in modular_api_cli/modular_handler/group_handler.py [0:0]
def add_group_handler(self, group: str, policies: list) -> CommandResponse:
"""
Add group to ModularGroup table
:param group: group name
:param policies: Policies list which will be attached to group
:return: CommandResponse
"""
_LOG.info(f'Going to add group \'{group}\' with policies \'{policies}\'')
policies = list(set(policies))
existed_group = self.group_service.describe_group(group_name=group)
if existed_group:
if existed_group.state == REMOVED_STATE:
_LOG.error('Specified group already exists')
raise ModularApiBadRequestException(
f'Group with name {group} already exists and marked as '
f'\'{REMOVED_STATE}\'')
elif existed_group.state == ACTIVATED_STATE:
_LOG.error('Specified group already exists')
raise ModularApiBadRequestException(
f'Group with name \'{group}\' already exists. Please '
f'change name to another one or configure existing '
f'\'{group}\' group with new policies by command:'
f'{line_sep}modular group add_policy --group {group} '
f'--policy $policy_name{line_sep}In case if you need add '
f'several policies at one time use the next syntax:'
f'{line_sep}modular group add_policy --group {group} '
f'--policy $policy_name_1 --policy $policy_name_2 '
f'--policy $policy_name_N')
_LOG.error('Specified group already exists')
raise ModularApiConflictException(
f'Group with name \'{group}\' already exists with invalid '
f'\'{existed_group.state}\' state')
existing_policies = self.policy_service.get_policies_by_name(
policy_names=policies
)
if not existing_policies:
_LOG.error('Specified policies does not exist')
raise ModularApiBadRequestException(
f'Policy(ies) you are trying to add to the group \'{group}\' '
f'does not exist. Please add policy(ies) first via command:'
f'{line_sep}modular policy add'
)
skipped_policies = list()
for policy_name in policies:
if policy_name not in [policy.policy_name for policy in existing_policies]:
skipped_policies.append(policy_name)
if skipped_policies:
_LOG.error('Specified policies does not exist')
raise ModularApiBadRequestException(
f'Policy(ies) you are trying to add to the group is '
f'missing:{line_sep}{", ".join(skipped_policies)}{line_sep}'
f'Please remove it`s name(s) from command or add this '
f'policy(ies) first'
)
invalid_policies = []
for policy in existing_policies:
if self.policy_service.calculate_policy_hash(policy) != policy.hash \
or policy.state != ACTIVATED_STATE:
invalid_policies.append(policy.policy_name)
if invalid_policies:
_LOG.error('Provided policies compromised or deleted')
raise ModularApiBadRequestException(
f'Provided policies compromised or deleted: '
f'{", ".join(invalid_policies)}.{line_sep}To get more detailed '
f'information please execute command:{line_sep}'
f'modular policy describe')
group_item = self.group_service.create_group_entity(
group_name=group,
policies=policies
)
group_hash_sum = self.group_service.calculate_group_hash(
group_item=group_item
)
group_item.hash = group_hash_sum
self.group_service.save_group(group_item=group_item)
_LOG.info(f'Group with name \'{group}\' successfully added')
return CommandResponse(
message=f'Group with name \'{group}\' successfully added. Attached '
f'policy(ies): {policies}')