def generate_key(request):
"""
Generate key
Generate key pair
---
"""
key = SSHKey()
key.ctl.generate()
return {'priv': key.private, 'public': key.public}
def key(request, org):
"""Fixture to create an SSH Keypair with proper cleanup"""
key = SSHKey()
key.ctl.generate()
name = uuid.uuid4().hex
print "Creating key '%s'." % name
kwargs = {'public': key.public, 'private': key.private}
key = SSHKey.add(org, name, **kwargs)
def fin():
"""Finalizer to clean up organization after tests"""
print "Deleting key '%s'." % name
key.delete()
request.addfinalizer(fin)
return key
def add_key(request):
"""
Tags: keys
---
Adds key.
ADD permission required on key.
---
name:
description: The key's name
required: true
type: string
priv:
description: The private key
required: true
type: string
certificate:
description: The signed public key, when using signed ssh keys
type: string
"""
params = params_from_request(request)
key_name = params.pop('name', None)
private_key = params.get('priv', None)
certificate = params.get('certificate', None)
auth_context = auth_context_from_request(request)
key_tags = auth_context.check_perm("key", "add", None)
if not key_name:
raise BadRequestError("Key name is not provided")
if not private_key:
raise RequiredParameterMissingError("Private key is not provided")
if certificate:
key = SignedSSHKey.add(auth_context.owner, key_name, **params)
else:
key = SSHKey.add(auth_context.owner, key_name, **params)
# Set ownership.
key.assign_to(auth_context.user)
if key_tags:
add_tags_to_resource(auth_context.owner, key, key_tags.items())
# since its a new key machines fields should be an empty list
clouds = Cloud.objects(owner=auth_context.owner, deleted=None)
machines = Machine.objects(cloud__in=clouds,
key_associations__keypair__exact=key)
assoc_machines = transform_key_machine_associations(machines, key)
return {
'id': key.id,
'name': key.name,
'machines': assoc_machines,
'isDefault': key.default
}
def add_key(request):
"""
Tags: keys
---
Adds key.
ADD permission required on key.
---
name:
description: The key's name
required: true
type: string
priv:
description: The private key
required: true
type: string
certificate:
description: The signed public key, when using signed ssh keys
type: string
"""
params = params_from_request(request)
key_name = params.pop('name', None)
private_key = params.get('priv', None)
certificate = params.get('certificate', None)
auth_context = auth_context_from_request(request)
key_tags, _ = auth_context.check_perm("key", "add", None)
if not key_name:
raise BadRequestError("Key name is not provided")
if not private_key:
raise RequiredParameterMissingError("Private key is not provided")
if certificate:
key = SignedSSHKey.add(auth_context.owner, key_name, **params)
else:
key = SSHKey.add(auth_context.owner, key_name, **params)
# Set ownership.
key.assign_to(auth_context.user)
if key_tags:
add_tags_to_resource(auth_context.owner, key, list(key_tags.items()))
return {
'id': key.id,
'name': key.name,
'machines': [],
'isDefault': key.default
}
def add_key(add_key_request=None): # noqa: E501
"""Add key
Adds a new key and returns the key's id. ADD permission required on key. # noqa: E501
:param add_key_request:
:type add_key_request: dict | bytes
:rtype: AddKeyResponse
"""
if connexion.request.is_json:
add_key_request = AddKeyRequest.from_dict(connexion.request.get_json()) # noqa: E501
from mist.api.exceptions import BadRequestError, KeyExistsError
from mist.api.keys.models import SignedSSHKey, SSHKey
from mist.api.tag.methods import add_tags_to_resource
try:
auth_context = connexion.context['token_info']['auth_context']
except KeyError:
return 'Authentication failed', 401
try:
key_tags, _ = auth_context.check_perm("key", "add", None)
except PolicyUnauthorizedError:
return 'You are not authorized to perform this action', 403
if add_key_request.generate:
key = SSHKey()
key.ctl.generate()
if add_key_request.dry: # If dry generate requested then we're done
log_event(
auth_context.owner.id, 'request', 'generate_key',
key_id=key.id, user_id=auth_context.user.id,
)
return AddKeyResponse(private=key.private, public=key.public)
add_key_request.private = key.private
try:
if add_key_request.certificate:
key = SignedSSHKey.add(
auth_context.owner,
add_key_request.name,
private=add_key_request.private,
certificate=add_key_request.certificate
)
else:
key = SSHKey.add(
auth_context.owner,
add_key_request.name,
private=add_key_request.private
)
except BadRequestError as exc:
return exc.args[0], 400
except KeyExistsError as exc:
return exc.args[0], 409
# Set ownership.
key.assign_to(auth_context.user)
# Add tags returned by RBAC check
if key_tags:
add_tags_to_resource(auth_context.owner, key, list(key_tags.items()))
log_event(
auth_context.owner.id, 'request', 'add_key',
key_id=key.id, user_id=auth_context.user.id,
)
return AddKeyResponse(key.id)