def list(self, filters=None, orders=None, offset=None, limit=None, hooks=None):
     results = []
     service_name = filters.get('serviceName', '') or ''
     if not service_name:
         raise exceptions.FieldRequired(
             message=_('missing query param: %(attribute)s, eg. /v1/api?%(attribute)s=value') %
             {'attribute': 'serviceName'})
     client = wecube.WeCubeClient(CONF.wecube.base_url)
     # subsys_token = cache.get_or_create(TOKEN_KEY, client.login_subsystem, expires=600)
     # client.token = subsys_token
     key = '/platform/v1/plugins/interfaces/enabled'
     cached = cache.get(key, 15)
     if cache.validate(cached):
         resp = cached
     else:
         resp = client.retrieve('/platform/v1/plugins/interfaces/enabled')
         cache.set(key, resp)
     for interface in resp['data']:
         if interface['serviceName'] == service_name:
             for param in interface['inputParameters']:
                 results.append({
                     'type': param['dataType'],
                     'name': param['name'],
                     'value': 'inputParams.' + param['name']
                 })
     return results
Ejemplo n.º 2
0
 def cached_all(self, clusters, expires=3):
     cached_key = 'k8s.' + ','.join([
         cluster['id']
         for cluster in sorted(clusters, key=lambda x: x['id'])
     ]) + '.' + self.__class__.__name__
     cached_data = cache.get(cached_key, expires)
     if not cache.validate(cached_data):
         cached_data = self.all(clusters)
         cache.set(cached_key, cached_data)
     return cached_data
def get_token(base_url):
    token = CONF.wecube_platform.token
    if not CONF.wecube_platform.use_token:
        token = cache.get(WECUBE_TOKEN)
        if not cache.validate(token):
            token = requests.post(base_url + '/auth/v1/api/login',
                                  json={
                                      "username":
                                      CONF.wecube_platform.username,
                                      "password": CONF.wecube_platform.password
                                  }).json()['data'][1]['token']
            cache.set(WECUBE_TOKEN, token)
    return token
 def list(self, filters=None, orders=None, offset=None, limit=None, hooks=None):
     results = []
     client = wecube.WeCubeClient(CONF.wecube.base_url)
     # subsys_token = cache.get_or_create(TOKEN_KEY, client.login_subsystem, expires=600)
     # client.token = subsys_token
     key = '/platform/v1/plugins/interfaces/enabled'
     cached = cache.get(key, 15)
     if cache.validate(cached):
         resp = cached
     else:
         resp = client.retrieve('/platform/v1/plugins/interfaces/enabled')
         cache.set(key, resp)
     results = resp['data']
     return results
def wecmdb_ci_getter(expr_data, is_backref, guids, ci_mapping):
    if expr_data['plugin'].lower() != 'wecmdb'.lower():
        LOG.warning(
            'wecmdb_ci_getter is for wecmdb only, but we got %s instead',
            expr_data['plugin'])
        return []
    base_url = CONF.wecube_platform.base_url
    token = get_token(base_url)
    data = {'filters': expr_data['filters']}
    # build json filters
    if guids is not None:
        if is_backref:
            data['filters'].append({
                'name': expr_data['backref_attribute'] + '.guid',
                'operator': 'in',
                'value': guids
            })
        else:
            data['filters'].append({
                'name': 'guid',
                'operator': 'in',
                'value': guids
            })
    ci_data_key = 'wecmdb/ci-types/%(ci)s' % {
        'ci': ci_mapping[expr_data['ci']]
    }
    results = cache.get(ci_data_key, exipres=30)
    if not cache.validate(results):
        LOG.debug(
            'wecmdb_ci_getter POST /wecmdb/ui/v2/ci-types/%s/ci-data/query' %
            expr_data['ci'])
        LOG.debug('wecmdb_ci_getter     filters: %s', data)
        resp = requests.post(base_url +
                             '/wecmdb/ui/v2/ci-types/%s/ci-data/query' %
                             ci_mapping[expr_data['ci']],
                             json={},
                             headers={'Authorization': 'Bearer ' + token})
        results = resp.json()['data']['contents']
        LOG.debug('wecmdb_ci_getter get %s result(all) length: %s' %
                  (expr_data['ci'], len(results)))
        cache.set(ci_data_key, results)
    results = [
        ret for ret in results
        if jsonfilter.match_all(data['filters'], ret['data'])
    ]
    LOG.debug('wecmdb_ci_getter get %s result(filter) length: %s' %
              (expr_data['ci'], len(results)))
    return results
Ejemplo n.º 6
0
def wecube_expr_query(expr):
    base_url = CONF.wecube.base_url
    cache_key = 'wecube/expr/%s' % expr
    results = cache.get(cache_key, exipres=3)
    if not cache.validate(results):
        LOG.debug('wecube_expr_query with %s' % expr)
        cost_start = datetime.datetime.now()
        client = wecube.WeCubeClient(base_url)
        subsys_token = cache.get_or_create(TOKEN_KEY,
                                           client.login_subsystem,
                                           expires=600)
        client.token = subsys_token
        resp = client.post(
            base_url + '/platform/v1/data-model/dme/integrated-query', {
                'dataModelExpression': expr,
                'filters': []
            })
        cost_end = datetime.datetime.now()
        LOG.debug('wecube_expr_query time cost %s' % (cost_end - cost_start))
        results = resp['data'] or []
        cache.set(cache_key, results)
    LOG.debug('wecube_expr_query result length: %s' % len(results))
    return results
Ejemplo n.º 7
0
 def _get_rules(self, data, boxes=None):
     boxes = boxes or self.list(filters={
         'policy.enabled': 1,
         'subject.enabled': 1
     })
     rules = {}
     hasher = hashlib.sha256()
     hasher.update(json.dumps(data).encode('utf-8'))
     digest = hasher.hexdigest()
     LOG.debug('scope test with data - %s ...', str(data)[:4096])
     for b in boxes:
         LOG.debug('scope test of box[%s - %s]', b['id'], b['name'])
         subject_included = False
         for target in b['subject']['targets']:
             target_included = True
             # target with the same data is cached
             key = 'scope/target/%s/data/%s' % (target['id'], digest)
             cached = cache.get(key, 30)
             if cache.validate(cached):
                 target_included = cached
                 LOG.debug('scope test of target[%s - %s]: %s',
                           target['id'], target['name'],
                           ('accepted' if cached else 'rejected'))
             else:
                 LOG.debug('scope test of target[%s - %s]', target['id'],
                           target['name'])
                 if target['enabled']:
                     if target['args_scope'] is not None:
                         target_included = scope.JsonScope(
                             target['args_scope']).is_match(data)
                     else:
                         target_included = True
                     if target_included:
                         LOG.debug('args scope: accepted')
                         if target['entity_scope'] is not None:
                             target_included = scope.WeCMDBScope(
                                 target['entity_scope']).is_match(
                                     data['entityInstances'])
                         else:
                             target_included = True
                         if target_included:
                             LOG.debug('entity scope: accepted')
                         else:
                             LOG.debug('entity scope: rejected')
                     else:
                         LOG.debug('args scope: rejected')
                 else:
                     LOG.debug('target: disabled')
                     target_included = False
             cache.set(key, target_included)
             if target_included:
                 subject_included = True
                 break
         if subject_included:
             # extend box rules(enabled)
             for rule in b['policy']['rules']:
                 if rule['enabled']:
                     rules[rule['id']] = rule
             LOG.debug('scope test of box[%s - %s]: accepted, rules: %s',
                       b['id'], b['name'], list(rules.keys()))
         else:
             LOG.debug('scope test of box[%s - %s]: rejected', b['id'],
                       b['name'])
     return list(rules.values())
 def _get_rules(self, data, boxes=None, without_subject_test=False):
     boxes = boxes if boxes is not None else self.list(filters={
         'policy.enabled': 1,
         'subject.enabled': 1,
         'enabled': 1
     })
     rules = {}
     hasher = hashlib.sha256()
     hasher.update(json.dumps(data).encode('utf-8'))
     digest = hasher.hexdigest()
     LOG.debug('scope test with data - %s ...', str(data)[:4096])
     for b in boxes:
         LOG.info('scope test of box[%s - %s]', b['id'], b['name'])
         subject_included = False
         if without_subject_test:
             subject_included = True
         else:
             for target in b['subject']['targets']:
                 target_included = True
                 # target with the same data is cached
                 key = 'scope/target/%s/data/%s' % (target['id'], digest)
                 cached = cache.get(key, 10)
                 if cache.validate(cached):
                     target_included = cached
                     LOG.debug('scope test of target[%s - %s]: %s', target['id'], target['name'],
                               ('accepted' if cached else 'rejected'))
                 else:
                     LOG.debug('scope test of target[%s - %s]', target['id'], target['name'])
                     if target['enabled']:
                         # jsonscope match & exprscope match
                         if target['args_scope']:
                             target_included = scope.JsonScope(target['args_scope']).is_match(data)
                         else:
                             target_included = True
                         if target_included:
                             LOG.debug('args scope: accepted')
                             if target['entity_scope']:
                                 target_included = scope.WeCubeScope(target['entity_scope']).is_match(
                                     data['entityInstances'], data.get('entityType', None))
                             else:
                                 target_included = True
                             if target_included:
                                 LOG.debug('entity scope: accepted')
                             else:
                                 LOG.debug('entity scope: rejected')
                         else:
                             LOG.debug('args scope: rejected')
                     else:
                         LOG.debug('target: disabled')
                         target_included = False
                 cache.set(key, target_included)
                 # if any target are included, means subject is inlcuded
                 if target_included:
                     subject_included = True
                     break
         if subject_included:
             # extend box rules(enabled)
             new_rules_map = {}
             for rule in b['policy']['rules']:
                 if rule['enabled']:
                     new_rules_map[rule['id']] = rule
             rules.update(new_rules_map)
             LOG.info('scope test of box[%s - %s]: accepted, rules: %s', b['id'], b['name'],
                      list(new_rules_map.keys()))
         else:
             LOG.info('scope test of box[%s - %s]: rejected', b['id'], b['name'])
     return list(rules.values())