Example #1
0
File: bpm.py Project: laserson/bpm 
def dump():
    if not authorized(request.query.key):
        raise HTTPError(status=403)
    response.content_type = 'application/json'
    return json.dumps(data)
Example #2
0
def login(email, password):
    id = u.login(email, password)
    if id:
        return JwtPlugin.encode({'id': id})
    else:
        raise HTTPError(401)
Example #3
0
 def assert_user_exists(self, user):
     if not self.has_user(user):
         raise HTTPError(404, 'No Such User')
Example #4
0
def post_tasks():
    data = request.json

    if data is None:
        logger.error("No JSON content in task response request!")
        raise HTTPError(400)

    try:
        jsonschema.validate(data, task_response_schema)
    except jsonschema.ValidationError as e:
        logger.error("Invalid JSON in task reponse: {0}".format(e))
        raise HTTPError(400)

    protocol = int(data['protocol'])
    task_id = str(data['task_id'])

    # Only protocol 1 supported for now
    if protocol != 1:
        logger.error("Invalid protocol in task response: {0}".format(protocol))
        raise HTTPError(400)

    try:
        session = create_session()
    except:
        logger.error("Failed to create database session for task result POST")
        raise HTTPError(500)

    try:
        task = session.query(Task).filter(Task.uuid == str(task_id)).one()

        if task.claimed is None or (task.completed is not None
                                    or task.failed is not None):
            logger.error("Incomplete task posted!")
            session.close()
            raise HTTPError(400)

        result = ""
        if 'task_data' in data:
            task.result_data = json.dumps(data['task_data'])
            task.completed = datetime.utcnow()
            result = json.dumps(task.result_data)
        elif 'task_error' in data:
            task.error = data['task_error']
            task.failed = datetime.utcnow()
            result = task.error

        session.add(task)
    except NoResultFound:
        logger.error("No matching task in for task response!")
        session.close()
        raise HTTPError(400)

    try:
        session.commit()
    except Exception:
        session.rollback()
        logger.error("Failed to commit database changes for task result POST")
        raise HTTPError(500)
    finally:
        session.close()

    logger.info(
        "An agent returned task with results - uuid: {}, end results: {}".
        format(task_id, result))
Example #5
0
    def _raise_error(self, code, message='not_found'):
        result = {'error': message}
        #result.update(kwargs)
        response.status = code

        raise HTTPError(code, message, exception=result)
Example #6
0
def heat(db, z, x, y):
    COUNT = 32

    lon1, lat2 = tiles.tile2lonlat(x, y, z)
    lon2, lat1 = tiles.tile2lonlat(x + 1, y + 1, z)

    params = Params()
    items = query._build_where_item(params.item, "items")
    params.tilex = x
    params.tiley = y
    params.zoom = z
    params.lat = None
    params.lon = None

    if params.zoom > 18:
        return

    db.execute("""
SELECT
    SUM((SELECT SUM(t) FROM UNNEST(number) t))
FROM
    items
WHERE
""" + items)
    limit = db.fetchone()
    if limit and limit[0]:
        limit = float(limit[0])
    else:
        return HTTPError(404)

    join, where = query._build_param(db,
                                     None,
                                     params.source,
                                     params.item,
                                     params.level,
                                     params.users,
                                     params.classs,
                                     params.country,
                                     params.useDevItem,
                                     params.status,
                                     params.tags,
                                     params.fixable,
                                     tilex=params.tilex,
                                     tiley=params.tiley,
                                     zoom=params.zoom)
    join = join.replace("%", "%%")
    where = where.replace("%", "%%")

    sql = """
SELECT
    COUNT(*),
    ((lon-%(lon1)s) * %(count)s / (%(lon2)s-%(lon1)s) + 0.5)::int AS latn,
    ((lat-%(lat1)s) * %(count)s / (%(lat2)s-%(lat1)s) + 0.5)::int AS lonn,
    mode() WITHIN GROUP (ORDER BY items.marker_color) AS color
FROM
""" + join + """
WHERE
""" + where + """
GROUP BY
    latn,
    lonn
"""
    db.execute(sql, {
        "lon1": lon1,
        "lat1": lat1,
        "lon2": lon2,
        "lat2": lat2,
        "count": COUNT
    })

    features = []
    for row in db.fetchall():
        count, x, y, color = row
        count = max(
            int(
                math.log(count) /
                math.log(limit / ((z - 4 + 1 + math.sqrt(COUNT))**2)) * 255),
            1 if count > 0 else 0)
        if count > 0:
            count = 255 if count > 255 else count
            features.append({
                "geometry":
                Polygon([(x, y), (x - 1, y), (x - 1, y - 1), (x, y - 1)]),
                "properties": {
                    "color": int(color[1:], 16),
                    "count": count
                }
            })

    response.content_type = 'application/vnd.mapbox-vector-tile'
    return mapbox_vector_tile.encode([{
        "name": "issues",
        "features": features
    }],
                                     extents=COUNT)
Example #7
0
 def validate(request, token):
     if request.forms.get('csrf_token') != token:
         raise HTTPError(403, output="CSRF Attack Detected (bad or missing token)")
Example #8
0
def error(code, msg):
    return HTTPError(code, json.dumps(msg), **dict(response.headers))
Example #9
0
        if not x or not y or x == "session": continue
        kwargs[x] = loads(unquote(y))

    try:
        result = getattr(api, func)(*args, **kwargs)
        # null is invalid json response
        if result is None: result = True
        return dumps(result)

    except ExceptionObject, e:
        return HTTPError(400, dumps(e))
    except Exception, e:
        print_exc()
        return HTTPError(
            500, dumps({
                "error": e.message,
                "traceback": format_exc()
            }))


@route("/api/login")
@route("/api/login", method="POST")
def login():
    add_header(response)

    username = request.params.get("username")
    password = request.params.get("password")

    user = PYLOAD.checkAuth(username, password,
                            request.environ.get('REMOTE_ADDR', None))
Example #10
0
def fail_dir():
    F_OUTPUT = HTTPError(500, 'Internal Server Error')
    raise RuntimeError('There is an error of /fail and Heroku')
    return F_OUTPUT
Example #11
0
def crash_dir():
    C_OUTPUT = HTTPError(500, 'Internal Server Error')
    return C_OUTPUT
Example #12
0
def send_file(id, filename, rdb):
    return static_file("%s.%s" % (id, filename), root=MEDIA_ROOT)
    return HTTPError(404, 'File not found.')
Example #13
0
def pre_check_slot_id(slot_id):
    expected_slot_id = dbusctl.get_slot_id()
    if str(expected_slot_id) == str(slot_id):
        return
    else:
        raise HTTPError(status=403, body="System is not present.")
Example #14
0
        def decorated(*args, **kwargs):
            s = self.session.get()
            if not s.get('auth_on', False):
                return HTTPError(401, 'Not authorized')

            return callback(*args, **kwargs)
Example #15
0
def docs(filename):
  if filename != "privacy.html" and filename != "support.html" and filename != "about.html" and filename != "consent.html" and filename != "approval_letter.pdf":
    logging.error("Request for unknown filename "% filename)
    return HTTPError(404, "Don't try to hack me, you evil spammer")
  else:
    return static_file(filename, "%s/%s" % (static_path, "docs"))
Example #16
0
def tasks_report(task_id, report_format="json"):
    formats = {
        "json": "report.json",
        "html": "report.html",
        "htmlsumary": "summary-report.html",
        "pdf": "report.pdf",
        "maec": "report.maec-4.1.xml",
        "metadata": "report.metadata.xml",
    }

    bz_formats = {
        "all": {
            "type": "-",
            "files": ["memory.dmp"]
        },
        "dropped": {
            "type": "+",
            "files": ["files"]
        },
        "dist": {
            "type": "+",
            "files": ["shots", "reports"]
        },
        "dist2": {
            "type": "-",
            "files": ["shots", "reports", "binary"]
        },
    }

    tar_formats = {
        "bz2": "w:bz2",
        "gz": "w:gz",
        "tar": "w",
    }

    if report_format.lower() in formats:
        report_path = os.path.join(CUCKOO_ROOT, "storage", "analyses",
                                   "%d" % task_id, "reports",
                                   formats[report_format.lower()])
    elif report_format.lower() in bz_formats:
        bzf = bz_formats[report_format.lower()]
        srcdir = os.path.join(CUCKOO_ROOT, "storage", "analyses",
                              "%d" % task_id)
        s = StringIO()

        # By default go for bz2 encoded tar files (for legacy reasons.)
        tarmode = tar_formats.get(request.GET.get("tar"), "w:bz2")

        tar = tarfile.open(fileobj=s, mode=tarmode)
        for filedir in os.listdir(srcdir):
            if bzf["type"] == "-" and filedir not in bzf["files"]:
                tar.add(os.path.join(srcdir, filedir), arcname=filedir)
            if bzf["type"] == "+" and filedir in bzf["files"]:
                tar.add(os.path.join(srcdir, filedir), arcname=filedir)

        if report_format.lower() == "dist" and FULL_DB:
            buf = results_db.analysis.find_one({"info.id": task_id})
            tarinfo = tarfile.TarInfo("mongo.json")
            buf_dumped = json_util.dumps(buf)
            tarinfo.size = len(buf_dumped)
            buf = StringIO(buf_dumped)
            tar.addfile(tarinfo, buf)

        tar.close()
        response.content_type = "application/x-tar; charset=UTF-8"
        return s.getvalue()
    else:
        return HTTPError(400, "Invalid report format")

    if os.path.exists(report_path):
        return open(report_path, "rb").read()
    else:
        return HTTPError(404, "Report not found")
Example #17
0
def docs(filename):
  if filename != "privacy" and filename != "support" and filename != "about" and filename != "consent":
    return HTTPError(404, "Don't try to hack me, you evil spammer")
  else:
    return static_file("%s.html" % filename, "%s/%s" % (static_path, "docs"))
Example #18
0
def _getbp(name: str) -> str:
    if name in breakpoints:
        return breakpoints[name].state
    raise HTTPError(404)
Example #19
0
 def validate(request, token):
     referer = request.get_header("referer", "")
     if referer != "" and referer.find("http://eecs388.org/") != 0:
         raise HTTPError(403, output="CSRF Attack Detected (bad referer)")
Example #20
0
def _getprocess(name: str):
    if name not in breakpoints:
        raise HTTPError(404)

    return tojson(breakpoints[name].processes)
Example #21
0
    def serve(self, session, filename=None):

        if filename in session['scripts'] or filename in session['stylesheets']:
            return StaticFileProvider.serve(self, session, filename)

        raise HTTPError(404)
Example #22
0
def get_challenge_by_skill_id_and_challenge_id(skill_id, challenge_id, db):
    row = db.execute('SELECT * FROM challenges WHERE skill_id=? AND id=?',
                     (skill_id, challenge_id)).fetchone()
    if row:
        return {'title': row['title']}
    return HTTPError(404, 'Page not found')
Example #23
0
def request_tasks():
    data = request.json

    if data is None:
        raise HTTPError(400)

    try:
        jsonschema.validate(data, task_request_schema)
    except jsonschema.ValidationError:
        raise HTTPError(400)

    protocol = int(data['protocol'])
    agent_uuid = str(data['agent_id'])
    agent_name = str(data['agent_name'])
    agent_time = data['agent_time']
    agent_capabilities = data['agent_capabilities']
    max_tasks = int(data['max_tasks'])
    agent_location = data[
        'agent_location'] if 'agent_location' in data else None

    # Only protocol 1 supported for now
    if protocol != 1:
        raise HTTPError(400)

    try:
        session = create_session()
    except:
        logger.error("Failed to create database session for task request")
        raise HTTPError(500)

    try:
        query = session.query(Agent)
        agent = query.filter(Agent.uuid == agent_uuid).one()

        session.query(AgentCapability).filter(
            AgentCapability.agent_uuid == agent.uuid).delete()
    except NoResultFound:
        agent = Agent(uuid=agent_uuid, name=agent_name)
        session.add(agent)

    for agent_capability, agent_capability_info in agent_capabilities.items():
        capability = AgentCapability(type=agent_capability,
                                     version=int(
                                         agent_capability_info['version']),
                                     agent=agent)
        session.add(capability)

    # Find all non-claimed tasks that the agent is able to handle and assign them to the agent
    query = session.query(AgentCapability, Task).filter(Task.assigned_agent_uuid.is_(None)).\
        filter(AgentCapability.agent_uuid == agent.uuid).\
        filter(and_(AgentCapability.type == Task.type, AgentCapability.version == Task.version))

    tasks = []

    # Assign available tasks to the agent and mark them as being in process
    for _, task in query[0:max_tasks]:
        task.assigned_agent_uuid = agent.uuid
        task.claimed = datetime.utcnow()
        tasks.append({
            'task_id': task.uuid,
            'task_type': task.type,
            'task_version': task.version,
            'task_data': json.loads(task.data)
        })

    agent.last_seen = datetime.utcnow()
    try:
        session.commit()
    except Exception:
        session.rollback()
        logger.error("Failed to commit database changes for task request")
        raise HTTPError(500)
    finally:
        session.close()

    logger.info(
        "Agent requested tasks - Agent's name and uuid: {}, {} - Agent was given following tasks: {}"
        .format(agent_name, agent_uuid, tasks))

    return {
        "tasks":
        tasks,
        "return_time": (datetime.now(tz.tzlocal()) +
                        timedelta(0, Settings.agent_return_time)).isoformat()
    }
Example #24
0
def abort_custom(code, msg):
    error = HTTPError(code, msg)
    error.status = "%s %s" % (code, msg)
    raise error
Example #25
0
 def wrapped(*args, **kwargs):
     if is_authenticated(request):
         return func(*args, **kwargs)
     return HTTPError(404, "File does not exist.")
Example #26
0
def abort_authenticate(msg="authentication required"):
    err = HTTPError(401, msg)
    err.add_header(str('WWW-Authenticate'), 'Basic realm="pypi"')
    err.add_header(str('location'), "/+login")
    raise err
Example #27
0
def fail_dir():
    F_OUTPUT = HTTPError(500, 'Internal Server Error')
    return F_OUTPUT
Example #28
0
			s['account_id'] = account._id
			s['account_user'] = account.user
			s['account_group'] = account.group
			s['account_groups'] = account.groups
			s['auth_on'] = True
			s.save()

			output = [ account.dump() ]
			output = {'total': len(output), 'success': True, 'data': output}
			return output
		else:
			logger.debug(" + Invalid password ...")
	except Exception, err:
		logger.error(err)
		
	return HTTPError(403, "Forbidden")

@get('/autoLogin/:key',skip=['checkAuthPlugin'])
def autoLogin(key=None):
	if not key:
		return HTTPError(400, "No key provided")
	#---------------------Get storage/account-------------------
	storage = get_storage(namespace='object')
	
	mfilter = {
				'crecord_type':'account',
				'authkey':key,
			}
	
	logger.debug('Try to find %s key' % key)
Example #29
0
 def assert_logged_in(self):
     try:
         self.cork.require(role='archivist')
     except Exception:
         raise HTTPError(404, 'Not Logged In')
Example #30
0
def div(x, y):
    if y == 0:
        result = HTTPError(400, "zero_division")
    else:
        result = str(x / y)
    return result