import copy import logging import socket from collections import namedtuple from typing import Any, Dict, List, Optional, Tuple import uaclient.files.machine_token as mtf from uaclient import ( data_types, event_logger, exceptions, http, messages, secret_manager, system, util, version, ) from uaclient.api.u.pro.status.enabled_services.v1 import _enabled_services from uaclient.api.u.pro.status.is_attached.v1 import _is_attached from uaclient.config import UAConfig from uaclient.defaults import ATTACH_FAIL_DATE_FORMAT from uaclient.files.state_files import attachment_data_file, machine_id_file from uaclient.http import serviceclient from uaclient.log import get_user_or_root_log_file_path # Here we describe every endpoint from the ua-contracts # service that is used by this client implementation. API_V1_ADD_CONTRACT_MACHINE = "/v1/context/machines/token" API_V1_GET_CONTRACT_MACHINE = ( "/v1/contracts/{contract}/context/machines/{machine}" ) API_V1_UPDATE_CONTRACT_MACHINE = ( "/v1/contracts/{contract}/context/machines/{machine}" ) API_V1_AVAILABLE_RESOURCES = "/v1/resources" API_V1_GET_RESOURCE_MACHINE_ACCESS = ( "/v1/resources/{resource}/context/machines/{machine}" ) API_V1_GET_CONTRACT_TOKEN_FOR_CLOUD_INSTANCE = "/v1/clouds/{cloud_type}/token" API_V1_UPDATE_ACTIVITY_TOKEN = ( "/v1/contracts/{contract}/machine-activity/{machine}" ) API_V1_GET_CONTRACT_USING_TOKEN = "/v1/contract" API_V1_GET_MAGIC_ATTACH_TOKEN_INFO = "/v1/magic-attach" API_V1_NEW_MAGIC_ATTACH = "/v1/magic-attach" API_V1_REVOKE_MAGIC_ATTACH = "/v1/magic-attach" API_V1_GET_GUEST_TOKEN = ( "/v1/contracts/{contract}/context/machines/{machine}/guest-token" ) OVERRIDE_SELECTOR_WEIGHTS = { "series_overrides": 1, "series": 2, "cloud": 3, "variant": 4, } event = event_logger.get_event_logger() LOG = logging.getLogger(util.replace_top_level_logger_name(__name__)) EnableByDefaultService = namedtuple( "EnableByDefaultService", ["name", "variant"] ) class CPUTypeData(data_types.DataObject): fields = [ data_types.Field( "cpuinfo_cpu", data_types.StringDataValue, required=False ), data_types.Field( "cpuinfo_cpu_architecture", data_types.StringDataValue, required=False, ), data_types.Field( "cpuinfo_cpu_family", data_types.StringDataValue, required=False ), data_types.Field( "cpuinfo_cpu_implementer", data_types.StringDataValue, required=False, ), data_types.Field( "cpuinfo_cpu_part", data_types.StringDataValue, required=False ), data_types.Field( "cpuinfo_cpu_revision", data_types.StringDataValue, required=False ), data_types.Field( "cpuinfo_cpu_variant", data_types.StringDataValue, required=False ), data_types.Field( "cpuinfo_model", data_types.StringDataValue, required=False ), data_types.Field( "cpuinfo_model_name", data_types.StringDataValue, required=False ), data_types.Field( "cpuinfo_stepping", data_types.StringDataValue, required=False ), data_types.Field( "cpuinfo_vendor_id", data_types.StringDataValue, required=False ), data_types.Field( "sys_firmware_devicetree_base_model", data_types.StringDataValue, required=False, ), data_types.Field( "sysinfo_model", data_types.StringDataValue, required=False ), data_types.Field( "sysinfo_type", data_types.StringDataValue, required=False ), ] def __init__( self, cpuinfo_cpu: Optional[str] = None, cpuinfo_cpu_architecture: Optional[str] = None, cpuinfo_cpu_family: Optional[str] = None, cpuinfo_cpu_implementer: Optional[str] = None, cpuinfo_cpu_part: Optional[str] = None, cpuinfo_cpu_revision: Optional[str] = None, cpuinfo_cpu_variant: Optional[str] = None, cpuinfo_model: Optional[str] = None, cpuinfo_model_name: Optional[str] = None, cpuinfo_stepping: Optional[str] = None, cpuinfo_vendor_id: Optional[str] = None, sys_firmware_devicetree_base_model: Optional[str] = None, sysinfo_model: Optional[str] = None, sysinfo_type: Optional[str] = None, ): self.cpuinfo_cpu = cpuinfo_cpu self.cpuinfo_cpu_architecture = cpuinfo_cpu_architecture self.cpuinfo_cpu_family = cpuinfo_cpu_family self.cpuinfo_cpu_implementer = cpuinfo_cpu_implementer self.cpuinfo_cpu_part = cpuinfo_cpu_part self.cpuinfo_cpu_revision = cpuinfo_cpu_revision self.cpuinfo_cpu_variant = cpuinfo_cpu_variant self.cpuinfo_model = cpuinfo_model self.cpuinfo_model_name = cpuinfo_model_name self.cpuinfo_stepping = cpuinfo_stepping self.cpuinfo_vendor_id = cpuinfo_vendor_id self.sys_firmware_devicetree_base_model = ( sys_firmware_devicetree_base_model ) self.sysinfo_model = sysinfo_model self.sysinfo_type = sysinfo_type class UAContractClient(serviceclient.UAServiceClient): cfg_url_base_attr = "contract_url" def __init__( self, cfg: Optional[UAConfig] = None, ) -> None: super().__init__(cfg=cfg) self.machine_token_file = mtf.get_machine_token_file() @util.retry(socket.timeout, retry_sleeps=[1, 2, 2]) def add_contract_machine( self, contract_token, attachment_dt, machine_id=None ): """Requests machine attach to the provided machine_id. @param contract_token: Token string providing authentication to ContractBearer service endpoint. @param machine_id: Optional unique system machine id. When absent, contents of /etc/machine-id will be used. @return: Dict of the JSON response containing the machine-token. """ if not machine_id: machine_id = system.get_machine_id(self.cfg) headers = self.headers() headers.update({"Authorization": "Bearer {}".format(contract_token)}) activity_info = self._get_activity_info() activity_info["lastAttachment"] = attachment_dt.isoformat() data = {"machineId": machine_id, "activityInfo": activity_info} backcompat_data = _support_old_machine_info(data) response = self.request_url( API_V1_ADD_CONTRACT_MACHINE, data=backcompat_data, headers=headers ) if response.code == 401: raise exceptions.AttachInvalidTokenError() elif response.code == 403: _raise_attach_forbidden_message(response) if response.code != 200: raise exceptions.ContractAPIError( url=API_V1_ADD_CONTRACT_MACHINE, code=response.code, body=response.body, ) response_json = response.json_dict secret_manager.secrets.add_secret( response_json.get("machineToken", "") ) for token in response_json.get("resourceTokens", []): secret_manager.secrets.add_secret(token.get("token", "")) return response_json def available_resources(self) -> Dict[str, Any]: """Requests list of entitlements available to this machine type.""" activity_info = self._get_activity_info() response = self.request_url( API_V1_AVAILABLE_RESOURCES, query_params={ "architecture": activity_info["architecture"], "series": activity_info["series"], "kernel": activity_info["kernel"], "virt": activity_info["virt"], }, ) if response.code != 200: raise exceptions.ContractAPIError( url=API_V1_AVAILABLE_RESOURCES, code=response.code, body=response.body, ) return response.json_dict def get_contract_using_token(self, contract_token: str) -> Dict[str, Any]: headers = self.headers() headers.update({"Authorization": "Bearer {}".format(contract_token)}) response = self.request_url( API_V1_GET_CONTRACT_USING_TOKEN, headers=headers ) if response.code != 200: raise exceptions.ContractAPIError( url=API_V1_GET_CONTRACT_USING_TOKEN, code=response.code, body=response.body, ) return response.json_dict @util.retry(socket.timeout, retry_sleeps=[1, 2, 2]) def get_contract_token_for_cloud_instance( self, *, cloud_type: str, data: Dict[str, Any] ): """Requests contract token for auto-attach images for Pro clouds. @param instance: AutoAttachCloudInstance for the cloud. @return: Dict of the JSON response containing the contract-token. """ response = self.request_url( API_V1_GET_CONTRACT_TOKEN_FOR_CLOUD_INSTANCE.format( cloud_type=cloud_type ), data=data, ) if response.code != 200: msg = response.json_dict.get("message", "") if msg: LOG.debug(msg) raise exceptions.InvalidProImage(error_msg=msg) raise exceptions.ContractAPIError( url=API_V1_GET_CONTRACT_TOKEN_FOR_CLOUD_INSTANCE, code=response.code, body=response.body, ) response_json = response.json_dict secret_manager.secrets.add_secret( response_json.get("contractToken", "") ) return response_json def get_resource_machine_access( self, machine_token: str, resource: str, machine_id: Optional[str] = None, ) -> Dict[str, Any]: """Requests machine access context for a given resource @param machine_token: The authentication token needed to talk to this contract service endpoint. @param resource: Entitlement name. @param machine_id: Optional unique system machine id. When absent, contents of /etc/machine-id will be used. @return: Dict of the JSON response containing entitlement accessInfo. """ if not machine_id: machine_id = system.get_machine_id(self.cfg) headers = self.headers() headers.update({"Authorization": "Bearer {}".format(machine_token)}) url = API_V1_GET_RESOURCE_MACHINE_ACCESS.format( resource=resource, machine=machine_id ) response = self.request_url(url, headers=headers) if response.code != 200: raise exceptions.ContractAPIError( url=API_V1_GET_RESOURCE_MACHINE_ACCESS, code=response.code, body=response.body, ) if response.headers.get("expires"): response.json_dict["expires"] = response.headers["expires"] response_json = response.json_dict for token in response_json.get("resourceTokens", []): secret_manager.secrets.add_secret(token.get("token", "")) return response_json def update_activity_token(self): """Report current activity token and enabled services. This will report to the contracts backend all the current enabled services in the system. """ contract_id = self.machine_token_file.contract_id machine_token = self.machine_token_file.machine_token.get( "machineToken" ) machine_id = system.get_machine_id(self.cfg) request_data = self._get_activity_info() url = API_V1_UPDATE_ACTIVITY_TOKEN.format( contract=contract_id, machine=machine_id ) headers = self.headers() headers.update({"Authorization": "Bearer {}".format(machine_token)}) response = self.request_url(url, headers=headers, data=request_data) if response.code != 200: raise exceptions.ContractAPIError( url=url, code=response.code, body=response.body ) # We will update the `machine-token.json` based on the response # provided by the server. We expect the response to be # a full `activityInfo` object which belongs at the root of # `machine-token.json` if response.json_dict: machine_token = self.machine_token_file.machine_token # The activity information received as a response here # will not provide the information inside an activityInfo # structure. However, this structure will be reflected when # we reach the contract for attach and refresh requests. # Because of that, we will store the response directly on # the activityInfo key machine_token["activityInfo"] = response.json_dict self.machine_token_file.write(machine_token) def get_magic_attach_token_info(self, magic_token: str) -> Dict[str, Any]: """Request magic attach token info. When the magic token is registered, it will contain new fields that will allow us to know that the attach process can proceed """ headers = self.headers() headers.update({"Authorization": "Bearer {}".format(magic_token)}) response = self.request_url( API_V1_GET_MAGIC_ATTACH_TOKEN_INFO, headers=headers ) if response.code == 401: raise exceptions.MagicAttachTokenError() if response.code == 503: raise exceptions.MagicAttachUnavailable() if response.code != 200: raise exceptions.ContractAPIError( url=API_V1_GET_MAGIC_ATTACH_TOKEN_INFO, code=response.code, body=response.body, ) response_json = response.json_dict secret_fields = ["token", "userCode", "contractToken"] for field in secret_fields: secret_manager.secrets.add_secret(response_json.get(field, "")) return response_json def new_magic_attach_token(self) -> Dict[str, Any]: """Create a magic attach token for the user.""" headers = self.headers() response = self.request_url( API_V1_NEW_MAGIC_ATTACH, headers=headers, method="POST", ) if response.code == 503: raise exceptions.MagicAttachUnavailable() if response.code != 200: raise exceptions.ContractAPIError( url=API_V1_NEW_MAGIC_ATTACH, code=response.code, body=response.body, ) response_json = response.json_dict secret_fields = ["token", "userCode", "contractToken"] for field in secret_fields: secret_manager.secrets.add_secret(response_json.get(field, "")) return response_json def revoke_magic_attach_token(self, magic_token: str): """Revoke a magic attach token for the user.""" headers = self.headers() headers.update({"Authorization": "Bearer {}".format(magic_token)}) response = self.request_url( API_V1_REVOKE_MAGIC_ATTACH, headers=headers, method="DELETE", ) if response.code == 400: raise exceptions.MagicAttachTokenAlreadyActivated() if response.code == 401: raise exceptions.MagicAttachTokenError() if response.code == 503: raise exceptions.MagicAttachUnavailable() if response.code != 200: raise exceptions.ContractAPIError( url=API_V1_REVOKE_MAGIC_ATTACH, code=response.code, body=response.body, ) def get_contract_machine( self, machine_token: str, contract_id: str, machine_id: Optional[str] = None, ) -> Dict[str, Any]: """Get the updated machine token from the contract server. @param machine_token: The machine token needed to talk to this contract service endpoint. @param contract_id: Unique contract id provided by contract service @param machine_id: Optional unique system machine id. When absent, contents of /etc/machine-id will be used. """ if not machine_id: machine_id = system.get_machine_id(self.cfg) headers = self.headers() headers.update({"Authorization": "Bearer {}".format(machine_token)}) url = API_V1_GET_CONTRACT_MACHINE.format( contract=contract_id, machine=machine_id, ) activity_info = self._get_activity_info() response = self.request_url( url, method="GET", headers=headers, query_params={ "architecture": activity_info["architecture"], "series": activity_info["series"], "kernel": activity_info["kernel"], "virt": activity_info["virt"], }, ) if response.code != 200: raise exceptions.ContractAPIError( url=url, code=response.code, body=response.body ) if response.headers.get("expires"): response.json_dict["expires"] = response.headers["expires"] return response.json_dict def update_contract_machine( self, machine_token: str, contract_id: str, machine_id: Optional[str] = None, ) -> Dict: """Request machine token refresh from contract server. @param machine_token: The machine token needed to talk to this contract service endpoint. @param contract_id: Unique contract id provided by contract service. @param machine_id: Optional unique system machine id. When absent, contents of /etc/machine-id will be used. @return: Dict of the JSON response containing refreshed machine-token """ if not machine_id: machine_id = system.get_machine_id(self.cfg) headers = self.headers() headers.update({"Authorization": "Bearer {}".format(machine_token)}) data = { "machineId": machine_id, "activityInfo": self._get_activity_info(), } backcompat_data = _support_old_machine_info(data) url = API_V1_UPDATE_CONTRACT_MACHINE.format( contract=contract_id, machine=machine_id ) response = self.request_url( url, headers=headers, method="POST", data=backcompat_data ) if response.code != 200: raise exceptions.ContractAPIError( url=url, code=response.code, body=response.body ) if response.headers.get("expires"): response.json_dict["expires"] = response.headers["expires"] return response.json_dict def get_guest_token( self, machine_token: str, contract_id: str, machine_id: str, ) -> Dict: """Request guest token associated with this machine's contract @param machine_token: The machine token needed to talk to this contract service endpoint. @param contract_id: Unique contract id provided by contract service @param machine_id: Unique machine id that was registered with the pro backend on attach. @return: Dict of the JSON response containing the guest token """ headers = self.headers() headers.update({"Authorization": "Bearer {}".format(machine_token)}) url = API_V1_GET_GUEST_TOKEN.format( contract=contract_id, machine=machine_id, ) response = self.request_url(url, headers=headers, method="GET") if response.code == 400: # defined response code for when machine has a v1 or v2 token # this will only be true for old attachments (2020 or earlier) raise exceptions.FeatureNotSupportedOldTokenError( feature_name="get_guest_token" ) elif response.code != 200: raise exceptions.ContractAPIError( url=url, code=response.code, body=response.body, ) return response.json_dict def _get_activity_info(self): """Return a dict of activity info data for contract requests""" cpuinfo = system.get_cpu_info() machine_info = { "distribution": system.get_release_info().distribution, "kernel": system.get_kernel_info().uname_release, "series": system.get_release_info().series, "architecture": system.get_dpkg_arch(), "desktop": system.is_desktop(), "virt": system.get_virt_type(), "clientVersion": version.get_version(), "cpu_type": CPUTypeData( cpuinfo_cpu=cpuinfo.cpuinfo_cpu, cpuinfo_cpu_architecture=cpuinfo.cpuinfo_cpu_architecture, cpuinfo_cpu_family=cpuinfo.cpuinfo_cpu_family, cpuinfo_cpu_implementer=cpuinfo.cpuinfo_cpu_implementer, cpuinfo_cpu_part=cpuinfo.cpuinfo_cpu_part, cpuinfo_cpu_revision=cpuinfo.cpuinfo_cpu_revision, cpuinfo_cpu_variant=cpuinfo.cpuinfo_cpu_variant, cpuinfo_model=cpuinfo.cpuinfo_model, cpuinfo_model_name=cpuinfo.cpuinfo_model_name, cpuinfo_stepping=cpuinfo.cpuinfo_stepping, cpuinfo_vendor_id=cpuinfo.cpuinfo_vendor_id, sys_firmware_devicetree_base_model=cpuinfo.sys_firmware_devicetree_base_model, # noqa: E501 sysinfo_model=cpuinfo.sysinfo_model, sysinfo_type=cpuinfo.sysinfo_type, ).to_dict(keep_none=False), } if _is_attached(self.cfg).is_attached: enabled_services = _enabled_services(self.cfg).enabled_services attachment_data = attachment_data_file.read() activity_info = { "activityID": self.machine_token_file.activity_id or system.get_machine_id(self.cfg), "activityToken": self.machine_token_file.activity_token, "resources": [service.name for service in enabled_services], "resourceVariants": { service.name: service.variant_name for service in enabled_services if service.variant_enabled }, "lastAttachment": ( attachment_data.attached_at.isoformat() if attachment_data else None ), } else: activity_info = {} return { **activity_info, **machine_info, } def _support_old_machine_info(request_body: dict): """ Transforms a request_body that has the new activity_info into a body that includes both old and new forms of machineInfo/activityInfo This is necessary because there may be old ua-airgapped contract servers deployed that we need to support. This function is used for attach and refresh calls. """ activity_info = request_body.get("activityInfo", {}) return { "machineId": request_body.get("machineId"), "activityInfo": activity_info, "architecture": activity_info.get("architecture"), "os": { "distribution": activity_info.get("distribution"), "kernel": activity_info.get("kernel"), "series": activity_info.get("series"), # These two are required for old ua-airgapped but not sent anymore # in the new activityInfo "type": "Linux", "release": system.get_release_info().release, }, } def process_entitlements_delta( cfg: UAConfig, past_entitlements: Dict[str, Any], new_entitlements: Dict[str, Any], allow_enable: bool, series_overrides: bool = True, ) -> None: """Iterate over all entitlements in new_entitlement and apply any delta found according to past_entitlements. :param cfg: UAConfig instance :param past_entitlements: dict containing the last valid information regarding service entitlements. :param new_entitlements: dict containing the current information regarding service entitlements. :param allow_enable: Boolean set True if allowed to perform the enable operation. When False, a message will be logged to inform the user about the recommended enabled service. :param series_overrides: Boolean set True if series overrides should be applied to the new_access dict. """ from uaclient.entitlements import entitlements_enable_order delta_error = False unexpected_errors = [] # We need to sort our entitlements because some of them # depend on other service to be enable first. failed_services = [] # type: List[str] for name in entitlements_enable_order(cfg): try: new_entitlement = new_entitlements[name] except KeyError: continue failed_services = [] try: deltas, service_enabled = process_entitlement_delta( cfg=cfg, orig_access=past_entitlements.get(name, {}), new_access=new_entitlement, allow_enable=allow_enable, series_overrides=series_overrides, ) except exceptions.UbuntuProError as e: LOG.exception(e) delta_error = True failed_services.append(name) LOG.error( "Failed to process contract delta for %s: %r", name, new_entitlement, ) except Exception as e: LOG.exception(e) unexpected_errors.append(e) failed_services.append(name) LOG.exception( "Unexpected error processing contract delta for %s: %r", name, new_entitlement, ) else: # If we have any deltas to process and we were able to process # them, then we will mark that service as successfully enabled if service_enabled and deltas: event.service_processed(name) event.services_failed(failed_services) if len(unexpected_errors) > 0: raise exceptions.AttachFailureUnknownError( failed_services=[ ( name, messages.UNEXPECTED_ERROR.format( error_msg=str(exception), log_path=get_user_or_root_log_file_path(), ), ) for name, exception in zip(failed_services, unexpected_errors) ] ) elif delta_error: raise exceptions.AttachFailureDefaultServices( failed_services=[ (name, messages.E_ATTACH_FAILURE_DEFAULT_SERVICES) for name in failed_services ] ) def process_entitlement_delta( cfg: UAConfig, orig_access: Dict[str, Any], new_access: Dict[str, Any], allow_enable: bool = False, series_overrides: bool = True, ) -> Tuple[Dict, bool]: """Process a entitlement access dictionary deltas if they exist. :param cfg: UAConfig instance :param orig_access: Dict with original entitlement access details before contract refresh deltas :param new_access: Dict with updated entitlement access details after contract refresh :param allow_enable: Boolean set True if allowed to perform the enable operation. When False, a message will be logged to inform the user about the recommended enabled service. :param series_overrides: Boolean set True if series overrides should be applied to the new_access dict. :raise UbuntuProError: on failure to process deltas. :return: A tuple containing a dict of processed deltas and a boolean indicating if the service was fully processed """ from uaclient.entitlements import entitlement_factory if series_overrides: apply_contract_overrides(new_access) deltas = util.get_dict_deltas(orig_access, new_access) ret = False if deltas: name = orig_access.get("entitlement", {}).get("type") if not name: name = deltas.get("entitlement", {}).get("type") if not name: raise exceptions.InvalidContractDeltasServiceType( orig=orig_access, new=new_access ) variant = ( new_access.get("entitlements", {}) .get("obligations", {}) .get("use_selector", "") ) try: entitlement = entitlement_factory( cfg=cfg, name=name, variant=variant, ) except exceptions.EntitlementNotFoundError as exc: LOG.debug( 'Skipping entitlement deltas for "%s". No such class', name ) raise exc ret = entitlement.process_contract_deltas( orig_access, deltas, allow_enable=allow_enable ) return deltas, ret def _raise_attach_forbidden_message( response: http.HTTPResponse, ) -> messages.NamedMessage: info = response.json_dict.get("info") if info: contract_id = info["contractId"] reason = info["reason"] if reason == "no-longer-effective": date = info["time"].strftime(ATTACH_FAIL_DATE_FORMAT) raise exceptions.AttachForbiddenExpired( contract_id=contract_id, date=date, # keep this extra date for backwards compat contract_expiry_date=info["time"].strftime("%m-%d-%Y"), ) elif reason == "not-effective-yet": date = info["time"].strftime(ATTACH_FAIL_DATE_FORMAT) raise exceptions.AttachForbiddenNotYet( contract_id=contract_id, date=date, # keep this extra date for backwards compat contract_effective_date=info["time"].strftime("%m-%d-%Y"), ) elif reason == "never-effective": raise exceptions.AttachForbiddenNever(contract_id=contract_id) raise exceptions.AttachExpiredToken() def refresh(cfg: UAConfig): """Request contract refresh from ua-contracts service. :raise UbuntuProError: on failure to update contract or error processing contract deltas :raise ConnectivityError: On failure during a connection """ machine_token_file = mtf.get_machine_token_file(cfg) orig_entitlements = machine_token_file.entitlements() orig_token = machine_token_file.machine_token machine_token = orig_token["machineToken"] contract_id = orig_token["machineTokenInfo"]["contractInfo"]["id"] contract_client = UAContractClient(cfg=cfg) resp = contract_client.update_contract_machine( machine_token=machine_token, contract_id=contract_id ) machine_token_file.write(resp) system.get_machine_id.cache_clear() machine_id = resp.get("machineTokenInfo", {}).get( "machineId", system.get_machine_id(cfg) ) machine_id_file.write(machine_id) process_entitlements_delta( cfg, orig_entitlements, machine_token_file.entitlements(), allow_enable=False, ) def get_available_resources(cfg: UAConfig) -> List[Dict]: """Query available resources from the contract server for this machine.""" client = UAContractClient(cfg) resources = client.available_resources() return resources.get("resources", []) def get_contract_information(cfg: UAConfig, token: str) -> Dict[str, Any]: """Query contract information for a specific token""" client = UAContractClient(cfg) return client.get_contract_using_token(token) def _get_override_weight( override_selector: Dict[str, str], selector_values: Dict[str, str] ) -> int: override_weight = 0 for selector, value in override_selector.items(): if (selector, value) not in selector_values.items(): return 0 override_weight += OVERRIDE_SELECTOR_WEIGHTS[selector] return override_weight def _select_overrides( entitlement: Dict[str, Any], series_name: str, cloud_type: str, variant: Optional[str] = None, ) -> Dict[int, Dict[str, Any]]: overrides = {} selector_values = {"series": series_name, "cloud": cloud_type} if variant: selector_values["variant"] = variant series_overrides = entitlement.pop("series", {}).pop(series_name, {}) if series_overrides: overrides[OVERRIDE_SELECTOR_WEIGHTS["series_overrides"]] = ( series_overrides ) general_overrides = copy.deepcopy(entitlement.get("overrides", [])) for override in general_overrides: weight = _get_override_weight( override.pop("selector"), selector_values ) if weight: overrides[weight] = override return overrides def apply_contract_overrides( orig_access: Dict[str, Any], series: Optional[str] = None, variant: Optional[str] = None, ) -> None: """Apply series-specific overrides to an entitlement dict. This function mutates orig_access dict by applying any series-overrides to the top-level keys under 'entitlement'. The series-overrides are sparse and intended to supplement existing top-level dict values. So, sub-keys under the top-level directives, obligations and affordance sub-key values will be preserved if unspecified in series-overrides. To more clearly indicate that orig_access in memory has already had the overrides applied, the 'series' key is also removed from the orig_access dict. :param orig_access: Dict with original entitlement access details """ from uaclient.clouds.identity import get_cloud_type if not all([isinstance(orig_access, dict), "entitlement" in orig_access]): raise RuntimeError( 'Expected entitlement access dict. Missing "entitlement" key:' " {}".format(orig_access) ) series_name = ( system.get_release_info().series if series is None else series ) cloud_type, _ = get_cloud_type() orig_entitlement = orig_access.get("entitlement", {}) overrides = _select_overrides( orig_entitlement, series_name, cloud_type, variant ) for _weight, overrides_to_apply in sorted(overrides.items()): for key, value in overrides_to_apply.items(): current = orig_access["entitlement"].get(key) if isinstance(current, dict): # If the key already exists and is a dict, # update that dict using the override current.update(value) else: # Otherwise, replace it wholesale orig_access["entitlement"][key] = value def get_enabled_by_default_services( cfg: UAConfig, entitlements: Dict[str, Any] ) -> List[EnableByDefaultService]: from uaclient.entitlements import entitlement_factory enable_by_default_services = [] for ent_name, ent_value in entitlements.items(): variant = ent_value.get("obligations", {}).get("use_selector", "") try: ent = entitlement_factory(cfg=cfg, name=ent_name, variant=variant) except exceptions.EntitlementNotFoundError: continue obligations = ent_value.get("entitlement", {}).get("obligations", {}) resourceToken = ent_value.get("resourceToken") if ent._should_enable_by_default(obligations, resourceToken): can_enable, _ = ent.can_enable() if can_enable: enable_by_default_services.append( EnableByDefaultService( name=ent_name, variant=variant, ) ) return enable_by_default_services

Es la eliminación del sarro y la placa adherida a la superficie de los dientes mediante un equipo de ultrasonidos que garantiza la integridad de las piezas dentales a la vez que elimina en profundidad cualquier resto de suciedad.

A continuación se procede al pulido de los dientes mediante una fresa especial que elimina la placa bacteriana y devuelve a los dientes el aspecto sano que deben tener.

Una vez terminado todo el proceso, se mantiene al perro en observación hasta que se despierta de la anestesia, bajo la atenta supervisión de un veterinario.

¿Cada cuánto tiempo tengo que hacerle una limpieza dental a mi perro?

A partir de cierta edad, los perros pueden necesitar una limpieza dental anual o bianual. Depende de cada caso. En líneas generales, puede decirse que los perros de razas pequeñas suelen acumular más sarro y suelen necesitar una atención mayor en cuanto a higiene dental.

Riesgos de una mala higiene

Los riesgos más evidentes de una mala higiene dental en los perros son los siguientes:

Cuando la acumulación de sarro no se trata, se puede producir una inflamación y retracción de las encías que puede descalzar el diente y provocar caídas.
Mal aliento (halitosis).
Sarro perros
Puede ir a más
Las bacterias de la placa pueden trasladarse a través del torrente circulatorio a órganos vitales como el corazón ocasionando problemas de endocarditis en las válvulas. Las bacterias pueden incluso acantonarse en huesos (La osteomielitis es la infección ósea, tanto cortical como medular) provocando mucho dolor y una artritis séptica).

¿Cómo se forma el sarro?

El sarro es la calcificación de la placa dental. Los restos de alimentos, junto con las bacterias presentes en la boca, van a formar la placa bacteriana o placa dental. Si la placa no se retira, al mezclarse con la saliva y los minerales presentes en ella, reaccionará formando una costra. La placa se calcifica y se forma el sarro.

El sarro, cuando se forma, es de color blanquecino pero a medida que pasa el tiempo se va poniendo amarillo y luego marrón.

Síntomas de una pobre higiene dental
La señal más obvia de una mala salud dental canina es el mal aliento.

Sin embargo, a veces no es tan fácil de detectar
Y hay perros que no se dejan abrir la boca por su dueño. Por ejemplo…

Recientemente nos trajeron a la clínica a un perro que parpadeaba de un ojo y decía su dueño que le picaba un lado de la cara. Tenía molestias y dificultad para comer, lo que había llevado a sus dueños a comprarle comida blanda (que suele ser un poco más cara y llevar más contenido en grasa) durante medio año. Después de una exploración oftalmológica, nos dimos cuenta de que el ojo tenía una úlcera en la córnea probablemente de rascarse . Además, el canto lateral del ojo estaba inflamado. Tenía lo que en humanos llamamos flemón pero como era un perro de pelo largo, no se le notaba a simple vista. Al abrirle la boca nos llamó la atención el ver una muela llena de sarro. Le realizamos una radiografía y encontramos una fístula que llegaba hasta la parte inferior del ojo.

Le tuvimos que extraer la muela. Tras esto, el ojo se curó completamente con unos colirios y una lentilla protectora de úlcera. Afortunadamente, la úlcera no profundizó y no perforó el ojo. Ahora el perro come perfectamente a pesar de haber perdido una muela.

¿Cómo mantener la higiene dental de tu perro?
Hay varias maneras de prevenir problemas derivados de la salud dental de tu perro.

Limpiezas de dientes en casa
Es recomendable limpiar los dientes de tu perro semanal o diariamente si se puede. Existe una gran variedad de productos que se pueden utilizar:

Pastas de dientes.
Cepillos de dientes o dedales para el dedo índice, que hacen más fácil la limpieza.
Colutorios para echar en agua de bebida o directamente sobre el diente en líquido o en spray.

En la Clínica Tus Veterinarios enseñamos a nuestros clientes a tomar el hábito de limpiar los dientes de sus perros desde que son cachorros. Esto responde a nuestro compromiso con la prevención de enfermedades caninas.

Hoy en día tenemos muchos clientes que limpian los dientes todos los días a su mascota, y como resultado, se ahorran el dinero de hacer limpiezas dentales profesionales y consiguen una mejor salud de su perro.

Limpiezas dentales profesionales de perros y gatos

Recomendamos hacer una limpieza dental especializada anualmente. La realizamos con un aparato de ultrasonidos que utiliza agua para quitar el sarro. Después, procedemos a pulir los dientes con un cepillo de alta velocidad y una pasta especial. Hacemos esto para proteger el esmalte.

La frecuencia de limpiezas dentales necesaria varía mucho entre razas. En general, las razas grandes tienen buena calidad de esmalte, por lo que no necesitan hacerlo tan a menudo e incluso pueden pasarse la vida sin requerir una limpieza. Sin embargo, razas pequeñas como el Yorkshire o el Maltés, deben hacérselas todos los años desde cachorros si se quiere conservar sus piezas dentales.

Otro factor fundamental es la calidad del pienso. Algunas marcas han diseñado croquetas que limpian la superficie del diente y de la muela al masticarse.

Ultrasonido para perros

¿Se necesita anestesia para las limpiezas dentales de perros y gatos?

La limpieza dental en perros no es una técnica que pueda practicarse sin anestesia general , aunque hay veces que los propietarios no quieren anestesiar y si tiene poco sarro y el perro es muy bueno se puede intentar…… , pero no se va a poder pulir ni acceder a todas la zona de la boca …. Además los limpiadores dentales van a irrigar agua y hay riesgo de aspiración a vías respiratorias si no se realiza una anestesia correcta con intubación traqueal . En resumen , sin anestesia no se va hacer una correcta limpieza dental.

Tampoco sirve la sedación ya que necesitamos que el animal esté totalmente quieto, y el veterinario tenga un acceso completo a todas sus piezas dentales y encías.

Alimentos para la limpieza dental

Hay que tener cierto cuidado a la hora de comprar determinados alimentos porque no todos son saludables. Algunos tienen demasiado contenido graso, que en exceso puede causar problemas cardiovasculares y obesidad.

Los mejores alimentos para los dientes son aquellos que están elaborados por empresas farmacéuticas y llevan componentes químicos con tratamientos específicos para el diente del perro. Esto implica no solo limpieza a través de la acción mecánica de morder sino también un tratamiento antibacteriano para prevenir el sarro.

Conclusión

Si eres como la mayoría de dueños, por falta de tiempo , es probable que no estés prestando la suficiente atención a la limpieza dental de tu perro. Por eso te animamos a que comiences a limpiar los dientes de tu perro y consideres atender a su higiene bucal con frecuencia.

Estas simples medidas pueden conllevar a que tu perro tenga una vida más larga y mucho más saludable.

Si te resulta imposible introducir un cepillo de dientes a tu perro en la boca, pásate con él por clínica Tus Veterinarios y te explicamos cómo hacerlo.

Necesitas hacer una limpieza dental profesional a tu mascota?
Llámanos al 622575274 o contacta con nosotros

¿Cada cuánto tiempo tengo que hacerle una limpieza dental a mi perro?

Riesgos de una mala higiene

¿Cómo se forma el sarro?

Limpiezas dentales profesionales de perros y gatos

Ultrasonido para perros

Alimentos para la limpieza dental

Conclusión

Deja un comentario Cancelar respuesta

Entradas recientes

Horarios

Donde estamos

Síguenos