in modular_api_cli/modular_handler/policy_handler.py [0:0]
def update_policy_handler(self, policy: str, policy_path: str) -> CommandResponse:
"""
Updates policy content in ModularPolicy table
:param policy: Policy name which will be updated
:param policy_path: Path to file which contains allowed/denied actions
:return: CommandResponse
"""
_LOG.info(f'Going to update policy \'{policy}\' from \'{policy_path}\'')
policy_item = self.policy_service.describe_policy(policy_name=policy)
if not policy_item:
_LOG.error('Policy does not exist')
raise ModularApiBadRequestException(
f'Policy with name \'{policy}\' does not exist. Please check '
f'policy name spelling or add new policy with name \'{policy}\''
f' by command:{line_sep} modular policy add '
f'--policy {policy} --policy_path {policy_path}')
if policy_item.state != ACTIVATED_STATE:
_LOG.error('Policy blocked or deleted')
raise ModularApiBadRequestException(
f'Policy with name \'{policy}\' is blocked or deleted. Can not '
f'update policy content. To get more detailed info please '
f'execute command:{line_sep} modular policy describe --policy '
f'{policy}')
if self.policy_service.calculate_policy_hash(policy_item) != \
policy_item.hash:
click.confirm(
'Provided policy compromised. Command execution leads to policy '
'entity hash sum recalculation. Are you sure?', abort=True)
policy_content = open_json_file(file_path=policy_path)
policy_validation(policy_content=policy_content)
policy_item.content = policy_content
policy_item.last_modification_date = utc_time_now().isoformat()
policy_hash_sum = self.policy_service.calculate_policy_hash(
policy_item=policy_item)
policy_item.hash = policy_hash_sum
self.policy_service.save_policy(policy_item=policy_item)
_LOG.info('Policy successfully updated')
return CommandResponse(
message=f'Policy with name \'{policy}\' successfully updated')