def post(self):
request_body = self.request.body.decode("UTF-8")
execution_id = json.loads(request_body).get('executionId')
if execution_id:
self.application.execution_service.stop_script(execution_id)
else:
respond_error(self, 400, "Invalid stop request")
return
def post(self):
request_body = self.request.body.decode("UTF-8")
process_id = json.loads(request_body).get("processId")
if (process_id):
stop_script(int(process_id))
else:
respond_error(self, 400, "Invalid stop request")
return
def write_error(self, status_code, **kwargs):
if ('exc_info' in kwargs) and (kwargs['exc_info']):
(type, value, traceback) = kwargs['exc_info']
(custom_code, custom_message) = exception_to_code_and_message(value)
if custom_code:
respond_error(self, custom_code, custom_message)
return
respond_error(self, status_code, self._reason)
def get(self, user, script_name):
try:
config = self.application.config_service.load_config(script_name, user)
except ConfigNotAllowedException:
LOGGER.warning('Admin access to the script "' + script_name + '" is denied for ' + user.get_audit_name())
respond_error(self, 403, 'Access to the script is denied')
return
if config is None:
raise tornado.web.HTTPError(404, str('Failed to find config for name: ' + script_name))
self.write(json.dumps(config))
def prepare(self):
if self.request.method != 'POST':
respond_error(self, 405, 'Method not allowed')
return
audit_name = get_audit_name_from_request(self)
file_upload_feature = self.application.file_upload_feature
upload_folder = file_upload_feature.prepare_new_folder(audit_name)
self.request.connection.set_max_body_size(self.application.max_request_size_mb * BYTES_IN_MB)
self.form_reader = StreamingFormReader(self.request.headers, upload_folder)
def prepare(self):
if self.request.method != 'POST':
respond_error(self, 405, 'Method not allowed')
return
audit_name = get_audit_name_from_request(self)
file_upload_feature = self.application.file_upload_feature
upload_folder = file_upload_feature.prepare_new_folder(audit_name)
self.request.connection.set_max_body_size(self.application.max_request_size_mb * BYTES_IN_MB)
self.form_reader = StreamingFormReader(self.request.headers, upload_folder)
def put(self, user):
request = tornado_utils.get_request_body(self)
config = request.get('config')
filename = request.get('filename')
try:
self.application.config_service.update_config(user, config, filename)
except (InvalidConfigException, InvalidFileException) as e:
raise tornado.web.HTTPError(422, str(e))
except ConfigNotAllowedException:
LOGGER.warning('Admin access to the script "' + config['name'] + '" is denied for ' + user.get_audit_name())
respond_error(self, 403, 'Access to the script is denied')
return
def put(self, user):
(config, filename, uploaded_script) = self.read_config_parameters()
try:
self.application.config_service.update_config(user, config, filename, uploaded_script)
except (InvalidConfigException, InvalidFileException) as e:
raise tornado.web.HTTPError(422, str(e))
except ConfigNotAllowedException:
LOGGER.warning('Admin access to the script "' + config['name'] + '" is denied for ' + user.get_audit_name())
respond_error(self, 403, 'Access to the script is denied')
return
except InvalidAccessException as e:
raise tornado.web.HTTPError(403, reason=str(e))
def get(self):
try:
name = self.get_query_argument("name")
except tornado.web.MissingArgumentError:
respond_error(self, 400, "Script name is not specified")
return
config = load_config(name)
if not config:
respond_error(self, 400, "Couldn't find a script by name")
return
self.write(external_model.config_to_json(config))
def authenticate(self, request_handler):
if not self.is_enabled():
return
LOGGER.info('Trying to authenticate user')
login_generic_error = 'Something went wrong. Please contact the administrator or try later'
try:
username = self.authenticator.authenticate(request_handler)
if isinstance(username, tornado.concurrent.Future):
username = yield username
except auth_base.AuthRejectedError as e:
respond_error(request_handler, 401, e.get_message())
return
except auth_base.AuthFailureError:
respond_error(request_handler, 500, login_generic_error)
return
except auth_base.AuthBadRequestException as e:
respond_error(request_handler, 400, e.get_message())
return
except:
LOGGER.exception('Failed to call authenticate')
respond_error(request_handler, 500, login_generic_error)
return
LOGGER.info('Authenticated user ' + username)
if not self.authorizer.is_allowed_in_app(username):
LOGGER.info('User ' + username + ' have no access')
respond_error(
request_handler, 403,
'Access is prohibited. Please contact system administrator')
return
request_handler.set_secure_cookie('username', username)
path = tornado.escape.url_unescape(
request_handler.get_argument('next', '/'))
# redirect only to internal URLs
if path.startswith('http'):
path = '/'
redirect_relative(path, request_handler)
def get(self):
try:
name = self.get_query_argument("name")
except tornado.web.MissingArgumentError:
respond_error(self, 400, "Script name is not specified")
return
config = self.application.config_service.load_config(name)
if not config:
respond_error(self, 400, "Couldn't find a script by name")
return
if not can_access_script(config, self):
raise tornado.web.HTTPError(403, reason='Access to the script is denied')
self.write(external_model.config_to_json(config))
def get(self, user):
try:
name = self.get_query_argument("name")
except tornado.web.MissingArgumentError:
respond_error(self, 400, "Script name is not specified")
return
try:
config = self.application.config_service.load_config_model(name, user)
except ConfigNotAllowedException:
raise tornado.web.HTTPError(403, reason='Access to the script is denied')
if not config:
respond_error(self, 400, "Couldn't find a script by name")
return
self.write(external_model.config_to_external(config))
def get(self, execution_id):
if is_empty(execution_id):
respond_error(self, 400, 'Execution id is not specified')
return
history_entry = self.application.execution_logging_service.find_history_entry(execution_id)
if history_entry is None:
respond_error(self, 400, 'No history found for id ' + execution_id)
return
log = self.application.execution_logging_service.find_log(execution_id)
if is_empty(log):
LOGGER.warning('No log found for execution ' + execution_id)
running = self.application.execution_service.is_running(history_entry.id)
long_log = to_long_execution_log(history_entry, log, running)
self.write(json.dumps(long_log))
def get(self, execution_id):
if is_empty(execution_id):
respond_error(self, 400, 'Execution id is not specified')
return
history_entry = self.application.execution_logging_service.find_history_entry(execution_id)
if history_entry is None:
respond_error(self, 400, 'No history found for id ' + execution_id)
return
log = self.application.execution_logging_service.find_log(execution_id)
if is_empty(log):
LOGGER.warning('No log found for execution ' + execution_id)
running = self.application.execution_service.is_running(history_entry.id)
long_log = to_long_execution_log(history_entry, log, running)
self.write(json.dumps(long_log))
def get(self, user, script_name):
try:
loaded_script = self.application.config_service.load_script_code(script_name, user)
except ConfigNotAllowedException:
LOGGER.warning('Admin access to the script "' + script_name + '" is denied for ' + user.get_audit_name())
respond_error(self, 403, 'Access to the script is denied')
return
except InvalidFileException as e:
LOGGER.warning('Failed to load script code for script ' + script_name, exc_info=True)
respond_error(self, 422, str(e))
return
except InvalidAccessException as e:
raise tornado.web.HTTPError(403, reason=str(e))
if loaded_script is None:
raise tornado.web.HTTPError(404, str('Failed to find config for name: ' + script_name))
self.write(json.dumps(loaded_script))
def get(self, user, execution_id):
if is_empty(execution_id):
respond_error(self, 400, 'Execution id is not specified')
return
try:
history_entry = self.application.execution_logging_service.find_history_entry(
execution_id, user.user_id)
except AccessProhibitedException:
respond_error(
self, 403,
'Access to execution #' + str(execution_id) + ' is prohibited')
return
if history_entry is None:
respond_error(self, 400, 'No history found for id ' + execution_id)
return
log = self.application.execution_logging_service.find_log(execution_id)
if is_empty(log):
LOGGER.warning('No log found for execution ' + execution_id)
running = self.application.execution_service.is_running(
history_entry.id, user)
long_log = to_long_execution_log(history_entry, log, running)
self.write(json.dumps(long_log))
def authenticate(self, request_handler):
if not self.is_enabled():
return
LOGGER.info('Trying to authenticate user')
login_generic_error = 'Something went wrong. Please contact the administrator or try later'
try:
username = self.authenticator.authenticate(request_handler)
if asyncio.iscoroutine(username):
username = yield username
except auth_base.AuthRejectedError as e:
respond_error(request_handler, 401, e.get_message())
return
except auth_base.AuthFailureError:
respond_error(request_handler, 500, login_generic_error)
return
except auth_base.AuthBadRequestException as e:
respond_error(request_handler, 400, e.get_message())
return
except:
LOGGER.exception('Failed to call authenticate')
respond_error(request_handler, 500, login_generic_error)
return
LOGGER.info('Authenticated user ' + username)
request_handler.set_secure_cookie('username', username, expires_days=self.authenticator.auth_expiration_days)
path = tornado.escape.url_unescape(request_handler.get_argument('next', '/'))
# redirect only to internal URLs
if path.startswith('http'):
path = '/'
redirect_relative(path, request_handler)
def authenticate(self, request_handler):
if not self.is_enabled():
return
LOGGER.info('Trying to authenticate user')
login_generic_error = 'Something went wrong. Please contact the administrator or try later'
try:
username = self.authenticator.authenticate(request_handler)
if isinstance(username, tornado.concurrent.Future):
username = yield username
except auth_base.AuthRejectedError as e:
respond_error(request_handler, 401, e.get_message())
return
except auth_base.AuthFailureError:
respond_error(request_handler, 500, login_generic_error)
return
except auth_base.AuthBadRequestException as e:
respond_error(request_handler, 400, e.get_message())
return
except:
LOGGER.exception('Failed to call authenticate')
respond_error(request_handler, 500, login_generic_error)
return
LOGGER.info('Authenticated user ' + username)
request_handler.set_secure_cookie('username', username)
path = tornado.escape.url_unescape(request_handler.get_argument('next', '/'))
# redirect only to internal URLs
if path.startswith('http'):
path = '/'
redirect_relative(path, request_handler)
def get(self, user, script_name, parameter_name):
id = self.get_query_argument('id')
if not id:
respond_error(self, 400, 'Model id is not specified')
return
if id not in active_config_models:
respond_error(self, 400,
'Model with id=' + str(id) + ' does not exist')
return
active_model = active_config_models[id]
config_user_id = active_model['user_id']
if config_user_id != user.user_id:
LOGGER.warning('User ' + str(user) + ' tried to access config ' +
script_name + ' of user #' + config_user_id)
respond_error(self, 400,
'Model with id=' + str(id) + ' does not exist')
return
config_model = active_model['model']
if config_model.name != script_name:
LOGGER.warning('Config name differences for #' + str(id) +
'. Expected ' + config_model.name + ', got ' +
script_name)
respond_error(self, 500, 'Failed to load script by name')
return
path = self.get_query_arguments('path')
try:
files = config_model.list_files_for_param(parameter_name, path)
self.write(json.dumps(files))
except ParameterNotFoundException as e:
respond_error(self, 404,
'Parameter ' + e.param_name + ' does not exist')
return
except (InvalidValueException, WrongParameterUsageException) as e:
respond_error(self, 400, str(e))
return
def post(self, user):
script_name = None
audit_name = user.get_audit_name()
try:
arguments = self.form_reader.values
execution_info = external_model.to_execution_info(arguments)
script_name = execution_info.script
config_model = self.application.config_service.create_config_model(
script_name, user)
if not config_model:
message = 'Script with name "' + str(
script_name) + '" not found'
LOGGER.error(message)
respond_error(self, 400, message)
return
parameter_values = execution_info.param_values
if self.form_reader.files:
for key, value in self.form_reader.files.items():
parameter_values[key] = value.path
try:
config_model.set_all_param_values(parameter_values)
normalized_values = dict(config_model.parameter_values)
except InvalidValueException as e:
message = 'Invalid parameter %s value: %s' % (e.param_name,
str(e))
LOGGER.error(message)
respond_error(self, 400, message)
return
all_audit_names = user.audit_names
LOGGER.info('Calling script %s. User %s', script_name,
all_audit_names)
execution_id = self.application.execution_service.start_script(
config_model, normalized_values, user.user_id, all_audit_names)
self.write(str(execution_id))
except ConfigNotAllowedException:
LOGGER.warning('Access to the script "' + script_name +
'" is denied for ' + audit_name)
respond_error(self, 403, 'Access to the script is denied')
return
except Exception as e:
LOGGER.exception("Error while calling the script")
if hasattr(e, "strerror") and e.strerror:
error_output = e.strerror
else:
error_output = "Unknown error occurred, contact the administrator"
result = " --- ERRORS --- \n"
result += error_output
if script_name:
script = str(script_name)
else:
script = "Some script"
audit_name = audit_name
self.application.alerts_service.send_alert(
script + ' NOT STARTED', "Couldn't start the script " +
script + ' by ' + audit_name + '.\n\n' + result)
respond_error(self, 500, result)
def write_error(self, status_code, **kwargs):
respond_error(self, status_code, self._reason)
def post(self):
script_name = None
audit_name = get_audit_name(self)
try:
arguments = tornado_utils.get_form_arguments(self)
execution_info = external_model.to_execution_info(arguments)
script_name = execution_info.script
config = load_config(script_name)
if not config:
message = 'Script with name "' + str(
script_name) + '" not found'
LOGGER.error(message)
respond_error(self, 400, message)
return
file_upload_feature = self.application.file_upload_feature
if self.request.files:
for key, value in self.request.files.items():
file_info = value[0]
file_path = file_upload_feature.save_file(
file_info.filename, file_info.body, audit_name)
execution_info.param_values[key] = file_path
valid_parameters = model_helper.validate_parameters(
execution_info.param_values, config)
if not valid_parameters:
message = 'Received invalid parameters'
LOGGER.error(message)
respond_error(self, 400, message)
return
executor = ScriptExecutor(config, execution_info.param_values,
audit_name)
audit_command = executor.get_secure_command()
LOGGER.info('Calling script: ' + audit_command)
LOGGER.info('User info: ' + str(get_all_audit_names(self)))
process_id = executor.start()
running_scripts[process_id] = executor
self.write(str(process_id))
secure_output_stream = executor.get_secure_output_stream()
self.start_script_output_logger(audit_name, script_name,
secure_output_stream)
alerts_config = self.application.alerts_config
if alerts_config:
self.subscribe_fail_alerter(script_name, alerts_config,
audit_name, executor,
secure_output_stream)
except Exception as e:
LOGGER.exception("Error while calling the script")
if hasattr(e, "strerror") and e.strerror:
error_output = e.strerror
else:
error_output = "Unknown error occurred, contact the administrator"
result = " --- ERRORS --- \n"
result += error_output
if script_name:
script = str(script_name)
else:
script = "Some script"
audit_name = audit_name
send_alerts(
self.application.alerts_config, script + ' NOT STARTED',
"Couldn't start the script " + script + ' by ' + audit_name +
'.\n\n' + result)
respond_error(self, 500, result)
def write_error(self, status_code, **kwargs):
respond_error(self, status_code, self._reason)
def post(self, user):
script_name = None
audit_name = user.get_audit_name()
try:
arguments = self.form_reader.values
execution_info = external_model.to_execution_info(arguments)
script_name = execution_info.script
config_model = self.application.config_service.create_config_model(script_name, user)
if not config_model:
message = 'Script with name "' + str(script_name) + '" not found'
LOGGER.error(message)
respond_error(self, 400, message)
return
parameter_values = execution_info.param_values
if self.form_reader.files:
for key, value in self.form_reader.files.items():
parameter_values[key] = value.path
try:
config_model.set_all_param_values(parameter_values)
normalized_values = dict(config_model.parameter_values)
except InvalidValueException as e:
message = 'Invalid parameter %s value: %s' % (e.param_name, str(e))
LOGGER.error(message)
respond_error(self, 400, message)
return
all_audit_names = user.audit_names
LOGGER.info('Calling script %s. User %s', script_name, all_audit_names)
execution_id = self.application.execution_service.start_script(
config_model,
normalized_values,
user.user_id,
all_audit_names)
self.write(str(execution_id))
except ConfigNotAllowedException:
LOGGER.warning('Access to the script "' + script_name + '" is denied for ' + audit_name)
respond_error(self, 403, 'Access to the script is denied')
return
except Exception as e:
LOGGER.exception("Error while calling the script")
if hasattr(e, "strerror") and e.strerror:
error_output = e.strerror
else:
error_output = "Unknown error occurred, contact the administrator"
result = " --- ERRORS --- \n"
result += error_output
if script_name:
script = str(script_name)
else:
script = "Some script"
audit_name = audit_name
self.application.alerts_service.send_alert(
script + ' NOT STARTED',
"Couldn't start the script " + script + ' by ' + audit_name + '.\n\n'
+ result)
respond_error(self, 500, result)
def get(self, user, script_name, parameter_name):
id = self.get_query_argument('id')
if not id:
respond_error(self, 400, 'Model id is not specified')
return
if id not in active_config_models:
respond_error(self, 400, 'Model with id=' + str(id) + ' does not exist')
return
active_model = active_config_models[id]
config_user_id = active_model['user_id']
if config_user_id != user.user_id:
LOGGER.warning('User ' + str(user) + ' tried to access config '
+ script_name + ' of user #' + config_user_id)
respond_error(self, 400, 'Model with id=' + str(id) + ' does not exist')
return
config_model = active_model['model']
if config_model.name != script_name:
LOGGER.warning(
'Config name differences for #' + str(id) + '. Expected ' + config_model.name + ', got ' + script_name)
respond_error(self, 500, 'Failed to load script by name')
return
path = self.get_query_arguments('path')
try:
files = config_model.list_files_for_param(parameter_name, path)
self.write(json.dumps(files))
except ParameterNotFoundException as e:
respond_error(self, 404, 'Parameter ' + e.param_name + ' does not exist')
return
except (InvalidValueException, WrongParameterUsageException) as e:
respond_error(self, 400, str(e))
return
def post(self):
script_name = None
audit_name = get_audit_name_from_request(self)
try:
arguments = tornado_utils.get_form_arguments(self)
execution_info = external_model.to_execution_info(arguments)
script_name = execution_info.script
config = self.application.config_service.load_config(script_name)
if not config:
message = 'Script with name "' + str(script_name) + '" not found'
LOGGER.error(message)
respond_error(self, 400, message)
return
if not can_access_script(config, self):
LOGGER.warning('Access to the script "' + script_name + '" is denied for ' + audit_name)
respond_error(self, 403, 'Access to the script is denied')
return
file_upload_feature = self.application.file_upload_feature
if self.request.files:
for key, value in self.request.files.items():
file_info = value[0]
file_path = file_upload_feature.save_file(file_info.filename, file_info.body, audit_name)
execution_info.param_values[key] = file_path
model_helper.prepare_multiselect_values(execution_info.param_values, config.parameters)
valid_parameters = model_helper.validate_parameters(execution_info.param_values, config)
if not valid_parameters:
message = 'Received invalid parameters'
LOGGER.error(message)
respond_error(self, 400, message)
return
user_id = _identify_user(self)
all_audit_names = get_all_audit_names(self)
LOGGER.info('Calling script ' + script_name + '. User ' + str(all_audit_names))
execution_id = self.application.execution_service.start_script(
config,
execution_info.param_values,
user_id,
all_audit_names)
self.write(str(execution_id))
except Exception as e:
LOGGER.exception("Error while calling the script")
if hasattr(e, "strerror") and e.strerror:
error_output = e.strerror
else:
error_output = "Unknown error occurred, contact the administrator"
result = " --- ERRORS --- \n"
result += error_output
if script_name:
script = str(script_name)
else:
script = "Some script"
audit_name = audit_name
self.application.alerts_service.send_alert(
script + ' NOT STARTED',
"Couldn't start the script " + script + ' by ' + audit_name + '.\n\n'
+ result)
respond_error(self, 500, result)