# ============LICENSE_END=================================================
#
+import os
import copy
import datetime
import json
import logging
import collections
import time
+import requests
from connexion import NoContent
from flask import Flask, escape, request, Response, make_response
APPL_JSON='application/json'
APPL_PROB_JSON='application/problem+json'
+EXT_SRV_URL=os.getenv('EXT_SRV_URL')
+
+
# API Function: Get all policy type ids
def get_all_policy_types():
pjson=create_problem_json(None, "Duplicate, the policy json already exists.", 400, None, policy_id)
return Response(json.dumps(pjson), 400, mimetype=APPL_PROB_JSON)
+ #Callout hooks for external server
+ #When it fails, break and return 419 HTTP status code
+ if (EXT_SRV_URL is not None):
+ resp = callout_external_server(policy_id, data, 'PUT')
+ if (resp != retcode):
+ pjson=create_error_response(resp)
+ return Response(json.dumps(pjson), 500, mimetype=APPL_PROB_JSON)
+
if (fp_previous is not None):
del policy_fingerprint[fp_previous]
return Response(json.dumps(policy_instances[policy_type_id][policy_id]), 200, mimetype=APPL_JSON)
-
# API Function: Delete a policy
def delete_policy(policyTypeId, policyId):
pjson=create_problem_json(None, "The requested policy does not exist.", 404, None, policy_id)
return Response(json.dumps(pjson), 404, mimetype=APPL_PROB_JSON)
+ #Callout hooks for external server
+ #When it fails, break and return 419 HTTP status code
+ if (EXT_SRV_URL is not None):
+ resp = callout_external_server(policy_id, None, 'DELETE')
+ if (resp != 204):
+ pjson=create_error_response(resp)
+ return Response(json.dumps(pjson), 500, mimetype=APPL_PROB_JSON)
+
if (is_duplicate_check()):
fp_previous=calcFingerprint(policy_instances[policy_type_id][policy_id], policy_type_id)
else:
callbacks.pop(policy_id)
return Response('', 204, mimetype=APPL_JSON)
-
# API Function: Get status for a policy
def get_policy_status(policyTypeId, policyId):
return Response(json.dumps(policy_status[policy_id]), status=200, mimetype=APPL_JSON)
+# Helper: Callout external server to notify it for policy operations
+# Returns 200, 201 and 204 for the success callout hooks, for the others returns 419
+def callout_external_server(policy_id, payload, operation):
+
+ target_url=EXT_SRV_URL + policy_id
+ try:
+ if (operation == 'PUT'):
+ #Suppress error when self-signed certificate is being used with verify flag
+ resp=requests.put(target_url, json=payload, timeout=10, verify=False)
+ return resp.status_code
+ elif (operation == 'DELETE'):
+ resp=requests.delete(target_url, timeout=10, verify=False)
+ return resp.status_code
+ except Exception:
+ #Return a generic unassigned HTTP status code as per iana, for all exceptions (419:Callout failed)
+ #https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml
+ return 419
+
# Helper: Create a response object if forced http response code is set
def get_forced_response():
+
if (forced_settings['code'] is not None):
- pjson=create_error_response(forced_settings['code'])
+ value=forced_settings['code']
+ pjson=create_error_response(int(value))
forced_settings['code']=None
return Response(json.dumps(pjson), pjson['status'], mimetype=APPL_PROB_JSON)
return None
# Helper: Delay if delayed response code is set
def do_delay():
+
if (forced_settings['delay'] is not None):
try:
val=int(forced_settings['delay'])
# Helper: Check if response shall be delayed or a forced response shall be sent
def check_modified_response():
+
do_delay()
return get_forced_response()
# Helper: Create a problem json based on a generic http response code
def create_error_response(code):
- if code == '400':
+ if (code == 400):
return(create_problem_json(None, "Bad request", 400, "Object in payload not properly formulated or not related to the method", None))
- elif code == '404':
+ elif (code == 404):
return(create_problem_json(None, "Not found", 404, "No resource found at the URI", None))
- elif code == '405':
+ elif (code == 405):
return(create_problem_json(None, "Method not allowed", 405, "Method not allowed for the URI", None))
- elif code == '409':
+ elif (code == 409):
return(create_problem_json(None, "Conflict", 409, "Request could not be processed in the current state of the resource", None))
- elif code == '429':
+ elif (code == 419):
+ return(create_problem_json(None, "Callout failed", 419, "Callout hooks could not be processed on the external server", None))
+ elif (code == 429):
return(create_problem_json(None, "Too many requests", 429, "Too many requests have been sent in a given amount of time", None))
- elif code == '507':
+ elif (code == 507):
return(create_problem_json(None, "Insufficient storage", 507, "The method could not be performed on the resource because the provider is unable to store the representation needed to successfully complete the request", None))
- elif code == '503':
+ elif (code == 503):
return(create_problem_json(None, "Service unavailable", 503, "The provider is currently unable to handle the request due to a temporary overload", None))
else:
return(create_problem_json(None, "Unknown", code, "Not implemented response code", None))