Example #1
0
def api_vnf_init_config(vnf_id):
  if auth_method == 'gatekeeper':
    if not gatekeeper_authentication(request.get_header('X-Auth-Token')):
      abort(401)
  elif auth_method == 'basic':
    user, passwd = parse_auth(request.get_header('Authorization'))
    if not check_credentials(user, passwd):
      abort(401)
  print "\n######## VNF INITIAL CONFIGURATION ########\n"
  print "VNF Validation: "
  if validate_VNF(vnf_id):
    print "Ok"
    print "\nRetrieving VNF Configuration: \n"
    try:
      vnfm_request = loads(request.body.getvalue())
      print vnfm_request
    except:
      print "Fail: Unable to retrieve VNF Configuration"
      print "\n############## END ##############\n"
      abort(400)
    finally:
      print "\nStarting VNF initial configuration workflow\n"
      response = initial_configuration(vnf_id, vnfm_request)
      if not response:
        print "Fail: Unable to configure VNF"
        print "\n############## END ##############\n"
        abort(500)
  else:
    print "Fail: VNF not found"
    print "\n############## END ##############\n"
    abort(404)
Example #2
0
def api_get_vnf_config(vnf_id):
  if auth_method == 'gatekeeper':
    if not gatekeeper_authentication(request.get_header('X-Auth-Token')):
      abort(401)
  elif auth_method == 'basic':
    user, passwd = parse_auth(request.get_header('Authorization'))
    if not check_credentials(user, passwd):
      abort(401)
  print "\n######## RETRIEVE VNF CURRENT CONFIGURATION ########\n"
  print "VNF Validation: "
  if validate_VNF(vnf_id):
    print "Ok"
    print "\nRetrieve Configuration workflow \n"
    conf_obj = get_current_configuration(vnf_id)
    if not conf_obj:
      print "\nThe VNF has not been configured\n"
      print "\n############## END ##############\n"
      abort(404)
    else:
      print "\n############## END ##############\n"
      return conf_obj
  else:
    print "Fail: VNF not found"
    print "\n############## END ##############\n"
    abort(404)
Example #3
0
def api_delete_vnf(vnf_id):
  if auth_method == 'gatekeeper':
    if not gatekeeper_authentication(request.get_header('X-Auth-Token')):
      abort(401)
  if auth_method == 'basic':
    print "basic authentication"
    user, passwd = parse_auth(request.get_header('Authorization'))
    if not check_credentials(user, passwd):
      abort(401)
  print "\n######## DELETE VNF CONFIGURATION API ########\n"
  print "VNF Validation: "
  if validate_VNF(vnf_id):
    print "Ok\n"
    try:
      vnfm_request = loads(request.body.getvalue())
    except:
      vnfm_request = None
    finally:
      print "\nStarting VNF removal workflow\n"
      response = delete_vnf(vnf_id, vnfm_request)
      if not response:
        print "Fail: the VNF could not be removed\n"
        print "\n############## END ##############\n"
        abort(500)
      print "\n############## END ##############\n"
  else:
    print "Fail: VNF not found"
    print "\n############## END ##############\n"
    abort(404)
Example #4
0
    def get_language(self):
        lang = [None]

        if len(request.script_name) > 3:
            tmp_lang = request.script_name[-3:-1]
            if tmp_lang in self.allowed_languages:
              return ([tmp_lang, self.allowed_languages[0]], False)

            # Handle longer languages like zh_TW
            if len(request.script_name) > 6 and request.script_name[-4] == "_":
              tmp_lang = request.script_name[-6:-1]
              if tmp_lang in self.allowed_languages:
                return ([tmp_lang, self.allowed_languages[0]], False)

            lang = [None]

        if not lang[0] and request.get_header('Accept-Language'):
            lang = request.get_header('Accept-Language')
            lang = lang.split(',')
            lang = [x.split(";")[0] for x in lang]
            lang = [x.split("-")[0] for x in lang]
            lang = [x for x in lang if x in self.allowed_languages]

        if len(lang) > 0 and lang[0]:
            lang.append(self.allowed_languages[0])
            res = []
            for l in lang:
                if not l in res:
                    res.append(l)
            return (res, True)
        else:
            return (self.allowed_languages, True)
Example #5
0
def request_reset():
    """
    Password reset form POST endpoint.
    """
    email = request.forms.get('email')
    user = local.model.get_user(username=email)
    if user is None:
        # Redirect back to form page
        return redirect_with_query('/account/reset', {
            'error': "User with email %s not found." % email
        })

    # Generate reset code
    reset_code = local.model.new_user_reset_code(user.user_id)

    # Send code
    hostname = request.get_header('X-Forwarded-Host') or request.get_header('Host')
    user_name = user.first_name or user.user_name
    local.emailer.send_email(
        subject="CodaLab password reset link",
        body=template('password_reset_body', user=user_name, current_site=hostname, code=reset_code),
        recipient=email,
    )

    # Redirect to success page
    return redirect('/account/reset/sent')
Example #6
0
    def get_language(self):
        lang = [None]

        # Remove old no longer used cookie 'lang'
        if request.get_cookie('lang'):
            response.delete_cookie('lang', path="/")

        if len(request.script_name) > 3:
            lang = [request.script_name[-3:-1], self.allowed_languages[0]]
            if lang[0] not in self.allowed_languages:
                lang = [None]
            else:
                return (lang, False)

        if not lang[0] and request.get_cookie('lang'):
            lang = [request.get_cookie('lang')]
            if lang[0] not in self.allowed_languages:
                lang = [None]

        if not lang[0] and request.get_header('Accept-Language'):
            lang = request.get_header('Accept-Language')
            lang = lang.split(',')
            lang = [x.split(";")[0] for x in lang]
            lang = [x.split("-")[0] for x in lang]
            lang = [x for x in lang if x in self.allowed_languages]

        if len(lang) > 0 and lang[0]:
            lang.append(self.allowed_languages[0])
            res = []
            for l in lang:
                if not l in res:
                    res.append(l)
            return (res, True)
        else:
            return (self.allowed_languages, True)
Example #7
0
def fn_error(error):
    try:
        error.content_type = CONTENT_TYPE
        if request.get_header("Origin"):
            error.set_header(
                "Access-Control-Allow-Origin",
                "*"
            )

        if request.get_header("Access-Control-Request-Headers"):
            error.set_header(
                "Access-Control-Allow-Headers",
                request.get_header("Access-Control-Request-Headers")
            )

        if request.get_header("Access-Control-Request-Method"):
            error.set_header(
                "Access-Control-Allow-Methods",
                "GET, POST, PATCH, DELETE, OPTIONS"
            )

        doc = JsonAPIResponse(request.url)
        err = JsonAPIError(code=error.status, title=error.body)
        doc.errors.append(err)
        return json.dumps(dict(doc), sort_keys=True)
    except:
        logging.error("".join(traceback.format_exception(*sys.exc_info())))
Example #8
0
def post_message():
    from_member_id = request.get_header('userToken')
    subject = request.json['subject']
    message_contents = request.json['messageContents']
    messageType = request.json['messageType']
    retObj = {}

    if messageType == 'single':
        to_member_id = request.json['toMemberId']
        message_id = messages.send_message(from_member_id, to_member_id, subject, message_contents)
        retObj = {"messageId": message_id}
    elif messageType == 'broadcast':

        start_time = time.time()

        if request.get_header('DD-Process-Type') == 'simple':
            message_id = messages.send_broadcast_thinDatabase(from_member_id, subject, message_contents)
        else:
            message_id = messages.send_broadcast_thickDatabase(from_member_id, subject, message_contents)

        retObj = {"messageCount": message_id,
                  "executionTime":(time.time() - start_time)}

    response.status = 201
    return retObj
Example #9
0
def format_NCSA_log(request, response, bodylen):
    """
      Apache log format 'NCSA extended/combined log':
      "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
      see http://httpd.apache.org/docs/current/mod/mod_log_config.html#logformat
    """
    
    # Let's collect log values
    val = dict()
    val['host'] = request.remote_addr or request.remote_route[0]
    val['logname'] = '-'
    val['user'] = '******'
    val['time'] = dt.now(tz=Local).strftime("%d/%b/%Y:%H:%M:%S %z")
    val['request'] = "{} {} {}".format(
          request.method,
          request.path,
          request.environ.get('SERVER_PROTOCOL', '')
        )
    val['status'] = response.status_code
    val['size'] = bodylen
    val['referer'] = request.get_header('Referer','')
    val['agent'] = request.get_header('User-agent','')
    
    # see http://docs.python.org/3/library/string.html#format-string-syntax
    FORMAT = '{host} {logname} {user} [{time}] "{request}" '
    FORMAT += '{status} {size} "{referer}" "{agent}"'
    return FORMAT.format(**val)
Example #10
0
def get_members():
    member_id = request.get_header('userToken')
    search_string = request.query['searchString']

    if 'maxDistance' in request.query:
        max_distance = request.query['maxDistance']
    else:
        max_distance = None

    if 'limit' in request.query:
        limit = request.query['limit']
    else:
        limit = None


    start_time = time.time()

    if request.get_header('DD-Process-Type') == 'simple':
        members_list = members.do_search_thinDatabase(member_id, search_string, limit)
    elif request.get_header('DD-Process-Type') == 'spatial':
        members_list = members.do_search_spatial(member_id, search_string, max_distance, limit)
    else:
        members_list = members.do_search_text(member_id, search_string, limit)

    members_return = []

    for member in members_list:
        members_return.append({"memberId": member[0],
                               "name": member[1]})

    return {"items": members_return,
            "executionTime":(time.time() - start_time)}
Example #11
0
 def wrapped(*args, **kwargs):
     print request.get_header('Authorization')
     if (self.is_logged_in_by_beaker()
             or self.is_auth_by_header()):
         return func(*args, **kwargs)
     else:
         response.status = 401
         response.set_header('www-authenticate', 'Basic realm="Henry"')
Example #12
0
def send_verification_key(username, email, key):
    # Send verification key to given email address
    hostname = request.get_header('X-Forwarded-Host') or request.get_header('Host')
    local.emailer.send_email(
        subject="Verify your new CodaLab account",
        body=template('email_verification_body', user=username, current_site=hostname, key=key),
        recipient=email,
    )
Example #13
0
    def outer(*args, **kwargs):
        response.content_type = CONTENT_TYPE
        if request.get_header("Origin"):
            response.set_header(
                "Access-Control-Allow-Origin",
                "*"
            )

        if request.get_header("Access-Control-Request-Headers"):
            response.set_header(
                "Access-Control-Allow-Headers",
                request.get_header("Access-Control-Request-Headers")
            )

        if request.get_header("Access-Control-Request-Method"):
            response.set_header(
                "Access-Control-Allow-Methods",
                "GET, POST, PATCH, DELETE, OPTIONS"
            )

        try:
            return fn(*args, **kwargs)

        except ValueError:
            logging.error("".join(traceback.format_exception(*sys.exc_info())))
            abort(400, "Could not parse request. Be sure to use valid JSON.")

        except IntegrityError as e:
            if str(e).startswith("NOT NULL constraint"):
                field = e.message.split(": ")[1]
                if field.endswith("_id"):
                    field = field[:-3]

                abort(400, field + " cannot be null")

            if "UNIQUE constraint" in str(e):
                abort(409, "This id is already taken.")

            abort(400, e)

        except AssertionError as e:
            abort(400, e)

        except JsonAPIException as e:
            abort(e.status, e)

        except Exception as e:
            if e.__class__.__name__.endswith("DoesNotExist"):
                abort(404, "The requested resource does not exist.")

            if str(e).startswith("Instance matching query"):
                abort(400, "Trying to set relationship with invalid resource.")

            # log this unknown error
            logging.error("".join(traceback.format_exception(*sys.exc_info())))

            abort(500, e)
Example #14
0
 def _get_session_from_header(self):
     request_id = request.environ.get('REQUEST_ID', None)
     self.log.debug('{0} trying to get session from header'.format(request_id))
     result = {}
     _id = request.get_header('X-SID', False)
     token = request.get_header('X-TOKEN', False)
     if _id and token:
         result['_id'] = _id
         result['token'] = token
         self.log.debug('{0} success trying to get session from header'.format(request_id))
         return result
     self.log.debug('{0} failed trying to get session from header'.format(request_id))
Example #15
0
def service_desc():
    ''' route for DIAL service discovery '''
    response.set_header('Access-Control-Allow-Method',
                        'GET, POST, DELETE, OPTIONS')
    response.set_header('Access-Control-Expose-Headers', 'Location')
    response.set_header('Application-URL',
                        'http://{}/apps'.format(request.get_header('host')))
    response.set_header('Content-Type', 'application/xml')
    return build_template(__device__).render(
        friendlyName=Kodicast.friendlyName,
        uuid=Kodicast.uuid,
        path="http://%s" % request.get_header('host'))
Example #16
0
def post_message():
    count = dao.incr_count()
    body = request.json

    messages = {
        'sender': request.get_header('uniqys-sender'),
        'timestamp': request.get_header('uniqys-timestamp'),
        'blockhash': request.get_header('uniqys-blockhash'),
        'contents': body['message']
    }

    dao.set_message(count, messages)
Example #17
0
def sapi(path):
    path = path.split("/")
    path = list(filter(None, path))
    headers = request.headers
    if request.get_header(
            "Content-Type"
    ) is not None and "application/json" in request.get_header("Content-Type"):
        keys = request.json
    else:
        keys = FormsDict.decode(request.params)
    auth = request.auth
    return compliant_api.handle(path, keys, headers, auth)
Example #18
0
def send_verification_key(username, email, key):
    # Send verification key to given email address
    hostname = request.get_header('X-Forwarded-Host') or request.get_header(
        'Host')
    local.emailer.send_email(
        subject="Verify your CodaLab account",
        body=template('email_verification_body',
                      user=username,
                      current_site=hostname,
                      key=key),
        recipient=email,
    )
Example #19
0
def _process_result(the_obj):
    response.set_header('Accept', '*')
    response.set_header(name="Access-Control-Allow-Origin", value=request.get_header("Origin","*"))
    if request.get_header("Origin",""):
        response.set_header(name="Access-Control-Allow-Credentials", value="true")
    response.set_header('Access-Control-Allow-Headers', 'Content-Type, Accept')
    response.set_header('Access-Control-Allow-Methods', '*')
    response.content_type = 'application/json'
    result = util.json_dumps(the_obj)

    cfg.logger.warning('result: %s', result)

    return result
Example #20
0
def authUser(usr,pw):
    if appconfig.config['api_users']['username'] == usr and appconfig.config['api_users']['password']  == pw :
        if request.get_header("x-api-key",None) != None:
             apikey =  request.get_header("x-api-key",None)
             query = ("Select * From staff ")

             cursor = conn.cursor(buffered = True)
             try:
                 cursor.execute(query)
                 return True
             except mysql.connector.Error as error:
                 print("failed executing query",error)
    return False
Example #21
0
    def outer(*args, **kwargs):
        response.content_type = CONTENT_TYPE
        if request.get_header("Origin"):
            response.set_header("Access-Control-Allow-Origin", "*")

        if request.get_header("Access-Control-Request-Headers"):
            response.set_header(
                "Access-Control-Allow-Headers",
                request.get_header("Access-Control-Request-Headers"))

        if request.get_header("Access-Control-Request-Method"):
            response.set_header("Access-Control-Allow-Methods",
                                "GET, POST, PATCH, DELETE, OPTIONS")

        try:
            return fn(*args, **kwargs)

        except ValueError:
            logging.error("".join(traceback.format_exception(*sys.exc_info())))
            abort(400, "Could not parse request. Be sure to use valid JSON.")

        except IntegrityError as e:
            if str(e).startswith("NOT NULL constraint"):
                field = e.message.split(": ")[1]
                if field.endswith("_id"):
                    field = field[:-3]

                abort(400, field + " cannot be null")

            if "UNIQUE constraint" in str(e):
                abort(409, "This id is already taken.")

            abort(400, e)

        except AssertionError as e:
            abort(400, e)

        except JsonAPIException as e:
            abort(e.status, e)

        except Exception as e:
            if e.__class__.__name__.endswith("DoesNotExist"):
                abort(404, "The requested resource does not exist.")

            if str(e).startswith("Instance matching query"):
                abort(400, "Trying to set relationship with invalid resource.")

            # log this unknown error
            logging.error("".join(traceback.format_exception(*sys.exc_info())))

            abort(500, e)
Example #22
0
def post_members():
    email = request.json['email']
    name = request.json['name']
    password = request.json['password']
    dinosaur_id = request.json['dinosaurId']
    location_id = request.json['locationId']
    about_yourself = request.json['aboutYourself']
    trilobitcoin_number = request.json['trilobitcoinNumber']
    amount = request.json['amount']

    response.content_type = 'application/json'

    start_time = time.time()

    try:
        if name is None or password is None:
            member_id = None
        elif request.get_header('DD-Process-Type') == 'simple':
            member = members.process_registration_thinDatabase(email, name, password, dinosaur_id, location_id,
                                                         about_yourself, trilobitcoin_number, amount)
        elif request.get_header('DD-Process-Type') == 'plsql':
            member = members.process_registration_thickDatabase(email, name, password, dinosaur_id, location_id,
                                                        about_yourself, trilobitcoin_number, amount)
        else:
            member = members.process_registration_aq(email, name, password, dinosaur_id, location_id,
                                                     about_yourself, trilobitcoin_number, amount)
    except cx_Oracle.DatabaseError as exc:
        error, = exc.args
        if error.code == 1:
            response.status = 409
            return {"error": "name must be unique"}
        else:
            response.status = 500
            return {"error": error.message}

    response.status = 201
    return {
        'member': {"id": member[0],
                   "name": member[1],
                   "locationName": member[2],
                   "city": member[3],
                   "state": member[4],
                   "postalCode": member[5],
                   "country": member[6],
                   "speciesName": member[7],
                   "aboutYourself": str(member[8]),
                   "email": member[9]
                   },
        'token': 'afdja;dgag',
        'executionTime':(time.time() - start_time)
    }
Example #23
0
def index():
    req = prepare_bottle_request(request)
    auth = init_saml_auth(req)
    errors = []
    not_auth_warn = False
    success_slo = False
    attributes = False
    paint_logout = False

    session = request.environ['beaker.session']

    if 'sso' in request.query:
        return_to = '{0}://{1}/'.format(request.urlparts.scheme,
                                        request.get_header('host'))
        return redirect(auth.login(return_to))
    elif 'sso2' in request.query:
        return_to = '{0}://{1}/attrs/'.format(request.urlparts.scheme,
                                              request.get_header('host'))
        return redirect(auth.login(return_to))
    elif 'slo' in request.query:
        name_id = None
        session_index = None
        if 'samlNameId' in session:
            name_id = session['samlNameId']
        if 'samlSessionIndex' in session:
            session_index = session['samlSessionIndex']

        return redirect(
            auth.logout(name_id=name_id, session_index=session_index))
    elif 'sls' in request.query:
        dscb = lambda: session.clear()
        url = auth.process_slo(delete_session_cb=dscb)
        errors = auth.get_errors()
        if len(errors) == 0:
            if url is not None:
                return redirect(url)
            else:
                success_slo = True

    if 'samlUserdata' in session:
        paint_logout = True
        if len(session['samlUserdata']) > 0:
            attributes = session['samlUserdata'].items()

    return {
        'errors': errors,
        'not_auth_warn': not_auth_warn,
        'success_slo': success_slo,
        'attributes': attributes,
        'paint_logout': paint_logout
    }
Example #24
0
      def wrapper(*a, **ka):

        if required or terrariumUtils.is_true(self.__terrariumEngine.config.get_system()['always_authenticate']):
          user, password = request.auth or (None, None)
          ip = request.remote_addr if request.get_header('X-Real-Ip') is None else request.get_header('X-Real-Ip')
          if user is None or not check(user, password):
            err = HTTPError(401, text)
            err.add_header('WWW-Authenticate', 'Basic realm="%s"' % realm)
            if user is not None or password is not None:
              self.__terrariumEngine.notification.message('authentication_warning',{'ip' : ip, 'username' : user, 'password' : password},[])
              logger.warning('Incorrect login detected using username \'{}\' and password \'{}\' from ip {}'.format(user,password,ip))
            return err

        return func(*a, **ka)
Example #25
0
            def wrapped(*args, **kwargs):
                print request.get_header('Authorization')
                if (self.is_logged_in_by_beaker()
                        or self.is_auth_by_header()):
                    user = get_user(request)['username']
                    db_user = get_user_info(self.db.session, user)
                    if db_user.level >= level:
		        return func(*args, **kwargs)
                    else:
			response.status = 401
			response.set_header('www-authenticate', 'Basic realm="Henry"')
                else:
                    response.status = 401
                    response.set_header('www-authenticate', 'Basic realm="Henry"')
Example #26
0
 def wrapper(*args, **kwargs):
     print "Request:" + str(request.get_header("X-Auth-Token"))
     print role
     token = request.get_header("X-Auth-Token")
     if not token:
         raise HTTPError(401)
     token = str(request.get_header("X-Auth-Token"))
     user = getUserFromToken(token)
     if not user:
         raise HTTPError(401)
     if role:
         if not user.hasRole(role):
             raise HTTPError(403)
     return f(*args, **kwargs)
Example #27
0
def report_put():
    '''
    HTTP PUT to upload a data file
    '''
    contentType = request.get_header('Content-Type')
    if contentType == None:
        abort(500, 'missing Content-Type')
    dataTypes = contentType.split(';')
    recordId = request.get_header('record-id')
    reporter = Reporter()
    result = reporter.report_put(dataTypes, recordId, request.body)
    if 'error' in result:
        abort(500, result['error'])
    else:
        return result
Example #28
0
def report_put():
    '''
    HTTP PUT to upload a data file
    '''    
    contentType=request.get_header('Content-Type')
    if contentType==None:
        abort(500,'missing Content-Type')
    dataTypes = contentType.split(';')
    recordId=request.get_header('record-id') 
    reporter=Reporter()       
    result=reporter.report_put(dataTypes,recordId,request.body)
    if 'error' in result:
        abort(500,result['error'])
    else:
        return result
Example #29
0
def post_broadcast():
    from_member_id = request.get_header('userToken')
    subject = request.json['subject']
    message_contents = request.json['messageContents']

    start_time = time.time()

    if request.get_header('DD-Process-Type') == 'simple':
        message_id = messages.send_broadcast_thinDatabase(from_member_id, subject, message_contents)
    else:
        message_id = messages.send_broadcast_thickDatabase(from_member_id, subject, message_contents)

    response.status = 201
    return {"messageCount": message_id,
            "executionTime":(time.time() - start_time)}
Example #30
0
def index():
    req = prepare_bottle_request(request)
    auth = init_saml_auth(req)
    errors = []
    not_auth_warn = False
    success_slo = False
    attributes = False
    paint_logout = False

    session = request.environ['beaker.session']

    if 'sso' in request.query:
        return_to = '{0}://{1}/'.format(request.urlparts.scheme, request.get_header('host'))
        return redirect(auth.login(return_to))
    elif 'sso2' in request.query:
        return_to = '{0}://{1}/attrs/'.format(request.urlparts.scheme, request.get_header('host'))
        return redirect(auth.login(return_to))
    elif 'slo' in request.query:
        name_id = None
        session_index = None
        if 'samlNameId' in session:
            name_id = session['samlNameId']
        if 'samlSessionIndex' in session:
            session_index = session['samlSessionIndex']

        return redirect(auth.logout(name_id=name_id, session_index=session_index))
    elif 'sls' in request.query:
        dscb = lambda: session.clear()
        url = auth.process_slo(delete_session_cb=dscb)
        errors = auth.get_errors()
        if len(errors) == 0:
            if url is not None:
                return redirect(url)
            else:
                success_slo = True

    if 'samlUserdata' in session:
        paint_logout = True
        if len(session['samlUserdata']) > 0:
            attributes = session['samlUserdata'].items()

    return {
        'errors':errors,
        'not_auth_warn':not_auth_warn,
        'success_slo':success_slo,
        'attributes':attributes,
        'paint_logout':paint_logout
    }
Example #31
0
def get_recipes():
    response.content_type = 'application/json'
    search_criteria = request.get_header('filter')
    if search_criteria is None:
        return dumps([p.__dict__ for p in db_utils.get_all_recipes()])
    else:
        return dumps([p.__dict__ for p in db_utils.find_recipes(loads(search_criteria))])
Example #32
0
def filter():
    time = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
    if request.json == None:
        print('hackey外からのアクセスが確認されました')
        descp = request.query.get('descp')
        event = request.query.get('event')
        device_id = confs.entries[descp].hackey_id

    else:
        print('hackeyからのアクセスが確認されました')
        content_type = request.get_header('Content-Type')
        if content_type != 'application/json':  # JSON 以外なら処理終了
            print('不正な Content_Type です:' + content_type)
            return False
        device_id = request.json['hackey']['device_id']
        descp = confs.hackeys[device_id].description
        event = request.json['hackey']['event']

    try:
        if event == 'turn_on':
            event_mes = 'ネットワーク遮断'
            result = confs.entries[descp].turn_on()
        else:
            event_mes = 'ネットワーク開放'
            result = confs.entries[descp].turn_off()
    except Exception:
        result = False

    if result:
        mes = '成功'
    else:
        mes = '失敗'

    make_mail_content(descp, event_mes, mes, time, device_id)
    return str(confs.entries[descp].update_stat())
Example #33
0
def call_api(func, args=""):
    add_header(response)

    s = request.environ.get('beaker.session')
    auth = parse_auth(request.get_header('Authorization', ''))
    # TODO: session as GET
    if 'session' in request.POST:
        # removes "' so it works on json strings
        s = s.get_by_id(remove_chars(request.POST['session'], "'\""))
    elif auth:
        user = PYLOAD.checkAuth(auth[0], auth[1], request.environ.get('REMOTE_ADDR', None))
        # if auth is correct create a pseudo session
        if user: s = {'uid': user.uid}

    api = get_user_api(s)
    if not api:
        return HTTPError(403, dumps("Forbidden"))

    if not PYLOAD.isAuthorized(func, api.user):
        return HTTPError(401, dumps("Unauthorized"))

    args = args.split("/")[1:]
    kwargs = {}

    for x, y in chain(request.GET.iteritems(), request.POST.iteritems()):
        if x == "session": continue
        kwargs[x] = unquote(y)

    try:
        return callApi(api, func, *args, **kwargs)
    except ExceptionObject, e:
        return HTTPError(400, dumps(e))
Example #34
0
def login():
    add_json_header(response)

    username = request.params.get("username")
    password = request.params.get("password")

    user = PYLOAD.checkAuth(username, password, request.environ.get('REMOTE_ADDR', None))

    if not user:
        return json_response(False)

    s = set_session(request, user)

    # get the session id by dirty way, documentations seems wrong
    try:
        sid = s._headers["cookie_out"].split("=")[1].split(";")[0]
    # reuse old session id
    except:
        sid = request.get_header(session.options['key'])

    result = BaseEncoder().default(user)
    result["session"] = sid

    # Return full user information if needed
    if request.params.get('user', None):
        return dumps(result)

    return json_response(sid)
Example #35
0
def serve_static(path):
    # save if this resource is available as gz
    if path not in GZIPPED:
        GZIPPED[path] = exists(join(APP_ROOT, path + ".gz"))

    # gzipped and clients accepts it
    # TODO: index.html is not gzipped, because of template processing
    gzipped = False
    if GZIPPED[path] and "gzip" in request.get_header("Accept-Encoding", "") and path != "index.html":
        gzipped = True
        path += ".gz"

    resp = static_file(path, root=APP_ROOT)

    # Also serve from .tmp folder in dev mode
    if resp.status_code == 404 and APP_PATH == "app":
        resp = static_file(path, root=join(PROJECT_DIR, '.tmp'))

    if path.endswith(".html") or path.endswith(".html.gz"):
        # tell the browser all html files must be revalidated
        resp.headers["Cache-Control"] = "must-revalidate"
    elif resp.status_code == 200:
        # expires after 7 days
        resp.headers['Expires'] = time.strftime("%a, %d %b %Y %H:%M:%S GMT",
                                                time.gmtime(time.time() + 60 * 60 * 24 * 7))
        resp.headers['Cache-control'] = "public"

    if gzipped:
        resp.headers['Vary'] = 'Accept-Encoding'
        resp.headers['Content-Encoding'] = 'gzip'

    return resp
Example #36
0
def create_route():
    global seq_num
    ct = request.get_header('content-type')
    if ct != 'application/json':
        return abort(response, 400, [
            "request content-type unacceptable:  body must be "
            "'application/json' (was '{0}')".format(ct)
        ])
    msg = request.json
    clientRequest = {
        'urlparts': {
            "netloc": request.urlparts.netloc,
            "scheme": request.urlparts.scheme
        }
    }

    seq_num += 1
    v_global = seq_num.value
    print "Printing Seq Number"
    print v_global

    msg.update({'METHOD': 'POST'})
    msg.update({'ROUTE': 'users'})
    msg.update({'clientRequest': clientRequest})
    msg.update({'opnum': v_global})
    json_body_A = json.dumps(msg)
    print json_body_A
    msg_a.set_body(json_body_A)
    result = send_msg_ob.send_msg(msg_a, msg_a)
    response.status = result['response']
    return result['result']
Example #37
0
def test():
    #print request.headers
    msg = '{"abc89": 191}'
    token = msgMgr.send(msg)
    adid = request.get_header("adid", None)
    print adid
    return token
Example #38
0
    def check(**kwargs):

        cookie = request.get_cookie('XSRF-TOKEN')
        if cookie == None:
            abort(401, "Authentication error")

        header = request.get_header('X-XSRF-TOKEN', None)
        if header == None:
            abort(401, "Authentication error")

        header = header[1:-1]  # seems like the header is between quotes
        if header != cookie:
            print "HEADER %s CO %s" % (header, cookie)
            # CSRF protection
            abort(401, "Authentication error")

        token_data = token_dict.get(cookie, None)
        if token_data == None:
            abort(401, "Authentication error")

        # if token is older than four hours, invalidate it
        if token_data["creation_date"] - datetime.datetime.now(
        ) > datetime.timedelta(0, 4 * 60 * 60):
            response.status = 401
            del token_dict[cookie]
            return

        return fn(**kwargs)
Example #39
0
def webhooks_callback():

    # Get the JSON body and HMAC-SHA1 signature of the POST request
    callback_body = request.body.getvalue()
    callback_signature = request.get_header('X-Square-Signature', default='')

    # Validate the signature
    if not is_valid_callback(callback_body, callback_signature):

        # Fail if the signature is invalid
        print 'Webhook event with invalid signature detected!'
        return

    # Load the JSON body into a Python dict
    callback_body_dict = json.loads(callback_body)

    # If the notification indicates a PAYMENT_UPDATED event...
    if 'event_type' in callback_body_dict and callback_body_dict[
            'event_type'] == 'PAYMENT_UPDATED':

        # Get the ID of the updated payment
        payment_id = callback_body_dict['entity_id']

        # Send a request to the Retrieve Payment endpoint to get the updated payment's full details
        connection = httplib.HTTPSConnection('connect.squareup.com')
        connection.request('GET', '/v1/me/payments/' + payment_id, '',
                           request_headers)
        connect_response_body = json.loads(connection.getresponse().read())

        # Perform an action based on the returned payment (in this case, simply print the payment)
        print connect_response_body

    # The HMAC-SHA1 signature was valid, but the request wasn't for a PAYMENT_UPDATED event.
    else:
        print 'Unknown webhook event type detected!'
Example #40
0
def send_help_message():
    message = request.json['message']

    if 'server' in local.config and 'support_email' not in local.config[
            'server']:
        print('Warning: No support_email configured, so no email sent.',
              file=sys.stderr)
        print('User\'s message: %s' % message, file=sys.stderr)
        return

    support_email = local.config['server']['support_email']
    username = request.user.user_name
    user_email = request.user.email
    originUrl = request.get_header('Referer')

    first_name = request.user.first_name if request.user.first_name else ''
    last_name = request.user.last_name if request.user.last_name else ''
    real_name = "%s %s" % (first_name, last_name)
    message = message.encode('utf-8')

    local.emailer.send_email(
        subject="Message from %s" % user_email,
        body=template(
            'help_message_to_codalab_body',
            real_name=real_name,
            username=username,
            email=user_email,
            message=message,
            originUrl=originUrl,
        ),
        recipient=support_email,
        sender=user_email,
        charset='utf-8',
    )
Example #41
0
def get_hits():
    print(request)
    count = 50
    auth = request.get_header('Authorization')
    if not authenticate(auth):
        return
    # update data
    try:
        status = str(request.query.status)
    except ValueError:
        status = HIT_STATUS_REVIEW
    try:
        cutoff = int(request.query.cutoff)
    except ValueError:
        cutoff = hitmanager.HitDBManager.MAX_HIT_ID
    if (request.query.count):
        count = int(request.query.count)

    print('client requested %i hits with %s status, from %i' %
          (count, status, cutoff))
    hits = get_manager().all_hits(status, cutoff)
    total_hits = len(hits)
    print('hitmanager returned %i hits' % total_hits)
    hits = sorted(hits, key=lambda k: k['id'], reverse=True)
    hits = hits[:count]
    print("returned %i hits" % len(hits))
    return {'hits': hits, 'total_count': total_hits}
Example #42
0
def events():
    log = get_logger()

    if not compare_event_signature():
        log.warning('Recevied an event with a bad signature')
        response.status = '403 Unauthorized'
        return {"error": "Bad event signature"}

    event = request.get_header('X-GitHub-Event')
    json = request.json
    repository = json['repository']['full_name']

    log.debug('Received an event %s', event)
    if repository != REPO:
        response.status = '403 Unauthorized'
        return {"error": "Unhandled repo %s" % repository}

    if event == 'ping':
        log.info('Success: got a ping from github!')
        return {'response': 'pong'}
    elif event == 'push':
        p = Process(target=handle_push, args=(json, ))
        p.daemon = True
        p.start()
        return {'status': 'Started handling push'}

    response.status = '500 Internal Error'
    return {"error": "Unhandled event %s" % event}
Example #43
0
        def doc_csv(k, doc_id, threshold=0.2):
            etag = _generate_etag(self.v[k])

            if request.get_header('If-None-Match', '') == etag:
                response.status = 304
                return "Not Modified"

            if k not in self.topic_range:
                response.status = 400  # Not Found
                return "No model for k = {}".format(k)

            response.set_header('Etag', etag)
            response.content_type = 'text/csv; charset=UTF8'

            try:
                data = self.v[k].dist_doc_doc(doc_id)
            except KeyError:
                data = self.v[k].dist_doc_doc(doc_id.decode('utf-8'))

            if sys.version_info[0] == 3:
                output = StringIO()
            else:
                output = BytesIO()

            writer = csv.writer(output)
            writer.writerow(['doc', 'prob'])
            writer.writerows([(d, "%6f" % p) for d, p in data
                              if p > threshold])

            return output.getvalue()
Example #44
0
        def doc_topic_csv(k, doc_id):

            etag = _generate_etag(self.v[k])

            # Check for an "If-None-Match" tag in the header
            if request.get_header('If-None-Match', '') == etag:
                response.status = 304
                return "Not Modified"

            response.set_header("Etag", etag)
            #response.set_header('Cache-Control', 'max-age=120')

            if k not in self.topic_range:
                response.status = 400  # Not Found
                return "No model for k = {}".format(k)

            response.content_type = 'text/csv; charset=UTF8'

            try:
                data = self.v[k].doc_topics(doc_id)
            except KeyErrror:
                data = self.v[k].doc_topics(doc_id.decode('utf-8'))

            if sys.version_info[0] == 3:
                output = StringIO()
            else:
                output = BytesIO()

            writer = csv.writer(output)
            writer.writerow(['topic', 'prob'])
            writer.writerows([(t, "%6f" % p) for t, p in data])

            return output.getvalue()
Example #45
0
def login():
    add_header(response)

    username = request.params.get("username")
    password = request.params.get("password")

    user = PYLOAD.checkAuth(username, password,
                            request.environ.get('REMOTE_ADDR', None))

    if not user:
        return dumps(False)

    s = set_session(request, user)

    # get the session id by dirty way, documentations seems wrong
    try:
        sid = s._headers["cookie_out"].split("=")[1].split(";")[0]
    # reuse old session id
    except:
        sid = request.get_header(session.options['key'])

    result = BaseEncoder().default(user)
    result["session"] = sid

    # Return full user information if needed
    if request.params.get('user', None):
        return dumps(result)

    return dumps(sid)
Example #46
0
def getRooms():
    pg = request.params[support.FieldDict['PAGE']]
    sortOrder = request.params[support.FieldDict['SORTORDER']]
    sortOn = request.params[support.FieldDict['SORTON']]
    sortData = None
    if support.FieldDict['SORTDATA'] in request.params:
        sortData = request.params[support.FieldDict['SORTDATA']]
    reqObj = {
        support.FieldDict['PAGE']: int(pg),
        support.FieldDict['SORTORDER']: int(sortOrder),
        support.FieldDict['SORTON']: int(sortOn)
    }
    if sortData is not None:
        reqObj[support.FieldDict['SORTDATA']] = sortData
    adid = request.get_header(support.FieldHeaderDict['ADID'], None)
    if adid is None:
        return None
    #userId = request.get_header(support.FieldDict['MODELID'], None)
    #if userId is None:
    #	return None
    data = JSONEncoder().encode(reqObj)
    print data
    msg = JSONEncoder().encode({
        support.FieldDict['APIMETHOD']:
        support.ApiMethods1.Api_ListRoom.value - 1,
        support.FieldDict['ADID']:
        adid,
        support.FieldDict['DATA']:
        data
    })

    token = msgMgr.send(msg)
    print token
    return token
Example #47
0
def verify_auth():
    token = request.get_header('X-Auth-Token') or request.get_cookie('session_id')
    session_user = sessions.verify_session(token)
    if session_user:
        access = users.get_access_level(session_user)
        return (session_user, access)
    return False
Example #48
0
def serve_static(filename):
    # save if this resource is available as gz
    if filename not in GZIPPED:
        GZIPPED[filename] = os.path.isfile(
            os.path.join(APPDIR, filename + ".gz"))

    # gzipped and clients accepts it
    # TODO: index.html is not gzipped, because of template processing
    gzipped = False
    if GZIPPED[filename] and "gzip" in request.get_header(
            "Accept-Encoding", "") and filename != "index.html":
        gzipped = True
        filename += ".gz"

    resp = static_file(filename, root=APPDIR)

    if filename.endswith(".html") or filename.endswith(".html.gz"):
        # tell the browser all html files must be revalidated
        resp.headers['Cache-Control'] = "must-revalidate"
    elif resp.status_code == 200:
        # expires after 7 days
        resp.headers['Expires'] = time.strftime(
            "%a, %d %b %Y %H:%M:%S GMT",
            time.gmtime(time.time() + 60 * 60 * 24 * 7))
        resp.headers['Cache-control'] = "public"

    if gzipped:
        resp.headers['Vary'] = 'Accept-Encoding'
        resp.headers['Content-Encoding'] = 'gzip'

    return resp
Example #49
0
def userprofile():
    #print len(base64.b64decode(request.forms.get("file")))
    '''
	#print request.forms.keys()
	data = JSONEncoder().encode(request.forms.items()[0])
	print data
	#print request.forms.items()[0]
	return ""
	print str(request.content_length)
	#print len(request.files.get("file"))
	file1 = request.files.get("file")
	print file1.filename
	adid = request.get_header("adid", None)
	print adid
	return ""
	data = request.forms.items()[0]
	print request.forms.items()[0]
	'''
    print request.forms.items()[0]
    data = request.forms.items()[0]

    adid = request.get_header(support.FieldHeaderDict['ADID'], None)
    if adid is None:
        return None
    msg = JSONEncoder().encode({
        support.FieldDict['APIMETHOD']:
        support.ApiMethods1.Api_UserProfile.value - 1,
        support.FieldDict['ADID']:
        adid,
        support.FieldDict['DATA']:
        data
    })
    print msg
    token = msgMgr.send(msg)
    return token
Example #50
0
def uploadBase64():
    user = get_jwt_payload()
    data = json.load(request.body)

    log_id = str(
        mdb.add_log({
            "userId": user['_id'],
            "action": "inpaint",
            "usage  ": sys.getsizeof(data)
        }).inserted_id)

    image_path = 'original/' + log_id + '.jpg'
    mask_path = 'mask/' + log_id + '_mask.jpg'
    save_base64(data['image'].split(',')[1], image_path)
    save_base64(data['mask'].split(',')[1], mask_path)

    img = cv2.imread(image_path)
    mask = cv2.imread(mask_path, 0)
    dst = cv2.inpaint(img, mask, 3, cv2.INPAINT_TELEA)

    cv2.imwrite('result/' + log_id + '.jpg', dst)

    host = request.get_header('host')

    return {'url': ('http://{}/result/{}.jpg').format(host, log_id)}
Example #51
0
def removeroom():
    data = request.forms.items()[0]
    print data
    adid = request.get_header(support.FieldHeaderDict['ADID'], None)
    if adid is None:
        return None
    msg = JSONEncoder().encode({
        support.FieldDict['APIMETHOD']:
        support.ApiMethods1.Api_RemoveRoom.value - 1,
        support.FieldDict['ADID']:
        adid,
        support.FieldDict['DATA']:
        data
    })
    #msg = '{"apiMethod": ApiMethods1.Api_OpenRoom1.value - 1, "adid":%s, "data": %s}' % (adid, data)
    token = msgMgr.send(msg)
    t1 = json.loads(token)
    t2 = t1[support.FieldResponseDict['RESULT']]
    if t2 != support.FieldResponseValuesDict['OK']:
        return token
    svfile = os.path.join(
        "/cygdrive/c/projects/revideo/software/server/frontend/data/rooms",
        adid)
    shutil.rmtree(svfile, ignore_errors=True)
    '''
    t1 = json.loads(token)
    t2 = t1[support.FieldResponseDict['MESSAGE']]
    t3 = json.loads(t2)
    t4 = t3['images']
    for f in t4:
    	os.remove(f)
    t1[support.FieldResponseDict['MESSAGE']] = support.FieldResponseDict['OK']
    '''
    return token
Example #52
0
def pinArticle():
    '''
    /pin?subscriberId=1&articleId=2&status=0 
    '''
    subscriberId = request.query.subscriberId
    articleId = request.query.articleId
    status = request.query.status
    
    'parse request header info'
    header = ""
    headerFields = request.headers.keys()
    for field in headerFields:
        header += str(field) + " | " + str(request.get_header(field)) + " || "
    debug(header)
    
    extraInfo = header  
      
    '1) update pin status'
    category = Subscriber_ArticleEventCategory.pinned
    recordSubscriberArticle(phDbInfo, subscriberId, articleId, extraInfo, 
                            category, status)

    '2) display articleMore page'
    output = getArticleMorePage(phDbInfo, subscriberId, articleId)
    
    return output
Example #53
0
def creditsadd():

    if request.method is 'POST':
        data = request.forms.items()[0]

    adid = request.get_header(support.FieldHeaderDict['ADID'], None)
    if adid is None:
        return None
    if request.method is 'POST':
        msg = JSONEncoder().encode({
            support.FieldDict['APIMETHOD']:
            support.ApiMethods1.Api_Credits.value - 1,
            support.FieldDict['ADID']:
            adid,
            support.FieldDict['DATA']:
            data
        })
    else:
        msg = JSONEncoder().encode({
            support.FieldDict['APIMETHOD']:
            support.ApiMethods1.Api_Credits.value - 1,
            support.FieldDict['ADID']:
            adid
        })
    print msg
    token = msgMgr.send(msg)
    print token
    return token
Example #54
0
def setup():
    # app.yaml should already have ensured that the user is logged in as admin.
    if not users.is_current_user_admin():
        abort(401, "Sorry, only administrators can access this page.")

    is_dev = os.environ.get('SERVER_SOFTWARE', '').startswith('Development')
    setup_scheme = 'http' if is_dev else 'https'
    setup_url = '%s://%s/setup' % (setup_scheme,
                                   app_identity.get_default_version_hostname())
    if request.url != setup_url:
        redirect(setup_url)

    result = ""
    settings = GcmSettings.singleton()
    if (request.forms.sender_id and request.forms.api_key and
            request.forms.endpoint):
        # Basic CSRF protection (will block some valid requests, like
        # https://1-dot-johnme-gcm.appspot.com/setup but ohwell).
        if request.get_header('Referer') != setup_url:
            abort(403, "Invalid Referer.")
        settings.endpoint = request.forms.endpoint
        settings.sender_id = request.forms.sender_id
        settings.api_key = request.forms.api_key
        settings.put()
        result = 'Updated successfully'
    return template('setup', result=result,
                             endpoint=settings.endpoint,
                             sender_id=settings.sender_id,
                             api_key=settings.api_key)
Example #55
0
 def set_header(*args, **kwargs):
     host = request.get_header('Origin')
     if host and 'cogs.indiana.edu' in host:
         response.headers['Access-Control-Allow-Origin'] = host
     elif host and 'codepen.io' in host:
         response.headers['Access-Control-Allow-Origin'] = host
     return f(*args, **kwargs)
Example #56
0
def recordSubscriberArticleAndRedirect():
    '''
    /redirect?subscriberId=1&articleId=2&redirectUrl=http://www.google.com
    '''
    subscriberId = request.query.subscriberId
    articleId = request.query.articleId
    redirectUrl = request.query.redirectUrl
    
    'parse request header info'
    header = ""
    headerFields = request.headers.keys()
    for field in headerFields:
        header += str(field) + " | " + str(request.get_header(field)) + " || "
    debug(header)

    extraInfo = header
    extraInfo += 'redirectUrl' + " | " + redirectUrl + " || "
    
    'record event'
    category = Subscriber_ArticleEventCategory.extlinkClicked
    status = dbBoolean.yes
    recordSubscriberArticle(phDbInfo, subscriberId, articleId, 
                                    extraInfo, category, status)
        
    'redirect'
    redirect(redirectUrl)