3 a|?@sddlZddlmZddlmZddlmZddlmZddlmZyddlmZm Z m Z m Z Wne k rtYnXdZ d Zd Zd Zd Zd ZGdddejZGdddejZd'ddeeddddZd(ddeeddddZeedddZd)dd d!d"Zd#d$d%d&ZdS)*N)clouds) exceptions)status) serviceclient)util)AnyDictListOptionalz/v1/context/machines/tokenz3/v1/contracts/{contract}/context/machines/{machine}z /v1/resourcesz3/v1/resources/{resource}/context/machines/{machine}z/v1/clouds/{cloud_type}/tokenz %B %d, %Ycs:eZdZfddZddZd ddZfdd ZZS) ContractAPIErrorcs^tj||j|j|jd|kr,|d|_n|g|_x$|jD]}|jd|jd|d<qrBcCs||stj|jj}|j}|jddj|itj||d}|j||d\}}|j drd|d|d<|jj dj|||S)aRequests machine access context for a given resource @param machine_token: The authentication token needed to talk to this contract service endpoint. @param resource: Entitlement name. @param machine_id: Optional unique system machine id. When absent, contents of /etc/machine-id will be used. @return: Dict of the JSON response containing entitlement accessInfo. r4z Bearer {})rQmachine)rexpireszmachine-access-{}) rget_machine_idr;data_dirrr6r7#API_V1_TMPL_RESOURCE_MACHINE_ACCESSr9rr<)rr?rQr>rrZresource_accessrrrrequest_resource_machine_accesszs   z0UAContractClient.request_resource_machine_accessr)r? contract_idr>rBcCs|j|||ddS)z6Update existing machine-token for an attached machine.F)r?rXr>detach)_request_machine_token_update)rr?rXr>rrrrequest_machine_token_updates z-UAContractClient.request_machine_token_updatecCsP|jddjdd}|jjd}t|t|kr>tjdiS|j|||ddS) zAReport the attached machine should be detached from the contract.N)r> machineIdrz machine-idzrY)r8rr; read_cachestrloggingdebugrZ)rr?rXr>Zcurr_machine_idZpast_machine_idrrrdetach_machine_from_contracts  z-UAContractClient.detach_machine_from_contractF)r?rXr>rYrBc Cs|j}|jddj|i|j|}tj||dd}d|i}|rNd|d<nd|d<||d <|j|f|\} }|jd r|d | d <|s|jjd | |jjd |jdd | S)aBRequest machine token refresh from contract server. @param machine_token: The machine token needed to talk to this contract service endpoint. @param contract_id: Unique contract id provided by contract service. @param machine_id: Optional unique system machine id. When absent, contents of /etc/machine-id will be used. @param detach: Boolean set True if detaching this machine from the active contract. Default is False. @return: Dict of the JSON response containing refreshed machine-token r4z Bearer {}r\)contractrRrZDELETEmethodPOSTr5rSz machine-tokenz machine-idr) rr6r7r8*API_V1_TMPL_CONTEXT_MACHINE_TOKEN_RESOURCEr9rr;r<) rr?rXr>rYrr5rkwargsrOrrrrZs"    z.UAContractClient._request_machine_token_updatecCs0|stj|jj}tj}|jd}|||dS)z<"Return a dict of platform-relateddata for contract requestsrC)r\rFos)rrTr;rUrHpop)rr>rJrCrrrr8s  z#UAContractClient._get_platform_data)N)N)N)N)NF)r.r/r0Zcfg_url_base_attrr Z api_error_clsrArKrZAutoAttachCloudInstancerPr^rWr[raboolrZr8rrrrr2Bs   !r2TzDict[str, Any])past_entitlementsnew_entitlements allow_enableseries_overridesrBcCsd}d}xt|jD]\}}yt|j|i|||dWqtjk r|d}tjtj dj ||dWdQRXYqt k rd}tjtj dj ||dWdQRXYqXqW|rtjt jn|rtjt jdS)aIterate over all entitlements in new_entitlement and apply any delta found according to past_entitlements. :param past_entitlements: dict containing the last valid information regarding service entitlements. :param new_entitlements: dict containing the current information regarding service entitlements. :param allow_enable: Boolean set True if allowed to perform the enable operation. When False, a message will be logged to inform the user about the recommended enabled service. :param series_overrides: Boolean set True if series overrides should be applied to the new_access dict. F)rlrmTz4Failed to process contract delta for {name}: {delta})namedeltaNz>Unexpected error processing contract delta for {name}: {delta})sorteditemsprocess_entitlement_deltarrUserFacingErrorrdisable_log_to_consoler_rr7 Exception exceptionrMESSAGE_UNEXPECTED_ERROR'MESSAGE_ATTACH_FAILURE_DEFAULT_SERVICES)rjrkrlrmZ delta_errorZunexpected_errorrnZnew_entitlementrrrprocess_entitlements_deltas4     ryFr) orig_access new_accessrlrmrBc Csddlm}|rtj|tj||}|r|jdijd}|sR|jdijd}|sftdj||y ||}Wn tk rt j d||SX||d}|j |||d|S) aProcess a entitlement access dictionary deltas if they exist. :param orig_access: Dict with original entitlement access details before contract refresh deltas :param new_access: Dict with updated entitlement access details after contract refresh :param allow_enable: Boolean set True if allowed to perform the enable operation. When False, a message will be logged to inform the user about the recommended enabled service. :param series_overrides: Boolean set True if series overrides should be applied to the new_access dict. :raise UserFacingError: on failure to process deltas. :return: Dict of processed deltas r)ENTITLEMENT_CLASS_BY_NAME entitlementtypez5Could not determine contract delta service type {} {}z3Skipping entitlement deltas for "%s". No such class) assume_yes)rl) uaclient.entitlementsr|rapply_series_overridesget_dict_deltasr RuntimeErrorr7KeyErrorr_r`process_contract_deltas) rzr{rlrmr|deltasrnent_clsr}rrrrrs,       rr)rrBcCstj}t|drt|jdkrd|jdkr|jdd}|d}|d}d}|dkrv|djt}tjj||d }n>|d kr|djt}tj j||d }n|d krtj j|d }tj j|d }|S)NrrinfoZ contractIdreasonrzno-longer-effectivetime)rXdateznot-effective-yetznever-effective)rX)r) rMESSAGE_ATTACH_EXPIRED_TOKENhasattrlenrstrftimeATTACH_FAIL_DATE_FORMAT MESSAGE_ATTACH_FORBIDDEN_EXPIREDr7 MESSAGE_ATTACH_FORBIDDEN_NOT_YETMESSAGE_ATTACH_FORBIDDEN_NEVERMESSAGE_ATTACH_FORBIDDEN)rmsgrrXrZ reason_msgrrrr _create_attach_forbidden_messagePs*   rz Optional[str])r=c Cs|j}|j}|r|rtdt|}|ry|j|dWntjk r}zt|trt |dr|j dkrxt j t jn|j dkrt|}t j ||tjtjt|WdQRXt j t jWYdd}~XnXn&|d}|dd d } |j|| d t||j|dS) afRequest contract refresh from ua-contracts service. Compare original token to new token and react to entitlement deltas. :param cfg: Instance of UAConfig for this machine. :param contract_token: String contraining an optional contract token. :param allow_enable: Boolean set True if allowed to perform the enable operation. When False, a message will be logged to inform the user about the recommended enabled service. :raise UserFacingError: on failure to update contract or error processing contract deltas :raise UrlError: On failure to contact the server zs4     '- 1 .6