Ejemplo n.º 1
0
    def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
        """GET actual payload containing the secret."""

        # With ACL support, the user token project does not have to be same as
        # project associated with secret. The lookup project_id needs to be
        # derived from the secret's data considering authorization is already
        # done.
        external_project_id = secret.project.external_id
        project = res.get_or_create_project(external_project_id)

        # default to application/octet-stream if there is no Accept header
        if (type(pecan.request.accept) is accept.NoHeaderType
                or not pecan.request.accept.header_value):
            accept_header = 'application/octet-stream'
        else:
            accept_header = pecan.request.accept.header_value
        pecan.override_template('', accept_header)

        # check if payload exists before proceeding
        if not secret.encrypted_data and not secret.secret_store_metadata:
            _secret_payload_not_found()

        twsk = kwargs.get('trans_wrapped_session_key', None)
        transport_key = None

        if twsk:
            transport_key = self._get_transport_key(
                kwargs.get('transport_key_id', None))

        return plugin.get_secret(accept_header, secret, project, twsk,
                                 transport_key)
Ejemplo n.º 2
0
    def get(self, id):
        LOG.info("Fetch resource.", resource={'type': self.type, 'id': id})

        download = strutils.bool_from_string(
            pecan.request.GET.get('download', False))
        func_db = db_api.get_function(id)
        ctx = context.get_ctx()

        if not download:
            pecan.override_template('json')
            return resources.Function.from_dict(func_db.to_dict()).to_dict()
        else:
            source = func_db.code['source']

            if source == 'package':
                f = self.storage_provider.retrieve(ctx.projectid, id)
            elif source == 'swift':
                container = func_db.code['swift']['container']
                obj = func_db.code['swift']['object']
                f = swift_util.download_object(container, obj)
            else:
                msg = 'Download image function is not allowed.'
                pecan.abort(status_code=405,
                            detail=msg,
                            headers={'Server-Error-Message': msg})

            pecan.response.app_iter = (f if isinstance(f, collections.Iterable)
                                       else FileIter(f))
            pecan.response.headers['Content-Type'] = 'application/zip'
            pecan.response.headers['Content-Disposition'] = (
                'attachment; filename="%s"' % os.path.basename(func_db.name))
Ejemplo n.º 3
0
    def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
        """GET actual payload containing the secret."""

        # With ACL support, the user token project does not have to be same as
        # project associated with secret. The lookup project_id needs to be
        # derived from the secret's data considering authorization is already
        # done.
        external_project_id = secret.project.external_id
        project = res.get_or_create_project(external_project_id)

        # default to application/octet-stream if there is no Accept header
        accept_header = getattr(pecan.request.accept, 'header_value',
                                'application/octet-stream')
        pecan.override_template('', accept_header)

        twsk = kwargs.get('trans_wrapped_session_key', None)
        transport_key = None

        if twsk:
            transport_key = self._get_transport_key(
                kwargs.get('transport_key_id', None))

        return plugin.get_secret(accept_header,
                                 secret,
                                 project,
                                 twsk,
                                 transport_key)
Ejemplo n.º 4
0
    def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
        """GET actual payload containing the secret."""

        # With ACL support, the user token project does not have to be same as
        # project associated with secret. The lookup project_id needs to be
        # derived from the secret's data considering authorization is already
        # done.
        external_project_id = secret.project.external_id
        project = res.get_or_create_project(external_project_id)

        # default to application/octet-stream if there is no Accept header
        accept_header = getattr(pecan.request.accept, 'header_value',
                                'application/octet-stream')
        pecan.override_template('', accept_header)

        # check if payload exists before proceeding
        if not secret.encrypted_data and not secret.secret_store_metadata:
            _secret_payload_not_found()

        twsk = kwargs.get('trans_wrapped_session_key', None)
        transport_key = None

        if twsk:
            transport_key = self._get_transport_key(
                kwargs.get('transport_key_id', None))

        return plugin.get_secret(accept_header,
                                 secret,
                                 project,
                                 twsk,
                                 transport_key)
Ejemplo n.º 5
0
    def index(self, keystone_id):
        LOG.debug("== Getting transport key for %s" % keystone_id)
        transport_key = self.repo.get(entity_id=self.transport_key_id)
        if not transport_key:
            _transport_key_not_found()

        pecan.override_template('json', 'application/json')
        return transport_key
Ejemplo n.º 6
0
    def on_get(self, external_project_id):
        LOG.debug("== Getting transport key for %s", external_project_id)
        transport_key = self.repo.get(entity_id=self.transport_key_id)
        if not transport_key:
            _transport_key_not_found()

        pecan.override_template('json', 'application/json')
        return transport_key
Ejemplo n.º 7
0
 def index(self):
     # print pecan.request.content_type
     if is_json_request_accept(pecan.request):
         pecan.override_template('json', 'application/json')
         return {'uri':'/index'}
     else:
         pecan.override_template('', pecan.request.accept.header_value)
         return "/index"
Ejemplo n.º 8
0
    def on_get(self, external_project_id):
        LOG.debug("== Getting transport key for %s", external_project_id)
        transport_key = self.repo.get(entity_id=self.transport_key_id)
        if not transport_key:
            _transport_key_not_found()

        pecan.override_template('json', 'application/json')
        return transport_key
Ejemplo n.º 9
0
    def index(self, keystone_id):
        LOG.debug("== Getting transport key for %s" % keystone_id)
        transport_key = self.repo.get(entity_id=self.transport_key_id)
        if not transport_key:
            _transport_key_not_found()

        pecan.override_template('json', 'application/json')
        return transport_key
Ejemplo n.º 10
0
 def i(self, short):
     try:
         image_id = short_url.decode_url(short)
     except ValueError:
         raise exception.ImageNotFound(reference=short)
     image = db_api.get_image_by_id(image_id=image_id)
     saved_path = path_join(conf.app.static_root,
                            image.relative_path.encode('UTF-8'))
     with file(saved_path) as fh:
         content = fh.read()
     override_template(None, content_type='image/png')
     return content
Ejemplo n.º 11
0
    def _on_get_secret_metadata(self, secret, **kwargs):
        """GET Metadata-only for a secret."""
        pecan.override_template('json', 'application/json')

        secret_fields = putil.mime_types.augment_fields_with_content_types(
            secret)

        transport_key_id = self._get_transport_key_id_if_needed(
            kwargs.get('transport_key_needed'), secret)

        if transport_key_id:
            secret_fields['transport_key_id'] = transport_key_id

        return hrefs.convert_to_hrefs(secret_fields)
Ejemplo n.º 12
0
    def _on_get_secret_metadata(self, secret, **kwargs):
        """GET Metadata-only for a secret."""
        pecan.override_template('json', 'application/json')

        secret_fields = putil.mime_types.augment_fields_with_content_types(
            secret)

        transport_key_id = self._get_transport_key_id_if_needed(
            kwargs.get('transport_key_needed'), secret)

        if transport_key_id:
            secret_fields['transport_key_id'] = transport_key_id

        return hrefs.convert_to_hrefs(secret_fields)
Ejemplo n.º 13
0
    def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
        """GET actual payload containing the secret."""
        project = res.get_or_create_project(external_project_id,
                                            self.repos.project_repo)

        pecan.override_template('', pecan.request.accept.header_value)

        twsk = kwargs.get('trans_wrapped_session_key', None)
        transport_key = None

        if twsk:
            transport_key = self._get_transport_key(
                kwargs.get('transport_key_id', None))

        return plugin.get_secret(pecan.request.accept.header_value, secret,
                                 project, self.repos, twsk, transport_key)
Ejemplo n.º 14
0
    def get(self, id):
        """Get function information or download function package.

        This method can support HTTP request using either
        'Accept:application/json' or no 'Accept' header.
        """
        ctx = context.get_ctx()
        acl.enforce('function:get', ctx)

        download = strutils.bool_from_string(
            pecan.request.GET.get('download', False)
        )
        func_db = db_api.get_function(id)

        if not download:
            LOG.info("Getting function %s.", id)
            pecan.override_template('json')
            return resources.Function.from_db_obj(func_db).to_dict()

        LOG.info("Downloading function %s", id)
        source = func_db.code['source']

        if source == constants.PACKAGE_FUNCTION:
            f = self.storage_provider.retrieve(func_db.project_id, id,
                                               func_db.code['md5sum'])
        elif source == constants.SWIFT_FUNCTION:
            container = func_db.code['swift']['container']
            obj = func_db.code['swift']['object']
            f = swift_util.download_object(container, obj)
        else:
            msg = 'Download image function is not allowed.'
            pecan.abort(
                status_code=405,
                detail=msg,
                headers={'Server-Error-Message': msg}
            )

        pecan.response.app_iter = (f if isinstance(f, collections.Iterable)
                                   else FileIter(f))
        pecan.response.headers['Content-Type'] = 'application/zip'
        pecan.response.headers['Content-Disposition'] = (
            'attachment; filename="%s"' % id
        )
Ejemplo n.º 15
0
    def index(self, keystone_id, **kwargs):

        secret = self.repos.secret_repo.get(entity_id=self.secret_id,
                                            keystone_id=keystone_id,
                                            suppress_exception=True)
        if not secret:
            _secret_not_found()

        if controllers.is_json_request_accept(pecan.request):
            # Metadata-only response, no secret retrieval is necessary.
            pecan.override_template('json', 'application/json')
            secret_fields = putil.mime_types.augment_fields_with_content_types(
                secret)
            transport_key_needed = kwargs.get('transport_key_needed',
                                              'false').lower() == 'true'
            if transport_key_needed:
                transport_key_id = plugin.get_transport_key_id_for_retrieval(
                    secret)
                if transport_key_id is not None:
                    secret_fields['transport_key_id'] = transport_key_id
            return hrefs.convert_to_hrefs(secret_fields)
        else:
            project = res.get_or_create_project(keystone_id,
                                                self.repos.project_repo)
            pecan.override_template('', pecan.request.accept.header_value)
            transport_key = None
            twsk = kwargs.get('trans_wrapped_session_key', None)
            if twsk is not None:
                transport_key_id = kwargs.get('transport_key_id', None)
                if transport_key_id is None:
                    _request_has_twsk_but_no_transport_key_id()
                transport_key_model = self.repos.transport_key_repo.get(
                    entity_id=transport_key_id,
                    suppress_exception=True)
                transport_key = transport_key_model.transport_key

            return plugin.get_secret(pecan.request.accept.header_value,
                                     secret,
                                     project,
                                     self.repos,
                                     twsk,
                                     transport_key)
Ejemplo n.º 16
0
    def t(self, short):
        try:
            image_id = short_url.decode_url(short)
        except ValueError:
            raise exception.ImageNotFound(reference=short)

        image = db_api.get_image_by_id(image_id=image_id)
        relative_path = image.relative_path.encode('UTF-8')
        thumbnail_path = util.generate_thumbnail_path(relative_path)
        saved_path = path_join(conf.app.static_root, thumbnail_path)

        if not exists(saved_path):
            logger.debug('generating thumbnail on accessing: %s' % \
                         saved_path)
            util.save_thumbnail(saved_path)

        with file(saved_path) as fh:
            content = fh.read()

        override_template(None, content_type='image/jpeg')
        return content
Ejemplo n.º 17
0
    def get(self, id):
        LOG.info("Fetch function [id=%s]", id)

        download = strutils.bool_from_string(
            pecan.request.GET.get('download', False))
        func_db = db_api.get_function(id)
        ctx = context.get_ctx()

        if not download:
            pecan.override_template('json')
            return resources.Function.from_dict(func_db.to_dict()).to_dict()
        else:
            f = self.storage_provider.retrieve(
                ctx.projectid,
                id,
            )

            pecan.response.app_iter = FileIter(f)
            pecan.response.headers['Content-Type'] = 'application/zip'
            pecan.response.headers['Content-Disposition'] = (
                'attachment; filename="%s"' % os.path.basename(f.name))
Ejemplo n.º 18
0
    def index(self, keystone_id):

        secret = self.repo.get(entity_id=self.secret_id,
                               keystone_id=keystone_id,
                               suppress_exception=True)
        if not secret:
            _secret_not_found()

        if controllers.is_json_request_accept(pecan.request):
            # Metadata-only response, no decryption necessary.
            pecan.override_template('json', 'application/json')
            secret_fields = mime_types.augment_fields_with_content_types(
                secret)
            return hrefs.convert_to_hrefs(keystone_id, secret_fields)
        else:
            tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
            pecan.override_template('', pecan.request.accept.header_value)
            return self.crypto_manager.decrypt(
                pecan.request.accept.header_value,
                secret,
                tenant
            )
Ejemplo n.º 19
0
    def index(self, keystone_id):

        secret = self.repo.get(entity_id=self.secret_id,
                               keystone_id=keystone_id,
                               suppress_exception=True)
        if not secret:
            _secret_not_found()

        if controllers.is_json_request_accept(pecan.request):
            # Metadata-only response, no decryption necessary.
            pecan.override_template('json', 'application/json')
            secret_fields = mime_types.augment_fields_with_content_types(
                secret)
            return hrefs.convert_to_hrefs(keystone_id, secret_fields)
        else:
            tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
            pecan.override_template('', pecan.request.accept.header_value)
            return self.crypto_manager.decrypt(
                pecan.request.accept.header_value,
                secret,
                tenant
            )
Ejemplo n.º 20
0
	def index_POST(self, **data):
		ret = "Error"
		try:
			username = data['username']
			password = data['password']
		except KeyError:
			return 'Error: format not support'
		session = sql.BaseSQL().session_write()
		"check username exits"
		if (session.query(tables.User).filter(tables.User.username == username).scalar() == None):
			session.add(tables.User(username=username,password=password))
			ret = 'register success!'
		else:
			ret = 'username exits!'


		if is_json_request_accept(pecan.request):
			pecan.override_template('json', 'application/json')
			return {'result':ret}

		else:
			pecan.override_template('', pecan.request.accept.header_value)
			return ret
Ejemplo n.º 21
0
    def get(self, function_id, version):
        """Get function version or download function version package.

        This method can support HTTP request using either
        'Accept:application/json' or no 'Accept' header.
        """
        ctx = context.get_ctx()
        acl.enforce('function_version:get', ctx)

        download = strutils.bool_from_string(
            pecan.request.GET.get('download', False)
        )
        version = int(version)

        version_db = db_api.get_function_version(function_id, version)

        if not download:
            LOG.info("Getting version %s for function %s.", version,
                     function_id)
            pecan.override_template('json')
            return resources.FunctionVersion.from_db_obj(version_db).to_dict()

        LOG.info("Downloading version %s for function %s.", version,
                 function_id)

        f = self.storage_provider.retrieve(version_db.project_id, function_id,
                                           None, version=version)

        if isinstance(f, collections.Iterable):
            pecan.response.app_iter = f
        else:
            pecan.response.app_iter = FileIter(f)
        pecan.response.headers['Content-Type'] = 'application/zip'
        pecan.response.headers['Content-Disposition'] = (
            'attachment; filename="%s_%s"' % (function_id, version)
        )
Ejemplo n.º 22
0
    def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
        """GET actual payload containing the secret."""

        # With ACL support, the user token project does not have to be same as
        # project associated with secret. The lookup project_id needs to be
        # derived from the secret's data considering authorization is already
        # done.
        external_project_id = secret.project_assocs[0].projects.external_id
        project = res.get_or_create_project(external_project_id)

        pecan.override_template('', pecan.request.accept.header_value)

        twsk = kwargs.get('trans_wrapped_session_key', None)
        transport_key = None

        if twsk:
            transport_key = self._get_transport_key(
                kwargs.get('transport_key_id', None))

        return plugin.get_secret(pecan.request.accept.header_value,
                                 secret,
                                 project,
                                 twsk,
                                 transport_key)
Ejemplo n.º 23
0
 def index(self):
     override_template(None, content_type='text/plain')
     return 'Override'
Ejemplo n.º 24
0
 def index(self):
     override_template(None, content_type="text/plain")
     return "Override"
Ejemplo n.º 25
0
 def level(self, level):
     override_template('levels/%s.json' % level)
     return {}
Ejemplo n.º 26
0
 def wrapped(*args, **kwargs):
     f(*args, **kwargs)
     pecan.response.status = 204
     pecan.override_template(None)
Ejemplo n.º 27
0
 def wrapped(*args, **kwargs):
     f(*args, **kwargs)
     pecan.response.status = 204
     pecan.override_template(None)
Ejemplo n.º 28
0
 def wrapped(*args, **kwargs):
     LOG.info('%s(): caller(): %s', log_utils.get_fname(1),
              log_utils.get_fname(2))
     f(*args, **kwargs)
     pecan.response.status = 204
     pecan.override_template(None)