[optf/osdf.git] / osdf / adapters / policy / interface.py

 # -------------------------------------------------------------------------
#   Copyright (c) 2015-2017 AT&T Intellectual Property
#
#   Licensed under the Apache License, Version 2.0 (the "License");
#   you may not use this file except in compliance with the License.
#   You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.
#
# -------------------------------------------------------------------------
#

import base64
import itertools
import json


from requests import RequestException
from osdf.operation.exceptions import BusinessException
from osdf.adapters.local_data.local_policies import get_local_policies
from osdf.adapters.policy.utils import policy_name_as_regex, retrieve_node
from osdf.utils.programming_utils import list_flatten, dot_notation
from osdf.config.base import osdf_config
from osdf.logging.osdf_logging import audit_log, MH, metrics_log, debug_log
from osdf.utils.interfaces import RestClient


def get_by_name(rest_client, policy_name_list, wildcards=True):
    policy_list = []
    for policy_name in policy_name_list:
        try:
            query_name = policy_name
            if wildcards:
                query_name = policy_name_as_regex(query_name)
            policy_list.append(rest_client.request(json={"policyName": query_name}))
        except RequestException as err:
            audit_log.warn("Error in fetching policy: " + policy_name)
            raise BusinessException("Cannot fetch policy {}: ".format(policy_name), err)
    return policy_list


def get_by_scope(rest_client, req, config_local, type_service):
    """ Get policies by scopes as defined in the configuration file.
    :param rest_client: a rest client object to make a call.
    :param req: an optimization request.
    :param config_local: application configuration file.
    :param type_service: the type of optimization service.
    :return: policies in the form of list of list where inner list contains policies for a single a scope.
    """
    scope_policies = []
    references = config_local.get('references', {})
    pscope = config_local.get('policy_info', {}).get(type_service, {}).get('policy_scope', {})
    service_name = dot_notation(req, references.get('service_name', {}).get('value', None))
    primary_scope = pscope['{}_scope'.format(service_name.lower() if service_name else "default")]
    for sec_scope in pscope.get('secondary_scopes', []):
        policies, scope_fields = [], []
        for field in sec_scope:
            scope_fields.extend([get_scope_fields(field, references, req, list_flatten(scope_policies))
                                if 'get_param' in field else field])
        scope_fields = set(list_flatten(scope_fields))
        scope_fields = set([x.lower() for x in scope_fields])
        for scope in scope_fields:
            policies.extend(policy_api_call(rest_client, primary_scope, scope))
        scope_policies.append([policy for policy in policies
                              if scope_fields <= set(json.loads(policy['config'])['content']['policyScope'])])
    return scope_policies


def get_scope_fields(field, references, req, policy_info):
    """ Retrieve the values for scope fields from a request and policies as per the configuration
    and references defined in a configuration file. If the value of a scope field missing in a request or
    policies, throw an exception since correct policies cannot be retrieved.
    :param field: details on a scope field from a configuration file.
    :param references: references defined in a configuration file.
    :param req: an optimization request.
    :param policy_info: a list of policies.
    :return: scope fields retrieved from a request and policies.
    """
    ref_source = references.get(field.get('get_param', ""), {}).get('source')
    ref_value = references.get(field.get('get_param', ""), {}).get('value')
    if ref_source == "request":
        scope_field = dot_notation(req, ref_value)
        if scope_field:
            return scope_field
        raise BusinessException("Field {} is missing a value in a request".format(ref_value.split('.')[-1]))
    else:
        scope_fields = []
        for policy in policy_info:
            policy_content = json.loads(policy.get('config', "{}"))
            if policy_content.get('content', {}).get('policyType', "invalid_policy") == ref_source:
                scope_fields.append(dot_notation(policy_content, ref_value))
        scope_values = list_flatten(scope_fields)
        if len(scope_values) > 0:
            return scope_values
        raise BusinessException("Field {} is missing a value in all policies of type {}".format(
            ref_value.split('.')[-1], ref_source))


def policy_api_call(rest_client, primary_scope, scope_field):
    """ Makes a getConfig API call to the policy system to retrieve policies matching a scope.
    :param rest_client: rest client object to make a call
    :param primary_scope: the primary scope of policies, which is a folder in the policy system
    where policies are stored.
    :param scope_field: the secondary scope of policies, which is a collection of domain values.
    :return: a list of policies matching both primary and secondary scopes.
    """
    api_call_body = {"policyName": "{}.*".format(primary_scope),
                     "configAttributes": {"policyScope": "{}".format(scope_field)}}
    return rest_client.request(json=api_call_body)


def remote_api(req_json, osdf_config, service_type="placement"):
    """Make a request to policy and return response -- it accounts for multiple requests that be needed
    :param req_json: policy request object (can have multiple policy names)
    :param osdf_config: main config that will have credential information
    :param service_type: the type of service to call: "placement", "scheduling"
    :return: all related policies and provStatus retrieved from Subscriber policy
    """
    config = osdf_config.deployment
    uid, passwd = config['policyPlatformUsername'], config['policyPlatformPassword']
    pcuid, pcpasswd = config['policyClientUsername'], config['policyClientPassword']
    headers = {"ClientAuth": base64.b64encode(bytes("{}:{}".format(pcuid, pcpasswd), "ascii"))}
    headers.update({'Environment': config['policyPlatformEnv']})
    url = config['policyPlatformUrl']
    rc = RestClient(userid=uid, passwd=passwd, headers=headers, url=url, log_func=debug_log.debug)

    if osdf_config.core['policy_info'][service_type]['policy_fetch'] == "by_name":
        policies = get_by_name(rc, req_json[service_type + "Info"]['policyId'], wildcards=True)
    elif osdf_config.core['policy_info'][service_type]['policy_fetch'] == "by_name_no_wildcards":
        policies = get_by_name(rc, req_json[service_type + "Info"]['policyId'], wildcards=False)
    else:
        policies = get_by_scope(rc, req_json, osdf_config.core, service_type)

    formatted_policies = []
    for x in itertools.chain(*policies):
        if x['config'] is None:
            raise BusinessException("Config not found for policy with name %s" % x['policyName'])
        else:
            formatted_policies.append(json.loads(x['config']))
    return formatted_policies


def local_policies_location(req_json, osdf_config, service_type):
    """
    Get folder and list of policy_files if "local policies" option is enabled
    :param service_type: placement supported for now, but can be any other service
    :return: a tuple (folder, file_list) or None
    """
    lp = osdf_config.core.get('osdf_temp', {}).get('local_policies', {})
    if lp.get('global_disabled'):
        return None  # short-circuit to disable all local policies
    if lp.get('local_{}_policies_enabled'.format(service_type)):
        if service_type == "scheduling":
            return lp.get('{}_policy_dir'.format(service_type)), lp.get('{}_policy_files'.format(service_type))
        else:
            service_name = req_json['serviceInfo']['serviceName']  # TODO: data_mapping.get_service_type(model_name)
            return lp.get('{}_policy_dir_{}'.format(service_type, service_name.lower())), \
                   lp.get('{}_policy_files_{}'.format(service_type, service_name.lower()))
    return None


def get_policies(request_json, service_type):
    """Validate the request and get relevant policies
    :param request_json: Request object
    :param service_type: the type of service to call: "placement", "scheduling"
    :return: policies associated with this request and provStatus retrieved from Subscriber policy
    """
    req_info = request_json['requestInfo']
    req_id = req_info['requestId']
    metrics_log.info(MH.requesting("policy", req_id))
    local_info = local_policies_location(request_json, osdf_config, service_type)

    if local_info:  # tuple containing location and list of files
        to_filter = None
        if osdf_config.core['policy_info'][service_type]['policy_fetch'] == "by_name":
            to_filter = request_json[service_type + "Info"]['policyId']
        policies = get_local_policies(local_info[0], local_info[1], to_filter)
    else:
        policies = remote_api(request_json, osdf_config, service_type)

    return policies