This change restructures how access controls are enforced for
different server operations, pulling common code into a shared
method for reuse. The server unit tests have been updated to
reflect this change.
This change updates the server and managed object set to support
the InitialDate attribute. The InitialDate is set when the Create,
CreateKeyPair, and Register operations are invoked and can be
listed and retrieved with the GetAttributeList and GetAttributes
operations respectively. The server unit tests have been updated
to reflect these changes.
This change adds support for the GetAttributeList operation. The
user can specify the ID of a managed object and get back a list
containing the names of all attributes currently set on the object.
The user can also omit the ID and the server will default to using
the ID placeholder for the object ID. New server tests have been
added to cover this feature. The GetAttributeList payloads have
also been updated for consistency with other payloads, requiring
minor updates in other clients and unit tests.
This change fixes a bug that could occur when accessing the server
with multiple threads or processes. The SQLite backend by default
does not support multithreading. This change updates how the
SQLite backend is instantiated, preventing error generation when
using multiple clients simultaenously. The server unit test suite
has been updated to cover the change.
This change updates the server to better handle exceptions thrown
while looking up the value of different attributes on managed
objects. Some managed objects in PyKMIP don't currently support
attributes they are supposed to. This can cause lookup errors
when using GetAttributes. This change suppresses any exceptions
and simply returns None for the missing attribute value. The
server unit tests have been updated to account for this change.
This change adds server support for the GetAttributes operation.
The user can specify an object ID and an attribute list to get
the values of the attributes listed from the specified object.
The user can also omit either argument; the server will default
to using the ID placeholder and all viable attributes respectively.
Only a subset of the standard attributes are supported right now.
New tests have been added to cover the new feature.
Closes#185Closes#211Closes#218
This change updates the server, updating how it processes config
values and allowing it to handle optional or ommitted policy_path
values. This fixes a bug where users could not leave the
policy_path config file unset, in addition to a bug that forced
users to use '/etc/pykmip/policies' as their policy directory.
Fixes#210
This change adds support for the Activate operation to the server,
including additional server unit tests, a new IllegalOperation
exception, and updated state attribute support in Pie objects.
Fixes#186
This change adds support for dynamic operation policy loading.
The server config file now supports a 'policy_path' option that
points to a filesystem directory. Each file in the directory
should contain a JSON policy object. The KMIP server will scan
this directory and attempt to load all valid policies it finds.
The results of this process will be logged.
This change adds enforcement of KMIP operation policies to the
server engine, specifically to the Get and Destroy operations.
Explicit object ownership is enforced as a result, with ownership
now a tracked internal server property of managed objects. Tests
for this new functionality are included.
This change updates the KMIP engine to process and persist the
value of the operation policy name attribute when creating or
registering new managed objects. Tests are included for these
changes.
This change fixes a bug in the KMIP server engine where a missing
request credential would cause the session to prematurely
terminate. Credential handling may require session termination
for missing credentials, but that decision should be made by
credential processing not request processing.
Fixes#193
This change adds some additional logging statements when processing
individual KMIP operations, providing additional information on
operation input and output. The associated tests have been updated
accordingly.
This change adds the KmipEngine, the core processing component of the
KmipServer. The KmipEngine contains the KMIP application logic and
handles process request messages by batch. The engine handles logging
and error handling throughout the processing stack.
New server exceptions are added to handle new error cases. A test suite
is included.
