def run_query(self, query, user): self._current_user = user try: error = None code = compile_restricted(query, '<string>', 'exec') builtins = safe_builtins.copy() builtins["_write_"] = self.custom_write builtins["__import__"] = self.custom_import builtins["_getattr_"] = getattr builtins["getattr"] = getattr builtins["_setattr_"] = setattr builtins["setattr"] = setattr builtins["_getitem_"] = self.custom_get_item builtins["_getiter_"] = self.custom_get_iter builtins["_print_"] = self._custom_print # Layer in our own additional set of builtins that we have # considered safe. for key in self.safe_builtins: builtins[key] = __builtins__[key] restricted_globals = dict(__builtins__=builtins) restricted_globals["get_query_result"] = self.get_query_result restricted_globals["get_source_schema"] = self.get_source_schema restricted_globals["get_current_user"] = self.get_current_user restricted_globals["execute_query"] = self.execute_query restricted_globals["add_result_column"] = self.add_result_column restricted_globals["add_result_row"] = self.add_result_row restricted_globals[ "disable_print_log"] = self._custom_print.disable restricted_globals["enable_print_log"] = self._custom_print.enable # Supported data types restricted_globals["TYPE_DATETIME"] = TYPE_DATETIME restricted_globals["TYPE_BOOLEAN"] = TYPE_BOOLEAN restricted_globals["TYPE_INTEGER"] = TYPE_INTEGER restricted_globals["TYPE_STRING"] = TYPE_STRING restricted_globals["TYPE_DATE"] = TYPE_DATE restricted_globals["TYPE_FLOAT"] = TYPE_FLOAT # TODO: Figure out the best way to have a timeout on a script # One option is to use ETA with Celery + timeouts on workers # And replacement of worker process every X requests handled. exec((code), restricted_globals, self._script_locals) result = self._script_locals['result'] result['log'] = self._custom_print.lines json_data = json_dumps(result) except KeyboardInterrupt: error = "Query cancelled by user." json_data = None except Exception as e: error = str(type(e)) + " " + str(e) json_data = None return json_data, error
def execute(hass, filename, source, data=None): """Execute Python source.""" compiled = compile_restricted_exec(source, filename=filename) if compiled.errors: _LOGGER.error("Error loading script %s: %s", filename, ", ".join(compiled.errors)) return if compiled.warnings: _LOGGER.warning("Warning loading script %s: %s", filename, ", ".join(compiled.warnings)) def protected_getattr(obj, name, default=None): """Restricted method to get attributes.""" if name.startswith("async_"): raise ScriptError("Not allowed to access async methods") if (obj is hass and name not in ALLOWED_HASS or obj is hass.bus and name not in ALLOWED_EVENTBUS or obj is hass.states and name not in ALLOWED_STATEMACHINE or obj is hass.services and name not in ALLOWED_SERVICEREGISTRY or obj is dt_util and name not in ALLOWED_DT_UTIL or obj is datetime and name not in ALLOWED_DATETIME or isinstance(obj, TimeWrapper) and name not in ALLOWED_TIME): raise ScriptError( f"Not allowed to access {obj.__class__.__name__}.{name}") return getattr(obj, name, default) builtins = safe_builtins.copy() builtins.update(utility_builtins) builtins["datetime"] = datetime builtins["sorted"] = sorted builtins["time"] = TimeWrapper() builtins["dt_util"] = dt_util logger = logging.getLogger(f"{__name__}.{filename}") restricted_globals = { "__builtins__": builtins, "_print_": StubPrinter, "_getattr_": protected_getattr, "_write_": full_write_guard, "_getiter_": iter, "_getitem_": default_guarded_getitem, "_iter_unpack_sequence_": guarded_iter_unpack_sequence, "_unpack_sequence_": guarded_unpack_sequence, "hass": hass, "data": data or {}, "logger": logger, } try: _LOGGER.info("Executing %s: %s", filename, data) # pylint: disable=exec-used exec(compiled.code, restricted_globals) except ScriptError as err: logger.error("Error executing script: %s", err) except Exception as err: # pylint: disable=broad-except logger.exception("Error executing script: %s", err)
def run_query(self, query, user): try: error = None code = compile_restricted(query, '<string>', 'exec') builtins = safe_builtins.copy() builtins["_write_"] = self.custom_write builtins["__import__"] = self.custom_import builtins["_getattr_"] = getattr builtins["getattr"] = getattr builtins["_setattr_"] = setattr builtins["setattr"] = setattr builtins["_getitem_"] = self.custom_get_item builtins["_getiter_"] = self.custom_get_iter builtins["_print_"] = self._custom_print # Layer in our own additional set of builtins that we have # considered safe. for key in self.safe_builtins: builtins[key] = __builtins__[key] restricted_globals = dict(__builtins__=builtins) restricted_globals["get_query_result"] = self.get_query_result restricted_globals["get_source_schema"] = self.get_source_schema restricted_globals["execute_query"] = self.execute_query restricted_globals["add_result_column"] = self.add_result_column restricted_globals["add_result_row"] = self.add_result_row restricted_globals["disable_print_log"] = self._custom_print.disable restricted_globals["enable_print_log"] = self._custom_print.enable # Supported data types restricted_globals["TYPE_DATETIME"] = TYPE_DATETIME restricted_globals["TYPE_BOOLEAN"] = TYPE_BOOLEAN restricted_globals["TYPE_INTEGER"] = TYPE_INTEGER restricted_globals["TYPE_STRING"] = TYPE_STRING restricted_globals["TYPE_DATE"] = TYPE_DATE restricted_globals["TYPE_FLOAT"] = TYPE_FLOAT # TODO: Figure out the best way to have a timeout on a script # One option is to use ETA with Celery + timeouts on workers # And replacement of worker process every X requests handled. exec((code), restricted_globals, self._script_locals) result = self._script_locals['result'] result['log'] = self._custom_print.lines json_data = json_dumps(result) except KeyboardInterrupt: error = "Query cancelled by user." json_data = None except Exception as e: error = str(type(e)) + " " + str(e) json_data = None return json_data, error
def execute(hass, filename, source, data=None): """Execute Python source.""" from RestrictedPython import compile_restricted_exec from RestrictedPython.Guards import safe_builtins, full_write_guard, \ guarded_iter_unpack_sequence, guarded_unpack_sequence from RestrictedPython.Utilities import utility_builtins from RestrictedPython.Eval import default_guarded_getitem compiled = compile_restricted_exec(source, filename=filename) if compiled.errors: _LOGGER.error('Error loading script %s: %s', filename, ', '.join(compiled.errors)) return if compiled.warnings: _LOGGER.warning('Warning loading script %s: %s', filename, ', '.join(compiled.warnings)) def protected_getattr(obj, name, default=None): """Restricted method to get attributes.""" # pylint: disable=too-many-boolean-expressions if name.startswith('async_'): raise ScriptError('Not allowed to access async methods') elif (obj is hass and name not in ALLOWED_HASS or obj is hass.bus and name not in ALLOWED_EVENTBUS or obj is hass.states and name not in ALLOWED_STATEMACHINE or obj is hass.services and name not in ALLOWED_SERVICEREGISTRY): raise ScriptError('Not allowed to access {}.{}'.format( obj.__class__.__name__, name)) return getattr(obj, name, default) builtins = safe_builtins.copy() builtins.update(utility_builtins) builtins['datetime'] = datetime restricted_globals = { '__builtins__': builtins, '_print_': StubPrinter, '_getattr_': protected_getattr, '_write_': full_write_guard, '_getiter_': iter, '_getitem_': default_guarded_getitem, '_iter_unpack_sequence_': guarded_iter_unpack_sequence, '_unpack_sequence_': guarded_unpack_sequence, } logger = logging.getLogger('{}.{}'.format(__name__, filename)) local = {'hass': hass, 'data': data or {}, 'logger': logger} try: _LOGGER.info('Executing %s: %s', filename, data) # pylint: disable=exec-used exec(compiled.code, restricted_globals, local) except ScriptError as err: logger.error('Error executing script: %s', err) except Exception as err: # pylint: disable=broad-except logger.exception('Error executing script: %s', err)
def execute(hass, filename, source, data=None): """Execute Python source.""" from RestrictedPython import compile_restricted_exec from RestrictedPython.Guards import safe_builtins, full_write_guard from RestrictedPython.Utilities import utility_builtins from RestrictedPython.Eval import default_guarded_getitem compiled = compile_restricted_exec(source, filename=filename) if compiled.errors: _LOGGER.error('Error loading script %s: %s', filename, ', '.join(compiled.errors)) return if compiled.warnings: _LOGGER.warning('Warning loading script %s: %s', filename, ', '.join(compiled.warnings)) def protected_getattr(obj, name, default=None): """Restricted method to get attributes.""" # pylint: disable=too-many-boolean-expressions if name.startswith('async_'): raise ScriptError('Not allowed to access async methods') elif (obj is hass and name not in ALLOWED_HASS or obj is hass.bus and name not in ALLOWED_EVENTBUS or obj is hass.states and name not in ALLOWED_STATEMACHINE or obj is hass.services and name not in ALLOWED_SERVICEREGISTRY): raise ScriptError('Not allowed to access {}.{}'.format( obj.__class__.__name__, name)) return getattr(obj, name, default) builtins = safe_builtins.copy() builtins.update(utility_builtins) restricted_globals = { '__builtins__': builtins, '_print_': StubPrinter, '_getattr_': protected_getattr, '_write_': full_write_guard, '_getiter_': iter, '_getitem_': default_guarded_getitem } logger = logging.getLogger('{}.{}'.format(__name__, filename)) local = { 'hass': hass, 'data': data or {}, 'logger': logger } try: _LOGGER.info('Executing %s: %s', filename, data) # pylint: disable=exec-used exec(compiled.code, restricted_globals, local) except ScriptError as err: logger.error('Error executing script: %s', err) except Exception as err: # pylint: disable=broad-except logger.exception('Error executing script: %s', err)
from RestrictedPython.Guards import full_write_guard from RestrictedPython.Guards import guarded_iter_unpack_sequence from RestrictedPython.Guards import guarded_unpack_sequence from RestrictedPython.Guards import safe_builtins from RestrictedPython.Utilities import utility_builtins from zExceptions import Unauthorized from AccessControl.SecurityInfo import secureModule from AccessControl.SecurityManagement import getSecurityManager from AccessControl.SimpleObjectPolicies import ContainerAssertions from AccessControl.SimpleObjectPolicies import Containers from AccessControl.SimpleObjectPolicies import allow_type _marker = [] # Create a new marker object. safe_builtins = safe_builtins.copy() safe_builtins.update(utility_builtins) # Allow access to unprotected attributes (don't show deprecation warning). with warnings.catch_warnings(): warnings.simplefilter("ignore") try: import sets except ImportError: pass else: sets.__allow_access_to_unprotected_subobjects__ = 1 # Allow access to unprotected attributes string.__allow_access_to_unprotected_subobjects__ = 1 math.__allow_access_to_unprotected_subobjects__ = 1
def run_query(self, query, user): import random import enums from config.settings import get_config_value from lib.database.database import Database from lib import models from api.graphql.logic.order_csv import XlsxWriter import io from lib.aws.file_uploader import FileUploader from lib.utils import path_to_url import csv import uuid import datetime from lib.elastic.queries.order_query import OrdersQuery self._current_user = user try: error = None code = compile_restricted(query, '<string>', 'exec') # code = compile(query, '<string>', 'exec') builtins = safe_builtins.copy() builtins["_write_"] = self.custom_write builtins["__import__"] = self.custom_import builtins["_getattr_"] = getattr builtins["getattr"] = getattr builtins["_setattr_"] = setattr builtins["setattr"] = setattr builtins["_getitem_"] = self.custom_get_item builtins["_getiter_"] = self.custom_get_iter builtins["_print_"] = self._custom_print builtins['dir'] = dir # Layer in our own additional set of builtins that we have # considered safe. for key in self.safe_builtins: builtins[key] = __builtins__[key] restricted_globals = dict(__builtins__=builtins) restricted_globals["get_query_result"] = self.get_query_result restricted_globals["get_source_schema"] = self.get_source_schema restricted_globals["get_current_user"] = self.get_current_user restricted_globals["execute_query"] = self.execute_query restricted_globals["add_result_column"] = self.add_result_column restricted_globals["add_result_row"] = self.add_result_row restricted_globals["disable_print_log"] = self._custom_print.disable restricted_globals["enable_print_log"] = self._custom_print.enable # Supported data types restricted_globals["TYPE_DATETIME"] = TYPE_DATETIME restricted_globals["TYPE_BOOLEAN"] = TYPE_BOOLEAN restricted_globals["TYPE_INTEGER"] = TYPE_INTEGER restricted_globals["TYPE_STRING"] = TYPE_STRING restricted_globals["TYPE_DATE"] = TYPE_DATE restricted_globals["TYPE_FLOAT"] = TYPE_FLOAT # TODO: Figure out the best way to have a timeout on a script # One option is to use ETA with Celery + timeouts on workers # And replacement of worker process every X requests handled. restricted_globals.update(locals()) exec((code), restricted_globals, self._script_locals) # exec((code), globals(), self._script_locals) result = self._script_locals['result'] result['log'] = self._custom_print.lines json_data = json_dumps(result) except KeyboardInterrupt: error = "Query cancelled by user." json_data = None except Exception as e: error = traceback.format_exc() # error = str(type(e)) + " " + str(e) json_data = None return json_data, error
def test_monitor_script(request): v_return = {} v_return['v_data'] = '' v_return['v_error'] = False v_return['v_error_id'] = -1 #Invalid session if not request.session.get('omnidb_session'): v_return['v_error'] = True v_return['v_error_id'] = 1 return JsonResponse(v_return) v_session = request.session.get('omnidb_session') json_object = json.loads(request.POST.get('data', None)) v_database_index = json_object['p_database_index'] v_tab_id = json_object['p_tab_id'] v_script_chart = json_object['p_script_chart'] v_script_data = json_object['p_script_data'] v_type = json_object['p_type'] v_database = v_session.v_tab_connections[v_tab_id] #Check database prompt timeout v_timeout = v_session.DatabaseReachPasswordTimeout(int(v_database_index)) if v_timeout['timeout']: v_return['v_data'] = { 'password_timeout': True, 'message': v_timeout['message'] } v_return['v_error'] = True return JsonResponse(v_return) v_return['v_data'] = {'v_object': None, 'v_error': False} try: loc = {"connection": v_database.v_connection} builtins = safe_builtins.copy() builtins['_getiter_'] = iter builtins['_getitem_'] = default_guarded_getitem byte_code = compile_restricted(v_script_data, '<inline>', 'exec') exec(byte_code, builtins, loc) data = loc['result'] if v_type == 'grid': v_return['v_data']['v_object'] = data else: byte_code = compile_restricted(v_script_chart, '<inline>', 'exec') exec(byte_code, builtins, loc) result = loc['result'] result['data'] = data v_return['v_data']['v_object'] = result except Exception as exc: v_unit_data = { 'v_object': None, 'v_error': True, 'v_message': str(exc) } v_return['v_data'] = v_unit_data return JsonResponse(v_return)
def refresh_monitor_units(request): v_return = {} v_return['v_data'] = '' v_return['v_error'] = False v_return['v_error_id'] = -1 #Invalid session if not request.session.get('omnidb_session'): v_return['v_error'] = True v_return['v_error_id'] = 1 return JsonResponse(v_return) v_session = request.session.get('omnidb_session') json_object = json.loads(request.POST.get('data', None)) v_database_index = json_object['p_database_index'] v_tab_id = json_object['p_tab_id'] v_ids = json_object['p_ids'] v_database_orig = v_session.v_tab_connections[v_tab_id] v_database = OmniDatabase.Generic.InstantiateDatabase( v_database_orig.v_db_type, v_database_orig.v_connection.v_host, str(v_database_orig.v_connection.v_port), v_database_orig.v_active_service, v_database_orig.v_active_user, v_database_orig.v_connection.v_password, v_database_orig.v_conn_id, v_database_orig.v_alias, p_conn_string=v_database_orig.v_conn_string, p_parse_conn_string=False) v_return['v_data'] = [] if len(v_ids) > 0: v_first = True v_query = '' for v_id in v_ids: #save new user/connection unit if v_id['saved_id'] == -1: try: v_session.v_omnidb_database.v_connection.Open() v_session.v_omnidb_database.v_connection.Execute( 'BEGIN TRANSACTION;') v_session.v_omnidb_database.v_connection.Execute(''' insert into units_users_connections values ((select coalesce(max(uuc_id), 0) + 1 from units_users_connections), {0}, {1}, {2}, {3}, '{4}'); '''.format(v_id['id'], v_session.v_user_id, v_database_orig.v_conn_id, v_id['interval'], v_id['plugin_name'])) v_id[ 'saved_id'] = v_session.v_omnidb_database.v_connection.ExecuteScalar( ''' select coalesce(max(uuc_id), 0) from units_users_connections ''') v_session.v_omnidb_database.v_connection.Execute('COMMIT;') v_session.v_omnidb_database.v_connection.Close() except Exception as exc: v_return['v_data'] = str(exc) v_return['v_error'] = True return JsonResponse(v_return) if v_id['plugin_name'] == '': if not v_first: v_query += ' union all ' v_first = False v_query += ''' select unit_id, {0} as 'sequence', {1} as rendered, {2} as saved_id, script_chart, script_data, type, title, interval from mon_units where unit_id = '{3}' '''.format(v_id['sequence'], v_id['rendered'], v_id['saved_id'], v_id['id']) #plugin unit else: #search plugin data unit_data = None for mon_unit in monitoring_units: if mon_unit['id'] == v_id['id'] and mon_unit[ 'plugin_name'] == v_id['plugin_name']: unit_data = mon_unit break try: v_unit_data = { 'v_saved_id': v_id['saved_id'], 'v_id': unit_data['id'], 'v_sequence': v_id['sequence'], 'v_type': unit_data['type'], 'v_title': unit_data['title'], 'v_interval': unit_data['interval'], 'v_object': None, 'v_error': False } loc = {"connection": v_database.v_connection} builtins = safe_builtins.copy() builtins['_getiter_'] = iter builtins['_getitem_'] = default_guarded_getitem byte_code = compile_restricted(unit_data['script_data'], '<inline>', 'exec') exec(byte_code, builtins, loc) data = loc['result'] if unit_data['type'] == 'grid' or v_id['rendered'] == 1: v_unit_data['v_object'] = data else: byte_code = compile_restricted( unit_data['script_chart'], '<inline>', 'exec') exec(byte_code, builtins, loc) result = loc['result'] result['data'] = data v_unit_data['v_object'] = result v_return['v_data'].append(v_unit_data) except Exception as exc: v_unit_data = { 'v_saved_id': v_id['saved_id'], 'v_id': unit_data['id'], 'v_sequence': v_id['sequence'], 'v_type': unit_data['type'], 'v_title': unit_data['title'], 'v_interval': unit_data['interval'], 'v_object': None, 'v_error': True, 'v_message': str(exc) } v_return['v_data'].append(v_unit_data) if v_query != '': try: v_units = v_session.v_omnidb_database.v_connection.Query( v_query) for v_unit in v_units.Rows: try: v_unit_data = { 'v_saved_id': v_unit['saved_id'], 'v_id': v_unit['unit_id'], 'v_sequence': v_unit['sequence'], 'v_type': v_unit['type'], 'v_title': v_unit['title'], 'v_interval': v_unit['interval'], 'v_object': None, 'v_error': False } loc = {"connection": v_database.v_connection} builtins = safe_builtins.copy() builtins['_getiter_'] = iter builtins['_getitem_'] = default_guarded_getitem byte_code = compile_restricted(v_unit['script_data'], '<inline>', 'exec') exec(byte_code, builtins, loc) data = loc['result'] if v_unit['type'] == 'grid' or v_unit['rendered'] == 1: v_unit_data['v_object'] = data else: byte_code = compile_restricted( v_unit['script_chart'], '<inline>', 'exec') exec(byte_code, builtins, loc) result = loc['result'] result['data'] = data v_unit_data['v_object'] = result v_return['v_data'].append(v_unit_data) except Exception as exc: v_unit_data = { 'v_saved_id': v_unit['saved_id'], 'v_id': v_unit['unit_id'], 'v_sequence': v_unit['sequence'], 'v_type': v_unit['type'], 'v_title': v_unit['title'], 'v_interval': v_unit['interval'], 'v_object': None, 'v_error': True, 'v_message': str(exc) } v_return['v_data'].append(v_unit_data) except Exception as exc: v_return['v_data'] = str(exc) v_return['v_error'] = True return JsonResponse(v_return) return JsonResponse(v_return)
def refresh_monitor_units(request): v_return = {} v_return['v_data'] = '' v_return['v_error'] = False v_return['v_error_id'] = -1 #Invalid session if not request.session.get('omnidb_session'): v_return['v_error'] = True v_return['v_error_id'] = 1 return JsonResponse(v_return) v_session = request.session.get('omnidb_session') json_object = json.loads(request.POST.get('data', None)) v_database_index = json_object['p_database_index'] v_tab_id = json_object['p_tab_id'] v_ids = json_object['p_ids'] v_database_orig = v_session.v_tab_connections[v_tab_id] v_database = OmniDatabase.Generic.InstantiateDatabase( v_database_orig.v_db_type, v_database_orig.v_connection.v_host, str(v_database_orig.v_connection.v_port), v_database_orig.v_service, v_database_orig.v_user, v_database_orig.v_connection.v_password, v_database_orig.v_conn_id, v_database_orig.v_alias) if len(v_ids) > 0: v_first = True v_query = '' for v_id in v_ids: if not v_first: v_query += ' union all ' v_first = False v_query += ''' select unit_id, {0} as 'sequence', {1} as rendered, script_chart, script_data, type, title, interval from mon_units where unit_id = '{2}' '''.format(v_id['sequence'], v_id['rendered'], v_id['id']) v_return['v_data'] = [] try: v_units = v_session.v_omnidb_database.v_connection.Query(v_query) for v_unit in v_units.Rows: try: v_unit_data = { 'v_id': v_unit['unit_id'], 'v_sequence': v_unit['sequence'], 'v_type': v_unit['type'], 'v_title': v_unit['title'], 'v_interval': v_unit['interval'], 'v_object': None, 'v_error': False } loc = {"connection": v_database.v_connection} builtins = safe_builtins.copy() builtins['_getiter_'] = iter builtins['_getitem_'] = default_guarded_getitem byte_code = compile_restricted(v_unit['script_data'], '<inline>', 'exec') exec(byte_code, builtins, loc) data = loc['result'] if v_unit['type'] == 'grid' or v_unit['rendered'] == 1: v_unit_data['v_object'] = data else: byte_code = compile_restricted(v_unit['script_chart'], '<inline>', 'exec') exec(byte_code, builtins, loc) result = loc['result'] result['data'] = data v_unit_data['v_object'] = result v_return['v_data'].append(v_unit_data) except Exception as exc: v_unit_data = { 'v_id': v_unit['unit_id'], 'v_sequence': v_unit['sequence'], 'v_type': v_unit['type'], 'v_title': v_unit['title'], 'v_interval': v_unit['interval'], 'v_object': None, 'v_error': True, 'v_message': str(exc) } v_return['v_data'].append(v_unit_data) except Exception as exc: v_return['v_data'] = str(exc) v_return['v_error'] = True return JsonResponse(v_return) return JsonResponse(v_return)
__version__='$Revision: 1.18 $'[11:-2] import sys import RestrictedPython from RestrictedPython.Guards import safe_builtins, full_write_guard from RestrictedPython.Utilities import utility_builtins from RestrictedPython.Eval import RestrictionCapableEval from SecurityManagement import getSecurityManager from SecurityInfo import secureModule from SimpleObjectPolicies import Containers, ContainerAssertions from zExceptions import Unauthorized _marker = [] # Create a new marker object. safe_builtins = safe_builtins.copy() safe_builtins.update(utility_builtins) # AccessControl.Implementation inserts these names into this module as # module globals: aq_validate, guarded_getattr def initialize(impl): # Called by AccessControl.Implementation.setImplementation() # whenever the selected implementation changes. global guarded_getattr guarded_getattr = impl.guarded_getattr safe_builtins['getattr'] = guarded_getattr def guarded_hasattr(object, name): try:
def test_monitor_script(request): v_return = {} v_return['v_data'] = '' v_return['v_error'] = False v_return['v_error_id'] = -1 #Invalid session if not request.session.get('omnidb_session'): v_return['v_error'] = True v_return['v_error_id'] = 1 return JsonResponse(v_return) v_session = request.session.get('omnidb_session') json_object = json.loads(request.POST.get('data', None)) v_database_index = json_object['p_database_index'] v_tab_id = json_object['p_tab_id'] v_script_chart = json_object['p_script_chart'] v_script_data = json_object['p_script_data'] v_type = json_object['p_type'] v_database = v_session.v_tab_connections[v_tab_id] #Check database prompt timeout v_timeout = v_session.DatabaseReachPasswordTimeout(int(v_database_index)) if v_timeout['timeout']: v_return['v_data'] = {'password_timeout': True, 'message': v_timeout['message'] } v_return['v_error'] = True return JsonResponse(v_return) v_return['v_data'] = { 'v_object': None, 'v_error': False } try: loc = {"connection": v_database.v_connection} builtins = safe_builtins.copy() builtins['_getiter_'] = iter builtins['_getitem_'] = default_guarded_getitem byte_code = compile_restricted(v_script_data, '<inline>', 'exec') exec(byte_code, builtins, loc) data = loc['result'] if v_type == 'grid': v_return['v_data']['v_object'] = data else: byte_code = compile_restricted(v_script_chart, '<inline>', 'exec') exec(byte_code, builtins, loc) result = loc['result'] result['data'] = data v_return['v_data']['v_object'] = result except Exception as exc: v_unit_data = { 'v_object': None, 'v_error': True, 'v_message': str(exc) } v_return['v_data'] = v_unit_data return JsonResponse(v_return)
def refresh_monitor_units(request): v_return = {} v_return['v_data'] = '' v_return['v_error'] = False v_return['v_error_id'] = -1 #Invalid session if not request.session.get('omnidb_session'): v_return['v_error'] = True v_return['v_error_id'] = 1 return JsonResponse(v_return) v_session = request.session.get('omnidb_session') json_object = json.loads(request.POST.get('data', None)) v_database_index = json_object['p_database_index'] v_tab_id = json_object['p_tab_id'] v_ids = json_object['p_ids'] v_database_orig = v_session.v_tab_connections[v_tab_id] v_database = OmniDatabase.Generic.InstantiateDatabase( v_database_orig.v_db_type, v_database_orig.v_connection.v_host, str(v_database_orig.v_connection.v_port), v_database_orig.v_active_service, v_database_orig.v_active_user, v_database_orig.v_connection.v_password, v_database_orig.v_conn_id, v_database_orig.v_alias, p_conn_string = v_database_orig.v_conn_string, p_parse_conn_string = False ) v_return['v_data'] = [] if len(v_ids) > 0: v_first = True v_query = '' for v_id in v_ids: #save new user/connection unit if v_id['saved_id'] == -1: try: v_session.v_omnidb_database.v_connection.Open() v_session.v_omnidb_database.v_connection.Execute('BEGIN TRANSACTION;') v_session.v_omnidb_database.v_connection.Execute(''' insert into units_users_connections values ((select coalesce(max(uuc_id), 0) + 1 from units_users_connections), {0}, {1}, {2}, {3}, '{4}'); '''.format(v_id['id'],v_session.v_user_id,v_database_orig.v_conn_id,v_id['interval'],v_id['plugin_name'])); v_id['saved_id'] = v_session.v_omnidb_database.v_connection.ExecuteScalar(''' select coalesce(max(uuc_id), 0) from units_users_connections ''') v_session.v_omnidb_database.v_connection.Execute('COMMIT;') v_session.v_omnidb_database.v_connection.Close() except Exception as exc: v_return['v_data'] = str(exc) v_return['v_error'] = True return JsonResponse(v_return) if v_id['plugin_name']=='': if not v_first: v_query += ' union all ' v_first = False v_query += ''' select unit_id, {0} as 'sequence', {1} as rendered, {2} as saved_id, script_chart, script_data, type, title, interval from mon_units where unit_id = '{3}' '''.format(v_id['sequence'], v_id['rendered'], v_id['saved_id'], v_id['id']) #plugin unit else: #search plugin data unit_data = None for mon_unit in monitoring_units: if mon_unit['id'] == v_id['id'] and mon_unit['plugin_name'] == v_id['plugin_name']: unit_data = mon_unit break try: v_unit_data = { 'v_saved_id': v_id['saved_id'], 'v_id': unit_data['id'], 'v_sequence': v_id['sequence'], 'v_type': unit_data['type'], 'v_title': unit_data['title'], 'v_interval': unit_data['interval'], 'v_object': None, 'v_error': False } loc = {"connection": v_database.v_connection} builtins = safe_builtins.copy() builtins['_getiter_'] = iter builtins['_getitem_'] = default_guarded_getitem byte_code = compile_restricted(unit_data['script_data'], '<inline>', 'exec') exec(byte_code, builtins, loc) data = loc['result'] if unit_data['type'] == 'grid' or v_id['rendered'] == 1: v_unit_data['v_object'] = data else: byte_code = compile_restricted(unit_data['script_chart'], '<inline>', 'exec') exec(byte_code, builtins, loc) result = loc['result'] result['data'] = data v_unit_data['v_object'] = result v_return['v_data'].append(v_unit_data) except Exception as exc: v_unit_data = { 'v_saved_id': v_id['saved_id'], 'v_id': unit_data['id'], 'v_sequence': v_id['sequence'], 'v_type': unit_data['type'], 'v_title': unit_data['title'], 'v_interval': unit_data['interval'], 'v_object': None, 'v_error': True, 'v_message': str(exc) } v_return['v_data'].append(v_unit_data) if v_query != '': try: v_units = v_session.v_omnidb_database.v_connection.Query(v_query) for v_unit in v_units.Rows: try: v_unit_data = { 'v_saved_id': v_unit['saved_id'], 'v_id': v_unit['unit_id'], 'v_sequence': v_unit['sequence'], 'v_type': v_unit['type'], 'v_title': v_unit['title'], 'v_interval': v_unit['interval'], 'v_object': None, 'v_error': False } loc = {"connection": v_database.v_connection} builtins = safe_builtins.copy() builtins['_getiter_'] = iter builtins['_getitem_'] = default_guarded_getitem byte_code = compile_restricted(v_unit['script_data'], '<inline>', 'exec') exec(byte_code, builtins, loc) data = loc['result'] if v_unit['type'] == 'grid' or v_unit['rendered'] == 1: v_unit_data['v_object'] = data else: byte_code = compile_restricted(v_unit['script_chart'], '<inline>', 'exec') exec(byte_code, builtins, loc) result = loc['result'] result['data'] = data v_unit_data['v_object'] = result v_return['v_data'].append(v_unit_data) except Exception as exc: v_unit_data = { 'v_saved_id': v_unit['saved_id'], 'v_id': v_unit['unit_id'], 'v_sequence': v_unit['sequence'], 'v_type': v_unit['type'], 'v_title': v_unit['title'], 'v_interval': v_unit['interval'], 'v_object': None, 'v_error': True, 'v_message': str(exc) } v_return['v_data'].append(v_unit_data) except Exception as exc: v_return['v_data'] = str(exc) v_return['v_error'] = True return JsonResponse(v_return) return JsonResponse(v_return)
########################################################################### import os.path import re import codecs from RestrictedPython.RCompile import RExpression from RestrictedPython.MutatingWalker import walk from RestrictedPython.Guards import safe_builtins as eval_builtins from string import maketrans from compiler import ast, parse _subexpr = re.compile("\$\$|\$\$|\$(?P<nosan>/)?(?P<label>[a-z]+)?(?P<paren>\()?") pathseptrans = dict(enumerate(unicode(maketrans('/', '_')[:48]))) pathtrans = dict(enumerate(unicode(maketrans(r'/\[]?=+<>;",*|', os.path.sep + '_' * 13)[:125]))) eval_builtins = eval_builtins.copy() eval_builtins.update(filter=filter, map=map, max=max, min=min, reduce=reduce, reversed=reversed, slice=slice, sorted=sorted) del eval_builtins['delattr'] del eval_builtins['setattr'] eval_globals = {'__builtins__':eval_builtins, '_getattr_':getattr, '_getitem_': lambda x, y: x[y]} def underscorereplace_errors(e): return (u'_' * (e.end - e.start), e.end) codecs.register_error('underscorereplace', underscorereplace_errors) def evaluate(item, cdict): if isinstance(item, Expr): return item.evaluate(cdict) else: return item
def execute(hass, filename, source, data=None): """Execute Python source.""" from RestrictedPython import compile_restricted_exec from RestrictedPython.Guards import safe_builtins, full_write_guard, \ guarded_iter_unpack_sequence, guarded_unpack_sequence from RestrictedPython.Utilities import utility_builtins from RestrictedPython.Eval import default_guarded_getitem compiled = compile_restricted_exec(source, filename=filename) if compiled.errors: _LOGGER.error("Error loading script %s: %s", filename, ", ".join(compiled.errors)) return if compiled.warnings: _LOGGER.warning("Warning loading script %s: %s", filename, ", ".join(compiled.warnings)) def protected_getattr(obj, name, default=None): """Restricted method to get attributes.""" # pylint: disable=too-many-boolean-expressions if name.startswith('async_'): raise ScriptError("Not allowed to access async methods") if (obj is hass and name not in ALLOWED_HASS or obj is hass.bus and name not in ALLOWED_EVENTBUS or obj is hass.states and name not in ALLOWED_STATEMACHINE or obj is hass.services and name not in ALLOWED_SERVICEREGISTRY or obj is dt_util and name not in ALLOWED_DT_UTIL or obj is datetime and name not in ALLOWED_DATETIME or isinstance(obj, TimeWrapper) and name not in ALLOWED_TIME): raise ScriptError("Not allowed to access {}.{}".format( obj.__class__.__name__, name)) return getattr(obj, name, default) builtins = safe_builtins.copy() builtins.update(utility_builtins) builtins['datetime'] = datetime builtins['sorted'] = sorted builtins['time'] = TimeWrapper() builtins['dt_util'] = dt_util restricted_globals = { '__builtins__': builtins, '_print_': StubPrinter, '_getattr_': protected_getattr, '_write_': full_write_guard, '_getiter_': iter, '_getitem_': default_guarded_getitem, '_iter_unpack_sequence_': guarded_iter_unpack_sequence, '_unpack_sequence_': guarded_unpack_sequence, } logger = logging.getLogger('{}.{}'.format(__name__, filename)) local = { 'hass': hass, 'data': data or {}, 'logger': logger } try: _LOGGER.info("Executing %s: %s", filename, data) # pylint: disable=exec-used exec(compiled.code, restricted_globals, local) except ScriptError as err: logger.error("Error executing script: %s", err) except Exception as err: # pylint: disable=broad-except logger.exception("Error executing script: %s", err)