Work in progress

rudder-core/src/main/resources/ldap/rudder.schema

@@ -316,6 +316,14 @@ attributetype ( RudderAttributes:230
   EQUALITY caseIgnoreMatch
   SUBSTR caseIgnoreSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} )
+
+### Policy mode, common for Nodes/Directive at first, Surely Rules and groups later
+attributetype ( RudderAttributes:231
+  NAME 'policyMode'
+  DESC 'Policy mode (Enforce/Verify) for this element '
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch )
 
 
 ### API principal and tokens 
@@ -416,7 +424,8 @@ objectclass ( RudderObjectClasses:1
   SUP top
   STRUCTURAL
   MUST ( nodeId $ cn $ isSystem $ isBroken)
-  MAY ( description $ serializedNodeProperty $ serializedAgentRunInterval $ serializedHeartbeatRunConfiguration ) )
+  MAY ( description $ serializedNodeProperty $ serializedAgentRunInterval $
+        serializedHeartbeatRunConfiguration $ policyMode ) )
 
 objectclass ( RudderObjectClasses:2
   NAME 'rudderPolicyServer' 
@@ -484,7 +493,7 @@ objectclass ( RudderObjectClasses:23
   STRUCTURAL
   MUST ( directiveId $ techniqueVersion )
   MAY ( cn $ description $ longDescription $ isEnabled $ isSystem $
-        directivePriority $ directiveVariable  ) )
+        directivePriority $ directiveVariable $ policyMode ) )
 
 ### rules ###
 

rudder-core/src/main/scala/com/normation/rudder/domain/RudderLDAPConstants.scala

@@ -90,10 +90,10 @@ object RudderLDAPConstants extends Loggable {
   val A_SERIALIZED_AGENT_RUN_INTERVAL = "serializedAgentRunInterval"
   val A_SERIALIZED_HEARTBEAT_RUN_CONFIGURATION = "serializedHeartbeatRunConfiguration"
 
+  val A_POLICY_MODE = "policyMode"
 
   val A_NODE_PROPERTY = "serializedNodeProperty"
 
-
   val A_PRIORITY = "directivePriority"
   val A_LONG_DESCRIPTION = "longDescription"
   val A_SERIAL = "serial"
@@ -110,7 +110,6 @@ object RudderLDAPConstants extends Loggable {
   val A_TARGET_AGENTS_NAME = "targetAgentName"
   val A_TARGET_ROOT_USER = "targetLocalAdministratorAccountName"
 
-
   // Creation date of an object
   // it's an operational attribute of OpenLDAP
   val A_OBJECT_CREATION_DATE = "createTimestamp"
@@ -225,7 +224,6 @@ object RudderLDAPConstants extends Loggable {
   OC += (OC_ACTIVE_TECHNIQUE_LIB_VERSION,
     may = Set(A_INIT_DATETIME))
 
-
   OC += (OC_API_ACCOUNT
       , must = Set(A_API_UUID, A_NAME, A_CREATION_DATETIME, A_API_TOKEN, A_API_TOKEN_CREATION_DATETIME)
       , may = Set(A_DESCRIPTION)
@@ -243,7 +241,6 @@ object RudderLDAPConstants extends Loggable {
     must = Set(A_NAME),
     may = Set(A_DESCRIPTION, A_NODE_CONFIG))
 
-
   /**
    * Serialize and unserialize variables in A_DIRECTIVE_VARIABLES
    */

rudder-core/src/main/scala/com/normation/rudder/domain/eventlog/EventLogCategories.scala

@@ -59,7 +59,6 @@ final case object GlobalPropertyEventLogCategory extends EventLogCategory
 final case object SettingsLogCategory extends EventLogCategory
 final case object NodeLogCategory extends EventLogCategory
 
-
 // the promises related event type
 final case object AutomaticStartDeployementEventType extends NoRollbackEventLogType {
   def serialize = "AutomaticStartDeployement"
@@ -228,8 +227,6 @@ final case object ModifyGlobalParameterEventType extends RollbackEventLogType {
   def serialize = "GlobalParameterModified"
 }
 
-
-
 // node properties: properties, heartbeat, agent run.
 final case object ModifyHeartbeatNodeEventType extends RollbackEventLogType {
   def serialize = "NodeHeartbeatModified"
@@ -287,6 +284,11 @@ final case object ModifyRudderSyslogProtocolEventType extends ModifyGlobalProper
   val propertyName = "Rudder syslog protocol"
 }
 
+final case object ModifyPolicyModeEventType extends ModifyGlobalPropertyEventType {
+  def serialize = "PolicyModeModified"
+  val propertyName = "Global policy mode"
+}
+
 /**
  * List of event generating a modification of promises
  */
@@ -327,7 +329,6 @@ object ModificationWatchList {
 
 }
 
-
 object EventTypeFactory {
   val eventTypes = List[EventLogType](
       AutomaticStartDeployementEventType

rudder-core/src/main/scala/com/normation/rudder/domain/eventlog/ModifyGlobalProperty.scala

@@ -3,7 +3,6 @@ package com.normation.rudder.domain.eventlog
 import com.normation.eventlog._
 import com.normation.utils.HashcodeCaching
 
-
 case class ModifyGlobalProperty(
     eventType: ModifyGlobalPropertyEventType
   , eventDetails : EventLogDetails
@@ -30,6 +29,7 @@ object ModifyGlobalPropertyEventLogsFilter {
     ModifyAgentRunStartHourEventType ::
     ModifyAgentRunStartMinuteEventType ::
     ModifyRudderSyslogProtocolEventType ::
+    ModifyPolicyModeEventType ::
     Nil
 
   final val eventList : List[EventLogFilter] =

rudder-core/src/main/scala/com/normation/rudder/domain/nodes/Node.scala

@@ -46,6 +46,8 @@ import com.normation.rudder.reports.AgentRunInterval
 import com.normation.rudder.reports.HeartbeatConfiguration
 import com.normation.rudder.domain.policies.SimpleDiff
 import com.normation.inventory.domain.FullInventory
+import com.normation.rudder.policyMode.PolicyMode
+import com.normation.rudder.policyMode.Enforce
 
 /**
  * The entry point for a REGISTERED node in Rudder.
@@ -63,6 +65,7 @@ case class Node(
   , creationDate              : DateTime
   , nodeReportingConfiguration: ReportingConfiguration
   , properties                : Seq[NodeProperty]
+  , policyMode                : Option[PolicyMode]
 ) extends HashcodeCaching
 
 case object Node {
@@ -77,6 +80,7 @@ case object Node {
       , inventory.node.inventoryDate.getOrElse(new DateTime(0))
       , ReportingConfiguration(None,None)
       , Seq()
+      , None
     )
   }
 }

rudder-core/src/main/scala/com/normation/rudder/domain/policies/Directive.scala

@@ -44,8 +44,9 @@ import com.normation.cfclerk.domain.TechniqueVersion
 import com.normation.utils.HashcodeCaching
 import com.normation.cfclerk.domain.SectionSpec
 import com.normation.cfclerk.domain.Technique
+import com.normation.rudder.policyMode.PolicyMode
 
-case class DirectiveId(value:String) extends HashcodeCaching
+case class DirectiveId(value : String) extends HashcodeCaching
 
 /**
  * Define a directive.
@@ -64,61 +65,54 @@ case class DirectiveId(value:String) extends HashcodeCaching
  * the same technique.
  *
  */
-case class Directive(
-  id:DirectiveId,
-
-  //TODO: why not keeping techniqueName here ? data duplication ?
-
-  /**
-   * They reference one and only one Technique version
-   */
-  techniqueVersion:TechniqueVersion,
-
-  /**
-   * The list or parameters with their values.
-   * TODO: I really would like to be able to not allow to set bad parameter here,
-   *       what mean parameter that are not in the technique.
-   *       For now, say it's done by construction.
-   */
-  parameters:Map[String, Seq[String]],
-
-  /**
-   * A human readable name for that directive,
-   * typically used for CSV/grid header
-   * i.e: "SEC-042 Debian Etch"
-   * Can not be empty nor null.
-   */
-  name:String,
-
-  /**
-   * Short description, typically used as field description
-   * Can not be empty nor null.
-   */
-  shortDescription:String,
-
-  /**
-   * A long, detailed description, typically used for
-   * tooltip. It allows reach content.
-   * Can be empty (and is by default).
-   */
-  longDescription:String = "",
-
-  /**
-   * For policies which allows only one configured instance at
-   * a given time for a given node, priority allows to choose
-   * the policy to deploy.
-   * Higher priority is better, default is 5
-   */
-  priority:Int = 5,
-
-  /**
-   * Define if the policy is activated.
-   * If it is not, configuration based on that policy should not be considered
-   * for deployment on nodes.
-   */
-  _isEnabled:Boolean = false,
+ //TODO: why not keeping techniqueName here ? data duplication ?
 
-  isSystem:Boolean = false
+case class Directive(
+    id : DirectiveId
+    /**
+     * They reference one and only one Technique version
+     */
+  , techniqueVersion : TechniqueVersion
+    /**
+     * The list or parameters with their values.
+     * TODO: I really would like to be able to not allow to set bad parameter here,
+     *       what mean parameter that are not in the technique.
+     *       For now, say it's done by construction.
+     */
+  , parameters : Map[String, Seq[String]]
+    /**
+     * A human readable name for that directive,
+     * typically used for CSV/grid header
+     * i.e: "SEC-042 Debian Etch"
+     * Can not be empty nor null.
+     */
+  , name : String
+    /**
+     * Short description, typically used as field description
+     * Can not be empty nor null.
+     */
+  , shortDescription : String
+  , policyMode : Option[PolicyMode]
+    /**
+     * A long, detailed description, typically used for
+     * tooltip. It allows reach content.
+     * Can be empty (and is by default).
+     */
+  , longDescription : String = ""
+    /**
+     * For policies which allows only one configured instance at
+     * a given time for a given node, priority allows to choose
+     * the policy to deploy.
+     * Higher priority is better, default is 5
+     */
+  , priority : Int = 5
+    /**
+     * Define if the policy is activated.
+     * If it is not, configuration based on that policy should not be considered
+     * for deployment on nodes.
+     */
+   , _isEnabled : Boolean = false
+   , isSystem : Boolean = false
 ) extends HashcodeCaching {
   //system object must ALWAYS be ENABLED.
   def isEnabled = _isEnabled || isSystem
@@ -132,7 +126,7 @@ final case class SectionVal(
 object SectionVal {
   val ROOT_SECTION_NAME = "sections"
 
-  def toXml(sv:SectionVal, sectionName:String = ROOT_SECTION_NAME): Node = {
+  def toXml(sv : SectionVal, sectionName : String = ROOT_SECTION_NAME): Node = {
     <section name={sectionName}>
       { //variables
         sv.variables.toSeq.sortBy(_._1).map { case (variable,value) =>
@@ -149,11 +143,11 @@ object SectionVal {
     </section>
   }
 
-  def directiveValToSectionVal(rootSection:SectionSpec, allValues:Map[String,Seq[String]]) : SectionVal = {
+  def directiveValToSectionVal(rootSection : SectionSpec, allValues : Map[String,Seq[String]]) : SectionVal = {
     /*
      * build variables with a parent section multivalued.
      */
-    def buildMonoSectionWithMultivaluedParent(spec:SectionSpec, index:Int) : SectionVal = {
+    def buildMonoSectionWithMultivaluedParent(spec : SectionSpec, index : Int) : SectionVal = {
       if(spec.isMultivalued) throw new RuntimeException("We found a multivalued subsection of a multivalued section: " + spec)
 
       //variable for that section: Map[String, String]
@@ -172,7 +166,7 @@ object SectionVal {
 
     }
 
-    def buildMultiSectionWithoutMultiParent(spec:SectionSpec) : Seq[SectionVal] = {
+    def buildMultiSectionWithoutMultiParent(spec : SectionSpec) : Seq[SectionVal] = {
       if(!spec.isMultivalued) throw new RuntimeException("We found a monovalued section where a multivalued section was asked for: " + spec)
 
       // find the number of iteration for that multivalued section.
@@ -224,7 +218,7 @@ object SectionVal {
       }
     }
 
-    def buildMonoSectionWithoutMultivaluedParent(spec:SectionSpec) : SectionVal = {
+    def buildMonoSectionWithoutMultivaluedParent(spec : SectionSpec) : SectionVal = {
       val variables = spec.getDirectVariables.map { vspec =>
         //we can have a empty value for a variable, for non mandatory ones
         (vspec.name, allValues.getOrElse(vspec.name,Seq(""))(0))
@@ -244,11 +238,11 @@ object SectionVal {
     buildMonoSectionWithoutMultivaluedParent(rootSection)
   }
 
-  def toMapVariables(sv:SectionVal) : Map[String,Seq[String]] = {
+  def toMapVariables(sv : SectionVal) : Map[String,Seq[String]] = {
     import scala.collection.mutable.{Map, Buffer}
     val res = Map[String, Buffer[String]]()
 
-    def recToMap(sec:SectionVal) : Unit = {
+    def recToMap(sec : SectionVal) : Unit = {
       sec.variables.foreach { case (name,value) =>
         res.getOrElseUpdate(name, Buffer()).append(value)
       }