management.security.manager

Logic managing the security level setting of the Trustpoint.

Classes

SecurityManager

Manages the security level setting of the Trustpoint.

Module Contents

class management.security.manager.SecurityManager

Bases: trustpoint.logger.LoggerMixin

Manages the security level setting of the Trustpoint.

is_feature_allowed(feature, target_level=None)

Checks if the specified feature is allowed under the given security level.

If ‘target_level’ is None, the current security level is used.

Parameters:

• feature (type[management.security.features.SecurityFeature] | management.security.features.SecurityFeature) – Either a SecurityFeature class or instance

• target_level (None | str) – The security level to check against, or None for current level

Returns:

True if the feature is allowed at the specified security level

Return type:

bool

get_security_level()

Returns the string representation of the security_mode, e.g. ‘0’, ‘1’, etc.

Return type:

str

classmethod get_features_to_disable(sec_level)

Returns a list of features that must be disabled at the given security level.

Parameters:

sec_level (str)

Return type:

list[management.security.features.SecurityFeature]

reset_settings(new_sec_mode)

Disables any feature that is not allowed by the new security mode.

Parameters:

new_sec_mode (str)

Return type:

None

get_security_config_model()

Returns the model holding the security settings.

Return type:

management.models.SecurityConfig

enable_feature(feature, kwargs=None)

Enables a feature if it is allowed at the current security level.

Parameters:

• feature (type[management.security.features.SecurityFeature] | management.security.features.SecurityFeature) – Either a SecurityFeature class or instance

• kwargs (dict | None) – Keyword arguments to pass to the enable method

Return type:

None