ShaYmez/HBLink
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Finish adding Registration ACL to all apps

Browse Source 
renamed build_acl and the associated ACL to build_reg_acl and REG_ACL
to disambiguate from bridge_all and confbridge subscriber ACLs. Added
the registration ACL feature to all applications.
This commit is contained in:
Cort Buffington 2018-08-23 19:34:31 -05:00
parent 5a8c098bfe
commit a8dd60c3b4
4 changed files with 24 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
hb_bridge_all.py
View File

@ -45,7 +45,7 @@ from twisted.protocols.basic import NetstringReceiver
from twisted.internet import reactor, task from twisted.internet import reactor, task
# Things we import from the main hblink module # Things we import from the main hblink module
from hblink import HBSYSTEM, systems, hblink_handler, reportFactory, REPORT_OPCODES, config_reports from hblink import HBSYSTEM, systems, hblink_handler, reportFactory, REPORT_OPCODES, config_reports, build_reg_acl
from dmr_utils.utils import hex_str_3, int_id, get_alias from dmr_utils.utils import hex_str_3, int_id, get_alias
from dmr_utils import decode, bptc, const from dmr_utils import decode, bptc, const
from acl import acl_check, acl_build from acl import acl_check, acl_build
@ -269,6 +269,9 @@ if __name__ == '__main__':
# Set signal handers so that we can gracefully exit if need be # Set signal handers so that we can gracefully exit if need be
for sig in [signal.SIGTERM, signal.SIGINT]: for sig in [signal.SIGTERM, signal.SIGINT]:
signal.signal(sig, sig_handler) signal.signal(sig, sig_handler)
# Build the Access Control List
REG_ACL = build_reg_acl('reg_acl', logger)
# ID ALIAS CREATION # ID ALIAS CREATION
# Download # Download

5
hb_confbridge.py
View File

@ -45,7 +45,7 @@ from twisted.protocols.basic import NetstringReceiver
from twisted.internet import reactor, task from twisted.internet import reactor, task
# Things we import from the main hblink module # Things we import from the main hblink module
from hblink import HBSYSTEM, systems, hblink_handler, reportFactory, REPORT_OPCODES, config_reports from hblink import HBSYSTEM, systems, hblink_handler, reportFactory, REPORT_OPCODES, config_reports, build_reg_acl
from dmr_utils.utils import hex_str_3, int_id, get_alias from dmr_utils.utils import hex_str_3, int_id, get_alias
from dmr_utils import decode, bptc, const from dmr_utils import decode, bptc, const
import hb_config import hb_config
@ -487,6 +487,9 @@ if __name__ == '__main__':
for sig in [signal.SIGTERM, signal.SIGINT]: for sig in [signal.SIGTERM, signal.SIGINT]:
signal.signal(sig, sig_handler) signal.signal(sig, sig_handler)
# Build the Access Control List
REG_ACL = build_reg_acl('reg_acl', logger)
# ID ALIAS CREATION # ID ALIAS CREATION
# Download # Download
if CONFIG['ALIASES']['TRY_DOWNLOAD'] == True: if CONFIG['ALIASES']['TRY_DOWNLOAD'] == True:

55
hb_parrot.py
View File

@ -35,7 +35,7 @@ from twisted.protocols.basic import NetstringReceiver
from twisted.internet import reactor, task from twisted.internet import reactor, task
# Things we import from the main hblink module # Things we import from the main hblink module
from hblink import HBSYSTEM, systems, hblink_handler, reportFactory, REPORT_OPCODES, config_reports from hblink import HBSYSTEM, systems, hblink_handler, reportFactory, REPORT_OPCODES, config_reports, build_reg_acl
from dmr_utils.utils import hex_str_3, int_id, get_alias from dmr_utils.utils import hex_str_3, int_id, get_alias
from dmr_utils import decode, bptc, const from dmr_utils import decode, bptc, const
import hb_config import hb_config
@ -53,57 +53,6 @@ __status__ = 'pre-alpha'
# Module gobal varaibles # Module gobal varaibles
# Import subscriber ACL
# ACL may be a single list of subscriber IDs
# Global action is to allow or deny them. Multiple lists with different actions and ranges
# are not yet implemented.
def build_acl(_sub_acl):
ACL = set()
try:
acl_file = import_module(_sub_acl)
logger.info('ACL file found, importing entries. This will take about 1.5 seconds per 1 million IDs')
sections = acl_file.ACL.split(':')
ACL_ACTION = sections[0]
entries_str = sections[1]
for entry in entries_str.split(','):
if '-' in entry:
start,end = entry.split('-')
start,end = int(start), int(end)
for id in range(start, end+1):
ACL.add(hex_str_3(id))
else:
id = int(entry)
ACL.add(hex_str_3(id))
logger.info('ACL loaded: action "{}" for {:,} radio IDs'.format(ACL_ACTION, len(ACL)))
except ImportError:
logger.info('ACL file not found or invalid - all subscriber IDs are valid')
ACL_ACTION = 'NONE'
# Depending on which type of ACL is used (PERMIT, DENY... or there isn't one)
# define a differnet function to be used to check the ACL
global allow_sub
if ACL_ACTION == 'PERMIT':
def allow_sub(_sub):
if _sub in ACL:
return True
else:
return False
elif ACL_ACTION == 'DENY':
def allow_sub(_sub):
if _sub not in ACL:
return True
else:
return False
else:
def allow_sub(_sub):
return True
return ACL
class parrot(HBSYSTEM): class parrot(HBSYSTEM):
def __init__(self, _name, _config, _logger, _report): def __init__(self, _name, _config, _logger, _report):
@ -247,7 +196,7 @@ if __name__ == '__main__':
signal.signal(sig, sig_handler) signal.signal(sig, sig_handler)
# Build the Access Control List # Build the Access Control List
ACL = build_acl('reg_acl') REG_ACL = build_reg_acl('reg_acl', logger)
# ID ALIAS CREATION # ID ALIAS CREATION
# Download # Download

28
hblink.py
View File

@ -94,15 +94,15 @@ def hblink_handler(_signal, _frame, _logger):
# Import subscriber registration ACL # Import subscriber registration ACL
# ACL may be a single list of subscriber IDs # Registration ACL may be a single list of subscriber IDs
# Global action is to allow or deny them. Multiple lists with different actions and ranges # Global action is to allow or deny them. Multiple lists with different actions and ranges
# are not yet implemented. # are not yet implemented.
def build_acl(_reg_acl): def build_reg_acl(_reg_acl, _logger):
ACL = set() REG_ACL = set()
try: try:
acl_file = import_module(_reg_acl) acl_file = import_module(_reg_acl)
logger.info('Registration ACL file found, importing entries. This will take about 1.5 seconds per 1 million IDs') _logger.info('Registration ACL file found, importing entries. This will take about 1.5 seconds per 1 million IDs')
sections = acl_file.ACL.split(':') sections = acl_file.REG_ACL.split(':')
ACL_ACTION = sections[0] ACL_ACTION = sections[0]
entries_str = sections[1] entries_str = sections[1]
@ -111,29 +111,29 @@ def build_acl(_reg_acl):
start,end = entry.split('-') start,end = entry.split('-')
start,end = int(start), int(end) start,end = int(start), int(end)
for id in range(start, end+1): for id in range(start, end+1):
ACL.add(hex_str_4(id)) REG_ACL.add(hex_str_4(id))
else: else:
id = int(entry) id = int(entry)
ACL.add(hex_str_4(id)) REG_ACL.add(hex_str_4(id))
logger.info('Registration ACL loaded: action "{}" for {:,} registration IDs'.format(ACL_ACTION, len(ACL))) _logger.info('Registration ACL loaded: action "{}" for {:,} registration IDs'.format(ACL_ACTION, len(REG_ACL)))
except ImportError: except ImportError:
logger.info('Registration ACL file not found or invalid - all IDs are valid') _logger.info('Registration ACL file not found or invalid - all IDs are valid')
ACL_ACTION = 'NONE' ACL_ACTION = 'NONE'
# Depending on which type of ACL is used (PERMIT, DENY... or there isn't one) # Depending on which type of REG_ACL is used (PERMIT, DENY... or there isn't one)
# define a differnet function to be used to check the ACL # define a differnet function to be used to check the ACL
global allow_reg global allow_reg
if ACL_ACTION == 'PERMIT': if ACL_ACTION == 'PERMIT':
def allow_reg(_id): def allow_reg(_id):
if _id in ACL: if _id in REG_ACL:
return True return True
else: else:
return False return False
elif ACL_ACTION == 'DENY': elif ACL_ACTION == 'DENY':
def allow_reg(_id): def allow_reg(_id):
if _id not in ACL: if _id not in REG_ACL:
return True return True
else: else:
return False return False
@ -141,7 +141,7 @@ def build_acl(_reg_acl):
def allow_reg(_id): def allow_reg(_id):
return True return True
return ACL return REG_ACL
#************************************************ #************************************************
# AMBE CLASS: Used to parse out AMBE and send to gateway # AMBE CLASS: Used to parse out AMBE and send to gateway
@ -649,7 +649,7 @@ if __name__ == '__main__':
signal.signal(sig, sig_handler) signal.signal(sig, sig_handler)
# Build the Access Control List # Build the Access Control List
ACL = build_acl('reg_acl') REG_ACL = build_reg_acl('reg_acl', logger)
# INITIALIZE THE REPORTING LOOP # INITIALIZE THE REPORTING LOOP
report_server = config_reports(CONFIG, logger, reportFactory) report_server = config_reports(CONFIG, logger, reportFactory)