本文整理汇总了Python中calvin.utilities.security.Security.set_subject方法的典型用法代码示例。如果您正苦于以下问题:Python Security.set_subject方法的具体用法?Python Security.set_subject怎么用?Python Security.set_subject使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类calvin.utilities.security.Security
的用法示例。
在下文中一共展示了Security.set_subject方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: compile
# 需要导入模块: from calvin.utilities.security import Security [as 别名]
# 或者: from calvin.utilities.security.Security import set_subject [as 别名]
def compile(source_text, filename='', content=None, credentials=None, verify=True, node=None):
# Steps taken:
# 1) Verify signature when credentials supplied
# 2) parser .calvin file -> IR. May produce syntax errors/warnings
# 3) checker IR -> IR. May produce syntax errors/warnings
# 4) analyzer IR -> app. Should not fail. Sets 'valid' property of IR to True/False
deployable = {'valid': False, 'actors': {}, 'connections': {}}
errors = [] #TODO: fill in something meaningful
warnings = []
if credentials:
_log.debug("Check credentials...")
sec = Security(node)
sec.set_subject(credentials)
if not sec.authenticate_subject():
_log.error("Check credentials...failed authentication")
# This error reason is detected in calvin control and gives proper REST response
errors.append({'reason': "401: UNAUTHORIZED", 'line': 0, 'col': 0})
return deployable, errors, warnings
if (not sec.verify_signature_content(content, "application") or not sec.check_security_policy()):
# Verification not OK if sign or cert not OK or if the signer is denied by security policies
print "\n IN DEPLOYER\n "
_log.error("Check credentials...failed application verification")
# This error reason is detected in calvin control and gives proper REST response
errors.append({'reason': "401: UNAUTHORIZED", 'line': None, 'col': None})
return deployable, errors, warnings
_log.debug("Parsing...")
ir, errors, warnings = calvin_parser(source_text, filename)
_log.debug("Parsed %s, %s, %s" % (ir, errors, warnings))
# If there were errors during parsing no IR will be generated
if not errors:
c_errors, c_warnings = check(ir, verify=verify)
errors.extend(c_errors)
warnings.extend(c_warnings)
deployable = generate_app_info(ir, verify=verify)
if errors:
deployable['valid'] = False
_log.debug("Compiled %s, %s, %s" % (deployable, errors, warnings))
return deployable, errors, warnings
示例2: _new_actor
# 需要导入模块: from calvin.utilities.security import Security [as 别名]
# 或者: from calvin.utilities.security.Security import set_subject [as 别名]
def _new_actor(self, actor_type, actor_id=None, credentials=None):
"""Return a 'bare' actor of actor_type, raises an exception on failure."""
if credentials is not None:
sec = Security(self.node)
sec.set_subject(credentials)
sec.authenticate_subject()
else:
sec = None
(found, is_primitive, class_) = ActorStore(security=sec).lookup(actor_type)
if not found:
# Here assume a primitive actor, now become shadow actor
_log.analyze(self.node.id, "+ NOT FOUND CREATE SHADOW ACTOR", {'class': class_})
found = True
is_primitive = True
class_ = ShadowActor
if not found or not is_primitive:
_log.error("Requested actor %s is not available" % (actor_type))
raise Exception("ERROR_NOT_FOUND")
try:
# Create a 'bare' instance of the actor
a = class_(actor_type, actor_id=actor_id)
except Exception as e:
_log.exception("")
_log.error("The actor %s(%s) can't be instantiated." % (actor_type, class_.__init__))
raise(e)
try:
a.set_credentials(credentials, security=sec)
a._calvinsys = self.node.calvinsys()
a.check_requirements()
except Exception as e:
_log.exception("Catched new from state")
_log.analyze(self.node.id, "+ FAILED REQS CREATE SHADOW ACTOR", {'class': class_})
a = ShadowActor(actor_type, actor_id=actor_id)
a.set_credentials(credentials, security=sec)
a._calvinsys = self.node.calvinsys()
return a
示例3: Deployer
# 需要导入模块: from calvin.utilities.security import Security [as 别名]
# 或者: from calvin.utilities.security.Security import set_subject [as 别名]
class Deployer(object):
"""
Process an app_info dictionary (output from calvin parser) to
produce a running calvin application.
"""
def __init__(self, deployable, node, name=None, deploy_info=None, credentials=None, verify=True, cb=None):
super(Deployer, self).__init__()
self.deployable = deployable
self.deploy_info = deploy_info
self.credentials = credentials
self.sec = Security(node)
self.sec.set_subject(self.credentials)
self.actorstore = ActorStore(security=self.sec)
self.actor_map = {}
self.actor_connections = {}
self.node = node
self.verify = verify
self.cb = cb
self._deploy_cont_done = False
if name:
self.name = name
self.app_id = self.node.app_manager.new(self.name)
self.ns = os.path.splitext(os.path.basename(self.name))[0]
elif "name" in self.deployable:
self.name = self.deployable["name"]
self.app_id = self.node.app_manager.new(self.name)
self.ns = os.path.splitext(os.path.basename(self.name))[0]
else:
self.app_id = self.node.app_manager.new(None)
self.name = self.app_id
self.ns = ""
self.group_components()
_log.analyze(self.node.id, "+ SECURITY", {'sec': str(self.sec)})
# TODO Make deployer use the Application class group_components, component_name and get_req
def group_components(self):
self.components = {}
l = (len(self.ns)+1) if self.ns else 0
for name in self.deployable['actors']:
if name.find(':',l)> -1:
# This is part of a component
# component name including optional namespace
component = ':'.join(name.split(':')[0:(2 if self.ns else 1)])
if component in self.components:
self.components[component].append(name)
else:
self.components[component] = [name]
def component_name(self, name):
l = (len(self.ns)+1) if self.ns else 0
if name.find(':',l)> -1:
return ':'.join(name.split(':')[0:(2 if self.ns else 1)])
else:
return None
def get_req(self, actor_name):
name = self.component_name(actor_name) or actor_name
name = name.split(':', 1)[1] if self.ns else name
return self.deploy_info['requirements'][name] if (self.deploy_info and 'requirements' in self.deploy_info
and name in self.deploy_info['requirements']) else []
def instantiate(self, actor_name, actor_type, argd, signature=None):
"""
Instantiate an actor.
- 'actor_name' is <namespace>:<identifier>, e.g. app:src, or app:component:src
- 'actor_type' is the actor class to instatiate
- 'argd' is a dictionary with <actor_name>:<argdict> pairs
- 'signature' is the GlobalStore actor-signature to lookup the actor
"""
req = self.get_req(actor_name)
_log.analyze(self.node.id, "+ SECURITY", {'sec': str(self.sec)})
found, is_primitive, actor_def = self.actorstore.lookup(actor_type)
if not found or not is_primitive:
raise Exception("Not known actor type: %s" % actor_type)
actor_id = self.instantiate_primitive(actor_name, actor_type, argd, req, signature)
if not actor_id:
raise Exception(
"Could not instantiate actor of type: %s" % actor_type)
self.actor_map[actor_name] = actor_id
self.node.app_manager.add(self.app_id, actor_id)
def instantiate_primitive(self, actor_name, actor_type, args, req=None, signature=None):
# name is <namespace>:<identifier>, e.g. app:src, or app:component:src
# args is a **dictionary** of key-value arguments for this instance
# signature is the GlobalStore actor-signature to lookup the actor
args['name'] = actor_name
actor_id = self.node.am.new(actor_type=actor_type, args=args, signature=signature, credentials=self.credentials)
if req:
self.node.am.actors[actor_id].requirements_add(req, extend=False)
return actor_id
def connectid(self, connection):
src_actor, src_port, dst_actor, dst_port = connection
# connect from dst to src
# use node info if exists, otherwise assume local node
dst_actor_id = self.actor_map[dst_actor]
#.........这里部分代码省略.........
示例4: Actor
# 需要导入模块: from calvin.utilities.security import Security [as 别名]
# 或者: from calvin.utilities.security.Security import set_subject [as 别名]
#.........这里部分代码省略.........
self.credentials = None
self.authorization_plugins = None
self.inports = {p: actorport.InPort(p, self) for p in self.inport_names}
self.outports = {p: actorport.OutPort(p, self) for p in self.outport_names}
hooks = {
(Actor.STATUS.PENDING, Actor.STATUS.ENABLED): self.will_start,
(Actor.STATUS.ENABLED, Actor.STATUS.PENDING): self.will_stop,
}
self.fsm = Actor.FSM(Actor.STATUS, Actor.STATUS.LOADED, Actor.VALID_TRANSITIONS, hooks,
allow_invalid_transitions=allow_invalid_transitions,
disable_transition_checks=disable_transition_checks,
disable_state_checks=disable_state_checks)
self.metering.add_actor_info(self)
def set_credentials(self, credentials, security=None):
"""
Set the credentials the actor operates under.
This will trigger an authentication of the credentials.
Optionally an authenticated Security instance can be supplied,
to reduce the needed authentication processing.
"""
_log.debug("actor.py: set_credentials: %s" % credentials)
if credentials is None:
return
self.credentials = credentials
if security:
self.sec = security
else:
if self._calvinsys is not None:
self.sec = Security(self._calvinsys._node)
self.sec.set_subject(self.credentials)
self.sec.authenticate_subject()
def get_credentials(self):
_log.debug("actor.py: get_credentials: %s" % self.credentials)
return self.credentials
@verify_status([STATUS.LOADED])
def setup_complete(self):
self.fsm.transition_to(Actor.STATUS.READY)
def init(self):
raise Exception("Implementing 'init()' is mandatory.")
def will_start(self):
"""Override in actor subclass if actions need to be taken before starting."""
pass
def will_stop(self):
"""Override in actor subclass if actions need to be taken before stopping."""
pass
def will_migrate(self):
"""Override in actor subclass if actions need to be taken before migrating."""
pass
def did_migrate(self):
"""Override in actor subclass if actions need to be taken after migrating."""
pass
def will_end(self):
"""Override in actor subclass if actions need to be taken before destruction."""
pass