def get_search_kwargs(from_ind=None, to_ind=None):
search_kwargs = {
'index': settings.get('inventory.config.index'),
'size': settings.get('inventory.default_result_size', 50)
}
doc_type = settings.get('inventory.config.document_type')
if doc_type is not None:
search_kwargs['doc_type'] = doc_type
if from_ind:
search_kwargs.update({'from_': from_ind})
return search_kwargs
def host_list(group, field):
"""
List hosts by filtering a given field and value.
"""
page = get_page()
paginator = Paginator(page)
list_kwargs = paginator.page_kwargs()
group_def = get_group(group)
# Calculate pagination
sort_by = settings.get('inventory.host_table_sort_by', None)
if sort_by:
list_kwargs['sort_by'] = sort_by
result = current_app.plugins.inventory_provider.list(
group, field, **list_kwargs)
total_results = result.total_hosts
if page > paginator.total_pages(total_results):
abort(404)
if get_serializer():
return serialized({
'total': total_results,
'results': map(lambda h: h.host_data, result.hosts),
'paging': paginator.serialize(total_results)
})
return render_template(
'inventory/host_list.html', **{
'title': '%s - %s' % (group_def.get('title'), field),
'group_field': group,
'field': field,
'group_title': group_def.get('title'),
'host_list': result.hosts,
'total': total_results,
'paginator': paginator
})
def get_group(group_field_name):
"""
Lookup a group_by field definition from the settings file
:param group_field_name: the name of the group to aggregate by
"""
grouping_fields = settings.get('inventory.group_by')
for group in grouping_fields:
if group.get('field') == group_field_name:
return group
abort(404)
def main(args):
plugin_directories = settings.get('plugins.directories')
requirement_files = []
for plugin_directory in plugin_directories:
requirement_files += find_recursive(plugin_directory, 'requirements.txt')
requirement_files += find_recursive(plugin_directory, 'reqs.txt')
for req_file in requirement_files:
install_plugin_reqs(req_file)
return_code = run_gunicorn(args)
sys.exit(return_code)
def authenticate(self, username, password):
server = settings.get('authentication.config.server')
port = settings.get('authentication.config.port')
bind_user = settings.get('authentication.config.bind_user')
bind_password = settings.get('authentication.config.bind_password')
query = Template(settings.get('authentication.config.user_query'))
with simpleldap.Connection(server, port, bind_user,
bind_password) as conn:
try:
user = conn.get(query.substitute(username=username))
except simpleldap.ObjectNotFound:
return None
with simpleldap.Connection(server, port) as conn:
if conn.authenticate(user.dn, password):
return User(username=username,
name=user.first('cn'),
groups=[
self._split_ldap_spec(x)['CN']
for x in user.get('memberof', [])
])
return None
def on_load(self):
for conn in settings.get('inventory.config.accounts'):
boto_kwargs = {}
if 'aws_access_key_id' in conn:
boto_kwargs['aws_access_key_id'] = conn.get(
'aws_access_key_id')
if 'aws_secret_access_key' in conn:
boto_kwargs['aws_secret_access_key'] = conn.get(
'aws_secret_access_key')
regions = conn.get('regions', [])
if not regions:
self.conns.append(
RegionConnection(DEFAULT_AWS_REGION,
boto3.resource('ec2', **boto_kwargs)))
continue
for region in regions:
region_kwargs = boto_kwargs.copy()
region_kwargs['region_name'] = region
self.conns.append(
RegionConnection(region,
boto3.resource('ec2', **region_kwargs)))
def generate_app():
app = Flask(__name__,
template_folder=gru.utils.fs.relative_to(
__file__, 'gru/templates'),
static_folder=gru.utils.fs.relative_to(__file__, 'gru/static'))
app.debug = settings.get('flask.debug')
app.permanent_session_lifetime = settings.get('flask.session_seconds')
# Client-side sessions with signed cookies
app.secret_key = settings.get('flask.secret_key')
app.session_interface = ItsdangerousSessionInterface()
# Setup logging
gru.utils.logs.setup_logging(app, settings)
# CSRF protection
SeaSurf(app)
# Load sub-applications
app.register_blueprint(auth_views, url_prefix='/auth')
app.register_blueprint(inventory_views, url_prefix='/inventory')
# Append plugin paths to sys.path
for directory in settings.get('plugins.directories'):
sys.path.append(os.path.abspath(os.path.expanduser(directory)))
# Register plugins
root_path = os.path.realpath(__file__)
app.plugins = PluginRegistry(app, settings)
for plugin_path in settings.get('plugins.modules'):
app.plugins.register(plugin_path)
# Also add authentication backend and inventory provider
app.plugins.register(settings.get('authentication.backend'))
app.plugins.register(settings.get('inventory.provider'))
gru.utils.templates.setup(app)
gru.utils.web.setup_base_views(app, settings)
app.wsgi_app = gru.utils.web.method_rewrite_middleware(app.wsgi_app)
return app
def host_search(self, query, from_ind=None, to_ind=None):
search_kwargs = self.get_search_kwargs(from_ind, to_ind)
query = {'query': {'query_string': {'query': query}}}
sort_by = settings.get('inventory.host_table_sort_by', None)
if sort_by:
order = 'asc'
if sort_by.startswith('-'):
order = 'desc'
sort_by = sort_by[1:]
query['sort'] = [{sort_by: order}]
search_kwargs.update({
'body': query,
'analyze_wildcard': True,
'lowercase_expanded_terms': True,
})
es_result = self.es.search(**search_kwargs)
hits = es_result.get('hits', {})
hosts = HostList(total_hosts=hits.get('total'))
for hit in hits.get('hits', []):
hosts.append(Host(
host_id=hit.get('_id'),
host_data=hit.get('_source')))
return hosts
class ItsdangerousSessionInterface(SessionInterface):
salt = settings.get('flask.secret_key', 'cookie-session')
session_class = ItsdangerousSession
def get_serializer(self, app):
if not app.secret_key:
return None
return URLSafeTimedSerializer(app.secret_key, salt=self.salt)
def open_session(self, app, request):
s = self.get_serializer(app)
if s is None:
return None
val = request.cookies.get(app.session_cookie_name)
if not val:
return self.session_class()
max_age = app.permanent_session_lifetime.total_seconds()
try:
data = s.loads(val, max_age=max_age)
return self.session_class(data)
except BadSignature:
return self.session_class()
def save_session(self, app, session, response):
domain = self.get_cookie_domain(app)
if not session:
if session.modified:
response.delete_cookie(app.session_cookie_name, domain=domain)
return
expires = self.get_expiration_time(app, session)
val = self.get_serializer(app).dumps(dict(session))
response.set_cookie(app.session_cookie_name,
val,
expires=expires,
httponly=True,
domain=domain)
def __init__(self, current_page, page_size=None):
if page_size is None:
self.page_size = settings.get('ui.items_per_page', 50)
else:
self.page_size = page_size
self.current_page = current_page
def on_load(self):
self.es = Elasticsearch(
hosts=settings.get('inventory.config.hosts'),
timeout=settings.get('inventory.config.timeout_seconds', 30))
def get_display_name(self):
display_name = self.field(settings.get('inventory.host_display_name_field'), None)
if not display_name:
display_name = self.host_id
return display_name