ros2 · kyrofa · Apr 7, 2020 · Apr 7, 2020 · Apr 3, 2020 · Apr 7, 2020
diff --git a/sros2/sros2/api/__init__.py b/sros2/sros2/api/__init__.py
@@ -34,7 +34,7 @@
     load_policy,
 )
 
-from . import _keystore, _utilities
+from . import _keystore, _policy, _utilities
 
 HIDDEN_NODE_PREFIX = '_'
 
@@ -120,25 +120,8 @@ def create_permission_file(path, domain_id, policy_element):
         f.write(etree.tostring(permissions_xml, pretty_print=True))
 
 
-def get_policy(name, policy_file_path):
-    policy_tree = load_policy(policy_file_path)
-    return get_policy_from_tree(name, policy_tree)
-
-
-def get_policy_from_tree(name, policy_tree):
-    context_element = policy_tree.find(
-        path=f'contexts/context[@path="{name}"]')
-    if context_element is None:
-        raise RuntimeError(f'unable to find context "{name}"')
-    contexts_element = etree.Element('contexts')
-    contexts_element.append(context_element)
-    policy_element = etree.Element('policy')
-    policy_element.append(contexts_element)
-    return policy_element
-
-
 def create_permission(keystore_path, identity, policy_file_path):
-    policy_element = get_policy(identity, policy_file_path)
+    policy_element = _policy.get_policy(identity, policy_file_path)
     create_permissions_from_policy_element(keystore_path, identity, policy_element)
     return True
 
@@ -209,7 +192,7 @@ def create_key(keystore_path, identity):
     # create a wildcard permissions file for this node which can be overridden
     # later using a policy if desired
     policy_file_path = get_policy_default('policy.xml')
-    policy_element = get_policy('/', policy_file_path)
+    policy_element = _policy.get_policy('/', policy_file_path)
     context_element = policy_element.find('contexts/context')
     context_element.attrib['path'] = identity
 
@@ -274,7 +257,7 @@ def generate_artifacts(keystore_path=None, identity_names=[], policy_files=[]):
             if identity_name not in identity_names:
                 if not create_key(keystore_path, identity_name):
                     return False
-            policy_element = get_policy_from_tree(identity_name, policy_tree)
+            policy_element = _policy.get_policy_from_tree(identity_name, policy_tree)
             create_permissions_from_policy_element(
                 keystore_path, identity_name, policy_element)
     return True

diff --git a/sros2/sros2/api/_policy.py b/sros2/sros2/api/_policy.py
@@ -0,0 +1,34 @@
+# Copyright 2016-2019 Open Source Robotics Foundation, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from lxml import etree
+
+from sros2.policy import load_policy
+
+
+def get_policy(name, policy_file_path):
+    policy_tree = load_policy(policy_file_path)
+    return get_policy_from_tree(name, policy_tree)
+
+
+def get_policy_from_tree(name, policy_tree):
+    context_element = policy_tree.find(
+        path=f'contexts/context[@path="{name}"]')
+    if context_element is None:
+        raise RuntimeError(f'unable to find context "{name}"')
+    contexts_element = etree.Element('contexts')
+    contexts_element.append(context_element)
+    policy_element = etree.Element('policy')
+    policy_element.append(contexts_element)
+    return policy_element