From 560224108ca6d51eb1551a427c5fef25bfe229f4 Mon Sep 17 00:00:00 2001 From: Jarret Raim Date: Thu, 28 Feb 2013 20:13:35 -0600 Subject: [PATCH] API Support For Policies Post examples/policy.json to //policies. GET on that URI should return the policy. --- barbican_api.py | 31 ++++++++++++++++++++- examples/policy.json | 23 ++++++++++++++++ models.py | 65 ++++++++++++++++++++++++++++++++++++++++---- 3 files changed, 113 insertions(+), 6 deletions(-) create mode 100644 examples/policy.json diff --git a/barbican_api.py b/barbican_api.py index f5ca652ef..b4b308ccb 100644 --- a/barbican_api.py +++ b/barbican_api.py @@ -15,7 +15,7 @@ import uuid import datetime from dateutil.parser import parse from flask import Blueprint, request, jsonify, Response, json -from models import Event, Tenant, Key, Agent +from models import Event, Tenant, Key, Agent, Policy from database import db_session api = Blueprint('api', __name__, url_prefix="/api") @@ -26,6 +26,35 @@ def root(): return jsonify(hello='World') +@api.route('//policies/', methods=['GET', 'POST']) +def policies(tenant_id): + if request.method == 'POST': + for policy in request.json['policies']: + keys = [] + for k in policy['keys']: + key = Key(uuid=k['uuid'], filename=k['filename'], mime_type=k['mime_type'], + expiration=parse(k['expiration']), secret=k['secret'], owner=k['owner'], + group=k['group'], cacheable=k['cacheable']) + keys.append(key) + + policy = Policy(uuid=policy['uuid'], name=policy['name'], tenant_id=tenant_id, + directory_name=policy['directory_name'], + max_key_accesses=policy['max_key_accesses'], + time_available_after_reboot=policy['time_available_after_reboot']) + policy.keys.extend(keys) + db_session.add(policy) + db_session.commit() + + return Response(status=200) + else: + policy = Policy.query.filter_by(tenant_id=tenant_id).first() + + if policy is None: + return Response('No policies defined for tenant', status=404) + + return jsonify(policy.as_dict()) + + @api.route('//agents/', methods=['GET', 'POST']) def agents(tenant_id): if request.method == 'POST': diff --git a/examples/policy.json b/examples/policy.json new file mode 100644 index 000000000..04f4da332 --- /dev/null +++ b/examples/policy.json @@ -0,0 +1,23 @@ +{ + "policies": [ + { + "uuid": "01fb57ff-058c-4d68-85e9-d81844dd0089", + "name": "Available after reboot", + "directory_name": "my-app-key", + "max_key_accesses": 1, + "time_available_after_reboot": 10, + "keys": [ + { + "uuid": "e2b633c7-fda5-4be8-b42c-9a2c9280284d", + "filename": "configuration_key", + "mime_type": "application/aes-256-cbc", + "expiration": "2014-02-28T19:14:44.180394", + "secret": "b7990b786ee9659b43e6b1cd6136de07d9c5aa06513afe5d091c04bde981b280", + "owner": "myapp", + "group": "myapp", + "cacheable": false + } + ] + } + ] +} \ No newline at end of file diff --git a/models.py b/models.py index c2ba19a30..a31bc99f1 100644 --- a/models.py +++ b/models.py @@ -65,19 +65,47 @@ class Key(Base): uuid = Column(String(36), unique=True) filename = Column(String(128)) mime_type = Column(String(128)) - expires = Column(DateTime) + expiration = Column(DateTime) secret = Column(Text) + owner = Column(String(33)) + group = Column(String(33)) + cacheable = Column(Boolean) - tenant_id = Column(Integer, ForeignKey('tenants.id')) - tenant = relationship("Tenant", backref=backref('keys', order_by=id)) + policy_id = Column(Integer, ForeignKey('policies.id')) + policy = relationship("Policy", backref=backref('keys')) - def __init__(self, uuid=None): + def __init__(self, uuid=None, filename=None, mime_type=None, expiration=None, secret=None, + owner=None, group=None, cacheable=None, policy_id=None): if uuid is None: self.uuid = str(uuid4()) + else: + self.uuid = uuid + + self.filename = filename + self.mime_type = mime_type + self.expiration = expiration + self.secret = secret + self.owner = owner + self.group = group + self.cacheable = cacheable + self.policy_id = policy_id def __repr__(self): return '' % self.uuid + def as_dict(self): + json = { + 'uuid': self.uuid, + 'filename': self.filename, + 'mime_type': self.mime_type, + 'expiration': self.expiration.isoformat(), + 'secret': self.secret, + 'owner': self.owner, + 'group': self.group, + 'cachecable': self.cacheable + } + return json + class Agent(Base): __tablename__ = 'agents' @@ -109,17 +137,44 @@ class Policy(Base): __tablename__ = 'policies' id = Column(Integer, primary_key=True) uuid = Column(String(36), unique=True) + name = Column(String(100)) + directory_name = Column(String(254)) + max_key_accesses = Column(Integer) + time_available_after_reboot = Column(Integer) tenant_id = Column(Integer, ForeignKey('tenants.id')) tenant = relationship("Tenant", backref=backref('policies', order_by=id)) - def __init__(self, uuid=None): + def __init__(self, uuid=None, name=None, directory_name=None, max_key_accesses=None, + time_available_after_reboot=None, tenant_id=None): if uuid is None: self.uuid = str(uuid4()) + else: + self.uuid = uuid + + self.name = name + self.directory_name = directory_name + self.max_key_accesses = max_key_accesses + self.time_available_after_reboot = time_available_after_reboot + self.tenant_id = tenant_id def __repr__(self): return '' % self.uuid + def as_dict(self): + keys = map(Key.as_dict, self.keys) + + json = { + 'uuid': self.uuid, + 'name': self.name, + 'directory_name': self.directory_name, + 'max_key_accesses': self.max_key_accesses, + 'time_available_after_reboot': self.time_available_after_reboot, + 'tenant_id': self.tenant_id, + 'keys': keys + } + return json + class Event(Base): __tablename__ = 'events'