def post(self, id=None):
if 'state' in request.json and request.json['state'] == 'create':
team = Team(
None,
request.json['name'],
)
auditlog(
current_user,
'create',
team,
request_details=request.json)
db.session.add(team)
db.session.commit()
return {
'team': marshal(team, team_fields),
}
else:
# Not used right now, put() is called instead.
team = Team.query.get(id)
name = clean(request.json['name'])
if name != '':
team.name = name
# team = self._updatePermissions(team)
db.session.add(team)
db.session.commit()
return self.get(id)
def post(self):
query = request.get_json()
instanceId = query.get('id')
if instanceId:
instanceId = int(instanceId)
instance = self.backend.get(instanceId)
auditlog(
current_user,
'{} instance'.format(query.get('state', 'unknown')),
instance,
request_details=request.get_json())
if 'start' in query.get('state', ''):
provider = query['state'].replace('start-', '')
instance.start(provider)
elif query.get('state') == 'stop':
instance.stop()
elif query.get('state') == 'sync':
instance.sync()
elif query.get('state') == 'create':
instance = self.backend.create(query)
else:
return self.get()
return {
'instance': marshal(instance, instance_fields),
}
def post(self, id=None):
if 'state' in request.json and request.json['state'] == 'create':
user = User(
None,
request.json['name'],
)
auditlog(
current_user,
'create',
user,
request_details=request.json)
db.session.add(user)
db.session.commit()
else:
user = User.query.get(id)
if 'user' in request.json and 'role' in request.json['user']:
role = request.json['user']['role']
if role == ROLE_ADMIN:
user.role = ROLE_ADMIN
elif role == ROLE_DEV:
user.role = ROLE_DEV
auditlog(
current_user,
'update',
user,
request_details=request.json)
db.session.add(user)
db.session.commit()
return {
'user': marshal(user, user_fields),
}
def post(self):
"""Send an SSL cert/key"""
query = request.get_json()
DC = clean(query.get('domain_controller'))
name = clean(query.get('name'))
cert = clean(query.get('cert'))
key = clean(query.get('key'))
check = SSL.query.filter_by(
domaincontroller_id=DC,
name=name
).count()
if check > 0:
abort(400)
new_cert = SSL()
new_cert.name = name
DC = DomainController.query.get(DC)
new_cert.domain_controller = DC
auditlog(
current_user,
'create',
new_cert,
request_details=request.get_json())
db.session.add(new_cert)
db.session.commit()
req.post(
DC.url + '/ssl',
headers=json_headers,
data=json.dumps(
{'name': name,
'cert': cert,
'key': key}),
verify=False
)
def post(self, id=None):
if 'state' in request.json and request.json['state'] == 'create':
action = 'create'
project = Project(None, request.json['name'])
else:
action = 'update'
project = Project.query.get(id)
if 'name' in request.json\
and request.json['name'] != '':
project.name = clean(request.json['name'])
if 'git_address' in request.json\
and request.json['git_address'] != '':
project.git_address = clean(request.json['git_address'].replace(
' ', ''))
elif 'base_path' in request.json:
project.base_path = request.json['base_path']
auditlog(current_user,
action,
project,
request_details=request.get_json())
db.session.add(project)
db.session.commit()
return marshal(project, project_fields)
def put(self, slug):
users = request.json['users']
for user in users:
if 'state' in user:
if user['state'] == 'DELETE':
auditlog(
current_user,
'delete user {}'.format(
user['username']),
slug, 'htpasswd',
request_details=request.get_json())
req.delete(self._get_url(slug) +
'/{}'.format(user['username']))
if user['state'] == 'CREATE':
auditlog(
current_user,
'add user {}'.format(user['username']),
slug, 'htpasswd',
request_details=request.get_json())
data = json.dumps({
'username': user['username'],
'password': user['password']
})
req.post(self._get_url(slug),
headers=self._get_headers(), data=data)
return self.get(slug)
def post(self, id=None):
if 'state' in request.json and request.json['state'] == 'create':
domain_controller = DomainController(
None, request.json['name'], request.json['address'],
request.json['port'], request.json['accept_self_signed'])
auditlog(current_user,
'create domaincontroller',
domain_controller,
request_details=request.get_json())
db.session.add(domain_controller)
db.session.commit()
return self.get(domain_controller.id)
else:
domain_controller = DomainController.query.get(id)
name = clean(request.json['name'].rstrip())
address = clean(request.json['address'].rstrip())
port = clean(request.json['port'].rstrip())
auditlog(current_user,
'update domaincontroller',
domain_controller,
request_details=request.get_json())
if name != '':
domain_controller.name = name
if address != '':
domain_controller.address = address
if port != '':
domain_controller.port = port
db.session.add(domain_controller)
db.session.commit()
return self.get(id)
def delete(self, instanceId):
instance = VagrantInstance.query.get(instanceId)
auditlog(current_user,
'delete instance',
instance,
request_details=request.get_json())
instance.delete()
def post(self, id=None):
if 'state' in request.json and request.json['state'] == 'create':
action = 'create'
project = Project(None, request.json['name'])
else:
action = 'update'
project = Project.query.get(id)
if 'name' in request.json\
and request.json['name'] != '':
project.name = clean(request.json['name'])
if 'git_address' in request.json\
and request.json['git_address'] != '':
project.git_address = clean(
request.json['git_address'].replace(' ', '')
)
elif 'base_path' in request.json:
project.base_path = request.json['base_path']
auditlog(
current_user,
action,
project,
request_details=request.get_json())
db.session.add(project)
db.session.commit()
return marshal(project, project_fields)
def put(self, slug):
users = request.json['users']
for user in users:
if 'state' in user:
if user['state'] == 'DELETE':
auditlog(current_user,
'delete user {}'.format(user['username']),
slug,
'htpasswd',
request_details=request.get_json())
req.delete(
self._get_url(slug) + '/{}'.format(user['username']))
if user['state'] == 'CREATE':
auditlog(current_user,
'add user {}'.format(user['username']),
slug,
'htpasswd',
request_details=request.get_json())
data = json.dumps({
'username': user['username'],
'password': user['password']
})
req.post(self._get_url(slug),
headers=self._get_headers(),
data=data)
return self.get(slug)
def post(self):
query = request.get_json()
instanceId = query.get('id')
if instanceId:
instanceId = int(instanceId)
instance = self.backend.get(instanceId)
auditlog(current_user,
'{} instance'.format(query.get('state', 'unknown')),
instance,
request_details=request.get_json())
if 'start' in query.get('state', ''):
provider = query['state'].replace('start-', '')
instance.start(provider)
elif query.get('state') == 'stop':
instance.stop()
elif query.get('state') == 'sync':
instance.sync()
elif query.get('state') == 'create':
instance = self.backend.create(query)
else:
return self.get()
return {
'instance': marshal(instance, instance_fields),
}
def delete(self, id):
team = Team.query.get(id)
auditlog(
current_user,
'delete',
team)
db.session.delete(team)
db.session.commit()
def delete(self, slug):
auditlog(
current_user,
'deleted',
slug, 'htpasswd',
)
r = req.delete(self._get_url(slug))
return r.content
def delete(self, slug):
url = self._get_url() + '/{}'.format(slug)
auditlog(
current_user,
'delete',
slug, 'htpasswd')
r = req.delete(url=url, headers=self._get_headers())
return r.content
def delete(self, instanceId):
instance = VagrantInstance.query.get(instanceId)
auditlog(
current_user,
'delete instance',
instance,
request_details=request.get_json())
instance.delete()
def delete(self, id):
domain_controller = DomainController.query.get(id)
auditlog(
current_user,
'delete domaincontroller',
domain_controller)
db.session.delete(domain_controller)
db.session.commit()
def delete(self, userId, id):
"""delete API Key"""
key = APIKey.query.get(id)
if key.user == current_user or current_user.is_admin():
auditlog(current_user, 'delete api key', key)
db.session.delete(key)
db.session.commit()
else:
abort(403)
def delete(self, userId, id):
"""delete API Key"""
key = APIKey.query.get(id)
if key.user == current_user or current_user.is_admin():
auditlog(current_user, 'delete api key', key)
db.session.delete(key)
db.session.commit()
else:
abort(403)
def delete(self, slug):
auditlog(
current_user,
'deleted',
slug,
'htpasswd',
)
r = req.delete(self._get_url(slug))
return r.content
def put(self, id):
team = Team.query.get(id)
team = self._updatePermissions(team)
auditlog(
current_user,
'update',
team,
request_details=request.json)
db.session.add(team)
db.session.commit()
def delete(self, id):
project = Project.query.get(id)
teams = Team.query.all()
for team in teams:
for permission in\
team.get_permissions_grids('project', project.id):
db.session.delete(permission)
auditlog(current_user, 'delete', project)
db.session.delete(project)
db.session.commit()
def delete(self, id):
user = User.query.get(id)
auditlog(
current_user,
'delete',
user)
try:
db.session.delete(user)
db.session.commit()
except:
app.logger.debug(get_debug_queries())
def delete(self, id):
domain = Domain.query.get(id)
auditlog(current_user,
'delete domain',
domain,
request_details=request.get_json())
url = self._get_url(domain) + '/{}'.format(id)
verify = self._get_verify(domain)
db.session.delete(domain)
db.session.commit()
req.delete(url=url, headers=self._get_headers(), verify=verify)
return self.get()
def delete(self, id):
project = Project.query.get(id)
teams = Team.query.all()
for team in teams:
for permission in\
team.get_permissions_grids('project', project.id):
db.session.delete(permission)
auditlog(
current_user,
'delete',
project)
db.session.delete(project)
db.session.commit()
def put(self, slug=None):
domain = request.json['domain']
ip = request.json['ip'].strip()
data = json.dumps({'site': domain, 'ip': ip})
auditlog(current_user,
'update',
slug,
'htpasswd',
request_details=request.get_json())
r = req.put(self._get_url() + '/{}'.format(slug),
headers=self._get_headers(),
data=data)
return r.content
def post(self, slug=None):
name = request.json['name']
data = json.dumps({'name': name})
# Should mean we are adding a new user
auditlog(current_user,
'create',
name,
'htpasswd',
request_details=request.get_json())
r = req.post(self._get_url(), headers=self._get_headers(), data=data)
content = r.content
return content
def put(self, slug=None):
domain = request.json['domain']
ip = request.json['ip'].strip()
data = json.dumps({'site': domain, 'ip': ip})
auditlog(
current_user,
'update',
slug,
'htpasswd',
request_details=request.get_json()
)
r = req.put(self._get_url() + '/{}'.format(slug),
headers=self._get_headers(),
data=data)
return r.content
def post(self, slug=None):
name = request.json['name']
data = json.dumps({'name': name})
# Should mean we are adding a new user
auditlog(
current_user,
'create',
name, 'htpasswd',
request_details=request.get_json())
r = req.post(self._get_url(),
headers=self._get_headers(),
data=data)
content = r.content
return content
def delete(self, id):
domain = Domain.query.get(id)
auditlog(
current_user,
'delete domain',
domain,
request_details=request.get_json())
url = self._get_url(domain) + '/{}'.format(id)
verify = self._get_verify(domain)
db.session.delete(domain)
db.session.commit()
req.delete(
url=url,
headers=self._get_headers(),
verify=verify
)
return self.get()
def delete(self, id):
"""delete SSL cert/key"""
key = SSL.query.get(id)
auditlog(
current_user,
'delete',
key)
db.session.delete(key)
db.session.commit()
try:
req.delete(
key.domain_controller.url + '/ssl/' + key.name,
headers=json_headers,
data=json.dumps(
{'name': key.name}
),
)
except:
pass
def post(self, id=None):
if 'state' in request.json and request.json['state'] == 'create':
host = Host(None, clean(request.json['name']),
request.json['params'].replace("<br>", "\r\n"),
clean(request.json['provider']))
auditlog(current_user,
'create host',
host,
request_details=request.get_json())
db.session.add(host)
db.session.commit()
return {
'host': marshal(host, host_fields),
}
else:
host = Host.query.get(id)
auditlog(current_user,
'update host',
host,
request_details=request.get_json())
name = clean(request.json['name'].rstrip())
params = request.json['params']
while (params.find('<br><br>') != -1):
params = params.replace("<br><br>", "<br>")
params = params.replace("<br>", "\r\n")
params = params.replace('<div>', '\r\n')
params = params.replace(' ', '')
params = params.replace('</div>', '\r\n')
provider = clean(request.json['provider'].rstrip())
if name != '':
host.name = name
if provider != '':
host.provider = provider
host.params = params
db.session.add(host)
db.session.commit()
return self.get(id)
def post(self):
query = request.args
comment = query.get('comment')
# @TODO : We should not bind the user to current_user, in case the
# key was added by an admin to a user.
user = current_user
api_key = APIKey()
# @TODO : We should make sure the name was not already provided, maybe
# we are just changing the comment on this key.
api_key.name = unicode(uuid4())
api_key.user = user
api_key.comment = comment or "Random API Key"
auditlog(user,
'create api key',
api_key,
request_details=request.get_json())
db.session.add(api_key)
db.session.commit()
return api_key
def post(self, id=None):
if 'state' in request.json and request.json['state'] == 'create':
domain_controller = DomainController(
None,
request.json['name'],
request.json['address'],
request.json['port'],
request.json['accept_self_signed']
)
auditlog(
current_user,
'create domaincontroller',
domain_controller,
request_details=request.get_json())
db.session.add(domain_controller)
db.session.commit()
return self.get(domain_controller.id)
else:
domain_controller = DomainController.query.get(id)
name = clean(request.json['name'].rstrip())
address = clean(request.json['address'].rstrip())
port = clean(request.json['port'].rstrip())
auditlog(
current_user,
'update domaincontroller',
domain_controller,
request_details=request.get_json())
if name != '':
domain_controller.name = name
if address != '':
domain_controller.address = address
if port != '':
domain_controller.port = port
db.session.add(domain_controller)
db.session.commit()
return self.get(id)
def post(self):
query = request.args
comment = query.get('comment')
# @TODO : We should not bind the user to current_user, in case the
# key was added by an admin to a user.
user = current_user
api_key = APIKey()
# @TODO : We should make sure the name was not already provided, maybe
# we are just changing the comment on this key.
api_key.name = unicode(uuid4())
api_key.user = user
api_key.comment = comment or "Random API Key"
auditlog(
user,
'create api key',
api_key,
request_details=request.get_json())
db.session.add(api_key)
db.session.commit()
return api_key
def delete(self, slug):
url = self._get_url() + '/{}'.format(slug)
auditlog(current_user, 'delete', slug, 'htpasswd')
r = req.delete(url=url, headers=self._get_headers())
return r.content
def _editDomain(self, id=None):
query = request.get_json()
if id is None:
domain = Domain()
action = 'create'
else:
domain = Domain.query.get(id)
action = 'update'
for upstream in domain.upstreams:
db.session.delete(upstream)
for alias in domain.aliases:
db.session.delete(alias)
db.session.commit()
uri = query['uri']
htpasswd = query.get('htpasswd')
ssl_key = query.get('ssl_key')
aliases = query.get('aliases', [])
domain_controller = query.get('domain_controller')
domain.upstreams = []
for upstreamInfo in query.get('upstreams', []):
upstream = Upstream()
upstream.ip = upstreamInfo['ip']
upstream.port = upstreamInfo['port']
upstream.websocket = upstreamInfo['websocket'] or False
upstream.location = upstreamInfo['location'] or '/'
upstream.port_ssl = upstreamInfo['port_ssl'] or None
upstream.state = upstreamInfo['state']
domain.upstreams.append(upstream)
domain.aliases = []
for aliasInfo in aliases:
alias = Alias()
alias.uri = aliasInfo['uri']
domain.aliases.append(alias)
domain.domain_controller = None
if domain_controller:
domain_controller = DomainController.query.get(
domain_controller['id']
)
domain.domain_controller = domain_controller
domain.uri = uri
domain.htpasswd = htpasswd
domain.ssl_key = ssl_key
if id is None:
if current_user.has_permission(
CreateDomainPermission,
getattr(domain.domain_controller, 'id')
) is False:
return abort(403)
else:
if current_user.has_permission(
EditDomainPermission,
getattr(domain.domain_controller, 'id')
) is False:
return abort(403)
auditlog(
current_user,
'{} domain'.format(action),
domain,
request_details=request.get_json())
db.session.add(domain)
db.session.commit()
return domain
def delete(self, id):
domain_controller = DomainController.query.get(id)
auditlog(current_user, 'delete domaincontroller', domain_controller)
db.session.delete(domain_controller)
db.session.commit()
def _editDomain(self, id=None):
query = request.get_json()
if id is None:
domain = Domain()
action = 'create'
else:
domain = Domain.query.get(id)
action = 'update'
for upstream in domain.upstreams:
db.session.delete(upstream)
for alias in domain.aliases:
db.session.delete(alias)
db.session.commit()
uri = query['uri']
htpasswd = query.get('htpasswd')
ssl_key = query.get('ssl_key')
aliases = query.get('aliases', [])
domain_controller = query.get('domain_controller')
domain.upstreams = []
for upstreamInfo in query.get('upstreams', []):
upstream = Upstream()
upstream.ip = upstreamInfo['ip']
upstream.port = upstreamInfo['port']
upstream.websocket = upstreamInfo['websocket'] or False
upstream.location = upstreamInfo['location'] or '/'
upstream.port_ssl = upstreamInfo['port_ssl'] or None
upstream.state = upstreamInfo['state']
domain.upstreams.append(upstream)
domain.aliases = []
for aliasInfo in aliases:
alias = Alias()
alias.uri = aliasInfo['uri']
domain.aliases.append(alias)
domain.domain_controller = None
if domain_controller:
domain_controller = DomainController.query.get(
domain_controller['id'])
domain.domain_controller = domain_controller
domain.uri = uri
domain.htpasswd = htpasswd
domain.ssl_key = ssl_key
if id is None:
if current_user.has_permission(
CreateDomainPermission,
getattr(domain.domain_controller, 'id')) is False:
return abort(403)
else:
if current_user.has_permission(
EditDomainPermission,
getattr(domain.domain_controller, 'id')) is False:
return abort(403)
auditlog(current_user,
'{} domain'.format(action),
domain,
request_details=request.get_json())
db.session.add(domain)
db.session.commit()
return domain
def delete(self, id):
host = Host.query.get(id)
auditlog(current_user, 'delete host', host)
db.session.delete(host)
db.session.commit()
