def get_dict(self, exclude_keys=None, include_keys=None, extended_info=False): result = super(User, self).get_dict(exclude_keys, include_keys) if extended_info: result["groups"] = [g.group_name for g in self.groups] result["permissions"] = [p.perm_name for p in UserService.permissions(self)] request = get_current_request() apps = UserService.resources_with_perms( self, ["view"], resource_types=["application"] ) result["applications"] = sorted( [ {"resource_id": a.resource_id, "resource_name": a.resource_name} for a in apps.all() ], key=lambda x: x["resource_name"].lower(), ) result["assigned_reports"] = [ r.get_dict(request) for r in self.assigned_report_groups ] result["latest_events"] = [ ev.get_dict(request) for ev in self.latest_events() ] exclude_keys_list = exclude_keys or [] include_keys_list = include_keys or [] d = {} for k in result.keys(): if k not in exclude_keys_list and ( k in include_keys_list or not include_keys ): d[k] = result[k] return d
def get_paginator( cls, user, page=1, item_count=None, items_per_page=50, order_by=None, filter_settings=None, db_session=None, ): if not filter_settings: filter_settings = {} registry = get_current_registry() resources = UserService.resources_with_perms( user, ["view"], resource_types=registry.resource_types) resource_ids = [r.resource_id for r in resources] query = EventService.for_resource(resource_ids, or_target_user_id=user.id, limit=100, db_session=db_session) paginator = SqlalchemyOrmPage(query, page=page, items_per_page=items_per_page, **filter_settings) return paginator
def test_resources_ids_with_perm(self, db_session): created_user = add_user(db_session) resource1 = add_resource(db_session, 1, "test_resource1") resource2 = add_resource(db_session, 2, "test_resource2") resource3 = add_resource(db_session, 3, "test_resource3") permission1 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource1.resource_id, ) permission2 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource2.resource_id, ) permission3 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource3.resource_id, ) resource1.user_permissions.append(permission1) resource2.user_permissions.append(permission2) resource3.user_permissions.append(permission3) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], resource_ids=[1, 3], db_session=db_session).all() assert resources == [resource1, resource3]
def test_resources_ids_with_perm(self, db_session): created_user = add_user(db_session) resource1 = add_resource(db_session, 1, "test_resource1") resource2 = add_resource(db_session, 2, "test_resource2") resource3 = add_resource(db_session, 3, "test_resource3") permission1 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource1.resource_id, ) permission2 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource2.resource_id, ) permission3 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource3.resource_id, ) resource1.user_permissions.append(permission1) resource2.user_permissions.append(permission2) resource3.user_permissions.append(permission3) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], resource_ids=[1, 3], db_session=db_session ).all() assert resources == [resource1, resource3]
def users_websocket(request): """ Handle authorization of users trying to connect """ # handle preflight request user = request.user if request.method == "OPTIONS": res = request.response.body("OK") add_cors_headers(res) return res applications = UserService.resources_with_perms( user, ["view"], resource_types=["application"]) channels = ["app_%s" % app.resource_id for app in applications] payload = { "username": user.user_name, "conn_id": str(uuid.uuid4()), "channels": channels, } settings = request.registry.settings response = channelstream_request( settings["cometd.secret"], "/connect", payload, servers=[request.registry.settings["cometd_servers"]], throw_exceptions=True, ) return payload
def test_owned_permissions(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") created_user.resources.append(resource) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session).all() assert resources[0] == resource
def test_owned_permissions(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") created_user.resources.append(resource) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session ).all() assert resources[0] == resource
def latest_for_user(cls, user, db_session=None): registry = get_current_registry() resources = UserService.resources_with_perms( user, ["view"], resource_types=registry.resource_types) resource_ids = [r.resource_id for r in resources] db_session = get_db_session(db_session) return EventService.for_resource(resource_ids, or_target_user_id=user.id, limit=10, db_session=db_session)
def assigned_report_groups(self): from appenlight.models.report_group import ReportGroup resources = UserService.resources_with_perms( self, ["view"], resource_types=["application"] ) query = self.assigned_reports_relation rid_list = [r.resource_id for r in resources] query = query.filter(ReportGroup.resource_id.in_(rid_list)) query = query.limit(50) return query
def test_resources_with_perm(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session).all() assert resources[0] == resource
def test_owned_permissions(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") created_user.resources.append(resource) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session).all() assert resources[0] == resource permission = ResourceService.direct_perms_for_user( resource, created_user)[0] assert permission.owner is True assert permission.allowed is True assert permission.user.id == created_user.id
def test_resources_with_perm(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session ).all() assert resources[0] == resource
def index(request): """ Returns list of report groups based on user search query """ if request.user: request.user.last_login_date = datetime.utcnow() applications = UserService.resources_with_perms( request.user, ["view"], resource_types=["application"]) search_params = request.GET.mixed() all_possible_app_ids = set([app.resource_id for app in applications]) schema = ReportSearchSchema().bind(resources=all_possible_app_ids) tag_schema = TagListSchema() filter_settings = schema.deserialize(search_params) tag_list = [{ "name": k, "value": v } for k, v in filter_settings.items() if k not in accepted_search_params] tags = tag_schema.deserialize(tag_list) filter_settings["tags"] = tags if request.matched_route.name == "slow_reports": filter_settings["report_type"] = [ReportType.slow] else: filter_settings["report_type"] = [ReportType.error] reports_paginator = ReportGroupService.get_paginator_by_app_ids( app_ids=filter_settings["resource"], page=filter_settings["page"], filter_settings=filter_settings, ) reports = [] include_keys = ( "id", "http_status", "report_type", "resource_name", "front_url", "resource_id", "error", "url_path", "tags", "duration", ) for report in reports_paginator.sa_items: reports.append(report.get_dict(request, include_keys=include_keys)) headers = gen_pagination_headers(request, reports_paginator) request.response.headers.update(headers) return reports
def index(request): if not request.user: return {"owned_dashboards": [], "viewable_dashboards": []} dashboards = UserService.resources_with_perms(request.user, ["delete"], resource_types=["dashboard"]) owned_dashboard_list = [] owned_dashboard_ids = [] viewable_dashboards_list = [] for d in dashboards: ddict = d.get_dict( exclude_keys=None, include_keys=["resource_id", "resource_name", "uuid", "public"], ) owned_dashboard_list.append(ddict) owned_dashboard_ids.append(ddict["resource_id"]) viewable_dashboards = UserService.resources_with_perms( request.user, ["view"], resource_types=["dashboard"]) for d in viewable_dashboards: if d.resource_id in owned_dashboard_ids: continue ddict = d.get_dict( exclude_keys=None, include_keys=["resource_id", "resource_name", "uuid", "public"], ) ddict["permissions"] = [ perm.perm_name for perm in ResourceService.perms_for_user(d, request.user) ] viewable_dashboards_list.append(ddict) return { "owned_dashboards": owned_dashboard_list, "viewable_dashboards": viewable_dashboards_list, }
def charts_PATCH(request): dashboard = request.context.resource json_body = copy.deepcopy(request.unsafe_json_body) chart_config = json_body["config"] # for now just throw error in case something weird is found applications = UserService.resources_with_perms( request.user, ["view"], resource_types=["application"]) # CRITICAL - this ensures our resultset is limited to only the ones # user has view permissions all_possible_app_ids = set([app.resource_id for app in applications]) schema = ChartConfigSchema().bind(resources=all_possible_app_ids) schema.deserialize(chart_config) # some processing/normalizing for new/missing variables if "timeRange" not in chart_config: chart_config["timeRange"] = "1M" if "startMoment" not in chart_config: chart_config["startMoment"] = "now" if "startMomentUnit" not in chart_config: chart_config["startMomentUnit"] = "days" if "startMomentValue" not in chart_config: chart_config["startMomentValue"] = 0 # ensure we don't have any leftover chart definitions present from # removed layout columns chart_ids = [] for row in dashboard.layout_config: for col in row["columns"]: chart_ids.append(col["chartId"]) for chart in dashboard.charts: if chart.uuid not in chart_ids: actions = AlertChannelActionService.by_other_id(chart.uuid) for action in actions: DBSession.delete(action) dashboard.charts.remove(chart) chart_config["json_config_version"] = chart.json_config_version # make sure we set model field as dirty request.context.chart.name = json_body["name"] request.context.chart.config = None request.context.chart.config = chart_config session = DBSession() mark_changed(session) request.session.flash("Chart saved") return True
def resources_with_perms(self, perms, resource_ids=None, resource_types=None, db_session=None): """ .. deprecated:: 0.8 :param perms: :param resource_ids: :param resource_types: :param db_session: :return: """ db_session = get_db_session(db_session, self) return UserService.resources_with_perms( self, perms=perms, resource_ids=resource_ids, resource_types=resource_types, db_session=db_session)
def build_filter_settings_from_query_dict(request, params=None, override_app_ids=None, resource_permissions=None): """ Builds list of normalized search terms for ES from query params ensuring application list is restricted to only applications user has access to :param params (dictionary) :param override_app_ids - list of application id's to use instead of applications user normally has access to """ params = copy.deepcopy(params) applications = [] if not resource_permissions: resource_permissions = ["view"] if request.user: applications = UserService.resources_with_perms( request.user, resource_permissions, resource_types=["application"]) # CRITICAL - this ensures our resultset is limited to only the ones # user has view permissions all_possible_app_ids = set([app.resource_id for app in applications]) # if override is preset we force permission for app to be present # this allows users to see dashboards and applications they would # normally not be able to if override_app_ids: all_possible_app_ids = set(override_app_ids) schema = LogSearchSchema().bind(resources=all_possible_app_ids) tag_schema = TagListSchema() filter_settings = schema.deserialize(params) tag_list = [] for k, v in list(filter_settings.items()): if k in accepted_search_params: continue tag_list.append({"name": k, "value": v, "op": "eq"}) # remove the key from filter_settings filter_settings.pop(k, None) tags = tag_schema.deserialize(tag_list) filter_settings["tags"] = tags return filter_settings
def test_mixed_perms(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) resource2 = add_resource(db_session, 2, "test_resource") created_user.resources.append(resource2) add_resource(db_session, 3, "test_resource") add_resource_b(db_session, 4, "test_resource") db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session).all() found_ids = [r.resource_id for r in resources] assert sorted(found_ids) == [1, 2]
def event_PATCH(request): resources = UserService.resources_with_perms( request.user, ["view"], resource_types=request.registry.resource_types) event = EventService.for_resource( [r.resource_id for r in resources], event_id=request.matchdict["event_id"]).first() if not event: return HTTPNotFound() allowed_keys = ["status"] for k, v in request.unsafe_json_body.items(): if k in allowed_keys: if k == "status": event.close() else: setattr(event, k, v) else: return HTTPBadRequest() return event.get_dict()
def applications_list(request): """ Applications list if query params contain ?type=foo, it will list applications with one of those permissions for user, otherwise only list of owned applications will be returned appending ?root_list while being administration will allow to list all applications in the system """ is_root = request.has_permission("root_administration", RootFactory(request)) if is_root and request.GET.get("root_list"): resources = Resource.all().order_by(Resource.resource_name) resource_type = request.GET.get("resource_type", "application") if resource_type: resources = resources.filter(Resource.resource_type == resource_type) else: permissions = request.params.getall("permission") if permissions: resources = UserService.resources_with_perms( request.user, permissions, resource_types=[request.GET.get("resource_type", "application")], ) else: resources = request.user.resources.filter( Application.resource_type == request.GET.get("resource_type", "application") ) return [ r.get_dict( include_keys=[ "resource_id", "resource_name", "domains", "owner_user_name", "owner_group_name", ] ) for r in resources ]
def test_multiple_resources_with_perm(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) resource2 = add_resource(db_session, 2, "test_resource2") permission2 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource2.resource_id, ) resource2.user_permissions.append(permission2) resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session).all() assert resources == [resource, resource2]
def test_mixed_perms(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) resource2 = add_resource(db_session, 2, "test_resource") created_user.resources.append(resource2) add_resource(db_session, 3, "test_resource") add_resource_b(db_session, 4, "test_resource") db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session ).all() found_ids = [r.resource_id for r in resources] assert sorted(found_ids) == [1, 2]
def test_resources_with_group_permission(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") resource2 = add_resource(db_session, 2, "test_resource2") add_resource(db_session, 3, "test_resource3") group = add_group(db_session) group.users.append(created_user) group_permission = GroupResourcePermission( perm_name="test_perm", group_id=1, resource_id=resource.resource_id ) group_permission2 = GroupResourcePermission( perm_name="foo_perm", group_id=1, resource_id=resource2.resource_id ) resource.group_permissions.append(group_permission) resource2.group_permissions.append(group_permission2) db_session.flush() resources = UserService.resources_with_perms( created_user, ["foo_perm"], db_session=db_session ).all() assert resources[0] == resource2
def test_multiple_resources_with_perm(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) resource2 = add_resource(db_session, 2, "test_resource2") permission2 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource2.resource_id, ) resource2.user_permissions.append(permission2) resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session ).all() assert resources == [resource, resource2]
def resources_with_perms(self, perms, resource_ids=None, resource_types=None, db_session=None): """ .. deprecated:: 0.8 :param perms: :param resource_ids: :param resource_types: :param db_session: :return: """ db_session = get_db_session(db_session, self) return UserService.resources_with_perms(self, perms=perms, resource_ids=resource_ids, resource_types=resource_types, db_session=db_session)
def test_resources_with_group_permission(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") resource2 = add_resource(db_session, 2, "test_resource2") add_resource(db_session, 3, "test_resource3") group = add_group(db_session) group.users.append(created_user) group_permission = GroupResourcePermission( perm_name="test_perm", group_id=1, resource_id=resource.resource_id) group_permission2 = GroupResourcePermission( perm_name="foo_perm", group_id=1, resource_id=resource2.resource_id) resource.group_permissions.append(group_permission) resource2.group_permissions.append(group_permission2) db_session.flush() resources = UserService.resources_with_perms( created_user, ["foo_perm"], db_session=db_session).all() assert resources[0] == resource2
def test_resources_with_perm_type_other_found(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") resource2 = add_resource_b(db_session, 2, "test_resource") resource3 = add_resource(db_session, 3, "test_resource") resource4 = add_resource_b(db_session, 4, "test_resource") db_session.flush() permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) permission2 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource2.resource_id, ) resource2.user_permissions.append(permission2) permission3 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource3.resource_id, ) resource3.user_permissions.append(permission3) permission4 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource4.resource_id, ) resource4.user_permissions.append(permission4) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], resource_types=["test_resource_b"], db_session=db_session, ).all() assert len(resources) == 2
def test_resources_with_perm_type_other_found(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") resource2 = add_resource_b(db_session, 2, "test_resource") resource3 = add_resource(db_session, 3, "test_resource") resource4 = add_resource_b(db_session, 4, "test_resource") db_session.flush() permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) permission2 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource2.resource_id, ) resource2.user_permissions.append(permission2) permission3 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource3.resource_id, ) resource3.user_permissions.append(permission3) permission4 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource4.resource_id, ) resource4.user_permissions.append(permission4) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], resource_types=["test_resource_b"], db_session=db_session, ).all() assert len(resources) == 2
def charts_data(request): """ Handles charting from UI generated charts """ # path for user testing out the chart ids_to_override = None chart = request.context.chart chart.migrate_json_config() req_type = request.matchdict["key"] if (request.method == "POST" and not request.context.used_uuid and req_type == "data_test_config"): chart_config = copy.deepcopy(request.unsafe_json_body) # for now just throw error in case something weird is found applications = UserService.resources_with_perms( request.user, ["view"], resource_types=["application"]) # CRITICAL - this ensures our resultset is limited to only the ones # user has view permissions all_possible_app_ids = set([app.resource_id for app in applications]) schema = ChartConfigSchema().bind(resources=all_possible_app_ids) schema.deserialize(chart_config) filter_settings = build_filter_settings_from_chart_config( request, chart_config) else: # path for everyone else viewing the chart using UUID/public or not # ids_to_override will only work here because # initially it was validated # in dashboard_chart_save() request - so at this point its considered # valid chart_config = chart.config if not chart_config: return {} ids_to_override = [chart_config["resource"]] filter_settings = build_filter_settings_from_chart_config( request, chart_config, override_app_ids=ids_to_override) if not chart_config: return HTTPNotFound() # send chartype so client knows how to render the result chart_type = chart_config.get("chartType") # we always want to use the POST version of chart type for preview purposes # as priority if not chart_type: chart_type = chart.config.get("chartType") es_config = transform_json_to_es_config(request, chart_config, filter_settings, ids_to_override=ids_to_override) query = es_config["query"] if not es_config["index_names"]: return { "name": "", "chart_type": chart_type, "parent_agg": es_config["parent_agg"], "series": [], "system_labels": {}, "groups": [], "rect_regions": [], "categories": [], } result = Datastores.es.search(body=query, index=es_config["index_names"], doc_type="log", size=0) series, info_dict = parse_es_result(result, es_config, json_config=chart_config) regions = [] if req_type == "data_rule_config": json_body = copy.deepcopy(request.unsafe_json_body) rule_config = json_body.get("rule") field_mappings = json_body.get("mappings") rule_obj = RuleService.rule_from_config(rule_config, field_mappings, info_dict["system_labels"]) parent_agg = chart_config.get("parentAgg") if parent_agg and parent_agg["type"] == "time_histogram": for step in series: if rule_obj.match(step): iv = time_deltas[parent_agg["config"]["interval"]] step_start = step["key"].replace(second=0, microsecond=0) regions.append({ "start": step_start, "end": step_start + iv["delta"], "class": "rule1", }) else: events = EventService.for_resource([chart.resource_id], target_uuid=chart.uuid) for event in events: if event.end_date or event.values.get("end_interval"): end_date = event.end_date.replace(second=0, microsecond=0) step_end = event.values.get("end_interval") or end_date else: step_end = datetime.utcnow().replace(second=0, microsecond=0) start_date = event.values["start_interval"] regions.append({ "start": start_date, "end": step_end, "class": "rule1" }) return { "name": chart.name, "chart_type": chart_type, "parent_agg": es_config["parent_agg"], "series": series, "system_labels": info_dict["system_labels"], "rect_regions": regions, "groups": [list(v) for v in info_dict["groups"].values()], "categories": info_dict["categories"], }
def alerting_test(request): """ Allows to test send data on various registered alerting channels """ applications = UserService.resources_with_perms( request.user, ["view"], resource_types=["application"]) # what we can select in total all_possible_app_ids = [app.resource_id for app in applications] resource = applications[0] alert_channels = [] for channel in request.user.alert_channels: alert_channels.append(channel.get_dict()) cname = request.params.get("channel_name") cvalue = request.params.get("channel_value") event_name = request.params.get("event_name") if cname and cvalue: for channel in request.user.alert_channels: if channel.channel_value == cvalue and channel.channel_name == cname: break if event_name in ["error_report_alert", "slow_report_alert"]: # opened new_event = Event( resource_id=resource.resource_id, event_type=Event.types[event_name], start_date=datetime.datetime.utcnow(), status=Event.statuses["active"], values={ "reports": 5, "threshold": 10 }, ) channel.notify_alert(resource=resource, event=new_event, user=request.user, request=request) # closed ev_type = Event.types[event_name.replace("open", "close")] new_event = Event( resource_id=resource.resource_id, event_type=ev_type, start_date=datetime.datetime.utcnow(), status=Event.statuses["closed"], values={ "reports": 5, "threshold": 10 }, ) channel.notify_alert(resource=resource, event=new_event, user=request.user, request=request) elif event_name == "notify_reports": report = ( ReportGroupService.by_app_ids(all_possible_app_ids).filter( ReportGroup.report_type == ReportType.error).first()) confirmed_reports = [(5, report), (1, report)] channel.notify_reports( resource=resource, user=request.user, request=request, since_when=datetime.datetime.utcnow(), reports=confirmed_reports, ) confirmed_reports = [(5, report)] channel.notify_reports( resource=resource, user=request.user, request=request, since_when=datetime.datetime.utcnow(), reports=confirmed_reports, ) elif event_name == "notify_uptime": new_event = Event( resource_id=resource.resource_id, event_type=Event.types["uptime_alert"], start_date=datetime.datetime.utcnow(), status=Event.statuses["active"], values={ "status_code": 500, "tries": 2, "response_time": 0 }, ) channel.notify_uptime_alert(resource=resource, event=new_event, user=request.user, request=request) elif event_name == "chart_alert": event = EventService.by_type_and_status( event_types=(Event.types["chart_alert"], ), status_types=(Event.statuses["active"], ), ).first() channel.notify_chart_alert(resource=event.resource, event=event, user=request.user, request=request) elif event_name == "daily_digest": since_when = datetime.datetime.utcnow() - datetime.timedelta( hours=8) filter_settings = { "resource": [resource.resource_id], "tags": [{ "name": "type", "value": ["error"], "op": None }], "type": "error", "start_date": since_when, } reports = ReportGroupService.get_trending( request, filter_settings=filter_settings, limit=50) channel.send_digest( resource=resource, user=request.user, request=request, since_when=datetime.datetime.utcnow(), reports=reports, ) return { "alert_channels": alert_channels, "applications": dict([(app.resource_id, app.resource_name) for app in applications.all()]), }
def build_filter_settings_from_chart_config( request, params=None, override_app_ids=None, resource_permissions=None ): """ Builds list of normalized search terms for ES from chart config ensuring application list is restricted to only applications user has access to :param search_params (dictionary) :param override_app_ids - list of application id's to use instead of applications user normally has access to """ params = copy.deepcopy(params) applications = [] if not resource_permissions: resource_permissions = ["view"] if request and request.user: applications = UserService.resources_with_perms( request.user, resource_permissions, resource_types=["application"] ) # CRITICAL - this ensures our resultset is limited to only the ones # user has view permissions all_possible_app_ids = set([app.resource_id for app in applications]) # if override is preset we force permission for app to be present # this allows users to see dashboards and applications they would # normally not be able to if override_app_ids: all_possible_app_ids = set(override_app_ids) transformed_params = {} if params.get("resource"): transformed_params["resource"] = [params.pop("resource")] else: transformed_params["resource"] = [] # filter may hold tags and namespace/level filters we need to handle # them differently and rewrite them accordingly to "query" string format for item in params.get("filters", []): i_name = item["name"] if not i_name or item["type"] in ["namespace", "level"]: i_name = item["type"] if i_name not in transformed_params: transformed_params[i_name] = [] # special handling for tags (we need to handle operands for them) # vs normal objects, tags if item["type"] == "tag": transformed_params[i_name].append( {"value": item["value"], "op": item.get("op"), "name": i_name} ) else: transformed_params[i_name].append(item["value"]) additional_parms = dict( [(k, v) for k, v in params.items() if k in accepted_search_params and v] ) transformed_params.update(additional_parms) schema = LogSearchSchema().bind(resources=all_possible_app_ids) tag_schema = TagListSchema() filter_settings = schema.deserialize(transformed_params) tag_list = [] for k, filters in list(filter_settings.items()): if k in accepted_search_params: continue tag_list.extend(filters) filter_settings.pop(k, None) tags = tag_schema.deserialize(tag_list) filter_settings["tags"] = tags return filter_settings