def test_16_CheckReadRights(self):
# Inserts
STORAGE.put(crecord({'check': 'test4'}),
account=self.anonymous_account)
STORAGE.put(crecord({'check': 'test5'}),
account=self.anonymous_account)
_id = STORAGE.put(crecord({'check': 'test6'}),
account=self.root_account)
## 3 records for user
## 2 records for anonymous
## 6 records for root
records = STORAGE.find(account=self.user_account)
if len(records) != 3:
raise Exception('Invalid rigths for user account ...')
records = STORAGE.find(account=self.anonymous_account)
if len(records) != 2:
raise Exception('Invalid rigths for anonymous account ...')
self.assertRaises(KeyError, STORAGE.get, _id, self.anonymous_account)
record = STORAGE.get(_id, account=self.root_account)
records = STORAGE.find(account=self.root_account)
if len(records) != 6:
raise Exception('Invalid rigths for root account ...')
def test_16_CheckReadRights(self):
# Inserts
STORAGE.put(crecord({'check': 'test4'}), account=self.anonymous_account)
STORAGE.put(crecord({'check': 'test5'}), account=self.anonymous_account)
_id = STORAGE.put(crecord({'check': 'test6'}), account=self.root_account)
## 3 records for user
## 2 records for anonymous
## 6 records for root
records = STORAGE.find(account=self.user_account)
if len(records) != 3:
raise Exception('Invalid rigths for user account ...')
records = STORAGE.find(account=self.anonymous_account)
if len(records) != 2:
raise Exception('Invalid rigths for anonymous account ...')
self.assertRaises(KeyError, STORAGE.get, _id, self.anonymous_account)
record = STORAGE.get(_id, account=self.root_account)
records = STORAGE.find(account=self.root_account)
if len(records) != 6:
raise Exception('Invalid rigths for root account ...')
def test_03_InitFromRecord(self):
record = crecord(self.data)
record2 = crecord(record=record)
del record2.data['crecord_creation_time']
if record2.data != self.data:
raise Exception('Data corruption ...')
def test_03_InitFromRecord(self):
record = crecord(self.data)
record2 = crecord(record=record)
del record2.data['crecord_creation_time']
if record2.data != self.data:
raise Exception('Data corruption ...')
def add_view(views, storage, account):
if not isinstance(views, list):
views = [ views ]
logger.debug('Create views:')
output={}
for view in views:
view_name = view.get('crecord_name', view['_id'])
record_parent = None
try:
logger.debug(' + Get future parent record')
record_parent = storage.get(view['parentId'], account=account)
except:
logger.info("You don't have right on the parent record: %s" % view['parentId'])
output[view_name] = {'success':False,'output':"You don't have right on the parent record"}
record_child = None
try:
record_child = storage.get(view['_id'], account=account)
logger.debug(' + View already exist %s' % view['_id'])
output[view['_id']] = {'success':False,'output':"View already exist"}
except:
logger.debug(' + View not found')
if record_parent and not record_child:
if record_parent.check_write(account=account):
try:
if view['leaf'] == True:
logger.debug('record is a leaf, add the new view')
record = crecord({'leaf':True,'_id':view['_id'],'items':view['items']},type='view',name=view['crecord_name'],account=account)
else:
logger.debug('record is a directory, add it')
record = crecord({'_id':view['_id']},type='view_directory',name=view['crecord_name'],account=account)
except Exception, err:
logger.info('Error while building view/directory crecord : %s' % err)
output[view_name] = {'success':False,'output':"Error while building crecord: %s" % err}
record = None
if isinstance(record,crecord):
record.chown(account._id)
record.chgrp(account.group)
record.chmod('g+w')
record.chmod('g+r')
storage.put(record,account=account)
record_parent.add_children(record)
storage.put([record,record_parent],account=account)
output[view_name] = {'success':True,'output':''}
else:
logger.info('Access Denied')
output[view_name] = {'success':False,'output':"No rights on this record"}
else:
logger.error("Parent doesn't exists or view/directory already exists for %s" % view_name)
def test_09_Remove(self):
record1 = crecord({"check": "remove1"})
id1 = STORAGE.put(record1)
record2 = crecord({"check": "remove2"})
id2 = STORAGE.put(record2)
record3 = crecord({"check": "remove3"})
id3 = STORAGE.put(record3)
STORAGE.remove([id1, id2, id3])
STORAGE.remove(ID)
def test_09_Remove(self):
record1 = crecord({'check': 'remove1'})
id1 = STORAGE.put(record1)
record2 = crecord({'check': 'remove2'})
id2 = STORAGE.put(record2)
record3 = crecord({'check': 'remove3'})
id3 = STORAGE.put(record3)
STORAGE.remove([id1, id2, id3])
STORAGE.remove(ID)
def test_09_Remove(self):
record1 = crecord({'check': 'remove1'})
id1 = STORAGE.put(record1)
record2 = crecord({'check': 'remove2'})
id2 = STORAGE.put(record2)
record3 = crecord({'check': 'remove3'})
id3 = STORAGE.put(record3)
STORAGE.remove([id1, id2, id3])
STORAGE.remove(ID)
def get(self, _id_or_ids, account=None, namespace=None, mfields=None):
if not account:
account = self.account
dolist = False
if isinstance(_id_or_ids, list):
_ids = _id_or_ids
dolist = True
else:
_ids = [ _id_or_ids ]
backend = self.get_backend(namespace)
self.logger.debug(" + Get record '%s'" % _ids)
if not len(_ids):
self.logger.debug(" + No ids")
return []
self.logger.debug(" + fields : %s" % mfields)
self.logger.debug(" + Clean ids")
_ids = [self.clean_id(_id) for _id in _ids]
#Build basic filter
(Read_mfilter, Write_mfilter) = self.make_mongofilter(account)
if len(_ids) == 1:
mfilter = {'_id': _ids[0]}
else:
mfilter = {'_id': {'$in': _ids }}
mfilter = { '$and': [ mfilter, Read_mfilter ] }
#self.logger.debug(" + mfilter: %s" % mfilter)
records = []
try:
if len(_ids) == 1:
raw_record = backend.find_one(mfilter, fields=mfields, safe=self.mongo_safe)
if raw_record and mfields:
records.append(raw_record)
elif raw_record:
records.append(crecord(raw_record=raw_record))
else:
raw_records = backend.find(mfilter, fields=mfields, safe=self.mongo_safe)
if mfields:
records = [raw_record for raw_record in raw_records]
else:
records = [crecord(raw_record=raw_record) for raw_record in raw_records]
except Exception, err:
self.logger.error("Impossible get record '%s' !\nReason: %s" % (_ids, err))
def test_08_recursive_dump(self):
record1 = crecord(self.data)
record2 = crecord(self.data)
record3 = crecord(self.data)
record4 = crecord(self.data)
record2.children.append(record3)
record1.children.append(record2)
record1.children.append(record4)
json_output = record1.recursive_dump(json=True)
json.dumps(json_output)
def test_07_MultiGet(self):
record1 = crecord({'check': 'remove1'})
record2 = crecord({'check': 'remove2'})
record3 = crecord({'check': 'remove3'})
ids = STORAGE.put([record1, record2, record3])
records = STORAGE.get(ids)
if len(records) != 3:
print records
raise Exception("Impossible to get with id's list")
STORAGE.remove(ids)
def test_08_recursive_dump(self): record1 = crecord(self.data) record2 = crecord(self.data) record3 = crecord(self.data) record4 = crecord(self.data) record2.children.append(record3) record1.children.append(record2) record1.children.append(record4) json_output = record1.recursive_dump(json=True) json.dumps(json_output)
def test_07_MultiGet(self):
record1 = crecord({'check': 'remove1'})
record2 = crecord({'check': 'remove2'})
record3 = crecord({'check': 'remove3'})
ids = STORAGE.put([record1, record2, record3])
records = STORAGE.get(ids)
if len(records) != 3:
print records
raise Exception("Impossible to get with id's list")
STORAGE.remove(ids)
def test_02_InitFromRaw(self):
raw = {
'parent': [],
'children': [],
'crecord_name': 'titi',
'aaa_access_group': ['r'],
'aaa_access_owner': ['r', 'w'],
'aaa_group': None,
'aaa_access_unauth': [],
'aaa_owner': None,
'aaa_access_other': [],
'mydata1': 'data1',
'mydata3': 'data3',
'mydata2': 'data2',
'crecord_type': 'raw',
'crecord_write_time': None,
'enable': True
}
record = crecord(raw_record=raw)
del record.data['crecord_creation_time']
if record.data != self.data:
raise Exception('Data corruption ...')
def store_event(self, _id, event):
record = crecord(event)
record.type = "event"
record.chmod("o+r")
record._id = _id
self.storage.put(record, namespace=self.namespace, account=self.account)
def test_02_InitFromRaw(self):
raw = {
'_id': None,
'parent': [],
'children': [],
'crecord_name': 'titi',
'aaa_access_group': ['r'],
'aaa_access_owner': ['r', 'w'],
'aaa_group': None,
'aaa_access_unauth': [],
'aaa_owner': None,
'aaa_access_other': [],
'mydata1': 'data1',
'mydata3': 'data3',
'mydata2': 'data2',
'crecord_type': 'raw',
'crecord_write_time': None,
'enable': True
}
record = crecord(raw_record=raw)
dump = record.dump()
print(' + _id: %s (%s)' % (dump['_id'], type(dump['_id'])))
if not isinstance(dump['_id'], type(None)):
raise Exception('Invalid _id type')
del record.data['crecord_creation_time']
if record.data != self.data:
raise Exception('Data corruption ...')
def test_02_InitFromRaw(self):
raw = {'parent': [], 'children': [], 'crecord_name': 'titi', 'aaa_access_group': ['r'], 'aaa_access_owner': ['r', 'w'], 'aaa_group': None, 'aaa_access_unauth': [], 'aaa_owner': None, 'aaa_access_other': [], 'mydata1': 'data1', 'mydata3': 'data3', 'mydata2': 'data2', 'crecord_type': 'raw', 'crecord_write_time': None, 'enable': True}
record = crecord(raw_record=raw)
if record.data != self.data:
raise Exception('Data corruption ...')
def create_view(_id, name, data, position=None, mod='o+r', autorm=True, internal=False):
#Delete old view
try:
record = storage.get('view.%s' % _id)
if autorm:
storage.remove(record)
else:
return record
except:
pass
if not position:
# fullscreen
position = {'width': 1,'top': 0, 'left': 0, 'height': 1}
logger.info(" + Create view '%s'" % name)
record = crecord({'_id': 'view.%s' % _id, 'internal': internal }, type='view', name=name,group='group.CPS_view_admin')
if isinstance(data, list):
record.data['items'] = data
elif isinstance(data, dict):
record.data['items'] = [ {'position': position, 'data': data } ]
else:
raise("Invalide data ...")
record.chmod(mod)
storage.put(record)
return record
def create_view(_id, name, data, position=None, mod="o+r", autorm=True):
# Delete old view
try:
record = storage.get("view.%s" % _id)
if autorm:
storage.remove(record)
else:
return record
except:
pass
if not position:
# fullscreen
position = {"width": 1, "top": 0, "left": 0, "height": 1}
logger.info(" + Create view '%s'" % name)
record = crecord({"_id": "view.%s" % _id}, type="view", name=name, group="group.CPS_view_admin")
if isinstance(data, list):
record.data["items"] = data
elif isinstance(data, dict):
record.data["items"] = [{"position": position, "data": data}]
else:
raise ("Invalide data ...")
record.chmod(mod)
storage.put(record)
return record
def create_view(_id, name, data, position=None, mod='o+r', autorm=True):
#Delete old view
try:
record = storage.get('view.%s' % _id)
if autorm:
storage.remove(record)
else:
return record
except:
pass
if not position:
# fullscreen
position = {'width': 1,'top': 0, 'left': 0, 'height': 1}
logger.info(" + Create view '%s'" % name)
record = crecord({'_id': 'view.%s' % _id }, type='view', name=name,group='group.CPS_view_admin')
if isinstance(data, list):
record.data['items'] = data
elif isinstance(data, dict):
record.data['items'] = [ {'position': position, 'data': data } ]
else:
raise("Invalide data ...")
record.chmod(mod)
storage.put(record)
return record
def find(self, mfilter={}, mfields=None, account=None, namespace=None, one=False, count=False, sort=None, limit=0, offset=0, for_write=False, ignore_bin=True):
if not account:
account = self.account
# Clean Id
if mfilter.get('_id', None):
mfilter['_id'] = self.clean_id(mfilter['_id'])
if one:
sort = [('timestamp', -1)]
self.logger.debug("Find '%s' records ..." % mfilter)
(Read_mfilter, Write_mfilter) = self.make_mongofilter(account)
if for_write:
if Write_mfilter:
mfilter = { '$and': [ mfilter, Write_mfilter ] }
else:
if Read_mfilter:
mfilter = { '$and': [ mfilter, Read_mfilter ] }
self.logger.debug(" + fields : %s" % mfields)
self.logger.debug(" + mfilter: %s" % mfilter)
backend = self.get_backend(namespace)
if one:
raw_records = backend.find_one(mfilter, fields=mfields, safe=self.mongo_safe)
if raw_records:
raw_records = [ raw_records ]
else:
raw_records = []
else:
raw_records = backend.find(mfilter, fields=mfields, safe=self.mongo_safe)
if count:
return raw_records.count()
## Limit output
if raw_records and limit:
raw_records = raw_records.limit(limit)
if raw_records and offset:
raw_records = raw_records.skip(offset)
if raw_records and sort:
raw_records.sort(sort)
records=[]
if not mfields:
for raw_record in raw_records:
try:
# Remove binary (base64)
if ignore_bin and raw_record.get('media_bin', None):
del raw_record['media_bin']
records.append(crecord(raw_record=raw_record))
except Exception, err:
## Not record format ..
self.logger.error("Impossible parse record ('%s') !" % err)
def test_07_enable(self):
record = crecord(self.data)
record.set_enable()
if not record.is_enable():
raise Exception('Impossible to enable ...')
record.set_disable()
if record.is_enable():
raise Exception('Impossible to disable ...')
def make_record(self, _id): record = crecord() record.type = "cache" #record._id = 'cache.'+_id record._id = _id record.access_owner=['r','w'] record.access_group=[] record.access_other=[] record.access_unauth=[] return record
def test_07_enable(self):
record = crecord(self.data)
record.set_enable()
if not record.is_enable():
raise Exception('Impossible to enable ...')
record.set_disable()
if record.is_enable():
raise Exception('Impossible to disable ...')
def log_event(self, _id, event):
self.logger.debug("Log event '%s' in %s ..." % (_id, self.namespace_log))
record = crecord(event)
record.type = "event"
record.chmod("o+r")
record.data['event_id'] = _id
record._id = _id + '.' + str(time.time())
self.storage.put(record, namespace=self.namespace_log, account=self.account)
return record._id
def test_04_ChOwnGrp(self):
record = crecord(self.data)
record.chown('toto')
if record.owner != 'account.toto':
raise Exception('chown dont work ...')
record.chgrp('tata')
if record.group != 'group.tata':
raise Exception('chgrp dont work ...')
def make_record(self, _id):
record = crecord()
record.type = "cache"
#record._id = 'cache.'+_id
record._id = _id
record.access_owner = ['r', 'w']
record.access_group = []
record.access_other = []
record.access_unauth = []
return record
def test_04_ChOwnGrp(self):
record = crecord(self.data)
record.chown('toto')
if record.owner != 'account.toto':
raise Exception('chown dont work ...')
record.chgrp('tata')
if record.group != 'group.tata':
raise Exception('chgrp dont work ...')
def create_account(data):
logger.debug(' + New account')
new_account = caccount(user=data['user'],
group=data.get('aaa_group', None),
lastname=data['lastname'],
firstname=data['firstname'],
mail=data['mail'])
new_account.external = data.get('external', False)
#passwd
passwd = data['passwd']
new_account.passwd(passwd)
logger.debug(" + Passwd: '%s'" % passwd)
#secondary groups
groups = []
for group in data.get('groups', []):
if group.find('group.') == -1:
groups.append('group.%s' % group)
else:
groups.append(group)
new_account.groups = groups
storage = get_storage(namespace='object')
#put record
logger.debug(' + Save new account')
new_account.chown(new_account._id)
storage.put(new_account, account=root_account)
#get rootdir
logger.debug(' + Create view directory')
rootdir = storage.get('directory.root', account=root_account)
if rootdir:
userdir = crecord(
{
'_id': 'directory.root.%s' % new_account.user,
'id': 'directory.root.%s' % new_account.user,
'expanded': 'true'
},
type='view_directory',
name=new_account.user)
userdir.chown(new_account._id)
userdir.chgrp(new_account.group)
userdir.chmod('g-w')
userdir.chmod('g-r')
rootdir.add_children(userdir)
storage.put([rootdir, userdir], account=root_account)
else:
logger.error('Impossible to get rootdir')
return new_account
def test_09_check_admin_rights(self):
account = caccount(user='******')
group = cgroup(name='administrator')
group.add_accounts(account)
record = crecord(admin_group=group._id,group='nothing',owner='refrigerator')
check = record.check_write(account)
if not check:
raise Exception('Admin group are not handle ...')
def test_19_tree(self):
record1 = crecord({'data': 1}, name="record1")
record2 = crecord({'data': 2}, name="record2")
record3 = crecord({'data': 3}, name="record3")
record4 = crecord({'data': 4}, name="record4")
STORAGE.put([record1, record2, record3, record4])
record2.add_children(record4)
record1.add_children(record2)
record1.add_children(record3)
STORAGE.put([record1, record2])
STORAGE.get_record_childs(record1)
STORAGE.recursive_get(record1)
STORAGE.print_record_tree(record1)
json.dumps(record1.dump(json=True))
def test_19_tree(self):
record1 = crecord({'data': 1}, name="record1")
record2 = crecord({'data': 2}, name="record2")
record3 = crecord({'data': 3}, name="record3")
record4 = crecord({'data': 4}, name="record4")
STORAGE.put([record1, record2, record3, record4])
record2.add_children(record4)
record1.add_children(record2)
record1.add_children(record3)
STORAGE.put([record1, record2])
STORAGE.get_record_childs(record1)
STORAGE.recursive_get(record1)
STORAGE.print_record_tree(record1)
json.dumps(record1.dump(json=True))
def test_06_children(self):
record1 = crecord(self.data)
record2 = crecord(self.data)
record3 = crecord(self.data)
record1._id = 1
record2._id = 2
record3._id = 3
record1.add_children(record2)
record1.add_children(record3)
if not record1.is_parent(record2):
raise Exception('Invalid children association ...')
if not record1.is_parent(record3):
raise Exception('Invalid children association ...')
record1.remove_children(record3)
if record1.is_parent(record3):
raise Exception('Invalid children supression ...')
def test_02_PutData(self):
record1 = crecord({
'_id': 'check1',
'check': 'test1',
'state': 0,
'source_type': 'service'
})
record2 = crecord({
'_id': 'check2',
'check': 'test2',
'state': 1,
'source_type': 'service'
})
record3 = crecord({
'_id': 'check3',
'check': 'test3',
'state': 2,
'source_type': 'service'
})
storage.put([record1, record2, record3])
def test_06_children(self):
record1 = crecord(self.data)
record2 = crecord(self.data)
record3 = crecord(self.data)
record1._id = 1
record2._id = 2
record3._id = 3
record1.add_children(record2)
record1.add_children(record3)
if not record1.is_parent(record2):
raise Exception('Invalid children association ...')
if not record1.is_parent(record3):
raise Exception('Invalid children association ...')
record1.remove_children(record3)
if record1.is_parent(record3):
raise Exception('Invalid children supression ...')
def test_09_check_admin_rights(self):
account = caccount(user='******')
group = cgroup(name='administrator')
group.add_accounts(account)
record = crecord(admin_group=group._id,
group='nothing',
owner='refrigerator')
check = record.check_write(account)
if not check:
raise Exception('Admin group are not handle ...')
def create_account(data):
logger.debug(' + New account')
new_account = caccount(
user=data['user'],
group=data.get('aaa_group', None),
lastname=data['lastname'],
firstname=data['firstname'],
mail=data['mail']
)
new_account.external = data.get('external', False)
#passwd
passwd = data['passwd']
new_account.passwd(passwd)
logger.debug(" + Passwd: '%s'" % passwd)
#secondary groups
groups = []
for group in data.get('groups', []):
if group.find('group.') == -1:
groups.append('group.%s' % group)
else:
groups.append(group)
new_account.groups = groups
storage = get_storage(namespace='object')
#put record
logger.debug(' + Save new account')
new_account.chown(new_account._id)
storage.put(new_account, account=root_account)
#get rootdir
logger.debug(' + Create view directory')
rootdir = storage.get('directory.root', account=root_account)
if rootdir:
userdir = crecord({'_id': 'directory.root.%s' % new_account.user,'id': 'directory.root.%s' % new_account.user ,'expanded':'true'}, type='view_directory', name=new_account.user)
userdir.chown(new_account._id)
userdir.chgrp(new_account.group)
userdir.chmod('g-w')
userdir.chmod('g-r')
rootdir.add_children(userdir)
storage.put([rootdir,userdir], account=root_account)
else:
logger.error('Impossible to get rootdir')
return new_account
def test_02_InitFromRaw(self):
raw = {'_id': None, 'parent': [], 'children': [], 'crecord_name': 'titi', 'aaa_access_group': ['r'], 'aaa_access_owner': ['r', 'w'], 'aaa_group': None, 'aaa_access_unauth': [], 'aaa_owner': None, 'aaa_access_other': [], 'mydata1': 'data1', 'mydata3': 'data3', 'mydata2': 'data2', 'crecord_type': 'raw', 'crecord_write_time': None, 'enable': True}
record = crecord(raw_record=raw)
dump = record.dump()
print(' + _id: %s (%s)' % (dump['_id'], type(dump['_id'])))
if not isinstance(dump['_id'], type(None)):
raise Exception('Invalid _id type')
del record.data['crecord_creation_time']
if record.data != self.data:
raise Exception('Data corruption ...')
def test_22_admin_group_access(self):
root_account = caccount(user="******", group="root")
storage = STORAGE
group = cgroup(name="administrator")
record = crecord(_id="test_record", admin_group="group.administrator")
account = caccount(user="******", group="user")
storage.put(record, account=root_account)
group.add_accounts(account)
storage.put(account, account=root_account)
try:
output = storage.get(record._id, account=account)
except:
raise Exception("admin group can't access all the ressources of his group")
def test_17_CheckWriteRights(self):
# Insert with user account
record = crecord({'check': 'test7'})
STORAGE.put(record, account=self.user_account)
## try to remove with anonymous account
self.assertRaises(ValueError, STORAGE.remove, record, self.anonymous_account)
## Change rights
record.chgrp('group.anonymous')
record.chmod('g+w')
STORAGE.put(record)
## try to remove with anonymous account
STORAGE.remove(record, account=self.anonymous_account)
def test_22_admin_group_access(self):
root_account = caccount(user="******", group="root")
storage = STORAGE
group = cgroup(name='administrator')
record = crecord(_id='test_record',admin_group='group.administrator')
account = caccount(user='******',group='user')
storage.put(record,account=root_account)
group.add_accounts(account)
storage.put(account,account=root_account)
try:
output= storage.get(record._id,account=account)
except:
raise Exception('admin group can\'t access all the ressources of his group')
def test_22_admin_group_access(self):
root_account = caccount(user="******", group="root")
storage = STORAGE
group = cgroup(name='administrator')
record = crecord(_id='test_record', admin_group='group.administrator')
account = caccount(user='******', group='user')
storage.put(record, account=root_account)
group.add_accounts(account)
storage.put(account, account=root_account)
try:
output = storage.get(record._id, account=account)
except:
raise Exception(
'admin group can\'t access all the ressources of his group')
def test_17_CheckWriteRights(self):
# Insert with user account
record = crecord({'check': 'test7'})
STORAGE.put(record, account=self.user_account)
## try to remove with anonymous account
self.assertRaises(ValueError, STORAGE.remove, record,
self.anonymous_account)
## Change rights
record.chgrp('group.anonymous')
record.chmod('g+w')
STORAGE.put(record)
## try to remove with anonymous account
STORAGE.remove(record, account=self.anonymous_account)
def test_05_Chmod(self):
record = crecord({'check': 'bidon'})
record.chmod('u-w')
record.chmod('u-r')
record.chmod('u+w')
if record.access_owner != ['w']:
raise Exception('Chmod not work on "owner" ...')
record.chmod('g-w')
record.chmod('g-r')
record.chmod('g+w')
if record.access_group != ['w']:
raise Exception('Chmod not work on "group" ...')
def test_05_Chmod(self):
record = crecord({'check': 'bidon'})
record.chmod('u-w')
record.chmod('u-r')
record.chmod('u+w')
if record.access_owner != ['w']:
raise Exception('Chmod not work on "owner" ...')
record.chmod('g-w')
record.chmod('g-r')
record.chmod('g+w')
if record.access_group != ['w']:
raise Exception('Chmod not work on "group" ...')
def init():
storage = get_storage(account=root, namespace='object')
curves = [
{'line_color': 'B7CA79', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 75, 'zIndex': 0, 'area_color': None, 'label': 'Free', 'metric': 'free'},
{'line_color': 'B1221C', 'dashStyle': 'Solid', 'invert': True, 'area_opacity': 50, 'zIndex': 0, 'area_color': None, 'label': 'Upload', 'metric': 'if_octets-tx'},
{'line_color': 'ABC8E2', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 50, 'zIndex': 0, 'area_color': None, 'label': 'Download', 'metric': 'if_octets-rx'},
{'line_color': 'f11f0d', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 30, 'zIndex': 0, 'area_color': None, 'label': 'Load longterm', 'metric': 'load-longterm'},
{'line_color': 'e97b15', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 30, 'zIndex': 1, 'area_color': None, 'label': 'Load midterm', 'metric': 'load-midgterm'},
{'line_color': 'f3d30b', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 30, 'zIndex': 2, 'area_color': None, 'label': 'Load shortterm', 'metric': 'load-shortterm'},
{'line_color': 'e97b15', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 30, 'zIndex': 1, 'area_color': None, 'label': 'Load midterm', 'metric': 'load-midterm'},
{'line_color': '795344', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 75, 'zIndex': 0, 'area_color': None, 'label': 'Used', 'metric': 'used'},
{'line_color': 'f11f0d', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 30, 'zIndex': 0, 'area_color': None, 'label': 'Load longterm', 'metric': 'load15'},
{'line_color': 'e97b15', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 30, 'zIndex': 1, 'area_color': None, 'label': 'Load midterm', 'metric': 'load5'},
{'line_color': 'f3d30b', 'dashStyle': 'Solid', 'invert': False, 'area_opacity': 30, 'zIndex': 2, 'area_color': None, 'label': 'Load shortterm', 'metric': 'load1'},
{'line_color': 'FF9300', 'dashStyle': 'Dash', 'invert': False, 'area_opacity': 75, 'zIndex': 10, 'area_color': None, 'label': 'Warning', 'metric': 'pl_warning'},
{'line_color': 'FF0000', 'dashStyle': 'Dash', 'invert': False, 'area_opacity': 75, 'zIndex': 10, 'area_color': None, 'label': 'Critical', 'metric': 'pl_critical'},
{'line_color': 'BDBDBD', 'dashStyle': 'Solid', 'metric': 'cps_state_3', 'label': 'Unknown', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'FF0000', 'dashStyle': 'Solid', 'metric': 'cps_state_2', 'label': 'Critical', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'FF9300', 'dashStyle': 'Solid', 'metric': 'cps_state_1', 'label': 'Warning', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'B7CA79', 'dashStyle': 'Solid', 'metric': 'cps_state_0', 'label': 'Ok', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'BDBDBD', 'dashStyle': 'Solid', 'metric': 'cps_sel_state_3', 'label': 'Unknown', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'B9121B', 'dashStyle': 'Solid', 'metric': 'cps_sel_state_2', 'label': 'Critical', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'FF9300', 'dashStyle': 'Solid', 'metric': 'cps_sel_state_1', 'label': 'Warning', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'B7CA79', 'dashStyle': 'Solid', 'metric': 'cps_sel_state_0', 'label': 'Ok', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'BDBDBD', 'dashStyle': 'Solid', 'metric': 'cps_pct_by_state_3', 'label': 'Unknown', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'B9121B', 'dashStyle': 'Solid', 'metric': 'cps_pct_by_state_2', 'label': 'Critical', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'FF9300', 'dashStyle': 'Solid', 'metric': 'cps_pct_by_state_1', 'label': 'Warning', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'B7CA79', 'dashStyle': 'Solid', 'metric': 'cps_pct_by_state_0', 'label': 'Ok', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'BDBDBD', 'dashStyle': 'Solid', 'metric': 'cps_statechange_3', 'label': 'Unknown', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'B9121B', 'dashStyle': 'Solid', 'metric': 'cps_statechange_2', 'label': 'Critical', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'FF9300', 'dashStyle': 'Solid', 'metric': 'cps_statechange_1', 'label': 'Warning', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'B7CA79', 'dashStyle': 'Solid', 'metric': 'cps_statechange_0', 'label': 'Ok', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False},
{'line_color': 'B9121B', 'dashStyle': 'Solid', 'metric': 'cps_statechange_nok', 'label': 'Not ok', 'zIndex': -30, 'area_opacity': 20, 'area_color': None, 'invert': False}
]
for curve in curves:
_id = hashlib.sha1(curve['metric']).hexdigest().upper()
try:
storage.get(_id)
except:
logger.info(" + Create curve '%s'" % curve['metric'])
record = crecord(data=curve, _id=_id, name=curve['metric'], type='curve')
record.chmod('g+w')
record.chmod('o+r')
record.chgrp('group.CPS_curve_admin')
storage.put(record)
def go(account, nb):
storage.account=account
## Insert 1000 records
insert_nb = nb
timer.start()
for i in range(0, insert_nb):
record = crecord({'number': i})
storage.put(record)
timer.stop()
insert_speed = int(insert_nb / timer.elapsed)
## Read all records
timer.start()
records = storage.find()
timer.stop()
read_nb = len(records)
read_speed = int(read_nb / timer.elapsed)
## Update records
new_records = []
for record in records:
record.data = {'check': 'update'}
new_records.append(record)
update_nb = len(new_records)
timer.start()
records = storage.put(new_records)
timer.stop()
update_speed = int(update_nb / timer.elapsed)
## Remove all records
timer.start()
storage.remove(records)
timer.stop()
remove_nb = len(records)
remove_speed = int(remove_nb / timer.elapsed)
print " + Insert Speed:",insert_speed,"records/s (%s records)" % insert_nb
print " + Read Speed:",read_speed,"records/s (%s records)" % read_nb
print " + Update Speed:",update_speed,"records/s (%s records)" % update_nb
print " + Remove Speed:",remove_speed,"records/s (%s records)" % remove_nb
def go(account, nb):
storage.account = account
## Insert 1000 records
insert_nb = nb
timer.start()
for i in range(0, insert_nb):
record = crecord({'number': i})
storage.put(record)
timer.stop()
insert_speed = int(insert_nb / timer.elapsed)
## Read all records
timer.start()
records = storage.find()
timer.stop()
read_nb = len(records)
read_speed = int(read_nb / timer.elapsed)
## Update records
new_records = []
for record in records:
record.data = {'check': 'update'}
new_records.append(record)
update_nb = len(new_records)
timer.start()
records = storage.put(new_records)
timer.stop()
update_speed = int(update_nb / timer.elapsed)
## Remove all records
timer.start()
storage.remove(records)
timer.stop()
remove_nb = len(records)
remove_speed = int(remove_nb / timer.elapsed)
print " + Insert Speed:", insert_speed, "records/s (%s records)" % insert_nb
print " + Read Speed:", read_speed, "records/s (%s records)" % read_nb
print " + Update Speed:", update_speed, "records/s (%s records)" % update_nb
print " + Remove Speed:", remove_speed, "records/s (%s records)" % remove_nb
def test_02_CreateRecord(self):
global MYRECORD
MYRECORD = crecord(self.data, storage=STORAGE)
def base_init():
storage = get_storage(account=root, namespace='object')
# (0'login', 1'pass', 2'group', 3'lastname', 4'firstname', 5'groups' ,6'email')
accounts = [('root', 'root', 'CPS_root', 'Lastname', 'Firstname', [], ''),
('canopsis', 'canopsis', 'Canopsis', 'Psis', 'Cano',
['group.CPS_view'], '')]
for name in groups:
try:
# Check if exist
record = storage.get('group.%s' % name)
record.data['internal'] = True
storage.put(record)
except:
logger.info(" + Create group '%s'" % name)
record = crecord({'_id': 'group.%s' % name},
type='group',
name=name,
group='group.CPS_account_admin')
record.admin_group = 'group.CPS_account_admin'
record.data['description'] = groups[name]
record.data['internal'] = True
record.chmod('o+r')
storage.put(record)
for account in accounts:
user = account[0]
try:
# Check if exist
record = storage.get('account.%s' % user)
except:
logger.info(" + Create account '%s'" % user)
record = caccount(user=user, group=account[2])
record.firstname = account[4]
record.lastname = account[3]
record.groups = account[5]
record.chown(record._id)
record.chgrp(record.group)
record.admin_group = 'group.CPS_account_admin'
record.chmod('g+r')
record.passwd(account[1])
record.generate_new_authkey()
storage.put(record)
###Root directory
try:
# Check if exist
rootdir = storage.get('directory.root')
except:
logger.info(" + Create root directory")
rootdir = crecord(
{
'_id': 'directory.root',
'id': 'directory.root',
'expanded': 'true'
},
type='view_directory',
name="root directory")
rootdir.chmod('o+r')
storage.put(rootdir)
records = storage.find({'crecord_type': 'account'},
namespace='object',
account=root)
for record in records:
user = record.data['user']
try:
# Check if exist
record = storage.get('directory.root.%s' % user)
except:
logger.info(" + Create '%s' directory" % user)
userdir = crecord(
{
'_id': 'directory.root.%s' % user,
'id': 'directory.root.%s' % user,
'expanded': 'true'
},
type='view_directory',
name=user)
userdir.chown('account.%s' % user)
userdir.chgrp('group.%s' % user)
userdir.admin_group = 'group.CPS_view_admin'
userdir.chmod('g-w')
userdir.chmod('g-r')
storage.put(userdir)
rootdir.add_children(userdir)
storage.put(rootdir)
storage.put(userdir)
def account_post():
#get the session (security)
account = get_account()
root_account = caccount(user="******", group="root")
storage = get_storage(namespace='object', account=account)
logger.debug("POST:")
data = request.body.readline()
if not data:
return HTTPError(400, "No data received")
data = json.loads(data)
## Clean data
try:
del data['_id']
del data['id']
del data['crecord_type']
except:
pass
if data['user']:
#check if already exist
already_exist = False
_id = "account." + str(data['user'])
try:
record = storage.get(_id, account=account)
logger.debug('Update account %s' % _id)
already_exist = True
except:
logger.debug('Create account %s' % _id)
if already_exist:
return HTTPError(
405, "Account already exist, use put method for update !")
#----------------------------CREATION--------------------------
logger.debug(' + New account')
new_account = caccount(user=data['user'],
group=data['aaa_group'],
lastname=data['lastname'],
firstname=data['firstname'],
mail=data['mail'])
#passwd
passwd = data['passwd']
new_account.passwd(passwd)
logger.debug(" + Passwd: '%s'" % passwd)
#secondary groups
if 'groups' in data:
groups = []
for group in data['groups']:
if group.find('group.') == -1:
groups.append('group.%s' % group)
else:
groups.append(group)
new_account.groups = groups
#put record
logger.debug(' + Save new account')
new_account.chown(new_account._id)
storage.put(new_account, account=account)
#get rootdir
logger.debug(' + Create view directory')
rootdir = storage.get('directory.root', account=root_account)
if rootdir:
userdir = crecord(
{
'_id': 'directory.root.%s' % new_account.user,
'id': 'directory.root.%s' % new_account.user,
'expanded': 'true'
},
type='view_directory',
name=new_account.user)
userdir.chown(new_account._id)
userdir.chgrp(new_account.group)
userdir.chmod('g-w')
userdir.chmod('g-r')
rootdir.add_children(userdir)
storage.put([rootdir, userdir], account=root_account)
else:
logger.error('Impossible to get rootdir')
else:
logger.warning('WARNING : no user specified ...')
def find(self, mfilter={}, mfields=None, account=None, namespace=None, one=False, count=False, sort=None, limit=0, offset=0, for_write=False, ignore_bin=True, raw=False):
if not account:
account = self.account
# Clean Id
if mfilter.get('_id', None):
mfilter['_id'] = self.clean_id(mfilter['_id'])
if one:
sort = [('timestamp', -1)]
self.logger.debug("Find '%s' records ..." % mfilter)
(Read_mfilter, Write_mfilter) = self.make_mongofilter(account)
if for_write:
if Write_mfilter:
mfilter = { '$and': [ mfilter, Write_mfilter ] }
else:
if Read_mfilter:
mfilter = { '$and': [ mfilter, Read_mfilter ] }
self.logger.debug(" + fields : %s" % mfields)
self.logger.debug(" + mfilter: %s" % mfilter)
backend = self.get_backend(namespace)
if one:
raw_records = backend.find_one(mfilter, fields=mfields, safe=self.mongo_safe)
if raw_records:
raw_records = [ raw_records ]
else:
raw_records = []
else:
raw_records = backend.find(mfilter, fields=mfields, safe=self.mongo_safe)
if count:
return raw_records.count()
## Limit output
if raw_records and limit:
raw_records = raw_records.limit(limit)
if raw_records and offset:
raw_records = raw_records.skip(offset)
if raw_records and sort:
raw_records.sort(sort)
records=[]
if not mfields:
for raw_record in raw_records:
try:
# Remove binary (base64)
if ignore_bin and raw_record.get('media_bin', None):
del raw_record['media_bin']
if not raw:
records.append(crecord(raw_record=raw_record))
else:
records.append(raw_record)
except Exception, err:
## Not record format ..
self.logger.error("Impossible parse record ('%s') !" % err)
def test_01_Init(self):
record = crecord(self.data)
if record.data != self.data:
raise Exception('Data corruption ...')
def get(self, _id_or_ids, account=None, namespace=None, mfields=None, ignore_bin=True):
if not account:
account = self.account
dolist = False
if isinstance(_id_or_ids, list):
_ids = _id_or_ids
dolist = True
else:
_ids = [ _id_or_ids ]
backend = self.get_backend(namespace)
self.logger.debug(" + Get record(s) '%s'" % _ids)
if not len(_ids):
self.logger.debug(" + No ids")
return []
self.logger.debug(" + fields : %s" % mfields)
self.logger.debug(" + Clean ids")
_ids = [self.clean_id(_id) for _id in _ids]
#Build basic filter
(Read_mfilter, Write_mfilter) = self.make_mongofilter(account)
if len(_ids) == 1:
mfilter = {'_id': _ids[0]}
else:
mfilter = {'_id': {'$in': _ids }}
mfilter = { '$and': [ mfilter, Read_mfilter ] }
#self.logger.debug(" + mfilter: %s" % mfilter)
records = []
try:
if len(_ids) == 1:
raw_record = backend.find_one(mfilter, fields=mfields, safe=self.mongo_safe)
# Remove binary (base64)
if ignore_bin and raw_record and raw_record.get('media_bin', None):
del raw_record['media_bin']
if raw_record and mfields:
records.append(raw_record)
elif raw_record:
records.append(crecord(raw_record=raw_record))
else:
raw_records = backend.find(mfilter, fields=mfields, safe=self.mongo_safe)
if mfields:
records = [raw_record for raw_record in raw_records]
else:
for raw_record in raw_records:
# Remove binary (base64)
if ignore_bin and raw_record.get('media_bin', None):
del raw_record['media_bin']
records.append(crecord(raw_record=raw_record))
except Exception, err:
self.logger.error("Impossible get record '%s' !\nReason: %s" % (_ids, err))
logger.debug('Update record %s' % _id)
except:
logger.debug('Create record %s' % _id)
if record:
for key in dict(data).keys():
record.data[key] = data[key]
# Update Name
try:
record.name = data['crecord_name']
except:
pass
else:
raw_record = crecord(_id=_id, type=str(ctype)).dump()
for key in dict(data).keys():
raw_record[key] = data[key]
record = crecord(raw_record=raw_record)
record.chown(account.user)
record.chgrp(group)
logger.debug(' + Record: %s' % record.dump())
try:
storage.put(record, namespace=namespace, account=account)
except Exception, err:
logger.error('Impossible to put (%s)' % err)
return HTTPError(403, "Access denied")
def base_init():
storage = get_storage(account=root, namespace='object')
# (0'login', 1'pass', 2'group', 3'lastname', 4'firstname', 5'groups' ,6'email')
accounts = [
('root','root', 'CPS_root', 'Lastname', 'Firstname', [] ,''),
('canopsis','canopsis', 'Canopsis', 'Psis', 'Cano', ['group.CPS_view'],'')
]
for name in groups:
try:
# Check if exist
record = storage.get('group.%s' % name)
record.data['internal'] = True
storage.put(record)
except:
logger.info(" + Create group '%s'" % name)
record = crecord({'_id': 'group.%s' % name }, type='group', name=name, group='group.CPS_account_admin')
record.admin_group = 'group.CPS_account_admin'
record.data['description'] = groups[name]
record.data['internal'] = True
record.chmod('o+r')
storage.put(record)
for account in accounts:
user = account[0]
try:
# Check if exist
record = storage.get('account.%s' % user)
except:
logger.info(" + Create account '%s'" % user)
record = caccount(user=user, group=account[2])
record.firstname = account[4]
record.lastname = account[3]
record.groups = account[5]
record.chown(record._id)
record.chgrp(record.group)
record.admin_group = 'group.CPS_account_admin'
record.chmod('g+r')
record.passwd(account[1])
record.generate_new_authkey()
storage.put(record)
###Root directory
try:
# Check if exist
rootdir = storage.get('directory.root')
except:
logger.info(" + Create root directory")
rootdir = crecord({'_id': 'directory.root','id': 'directory.root','expanded':'true'},type='view_directory', name="root directory")
rootdir.chmod('o+r')
storage.put(rootdir)
records = storage.find({'crecord_type': 'account'}, namespace='object', account=root)
for record in records:
user = record.data['user']
try:
# Check if exist
record = storage.get('directory.root.%s' % user)
except:
logger.info(" + Create '%s' directory" % user)
userdir = crecord({'_id': 'directory.root.%s' % user,'id': 'directory.root.%s' % user ,'expanded':'true'}, type='view_directory', name=user)
userdir.chown('account.%s' % user)
userdir.chgrp('group.%s' % user)
userdir.admin_group = 'group.CPS_view_admin'
userdir.chmod('g-w')
userdir.chmod('g-r')
storage.put(userdir)
rootdir.add_children(userdir)
storage.put(rootdir)
storage.put(userdir)
