def get(version, orderid=None, itemnum='ALL'): user = flask.g.user filters = request.get_json(force=True, silent=True) if filters and not isinstance(filters, dict): message = MessagesResponse(errors=['Invalid filters supplied'], code=400) return message() item_status = espa.item_status(orderid, itemnum, user.username, filters=filters) message = ItemsResponse(item_status, code=200) if not user.is_staff(): message.limit = ('name', 'status', 'note', 'completion_date', 'product_dload_url', 'cksum_download_url') return message()
def unauthorized(): reasons = ['unknown', 'auth', 'conn', 'db'] reason = flask.g.get('error_reason', '') if reason not in reasons or reason == 'unknown': logger.critical('ERR uncaught exception in user authentication') msg = SystemErrorResponse elif reason == 'auth': msg = AuthFailedResponse elif reason == 'db': msg = MessagesResponse(warnings=['Database connection failed'], code=503) elif reason == 'conn': msg = MessagesResponse(warnings=['ERS connection failed'], code=503) return msg()
def post(version): data = request.get_json(force=True) try: response = espa.update_system_status(data) if response is not True: resp = MessagesResponse(errors=['internal server error'], code=500) elif isinstance(response, dict) and response.keys() == ['msg']: resp = MessagesResponse(errors=response['msg'], code=400) else: return 'success' except Exception as e: logger.critical("ERROR updating system status: {0}".format( traceback.format_exc())) resp = MessagesResponse(errors=['internal server error'], code=500) return resp()
def decorated(*args, **kwargs): versions = admin_api_operations.keys() url_version = request.url.split('/')[4].replace('v', '') if url_version in versions: return func(*args, **kwargs) else: msg = MessagesResponse( errors=['Invalid API version {}'.format(url_version)], code=404) return msg()
def get(version, email=None): filters = request.get_json(force=True, silent=True) search = dict(username=auth.username(), filters=filters) if email: # Allow user collaboration for usearch in ('email', 'username'): user = User.where({usearch: email}) if len(user): break if not len(user): response = MessagesResponse(warnings=["Username/email {} not found" .format(email)], code=200) return response() else: search = {'filters': filters, usearch: email} response = OrdersResponse(espa.fetch_user_orders(**search)) response.limit = ('orderid',) response.code = 200 return response()
def get(version, prod_id=None): if prod_id is None: body = request.get_json(force=True, silent=True) if body is None or (isinstance(body, dict) and body.get('inputs') is None): message = MessagesResponse(errors=['No input products supplied'], code=400) return message() prod_list = body.get('inputs') if prod_id: prod_list = [prod_id] return espa.available_products(prod_list, auth.username())
def decorated(*args, **kwargs): white_ls = espa.get_stat_whitelist() denied_response = MessagesResponse(errors=['Access Denied'], code=403) remote_addr = user_ip_address() if ((remote_addr in white_ls or request.remote_addr in white_ls) and remote_addr != 'untrackable'): return func(*args, **kwargs) else: logger.warn('*** Not in whitelist ({1}): {0}'.format( remote_addr, white_ls)) return denied_response()
def get(self, version=None): info_dict = user_api_operations if version: if version in info_dict: response = info_dict[version] return_code = 200 else: ver_str = ", ".join(info_dict.keys()) msg = "Invalid api version {0}. Options: {1}".format(version, ver_str) response = MessagesResponse(errors=[msg], code=404) return response() else: response = espa.api_versions() return_code = 200 return response
def get(version, ordernum=None): user = flask.g.user if ordernum is None: body = request.get_json(force=True, silent=True) if body is None or (isinstance(body, dict) and body.get('orderid') is None): message = MessagesResponse(errors=['No orderid supplied'], code=400) return message() else: ordernum = body.get('orderid') orders = espa.fetch_order(ordernum) response = OrderResponse(**orders[0].as_dict()) response.code = 200 if 'order-status' in request.url: response.limit = ('orderid', 'status') else: if not user.is_staff: response.limit = ('orderid','order_date','completion_date', 'status', 'note', 'order_source', 'product_opts') return response()
def unauthorized(): msg = MessagesResponse(errors=['Invalid username/password'], code=401) return msg()
def put(version, ordernum=None): user = flask.g.user remote_addr = user_ip_address() body = request.get_json(force=True) if body is None or (isinstance(body, dict) and body.get('orderid') is None): message = MessagesResponse(errors=['No orderid supplied'], code=400) return message() elif isinstance(body, dict) and body.get('status') != 'cancelled': message = MessagesResponse(errors=['Invalid status supplied'], code=400) return message() else: orderid, status = body.get('orderid'), body.get('status') orders = espa.fetch_order(orderid) if orders[0].user_id != user.id and not user.is_staff(): msg = ('User {} is not allowed to cancel order {}' .format(user.username, orderid)) logger.critical(msg + '\nOrigin: {}'.format(remote_addr)) message = MessagesResponse(errors=[msg], code=403) return message() if orders[0].status != 'ordered': msg = ('Order {} is already in a "{}" state' .format(orderid, orders[0].status)) message = MessagesResponse(errors=[msg], code=400) return message() order = espa.cancel_order(orders[0].id, remote_addr) message = OrderResponse(**order.as_dict()) message.limit = ('orderid', 'status') message.code = 202 return message()
def post(version, ordernum=None): user = flask.g.user message = None order = request.get_json(force=True, silent=True) if order is None: return BadRequestResponse() if order: order = lowercase_all(order) try: order = espa.place_order(order, user) except ValidationException as e: message = MessagesResponse(errors=[e.response], code=400) except InventoryException as e: message = MessagesResponse(errors=[e.response], code=400) except InventoryConnectionException as e: message = MessagesResponse(warnings=['Could not connect to data source'], code=400) except OpenSceneLimitException as e: message = MessagesResponse(errors=[e.response], code=400) else: message = OrderResponse(**order.as_dict()) message.limit = ('orderid', 'status') message.code = 201 return message() else: message = MessagesResponse(errors=['Must supply order JSON'], code=400) return message()