resp)
+ return Response(json.dumps(pjson), 500, mimetype=APPL_PROB_JSON)
+
+ # Callout hooks for external server
+ # When it fails, break and return HTTP status code 500
if (EXT_SRV_URL is not None):
resp = callout_external_server(policy_id, data, 'PUT')
if (resp != retcode):
policy_fingerprint[fp]=policy_id
- noti=request.args.get('notificationDestination')
- callbacks[policy_id]=noti
+ noti = request.args.get('notificationDestination')
+ callbacks[policy_id] = noti
policy_instances[policy_type_id][policy_id]=data
if (policy_types[policy_type_id]['statusSchema'] is not None):
- ps = {}
- ps["enforceStatus"] = ""
- ps["enforceReason"] = ""
- policy_status[policy_id] = ps
+ enforceStatus = EnforceStatus("NOT_ENFORCED", "OTHER_REASON")
+ policy_status[policy_id] = enforceStatus.to_dict()
if (retcode == 200):
return Response(json.dumps(data), 200, mimetype=APPL_JSON)
pjson=create_problem_json(None, "The requested policy does not exist.", 404, None, policy_id)
return Response(json.dumps(pjson), 404, mimetype=APPL_PROB_JSON)
- #Callout hooks for external server
- #When it fails, break and return 419 HTTP status code
+ #Callout hooks for kafka dispatcher
+ if (KAFKA_DISPATCHER_URL is not None):
+ resp = callout_kafka_dispatcher(policy_type_id, policy_id, None, 204)
+ if (resp != 200):
+ pjson=create_error_response(resp)
+ return Response(json.dumps(pjson), 500, mimetype=APPL_PROB_JSON)
+
+ # Callout hooks for external server
+ # When it fails, break and return HTTP status code 500
if (EXT_SRV_URL is not None):
resp = callout_external_server(policy_id, None, 'DELETE')
if (resp != 204):
pjson=create_problem_json(None, "The requested policy does not exist.", 404, None, policy_id)
return Response(json.dumps(pjson), 404, mimetype=APPL_PROB_JSON)
+ #Callout hooks for kafka dispatcher
+ if (KAFKA_DISPATCHER_URL is not None):
+ resp = callout_kafka_dispatcher(policy_type_id, policy_id, None, 202)
+ if (resp != 200):
+ pjson=create_error_response(resp)
+ return Response(json.dumps(pjson), 500, mimetype=APPL_PROB_JSON)
+
return Response(json.dumps(policy_status[policy_id]), status=200, mimetype=APPL_JSON)
+
+# Helper: Callout kafka dispatcher server to notify it for policy operations
+def callout_kafka_dispatcher(policy_type_id, policy_id, payload, retcode):
+
+ target_url = KAFKA_DISPATCHER_URL + "/policytypes/" + policy_type_id + "/kafkadispatcher/" + policy_id
+ try:
+ # create operation, publish with payload
+ if (retcode == 201):
+ resp=requests.put(target_url, json=payload, timeout=30, verify=False)
+ return resp.status_code
+ # update operation, publish with payload
+ elif (retcode == 200):
+ # add headers an update-flag
+ headers = {'updateoper' : 'yes'}
+ resp=requests.put(target_url, json=payload, headers=headers, timeout=30, verify=False)
+ return resp.status_code
+ # delete operation, publish without payload
+ elif (retcode == 204):
+ resp=requests.delete(target_url, timeout=30, verify=False)
+ return resp.status_code
+ # get policy status operation, publish without payload
+ elif (retcode == 202):
+ # update endpoint
+ target_url = target_url + "/status"
+ resp=requests.get(target_url, timeout=30, verify=False)
+ return resp.status_code
+ except Exception:
+ return 419
+
+
# Helper: Callout external server to notify it for policy operations
# Returns 200, 201 and 204 for the success callout hooks, for the others returns 419
def callout_external_server(policy_id, payload, operation):